Re: Newbie Having Much Trouble Getting Deb 2.4.18-bf2.4 To Work
Patrick Albuquerque wrote: On Wed, Dec 01, 2004 at 04:38:19PM -0600, Leonard Chatagnier wrote: You have encrypted your /etc/apt/sources.list file? Also, what version of Debian are you installing? Patrick, The file is plain text, just typed as binary in the attachment for some reason. -- Steve Block [EMAIL PROTECTED] http://ev-15.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Question about usbkey lights
On Fri, Dec 03, 2004 at 10:09:34PM -0600, Ron Johnson wrote: > On Fri, 2004-12-03 at 18:35 -0600, Brad Sims wrote: > > I have a 512mb Sandisk Cruzer, it works perfectly. However when unmounting > > it the light stays on, it goes off on Windows... Just was wondering if > > anyone > > had a solution other than killing and restarting hotplug (which seems silly, > > and Not Elegant). > > If it unmounts properly, maybe it's just a minor aesthetic bug > and there's no real need to worry. My experience has been that when you tell Windows to stop a USB device, it unmounts the volume and then actually stops the device itself (whatever that entails). At that point then the light on the USB drive goes out. With the drive mounted on Apple's OS X or on Linux the light stays on, and I don't think the actual USB disk is "off" like it is with Windows. I am fairly certain though that all you need to do to be safe is make sure all of your volumes are unmounted before removing the disk. Since Apple generally "does things right" in my experience with their OS, and the Linux behavior is essentailly the same, I don't see any reason for concern, and I certainly don't see any reason to kill and restart hotplug. As I already said, as long as your volumes are unmounted cleanly you can safely remove the drive. -- Steve Block http://ev-15.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new to debian -- a few questions
Chris Lale wrote: On Wed, 2004-12-08 at 15:44, Sridhar M.A. wrote: On Wed, Dec 08, 2004 at 07:13:50AM -0600, Ron Johnson wrote: > > Last I checked, v2.8 is not in Sarge, yet. Besides, I run Sid, > so don't care that much about Sarge. > I think about 4 days back it made it into sarge. I have it on my system. $ apt-cache policy gnome-session gnome-session: Installed: 2.8.1-3 Candidate: 2.8.1-3 Version Table: 2.8.1-4 0 95 http://ftp.debian.org unstable/main Packages *** 2.8.1-3 0 900 http://ftp.debian.org testing/main Packages 100 /var/lib/dpkg/status I don't think so. $ apt-cache policy gnome-session gnome-session: Installed: 2.6.2-6 Candidate: 2.6.2-6 Version Table: *** 2.6.2-6 0 500 ftp://ftp.uk.debian.org sarge/main Packages 100 /var/lib/dpkg/status Chris. Chris, have you run apt-get update recently? I have two machines running Sarge, both updated within the last 24 hours, both reporting gnome 2.8.1-3 as the latest installable gnome version. -- Steve Block [EMAIL PROTECTED] http://ev-15.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Why do people use 1280x1024? (was Re: custom gdm screen resolution? [SOLVED - work around])
Jon Dowland wrote: I just did some measuring in my office: My 17" TFT has a width of 13 1/4 inch, height 10 3/4 My co-worker's 17" (viewable) CRT (so I guess thats a 19" CRT) has width 14 1/3, height 10 2/3 LCD displays these days are often running far stranger resolutions than 1280x1024. If the pixels are square and the drivers are good then nothing will look distorted. I know the 23" apple cinema display runs at 1920x1200, which is an aspect ratio of 1.6. Since the pixels are square everything looks fine (though full screen video shows black bars on the sides). As far as to the 1280x1024 question, I don't know. What I do know is that when I run my 19" Trinitron on 1280x1024 everything looks great, and when I run it at 1280x960 things look strange. Maybe I just got used to the aspect over time. -- Steve Block [EMAIL PROTECTED] http://ev-15.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: simple IMAP mail server to install/setup
On Wed, Dec 15, 2004 at 11:20:24PM -0800, Rodney D. Myers wrote: > I'm looking at trying to install an IMAP mail server. > > Which one(s) are fairly simple to install/setup/configure? > > Looking at "practicing" getting one installed, for future reference. I use Cyrus IMAP. It isn't terribly difficult to get working, and I find it quite easy to administer. Simple user administration and quota support, as well as SIEVE scripting support, are really nice. Unlike Courier, however, it does not support mail in local user accounts. All mail is stored in a set of Cyrus-specific directories in /var. It's really designed for high volume systems with a large number of users that may or may not have access to shell accounts. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: best IRC client for Debian
Ben Bettin wrote: I think I've always found Xchat to be the best GUI, especially in terms of it's similarity to mIRC. I'd be curious to see what everyone's favorite CLI client is. I've heard a few mentions of irssi in the past, but I've never tried it. My favorite IRC client, by far, is irssi. I am usually connected to two or three servers and a half dozen channels, and having each channel in its own window is extremely nice. Of course it is very configurable, and that behavior can be changed; the client can be made to look and act like ircii fairly easily. I customized it so long ago, however, that I don't remember most of the options you can set. The web site tends to be pretty helpful though. I run it under screen on a remote server, and it is a very stable program -- /uptime returns 'Irssi uptime: 337d 20h 33m 36s' and VM usage is under 10 megs. -- Steve Block [EMAIL PROTECTED] http://ev-15.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: saslauthd? I can't seem to get it installed for postfix..
On Tue, Dec 21, 2004 at 09:06:20PM +0100, Andrea Vettorello wrote:
> On Tue, 21 Dec 2004 14:52:13 -0500, Charles Read
> <[EMAIL PROTECTED]> wrote:
> > I am trying to run a postfix with sasl support on my Debian box. I
> > have tried apt-getting all sasl packages and saslauthd is nowhere to be
> > found on my system... how has everybody else done it? Also, I know
> > postfix has to be compiled with sasl support for it to work... how can
> > I do this with apt-get? Is it automatically done when I apt-get the
> > postfix package or how does that work?
>
> With Sarge you find "saslauthd" in the sasl2-bin
> (http://packages.debian.org helps), don't recall if Postfix has
> support for sasl, if you need to compile the package look in the
> apt-get manual for the "source" command. After apt download and unpack
> the source archive you need to modify the option as suits you better
> and finally you create the package.
>
> When configuring postfix, keep in mind that it runs chrooted.
There should be no need to compile sasl support into postfix on sarge. The
only major issue I ever ran into was with the postfix chroot.
Make sure you have installed the sasl2 packages, and not the older versions.
I wrote up a guide (mostly for my own use in the future) that goes through
installing postfix and sasl, along with a few other packages such as Cyrus-IMAP.
It isn't too well formatted but it does work if you're willing to read through.
//http://www.steveblock.com/2004/12/01/debian-sarge-mail-system/
I encrypt all my connections over SSL or TLS, so there is quite a bit about
getting that working. I took care of my chroot issues as follows:
Change the saslauthd location in var
# dpkg-statoverride --remove /var/run/saslauthd
# dpkg-statoverride --add --update \
root sasl 710 /var/spool/postfix/var/run/saslauthd
edit the file /etc/init.d/saslauthd.
Add the line below to the top of the file
PARAMS="-m /var/spool/postfix/var/run/saslauthd"
change PWDIR to /var/spool/postfix/var/run/saslauthd
change PIDFILE to "/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
go down to the start) case and add the lines
rm -rf /var/run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
after the line: 'test -z .$dir. || createdir $dir'
That is all on that page, but it isn't as obvious as it should be. Those changes
should allow any package that wants to talk to saslauthd at the usual location
to do so, and also keep postfix from complaining.
I hope this helps some with your query.
--
Steve Block
http://ev-15.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sarge not showing all RAM
On Dec 23, 2004, at 2:53 PM, Sam Watkins wrote: On Thu, Dec 23, 2004 at 07:36:51PM +, Dave Ewart wrote: As I understand it, the 686 is only for Pentium 4's. I've seen several emails about that. 686 is for any Pentium-based system and above, not just P4. Unless your system is *very* old, a 686 kernel should be OK. 686 is for pentium II and above Just for accuracy, 686 also applies to the Pentium Pro. The original Pentium was 586. -- Steve Block [EMAIL PROTECTED] http://ev-15.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: incremental backups howto?
On Fri, Dec 24, 2004 at 11:40:10PM -0500, Adam Aube wrote: > Joao Clemente wrote: > > > In the latest thread about "Synchronize two servers" it was > > talked about incremental backups. Well, can you quick-start me > > in this topic? > > An incremental backup is done by backing up all files that have changed > since the last full or incremental backup. How this file list is tracked > depends on the backup program used (some might use a filesystem flag, > others might use modification timestamps). > > The downside of incremental backups is that, to do a full restore, you need > the last full backup and ALL the incremental backups since the last full. > > A better alternative is a differential backup, which is all files that have > changed since the last full backup. This is much easier to restore, because > all you need is the last full backup and the last differential backup. > > > What do you say? > > Another interesting approach is that taken by tools such as dirvish or > rsnapshot. Both of these tools use rsync to capture snapshots of a > filesystem (either local or remote) to disk. Within the backup archives, > files that have not changed between snapshots are hard linked. > > This gives the completeness and ease of restoration of full backups without > requiring nearly as much space to store data. To restore, just copy back > the desired snapshot. > > This is all for general filesystem backup. For databases, check the > documentation to see what the recommended backup method is. > > Adam > I use something like this for my own backups. I have a large number of files on a server which I keep backed up on another machine (the backups have saved my ass more than once). Later versions of rsync support automatically making hard links to unchanged files, which saves a lot of space. What I have done is set up a special backup account on one machine and build an passwordless ssh key that allows that machine access to the server. Obviously there are security issues there but I'm taking a calculated risk, as I want the backups to run from cron. There are ways to make sure that the backup user can be restricted to only specific processes, and I think Google can help with that. I wrote a fairly simple bash script that creates a backup of my home folder on the server to a folder named with the server name and the backup date. The script runs from cron every day, and keeps one week's worth of backup folders. It creates weekly backups as well, and keeps a certain number of those. It similarly has montly folders. Since it uses hard links, the backup takes only about 10% more space than any given revision, but allows me to step back a number of days to fix something that was got broken (last time was a heavily customized php file that I foolishly overwrote). The script follows. I hope someone finds it useful. #!/bin/sh # Incremental backup script for bash, based on rsync, syncs files on server # to this machine. One sync is made every night, incrementals are handled # with hardlinks to unchanged files. # # Once a week the newest daily snapshot becomes the newest weekly snapshot, # and once a month the newest weekly snapshot becomes the newest monthly # snapshot, and we will hold three months of backups. Becuase of the hardlinks # we should be able to keep increments without wasting much more space than # a simple full backup would already take. # Start by setting variables: current month, dead month, current week, # dead week, current day, and dead day MONTH=server.monthly.`date +%G-%m` WEEK=server.weekly.`date +%G-%V` DAY=server.daily.`date +%G-%m-%d` YESTERDAY=server.daily.`date -d -1day +%G-%m-%d` DEADMONTH=server.monthly.`date -d -3month +%G-%m` DEADWEEK=server.weekly.`date -d -4week +%G-%V` DEADDAY=server.daily.`date -d -7day +%G-%m-%d` # Rotate the daily backup files. Start by tossing the latest dead file, # and then create the latest backup with rsync, using hard links. # This happens every day if [ -d /home/backup/$DEADDAY ]; then rm -rf /home/backup/$DEADDAY fi rsync -plrtvz --delete --rsh='ssh -c blowfish' --ignore-errors --stats --progress --link-dest=/home/backup/$YESTERDAY [EMAIL PROTECTED]:/home/user/ /home/backup/$DAY/ # Check if it is Saturday. If so, rotate the weekly backups. Start by tossing # the latest dead file, and then copy the latest daily snapshot to the # weekly snapshot file if [ `date +%u` = 6 ]; then if [ -d /home/backup/$DEADWEEK ]; then rm -rf /home/backup/$DEADWEEK fi cp -al /home/backup/$DAY /home/backup/$WEEK fi # Check if it is the first of the month. If so, rotate the monthly backups. # Start by tossing the latest dead file, and then copy the latest daily # Snapshot to the monthly snapshot file. if [ `date +%d` = 1 ]; then if [ -d /home/backup/$DEADMONTH ]; then rm -rf /home/backup/$DEADMONTH ]; fi cp -al /home/backup/$DAY /home/backup/$MONTH fi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". T
Re: Sarge/Exim4: Precedence of /etc/aliases?
