[gentoo-user] OT? Samba/LDAP Hell
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, This is slightly off topic for this list, but I thought I might get some response from the braintrust. ;-) A while back I started to configure samba to work with LDAP. I got as far as configuring slapd.conf and entering a tickler user. Now, I can't connect to any of my samba shares. Looking in the samba logs, when the daemon starts, it's still trying to connect to the ldap server to get the security.tbd. I've verified /etc/samba/smb.conf, /etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference to ldap. But something is obviously still telling samba to use ldap. In an effort to get things working, I started with a *very* basic smb.conf, but still no joy. Here's the global section: [global] log file = /var/log/samba/%m.log workgroup = HOME debug level = 10 server string = gentoo Any advice as to where else to look to disable ldap would be appreciated. TIA - -- gentux echo hfouvyyAhnbjm/dpn | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint == 5495 0388 67FF 0B89 1239 D840 4CF0 39E2 18D3 4A9E -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFEzE4tTPA54hjTSp4RAoIhAJ98CY031ZxTeQ0X02qDZEkPEGlwcwCglXnv n6h7spKdruLi5xRbxy1x1Ik= =KJvr -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Is this cruft in my /tmp?
On Sat, 29 Jul 2006 23:53:09 +0200, [EMAIL PROTECTED] wrote: First off, doesn't one of the boot scripts clean /tmp? Or is that just my imagination? A full clean is optional, and I think it defaults to off # /etc/conf.d/bootmisc # Should we completely wipe out /tmp or just selectively remove known # locks / files / etc... ? WIPE_TMP=no -- Neil Bothwick HTTP: Helps Transfer The Porn signature.asc Description: PGP signature
Re: [gentoo-user] New Hardware...
On Sunday 30 July 2006 04:46, Richard Fish wrote: On 7/29/06, Jerry McBride [EMAIL PROTECTED] wrote: Howdy, I'm gearing up for a new hardware purchase and I find that I need a little help figuring out what is and what isn't linux compatible. For the most part today, this isn't really a concern [1]. Most motherboard chipsets, network cards, USB controllers, IEEE1394 controllers, etc are all supported, it is just a matter of selecting the right kernel options. The exceptions are mostly wireless chipsets and graphics cards. According to NVidia's list, as far as I can see, the nForce5 chipset is not supported... Does anyone have any experiences with that? The major problem today is the graphics card. If you don't mind proprietary drivers, nvidia is the way to go. Just make sure you get a card supported by their current (not legacy) drivers [2]. If you don't want proprietary drivers, ATI Radeon 9250 boards are still available and well supported, although I don't know about PCI-e versions. Intel integrated graphics chips also have excellent support, although I have never used one so I can't comment on the performance. For wireless, Intel has excellent linux support. -Richard [1] http://www.kroah.com/log/linux/ols_2006_keynote.html [2] http://download.nvidia.com/XFree86/Linux-x86/1.0-8762/README/appendix-a.htm l Robert -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Missing font in Opera
Yes I have re-emerged Opera and run revdep-rebuild. the USE flags are : Calculating dependencies... done! [ebuild R ] www-client/opera-9.00 USE=spell -debug -gnome -qt-static 0 kB thanks for the reply stu On 28/07/06, Mick [EMAIL PROTECTED] wrote: On Thursday 27 July 2006 23:48, Stuart Howard wrote: I have misplaced some fonts or at least I think I have, I use Opera for a browser but since the xorg migration the transfers page has no text and the progress bar shows boxes instead of text. This I presume is a font issue and probably happended during the upgrade does anyone know which font it is that Opera uses and that I therefore need to emerge or is it likly that I am just missing a link or similar? Any pointers will be happily recieved Starting from the beginning, have you re-emerged Opera and have you run # revdep-rebuild? -- Regards, Mick -- There are 10 types of people in this world: those who understand binary, those who don't --Unknown -- gentoo-user@gentoo.org mailing list
[gentoo-user] projectx and JDK
Hi folks, since several people recommended projectx, it must be emergeable I guess. ;-) When I emerge it, it complains that it can't find any JDK but I have this under /opt: blackdown-jdk-1.4.1 blackdown-jdk-1.4.2 blackdown-jdk-1.4.2.01 blackdown-jdk-1.4.2.03 What am I doing wrong? Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] problems using ivman
You can use pmount with ivman since 0.6.5. In fact, I think it's the default. (but you can set mount as the default command also in the base settings). I use ivman and KDE and don't have many problems. But it's neccesary to emerge KDE with hal useflag. El Viernes, 28 de Julio de 2006 15:22, Neil Bothwick escribió: On Fri, 28 Jul 2006 14:34:34 +0200, Stefán István wrote: Besides, I think the page http://www.gentoo.org/doc/en/kde-config.xml should be updated, because it still suggests to use ivman. I've filed a bug. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT? Samba/LDAP Hell
On Sunday 30 July 2006 02:14, gentuxx wrote: Hi all, This is slightly off topic for this list, but I thought I might get some response from the braintrust. ;-) A while back I started to configure samba to work with LDAP. I got as far as configuring slapd.conf and entering a tickler user. Now, I can't connect to any of my samba shares. Looking in the samba logs, when the daemon starts, it's still trying to connect to the ldap server to get the security.tbd. I've verified /etc/samba/smb.conf, /etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference to ldap. But something is obviously still telling samba to use ldap. In an effort to get things working, I started with a *very* basic smb.conf, but still no joy. Here's the global section: [global] log file = /var/log/samba/%m.log workgroup = HOME debug level = 10 server string = gentoo What version of samba? I am having fits with 3.0.23a, and authentication. I can't get any shares to authenticate except [public]. Nothing in the logs really giving a hint either, and not using ldap. I wonder if there is a problem we have made in gentoo? somewhere, PAM? Mike -- Michael W. Holdeman Powered by Gentoo Linux www.gentoo.org | Kernel 2.6.15-ck2 | VMWare Workstation 5.5.1 vmware.com | Win4LinPro 6.1.1-03 win4lin.com | | -- gentoo-user@gentoo.org mailing list
[gentoo-user] /System.map???
