Re: [gentoo-user] Deleted my kernel .config
Am Freitag, den 23.01.2009, 01:53 -0600 schrieb ext Dale: I'll show this just in case it will give someone ides. Here's another approach: % ll /boot insgesamt 9644 lrwxrwxrwx 1 root root 1 17. Jan 2006 boot - ./ drwxr-xr-x 2 root root1024 21. Mai 2008 grub/ drwx-- 2 root root 12288 11. Okt 2005 lost+found/ -rw-r--r-- 1 root root 4892720 22. Jan 14:25 vmlinux-2.6.28.1.gz -rw-r--r-- 1 root root 4892272 16. Jan 15:32 vmlinux-2.6.28.gz lrwxrwxrwx 1 root root 19 22. Jan 14:26 vmlinux.gz - vmlinux-2.6.28.1.gz lrwxrwxrwx 1 root root 17 22. Jan 14:26 vmlinux.old.gz - vmlinux-2.6.28.gz No System.map (what's it good for, anyway?) No .config (it's in /proc/config.gz). No need to edit grub.conf as the symlinks are updated using a small script (which also removes old module directories from /lib/modules). No initrd as an embedded initramfs is used (hence the size of the kernels). Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: dirk.heinri...@capgemini.com Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net
Re: [gentoo-user] Deleted my kernel .config
Grant schrieb: Well, I deleted my kernel .config. Is there any way to magically re-create it from the compiled kernel image or any other way? - Grant yes if you had selected 'kernel .config support' when you made the kernel. that's in the 'General setup'. if you did that you'll find /proc/config.gz over there. I do have /proc/config.gz, but when I move it to /usr/src/2.6.25-hardened-r13 and run 'make oldconfig' it comes up with many differences. I'm booted into 2.6.25-hardened-r11 and there shouldn't be any config differences between that and r13. Does anyone know what's going on here? - Grant do one of those two things and it should work: zcat /proc/config.gz /usr/src/linux/.config or /usr/src/linux/scripts/extract-ikconfig /boot/YOURKERNEL /usr/src/linux/.config. Than run make oldconfig. signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Deleted my kernel .config
Am Freitag, den 23.01.2009, 09:28 +0100 schrieb ext Justin: do one of those two things and it should work: zcat /proc/config.gz /usr/src/linux/.config or /usr/src/linux/scripts/extract-ikconfig /boot/YOURKERNEL /usr/src/linux/.config. What if he doesn't have CONFIG_IKCONFIG_PROC=y in his (running) kernel? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: dirk.heinri...@capgemini.com Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net
Re: [gentoo-user] Deleted my kernel .config
Dirk Heinrichs schrieb: Am Freitag, den 23.01.2009, 09:28 +0100 schrieb ext Justin: do one of those two things and it should work: zcat /proc/config.gz /usr/src/linux/.config or /usr/src/linux/scripts/extract-ikconfig /boot/YOURKERNEL /usr/src/linux/.config. What if he doesn't have CONFIG_IKCONFIG_PROC=y in his (running) kernel? Bye... Dirk Than he has a non solvable problem recovering his config. But, who will remove this option? signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Deleted my kernel .config
Dirk Heinrichs wrote: Am Freitag, den 23.01.2009, 01:53 -0600 schrieb ext Dale: I'll show this just in case it will give someone ides. Here's another approach: % ll /boot insgesamt 9644 lrwxrwxrwx 1 root root 1 17. Jan 2006 boot - ./ drwxr-xr-x 2 root root1024 21. Mai 2008 grub/ drwx-- 2 root root 12288 11. Okt 2005 lost+found/ -rw-r--r-- 1 root root 4892720 22. Jan 14:25 vmlinux-2.6.28.1.gz -rw-r--r-- 1 root root 4892272 16. Jan 15:32 vmlinux-2.6.28.gz lrwxrwxrwx 1 root root 19 22. Jan 14:26 vmlinux.gz - vmlinux-2.6.28.1.gz lrwxrwxrwx 1 root root 17 22. Jan 14:26 vmlinux.old.gz - vmlinux-2.6.28.gz No System.map (what's it good for, anyway?) No .config (it's in /proc/config.gz). No need to edit grub.conf as the symlinks are updated using a small script (which also removes old module directories from /lib/modules). No initrd as an embedded initramfs is used (hence the size of the kernels). Bye... Dirk But if a kernel gets corrupted or accidentally deleted, there will be no /proc/config.gz since the kernel won't boot. I have that turned on here to but I'm not going to put all my eggs in that one basket. I couldn't write a script anyway plus I only update kernels once in a blue moon anyway. I'm still running 2.6.23 right now. The new one is compiled and ready but I just haven't rebooted in a while. I was wondering about that system.map thing. It's been there a long while. I just redone my install and I only saved /boot, make.conf, world and a couple other files, plus my /home naturally. Dale :-) :-)
Re: [gentoo-user] Deleted my kernel .config
Am Freitag, den 23.01.2009, 02:45 -0600 schrieb ext Dale: But if a kernel gets corrupted or accidentally deleted mount -oremount,ro /boot solves that problem for me. It's the last command in the update script I mentioned before. And there's always GRML, just in case :-) Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: dirk.heinri...@capgemini.com Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net
Re: [gentoo-user] Deleted my kernel .config
Am Freitag, den 23.01.2009, 09:45 +0100 schrieb ext Justin: But, who will remove this option? This is how it looks like in a freshly unpacked kernel tree (or after make mrproper): Kernel .config support So I guess kernel devs did it for him. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: dirk.heinri...@capgemini.com Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net
[gentoo-user] Amarok only masked with ~x86 keyword
Hello, What does it means when the ~amd64 is not one of the keywords used to mask the package? The problem I have is that I would like to install amarok 2 but I cannot unmask it by accepting ~amd64. It is safe to unmask it using ~x86 even though my system is amd64? Thanks in advance. Best, Damian.
