Re: [gentoo-user] Postfix problem w/o network
Hi Neil, on Thursday, 2005-05-12 at 22:18:23, you wrote: > I'm running ~amd64 and ~ppc. I don't know if it's in the older > baselayout, but there are a lot of differences between testing and stable > baselayouts. My RC_NET_STRICT_CHECKING had been set to "no" already, and I don't have support for the other values yes. Gonna try the baselayout ~x86 now...so before, this was really impossible unless you edited your initscripts? thanx! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpVSpy8qg3fc.pgp Description: PGP signature
Re: [gentoo-user] Re: DSL modem + Web Server + Home Box
Hi Gabriel, on Saturday, 2005-05-14 at 23:07:25, you wrote: > I'm assuming you are using 255.255.255.0 as your subnet mask. If this is > the case, I don't know how to make it work -- but it's unnecessarily > difficult. Try to set up this: > > (INTERNET) >| > [ ?.?.?.? ] > [ DSL MODEM ] > [192.168.1.254] >| > [192.168.1.96 ] > [LOCAL SERVER ] > [192.168.2.1 ] >| > [192.168.2.97 ] > [ HOME BOX ] Right, tat would make more sense. However, with a PPPoE link it's not even necessary to use two NICs, For quite a while I had my system set up with one central SOHO switch feeding my server, my laptop, my wife's computer and the DSL modem. The other NIC in the server was exclusively for WLAN. Due to the PPPoE you have a virtual P2P link between the server and the modem that cannot interfere with the rest of your network. A packet from the net that is meant for, say, my laptop goes into the modem, out to the switch, from there, still PPPoE encapsulated, into the server (via eth0) which strips it of the PPPoE headers and passes it to pppd. Then it will appear on the virtual ppp0 interface, get routed as a regular ethernet packet back to eth0, out to the switch and to the laptop. On a 100Mbps ethernet the internet traffic going twice over the same cable isn't even noticeable. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgp3gIiDpJet6.pgp Description: PGP signature
Re: [gentoo-user] fallback dns servers
Hi A., on Thursday, 2005-05-19 at 13:59:38, you wrote: > > I know I can use quickswitch for that but I want something really > > automatic, [...] > > iface_eth0="dhcp" > > ifconfig_eth0=( "dhcp" "194.199.136.151" ) > > [...] > # esearch quickswitch Yeah, I guess he knew that ;-) I'm just wondering: where can I find info like the above? Reading the init scripts it's fairly obvious but also fairly tedious if I have to do this for every release. I'm quite sure it's not in any of the online manuals nor in the conf.d inline documentation...any Changelogs or something? -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpDWPXBqUBvS.pgp Description: PGP signature
[gentoo-user] Gentoo deployment scripts?
There's some SuSE-based workstations around me here I have to take care of. I guess they won't have to bear SuSE for much longer though. The alternatives I can imagine now are Debian and Gentoo. Personally I'd prefer Gentoo, but I don't feel like reinventing the weel by writing my own deployment scripts. There are not many different hardware setups, so I could do an initial install by installing one machine of each and then cloning its HD---the main problem is getting updates done without having to waste megawatthours on unneccessary compilation. I've seen people mentioning such setups here, so I guess somebody has developed the stuff I'd need already? I'd be thankful for any hint or pointer... cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgp8uZcXGJbJj.pgp Description: PGP signature
Re: [gentoo-user] Gentoo deployment scripts?
Hi Antonino, on Friday, 2005-06-03 at 19:42:48, you wrote: > This does not answer you question, but probably could be a partial > solution: have you considered cloning the hd of the 'first' machine > and then copying it to the hd of all the others? g4u for instance > could be used for this purpose Yup, that's what I've been doing with the SuSE boxes so far: install one, turn on auto-update via my own fileserver, then copy a compressed image to the fileserver using dd, gzip and ssh, and from there to all the workstations. The troubles don't start before you change anything in the config... cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpN3QDSkQZII.pgp Description: PGP signature
Re: [gentoo-user] Gentoo deployment scripts?
Hi Antonino,
on Friday, 2005-06-03 at 20:55:43, you wrote:
> So you're actually trying to reuse even the compilation work performed on
> the 'first' (let's call it 'master') machine and avoid compiling on all
> the others when you do an "emerge --update world" for instance?
That was my idea, or rather that's how I understood someone whose name I
forgot seems to have done it. Makes sense IMHO.
> If there were such a script that could copy the binaries and the new
> files to all the other machines I would probably not trust it! :)
Why? The total size of the shell/Python/whatever-scripts a simple
"emerge foo" triggers is probably over a meg, and it usually runs just
fine. Thinking about it, some simple parsing of emerge's output should
do something useful already:
emerge $package |
sed -n '/^>>> Merging $package/,/^ \* / {s/^[^ ] //; p}' |
while read f; do scp $f $somewhere ; done
I wouldn't mind adding another 500 bytes of Perl there :)
> I'd try to automate as much as possible the update process, possibly
> by keeping sincronized the configuration files of all the machines (but
> this is to be done on a per-file basis!!) and/or triggering an "emerge foo"
> on the other machines as soon as you do an "emerge foo" on the master.
> I must admit that I see this process difficult to "understand" and to
> debug in case of errors or misbehaviours
Yup. It's unlikely something should fail as long as all machines keep an
identical configuration, but glitches can still happen. So I'd have to
look through all the compilation logs...hm :-S We'll see.
cheers!
Matthias
--
I prefer encrypted and signed messages. KeyID: 90CF8389
Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91
pgp15ZC6BiYlp.pgp
Description: PGP signature
Re: [gentoo-user] Gentoo deployment scripts?
Hi Neil, on Monday, 2005-06-06 at 09:08:53, you wrote: > > Have you looked at buildpkg Matthias? I've used it before on similar > > machines. Seems to work ok. Granted, you can't just `emerge -upD > > world` on the "copies", but you may get away with minimal effort. > > You can if you use a shared PKGDIR and add -k to the emerge options. No, I hadn't lookt at this yet, but it seems easy enough, thanks! So it seems I could have one "master" where I change the configuration and build binary packages along the way, and all the other machines would just run "emerge -uDk" in a cron job...sounds easy enough. Then I could also get /usr/portage over NFS and wouldn't even have to emerge --sync on the workstations any more, right? Hm...the only remaining problem I can think of right now (I'm sure others will pop up once I try it ;)) is configfile management. A nightly removal of all the ._cfg* files plus some scheme to keep the configs in sync with an SVN server should do it. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpus7uRkh8YA.pgp Description: PGP signature
Re: [gentoo-user] photo management
Hi Grant, on Sunday, 2005-06-05 at 18:58:20, you wrote: > What do you guys use to manage your digital photos? Gtkam for downloading (my camera doesn't implement USB mass storage, otherwise I'd just mount it as I can do with my wife's), gqview for everything else. IMHO, Eye Of Gnome is fine as a one-shot viewer, but for collections, gqview's management functions come in very handy. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgp3Z5Iuam6AO.pgp Description: PGP signature
Re: [gentoo-user] [OT] Recovering vim/mutt email I was writing
Hi Grant, on Friday, 2005-06-17 at 09:07:48, you wrote: > I was writing an email using vim in mutt and I accidentally hit > ctrl+alt+backspace which exited X. Is there any way to recover that > email? Vim saves backups in *.sw?-files. Mutt's tempfiles are named /tmp/mutt-$HOSTNAME..., with ... being some numbers. So you should be able to recover the mail by looking for /tmp/mutt-*.sw? and then starting vim with the *original* filename (i.e. w/o the .sw?-Suffix). Then it will tell you it found a backup and ask if you want to recover. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpxU3uV8xj3O.pgp Description: PGP signature
Re: [gentoo-user] [OT] GPG keys, servers and signing
Hi Rumen, on Friday, 2005-06-24 at 22:26:35, you wrote: > >3) On the same note, I don't have a "Web of Trust"; my key is unsigned > >(naturally), and the keys I've collected from this list I have not dared > >to specify trust levels for. Should I be concerned about this, and take > >steps to rectify the situation with all due haste? If so, how would I go > >about that? All I've heard of are key-signing parties, which seem > >unlikely be a feasible option for me. > > > Think this is one of the main purposes of keyservers (to hold keys) ;) Well, they supply you the keys in an automatic way, but they don't resolve the trust problem. If you don't have any signatures on your key, the only way for somebody else to trust it is to make sure they got the key from you personally, or that you have confirmed its fingerprint over a secure (i.e. hard to forge, like telephone where you recognize the voice of somebody you know personally) channel. To be able to trust others is a little easier. You have to sign the key of some trust center after you have verified that it's genuine. For example, the "c't magazine trust center" I have a sig from on my key publishes a) its key on common keyservers, and b) the fingerprint in the magazine itself. For somebody else to put a forged key on a server *and* hack their prepress system to put his own fingerprint into the print version should be next to impossible, so that's pretty good proof of identity. Once you signed it and set it to full trust, you have allowed the TC to "introduce" people, i.e. you will automatically trust every other key *they* have signed. > >4) Clearly no one I am in contact with seems to really care if I sign my > >emails by default, but should I protect them from themselves and do so > >anyway? Are there any benefits to this good habit, especially since my > >key is unsigned anyway? > > > Using this proves your identity (email address from) Sort of. Of course somebody could just generate a key for your address, but for people you regularly exchange mail with it's still a good habit, as e.g. some worm sending mail with your sender address won't be able (nor, usually, willing) to sign its mail. Plus, it helps to remind people of the possibility... cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgptTlTjhYWvU.pgp Description: PGP signature
Re: [gentoo-user] Disk Backup From One Machine To Another
Hi Raphael, on Friday, 2005-06-24 at 15:27:02, you wrote: > I have one machine (Machine 1) that I need backup its files > periodically. I also have another machine (Machine 2) that will hold > the backup. Machine 2 can "see" (make requests to) Machine 1, but the > opposite isn't true. The network is covered by a firewall, so I don > need a paranoid solution. I was thinking about doing the following: > > On Machine 1, put it on the crontab to put netcat waiting for > requests, and when it did receive a request, dump the files. Like > this: [...] Hm, sounds feasible, although not really secure. Maybe it's not a concern in a switched network where nobody is supposed to know about ARP spoofing and stuff, but if you have a few CPU cycles to spare you could put the backup account's SSH pubkey on machine1, so you can log in w/o password and then run ssh machine1 "tar -jcf - /whereever" >backup.tar.bz2 on the backup machine. Or, if you don't mind some configuring, use amanda. It scales nicely to more machines should the need arise. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpnic1vaB2lk.pgp Description: PGP signature
Re: [gentoo-user] (OT) Freezing: does encryption become useless?