Boot message says can't find /System.map, probably because System.map is in /boot. What is this about? Anyone else? Mike -- Michael W. Holdeman Powered by Gentoo Linux www.gentoo.org | Kernel 2.6.15-ck2 | VMWare Workstation 5.5.1 vmware.com | Win4LinPro 6.1.1-03 win4lin.com | | -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /System.map???
Michael W. Holdeman a écrit : Boot message says can't find /System.map, probably because System.map is in /boot. What is this about? Anyone else? Mike Copy your System.map to /. If you have separate /boot and /usr partitions, the System.map file is searched in /. [quote from /sbin/modules-update] for cfg in /lib/modules/${KV}/build /usr/src/linux-${KV} \ /boot /usr/src/linux do cfg=${cfg}/System.map [[ -f ${cfg} ]] break done [/quote] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /System.map???
On Sunday 30 July 2006 07:43, Fabrice Delliaux wrote: Michael W. Holdeman a écrit : Boot message says can't find /System.map, probably because System.map is in /boot. What is this about? Anyone else? Mike Copy your System.map to /. If you have separate /boot and /usr partitions, the System.map file is searched in /. [quote from /sbin/modules-update] for cfg in /lib/modules/${KV}/build /usr/src/linux-${KV} \ /boot /usr/src/linux do cfg=${cfg}/System.map [[ -f ${cfg} ]] break done [/quote] Is this new, don't remember ever doing it before.. Mike -- Michael W. Holdeman Powered by Gentoo Linux www.gentoo.org | Kernel 2.6.15-ck2 | VMWare Workstation 5.5.1 vmware.com | Win4LinPro 6.1.1-03 win4lin.com | | -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /System.map???
Michael W. Holdeman a écrit : Is this new, don't remember ever doing it before.. Yes. With older baselayout [1], the System.map file wasn't required : [code] if [ -f /usr/src/linux/System.map ]; then depmod -a -F /usr/src/linux/System.map ${KV} else depmod -a ${KV} fi [/code] One day, the code evolved to : [code] if [ -f /usr/src/linux/System.map ]; then depmod -a -F /usr/src/linux/System.map ${KV} else ewarn System.map not found - unable to check symbols fi [/code] So, developpers decided to search the System.map file in different paths, but if your /boot and /usr directories are mounted on partitions, you must copy the file in /, because modules-update is ran before mounting partitions. [1] - http://forums.gentoo.org/viewtopic-p-3038067.html#3038067 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] how to get ssh host based authentication working? [solved]
Peter Ruskin wrote: http://www-106.ibm.com/developerworks/linux/library/l-keyc.html http://pigtail.net/LRP/printsrv/keygen.html http://bumblebee.lcs.mit.edu/ssh2/ http://bumblebee.lcs.mit.edu/ssh2/ seems to exist no longer. I found that http://www.omega.telia.net/vici/openssh/ described exactly what I wanted to do and following it solved the problem. John Blinka -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] how to get ssh host based authentication working? [solved]
John Blinka wrote: http://bumblebee.lcs.mit.edu/ssh2/ seems to exist no longer. Good thing archive.org has it :) http://web.archive.org/web/20050305213118/http://bumblebee.lcs.mit.edu/ssh2/ R -- gentoo-user@gentoo.org mailing list
[gentoo-user] grub passwords - how do I limit OS selection?
