Re: [gentoo-user] Which arch do I have ?
Am Mittwoch, 13. Februar 2008 schrieb ext KH: why does #ls /usr/src/linux/arch/ show alpha/ blackfin/ h8300/ m32r/ mips/ ppc/ sh64/ um/xtensa/ arm/ cris/ i386/ m68k/ parisc/s390/ sparc/ v850/ avr32/ frv/ ia64/ m68knommu/ powerpc/ sh/ sparc64/ x86_64/ but not amd64? That's kernel arch, not Gentoo arch. It's the same for 32bit (i386 vs. x86). HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] layman -L does not show ecatmur, but I can layman -a ecatmur.
On Wed, 13 Feb 2008 09:38:12 +0800, Mark David Dumlao [EMAIL PROTECTED] wrote: On Feb 12, 2008 10:52 PM, Willie Wong [EMAIL PROTECTED] wrote: On Tue, Feb 12, 2008 at 05:37:16PM +0800, Penguin Lover Mark David Dumlao squawked: TOTALLY WEIRD. I do a layman -L on my machine and strangely enough, ecatmur isn't listed. I think I've used it beore on layman though, so I look up the overlays listing on the gentoo overlays list, here: http://www.gentoo.org/proj/en/overlays/layman-global.txt Sure enough, ecatmur is present. So I just blindly go layman -a ecatmur and he gets added. Did you run layman --fetch to update the overlays? yep, and I'm still getting nothing doing with layman -L. -- thing. For me it helped to change following line in layman.cfg: # Strict checking of overlay definitions # # Set either to yes or no. If no layman will issue # warnings if an overlay definition is missing either # description or contact information. # nocheck : no to yes. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] layman -L does not show ecatmur, but I can layman -a ecatmur.
On 09:38 Wed 13 Feb , Mark David Dumlao wrote: On Feb 12, 2008 10:52 PM, Willie Wong [EMAIL PROTECTED] wrote: On Tue, Feb 12, 2008 at 05:37:16PM +0800, Penguin Lover Mark David Dumlao squawked: TOTALLY WEIRD. I do a layman -L on my machine and strangely enough, ecatmur isn't listed. I think I've used it beore on layman though, so I look up the overlays listing on the gentoo overlays list, here: http://www.gentoo.org/proj/en/overlays/layman-global.txt Sure enough, ecatmur is present. So I just blindly go layman -a ecatmur and he gets added. Did you run layman --fetch to update the overlays? yep, and I'm still getting nothing doing with layman -L. This may be related. I just installed layman, and the only thing I get when I run layman -L is * swegener [Rsync ] (source:\ * rsync://rsync.gentoo.steal...) Could this be a networking/firewall problem? Bill Roberts pgp1qqPX77GRH.pgp Description: PGP signature
Re: [gentoo-user] layman -L does not show ecatmur, but I canlayman -a ecatmur.
On Wed, 13 Feb 2008 06:42:02 -0500, 443-653-1569 [EMAIL PROTECTED] wrote: On 09:38 Wed 13 Feb , Mark David Dumlao wrote: On Feb 12, 2008 10:52 PM, Willie Wong [EMAIL PROTECTED] wrote: On Tue, Feb 12, 2008 at 05:37:16PM +0800, Penguin Lover Mark David Dumlao squawked: TOTALLY WEIRD. I do a layman -L on my machine and strangely enough, ecatmur isn't listed. I think I've used it beore on layman though, so I look up the overlays listing on the gentoo overlays list, here: http://www.gentoo.org/proj/en/overlays/layman-global.txt Sure enough, ecatmur is present. So I just blindly go layman -a ecatmur and he gets added. Did you run layman --fetch to update the overlays? yep, and I'm still getting nothing doing with layman -L. This may be related. I just installed layman, and the only thing I get when I run layman -L is * swegener [Rsync ] (source:\ * rsync://rsync.gentoo.steal...) Could this be a networking/firewall problem? Bill Roberts Did you emerge subversion, git etc. Because layman only shows what you can use with nocheck: no. Whats a little bit weird is, that you can't see the other rsync overlays! -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] what NFP means?
Hi, I try to translate the GMN(2008-01-21), and now I want to know what NFP exactly means or the full spelling of NFP in the section below. ** Foundation Status Grant Goodyear, one of our active foundation trustees, recently gave an update on the status of the Gentoo foundation on his blog. The Gentoo Foundation does still exist, and the required paperwork to reinstate our NFP status has been filed. For more information, you can read Grant's post on the gentoo-nfp mailing list. ** Any help will be appreciated? -- wcw -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] what NFP means?
I guess it means Not For Profit. Hi, I try to translate the GMN(2008-01-21), and now I want to know what NFP exactly means or the full spelling of NFP in the section below. ** Foundation Status Grant Goodyear, one of our active foundation trustees, recently gave an update on the status of the Gentoo foundation on his blog. The Gentoo Foundation does still exist, and the required paperwork to reinstate our NFP status has been filed. For more information, you can read Grant's post on the gentoo-nfp mailing list. ** Any help will be appreciated? -- wcw -- gentoo-user@lists.gentoo.org mailing list -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Error in network commands in root mode
On Tuesday 12 February 2008, Markus Schönhaber wrote: dell core2duo wrote: No, its not due to proxy. See the output below. - - flukebox driver # wget yahoo.com --2008-02-12 22:30:56-- http://yahoo.com/ Resolving relproxy.iitk.ac.in... 172.31.1.233 Connecting to relproxy.iitk.ac.in|172.31.1.233|:3128... Connection Refused: Forbidden failed: Connection refused. flukebox driver # exit exit [EMAIL PROTECTED] ~ $ wget yahoo.com --2008-02-12 22:31:04-- http://yahoo.com/ Resolving relproxy.iitk.ac.in... 172.31.1.233 Connecting to relproxy.iitk.ac.in|172.31.1.233|:3128... connected. OK, if it's not the proxy refusing the connection but something on your local machine, I'm not sure what causes it. Some selinux policy maybe? Or an iptables rule with an owner match on uid 0? Check how is the proxy variable defined for both users: # env | grep -i proxy $ env | grep -i proxy You may need to define the same proxy user for both, for the proxy server to accept connections . -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] what NFP means?