Hi Volker, on Sat, Feb 23, 2008 at 10:15:22PM +0100, you wrote: > > http://iht.com/articles/2008/02/22/technology/chip.php > > don't panic. Just because something works in a lab, does not mean that it > works outside of it too. So they were able to freeze some ram and get some > information of it. So what? First of all - how man times will someone be able > to steal a computer and freeze its ram seconds after it was shut of? Who > guarantees that the decayed parts are not the ones holding the key? even a > couple of flipped bits make the data useless. And who guarantees that the > dram survives the forces when it is cooled down in tens of seconds and heated > up (through the current) afterwards? I agree with the "don't panic" part but not your reasons for it. There is a real danger for *some* of us but it's fairly easy to circumvent for most. How often will someone be able to steal a computer with live key material in RAM? Well, how many laptops are being carried around suspended to RAM? A pretty large percentage of them I suppose. So far, if you didn't have a screen saver with an exploitable buffer overflow (very very unlikely) or an unprotected IEEE1394 port (unlikely on Linux today) the attacker's only chance to get at the data was to cut the power, boot some other media and attack the disk, and with AES or similar encryption that chance was not very good. Now you can leave the power on, dump a can of cooling spray on the SO-DIMM (they easily survive that, you can take your time with the power on), then take it out, drop it in liquid N and take it home (you could do that before of course, but it's widely know now ;) And a couple of flipped bits are no obstacle at all for a cryptoanalyst. A computer that can brute-force 10^11 keys a second needs an average of ~5*10^19 years to crack a 128 bit key. With 8 random flipped bits in an otherwise intact key it should come down to less than five days which I think is a pretty good gain. Makes it viable for people who might just be after some blueprints[0], not just the NSA with super duper UFO technology. So if you have sensitive data on a laptop, make sure you don't leave it in suspend-to-RAM where it could be stolen. If it's a stationary unsupervised machine it should have a good chassis intrusion alarm that cuts the power and/or overwrites memory. That's pretty much what people can do on their own nowif they think it's worth it of course. cheers, Matthias [0] That's not to say this couldn't be a Good Thing in the end what with all the patent BS going on. -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpeUEdX3mU0D.pgp Description: PGP signature
Re: [gentoo-user] Ghosting a Ext3 partition
Hi Mark,
on Tue, Mar 04, 2008 at 05:39:12PM +1300, you wrote:
>> {"Ghost" functionality]
>>
> I actually think that 'dump' will do what you want... provided you can
> choose a time when the machine is not busy (should be easy if it's your
> desktop!). You have to do 1 dump per filesystem, but many desktop
> installations only consist of / (+ maybe /boot) anyway. Also dump of a 80Gb
> system that only uses 5Gb will produce a 5Gb image Also it can do
> incremental an cumulative backups.
>
> Some friends of mine use Amanda to backup their (Redhat/Centos) servers,
> that may worth looking at too.
Amanda is very versatile but it can be a bitch to configure and is IMHO
only really worth it for larger installations with at least more than
one machine and preferably a backup server. But it can also use dump(1)
internally. I didn't really follow the thread but it seems dump has a
problem with busy file systems? I used amanda with dump on several
machines for a few years and never had any so it should be fine for a
desktop.
One method I used for getting the image size down (but which is no good
on a live system) was to use "dd if=/dev/zero of=dummy bs=1M" to quicky
write a file of zeroes that would fill up all free blocks, then dd the
whole partition through gzip that would just compress away the free
blocks. Works fine for install images but only when the disk is not
mounted r/w during imaging.
cheers,
Matthias
--
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665
pgpBvicFEwTCR.pgp
Description: PGP signature
Re: [gentoo-user] The device-mapper init script is written for baselayout-2
Hi Stroller,
on Fri, Mar 07, 2008 at 12:51:04PM +, you wrote:
>> Since I'm not real sure what this package does, I am unsure if I
>> should just unmerge and re-emerge it (perhaps at one time I ran the
>> ~x86 version and so I have a mixture?)
>
> I'm not sure what this does, either. Someone may come along in a
> moment with better advice, but as a first step I'd `equery b
> /etc/initi.d/device-mapper`. If it says that device-mapper doesn't
> belong to any of your current packages then I think you can safely
> (remove it from the default runlevel and subsequently) delete it,
> otherwise I'd reemerge the package to which it belongs.
Baselayout has a bunch of init scripts and utilities that all the other
init scripts need, plus /etc/conf.d stuff ("equery f baselayout" can
tell you what exactly). You certainly don't want to unmerge that if you
ever plan to reboot your system.
I'm not 100% sure about the device-mapper script but I ran into the same
question when I installed my new amd64 system these days. The x86 one
didn't have it when I started using encrypted homes so I hadn't noticed
it appeared in one of the latest dm-crypt versions. It looks like they
just split off some functionality Baselayout-1 has in localmount and
checkfs into its own script. Just ignore/remove it for now, there will
probably be a fat warning when Baselayout-2 turns stable and you have to
re-add it.
cheers,
Matthias
--
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665
pgpgWdYUrQfMZ.pgp
Description: PGP signature
Re: [gentoo-user] Status of Gentoo
Hi Iain, on Wed, Mar 12, 2008 at 04:53:40PM +0930, you wrote: > I just installed Gentoo on a quad-core dual-cpu Xeon E5420 > (2.50GHz). 8Gb RAM, 800Gb raid. It's not mine - I've only convinced > the sysadmin to let me play until it needs to be used for something real > (what a waste to have those cpu's doing nothing, I thought, so let's > install Gentoo :) FSC made a mistake with their price lists for us these weeks, they seem to have deducted academic institution discount twice---and as they have to give 30 days notice upon raising prices according to their contract with university, they couldn't just correct it right away. Guess who got himself a machine pretty much like that... scnr, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpk88T4GeVHo.pgp Description: PGP signature
Re: [gentoo-user] Re: Nvidia GeForce Go 6800 and nvidia-drivers ==> Cannot switch to ttys or close X
Hi 7v5w7go9ub0o, on Thu, Mar 13, 2008 at 12:09:15PM -0400, you wrote: > Help, please! I'm thinking of building a new box: asus p5e/intel core2 > quad. I had thought of getting an NV. Would ATI be the better choice? As far as I've heard, all proprietary graphics drivers on Linux suck but NVidia's suck a little less. I've had big stability problems as well with 169.09-r1 on an el-cheapo GeForce 7300 but 169.12 has been rock solid for about a week now. At the speed any modern chip runs at, I don't feel the need for any framebuffer tricksi any more---the console runs in regular 1980s VGA 80x25 text mode which is fine for the boot process, after that I use gnome-terminal in fullscreen mode which looks just like a framebuffer console but with full unicode support and everything. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpb9viY8caea.pgp Description: PGP signature
Re: [gentoo-user] Re: Nvidia GeForce Go 6800 and nvidia-drivers ==> Cannot switch to ttys or close X
Hi andrea, on Fri, Mar 14, 2008 at 08:53:53AM +0100, you wrote: > > I've had big stability problems as well > > with 169.09-r1 on an el-cheapo GeForce 7300 but 169.12 has been rock > > solid for about a week now. At the speed any modern chip runs at, I > > don't feel the need for any framebuffer tricksi any more > > Well, I don't use any login manager, so when I close my X session I'd > like to be back in a working console. Do you actually do work there that you can't do while X is running? Because ye olde VGA should work in any case and it's good enough for entering "startx" or watching the machine resume from disk ;) > I'm guessing if there is alternative driver that gives Nvidia 3D accel, > (like for ATI I can use radeon instead of fglrx). > > I don't care too much about performance (no desktop 3D effects or > composite are needed) and I'm not a game player. BTW I'd like to have > applications requiring 3D (such as googleearth) just working. AFAIK the open source "nv" driver has only 2D accel, and I haven't been able to get GLX working with it. I guess it's possible using MESA's software rendering somehow but as the latest nvidia driver works fine for me I haven't investigated any further there. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpwATuEz7ks4.pgp Description: PGP signature
Re: [gentoo-user] set xdm to start after agetty
Hi Thanasis, on Friday, 2007-09-28 at 22:41:52, you wrote: > How can we set the xdm/gdm not to start before the agetty processes > (during the boot phase)? Have a look at the depend() function in /etc/init.d/xdm. It specifies what should be started before xdm, so adding agetty to an "after" line in this function should do it. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpVebALK5VQz.pgp Description: PGP signature
Re: [gentoo-user] Backups
Hi Grant, on Saturday, 2007-09-29 at 16:28:36, you wrote: > Do you back up hidden files and directories in the home directory? > There seems to be a lot of junk in there. Does something like > '--exclude "/home/user/.*"' work with tar? It certainly does, but I'm quite sure it's not what you want. For me at least losing all my carefully customized stuff in .mutt, .gnupg, .bashrc, .vim etc. would suck asinine reproductive glands. It's usually all text anyway that compresses very well. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpGkHKAShE1p.pgp Description: PGP signature
Re: [gentoo-user] Re: [OT]advice for a wireless router
Hi Dan, on Sunday, 2007-10-28 at 18:30:17, you wrote: > Of course you can build a low-power system and probably get by without > any fans at all if you're clever, and if you outsource the hard drive > to another computer you get a fairly low power design that's silent. > > But not nearly as low power as an integrated device. > > Or as small. The one that probably comes closest is a VIA Cx system. I got a Cobalt Cube a while ago to replace my current guzzler of a server (old HPPA workstation) and to experiment with other unusual CPUs a bit, and while it's pretty, small, low-power and rather quiet, it's also quite slow. So I've just ordered a passively cooled 800 MHz VIA C7 nanoITX board to replace the MIPS hardware in there and get something that can handle HD encryption and Samba at a decent speed on top of the routing. The plan is to build the syatem on HD and move it to a CF card later so I can spin down the big HD when it's not in use. If it works out it will be a damn neat system, but anyway it's still four times the size of a WRT54 and consumes twice the power. That's the most powerful chip I've found in the 20-30 watts-per-system range though, all the recycled stuff I've run so far doesn't even come close. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpXEjrI4nVT6.pgp Description: PGP signature
Re: [gentoo-user] FIXED!! Re: Can't emerge xfce4 with installed lprng. But ran out of inodes. :-(
Hi Dale, on Fri, Jul 25, 2008 at 03:44:54PM -0500, you wrote: > How do you run out of inodes anyway? I use reiserfs for most partitions > except /boot and portage. My /data partition has 75,000 files and 3,600 > directories. No problems so far but not near as many files as you have. You can adjust the number of inodes to create at mkfs using -i, -N or -T which are just different ways of doing the same thing. Lowering the number of inodes wastes less disk space if you know you're not going to write many files anyway. This feature bit me once when I set up a -Tlargefile4 partition (i.e. one inode per 4 MiB of disk) for videos. As it happens, I had to misuse it for backups at some point and was very puzzled when df showed 3% used space but even "touch" gave me a "no space left on device" error. tarring the stuff I had planned to just copy solved it and would prolly have been faster in the first place :) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpvA54BVEYxS.pgp Description: PGP signature
Re: [gentoo-user] Gentoo x86 to AMD64
Hi Anthony, on Fri, Aug 22, 2008 at 04:01:42PM +0100, you wrote: >I have two theories about how to go about this.no1, install esx 3i > on a spare drive, make a 32bit Linux guest and point it's drives at the raw > partitions I have now :) no2, alter make.conf to 64bit flags, and emerge -e > world --buildpkgonly then reboot into a 64bit live cd, and emerge -e world > --usepkgonly which should give me a working systemObviously the kernel > and network drivers would also need rebuilding at this point again > >Will no 2 work? I'm not sure I understood #1 correctly but it sounds like neither will work. Going 32->64bit (or vice versa) always requires a fresh install. What I *think* you could do to reduce the hassle of updating all your configs is to start off with a partition with your 32bit system on it and use that for the regular Gentoo install procedure, i.e. slap the tarballs on top and then do all the emerging. But it would certainly leave some garbage around in /lib etc. so I wouldn't recommend it. If you didn't actually change the hardware so you don't have to reconfigure your kernel and stuff, a fresh install using your old world file shouldn't take more than a day. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpUICGvv1mya.pgp Description: PGP signature
Re: [gentoo-user] RAID with mixed drive sizes
Hi Florian, on Wed, Aug 27, 2008 at 10:29:07PM +0200, you wrote: > Note1: NEVER EVER build some kind of RAID other than "Linear" (also called > JBOD) over two IDE disks on the same cable. Performance will suffer greatly > as will security because most simple onboard controllers can't handle a > dying disk and that one might take the other one with it into death. Your suggestions sound reasonable (as reasonable as you get if one insists on going with the drives that are there instead of getting a third 500G drive that is :) [and for RAID5 I'd add a cheapish SATA controller as well]) but I wonder why the above should be better than a RAID0. The risk is the same---if either disk dies, the partition is fuct. And considering drive mechanics are still the slowest part of the system, even two EIDE disks that tend fight for the bus should be a tad faster when striped than any one alone, which is what you effectively get in a JBOD, right? cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpsEEEAL8173.pgp Description: PGP signature
Re: [gentoo-user] package.use update
Hi Mick, on Sat, Aug 30, 2008 at 01:51:18AM +0100, you wrote: > Did you see this today? > > # etc-update > [...] > File: /etc/portage/._cfg_package.use > [...] > What is it about? No, I didn't see it, but it looks like some package moved to another category or got renamed so portage patched package.use for you. Try dispatch-config, preferably with vimdiff and perhaps RCS support, it makes maintaining your config so much easier than etc-update. I can't remember any case where it wasn't just fine to just accept the changes though. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpIUtLxhKhUN.pgp Description: PGP signature
Re: [gentoo-user] RAID with mixed drive sizes
Hi Florian, on Sat, Aug 30, 2008 at 11:55:14AM +0200, you wrote: > Hmm, you might be right. Maybe someone should do a field test. I think we have a candidate here on the list... ;) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp0nVPJOX7m8.pgp Description: PGP signature
Re: [gentoo-user] Partition schme question
Hi Alan, on Wed, Sep 03, 2008 at 08:57:42AM +0200, you wrote: > These days the entire concept of a "cylinder" is a mere abstraction to make > tools like fdisk work in a sane manner. Of course not. The disk is physically organized in cylinders, that's the structure dictated by the mechanical design. That a disk controller is theoretically free to map cylinders and sectors to whereever it pleases doesn't mean that there wasn't a direct relationship between cylinder number and physical location on the platter in the vast majority of non-broken (i.e. cylinder-remapped) disks. With many HD tests in magazines you get a cylinder-vs.-transfer-rate plot and it still mostly matches the old rule. I suppose not even firmware hackers are really eager to make things more complicated than absolutely necessary :) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpPX11oU6Z07.pgp Description: PGP signature
Re: [gentoo-user] Partition schme question
Hi Alan, on Wed, Sep 03, 2008 at 02:17:07PM +0200, you wrote: > However, it does make the most sense to keep fdisk's cylinders in some sort > of > sequential order, so low numbered cylinders will in all probability end up > near one edge and high numbered cylinders at the other edge. > > I strongly suspect that you know this also, and we actually do have the same > understanding of how it works :-) Yes, now I'm pretty sure we do ;) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpsxKnBADWl8.pgp Description: PGP signature
Re: [gentoo-user] I am a "f*****g retard". Can you help me?
