[systemsettings] [Bug 470470] Usage of setxkbmap on Wayland resets Keyboard-Layout to US (even if it is not configured)
https://bugs.kde.org/show_bug.cgi?id=470470 --- Comment #2 from zeus --- (In reply to Wismill from comment #1) > setxkbmap and xmodmap are X11-only tools and will not work with Wayland. So > e.g. `setxkbmap -query` will most probably not gives you any meaningful > information. In a Wayland session, the only way to check reliably your > keymap in X11 is to use `xkbcomp $DISPLAY -` . Yes, I know this. My point was, that this can be a very common configuration for anyone migrating from X11 to Wayland, and in this case, very unpredictable things do happen. -- You are receiving this mail because: You are watching all bug changes.
[kwin] [Bug 461501] Glitchy flickering artifacts while rendering tooltips on system tray and certain applications when using Morphing Popups effect
https://bugs.kde.org/show_bug.cgi?id=461501 Zeus changed: What|Removed |Added CC||epluribusunum1776@hotmail.c ||om -- You are receiving this mail because: You are watching all bug changes.
[kwin] [Bug 462282] Task switcher under Wayland: icons/previews are not clickable
https://bugs.kde.org/show_bug.cgi?id=462282 Zeus changed: What|Removed |Added CC||epluribusunum1776@hotmail.c ||om --- Comment #16 from Zeus --- (In reply to Nate Graham from comment #11) > I think that falls under the category of "well then don't do that." :) > Meta+dragging is a power user feature; it's up to you to use it responsibly. > > Also this is a new thing from what was originally reported; since the > originally reported issue is no longer reproducible, let's close it. i *think* i can shed some light on this: i use meta+tab/cmd+tab for task switcher, and i can only drag the task switcher, not click on any of the thumbnails. i'm using thumbnail grid, but this is the case for every visualisation (including cover switch, which is jarring) this did not cause issues in x11, so i would count this as a regression (meta didn't drag the task switcher, and clicking worked as expected) i presume the original reporter used alt for window dragging, and so was experiencing the same thing it works fine if i change the drag modifier key in Window Management -> Window Behaviour -> Window Actions to alt, but that causes other problems (forgive me, i don't know what the correct thing to do is - comment on a closed issue, or clone it and make a new one that is likely the same. i didn't want to summarily mark it as reopened for this reason) -- You are receiving this mail because: You are watching all bug changes.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 --- Comment #2 from zeus --- Nevermind, regional holidays do actually work. The problem is just, that changing the calender does not have any effect on the running kalender. So if you restart your Plasma-Session the Calendar is actually correct. However, the bug is then, that a change of the holiday-calender does not trigger a reload of calender-entries. Any other modification (like for example enabling astronimical events) triggers them to show up without the applet or plama having to be restarted, like expected. -- You are receiving this mail because: You are watching all bug changes.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 --- Comment #2 from zeus --- Nevermind, regional holidays do actually work. The problem is just, that changing the calender does not have any effect on the running kalender. So if you restart your Plasma-Session the Calendar is actually correct. However, the bug is then, that a change of the holiday-calender does not trigger a reload of calender-entries. Any other modification (like for example enabling astronimical events) triggers them to show up without the applet or plama having to be restarted, like expected. -- You are receiving this mail because: You are the assignee for the bug.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 --- Comment #1 from zeus --- Edit: The second of the two holidays specific to northrhine-westfalia ("Allerheiligen", always on 1st November) also does not show up in my calendar. Please note, that "Allerheiligen" is valid for a different subset of germanys regions than "Fronleichnam". So I guess all regional holidays are like not working? -- You are receiving this mail because: You are watching all bug changes.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 --- Comment #1 from zeus --- Edit: The second of the two holidays specific to northrhine-westfalia ("Allerheiligen", always on 1st November) also does not show up in my calendar. Please note, that "Allerheiligen" is valid for a different subset of germanys regions than "Fronleichnam". So I guess all regional holidays are like not working? -- You are receiving this mail because: You are the assignee for the bug.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 zeus changed: What|Removed |Added Summary|German Holiday |German Holiday |"Fronleichnam" missing for |"Fronleichnam" missing for |all regional|all regional german |calender-variants |calender-variants -- You are receiving this mail because: You are watching all bug changes.
[frameworks-kholidays] [Bug 470492] German Holiday "Fronleichnam" missing for all regional german calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 zeus changed: What|Removed |Added Summary|German Holiday |German Holiday |"Fronleichnam" missing for |"Fronleichnam" missing for |all regional|all regional german |calender-variants |calender-variants -- You are receiving this mail because: You are the assignee for the bug.
[frameworks-kholidays] [Bug 470492] New: German Holiday "Fronleichnam" missing for all regional calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 Bug ID: 470492 Summary: German Holiday "Fronleichnam" missing for all regional calender-variants Classification: Frameworks and Libraries Product: frameworks-kholidays Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: kdepim-bugs@kde.org Reporter: k...@kostianix.de Target Milestone: --- SUMMARY *** The German Holiday "Fronleichnam" is a religious christian holiday in June. It is only applicable in around a third of the German federal states, and the definition-files (e.g. https://invent.kde.org/frameworks/kholidays/-/blob/master/holidays/plan2/holiday_de-nw_de) list them, but they don't actually show up in my calendar (i have explicitly choosen de-nw_de as holiday-calendar for the "Northrhine-Westphalia" Region in Germany, but this also applies on other regions, where this is a valid holiday like bavaria). This year, in 2023, the holiday would be on june 8th. As far as I can tell, for at least the last year it also hasn't been in my calendar applet. Tested on Ubuntu 22.04 and Archlinux. *** OBSERVED RESULT German Holiday "Fronleichnam" missing EXPECTED RESULT Holiday available in the respective calendars. ADDITIONAL INFORMATION This Holiday is a legit holiday in the following german regions: BW (Baden-Würtemberg) BY (Bayern) HE (Hessen) NW (Nordrhein-Westfalen) RP (Rheinland-Pfalz) SL (Saarland) -- You are receiving this mail because: You are the assignee for the bug.
[frameworks-kholidays] [Bug 470492] New: German Holiday "Fronleichnam" missing for all regional calender-variants
https://bugs.kde.org/show_bug.cgi?id=470492 Bug ID: 470492 Summary: German Holiday "Fronleichnam" missing for all regional calender-variants Classification: Frameworks and Libraries Product: frameworks-kholidays Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: kdepim-b...@kde.org Reporter: k...@kostianix.de Target Milestone: --- SUMMARY *** The German Holiday "Fronleichnam" is a religious christian holiday in June. It is only applicable in around a third of the German federal states, and the definition-files (e.g. https://invent.kde.org/frameworks/kholidays/-/blob/master/holidays/plan2/holiday_de-nw_de) list them, but they don't actually show up in my calendar (i have explicitly choosen de-nw_de as holiday-calendar for the "Northrhine-Westphalia" Region in Germany, but this also applies on other regions, where this is a valid holiday like bavaria). This year, in 2023, the holiday would be on june 8th. As far as I can tell, for at least the last year it also hasn't been in my calendar applet. Tested on Ubuntu 22.04 and Archlinux. *** OBSERVED RESULT German Holiday "Fronleichnam" missing EXPECTED RESULT Holiday available in the respective calendars. ADDITIONAL INFORMATION This Holiday is a legit holiday in the following german regions: BW (Baden-Würtemberg) BY (Bayern) HE (Hessen) NW (Nordrhein-Westfalen) RP (Rheinland-Pfalz) SL (Saarland) -- You are receiving this mail because: You are watching all bug changes.
[systemsettings] [Bug 341314] Plasma 5 somehow falls back to US keyboard after startup
https://bugs.kde.org/show_bug.cgi?id=341314 zeus changed: What|Removed |Added CC||k...@kostianix.de --- Comment #8 from zeus --- sorry, did not see this issue beforehand, but it might be related to what i just filed: https://bugs.kde.org/show_bug.cgi?id=470470 -- You are receiving this mail because: You are watching all bug changes.
[systemsettings] [Bug 470470] New: Usage of setxkbmap on Wayland resets Keyboard-Layout to US (even if it is not configured)
https://bugs.kde.org/show_bug.cgi?id=470470 Bug ID: 470470 Summary: Usage of setxkbmap on Wayland resets Keyboard-Layout to US (even if it is not configured) Classification: Applications Product: systemsettings Version: 5.27.5 Platform: Archlinux OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: kcm_keyboard Assignee: plasma-b...@kde.org Reporter: k...@kostianix.de CC: butir...@gmail.com Target Milestone: --- SUMMARY *** While the title suggests, that a lot of random things need to happen at the same time, i don't think this situation is as uncommon as it first seems. I've had the following in my .bashrc: `setxkbmap -option ctrl:nocaps 2>/dev/null`. While I totally agree, that x-keyboard-options should be set via config file rather than invoking them by the bashrc, it is however a totally legit way to archieve the desired behaviour (remap capslock in this case). However, if you have only one keyboard layout configured (just `de` in my case, no modified layouts), any use of xkbmap seems to break the layout, and - at least for some apps - reverts it to the `us`-layout (even it is not in my list of configured layouts). Even more strange is, that this only seem to affect some applications. For me the effect was most noticeable in firefox and thunderbird. I think it is not that uncommon for people switching from xorg to wayland to have some kind of options like this in some scripts. Especially annoying here is, that this will never be reproducible on new installs with a fresh homedir. Even though this clearly qualifies as "user-error", the keyboard should never ever fall back to an unconfigured layout, and behaviour like this is not very obvious to track down, because if you stare at it, you won't be able to observe the error until you start a new shell. As already assumed, calling xmodmap without redirecting the output, says that it is running against Xwayland, which might explain different behaviours in different windows. However, while having an xorg-compatibility layer is awesome, having multiple keyboard layouts active at the same time depending on the window is certainly not. any "apply" action in the "settingsmenu/input/keyboard" subsection reverts this behaviour to the expected state. I'd assume, there are alot of universal apps (flatpak..) that will be affected by this, too. *** STEPS TO REPRODUCE 1. put some `xmodmap` command in your .bashrc and start a terminal under wayland. Alternatively execute manually. OBSERVED RESULT - some applications like firefox and thunderbird end up with a default, but unconfigured and unlisted (in terms of the plasma settingsmenu) keyboard-layout (us). EXPECTED RESULT - keyboard-settings should be applied uniformly between apps regardless of wayland, Xwayland, flatpak, fullscreen-games, etc.. SOFTWARE/OS VERSIONS - Linux/KDE Plasma: Linux/6.3.4-arch1-1 - KDE Plasma Version: 5.27.5 - KDE Frameworks Version: 5.106.0 - Qt Version: 5.15.9 All-AMD-System (Ryzen7xxx/Navi31), Single Monitor Setup. Initially i thought this might be related to https://bugs.kde.org/show_bug.cgi?id=433576, but it turns out unrelated, as my behaviour perists with more than one layout as well. However, they seem somewhat similar anyways. -- You are receiving this mail because: You are watching all bug changes.