Am Mittwoch, 13. Februar 2008 schrieb ext Chuanwen Wu: Hi, I try to translate the GMN(2008-01-21), and now I want to know what NFP exactly means or the full spelling of NFP in the section below. Not For Profit. HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
[gentoo-user] strange ethernet behavior with Superjmicro mb and Gentoo
Hi. I have just gotten a computer with a Super Micro c2sbe Motherboard. Now I also bought a dual port PCI Express ethernet card. Now the normal kernel driver in my 2.6.21-gentoo-r4 does not recognize the ethernet port on the motherboard, only the dual port PCI Express card. So I found an Intel driver which seemed to be a later version of the e1000 driver and installed it. Now the strange part is that in order for the Ethernet on the mb to be recognized, I must rmmod and modprobe the module again and blacklist it from udev, although the later seemed not to do much. Does anyone know why I must do such a thing? If I don't do the rmmod and modprobe the dual port card is still recognized, but the mb one is not.. Thanks in advance for your help. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici [EMAIL PROTECTED] -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wednesday 13 February 2008, Sergey Kobzar wrote: Hi 'emerge -pv --depclean' shows that these packages may be unmerged: snip detail app-crypt/hashalot sys-libs/pwdb sys-apps/attr Is it safe to remove they from the system? This is mail server and has mostly no additional packages except exim, mysql, spamassassin and some other. This means that you never explicitly merged them, they are not in world and are no longer required by anything else. There are normally three reasons: - you merged something that needed these packages, then unmerged them later, leaving these dependencies orphaned - you merged something else that used them, and in a recent update they are now using something else that provides the same functionality - they were required by some USE flag you once had, and you have now changed your USE, so the deps are no longer required. You'll need to look at each package and figure out if YOU need them, as we can't tell you that. I might think that you don't need your wife under any circumstances, and you might strongly disagree :-) I once knew what hashalot does. I forgot. It's something to do with cryptography pwdb is used as a password and user account configuration thingy. Looks pretty important :-) attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. When you figure out which ones to keep, it's best to put them in your world file. Either edit /var/lib/portage/world and stick the name at the end, or run 'emerge -n package-name' -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: load too high
On Wednesday 13 February 2008, James wrote: James R. Campbell jamesc at reliant-data.com writes: What processes have the most on cpu time as reported by a 'ps ax' ? not certain what your are asking. Here is the result of ps ax: He probably meant 'ps axu' -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] Is it sefe to unmerge?
Hi 'emerge -pv --depclean' shows that these packages may be unmerged: These are the packages that would be unmerged: app-crypt/hashalot selected: 0.3-r2 protected: none omitted: none sys-libs/pwdb selected: 0.62 protected: none omitted: none sys-apps/attr selected: 2.4.32 protected: none omitted: none Is it safe to remove they from the system? This is mail server and has mostly no additional packages except exim, mysql, spamassassin and some other. Thanks for any help. -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] OpenVPN setup
Even if you just want to encrypt some clear-text protocol that doesn't have an encrypted equivalent, a vpn is still overkill. For that you use ssh tunneling (which is essentially the same thing as an encrypted version of a protocol). 'ssh -X' is the classic example of easily tunneling a protocol that doesn't have a native encrypted equivalent. I see what you're saying. Can tunneling through ssh be made automatic so that a cron job initiates a script that opens a tunnel between the remote server and local print server and pages are printed through the tunnel? Sure. ssh is just a process after all and in principle encapsulated whatever gets put into it. All you need is a connection that isn't firewalled out and an sshd that is listening to what is coming in. ssh will even port forward for you and can be made to transform any tcp connection to appear to come from whatever port you want. What you put inside the tunnel is up to you. If the print server won't accept what is coming in, then google will find you any number of apps that will mangle the traffic. Your statement it seems like running SSH inside a VPN is better for security than running SSH on a non-standard port is non-sensical. From a security and encryption perspective, ssh and OpenVPN are exactly the same thing - stuff wrapped in an encryption layer provided by ssl, complete with exactly the same key setup should you choose to use that route. What about having ssh, imap, smtp, cups, and possibly a non-standard https port all hidden within a VPN? Should that be considered a benefit of running a VPN? I've filed the original post somewhere else and forgot the scenario :-) Is this a setup you need to be present often or even all the time? If so, you have 5 protocols in use, and setting up tunnels could become cumbersome. You might consider that it's more effort than it's worth and a VPN that is there and JustWorks(tm) is preferable. I would call that a sensible use of a VPN :-) I don't think there's a golden rule about when using a VPN is right or wrong. It's more like do the advantages outweigh the hassle of setting it up and maintaining it?. Sometimes this answer is obvious, sometimes less so. Sometimes it's a judgement call. Thanks a lot for everyone's help. Here is a more to-the-point list of what I'd like to accomplish: 1. encrypt CUPS printouts between remote server and local print server 2. add an additional layer of security around SSH and CUPS on local firewall/print server 3. add an additional layer of security around SSH, IMAP, and non-standard port HTTPS on remote server 4. enable access to SMTP on remote server for me which is blocked by my local ISP It sounds like I have 3 choices: 1. VPN 2. SSH tunneling 3. Zebedee tunneling Would all 3 of these choices accomplish all 4 requirements? I would think SSH tunneling can't really add an additional layer around SSH. I'd like to have something I can leave up all the time so the services are always protected and I don't have to go through an extra step to use email or print from the remote server. Can all 3 of these be left up all the time? Is there any reason not to leave this type of functionality up all the time? It sounds like VPN would be the most difficult to set up and maintain, followed by SSH tunneling, followed by Zebedee tunneling. Maybe I'm wrong though. With tunneling, would I need to set up 4 or 5 different tunnels for CUPS, IMAP, SMTP, non-standard port HTTPS, and SSH (if I'm using Zebedee)? To send me mail, mail servers need to connect to my remote server's SMTP right? Would setting up a tunnel or VPN for my SMTP access interfere with that? - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] eth0 = pcmcia + usb adapter
Wow, that's a good start! I'll keep your post aside for when I go through the kernel again (i'm not at the point of setting up all software). At least, now that I got it working I can relax and start understanding what I've done! ;) Thanks a lot Mick! Simon Not sure, because I've never done it! I keep using make menuconfig for edits. To find a particular driver in the maze of the kernel tree you can of course spend hours studying it line by line, enabling and disabling each branch as you go along (in six months you'll know it all by heart). Alternatively, you could get a life and decide to press / while in menuconfig and enter some suitable search terms. Also, I often cat .config | grep -i search_word to find whether I have enabled something or other. After you compile a good kernel that does exactly what you want it to do, then copy its .config into any new kernel fs that you emerge and run make oldconfig instead. It'll prompt you for the changes and keep all your old settings which you know work. -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Alan, Wednesday, February 13, 2008, 6:22:33 PM, you wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: Hi 'emerge -pv --depclean' shows that these packages may be unmerged: snip detail app-crypt/hashalot sys-libs/pwdb sys-apps/attr Is it safe to remove they from the system? This is mail server and has mostly no additional packages except exim, mysql, spamassassin and some other. This means that you never explicitly merged them, they are not in world and are no longer required by anything else. There are normally three reasons: - you merged something that needed these packages, then unmerged them later, leaving these dependencies orphaned - you merged something else that used them, and in a recent update they are now using something else that provides the same functionality - they were required by some USE flag you once had, and you have now changed your USE, so the deps are no longer required. Yes, that the theory I know about :) But looks like they are not in world list of stage3. I'm 99% sure I didn't merge hashalot attr (as dependencies too). You'll need to look at each package and figure out if YOU need them, as we can't tell you that. I might think that you don't need your wife under any circumstances, and you might strongly disagree :-) :) I once knew what hashalot does. I forgot. It's something to do with cryptography %description This program will read a passphrase from standard input and print a binary (not printable) hash to standard output. The output is suitable for use as an encryption key. pwdb is used as a password and user account configuration thingy. Looks pretty important :-) I think so. attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? When you figure out which ones to keep, it's best to put them in your world file. Either edit /var/lib/portage/world and stick the name at the end, or run 'emerge -n package-name' Thanks. -- Alan McKinnon alan dot mckinnon at gmail dot com -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: load too high
On Tuesday 12 February 2008, James wrote: Alan McKinnon alan.mckinnon at gmail.com writes: One of the workstations (amd64 2gig ram) has a load that never drops below 1.0, as seen by top. Looking at a ps nothing stands out. I did notice that 'X' is at the top of the list, even when the machine is quiescent (nobody doing anything). Suspiciaous. Clearly I have a run away or hidden process using resources. Although all my system run kde 3.5.8 only one shows this problem. vmstat is your friend here. It's all in the man page, so use it and narrow down the process that's blocking. Maybe you have a threading race condition or similar. # vmstat procs ---memory-- ---swap-- -io -system-- cpu r b swpd free buff cache si sobibo in cs us sy id wa 0 0 0 847368 224736 4034040026 12 172 251 1 0 98 1 According to this, that machine is sitting there doing nothing. So I see two maybe three possibilities: uptime and top are talking shit (happens way more often than one might assume) your machine is indeed hacked and trojaned, but the script kiddie forgot to upload a modified top and uptime (highly unlikely - someone who knows to replace vmstat will certainly replace top and uptime) your kernel scheduler has a bizarre view of life. This is most likely, I'd say you have a collection of settings that cause the kernel to collect it's utilization stats at precisely the moment when it really does do something useful. I saw someone rag poor Ingo two months back on lkml with a similar thing. Turns out the user was right. What are your relevant settings of things like: cpu scheduler (not i/o scheduler) timer freq tickless kernel? -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Which arch do I have ?
