[gentoo-user] Re: IPv4 & IPv6
Klaus Ethgen: >You might add the following line in /etc/gai.conf: > precedence :::0:0/96 100 > >instead of > precedence :::0:0/96 10 Interesting. That works. >Note that you need the full precedence-block if it is commented out. >Just change that line. All lines in /etc/gai.conf were commented out. I doubt that I ever heard of that file. Thanks. Still curious why the behavior changed yesterday. But only a little. :) Hartmut
Re: [gentoo-user] IPv6 and sysctl
On Sat, 28 Apr 2018 07:57:17 +0100 Klaus Ethgen wrote: Hi, ... but I does have an ipv6 question too. Currently I have the following in /etc/sysctl.conf: net.ipv6.conf.default.use_tempaddr=2 net.ipv6.conf.lo.use_tempaddr=2 net.ipv6.conf.eth0.use_tempaddr=2 net.ipv6.conf.wlan0.use_tempaddr=2 all doesn't have any effect, see [0] and [1]. So, no, that is not related to the problem. For some reasons I have ipv6 and tg3 (my eth0) as module. Unfortunately, the setting does not to be set. My guess is, that sysctl runs before loading of the network modules. Restarting sysctl service and network does work and gives me privacy extension. But not the standard boot. Any idea how to fix that? There must be a trustable way to set privacy extension. You can change to builtin by ‘CONFIG_IPV6=y’ – some basic settings can be made in "/etc/modprobe.d/ipv6.conf" if you want to keep it as module, see kernel doc "Documentation/networking/ipv6.txt". -- Regards, floyd
Re: [gentoo-user] Strange compile errors
On Saturday, 28 April 2018 00:37:30 BST Peter Humphrey wrote: > On Friday, 27 April 2018 18:43:27 BST Mick wrote: > > I haven't used genkernel to be able to advise, but this page explains what > > you need to do: > > > > https://wiki.gentoo.org/wiki/Intel_microcode > > > > However, you may find it makes no difference. Intel have announced they > > will not be bringing out updated microcode to address the GPZ > > vulnerabilities for any of their older CPUs. This has given me one more > > reason to never buy Intel again. > > Oh? What are your other reasons? :? Modern Intel CPUs are compromised by design: https://blog.invisiblethings.org/2015/10/27/x86_harmful.html Unfortunately AMD has also succumbed to similar proprietary and therefore secret security mechanisms built within their CPUs. POWER9 CPUs do not suffer from these afflictions and come with open source firmware, but a POWER9 system will cost you a significant amount of money and it is designed for the server market. For a typical budget constrained home user there is currently no choice other than buying knowingly inferior and insecure hardware. :-( -- Regards, Mick signature.asc Description: This is a digitally signed message part.