Hi b.n., on Mon, Sep 15, 2008 at 10:26:56PM +0200, you wrote: > Seriously: can someone more skilled than me explain why using > --resume-skipfirst and then trying to solve the unmerged packages is/can be > a bad idea? How can this break the system? Frankly I have no idea. I've heard that argument many times in the Paludis discussions but never even an attempt at an explanation that went beyond "it breaks your system". My understanding is that you can have two kinds of situation if an upgrade fails: a) the failed package is not a dependency of any other package b) the failed package is a dependency of at least one other package In case a) you get to keep the old version, no problem. In case b) the package that depends on the failed one can b1) work with the old version b2) require the upgrade (and say so in the ebuild) In case b1) things will continue working just fine. In case b2) you'll get another failed emerge as portage will notice the unmet dependency, so you get to keep the old version, no problem. Did I miss anything? Sorry, no flowers today. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp6nMHlYcdp9.pgp Description: PGP signature
Re: [gentoo-user] I am a "f*****g retard". Can you help me?
Hi Vaeth, on Tue, Sep 16, 2008 at 01:34:31AM +0200, you wrote: > The problem is that after failing of a package, portage does > not recalculate the dependencies, i.e. it will attempt to install also > those packages which depend on the failed package. OIC, so that was what I missed :) Somehow the thread got split up and I missed your answer. > In the presence of a --keep-going option, it is now fortunately not > necessary anymore to weight the pros and cons. Of course, to insult > somebody just because he weighted the pros and cons differently is beyond > any acceptable limit. ++ I'd say "reimplement it properly" (i.e. check the deps) is always the better approach than "the old implementation is b0rken so let's declare the functionality so and not reimplement it at all". cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpdXEs5w8z7Z.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Neil, on Tue, Sep 16, 2008 at 04:59:39PM +0100, you wrote: > > Except that this is not completely true: See some of the many articles > > in the net which explain why NAT is not a security feature. A quick > > google search gave e.g. > > http://www.nexusuk.org/articles/2005/03/12/nat_security/ > > "So the router maintains a database of current connections so that traffic > is always allowed through for them, and you can tell it to filter all new > connections made from the internet whilest allowing all new connections > made from inside the local network. This means that noone can make a > connection from the internet to one of your workstations, even though > they can route to its address." > > If the relevant ports are not forwarded in the router, this applies and > no one can make a new connection to your rsync server. I don't even see why you'd strictly need connection tracking to avoid attacks made possible by grossly misconfigured ISP routers. Your router knows that packets with a destination address of 10/8, 192.168/16 and the like have absolutely no business on the public internet so the only sensible behavior would be to just drop them. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp79947zvasg.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Vaeth, on Tue, Sep 16, 2008 at 07:14:48PM +0200, you wrote: > > In addition, the default rsyncd configuration with Gentoo uses a chroot > > jail. > > Also a chroot jail is not a security feature: There are several ways known > how to break out. Huh? In the case of NAT it's reasonable to say it's not a security feature---it's a kludge that happens to increase security somewhat in the standard case. But there's only one reason I can see why you'd use a chroot environment *except* for security and that's to have more than one set of system binaries active at the same time for different applications. Which is normally a pretty bad kludge in itself (not that I hadn't done it, to avoid endless library woes on a Debian system that absolutely must be kept on Woody... :-S), I'd say the vast majority of chroot jails are there for nothing else but security. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpX7qEZAEROh.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Vaeth, on Tue, Sep 16, 2008 at 07:54:43PM +0200, you wrote: > > I don't even see why you'd strictly need connection tracking to avoid > > attacks made possible by grossly misconfigured ISP routers. Your router > > knows that packets with a destination address of 10/8, 192.168/16 and > > the like have absolutely no business on the public internet so the only > > sensible behavior would be to just drop them. > > This also requires a special kind of router: Namely one which has a > physical way of distinguishing between the "dangerous" connection to > the net and your local network (if they are dynamic, this can also > sometimes be tricked). Of course, combined router/modems have this > separation practically "by definition". I can only recall one router where this wasn't the case, my first weird and wonderful DSL line in the Philippines :D Normally, why bother routing if you can just physically connect the thwo networks and have their traffic intermix? > However, in any case it requires that the functionality you mention is > implemented on the router and has no bugs and that the router cannot > be compromised by other means. Sure, if your router is compromised you're fuxx0red anyway. I was just saying that in any halfway sane router these NAT problems are not an issue. And with many routers running Linux today so you can even get a shell and check iptables... :) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpC3gaCIfo8p.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Vaeth, on Tue, Sep 16, 2008 at 08:36:28PM +0200, you wrote: > > > Also a chroot jail is not a security feature: There are several > > > ways known how to break out. > > > > [...] But there's only one reason I can see why you'd use a > > chroot environment *except* for security and that's to have more than > > one set of system binaries active at the same time for different > > applications. > > Or simply several systems (e.g. amd64 and x86, or gentoo and debian, > or your boot disk and your newly installed system [the install handbook > makes massive use of chroot]). This is exactly what chroot was made for. Sure, that's why I kept it as general als "more than one set", be it a different architecture/vendor/purpose/whatever. > > I'd say the vast majority of chroot jails are there for nothing > > else but security. > > Alan Cox: "chroot is not and never has been a security tool", see e.g. > http://kerneltrap.org/Linux/Abusing_chroot No disrespect to Mr. Cox but a silly argument stays a silly argument even if brought forward by Alan. Programs like postfix certainly don't use chroots for security because they were designed noobs or incompetent people. Alan acknowledges that "Normal users cannot use chroot() themselves so they can't use chroot to get back out" but insists on his point, completely ignoring that doing a chroot() immediately followed by dropping your root privileges is exactly the recommended way to use it for security. That's not to say that setting up a vserver for each of your programs exposed to the net wasn't *more* secure than a chroot if you want to do it but it's certainly a whole lot more secure if used properly than not doing it at all. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpO5vRqjdOl0.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Vaeth, on Wed, Sep 17, 2008 at 09:49:08AM +0200, you wrote: > > [...] that in any halfway sane router these NAT problems are not an > > issue. And with many routers running Linux today so you can even get a > > shell and check iptables... :) > > We are obviously talking about a different price category of routers. > Most routers people use here in Germany for home systems are from their > ISP, and they are usually proprietary implementations [...] Huh? I don't have a good overview of the market here but the ISP I work at uses only FritzBox routers which run a fine Linux, and as far as I know so do most of T-Com's Speedport models which should be the most widely used in Germany. Not that it was significantly cheaper than a FritzBox or a WRT54... cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpJ76v2Z1nkR.pgp Description: PGP signature
Re: [gentoo-user] Is there a way to automate rsync of updated portage tree across multiple boxes without each having to pull it down from a gentoo mirror
Hi Vaeth, on Wed, Sep 17, 2008 at 10:40:47AM +0200, you wrote: > > > Alan Cox: "chroot is not and never has been a security tool", see e.g. > > > http://kerneltrap.org/Linux/Abusing_chroot > > > > No disrespect to Mr. Cox but a silly argument stays a silly argument > > even if brought forward by Alan. Programs like postfix certainly don't > > use chroots for security because they were designed noobs or incompetent > > people. > > I did not cite the webpage because of the insults but because it shows > how much the kernel programmers are interested in closing possible ways > to break out of a chroot as root > : not at all, because they think it is ok. > That's why I said that _only_ with grsecurity a chroot _might perhaps_ > be considered as a serious security measurement (but in fact, people > which really need chroot to run binaries from two systems cannot activate > these security enhancements). Sure, you can't expect that the Debian-loving friend you gave root on your Debian-chrooted-on-Gentoo system will stay confined to that chroot. Big deal, just don't do it. That's not what any sane person would recommend chroot for anyway. > > Alan acknowledges that "Normal users cannot use chroot() > > themselves so they can't use chroot to get back out" > > Yes, _this_ method of breaking out does not work without additional > exploits like privilege escalation. (grsecurity closes a lot more methods; > I did never reasearch which tricks might perhaps work as a user). > But if everything works as it should, just running with low privileges > does not make much of a difference than running with low privileges in > a chroot: In any case you should only have access to those data which > the privileges allow. ...which is usually pretty much everything in the bin directories, a lot of stuff in /etc, and most importantly a shell. In a non-chrooted program, an attacker who can exploit a bug can simply bind /bin/sh to a port, run netcat, even use your compiler to prepare the next steps for perhaps a local privilege escalation. In a chroot, nothing of the sort is possible, you're limited to what you can do in your injected code. > (Admittedly there is a _slight_ increase in security: You might now be > safe of ways of privilege escalation by bugs in certain > SUID-programms). ...plus safe from most information disclosure that would otherwise be possible. > > That's not to say that setting up a vserver for each of > > your programs exposed to the net wasn't *more* secure than a chroot > > That's a different topic, but a vserver might also even be more > dangerous than doing nothing, because it has to be implemented (of course) > with the highest available privileges, and so you have an additional > risk of bugs (i.e. possible exploits) of the vserver - and in such a > case the attacker has immediately the highest privileges. That's true, I just mentioned it because that's what Alan mentioned as the true security tool. > > but it's certainly a whole lot more secure if used > > properly than not doing it at all. > > ...as is the usage of NAT as a "security feature". > Of course, saying that using NAT or using chroot would not increase > security at all would be a lie. But it is better to emphasize the > dangers than to support the common misbelieve (as Alan alrady pointed > out) that by using it there is no risk that "closed" ports can come > through or that no other data than those in the chroot can be accessed. Alan would probably emphasize the dangers of a seat belt and say competent people used it only to keep their shopping bags from falling over and not as a security tool because if you don't use it the recommended way you can strangle yourself with it =^> > Remember the starting point of the discussion: The statement "rsyncd uses > chroot, so an attacker can do nothing bad" is just false. Except that statement wasn't Neil's. To quote it correctly: | In addition, the default rsyncd configuration with Gentoo uses a chroot | jail. So even if you do allow connections to your portage tree, they | won't be able to access anything else. To summarize: for an attacker to be able to compromise a chrooted rsyncd behind a NATting DSL router: a) your ISP has to have a router configuration b0rked beyond belief b) the attacker has to be aware of that and be able to distinguish between your traffic and that of several hundred others that will respond to his packets to 192.168.x.x c) your router has to have a serious security hole d) rsyncd has to be exploitable e) your kernel needs to have a local privilege escalation bug Now if that risk is worth the more complicated configuration using rsync over ssh, I'm really not sure...I think I'd rather spend the time on folding tin foil hats for the upcoming attack from Mars ;) cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpEIWGy6o0sA.pgp Description: PGP signature
[gentoo-user] It's the Mind!