On Wednesday 13 February 2008, Dmitry S. Makovey wrote: oh, and for whatever reason wine performs better under 64 bit OS rather than 32. Don't have any other proof then my own experience but Diablo LOD runs much smoother once I've rebuilt my system with 64bit with the same useflags and everything else. Now that is very interesting. I have no idea why, but perhaps it's to do with getting Linux's and Wine's memory layout models to coexist in the same space. They are mutually incompatible to Wine has to do some amazing stuff to get it to work. Perhaps 64 bit presents a saner linear memory model than 32 bit and so Wine has more breathing wrong. But I'm just guessing actually ;-) -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Which arch do I have ?
On Wednesday 13 February 2008, KH wrote: why does #ls /usr/src/linux/arch/ show alpha/ blackfin/ h8300/ m32r/ mips/ ppc/ sh64/ um/ xtensa/ arm/ cris/ i386/ m68k/ parisc/ s390/ sparc/ v850/ avr32/ frv/ ia64/ m68knommu/ powerpc/ sh/ sparc64/ x86_64/ but not amd64? You do. It's called x86_64 in kernel-speak :-) gentoo calls it amd64 These days the 32 and 64 bits x86 trees have been merged into one, called x86. The vast majority of the trees were the same with a few differences here and there so a merge was appropriate and easier to maintain. 64 bit x86 is really just an extension of 32 bit in terms of the C code, it certainly isn't, and doesn't warrant, a different arch -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Thanks, Alan! Wednesday, February 13, 2008, 7:00:51 PM, you wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself -- Alan McKinnon alan dot mckinnon at gmail dot com -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] what NFP means?
On Wednesday 13 February 2008, Chuanwen Wu wrote: Hi, I try to translate the GMN(2008-01-21), and now I want to know what NFP exactly means or the full spelling of NFP in the section below. ** Foundation Status Grant Goodyear, one of our active foundation trustees, recently gave an update on the status of the Gentoo foundation on his blog. The Gentoo Foundation does still exist, and the required paperwork to reinstate our NFP status has been filed. For more information, you can read Grant's post on the gentoo-nfp mailing list. ** Any help will be appreciated? It literally means Not For Profit and is a term used for charities to distinguish them from commercial (being run for profit) businesses. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Is it sefe to unmerge?
On Wednesday 13 February 2008, Sergey Kobzar wrote: Thanks, Alan! Wednesday, February 13, 2008, 7:00:51 PM, you wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself # equery depends attr [ Searching for packages depending on attr... ] sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (acl? sys-apps/attr) YMMV. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Mick, Wednesday, February 13, 2008, 9:14:31 PM, you wrote: # equery depends attr [ Searching for packages depending on attr... ] sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (acl? sys-apps/attr) YMMV. Hm... on my server: # cat /etc/make.conf | grep USE USE=-X -acl -gpm -ipv6 -tcpd # equery depends attr [ Searching for packages depending on attr... ] sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) # equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) # equery depends hashalot [ Searching for packages depending on hashalot... ] # Looks like I can remove hashalot safely only. attr and pwdb must be added to world class. correct? -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Willie, Wednesday, February 13, 2008, 10:36:01 PM, you wrote: On Wed, Feb 13, 2008 at 10:25:23PM +0200, Sergey Kobzar wrote: # cat /etc/make.conf | grep USE USE=-X -acl -gpm -ipv6 -tcpd # equery depends attr [ Searching for packages depending on attr... ] sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) # equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) # equery depends hashalot [ Searching for packages depending on hashalot... ] # Looks like I can remove hashalot safely only. attr and pwdb must be added to world class. correct? Not so fast. Check to see if you do have the xattr flag enabled. In the kernel config probably? # cat /usr/src/linux/.config | grep -i XATTR # CONFIG_EXT2_FS_XATTR is not set # CONFIG_REISERFS_FS_XATTR is not set # CONFIG_CIFS_XATTR is not set The entry for attr is a conditional dependency: you don't need it if you don't have the xattr flag. (Equery is, at present, not smart enough to decipher dependency from USE.) # emerge --info | grep -i attr # Also, I'd thought that emerge --depclean has matured enough so that you don't get weird stuff like depclean telling you pwdb is save to remove, while equery tells you there's a hard dependency. Hm... probably you are right... But it happened after I synced portage tree this morning. W -- Willie W. Wong [EMAIL PROTECTED] 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given. -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wed, Feb 13, 2008 at 10:25:23PM +0200, Sergey Kobzar wrote: # cat /etc/make.conf | grep USE USE=-X -acl -gpm -ipv6 -tcpd # equery depends attr [ Searching for packages depending on attr... ] sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) # equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) # equery depends hashalot [ Searching for packages depending on hashalot... ] # Looks like I can remove hashalot safely only. attr and pwdb must be added to world class. correct? Not so fast. Check to see if you do have the xattr flag enabled. The entry for attr is a conditional dependency: you don't need it if you don't have the xattr flag. (Equery is, at present, not smart enough to decipher dependency from USE.) Also, I'd thought that emerge --depclean has matured enough so that you don't get weird stuff like depclean telling you pwdb is save to remove, while equery tells you