On Sat, May 28, 2005 at 10:13:38AM +, [EMAIL PROTECTED] wrote: I have a stock Sarge install for which I am trying to setup exim4. However, things are not behaving as expected. In /etc/aliases I have: root: me me: [EMAIL PROTECTED] On the box, I have run "dpkg-reconfigure exim4-config", selecting: * Split configuration into small files: "No" * General type of mail configuration: "internet site; mail is sent and received directly using SMTP" * System mail name: "mydomain.com" * IP-addresses to listen on for incoming SMTP connections: "127.0.0.1" * Other destinations for which mail is accepted: "" * Domains to relay mail for: "" * Machines to relay mail for: "" * Keep number of DNS-queries minimal (Dial-on-Demand):"Yes" Basically, I want the box to deliver mail directly. I want all mail for local accounts to arrive at [EMAIL PROTECTED] However, when I run "mail root" on the box, exim decides the mail is for "[EMAIL PROTECTED]", rather than [EMAIL PROTECTED] (as I have specified in aliases). I suspect this has something to do with the precedence/priority of the aliases file? Any pointers would be appreciated, Maybe this is stupid to say, but did you run newaliases after editing your aliases file? This is just a guess, I'm a postfix user and have no idea how exim handles things. -- Steve Block [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How can I share a mailbox between multiple OSes
On Sat, Jun 04, 2005 at 02:08:22PM -0700, David Witbrodt wrote: This is a newbie question. I just installed Debian and several other OSes onto my old machine. As I have been reading the docs, and have started configuring things to my liking, I found myself wondering whether an email application exists that would allow me to store my mailbox files on a common data partition, which could be then used by whatever OS was currently running. I get my email via POP3 from my ISP, so I was thinking that there might be a single program that has been ported to all of the OSes, making it possible to use a common mailbox from each platform. Anyone out there doing this? Is is even possible? Seems to me like it should be, but I've never faced this scenario before, so I'm facing a steep learning curve... I doubt this is really as helpful as I want it to be, but I highly recommend using IMAP mailboxes rather than local mail for just this reason. With IMAP you can check and sort your mail using any number of computers, mail clients, or a web interface, and since the mail is actually on the server, a change in any client is reflected in any other client. Does your ISP support IMAP at all? If so maybe look into using that rather than POP3, or if not maybe look into an email provider that does. If IMAP won't work at all, you might be able to use Mozilla Thunderbird with a common profile directory shared between all the OSs. I believe there are command line options to set the profile directory, though I am not familiar with them. The common directory would have to be on a filesystem that all the OSs can read and write. If you're using Windows that would pretty much limit you to using FAT32 or trying one of the methods to read/write ext2/3 in Windows. -- Steve Block http://ev-15.com/ http://www.steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Once Sarge becomes stable...
On Sun, Jun 05, 2005 at 06:22:38PM -0400, Rick Friedman wrote: For me, also being rather new to Debian, this raises another question. Currently, I am running an "unstable" machine (I have unstable in sources.list). I will probably keep that. I'm just curious: If someone has "sid" in sources.list, does sid become the new testing? If so, what will be the distro name of unstable? Sid will still be unstable. The release name of the next testing version will be etch. -- Steve Block http://ev-15.com/ http://www.steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: On IMAP servers (was: Re: mutt + dovecot/squirrelmail + mbox ?)
On Mon, Jun 06, 2005 at 02:20:40AM -0400, Roberto C. Sanchez wrote: Short summary of popular IMAP servers: server why you would use it -- UW IMAP You are a masochist Cyrus IMAP You need *serious* scalability (e.g., 100,000 users with accounts on 8 clustered servers using Cyrus Murder) You want to virtual host or setup mail accounts without requiring a corresponding shell account Courier IMAPYou want low maint/like Maildir Dovecot New kid on the block; you like living on the edge I highly and heartily recommend cyrus. 20,000 messages in a folder? 30,000? More (debian-user archive, anyone)? Want the server to handle sorting your mail for you? Thanks to Debian it's pretty easy to set up, and getting postfix to talk to it is cake. I also never liked both local and IMAP access to the same mail store. It just seems dangerous to me. The fact that cyrus uses it's own mail store that is not directly accessible is to me a feature. It also lets users make filtering rules without understanding a rule writing language thanks to sieve and the avelsieve plugin for squirrelmail. It may seem excessive if you're the only user, but it works so well that if you're going to run your own IMAP server anyways it may as well be cyrus. I did use Dovecot briefly to access a massive email archive from several years ago. It was in maildir format and I wanted to move the entire contents to my cyrus store. Worked fine then, and if you like maildir it sure was easier to deal with than Courier (we didn't get along). -- Steve Block http://ev-15.com/ http://www.steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: On IMAP servers
On Mon, Jun 06, 2005 at 02:08:30AM -0700, Erik Steffl wrote: when I started using IMAP (2001/10/27) I tried number of IMAP capable MUAs and all of them were kinda OK, mutt is the only one that I cannot make save sent messages in imap folder but I guess I just need to read the docs (I didn't try much). Setting mutt to save sent items isn't too hard. Hope you find the example useful, it works well for me. set record="imaps://mail.server.com/INBOX.Sent" -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: On IMAP servers
On Mon, Jun 06, 2005 at 04:54:57AM -0700, Steve Lamb wrote: Erik Steffl wrote: are you talking about pre-2k times only? I mean during last four years imap support seems to be pretty good (and improving). Thunderbird definitely isn't the first usable MUA, as far as imap support goes. Nope. In the past few years I've tried Netscape, TheBat!, Sylpheed-Claws, Eudora, KMail, mutt, Thunderbird and a slew of others I can no longer remember. I don't recall any of them outside of Thunderbird being able to use IMAP folders for the mentioned "special" folders as of, oh... call it late 2003 when I finally found TBird. I think as of right now I could personally vounch for 3 clients which come up to snuff on that regards. Thunderbird, Evolution (which at least has reply-to-list!) and, get this, Outlook. The last time I tried KMail and Sylpheed-claws neither were up to the task. Can't say for recent versions of mutt, Eudora, TheBat! or Netscape. :D Apple's Mail.app has done it well for years. It's still the best damn mail client I've ever used. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: On IMAP servers
On Mon, Jun 06, 2005 at 04:43:42PM -0400, Roberto C. Sanchez wrote: On Mon, Jun 06, 2005 at 11:28:52AM -0500, Steve Block wrote: Apple's Mail.app has done it well for years. It's still the best damn mail client I've ever used. Have you tried GNUMail.app (Debian package by the same name)? I would say that it is a fairly close approximation (though a do not a have a great deal of familiarity with Mail.app). I've tried GNUMail.app but the NeXT style user interface is a little off-putting. It just doesn't feel right to me. Most of The core functionality is quite similar, however. On Linux I tend to use Evolution first, followed by Thunderbird when I feel like it and Sylpheed GTK2 when I happen to be in the mood. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: DVORAK
On Mon, Jun 06, 2005 at 03:46:01PM -0600, Cam wrote: Hi, So after a few years of hearing of the DVORAK layout (and noticing that it seems like my left hand is doing all the work w/ QWERTY), i'd like to try to make the switch... here's my major concern though (and perhaps this isn't really an issue, i'd like to hear the advice from others that have given DVORAK a spin). How does DVORAK work w/ apps like vim, nethack, etc.? the key-layouts seem to be fairly logical and i would hate to lose them, is there some sort of patch--or is that too ugly? Is it worth the switch? Having tried it once let me say that it is not worth it. a) the myth that qwerty was designed to slow you down is a lie. qwerty was designed to keep mechanical keys from binding, which is more layout related than speed related. b) almost everyone's keyboard is qwerty or some very similar variation. When you sit down at someone else's machine or a public machine you'll just be at the wrong key layout, which will mess with your dvorak learning. c) if anyone ever has need to use your machine they will be pretty much out of luck unless you reorder your key caps so they can find the keys. Ever try to log into a dvorak machine when you remember your network password by key position and not the actual letters? d) the myth that dvorak is faster than qwerty is just that, as any decent amount of searching will show. e) if you are already an accomplished touch typer in the qwerty system you'll have to relearn your typing skills pretty much from scratch. In short, change if you want to, but I found the effort much too high for any percieved potential reward. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian drops ball on security updates
On Thu, Jun 09, 2005 at 06:53:10AM -0700, debian-user@lists.debian.org wrote: CNET News.com (http://www.news.com/) This story has been sent to you on behalf of debian-user@lists.debian.org (e-mail address not verified). Debian drops ball on security updates By Renai LeMay The newly launched Linux distribution has a glitch--some versions were released with default security updates turned off. http://news.com.com/Debian+drops+ball+on+security+updates/2100-1002_3-5737401.html?tag=sas.email Read all technology news from this week: http://www.news.com/thisweeksheadlines/ Fuh fuh fuh, change a line in a text file fuh. If you don't have this skill you don't deserve a computer. I'm tired of this crap. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Did I barbeque my Debain system?