Hi, I would like to limit OS selection at boot time. The machine has Gentoo and Windows. Gentoo *must* be the booted OS unless a password is entered. I have tried the password feature in grub but it does not implement this feature. It implements changing boot time kernel options, but not OS choice as far as I can tell. I also tried adding the hiddenmenu option in grub but it seems that with hiddenmenu turned on grub never accepts a password. Is there a way to implement what I need? If you can provide an example that would be great. NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Thanks all, Mark -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] depclean screw up
On Sunday 30 July 2006 03:27, Richard Fish wrote: But depclean wants to remove gnome-libs also, so this doesn't count... Yep, bad example. I've got rid of both gnome-libs and imlib. That one I saw, and it did add to the confusion. libsoup does depend on gnutls, and gtkhtml depends on libsoup, and dvdrip depends on a version of gtkhtml that depends on libsoup, and dvdrip is in my world file. Well, yes, this would be a problem. Try an emerge --metadata to regenerate the portage cache. This may help. Otherwise, please post your emerge --info. Already tried removing the entire cache, and re-syncing (from a different mirror than I normally use). minimac ~ # emerge world -DNupvt These are the packages that would be merged, in reverse order: Calculating world dependencies... done! Total size of downloads: 0 kB minimac ~ # emerge --depclean [...] These are the packages that would be unmerged: dev-libs/libtasn1 selected: 0.2.18 protected: none omitted: none gnome-base/gail selected: 1.8.11 protected: none omitted: none net-libs/libsoup selected: 2.2.94 protected: none omitted: none net-libs/gnutls selected: 1.2.10 protected: none omitted: none app-crypt/opencdk selected: 0.5.5 protected: none omitted: none dev-libs/lzo selected: 1.08-r1 protected: none omitted: none [...] minimac ~ # revdep-rebuild -- -p -v -t [...] Checking dynamic linking consistency... broken /usr/lib/libgtkhtml-3.8.so.15.3.9 (requires libgailutil.so.17) broken /usr/lib/gtkhtml/libgnome-gtkhtml-editor-3.8.la (requires /usr/lib/libgailutil.la) broken /usr/lib/libgtkhtml-3.8.la (requires /usr/lib/libgailutil.la) done. (/root/.revdep-rebuild.3_rebuild) [...] All prepared. Starting rebuild... emerge --oneshot -p -v -t =gnome-extra/gtkhtml-3.10.2 These are the packages that would be merged, in reverse order: Calculating dependencies... done! [ebuild R ] gnome-extra/gtkhtml-3.10.2 USE=-debug 0 kB [ebuild N] gnome-base/gail-1.8.11 USE=-debug -doc 0 kB [ebuild N] net-libs/libsoup-2.2.94 USE=ssl -debug -doc -static 0 kB [ebuild N] net-libs/gnutls-1.2.10 USE=crypt zlib -doc 0 kB [ebuild N]dev-libs/libtasn1-0.2.18 USE=-doc 0 kB [ebuild N]dev-libs/lzo-1.08-r1 0 kB [ebuild N]app-crypt/opencdk-0.5.5 USE=-doc 0 kB [...] minimac ~ # emerge world -DNupvt These are the packages that would be merged, in reverse order: Calculating world dependencies... done! [nomerge ] media-video/dvdrip-0.97.10 USE=cdr gnome mplayer ogg perl subtitles xvid -minimal [nomerge ] gnome-extra/gtkhtml-3.10.2 USE=-debug [ebuild N] net-libs/libsoup-2.2.94 USE=ssl -debug -doc -static 0 kB [ebuild N]net-libs/gnutls-1.2.10 USE=crypt zlib -doc 0 kB [ebuild N] app-crypt/opencdk-0.5.5 USE=-doc 0 kB [ebuild N] dev-libs/libtasn1-0.2.18 USE=-doc 0 kB [ebuild N] dev-libs/lzo-1.08-r1 0 kB [ebuild N] gnome-base/gail-1.8.11 USE=-debug -doc 0 kB Total size of downloads: 0 kB gtkhtml-3.10.2 needs =gnome-base/gail-1.1, and =net-libs/libsoup-2.1.6 to run and compile (RDEPEND and DEPEND). libsoup-2.2.94 with USE=ssl needs =net-libs/gnutls-1 to run and compile. Finally gnutls-1.2.10 needs those 3 to run and compile. After merging gtkhtml-3.10.2, and it's dependencies, and it's dependencies dependencies (as above), depclean wants to remove them again! minimac ~ # emerge --depclean -p [...] dev-libs/libtasn1 selected: 0.2.18 protected: none omitted: none gnome-base/gail selected: 1.8.11 protected: none omitted: none net-libs/libsoup selected: 2.2.94 protected: none omitted: none net-libs/gnutls selected: 1.2.10 protected: none omitted: none app-crypt/opencdk selected: 0.5.5 protected: none omitted: none dev-libs/lzo selected: 1.08-r1 protected: none omitted: none [...] I'm all but convinced this is a bug. Anyone see a failure in my logic? minimac ~ # emerge --info Portage 2.1-r1 (default-linux/ppc/2005.1/ppc/G4, gcc-4.1.1, glibc-2.4-r3, 2.6.14-gentoo ppc) = System uname: 2.6.14-gentoo ppc 7447A, altivec supported Gentoo Base System version 1.6.15 app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.3.5-r2, 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox:1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r4 ACCEPT_KEYWORDS=ppc AUTOCLEAN=yes CBUILD=powerpc-unknown-linux-gnu CFLAGS=-O2 -pipe -mcpu=G4 -fno-strict-aliasing -maltivec -mabi=altivec CHOST=powerpc-unknown-linux-gnu CONFIG_PROTECT=/etc /usr/NX/etc /usr/NX/home /usr/kde/3.5/env
[gentoo-user] Exluding some apps from emerge --update world
Hi list, I's like to update my system, however, I'd like to keep some of the packages as they are (X, firefox, kernel, etc) How do I go about it before i run emerge --update --deep --newuse world? Thanks in advance, Alex -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Knecht wrote: NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Have windows users, then. Let your son boot it, but not use it. - -- Arturo Buanzo Busleiman - VPN Mail Project - http://vpnmail.buanzo.com.ar Consultor en Seguridad Informatica - http://www.buanzo.com.ar Genetic - A multiplatform Gentoo Portage Frontend - http://genetic.sourceforge.net for f in www blog linux-consulting vpnmail; do firefox http://$f.buanzo.com.ar ; done -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEzM6fAlpOsGhXcE0RAlenAJwOrJIZELZ5LsXsG6ZFJ66ZwAKv4gCffdMW KsZLVSipyMcF+Oo6B/QJwoU= =x5KS -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