there's a hard dependency. W -- Willie W. Wong [EMAIL PROTECTED] 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wed, Feb 13, 2008 at 10:03:42PM +0100, Henry Gebhardt wrote: Where does equery get that from? emerge -e pam doesn't show pwdb as a dependency. In fact, the ebuild checks whether you are using the pam_pwdb module, and if you do, warns you about it. I for my part just removed pwdb, and I can still log in as if nothing happend. (Also after a reboot.) [04:18 PM]wwong pam $ emerge --pretend --emptytree pam | grep pwdb [ebuild R ] sys-libs/pwdb-0.62 Also, [04:20 PM]wwong pam $ grep -C 3 pwdb pam-0.99.9.0.ebuild RDEPEND=nls? ( virtual/libintl ) cracklib? ( =sys-libs/cracklib-2.8.3 ) audit? ( sys-process/audit ) sys-libs/pwdb selinux? ( =sys-libs/libselinux-1.28 ) So, yes, pwdb is a runtime dependency. I don't actually run pam, so can't confirm what would happen if I remove pwdb. W -- Willie W. Wong [EMAIL PROTECTED] 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] [query] kernel-2.6.24 + ndiswrapper
Hi all, First of all thank you all. Finally i got my wireless card working with b43 drivers. But throughput is really low :-(. Below is dmesg output for b43 driver. snip flukebox flukebox # dmesg|grep b43 [ 27.087297] kobject b43: registering. parent: NULL, set: module [ 27.087328] kobject holders: registering. parent: b43, set: NULL [ 27.087404] fill_kobj_path: path = '/module/b43' [ 27.087501] kobject notes: registering. parent: b43, set: NULL [ 27.088021] bus ssb: add driver b43 [ 27.088030] kobject b43: registering. parent: NULL, set: drivers [ 27.088060] fill_kobj_path: path = '/bus/ssb/drivers/b43' [ 27.088075] ssb: Matched Device ssb0:0 with Driver b43 [ 27.088077] ssb: Probing driver b43 with device ssb0:0 [ 27.088201] b43-phy0: Broadcom 4311 WLAN found [ 27.124445] b43-phy0 debug: Found PHY: Analog 4, Type 2, Revision 8 [ 27.124465] b43-phy0 debug: Found Radio: Manuf 0x17F, Version 0x2050, Revision 2 [ 27.163484] bound device 'ssb0:0' to driver 'b43' [ 27.163487] ssb: Bound Device ssb0:0 to Driver b43 [ 27.163505] kobject drivers: registering. parent: b43, set: NULL [ 74.710234] input: b43-phy0 as /class/input/input11 [ 74.936281] b43-phy0 debug: Loading firmware version 351.126 (2006-07-29 05:54:02) [ 76.197406] b43-phy0 debug: Chip initialized [ 76.199682] b43-phy0 debug: 32-bit DMA initialized [ 76.213855] DEV: registering device: ID = 'b43-phy0:tx' [ 76.213863] kobject b43-phy0:tx: registering. parent: leds, set: devices [ 76.213883] PM: Adding info for No Bus:b43-phy0:tx [ 76.213906] fill_kobj_path: path = '/class/leds/b43-phy0:tx' [ 76.213927] Registered led device: b43-phy0:tx [ 76.213939] DEV: registering device: ID = 'b43-phy0:rx' [ 76.213947] kobject b43-phy0:rx: registering. parent: leds, set: devices [ 76.213966] PM: Adding info for No Bus:b43-phy0:rx [ 76.213989] fill_kobj_path: path = '/class/leds/b43-phy0:rx' [ 76.214007] Registered led device: b43-phy0:rx [ 76.214019] DEV: registering device: ID = 'b43-phy0:radio' [ 76.214027] kobject b43-phy0:radio: registering. parent: leds, set: devices [ 76.214045] PM: Adding info for No Bus:b43-phy0:radio [ 76.214068] fill_kobj_path: path = '/class/leds/b43-phy0:radio' [ 76.214086] Registered led device: b43-phy0:radio [ 76.214183] b43-phy0 debug: Wireless interface started [ 76.253791] b43-phy0 debug: Adding Interface type 2 /snip Actually this kernel log lines really help me out. snip Feb 14 02:29:45 [kernel] [ 28.088239] ssb: Matched Device ssb0:0 with Driver b43 Feb 14 02:29:45 [kernel] [ 28.088367] b43-phy0: Broadcom 4311 WLAN found Feb 14 02:29:45 [kernel] [ 28.122350] b43-phy0 debug: Found PHY: Analog 4, Type 2, Revision 8 Feb 14 02:29:45 [kernel] [ 28.122371] b43-phy0 debug: Found Radio: Manuf 0x17F, Version 0x2050, Revision 2 Feb 14 02:29:45 [kernel] [ 28.161505] bound device 'ssb0:0' to driver 'b43' Feb 14 02:29:45 [kernel] [ 28.161508] ssb: Bound Device ssb0:0 to Driver b43 Feb 14 02:29:45 [kernel] [ 28.161534] kobject drivers: registering. parent: b43, set: NULL Feb 14 02:29:45 [kernel] [ 98.817654] input: b43-phy0 as /class/input/input11 Feb 14 02:29:45 [kernel] [ 99.063914] b43-phy0 ERROR: YOUR FIRMWARE IS TOO NEW. Please downgrade your firmware. Feb 14 02:29:45 [kernel] [ 99.063917] b43-phy0 ERROR: Use this firmware tarball: http://downloads.openwrt.org/sources/broadcom-wl-4.80.53.0.tar.bz2 Feb 14 02:29:45 [kernel] [ 99.063920] b43-phy0 ERROR: Use this b43-fwcutter tarball: http://bu3sch.de/b43/fwcutter/b43-fwcutter-009.tar.bz2 Feb 14 02:29:45 [kernel] [ 99.063923] b43-phy0 ERROR: Read, understand and _do_ what this message says, please. Feb 14 02:29:45 [kernel] [ 99.081093] input: b43-phy0 as /class/input/input12 Feb 14 02:29:45 [kernel] [ 99.218499] b43-phy0 ERROR: Microcode not responding Feb 14 02:29:45 [kernel] [ 99.218503] b43-phy0 ERROR: You must go to http://linuxwireless.org/en/users/Drivers/b43#devicefirmware and download the correct firmware (version 4). Feb 14 02:29:45 [kernel] [ 99.339472] input: b43-phy0 as /class/input/input13 Feb 14 02:29:45 [kernel] [ 99.475159] b43-phy0 ERROR: YOUR FIRMWARE IS TOO NEW. Please downgrade your firmware. Feb 14 02:29:45 [kernel] [ 99.475163] b43-phy0 ERROR: Use this firmware tarball: http://downloads.openwrt.org/sources/broadcom-wl-4.80.53.0.tar.bz2 Feb 14 02:29:45 [kernel] [ 99.475166] b43-phy0 ERROR: Use this b43-fwcutter tarball: http://bu3sch.de/b43/fwcutter/b43-fwcutter-009.tar.bz2 Feb 14 02:29:45 [kernel] [ 99.475169] b43-phy0 ERROR: Read, understand and _do_ what this message says, please. Feb 14 02:29:45 [kernel] [ 100.073085] input: b43-phy0 as /class/input/input14 Feb 14 02:29:45 [kernel] [ 100.211085] b43-phy0 ERROR: Microcode not responding Feb 14 02:29:45 [kernel] [ 100.211088] b43-phy0 ERROR: You must go to http://linuxwireless.org/en/users/Drivers/b43#devicefirmware and download the correct firmware (version 4). /snip There after i did
Re: [gentoo-user] Is it sefe to unmerge?