On Fri, Sep 19, 2008 at 06:40:58PM +0200, Joerg Schilling wrote: > It seems that you missunderstand things. The people behind cdrkit are on a > crusade against free software. Good evening! Tonight on "It's The Mind" we'll examine the phenomenon of déjà-vu. -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpokOxRYuEmH.pgp Description: PGP signature
Re: [gentoo-user] epiphany & flash
Hi Erik, on Thu, Sep 25, 2008 at 05:34:11PM +0200, you wrote: > Chances are Epiphany is more stable *because* you don't have Flash in > it - it often causes Firefix to crash. Likely. Pretty much the only reason of FF3 crashes here. > I recommend to either try one of the open source alternatives or > install Flashblock [1]. Note however that this can make flash even more unstable in combination with other blockers like NoScript. I had Flashblock installed since the time when NoScript didn't have this functionality and it caused FF to crash 90% of the time I manually started a YouTube video. Since NoScript can do it, I got rid of Flashblock, whitelisted a few sites and have since had FF uptimes of weeks again. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpNKLvBciC0d.pgp Description: PGP signature
[gentoo-user] OT: Python (was: package.keywords syntax?)
Hi Albert, on Thu, Oct 30, 2008 at 03:11:04PM -0400, you wrote: > ... but Jorge is right. This is easily picked up by a lint tool... and > good python programmers use them ;-). Some python-aware editors even > have this functionality built in. Whow...I've been out of Python long enough to totally forget that you *needed* to do this. In Perl, the "use strict" you find at the top of every well-written script does it at compile time. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpW5p5UNElJT.pgp Description: PGP signature
Re: [gentoo-user] limit maximum memory size of any process
Hi Zhang, on Mon, Nov 03, 2008 at 06:24:00PM +0800, you wrote: > I hope I can configure the system so that any process uses more than 50% > of memory are automatically killed. first I was recommend to use ulimit > by googling around. However this seems doesn't work even if I set both > -d and -m (here is my .xinitrc) > > ~$ cat .xinitrc > #export [EMAIL PROTECTED] > #fcitx & > ulimit -d 30 > ulimit -m 300 > exec /usr/bin/fluxbox > > > Result: OpenOffice stands still even when it takes 80% memory (read from > top). > So: is ulimit the solution? If so, what option should I set? I interpret the above as "use a maximum of 300,000 KiB of memory, of which 300 may be resident (i.e. in physical memory) and 299,700 swapped out." That doesn't sound good, although I'm not sure I'm reading it correctly. What I do is use /etc/sercurity/limits.conf (from pam_limits) with a couple of entries like those: | @users hardnproc 1000 | mb hardnproc 5000 | @users hardas 2097152 | mb hardas 6291456 | mb hardnice-5 | mb hardrtprio 5 Meaning, everyone but me (mb) may use up to 1000 processes per login, with a max. address space of 2 GiB each; for myself the limit is 6 GiB and 5k processes. Myself I cannot accidentially set a negative nice-value because I left the soft limit at its default (0 for non-root users) but using ulimit I can set it to the hard limit of -5 and nice-up processes even as a normal user. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpRLx3YFB6kP.pgp Description: PGP signature
Re: [gentoo-user] limit maximum memory size of any process
Hi Zhang, on Tue, Nov 04, 2008 at 03:30:55PM +0800, you wrote: > > I interpret the above as "use a maximum of 300,000 KiB of memory, of > > which 300 may be resident (i.e. in physical memory) and 299,700 swapped > > out." That doesn't sound good, although I'm not sure I'm reading it > > correctly. > > Sorry, it seems I used these parameter without care. I guess I only need > to set physical memory limit, a.k.a. resident memory. Yes, that sounds reasonable. Remember it's in kilobytes so that would be 30. > OT: I don't know why I have > max locked memory (kbytes, -l) 32 > But it has been like that before I set ulimit. "Locked memory" is memory that a process has protected against being swapped to disk. The best-known example is the memory gpg uses to store keys and passphrases, it would be pretty bad if it got swapped and someone could find your unprotected key on the disk later, so gpg tries to lock this memory in RAM. > I don't have a file called /etc/sercurity/limits.conf and neither can I > find information about it by using 'man limits.conf'. Further I couldn't > find a package called pam_limits to emerge. Can you give me some clue which > package I should emerge in order to set limits.conf ? The pam_limits module is part of the standard PAM distribution, here it's sys-libs/pam-1.0.1. Maybe just re-emerge it? cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpLO2liwse9h.pgp Description: PGP signature
Re: [gentoo-user] 4 port ethernet card support
Hi James, on Thu, Nov 06, 2008 at 06:30:57PM +, you wrote: > ANA-6944A/TX > [...] > Not very useful. Why not just ask Google for ANA-6944A and Linux? It turns up stuff like this: http://www.freelabs.com/~whitis/hardware/quartet.html which suggests it might work with the Tulip driver. For grepping the sources, a much better guess than the model is the PCI ID. cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpjshRNrJYiq.pgp Description: PGP signature
Re: [gentoo-user] Crossdev won't go away
Hi Peter, on Mon, Nov 10, 2008 at 10:50:32AM +, you wrote: > I'm still having a bit of bother with crossdev. If I emerge -upDvtN world I > get this warning (omitting the N makes no difference): > > !!! The following installed packages are masked: > - cross-i686-pc-linux-gnu/linux-headers-2.6.23-r3 (masked by: ~amd64 > keyword) I had a similar issue just recently when I built a crossdev environment for ARM on an amd64 system. I'm not exactly sure how it happened any more but I suppose it has to do with a later version of linux-headers being stable for the platform you want to crosscompile for than for your native one. Which isn't the case when I look now, perhaps the keywords have just been updated? For me, installing crossdev with -s1 helped, I'm only compiling for an embedded system anyway so I don't need the headers. Maybe just try again after an rsync? cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp1iXDp0g5n1.pgp Description: PGP signature
Re: [gentoo-user] mutt + gnupg
Hi Michael, on Tue, Nov 11, 2008 at 09:39:59AM -0500, you wrote: > Now I run gpg-agent in my .xsession, with the GPG_AGENT_INFO variable being > inherited by Mutt, but signing email doesn't work, as gpg says there's no > secret key available. Do you have "set pgp_use_gpg_agent=yes" in your muttrc? Works fine here, though I don't remember what I changed in the last year when gpg started to need the agent, if anything. If that's not it, I can just mail you my config as well... cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpSI2yRB4vpQ.pgp Description: PGP signature
Re: [gentoo-user] Performance problem at writing big files and Multitasking
Hi Daniel, on Saturday, 2007-02-10 at 12:49:14, you wrote: > I will give short overview what i have tried so far. > > 1. Trying different I/O Scheduler ( cfq anticipatory and deadline) > 2. Enabling Low latency kernel and Preemptible kernel > 3. Setting 1000 HZ for timer frequency > 4. Tried the new kernel 2.6.19-gentoo-r6 and even the testing version > 2.6.20-gentoo with core 2 enabled in processor type Oh, so it is a multicore CPU---sorry if you mentioned it already, I had deleted the start of the thread already when I read Benno's advice. In that case, try 100 Hz scheduling period as well. I've had very bad experiences with I/O and 250 Hz or higher on a dual Xeon. My guess is that it was a cache effect and therefore shouldn't happen on the Core2Duo, but it might still be worth a try. > As i am using Xfce i installed the diskperf-plugin which monitors disk > I/O. The monitoring is divided in disk-read and disk-write. > I recognized that every time when reading stops writing starts. So is > this staggering of writing to disk normal as the programs have to read > data they want to write to disk? On my previous machine i didn't > recognize such a behaviour. So you're reading and writing from/to the same disk? I'd expect that behavior then, because the I/O scheduler tries to satisfy requests with as little thrashing as possible. So if there are enough write requests queued up it may keep the HD busy writing for a while before reading the next chunk from somewhere else. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp1cmbiVv67p.pgp Description: PGP signature
Re: [gentoo-user] Beagle eating up Resources!! (BEagled-index-helper)
Hi Ow, on Tuesday, 2007-02-27 at 18:09:13, you wrote: > Does anyone here knows if beagle really sucks up resources?? I just > emerged it a week ago and I'm getting very pissed off at it as it's > using a lot of resources. The laptop doesn't get much idle time. I was under the impression that this was its raison d'être...? An Apache project perpetr^Wported to .NET can't be anything but a resource hog. It looked pretty interesting when they included it with the SuSE we use @work so it got installed on a few boxes, but seeing what it did to these 2800 MHz P4s put it on top of the list of things to be disabled before rollout. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpP5NZp5Jcza.pgp Description: PGP signature
[gentoo-user] NFS vs. jumbo frames
I've been fiddling with this for some days and can't but assume it's a bug in one of the Gentoo patches to either the kernel or NFS tools: Basically, NFS locking breaks as soon as I enable jumbo frames on both server and client. touch foobar flock foobar ls works fine in my NFS-mounted home with an MTU of 1500. An MTU of 9000 is great for general net throughput so I wanted to use it on both the server and the clients, but the above sequence hangs indefinitely when I try. I'm aware flock() isn't supposed to work correctly with NFS anyway, but all kinds of stuff depends on it at least pretending to. The strange thing is, SuSE 10.1 as a client works fine with jumbo frames, just my Gentoo box doesn't. I tried enabling nfs_debug with sysctl and sniffing the wire with tcpdump and wireshark but with my pretty basic knowledge of NFS workings I didn't spot anything conspicuous other than that lookup(msbethke/foobar) nfs_update_inode(0:18/3424742 ct=1 info=0x6) nfs_fhget(0:18/1081970 ct=1) permission(0:18/1081970), mask=0x4, res=0 seems to be the exchange after which the hang occurs. Our server is running 2.6.18-hardened-r6 and nfs-utils-1.0.12. The clients are mostly SuSE 10.1 boxes with kernel 2.6.16.21-0.21-smp and nfs-utils-1.0.7-36 while my workstation has 2.6.20-gentoo-r6 (was linux-2.6.19-gentoo-r5 before) and the same ns-utils as the server. -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0m A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpVv5f4MJwd6.pgp Description: PGP signature
Re: [gentoo-user] NFS vs. jumbo frames