Hi, 2006/7/30, Alex Fortwinder [EMAIL PROTECTED]: Hi list, I's like to update my system, however, I'd like to keep some of the packages as they are (X, firefox, kernel, etc) How do I go about it before i run emerge --update --deep --newuse world? Just add the new versions of packages you don't want to be upgraded to /etc/portage/package.mask Robert. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
Alex Fortwinder wrote: Hi list, I's like to update my system, however, I'd like to keep some of the packages as they are (X, firefox, kernel, etc) How do I go about it before i run emerge --update --deep --newuse world? Thanks in advance, Alex Hi, I'm not sure if I missed something here but removing the packages from the world-file (/var/lib/portage/world) should work. Also you could emerge them using the --oneshot option in the first place to avoid adding them to the world-file. However are you really sure you want to exclude packages with frequent security-issues like firefox and the kernel from being updated? MfG Paul -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] projectx and JDK
When I emerge it, it complains that it can't find any JDK but I have this under /opt: blackdown-jdk-1.4.1 blackdown-jdk-1.4.2 blackdown-jdk-1.4.2.01 blackdown-jdk-1.4.2.03 What am I doing wrong? I had projectx working with blackdown-jdk, now i use sun-jdk and projectx still works. Have you upgraded to the new jva system, you can find information about it here [1]. Maybe this is the problem. I don't know if i can help you, but it will be useful if you provide the output from emerge. [1] http://www.gentoo.org/proj/en/java/java-upgrade.xml -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
Paul Sebastian Ziegler wrote: ... Check your system time, pls. Your message which I got right now showed deep in my gentoo-inbox folder, it has date 4.7.2006 21:58 Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
Alex Fortwinder wrote: I's like to update my system, however, I'd like to keep some of the packages as they are (X, firefox, kernel, etc) How do I go about it before i run emerge --update --deep --newuse world? Add entries to /etc/portage/package.mask. Something like: x11-base/xorg-x11-7.0-r1 would tell portage not to merge anything greater than X version 7.0-r1. You could also just put 7.0 and it would at least get you the bug fixes (r2, r3, etc. when they come along). Enjoy! R -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /System.map???
Fabrice Delliaux wrote: Copy your System.map to /. Ridiculous... [quote from /sbin/modules-update] for cfg in /lib/modules/${KV}/build /usr/src/linux-${KV} \ /boot /usr/src/linux I've made it: for cfg in /lib/modules/${KV} /lib/modules/${KV}/build... Then you just copy System.map to /lib/modules/${KV} which is -of course- mounted on boot. C'mon Devs!! It's not that hard!! Best regards, -- Norberto Bensa Cel: 011-5654-9539 Ciudad de Buenos Aires, Argentina pgpevASi5NZRb.pgp Description: PGP signature
Re: [gentoo-user] /System.map???
Norberto Bensa a écrit : Then you just copy System.map to /lib/modules/${KV} which is -of course- mounted on boot. This could be done during the make modules_install step. C'mon Devs!! It's not that hard!! Open a bug :-) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
Alex Fortwinder wrote: Hi again. I did everything you've suggested and put those in /etc/portage/mask, however I got this: --- Invalid atom in /etc/portage/package.mask: mail-client/sylpheed-2.2.5 --- Invalid atom in /etc/portage/package.mask: www-client/mozilla-firefox-1.5.0.4 --- Invalid atom in /etc/portage/package.mask: xorg-x11-7.0-r1 What's atom it's talking about? Thanks again The 'atom' being each line. Because you have specified a version number, you will need to tell it if you mean just that version (=) or anything newer than that version (=) thus www-client/mozilla-firefox-1.5.0.4 would become =www-client/mozilla-firefox-1.5.0.4 Tim Alex On Sun, 30 Jul 2006 11:24:07 -0500 Randy Barlow [EMAIL PROTECTED] wrote: Alex Fortwinder wrote: I's like to update my system, however, I'd like to keep some of the packages as they are (X, firefox, kernel, etc) How do I go about it before i run emerge --update --deep --newuse world? Add entries to /etc/portage/package.mask. Something like: x11-base/xorg-x11-7.0-r1 would tell portage not to merge anything greater than X version 7.0-r1. You could also just put 7.0 and it would at least get you the bug fixes (r2, r3, etc. when they come along). Enjoy! R -- gentoo-user@gentoo.org mailing list -- Tim Igoe http://tv.igoe.me.uk - UK TV Guide Computers are like Air-con, open windows and they stop working! signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On 7/30/06, Arturo 'Buanzo' Busleiman [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Knecht wrote: NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Have windows users, then. Let your son boot it, but not use it. Arturo, Hi. Thanks for the response. Not an acceptable strategy. My son is a Windows user for playing games. I do not want him using Windows when he chooses since the gaming gets in the way of school, as it should for any healthy 14 year old boy. ;-) What I really want is when the machine turns on he gets Linux unless myself or my wife grants him access to Windows. Thanks, Mark -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
Mark Knecht wrote: On 7/30/06, Arturo 'Buanzo' Busleiman [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Knecht wrote: NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Have windows users, then. Let your son boot it, but not use it. Arturo, Hi. Thanks for the response. Not an acceptable strategy. My son is a Windows user for playing games. I do not want him using Windows when he chooses since the gaming gets in the way of school, as it should for any healthy 14 year old boy. ;-) What I really want is when the machine turns on he gets Linux unless myself or my wife grants him access to Windows. Thanks, Mark Hi Mark, Check the official gentoo security guide (docs section). ... 2.b. Password protecting GRUB GRUB supports two different ways of adding password protection to your boot loader. The first uses plain text, while the latter uses md5+salt encryption. ... Haven't used it though. HTH.Rumen smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-user] OT? Samba/LDAP Hell