On Wed, Feb 13, 2008 at 10:53:29PM +0200, Sergey Kobzar wrote: Not so fast. Check to see if you do have the xattr flag enabled. In the kernel config probably? No, I mean the USE variable. The entry for attr is a conditional dependency: you don't need it if you don't have the xattr flag. (Equery is, at present, not smart enough to decipher dependency from USE.) # emerge --info | grep -i attr # Right, so that means you don't have the xattr flag enabled. Which means you don't actually have a dependency on attr. W -- Willie W. Wong [EMAIL PROTECTED] 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
# equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) Where does equery get that from? emerge -e pam doesn't show pwdb as a dependency. In fact, the ebuild checks whether you are using the pam_pwdb module, and if you do, warns you about it. I for my part just removed pwdb, and I can still log in as if nothing happend. (Also after a reboot.) Also, I'd thought that emerge --depclean has matured enough so that you don't get weird stuff like depclean telling you pwdb is save to remove, while equery tells you there's a hard dependency. I think emerge --depclean is safe after emerge -DuN world, if you run revdep-rebuild afterwards. ~Henry
Re: [gentoo-user] [query] kernel-2.6.24 + ndiswrapper
On Wednesday 13 February 2008, dell core2duo wrote: Hi all, First of all thank you all. Finally i got my wireless card working with b43 drivers. But throughput is really low :-(. [cut] flukebox flukebox # iwconfig lono wireless extensions. eth0 no wireless extensions. wmaster0_rename no wireless extensions. wlan0 IEEE 802.11g ESSID:iitk Mode:Managed Frequency:2.442 GHz Access Point: 00:11:95:D8:E3:33 Bit Rate=1 Mb/s Tx-Power=27 dBm Retry min limit:7 RTS thr:off Fragment thr=2346 B Encryption key:off Link Quality=86/100 Signal level=-41 dBm Noise level=-69 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 Uhm, the solution might be as simple as doing iwconfig wlan0 rate 54M fixed. However, I just noticed that the linuxwireless page about b43 has changed since yesterday; there are new instructions regarding the versions of firmware and fwcutter tool to use (011), and specific info regarding kernel 2.6.24. Check it out: http://linuxwireless.org/en/users/Drivers/b43 Tomorrow I too am going to try the new instructions, and read some docs to at least try understanding what's going on with the new driver architecture (the *80211 stuff). -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wednesday 13 February 2008, Mick wrote: On Wednesday 13 February 2008, you wrote: Hi Mick, Wednesday, February 13, 2008, 9:14:31 PM, you wrote: # equery depends attr [ Searching for packages depending on attr... ] sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (acl? sys-apps/attr) YMMV. Hm... on my server: # cat /etc/make.conf | grep USE USE=-X -acl -gpm -ipv6 -tcpd # equery depends attr [ Searching for packages depending on attr... ] sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) # equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) # equery depends hashalot [ Searching for packages depending on hashalot... ] # Looks like I can remove hashalot safely only. attr and pwdb must be added to world class. correct? Try running: # regenworld It should catch any packages that should have been included in the world file, but for some reason hadn't. Don't forget that --declean is not infallible. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] [query] kernel-2.6.24 + ndiswrapper
On Wednesday 13 February 2008, dell core2duo wrote: Output for iwlist wlan0 scan is as below. flukebox flukebox # iwlist wlan0 scan wlan0 Scan completed : Cell 01 - Address: 00:11:95:D8:E3:33 ESSID:iitk Channel:7 Cell 02 - Address: 00:0F:B5:96:C6:70 ESSID:iitk Channel:10 Cell 03 - Address: 00:11:95:D8:E3:46 ESSID:iitk Channel:12 Cell 04 - Address: 00:0F:B5:96:C5:2B ESSID:iitk Channel:11 It seems you are using different APs with the same SSID. AFAIK, with 802.11b/g, to avoid confusing the wifi cards, neighboring AP channels should not overlap, which means they should be at least 5 channels apart (eg, 1,6,11 or 1,7,13, etc). APs transmitting on overlapping channels may cause interferences and confuse the wifi card, which might not be able to sense clearly when it is moving between APs, resulting in difficulties in deciding when to roam from one AP to another. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] [query] kernel-2.6.24 + ndiswrapper
On Feb 14, 2008 3:48 AM, Etaoin Shrdlu [EMAIL PROTECTED] wrote: On Wednesday 13 February 2008, dell core2duo wrote: Hi all, First of all thank you all. Finally i got my wireless card working with b43 drivers. But throughput is really low :-(. [cut] flukebox flukebox # iwconfig lono wireless extensions. eth0 no wireless extensions. wmaster0_rename no wireless extensions. wlan0 IEEE 802.11g ESSID:iitk Mode:Managed Frequency:2.442 GHz Access Point: 00:11:95:D8:E3:33 Bit Rate=1 Mb/s Tx-Power=27 dBm Retry min limit:7 RTS thr:off Fragment thr=2346 B Encryption key:off Link Quality=86/100 Signal level=-41 dBm Noise level=-69 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 Uhm, the solution might be as simple as doing iwconfig wlan0 rate 54Mfixed. This command set bit rate to 54Mb but card suddenly stopped working :-(. So, I revert back to previous mode. Now i can see variable rates. Network is working fine. So, i guess bit rate doesn't make much difference(does it ??). However, I just noticed that the linuxwireless page about b43 has changed since yesterday; there are new instructions regarding the versions of firmware and fwcutter tool to use (011), and specific info regarding kernel 2.6.24. Check it out: http://linuxwireless.org/en/users/Drivers/b43 I just checked, exactly first option suites my conditions and working fine. Tomorrow I too am going to try the new instructions, and read some docs to at least try understanding what's going on with the new driver architecture (the *80211 stuff). Good luck for you ! -- gentoo-user@lists.gentoo.org mailing list Thanks, Flukebox
Re: [gentoo-user] OpenVPN setup
Hi Grant, On Thu, Feb 14, 2008 at 1:19 AM, Grant [EMAIL PROTECTED] wrote: Thanks a lot for everyone's help. Here is a more to-the-point list of what I'd like to accomplish: 1. encrypt CUPS printouts between remote server and local print server 2. add an additional layer of security around SSH and CUPS on local firewall/print server 3. add an additional layer of security around SSH, IMAP, and non-standard port HTTPS on remote server 4. enable access to SMTP on remote server for me which is blocked by my local ISP It sounds like I have 3 choices: 1. VPN 2. SSH tunneling 3. Zebedee tunneling Would all 3 of these choices accomplish all 4 requirements? I would think SSH tunneling can't really add an additional layer around SSH. I'd just like to reiterate that most of those don't need any extra security. SSH and HTTPS are already secure, and IMAP and SMTP can be accessed over SSL (like HTTPS). These are all secure enough to be widely used without extra layers of encryption. Routing your printing over a tunnel is perfectly valid and, in my opinion, reason enough to set up OpenVPN and play with it :D I'd like to have something I can leave up all the time so the services are always protected and I don't have to go through an extra step to use email or print from the remote server. Can all 3 of these be left up all the time? Is there any reason not to leave this type of functionality up all the time? I can't speak for all of those options, but OpenVPN should be able to stay up all the time. I currently have an established OpenVPN connection to my work, it's been up for some five days now. I also have experience with a Cisco VPN, for which I use vpnc[1]... that thing goes down all the time. [1] http://www.unix-ag.uni-kl.de/~massar/vpnc/ It sounds like VPN would be the most difficult to set up and maintain, followed by SSH tunneling, followed by Zebedee tunneling. Maybe I'm wrong though. With tunneling, would I need to set up 4 or 5 different tunnels for CUPS, IMAP, SMTP, non-standard port HTTPS, and SSH (if I'm using Zebedee)? You can establish only one