Re: update to F30 seems to have failed
We could always have a policy of adding the Fedora version in the subject line. Something like "F30: Query here" On May 2, 2019 9:40:27 AM MST, Tom H wrote: >On Thu, May 2, 2019 at 1:55 PM Patrick O'Callaghan > wrote: >> On Thu, 2019-05-02 at 12:35 +0200, Tom H wrote: >>> On Thu, May 2, 2019 at 11:46 AM Patrick O'Callaghan >>> wrote: > > I pointed out that a post relating to unreleased software should go on the Test list. That is the official policy of this list. >>> >>> AFAIK, it's from time that this email [1] is sent that the "users" >>> list is ok, not from the time that this email [2] is sent out. >>> >>> [1] "is go", April 26: >>> >https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/thread/GLN2FU2O5K6WVX4Y2ST3VOALV6ML35U2/ >>> >>> [2] "released", April 30: >>> >https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/thread/AXZGT6H6XPS26W2MTBJNCZGQA5SK3NOZ/ >> >> That's also a reasonable interpretation. I'll try to bear it in mind >> next time > >It's not my interpretation. There was a thread similar to this one a >few years ago where someone said with authority (it seemed to me!) >that this was the policy. > > >> (and believe me, there will inevitably be a next time ...) > >We should unify the two lists so as not to have these delirious >threads on an almost twice-yearly basis. >___ >users mailing list -- users@lists.fedoraproject.org >To unsubscribe send an email to users-le...@lists.fedoraproject.org >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >List Archives: >https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org -- Sent from my mobile device. Please excuse my brevity.___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: ssh
Not necessarily. You can certainly get "No route to host", rather than "Connection failed" if the port is not open. On September 17, 2019 9:05:34 PM UTC, "Garry T. Williams" wrote: >On Saturday, September 14, 2019 10:13:11 AM EDT Ed Greshko wrote: >> On 9/14/19 9:59 PM, Patrick Dupre wrote: >> >> On 9/14/19 9:34 PM, Patrick Dupre wrote: >> > telnet 192.168.1.12 >> > Trying 192.168.1.12... >> > telnet: connect to address 192.168.1.12: No route to host >> > >> > I guess that I need to reestablish the route. >> > How? >> > >> >> No, that is an indication that port 22 is not open. > >No. That error is from an ICMP message and means exactly what it >says. It has nothing to do with what is or is not listening on the >remote host since the attempt to connect to 192.168.1.12 never got >that far. > >You do not have a route to 192.168.1.12 from the host that you >used to run the telnet command. > >-- >Garry T. Williams > > >___ >users mailing list -- users@lists.fedoraproject.org >To unsubscribe send an email to users-le...@lists.fedoraproject.org >Fedora Code of Conduct: >https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >List Archives: >https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org -- Sent from my mobile device. Please excuse my brevity.___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Oops sorry that was a mistake
It can be removed from the mailing list's archive, but it's already out there on people's mail servers. On September 21, 2019 7:10:31 PM UTC, Tony Su wrote: >Can that message be recalled or deleted ? -- Sent from my mobile device. Please excuse my brevity.___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Fedora 30 EOL
On Thursday, May 28, 2020 10:46:18 PM MST Samuel Sieb wrote: > On 5/28/20 9:19 PM, John M. Harris Jr wrote: > > > It's quite possible that Suvayu Ali is one of the many users that cannot > > install Fedora 31, because it doesn't work on their hardware. Fedora 30 > > was the last release to support i686, so many users are now stuck there > > forever, unless they move to another distro entirely. > > > If it's a 32-bit issue then it has become irrelevant anyway since that > is no longer supported in Fedora. I fail to see how. That Fedora doesn't support it anymore doesn't mean that these situations stopped existing. > I have a computer mounted on my wall that used to run Fedora. It has a > Cyrix Geode processor and a few years ago Fedora was no longer suitable > for it. I didn't fuss at Fedora about that, technology moves on. I > switched to buildroot instead, which works much better. Technology has not "moved on". These systems are still completely viable, they're just not supported by Fedora anymore. > Please accept that the decision has been made and other major distros > are doing the same. Stop bringing it up all the time. If you really > have a device that can only do 32-bit, there are still other options. Yes, the other option would be to move to Debian or find another rpm-based distro that still supports 32 bit. All of this because Fedora decided to do what seems to be so common recently, dropping what still works well. This hurts our community. This hurts our users. It'd be one thing to make it so that QA requirements were effectively dropped on 32 bit, but there was no real reason to drop 32 bit support. It still worked, and quite well. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: what's the plan for Fedora 78?
On Monday, July 20, 2020 6:36:35 AM MST SternData wrote: > According to Thunderbird.net, "Thunderbird version 78.0 is only offered > as direct download from thunderbird.net and not as an upgrade from > Thunderbird version 68 or earlier." > > -- https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/ > > What's the plan for Thunderbird in the Fedora repo going forward? We're still on Fedora 32. Come back in 23 years, and we'll see about Fedora 78. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: what's the plan for Fedora 78?
On Monday, July 20, 2020 8:27:34 AM MST SternData wrote: > On 7/20/20 8:40 AM, John M. Harris Jr wrote: > > On Monday, July 20, 2020 6:36:35 AM MST SternData wrote: > >> According to Thunderbird.net, "Thunderbird version 78.0 is only offered > >> as direct download from thunderbird.net and not as an upgrade from > >> Thunderbird version 68 or earlier." > >> > >> -- https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/ > >> > >> What's the plan for Thunderbird in the Fedora repo going forward? > > > > We're still on Fedora 32. Come back in 23 years, and we'll see about > > Fedora > > 78. > > AARGH meant to type "for Thunderbird 78". DAMMIT! No worries, I figured as much, but figured that'd be an amusing response. As for the Thunderbird package, it's probably going to remain, but there's no telling how it'll handle the upgrade path. I'll look into the package for you later, to see if it's already in the spec, if nobody does so while I'm at work. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Random module?
I installed `fish` with `dnf install fish`, but somehow I ended up getting a module? Anyone know what's going on there? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Random module?
On Monday, October 21, 2019 2:20:37 AM MST Ed Greshko wrote: > On 10/21/19 5:06 PM, John M. Harris Jr wrote: > > > I installed `fish` with `dnf install fish`, but somehow I ended up getting > > a module? Anyone know what's going on there? > > > > > > > Explained here https://docs.fedoraproject.org/en-US/modularity/ I know what Modularity is, but why in the world was I given a module? I didn't specify that I wanted to install a module. I wanted a normal package. Is there a way to fix that, and get a regular package? Am I now stuck on this version of the module forever? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Silly Web UI on Server?
Does anyone know if it's possible to install the Server spin without getting Cockpit? I like the hardware support group, but I have no idea why I don't get an option to turn off that useless web UI. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Silly Web UI on Server?
On Saturday, November 2, 2019 2:19:22 AM MST Ed Greshko wrote: > On 11/2/19 3:47 PM, John M. Harris Jr wrote: > > > Does anyone know if it's possible to install the Server spin without > > getting Cockpit? I like the hardware support group, but I have no idea > > why I don't get an option to turn off that useless web UI. > > > Not nice to denigrate the work of people who've worked to provide a > service. Also, you may not like it but to label what others may find > useful is also not called for. > > Now, would you find it sufficient to simply do > > systemctl disable cockpit.socket > > Or is something else a bother to you? > > -- > The key to getting good answers is to ask good questions. A process wasting CPU cycles and RAM is not something that I find to be useful in the least, especially not on a system running from two flash drives in RAID1 on one of Dell's 11th generation servers. I'm sure some people, perhaps those who don't know how to manage a system themselves, would find this useful. For them, perhaps it'd be nice to have an option to pull in that bloat. It is not useful to me, and I'm sure others feel the same way. That people worked on it does not make it useful. I'm sorry if people disagree with this, but it is the reality of the situation. Regardless, disabling it did help, but I'd like to remove all of the bloat if possible. Is it tied in to a common package in the Server spin, like some things in GNOME are, or will removing the `cockpit` package not attempt to take half of the system with it? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Silly Web UI on Server?