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael W. Holdeman wrote: On Sunday 30 July 2006 02:14, gentuxx wrote: Hi all, This is slightly off topic for this list, but I thought I might get some response from the braintrust. ;-) A while back I started to configure samba to work with LDAP. I got as far as configuring slapd.conf and entering a tickler user. Now, I can't connect to any of my samba shares. Looking in the samba logs, when the daemon starts, it's still trying to connect to the ldap server to get the security.tbd. I've verified /etc/samba/smb.conf, /etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference to ldap. But something is obviously still telling samba to use ldap. In an effort to get things working, I started with a *very* basic smb.conf, but still no joy. Here's the global section: [global] log file = /var/log/samba/%m.log workgroup = HOME debug level = 10 server string = gentoo What version of samba? I am having fits with 3.0.23a, and authentication. I can't get any shares to authenticate except [public]. Nothing in the logs really giving a hint either, and not using ldap. I wonder if there is a problem we have made in gentoo? somewhere, PAM? I'm using 3.0.22-r3. I tend to use stable for the most part, except a few packages here and there. Anyway, here are some errors that I get in /var/log/samba/smbd.log when the service is (re)started: Connection to LDAP server failed for the 14 try! [2006/07/29 19:31:46, 0] passdb/secrets.c:fetch_ldap_pw(629) fetch_ldap_pw: neither ldap secret retrieved! [2006/07/29 19:31:46, 0] lib/smbldap.c:smbldap_connect_system(851) ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/07/29 19:31:46, 1] lib/smbldap.c:another_ldap_try(1051) Connection to LDAP server failed for the 15 try! [2006/07/29 19:31:47, 0] passdb/secrets.c:fetch_ldap_pw(629) fetch_ldap_pw: neither ldap secret retrieved! [2006/07/29 19:31:47, 0] lib/smbldap.c:smbldap_connect_system(851) ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/07/29 19:31:47, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2170) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Time limit exceeded) ...So this is how I know samba is looking for an LDAP server (which I don't want it to do). - -- gentux echo hfouvyyAhnbjm/dpn | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint == 5495 0388 67FF 0B89 1239 D840 4CF0 39E2 18D3 4A9E -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFEzQQdTPA54hjTSp4RAlDEAJ44HjHcMEhxAya1KhnA9wLrE437BgCePplG XRQe44dNQ7trps/KWK+nq/s= =+KaU -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
El Domingo, 30 de Julio de 2006 16:09, Mark Knecht escribió: Hi, I would like to limit OS selection at boot time. The machine has Gentoo and Windows. Gentoo *must* be the booted OS unless a password is entered. I have tried the password feature in grub but it does not implement this feature. It implements changing boot time kernel options, but not OS choice as far as I can tell. I also tried adding the hiddenmenu option in grub but it seems that with hiddenmenu turned on grub never accepts a password. Is there a way to implement what I need? If you can provide an example that would be great. NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Thanks all, Mark Grub cant do that. It can protect with passwords the menu entries, to prevent anyone from editing them (to boot with an alternate kernel, from another root, in any other runlevel or stuff like that). But it cant protect -as far as I can tell- the entries one by one. You want to be able to boot into linux at any given momment, and grub to ask you for a password if you hit enter when the Windows entry is selected. If that affirmation is correct, then grub cant do that for what I can tell. I use md5 pass in grub, but it just prevent someone from editing the grub stuff and using a different root or kernel line to boot from. You best bet is to use WinXp, 2k, or any other version of windows that can be hardened a bit. Just put a password in all the windows accounts, and do not give any password to your son. This way, you son will be able to see the Winxp login screen, but he will not be able to enter without a password. If your son is smart enough, anyway, the passwords are nothing (he can always boot from the linux partition, locate the keys, and decipher them with jack or something similar, nt passwords are not hard to beat, and a fast search in the net will reveal all that you need to know to do so). So, in which regards children, the best bet is to cut the physicall access to the box. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OO Build Failed
Richard Fish wrote: Can you retry with: CFLAGS=-O2 -march=pentium3 -pipe Awesome, this seems to have done the trick - thanks! R -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On Sun, Jul 30, 2006 at 07:09:41AM -0700, Mark Knecht wrote: Hi, I would like to limit OS selection at boot time. The machine has Gentoo and Windows. Gentoo *must* be the booted OS unless a password is entered. I have tried the password feature in grub but it does not implement this feature. It implements changing boot time kernel options, but not OS choice as far as I can tell. I also tried adding the hiddenmenu option in grub but it seems that with hiddenmenu turned on grub never accepts a password. Is there a way to implement what I need? If you can provide an example that would be great. NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Thanks all, Mark Mark, Unless I'm reading your needs wrong, I think you need the lock command as well as the password command. http://www.gnu.org/software/grub/manual/grub.html#password http://www.gnu.org/software/grub/manual/grub.html#lock HTH, festus -- Ambition is a poor excuse for not having enough sense to be lazy. pgp8Lzy5W5Aow.pgp Description: PGP signature
Re: [gentoo-user] livecd and install cd improper ACPI?