no accesslog record on "delete" sync state control
hi I face a weird situation with my LDAP syncrepl consumer [1], please advise ... on "delete" sync state control receiving, I'm trying to search for accesslog object with the just deleted object to use it in further processing, but it is not available yet though if I set delay (sleep) for 1 sec just before the search, then I successfully receive the object so, is it intended behavior? here is this search: https://github.com/z-eos/regather/blob/master/lib/App/Regather.pm#L439 [1] https://github.com/z-eos/regather -- Zeus V. Panchenko . jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC..: GMT+2 (EET)
Re: FreeBSD Port: emulators/linux_base-c7
I have a multi-boot system with Arch Linux, FreeBSD, OS X, and Windoze. Arch Linux kernel version is up to 5.19.2. Should that affect our decision? [zeus@olympus ~]$ uname -a Linux olympus.gods.org 5.19.2-arch1-1 #1 SMP PREEMPT_DYNAMIC Wed, 17 Aug 2022 13:48:51 + x86_64 GNU/Linux [zeus@olympus ~]$ uname -srm Linux 5.19.2-arch1-1 x86_64 Will look at sysctl compat.linux.osrelease. Could someone give any direction in rebuilding my base-c7 or perhaps I can create base-c8. Thanks. On 8/29/22 09:29, Patrick M. Hausen wrote: Hi all, Am 29.08.2022 um 15:19 schrieb Zeus Odin : FATAL: kernel too old Any idea what I can do to resolve this? Is it possible that I can build a newer compat kernel from source? Other? Probably the software is checking the Linux kernel version and decides that the fake version FreeBSD presents is "too old". You can toy with sysctl compat.linux.osrelease although I don't know what precisely you should put in there instead of the default. HTH, Patrick
FreeBSD Port: emulators/linux_base-c7
Just upgrade FreeBSD from 13.0 RELEASE to 13.1. I downloaded the latestlinux version of Citrix (linuxx64-22.7.0.20.tar.gz). The FreeBSD port ishopelessly out of date (linuxx86-13.10.0.20). I did a manual conversionof linuxx64 to install on FreeBSD 13.1. I received no installation errors. I still have to integrate the x86 patches into the x64 installation. Nonethless, I am getting the following error: FATAL: kernel too old Any idea what I can do to resolve this? Is it possible that I can build a newercompat kernel from source? Other? Thanks,Zeus
Re: Vulnerability Report [Misconfigured DMARC Record Flag]
Hi team kindly update me with the bug that I've reported. -Zeus On Fri, May 20, 2022 at 11:34 PM Cyber Zeus wrote: > Hi Team, > I am an independent security researcher and I have found a bug in your > website > The details of it are as follows:- > > Description: This report is about a misconfigured Dmarc record flag, which > can be used for malicious purposes as it allows for fake mailing on behalf > of respected organizations. > > About the Issue: > As i have seen the DMARC record for > > *druid.apache.org* > > which is: > DMARC Policy Not Enabled > DMARC Not Found > > As u can see that your DMARC record, a valid record should be like:- > > DMARC Policy Enabled > What's the issue: > A DMARC record is a type of Domain Name Service (DNS) record that > identifies which mail servers are permitted to send an email on behalf of > your domain. The purpose of a DMARC record is to prevent spammers from > sending messages on the behalf of your organization. > > Attack Scenario: An attacker will send phishing mail or anything malicious > mail to the victim via mail: > > commits-h...@druid.apache.org > > > even if the victim is aware of a phishing attack, he will check the origin > email which came from your genuine mail id > commits-h...@druid.apache.org > > > so he will think that it is genuine mail and get trapped by the attacker. > The attack can be done using any PHP mailer tool like this:- > > $to = "vic...@example.com"; > $subject = "Password Change"; > $txt = "Change your password by visiting here - [VIRUS LINK HERE]l"; > $headers = "From: > > commits-h...@druid.apache.org > > > ";mail($to,$subject,$txt,$headers); > ?> > > U can also check your Dmarc/ SPF record form: MXTOOLBOX > > Reference: > https://support.google.com/a/answer/2466580?hl=en > have a look at the GOOGLE article for a better understanding![image: > image.png] > [image: image.png] >
[grpc-io] Send message from server to client
Hello Everyone, I have implemented a proto file by checking the internet with one unary rpc service and stream service. I done the coding part for the unary rpc service with c++ for both client and the server. But the second service (stream) i cannot able to build the logic on how to send a message from server to client while the client will be listening to the server. The proto file i am pasting down here. Clarify me if this implementation is wrong or how to implement the server to send a message to client in c++? ``` syntax = "proto3"; package Chat; import "google/protobuf/empty.proto"; service HelloService { rpc Hello (HelloRequest) returns (HelloResponse) {} } service Messenger { rpc ServerTx (Payload) returns (google.protobuf.Empty) {} /* serverSide */ rpc ClientRx (google.protobuf.Empty) returns (stream Payload) {} // ClientSide } message Payload { int32 size = 1; string data = 2; } message HelloRequest { string hello = 1; } message HelloResponse { string reply = 1; } ``` Any help would be appreciated. Thanks in advance -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/38558994-8d5b-4e45-972c-9e53f1334aa3n%40googlegroups.com.
unbound becomes stale after transport interface flap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi I experience pretty same behavior of unbound: often it becomes stale after transport interface flap In my VPN I have DNS server which serves local zones. For clients I configure unbound to forward requests for those zones to that DNS server, and when VPN interface flaps of re-keying occures, unbound misbehaves and nothing valuable appears in log files so, please advise, where to look at? - ---[ unbound.conf quotation start ]--- domain-insecure: "abc." ... private-domain: "abc." ... local-zone: "abc." transparent ... include: /var/unbound/conf.d/*.conf - ---[ unbound.conf quotation end ]--- - ---[ conf.d/stub-zones.core.conf quotation start ] stub-zone: name: "abc." stub-addr: 1.2.3.4 stub-prime: yes stub-zone: ... - ---[ conf.d/stub-zones.core.conf quotation end ] - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCYGr+gAAKCRCveOk+D/ej KumZAKCT7+uaGIG09Lj0i6NvAEJApWNJZACg7vBh+uve4tCWu6sbfCq4tGAP3PI= =Lb31 -END PGP SIGNATURE-
[Openvpn-users] [Q] can I find iroute values in envs on server?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi can I pick up iroute data of client, from environmental variables on server side? as far as I can see, `Environmental Variables' section of manual doesn't mention that. I need that to manage kernel routes *not* via static records `route ...' in config file but via some-up/down event/s - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCYGXn1QAKCRCveOk+D/ej KlqzAJ4xMTwT6UdOZmtLmo5s5KPHmgnl0gCdEVxInjAVyYjaUgl9XeSeZ3HhmlY= =dHzy -END PGP SIGNATURE- ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: `UID SEARCH UNSEEN` returns no result
Sergey Poznyakoff wrote: > Please try the attached patch. confirm, it fixes the issue thanks <#secure method=pgp mode=sign sender=0FF7A32A> -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
`UID SEARCH UNSEEN` returns no result
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was reported that search by unseen messages doesn't work after some investigation I confirm, `UID SEARCH UNSEEN` returns no result though, search by other parameters works here is transcript to reproduce that - ---[ imap4d v.3.10 session quotation start ]--- * OK IMAP4rev1 A0005 LOGIN u...@foo.bar "secretpass" A0005 OK LOGIN Completed A0006 STATUS INBOX (MESSAGES UNSEEN) * STATUS INBOX (MESSAGES 53 UNSEEN 38) A0006 OK STATUS Completed A0007 SELECT INBOX * 53 EXISTS * 0 RECENT * OK [UIDVALIDITY 1604351724] UID valididy status * OK [UIDNEXT 54] Predicted next uid * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft)] Permanent flags A0007 OK [READ-WRITE] SELECT Completed A0008 UID SEARCH UNSEEN * SEARCH A0008 OK UID SEARCH Completed A0009 UID SEARCH UNANSWERED * SEARCH 1 2 3 4 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 A0009 OK UID SEARCH Completed A0010 UID SEARCH FLAGGED * SEARCH A0010 OK UID SEARCH Completed A0011 UID SEARCH NOT HEADER X-PRIORITY 1 NOT HEADER X-PRIORITY 2 NOT HEADER X-PRIORITY 4 NOT HEADER X-PRIORITY 5 * SEARCH 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 A0011 OK UID SEARCH Completed A0012 UID SEARCH OR OR OR HEADER Content-Type application/ HEADER Content-Type multipart/m HEADER Content-Type multipart/signed HEADER Content-Type multipart/report * SEARCH 1 2 3 4 5 6 7 8 9 24 A0012 OK UID SEARCH Completed A0013 LOGOUT * BYE Session terminating. A0013 OK LOGOUT Completed - ---[ imap4d v.3.10 session quotation end ]--- - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCX6KQOAAKCRCveOk+D/ej KuowAJ9sjW+GBlhLP9uNprk29LOJuaYgHACgoPsi+WXP0LgxzgMCc/mDjdtDnKM= =EXnB -END PGP SIGNATURE-
Looking for old ultrapower versions
Looking for old ultrapower versions Hello.I would just like to ask, if anyone still has one of these. I'm mainly looking for 5.x, but really anything older than the one that got leaked would be great.Regards,Tobias. URL: https://forum.audiogames.net/post/504330/#p504330 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
[Q] ModRDN object via Net::LDAP::Control::SyncRequest
hi, how can I catch ModRDN event in Net::LDAP::Control::SyncRequest ? on ldapmodrdn I can successfully catch LDAP_SYNC_MODIFY event with Net::LDAP::Entry object, DN of which contains new rdn ... but how to know the old one? accesslog DB doesn't contain reqDN for new rdn yet ... I'm using the example code from Net::LDAP::Control::SyncRequest -- Zeus Panchenko
[Q] ModRDN object via Net::LDAP::Control::SyncRequest
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, please advise, how can I catch ModRDN object in syncrepl cosumer? I use perl Net::LDAP on ldapmodrdn I successfully catch LDAP_SYNC_MODIFY event with Net::LDAP::Entry object, DN of which contains *new* rdn ... but how to know/get the old one? accesslog DB doesn't contain reqDN for new rdn yet ... I'm using the example code from Net::LDAP::Control::SyncRequest - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCXXqZHwAKCRCveOk+D/ej KsoLAKCiqf/sGKpYLy0xUybyLCXtkTTVkQCcCfTAoMcwhC+JWHcxvHzeLrppc5w= =cVqP -END PGP SIGNATURE-
[Q] is there way to configure stub-zone "recursively"?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 greetings, please, advise can stub-zone, somehow be configured to query "recursively" all subzones for the one single zone configured? I was successful to configure my VPN client unbound, to use nameserver on the central office, but it was necessary to configure each subzone separately ... Current, working, configuration is bellow, but can I shorten configuration to not to configure each sub zone? ===[ unbound/unbound.conf quotation start ]=== domain-insecure: "10.in-addr.arpa." domain-insecure: "lan." private-domain: "10.in-addr.arpa." private-domain: "lan." local-zone: "10.in-addr.arpa." transparent local-zone: "lan." transparent ===[ unbound/unbound.conf quotation end ]=== ===[ unbound/conf.d/stub-zones.conf quotation start ]= # net: 10.123.0.0/24 stub-zone: name: "lan." stub-addr: 10.0.0.111 stub-prime: yes # net: 10.123.1.0/24 stub-zone: name: "office1.lan." stub-addr: 10.0.0.111 stub-prime: yes # net: 10.123.2.0/24 stub-zone: name: "office2.lan." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "0.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "1.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "2.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes ===[ unbound/conf.d/stub-zones.conf quotation end ]= - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCXVD8zQAKCRCveOk+D/ej KtntAJ4rEIotzfGV9aIE7KDvz4uzoToILQCggUGBiZ/Wc7eK2XXZ9UXQCpmJM18= =ULgg -END PGP SIGNATURE-
Re: [nsd-users] [Q] is there way to configure stub-zone "recursively"?
sorry, posted to the wrong list <#secure method=pgp mode=sign sender=0FF7A32A> -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ nsd-users mailing list nsd-users@NLnetLabs.nl https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
[nsd-users] [Q] is there way to configure stub-zone "recursively"?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 greetings, please, advise can stub-zone, somehow be configured to query "recursively" all subzones for the one single zone configured? I was successful to configure my VPN client unbound, to use nameserver on the central office, but it was necessary to configure each subzone separately ... Current, working, configuration is bellow, but can I shorten configuration to not to configure each sub zone? ===[ unbound/unbound.conf quotation start ]=== domain-insecure: "10.in-addr.arpa." domain-insecure: "lan." private-domain: "10.in-addr.arpa." private-domain: "lan." local-zone: "10.in-addr.arpa." transparent local-zone: "lan." transparent ===[ unbound/unbound.conf quotation end ]=== ===[ unbound/conf.d/stub-zones.conf quotation start ]= # net: 10.123.0.0/24 stub-zone: name: "lan." stub-addr: 10.0.0.111 stub-prime: yes # net: 10.123.1.0/24 stub-zone: name: "office1.lan." stub-addr: 10.0.0.111 stub-prime: yes # net: 10.123.2.0/24 stub-zone: name: "office2.lan." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "0.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "1.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes stub-zone: name: "2.123.10.in-addr.arpa." stub-addr: 10.0.0.111 stub-prime: yes ===[ unbound/conf.d/stub-zones.conf quotation end ]= - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCXVBYZQAKCRCveOk+D/ej KoiKAJ9W4JXCVl5zB1v56OaC22dopJN6rgCeJMkOno7qCQ2cuGPcnVEDJYaB6bs= =fCxB -END PGP SIGNATURE- ___ nsd-users mailing list nsd-users@NLnetLabs.nl https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
[QGIS-Developer] WMS Request "GetPrint" to QGIS - Server fails with _PK
Hi devs! I'm a junior developer and I'm working on a project trying to refresh an old GISWEB, to do so i chose QWC2+QGISServer. Actual setup is: Debian 10, Apache2, QGIS-Server 3.8, using .shp as layers... the QWC2 works fine, WMS works fine, i can print some templates, print png, etc... The issue is that I'm trying to use the _PK (implemented in QGIS Server 3.6<https://github.com/qgis/QGIS/commit/21e3adfbcac4ffa339b28a4fb5fefc3a704bd2fb> and I'm getting an annoying "Internal Server Error". When I use "_PK=1" or "_PK=1, 2, 3", log says: "CRITICAL Server: An error occurred during the Atlas print WARNING: finish() called twice" As I read in the code here<https://github.com/qgis/QGIS/blob/master/src/server/services/wms/qgswmsrenderer.cpp> it could be caused by 2 things : "if ( pkIndexes.size() < 1 ) { throw QgsException( QStringLiteral( "An error occurred during the Atlas print" ) ); }" or: "QString errorString; atlas->setFilterExpression( filterString, errorString ); if ( !errorString.isEmpty() ) { throw QgsException( QStringLiteral( "An error occurred during the Atlas print" ) ); }" I can't determine which one is causing it. (My shapes have FID field, so pkIndexes shouldn't be null) If I try to use "_PK=*" it seems to work but I get "timed out" because I have like 4k features to print (I already changed the feature limit in QGIS Server conf). I'm going to try with a layer with less features as soon as I can and post updates. GetProjectSettings WMS request returns that I have 2 templates both with atlas enabled. There's not much documentation<https://docs.qgis.org/testing/en/docs/user_manual/working_with_ogc/server/services.html> to read about, as it's a new feature... The issue has nothing to do with QWC2, it's just the QGIS-Server. ISSUE URL: https://github.com/qgis/QGIS/issues/30817 Regards, Zeus. ___ QGIS-Developer mailing list QGIS-Developer@lists.osgeo.org List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer
[Q] RFC2307bis2 "An Approach for Using LDAP as a Network Information Service"
greetings, We've found RFC2307bis2: "An Approach for Using LDAP as a Network Information Service" and now wondering, what've happened to it finally? Is it just expired and forgotten? Recently we've began to deploy netgroup usage in our network and found it impossible to do search by nisNetgroupTriple attribute due to it's SYNTAX and SUBSTR definition ... We've done "amendments" to nis.schema to fix that and they occured to be the same as the ones offered in RFC2307bis2 :) So, is there any further plans/ideas to do something with RFC2307bis2, please? -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
[Q] is there way to use bgp-spamd.net?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, is there way to use BGP to block traffic, like it is described on https://www.bgp-spamd.net/index.html or even BGP feeds from spamhaus https://www.spamhaus.org/news/article/683/spamhaus-releases-bgp-feed-bgpf-and-botnet-cc-list-bgpcc - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCXDwgjQAKCRCveOk+D/ej KjLDAJ0a+9Q82cUVufYDn9c3Saq8Q0ARtgCggnadaidgIm4lBFQMUmOFEFl8b4I= =4djw -END PGP SIGNATURE- ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
Re: [darktable-user] Batch renaming software?