Hi kashani, on Monday, 2007-04-23 at 11:11:40, you wrote: > >It sounds like Gigabit Ethernet to me. Yes, that's it. > Keep in mind that not all fastE or gigE switches support jumbo frames. > Additionally not all cards support jumbo frames either though you can > certainly set them to an MTU of 9000 and watch things break. I had that problem before with the Server's onboard Broadcom chip; fortunately it just breaks completely when you up the MTU :) Now I installed an Intel 82545GM card that officially supports jumbo frames and that I haven't heard anyone complain about. The clients all have the same 82547EI onboard chip. > To the original poster, I'd do some googling and verify that all the > network cards and switches involved can do jumbo frames and that it is > enabled on each device as needed. Check. The switches are HP ProCurve 2824 supporting up to 9216 bytes per frame, and I checked the config several times. Jumbo frames are enabled on all ports, and it's a rather basic config anyway, no VLANs 'n stuff, no voice LAN features, just switching. And for everything else but NFS locking it does work fine. A plain netcat from /dev/zero to /dev/null goes from some 35 MB/s at an MTU of 1500 to over 80, ssh does very well, and even NFS file operations other than locking work. I have googled for quite a while but can't find a thing. Anyone here using NFS and GigE+jumbo frames with Gentoo? cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpMKwDcMvlIA.pgp Description: PGP signature
Re: [gentoo-user] Re: NFS vs. jumbo frames
Hi Francesco, on Monday, 2007-04-23 at 21:58:18, you wrote: > Based on my experience I would add to verify also the upper MTU value > really supported. According to Documentation/networking/e1000.txt, the adapters should all support 16K frames. The limiting factor would be the switch's 9K limit, but I've stayed below that as well. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgptGqJm9zDOA.pgp Description: PGP signature
Re: [gentoo-user] file sorting in nautilus
Hi Boyd, on Friday, 2007-04-27 at 02:09:18, you wrote: > Adjust your LC_ALL, LC_COLLATE, and/or LANG environment variables. (At > least, > Nautilus /should/ respect those.) You might have to do something like: > LC_ALL="POSIX" nautilus > >from a xterm-like application. Usually the collation order should be the same on the shell and in nautilus, right? I think it's really some of what the Gnome folks think was clever in that case---nautilus also completely ignores certain name prefixes like "+" and "_" I put there to have the entries sorted on top. Fortunately, Thunar does no such tricks. > You can use > env | grep ^L > >from a new xterm-like seesion to see what nautilus "sees" by default. Or "locale" :) BTW, your signature did not validate on this post. Do you have "no-escape-from-lines" enabled? Then the last line above would have been the reason. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpNHsqQSRS4d.pgp Description: PGP signature
Re: [gentoo-user] NFS vs. jumbo frames
On Tuesday, 2007-04-24 at 15:38:12, I wrote: > I have googled for quite a while but can't find a thing. > Anyone here using NFS and GigE+jumbo frames with Gentoo? Just to follow up for the archives' sake: this seems to be an old and frustrating problem, I've run into a few messages dating back to 2002 of people with similar problems. Like here: http://lists.us.dell.com/pipermail/linux-poweredge/2002-December/005568.html and a more recent one on Sun hardware: http://www.opensolaris.org/jive/thread.jspa?messageID=74750 I've switched back to MTU 1500 for now and if I find the time I'll ask for news on this on some kernel list. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgplWDFOWQBJq.pgp Description: PGP signature
Re: [gentoo-user] Corrupt xD card with photos
Hi Mick,
on Monday, 2006-09-25 at 22:54:49, you wrote:
> I must be doing something wrong:
>
> $ ./recoverpics
> ./recoverpics: line 1: /bin: is a directory
> ./recoverpics: line 2: /bin: is a directory
> ./recoverpics: line 3: syntax error near unexpected token `('
> ./recoverpics: line 3: ` * Copyright (C) 2004 Matthias Bethke
> <[EMAIL PROTECTED]>'
>
>
> Is that the expected output?
No, not really. Looks like you're starting the source or something?
Here's how it's supposed to look:
| [EMAIL PROTECTED] ~ $ tar -jxvvf recoverpics-1.6.tar.bz2
| -rw-r- mb/users 13294 2004-02-28 07:08:36 recoverpics/recoverpics.c
| drwxr-x--- Creating directory: recoverpics
| -rwxr-xr-x mb/users542 2004-02-27 16:13:03 recoverpics/checkpics.sh
| -rw-r- mb/users140 2004-02-27 16:10:04 recoverpics/Makefile
| [EMAIL PROTECTED] ~ $ cd recoverpics/
| [EMAIL PROTECTED] ~/recoverpics $ make
| cc -O2 -finline-functions -D_LARGEFILE64_SOURCE=1 -D_FILE_OFFSET_BITS=64
| recoverpics.c -orecoverpics
| strip recoverpics
| [EMAIL PROTECTED] ~/recoverpics $ ./recoverpics
| Usage: recoverpics [offset] [max-output-size]
Then you should be able to run it as "./recoverpics /dev/sda" or
something.
good luck :)
Matthias
--
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665
pgpS9N9gKnFxI.pgp
Description: PGP signature
Re: [gentoo-user] browser advice
Hi Jorge, on Wednesday, 2006-11-29 at 21:00:06, you wrote: > I'm about to dump Firefox, because I can't google in English. The thing > doesn't let me choose the language, and I'm tired of getting useless > Brazilian links. Yes, I know about the settings, I already deleted the > google.pt cookie, but it's no use. I don't know, nor care, whose fault > it is (Google's, firefox's or mine, for not having telepathic gifts), I > just won't let anyone choose for me. Are you sure you aren't being sent to the Portuguese version because Google finds your IP is in Portugual and redirects you to where it thinks you want to go? I've seen this in .de, .br and .ph, so I presume it's the same in other countries. I also don't want the national versions so I go directly to http://www.google.com/advanced_search where the redirection doesn't happen. Works fine in any browser here. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpLJBASwqkrL.pgp Description: PGP signature
[gentoo-user] UTF-8 troubles
I switched a few systems to all-UTF-8 a while ago, and while it's generally a big improvement, a few apps are playing up. Pretty common apps that is, most notably tin and centericq, so I think it's probably my problem. Thing is, tin seems to decode messages correctly and tries to show umlauts. However, I only see the lowercase ä, ö and ü; the uppercase versions and the German "sharp s" (ß) are garbled. The latter for example is displayed as a diamond with a question mark inside (supposedly indicating "invalid UTF sequence") followed by "~_" (0x7e 0x5f---the correct UTF-8 sequence is 0xc3 0x9f). Centericq is similar; I see all umlauts I type in the input area as two question marks, but the lowercase ones get transmitted correctly and I can read others' lowercase umlauts. No capitals, no ß either. The only distinction I could make out between the sets of characters that are displayed correctly and those that aren't is that the latter contain UTF-8 bytes that would not be printable when interpreted as ISO-8859-x, so my hypothesis is that something in-between the app's text output and the terminal eats bytes unless they're deemed "printable". The affected programs all seem to use ncurses. I couldn't find anything in terminfo that could be causing this, but then I don't have much of a clue about terminfo in the first place. Google doesn't seem to hvae heard of the problem. Any ideas where I could look? cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpjIiUL6vMu5.pgp Description: PGP signature
Re: [gentoo-user] UTF-8 troubles
Hi Bo, on Saturday, 2006-12-02 at 06:48:51, you wrote: > > I switched a few systems to all-UTF-8 a while ago, and while it's > > generally a big improvement, a few apps are playing up. > > There's a nice guide [1] in case you haven't noticed. Yup, I largely folloed it in my transition. > > Pretty common apps that is, most notably tin and centericq, so I think it's > > probably my problem. > [SNIP] > > I don't know anything about tin bug for centericq there's bug #138740 [2]. > I'm > not sure the unicode support in centericq is flawless though. Otherwise I > would suggest looking for alternatives with better unicode support. OK, in centericq's case it seems to be the program's fault, I was just wondering because the errors are so similar that it might be an ncurses problem. Well, I'll just try slrn... Thanks! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpvAytXoxBlF.pgp Description: PGP signature
Re: [gentoo-user] [OT] recommend clean monospaced condensed TTF
Hi Alan, on Wednesday, 2007-01-17 at 11:11:29, you wrote: > I prefer Bitstream Vera Mono for this (or DejaVu which is a fork of the > same font). It looks good at small sizes down to 7 and I can easily > tell the difference between i,I,1,l and 0,O. It has an actual bold font > variant so there's none of that double-print-one-pixel to the right > nonsense which looks awful. Agree, that's two very important features. There is a pretty good overview of some monospace fonts, most with screenshots: http://www.lowing.org/fonts/ cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpyt87X49OBL.pgp Description: PGP signature
Re: [gentoo-user] Hard Drive Crash - Please Help
Hi Grant, on Thursday, 2007-01-25 at 08:20:37, you wrote: > I successfully wrote an iso of some important files after booting up > normally (minus hald, X, and vi) so that's good. Is there a utility I > can run on the disk to see if there is permanent damage? Should I try > re-emerging packages that are having trouble or should I try to emerge > -e world? As Thomas said, use the manufacturer's tools. Maybe smartmontools if you don't have anything more specialized. > I suppose I should see if I can write and burn iso's of everything in > /home/grant/ right away. Is there a good way to get a bunch of data > into multiple iso's that are each no larger than 650MB? Also, I've > read man mkisofs and experimented before with trying to preserve > filenames perfectly but it never comes out quite right. Can anyone > recommend mkisofs options for preserving filenames perfectly? I'd recommend trying it over a network or USB/IEEE1394 to another disk if at all possible. If the HD is dying anyway, writing ISOs to it while reading many files from another region of the disk at the same time will kill it very quickly. Same thing with a damaged file system: the more you write, the greater the damage. I'd try to connect an external HD or export a partition on some machine on the net, mount the partition read-only and back it up using tar. Then it's at least reformat/restore if not swap HD/format/restore. good luck! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpnMX5166Ika.pgp Description: PGP signature
Re: [gentoo-user] Hard Drive Crash - Please Help
Hi Grant, on Friday, 2007-01-26 at 09:47:51, you wrote: > My laptop is currently still copying everything to my desktop system > via tar and ssh. That's good. dd would be easier on the HD in case it's breaking but if you have a filesystem error you'd still have to fix that after copying back. If the HD is not about to die, tar (or rsync as Neil mentioned) is much better. > When I ran rc this morning, I saw that ssh started so it must have > stopped some time overnight as it usually does. The laptop was still > running the tar | ssh command I had started the night before. Could > the desktop be missing some of the laptop's data since the desktop > wasn't running ssh all night, or would it "catch up" now that ssh is > running? If the connection didn't break on the laptop side (ssh|tar reporting a broken pipe), you should be fine. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpTrJ4JAcT3V.pgp Description: PGP signature
Re: [gentoo-user] Xgl and direct rendering or 'Would you like Xorg or Xgl, sir?'
