[gentoo-user] mono is broken,
I just emptytree built mono, still fails the test-install script, whatever that does... -- Please report bounces from this address to a...@numentics.com Powers are not rights.
Re: [gentoo-user] mono is broken,
On Saturday, March 3, 2018 9:36:28 AM CET Alan Grimes wrote: > I just emptytree built mono, still fails the test-install script, > whatever that does... It compiles just fine here. IOW, it is not broken. -- Joost
[gentoo-user] Spectre_v1 mitigations
I noticed two Gentoo systems (Intel & AMD) running kernel 4.14.23 show: cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Mitigation: __user pointer sanitization However, a Mint VM running kernel 4.13.0-36 shows: cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Mitigation: OSB (observable speculation barrier, Intel v6) Why would there be this difference and what does it mean? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: QEMU on a partition
On Saturday, 3 March 2018 03:09:25 GMT Ian Zimmerman wrote: > On 2018-03-02 20:12, R0b0t1 wrote: > > I can't find it again, but there was a neat writeup investigating the > > TCP over TCP "tunnel collapse" phenomena. When two layers are doing > > the same thing, there is a tendency for both to behave poorly. I'm not > > sure any deeper explanation was or can be offered, but it is something > > that holds true not only for network traffic, but disk IO and > > databases as well. > > I think I've seen that too, and it was when I decided to install and > learn openvpn in place of the everything-over-ssh setup I had before. I think the problem you mention refers to TCP retransmission timeouts, when you stack one TCP packet within another. RFC3439 warns against TCP layering: https://tools.ietf.org/html/rfc3439#page-7 UDP encapsulation as used for e.g. VPN does not suffer with the same problem because it does not use the same transmission quality control mechanism as TCP. I have used SSH within IPSec VPN tunnels without retransmission problems (both with and without UDP encapsulation). I am not sure if block device I/O protocols suffer the same problem - I don't really know how the read/write SCSI commands are queued and processed between host and guest OS. What I have noticed is abstraction layers relating to partitioning schemes, e.g. good ol' primary Vs logical partitions, make a difference *only* when the partition is initially mounted, but not thereafter. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Enable SSH Logging with Sysklogd
> On 3 Mar 2018, at 01:44, Lucas Ramage wrote: > > Hello, > > I have sshd running and I have sysklogd installed, but I do not see any logs > for attempted or successful connections. Is this IP public facing? `sudo grep ssh /var/log/messages | wc -l` returns about 3300 on my system, this with fail2ban installed and 1500+ IPs currently blacklisted. Stroller.
Re: [gentoo-user] Bouncing Messages
> On 2 Mar 2018, at 22:51, Grant Taylor > wrote: > > On 03/02/2018 09:36 AM, Ian Zimmerman wrote: >> These are all from Grant Taylor. They are DKIM-signed, and, not >> surprisingly given the list header and footer munging, signature >> verification fails (on my mail server). > > Correct. DKIM verification is failing and my DMARC policy is configured to > REJECT messages that fail DKIM or SPF tests. My recollection is that I read this isn't that beneficial - that a policy of ~ is adequate. Stroller.
Re: [gentoo-user] Bouncing Messages
On Thursday, March 1, 2018 11:38:42 PM CET Dale wrote: > Branko Grubic wrote: > > On Thu, 1 Mar 2018 14:42:35 -0600 > > > > R0b0t1 wrote: > >> I keep getting emails from the mailer daemon about bouncing messages. > >> I am worried. Am I missing messages from my internet friends? Please > >> send help. > >> > >> With much concern, > >> > >> R0b0t1 > > > > Hi, > > > > I was just thinking about asking the same question, I also get those > > recently. > > > > Regards, > > Branko > > I have got a couple recently as well. I wonder, can this be used to > retrieve those messages somehow?? > > > Here is the list of the bounced messages: > - 182748 > - 182749 > - 182751 > > > I keep my messages locally so when I miss messages, it can throw a thread > into some random weirdness. If one uses the web interface to read/reply > etc then it wouldn't matter but for those who use email software, it seems > we are missing something. > > I might also wonder, what happened to 182750?? You probably received 182750. I used to get these messages, this was caused by bad behaving spam filters on the receiving mailserver. I solved it by switching to different inbound mailservers. -- Joost
[gentoo-user] Vanishing BOINC disk display
Has anyone else noticed the disk occupancy display being blank recently? A
week or two, I think. This is in boincmgr, other parts of which still work
well.
$ eix -c boinc
[I] sci-misc/boinc (7.8.4{tbz2}@02/03/18): The Berkeley Open Infrastructure
for Network Computing
I suspect wxGTK and its friends, but I've no evidence yet.
--
Regards,
Peter.
Re: [gentoo-user] mono is broken,
J. Roeleveld wrote: > On Saturday, March 3, 2018 9:36:28 AM CET Alan Grimes wrote: >> I just emptytree built mono, still fails the test-install script, >> whatever that does... > It compiles just fine here. > IOW, it is not broken. Prove it, run mono-test-install and show me what a successful run looks like. =| # tortoise ~ # mono-test-install Active Mono: /usr/bin/mono Failed to compile sample System.Drawing program, your installation is broken tortoise ~ # -- Please report bounces from this address to a...@numentics.com Powers are not rights.