On 7/29/06, Trenton Adams [EMAIL PROTECTED] wrote: I have a notebook that I use with gentoo. I'm trying to create a tar.gz backup of the entire thing. So, I boot up with 2005.x or 2006.0 livecd, or install cd. Both of them allow the system to over heat, and it shuts down. This never used to happen. I believe it worked fine with 2004.x. Have some ACPI drivers been disabled since 2004? No, but they may have been modularized. Probably you just need to modprobe fan. -Richard -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On Sun, Jul 30, 2006 at 04:59:34PM -0400, John J. Foster wrote: On Sun, Jul 30, 2006 at 07:09:41AM -0700, Mark Knecht wrote: Hi, I would like to limit OS selection at boot time. The machine has Gentoo and Windows. Gentoo *must* be the booted OS unless a password is entered. I have tried the password feature in grub but it does not implement this feature. It implements changing boot time kernel options, but not OS choice as far as I can tell. I also tried adding the hiddenmenu option in grub but it seems that with hiddenmenu turned on grub never accepts a password. Is there a way to implement what I need? If you can provide an example that would be great. NOTE: I currently do this be editing the grub file itself but I'm looking for something more sophisticated since I'd like my wife to be able to boot Windows but not my son. Thanks all, Mark Mark, Unless I'm reading your needs wrong, I think you need the lock command as well as the password command. http://www.gnu.org/software/grub/manual/grub.html#password http://www.gnu.org/software/grub/manual/grub.html#lock oops - forgot one http://www.gnu.org/software/grub/manual/grub.html#Security -- Ambition is a poor excuse for not having enough sense to be lazy. pgpCHHFd6Vngo.pgp Description: PGP signature
[gentoo-user] Can't Click Links in Thunderbird
When I click links in Thunderbird, it doesn't seem to do anything (i.e., open the link in Firefox, my default web browser in KDE). Clicking links in other apps work correctly, so it seems to be a thunderbird problem. Comments/suggestions? R -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] livecd and install cd improper ACPI?
Thanks Richard. Almost but not quite. I loaded the fan module, which did nothing, seeing the fan was already running. I then searched through /lib/modules/2.6.* for the fan module so I could find the others. Then loaded the others. Once I loaded the *thermal* module, the fan slowed down. It was stuck on one speed, which was apparently not fast enough for what I was doing. So, either a combination of the fan and thermal modules did something, or just the thermal module. Thanks again. On 7/30/06, Richard Fish [EMAIL PROTECTED] wrote: On 7/29/06, Trenton Adams [EMAIL PROTECTED] wrote: I have a notebook that I use with gentoo. I'm trying to create a tar.gz backup of the entire thing. So, I boot up with 2005.x or 2006.0 livecd, or install cd. Both of them allow the system to over heat, and it shuts down. This never used to happen. I believe it worked fine with 2004.x. Have some ACPI drivers been disabled since 2004? No, but they may have been modularized. Probably you just need to modprobe fan. -Richard -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OO Build Failed
On 7/30/06, Randy Barlow [EMAIL PROTECTED] wrote: Richard Fish wrote: Can you retry with: CFLAGS=-O2 -march=pentium3 -pipe Awesome, this seems to have done the trick - thanks! BTW, -O3 uses *a lot* more ram to compile compared to -O2. Indeed, gcc will sometimes take 200-500MB of RAM to compile a single C++ module. So combined with MAKEOPTS=-j2, and only 512MB of RAM total, yeah, I think you ran out of memory. In fact, you may want to drop to MAKEOPTS=-j1 permanently. Swapping is simply not something you want to do when compiling...it is too damn slow. If you run so many jobs that some get pushed to swap, it would be far faster to run one job at a time without swapping! -Richard -- gentoo-user@gentoo.org mailing list
[gentoo-user] gnome and mono-tools blocking
Hi all gnome and mono-tools can no longer be installed together. gnome depends on seamonkey, mono-tools depend on mozilla, but mozilla nd seamonkey block each other. I had to uninstall gnome and evolution to be able to keep mono-tools. My favorite browser is firefox, but how do I tell both of mono-tools and gnome about that? Andreas -- gentoo-user@gentoo.org mailing list
[gentoo-user] neon: endless up-/down-grade
Hi all each world update either updates or downgrades neon depending on the version just installed at that moment. the first world update upgraded neon 0.24.7 to 0.26.1, the very next update (emerge -p world, without any intermediate sync) downgraded neon 0.26.1 to 0.24.7 . the next 'emerge -p world' leads to updating neon again and so on. emerge -uptD world shows that rapidsvn-0.9.0-r1 is the reason for the downgrade, whereas gnome-vfs-2.14.2 is the reason for the upgrade. any ideas? thanks in advance, Andreas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