Hi Jan, on Saturday, 2007-01-27 at 15:06:32, you wrote: > I've begun this thread because of my difficulties with running some > OpenGL applications, e.g. Americas Army, on my Xgl. I reckon most in America's army would love to have your problems. SCNR! =^> Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpPWJochKN5M.pgp Description: PGP signature
Re: [gentoo-user] Hard Drive Crash - Please Help
Hi Grant, on Saturday, 2007-01-27 at 09:34:47, you wrote: > The thing I'm confused about is how I can get anything back to the > laptop when it won't even have an OS on it. I could boot a LiveCD but > I don't think I'll be able to connect to the wireless network. Hum...that's pretty much a show stopper. In that case, setting up a wired network (if they have wlan, these machines would have wired lan as well, no?) or buying that 2.5" IDE adapter is probably the least hassle. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpvLs5zulXqZ.pgp Description: PGP signature
Re: [gentoo-user] OT: Setting up an IMAP server to serve mail fetched from pop mailboxes.
Hi Anthony, on Wednesday, 2005-12-28 at 10:38:12, you wrote: > 1) I currently have a few pop email accounts with my ISP and others > (eg gmail), and wish to retain these accounts, as I use them for > different purposes and people already have these addresses. As Alexander has pointed out, fetchmail is fine for that. That is, it has a bad reputation with respect to code quality but I haven't checked as it hasn't ever given me any trouble. Maybe there are alternatives, but loads of people use it. > [...] > 3) I want to be able to access the same mail and mail folders from all > machines, and the state of those mailboxes be mirrored on all the > other machines. Yup, an IMAP server seems to be the tool of choice here. At work I use dovecot which works well together with postfix. It's a bit of work to set up but it has sufficient documentation for that. I don't know of anything easier, in fact I haven't tried much else except for some Cyrus thing that came wit SuSE and that I didn't like. > 4) I want to filter junk mail using SpamAssassin. No idea really...I'd suggest to just install it and have a look into the README(s). Many people use it with all kinds of MTAs---I haven't. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpOQYWoXfJQn.pgp Description: PGP signature
Re: [gentoo-user] [OT] Filename modification with suffix
Hi David, on Thursday, 2005-12-29 at 13:53:17, you wrote: > > $(ls *.jpg) > > ick! > > (incidentally, http://www.ruhr.de/home/smallo/award.html#ls) Well, it's bad in two ways, and even the example on the above webpage is wrong. For one thing, "ls" is useless here. For another, it will break on spaces in filenames, unlike shell globbing: | $ touch "foo bar.jpg" | $ for f in *.jpg; do echo $f; done | foo bar.jpg | $ for f in `ls *.jpg`; do echo $f; done | foo | bar.jpg | $ for f in `ls *.jpg`; do echo "$f"; done | foo | bar.jpg The bottommost try shows that the comment "newbies will often forget the quotes, too" is wrong -- it won't work either way. If you have to use a program that outputs a filename per line like ls, use a read loop: | $ ls *.jpg | while read f; do echo "$f"; done | foo bar.jpg The quotes are useless for "echo" here, but for other commands you'll usually need them to keep the command form taking filenames with sapaces as separate arguments. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpEVNO5w45yp.pgp Description: PGP signature
Re: [gentoo-user] Accurate way of Detecting # of times a file is opened
Hi Ow, on Tuesday, 2006-01-03 at 15:37:55, you wrote: > I have a few files which I would like to share to some housemates, but I > don't want these files to be opened by everyone at the same time. (limit > stress on my PC etc) > > So, what I would like to do is some sort of library checkout mechanism. > I'm hoping to be able to write a script that will check how many > instances of the file is already in use. Depends on what protocol you want these files shared over. I don't think there's any way short of hacking the source to implement this with NFS of Samba. If you use HTTP, it should be fairly easy to write a little CGI script that keeps a counter of downloaders for each file in some kind of lock-file. However, I doubt you need this anyway. Due to the way Linux's buffer cache works it's actually likely to cause less stress on your HD when everybody is reading the same file than when the same number of readers each read a different file. Of course it may make sense to limit the total number of readers with something like Samba's "max connections". regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpGsoeu8l7VK.pgp Description: PGP signature
[gentoo-user] The Grand Remerge
It started on Wednesday: after syncing, I had about 150 ebuilds marked as "remerge". I thought, WTH, let portage have its way and remerge everything while I sleep. So I did---and today it's the same! 151 ebuilds and all of them for remerging the same version. Here's some of them: [ebuild R ] x11-terms/gnome-terminal-2.10.0 [ebuild R ] xfce-extra/xfce4-wavelan-0.4.1-r1 [ebuild R ] media-gfx/gtkam-0.1.12-r1 [ebuild R ] app-emulation/wine-20050725-r1 [ebuild R ] xfce-extra/xfce4-xmms-controller-1.4.3-r1 [ebuild R ] xfce-extra/xfce4-panelmenu-0.3.1 [ebuild R ] app-text/gpdf-2.10.0-r2 [ebuild R ] xfce-extra/xfce4-datetime-0.3.1-r1 [ebuild R ] gnome-base/gdm-2.8.0.3 [nomerge ] net-analyzer/nessus-2.2.6 [nomerge ] net-analyzer/nessus-plugins-2.2.6 [ebuild R ] net-analyzer/nessus-core-2.2.6 [ebuild R ] media-gfx/eog-2.10.2 [ebuild R ] app-arch/file-roller-2.10.4 [ebuild R ] xfce-base/xfce4-extras-4.2.2 [ebuild R ] xfce-extra/xfce4-windowlist-0.1.0-r1 [ebuild R ] xfce-extra/xfce4-taskbar-0.2.2-r1 [ebuild R ] xfce-extra/xfce4-battery-0.2.0-r1 [ebuild R ] xfce-extra/xfce4-netload-0.3.2 [ebuild R ] xfce-extra/xfce4-showdesktop-0.4.0-r1 [ebuild R ] xfce-extra/xfce4-minicmd-0.3.0-r1 [ebuild R ] xfce-extra/xfce4-systemload-0.3.6 [ebuild R ] xfce-extra/xfce4-notes-0.10.0-r1 [ebuild R ] xfce-extra/xfce4-artwork-0.0.4-r1 [ebuild R ] media-video/mplayer-1.0_pre7-r1 That's my private laptop doing these funny things. The one desktop and eone server I run with Gentoo at work don't do anything like this. My date is set correctly and it doesn't look like I had anything in /usr/portage with wrong dates either, that's the only reason I could think of so far. -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpDnLQtEclg4.pgp Description: PGP signature
Re: [gentoo-user] The Grand Remerge
Hi Tom, on Saturday, 2006-01-07 at 01:07:18, you wrote: > Could you please paste the command line you used to generate this list? emerge -DNuta world right after emerge --sync regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpASdTo50eiF.pgp Description: PGP signature
Re: [gentoo-user] The Grand Remerge
Hi Rumen, on Saturday, 2006-01-07 at 06:31:56, you wrote: > Have you changed any USE-flags in /etc/make.conf? > Add the 'v' option to see USE-flags too. > Sometimes this could happen with slotted packages when there's an upgrade > for some minor slot-number version (requires =...), but only for package or > two. Hm, none that I knew of; my last change to make.conf is from last year. Anyway, the problem seems to have gone away after about two remerges for each package... regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpJdwVOfM3SA.pgp Description: PGP signature
[gentoo-user] X.org V7.0 partial success
I used xorg-x11-6.8.99 on my laptop so far because its i915 chipset wasn't properly supported in 6.8.2. Now the last update, -r4, broke the support again (or so I read on some forum when I investigated why X wouldn't start any more), so I decided to give 7.0 a try. The usual great Gentoo HOWTOs helped me a lot (http://gentoo-wiki.com/HOWTO_Modular_Xorg) and apart from a few moanings due to packages missing in package.keywords, things went fine. But then the keyboard and mouse drivers were missing. esearch told me: * x11-drivers/xf86-input-mouse Latest version available: 1.0.0 Latest version installed: [ Not Installed ] Size of downloaded files: 214 kB Homepage:http://xorg.freedesktop.org/ Description: X.Org driver for mouse input devices License: X11 * x11-drivers/xf86-input-keyboard Latest version available: 1.0.0 Latest version installed: [ Not Installed ] Size of downloaded files: 191 kB Homepage:http://xorg.freedesktop.org/ Description: X.Org driver for keyboard input devices License: X11 Installing them fixed almost all remaining problems. But the package name puzzles me. Are these originally XF86 modules that x.org just decided to be compatible with, or is the name a copy-n paste error? Should I file a Bugzilla report? The remaining problems concern DRM which isn't really essential (I get a "libGL error: open DRM failed (Operation not permitted)) and some fonts that don't seem to be included any more and that I guess I just have to reinstall. So far the modularized X looks promising, I'll do a revdep-rebuild and some more testing tonight. Does anybody have an idea about the DRM issue? regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgptj8AqmcGvK.pgp Description: PGP signature
Re: [gentoo-user] X.org V7.0 partial success
Hi Andrew, on Wednesday, 2006-01-11 at 16:27:41, you wrote: >try adding > 'Section "DRI" > mode 0660 > Group "video" > endsection' > to your xorg.conf Oh, that rings a bell, I think I did that to another config a long time ago...thanks, I'll try tomorrow @work! > and no those are not the orginal packages, Xorg decided to move to a more > flexable develepment model(imho) that splits alot of the parts up, if you > look the driver for the i915 card will be x11-drivers/XF86-video-i810, it > was done this way so things could be updated faster. instead of 6 months for > a new driver it might be a week Yup, I figured that was the motivation---but X.org and XFree86 are still different projects with different code and all, so I was surprised that the name starts in xf86- and the description says X.org... Wouldn't xf86-something indicate a part of the XFree86 project? cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp4UQZO1BsHp.pgp Description: PGP signature
Re: [gentoo-user] Practical Backup Solution
Hi Lord, on Wednesday, 2006-01-11 at 18:25:32, you wrote: > (it's an Iomega ditto QIC-80 parallel port floppy-protocol tape drive). I > also bought a very low quality DVD+RW drive (MagicSpin non-MMC, non-Ricoh - Beh. A faster solution with similar security to either one would be a tar -cf/dev/null / If you're concerned mainly about FS errors, accidental deletes and such, I'd also suggest a second harddrive. It's relatively cheap, very fast, random-access and pretty secure. If on top of that you want protection against things like overvoltage, lightning etc. that might fry your whole system, you need some removable media like MO or tape. I used a DAT streamer for quite a while. DAT doesn't have the best tapes either, they wear out pretty quickly, but both tapes and drives are cheap nowadays and more than adequate for your amount of data. MO has a good reputation too but I don't have any experience with it. It seems a bit out of fashion today so you may be able to get a good deal on a drive. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpahrZSreHbK.pgp Description: PGP signature
Re: [gentoo-user] X.org V7.0 partial success
Hi Richard, on Wednesday, 2006-01-11 at 18:22:37, you wrote: > I think it is important to note that these names were not invented by > the Gentoo devs working the ebuildsthey are straight from the > x.org project's distribution [1]. Ah, OK, thanks for clarifying that! After reading their glossary I still don't really understand their nomenclature, but if that's how they want the packages to be named it's certainly a good idea to adhere to that scheme. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgproO6im3ewy.pgp Description: PGP signature
Re: [gentoo-user] I can't send email anymore. O_O
Hi Eric, on Thursday, 2006-01-12 at 14:35:52, you wrote: > Yup, it's Kmail. What setup do you use for sending mail? Some ISPs have > configs that block port 25 from being used for third party servers. Could be > they put in a port blocker recently, and you're just one of the few people > who are having problems with it. That would be my guess as well, I had this problem before. I think it was that I invented a domainname for the machine that only had a dialup connection anyway, and that was what it sent in the SMTP HELO. Somebody at the ISP's thought refusing "aliens" in the HELO phase was a good idea against spam but they didn't tell the support people about it so they insisted that nothing was changed. tcpdump helped. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpZ2wezxVkUX.pgp Description: PGP signature
Re: [gentoo-user] I can't send email anymore. O_O
Hi Neil, on Friday, 2006-01-13 at 12:51:32, you wrote: > By default, su does not allow access to X. You can mess around > setting and exporting $DISPLAY, or you can use sux instead of su. sux is > a shell wrapper for su that takes care of this. I wonder why that should be necessary in the first place as su seems to support this .Xauthority linking on its own. On SuSE systems /usr/X11R6/bin/sux is just a symbolic link to /bin/su, I just tried it here and it works. The bad thing is that "sudo sux" does not work as in this case sux is called as root already. Perhaps I should write my own "suxdo" wrapper? :) regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpIGWXVB3M10.pgp Description: PGP signature
Re: [gentoo-user] I can't send email anymore. O_O
Hi Dale, on Friday, 2006-01-13 at 13:40:00, you wrote: > I think something is wrong with xorg or something myself. I can read. LOL > > If anyone else wants to see this thing, let me know. I'll send it to you. I noticed similar things can happen when for some reason (DHCP, some dialup script, ...) your hostname changes while X is running already. Everything running continues running just fine but X thinks the new connections were coming from a different host and refuses them. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpilTXZPHAnZ.pgp Description: PGP signature
Re: [gentoo-user] I can't send email anymore. O_O
Hi Dale, on Friday, 2006-01-13 at 16:42:33, you wrote: > Any ideas? Anybody want to host this large strace file so others can see it? > > I don't have anyway to host it here. No problem, just send it and I'll put it online. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpjxu547HhKC.pgp Description: PGP signature
[gentoo-user] Re: It's Dale from Gentoo list with the strace error.