On Saturday, November 2, 2019 1:43:37 AM MST Peter Boy wrote: > > Am 02.11.2019 um 08:47 schrieb John M. Harris Jr : > > > > ... I have no idea why I don't get > > an option to turn off that useless web UI. > > > > Maybe because a lot of users regard Cockpit as useful or handy ? > > > BTW, do you know about these: > https://www.sightwordsgame.com/speaking/common-courtesy/. ? It's possible that some people find it to be useful. I do not, and I don't think many people that are running this software on actual server hardware would either. I'm sorry if you don't like my wording, but I just want to remove something which is just useless bloat on my system. It is not only not useful to me, but is actively degrading the performance of my installation. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Silly Web UI on Server?
On Saturday, November 2, 2019 12:16:46 PM MST Samuel Sieb wrote: > On 11/2/19 12:47 AM, John M. Harris Jr wrote: > > > Does anyone know if it's possible to install the Server spin without > > getting Cockpit? I like the hardware support group, but I have no idea > > why I don't get an option to turn off that useless web UI. > > > Did yours come enabled by default? I get the following message when I > log in: > Activate the web console with: systemctl enable --now cockpit.socket > > However, if you want to remove it, just run: > dnf remove --noautoremove cockpit* Yep, came enabled by default. Thanks! I'll have to remember that option. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Silly Web UI on Server?
To quote your signature, > The key to getting good answers is to ask good questions. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Silly Web UI on Server?
On Saturday, November 2, 2019 7:50:59 PM MST Gordon Messmer wrote: > On 11/2/19 11:52 AM, John M. Harris Jr wrote: > > > It is not only not > > useful to me, but is actively degrading the performance of my > > installation. > > > Out of curiosity, how did you measure the performance impact of cockpit? > > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List > Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List > Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org The issue was not as much the CPU time as the I/O impact. This system was running on a RAID1 config of two USB 2.0 thumbdrives on the internal USB slots of an 11th gen Dell server. The performance impact was determined using `iostat` both before and after disabling the service. By the way, both cockpit.service and cockpit.socket were enabled by default. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: F31 Eclipse-platform won't install, dnf --skip-broken ?
On Saturday, December 14, 2019 4:12:23 PM MST linux guy wrote: > It worked. > > # dnf module enable eclipse:latest > Last metadata expiration check: 1:01:55 ago on Sat 14 Dec 2019 03:08:00 PM > MST. > Dependencies resolved. > The operation would result in switching of module 'eclipse' stream > '2019-06' to stream 'latest' > Error: It is not possible to switch enabled streams of a module. > It is recommended to remove all installed content from the module, and > reset the module using 'dnf module reset ' command. After you > reset the module, you can install the other stream. > [root@Brix me]# dnf module reset eclipse > Last metadata expiration check: 1:02:33 ago on Sat 14 Dec 2019 03:08:00 PM > MST. > Dependencies resolved. > > === Package Architecture > Version > Repository Size > > === Resetting modules: > eclipse > > > Transaction Summary > > === > > Is this ok [y/N]: y > Complete! > [root@Brix me]# dnf module enable eclipse:latest > Last metadata expiration check: 1:02:46 ago on Sat 14 Dec 2019 03:08:00 PM > MST. > Dependencies resolved. > > === Package Architecture > Version > Repository Size > > === Enabling module streams: > eclipselatest > > > Transaction Summary > > === > > Is this ok [y/N]: y > Complete! > [root@Brix me]# dnf install eclipse-platform > Last metadata expiration check: 1:03:05 ago on Sat 14 Dec 2019 03:08:00 PM > MST. > Dependencies resolved. > > > On Sat, Dec 14, 2019 at 4:07 PM Ed Greshko wrote: > > On 2019-12-15 04:04, linux guy wrote: > > > Seems the eclipse-paltform package has a broken dependency, > > > > glassfish-el. > > > > > # uname -a > > > Linux Brix 5.3.15-300.fc31.x86_64 #1 SMP Thu Dec 5 15:04:01 UTC 2019 > > > > x86_64 x86_64 x86_64 GNU/Linux > > > > > dnf install eclipse-platform > > > > > > Error: > > > Problem: conflicting requests > > > > > > - package eclipse-platform-1:4.12-6.module_f31+6165+9b01e00c.x86_64 > > > > requires glassfish-el >= 3.0.1, but none of the providers can be installed > > > > > - package glassfish-el-3.0.1-0.12.b08.module_f31+6519+12cd0b27.noarch > > > > is filtered out by modular filtering > > > > > - package glassfish-el-3.0.1-0.12.b08.module_f31+6793+1c93c38e.noarch > > > > is filtered out by modular filtering > > > > > - package glassfish-el-3.0.1-0.11.b08.fc31.noarch is filtered out by > > > > modular filtering > > > > > (try to add '--skip-broken' to skip uninstallable packages) > > > > Do > > > > dnf module enable eclipse:latest > > dnf install eclipse-platform Please note that your installation is most likely going to have other package issues now, as a result of re-enabling the eclipse module, which was recently disabled because of a package collision with normal packages. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: virt-fs coming soon?
On Sunday, December 15, 2019 2:59:10 PM MST Chris Murphy wrote: > Hi Cole, > > I realize the primary use case is data sharing. Since the resulting > device won't appear as a virtual block device, it couldn't be used as > an OS installation target, at least not in the usual sense. But I > wonder if such a VM could use direct kernel boot, and everything else > goes in a dir or even a Btrfs subvolume? When I think about the > proposed systemd-homed using a LUKS encrypted file on loop mounted at > ~/, and then the default Boxes behavior to create a qcow2 in ~/ - > that's three layers of file systems, potentially. I like the idea of > eliminating one or two of those, if there's a significant performance > advantage of virtio-fs over using either raw or qcow2 files. Yeah, you could do direct kernel boot so long as your initramfs includes the module that provides virt-fs, and then specify your cmdline such that initramfs would mount virt-fs to /sysroot. Don't you mean two layers of filesystems? With systemd-homed, unless there's even more miscommunication with that than what came up on -devel within the past few weeks, I'd imagine that's using a partition or removable media as a block device for the LUKS container for the home directory? Regardless, it doesn't matter as much as you might expect. I used to think the same, but once your source file is opened from the filesystem, reads specifically are not all that slow, because its metadata will be cached. Looks like Boxes is a GNOME thing, does it give you an option to specify the location of the disks? If not, I'd recommend opening a bug report with GNOME. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: virt-fs coming soon?
On Sunday, December 15, 2019 8:26:42 PM MST Chris Murphy wrote: > The PR and the PDF presentation, the three options are: > 1. Plain dir or subvolume (no encryption) > 2. Per user homes, i.e. ~/ not /home, encrypted using fscrypt(), right > now this means a hard requirement on ext4 > 3. Per user homes, i.e. ~/ not /home, encrypted LUKS2 file mounted on > loop device, this is the preferred/recommended workflow because it's > straightforward to make the user home portable, by dropping it on a > USB stick. Btrfs, ext4, XFS are supported. > > In the case of #3 you've got plausibly three file systems: > A. /home - ostensibly the same as system root, but that's not required. > B. ~/ - LUKS encrypted file on loop mount > C. VM filesystems, inside the qcow2 file that's located somewhere in ~/ > > It's early days, still in code review, and hasn't been merged yet. I'll send an email over to the overlord of systemd, see if anything has changed there, because that's not the best way to implement this, by far. > > Looks like Boxes is a GNOME thing, does it give you an option to specify > > the location of the disks? If not, I'd recommend opening a bug report > > with GNOME. > > GNOME Boxes's target audience is minimal configuration, highly > accessible to regular users. It's not a virt-manager replacement. > While it is managed by libvirtd and thus you can use virsh to edit the > configuration by CLI, since Boxes runs under the user, it doesn't have > permissions to write to /var so the backing file gets stored in I > think ~/.var or maybe ~/.local/share - I forget. Whereas virt-manager > runs as a privileged process and its images go in /var and can't go > anywhere in ~/ Why does GNOME insist on making things absolutely unusable? This is not configuration. It's a very basic option. It's one thing to set a default, another entirely to make it impossible to actually use the thing outside of what GNOME thinks is the most common option. It probably gets stored in ~/.config/boxes or something like that, if it's stored under the user at all. If it's using libvirtd, it's using libvirtd, and so the VM itself is running as a privileged user. virt-manager does NOT run as a privileged user. It's just a libvirtd client, essentially. I imagine Boxes is the same, since you mention it uses libvirtd. virt-manager can use your $HOME, without issue. You may run into issues if libvirtd doesn't have permission to enter your home dir though. Let me see what user that's running as. Oh. It runs as `root`. Yeah, it can access your home directory without issue. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: virt-fs coming soon?