Re: [gentoo-user] Deleted my kernel .config
Dirk Heinrichs wrote: Am Freitag, den 23.01.2009, 02:45 -0600 schrieb ext Dale: But if a kernel gets corrupted or accidentally deleted mount -oremount,ro /boot solves that problem for me. It's the last command in the update script I mentioned before. And there's always GRML, just in case :-) Bye... Dirk I better stick with my way. None of that made any sense to me. o_O Dale :-) :-)
Re: [gentoo-user] Deleted my kernel .config
Dirk Heinrichs schrieb: Am Freitag, den 23.01.2009, 09:45 +0100 schrieb ext Justin: But, who will remove this option? This is how it looks like in a freshly unpacked kernel tree (or after make mrproper): Kernel .config support So I guess kernel devs did it for him. Bye... Dirk kk, thats an argument. I never started from a fresh tree, always from a existing .config. Some days ago I found this line in my grub.conf: # grub.conf generated by anaconda So it might be, that my kernel-config's history reaches back more than five years to my old fedora days. :) signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Amarok only masked with ~x86 keyword
On Friday 23 January 2009 11:11:18 Damian wrote: Hello, What does it means when the ~amd64 is not one of the keywords used to mask the package? The problem I have is that I would like to install amarok 2 but I cannot unmask it by accepting ~amd64. It is safe to unmask it using ~x86 even though my system is amd64? The ebuild has this: $ grep KEYWORDS amarok-2.0.1.1.ebuild KEYWORDS=~x86 So it's not even tested on amd64. The answer is in 'man portage': Note: In addition to the normal values from ACCEPT_KEYWORDS package.key- words supports three special tokens: * package is visible if it is stable on any architecture ~* package is visible if it is in testing on any architecture ** package is always visible (KEYWORDS are ignored completely) -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Amarok only masked with ~x86 keyword
On Fri, Jan 23, 2009 at 10:48 AM, Alan McKinnon alan.mckin...@gmail.com wrote: On Friday 23 January 2009 11:11:18 Damian wrote: Hello, What does it means when the ~amd64 is not one of the keywords used to mask the package? The problem I have is that I would like to install amarok 2 but I cannot unmask it by accepting ~amd64. It is safe to unmask it using ~x86 even though my system is amd64? The ebuild has this: $ grep KEYWORDS amarok-2.0.1.1.ebuild KEYWORDS=~x86 So it's not even tested on amd64. The answer is in 'man portage': Thanks Alan. Best, Damian. Note: In addition to the normal values from ACCEPT_KEYWORDS package.key- words supports three special tokens: * package is visible if it is stable on any architecture ~* package is visible if it is in testing on any architecture ** package is always visible (KEYWORDS are ignored completely) -- alan dot mckinnon at gmail dot com
[gentoo-user] problems with rtl8187
Hi there! Yesterday I updated my kernel to 2.6.27-gentoo-r8 and wanted to give the rtl8187-module a try. I am using an Alpha-Network WLAN-USB-Adapter with the Realtek 8187-chipset. The problem is following: After loading the module and configuring the interface, everything works fine for about 10 seconds, and then the connections breaks up. /var/log/messages doesn't show anything. I have to reload the module and re-configure the interface to have it work for another 10 seconds. I blacklisted rtl8187 and installed the r8187-driver-module from http://dl.aircrack-ng.org/drivers/. This works fine, but I don't know why the kernel-driver does not work as it should. Any ideas? -- Dominic Kexel nexe...@evil-monkey-in-my-closet.com
Re: [gentoo-user] Amarok only masked with ~x86 keyword
On Friday 23 January 2009 12:06:43 Damian wrote: On Fri, Jan 23, 2009 at 10:48 AM, Alan McKinnon alan.mckin...@gmail.com wrote: On Friday 23 January 2009 11:11:18 Damian wrote: Hello, What does it means when the ~amd64 is not one of the keywords used to mask the package? The problem I have is that I would like to install amarok 2 but I cannot unmask it by accepting ~amd64. It is safe to unmask it using ~x86 even though my system is amd64? The ebuild has this: $ grep KEYWORDS amarok-2.0.1.1.ebuild KEYWORDS=~x86 So it's not even tested on amd64. The answer is in 'man portage': Thanks Alan. I almost forgot - trying to emerge amarok2.0.1.1 is almost guaranteed to fail due to the amarok devs have no clue as to how mysql is built, plus other errors: http://bugs.gentoo.org/show_bug.cgi?id=238487 http://bugs.gentoo.org/show_bug.cgi?id=250870 -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Restricting Firefox website access
When I asked about content filtering a couple of months ago, everyone said Squid was rubbish. Squid is a solid product. But it has the same benefit as most other OSS products - flexibility. Flexibility means we can build a really nifty self-healing scalable solutions - or we can make decisions that cause pain. /shrug Dunno. YMMV -- Matt
Re: [gentoo-user] Howto share Linux swap partition with Windows XP
On 23 Jan 2009, at 05:16, Grant Edwards wrote: ... I found a very slick solution that lets Windows XP use a Linux swap partition for swap/paging/vm/whatever-MS-calls-it: http://db.bme.hu/~surprof/SwapFs-i/ That looks a really cool useful idea. However, I have a reservation. Since you NEED to use it - perhaps for space considerations? - the go for it, by all means. But if this driver is slower at reads or writes than Windows' own NTFS driver then it may actually slow the computer down. In the case of a driver written by an individual, who is likely not as familiar with Windows' APIs, or who may not be able to use the private APIs used by Windows' own filesystem drivers, I find it quite possible the performance may be questioned. Stroller.
Re: [gentoo-user] Deleted my kernel .config
Quoting Justin jus...@j-schmitz.net: Than he has a non solvable problem recovering his config. But, who will remove this option? Not remove, but someone (me for example) could make it =m ;-) In that case you just do: modprobe configs gunzip -c /proc/config.gz /usr/src/linux/.config make oldconfig This message was sent using IMP, the Internet Messaging Program.
Re: [gentoo-user] Deleted my kernel .config
2009/1/23 Norberto Bensa nbe...@gmail.com Quoting Justin jus...@j-schmitz.net: Than he has a non solvable problem recovering his config. But, who will remove this option? Not remove, but someone (me for example) could make it =m ;-) In that case you just do: modprobe configs gunzip -c /proc/config.gz /usr/src/linux/.config make oldconfig This message was sent using IMP, the Internet Messaging Program. Why make oldconfig? Is not better just do make and make modules_install? make oldconfig only can give you problems i don,t see any benefict.. just my person experience...
[gentoo-user] shoutcast problem 64bit gentoo
Hi,
I've just installed 64bit gentoo on one of these machines:
http://www.ovh.pl/produkty/eg_best_of.xml
Everything seens to be fine. I use hardened profile but I've got problem
with ...running a shoutcast server.
I didn't find answer on winamp.com forum and google.
It's exactly the same problem like here:
http://forums.winamp.com/printthread.php?s=48cd69919741579a3c1e4a8b0ac3e38bthreadid=229419
At my server it fails this way:
gentoo shoutcast # pwd
/home/something/shoutcast
gentoo shoutcast # file *
logs: directory
sc_serv: ELF 32-bit LSB executable, Intel 80386, version 1
(SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), stripped
sc_serv8002.conf: ASCII English text, with CRLF, LF line terminators
gentoo shoutcast # strace ./sc_serv
execve(./sc_serv, [./sc_serv], [/* 26 vars */]) = -1 ENOENT (No such
file or directory)
dup(2) = 3
fcntl(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x708341026000
lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
write(3, strace: exec: No such file or dir..., 40strace: exec: No such
file or directory
) = 40
close(3)= 0
munmap(0x708341026000, 4096)= 0
exit_group(1) = ?
gentoo shoutcast # /etc/init.d/shoutcast start
* Starting Shoutcast Server ...[ ok ]
gentoo shoutcast # /sbin/start-stop-daemon: Unable to start
/opt/shoutcast/sc_serv: No such file or directory (No such file or
directory)
The problem is that shoutcast is 32 bit and system is 64 bit (and I
think it should be 64 @ this machine).
I've tried to follow these tips from the forum but it didn't help me.
Can you help me?
Wojtek
Re: [gentoo-user] Deleted my kernel .config
Grant wrote: I do have /proc/config.gz, but when I move it to /usr/src/2.6.25-hardened-r13 and run 'make oldconfig' it comes up with many differences. I'm booted into 2.6.25-hardened-r11 and there shouldn't be any config differences between that and r13. Does anyone know what's going on here? $ cd /usr/src/2.6.25-hardened-r13 $ zcat /proc/config.gz .config $ make oldconfig :-) -- Ricardo Saffi Marques http://www.las.ic.unicamp.br/~saffi/ == Laboratory of System Administration and Security - LAS Institute of Computing - IC P.O. Box: 6176 University of Campinas - UNICAMP 13083-852, Campinas, SP, Brazil ==
Re: [gentoo-user] Deleted my kernel .config
Justin wrote: do one of those two things and it should work: zcat /proc/config.gz /usr/src/linux/.config or /usr/src/linux/scripts/extract-ikconfig /boot/YOURKERNEL /usr/src/linux/.config. Than run make oldconfig. Oops, my bad. It had already been answered! :-) -- Ricardo Saffi Marques http://www.las.ic.unicamp.br/~saffi/ == Laboratory of System Administration and Security - LAS Institute of Computing - IC P.O. Box: 6176 University of Campinas - UNICAMP 13083-852, Campinas, SP, Brazil ==
Re: [gentoo-user] Deleted my kernel .config
Alejandro schrieb: Why make oldconfig? To get all new options in your .config. Is not better just do make and make modules_install? It is the normal way to do a make make modules_install afterwards. make oldconfig only can give you problems NEVER just always hit enter if you were asked how the new option should be handled. Read carefully and decide. Plus always make menuconfig and recheck your config. But nevertheless you need to do a make odlconfig to adopt your .config to the new config options. i don,t see any benefict.. just my person experience... signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Removing PAM from my system, is it adviseable?