Re: [gentoo-user] Re: QEMU on a partition
On 03/03/2018 05:54 AM, Mick wrote: UDP encapsulation as used for e.g. VPN does not suffer with the same problem because it does not use the same transmission quality control mechanism as TCP. I think it's fair to say that it doesn't suffer at the protocol (TCP / UDP) level. There is nothing to prevent higher application layer retransmissions from compounding things. I am not sure if block device I/O protocols suffer the same problem - I don't really know how the read/write SCSI commands are queued and processed between host and guest OS. What I have noticed is abstraction layers relating to partitioning schemes, e.g. good ol' primary Vs logical partitions, make a difference *only* when the partition is initially mounted, but not thereafter. I've always operated under the assumption that there was additional logic ~> complexity, thus it must be slightly slower. That being said, I've long held that the performance overhead is extremely likely negligible and can be ignored. At least unless you are trying to squeeze every bit of performance out of something. I.e. HPC or low power / low speed devices. -- Grant. . . . unix || die
Re: [gentoo-user] Bouncing Messages
On 03/03/2018 07:47 AM, Stroller wrote: My recollection is that I read this isn't that beneficial - that a policy of ~ is adequate. I'm guessing that you're referring to SPF's "~all" policy. Why, as a domain owner that knows for a fact where messages are sent from, want to allow for the possibility of someone else spoofing messages as my domain to be "…accepted but tagged…"? (https://en.wikipedia.org/wiki/Sender_Policy_Framework) I run the servers, I know the email infrastructure, I *KNOW* how email is supposed to flow. So why give anyone an in rode? Further, I accept any and all responsibility for the SPF record that I publish blocking any legitimate email that I (*) send. The onus is on me if I break delivery of email that I send. * I do not consider messages from me re-sent by mailing lists to be messages that I send. I say this because my email infrastructure does NOT connect to any of the mailing list subscribers receiving email infrastructure. IMHO the mailing list is sending a /new/ message to those recipients. Said message just happens to be strongly based on a message that I sent. Finally, each and every single email administrator / domain owner / etc is allowed to configure their systems as they see fit. If they (or I) want to do something that will shoot them (or me) in the foot, who am I (or you) to stop them (or me) from doing so? -- Grant. . . . unix || die
Re: [gentoo-user] mono is broken,
On Saturday, March 3, 2018 5:03:10 PM CET Alan Grimes wrote: > J. Roeleveld wrote: > > On Saturday, March 3, 2018 9:36:28 AM CET Alan Grimes wrote: > >> I just emptytree built mono, still fails the test-install script, > >> whatever that does... > > > > It compiles just fine here. > > IOW, it is not broken. > > Prove it, > > run mono-test-install and show me what a successful run looks like. =| > > > # > > > tortoise ~ # mono-test-install > Active Mono: /usr/bin/mono > > Failed to compile sample System.Drawing program, your installation is broken > tortoise ~ # Proof: $ mono-test-install Active Mono: /usr/bin/mono Your have a working System.Drawing setup Your file system watcher is: System.IO.InotifyWatcher $ -- Joost
Re: [gentoo-user] Bouncing Messages
On 03/03/2018 12:00 PM, Grant Taylor wrote: * I do not consider messages from me re-sent by mailing lists to be messages that I send. I say this because my email infrastructure does NOT connect to any of the mailing list subscribers receiving email infrastructure. IMHO the mailing list is sending a /new/ message to those recipients. Said message just happens to be strongly based on a message that I sent. Further to this point… When Dale (et al) requested that messages (which were reported in their bounce notifications) be re-sent to them, those messages did NOT originate from my email infrastructure in any capacity. They are complete (re)generations by the mailing list manager. -- Grant. . . . unix || die P.S. If you can't tell, I have very strong opinions on things. I've recently been stating that ARP is a layer 3 protocol, just like IP. (They both have their own EtherType and ride on top of the L2 Ethernet Protocol.) The only difference is that ARP is unrouted where as IP is routed.
Re: [gentoo-user] Printer
Hi all, Thank you for your messages. It's not easy to make a choice among the so numerous machines. Finaly I took the: HP OfficeJet 7612 Wide Format All-in-One Printer I hope it will give me satisfaction. Roger
Re: [gentoo-user] Printer
Roger Cahn wrote: > Hi all, > Thank you for your messages. > It's not easy to make a choice among > the so numerous machines. > Finaly I took the: > > > HP OfficeJet 7612 Wide Format All-in-One Printer > > I hope it will give me satisfaction. > Roger After you have used it a bit and made use of all the options, can you post back on what worked well and what didn't? Also, notes on any tricky setup problems may prove interesting as well. Thanks. Dale :-) :-)
Re: [gentoo-user] [OT] Best *SIMPLE* firewall?