Hi Dale, on Friday, 2006-01-13 at 17:06:58, you wrote: > Here is the file if it helps. If you would post a link to in the list. > Maybe > someone will make sense of it. I'm clueless. OK, the file is online at http://www.linguistik.uni-erlangen.de/~msbethke/strace-dale.txt It doesn't look like permissions or so were the problem though. Maybe just let strace write everything to a file (strace -olog mozilla). The result will prolly be huge, but gzipped it should be OK. There's 20G free on the server ;) regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpDJt7TxR2ql.pgp Description: PGP signature
Re: [gentoo-user] ipw2200 dmesg error
Hi Rafael, on Sunday, 2006-01-15 at 16:45:29, you wrote: > Sorry I did a dmesg and that message shows for me too... but less times > > [EMAIL PROTECTED] ~ $ dmesg | grep ipw2200 > ipw2200: Intel(R) PRO/Wireless 2200/2915 Network Driver, 1.0.10 > ipw2200: Copyright(c) 2003-2005 Intel Corporation > ipw2200: Detected Intel PRO/Wireless 2200BG Network Connection > ipw2200: Unknown notification: subtype=40,flags=0xa0,size=40 > ipw2200: Firmware error detected. Restarting. I have the same, though I never even noticed. The card works just fine. BTW, Rafael, if you uploaded your key to the keyserver network, signing your mail would even make sense :) regards Matthias > ipw2200: Sysfs 'error' log captured. > ipw2200: Firmware error detected. Restarting. > ipw2200: Sysfs 'error' log already exists. > > Bye, > Rafael Fernández López. > -- > gentoo-user@gentoo.org mailing list > -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpQnEJcfYByk.pgp Description: PGP signature
[gentoo-user] OT: GPG (was: ipw2200 dmesg error)
Hi Rafael, on Sunday, 2006-01-15 at 21:58:06, you wrote: > The server I've tried to upload returned always error 500. Now it is > uploaded. Sorry I absolutely have forgotten to re-upload. Looks better now :) I've been getting these 500 errors as well in the last weeks, from several servers. The web interface usually works though, and subkeys.us.pgp.net even still lets me upload from GPG. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpaj348aY9ZL.pgp Description: PGP signature
Re: [gentoo-user] DHCP and Problematic IP addreses
Hi Ow, on Tuesday, 2006-01-17 at 13:22:06, you wrote: > I have a problem in which the DHCP server assigns a Bad IP address to > me. (miss pings, long delays etc..) I have tried various means to get a > new IP but it's not giving it to me since the DHCP has bonded it self to > my PCMCIA NIC's MAC Addr. > > Short of waiting close 24 hours (and hoping that that address is not > given back to me again!), is there any way to reject some IP addreses it > provides to me? I don't think so, but I'm not quite sure I understand this anyway. So you have a DHCP server you don't control (@work?) and it's not giving you the IP you want but something else---"abd" in what way? And it remembers your PCMCIA card's MAC address...so you have another port in your laptop and want to use that instead? I'd think if the DHCP server gives you an andress that doesn't work in your subnet then it's a server configuration issue and should be fixed there. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgplQGDnOcaIg.pgp Description: PGP signature
Re: [gentoo-user] DHCP Jammer
Hi Chris, on Tuesday, 2006-01-17 at 17:50:01, you wrote: > Say, I have a DHCP server is distributing 172.30.10.0/24 IP range, > but a joker simply plug in another DHCP server and distributing > 192.168.12.0/24 IP. Is there anyway I can stop the unwanted DHCP broadcast? That's a network infrastructure and policy issue. Use port security in your switches, i.e. filter by MAC addresses so everybody who wants to plug in their machine hast to pass by your desk and register their MAC. Set up dhcpcd on every machine to log its actions to syslog so you can determine the MAC address of every fake server that assigned some wrong address. Then get a cat-5-o'nine-tails (http://www.tasigh.org/tuq/whips.html) and wait. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpqiTVmtlBf1.pgp Description: PGP signature
Re: [gentoo-user] emerge world?
Hi Michael, on Tuesday, 2006-01-17 at 10:53:50, you wrote: > I had missed that! Are you saying that if poppler has been emerged > there's no need to re-emerge xpdf? I didn't know that and I re-emerged > xpdf. I think you do, poppler is just the library. I have another problem with poppler now though: one of my machines has Plone and Cups installed. Cups wants poppler, Plone wants net-zope/portaltransforms. The latter wants pdftohtml, which is blocked by poppler. It seems to boil down to a system that cannot have Cups and Plone installed on the same machine :( I think it would make sense to add a USE flag to portaltransforms that removes the dependency on pdftohtml---after all, I wouldn't use this functionality in Plone anyway. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpoWqYSrM8O0.pgp Description: PGP signature
Re: [gentoo-user] emerge world?
Hi Uwe, on Tuesday, 2006-01-17 at 15:53:20, you wrote: > If I understand the ebuild of portaltransforms correctly it wants either > pdftohtml or lynx. Maybe you can get away by installing lynx? No, it wants both of them. I do have lynx but that's probably for HTML->text and the other, as the name says, PDF->HTML. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp9rkRd0mz5h.pgp Description: PGP signature
Re: [gentoo-user] emerge world?
Hi Michael, on Tuesday, 2006-01-17 at 09:47:44, you wrote: > Matthias Bethke wrote: > >Hi Uwe, > >on Tuesday, 2006-01-17 at 15:53:20, you wrote: > > > >>If I understand the ebuild of portaltransforms correctly it wants either > >>pdftohtml or lynx. Maybe you can get away by installing lynx? > > > > > >No, it wants both of them. I do have lynx but that's probably for > >HTML->text and the other, as the name says, PDF->HTML. > > > >regards > > Matthias > > What ebuild did you use? Portaltransforms is supposed to have been > fixed to have an dependency on either pdftohtml OR poppler. See > http://bugs.gentoo.org/show_bug.cgi?id=105187#c66 Sorry, I should have mentioned that was portaltransforms-1.0.4.ebuild, mosdef with the bug still in. I just noticed there's -r1 with the fix, but it's still in unstable. Just syncing again, maybe it will have moved up to stable... regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpOesIYMMBoZ.pgp Description: PGP signature
Re: [gentoo-user] emerge world?
Hi Michael, on Tuesday, 2006-01-17 at 20:18:16, you wrote: > Plone in portage hasn't changed in a very long time. I recommend you > get the new ebuilds from > http://bugs.gentoo.org/show_bug.cgi?id=105187 and install them, then > put your comments in that bug to let the devs know that it's working. > > Or, if you want, you can modify the 1.0.4 ebuild to accept poppler. I just switched to the unstable portaltransforms for now, and all is fine. Otherwise I'd have had to use portage overlays and thing swould have been more complicated -- the "unstable" version seems to be only this fix and a minor patch ahead so it's probably less problematic than "stable". regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpoJBNby0R6z.pgp Description: PGP signature
Re: [gentoo-user] DHCP and Problematic IP addreses
Hi Ow, on Wednesday, 2006-01-18 at 09:22:06, you wrote: > > you have a DHCP server you don't control (@work?) > > Yes. > > and it's not giving > > you the IP you want but something else---"abd" in what way? > > it's giving me an IP, just not a good One. (upstream connection is bad) Well, what exactly is wrong with this IP? Is it from a different subnet? Or is it just that the router isn't set correctly, so you see all other machines in the local net but can't get out? Or does the router refuse to route packets from parts of the subnet and you get an address in this part? > > I'd think if the DHCP server gives you an andress that doesn't work in > > your subnet then it's a server configuration issue and should be fixed > > there. > > yeah.. Unfortunately, I have no administrative control over it. :-( If you tell the guy in charge that you'll use a static IP as long as he doesn't get the server fixed, I think that will be a motivation :) Sorry for the late reply! cheers, Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpjOVI6wnW9y.pgp Description: PGP signature
Re: [gentoo-user] modules PID
Hi Cláudio, on Wednesday, 2006-01-25 at 13:47:21, you wrote: > I thought it could solve it killing the module. I have tried "modprobe > -rf visor" but visor do not want to die. > > any ideas? Do you have "forced module unloading" enabled in your kernel? If you do, it's probably a problem in the module itself that can't be solved without hacking the source. regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpTiPIaX1Cto.pgp Description: PGP signature
[gentoo-user] Encrypting removable media
I have a bit of chicken-and-egg problem trying to get encrypted removable devices to work as "normal" as possible. Using Loop-AES and a GPG-encrypted key I had no problems encrypting my external FW drive, but to pass all the options to losetup without entering them by hand every time, I need an fstab entry. The drive shows up as /dev/sda, but putting /dev/sda1 there is no good as it would try to use Loop-AES on *every* external drive. So far I could just use volume labels in my fstab to distinguish any number of drives---well, I used to until hald/dbus made that automatic. But now there are no labels any more as they get encrypted as well. Has anyone come up with a solution for this yet? I could imagine some plugin for the hotplug system that checks /proc/scsi/scsi for a certain model before mounting. Not the cleanest solution either but as my external drives are different models it would work for me. I don't have much of a clue about the hotplug system though... regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpG2ljrhKBsH.pgp Description: PGP signature
Re: [gentoo-user] Encrypting removable media
Hi Etaoin, on Friday, 2006-02-24 at 15:42:39, you wrote: > With udev you can create hardware-specific devices (meaning you can have > a device in /dev that corresponds exactly to some particular hard disk), > based on various hardware-specific information (eg, manufacturer name or > device id and many others) See > http://www.reactivated.net/writing_udev_rules.html > for the details. Looks like just the ting I need, plus some education :) Thanks very much for the ultra-speedy reply! Gotta love the Gentoo lists... cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgphYkGjTGJ6A.pgp Description: PGP signature
Re: [gentoo-user] lost partition table
Hi Ghaith, on Thursday, 2006-03-09 at 06:52:38, you wrote: > help, it seems the gentoo installer deleted my home partition > fdisk don't show it what can i do? > is there a way to restore it "gpart" is the tool for that. If nothing works any more, you can use Knoppix or something. Then just start gpart on your disk, let it grind away for a while, and then check the (usually several) partition layouts it finds for one you recognize. It's been a while since I used it but AFAIR it can restore a certain MBR layout you select. If not, you have to recreate it in fdisk. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgp1B6d1CR0kV.pgp Description: PGP signature
Re: [gentoo-user] dd if=/dev/dvd of=backup.iso
Hi Joseph, on Wednesday, 2006-03-15 at 15:55:17, you wrote: > > could be the reader then? Do you have another computer with a dvd drive > > and 4.7g available space? > > Yes, I've tired on two different systems, one is x86 and the other amd64 > with similar result on both of them; the copying stops at some point and > doesn't go any further. Could it be that it's supposed to be like this? Some kiind of copy protection using bad blocks that are unused in the file system so in normal use you never run into them, but you do when trying to get an image? Stuff like this has been common since the C64 age. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpH4hQBOH0zb.pgp Description: PGP signature
Re: [gentoo-user] Disk Partitioning
Hi Paul, on Thursday, 2006-03-16 at 12:44:15, you wrote: > > "dd if=/dev/zero of=/dev/sda bs=512 count=1" (but if there isn't any > > data on that drive, then go and try this...) > > > Thanks for the reply, I tried your suggestion but it didn't make any > difference. If there's nothing on it yet, you can of course zero-out the whole disk---bit of an overkill but will do the job :) I would have thought killing the boot sector would do it as well but then perhaps the volume manager could be looking for a root sector? cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpjyRo0xesVp.pgp Description: PGP signature
[gentoo-user] Postfix problem w/o network
I have a feeling I'm missing something very obvious here, but I'm still at a loss: I have my laptop's ethernet set to use DHCP. Obviously, on the road this will fail. But then the "net" service that postfix (and a bunch of other stuff like sshd) depends on is not there. Of course I could edit the init.d file, but there must be a cleaner solution, right? After all, everybody on dialup-only systems has to have this problem. I also haven't figured out *how* the "net" dependency is provided. The postfix iniscript explicitely contains "provide mta", but very few scripts use this provide keyword, especially not net.* On my previous SuSE system, if I went someplace networked with the machine running already, I used to say "ifup-dhcp eth0", and I could mail and ssh into the laptop without any further ado. I suppose I could do the same with Gentoo's runlevels which I haven't explored yet, but it still doesn't solve the problem that I can't have postfix running and queueing messages I send while offline so they can be delivered once I plug in somewhere. regards Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpThQMOdUqup.pgp Description: PGP signature
[gentoo-user] rsync mirroring
I just set up a local rsync mirror using app-admin/gentoo-rsync-mirror. Now I'm just wondering if it's necessary to do it like suggested and put a separate portage tree under /opt? I mean, apart from syncing to the official Gentoo mirrors it's read-only anyway, so pointing my rsync daemon to /usr/portage should be fine, shouldn't it? cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpD7LriGrY2Y.pgp Description: PGP signature
[gentoo-user] Embedded Gentoo problems
To reactivate this old 486 laptop that's been sitting in my basement, I
set out to install it with a tiny Gentoo system and use it as a DSL
router. The HD is 1.3 GB, so a full glibc-based system wouldn't be much
of a problem, but I wanted to experiment with embedded stuff anyway,
so...