On Fri, 23 Jan 2009 04:03:52 +0100 Volker Armin Hemmann volkerar...@googlemail.com wrote: so, could you please answer mine now: why should pam be used in the first place on a usual server/desktop which has restricted access anyway? I find it useful to control user-based access to different services in one place, disallow remote access of any kind for local users. Also it allows to use same credentials for pretty much anything - mounting LUKS-encrypted home dir at login (to any service) or using pgp keys, for example. -- Mike Kazantsev // fraggod.net signature.asc Description: PGP signature
Re: [gentoo-user] 64-bit Firefox + java?
Use icedtea from the java-overlay. Works beautifully for me on ff3 Pariksheet On 1/22/09, Volker Armin Hemmann volkerar...@googlemail.com wrote: On Donnerstag 22 Januar 2009, Grant wrote: I recently switched from firefox-bin and nspluginwrapper to 64-bit firefox and the latest flash, and I just realized java no longer works. Do I need to go back to firefox-bin and nspluginwrapper for java to work? Which java are you using? Sun's java didn't have a 64-bit browser plug-in until very recently. http://blogs.sun.com/joshis/entry/finally_it_s_here_java That sounds great. Is it set up in portage yet? If so, can you tell me a package name? Not that I know of, it hasn't been released yet (still beta). I've read on the www that you can extract just the libnpjp2.so file from the archive and drop it in on top of your current sun-jre installation, then make a symlink to it your firefox plugins directory. I haven't actually tried it as I can't remember the last time I ran into java on the web. Thank you, I'll keep an eye on that. - Grant or just use konqueror which does not need java-plugin to displayuse java since it can use java directly. -- Sent from my mobile device
Re: [gentoo-user] Deleted my kernel .config
On Fri, Jan 23, 2009 at 11:19 AM, Alejandro elcorreode...@gmail.com wrote: make oldconfig only can give you problems i don,t see any benefict.. just my person experience... I have never seen any problem with make oldconfig, YMMV, but stating it _will_ give you problems is simply not true.
Re: [gentoo-user] Removing PAM from my system, is it adviseable?
On Fri, Jan 23, 2009 at 11:31 AM, Mike Kazantsev mike_kazant...@fraggod.net wrote: On Fri, 23 Jan 2009 04:03:52 +0100 Volker Armin Hemmann volkerar...@googlemail.com wrote: so, could you please answer mine now: why should pam be used in the first place on a usual server/desktop which has restricted access anyway? I find it useful to control user-based access to different services in one place, disallow remote access of any kind for local users. Oh, but as Volker has already said, 90% of the users don't care about that. Also it allows to use same credentials for pretty much anything - mounting LUKS-encrypted home dir at login (to any service) or using pgp keys, for example. LUKS-encrypted home dir!!?? 90% of the user don't know what's that! Wait a minute. 90%. Where have I seen that figure? 90%... 90%.. hmm Windows market share figures!!! See? Volker is right!!! 90% of the users don't care! I'm sorry Volker, don't kill me. I just couldn't resist :) Best regards everyone, Norberto
Re: [gentoo-user] Deleted my kernel .config
Am Freitag, den 23.01.2009, 14:24 +0100 schrieb ext Justin: But nevertheless you need to do a make odlconfig to adopt your .config to the new config options. Errh, no. I've built nearly every kernel version since a couple of years and never did make oldconfig. If it's a minor revision, config options usually don't change. For a major revision, it's sufficient to pick any one of the several *config targets. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: dirk.heinri...@capgemini.com Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net
Re: [gentoo-user] Deleted my kernel .config
2009/1/23 Norberto Bensa nbe...@gmail.com On Fri, Jan 23, 2009 at 11:19 AM, Alejandro elcorreode...@gmail.com wrote: make oldconfig only can give you problems i don,t see any benefict.. just my person experience... I have never seen any problem with make oldconfig, YMMV, but stating it _will_ give you problems is simply not true. Sorry i forget something make menuconfig :P
Re: [gentoo-user] Deleted my kernel .config
On Fri, Jan 23, 2009 at 11:24 AM, Justin jus...@j-schmitz.net wrote: But nevertheless you need to do a make odlconfig to adopt your .config to the new config options. Nope. That's not true. The diference between oldconfig and just make is that oldconfig will present a prompt when a new option was added. You could as well run menuconfig, and you'll see new options labeled with NEW, or something like that. If you just run make (without doing oldconfig or menuconfig first), then the new options will take the default build option. It may vary between Y and N depending on the module, developer, God, a photon coming out of some distant star, and the mood of a butterfly sitting in some flower on Japan. Regards, Norberto
Re: [gentoo-user] 64-bit Firefox + java?
Use icedtea from the java-overlay. Works beautifully for me on ff3
Pariksheet
I'd like to give that a try but I get:
# emerge icedtea6
Calculating dependencies... done!
[ebuild N] dev-java/icedtea6-1.3.1-r2 USE=nsplugin -cacao
-debug -doc -examples -javascript -pulseaudio -shark -zero
* Error: circular dependencies:
('ebuild', '/', 'dev-java/icedtea6-1.3.1-r2', 'merge') depends on
('ebuild', '/', 'dev-java/icedtea6-1.3.1-r2', 'merge') (hard)
* Note that circular dependencies can often be avoided by temporarily
* disabling USE flags that trigger optional dependencies.
Does anyone know how to resolve this? I tried disabling the nsplugin
USE flag with the same result.
- Grant
I recently switched from firefox-bin and nspluginwrapper to 64-bit
firefox and the latest flash, and I just realized java no longer
works. Do I need to go back to firefox-bin and nspluginwrapper for
java to work?
Which java are you using? Sun's java didn't have a 64-bit browser
plug-in until very recently.
http://blogs.sun.com/joshis/entry/finally_it_s_here_java
That sounds great. Is it set up in portage yet? If so, can you tell
me a package name?
Not that I know of, it hasn't been released yet (still beta). I've
read on the www that you can extract just the libnpjp2.so file from
the archive and drop it in on top of your current sun-jre
installation, then make a symlink to it your firefox plugins
directory. I haven't actually tried it as I can't remember the last
time I ran into java on the web.
Thank you, I'll keep an eye on that.
- Grant
or just use konqueror which does not need java-plugin to displayuse java
since it can use java directly.
Re: [gentoo-user] Deleted my kernel .config
Well, I deleted my kernel .config. Is there any way to magically re-create it from the compiled kernel image or any other way? - Grant yes if you had selected 'kernel .config support' when you made the kernel. that's in the 'General setup'. if you did that you'll find /proc/config.gz over there. I do have /proc/config.gz, but when I move it to /usr/src/2.6.25-hardened-r13 and run 'make oldconfig' it comes up with many differences. I'm booted into 2.6.25-hardened-r11 and there shouldn't be any config differences between that and r13. Does anyone know what's going on here? - Grant do one of those two things and it should work: zcat /proc/config.gz /usr/src/linux/.config or /usr/src/linux/scripts/extract-ikconfig /boot/YOURKERNEL /usr/src/linux/.config. Than run make oldconfig. Thanks a lot, *.gz* was supposed to tell me that. :) - Grant
[gentoo-user] Re: cnn.com flash videos crash firefox
Grant wrote: This was a hardened issue. I just needed to issue 'paxctl -m /usr/lib64/mozilla-firefox/firefox'. Thanks again. And you didn't deem it necessary to actually mention in your post that you're on hardened?