August Schwerdfeger wrote: > Can anybody recommend any good batch-renaming packages? I am > specifically looking to replace a homebrew Python script that uses > exposure-compensation metadata to identify sets of photos taken using > autobracketing (preferably with something I can invoke from within > Darktable). the best such tool I know is exiftool: https://www.sno.phy.queensu.ca/~phil/exiftool/ scroll down to `Renaming and/or Moving Files' section to have an idea of how it can work for you. P.S. when I faced same need (now exiftool has much more option) I with my friend had written renrot (wrapper for exiftool): https://puszcza.gnu.org.ua/projects/renrot/ still works o_O -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
Bitcoin in D
I write code in D to serialize and deserialize bitcoin block headers for educations puropseses as i just start with D, i add some more function and i upload it to github https://github.com/cvsae/bitcoind
Re: string to char conv
On Tuesday, 14 August 2018 at 00:24:53 UTC, Jonathan M Davis wrote: On Monday, August 13, 2018 6:06:22 PM MDT zeus via Digitalmars-d-learn wrote: [...] Why are you casting the string to a char*? That's just going to make writeln print out the pointer value. If you want to print out the value of the string, then just pass the string to writeln. - Jonathan M Davis Needed char* for while (isspace(*testi)) --testi; etc
string to char conv
i have the following code in d and i get as result 4D77EB, also i have the following code in c++ wich give me as results 0xABCDEF123abcdef12345678909832190 how i can get in d 0xABCDEF123abcdef12345678909832190 instead of 4D77EB // D void test(string test){ char* testi = cast(char*)(test); writeln(testi); } void main() { test("0xABCDEF123abcdef12345678909832190"); } // C++ void test(string str){ const char* testi = str.c_str(); printf("%s\n", testi); } int main(int argc, char const *argv[]){ test("0xABCDEF123abcdef12345678909832190"); }
Re: how to run script on event (modify/delete/add)?
thanks to everybody for soon reply Michael Ströder wrote: > On 07/30/2018 02:32 PM, Zeus Panchenko wrote: > Basically you have two options: > 1. run something within slapd (back-perl or back-sock) I'm still missing something ... what is/are the condition/s to see a candidate object to sync? I'm trying a sample from doc to Net::LDAP::Control::SyncRequest as well as sample from SATOH Fumiyasu code I modify some attribute and after that run the code: ---[ quotation start ]--- ... my $req = $ldap_crud->control_sync_req; # which is wrapper for Net::LDAP::Control::SyncRequest->new( mode => LDAP_SYNC_REFRESH_AND_PERSIST, ); log_debug { np( $req ) }; my $mesg = $ldap_crud->search({ base => $ldap_crud->{cfg}->{base}->{acc_root}, filter=> "(objectClass=*)", control => [ $req ], callback => sub { # log_debug {np(@_)}; my $msg = shift;; my $obj = shift; my @controls = $msg->control; if ( defined $obj && $obj->isa('Net::LDAP::Entry') ) { log_debug { $obj->dn . ' ; ' . np(@controls)}; my $syncstate = undef; for my $control (@controls) { if ( $control->isa('Net::LDAP::Control::SyncState') ) { $syncstate = $control; log_debug {np($syncstate)}; last; } } } }, sizelimit => 0, attrs => [ '*' ] }); ... ---[ quotation end ]--- but Net::LDAP::Message object returned by search, contains method `controls' set to undef ---[ quotation start ]--- 2018.07.31 13:38:38 [DEBUG]: L00830 @ UMI::Controller::Root::test: Controller/Root.pm: Net::LDAP::Search { Parents Net::LDAP::Message public methods (12) : all_entries, as_struct, count, decode, entries, entry, first_entry, next_entry, pop_entry, references, shift_entry, sorted private methods (0) internals: { callback sub { ... }, controls undef, ctrl_hash undef, entries[ [0] Net::LDAP::Entry, ... [388] Net::LDAP::Entry ], errorMessage "", matchedDN "", mesgid 70, parent Net::LDAP, rawundef, resultCode 0 } } ---[ quotation end ]--- while Net::LDAP::Control::SyncRequest->new() returns valid object ---[ quotation start ]--- 2018.07.31 14:01:16 [DEBUG]: L00807 @ UMI::Controller::Root::test: Controller/Root.pm: Net::LDAP::Control::SyncRequest { Parents Net::LDAP::Control public methods (5) : cookie, init, mode, reloadHint, value private methods (0) internals: { asn{ cookie undef, mode 3, reloadHint 0 }, mode 3, type "1.3.6.1.4.1.4203.1.9.1.1" } } ---[ quotation end ]--- though after been fed to search, control "disappears" ... where am I wrong? -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
how to run script on event (modify/delete/add)?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 greetings, please advise how can I run external script on event (LDAP operation)? for example: I am generating config files for users from LDAP data with perl script I want to re-generate config files each time LDAP operation (modify, add, delete) performed how to do that and what is the best way to do that? - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCW18FeQAKCRCveOk+D/ej KtXaAJ949HG/9hwOP9z5RgvSUfjRR27nQQCgljD0MPOTdZevhdBt2u87Oeq1Frk= =NBxz -END PGP SIGNATURE-
Re: what is the best practice to modrdn for branch of objects?
Chris Ridd wrote: > I would note that storing entries subordinate to user entries is rather > unusual. yes, it is, the idea was to hold all related to user branches in one single root here there is the diagram of DB topology: https://raw.githubusercontent.com/z-eos/umi/master/doc/umi-db-diagram-plane.png > So there are two cases to consider: > * user B already exists yes, it is the idea is to reassign some existing subordinate branch to another existent user > In the first case, you can iterate through all of user A's immediate > children and modifydn each of them. it is just what I do, but it involves a lot of „hand“ work (the URL I provided in my initial post) > Do you delete user A at the end? no, the idea is to delegate some service of user A to user B > Alternative in the first case, you could delete user B first and then > just use modifydn once to move user A to user B. no, it is not what is needed since user B has his own, assigned to him services > You may need to refine your question a bit more. was I successful in that? > Net::LDAP's moddn method does not take a „recursively“ option. may it sound sane to add it to the method? > The LDAP modifydn operation is already defined to move all the entry's > children. I believe, it'd be great to have something like that in Net::LDAP too ... -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
what is the best practice to modrdn for branch of objects?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi what is the best practice to moddn() for branch of objects? lets say we have two objects: - ---[ user A start ]--- dn: uid=naf.nafus,ou=People,dc=umidb dn: authorizedService=w...@borg.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: uid=q...@borg.startrek.in,authorizedService=w...@borg.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: authorizedService=o...@borg.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: cn=dev-ap-notebook,authorizedService=o...@borg.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: authorizedService=m...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: uid=naf.na...@starfleet.startrek.in,authorizedService=m...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: authorizedService=x...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: uid=naf.naf...@starfleet.startrek.in,authorizedService=x...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb - ---[ user A end ]--- and - ---[ user B start ]--- dn: uid=taf.taffij,ou=People,dc=umidb - ---[ user B end ]--- now, I want to „reassign“ user A branch (and all of it's leaves) to user B - ---[ user A branch to reassign start ]--- dn: authorizedService=x...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb dn: uid=naf.naf...@starfleet.startrek.in,authorizedService=x...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb - ---[ user A branch to reassign end ]--- so, user B becomes - ---[ „new“ user B start ]--- dn: uid=taf.taffij,ou=People,dc=umidb dn: authorizedService=x...@starfleet.startrek.in,uid=taf.taffij,ou=People,dc=umidb dn: uid=naf.naf...@starfleet.startrek.in,authorizedService=x...@starfleet.startrek.in,uid=taf.taffij,ou=People,dc=umidb - ---[ „new“ user B end ]--- to do that, I take target branch subtree and „re-write“ DN of each object to be reassigned ... (https://github.com/z-eos/umi/blob/master/lib/LDAP_CRUD.pm#L992) what I think of is something like this: - ---[ quotation start ]--- $dn = 'authorizedService=x...@starfleet.startrek.in,uid=naf.nafus,ou=People,dc=umidb'; $mesg = $ldap->moddn( $dn, newsuperior => 'uid=taf.taffij,ou=People,dc=umidb', recursively => 1 ); - ---[ quotation end ]--- - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWyeYpwAKCRCveOk+D/ej KrMyAJ9pkQ5HzEX1iIGBI8WNJDKpKEMiOgCg1UtQBvbNIwuPEZAMIyutWi5E690= =S2qO -END PGP SIGNATURE-
Re: 8021x on wired Ethernet
Bengt Ahlgren <bengt.ahlg...@ri.se> wrote: > Is there a standard "rc.conf" way to configure 8021x authentication on > wired ethernet? looks like it's to be something like: ifconfig_em0="WPA" -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: lagg0 with ue0 and iwm0 is not operate on 11.2-BETA1
Masachika ISHIZUKA <i...@amail.plala.or.jp> wrote: > I think bug 213207 is not the same. > As I set mac address of ethernet adapter(ue0) or ethernet card(re0), > I don't change mac address of wlan devices(iwm0/ath0). solution whci solved my situation is described namely here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213207#c13 -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
Re: lagg0 with ue0 and iwm0 is not operate on 11.2-BETA1
isn't it the same lasting bug/feature? https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213207 Masachika ISHIZUKA <i...@amail.plala.or.jp> wrote: > Hi. > > I'm using lagg0 with ue0(if_axge.ko) and iwm0(if_iwm.ko) as follows. > > % cat /etc/rc.conf > ifconfig_ue0="ether xx:xx:xx:xx:xx:xx up" > wlans_iwm0="wlan0" > create_args_wlan0="country JP" > ifconfig_wlan0="wpa" > cloned_interfaces="lagg0" > ifconfig_lagg0="laggproto failover laggport ue0 laggport wlan0 192.168.x.x > netmask x.x.x.x" > > It is good working on 12-current, but 11.2-BETA1 is not working. > > It can work ue0 or wlan0 alone on 11.2-BETA1, i.e. > ifconfig_lagg0="laggproto failover laggport ue0 192.168.x.x netmask x.x.x.x" > or > ifconfig_lagg0="laggproto failover laggport wlan0 192.168.x.x netmask x.x.x.x" > is working. > > === > > I have another machine and that is operate lagg0 with re0 and ath0 > on 11.2-BETA1, but it has trouble. It is bood working with re0 and > good working with failovered ath0, but not working when I switched > back re0. It can be recovered by 'ifconfig re0 down' and 'ifconfig re0 up'. > It is the same as on 12-current. > > -- > Masachika ISHIZUKA > ___ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
Re: ether <-> wlan failover still is broken
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eugene Grosbein <eu...@grosbein.net> wrote: > > You should try forcing lagg to use MAC of wireless card instead of fabricated > one: > ifconfig lagg0 ether $(ifconfig wlan0 | awk '/hwaddr/ {print $2}') > as I wrote in previous message, it works *only* when interface is in promiscious mode ... alas - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWrPONQAKCRCveOk+D/ej KlaJAJ98/YNjbI1XZwsn3RGHKP0Of/mfhACg7CgYCHpSR6e7NjG4CGLxMl2pV5Y= =+aRw -END PGP SIGNATURE- ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
ether wlan lagg works only with hint.ath.0.macaddr set (was: ether <-> wlan failover still is broken)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrey V. Elsukov <bu7c...@yandex.ru> wrote: > > It will work, if you will change ethernet's MAC address to one, what > wlan interface have. > yes, for me it works *only* if the interface is in promiscious mode, just have checked BUT! what finally helped me is this: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213207#c13 /boot/loader.conf hint.ath.0.macaddr="MAC:ADDRESS:OF:THE:ETHERNET:INTERFACE" - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWrPN0AAKCRCveOk+D/ej KqWqAKCd7GWqyXLMZtLWtOuWfR+eOVD6OQCg11ZcsR5SIsb5phXu3resUgTRnO0= =y2sk -END PGP SIGNATURE- ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: ether <-> wlan failover still is broken