On Sunday, December 15, 2019 11:33:13 PM MST Samuel Sieb wrote: > On 12/15/19 8:17 PM, John M. Harris Jr wrote: > > > virt-manager can use your $HOME, without issue. You may run into issues > > if > > libvirtd doesn't have permission to enter your home dir though. Let me > > see > > what user that's running as. > > > > Oh. It runs as `root`. Yeah, it can access your home directory without > > issue. > > Actually, no it can't. qemu runs as the qemu user. Also, it can only > access files with the right selinux permissions. For example, if you > try to add an .iso file from your home directory, virt-manager will ask > you if it should change the permissions on the file. > The new permissions are: > -rw-r--r--. 1 qemu qemu system_u:object_r:virt_content_t:s0 > The odd thing is if you say no to the changing permission, you will find > that the file is now owned by root instead! Ah, I didn't check to see what the qemu processes were running as, only the libvirtd process. Good point. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: What is better a 2nd drive for Raid 1 or a backup one?
On Thursday, December 26, 2019 11:32:53 AM MST Chris Murphy wrote: > On Tue, Dec 24, 2019 at 12:48 PM Javier Perez wrote: > > > > > > > Hi > > I have my /home partition on a 2TB HDD drive about half full. Should be > > doing regular backups but not in the habit. > > > > > > > What is better? > > A. Purchase a second 2TB to create a Raid1 mirror or > > B. Purchase a second 4TB drive for backup purposes. > > > If you care about the data at all, then B is the top priority. This is not good advice, given the tone. Option A is fine, if you're more worried about hardware faults with the 2TB HDD you currently have. Option B is best if you're more concerned about other issues. - - John M. Harris, Jr. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Did I kill it?
On Saturday, December 28, 2019 1:50:34 PM MST Joe Zeff wrote: > On 12/28/2019 12:36 PM, Tom Horsley wrote: > > > Did I zap something on the video card? It worked > > fine in the old computer. (No video problems). > > > If it did get zapped, which I doubt, the new mobo did it, not anything > in the software. I won't say it's impossible, but it's hard to see how > any bug that severe would have gotten past testing. Well, we're talking about nvidia here, not nouveau.. It's not tested on Fedora, and not supported to begin with. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: What is better a 2nd drive for Raid 1 or a backup one?
On Thursday, December 26, 2019 2:54:25 PM MST Chris Murphy wrote: > On Tue, Dec 24, 2019 at 2:56 PM Cameron Simpson wrote: > > > > > > > Oh yes, one more thing. If you do the RAID1 thing: either make a shiny > > new RAID1 and copy to it, or practice the transition with test drives. > > Do not risk your high value data by trying to "in place RAID1" it. > > > I'm not sure if this is even possible with mdadm or lvm. For sure they > have no way of knowing which mirror is correct. But even if it's > possible, it's a bit complicated because it implies repartitioning in > order to make room for the necessary metadata area. > > Whereas converting a Btrfs volume from single to raid1 uses balance > code, so it isn't any riskier than a full balance. It is possible with mdadm, and is even easier with lvm as you're just converting to a mirror. With mdadm, you'd create the RAID1 with 'missing' for the first disk, and the disk itself for the 2nd. It's not risky if you do it this way. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: What is better a 2nd drive for Raid 1 or a backup one?
On Sunday, December 29, 2019 12:54:48 PM MST Chris Murphy wrote: > On Sat, Dec 28, 2019 at 2:01 PM Roberto Ragusa > wrote: > > > > > > On 12/26/19 10:54 PM, Chris Murphy wrote: > > > > > On Tue, Dec 24, 2019 at 2:56 PM Cameron Simpson wrote: > > > > > >> > > >> > > >> Oh yes, one more thing. If you do the RAID1 thing: either make a shiny > > >> new RAID1 and copy to it, or practice the transition with test drives. > > >> Do not risk your high value data by trying to "in place RAID1" it. > > > > > > > > > > > > I'm not sure if this is even possible with mdadm or lvm. For sure they > > > have no way of knowing which mirror is correct. But even if it's > > > possible, it's a bit complicated because it implies repartitioning in > > > order to make room for the necessary metadata area. > > > > > > > > The "which copy is correct" problem is solvable: > > 1) you can create a 1-disk RAID1 on the partition with the correct data > > (it will tell you your config is stupid but you can force it) > > 2) you then tell mdadm to change the number of drives to 2 (mdadm > > --grow); > > this will be a 2-disk RAID1 working in 1-disk degraded mode > > 3) you then tell mdadm you have a new drive for that RAID1 (mdadm --add); > > sync from 1st disk to 2nd will begin > > > > > > > > The metadata area problem is a bit tricky, but it is not necessary > > to repartition, just make your filesystem a bit smaller than it is now. > > So: > > a) unmount the filesystem > > b) resize the filesystem to 100MB smaller (actually you need just a few > > kB, but let's play very very safe, we will get the space back later) > > c) create the RAID etc., the steps described above, so 1) 2) 3) > > d) resize the filesystem without any size parameter (i.e. let it expand > > to > > occupy the 99.9MB of extra space you have on the RAID device) > > > This requires mdadm metadata format 1.0 being explicitly chosen when > creating the array. The default format, 1.2, uses a 4K offset from the > start, the mdadm superblock is 256 bytes, and then there's a ~65MiB > gap before the start of the array. > > > > > In any phase after 1) you can also mount the filesystem again (from > > /dev/md*), since all the rest can be done on a mounted filesystem (no > > problem with d) too).> > > > > > > There are some things to notice: > > - step b) requires a filesystem that supports shrinking; this can be done > > with ext4 but it is not supported on xfs (BTW, this is why I refuse to > > consider xfs a serious filesystem) > > - step d) can be done on both a mounted or unmounted filesystem for ext4 > > but can only be done on a mounted fileystem ox xfs (another reason why I > > do not like xfs) > > - RAID creation in step 1) must be done with a --metadata option that > > forces the metadata at the END of the space (so 0.90 or 1.0), since you > > are not going to shift all your data forward to have space at the > > beginning > > > > > > > > At the end of day, it can be done, but you really have to know what you > > are doing, a small error can lead to a disaster. I would do that only on > > data I have a backup already, or at least I would try all the procedure > > on a small test filesystem before doing it on the real stuff. > > > It could be easier and safer to do this with LVM: pvcreate-> vgextend > -> lvconvert. > > However, by default, the installer uses all the VG space for root, > home, and swap. And LVM itself doesn't hold any space in reserve for > future use by lvconvert, not for convert from thick to thin > provisioning, or from linear to raid type. The lvconvert to type raid1 > needs to create metadata subvolumes on each physical device or the > lvconvert command fails. So yeah you probably end up needing to do an > fs shrink here too, and it rapidly gets esoteric. You could swapoff, > blow away the swap LV, do the lvconvert, and create a new (very > slightly smaller) swap LV and format it - that way you don't have to > unmount any ext4 volumes. > > In comparison, this is a lot more straightforward on Btrfs. > > -- > Chris Murphy If that's the case for LVM, then it seems that mdadm would be the easier and safer option. You simply create an array with a missing disk, copy the data over, then add the existing disk to the array. - - John M. Harris, Jr. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: What is better a 2nd drive for Raid 1 or a backup one?