[gentoo-user] vsftpd and clamav
Hi! I have vsftpd server on my gentoo. Is it posible to check incoming files with clamav? thanks, Klemen
Re: [gentoo-user] Re: cnn.com flash videos crash firefox
This was a hardened issue. I just needed to issue 'paxctl -m /usr/lib64/mozilla-firefox/firefox'. Thanks again. And you didn't deem it necessary to actually mention in your post that you're on hardened? Mistakenly The error I was getting didn't sound like hardened to me. I'll be smarter next time. - Grant
[gentoo-user] Re: No /dev entries in recent stage3 snapshots?
On 2009-01-23, Volker Armin Hemmann volkerar...@googlemail.com wrote: On Freitag 23 Januar 2009, Grant Edwards wrote: On 2009-01-23, Volker Armin Hemmann volkerar...@googlemail.com wrote: If the tarball doesn't contain /dev/console it is broken, but it is also broken if it contains thousands of device entries. I have a server running that hets that null/console missing message every boot - and it does not hurt it at any way. You are still able to see the output from all the init scripts? yes That's interesting, because on my systems, if /dev/console is missing, then there is no non-kernel console output until most of the way through the startup-process when udev starts. -- Grant Edwards grante Yow! Well, I'm INVISIBLE at AGAIN ... I might as well visi.compay a visit to the LADIES ROOM ...
Re: [gentoo-user] MTRR setting? Where could I have put it?
On Thu, Jan 22, 2009 at 04:47:00PM -0800, Penguin Lover Dake Wang squawked: It seems to be appeared on 2.6.28 kernel. But not 2.6.26 kernel. I got both as on my box as the gspca driver for my web camera seems only worked on the 2.6.26 kernel. The error I run into is mostly only cosmetic. The error happens AFTER I terminate X. So far there has been no loss of functionality. After a thorough search of my harddrive, I am beginning to think that this is not a problem with my configuration per se, but a bug with the Xorg radeon driver. Note that for me this message occured for both 2.6.26.5 and 2.6.28.1 vanilla sources, and for both 6.9.0 and 6.10.0 Xorg radeon drivers. W -- Ever stop to think, and forget to start again? Sortir en Pantoufles: up 777 days, 13:31
Re: [gentoo-user] Laptop Lid Close...
This is the script I am using. It is spawned by the default.sh from /etc/acpi: -- SCRIPT START -- # default display on current host export XAUTHORITY=/home/your_user/.Xauthority DISPLAY=:0.0 # find out if monitor is on STATUS=`cat /proc/acpi/button/lid/LID0/state` logger monitor: $STATUS # find out if DPMS is enabled DPMS=`xset -display $DISPLAY -q | grep -e 'DPMS is'` logger dpms: $DPMS # enable DPMS if disabled if [ $DPMS == DPMS is Disabled ] then logger Enabling DPMS ... xset -display $DISPLAY +dpms fi if [ `echo $STATUS | grep -i closed | wc -l` -eq 1 ] then logger [`date`] Turning display OFF xset -display $DISPLAY dpms force off else logger [`date`] Turning display ON # shows up in log xset -display $DISPLAY dpms force on# turn monitor on xset -display $DISPLAY s activate # un-blank monitor fi #clean up unset STATUS unset DPMS # comment this line out if you're manually running this script from a shell (put a # in front of it) unset DISPLAY exit 0 -- SCRIPT STOP -- Change the your_user variable. I had also to set xscreensaver to switch off my monitor instead of blanking it, because I think (not sure) that xscreensaver was switching on my monitor when it was supposed to start the screensaver (as after a while, my monitor was switched back on, and as I didn't see that happening since my xscreensaver modification, I can only assume that was the problem). HTH, Greg On Fri, Jan 23, 2009 at 8:14 AM, Joshua Murphy poiso...@gmail.com wrote: On Thu, Jan 22, 2009 at 8:24 PM, BRM bm_witn...@yahoo.com wrote: I'm running a Dell D600, and I've located a number of tools for it but I am not seeing anything related to when I close the lid. Since I got Gentoo running on it, the Monitor continues running when I close the lid. I've found several sources for doing something as an ACPI event, which seems to be the right method. I can toggle the button with the lid open and cat /etc/acpi/button/lid/LID/state and see it change between 'open' and 'closed'; and I know I could write myself a little script do something like calling radeontool to turn off the backlight, but I'd like to find a more official method. I mostly run KDE 3.5 (I'll go to KDE4 when I can...once portage 2.2 comes out and all), but I didn't see anything for a 'turn off monitor on lid close' setting (preferrably root controlled so that it affects all users). The only thing I can find is a the standby/suspend/shutdown/logoff, system performance, and CPU throttling. I don't really want to do any of that - just put the monitor into stand-by, not necessarily the whole system. Any how...I'd really like to get this working. TIA, Ben In... /etc/acpi/default.sh there's a comment (with commented code you can use following it)... # if your laptop doesnt turn on/off the display via hardware # switch and instead just generates an acpi event, you can force # X to turn off the display via dpms. note you will have to run # 'xhost +local:0' so root can access the X DISPLAY. if radeontool or something will allow you to disable the display even when you aren't in X, or without proper access to the display (like xset requires) you might be able to even escape needing that xhost setting. No way of testing it at all myself though. -- Poison [BLX] Joshua M. Murphy
[gentoo-user] Re: Howto share Linux swap partition with Windows XP
On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 05:16, Grant Edwards wrote: ... I found a very slick solution that lets Windows XP use a Linux swap partition for swap/paging/vm/whatever-MS-calls-it: http://db.bme.hu/~surprof/SwapFs-i/ That looks a really cool useful idea. However, I have a reservation. Since you NEED to use it - perhaps for space considerations? Yup. Mainly because I use ntfsclone to keep a bunch of backup copies of the NTFS partition, and having a 2GB swap file in every backup copy starts to eat up a lot of disk space. - the go for it, by all means. But if this driver is slower at reads or writes than Windows' own NTFS driver then it may actually slow the computer down. Could be. My understanding is that the system is still using the Windows NTFS driver. I believe that swapfs is a block-device filter driver that sits between the NTFS driver and the bottom layer block device driver (the IDE driver or the SATA driver or the SCSI driver). In the case of a driver written by an individual, who is likely not as familiar with Windows' APIs, or who may not be able to use the private APIs used by Windows' own filesystem drivers, I find it quite possible the performance may be questioned. Well, there are several individuals who've worked on it. That said, I can't swear that there aren't performance implications. There probably are, since it adds a layer between the SATA driver (in my case) and the NTFS driver. But, I haven't noticed any visible slow-down, and the machine is more than fast enough for my purposes. Besides, if you're running MS Windows, you've already lost the war when it comes to swapping performance: anybody who cares about swap performance wouldn't be using a normal file on a normal filesystem for it... Someday when I'm bored, maybe I'll google for a file I/O benchmark for windows and run it with and without the swapfs layer. -- Grant Edwards grante Yow! INSIDE, I have the at same personality disorder visi.comas LUCY RICARDO!!
Re: [gentoo-user] shoutcast problem 64bit gentoo
On Fri, 23 Jan 2009 14:22:59 +0100, Wojtek Dalętka
woj...@radioluz.pwr.wroc.pl wrote:
Hi,
I've just installed 64bit gentoo on one of these machines:
http://www.ovh.pl/produkty/eg_best_of.xml
Everything seens to be fine. I use hardened profile but I've got problem
with ...running a shoutcast server.
I didn't find answer on winamp.com forum and google.