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrey V. Elsukov <bu7c...@yandex.ru> wrote: > > It will work, if you will change ethernet's MAC address to one, what > wlan interface have. > in my previous attempts it was working this way *only* when interface was in promiscious mode but I'll try it again, thanks - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWrPDfQAKCRCveOk+D/ej KmpfAJ4p2DAn9hAVJjc2KqS1UdS+eN8hNgCfXrzZzefzSrBa6XquJhDru+hBBjU= =1maj -END PGP SIGNATURE- ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
ether <-> wlan failover still is broken (was: is lagg (re+wlan) working on 11.0-RELEASE?)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, while having no any problem with separate (lagg less) mode, when I use ether or wlan without aggregating, I am still experiencing severe problem with ether <-> wlan failover after upgrade to 11.1 I decided to give another try to the handbook Example 30.3. https://www.freebsd.org/doc/handbook/network-aggregation.html#networking-lagg-wired-and-wireless it still does *not* work for me after wlan MAC address change (to the one of the ethernet as it's described in the handbook), wpa_supplicant becomes unable to associate with AP > uname -a FreeBSD 11.1-RELEASE-p8 #0 > pciconf -lv ath0@pci0:3:0:0:class=0x028000 card=0x1785103c chip=0x0032168c rev=0x01 hdr=0x00 vendor = 'Qualcomm Atheros' device = 'AR9485 Wireless Network Adapter' class = network re0@pci0:7:0:0: class=0x02 card=0x3387103c chip=0x816810ec rev=0x06 hdr=0x00 vendor = 'Realtek Semiconductor Co., Ltd.' device = 'RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller' class = network subclass = ethernet does anybody else face same trouble, please? - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWrO2QQAKCRCveOk+D/ej KrUjAJoCx6H9QgcJH97lMklyQZfOy0PrnQCggDki8cJvqdQl+mgWCLkNGePC1Fc= =vSkJ -END PGP SIGNATURE- ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
[Q] what is the right way to log what script does?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I need to know what script did ... what is the best way to log script all LDAP related activity? is it something like? sub each_ldap_related_anything { ... use Storable; store \%all_things_to_log, 'file'; ... } - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iEYEARECAAYFAlpiABQACgkQr3jpPg/3oyoVAACghr0xx0ny13u3CNz9SqduHded qFkAoOQ3wM05SYltaR88x6taHAwyM70Z =uHoO -END PGP SIGNATURE-
[Q] how to add country attribute to organizationalUnit objectclass?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, I'm using organizationalUnit to hold organization related data and I'm wondering, how can I add country attribute to the object? I find it stumbling, all other address attributes are available but country ... I'd like to be able to do something like this: - ---[ fake object quotation start ]--- dn: ou=starfleet,ou=Organizations,dc=umidb associatedDomain: starfleet.startrek.in businessCategory: deep-space exploratory businessCategory: peacekeeping businessCategory: military service l: Fort Baker c: us objectClass: country objectClass: top objectClass: organizationalUnit objectClass: domainRelatedObject ou: starfleet physicalDeliveryOfficeName: Starfleet LLC postalAddress: here the address to be added postalCode: 12345 postOfficeBox: 1a registeredAddress: here the address to be added too st: California street: Space St. telephoneNumber: 922 - ---[ fake object quotation end ]--- - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iEYEARECAAYFAlphvyQACgkQr3jpPg/3oyr49QCfW+SAQZeq9orhQasTuqtb2A2E KZAAoLnO8DlP7z6bkNDe2JUKw9+JbnlI =9epg -END PGP SIGNATURE-
Re: Net::LDAP::Extension::Refresh doesn't understand responce from server
Peter Marschall <pe...@adpm.de> wrote: > Have you tried patching usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm? > Here's what I'd try as a first idea: not yet, will check it > > after setting dds-max-ttl to some big enough value, same code works well > Do I get it right, that only the error case (i.e. setting the ttl to a higher > value than allowed) fails, while the correct case (setting the ttl to a value > within the bounds allowed) works? yes, you do > In any case, can you provde a minimal test case that allows reporducing the > success and failure cases?! bellow are details I was trying to refresh from now (2017.12.27 14:44) to 2018.07.07 07:00 as the result, the object was created (indeed) with dds-default-ttl ttl but get_ttl() issued just after the refresh() didn't recognize that ---[ slapd.conf quotation start ]--- ... overlay dds dds-max-ttl 3d dds-min-ttl 30m dds-default-ttl 1h dds-interval120s dds-tolerance 5s ... ---[ slapd.conf quotation end ]--- ---[ code quotation start ]--- ... use Data::Printer; ... sub refresh { my ($self, $entryName, $requestTtl) = @_; p $entryName; p $requestTtl; my $callername = (caller(1))[3]; $callername = 'main' if ! defined $callername; my ($return, $msg); $msg = $self->ldap->refresh ( entryName => $entryName, requestTtl => $requestTtl ); p my $ttl = "refresh TTL: " . $msg->get_ttl(); p $ttl .= $msg->error() if $msg->code(); if ($msg->code) { $return = $self->err( $msg ); $return->{caller} = 'call to LDAP_CRUD->refresh from ' . $callername . ': '; } else { $return->{success} = $msg->get_ttl(); } return $return; } ... ---[ code quotation end ]--- ---[ debug quotation start ]--- Printing in line 895 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "authorizedService=w...@borg.startrek.in,uid=naf.nafus3,ou=People,dc=umidb" Printing in line 895 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: 16481774 Use of uninitialized value $end in numeric ge (>=) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 626, line 1063. Use of uninitialized value $end in numeric eq (==) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 63, line 1063. Use of uninitialized value in concatenation (.) or string at /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm line 901, line 1063. Printing in line 901 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "refresh TTL: " Printing in line 902 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "refresh TTL: time-to-live for dynamicObject exceeds limit" Printing in line 895 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "uid=naf.naf...@borg.startrek.in,authorizedService=w...@borg.startrek.in,uid=naf.nafus3,ou=People,dc=umidb" Printing in line 895 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: 16481774 Use of uninitialized value $end in numeric ge (>=) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 626, line 1133. Use of uninitialized value $end in numeric eq (==) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 63, line 1133. Use of uninitialized value in concatenation (.) or string at /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm line 901, line 1133. Printing in line 901 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "refresh TTL: " Printing in line 902 of /storage/work-stuff/Catalyst/UMI/script/../lib/LDAP_CRUD.pm: "refresh TTL: time-to-live for dynamicObject exceeds limit" ---[ debug quotation end ]--- -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Net::LDAP::Extension::Refresh doesn't understand responce from server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, while playing with refresh()/get_ttl() I found that Net::LDAP::Extension::Refresh doesn't understand OpenLDAP server reply in case when option dds-max-ttl is less than ttl I want to set with refresh() if in slapd.conf I set `dds-max-ttl 1d' and try to refresh ttl -> 5754911 with: ldapexop ... "refresh" "uid=..." 5754911 I receive: ldap_parse_result: Size limit exceeded (4) additional info: time-to-live for dynamicObject exceeds limit but code with Net::LDAP::Extension::Refresh spawns this: Use of uninitialized value $end in numeric ge (>=) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 626. Use of uninitialized value $end in numeric eq (==) at /usr/local/lib/perl5/site_perl/Convert/ASN1/_decode.pm line 63. after setting dds-max-ttl to some big enough value, same code works well - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iEYEARECAAYFAlpCU1YACgkQr3jpPg/3oyrENgCgi6dkpLt3uX/vX2Vtn3XMHbg2 eMUAoPx+8ZNCRxs9TKRIY+3nvN0ph8M4 =fBjQ -END PGP SIGNATURE-
Re: [Q] what is the best practice or right way to change schemas order for cn=config case?
Christian Kratzer <ck-li...@cksoft.de> wrote: > > 1. to move file? > > 2. to ldapmodify? > > > > for the one used to slapd.conf both of ways look weird ... :( > > for those cases that ldapmodify that does not work you can use slapcat > to dump all of the cn=config database edit it and reimport using slapadd. > > Adding -n0 to slapadd and slapcat makes it use the cn=config database. it is one of the causes making me to delay the switch to cn=config topology ... :( all scenarios described looks too artificial ... since the very elementary and simple operation (editing config file) becames a pain ... especially when I need to reorder schema files on many hosts ... I was sure I'm missing something in how to handle such a tasks ... -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
[Q] what is the best practice or right way to change schemas order for cn=config case?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, what is the best practice or right way to change schemas order for cn=config case? 1. to move file? 2. to ldapmodify? for the one used to slapd.conf both of ways look weird ... :( - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iEYEARECAAYFAlo6mMsACgkQr3jpPg/3oypRzwCdHNMNgUewiolW91I7DB7cK5dE BqoAn0tXLDIMIBg0W9uG39pwN7LPRPth =jKuI -END PGP SIGNATURE-
[bug-mailutils] broken attachments names (if long and encoded)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 here, developer of RoundCube explains the issue https://github.com/roundcube/roundcubemail/issues/6048#issuecomment-345240778 - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iEYEARECAAYFAloO7K4ACgkQr3jpPg/3oyrz7wCcCqIO9rxQKq66Frmhtx06+7c8 9nYAoMo2MB1xBI3rV2MX5f4/1u0Jc11O =P00k -END PGP SIGNATURE- ___ Bug-mailutils mailing list Bug-mailutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-mailutils
Can't list the managed customers
Hi, I'm having some troubles listing the customers in the API. In the web console, I can see accounts connected but when I can't list them in the API (no error, just no elements returned). I am using the ManagedCustomerService to retrieve this list. Any idea why I am getting an empty response? Many thanks, -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and Google+: https://googleadsdeveloper.blogspot.com/ https://plus.google.com/+GoogleAdsDevelopers/posts =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. Visit this group at https://groups.google.com/group/adwords-api. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/3c858f6e-f2f2-4fd3-8987-d294790722bb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Can't list the managed customers
Hi, I'm having some troubles trying to get the list of managed customers. I can see accounts in the AdWords web console but when I try to list them in the API the list is empty (no error received, just no elements in the list). I am using the "ManagedCustomerService" to retrieve the list. Any ideas why the list is empty? Thanks, -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and Google+: https://googleadsdeveloper.blogspot.com/ https://plus.google.com/+GoogleAdsDevelopers/posts =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. Visit this group at https://groups.google.com/group/adwords-api. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/8b9065f8-1e98-4f99-9410-b89f8fc76627%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [greasemonkey-users] Help with the new api
Le mercredi 18 octobre 2017 17:04:55 UTC+2, Anthony Lieuallen a écrit : > - the @require field is not working ? >> > > Works fine for me. Please provide detail. > > This is the script : https://greasyfork.org/fr/scripts/18056-dailymotion-raw-html5-player/code I use // @require https://cdn.jsdelivr.net/npm/hls.js@0.8.4 which should create an Hls class in the global scope but doesn't. Alternatively I've tried to include the script in the document and it worked but then I can't access the class because of the sandbox. -- You received this message because you are subscribed to the Google Groups "greasemonkey-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to greasemonkey-users+unsubscr...@googlegroups.com. To post to this group, send email to greasemonkey-users@googlegroups.com. Visit this group at https://groups.google.com/group/greasemonkey-users. For more options, visit https://groups.google.com/d/optout.