tunnel. Think of it this way, creating a tunnel is analogous to adding a NIC to your system. It will be called tun0 or tap0 (depending on whether you're tunneling or bridging). Then your system has an IP on your physical NIC (eth0) and your tun/tap interface as well. Your machine is now part of two network segments, the physical one and the virtual one. You only need one VPN tunnel; configure all your apps to route their CUPS, IMAP, SMTP, HTTPS and SSH connections through that virtual network. To send me mail, mail servers need to connect to my remote server's SMTP right? Would setting up a tunnel or VPN for my SMTP access interfere with that? I would imagine your SMTP port needs to be accessible from the outside world in order to receive mail... so as long as packets bound for that machine's IP on port 25 (is it?) will reach the machine, you'll be OK. Perhaps someone more knowledgeable on mail servers can clarify this. At any rate, why not just go ahead with OpenVPN, set it up and see how it works for you? You'll be in a much better position then to determine whether it's really what you want or need. Have fun! Mike -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Mick, Thursday, February 14, 2008, 12:22:20 AM, you wrote: On Wednesday 13 February 2008, Mick wrote: On Wednesday 13 February 2008, you wrote: Hi Mick, Wednesday, February 13, 2008, 9:14:31 PM, you wrote: # equery depends attr [ Searching for packages depending on attr... ] sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (acl? sys-apps/attr) YMMV. Hm... on my server: # cat /etc/make.conf | grep USE USE=-X -acl -gpm -ipv6 -tcpd # equery depends attr [ Searching for packages depending on attr... ] sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) # equery depends pwdb [ Searching for packages depending on pwdb... ] sys-libs/pam-0.99.9.0 (sys-libs/pwdb) # equery depends hashalot [ Searching for packages depending on hashalot... ] # Looks like I can remove hashalot safely only. attr and pwdb must be added to world class. correct? Try running: # regenworld It should catch any packages that should have been included in the world file, but for some reason hadn't. Don't forget that --declean is not infallible. Sorry for delay. regenworld didn't find attr, pwdb and hashalot packages. It just added packages I updated using 'emerge -uDN package_name' command instead of 'emerge -uDN world' by mistake. -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Willie, So, I can unmerge hashalot and attr safely. How can I add pwdb to the system (or maybe world is more correct) class? Wednesday, February 13, 2008, 11:22:54 PM, you wrote: On Wed, Feb 13, 2008 at 10:03:42PM +0100, Henry Gebhardt wrote: Where does equery get that from? emerge -e pam doesn't show pwdb as a dependency. In fact, the ebuild checks whether you are using the pam_pwdb module, and if you do, warns you about it. I for my part just removed pwdb, and I can still log in as if nothing happend. (Also after a reboot.) [04:18 PM]wwong pam $ emerge --pretend --emptytree pam | grep pwdb [ebuild R ] sys-libs/pwdb-0.62 Also, [04:20 PM]wwong pam $ grep -C 3 pwdb pam-0.99.9.0.ebuild RDEPEND=nls? ( virtual/libintl ) cracklib? ( =sys-libs/cracklib-2.8.3 ) audit? ( sys-process/audit ) sys-libs/pwdb selinux? ( =sys-libs/libselinux-1.28 ) So, yes, pwdb is a runtime dependency. I don't actually run pam, so can't confirm what would happen if I remove pwdb. W -- Willie W. Wong [EMAIL PROTECTED] 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given. -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: load too high
how about cron jobs like updatedb? Is there any disk activity? -- Iain Buchanan iaindb at netspace dot net dot au tigah_- i have 4gb for /tmp Knghtbrd What do you do with 4G /tmp? Compile X? tigah_- yes -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: load too high
On Thursday 14 February 2008, Iain Buchanan wrote: how about cron jobs like updatedb? Is there any disk activity? -- Iain Buchanan iaindb at netspace dot net dot au tigah_- i have 4gb for /tmp Knghtbrd What do you do with 4G /tmp? Compile X? tigah_- yes Ahem. 'scuse me: I have 5.5G for /var/tmp Wanna guess why? -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Wednesday 13 February 2008, Mick wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: Thanks, Alan! Wednesday, February 13, 2008, 7:00:51 PM, you wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself # equery depends attr [ Searching for packages depending on attr... ] sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (acl? sys-apps/attr) True, but mine is in world. I probably ran my eye down a list of packages one day and ran 'emerge -av list of possibly useful stuff' without putting a whole lot of thought into it -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
2008/2/13, Willie Wong [EMAIL PROTECTED]: On Wed, Feb 13, 2008 at 10:03:42PM +0100, Henry Gebhardt wrote: Where does equery get that from? emerge -e pam doesn't show pwdb as a dependency. In fact, the ebuild checks whether you are using the pam_pwdb module, and if you do, warns you about it. I for my part just removed pwdb, and I can still log in as if nothing happend. (Also after a reboot.) [04:18 PM]wwong pam $ emerge --pretend --emptytree pam | grep pwdb [ebuild R ] sys-libs/pwdb-0.62 Also, [04:20 PM]wwong pam $ grep -C 3 pwdb pam-0.99.9.0.ebuild RDEPEND=nls? ( virtual/libintl ) cracklib? ( =sys-libs/cracklib-2.8.3 ) audit? ( sys-process/audit ) sys-libs/pwdb selinux? ( =sys-libs/libselinux-1.28 ) So, yes, pwdb is a runtime dependency. I don't actually run pam, so can't confirm what would happen if I remove pwdb. Holy shit, what's going on? The ebuild in the portage tree is different than the one in /var/db/pkg/. Is it normal to update an ebuild but not its revision number? Here is the diff: [EMAIL PROTECTED] ~ $ diff -Naur /var/db/pkg/sys-libs/pam- 0.99.9.0/pam-0.99.9.0.ebuild /usr/portage/sys-libs/pam/pam-0.99.9.0.ebuild --- /var/db/pkg/sys-libs/pam-0.99.9.0/pam-0.99.9.0.ebuild2007-12-19 07:25:45.0 +0100 +++ /usr/portage/sys-libs/pam/pam-0.99.9.0.ebuild2008-02-10 19:07: 14.0 +0100 @@ -1,6 +1,6 @@ -# Copyright 1999-2007 Gentoo Foundation +# Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.99.9.0.ebuild,v 1.112007/11/24 11:27:34 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.99.9.0.ebuild,v 1.162008/02/10 17:59:34 flameeyes Exp $ WANT_AUTOCONF=latest WANT_AUTOMAKE=latest @@ -17,15 +17,15 @@ LICENSE=PAM SLOT=0 -KEYWORDS=alpha amd64 ~arm hppa ia64 ~m68k ppc ppc64 ~s390 ~sh sparc x86 +KEYWORDS=alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 IUSE=cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc RDEPEND=nls? ( virtual/libintl ) cracklib? ( =sys-libs/cracklib-2.8.3 ) audit? ( sys-process/audit ) -sys-libs/pwdb selinux? ( =sys-libs/libselinux-1.28 ) DEPEND=${RDEPEND} +sys-devel/flex test? ( elibc_glibc? ( =sys-libs/glibc-2.4 ) ) nls? ( sys-devel/gettext ) PDEPEND=vim-syntax? ( app-vim/pam-syntax ) @@ -37,7 +37,7 @@ check_old_modules() { local retval=0 -if sed -e 's:#.*::' /etc/pam.d/* | fgrep -q pam_stack.so; then +if sed -e 's:#.*::' ${ROOT}/etc/pam.d/* 2/dev/null | fgrep -q pam_stack.so; then eerror eerror Your current setup is using the pam_stack module. eerror This module is deprecated and no longer supported, and since version @@ -53,7 +53,7 @@ retval=1 fi -if sed -e 's:#.*::' /etc/pam.d/* | egrep -q 'pam_(pwdb|radius|timestamp|console)'; then +if sed -e 's:#.*::' ${ROOT}/etc/pam.d/* 2/dev/null | egrep -q 'pam_(pwdb|radius|timestamp|console)'; then eerror eerror Your current setup is using one or more of the following modules, eerror that are not built or supported anymore: @@ -75,7 +75,7 @@ # This works only for those modules that are moved to sys-auth/$module, or the # message will be wrong. for module in pam_chroot pam_userdb; do -if sed -e 's:#.*::' /etc/pam.d/* | fgrep -q ${module}.so; then +if sed -e 's:#.*::' ${ROOT}/etc/pam.d/* 2/dev/null | fgrep -q ${module}.so; then ewarn ewarn Your current setup is using the ${module} module. ewarn Since version 0.99, ${CATEGORY}/${PN} does not provide this module Thanks for your response W. ~Henry
Re: [gentoo-user] Is it sefe to unmerge?