On Wed, Feb 28, 2018 at 04:40:37PM -0700, Grant Taylor wrote > On 02/28/2018 02:15 PM, Walter Dnes wrote: > > Is there something besides iptables? > > nftables Assuming I just want filtering, could I emerge nftables and unmerge iptables and have a functional firewall? -- Walter Dnes I don't run "desktop environments"; I run useful applications
Re: [gentoo-user] [OT] Best *SIMPLE* firewall?
On Thu, Mar 1, 2018 at 8:48 PM, Walter Dnes wrote: > On Thu, Mar 01, 2018 at 12:58:44PM -0500, Tom H wrote >> On Wed, Feb 28, 2018 at 4:15 PM, Walter Dnes wrote: >>> >>> Is there something besides iptables? It seems to be like >>> systemd/perl/python, continuously expanding its scope. And no, I'm not >>> looking for an "easy-peasy front-end gui" that'll probably pull in 90% >>> of QT as dependancies. I fondly remember IPCHAINS. >> >> iptables doesn't depend on systemd, perl, or python. > > It has become an all-in-one router/packet-mangler/firewall/QOS/etc > when I simply want a firewall. The required kernel entries have > increased simply for the firewall functionality. Why should you care that iptables has many features that you might not use? There's at most one program on your system for which you use every single feature.
Re: [gentoo-user] [OT] Best *SIMPLE* firewall?
On 03/03/2018 05:55 PM, Walter Dnes wrote: Assuming I just want filtering, could I emerge nftables and unmerge iptables and have a functional firewall? Simplistically, yes. It's my understanding that iptables and nftables are two completely different firewalling technologies. So you will need to either write or find something to manage nftables for you. Is there a reason not to stick with simple iptables without anything fancy to manage it? -- Grant. . . . unix || die
Re: [gentoo-user] [OT] Best *SIMPLE* firewall?
On Sat, Mar 3, 2018 at 7:55 PM, Walter Dnes wrote: > On Wed, Feb 28, 2018 at 04:40:37PM -0700, Grant Taylor wrote >> On 02/28/2018 02:15 PM, Walter Dnes wrote: >>> >>> Is there something besides iptables? >> >> nftables > > Assuming I just want filtering, could I emerge nftables and unmerge > iptables and have a functional firewall? nftables is a replacement of iptables. It's not less featureful. https://wiki.nftables.org/wiki-nftables/index.php/Why_nftables%3F [ You'll have to learn a new runtime and config-file syntax ]
[gentoo-user] mono and stale files.
I did some neglected maintenance on my system today, cleared a few things out I then manually went crawling around in /usr/lib/mono and found 2/3rds of the stuff there was from 2014 =\ I unmerged mono, deleted the entire directory, then reinstalled mono. My pathetic reward for doing that was the test now passes one test that it had previously failed and now barfs the same barf (apparently) that other program I was trying to run does... So what else needs cleaning out. =\ tortoise /usr/lib # mono-test-install Active Mono: /usr/bin/mono Your have a working System.Drawing setup Unhandled Exception: System.TypeInitializationException: The type initializer for 'System.Console' threw an exception. ---> System.TypeInitializationException: The type initializer for 'System.ConsoleDriver' threw an exception. ---> System.Exception: Magic number is wrong: 542 at System.TermInfoReader.ReadHeader (System.Byte[] buffer, System.Int32& position) [0x00028] in :0 at System.TermInfoReader..ctor (System.String term, System.String filename) [0x0005f] in :0 at System.TermInfoDriver..ctor (System.String term) [0x00055] in :0 at System.ConsoleDriver.CreateTermInfoDriver (System.String term) [0x0] in :0 at System.ConsoleDriver..cctor () [0x0004d] in :0 --- End of inner exception stack trace --- at System.Console.SetupStreams (System.Text.Encoding inputEncoding, System.Text.Encoding outputEncoding) [0x7] in :0 at System.Console..cctor () [0x0008e] in :0 --- End of inner exception stack trace --- at Program.Main () [0x00033] in :0 [ERROR] FATAL UNHANDLED EXCEPTION: System.TypeInitializationException: The type initializer for 'System.Console' threw an exception. ---> System.TypeInitializationException: The type initializer for 'System.ConsoleDriver' threw an exception. ---> System.Exception: Magic number is wrong: 542 at System.TermInfoReader.ReadHeader (System.Byte[] buffer, System.Int32& position) [0x00028] in :0 at System.TermInfoReader..ctor (System.String term, System.String filename) [0x0005f] in :0 at System.TermInfoDriver..ctor (System.String term) [0x00055] in :0 at System.ConsoleDriver.CreateTermInfoDriver (System.String term) [0x0] in :0 at System.ConsoleDriver..cctor () [0x0004d] in :0 --- End of inner exception stack trace --- at System.Console.SetupStreams (System.Text.Encoding inputEncoding, System.Text.Encoding outputEncoding) [0x7] in :0 at System.Console..cctor () [0x0008e] in :0 --- End of inner exception stack trace --- at Program.Main () [0x00033] in :0 tortoise /usr/lib # -- Please report bounces from this address to a...@numentics.com Powers are not rights.