On Thu, Jun 09, 2005 at 12:34:05PM -0400, Marty wrote: On Thu, 09 Jun 2005 17:10:05 +0200, Redefined Horizons wrote: I then removed and reinstalled > gnome, thinking that this was the problem. Niether of these actions > solved the problem. Did you "purge" the Gnome packages before reinstalling Gnome? Did you reinstall gdm? (Out of curiousity, why did you think Gnome was related to the problem, and not gdm, which gave the error message?) > I'm really stuck here, and I'm not sure what to try next. What is > causing this error? Something that's tripping up gdm, possibly a bug. Since the session manager is optional, as a test you can start X manually with xinit or startx (see the respective man pages), or try another session manager like xdm or kdm. (I tend to prefer kdm although I'm a gnome user.) Is my swap partition not large enough? Is there a > way to fix this problem, other than reinstalling Debian? Always. Debian is not windoze. :-) > P.S. - I know all eventually get this Linux thing figured out, with > enough patience.. As a user, especially a new user, you shouldn't have to deal with these problems. In my opinion Debian is really a "proto" distribution and spinoffs like Knoppix or Ubuntu are for new users. That's a stupid attitude. Secondly I never try to figure out problems unless I know it's a hardware fault, which take up quite enough of my time, thank you. If it doesn't "just work" as it should then 99% of the time, the answer is archived somewhere on the internet, and if not then I just pass it on to the Debian maintainers in the form of a bug report. You never try to fix a problem unless you know it's hardware? That's pathetic. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: .bash_profile not sourced on login
On Sun, May 08, 2005 at 05:25:59PM -0400, Luis R Finotti wrote: Dear all, For some reason, my .bash_profile is not sourced on login. I tried different users, and all have the same problem. I'm running a very recent installation of Sarge (updated). I Googled a little and looked at man pages from bash, but I could not find anything. Any suggestion would be greatly appreciated. If the things in your bash_profile are things you want run for every interactive shell, then put them in .bashrc and they will be loaded for all interactive shells rather than just login shells. If you just want to run login shells all the time than some of the other suggestions in this thread may work. If this problem is occuring with login shells (I may have misinterpreted), then I'm not sure what to do. Hopefully someone has the answer. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mail
On Mon, Jun 20, 2005 at 10:51:33PM -0700, SigmaX wrote: Yo. Trying to setup mail server on Sarge... I got to where i am from the howto at http://wiki.ev-15.com/debian:mail_system Okay, so everything's setup okay, I think. But when I try to send mail to my server, it gets caught by the spam filter, and I'm not sure why. Here's my /var/log/mail.log from the time the message arrives: Jun 20 21:37:50 sipca spamd[1012]: connection from localhost.localdomain [127.0. 0.1] at port 1041 You have spamd listening on a port you're connecting to rather than running a direct postfix filter, does that sound right? Jun 20 21:37:50 sipca spamd[1012]: info: setuid to filter succeeded Jun 20 21:37:50 sipca spamd[1012]: processing message <[EMAIL PROTECTED] .uk> for filter:1002. Jun 20 21:37:51 sipca spamd[1012]: clean message (0.0/5.0) for filter:1002 in 0. 8 seconds, 932 bytes. Jun 20 21:37:51 sipca spamd[1012]: result: . 0 - scantime=0.8,size=932,mid=<42 [EMAIL PROTECTED]>,autolearn=ham The spam filter itself gets the message and scans it OK. Jun 20 21:37:51 sipca spamc[1808]: exec failed: No such file or directory This looks interesting, is spamc installed? (apt-cache policy spamc) If so (i could certainly be reading the error wrong), can you trace back what spamc is trying to do? It may help to post the relevant sections of your postfix master.cf and other relevant configuration files so that other people can see how your system is set up, it might generate more responses. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Printer problems
On Sun, Jun 26, 2005 at 04:35:13PM -0400, Strake wrote: I'm running Sarge, and I can't print. My printer's on, and try to print something but nothing happens. It gets stuck as a job on the spool and doesn't print. Well, what kind of printer?, how is it connected?, what printing system are you trying to use?, etc. You've got to give a little more information than "I can't print" or no one will be able to help you. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to make account with sudo root permissions
On Mon, Jun 27, 2005 at 11:50:23AM -0500, Kent West wrote: Bj?rn Lindstr?m wrote: Saverio Trioni <[EMAIL PROTECTED]> writes: you have to edit the file /etc/sudoers with the command 'visudo', for security reasons. For this, you have to get used to the editor 'vi'. In fact you don't. I, for instance, make it use nano, by setting the EDITOR environment variable to 'nano'. I believe that "visudo" simply locks the file so that others can't edit it at the same time you're editing it. You can also set a different editor to be used with the command. See "man sudo" for more info. visudo also does syntax and sanity checking, so that you can't use illegal syntax in the file. Makes it easier to not break sudo. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: saslauthd does not start at reboot
On Mon, Jun 27, 2005 at 03:34:48PM -0700, Caleb Walker wrote: I had to do some modifications because of postfix's chroot and smtp auth. I have /var/spool/postfix/var/run/saslauthd where the pid files and socket files are located and then I linked this saslauthd to /var/run/saslauthd but everytime I reboot the link in /var/run is removed and saslauthd does not start until I recreate the link. Is there a way to maintain this link or a better way to get around the postfix chroot so that everytime I reboot saslauthd starts correctly? You'll either have to edit the saslauthd script to create the link for you, or change the way you handle the chroot. I ran into this same problem a while back. What may work better (and what I currently do) is mount /var/run/saslauthd at /var/spool/postfix/var/run/saslauthd with a bind mount. The relevant line in /etc/fstab is shown below. /var/run/saslauthd /var/spool/postfix/var/run/saslauthd none rw,bind 0 0 There's some more info on the guide I wrote a while back, though it may not include the bind mount. Start at http://wiki.ev-15.com/debian:mail_system#sasl and there may be more information you can use there. Hope this helps, -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: debian - matlab platform
On Tue, Jun 28, 2005 at 05:19:24PM +0200, roberto wrote: Hello while using matlab 6.0 under debian sarge i receive the following message if trying to open the workspace browser: workspace ??? Error using ==> workspace The Workspace browser is not supported on this platform. I doubt this helps all that much, what with budgets and all, but I can confirm that Matlab 7.0 works flawlessly on Debian Sarge. Perhaps the error you're getting is just due to the old version being less unix friendly than it ought to be. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Base Install to many un-necessary packages?
On Wed, Jun 29, 2005 at 04:29:12PM +0100, David Nicholls wrote: I usually do not select any packages to install when prompted, and although the installer still insists on installing a large number of unneeded files (dictionarys, nano etc) I usually press contol-C to cancel that and then manually add vim and ssh... which is really all I ever want, at least initally. However, on the latest version, the control-C did not actually stop the installation! Any ideas on how to stop this? Why not let it finish rather than trying to interrupt the process, and then purge the packages you don't want? Seems a lot less prone to breakage. The base system installed PPP for me (makes sense to have it in the base), but I purged it and now it is gone. If you're installing to a lot of systems, like in a computer lab, then do it once and clone the drive. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sarge and software patents
On Wed, Jun 29, 2005 at 07:05:33PM +0200, Guillaume TESSIER wrote: Guillaume TESSIER wrote: The release of sarge stable just comes up some weeks before European Union could vote for extented patentability of software. I guess a lot of packages from sarge are made from gnu projects that could be really endanger. If some projects are attacked by lawyers and have to close down, what happen to the current packages made from these apps? Does sarge just got released to let people have the last chance to get a decent debian distribution? This sucks G The succes of this post is amazing! This was posted 20 hours ago. And no one replied to it. Consternation. "What is this dude doing? politics in a debian mailing list?" If i had posted something like "kernel panic while rebooting", "VLC can't read avi", "xine doesn't work", "samba : how to mount windows network share?", "how to mount ntfs ?". I would have had lot's of replies.. But patents aren't really about software? Uh? I guess there is some european debian users here : you're concerned more than ever. Your favorite system, your favorite apps, your skills and future jobs are in danger. Why spend time getting more skills on a system which might die? G Why be a fear-monger? We have software patents in the US but debian hums happily along. Also insulting the list that you want discussion from won't win you many friends. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sarge and software patents
On Wed, Jun 29, 2005 at 08:05:22PM +0200, Guillaume TESSIER wrote: Steve Block wrote: On Wed, Jun 29, 2005 at 07:05:33PM +0200, Guillaume TESSIER wrote: Guillaume TESSIER wrote: The release of sarge stable just comes up some weeks before European Union could vote for extented patentability of software. I guess a lot of packages from sarge are made from gnu projects that could be really endanger. If some projects are attacked by lawyers and have to close down, what happen to the current packages made from these apps? Does sarge just got released to let people have the last chance to get a decent debian distribution? This sucks G The succes of this post is amazing! This was posted 20 hours ago. And no one replied to it. Consternation. "What is this dude doing? politics in a debian mailing list?" If i had posted something like "kernel panic while rebooting", "VLC can't read avi", "xine doesn't work", "samba : how to mount windows network share?", "how to mount ntfs ?". I would have had lot's of replies.. But patents aren't really about software? Uh? I guess there is some european debian users here : you're concerned more than ever. Your favorite system, your favorite apps, your skills and future jobs are in danger. Why spend time getting more skills on a system which might die? G Why be a fear-monger? We have software patents in the US but debian hums happily along. Also insulting the list that you want discussion from won't win you many friends. It could "hums" much less in Europe with software patents. This would be a huge defeat. G Please keep replies on the list. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: multiple mailings
On Tue, Dec 13, 2005 at 01:10:24PM -0500, June & Al wrote: We have a new jewelry prduct we'd like to promote through the mail. Can you help us get started? June B. Green no -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: README files
On Mon, Dec 19, 2005 at 10:43:16AM -0500, Derrick Hudson wrote: On Sun, Dec 18, 2005 at 05:18:32PM -0700, Ed Paris wrote: | | Hi There, | | I want to read the README.Debian.gz file. I have tried to use vi and nano | and all I get is gibberish. How should I access this file in English? | Thanks. That file is a plain text file, but it is compressed using the gzip algorithm. The .gz suffix is an indication that (unless someone is playing a funny trick) the file was compressed with gzip. You can verify this with the 'file' utility: $ file README.Debian.gz README.Debian.gz: gzip compressed data, was "README.Debian", from Unix, max compression In addition to the ways people have already suggested (my preference is vim) you can use the 'gunzip' command to uncompress the file. For example: $ gunzip --stdout README.Debian.gz | less $ gunzip --stdout README.Debian > /tmp/README.Debian ; less /tmp/README.Debian $ cp README.Debian.gz /tmp ; cd /tmp ; gunzip README.Debian.gz ; less README.Debian HTH, -D The easiest way to deal with this is to use the pager less combined with the following line in .bashrc (or the corresponsing file for your shell of choice). eval $(lesspipe) This will set things up to make life easier for you with less. Now less file.gz will work as if the file was not compressed. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: UOL Anti-Spam
On Mon, Dec 19, 2005 at 03:49:42PM +, Niall Donegan wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gene Heskett wrote: On Monday 19 December 2005 09:39, Gene Heskett wrote: And I made a post to this list, instantly answered by a 5kb chunk of undecipherable html from <[EMAIL PROTECTED]>. How the hell do we get rid of this? Good luck with that. Unless [EMAIL PROTECTED] has some way to whitelist the mailing list, about the only things that can be done are to either ignore the mails, or kick that email address off the list. I told sieve to throw anything from that address away and haven't had a problem since. I imagine most mail programs have some way to filter the mail so you never see it, whether you do it at the server end such as with procmail or with your local client. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: virtual machines
On Sun, Dec 18, 2005 at 01:25:56AM +0100, Rakotomandimby Mihamina wrote: Hi, I have a test machine, on wich I use to package and test packages. I package both for Fedora and for Debian. For the moment, I use multiboot. But I am tired to reboot each time I want to switch distribution. I intend to buy some amount of RAM and then try to use virtual machine. I really begin on that subject. I never did||setup "virtual machines". I would like to run Debian (unstable or testing) as "layer" and then run the virtual machine on top of it, and then have one virtual Fedora and one virtual Debian so that I can compile and switch from one to another without having to reboot. What virtual machine would work well on a Debian (Wen? Qemu?...)? whith a well intergrated Debian package, and a howto espacially for Debian... Thank you for any idea. I would happily recommend using Xen for this. Make your debian system the host (dom0) system, and then have a debian system and a fedora system running inside that. I did this a while back just for the fun of it and it worked extremely well. Much nicer than UML in my experience. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Simple question
On Tue, Dec 20, 2005 at 05:08:33PM -0500, David R. Litwin wrote: What's the command to stop a service like gdm? Killall. Seems like a bad idea, unless the service is hung. Using the proper init script would make more sense. To simply stop the service, /etc/init.d/gdm stop as root would do the trick. To change things so that it does not start on the next boot, removing the symlink in the appropriate runlevel (the default is 2, I believe) would do the trick. If you're concerned with managing services on boot in general then I highly recommend a program such as sysv-rc-conf or rcconf to manage the symbolic links for you. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mailing list question
On Wed, Dec 21, 2005 at 01:15:24PM -0500, David A. Parker wrote: Hello, When I post to this list, I do not currently get a copy of that message back from the list, but I would like to. Other mailing lists I am on do this, and it is handy because I know the message actually got posted, plus I can sort messages by thread and mine are included in there. Does anyone know if or how I can do this with the debian-user list? I looked through the mailing list documentation at http://www.debian.org/MailingLists/ but did not find an answer. Messages don't usually immediately appear, but they do usually appear. I know I see messages I post to the list. I am unsure what could cause you to not receive messages you posted. Not much help, I know. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: (no subject)
On Thu, Dec 22, 2005 at 07:49:12PM -0600, Tatsuya Kobayashi wrote: # help I don't think I can. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: (no subject)
On Sat, Dec 24, 2005 at 01:11:42AM +0200, Andrei Popescu wrote: On Fri, 23 Dec 2005 08:20:55 -0600 Steve Block <[EMAIL PROTECTED]> wrote: On Thu, Dec 22, 2005 at 07:49:12PM -0600, Tatsuya Kobayashi wrote: ># help I don't think I can. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] Don't be so mean, he apologized! I wasn't being mean, just telling the truth. :-) Sorry, sometimes I get a little strange on the list. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Why does Debian default to Gnome?