Mark Knecht wrote: My son is a Windows user for playing games. I do not want him using Windows when he chooses since the gaming gets in the way of school, as it should for any healthy 14 year old boy. ;-) If you're using an NT-based version of windows (NT4, 2000, XP, or one of those fancy Vista previews), you can use the Administrator account (or any user with admin rights, e.g. your wife) to disable your son's account when he isn't allowed to be gaming. Or, change his password to something of your choice, and type it in for him when he is allowed to play, same as you would at the GRUB prompt. And if you're using a Windows NT4, I hope for your sake it doesn't have network drivers installed. :) What I really want is when the machine turns on he gets Linux unless myself or my wife grants him access to Windows. How's your C? ;) HTH. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] depclean screw up
On Sunday 30 July 2006 22:57, Richard Fish wrote: Well I don't see anything obviously wrong. I would probably take a look at the output of emerge --debug --depclean --pretend world, and look for net-libs/libsoup or gnome-base/gail. Both of them should appear as dependancies of something. At the very least, they should appear under gtkhtml. You might save that output (it will be large!), to attach to the bug report if requested. Ha! Got it! Searching over that output, that I had never really thought about before, I found the answer. gimp depends on gtkhtml-2*, which at it's highest stable release (2.6.3) depends on gail if USE=accessibility. dvdrip depends on gtkhtml, which at it's highest stable release (3.10.2) unconditionally depends on gail. I had both gtkhtml (3.10.2) and gtkhtml-2* (2.6.3) installed. media-gfx/gimp-2.2.12 comes before media-video/dvdrip-0.97.10, gimps gtkhtml depstring became a candidate, so dvdrips dependency was being ignored! Removing both versions of gtkhtml, and merging gimp then dvdrip separately has apparently sorted it. depclean has removed gail, libsoup, and their dependencies, and my dynamic linking remains consistant. Thanks -- Mike Williams -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] gnome and mono-tools blocking
El Domingo, 30 de Julio de 2006 23:28, Andreas Schoelver escribió: Hi all gnome and mono-tools can no longer be installed together. gnome depends on seamonkey, mono-tools depend on mozilla, but mozilla nd seamonkey block each other. I had to uninstall gnome and evolution to be able to keep mono-tools. My favorite browser is firefox, but how do I tell both of mono-tools and gnome about that? Andreas AFAIK, USE=firefox will remove the dep on seamonkey and that stuff. I dont use gnome though, maybe someone can confirm this. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Can't Click Links in Thunderbird
Randy Barlow a écrit : When I click links in Thunderbird, it doesn't seem to do anything (i.e., open the link in Firefox, my default web browser in KDE). Clicking links in other apps work correctly, so it seems to be a thunderbird problem. Comments/suggestions? R Yes : http://gentoo-wiki.com/TIP_Integrate_Thunderbird_and_Firefox -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OO Build Failed
Richard Fish wrote: BTW, -O3 uses *a lot* more ram to compile compared to -O2. Indeed, gcc will sometimes take 200-500MB of RAM to compile a single C++ module. So combined with MAKEOPTS=-j2, and only 512MB of RAM total, yeah, I think you ran out of memory. In fact, you may want to drop to MAKEOPTS=-j1 permanently. Swapping is simply not something you want to do when compiling...it is too damn slow. If you run so many jobs that some get pushed to swap, it would be far faster to run one job at a time without swapping! Thanks for the advice Richard! R -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On 7/30/06, Rumen Yotov [EMAIL PROTECTED] wrote: Hi Mark, Check the official gentoo security guide (docs section). ... 2.b. Password protecting GRUB GRUB supports two different ways of adding password protection to your boot loader. The first uses plain text, while the latter uses md5+salt encryption. ... Haven't used it though. HTH.Rumen Rumen, Thanks, but they are just two versions of what I've already tried. That password protection, as shown in the Gentoo Security Guide, only password protects changing the way you boot each option. As shown in the guide it does not protect which version you are allowed to boot. Cheers, Mark -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On Sun, Jul 30, 2006 at 04:49:42PM -0700, Mark Knecht wrote: On 7/30/06, John J. Foster [EMAIL PROTECTED] wrote: Thanks very much. It's a great solution for what I need. It does limit the use of Windows, which is what I wanted, until the password is typed in. Once typed in it also seems to allow changing the boot time options on Linux, but in my son's case I'm not the least bit worried he's going to try anything there. Mark - from http://www.gnu.org/software/grub/manual/grub.html#Security You can also use the command password instead of lock. In this case the boot process will ask for the password and stop if it was entered incorrectly. Since the password takes its own PASSWORD argument this is useful if you want different passwords for different entries. -- Ambition is a poor excuse for not having enough sense to be lazy. pgpm43yLTnm3Z.pgp Description: PGP signature
Re: [gentoo-user] grub passwords - how do I limit OS selection?