Re: Antw: Re: [Q] amendments to schemes existent
Andrew Findlaywrote: > You could try using the extended search filter syntax: > > (dhcpOption:caseIgnoreSubstringsMatch:=boot*) > > See RFC4515 for more details. In practice you will probably want to create a I tried and failed ... where did I mistake? :( for original ldapns.schema 1. search works with filter: (authorizedService=mail@hh001.umidb) (and without index it returns empty result) # base
Re: Antw: Re: [Q] amendments to schemes existent
Andrew Findlaywrote: > Try this: > (authorizedService:caseIgnoreSubstringsMatch:=m...@hh001.umi) now there is no error message, though the result is still empty alas ... # base
Re: Antw: Re: [Q] amendments to schemes existent
Ulrich Windl <ulrich.wi...@rz.uni-regensburg.de> wrote: > But you are basically changing the semantics of attribute authorizedService: > Before "*" was literal, after it is magic (substring match). > > The discussion on which variant is more useful is a different issue ;-) for *my* flow, the variant of original schema is unusable since I have pleny of values and to hardcode all of them for all available searches is not good idea, to my mind ... if to return to the starting question: is there other way to get originally SUBSTR-less attributes to be matchable by substring, except hacking the scheme? -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
Re: [Q] amendments to schemes existent
thank you for reply Andrew Findlay <andrew.find...@skills-1st.co.uk> wrote: > You should not change the definitions of standard attributes or > objectclasses. I remember that, though I wasn't able to get that working without patching ... > That does not stop you from setting up an index for the > attribute though, and most LDAP servers will then allow you to search > for it even if the published schema does not allow for the possibility. here is my story, what I tryed and what worked: 1. INDEX SUB index authorizedService sub,eq in line 180 of slapd.conf and original ldapns.schema, slapd doesn't start and complains with: /usr/local/etc/openldap/slapd.conf: line 180: substr index of attribute "authorizedService" disallowed 2. ORIGINAL ldapns.schema - no substring search result ---[ slapd.conf ]--- index default eq,sub index authorizedService eq ---[ slapd.conf ]--- ---[ slapd.log with original ldapns.schema ] Oct 19 08:00:52 host slapd[1245]: conn=1008 op=1 SRCH base="ou=People,dc=foo" scope=2 deref=0 filter="(?authorizedService=web@*)" Oct 19 08:00:52 host slapd[1245]: conn=1008 op=1 SRCH attr=* createTimestamp creatorsName modifiersName modifyTimestamp Oct 19 08:00:52 host slapd[1245]: conn=1008 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= ---[ slapd.log with original ldapns.schema ] 3. PATCHED ldapns.schema - successful substring search ---[ ldapns.schema.patch ]--- --- ldapns.schema.orig 2014-09-15 23:47:56.135989000 +0300 +++ ldapns.schema 2015-02-15 23:50:53.714906292 +0200 @@ -1,6 +1,7 @@ attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' DESC 'IANA GSS-API authorized service name' EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject' ---[ ldapns.schema.patch ]--- ---[ slapd.conf ]--- index default eq,sub index authorizedService sub,eq ---[ slapd.conf ]--- ---[ slapd.log with patched ldapns.schema ]--- Oct 19 08:04:40 host slapd[1367]: conn=1041 op=1 SRCH base="ou=People,dc=foo" scope=2 deref=0 filter="(authorizedService=web@*)" Oct 19 08:04:40 host slapd[1367]: conn=1041 op=1 SRCH attr=* createTimestamp creatorsName modifiersName modifyTimestamp Oct 19 08:04:40 host slapd[1367]: conn=1041 op=1 SEARCH RESULT tag=101 err=0 nentries=8 text= ---[ slapd.log with patched ldapns.schema ]--- -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
[greasemonkey-users] Help with the new api
Hello I'm trying to convert my scripts and I have some issues : - the finalUrl in xhr is not set ? - the @require field is not working ? - I injected scripts to the document instead but can't get the data back, no unsafeWindow ? - the script doesn't run under some iframes I know it's just on alpha stage, no worries, but since it's not documented yet maybe I'm missing some stuff. -- You received this message because you are subscribed to the Google Groups "greasemonkey-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to greasemonkey-users+unsubscr...@googlegroups.com. To post to this group, send email to greasemonkey-users@googlegroups.com. Visit this group at https://groups.google.com/group/greasemonkey-users. For more options, visit https://groups.google.com/d/optout.
[Q] amendments to schemes existent
greetings, I'm wondering of search possibility lack for some attributes my question is: is it correct/good/sane/e.t.c. to patch them this way? is there other way to get those attributes searchable? for example I have to patch some schemes like this: ---[ PATCH SAMPLES START ]--- --- dhcp.schema.orig2017-08-25 13:14:26.69157 +0300 +++ dhcp.schema 2017-08-25 13:15:56.55898 +0300 @@ -14,6 +14,7 @@ attributetype ( 2.16.840.1.113719.1.203. NAME 'dhcpStatements' EQUALITY caseIgnoreIA5Match DESC 'Flexible storage for specific data depending on what object this exists in. Like conditional statements, server parameters, etc. This allows the standard to evolve without needing to adjust the schema.' + SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 2.16.840.1.113719.1.203.4.4 @@ -38,6 +39,7 @@ attributetype ( 2.16.840.1.113719.1.203. NAME 'dhcpOption' EQUALITY caseIgnoreIA5Match DESC 'Encoded option values to be sent to clients. Each value represents a single option and contains (OptionTag, Length, OptionValue) encoded in the format used by DHCP.' + SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 2.16.840.1.113719.1.203.4.8 @@ -199,6 +201,7 @@ attributetype ( 2.16.840.1.113719.1.203. attributetype ( 2.16.840.1.113719.1.203.4.34 NAME 'dhcpHWAddress' EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch DESC 'The clients hardware address that requested this IP address.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) --- ldapns.schema.orig 2014-09-15 23:47:56.135989000 +0300 +++ ldapns.schema 2015-02-15 23:50:53.714906292 +0200 @@ -1,6 +1,7 @@ attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' DESC 'IANA GSS-API authorized service name' EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject' --- nis.schema.orig 2017-02-11 21:38:48.984906000 +0200 +++ nis.schema 2017-10-02 13:20:52.140691000 +0300 @@ -55,6 +55,7 @@ attributetype ( 1.3.6.1.1.1.1.2 NAME 'ge attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolute path to the home directory' EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' ---[ PATCH SAMPLES STOP ]--- -- IT dpt., I.B.S. LLC
Re: [HACKERS] Possible SSL improvements for a newcomer to tackle
On Tue, Oct 3, 2017 at 11:39 AM, Nico Williamswrote: > On Tue, Oct 03, 2017 at 12:33:00AM -0400, Tom Lane wrote: > > So to default to verification would be to default to failing to > > connect at all until user has created a ~/.postgresql/root.crt file with > > valid, relevant entries. That seems like a nonstarter. > > > > It's possible that we could adopt some policy like "if the root.crt file > > exists then default to verify" ... but that seems messy and unreliable, > > so I'm not sure it would really add any security. > > Still, it would be safer to refuse to connect until the lack of trust > anchors is rectified than to connect without warning about the inability > to verify a server. By forcing the user (admins) to take action to > remediate the problem, the problem then gets fixed, whereas plowing on > creates an invisible (for many users) security problem. I agree with Nico. If the server certificate can't be validated, the client should fail to connect unless specifically opting out of MITM protection. Why not change DefaultSSLMode from "prefer," even if it isn't backwards compatible? Is there a policy for deprecating default settings?
[HACKERS] Possible SSL improvements for a newcomer to tackle
I previously made one minuscule contribution to the project two years ago. I'm interested in doing some more, and I'm trying to figure out what to focus on. Two SSL-related projects caught my attention: 1) Allow automatic selection of SSL client certificates from a certificate store (https://www.postgresql.org/message-id/8766.1241799...@sss.pgh.pa.us). It seems relatively straightforward to support an additional file format for key-value pairs in postgresql.crt/.key, and I think this is something I could take on if it's still desired. 2) I was surprised to learn the following from the docs: > By default, PostgreSQL will not perform any verification of the server certificate. This means that it is possible to spoof the server identity (for example by modifying a DNS record or by taking over the server IP address) without the client knowing. In order to prevent spoofing, SSL certificate verification must be used. Is there a technical reason to perform no verification by default? Wouldn't a safer default be desirable?
[Q] how to refresh Dynamic Directory Services object ttl?
greetings, how can I refresh ttl of Dynamic Directory Services object with Net::LDAP? for OpenLDAP there is overlay dds (described in 12.5 section of http://www.openldap.org/doc/admin24/overlays.html) so, how can I do something like this: ldapexop -x -H ldap://ldaphost "refresh" "uid=naf.nafnaf@talax.startrek.in,authorizedService=m...@talax.startrek.in,uid=naf.naf,ou=People,dc=umidb" "10d" -D "uid=admin,ou=People,dc=umidb" -W is it, just modifying attr `entryTtl'? -- IT dpt., I.B.S. LLC
Re: ctl.conf includes
+1 Eugene M. Zheganin <e...@norma.perm.ru> wrote: > one-for-a-target config files complicates lot of things. I understand > clearly that this is only my problem, bit I'm writing this in case of > someone's needs this too, so may be I'm not alone asking for ctl.conf > includes. I am aware that ctladm allows many thing, including creating > and deleting targets on the fly, but the problem is in saving this > configuration in the consistent state. -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
consumer state is newer than provider (was "can I replicate several branches to the same slave from one master?")
greetings, alas, but I still face the issue ... :-\ ---[ replica log quotation start ]--- ... Jul 27 12:29:46 ABC slapd[15466]: do_syncrep2: rid=000 LDAP_RES_SEARCH_RESULT (53) Server is unwilling to perform Jul 27 12:29:46 ABC slapd[15466]: do_syncrep2: rid=000 (53) Server is unwilling to perform Jul 27 12:29:46 ABC slapd[15466]: do_syncrepl: rid=000 rc -2 retrying ... ---[ replica log quotation end ]--- ---[ master log quotation start ]--- ... Jul 27 12:29:46 master slapd[45467]: conn=2610 op=1 BIND dn="uid=replABC,ou=repl,ou=system,dc=example" method=128 Jul 27 12:29:46 master slapd[45467]: conn=2610 op=1 BIND dn="uid=replABC,ou=repl,ou=system,dc=example" mech=SIMPLE ssf=0 Jul 27 12:29:46 master slapd[45467]: conn=2610 op=1 RESULT tag=97 err=0 text= Jul 27 12:29:46 master slapd[45467]: conn=2611 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Jul 27 12:29:46 master slapd[45467]: conn=2611 op=0 STARTTLS Jul 27 12:29:46 master slapd[45467]: conn=2611 op=0 RESULT oid= err=0 text= Jul 27 12:29:46 master slapd[45467]: conn=2610 op=2 SRCH base="cn=example-accesslog" scope=2 deref=0 filter="(&(objectClass=auditWriteObject)(reqResult=0))" Jul 27 12:29:46 master slapd[45467]: conn=2610 op=2 SRCH attr=reqDN reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN Jul 27 12:29:46 master slapd[45467]: conn=2610 op=2 SEARCH RESULT tag=101 err=53 nentries=0 text=consumer state is newer than provider! Jul 27 12:29:46 master slapd[45467]: conn=2610 op=3 UNBIND ... ---[ master log quotation end ]--- please advise Quanah Gibson-Mount <qua...@symas.com> wrote: > > slapd[38004]: conn=30116 op=3 SEARCH RESULT tag=101 err=53 nentries=0 > > text=consumer state is newer than provider! > > It sounds like your replica was not configured correctly initially and > self-generated its own CSN that is newer than the one on the provider. what in replica configuration can lead to that? I configured replica just as it is described in the documentation "18.3.2.1. Delta-syncrepl Provider configuration" > It would be interesting to make a modification on the provider so that > its CSN is updated (and thus has one newer than on the consumer). doesn't help ... helps only deleting consumer DB (in some cases for a several times) DB replicates but after some time it looses sync again ... can master configuration cause that as well? here is (just to remind) how master/replica are configured ... ---[ replica slapd.conf quotation start ]--- ... syncrepl rid=0 provider=ldap://master.example:389 starttls=critical searchbase="dc=example" bindmethod=simple binddn="uid=replABC,ou=repl,dc=example" credentials="***" tls_cacert=/usr/local/etc/openldap/ssl/ca.crt tls_cert=/usr/local/etc/openldap/ssl/ABC.crt tls_key=/usr/local/etc/openldap/ssl/ABC.key tls_reqcert=try type=refreshAndPersist retry="60 +" logbase="cn=example-accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" syncdata=accesslog ... ---[ replica slapd.conf quotation end ]--- ---[ master configuration quotation start ]--- ... access to dn.subtree="cn=example-accesslog" by dn.onelevel="ou=repl,ou=system,dc=example" read by * break ###--- ABC access to dn.regex="^uid=(.*)@foo.bar,authorizedService=(mail|xmpp)@foo.bar,uid=(.*),ou=People,dc=example$" attrs=entry,entryCSN,entryUUID,objectClass,cn,... by dn.exact="uid=replABC,ou=repl,ou=system,dc=example" read by * break access to dn.regex="ou=ABC,ou=Sendmail,dc=example|ou=ABC,ou=DHCP,dc=example" by dn.exact="uid=replABC,ou=repl,ou=system,dc=example" read by * stop ... ---[ master configuration quotation end ]--- -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Re: [Q] "selective" ACL
-r-inventory,ou=group,ou=system,dc=foo]/memberUid & user/uid" read by users read by * none access to dn.subtree="ou=group,dc=foo" by dn.one="ou=repl,ou=system,dc=foo" search by set="[cn=acl-w-group,ou=group,ou=system,dc=foo]/memberUid & user/uid" write by set="[cn=acl-r-group,ou=group,ou=system,dc=foo]/memberUid & user/uid" read by users read by * none # for `users' we set `search' because `read' allows to read all, but # we tried to narrow what replica can get, otherwise removing it makes # it impossible to get anything (perhaps it blocks some objects needed) access to * by dn.exact="uid=SPECIAL-USER,ou=People,dc=foo" manage by set="[cn=admin,ou=group,ou=system,dc=foo]/memberUid & user/uid" manage by peername.ip=127.0.0.1 read by dn.one="ou=repl,ou=system,dc=foo" search by set="[cn=bind,ou=group,ou=system,dc=foo]/memberUid & user/uid" read by self read by users read by * none ... ---[ slapd.conf quotation end ]--- > In the simple case where 'by * none' would have the same effect, you could > just put another ACI ahead of the one above so it comes out like this: > ... > The problem is to write the ''. is there way to know whether DN is a child of the admin's one, except to look at the end of it, whether it ends with "uid=ADMIN-USER-TO-PROCESS,ou=People,dc=foo" ? > That would probably be easier if you were not defining admin users by their > UID in a Posix group. Ideally there would be an attribute visible in each > entry that defines admin status, as then you could just key on that. it implies to use the attribute for each child object of the admin object like: ---[ LDIF 2 quotation start ]--- dn: uid=adminuser,ou=People,dc=foo belongsToAdmin: yes ... objectClass: person ## branch for email service of talax.startrek.in domain object dn: authorizedService=m...@talax.startrek.in,uid=adminuser,ou=People,dc=foo belongsToAdmin: yes ... objectClass: person ## email service of talax.startrek.in domain object dn: uid=nee...@talax.startrek.in,authorizedService=m...@talax.startrek.in,uid=adminuser,ou=People,dc=foo belongsToAdmin: yes ... objectClass: person ## branch for email service of rinax.startrek.in domain object dn: authorizedService=m...@rinax.startrek.in,uid=adminuser,ou=People,dc=foo belongsToAdmin: yes ... objectClass: person ## email service of rinax.startrek.in domain object dn: uid=ali...@rinax.startrek.in,authorizedService=m...@rinax.startrek.in,uid=adminuser,ou=People,dc=foo belongsToAdmin: yes ... objectClass: person ---[ LDIF 2 quotation end ]--- correct? > If your admin group is defined as a standard DN-based groupOfNames then > you could use the memberof overlay to reflect membership into an attribute > of the user entry. it implies to provide all admin's children dn-s as member for such a group like ---[ LDIF 3 quotation start ]--- dn: cn=admin,ou=group,ou=system,dc=foo cn: admin member: uid=adminuser,ou=People,dc=foo member: authorizedService=m...@talax.startrek.in,uid=adminuser,ou=People,dc=foo member: uid=nee...@talax.startrek.in,authorizedService=m...@talax.startrek.in,uid=adminuser,ou=People,dc=foo member: authorizedService=m...@rinax.startrek.in,uid=adminuser,ou=People,dc=foo member: uid=ali...@rinax.startrek.in,authorizedService=m...@rinax.startrek.in,uid=adminuser,ou=People,dc=foo objectClass: groupOfNames ---[ LDIF 3 quotation end ]--- correct? -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) signature.asc Description: PGP signature
Re: [Q] can I replicate several branches to the same slave from one master?