On Thu, 14 Feb 2008 01:34:21 +0200 Sergey Kobzar [EMAIL PROTECTED] wrote: Alan, thanks again :) Last question. How can I update selected packages correctly? Before I used 'emerge -uDN package_name' command, but it adds package to the world class, which is IMHO is not fully correct. Use --oneshot To update whole system, I must use 'emerge -uDN world', right? Thursday, February 14, 2008, 1:17:35 AM, you wrote: On Thursday 14 February 2008, Sergey Kobzar wrote: Hi Willie, So, I can unmerge hashalot and attr safely. How can I add pwdb to the system (or maybe world is more correct) class? emerge -n pwdb It won't recompile pwdb in your case as you already have it, so it will just add it to world -- Alan McKinnon alan dot mckinnon at gmail dot com Brian signature.asc Description: PGP signature
Re[2]: [gentoo-user] Is it sefe to unmerge?
Alan, thanks again :) Last question. How can I update selected packages correctly? Before I used 'emerge -uDN package_name' command, but it adds package to the world class, which is IMHO is not fully correct. To update whole system, I must use 'emerge -uDN world', right? Thursday, February 14, 2008, 1:17:35 AM, you wrote: On Thursday 14 February 2008, Sergey Kobzar wrote: Hi Willie, So, I can unmerge hashalot and attr safely. How can I add pwdb to the system (or maybe world is more correct) class? emerge -n pwdb It won't recompile pwdb in your case as you already have it, so it will just add it to world -- Alan McKinnon alan dot mckinnon at gmail dot com -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: load too high
On Thu, 2008-02-14 at 01:20 +0200, Alan McKinnon wrote: On Thursday 14 February 2008, Iain Buchanan wrote: how about cron jobs like updatedb? Is there any disk activity? -- Iain Buchanan iaindb at netspace dot net dot au tigah_- i have 4gb for /tmp Knghtbrd What do you do with 4G /tmp? Compile X? tigah_- yes Ahem. 'scuse me: I have 5.5G for /var/tmp Wanna guess why? well, this is Gentoo, so compile X where X=any damn large enough package probably still fits :) Openoffice for example? cya, -- Iain Buchanan iaindb at netspace dot net dot au Of all men's miseries, the bitterest is this: to know so much and have control over nothing. -- Herodotus -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] OpenVPN setup
On Wed, 2008-02-13 at 08:19 -0800, Grant wrote: Thanks a lot for everyone's help. Here is a more to-the-point list of what I'd like to accomplish: 1. encrypt CUPS printouts between remote server and local print server 2. add an additional layer of security around SSH and CUPS on local firewall/print server 3. add an additional layer of security around SSH, IMAP, and non-standard port HTTPS on remote server 4. enable access to SMTP on remote server for me which is blocked by my local ISP It sounds like I have 3 choices: 1. VPN 2. SSH tunneling 3. Zebedee tunneling Simplyfy - send cups and smtp send only by zebedee SSH and HTTPS are already highly regarded as safe. Convert your email reading to to the secure imaps. Experience over the years has me sitting on the side of using as few layers as possible - anything you add is going to increase complexity (management time) and reduce reliability. I do run openvpn and zebedee (in the past) using iptables to restrict access, and the services themselves are killed/restarted at appropriate times via cron to minimise exposure. Zebedee handles it very well (except when in server mode on a doze box!!) - openvpn can be a bit .. ah ... fussy ... I find it will sometimes get in a loop of out of sync connection attempts requiring manually logging into both ends to fix, and complex routing is always fun. It is more designed to be always up and available rather than on/off. Zebedee however can handle most scenarios quite well, including a server behind a firewall where it can call out to the client. BillK -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] layman -L does not show ecatmur, but I can layman -a ecatmur.
Mark David Dumlao wrote: I'm currently dual-booting a machine that I'd like to shift completely to gentoo, but I left an ubuntu installaiton in the other disk (where I hope to transfer my gentoo). However, my brother has been downloading some torrents for weeks on end, and their sessions have been left alive in the gnome-btdownload interface. It gets annoying when he boots up to ubuntu sometimes because I often remotely login to my machine and all. So I thought to install gnome-btdownload. Unfortunately I couldnt find it in portage a few weeks ago, and I just forgot about it. Today I logged in remotely to my machine, remembered my old problem, and decided to hunt for an ebuild. I noticed that it's in the ecatmur tree, so I thought just to add it on layman and get it done with. TOTALLY WEIRD. I do a layman -L on my machine and strangely enough, ecatmur isn't listed. I think I've used it beore on layman though, so I look up the overlays listing on the gentoo overlays list, here: http://www.gentoo.org/proj/en/overlays/layman-global.txt Sure enough, ecatmur is present. So I just blindly go layman -a ecatmur and he gets added. I don't understand why layman wouldn't report ecatmur in his listing but accepts ecatmur there anyway when I add? Is this a bug? trixie / # layman --version 1.1.1 trixie / # emerge --version Portage 2.1.3.19 http://2.1.3.19 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.22-ck1 x86_64) weird? I remember somewhere that there was something you had to edit to make the overlays appear in the listing, (the stock layman would only show a few entries I think). Maybe this is an extension of that idea but I couldn't find what to edit in the documentation. Any ideas? -- thing. Try layman -Lk -k, --nocheck Do not check overlay definitions and do not issue a warning if description or contact information are missing. --Joshua Doll -- gentoo-user@lists.gentoo.org mailing list
Re[2]: [gentoo-user] Is it sefe to unmerge?