It's exactly the same problem like here:
http://forums.winamp.com/printthread.php?s=48cd69919741579a3c1e4a8b0ac3e38bthreadid=229419
At my server it fails this way:
gentoo shoutcast # pwd
/home/something/shoutcast
gentoo shoutcast # file *
logs: directory
sc_serv: ELF 32-bit LSB executable, Intel 80386, version 1
(SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs),
stripped
sc_serv8002.conf: ASCII English text, with CRLF, LF line terminators
gentoo shoutcast # strace ./sc_serv
execve(./sc_serv, [./sc_serv], [/* 26 vars */]) = -1 ENOENT (No such
file or directory)
dup(2) = 3
fcntl(3, F_GETFL) = 0x8002 (flags
O_RDWR|O_LARGEFILE)
fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x708341026000
lseek(3, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
write(3, strace: exec: No such file or dir..., 40strace: exec: No such
file or directory
) = 40
close(3)= 0
munmap(0x708341026000, 4096)= 0
exit_group(1) = ?
gentoo shoutcast # /etc/init.d/shoutcast start
* Starting Shoutcast Server ...[ ok ]
gentoo shoutcast # /sbin/start-stop-daemon: Unable to start
/opt/shoutcast/sc_serv: No such file or directory (No such file or
directory)
This is a joke, isn't it ??? the error message coming from rc script is a
bit clear IMHO...
The problem is that shoutcast is 32 bit and system is 64 bit (and I
think it should be 64 @ this machine).
64bits system can run either 32 or 64 bits executables. After, it depends
on the libraries used by the 32bits executable, so you have to use a
multilib system.
I've tried to follow these tips from the forum but it didn't help me.
Can you help me?
Wojtek
--
Xavier
Re: [gentoo-user] Deleted my kernel .config
Norberto Bensa wrote: On Fri, Jan 23, 2009 at 11:19 AM, Alejandro elcorreode...@gmail.com wrote: make oldconfig only can give you problems i don,t see any benefict.. just my person experience... I have never seen any problem with make oldconfig, YMMV, but stating it _will_ give you problems is simply not true. +1 Dale :-) :-)
[gentoo-user] emerge world / --depclean infinite loop
One of my systems with totally empty package.* files wants to emerge hardened-sources-2.6.25-r13 as it should, but --depclean wants to: These are the packages that would be unmerged: sys-kernel/hardened-sources selected: 2.6.25-r13 protected: none omitted: 2.6.27-r3 If I do that, emerge world just wants to emerge it again. Does anyone know how to fix this? - Grant
Re: [gentoo-user] Re: Howto share Linux swap partition with Windows XP
On 23 Jan 2009, at 14:58, Grant Edwards wrote: On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 05:16, Grant Edwards wrote: ... I found a very slick solution that lets Windows XP use a Linux swap partition for swap/paging/vm/whatever-MS-calls-it: http://db.bme.hu/~surprof/SwapFs-i/ That looks a really cool useful idea. However, I have a reservation. Since you NEED to use it - perhaps for space considerations? Yup. Mainly because I use ntfsclone to keep a bunch of backup copies of the NTFS partition, and having a 2GB swap file in every backup copy starts to eat up a lot of disk space. It might be possible to script removing the swap file at shutdown (or place a wrapper script to mount the partition remove the swapfile before running ntfsclone). But I appreciate this is less elegant than just using the same swap partition for both o/s. Stroller.
Re: [gentoo-user] shoutcast problem 64bit gentoo
On 1/23/09, Xav' x...@linuxant.fr wrote: This is a joke, isn't it ??? the error message coming from rc script is a bit clear IMHO... Well, the error message is clear and that listing from someone's home directory has me really puzzled -- what's the connection, why present it? But maybe he has an /opt he has unmounted since he did emerge shoutcast-server-bin? I do installs the way that I only boot at the very end of compilations -- when it's really necessary to do so. So maybe he installed everything -- and forgot /opt from fstab or marked it not to be mounted automagically? Or maybe he didn't emerge shoutcast at all, but did something weird with instructions for some non-gentoo installations? Anyway, to be of any assistance (and I don't even know or run shoutcast myself) Mr Daletka should give some more details on how exactly he got into the situation he is in? How did he install shoutcast, etc? Why are there binaries in someone's home directory? (And why is he looking at them instead of the ones that should be where the init script is looking for?) -- Arttu V.
[gentoo-user] Any good instructions for creating a Live CD?
Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark
Re: [gentoo-user] Any good instructions for creating a Live CD?
Mark Knecht schrieb: Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch gentoo-wiki.com seems to be offline, again. Try to find it on gentoo-wiki.info. I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark I never tried to build my own live cd but maybe the following links might help. kh http://www.gentoo-wiki.info/HOWTO_build_a_LiveCD_with_Catalyst http://www.gentoo-wiki.info/HOWTO_build_a_LiveCD_with_Catalyst_for_newbies
Re: [gentoo-user] Any good instructions for creating a Live CD?
Mark Knecht wrote: Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark Cloning a live system is pretty easy. I'm using a live usb boot device based off of the gentoo-amd64 minimal cd (and I'm adding more as I go). The liveUSB howto [1] on docs.gentoo.org is great and will answer most questions. [1] http://www.gentoo.org/doc/en/liveusb.xml -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] emerge world / --depclean infinite loop
On Fri, Jan 23, 2009 at 08:02:27AM -0800, Penguin Lover Grant squawked: One of my systems with totally empty package.* files wants to emerge hardened-sources-2.6.25-r13 as it should, but --depclean wants to: How do you determine this? (I mean the as it should part?) Are you running ~ or stable? These are the packages that would be unmerged: sys-kernel/hardened-sources selected: 2.6.25-r13 protected: none omitted: 2.6.27-r3 If I do that, emerge world just wants to emerge it again. Does anyone know how to fix this? If you remove it, what does emerge -pvt say? W -- Seen in LINAC @ Fermi National Accelerator Laboratory: (A series of signs, each with a different name) This 7833 Power Amplifier Tube is to be Called: Gassy Sparky Leaky Old Number 9 Just Plain Dead Nick O'Tyme Sortir en Pantoufles: up 777 days, 15:36
Re: [gentoo-user] Any good instructions for creating a Live CD?
On Fri, Jan 23, 2009 at 8:50 AM, Eric Martin freak4u...@gmail.com wrote: Mark Knecht wrote: Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark Cloning a live system is pretty easy. I'm using a live usb boot device based off of the gentoo-amd64 minimal cd (and I'm adding more as I go). The liveUSB howto [1] on docs.gentoo.org is great and will answer most questions. [1] http://www.gentoo.org/doc/en/liveusb.xml -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F Thanks Eric. I hadn't considered doing it on a USB drive but that's an interesting idea and the instructions don't look too bad. Cheers, Mark
[gentoo-user] Re: Howto share Linux swap partition with Windows XP
On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 14:58, Grant Edwards wrote: On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 05:16, Grant Edwards wrote: ... I found a very slick solution that lets Windows XP use a Linux swap partition for swap/paging/vm/whatever-MS-calls-it: http://db.bme.hu/~surprof/SwapFs-i/ That looks a really cool useful idea. However, I have a reservation. Since you NEED to use it - perhaps for space considerations? Yup. Mainly because I use ntfsclone to keep a bunch of backup copies of the NTFS partition, and having a 2GB swap file in every backup copy starts to eat up a lot of disk space. It might be possible to script removing the swap file at shutdown (or place a wrapper script to mount the partition remove the swapfile before running ntfsclone). I thought about that. It probably would be a bit more robust than using the Linux swap partition, but it seemed too much like giving in to Microsoft. :) But I appreciate this is less elegant than just using the same swap partition for both o/s. -- Grant Edwards grante Yow! Everybody is going at somewhere!! It's probably visi.coma garage sale or a disaster Movie!!