Quanah Gibson-Mount <qua...@symas.com> wrote: > > emm ... I was sure I can not do that on the master side ... just I try > > do that, I receive full data ... > > Then likely your ACLs were incorrect? yes, they were at last I was able to fix that and get it working the way (I believe) I want: ---[ slave configuration quotation start ]--- ... syncrepl rid=0 ... searchbase="dc=example" ... ... ---[ slave configuration quotation end ]--- ---[ master configuration quotation start ]--- ... access to dn.children="cn=example-accesslog" by dn.one="ou=repl,ou=system,dc=example" read by * break access to dn.regex="^uid=(.*)@(.*),authorizedService=(mail|xmpp)@(.*),uid=(.*),ou=People,dc=example$" attrs=entry,entryCSN,entryUUID,objectClass,cn,o,uid,uidNumber,gidNumber,gecos,homeDirectory,loginShell,userPassword,creatorsName,createTimestamp,modifiersName,modifyTimestamp,mail,rfc822MailMember,sn,telephoneNumber,authorizedService,mu-mailBox by dn.exact="uid=replABC,ou=repl,ou=system,dc=example" read by * break access to dn.regex="ou=ABC,ou=Sendmail,dc=example|ou=ABC,ou=DHCP,dc=example" by dn.exact="uid=replABC,ou=repl,ou=system,dc=example" read by * stop ... # the final ACL access to * by set="[cn=admin,ou=group,dc=example]/memberUid & user/uid" write by peername.ip=127.0.0.1 read by self read by users search by * break ... ---[ master configuration quotation end ]--- thank you all, for help! -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Re: [Q] can I replicate several branches to the same slave from one master?
Quanah Gibson-Mount <qua...@symas.com> wrote: > > Wouldn't it be simpler to define ACLs on the master that limit what > the replication identity has access to that matches your filters? > emm ... I was sure I can not do that on the master side ... just I try do that, I receive full data ... looks like some more permittive acl works for the replica ... can I somehow know which acl matched the replica? But I was trying to place replABC ACLs to the end of the list and still was not able to limit data according the filter > I would also note that your stanza limiting what attrs are replicated > is missing the operational attributes that are necessary for sync > replication to function, so I would fully expect errors. do you mean entryCSN and entryUUID ? > unique, as documented in the man page. Given that OpenLDAP functions > off of CSN values, partial replication is tricky, as the master can > then have a contextCSN that does not correspond to anything in a > partially replicated database, depending on how you slice it. > I was sure I understood the documentation ... -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Re: [Q] can I replicate several branches to the same slave from one master?
Quanah Gibson-Mount <qua...@symas.com> wrote: > --On Friday, June 30, 2017 12:48 AM +0300 Zeus Panchenko > <z...@ibs.dn.ua> wrote: > ... > > 22:45:30 ABC slapd[12593]: do_syncrep2: rid=000 (53) Server is unwilling > > to perform Jun 29 22:45:30 ABC slapd[12593]: do_syncrepl: rid=000 rc -2 > > retrying ---[ slave slapd.log quotation end > > ] > > And what does the master say? > same thing: slapd[38004]: conn=30116 op=3 SEARCH RESULT tag=101 err=53 nentries=0 text=consumer state is newer than provider! -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Re: [Q] can I replicate several branches to the same slave from one master?
Andrew Findlay <andrew.find...@skills-1st.co.uk> wrote: > > Try fixing the RIDs - use small numbers, all different. The exact values are > not important. > Also try commenting out the second syncrepl clause until you have the others > working properly. > You should be able to merge the first and second clauses as they share a > search-base. I did both of them, now slave configuration looks this way: ---[ slave configuration quotation start ] syncrepl rid=0 provider=ldap://master.example:389 starttls=critical searchbase="ou=ABC,ou=Sendmail,dc=example" bindmethod=simple binddn="uid=replABC,ou=repl,dc=example" credentials="***" tls_cacert=/usr/local/etc/openldap/ssl/ca.crt tls_cert=/usr/local/etc/openldap/ssl/ABC.crt tls_key=/usr/local/etc/openldap/ssl/ABC.key tls_reqcert=try type=refreshAndPersist retry="60 +" logbase="cn=example-accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" syncdata=accesslog syncrepl rid=1 provider=ldap://master.example:389 starttls=critical searchbase="ou=People,dc=example" bindmethod=simple binddn="uid=replABC,ou=repl,dc=example" credentials="***" filter="(&(objectClass=authorizedServiceObject)(|(authorizedService=m...@foo.bar)(authorizedService=x...@foo.bar)))" attrs="cn,entry,entryCSN,entryUUID,o,uid,uidNumber,gidNumber,gecos,homeDirectory,loginShell,userPassword,creatorsName,createTimestamp,modifiersName,modifyTimestamp,mail,rfc822MailMember,sn,authorizedService,mu-mailBox" tls_cacert=/usr/local/etc/openldap/ssl/ca.crt tls_cert=/usr/local/etc/openldap/ssl/ABC.crt tls_key=/usr/local/etc/openldap/ssl/ABC.key tls_reqcert=try type=refreshAndPersist retry="60 +" logbase="cn=example-accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" syncdata=accesslog ---[ slave configuration quotation end ] I separated rid-s and even searchbases, but I still can see complains in slapd.log file, though now it is only rid=0 which is complained on, not both of them ... ---[ slave slapd.log quotation start ] Jun 29 22:45:30 ABC slapd[12593]: do_syncrep2: rid=000 LDAP_RES_SEARCH_RESULT (53) Server is unwilling to perform Jun 29 22:45:30 ABC slapd[12593]: do_syncrep2: rid=000 (53) Server is unwilling to perform Jun 29 22:45:30 ABC slapd[12593]: do_syncrepl: rid=000 rc -2 retrying ---[ slave slapd.log quotation end ] > > You may also need to put ACLs on the accesslog database. > is it something like this? access to dn.children="cn=example-accesslog" by dn.children="ou=repl,dc=example" read by * break but is not the fact that one replica working confirms, that replication is allowed and I can see the changes for the objects of rid=1 -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
[Q] can I replicate several branches to the same slave from one master?
(53) Server is unwilling to perform Jun 26 21:41:45 ABC slapd[67187]: do_syncrepl: rid=123 rc -2 retrying Jun 26 21:41:45 ABC slapd[67187]: do_syncrep2: rid=123 LDAP_RES_SEARCH_RESULT (53) Server is unwilling to perform Jun 26 21:41:45 ABC slapd[67187]: do_syncrep2: rid=123 (53) Server is unwilling to perform Jun 26 21:41:45 ABC slapd[67187]: do_syncrepl: rid=123 rc -2 retrying Jun 26 21:42:43 ABC slapd[67187]: conn=1003 fd=9 ACCEPT from IP=127.0.0.1:37489 (IP=127.0.0.1:389) Jun 26 21:42:43 ABC slapd[67187]: conn=1003 op=0 BIND dn="" method=128 - ---[ slave slapd.log quotation end ] - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWVGE9gAKCRCveOk+D/ej Kp1JAJ9tFikqgeCHlzUXfQrcTQuHlAqNKwCdEMnIM6uOFRCNBN6oHmh4AyQ6j1U= =Xn/Y -END PGP SIGNATURE-
[Q] what is the correct way to filter by remote pf?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 greetings please, advise WHAT I HAVE: routerB <-> netX/16 ^ | V clients <-> routerA <-> netX/24 WHAT I NEED: to provide `clients <-> netX/24' traffic on the base of routerB pf rules so, the very decission to pass or to block have to be done on routerB HOW I THINK TO DO THAT: = VARIANT I - - - ---[ routerA pf.conf quotation start ]--- ... pass in log (to pflog1) on $if_clients-to-routerA from to tag TO_AUTH pass in log (to pflog1) route-to ($if_routerA-to-routerB $routerB_ip) tagged TO_AUTH ... - ---[ routerA pf.conf quotation end ]--- - ---[ routerB pf.conf quotation start ]--- ... pass in log (to pflog1) on $if_routerB-to-routerA from to tag AUTHED pass in log (to pflog1) route-to ($if_routerB-to-routerA $routerA_ip) tagged AUTHED block to ... - ---[ routerB pf.conf quotation end ]--- RESULTS: I see packets redirected to routerB, but there the packets are looping untill the time to live exceeded = VARIANT II - - - ---[ routerA pf.conf quotation start ]--- ... pass in log (to pflog1) on $if_clients-to-routerA from to tag TO_AUTH pass in log (to pflog1) route-to ($if_routerA-to-routerB $routerB_ip) tagged TO_AUTH ... - ---[ routerA pf.conf quotation end ]--- - ---[ routerB configuration quotation start ]- rc.conf static_routes="netX24" route_netX24="-net A.B.C.0/24 $routerA_ip" pf.conf pass in log (to pflog1) on $if_routerB-to-routerA from to tag AUTHED block to - ---[ routerB configuration quotation end ]- RESULTS: are same as for VARIANT I = VARIANT III - - something else ... may it relate to pfsync somehow? - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- iF0EARECAB0WIQQYIXL6FUmD7SUfqoOveOk+D/ejKgUCWVJGygAKCRCveOk+D/ej KhQoAKCHB+55dzTYOqD6S5mSC2TtCDjV8gCgzXQfBd3U30nXJMyj5Q4Ggfq1sRA= =ZCm0 -END PGP SIGNATURE- ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
[Nix-commits] [NixOS/nixpkgs] 1b8aec: stellarium: 0.14.3 -> 0.15.0
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 1b8aec421b4d4423ed82f3734068531f3e7bcddd https://github.com/NixOS/nixpkgs/commit/1b8aec421b4d4423ed82f3734068531f3e7bcddd Author: ft@zeus <ft@zeus> Date: 2016-12-21 (Wed, 21 Dec 2016) Changed paths: M pkgs/applications/science/astronomy/stellarium/default.nix Log Message: --- stellarium: 0.14.3 -> 0.15.0 close #21271 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits
ACL advice needed ...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 greetings, I'm trying to configure ACL, I belive it is possible to ... but after some attempts I doubt it is ... please, help me to understand where I'm making the mistake/s ... I need to manage possibility for "coadmins" group members to manage all except the objects of "admins" group members forgive me please my long explanation ... so I have: Important: the starting point in my case is auth accounts structure: users do auth with (lets call it) "root" objects (most upper level): uid=,ou=People,dc=abc - ---[ accounts and groups start ]--- dn: uid=admin1,ou=People,dc=abc dn: uid=admin7,ou=People,dc=abc dn: uid=bil,authorizedService=serviceD,uid=admin7,ou=People,dc=abc dn: uid=coadmin5,ou=People,dc=abc dn: uid=johndoe,authorizedService=serviceA,uid=coadmin5,ou=People,dc=abc dn: uid=coadmin6,ou=People,dc=abc dn: cn=admins,dc=abc memberUid: admin1 - ---[ accounts and groups end ]--- group objects memberUid attribute value contains uid of the "root" objects - ---[ group structure start ]--- dn: cn=coadmins,ou=group,dc=abc memberUid: coadmin5 memberUid: coadmin6 - ---[ group structure end ]--- here is the ACL I managed to work as I want: - ---[ quotation start ]--- access to dn.subtree="dc=abc" attrs=userPassword by set="[cn=admin,ou=group,dc=abc]/memberUid & user/uid" manage by set.exact="this/-2 & user" write by self write by anonymous auth by * break - ---[ quotation end ]--- this allows admins to manage passwords of anybody and for all other users manage passwords of self "root" account and service accounts (look structure of account objects above) and now, I had a hope to do the same to get possibility for coadmins to manage passwords of anybody except admins, and here what I thought about: - ---[ quotation start ]--- access to dn.subtree="dc=abc" attrs=userPassword by set="[cn=admin,ou=group,dc=abc]/memberUid & user/uid" manage by set="(([cn=admin,ou=group,dc=abc]/memberUid & this/uid) | ([cn=admin,ou=group,dc=abc]/memberUid & [this/-2]/uid)) & ([cn=coadmin,ou=group,dc=abc]/memberUid & user/uid)" disclose by set="[cn=coadmin,ou=group,dc=abc]/memberUid & user/uid" manage by set.exact="this/-2 & user" write by self write by anonymous auth by * break - ---[ quotation end ]--- and it doesn't work the initial idea of the second `by set=' row is: for coadmins to disallow all access to userPassword if account belongs to admin am I right to expect: 1.1. "[cn=admin,ou=group,dc=abc]/memberUid & this/uid" is true if uid of current record is member of the group `admin' when `this' is the very "root" account (uid=admin7,ou=People,dc=abc) 1.2. "[cn=admin,ou=group,dc=abc]/memberUid & [this/-2]/uid" uid of the "root" account (uid=admin7,ou=People,dc=abc) is admin group member when `this' is service account like: uid=bil,authorizedService=serviceD,uid=admin7,ou=People,dc=abc `this/-2' trimms it to `uid=admin7,ou=People,dc=abc' and `/uid' have to provide uid value 1.3. "[cn=coadmin,ou=group,dc=abc]/memberUid & user/uid" true if currently loggedin user uid is coadmin group member so ... was I successfull to explain what I want? :) - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlhFk1kACgkQr3jpPg/3oyp7XgCggcp9Y909JRQOknE7GkgjmZpw /sYAoIyimb3gcy38qZAjlyHfbF+rH63a =aqts -END PGP SIGNATURE-
[Gambas-user] FRAME
GREETINGS. IS THERE ANY OPTION TO ADD A SCROLL TO A FRAME? I HAVE AN APPLICATION WITH ALL THE ELEMENTS CONTAINED IN A FRAME BUT WHEN THE RESOLUTION OF THE SCREEN WHERE THE APPLICATION IS INSTALLED IS LOW THE SYSTEM IS NOT SHOWN PROPERLY, LOSING PART OF THE ELEMENTS CONTAINED IN THE FRAME. -- ___ Gambas-user mailing list Gambas-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gambas-user
Re: is lagg (re+wlan) working on 11.0-RELEASE?