On Thursday, January 2, 2020 9:47:44 AM MST Bruno Wolff III wrote: > On Tue, Dec 31, 2019 at 17:05:41 -0700, > > "John M. Harris Jr." wrote: > >If that's the case for LVM, then it seems that mdadm would be the easier > >and safer option. You simply create an array with a missing disk, copy the > >data over, then add the existing disk to the array. > > If you copy block by block, you still need to make sure you have room for > the metadata and the filesystem. If you are thinking about using cp, then > you need to worry about sparse and special files and maybe hard links. The way I'd personally handle it would depend on how the original system was partitioned. For example, you can safely take a few MiB off a new swap partition, or shrink a filesystem. > Note you can also use partitions for arrays rather than a whole disk. > > Also note that raid doesn't replace backups. There are others ways to > wreck your data than having a disk drive fail. I mentioned this in my earlier reply to the thread. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 1:21:08 PM MST home user wrote: > (on 02/20/2020 1:11pm mountain time, Jack said) > > > router logs help me... > > My system is isp -> modem -> workstation. No router at this time. Are you running "GNOME Workstation" on that system? If so, I would recommend changing the firewall zone immediately, as everything on your system is currently open to the internet as a whole if you're running the default. The GNOME Spin does not consider security. Please be aware of this when running the GNOME Spin, as it affects any open network as well. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 8:06:56 PM MST John M. Harris Jr wrote: > On Thursday, February 20, 2020 1:21:08 PM MST home user wrote: > > > (on 02/20/2020 1:11pm mountain time, Jack said) > > > > > > > router logs help me... > > > > > > My system is isp -> modem -> workstation. No router at this time. > > > Are you running "GNOME Workstation" on that system? If so, I would recommend > changing the firewall zone immediately, as everything on your system is > currently open to the internet as a whole if you're running the default. > The GNOME Spin does not consider security. Please be aware of this when > running the GNOME Spin, as it affects any open network as well. > -- > John M. Harris, Jr. > Splentity To further clarify, if you are using the GNOME variant of Fedora, the commands you'll need to run are: Step 1: `sudo firewall-cmd --set-default-zone=public` After this, you'll want to get the name of the primary interface. You can do this with a few commands, I recommend `ip link`. It will likely begin with 'enp', for example, 'enp0s1'. Then you would run the following command with that interface name: `sudo firewall-cmd --change-interface=enpXsY --zone=public` For example, `sudo firewall-cmd --change-interface=enp0s1 --zone=public' This exact scenario is why I don't believe the GNOME Spin should have ever been allowed to effectively disable the firewall with their absurd FedoraWorkstation firewall zone. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 9:14:24 PM MST home user wrote: > (on 02/20/2020 8:17pm mountain time, John said) > > > > (if using Gnome...) > > Step 1: `sudo firewall-cmd --set-default-zone=public` > > > -bash.16[~]: firewall-cmd --set-default-zone=public > Warning: ZONE_ALREADY_SET: public > success > -bash.17[~] > > > > After this, you'll want to get the name of the primary interface. > > You can do this with a few commands, I recommend `ip link`. > > It will likely begin with 'enp', for example, 'enp0s1'. > > > -bash.17[~]: ip link > 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode > DEFAULT group default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > 2: eno1: mtu 1500 qdisc fq_codel state > UP mode DEFAULT group default qlen 1000 > link/ether 30:85:a9:97:53:7e brd ff:ff:ff:ff:ff:ff > 3: virbr0: mtu 1500 qdisc noqueue > state DOWN mode DEFAULT group default qlen 1000 > link/ether 52:54:00:ca:4d:bd brd ff:ff:ff:ff:ff:ff > 4: virbr0-nic: mtu 1500 qdisc fq_codel master > virbr0 state DOWN mode DEFAULT group default qlen 1000 > link/ether 52:54:00:ca:4d:bd brd ff:ff:ff:ff:ff:ff > -bash.18[~]: ip link | grep enp > -bash.19[~]: > > Nothing starting with "enp". So what is the interface name that I > should use in the second firewall-cmd? On your system, it'd be `eno1`. -- John M. Harris, Jr. Splentity signature.asc Description: This is a digitally signed message part. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 10:39:06 PM MST Samuel Sieb wrote: > On 2/20/20 11:46 AM, home user wrote: > > > (F-30; Gnome; stand-alone home workstation) > > > > Sometime last year, I saw an article that talked about a tool that > > quickly and easily shows attempts to hack in to a computer. I think it > > was either in the Fedora magazine or Gnome's website. I've since made > > multiple attempts to find that article, but failed. I'm needing to > > check for hack-in attempts (something I suppose I should do > > quazi-periodically anyway). What is the tool/application to do that? If > > such a tool/application does not exist, then what is the best way for me > > to do that? > > > Given that you are behind a router, the chance of any direct hacking > attempts is extremely unlikely. Even if you went on a public wifi, you > are only "at risk" from the other users at your current location (unless > it's a wider network like some places have). He explicitly stated he is NOT behind a router. Hence my advice, because of GNOME spin's horrible default firewall. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 10:44:16 PM MST Ed Greshko wrote: > On 2020-02-21 13:34, Samuel Sieb wrote: > > > On 2/20/20 7:47 PM, Ed Greshko wrote: > > > >> Oh, never mind. Wrong system. The "default" rules for > >> FedoraWorkstationso seem "odd". > > > > > > > Not really. > > > > > > > >> [root@f31m ~]# firewall-cmd --info-zone=FedoraWorkstation > >> FedoraWorkstation > >>target: default > >>icmp-block-inversion: no > >>interfaces: > >>sources: > >>services: dhcpv6-client samba-client ssh > >>ports: 1025-65535/udp 1025-65535/tcp > > > > > > > > Any critical system daemons are 1024 and below. The reason the high ports > > are left open is for user applications to be able to communicate without > > users having to figure out the firewall. > > Yeah, which is the reason for quotes around odd. > > I understand the reasoning to make it easier on users. It is just something > I wouldn't have done. I can envision someone configuring a service to run > on the higher ports which can be compromised and then disables selinux > because they run into it trying to protect them. > Maybe I shouldn't pity them. :-) It's not just odd, it's a security nightmare. Processes running directly as the user have more privileges than most daemons, in fact. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Friday, February 21, 2020 8:07:15 AM MST Tim via users wrote: > On Thu, 2020-02-20 at 21:34 -0800, Samuel Sieb wrote: > > > Any critical system daemons are 1024 and below. The reason the high > > ports are left open is for user applications to be able to > > communicate without users having to figure out the firewall. > > > Beyond the usual (HTTP, mail, DNS servers, etc), what is the average > non-admin user going to set up that listens as a server? Admin-users > setting up those traditional services ought to know how to manage > firewalls, or they ought not to mess around with those services. > > Thanks to the forever moving target closed-source things like ICQ, MSN, > Yahoo messenger (some of which have gone by the way of the dodo), there > isn't much in the way of Linux-based clients for those kind of things > that need to have listening ports. > > I can only think of something like bitorrent, which doesn't seem to > need you to poke holes in your firewall. > > -- > > uname -rsvp > Linux 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64 > > Boilerplate: All unexpected mail to my mailbox is automatically deleted. > I will only get to see the messages that are posted to the mailing list. Most likely, many services, entirely unknowingly, as their own user. I have no idea what led the GNOME folks into believing it was a good idea to open up EVERYTHING above 1024. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Thursday, February 20, 2020 11:19:11 PM MST Samuel Sieb wrote: > You generally have to ask the ISP to switch the > modem to bridge mode, which I do so I can run my own gateway server. Actually, you can normally do that yourself. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Friday, February 21, 2020 7:17:33 PM MST Tim via users wrote: > Tim: > > >> Beyond the usual (HTTP, mail, DNS servers, etc), what is the average > >> non-admin user going to set up that listens as a server? Admin- > >> users setting up those traditional services ought to know how to > >> manage firewalls, or they ought not to mess around with those > >> services. > > > Samuel Sieb: > > > There are a variety of things like file sharing (webdav), media > > sharing (dlna), remote desktop, various 3rd party or proprietary > > software, etc. > > > So, why can't the installation of those applications automatically > include an appropriate firewall rule? Better to allow a controlled > opening, rather than just open-slather. > > -- > > uname -rsvp > Linux 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64 > > Boilerplate: All unexpected mail to my mailbox is automatically deleted. > I will only get to see the messages that are posted to the mailing list. They do come with firewall rules, see /usr/lib/firewalld/services. They aren't enabled automatically, of course, because it's up to the end-user whether or not it should be available on a given interface. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Saturday, February 22, 2020 5:11:49 AM MST Louis Lagendijk wrote: > On Fri, 2020-02-21 at 13:15 -0700, home user wrote: > > > (On 2020-0221 10:51pm, Ed wrote) > > > > > BTW, if you do an "ip -6 add show eno1" > > > do the numbers a358:d643 appear in the output? > > > > > > -bash.1[~]: ip -6 add show eno1 > > 2: eno1: mtu 1500 qdisc fq_codel > > state > > UP group default qlen 1000 > > > > inet6 2001:558:6040:5d:9d66:dfa1:a358:d643/128 scope global > > > > dynamic > > noprefixroute > > > > valid_lft 342949sec preferred_lft 342949sec > > > > inet6 fe80::3285:a9ff:fe97:537e/64 scope link noprefixroute > > > > valid_lft forever preferred_lft forever > > > > -bash.2[~]: > > > > So the answer is yes. > > > > (responding to related comments) > > (Samuel (11:19pm)) > > > > > But most people don't realize that their ISP modem is also a > > > > router. > > I don't think my modem is also a router, but I'm not sure. It's an > > Arris model TM822G, self-purchased (not rented from the ISP). > > > > > What kind of IPv4-address do you get? The public IP or an RFC1918 > (192.168.x.y or 10.x.y.z or 172.16.x.y): if it is the public IP the > modem likely does not do the firewall as it does not do NAT. > A quick check of the Arris manual seems to suggest that it does not > have a firewall and it seems to handout ISP addresses directly. We've already confirmed, earlier in the thread, that it's on a public IP. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts. [SOLVED]
On Saturday, February 22, 2020 8:03:22 PM MST home user wrote: > The original desire for a way to occasionally check for hack-in attempts > is satisfied by the 2 commands "lastb" and "last" suggested by Ed. > Other related issues came up in this thread; I trust that they've been > addressed. My sense is that my firewall is as it should be. The > suggestions fail2ban, Wireshark, and OSSEC strike me as overkill, and > difficult for a non-sysadmin non-security person, so I'm passing on those. > > Patching the workstation (I do that weekly) and upgrading > (semi-annually) could change things like the firewall without me > knowing. I've known these to create new groups and log-in names. Thus > the desire to be able to occasionally check things (beyond what > chkrootkit and rkhunter do). I've also been getting a lot of e-mails > from addresses ending with ".ng" which are not spam (advertising) but > probably are malicious (not sure; I just delete them). Recently, I've > also started getting messages from addresses ending in "qq.com" > (normally those would be from China) just like the ".ng" messages. > These ".ng" and ".qq.com" messages have html attachments. There are > other subtle hints of trouble. So I hope you understand my concern, and > some desire to keep an eye on things. > > I thank the 9 list members who contributed to this thread for their time > and effort helping me. I've marked this thread "SOLVED". But I will > continue to watch it for further posts. > > Bill. Glad to hear it. A quick note, Fedora Workstation (what I refer to as the "GNOME Spin") may send out an update which resets your firewall to their defaults, which would open you back up to attacks. I'll pass this along, and hopefully we can get a more sane firewall into Fedora's GNOME experience within the year.. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts. [SOLVED]
On Saturday, February 22, 2020 8:17:01 PM MST Samuel Sieb wrote: > On 2/22/20 7:07 PM, John M. Harris Jr wrote: > > > Glad to hear it. A quick note, Fedora Workstation (what I refer to as the > > "GNOME Spin") may send out an update which resets your firewall to their > > defaults, which would open you back up to attacks. I'll pass this along, > > and hopefully we can get a more sane firewall into Fedora's GNOME > > experience within the year.. > > > I guarantee that the firewall will not be changing. It has been > discussed at length in the past and that is what was decided on. Your > opinion on it is noted, but will not change anything. If it has been discussed at length, then you'd know that it makes no sense to open all of the ports that firewall zone opens. You've seen a real-world example of the harm that firewall zone causes in this very thread. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts. [SOLVED]
On Saturday, February 22, 2020 8:38:38 PM MST Samuel Sieb wrote: > On 2/22/20 7:34 PM, John M. Harris Jr wrote: > > > On Saturday, February 22, 2020 8:17:01 PM MST Samuel Sieb wrote: > > > >> On 2/22/20 7:07 PM, John M. Harris Jr wrote: > >> > >> > >> > >>> Glad to hear it. A quick note, Fedora Workstation (what I refer to as > >>> the > >>> "GNOME Spin") may send out an update which resets your firewall to > >>> their > >>> defaults, which would open you back up to attacks. I'll pass this > >>> along, > >>> and hopefully we can get a more sane firewall into Fedora's GNOME > >>> experience within the year.. > >> > >> > >> > >> > >> I guarantee that the firewall will not be changing. It has been > >> discussed at length in the past and that is what was decided on. Your > >> opinion on it is noted, but will not change anything. > > > > > > If it has been discussed at length, then you'd know that it makes no sense > > to open all of the ports that firewall zone opens. You've seen a > > real-world example of the harm that firewall zone causes in this very > > thread. > > It makes sense and I didn't see any harm in this thread. Feel free to > bring it up again, but all you'll do is annoy people. It makes absolutely no sense. The ports it opens are all meant to run as the user, the ones that are, arguably, the most sensitive. It opens these on ALL interfaces BY DEFAULT, which is absolutely absurd. This means that everything binding a port as the user winds up open to every network they connect to, unless the end user explicitly goes and changes the firewall zone, which the GNOME UI doesn't even provide a way to do (unless something has changed), the use has to use firewall-cmd or open nm-connection-editor. The harm in this demonstrated in this thread was opening EVERY PROCESS THAT BINDS A PORT AS THE USER to THE ENTIRE INTERNET, on both IPv4 and IPv6. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts. [SOLVED]
On Saturday, February 22, 2020 10:32:19 PM MST Ed Greshko wrote: > On 2020-02-23 11:44, John M. Harris Jr wrote: > > > The harm in this > > demonstrated in this thread was opening EVERY PROCESS THAT BINDS A PORT AS > > THE USER to THE ENTIRE INTERNET, on both IPv4 and IPv6. > > > Except that in this thread there were no processes bound to any higher port > and in LISTEN. Which demonstrates that fixing that horrible policy would not harm users. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: how to detect hack attempts.
On Sunday, February 23, 2020 4:45:55 AM MST Tim via users wrote: > On Sun, 2020-02-23 at 09:56 +0800, Ed Greshko wrote: > > > your IPv4 address is also a Public IP address the same way the IPv6 > > address is. Directly connected to the Internet with no NAT. Also, > > your modem does not have an internal Firewall. Therefore, the > > firewall on your system is vital. > > > I'd say it's even *more* vital that if you run any services (SSH, mail, > FTP, HTTP, DNS, etc), that you configure them securely, than rely on a > firewall to protect them. > > e.g. If you ran a test webserver, but didn't intend to serve it to the > WWW, then you'd configure the test webserver to only listen to internal > addresses/interfaces. Likewise with any other server that you don't > intend to be externally accessible. > > I've watched someone (albeit on Windows) get hacked 4 seconds after > connecting to the internet, several times in a row. But the > principal's the same, no matter what OS (flaws exist that you don't > know about). And asshats are continually trying to get it. > > Dropping a firewall to test something is something that a lot of people > will do, but isn't something you'd want to do if you couldn't trust all > your services to protect themselves. And there's no safe time period > that you can get away with momentarily dropping one. The defaults for SSH are "good enough", you can't reasonably expect every user to only use ed25519, key exchange, limit ciphers, MACs and KexAlgorithms. As for mail, FTP, DNS, web servers, these are not installed by default. If the user installs them, the user will likely be able to figure out how to configure them. As for dropping the firewall, it's fine to drop the firewall temporarily if you're on an airgapped network, or if you're on a trusted network that enforces a firewall between you and a WAN and disallows unknown devices from connecting. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
/etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
Anyone know if this is just broken now, and what the workaround is if so? I'm fine manually setting it on boot for now, but this is causing a lot of issues.. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 2:50:27 PM MST Samuel Sieb wrote: > On 5/6/20 2:46 PM, John M. Harris Jr wrote: > > > Anyone know if this is just broken now, and what the workaround is if so? > > I'm fine manually setting it on boot for now, but this is causing a lot > > of issues.. > > > Are you using NetworkManager or something else? > What do you mean they aren't being read? What is happening or not > happening? I'm using NetworkManager. The interface is present, with the correct name, but didn't get an IP address assigned. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
nothing provides module platform:f31
So, apparently GIMP is a module now, which I wasn't aware of before.. Upon attempting to update to F32 on a workstation, I'm running into: nothing provides module(platform:f31) needed by module gimp: 2.10:3120191106095052:f636be4b-0.x86_64 I can just --skip-broken on this one, but is there something to this that I'm not aware of that will resolve the dependency issue, or is another instance where Modularity has broken Fedora's repos? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 3:01:28 PM MST Tom Horsley wrote: > On Wed, 06 May 2020 14:46:35 -0700 > John M. Harris Jr wrote: > > > > Anyone know if this is just broken now, and what the workaround is if so? > > I'm fine manually setting it on boot for now, but this is causing a lot > > of issues.. > > > > > Probably don't have network-scripts installed. Ever since about fedora > 29 I think they haven't shipped network-scripts by default, you have > to fetch them via: > > dnf install network-scripts > > (which can be tricky if you have no network :-). > > I finally gave up and after a monster struggle got my networking > functioning with just NetworkManager when I installed fedora 32. This solved it, thank you! -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 3:01:28 PM MST Tom Horsley wrote: > On Wed, 06 May 2020 14:46:35 -0700 > John M. Harris Jr wrote: > > > > Anyone know if this is just broken now, and what the workaround is if so? > > I'm fine manually setting it on boot for now, but this is causing a lot > > of issues.. > > > > > Probably don't have network-scripts installed. Ever since about fedora > 29 I think they haven't shipped network-scripts by default, you have > to fetch them via: > > dnf install network-scripts > > (which can be tricky if you have no network :-). > > I finally gave up and after a monster struggle got my networking > functioning with just NetworkManager when I installed fedora 32. While this did solve it, I wonder why it was working in F31, but stopped in F32, if that was the issue. There should probably be a warning upon upgrade, or something like that, because using /etc/sysconfig/network-scripts is not at all uncommon.. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 3:19:42 PM MST Samuel Sieb wrote: > On 5/6/20 3:10 PM, John M. Harris Jr wrote: > > > On Wednesday, May 6, 2020 2:50:27 PM MST Samuel Sieb wrote: > > > >> On 5/6/20 2:46 PM, John M. Harris Jr wrote: > >> > >> > >> > >>> Anyone know if this is just broken now, and what the workaround is if > >>> so? > >>> I'm fine manually setting it on boot for now, but this is causing a lot > >>> of issues.. > >> > >> > >> > >> > >> Are you using NetworkManager or something else? > >> What do you mean they aren't being read? What is happening or not > >> happening? > > > > > > I'm using NetworkManager. The interface is present, with the correct name, > > but didn't get an IP address assigned. > > > My ethernet port is called enp0s25, change the following command as > necessary. Run "nmcli c show enp0s25" to see what NetworkManager knows > about the connection. See if there's anything missing. Apparently, nothing.. "no such connection profile". That's pretty odd, this was configured using NetworkManager in the Anaconda GUI. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 3:21:46 PM MST Samuel Sieb wrote: > On 5/6/20 3:15 PM, John M. Harris Jr wrote: > > > On Wednesday, May 6, 2020 3:01:28 PM MST Tom Horsley wrote: > > > >> On Wed, 06 May 2020 14:46:35 -0700 > >> John M. Harris Jr wrote: > >> > >>> Anyone know if this is just broken now, and what the workaround is if > >>> so? > >>> I'm fine manually setting it on boot for now, but this is causing a > >>> lot > >>> of issues.. > >> > >> > >> > >> Probably don't have network-scripts installed. Ever since about fedora > >> 29 I think they haven't shipped network-scripts by default, you have > >> to fetch them via: > >> > >> > >> > >> dnf install network-scripts > >> > >> > >> > >> (which can be tricky if you have no network :-). > >> > >> > >> > >> I finally gave up and after a monster struggle got my networking > >> functioning with just NetworkManager when I installed fedora 32. > > > > > > While this did solve it, I wonder why it was working in F31, but stopped > > in F32, if that was the issue. There should probably be a warning upon > > upgrade, or something like that, because using > > /etc/sysconfig/network-scripts is not at all uncommon.. > > > You installed "network-scripts" and that made it work? That package is > deprecated and going away soon. You should make sure it works without that. Well, that's just more confusing as it turns out.. I configured this one with the GUI in Anaconda, but this is where it put the connection info. The only thing I've got in /etc/NetworkManager/system-connections/ is a VPN configuration. I installed this system as F31 via KDE Spin's installer, if that makes a difference. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 3:59:32 PM MST Samuel Sieb wrote: > On 5/6/20 3:48 PM, Ed Greshko wrote: > > > On 2020-05-07 06:19, Samuel Sieb wrote: > > > >> On 5/6/20 3:10 PM, John M. Harris Jr wrote: > >> > >>> On Wednesday, May 6, 2020 2:50:27 PM MST Samuel Sieb wrote: > >>> > >>>> On 5/6/20 2:46 PM, John M. Harris Jr wrote: > >>>> > >>>> > >>>> > >>>>> Anyone know if this is just broken now, and what the workaround is if > >>>>> so? > >>>>> I'm fine manually setting it on boot for now, but this is causing a > >>>>> lot > >>>>> of issues.. > >>>> > >>>> > >>>> > >>>> > >>>> Are you using NetworkManager or something else? > >>>> What do you mean they aren't being read? What is happening or not > >>>> happening? > >>> > >>> > >>> > >>> I'm using NetworkManager. The interface is present, with the correct > >>> name, but didn't get an IP address assigned. > >> > >> > >> > >> My ethernet port is called enp0s25, change the following command as > >> necessary. Run "nmcli c show enp0s25" to see what NetworkManager knows > >> about the connection. See if there's anything missing. > > > > > I would first run just "nmcli c" to see what the name of the connection > > is. The name is often not equal to the device. > > > Thank you, that's a good point, considering I did exactly that to find > out mine... Useful info, that returned that it is actually managed by NetworkManager, as "Wired connection 1".. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 4:10:56 PM MST John M. Harris Jr wrote: > On Wednesday, May 6, 2020 3:59:32 PM MST Samuel Sieb wrote: > > > On 5/6/20 3:48 PM, Ed Greshko wrote: > > > > > > > On 2020-05-07 06:19, Samuel Sieb wrote: > > > > > > > > >> On 5/6/20 3:10 PM, John M. Harris Jr wrote: > > >> > > >> > > >>> On Wednesday, May 6, 2020 2:50:27 PM MST Samuel Sieb wrote: > > >>> > > >>> > > >>>> On 5/6/20 2:46 PM, John M. Harris Jr wrote: > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>>> Anyone know if this is just broken now, and what the workaround is > > >>>>> if > > >>>>> so? > > >>>>> I'm fine manually setting it on boot for now, but this is causing a > > >>>>> lot > > >>>>> of issues.. > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> Are you using NetworkManager or something else? > > >>>> What do you mean they aren't being read? What is happening or not > > >>>> happening? > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> I'm using NetworkManager. The interface is present, with the correct > > >>> name, but didn't get an IP address assigned. > > >> > > >> > > >> > > >> > > >> > > >> My ethernet port is called enp0s25, change the following command as > > >> necessary. Run "nmcli c show enp0s25" to see what NetworkManager > > >> knows > > >> about the connection. See if there's anything missing. > > > > > > > > > > > > I would first run just "nmcli c" to see what the name of the connection > > > is. The name is often not equal to the device. > > > > > > > > Thank you, that's a good point, considering I did exactly that to find > > out mine... > > > Useful info, that returned that it is actually managed by NetworkManager, as > "Wired connection 1".. Looking into this some more, looks like NetworkManager doesn't recognize that it's associated with an actual device, which I imagine is why it's not coming up on boot.. I may be horribly wrong, I'm not incredibly familiar with NetworkManager. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 4:41:27 PM MST John M. Harris Jr wrote: > On Wednesday, May 6, 2020 4:10:56 PM MST John M. Harris Jr wrote: > > > On Wednesday, May 6, 2020 3:59:32 PM MST Samuel Sieb wrote: > > > > > > > On 5/6/20 3:48 PM, Ed Greshko wrote: > > > > > > > > > > > > > On 2020-05-07 06:19, Samuel Sieb wrote: > > > > > > > > > > > > > > > >> On 5/6/20 3:10 PM, John M. Harris Jr wrote: > > > >> > > > >> > > > >> > > > >>> On Wednesday, May 6, 2020 2:50:27 PM MST Samuel Sieb wrote: > > > >>> > > > >>> > > > >>> > > > >>>> On 5/6/20 2:46 PM, John M. Harris Jr wrote: > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>>> Anyone know if this is just broken now, and what the workaround > > > >>>>> is > > > >>>>> if > > > >>>>> so? > > > >>>>> I'm fine manually setting it on boot for now, but this is causing > > > >>>>> a > > > >>>>> lot > > > >>>>> of issues.. > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> Are you using NetworkManager or something else? > > > >>>> What do you mean they aren't being read? What is happening or not > > > >>>> happening? > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> I'm using NetworkManager. The interface is present, with the > > > >>> correct > > > >>> name, but didn't get an IP address assigned. > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> My ethernet port is called enp0s25, change the following command as > > > >> necessary. Run "nmcli c show enp0s25" to see what NetworkManager > > > >> knows > > > >> about the connection. See if there's anything missing. > > > > > > > > > > > > > > > > > > > > > > > I would first run just "nmcli c" to see what the name of the > > > > connection > > > > is. The name is often not equal to the device. > > > > > > > > > > > > > > > Thank you, that's a good point, considering I did exactly that to find > > > out mine... > > > > > > > > Useful info, that returned that it is actually managed by NetworkManager, > > as > > > "Wired connection 1".. > > > Looking into this some more, looks like NetworkManager doesn't recognize > that it's associated with an actual device, which I imagine is why it's > not coming up on boot.. I may be horribly wrong, I'm not incredibly > familiar with NetworkManager. Well, rebooted and now NetworkManager recognizes that it's enp1s0, and it works without network-scripts installed. Don't know what changed, but I'll take it. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 5:05:10 PM MST Robert Moskowitz wrote: > On 5/6/20 7:13 PM, Samuel Sieb wrote: > > > On 5/6/20 3:55 PM, Tom Horsley wrote: > > > >> On Wed, 6 May 2020 15:34:09 -0700 > >> Samuel Sieb wrote: > >> > >> > >> > >>> I have no network-scripts package, but everything still goes into > >>> /etc/sysconfig/network-scripts. > >> > >> > >> > >> Weird. I thought there was nothing there, at least when I first > >> ran the live image, but it does have files stored there now > >> that I've got everything configured. > > > > > > > > The install process doesn't create any network connections on the > > installed system. > > > I think this is part of firstboot. > > I used my ethernet for install and first manual package installs. I > have a broadcom wifi that I need the broadcom-wl installed so a bit of > chicken and egg. But as I shared I have the network-script files. Sorry, yep it is part of firstboot. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: F32 - terrible background
On Tuesday, May 5, 2020 6:35:15 PM MST Robert Moskowitz wrote: > Ugh. > > And I had the nerve to complain about the F30 background. > > This overly blue and bright background has to go!!! Yeah, it came up on the devel list a few weeks ago, it led users to believe their graphics drivers were having issues. I'm not really surprised it didn't get resolve though. As a plus, it's not the default for KDE Spin, it seems. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Wednesday, May 6, 2020 11:43:59 PM MST Tim via users wrote: > On Wed, 2020-05-06 at 15:42 -0700, John M. Harris Jr wrote: > > > Apparently, nothing.. "no such connection profile". That's pretty > > odd, this was configured using NetworkManager in the Anaconda GUI. > > > When you're installing a system, Anaconda gives you the chance to > manually configure some network details *for* the installation routine > to use during installation. These settings are temporary, they don't > write a configuration for the installed system to use, later on. And > if you're on a network with a DHCP server that will automatically > assign working addresses, you don't have to do anything at this point, > the DHCP system will set things up for you. > > During first boot of the installed system, you're given a chance to > manually control network settings for the newly installed system. > > -- > > uname -rsvp > Linux 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 > > Boilerplate: All unexpected mail to my mailbox is automatically deleted. > I will only get to see the messages that are posted to the mailing list. Odd, I don't think that's ever been the case before. I might be thinking of RHEL/CentOS. I don't use DHCP, but I've never had to do any manual configuration afterwards.. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: /etc/sysconfig/network-scripts/ifcfg-* not read after upgrade to F32
On Thursday, May 7, 2020 10:27:29 PM MST Tim via users wrote: > Tim: > > >> When you're installing a system, Anaconda gives you the chance to > >> manually configure some network details *for* the installation > >> routine to use during installation. These settings are temporary, > >> they don't write a configuration for the installed system to use, > >> later on. And if you're on a network with a DHCP server that will > >> automatically assign working addresses, you don't have to do > >> anything at this point, the DHCP system will set things up for you. > >> > >> > >> > >> During first boot of the installed system, you're given a chance to > >> manually control network settings for the newly installed system. > > > > John M. Harris Jr: > > > Odd, I don't think that's ever been the case before. I might be > > thinking of RHEL/CentOS. I don't use DHCP, but I've never had to do > > any manual configuration afterwards.. > > > I've been using Fedora since before it was Fedora, and CentOS since I > don't know when (several years), it's always been the way I described > it. At first I couldn't figure out why, after carefully configuring > network settings when starting off the the installation, the settings > weren't what I expected them to be. But it didn't take long to find > out that they were only used by the installer routine for itself. > > What's your network comprised of? All systems on my network have static IPs. > In the absense of DHCP, there's autoconfig, where each device randomly > picks an IP out of the link-local 169.254.0.0 to 169.254.255.255 range > of addresses, checks to see if it's not already use, then adopts it, or > cycles through picking another until it finds one that's free. I've never seen that on any Linux distro. Is that what Workstation does? Do you know why? I've always known that to be a Windows thing. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Fedora 32 MTA
On Saturday, May 9, 2020 2:02:11 PM MST Geoffrey Leach wrote: > I noticed that sendmail and mailx are not installed with the basic > workstation. Is there another MTA installed? I hope this is fixed in future Fedora.. This is just silly, though definitely in line with many of the other changes that have been made to Fedora recently. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: FreeIPA Users cannot log in via GDM after upgrade to Fedora 32
On Saturday, May 9, 2020 10:03:39 PM MST Thomas Letherby wrote: > Hello, > > Sorry for not replying earlier, I got caught up in work for the week. > > I confirmed the HBAC rules contained gdm and gdm-password. I don't think > it's FreeIPA though as logins work under F31 just fine, but I patched up > all the servers and still no dice. See anything in /var/log/secure related to the login failing, or does it look like it succeeds, then dump you out of the session? Are other desktop environments effected? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Fedora 32 MTA
On Sunday, May 10, 2020 5:45:43 AM MST George N. White III wrote: > On Sat, 9 May 2020 at 19:11, John M. Harris Jr wrote: > > On Saturday, May 9, 2020 2:02:11 PM MST Geoffrey Leach wrote: > > > I noticed that sendmail and mailx are not installed with the basic > > > workstation. Is there another MTA installed? > > > > I hope this is fixed in future Fedora.. This is just silly, though > > definitely > > in line with many of the other changes that have been made to Fedora > > recently. > > Linux development today is mostly funded by big businesses and > governments. > Large enterprises have tight controls over email for security, legal, and > business > continuity reasons. Those controls could break down if MTA's are installed > by > default without explicit action by administrators.One consequence is a > move > away from using email for status reports (cron, logwatch) towards job > management > tools that provide resource management and scheduling as well as logging > and > status reporting. > > Maybe Fedora will need small business and hobbyist spins. Hi, A default MTA doesn't actually deliver anything externally. It just provides local delivery. If this is met by some other function in Fedora, it's fine not to have it, but it otherwise breaks the traditional model, as you can no longer deliver local mail to local users. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Terminal bleed through?
On Thursday, May 14, 2020 11:42:08 AM MST Christopher Marlow wrote: > What could cause this issue? > > When I open a terminal in FC 32 I see bleed through of my wallpaper as > seen below. > > https://imgur.com/a/EhaLRQu > > See the line right up under the password prompt? > > It will go away if you highlight the line with your mouse or type in > your password and hit enter. Its just kind of annoying to see. > > I just had this start happening after I got this new monitor. > > I didnt have this problem with the 17" monitor. Wayland or Xorg? -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: new release of zoom needed in @system repository.
On Thursday, May 14, 2020 6:49:38 PM MST home user wrote: > I signed in to zoom a short while ago to schedule a meeting, and found the > following three notices: > New Features > Our latest release went live on April 12th. Please subscribe to our blog and > visit our release notes to stay up-to-date on all the latest enhancements > to your account. To update to the latest version of Zoom, visit our > download page. > Important Notice > Please begin updating all your clients to Zoom 5.0 now. After May 30, 2020, > all Zoom clients on older versions will receive a forced upgrade when > trying to join meetings as GCM Encryption will be fully enabled across the > Zoom platform. Click here for more information. > New Features > Our latest release went live on April 7th. Check out our blog to review the > new enhancements for ensuring the security and privacy of your account. To > update to the latest version of Zoom, visit our download page. > Some time ago, at the suggestion of someone in this list, I used dnf to > install zoom on my work station. I just checked with dnf to see what I > currently have: -bash.3[~]: dnf info zoom > Last metadata expiration check: 0:38:48 ago on Thu 14 May 2020 06:49:20 PM > MDT. Installed Packages > Name : zoom > Version : 2.8.252201.0616 > Release : 1 > Architecture : x86_64 > Size : 235 M > Source : zoom-2.8.252201.0616-1.src.rpm > Repository : @System > From repo: @commandline > > No updates are available: > > -bash.4[~]: dnf upgrade zoom > Fedora Modular 31 - x86_64 - Updates 59 kB/s | 17 kB 00:00 >Fedora 31 - x86_64 - Updates 36 kB/s | 11 kB > 00:00 Fedora 31 - x86_64 - Updates909 kB/s | 3.0 MB > 00:03 Dependencies resolved. > Nothing to do. > Complete! > -bash.4[~]: > > Will an update be available via dnf before zoom starts rejecting the release > that I currently have? No, there will not be. Zoom isn't packaged in Fedora. You manually installed it. You'll have to reach out to the vendor for that one. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: new release of zoom needed in @system repository. [SOLVED]
On Friday, May 15, 2020 9:59:16 PM MST Samuel Sieb wrote: > On 5/15/20 6:04 PM, home user wrote: > > >> On 5/15/20 3:26 PM, home user wrote: > >> > >> > >> > >> I expect that would be related to their server side. The files from the > >> zoom rpm are dated April 30. > >> > >> > >> > >> > >> The file times are not related to when they were installed. They are > >> from when the package was built or in the case of files that are not > >> generated during building, it's the data from the original release > >> source. Those times are stored in the rpm and set during install. It > >> also depends on your timezone. My blender.xml has April 11. > >> # ls -l /usr/share/doc/blender/readme.html > >> -rw-r--r--. 1 root root 5266 Feb 13 03:33 > >> /usr/share/doc/blender/readme.html # ls -l > >> /usr/share/mime/packages/blender.xml > >> -rw-r--r--. 1 root root 277 Apr 11 23:41 > >> /usr/share/mime/packages/blender.xml > > > > > > ok. Thank-you, Samuel. > > > > So you're in Pacific time? > > > I wondered if someone would try to work that out. :-) I'm betting MST. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: new release of zoom needed in @system repository. [SOLVED]
On Friday, May 15, 2020 10:08:37 PM MST Samuel Sieb wrote: > On 5/15/20 10:00 PM, John M. Harris Jr wrote: > > > On Friday, May 15, 2020 9:59:16 PM MST Samuel Sieb wrote: > > > >> On 5/15/20 6:04 PM, home user wrote: > >> > >>> ok. Thank-you, Samuel. > >>> > >>> > >>> > >>> So you're in Pacific time? > >> > >> > >> > >> I wondered if someone would try to work that out. :-) > > > > > > I'm betting MST. > > > I guess my answer wasn't clear enough. He was correct. Sorry, I should have clarified what I was getting at. Unless you're in AZ, that wouldn't be the case. To explain, MST doesn't observe daylight savings, so right now we're in sync with Pacific. :) -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Slightly OT: has Firefox scrolling behaviour changed?
On Saturday, May 16, 2020 3:42:42 AM MST Patrick O'Callaghan wrote: > Until recently, Firefox had a feature I really liked and used a lot: if > you clicked anywhere in a scroll bar other than on the slider, it would > jump instantly to the top or bottom of the page. This seems to have > gone, and clicking just scrolls the way it does in most browsers. Does > anyone know if there's a setting to control this? Going further off topic, you can disable the silly urlbar changes. Settings (need to be set to false) are: browser.urlbar.update1 browser.urlbar.update1.interventions browser.urlbar.update1.searchTips browser.urlbar.update1.view.stripHttps if you want to see when you're on an HTTPS URL beyond the "lock" icon. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: nVidia: Loading out of tree module taints kernel problem.
On Thursday, May 21, 2020 4:56:02 PM MST linux guy wrote: > Hello fellow Fedorians. > > I have everything set up to run nvidia drivers for my GTX 1060. But my > machine loads nouveau instead, due to a tainted kernel message. > > I turned off "Secure Boot" in the BIOS and enabled Compatibility Support > Mode - UEFI. > > How do I force the use of the nvidia driver over nouveau ? > > Thanks > > dnf list \*nvidia\* > > Installed Packages > akmod-nvidia.x86_643:440.82-1.fc32 > @rpmfusion-nonfree > kmod-nvidia-5.6.13-300.fc32.x86_64.x86_64 3:440.82-1.fc32 > @@commandline > nvidia-settings.x86_64 3:440.82-1.fc32 > @rpmfusion-nonfree > xorg-x11-drv-nvidia.x86_64 3:440.82-1.fc32 > @rpmfusion-nonfree > xorg-x11-drv-nvidia-cuda-libs.x86_64 3:440.82-1.fc32 > @rpmfusion-nonfree > xorg-x11-drv-nvidia-kmodsrc.x86_64 3:440.82-1.fc32 > @rpmfusion-nonfree > xorg-x11-drv-nvidia-libs.i686 3:440.82-1.fc32 > @rpmfusion-nonfree > xorg-x11-drv-nvidia-libs.x86_643:440.82-1.fc32 > @rpmfusion-nonfree > > # akmods > Checking kmods exist for 5.6.13-300.fc32.x86_64[ OK ] > > uname -a > Linux bigboy 5.6.13-300.fc32.x86_64 #1 SMP Thu May 14 22:51:37 UTC 2020 > x86_64 x86_64 x86_64 GNU/ > > dmesg | grep nvidia > [4.945685] nvidia: loading out-of-tree module taints kernel. > [4.945827] nvidia: module license 'NVIDIA' taints kernel. > [4.971124] nvidia: module verification failed: signature and/or > required key missing - tainting kernel > [5.034533] nvidia-nvlink: Nvlink Core is being initialized, major > device number 237 >NVRM: nouveau, rivafb, nvidiafb or rivatv > [5.036086] nvidia-nvlink: Unregistered the Nvlink Core, major device > number 237 > [5.168304] nvidia-nvlink: Nvlink Core is being initialized, major > device number 237 >NVRM: nouveau, rivafb, nvidiafb or rivatv > [5.168962] nvidia-nvlink: Unregistered the Nvlink Core, major device > number 237 > [ 25.343678] nvidia-nvlink: Nvlink Core is being initialized, major > device number 237 >NVRM: nouveau, rivafb, nvidiafb or rivatv > [ 25.358661] nvidia-nvlink: Unregistered the Nvlink Core, major device > number 237 > [ 25.444355] nvidia-nvlink: Nvlink Core is being initialized, major > device number 237 >NVRM: nouveau, rivafb, nvidiafb or rivatv > [ 25.444678] nvidia-nvlink: Unregistered the Nvlink Core, major device > number 237 > [ 46.628271] nvidia-nvlink: Nvlink Core is being initialized, major > device number 237 >NVRM: nouveau, rivafb, nvidiafb or rivatv > [ 46.628573] nvidia-nvlink: Unregistered the Nvlink Core, major device > number 237 Loading nvidia is what *causes* the kernel to become tainted. It doesn't prevent you from loading nvidia. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Fedora 30 EOL
On Wednesday, May 27, 2020 2:30:11 AM MST Michael Schwendt wrote: > On Wed, 27 May 2020 08:18:48 +, Suvayu Ali wrote: > > > > > As of the 26th of May 2020, Fedora 30 has reached its end of life for > > > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1742960 > > > > Lately all my bug reports tend to go like this. > > > Why don't you try to reproduce issues with Fedora 31, 32 or Rawhide > and then reassign the tickets accordingly? It's quite possible that Suvayu Ali is one of the many users that cannot install Fedora 31, because it doesn't work on their hardware. Fedora 30 was the last release to support i686, so many users are now stuck there forever, unless they move to another distro entirely. -- John M. Harris, Jr. Splentity ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