On Wed, Dec 28, 2005 at 04:23:45PM -0600, [EMAIL PROTECTED] wrote: I agree what you wtote about GNOME but will be good that users have a choice what they want to install. I like both desktops but last time when I wanted to uninstall Evolution with Synaptci it wanted to uninstall Gnome too. Is it look like Windows? "Gnome" is a dependency package that just installs a complete GNOME suite. Since Evolution is part of that suite, the Gnome package has to be removed if you want to remove Evolution, but the rest of the individual programs that make up the suite remain. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Problem Resolving names into ip addresses
On Fri, Dec 30, 2005 at 10:08:50PM +1000, Ken Robinson wrote: Hi, I am a relative newbie when it comes to debian so please excuse any assumption or lack of etiquette when posting. Anyway, here goes. I have a box connected to an ADSL modem / DHCP server / NAT. I upgraded to unstable version from a knoppix 4.0 base. This was to get Xorg and to resolve some graphics card issues. One problem still remains. I am able resolve names (eg www.google.com) into their ip addresses using ping and nslookup but cannot with firefox and apt-get. Once I give the ip adress (like 200.0.0.3) to firefox and apt-get they work fine. I understand that bind is used and is somehow separate. Is there some config file (like in /etc/defaults) which I need to use? I have used an apple computer on the same connection and it has no problems so I know the connection is good. Any help would be appreciated. ken. I would check /etc/nsswitch.conf and look at the hosts: line to make sure dns is included. I ran into this problem before on a solaris box that had the exact same problem. It was checking NIS rather than DNS, and I didn't have an NIS server. The configuration you most likely want is hosts: files dns which will check your hosts file first and then dns. If that line says something else that could be your problem. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] MPEG2 on Windows (was Re: How can I play avi, wmv, mov videos on a standalone DVD player?)
On Thu, Dec 29, 2005 at 08:58:17PM +0100, Kjetil Kjernsmo wrote: On Thursday 29 December 2005 17:45, Ron Johnson wrote: kino (which is a non-linear video editor) *might* be able to do it, as onw of it's side functions. Tangential on this topic, I encoded a movie from and AVI created by my digital camera on my Sarge box to MPEG2 to using Kino. It plays fine on all my systems, but I've sent it to friends, and they can't play it on their windows boxes... I wonder what MS has done to mess up that, it should be a no-brainer? It has to be their fault... :-) I don't have access to any windows-boxes now, has anybody else had this problem? Cheers, Kjetil Windows doesn't include an MPEG2 decoder. You have to find or buy one or use VLC. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Building postgresql 8.1.0: trouble finding readline, libz, etc
On Fri, Dec 30, 2005 at 04:28:54PM -0600, Matt England wrote: While building postgresql 8.1.0 from source on Debian Sarge, I'm finding the postgresql ./configure script can not find libreadling, libz, and associated include/header files. I can make at least some of these problems go away if I do things like tell ./configure about CFLAGS=-L/lib and also sym-link /lib/libreadline.so to /lib/libreadline5.so ...etc. But these things seem like hacks. Anybody know of how to solve this problem in a more-elegant fashion? Install the appropriate development packages for what you seem to be missing. For example, the package libreadline5-dev (or libreadline4-dev, as appropriate). -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: GMail like offline email client
On Fri, Jan 20, 2006 at 02:54:21PM -0600, Javier-Elias Vasquez-Vivas wrote: On 1/20/06, Adam Fabian <[EMAIL PROTECTED]> wrote: =?KOI8-R?B?98nUwczJyiDp3cXOy88=?= <[EMAIL PROTECTED]> writes: > Are there any any email clients with similar features as in gmail > online web interface > > 1) queues -- vital ;) Very handy feature I can't think of any Gmail feature called a queue, and I'm quite familiar with it. > 2) shortkuts -- not vital, but good feature... If you mean shortcut keys, most good email clients have those already. Though I don't know what a queue is, the email client that reminds me most of GMail in every way is the email client built into the opera web-browser. I think it's called M2 or something like that. Maybe he's asking about labels? That's kind of the gmail feature I wouldn't find in any email client. It would be sort of email directories as under any email client plus soft links between them? Any ways, if someone knows about such thing I would like to know as well, :) It's not quite as smooth but smart folders in Apple's Mail and virtual folders in Evolution are similar to the labels feature in GMail. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mysql 5.0
On Wed, Jan 25, 2006 at 02:44:24PM +0800, linux china wrote: Hi, Is Mysql 5.0 already in debian? I just found 4.1. If you're running debian stable (sarge), then the official mysql package is 4.1. If you want 5.0 on sarge backports.org can help. If you want quick and dirty, adding the following line to /etc/apt/sources.list will give you access to backports.org packages. deb http://www.backports.org/debian/ sarge-backports main Adding these lines to /etc/apt/preferences will keep the backports.org packages from overriding official debian packages Package: * Pin: release a=sarge-backports Pin-Priority: 200 Run apt-get update and then search for mysql 5 and you should find packages available. Note that packages from backports.org are not official debian packages, however. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: A BIOS password?
On Wed, Jan 25, 2006 at 07:23:39AM -0700, Joseph Smidt wrote: The Debian installer asked me for a grub password. Is this the same as a BIOS password? No, the grub password is separate from the BIOS. The BIOS boots first, then hands control off to grub, which then boots the selected operating system (or hands control off to another bootloader). I believe it would be set in the grub boot menu file: /boot/grub/grub.conf or /boot/grub/menu.lst -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mysql 5.0
On Thu, Jan 26, 2006 at 10:08:08PM +0800, linux china wrote: In fact, I tried both and failed, 1) etch, I don't know how to active the suggest option, any hint? Get:35 ftp://ftp.linuxforum.net etch/main mysql-server-5.0 5.0.16-1 [17.1MB] Fetched 43.0MB in 7m8s (100kB/s) E: This installation run will require temporarily removing the essential package e2fsprogs due to a Conflicts/Pre-Depends loop. This is often bad, but if you really want to do it, activate the APT::Force-LoopBreak option. E: Internal Error, Could not early remove e2fsprogs 2) backport, I disabled etch, update, then issue below command again, It is strange that apt-get also failed. apt-get install mysql-server-5.0 Reading Package Lists... Done Building Dependency Tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. Since you only requested a single operation it is extremely likely that the package is simply not installable and a bug report against that package should be filed. The following information may help to resolve the situation: Sorry, but the following packages have unmet dependencies: mysql-server-5.0: Depends: mysql-client-5.0 (>= 5.0.18-3bpo1) but it is not going to be installed Depends: libdbi-perl but it is not installable Depends: libncurses5 (>= 5.4-1) but 5.2.20020112a-7 is to be installed Depends: libreadline5 but it is not installable Depends: libstdc++5 (>= 1:3.3.4-1) but it is not installable E: Sorry, broken packages Are you using sarge? Your version of ncurses is from 2002, and is version 5.2, but the version in sarge is 5.4-1. If you're running woody (old stable) rather than sarge (new stable) then sarge packages won't do you any good. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: THE END OF THE WAR IN IRAQ!
On Fri, Jan 27, 2006 at 04:05:18AM -0800, Jerry and/or Susan Atlansky wrote: THE END OF THE IRAQ WAR UNITED STATES PETITION JANUARY 25, 2006 We The People, majority of peaceful Americans of these great 50 United States & Territories, do hearby state that since we declared war on Iraq in 2003 without being in any imminent threat against our country, we now respectfully demand a clear and binding withdrawal of all our military personnel from the entire country of Iraq. On January 1, 2007 if all of our military are not out of Iraq by that date, We The People will on that date ?STAND UNITED? as long as it takes by not performing our vocations excluding emergency services, until it is officially declared we are free from the occupation of Iraq and our war is over. We will be the first country in the world to end a war by We The People, staying at our homes because the U.S. Government failed to listen to our needs and desires. This document has been sent to hundreds of organizations throughout the U.S. and it?s territories. PLEASE join us by signing this petition for the power of, WE THE PEOPLE--- No one gets my support by spamming. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mysql 5.0
On Fri, Jan 27, 2006 at 09:56:37AM +0800, linux china wrote: Yes, My system is woody, 3.0 r4. could I apt-get upgrade, then system will be at the same level as sarge? and I could install mysql 5.0 from backport, I not very sure. You could upgrade to sarge from woody, but I can't tell you that you _should_ do so. There's always the possibility of breaking something. If you do decide to make the upgrade, the general recommendations I gleaned from this list when sarge was released as stable follow: Install aptitude, if you haven't. Change your /etc/apt/sources.list to point to stable or sarge rather than woody. Update your package list with aptitude update, and then attempt the system upgrade with aptitude dist-upgrade. You could use apt-get as well, but my understanding was that aptitude was better at resolving the sort of dependency issues you can get into during a system upgrade. If you would rather not upgrade your system you could always attempt to either use the mysql binaries from mysql.com, or build the source yourself and install it manually, perhaps using checkinstall to make sure it is added to your package system. That's about as much as I know at this point. Good luck. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: THE END OF THE WAR IN IRAQ!
On Fri, Jan 27, 2006 at 02:58:23PM -0500, Joseph H. Fry wrote: On Friday 27 January 2006 7:05 am, Jerry and/or Susan Atlansky wrote: THE END OF THE IRAQ WAR UNITED STATES PETITION JANUARY 25, 2006 We The People, majority of peaceful Americans of these great 50 United States & Territories, do hearby state that since we declared war on Iraq in 2003 without being in any imminent threat against our country, we now respectfully demand a clear and binding withdrawal of all our military personnel from the entire country of Iraq. On January 1, 2007 if all of our military are not out of Iraq by that date, We The People will on that date ?STAND UNITED? as long as it takes by not performing our vocations excluding emergency services, until it is officially declared we are free from the occupation of Iraq and our war is over. We will be the first country in the world to end a war by We The People, staying at our homes because the U.S. Government failed to listen to our needs and desires. This document has been sent to hundreds of organizations throughout the U.S. and it?s territories. PLEASE join us by signing this petition for the power of, WE THE PEOPLE--- Your kidding right? You honestly believe that our president and his supporters want to have troops in Iraq any longer than necessary? This war is already on the verge of costing the Republican party the House, Senate, and Presidency come the next election. I believe it is in everyones best interest to see a timely end to this war, but not an abrupt and unorganized withdraw. The repercussions of an immediate and complete withdraw would be tremendous. It would likely only give fuel to anti-American terrorist organizations operating in Iraq and elsewhere; they would only have to point out how we destroyed the infrastructure of their country, killed thousands of their people, and then just left them to rebuild and defend themselves from their violent factions... I bet that enrollment would quadruple overnight. Let's keep this stuff off the list, especially when it is started by spam. Thanks. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: No luck getting Gallery to work on Sarge..Anyone able to??
On Sat, Jan 28, 2006 at 06:33:21PM -0600, John W. Foster wrote: I have gallery installed from sarge, php4 and apache2 along with all the required, and suggested apps installed. So far I have not been able to get gallery to work. All are installed pretty much out of the box and php4 seems to work, both as command line or as cgi since the various test scripts produce the php test page in the browser. Although apache2 seems to be handling all tests as cgi. I get server errors when I try to run the setup for gallery after running the configure.sh script, and starting the correct setup mode. I also tried getting the G@ tarball and had exactly the same problem getting it to install. This all makes me think something is amiss with php4. I have also gone over the various php.ini scripts and checked them. I basically only commented out the database servers that I will not have available. If anyone has gotten this to work PLEASE Reply as I really want to use gallery. BTW I had it all working on a previous installation in woody about 2 years ago. Ran out of the box with php3. It would be far, far more helpful if you posted the errors you got when you tried to install. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: how to convert 100 bmp files to jpeg?
On Mon, Jan 30, 2006 at 10:56:03AM -0500, Stephen R Laniel wrote:
On Sun, Jan 15, 2006 at 04:05:42PM +1100, Star King of the Grape Trees wrote:
I can't be bothered to consult the man page, but it will be something like:
for $f in `ls *.bmp`; do convert $f --to-jpeg; done
Because I like to add little bits of efficiency where
necessary, I'll note that the `ls *.bmp` above is more
complicated than what you need. What you mean is
"for f in *.bmp".
Also, ImageMagick is nice, in that it does a lot of
conversions automatically just by extension. So
convert -resize 200x200 filename.{bmp,jpg}
, which combines a bashism with ImageMagick, will expand at
the shell into
convert -resize 200x200 filename.bmp filename.jpg
and ImageMagick will then automatically convert the file
from BMP to JPEG.
Just as a note, that syntax is obsolete and may break in the future.
It's related to a bunch of changes in imagemagick 6 that were intended
to make it more consistent. Command line options are now processed left
to right as a series of steps (though grouping is supported).
See http://www.cit.gu.edu.au/~anthony/graphics/imagick6/basics/#why for
more information.
--
Steve Block
http://ev-15.com/
http://steveblock.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian security.