thanks for quick reply J.R. Oldroyd <f...@opal.com> wrote: > There is a work-around. Configure the re interface with the MAC > address of the wlan instead of the other way around. I done it and here is what happens: 1. I boot notebook with wire *not* plugged in, wlan is up, associated and authed, network is OK 2. I plug wire and network becomes stale 3. I run `tcpdump -ni lagg0' to see what's going on and oh wonder, network comes back lo life! so ... either to not to use lagg or run tcpdump constantly ... it is rather weird :( -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) pgpQC1881A51t.pgp Description: PGP signature
[igraph] help: R bomb when calculating assortativity with NA values
Hello, I am working in R Studio 0.99.903 and want to calculate the assortativity for two variables. 1. Do individuals cluster if they are of the same sex? Male (m) or Female (f) 2. Do individuals cluster if they have the same reproductive status? Reproductive active (y), non-active (n), NA <- so here I have quite some NA values the association data is in file "network_2013" the info on sex and reproductive status of the individuals is in file my_supp_2013 #conversion of network data into igraph graph net_graph_2013 <- graph.adjacency(network_2013,mode="undirected",weighted=TRUE,diag=FALSE) # Sex assortativity_nominal(net_graph_2013, my_supp_2013$Sex, directed=F) # Repr Status assortativity_nominal(net_graph_2013, my_supp_2013$Repro, directed=F) I do not know why it works for the Sex but not for Reproductive Status. I assume it has to do with the NA values? Please help. Veronika "","X0566","X0696","X08AD","X0942","X0A19","X0EDF","X17B5","X199B","X1C19","X1F19","X1F85","X2253","X2389","X260B","X2877","X287B","X297D","X2C47","X2D08","X2D53","X2DB2","X2E96","X30DA","X32AD","X32BC","X3437","X3449","X35A6","X3931","X3946","X3B21","X3BE1","X3D2A","X3D93","X4E85","X58D2","X593D","X6886","X73AA","X7807","X7899","X879B","X89BC","X8ACD","X9027","X97F6","X9CDF","XB2B6","XBF50" "X0566",0,0.219512195121951,0.225,0.168539325842697,0.037037037037037,0.2625,0.160714285714286,0.204081632653061,0.322,0.0897435897435897,0.206896551724138,0.174418604651163,0.309090909090909,0.228915662650602,0.253012048192771,0.311,0.369230769230769,0.0843373493975904,0.261538461538462,0.243243243243243,0.342465753424658,0.240384615384615,0.270588235294118,0.36986301369863,0.0175438596491228,0.28735632183908,0.228260869565217,0.345679012345679,0.046875,0.181818181818182,0.0886075949367089,0.194,0.268817204301075,0.188235294117647,0.0930232558139535,0.313432835820896,0.0556,0.372881355932203,0.0930232558139535,0.0192307692307692,0.0185185185185185,0.0886075949367089,0.0588235294117647,0.103448275862069,0.19,0.262295081967213,0.32258064516129,0.103896103896104,0.0851063829787234 "X0696",0.219512195121951,0,0.373626373626374,0.288659793814433,0.0987654320987654,0.292134831460674,0.0476190476190476,0.330097087378641,0.473684210526316,0.233,0.372340425531915,0.326530612244898,0.144578313253012,0.397849462365591,0.347826086956522,0.4270833,0.148936170212766,0.308510638297872,0.174418604651163,0.303370786516854,0.247311827956989,0.4,0.26530612244898,0.378,0.0875,0.43298969072165,0.343434343434343,0.365591397849462,0.192771084337349,0.234567901234568,0.213483146067416,0.295454545454545,0.383838383838384,0.284210526315789,0.2,0.270588235294118,0.126582278481013,0.2,0.2708333,0.1125,0.0625,0.225806451612903,0.0625,0.284210526315789,0.411764705882353,0.129411764705882,0.188235294117647,0.303370786516854,0.287128712871287 "X08AD",0.225,0.373626373626374,0,0.34375,0.0526315789473684,0.423529411764706,0.051948051948052,0.39,0.393617021276596,0.244186046511628,0.387096774193548,0.333,0.128205128205128,0.523255813953488,0.563218390804598,0.489130434782609,0.25,0.280898876404494,0.27710843373494,0.397590361445783,0.258426966292135,0.514563106796116,0.301075268817204,0.364705882352941,0.0945945945945946,0.446808510638298,0.442105263157895,0.351648351648352,0.144578313253012,0.294871794871795,0.232558139534884,0.40506329113924,0.419354838709677,0.417582417582418,0.197802197802198,0.238095238095238,0.0921052631578947,0.154761904761905,0.252631578947368,0.0267,0.051948051948052,0.333,0.08,0.304347826086957,0.42,0.111,0.25609756097561,0.227272727272727,0.3020833 "X0942",0.168539325842697,0.288659793814433,0.34375,0,0.125,0.313131313131313,0.0556,0.365384615384615,0.310679611650485,0.379310344827586,0.431578947368421,0.326732673267327,0.10989010989011,0.277227722772277,0.333,0.343137254901961,0.123711340206186,0.365591397849462,0.202127659574468,0.221052631578947,0.244897959183673,0.373831775700935,0.23469387755102,0.275510204081633,0.0987654320987654,0.362745098039216,0.349514563106796,0.252525252525253,0.261904761904762,0.267,0.411764705882353,0.285714285714286,0.35,0.3854167,0.282828282828283,0.204081632653061,0.121951219512195,0.172043010752688,0.343434343434343,0.0740740740740741,0.0853658536585366,0.454545454545455,0.0864197530864197,0.43010752688172,0.380952380952381,0.0978260869565217,0.168421052631579,0.380434782608696,0.422680412371134
Re: is lagg (re+wlan) working on 11.0-RELEASE?