Hi Dale, Thursday, February 14, 2008, 3:10:09 AM, you wrote: Alan McKinnon wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself I have attr on here as well. This is what equery says: [EMAIL PROTECTED] / # equery depends attr [ Searching for packages depending on attr... ] app-backup/dar-2.2.6 (acl? sys-apps/attr) gnome-base/gnome-vfs-2.20.1-r1 (acl? sys-apps/attr) sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) [EMAIL PROTECTED] / # Seems like a few packages depend on it here. OP, have you had any of these installed at some point? In my system only one package which requires attr is sys-apps/coreutils. But because acl support is disabled, it does not need attr too. Dale :-) :-) -- Sergey -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
Alan McKinnon wrote: On Wednesday 13 February 2008, Sergey Kobzar wrote: attr provides extended attributes to ext2/3 and XFS file systems, used by selinux and posix capabilities. If you use these features, you already are aware of it. So, if I use reiserfs w/o ext attrs (option in kernel), I don't need it probably. Correct? You certainly don't need it, as attr doesn't support reiser. I'm looking at my own reiser-based machine and wondering why on earth I ever merged it myself I have attr on here as well. This is what equery says: [EMAIL PROTECTED] / # equery depends attr [ Searching for packages depending on attr... ] app-backup/dar-2.2.6 (acl? sys-apps/attr) gnome-base/gnome-vfs-2.20.1-r1 (acl? sys-apps/attr) sys-apps/acl-2.2.45 (=sys-apps/attr-2.4) sys-apps/coreutils-6.9-r1 (xattr? sys-apps/attr) [EMAIL PROTECTED] / # Seems like a few packages depend on it here. OP, have you had any of these installed at some point? Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] Make Konqueror use same plugins as Firefox
How can I make Konqueror use the same plugins as Firefox? I've installed mplayer and that seems to have allowed Firefox to display online videos in QuickTime format, but try the same link in Konqueror and I get a message telling me no plugin for Quictime video is found and offering to download it... of course that only leads to pples site. There is an area in the Konq setup to add plugins. That dialog shows that it looks in the plugin locations for firefox anyway though so if its in there then it should be found I'd think. When clicking the video links in firefox I see a splash screen that appears briefly saying something like: mplayer Plugin, embedded video player for mozilla. So maybe I need something else for Konqueror to be able to play these QT video links? -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Thu, Feb 14, 2008 at 12:58:03AM +0100, Penguin Lover Henry Gebhardt squawked: So, yes, pwdb is a runtime dependency. I don't actually run pam, so can't confirm what would happen if I remove pwdb. Holy shit, what's going on? The ebuild in the portage tree is different than the one in /var/db/pkg/. Is it normal to update an ebuild but not its revision number? Here is the diff: ---snipped--- Damn, I spoke too soon. Just re-synced, and now this pops in the Changelog for pam 10 Feb 2008; Diego PettenC3B2 [EMAIL PROTECTED] pam-0.99.8.1-r1.ebuild, pam-0.99.9.0.ebuild: Remove dependency over pwdb, pam_pwdb is no more present in PAM 0.99, so the dependency was bogus. So, yeah, pwdb is not a dependency anymore and people can safely remove it. W -- Somehow I feel like I needed the attention ~Poly Chan. After his noodle and beef stir-fry stirred the fire alarm and caused two fire engines and one ambulance to gather outside our dorm door. 06-09-2002 Sortir en Pantoufles: up 433 days, 2:43 -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] kernel BUG when unplugging usb?
Hi all, When I unplug my usb mouse and keyboard for longer than a few seconds (not sure of the exact time, but must be more than, say, 5 seconds) I get a BUG message in dmesg. When I plug them back in, they don't work! I just tried to unload reload usb-hid, but modprobe locked up on the reload. It appears the only way to fix it is to reboot. This happens with tuxonice sources 2.6.23-r9 but never happened with 2.6.22.* or earlier. Here's the dmesg output: usb 3-2: USB disconnect, address 5 usb 2-1: USB disconnect, address 4 BUG: unable to handle kernel paging request at virtual address 00100100 printing eip: c029e85c *pde = 4b79c067 Oops: [#1] PREEMPT SMP Modules linked in: ndiswrapper rndis_host cdc_ether usbnet rfcomm l2cap ntfs smbfs vfat fat autofs4 snd_pcm_oss snd_mixer_oss snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device i8k usbhid ohci1394 ieee1394 hci_usb b44 snd_intel8x0 yenta_socket rsrc_nonstatic snd_ac97_codec ac97_bus snd_pcm ehci_hcd irda fglrx(P) pcmcia_core uhci_hcd usbcore snd_timer crc_ccitt snd_page_alloc CPU:0 EIP:0060:[c029e85c]Tainted: PVLI EFLAGS: 00010206 (2.6.23-tuxonice-r9 #6) EIP is at evdev_disconnect+0x5b/0x96 eax: ebx: 000ffcf0 ecx: edx: f7cb8aa0 esi: f7062c00 edi: f7062c5c ebp: f7062600 esp: f7645e8c ds: 007b es: 007b fs: 00d8 gs: ss: 0068 Process khubd (pid: 1350, ti=f7644000 task=c1b2f000 task.ti=f7644000) Stack: dd278800 dd278f98 ecc9f000 c029cc42 c7a4b000 ecc9f000 0202 ee8edca0 ecc9fc58 c02aeabd c7a4b01c c7a4b000 ecc9f000 f92d32a9 f7062600 f706261c f92d8140 ee087458 f92a91ff f706261c f92d8178 Call Trace: [c029cc42] input_unregister_device+0x67/0xfc [c02aeabd] hidinput_disconnect+0x2e/0x47 [f92d32a9] hid_disconnect+0x76/0xce [usbhid] [f92a91ff] usb_unbind_interface+0x2d/0x6e [usbcore] [c026b148] __device_release_driver+0x71/0x8e [c026b4d0] device_release_driver+0x1e/0x34 [c026ab46] bus_remove_device+0x5e/0x6c [c0269673] device_del+0x19e/0x212 [f92a6f61] usb_disable_device+0x5c/0xbb [usbcore] [f92a3ab0] usb_disconnect+0x83/0xe6 [usbcore] [f92a411a] hub_thread+0x319/0x9ff [usbcore] [c0325dd9] __sched_text_start+0x589/0x5b7 [c013060c] autoremove_wake_function+0x0/0x35 [f92a3e01] hub_thread+0x0/0x9ff [usbcore] [c013053d] kthread+0x38/0x5f [c0130505] kthread+0x0/0x5f [c0104adf] kernel_thread_helper+0x7/0x10 === Code: e8 6d d2 ff ff 8b 5e 54 eb 1b 8d 83 08 04 00 00 b9 06 00 02 00 ba 1d 00 00 00 e8 0b 3d ed ff 8b 9b 10 04 00 00 81 eb 10 04 00 00 8b 83 10 04 00 00 0f 18 00 90 8d 93 10 04 00 00 8d 46 54 39 c2 EIP: [c029e85c] evdev_disconnect+0x5b/0x96 SS:ESP 0068:f7645e8c atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. atkbd.c: Unknown key pressed (translated set 2, code 0x86 on isa0060/serio0). atkbd.c: Use 'setkeycodes e006 keycode' to make it known. Strange as it sounds, I haven't had much experience with these- where do I start looking? thanks, -- Iain Buchanan iaindb at netspace dot net dot au The gates in my computer are AND, OR and NOT; they are not Bill. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Is it sefe to unmerge?
On Thu, Feb 14, 2008 at 01:17:35AM +0200, Penguin Lover Alan McKinnon squawked: emerge -n pwdb Actually, don't do that. Alan gave the right answer, but it seems that my portage tree was just a few days out of date. flameeyes just removed the dependency for pwdb from pam. (See my other reply for the message. So this might actually explain why depclean and equery depends gave you different answers: one was reading the new entry for pam in the tree, and one was reading the old entry for (the same version... why didn't they bump the version?) pam in /var/db. And since the version was not bumped, your emerge --update world or whatever did not think to rebuild pam (and copy the new ebuild to /var/db) A weird incident at that. Best wishes, W -- One man's vacuum is another man's sewer. ~N. Milleron Sortir en Pantoufles: up 433 days, 2:45 -- gentoo-user@lists.gentoo.org mailing list