On Mon, Apr 03, 2006 at 01:44:16PM +0200, Jan Schledermann wrote: Surachai Locharoen wrote: Is there any body guarantee debian security. I want to install debian as my server instead of redhat as3 server which just attack by Phishing. Kan Nope no guaranties! But you won't get such guaranties from ANY other os supplier either. Security of software is much more dependant on the systems architect and sysadmin than the software itself. A knowledgable person can secure almost any software and a moron can mess up everything. Debian is a very flexible distro which will allow you a lot of control over your environment with relative ease. YOU and your decisions and strategy determines the level of safety ultimately achieved. Of course there are no guarantees, but someone should at least mention that Debian has a security team that tries to stay up to date with current security issues and releases fixed versions of packages (via security.debian.org) that can be installed easily using apt-get. This won't help with vulnerable third party php programs however, as I learned when someone used the xmlrpc bug to install a warez ftp server on my colocated machine. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: win-axe clones
On Thu, Apr 06, 2006 at 11:04:47AM -0600, ChadDavis wrote: Does anyone know of an open source software that does something similar to Win-axe? That depends. What is win-axe? -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PUHHLLLEEEEZZZE LOOK AT THESE RETARDED NAMES OF EXE's YOU DEBIAN PACKAGE DUDES
On Fri, Apr 07, 2006 at 10:25:06PM +0200, Dirk wrote: Gregory Seidman wrote: On Fri, Apr 07, 2006 at 09:40:03PM +0200, Dirk wrote: } It really, REALLY sucks to install a package and afterwards not being } able to find(!)/start the exe because some retard named them like: [...] Gee, Dirk, you're kind of a dick. Now that we're done insulting each other: dpkg -L | grep bin ...will usually find the executable(s) associated with a particular package. } Dirk --Greg Whoa... "gcfclient2" was it... i SHOULD have known... what a whining asshole i am... Read the subject of your original email and tell me how you didn't start off by being a jerk. Besides, Debian very rarely changes the actual name of a program file, and checking the documentation for whatever you are trying to run is your best bet. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: another lost one
On Sat, Feb 04, 2006 at 11:06:49AM -0500, [EMAIL PROTECTED] wrote: AOL WALLET USED TO WORK BUT STOPPED ABOUT 5 MONTHS AGO NEED HELP RICH You certainly do. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Backport Questions
On Wed, Feb 08, 2006 at 09:01:23PM -0800, Marc Shapiro wrote: Having seen a number of questions lately responded to by directing the OP to backports, I decided to look into it, myself. I added backports to my sources.list, did an update and dist-upgrade. I said 'no' to the actual update so that I could look it over before committing myself to it. From what I can see, I will probably just remove backports from my sources.list. From apt-get -u dist-upgrade: 94 upgraded, 59 newly installed, 8 to remove and 2 not upgraded The packages to be deleted are: mysql-client-4.1 mysql-common-4.1 mysql-server-4.1 openoffice.org-bin openoffice.org-debian-files openoffice.org-debian-menus openoffice.org-help-en openoffice.org-l10n-en Now, I don't care about deleted packages as long as the equivalent is being brought in with other packages, however, I only see 2 mysql packages being installed: mysql-client-5.0 mysql-common neither of which provides mysql-server. Also, the only openoffice files being added are: openoffice.org-common openoffice.org-core openoffice.org-java-common openoffice.org-l10n-en-us Of these files: oo.o-common replaces oo.o-debian-files oo.o-core replace oo.o-bin oo.o-l10n-en-us replaces oo.o-l10n-en oo.o-common-java is new While the help for 1.1.3 is removed, no help is installed for 2.0 Nothing replaces, or conflicts with openoffice.org-debian-files (that I can see), yet it is being removed. I'm not surprised that it is not mentioned (in apt-cache show) for any of the packages to be installed, since it was from the package that I dl'd directly from www.openoffice.org that I used to install v 2.0 previously. IOW it is not from a Debian package, at all. So, as near as I can tell, doing this dist-upgrade whould leave me without a mysql server, will remove my help for oo.o 1.1 while not providing any for oo.o 2.0 and will break the version 2.0 of oo.o that I currently have installed. Is this correct, or am I missing something here? The idea of the backports is not that you use them as a regular package repository for keeping your system up to date, but that you bring in certain packages that you know you want that aren't in stable. Say you are working on a web server and the new content system needs php5. You can use the backports packages to migrate (carefully) to php5. I would not recommend using it as a generic upgrade system. The mysql issues you saw were because backports provides mysql-common in the 5.0 range, which replaces the 4.1. This requires removing all the 4.1 mysql packages since they depend on that, but won't cause the 5.0 mysql packages to automatically be installed. My recommendation is to keep backports in your sources.list file, but add the following to /etc/apt/preferences: Package: * Pin: release a=sarge-backports Pin-Priority: 200 This will keep all the packages in the backports repository at a lower priority (200) than the main sarge repositories (500). After that you can carefully install whichever backported packages you want to use. Sometimes that may involve manually tracking down issues. For example to upgrade mysql to 5.0 you now need to override the package priority on mysql-common to install the 5.0 version or the other mysql 5 packages will be broken. Using aptitude in curses mode makes this pretty easy. Once again I would not recommend blinding pullingin packages from backports, and certainly not trying to dist-upgrade from it. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: your mail
On Thu, Feb 09, 2006 at 12:29:23PM -0500, [EMAIL PROTECTED] wrote: Which video card is supported for a DEC Alpha? X-Accept-Language: en Priority: normal Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: 7bit I have installed Debian Linux v. 3.1 (sarge) for an Alpha computer system. I am using a DEC Alpha motherboard 164-LX running at 533 MHZ. I have tried using a Matrox Millennium II video card in both MGA and VGA modes and have been getting an xfree86 server crash saying that the "screen is not found". I have also tried an older Trident video card running it in VGA mode with the same error. I would like to know which video card is supported for a DEC Alpha by Debian Linux without having to modify the kernel? I am sure that someone is out there who is actually running a system like mine with a working video card? I would like to know the make and model of the card that you are using and the extent to which it works. I am looking ahead for a reply that can be helpful to me in getting this system running in x-windows mode with bothe the KDE and Gnome desktops. I can't answer your question but I can suggest that you use an appropriate subject in your emails so that those who just skim the list can see what you're asking about. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: upgrading Cyrus
On Thu, Mar 02, 2006 at 06:08:28PM +0100, . wrote: Hi, has anyone yet updated Cyrus 1.5.19-9.2 to 2.2.12-4? I was in the middle of testing the conversion on a copy of the mail spool, but lacked the ctl_mboxlist script/program. That should have been in the cyrus-common package, but it was nowhere to find in version 2.1. So I had to upgrade to 2.2, but that file is still nowhere to be found. I'm trying to follow the upgrade instructions provided in the Cyrus docs, and the only thing that apparently worked yet is running the dohash script. Where do I go from here? Are you sure it's not hanging around in /usr/sbin? I built the cyrus 2.2 packages for sarge using the unstable source package for 2.2.12-4 and /usr/sbin/ctl_mboxlist is provided by cyrus-common-2.2. /usr/sbin contains ctl_cyrusdb and ctl_deliver as well. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian 3.1 on a Dell PowerEdge 2800 Server
On Thu, Mar 02, 2006 at 02:56:01PM -0500, Yu,Glen [Ontario] wrote: Hi everyone, I'm plan on installing Debian 3.1 (2.4.27 kernel) on a Dell PE2800 server soon (just waiting for a few more pieces of equip. to arrive) and while I have used Debian a little bit in the past, I've never installed in on a server before. I was hoping somebody who has done this before can give me some tips/info on the following: 1) does/will Debian have issues if I use the hw RAID controller on the Dell server? 2) the server will have dual Xeon processors and 8GB of RAM, does Debian suppor this? (I've read in some places that Debian doesn't support > 4GB of RAM, etc. but I haven't been able to get a definite answer to that from googling) Both of your questions are pretty much entirely dependent on the kernel you use, and shouldn't be too specific to debian. The 2.6 kernel might be more compatible with some newer hardware than the 2.4 kernel, but you might simply have to compile your own kernel if things don't work out of the box. As far as large memory support, I am pretty sure debian's kernel has this enabled, but I've never had a machine I could test that on. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Generate thumbnails
On Mon, Mar 06, 2006 at 10:37:30AM -0500, Michael Marsh wrote: On 3/6/06, Craig M. Houck <[EMAIL PROTECTED]> wrote: What is any easy to use program to generate thumbnails from a 'full sized' image? convert or mogrify is probably the easiest. I have tried many programs found using apt-cache search BUT either I am to stoopid to figure them out or they really don't do what I want. Fore xample: convert image.JPG -resize 10% images.jpg complains. It complains for two reasons: 1) The options are supposed to come before the input file (though it might be smart enough to figure this out; and 2) Your -resize option is under-specified. The options are most definitely NOT supposed to come before the input file. This changed in version 6.x to make the ImageMagick syntax more consistent. The old behavior still works in certain situations, but there are no guarantees. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Generate thumbnails
On Mon, Mar 06, 2006 at 11:03:26AM -0500, Michael Marsh wrote: On 3/6/06, Steve Block <[EMAIL PROTECTED]> wrote: The options are most definitely NOT supposed to come before the input file. This changed in version 6.x to make the ImageMagick syntax more consistent. The old behavior still works in certain situations, but there are no guarantees. Thanks for the correction. I was working from the man page on my RHEL box at work, which is for version 5.5.6. I guess that means my scripts are now broken. That happened to me when I switched from a Mac OS X host with 5.somethingoranother from Fink to my current Debian host with 6.0.6.2.something. I had to rebuild several scripts that had 'mysteriously' stopped working. The old syntax does something work, but not always, and my scripts all broke because of the change. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Generate thumbnails
On Mon, Mar 06, 2006 at 04:55:41PM -0500, Matthias Julius wrote:
Steve Block <[EMAIL PROTECTED]> writes:
The options are most definitely NOT supposed to come before the input
file. This changed in version 6.x to make the ImageMagick syntax more
consistent.
Consistent with what? Not many tools are expecting non-option
arguments before options (I can't think of one). How about changing
cp, mv etc.? It's a bad decision to change behavior like that.
Internally consistent. If you look at the 6.x documentation they treat
the whole thing as a stream operation, i.e. load an image, do this, do
that, maybe load a second image and so something with that, composite
the two images, load a third, resize it, change some colors, add a
border, and then write output. If you look over the documentation it
starts making a lot of sense.
This is especially useful when using other interfaces such as the Perl
module, PHP module, or C++ API.
For example, from one of my perl scripts:
my $image = Image::Magick->new;
# Read the image into the object, print any errors that occur
my $rc = $image->Read("$file");
warn "$rc" if "$rc";
# Create the thumbnail using ImageMagick commands
# Feel free to set the sequence to anything you like for
# thumbnail creation
#
# For more info, see
# http://www.imagemagick.org/script/perl-magick.php
$image->Set(quality=>'85');
$image->Set(density=>'72x72');
$image->Set(interlace=>'Line');
$image->Resize(geometry=>'300');
$image->UnsharpMask(radius=>1.3, sigma=>1.1, amount=>40, threshold=>0.05);
$image->Crop(geometry=>'125x125+20+20');
$image->Set(bordercolor=>'white');
$image->Border(geometry=>'1x1');
$image->Write($sqfile);
The command line program convert would follow the same sequence of
opration:
convert file.jpg -quality 85 -density 72x72 -interlace Line -resize 300
-unsharp 1.3x1.1+40+.05 -crop 125x125+20+20 -bordercolor white -border
1x1 out.jpg
There is a pretty good explaination of why these options changed at
http://www.cit.gu.edu.au/~anthony/graphics/imagick6/basics/
--
Steve Block
http://ev-15.com/
http://steveblock.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: I missed the kernel-image to linux-image thing!
On Tue, Mar 07, 2006 at 04:23:39PM -0500, Patrick Wiseman wrote: I guess I missed something in the weekly update of my testing system. I needed to recompile my 2.4.27 kernel (because USB mass storage suddenly broke, on which I'll post seperately if I can't figure it out). So, I go to 'dpkg -i linux-image-2.4.27_...' and it bails because installation will overwrite a file (it turns out LOTS of files) provided by ' kernel-image-2.4.27'. I used the --force-overwrite option to dpkg to install anyway, and it seems no harm was done. I'm sure there was some good reason for the change, but the transition could have been made a little more transparent! You're probably right about the transparancy bit. The reason for the change was so that 'kernel' did not necessarily imply 'linux', and gives debian the ability to package multiple kernels (solaris, hurd) in the same package system as linux. Of course I'm not exactly sure how that would effect the rest of the environment, i.e. i wouldn't expect a program compiled for linux to run on a solaris kernel. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Managing memory usage per *user* (or group) not per *process*?
On Wed, Mar 08, 2006 at 03:19:50PM +, Dave Ewart wrote: I have a system which I manage which has many users. Now and again, during busy periods, if many users are working at once the machine starts swapping and performance goes through the floor. This is because the main purpose of the machine is to run statistical analyses of large datasets which results in heavy RAM usage. I'd like to impose resource limits on RAM usage. The standard approach to this appears to be to use ulimit/setrlimit, which allows one to set process limits for various things. But, the underlying flaw with this approach is that the limits operate per *process*, not per user. This means that if there is a process limit of 1GB RAM, there is nothing stopping a user running many processes each of which are 'only' 900MB, for example. Is there a way to impose resource limits (spec. RAM usage) per user? Or, even better, per system group (so I could say "all users in group 'staff' are limited to a total memory usage at any one time of 4GB RAM" or similar)? Any suggestions and ideas most welcome! I think /etc/security/limits.conf may be what you're looking for. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Intel Xeon
On Thu, Mar 16, 2006 at 10:31:56AM -0500, Roberto C. Sanchez wrote: Quoting Lars Roland <[EMAIL PROTECTED]>: On 3/16/06, debian <[EMAIL PROTECTED]> wrote: Hi I have an Intel Server with an Xeon Nocona 3.0 GHz EMT64 processor. I would like to run it as a stable webserver. Which distribution shall I install? You can install both i386 and amd64 (the last usually requires you to make some changes to the bios in order to address more than 4GB of physical memory). Is it possible to install x386 Sarge? Are there any known issues? Which is the savest way to go especially when considerating future updates? I just installed Debian etch i386 on one of these and it works perfectly, this also brings you kernel 2.6.15 along with udev so no need for spiffy tricks in order to compile kernels never than 2.6.12 - etch (testing) seams to be very stable and performs great (at least when running apps such as Apache, php, mysql...). Why i386? I have heard that Xeons suffer terrible performance when running in 32-bit mode. Is this not the case for you? Xeons are 32 bit, though I think some of the new ones have the 64 bit extensions. Perhaps you are thinking of Itanium? -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Why backports packages not deactivated
On Wed, Mar 15, 2006 at 02:58:43PM +0100, Michelle Konzack wrote: Am 2006-03-08 00:05:52, schrieb T: $ grep -1 backports /etc/apt/preferences Package: * Pin: release a=sarge-backports Pin-Priority: 200 Why not use: Package: * Pin: origin www.backports.org Pin-Priority: 200 Michelle, that should pin the package in the same way but his problem was that the package version he had installed was at priority 100, as it was not available in any other archive. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Copress a directory
On Fri, Mar 24, 2006 at 02:20:02PM +1100, Star King of the Grape Trees wrote: Rocky Ou wrote: Hey, Can anyone tell me how to compress a directory so that I could SCP it to remote server more quikly? I tried gzip -cf directoryName it does not work, And then I tried tar -vf DirectoryNme no rerult as well. I may blind but I could not find solution in gzip --help as well. Thanks a lot in advance! tar -cvj directory -f directory.tar.bz2 Or, for those who think it is a sin to use '-' when it isn't required: tar jcvf dir.tar.bz2 dir for bzip2 compression, or for gzip: tar zcvf dir.tar.gz dir -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: do I need to have ide-scsi loaded for 2.6 kernels?
On Thu, Jul 14, 2005 at 11:54:01AM -0400, kamaraju kusumanchi wrote: I googled around but there is not an affirmative answer. People seem to loading/unloading ide-scsi module by trial and error until their cdrom starts working. My question is, is it needed at all for 2.6 kernel? Running unstable. $uname -a Linux kusumanchi 2.6.9-1-686 #1 Thu Nov 25 03:48:29 EST 2004 i686 GNU/Linux I currently run 2.6.8 on a desktop machine with a 48x Lite-On burner, and do not use ide-scsi. I believe it is no longer the recommended way to do things. cdrecord and cdrdao both work fine here with the ATAPI interface. I think K3B works as well, but it's been a long, long time since I used it, and I'm not sure if that was after i switched from 2.4. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: novell hula open source project?
On Fri, Jul 22, 2005 at 04:43:23PM -0600, Cam wrote: Hi, I'm setting up a web server. Everything is finished except for the webmail portion. The setup i have going on currently is Postfix/Courier(IMAP and POP)/MySQL(for the virtual users)/Amavis(w/ ClamAV and Spamassassin). That stuff is all working really great. The portion i am lacking is webmail. Initially i tried sqwebmail (courier), but it was just way too ugly and i would feel guilty giving that to the users. Then i checked out squirellmail, which is a step in the right direction, although still a little bland (maybe not too big of a deal?). A friend recommended Hula to me. The interface is beautiful, and i like a lot of the features. Unfortunately, it seems that it wants to do *everything* (be it's own mail server, web server, imap server, etc.). That seems like a lot of crap when i already have *all* of that stuff working anyway. Would it be worth it to run anyway? Hula is easily moved to other ports so that you can have the services running side-by-side, but is it worth it to do it this way? will i take a huge performance hit? tips or experience would be appreciated. If you think squirrelmail is ugly, you might take a look at ilohamail. It's faster and better looking than squirrelmail. I would use it myself if it had a plugin to talk to my SIEVE server. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: unsubscribe
On Thu, Jul 28, 2005 at 03:00:58PM -0400, Xinjiang Lu wrote: I have already tried all methods that I know, it turns out that simply no way to sign off. 1. Go to http://www.debian.org/MailingLists/unsubscribe 2. email to [EMAIL PROTECTED] 3. email to [EMAIL PROTECTED] What's the problem with this mailing list? Thanks for your help. Check the mails you're getting for the Return-Path header, make sure it matches the name of the email address you're trying to unsubscribe. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: call for a vote -- should debian-user mailing list replies go to author or to list?
On Wed, Aug 24, 2005 at 09:27:28PM +0100, Doofus wrote: Yes, I've read a lot in the twenty minutes since writing the above. I use thunderbird though in linux, solaris and windows. No matter, I'll deal with it. Maybe I'll look at the much lauded mutt... Part of the problem with this whole thing is that Thunderbird is a truly awful mail client. Yes it generally works and yes it is cross platform but it is very poorly put together. Besides the list header stuff it threads poorly, defaults to sending html messages, and does not default to using SSL even when the server supports it (how hard is it to check for SSL capability of a server when setting up a new account). It also has some really screwy IMAP behavior. So yes, Thunderbird does not include a "reply to list" function, and yes that's just another problem with a problematic mail client. As far as the list header munging stuff goes, I don't think it would really bother me either way, but having the ability to choose to reply on or off list based on which button I push is kind of nice. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: php4-mysql
On Thu, Jun 30, 2005 at 12:42:09PM -0500, Ian wrote:
Hello, I am running Debian Sarge on my new server. I installed apache2 and the
required php4 packs along with mysql4. I can get php running, but the php
doesn't seem to be compatible with mysql4. Can you please help me solve my
problem?
Check the results of phpinfo (new php file containing only
and look for the mysql section for more information.
I can think of two possibilities here. The first might be that
php4-mysql is not installed, and the second could be that the mysql api
in php is still a 3.x version. The default password hash in mysql 4.x
changed to a much longer and supposedly more secure key.
If mysql support is not installed, install the php4-mysql package. If it
is a version issue, change your password to use the old hashing type by
logging into the mysql console and setting it using the old_password
command:
mysql> set password = old_password('thepassword');
--
Steve Block
http://ev-15.com/
http://steveblock.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sarge and software patents
On Thu, Jun 30, 2005 at 10:25:47PM +0200, Guillaume TESSIER wrote: Kent West wrote: Guillaume TESSIER wrote: My little sister could register on a web site. and If tomorrow my job is to migrate Linux plateforms onto windows, then i'll feel like and will soon be unemployed. Realizing that different cultures have different concepts of "foul language", this is just a reminder of Debian's stated policy, from http://www.debian.org/MailingLists/: Code of conduct Do not use foul language; besides, some people receive the lists via packet radio, where swearing is illegal. There are other languages and behaviors that don't use or bit are much worst. There is a huge misinformation campaign to make deputies think software patents are necessary for innovation. Many people are mooving. Like writing letters to their deputies and to newspapers. The more people would have been reacting, the more chance we would have to avoid the disaster. It's sad that software has to deal with politics. Also sad you think i'm the bas guy. You're making jerk of yourself in front of hundreds of people. Please stop or take your comments to slashdot, where they belong. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Newbie: What's the Best Window Manager?
On Mon, Jul 04, 2005 at 11:32:21AM -0300, Eduardo B. V. Pereira wrote: Hi, I'm new to Linux and I would like to know which window manager do you think is the best one and why, to help choose the ones I'm going to try first. This has been covered several times in the past on this list. One of the most recent discussions can be found here: http://groups-beta.google.com/group/linux.debian.user/browse_thread/thread/27c44ac62e37253a/c86e93a96c7e2f6a Note: I find google groups easier to search than the debian-user archive. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: postfix+cyrus21
On Sat, Sep 03, 2005 at 12:47:20AM -0700, Vadim Kutsyy wrote: I am trying to configure postfix/cyrus21 mail server combination, and I am having problem with lmtp socket. I more of less followed http://wiki.ev-15.com/debian:mail_system so I used dpkg-statoverride to allow access to /var/run/cyrus/socket/lmtp, but I am getting error in the log file: Sep 3 00:30:08 kutsyy postfix/lmtp[32392]: DD23560CC0B1: to=<[EMAIL PROTECTED]>, orig_to=, relay=none, delay=1, status=deferred (connect to /var/run/cyrus/socket/lmtp[/var/run/cyrus/socket/lmtp]: No such file or directory) What am I missing? Thanks, PS: postfix does have access to /var/run/cyrus/socket/lmtp: # su postfix # ls -la /var/run/cyrus/socket/lmtp srwxrwxrwx 1 root root 0 Sep 3 00:28 /var/run/cyrus/socket/lmtp Hi from the guy that wrote that guide. :) What are the permissions of the socket directory itself? On my setup I've got the following: [EMAIL PROTECTED]:~$ sudo ls -l /var/run/cyrus/socket total 0 srwxrwxrwx 1 root root 0 Sep 1 12:56 lmtp srwxrwxrwx 1 root root 0 Sep 1 12:56 notify But the directory containing those files has these permissions: [EMAIL PROTECTED]:~$ sudo ls -ld /var/run/cyrus/socket drwxr-x--- 2 cyrus lmtp 4096 Sep 1 12:56 /var/run/cyrus/socket So although the lmtp socket itself has full permissions, postfix itself has to be in the lmtp group or it can't even see inside the directory. I would start by making sure postfix is a member of the lmtp group [EMAIL PROTECTED]:~$ id postfix uid=101(postfix) gid=103(postfix) groups=103(postfix),45(sasl),1001(lmtp) If it isn't then add it to that group [EMAIL PROTECTED]:~$ sudo adduser postfix lmtp If it already is, then check the permissions in the directory chain on the way down into that socket directory and see if there's something in there preventing postfix from seeing the socket. A last thing to do if none of that works is to check the master.cf file and see if the lmtp agent is running chrooted. It shouldn't be (n in the fifth column). Good luck. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mutt rocks
On Tue, Sep 06, 2005 at 05:38:07AM +0100, Joe Mc Cool wrote: mutt really is super. Thanks a lot to everybody involved. And to think it took me all these years to find out. Happy day! If you're like many of us your muttrc will grow over time, getting longer and longer like a cancer. =D No wonder it seems so confusing to new users (myself included, about 2 years ago). -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: NOT INTERESTED!