thanks for quick reply J.R. Oldroyd <f...@opal.com> wrote: > There is a work-around. Configure the re interface with the MAC > address of the wlan instead of the other way around. I done it and here is what happens: 1. I boot notebook with wire *not* plugged in wlan is up, associated and authed, network is OK 2. I plug wire and network becomes stale 3. I run `tcpdump -ni lagg0' to see what's going on and oh, wonder, network comes back lo life! so ... either to not to use lagg or run tcpdump constantly ... it is rather weird :( -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) pgpi3chBzMziI.pgp Description: PGP signature
Re: pfsync for sshguard table sync on several hosts
mxb <m...@alumni.chalmers.se> wrote: > Use BGP to distribute list of IP addresses. > Like it is done at http://bgp-spamd.net/ what about pfsync indeed? I need black list of addresses I do can control on my own and to install BGP infrastructure for local needs looks excessive isn't psync aimed for the tasks like this one? -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) pgpXSyCIWQRD7.pgp Description: PGP signature
can I freebsd-updtae from 11-CURRENT to 11.0-RELEASE?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, can I freebsd-updtae from 11-CURRENT to 11.0-RELEASE, please? - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlf9Qp0ACgkQr3jpPg/3oypC5ACg61LDsnl6QKFen8+SlgJWEhH7 EgsAnjzP+QqVMERujIPBkuVLy/e/EIzp =WV/K -END PGP SIGNATURE- ___ freebsd-amd64@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-amd64 To unsubscribe, send any mail to "freebsd-amd64-unsubscr...@freebsd.org"
psync for sshguard table sync on several hosts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, please advise I think of pfsync-ing sshguard table content among several hosts to get one big table on each host, since IP blocked on one host I want to be blocked on all others automatically (all hosts are terminated in one VPN) ... am I correct to consider psync as right way to get that? - -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlf9KHEACgkQr3jpPg/3oyojOwCgpZbc04rwL41LIIDaVDPgR7Vi G8QAoOP5wj87qh4JpT7NePGvnZBbplp2 =NSkz -END PGP SIGNATURE- ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
[Q] "selective" ACL
hi, I'm trying to configure a not complex (as I believe) ACL ... but have some difficulties I have two posixGroup groups cn=admins,ou=group,dc=foo cn=coadmins,ou=group,dc=foo my users resides in ou=People,dc=foo so, in subtree ou=People,dc=foo I need to allow anything to admins (and it is not difficult of course) for example this works for me: access to dn.subtree="ou=People,dc=foo" by set="[cn=admin,ou=group,dc=foo]/memberUid & user/uid" manage by self write by users read by * break but in addition I need to allow my coadmins to do the same things except manipulations upon the objects which belong to admins ( ...anyobject,uid=adminuser,ou=People,dc=foo ) so, the question is: how? (if it is possible at all) :( please, advise -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)
Re: wan1 as default, wan2 dedicated to a service
Max <maxi...@als.nnov.ru> wrote: > Probably you should use > pass out log on $if_dvr reply-to ($if_wan2 $gw_wan2) to thank you, Max, this helped -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
Re: default to wan1, definite subnet replies to wan2
sorry for noise, please ignore this incomplete message Zeus Panchenko <z...@ibs.dn.ua> wrote: > greetings, > > I have two wan intefaces, wan1 and wan2 > > wan1 is for default > > I have subnet in my LAN all replies from which I need to direct through > wan2 > > I hoped to do that with this pf configuration: > > if_service = "vlan1234" # service network > table const { 10.0.0.0/24 } > # requests for the service > rdr pass on $if_wan2 proto { tcp, udp } to ($if_wan2) port 1234 -> 10.0.0.1 > port 5678 > nat log on $if_wan2 from to any -> ($if_wan2) > ... > pass in log on $if_video route-to ($if_wan3 $gw_wan3) from to ! > keep state > -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
wan1 as default, wan2 dedicated to a service
hi, I need trivial thing but wondering where am I wrong ... :( help please I have two WAN interfaces: wan1 and wan2 wan1 is default route interface, wan2 is dedicated for DVR (video) I'm trying to direct all output from DVR to wan2 (here I do not care of where a request to DVR came from, I want all replies to go out trough wan2) so, I hoped to do that with this pf.config ---[ start ] if_wan1 = "em0" if_wan2 = "igb0" # ip address A.B.C.D gw_wan2 = "E.F.G.H" if_dvr="vlan123" table const { 10.0.0.0/24 } # redirect all requests on wan2 to DVR host1 rdr pass on $if_wan2 proto { tcp, udp } to ($if_wan2) port 1234 -> 10.0.0.1 port 5678 nat log on $if_wan2 from to any -> ($if_wan2) ... pass in log on $if_dvr route-to ($if_wan2 $gw_wan2) from to any keep state ---[ stop ] as results, I see requests from world on $if_wan2 I see redirects of the requests, out packets on $if_dvr I see replies to the requests, in packets on $if_dvr but I see ($if_wan2) sourced replies, and I see them on *$if_wan1* so, as I understand ... route-to works, otherwise replies wouldn't be from ($if_wan2) but nated replies appears on $if_wan1 what is default route ... so ... how can I have replies go out through $if_wan2? is it question of the second routing table? please, advise -- Zeus V. Panchenko jid:z...@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) ___ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
[PATCH]Translation to ja(LICENSE & README)
Hi, Dounin Thank you for your response. I understand it. >There are various other languages, see here: > >http://hg.nginx.org/nginx.org/file/tip/xml > >Though all except English and Russian are stale and was deactivated. > >-- >Maxim Dounin >http://nginx.org/> Best Regards, Takahiro Kujirai ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
[PATCH]Translation to ja(LICENSE & README)
Hi, Dounin Thank you for your response. I understood about LICENSE & README. >I think it's not going to work. We maintain Russian version of >CHANGES only because many of the developers are Russians >(including me) and can more or less easily write them while >releasing a new version. > >We've already tried to maintain translations of the nginx.org site >to various languages. The problem is that translations are >[almost] not refreshed after an initial translation is done and >quickly become stale, resulting in negative net effect. I saw nginx.org, I found English site & Russian site. --- http://nginx.org/en/ http://nginx.org/ru/ What other language site is it? And if there is a Japanese site, I want to translate. Best Regards, Takahiro Kujirai ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
[PATCH]Translation to ja(LICENSE & README)
Hi, Dounin Thank you for your response. I think needing translations to various languages. Because it is easy to understand licenses. By the way, is README too? And I think CHANGES needs to translate to various languages, not only Russian. What do you think? Best Regards, Takahiro Kujirai Hello! On Thu, Mar 17, 2016 at 03:01:45PM +0900, ZEUS-mgtGM KUJIRAI, Takahiro wrote: > # HG changeset patch > # User Takahiro Kujirai > # Date 1458193783 -32400 > # Thu Mar 17 14:49:43 2016 +0900 > # Node ID c08b49903ee70fb2fa4d9e133eadbd9ab8e4a12d > # Parent 81329f6a4254df3701b626d18cf8b9245e6d8aa1 > Translate to ja(LICENSE & README) Sorry, but we have no resources to maintain such translations to multiple languages. Additionally, license translations needs a lawyer - and this is not something we want to spend our time on. If you really need appropriate translation of the license, Wikipedia has translations to various languages: https://en.wikipedia.org/wiki/BSD_licenses#2-clause -- Maxim Dounin http://nginx.org/ ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
[no subject]
# HG changeset patch # User Takahiro Kujirai# Date 1458193783 -32400 # Thu Mar 17 14:49:43 2016 +0900 # Node ID c08b49903ee70fb2fa4d9e133eadbd9ab8e4a12d # Parent 81329f6a4254df3701b626d18cf8b9245e6d8aa1 Translate to ja(LICENSE & README) diff -r 81329f6a4254 -r c08b49903ee7 docs/text/LICENSE.ja --- /dev/null Thu Jan 01 00:00:00 1970 + +++ b/docs/text/LICENSE.ja Thu Mar 17 14:49:43 2016 +0900 @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2002-2016 Igor Sysoev + * Copyright (C) 2011-2016 Nginx, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 以下の条件を満たすならば、変更の有無に関わらずソースコード形式とバイナリー 形式の + * 再配布や使用が許可されます。 + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + *ソースコードの再配布は、上記の著作権表示、条件と以下の免責事項のリスト を保持しなければならない。 + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + *バイナリー形式の再配布は、上記の著作権表示、ドキュメントや他の配布され た製品の + *条件と以下の免責事項のリストを保持しなければならない。 + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ diff -r 81329f6a4254 -r c08b49903ee7 docs/text/README.ja --- /dev/null Thu Jan 01 00:00:00 1970 + +++ b/docs/text/README.ja Thu Mar 17 14:49:43 2016 +0900 @@ -0,0 +1,4 @@ + +Documentation is available at http://nginx.org +ドキュメントは、http://nginx.orgで入手可能です。 + ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
[PATCH]Translation to ja(LICENSE & README)
# HG changeset patch # User Takahiro Kujirai# Date 1458193783 -32400 # Thu Mar 17 14:49:43 2016 +0900 # Node ID c08b49903ee70fb2fa4d9e133eadbd9ab8e4a12d # Parent 81329f6a4254df3701b626d18cf8b9245e6d8aa1 Translate to ja(LICENSE & README) diff -r 81329f6a4254 -r c08b49903ee7 docs/text/LICENSE.ja --- /dev/nullThu Jan 01 00:00:00 1970 + +++ b/docs/text/LICENSE.jaThu Mar 17 14:49:43 2016 +0900 @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2002-2016 Igor Sysoev + * Copyright (C) 2011-2016 Nginx, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 以下の条件を満たすならば、変更の有無に関わらずソースコード形式とバイナリー 形式の + * 再配布や使用が許可されます。 + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + *ソースコードの再配布は、上記の著作権表示、条件と以下の免責事項のリスト を保持しなければならない。 + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + *バイナリー形式の再配布は、上記の著作権表示、ドキュメントや他の配布され た製品の + *条件と以下の免責事項のリストを保持しなければならない。 + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ diff -r 81329f6a4254 -r c08b49903ee7 docs/text/README.ja --- /dev/nullThu Jan 01 00:00:00 1970 + +++ b/docs/text/README.jaThu Mar 17 14:49:43 2016 +0900 @@ -0,0 +1,4 @@ + +Documentation is available at http://nginx.org +ドキュメントは、http://nginx.orgで入手可能です。 + ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
"nginx -v" outputs is in stderr.
Hello, Dounin! >Yes, this is by design. >See https://trac.nginx.org/nginx/ticket/592 for more details. I understood. And, I like stdout, I'll change source codes and use nginx. Thanks. Takahiro Kujirai @Zeus-Enterprise.Co.Ltd ___ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
how to disable spam checks for authenticated users?
Hi all, I'm new to postfix 2.11.3 under debian 8 and I have recently configured postfix+amavis+spamassassin+clamav+dovecot with virtual users (mysql). all seems to work ok but I'd like to disable amavis (and spamassassin/clam) checks for authenticated users mainly, and eventually for locally generated mails. can anyone help me ? I've already declared at the beginnig of my *restrictions* "permit_ssl_authenticated, permit_mynetworks, permit" in main.cf but without success. Here is my configuration ---> http://paste.debian.net/365929/ Hope someone can help me Thanks in advence
[Bug 1187039] Re: some features of Nautilus do not function any more (Raring)
Please I only have Dolphin file Manager installed just for this, but it crashes a lot. The status bar is really useful. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1187039 Title: some features of Nautilus do not function any more (Raring) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1187039/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Desktop-packages] [Bug 1187039] Re: some features of Nautilus do not function any more (Raring)
Please I only have Dolphin file Manager installed just for this, but it crashes a lot. The status bar is really useful. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1187039 Title: some features of Nautilus do not function any more (Raring) Status in nautilus package in Ubuntu: Confirmed Bug description: 1. the status line at the bottom of the Nautilus window (showing free disk space, amount of selected files etc.) disappeared after upgrading from Quantal to Raring. 2. the small arrows within the files list also disappeared which allowed to quickly open folders (those were VERY useful on my slow Atom netbook, need them back! opening a folder the normal way always takes 2-3 seconds, going back to the previous folder again needs 2-3 seconds, this sucks big time) 3. minor problem: all my Nautilus bookmarks disappeared after upgrading from Quantal to Raring. ProblemType: Bug DistroRelease: Ubuntu 13.04 Package: nautilus 1:3.6.3-0ubuntu16 ProcVersionSignature: Ubuntu 3.8.0-23.34-generic 3.8.11 Uname: Linux 3.8.0-23-generic i686 ApportVersion: 2.9.2-0ubuntu8 Architecture: i386 Date: Mon Jun 3 17:12:58 2013 EcryptfsInUse: Yes GsettingsChanges: b'org.gnome.nautilus.window-state' b'geometry' b"'800x540+0+31'" b'org.gnome.nautilus.window-state' b'maximized' b'true' InstallationDate: Installed on 2012-12-20 (165 days ago) InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release i386 (20121017.2) MarkForUpload: True SourcePackage: nautilus UpgradeStatus: Upgraded to raring on 2013-05-22 (12 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1187039/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Bug 1187039] Re: some features of Nautilus do not function any more (Raring)
Please I only have Dolphin file Manager installed just for this, but it crashes a lot. The status bar is really useful. -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1187039 Title: some features of Nautilus do not function any more (Raring) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1187039/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [HACKERS] WIP: Fix parallel workers connection bug in pg_dump (Bug #13727)
On Nov 1, 2015 5:04 PM, "Marko Tiikkaja" <ma...@joh.to> wrote: > > On 10/25/15 10:55 PM, Zeus Kronion wrote: >> >> Parallel workers were failing to connect to the database when running >> pg_dump with a connection string. The first of the following two commands >> runs without errors, while the second one fails: >> pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd -f >> my-dump >> pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd >> --jobs=9 -f my-dump >> >> The error message: >> pg_dump: [parallel archiver] connection to database "my-db" failed: >> fe_sendauth: no password supplied >> >> The password is not being stored correctly in the PGconn object when >> connecting with a connection string. > > > Yeah, the current code is definitely broken for this case. However, I don't feel like this patch is quite there yet, either. _connectDB has similar logic in it which might be hit in case e.g. a a user's HBA is changed from a non-password-requiring method to a password-requiring one after the one or more connections has been initiated. That one needs changing as well. I wasn't aware of that case. Should be an easy fix to make this weekend. > However, I don't quite like the way the password cache is kept up to date in the old *or* the new code. It seems to me that it should instead look like: > >if (PQconnectionUsedPassword(AH->connection)) >AH->savedPassword = PQpass(AH->connection); > > What do you think? I don't understand why this logic is preferable. Is your concern that AH->savedPassword may contain a password even when none is needed? Or is the change simply meant to give the reader a better sense of what is actually going on? -CS
Re: [HACKERS] WIP: Fix parallel workers connection bug in pg_dump (Bug #13727)
I'm still unclear on how to write regression tests for a connectivity bug. Are they necessary in this case? On Sun, Oct 25, 2015 at 5:55 PM, Zeus Kronion <zkron...@gmail.com> wrote: > Parallel workers were failing to connect to the database when running > pg_dump with a connection string. The first of the following two commands > runs without errors, while the second one fails: > pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd > -f my-dump > pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd > --jobs=9 -f my-dump > > The error message: > pg_dump: [parallel archiver] connection to database "my-db" failed: > fe_sendauth: no password supplied > > The password is not being stored correctly in the PGconn object when > connecting with a connection string. > > This is my first time contributing to Postgres, so I tried to stick to the > instructions from the "Submitting a Patch" wiki. This submission is for > discussion because I haven't figured out how to write regression tests for > this patch yet (and I would appreciate guidance). > > Target branch: master > Compiles and tests successfully: true > Platform-specific items: none > Regression tests: still needed > Documentation: N/A > Performance implications: none >
[HACKERS] WIP: Fix parallel workers connection bug in pg_dump (Bug #13727)
Parallel workers were failing to connect to the database when running pg_dump with a connection string. The first of the following two commands runs without errors, while the second one fails: pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd -f my-dump pg_dump "postgres://my-user:my-passw...@my.hostname.com:5432/my-db" -Fd --jobs=9 -f my-dump The error message: pg_dump: [parallel archiver] connection to database "my-db" failed: fe_sendauth: no password supplied The password is not being stored correctly in the PGconn object when connecting with a connection string. This is my first time contributing to Postgres, so I tried to stick to the instructions from the "Submitting a Patch" wiki. This submission is for discussion because I haven't figured out how to write regression tests for this patch yet (and I would appreciate guidance). Target branch: master Compiles and tests successfully: true Platform-specific items: none Regression tests: still needed Documentation: N/A Performance implications: none pworker-connection-fix-v1.patch Description: Binary data -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers