Re: [gentoo-user] Gnupg-2.1.* nightmare

2015-10-19 Thread Jean-Christophe Bach 
On 10/13/2015 04:53 PM, Andrew Savchenko wrote:
> Hello,
> 
> I updated to gnupg-2.1.9 from 2.0.x on both my desktop and laptop
> and now I have big problems.
> 
> 1. gpgme is now broken.
> 
> Gpgme consumers (e.g. sylpheed, mcabber) can verify, encrypt and
> decrypt messages, but can't sign them. On signing I have the
> following issues:
> 
> Please enter your PGP passphrase: 
> [17:26:06] GPGME signature error: Unusable secret key
> 
> Or:
> ** Sylpheed-WARNING: pgp_sign(): signing failed: User defined error
> code 1
> 
> I _can_ sign using the very same keys and plain
>   gpg -s --default-key $id
> command. GPG itself works fine, something is amiss with gmgme.
> 
> I updated gpgme, libgcrypt, libgpg-error and libassuan to the
> latest unstable versions and rebuilt consumer applications.
> Of course, keys were migrated to the new format using gpg --import
> and gpg-agent was restarted (I even rebooted the whole host), but
> problem is still here.
> 
> The problem is even more strange, since I found a workaround way to
> sign messages in sylpheed. Program has three options for key
> selection:
> a) use default GPG key;
> b) select key by e-mail;
> c) use key with provided ID.
> 
> Options b) and c) cause the error above, while option a) works, so
> by editing gpg.conf I can set default key id to what I need to sign
> a message. This is very inconvenient (since I have many keys), but
> at least works somehow.
> 
> 
> 2. I have duplicated keys in the ring with the same ID and
> fingerprint.
> 
> Duplication happens only to _some_ of my keys where I have a secret
> key, fetched public keys of other users are not duplicated.
> 
> Examples:
> a) Here I have the very same key twice:
> 
> $ gpg --fingerprint -K 0x8EE705C07CFA83D3
> sec   rsa4096/0x8EE705C07CFA83D3 2012-09-11 [expired: 2015-09-11]
>   Key fingerprint = 3F2D 1E49 4F96 2CE6 1597  F217 8EE7 05C0 7CFA 83D3
> uid   [ expired] Bircoph 
> 
> sec   rsa4096/0x8EE705C07CFA83D3 2012-09-11 [expired: 2015-09-11]
>   Key fingerprint = 3F2D 1E49 4F96 2CE6 1597  F217 8EE7 05C0 7CFA 83D3
> uid   [ expired] Bircoph 
> 
> b) Now comes more interesting:
> 
> $ gpg --fingerprint -K 0x565953B95372756C
> sec   rsa4096/0x565953B95372756C 2013-02-27 [expires: 2018-02-26]
>   Key fingerprint = 63EB 04FA A30C 76E2 952E  6ED6 5659 53B9 5372 756C
> uid   [ultimate] Andrew Savchenko 
> uid   [ultimate] Andrew A. Savchenko (NRNU MEPhI) 
> 
> uid   [ultimate] Andrew A. Savchenko (UT Department) 
> 
> uid   [ultimate] Andrew Savchenko (Gentoo Dev) 
> 
> uid   [ultimate] Andrew A. Savchenko (XMPP) 
> 
> uid   [ultimate] Andrew A. Savchenko (UT Department) 
> 
> uid   [ultimate] Andrey Savchenko (RHIC) 
> 
> ssb   rsa4096/0x7AB649CA518C8321 2013-02-27 [expires: 2018-02-26]
> ssb   rsa4096/0xF6535A33BA1EE48D 2015-01-13 [expires: 2018-01-12]
> 
> sec   rsa4096/0x565953B95372756C 2013-02-27 [expires: 2018-02-26]
>   Key fingerprint = 63EB 04FA A30C 76E2 952E  6ED6 5659 53B9 5372 756C
> uid   [ultimate] Andrew A. Savchenko (NRNU MEPhI) 
> 
> uid   [ultimate] Andrew Savchenko 
> uid   [ultimate] Andrew Savchenko (Gentoo Dev) 
> 
> uid   [ultimate] Andrew A. Savchenko (XMPP) 
> 
> uid   [ultimate] Andrew A. Savchenko (UT Department) 
> 
> uid   [ultimate] Andrew A. Savchenko (UT Department) 
> 
> ssb   rsa4096/0x7AB649CA518C8321 2013-02-27 [expires: 2018-02-26]
> ssb   rsa4096/0xF6535A33BA1EE48D 2015-01-13 [expires: 2018-01-12]
> 
> I have two versions of the same key: the latest and previous one 
> (before I added one more e-mail uid to the key).
> 
> This problem may be related to the first one, may be not, I'm not
> sure. It is possible that gpgme goes crazy with these duplicates.
> 
> I have no idea how to remove duplicates and old versions. All gpg
> commands are tied to either key id, e-mail or fingerprint. They
> are all not unique to delete such duplicates.
> 
> I have though that this may happen due to both secring.gpg and
> private-keys-v1.d present, but moving secring.gpg away doesn't
> help.
> 
> Maybe manual editing of pubring.gpg will help to remove duplicates,
> but it will be quite hard to handle this binary format.
> 
> 
> Googling gave me very litte here:
> 
> 1st issue: may happen for some custom gpgme client software, but
> no data on global failures after gnupg update.
> 
> 2nd issue: may happen when key is stored in multiple sources and
> fetched from them, but I have no --keyring options in my gpg.conf