On Thu, Sep 08, 2005 at 12:51:16PM -0400, [EMAIL PROTECTED] wrote: Hi, I DO NOT WANT YOUR WEB PAGE! STOP BLOCKING MY FREEMAIL.HU WEB SITE WITH YOUR HOMEPAGE! I AM NOT INTERESTED, TAKE YOU WEB PAGE AWAY! Awesome. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Checking `bindshell'... INFECTED (PORTS: 3049)
On Wed, Sep 28, 2005 at 11:42:24AM -0700, Raquel Rice wrote: On Wed, 28 Sep 2005 12:38:27 +0200 Sonixxfx <[EMAIL PROTECTED]> wrote: The netstat command should show you what is listening on that port but rootkits often hide themselves from netstat, ps and such. What package does ps reside in? I went and looked and it appears to be provided by the procps package. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sarge - postfix/saslauthd issues
On Sat, Jul 09, 2005 at 05:36:49AM -0500, BJ Dierkes wrote:
PROBLEM 1:
The first problem is is that Postfix can't connect to the saslauthd
socket. The reason appears to be because it is running in a chroot
environment (by default) and the socket is outside of the jail by
default.
These what the vars in the "/etc/init.d/saslauthd" script looks like:
NAME=saslauthd
DAEMON="/usr/sbin/${NAME}"
DESC="SASL Authentication Daemon"
DEFAULTS=/etc/default/saslauthd
PWDIR=/var/run/saslauthd
PIDFILE="/var/run/${NAME}/saslauthd.pid"
The saslauthd socket is created as "$PWDIR/mux". However, Postfix
looks for it as "/var/spool/postfix/var/run/saslauthd/mux".
Errors without /var/spool/postfix/var/run/saslauthd/mux (/var/log/
mail.log):
postfix/smtpd[7663]: warning: SASL authentication failure: cannot
connect to saslauthd server: No such file or directory
postfix/smtpd[7663]: warning: SASL authentication failure: Password
verification failed
postfix/smtpd[7663]: warning: SASL PLAIN authentication failed
To fix it I removed "/var/run/saslauthd", and then recreated it as a
soft link to "/var/spool/postfix/var/run/saslauthd" (make sure that
postfix or whatever the postfix user is, is a part of the sasl group).
This fixes the problem for me, but Is there anything I'm missing? I
really didn't find anything in the documentation for saslauthd that
led to this. Just want to make sure I didn't waste hours of my life
for no reason. ;)
This is the method I originally used, though I tied it in with
dpkg-statoverride and some other things. I agree that it is an annoying
and somewhat hidden problem. The solution I tried and stuck with after
my second postfix installation was to create a bind mount between
/var/run/saslauthd and the directory inside the postfix chroot. I
created the directory /var/spool/postfix/var/run/saslauthd and then
added the following to my /etc/fstab file
/var/run/saslauthd /var/spool/postfix/var/run/saslauthd none rw,bind 0 0
It was easier to do it this way and have the machine come up fully and
properly with a reboot, since I always seemed to have to recreate the
symlink on reboot with the prior method (until I started editing startup
scripts, but let's not get into that).
--
Steve Block
http://ev-15.com/
http://steveblock.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Securing SSH: Does disabling password authentication work?
Like most everyone who runs an SSH server on the standard port (22), I get frequent dictionary based access attempts. They don't worry me greatly, since I have only a few users and somewhat draconian password policies, but I am still interested in taking a proactive approach to SSH security. I looked at my logs and found that every one of these attacks used password authentication when trying to authenticate to the server. This gave me the idea that I could disable password authentication while leaving the keyboard-interactive (through pam) and public key based systems active. Running ssh -v now reports the following debug1: Authentications that can continue: publickey,keyboard-interactive Users can still connect to the server and type in their passwords on the screen without any trouble. Public keys work fine as well. Am I right in assuming that the password based scripted login attempts will fail even if they somehow (heaven forbid) guess a valid password? Is there an easy way to test this? I've only ever used keyboard-interactive login and public keys. Also, I can't switch to only allow key based logins because some of my users are also whiners and any change I made that required them to go do work like generating keys would result in a lot of complaining. There are also times when I need to log in from another machine and don't have my keys handy. Advice and insight are appreciated. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Securing SSH: Does disabling password authentication work?
On Mon, Oct 03, 2005 at 04:54:14PM +0100, Jon Dowland wrote: On Mon, Oct 03, 2005 at 10:14:58AM -0500, Steve Block wrote: I looked at my logs and found that every one of these attacks used password authentication when trying to authenticate to the server. This gave me the idea that I could disable password authentication while leaving the keyboard-interactive (through pam) and public key based systems active. Am I right in assuming that the password based scripted login attempts will fail even if they somehow (heaven forbid) guess a valid password? Is there an easy way to test this? Are you still getting a long list of dictionary attack attempts in your logs? Good question. I looked at the logwatch analysis from before I made the change and after. Before I made the change the list of failed or illegal login attempts were reported as one of faileduser/password from ip.addr. or faileduser/none from ip.addr. From the logs I've looked at after I changed my SSH configuration, I now only see the latter, perhaps because the password authentication method is no longer available. So does this seem like a viable way to avoid the current generation of SSH attacks? Of course nothing is bulletproof but am I actually more secure than before? -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Securing SSH: Does disabling password authentication work?
On Mon, Oct 03, 2005 at 10:47:27AM -0700, Alvin Oga wrote: hi ya steve On Mon, 3 Oct 2005, Steve Block wrote: login attempts were reported as one of faileduser/password from ip.addr. or faileduser/none from ip.addr. >From the logs I've looked at after I changed my SSH configuration, I now only see the latter, perhaps because the password authentication method is no longer available. are you saying that you still get ssh log entries ?? if so, sshd is still responding to incoming ssh connection on other ports Of course nothing is bulletproof but am I actually more secure than before? no ... you made no other security changes other than port# which can trivially be changed to do exactly the same port 22 attacks on other ports I'm afraid you didn't read at all, did you? Start from the top of the thread and read again, and you'll see that my question had nothing to do with port numbers at all. I'm asking if disabling password authentication while leaving keyboard-interactive/pam and publickey methods available would pretty much leave the current automated attacks high and dry since they use password based connection attemps. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Securing SSH: Does disabling password authentication work?
On Mon, Oct 03, 2005 at 08:12:32PM +, Pollywog wrote: On 10/03/2005 07:49 pm, Steve Block wrote: I'm afraid you didn't read at all, did you? Start from the top of the thread and read again, and you'll see that my question had nothing to do with port numbers at all. I'm asking if disabling password authentication while leaving keyboard-interactive/pam and publickey methods available would pretty much leave the current automated attacks high and dry since they use password based connection attemps. Disallowing password logins helps make your machine more secure, as does allowing only SSH protocol 2. Of course, but I'm trying to figure out if there is a solid distinction between "password" and "keyboard-interactive/pam" as it pertains to these scripts. My users and I can still log in by typing our passwords, but that occurs as a keyboard-interactive login (as confirmed by turning verbosity up) rather than a direct password login. I'm really hoping for insight, I guess. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Securing SSH: Does disabling password authentication work?
On Mon, Oct 03, 2005 at 01:24:27PM -0700, Alvin Oga wrote: On Mon, 3 Oct 2005, Steve Block wrote: I'm afraid you didn't read at all, did you? Start from the top of the thread and read again, and you'll see that my question had nothing to do u sure do have an whacky attitude for being the one that is cracked the answer still is no... you are not any more secure for the sme identical reasons posted previously that you didnt read/understand to use your own words :-) Who said anyone was cracked? I'm trying to take a proactive security approach here. Let me clarify. In a default debian/sarge install there are three available SSH authentication options: 1) password 2) keyboard-interactive with pam (would allow auth against LDAP or any other authentication method possible with pam) 3) public/private keys According to what I can see from my logs, these automated attempts are trying to use the first method to log in. The second method is what the standard OpenSSH client uses by default when no keys are being used, and the log report for a failed login of this type is different than for the automated attempts. I prefer to use the third method myself, but like I said I am unwilling to only allow that method. I edited my ssh config file to disable the first method, leaving only 2) and 3) available. With the second method a user can still log in with their system password (default pam configuration) but the authentication is handled by pam and not the ssh server itself (I think). My users obviously haven't noticed, and I still normally use keys. I just want to know if it has made it impossible for the automated dictionary attacks to log in (the current generation, anyways). Sorry if I sounded snippy, it's just hard to find any solid info on this. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Synaptic Package Manager vs. RPM
On Thu, Oct 06, 2005 at 05:39:43PM +0100, Thomas Adam wrote: --- Jeremy Merritt <[EMAIL PROTECTED]> wrote: What makes Synaptic different from RPM in "concept"? The question you're really asking is: "What makes .deb different from .rpm in concept." ... because Synaptic is just a GUI-frontend. The tools behind it (dpkg, and friends) do all the real work. Can you manage any packages via RPM in Debian? I saw there was some kind of RPM utility but I never worked with it much. There's "alien", but you shouldn't need it, and I wouldn't recommend you use it on any critical packages you're going to need to install. I'd be surprised if there wasn't a .deb file of an RPM already in existance, for most packages. It should also be noted that alien converts the RPM package to a .deb package that can be installed with dpkg, and therefore be managed by the package system. You can install packages directly via rpm sometimes but I wouldn't recommend it, since they will not be registered with the debian package system. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Where is my Economist?
On Thu, Oct 06, 2005 at 06:27:11PM -0500, John Hasler wrote: Please do not follow up to these. You'll just generate Google hits and therefor more such emails. Bah, I find this stuff more amusing that what usually goes on in here. :-) -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Remote linux desktop access
On Fri, Oct 07, 2005 at 02:27:25PM -0400, Antonio Rafael C. Paiva wrote: Hi! Does anyone know how to have X access remotely through ssh? If I open a terminal and connect using ssh I can open specific application but not the whole desktop environment, that I would like to map to a different display on my machine. (I'm using X.org.) I know a couple ways. One is with Nomachine NX, a commercial project, or it's open source based free brother, FreeNX. It's slightly tricky to set up but works rather well and runs over SSH. FreeNX is not available in the official debian repository (I think) but there are debian packages available. (A little google can help, hopefully). Another simpler option, the one I currently use, is to start a VNC server, firewall the vnc port to external connections (or have it only listen on localhost), and set up an SSH tunnel to the VNC server. Then just start a VNC client and point it to your local tunneled port. If you want to keep the same desktop both locally and remotely, I believe KDE and GNOME have that option under Desktop Sharing or a similar name, and those are VNC servers that can be accessed with a regular VNC client. If you mostly use the machine remotely then the regular command line vncserver will do. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to completely reinstall a package?
On Fri, Oct 07, 2005 at 03:47:29PM -0500, Tim McDonough wrote: I'm running Debian (Sarge) and had used X-Windows very little on what's primarily a file server when I got a larger, nicer monitor for the system. It was not obvious to me how to reconfigure the system for the better capabilities of the monitor so I, perhaps unwisely, decided I could simply uninstall then reinstall X-Windows and KDE. I ran... apt-get --purge remove kde apt-get --purge remove x-window-system Once that was done I used apt to install these pieces again but there are apparently remnants of the originals around so it never takes me through the configuration screens and I cannot get the windowing programs to run. In fact I cannot even find the startx command on the machine. I'm certain this is some sort of classic newbie screw-up. Would someone explain what I've done wrong and how I might re-install things properly? Any help would be appreciated. Running dpkg-reconfigure will take you through the configuration stuff again. As far as missing programs such as startx goes, I am unsure. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to completely reinstall a package?