On 7/30/06, John J. Foster [EMAIL PROTECTED] wrote: On Sun, Jul 30, 2006 at 04:49:42PM -0700, Mark Knecht wrote: On 7/30/06, John J. Foster [EMAIL PROTECTED] wrote: Thanks very much. It's a great solution for what I need. It does limit the use of Windows, which is what I wanted, until the password is typed in. Once typed in it also seems to allow changing the boot time options on Linux, but in my son's case I'm not the least bit worried he's going to try anything there. Mark - from http://www.gnu.org/software/grub/manual/grub.html#Security You can also use the command password instead of lock. In this case the boot process will ask for the password and stop if it was entered incorrectly. Since the password takes its own PASSWORD argument this is useful if you want different passwords for different entries. Festus, Thanks. Even better! Cheers, Mark -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Exluding some apps from emerge --update world
On Wed, 05 Jul 2006 04:58:30 +0900, Paul Sebastian Ziegler wrote: I'm not sure if I missed something here but removing the packages from the world-file (/var/lib/portage/world) should work. It won't because, for example, xorg-x11 is a dependency of many other packages in world. -- Neil Bothwick C:\DOS\SYSTEM\OS2\UTILITIES\DOCS\HELP\WHERE\THE\F$#%\AM\I??? signature.asc Description: PGP signature
Re: [gentoo-user] /System.map???
Fabrice Delliaux wrote: Norberto Bensa a écrit : Then you just copy System.map to /lib/modules/${KV} which is -of course- mounted on boot. This could be done during the make modules_install step. C'mon Devs!! It's not that hard!! Open a bug :-) I had been having this too. I was curious why it started that. Of course, I had not rebooted in about two months either. What affect does this have anyway?? me watches thread to see how this is fixed Dale :-) :-) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Can't Click Links in Thunderbird
Fabrice Delliaux wrote: http://gentoo-wiki.com/TIP_Integrate_Thunderbird_and_Firefox Haha, I couldn't click the link to figure out how to get it to click the link, but I followed the directions and things work correctly now! Thanks for the tip! Randy -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] depclean screw up
On 7/30/06, Mike Williams [EMAIL PROTECTED] wrote: Ha! Got it! Yep, that is definitely wacky. I would suggest to re-open this bug and add your results to it: http://bugs.gentoo.org/show_bug.cgi?id=67179 -Richard -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: amd64 installation questions
I'm coming into this discussion late. Saw your post of 7/17 on the archives. Just in case no one has answwered your questions. I've been handed a new amd64 portable (HP-8000), which must keep XP on it. To perform an installation, I usually use Partition Magic, which has worked very well to down-size the windoze partition. This system (suposedly) has another hidden partition that XP uses to restore the OS, if the XP installation ever get's corrupted. NO XP installation CD was provided. I was wondering if any of the opensource repartitioning tools have matured to the point I could used one of them in lieu of Partition Magic? [ answer1 ] I have found ntfsresize to be quite reliable even as long as two years ago. It's tedious but reliable. With my new AMD64 PC, I cheated and installed the Ubuntu 6.06 LTS AMD64 distro first, since this distro has a very easy to use repartitioning tool (automatic tools wrapped around ntfsresize). In order to keep the XP installation: Does it matter if I setup Gentoo on the portable first, before going thru all of those windoze installation/initialization menus? [ answer ] In any dual boot setup, install Windows first. Windows always overwrites the mbr, and you would lose the ability to boot Linux (rescue cdrom needed). OTOH, if you have an actual Windows install CD, you could use a rescue CD to partition the disk the way you like it in advance. The Windows installer will ignore Linux and swap partitions. Any wiki examples (gotchas) on xorg.conf or make.conf (as this is my first amd64 installation) are welcome. [ answer ] The only gotcha I found was with the xorg modular installation. After completing the basic installation, I did an 'emerge xfce4' and let portage calculate all the dependancies including xorg. When all was said and done, I discovered that the automatic dependancy selection had not included the keyboard and mouse modules for xorg, so I had to emerge these manually. Also I didn't have much sucess using 'X -configure'. I had to copy over an existin xorg.conf and make modifications. HTH, -- Collins Richey If you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] neon: endless up-/down-grade
On 7/30/06, Andreas Schoelver [EMAIL PROTECTED] wrote: Hi all each world update either updates or downgrades neon depending on the version just installed at that moment. It is a _very_ long-standing bug in portage that doesn't deal with some dependancy situtations very well. [1] The answer is usually to mask the newer version. echo # required by rapidsvn-0.9.0-r1 /etc/portage/package.mask echo =net-misc/neon-0.24.7 /etc/portage/package.mask -Richard [1] http://bugs.gentoo.org/show_bug.cgi?id=1343 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] neon: endless up-/down-grade
On 7/30/06, Richard Fish [EMAIL PROTECTED] wrote: echo =net-misc/neon-0.24.7 /etc/portage/package.mask Why is it that no matter how much I proof read, I frequently find a mistake 1 second after hitting Send? That should be: echo net-misc/neon-0.24.7 /etc/portage/package.mask -Richard -- gentoo-user@gentoo.org mailing list