Well, I've never sone a Stage1 install. Upon my first try with Gentoo I
ran into some problem and thought WTH, I'll just go with Stage3. But
now, following the HOWTO at http://www.bulah.com/embeddedgentoo.html, I
have to do it.
All is fine up to the bootstrapping. I have a P4 Gentoo machine, trying
to compile for i486. My short make.conf:
CFLAGS="-Os -march=i486 -pipe -fomit-frame-pointer"
CHOST="i486-gentoo-linux-uclibc"
CXXFLAGS="${CFLAGS}"
FEATURES="-sandbox buildpkg"
UCLIBC_CPU="486"
USE="bitmap-fonts minimal truetype-fonts"
Trying to boostrap gcc fails with a segfault:
gengtype-yacc.c: In function `yydestruct':
gengtype-yacc.c:725: warning: traditional C rejects ISO C style function
definitions
stage1/xgcc -Bstage1/ -B/usr/i486-gentoo-linux-uclibc/bin/ -DEFAULT_PIE_SSP
-DEFAULT_RELRO -DEFAULT_BIND_NOW -DUSE_UCLIBC -march=i486 -pipe -O2 -DIN_GCC
-W -Wall -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes
-Wtraditional -pedantic -Wno-long-long -DHAVE_CONFIG_H -DGENERATOR_FILE -o
gengtype \ gengtype.o gengtype-lex.o gengtype-yacc.o ../libiberty/libiberty.a
/usr/i486-gentoo-linux-uclibc/bin/ld: warning: creating a DT_TEXTREL in object.
./gengtype
make[2]: *** [s-gtype] Segmentation fault
make[2]: Leaving directory
`/var/tmp/portage/gcc-3.3.5.20050130-r1/work/build/gcc'
make[1]: *** [stage2_build] Error 2
make[1]: Leaving directory
`/var/tmp/portage/gcc-3.3.5.20050130-r1/work/build/gcc'
make: *** [bootstrap-lean] Error 2
I found that if I hack the Makefile to link all of those helper programs
in gcc-3.3.5.20050130-r1/work/build/gcc statically, they won't segfault
and even produce something that will compile. But then I get another
segfault when the resulting "xgcc" binary is run for the first time, so
there is probably a systematic problem.
Any ideas on what might be going wrong would be highly appreciated.
cheers!
Matthias
--
I prefer encrypted and signed messages. KeyID: 90CF8389
Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91
pgp3RJky1kgw1.pgp
Description: PGP signature
Re: [gentoo-user] rsync mirroring
Hi Jonathan, on Thursday, 2005-08-18 at 16:42:56, you wrote: > I've been syncing a few machines via /usr/portage without a problem. At > least with that method you only need to perform one sync on the main > machine and then let the others sync off it. That's what I was thinking...OK, I'll just try it that way. Thanx! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpGXD4UOXZkA.pgp Description: PGP signature
Re: [gentoo-user] How can I format correctly a FAT floppy?
Hi Michael, on Monday, 2005-08-29 at 16:51:54, you wrote: > Using fdisk to check the partition table of a FAT floppy gave me this output: > [gibberish] That's because fdisk tries to interpret the data it finds as a partition table, but actually there is none. Floppies aren't supposed to be partitioned, although for the sake of doing it you could under Linux. Just use mtools as the others have suggested, or simply "mkfs.msdos /dev/fdX". Regards Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpz4JRHMKbid.pgp Description: PGP signature
Re: [gentoo-user] Personal firewall for Linux?
Hi Matt,
on Monday, 2005-08-29 at 14:54:46, you wrote:
> I'm not trying to do anything complicated like protect a LAN or include
> a DMZ or run an ftp server or anything like that. I'm just looking for
> a quick and easy way to add another layer of protection to my desktop by
> closing all unused ports.
Well, if they are unused, they are closed, no need to worry about them.
The only thing you'd need some packet filter (a firewall is something
different, although the term sounds so good that the marketroids have
established it even for simpler things than iptables) for is if you want
*restrictions* on some ports, like to open your web server to the LAN
but not the internet.
On Windows, the situation is a little different as you don't have a lot
of control about what program opens what ports if you don't know your
system inside-out. And many programs love to connect to their masters
and tell them all kinds of stuff about your system, so you'd usually
want to block these on an application level.
If you just want something that pops up once in a while and gives scary
messages, there's the ususal Perl one-liner :)
perl -e 'use Tk;while(1){sleep(rand(290)+10);new
MainWindow(title,"Boo!")->Button(-text,"HackAttack!!!one!\n\nBlock")->pack;MainLoop}'
cheers!
Matthias
--
I prefer encrypted and signed messages. KeyID: 90CF8389
Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91
pgpM7m657YFsn.pgp
Description: PGP signature
Re: [gentoo-user] [OT] Finding other machines on the network
Hi Nick, on Wednesday, 2005-08-31 at 20:30:14, you wrote: > arp will rely on the box having actually done something within arp's > cache period. What's more, ARP resolves IP addresses to MAC addresses and the IP address is what the OP wanted to find out in the first place. I'd try in this order: 1. Broadcast ping 2. for n in `seq 1 254`; do ping >/dev/null -c1 -W1 192.168.0.$n; \ [ $? == 0 ] && echo "$n is up"; done 3. nmap cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpbm2KbnPfNZ.pgp Description: PGP signature
Re: [gentoo-user] Slightly OT: favorite window manager/desktop environ?
Hi Matt, on Wednesday, 2005-08-31 at 17:28:21, you wrote: > Anyway, I was just hoping to start a "pub"-style conversation on > what people like/disklike in a window manager. It's been XFCE here for a while. When I ran NetBSD years ago, nothing but fvwm would run at decent speed (not that there had been much choice), so I used this for a while. Then it was Linux/KDE for a while on a 486, which was quite a pain. When I discovered Gnome, I liked the clean look of GTK and its speed. Version 2 annoyed me because everything got fatter and had less features than the 1.x version, but I stuck with it out of inertia, it was well configured and all... XFCE is for me what Gnome used to be: slim and fast, a clean look and just as many knobs to tweak as I need but no more. Now, WMII looks interesting as well. Unlikely I'm going to switch but I'll have a look at it. cheers! Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpyzBiZ8XJCN.pgp Description: PGP signature
[gentoo-user] groff vs. Japanese
I think there's a bug in one of the updates these days: if you have Japanese activated in /etc/make.conf:LINGUAS, emerge wants to install a new set of Japanese man pages, which however is blocked by groff-1.19. It's not a big problem here as I just wanted CJK support for this machine at a linguistics department, but just to let you know... groff-1.19 is in stable, so something that doesn't work with it shouldn't go into stable, should it? app-i18n/man-pages-ja requires 1.18. regards Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpn6HHFnMi4l.pgp Description: PGP signature
Re: [gentoo-user] "Copying" between hard drives potential newbie question
Hi waltdnes, on Tuesday, 2005-09-06 at 21:08:20, you wrote: > > Most UPSs below about US$400 are junk. You'd be served just as well > > with a decent surge suppressor power strip. Don't waste your money > > on a UPS. > > Not if all you want is to give your home system 5 minutes to shut down > in a power failure, or to handle the occasional 30-second outage, of > which my area seems to have more than its fair share. Oh yes, it depends very much on the grid in your area. I lived in the Philippines for a while where brownouts are a very common thing---usually, you get a UPS "free" there when you buy a computer. It's really no fun without one, and for what they have to do the cheap lil things work very well. Their lead accus don't usually last more than a year, but then you just get a new one for $5 or so and you're set for another year. In Germany OTOH, hardly anybody has one, and people still get uptimes of over a year. regards Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpFKpH2HolBJ.pgp Description: PGP signature
[gentoo-user] Eclipse vs. Unifont
Does anyone have an idea what the Eclipse ebuild doesn't like about Unifont? huxley ~ # emerge -DNupt dev-util/eclipse-sdk These are the packages that I would merge, in reverse order: Calculating dependencies ...done! [blocks B ] media-fonts/unifont (is blocking dev-util/eclipse-sdk-3.0.1-r2) [ebuild N] dev-util/eclipse-sdk-3.0.1-r2 The RDEPEND line in the ebuild is not commented, and at work I installed Eclipse on the server and it runs just fine on my Gentoo box that's virtually identical (including unifont) to this laptop's setup... regards Matthias -- I prefer encrypted and signed messages. KeyID: 90CF8389 Fingerprint: 8E 1F 10 81 A4 66 29 46 B9 8A B9 E2 09 9F 3B 91 pgpb8CdLXudvM.pgp Description: PGP signature