On Fri, Oct 07, 2005 at 04:47:55PM -0500, Tim N9PUZ wrote: Steve Block wrote: Running dpkg-reconfigure will take you through the configuration stuff again. As far as missing programs such as startx goes, I am unsure. dpkg-reconfigure x-window-system didn't do anything obvious. Reading the man page I suspect the window system isn't one that's configured by dpkg. If you are configuring something like monitor settings, I believe the package that actually has the settings is the X server itself. For sarge, xserver-xfree86. x-window-system is a dependency package, if i recall correctly, that gets a bunch of other packages installed to make it easier to set up an X system. I'm taking this all from memory right now, becase I don't have an X enabled system handy (I'm on windows at work at the moment). -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Solved: Re: Remote linux desktop access
On Fri, Oct 07, 2005 at 05:43:20PM -0400, Antonio Rafael C. Paiva wrote: Thank you all, and Steve especially! FreeNX works great, and does exactly what I wanted. Antonio, glad I could help. Since it was helpful though, it would have been good to send this back to the list. I'll CC it to the list just so anyone searching for a similar answer can find it. Steve Block wrote: On Fri, Oct 07, 2005 at 02:27:25PM -0400, Antonio Rafael C. Paiva wrote: Hi! Does anyone know how to have X access remotely through ssh? If I open a terminal and connect using ssh I can open specific application but not the whole desktop environment, that I would like to map to a different display on my machine. (I'm using X.org.) I know a couple ways. One is with Nomachine NX, a commercial project, or it's open source based free brother, FreeNX. It's slightly tricky to set up but works rather well and runs over SSH. FreeNX is not available in the official debian repository (I think) but there are debian packages available. (A little google can help, hopefully). Another simpler option, the one I currently use, is to start a VNC server, firewall the vnc port to external connections (or have it only listen on localhost), and set up an SSH tunnel to the VNC server. Then just start a VNC client and point it to your local tunneled port. If you want to keep the same desktop both locally and remotely, I believe KDE and GNOME have that option under Desktop Sharing or a similar name, and those are VNC servers that can be accessed with a regular VNC client. If you mostly use the machine remotely then the regular command line vncserver will do. -- Ant?nio Rafael C. Paiva Graduate student Computational NeuroEngineering Laboratory Electrical & Computer Engineering Department University of Florida Gainesville, FL 32611 WWW: arpaiva.webhop.net -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new users
On Wed, Oct 19, 2005 at 01:33:58PM -0400, Robert Wolfe wrote: Darren, you cannot do file transfers via SSH. You will need to use FTP to transfer the files. Or you can use SAMBA or CIFS to do file sharing on the Debian box, which is what I do. That's about as wrong as you can be, I think. There are two main mechanisms supporting file transfer over ssh: scp and sftp. The first is quite similar to the old rcp protocol, but is encrypted with ssh. The second is similar in function to the standard ftp protocol. It requires the sftp subsystem to be enabled in the ssh server configuration, but this is the default on a new install. There are both command line and graphical clients for either protocol. Command line clients are generally the scp and sftp programs that are provided by OpenSSH. Graphical clients are varied, and include FUGU on Mac OS X or WinSCP on Windows. Additionally, several standard FTP clients have added SFTP and/or SCP support recently, including Transmit on Mac OS X and FileZilla on Windows. In fact I highly recommend that anyone considering running an FTP server for personal file access instead investigate using SSH. It is simpler to set up and much more secure than an FTP server. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Writing technical text
On Fri, Oct 21, 2005 at 10:12:14PM -0400, William Ballard wrote: On Fri, Oct 21, 2005 at 10:51:07AM +0100, Antony Gelberg wrote: William Ballard wrote: > Single-letter element-centric XML is fairly readable: > > > 1432 > 1892 > You are joking, right? You're just not used to it. Once you get the hang of the "context" -- i.e., in that, means operation, first child of is the operator, example operators are times and plus , subsequent children of are operands, valid operands are either sub-operations or parenthesis for grouping, contains only text values which are numbers. I have carried this kind of thing out to express an entire relational database, including emedded schema, lookups, and computed columns, as a concise XML document that is easy to grasp at a glance and easy to maintain by hand in an editor. Here is an example. Look f'd up to you? Snipping out all the crap... I think you've misunderstood one of the major purposes of XML, and that is to be descriptive in tag choices. This is still uncomprehensible and ugly. I will maintain that XML is meant to be parsed by machines and that humans should be able to work with something else. With XML as a valid storage mechanism of course. Like iTunes or OO.o. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Solaris: The Most Advanced OS?
On Sat, Nov 05, 2005 at 04:26:21AM +0800, Heimdall Midgard wrote: 2005/11/4, Yuriy Kuznetsov <[EMAIL PROTECTED]>: [trimmed] I do agree with Lars regarding Solaris being on edge of advanced technologies. Besides S10 now open sourced (visit www.opensolaris.org, download and try yourself, also plenty of blogs by different categories) to community and Sun is planning to work very close with community developing future releases of Solaris. I'm not here to say anything against Debian but it's very difficult to say which one is the best unless you give it a try... I think it's time we emphasize the fact that Debian is not (just) Linux. Debian also comes in BSD and GNU/Hurd flavors. If Open Soalries is free as well as open, you can be sure some develepors are already working on a Solaris port that will make the claim moot. When such a thing happens, it would be like claiming Debian is a better OS than Red Hat. There is in fact just such a Debian GNU/Solaris project in the works. I ran across it on OSNews a short while back. http://www.gnusolaris.org/gswiki -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Dedicated Hosting, recommendations - Debian
On Sat, Nov 05, 2005 at 04:00:05PM +, Cliff Flood wrote: Hi All, I'm currently using a RHEL server hosted with EV1 Servers that I want to move away from in favor of a similar hoster that offers Debian as an option. The machine should be in North America for certain reasons. Our current product has a 1000GB per month limit and we'd need something similar from a new company. Monitoring and control panel type services aren't a concern. Do you have any recommendations for such a dedicated hosting company that offers Debian? Although it's unsupported, you can always run Debian on an EV1 machine, which is what I do. I generally followed this guide: http://www.underhanded.org/papers/debian-conversion/remotedeb.html with a few of my own adjustments. I set things up so I could do everything (including lilo) from the serial console, which EV1 makes available over ssh through a console server. That way if I broke something I would have a slightly better chance at fixing it. Not as good as something like Lights Out Management on a Sun, but I'll take what I can get. It took a while to get everything set up following that guide, but I've been using the result for about 6 months and it's great. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: unsubscribe
Read the paragraph below, which gets added to every email to this list, and try unsubscribing to the correct email address, please. To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: files became readonly!!
On Thu, Nov 10, 2005 at 11:32:24PM +0100, Johan Ask wrote: Hi, i have a big problem. all my files on the / partition became read-only! What the heck should i do? it happened after i was using a newly installed thirt-party-package names albumart (*Album* *Cover* *Art* Downloader <http://louhi.kempele.fi/%7Eskyostil/projects/albumart/>) I also did an upgrade but i dont know which packages that upgraded... I have googled a bit but find nothing. Someone have any idea what caused this and what to do about it? Have you checked to see if the volume itself is mounted read only? I am not sure what about upgrading could have set that, but it's possible. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Request to remove Information
On Fri, Nov 11, 2005 at 08:43:18AM -0800, Weissgerber, Tom L wrote: Debian, The following information should not have been made available to the entire public domain. Please remove the following links/files at your earliest convenience. * Date: Wed, 24 Sep 2003 10:57:42 -0700 * Message-id: <[EMAIL PROTECTED] <http://lists.debian.org/debian-user/2003/09/msg04351.html> > * In-reply-to: <[EMAIL PROTECTED] <http://lists.debian.org/debian-user/2003/09/msg04351.html> > * Message-id: <[EMAIL PROTECTED] <http://lists.debian.org/debian-user/2003/09/msg04364.html> > * Old-return-path: <[EMAIL PROTECTED]> * References: <[EMAIL PROTECTED] <http://lists.debian.org/debian-user/2003/09/msg04351.html> > * Reply-to: [EMAIL PROTECTED] <mailto:carla%40bratgrrl.com> I'm just sort of confused how this got mailed to d-u in the first place. Of course, once somethings on a public mailing list like this it's pretty much there forever. It's on my server (IMAP copies), google, debian's archive, usenet, and plenty of mirrors and individual machines. Consider it a lesson on addressing email, perhaps. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: aol art files:
On Fri, Nov 11, 2005 at 02:57:19PM -0500, [EMAIL PROTECTED] wrote: I keep getting a message to delete art files press settings--font--text-- graphics in preference. How do I accomplish this??? These settings are not above as the message says !!! [EMAIL PROTECTED] Ahahaha, awesome. They will never learn, ever. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: aol art files:
On Fri, Nov 11, 2005 at 02:57:19PM -0500, [EMAIL PROTECTED] wrote: I keep getting a message to delete art files press settings--font--text-- graphics in preference. How do I accomplish this??? These settings are not above as the message says !!! [EMAIL PROTECTED] Actually you know what I'll tell you exactly how to remove AOL art files from your computer. Get rid of AOL, get a standard cable or DSL internet connection, and delete windows and install Debian Linux. No more AOL, no more art files, and when you post to debian-user--a list for users of Debian GNU/Linux--you won't be in the wrong place. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Looking for a one-time "change this password" script for login
On Tue, Nov 15, 2005 at 07:28:22PM -0800, ke6isf wrote:
Every now and again, as is prone to happening on any server, I will create
a new account for users, and set a generic password for them, and thusly
instruct them on how to change it - ssh in, 'passwd', use the password I
just issued them, and have them come up with a better password than the
generic thing I just issued them. Problem is, though, that most of my
users are a little intimidated by the environment.
So that said, what I'm looking for is a simple script that, on creation of
an account, this script will wait for the new (l)user to log in via ssh,
welcome them, give them instructions on what precisely to do ("Change your
password now!"), ask for other miscellaneous options, and never come up
again, favoring the typical motd and whatever shell they want.
Is there a package I should look for, or is there a different (or
otherwise fairly standard) way I should go about doing this?
Would 'passwd -e username' as root do what you need? To quote the
manpage:
If you wish to immediately expire an account's password, you can use
the -e option. This in effect can force a user to change his/her
password at the user's next login.
Wouldn't address them setting their favorite shell, etc, like you
mention but if they are intimidated by the environment in the first
place it's probably best to just use bash, the default, anyways.
--
Steve Block
http://ev-15.com/
http://steveblock.com/
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Request to remove Information
On Tue, Nov 15, 2005 at 09:48:35PM -0600, Ron Johnson wrote: On Tue, 2005-11-15 at 18:49 -0800, Steve Lamb wrote: Edward J. Shornock wrote: [snip] > While there are some that probably go through trying to "make as much as > possible," that surely doesn't apply to everyone. It's the plain greed > that pisses me off with the corporations, as well as the politicians. > How many yachts or mansions does one person need? Envious much? It isn't a matter of need. How many toys the other guy has versus how much you think they need is irrelevant. I mean, hey, how much ELECTRICITY does one man need when there are people in other countries that don't have it. If they obtained the toys legally who gives a rats butt how much they have? That's not your concern and is, quite frankly, part of the problem. And how many people really *need* iPods? Do people really need to carry 3000 songs around in little $300 things that are literally almost as valuable as gold? No, they don't. A $50 MP3 player will work just as well. And XBoxes and PSPs and LCD monitors and, well, heck, just about every bit of consumer electronics made in the last 30 years is not necessary, and, compared to 80% of the people in the world, is extravagant as all hell. Work all day on a CRT for years and then switch to an LCD and tell me that they are "not necessary" or "extravagant as all hell." And your quip about how a $50 mp3 player will work just as well as an iPod is simply ignorant. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Request to remove Information
On Wed, Nov 16, 2005 at 03:49:16AM -0500, Antonio Rodriguez wrote: On Wed, Nov 16, 2005 at 09:38:37AM +0100, steef wrote: Steve Lamb wrote: believe me: i know where i am talking about. herman and i analyzed for over thirty years the workings of the nuclear industry mainly in europe. and now the *benefits* of corporations like monsanto pioneer hi-bred and the like for food and feed. illuminating. Speaking of the devil that keeps the US (European, etc) population getting fatter and fatter every day (growth hormone to cows, cows to human mouths, you know the chain, plus some other substances, etc), by the end of the year the gov is getting ready to approve the sale of cloned animals in the market, noiseless, as usual, no body knows, nobody cares, oh!, we are getting fatter, so fat that look like walking balloons... We are fat because we eat too much; because it's easy and cheap to eat too much. I am fat because I eat when I'm bored or not hungry at all, not because of growth hormones fed to cows. I prefer more natural things but I'm not going to go blaming someone else because I eat too much. -- Steve Block http://ev-15.com/ http://steveblock.com/ [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