Re: [gentoo-user] Re: Howto share Linux swap partition with Windows XP
On Fri, Jan 23, 2009 at 10:08 AM, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 14:58, Grant Edwards wrote: On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 05:16, Grant Edwards wrote: ... I found a very slick solution that lets Windows XP use a Linux swap partition for swap/paging/vm/whatever-MS-calls-it: http://db.bme.hu/~surprof/SwapFs-i/ That looks a really cool useful idea. However, I have a reservation. Since you NEED to use it - perhaps for space considerations? Yup. Mainly because I use ntfsclone to keep a bunch of backup copies of the NTFS partition, and having a 2GB swap file in every backup copy starts to eat up a lot of disk space. It might be possible to script removing the swap file at shutdown (or place a wrapper script to mount the partition remove the swapfile before running ntfsclone). But I appreciate this is less elegant than just using the same swap partition for both o/s. http://support.microsoft.com/kb/314834 There is a registry setting in Windows to clear the pagefile.sys at shutdown. What does clear mean? To overwrite with 0? To delete? I don't know. Paul
Re: [gentoo-user] emerge world / --depclean infinite loop
One of my systems with totally empty package.* files wants to emerge hardened-sources-2.6.25-r13 as it should, but --depclean wants to: How do you determine this? (I mean the as it should part?) I just mean 2.6.25-r13 is the latest amd64 version so it should be installed. Are you running ~ or stable? Stable. These are the packages that would be unmerged: sys-kernel/hardened-sources selected: 2.6.25-r13 protected: none omitted: 2.6.27-r3 If I do that, emerge world just wants to emerge it again. Does anyone know how to fix this? If you remove it, what does emerge -pvt say? This is right after running emerge --depclean which removed hardened-sources-2.6.25-r13: # emerge -pvt hardened-sources These are the packages that would be merged, in reverse order: Calculating dependencies... done! [ebuild NS ] sys-kernel/hardened-sources-2.6.25-r13 [2.6.27-r3] USE=-build -symlink 0 kB - Grant
Re: [gentoo-user] Any good instructions for creating a Live CD?
2009/1/23 Mark Knecht markkne...@gmail.com On Fri, Jan 23, 2009 at 8:50 AM, Eric Martin freak4u...@gmail.com wrote: Mark Knecht wrote: Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark Cloning a live system is pretty easy. I'm using a live usb boot device based off of the gentoo-amd64 minimal cd (and I'm adding more as I go). The liveUSB howto [1] on docs.gentoo.org is great and will answer most questions. [1] http://www.gentoo.org/doc/en/liveusb.xml -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F Thanks Eric. I hadn't considered doing it on a USB drive but that's an interesting idea and the instructions don't look too bad. Cheers, Mark Catalyst is quite a beast to get used to, its not well documented and doesnt always behave as you might hope, that said, once you have a working config it becomes *very* easy to then rebuild your livecd with updated packages. The best way to figure things out with it is to look at the examples provided and then look at actual implementations by checking out the config files used by the devs to build the gentoo media, and also the configs used to build the sysresccd. Its taken me a couple of weeks of occasional fiddling but im now able to build my own livecd using catalyst, the sysrescd configs as a base of useful programs to install, and then updated them all to build from ~ARCH and use the funtoo portage tree. My only problem now that im figuring out is how to use the script in the sysrescd repo to combine the x86 and amd64 cds into one unified final cd. - Nick
Re: [gentoo-user] Any good instructions for creating a Live CD?
On Fri, Jan 23, 2009 at 8:50 AM, KH gentoo-u...@konstantinhansen.de wrote: SNIP I never tried to build my own live cd but maybe the following links might help. kh http://www.gentoo-wiki.info/HOWTO_build_a_LiveCD_with_Catalyst http://www.gentoo-wiki.info/HOWTO_build_a_LiveCD_with_Catalyst_for_newbies Good info. Thanks! - Mark
Re: [gentoo-user] Any good instructions for creating a Live CD?
On Fri, Jan 23, 2009 at 09:02:11AM -0800, Mark Knecht wrote: On Fri, Jan 23, 2009 at 8:50 AM, Eric Martin freak4u...@gmail.com wrote: Mark Knecht wrote: Hi all, From a thread on another list (pro-audio/music oriented) we're thinking about creating our own Live CD. I'd like this at least initially to be based on Gentoo. Are there any good, up-to-date instructions around about how to do this? In Google Books I found something called Linux Live CDs:Building and Customizing Bootables. It had the following link which is dead. Did it move somewhere? I cannot find it yet. http://gentoo-wiki.com/HOWTO_build_a_LiveCD_from_Scratch I found this in the forums. Any idea about how well it might work? http://forums.gentoo.org/viewtopic.php?t=244837 There's a section talking about Catalyst. The first thing is says is that it's not for the casual user. On a scale of 1-10 how difficult is something like this? (I suspect that if I have to ask it's too difficult.) ;-) Also this for general info: http://www.livecdlist.com/wiki/index.php/LiveCD_Creation_Resources Most interesting to me would be something like cloning an already up-and-running system. Is that possible? Thanks in advance, Mark Cloning a live system is pretty easy. I'm using a live usb boot device based off of the gentoo-amd64 minimal cd (and I'm adding more as I go). The liveUSB howto [1] on docs.gentoo.org is great and will answer most questions. [1] http://www.gentoo.org/doc/en/liveusb.xml -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F Thanks Eric. I hadn't considered doing it on a USB drive but that's an interesting idea and the instructions don't look too bad. Cheers, Mark If you want something easy to create a custom live cd I suggest you to try SystemRescueCD. It is gentoo based annd offers all the tools you need to create a custom cd. I uually run it on a virtual machine and create my livecds. Here are all the info you need: http://www.sysresccd.org/Sysresccd-manual-en_How_to_personalize_SystemRescueCd TopperH === http://topperh.blogspot.com === pgpWJjW0ajDKg.pgp Description: PGP signature
Re: [gentoo-user] emerge world / --depclean infinite loop
On Fri, Jan 23, 2009 at 09:14:13AM -0800, Grant wrote: One of my systems with totally empty package.* files wants to emerge hardened-sources-2.6.25-r13 as it should, but --depclean wants to: How do you determine this? (I mean the as it should part?) I just mean 2.6.25-r13 is the latest amd64 version so it should be installed. Are you running ~ or stable? Stable. These are the packages that would be unmerged: sys-kernel/hardened-sources selected: 2.6.25-r13 protected: none omitted: 2.6.27-r3 If I do that, emerge world just wants to emerge it again. Does anyone know how to fix this? If you remove it, what does emerge -pvt say? This is right after running emerge --depclean which removed hardened-sources-2.6.25-r13: # emerge -pvt hardened-sources These are the packages that would be merged, in reverse order: Calculating dependencies... done! [ebuild NS ] sys-kernel/hardened-sources-2.6.25-r13 [2.6.27-r3] USE=-build -symlink 0 kB So the question is, basically, why do you have 2.6.27-r3 installed? It is ~amd64. Basically the problem is the following: a) emerge -pvt hardened-sources wants to emerge the best version available, which with your amd64 keyword is 2.6.25-r13. For some reason you have 2.6.27-r3 installed. Now, in many other packages, this will just cause the package to downgrade. The kernel, however, have each version individually slotted, so the downgrade will NOT remove the version that is, strictly speaking, not allowed to be on your system. b) emerge --depclean defaults to behaving to unmerging all but the highest version number in the kernel. You have three choices that I can think of. i) explicitly specify the version of hardened-sources you want to keep in your world file, that way --depclean will not remove any kernel versions that is specified in world. ii) unmerge 2.6.27-r3, that way 2.6.25-r13 becomes the most recent version and will not be unmerged iii) keyword 2.6.27-r3, that way the best available version becomes 2.6.27-r3 and emerge -pvt will not tell you to merge 2.6.25-r13 W -- Willie W. Wong ww...@math.princeton.edu 408 Fine Hall, Department of Mathematics, Princeton University, Princeton A mathematician's reputation rests on the number of bad proofs he has given.