Re: [gentoo-user] Lost wireless interface after updates

2015-10-19 Thread Mansour Al Akeel 
The hardware button (hidden on Lenovo T420s), was switched off.
Sorry for this guys.


On Mon, Oct 19, 2015 at 12:12 AM, Stroller
 wrote:
>
>> On Sun, 18 October 2015, at 7:22 p.m., Mansour Al Akeel 
>>  wrote:
>>
>> I haven't updated my system "emerge --sync" in a while (2-3 months).
>> Few days ago I did.
>> After that I lost my wireless interface.
>
> I apologise, but I'm extremely dubious of this claim.
>
> wifi doesn't stop working when you simply update the Portage database - there 
> is no connection between the two things.
>
> You updated the Portage database (with `emerge --sync`) *and then did 
> something else* which caused your wifi to stop working.
>
> Surely, you updated the Portage database (with `emerge --sync`) and then 
> installed a bunch of updated packages?
> (something like `emerge -u world`)
>
> I don't mean to sound antagonistic, or like I'm attacking you. I'm sorry if 
> this email has a negative tone, but what you wrote raises two issues.
>
> 1. It's easier to help you if we know exactly what you did.
>
> 2. When you're updating a bunch of packages, you should run `emerge -p` 
> first. When you've done so, there's a good case for identifying 
> system-critical packages (such as anything related to wifi, networking and 
> system init) and emerging them separately (`emerge -1 package`); then you can 
> deal with the package notices or any problems separately, knowing exactly 
> what update you're responding to.
>
> Stroller.
>
>

Re: [gentoo-user] Lost wireless interface after updates

2015-10-19 Thread Mick 
On Monday 19 Oct 2015 11:32:50 Mansour Al Akeel wrote:
> The hardware button (hidden on Lenovo T420s), was switched off.
> Sorry for this guys.

No problem - some times it is easy to think that the switch is on, when in 
reality it was toggled to off.  The give away in your log was this:

[64525.131109] iwlwifi :03:00.0: L1 Enabled - LTR Disabled
[64525.131401] iwlwifi :03:00.0: RF_KILL bit toggled to disable radio.

-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Re: TCP listen overflows

2015-10-19 Thread Adam Carter 
I dont know what that error means, but default webserver and TCP stack
options may not be helping. I investigated a Centos box with resources
issues a while back. It had many thousands of sockets in TIME_WAIT state.

IIRC i reduced /proc/sys/net/ipv4/tcp_fin_timeout from 60 to 15, and
enabled pipelining on the webserver, along with a few other webserver
tweaks.

First quick check if it happens again: netstat -an | grep -ci wait
If it returns a five figure number then the above would be worth a look.