Re: [gentoo-user] emerge world / --depclean infinite loop
One of my systems with totally empty package.* files wants to emerge hardened-sources-2.6.25-r13 as it should, but --depclean wants to: How do you determine this? (I mean the as it should part?) I just mean 2.6.25-r13 is the latest amd64 version so it should be installed. Are you running ~ or stable? Stable. These are the packages that would be unmerged: sys-kernel/hardened-sources selected: 2.6.25-r13 protected: none omitted: 2.6.27-r3 If I do that, emerge world just wants to emerge it again. Does anyone know how to fix this? If you remove it, what does emerge -pvt say? This is right after running emerge --depclean which removed hardened-sources-2.6.25-r13: # emerge -pvt hardened-sources These are the packages that would be merged, in reverse order: Calculating dependencies... done! [ebuild NS ] sys-kernel/hardened-sources-2.6.25-r13 [2.6.27-r3] USE=-build -symlink 0 kB So the question is, basically, why do you have 2.6.27-r3 installed? It is ~amd64. Basically the problem is the following: a) emerge -pvt hardened-sources wants to emerge the best version available, which with your amd64 keyword is 2.6.25-r13. For some reason you have 2.6.27-r3 installed. Now, in many other packages, this will just cause the package to downgrade. The kernel, however, have each version individually slotted, so the downgrade will NOT remove the version that is, strictly speaking, not allowed to be on your system. b) emerge --depclean defaults to behaving to unmerging all but the highest version number in the kernel. You have three choices that I can think of. i) explicitly specify the version of hardened-sources you want to keep in your world file, that way --depclean will not remove any kernel versions that is specified in world. ii) unmerge 2.6.27-r3, that way 2.6.25-r13 becomes the most recent version and will not be unmerged That got it, thank you very much. - Grant iii) keyword 2.6.27-r3, that way the best available version becomes 2.6.27-r3 and emerge -pvt will not tell you to merge 2.6.25-r13
[gentoo-user] Error: circular dependencies
This ebuild is from the java-overlay. Is it just a bad ebuild or can
I fix this? I tried disabling the nsplugin USE flag with the same
result.
# emerge icedtea6
Calculating dependencies... done!
[ebuild N] dev-java/icedtea6-1.3.1-r2 USE=nsplugin -cacao
-debug -doc -examples -javascript -pulseaudio -shark -zero
* Error: circular dependencies:
('ebuild', '/', 'dev-java/icedtea6-1.3.1-r2', 'merge') depends on
('ebuild', '/', 'dev-java/icedtea6-1.3.1-r2', 'merge') (hard)
* Note that circular dependencies can often be avoided by temporarily
* disabling USE flags that trigger optional dependencies.
- Grant
Re: [gentoo-user] Error: circular dependencies
On Fri, 23 Jan 2009 09:59:41 -0800
Grant emailgr...@gmail.com wrote:
This ebuild is from the java-overlay. Is it just a bad ebuild or can
I fix this? I tried disabling the nsplugin USE flag with the same
result.
57 DEPEND=${RDEPEND}
58 || ( =virtual/gnu-classpath-jdk-1.5
59 dev-java/icedtea6
60 dev-java/icedtea6-bin
61 )
It comes from that line. It looks like it's for bootstrapping icedtea6,
which apparently can be done by itself or the two other alternatives.
emerging icedtea6-bin should fix this. It can then be unemerged when
you've emerged icedtea6 and from then on you can bootstrap updates with
the existing installation.
/PA
[gentoo-user] Re: Removing PAM from my system, is it adviseable?
James Homuth ja...@the-jdh.com writes: Will my system blow up at me if I remove PAM? I have used Gentoo at home for many years now. And I have never used pam. I even have # Don't want these, ever sys-libs/pam-0 In /etc/portage/package.mask so that I detect if anything wants to pull in pam. A few times some ebuild tried to pull in pam dispite of USE=-pam, but that has allways been corrected by our devs. I don't actually dislike pam, it's quite good, and useful many times, it's just that I don't need it (yet). The most important point is choise. I can decide myself if I want it or not. And thats what Gentoo is all about (for me). -- Christer
Re: [gentoo-user] MTRR setting? Where could I have put it?
On 09:51 Fri 23 Jan , Willie Wong wrote: On Thu, Jan 22, 2009 at 04:47:00PM -0800, Penguin Lover Dake Wang squawked: It seems to be appeared on 2.6.28 kernel. But not 2.6.26 kernel. I got both as on my box as the gspca driver for my web camera seems only worked on the 2.6.26 kernel. The error I run into is mostly only cosmetic. The error happens AFTER I terminate X. So far there has been no loss of functionality. After a thorough search of my harddrive, I am beginning to think that this is not a problem with my configuration per se, but a bug with the Xorg radeon driver. Happened here on both .26 and .28 with the nv driver. But, like you said the message only appeared after X terminated. I only experienced 1 X crash during a week of nv driver usage. No, such messages with the nvidia proprietary drivers however. FWIW the following are the config opts i use for my current .28 gentoo-sources: zsh % zgrep -i mtrr /proc/config.gz CONFIG_MTRR=y # CONFIG_MTRR_SANITIZER is not set I pass mtrr:4 to the kernel command line. Note that for me this message occured for both 2.6.26.5 and 2.6.28.1 vanilla sources, and for both 6.9.0 and 6.10.0 Xorg radeon drivers. W -- Ever stop to think, and forget to start again? Sortir en Pantoufles: up 777 days, 13:31 -- Thanks Regards, Man Shankar man.ee.gen(at)gmail.com
Re: [gentoo-user] Deleted my kernel .config
On 09:54 Fri 23 Jan , Dirk Heinrichs wrote: Am Freitag, den 23.01.2009, 02:45 -0600 schrieb ext Dale: But if a kernel gets corrupted or accidentally deleted mount -oremount,ro /boot solves that problem for me. It's the last command in the update script I mentioned before. And there's always GRML, just in case :-) Since, /boot seldom requires work i have this in fstab /dev/sda1 /boot ext2noauto 1 2 makes sure /boot is unmounted unless manually mounted from the shell. But, then again mistakes do happen, backups FTW :-) -- Thanks Regards, Man Shankar man.ee.gen(at)gmail.com
Re: [gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Thursday 22 January 2009, Paul Hartman wrote: I don't use PAM in sshd so I don't think that's my problem, but the whole regexp thing is a possiblity in general as someone else suggested. I will check into it tonight after work. Have you thought of using iptables to match the rate of new connections? Drop everything that comes in thick and fast and, or drop repeated attempts from a certain ip address. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] shoutcast problem 64bit gentoo
Arttu V. wrote: On 1/23/09, Xav' x...@linuxant.fr wrote: This is a joke, isn't it ??? the error message coming from rc script is a bit clear IMHO... Well, the error message is clear and that listing from someone's home directory has me really puzzled -- what's the connection, why present it? It's not a joke. I'm really not that fresh about installing gentoo and shoutcast. I've got two production servers (using 32 bit architecture) and this is my first 64 bit gentoo instalation. This error is really not caused by a missing sc_serv file When using debian, the solution is to install ia-32libs and when using gentoo it simply doesn't work for me. That's why I ask here. Wojtek
Re: [gentoo-user] shoutcast problem 64bit gentoo
Wojtek Dalętka wrote: Arttu V. wrote: On 1/23/09, Xav' x...@linuxant.fr wrote: This is a joke, isn't it ??? the error message coming from rc script is a bit clear IMHO... Well, the error message is clear and that listing from someone's home directory has me really puzzled -- what's the connection, why present it? It's not a joke. I'm really not that fresh about installing gentoo and shoutcast. I've got two production servers (using 32 bit architecture) and this is my first 64 bit gentoo instalation. This error is really not caused by a missing sc_serv file When using debian, the solution is to install ia-32libs and when using gentoo it simply doesn't work for me. That's why I ask here. Wojtek Have you emerged emul-linux-x86-baselibs or other precompiled 32-bit libraries?
[gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Tue, Jan 20, 2009 at 3:33 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: Hi, After setting up public key authentication i changed my sshd back to port 22 and got the expected bombardment of connection attempts. However, it doesn't seem to ever stop them. I'm using sshd with this setting: MaxAuthTries 3 in my /etc/ssh/sshd_config [cut] Okay, I have some possible new embarrassing information... as well as some new questions about access control. After combining all logs in chronological order, it appears denyhosts IS properly adding the new host to /etc/hosts.deny but it is simply not causing it to be denied... See this sample: Jan 22 18:42:58 [sshd] Invalid user staff from 59.185.104.218 Jan 22 18:43:01 [sshd] Invalid user sales from 59.185.104.218 Jan 22 18:43:03 [sshd] Invalid user recruit from 59.185.104.218 Jan 22 18:43:06 [denyhosts] Added the following hosts to /etc/hosts.deny - 59.185.104.218 (triband-mum-59.185.104.218.mtnl.net.in) Jan 22 18:43:06 [sshd] Invalid user alias from 59.185.104.218 Jan 22 18:43:09 [sshd] Invalid user office from 59.185.104.218 Jan 22 18:43:11 [sshd] Invalid user samba from 59.185.104.218 Jan 22 18:43:14 [sshd] Invalid user tomcat from 59.185.104.218 Jan 22 18:43:22 [sshd] Invalid user webadmin from 59.185.104.218 So now I am going back to what I should have looked at in the very beginning, my hosts.allow and hosts.deny rules. hosts.allow: sshd: ALL portmap: 127.0.0.1, 192.168.0.0/255.255.255.0 lockd: 127.0.0.1, 192.168.0.0/255.255.255.0 rquotad: 127.0.0.1, 192.168.0.0/255.255.255.0 mountd: 127.0.0.1, 192.168.0.0/255.255.255.0 statd: 127.0.0.1, 192.168.0.0/255.255.255.0 ALL: 127.0.0.1, 192.168.0.0/255.255.255.0 hosts.deny: ALL: ALL sshd: 58.213.125.25 sshd: 75.37.250.107 sshd: 147.83.29.83 sshd: 59.185.104.218 sshd: 210.40.128.31 (and so on) From the manpage: ACCESS CONTROL FILES The access control software consults two files. The search stops at the first match: - Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file. - Otherwise, access will be granted. doh! So, basically, when it sees sshd: ALL in hosts.allow, it stops and allows access to everyone. It never even gets around to checking the hosts.deny file. The fact that the login attempts stopped after about an hour must have been purely coincidence. My intended purpose for those entires was to allow all sshd unless they are in the deny file, but I also want to deny everything else that doesn't have an explicit allow/deny rule. I don't think this is possible using hosts.allow/hosts.deny unless I enumerate every service. The deny ALL: ALL will deny me access to sshd. I essentially want it to work the other way around. Deny access by default unless there is an allow rule. I don't think I can do that, though. If I put ALL: ALL or sshd: ALL in the hosts.deny file, it will deny ME access to my own machine. I don't want that. Since I don't have a specific IP i will connect from, I can't allow any specific IP (or else I'd be doing it that way already). How can I accomplish this?: Allow all ssh connections unless they are in hosts.deny Deny all other connections unless they are in hosts.allow Thanks and sorry for the misdirection :) Paul
Re: [gentoo-user] shoutcast problem 64bit gentoo
Saphirus Sage wrote: Have you emerged emul-linux-x86-baselibs or other precompiled 32-bit libraries? YES: * app-emulation/emul-linux-x86-baselibs Latest version available: 20080316 Latest version installed: 20080316 app-emulation/emul-linux-x86-compat Latest version available: 20071125-r1 Latest version installed: 20071125-r1 app-emulation/emul-linux-x86-glibc-errno-compat Latest version available: 2.5 Latest version installed: 2.5 other emul-linux..libs are masked... w.d.
Re: [gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Friday 23 January 2009 22:22:17 Paul Hartman wrote: I essentially want it to work the other way around. Deny access by default unless there is an allow rule. I don't think I can do that, though. If I put ALL: ALL or sshd: ALL in the hosts.deny file, it will deny ME access to my own machine. I don't want that. Since I don't have a specific IP i will connect from, I can't allow any specific IP (or else I'd be doing it that way already). How can I accomplish this?: Allow all ssh connections unless they are in hosts.deny Deny all other connections unless they are in hosts.allow Have you looked at port knocking? It's a complete ball ache to set up and use, far less useful than it seems, but it might also solve your conundrum. A friend once mentioned on a forum that he'd managed to set up static libwrap rules in hosts.allow|deny for addresses that don't change and additionally port-knocking for himself to open up port 22 for a few minutes. I don't recall how he did this, only that he claimed to have done it. -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Re: Howto share Linux swap partition with Windows XP
On 23 Jan 2009, at 17:09, Paul Hartman wrote: ... http://support.microsoft.com/kb/314834 There is a registry setting in Windows to clear the pagefile.sys at shutdown. What does clear mean? To overwrite with 0? To delete? I don't know. From memory it's just to delete it, which is perfect. It would take too long to zero it out - I don't think that's the purpose. Instead, I think, it should prevent swapfile fragmentation - making it a very good general-purpose setting to enable. What would be really idea for the OP is some kind of grub setting a bash script that formats the partition to the appropriate format for the o/s being booted. But you'd have to be clever about it to avoid long boot times. Stroller.
Re: [gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Fri, Jan 23, 2009 at 2:33 PM, Alan McKinnon alan.mckin...@gmail.com wrote: On Friday 23 January 2009 22:22:17 Paul Hartman wrote: I essentially want it to work the other way around. Deny access by default unless there is an allow rule. I don't think I can do that, though. If I put ALL: ALL or sshd: ALL in the hosts.deny file, it will deny ME access to my own machine. I don't want that. Since I don't have a specific IP i will connect from, I can't allow any specific IP (or else I'd be doing it that way already). How can I accomplish this?: Allow all ssh connections unless they are in hosts.deny Deny all other connections unless they are in hosts.allow Have you looked at port knocking? It's a complete ball ache to set up and use, far less useful than it seems, but it might also solve your conundrum. A friend once mentioned on a forum that he'd managed to set up static libwrap rules in hosts.allow|deny for addresses that don't change and additionally port-knocking for himself to open up port 22 for a few minutes. I don't recall how he did this, only that he claimed to have done it. I've never tried it but I have always liked the idea. I connect to sshd from linux (my laptop), windows (my work desktop) and symbian (my phone). knockd and the knocking client should be no problem for linux windows, but for my phone I'd probably have to make one myself. Is it as simple as making a connection to a specific sequence of ports with specific timing? I could probably do that easily in python. Sounds like a project for this weekend. :) thanks, paul
Re: [gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Friday 23 January 2009 22:54:24 Paul Hartman wrote: A friend once mentioned on a forum that he'd managed to set up static libwrap rules in hosts.allow|deny for addresses that don't change and additionally port-knocking for himself to open up port 22 for a few minutes. I don't recall how he did this, only that he claimed to have done it. I've never tried it but I have always liked the idea. I connect to sshd from linux (my laptop), windows (my work desktop) and symbian (my phone). knockd and the knocking client should be no problem for linux windows, but for my phone I'd probably have to make one myself. Is it as simple as making a connection to a specific sequence of ports with specific timing? I could probably do that easily in python. Sounds like a project for this weekend. :) I'm no expert but AFAIK that is the general idea -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Re: Howto share Linux swap partition with Windows XP
On Fri, Jan 23, 2009 at 2:53 PM, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 17:09, Paul Hartman wrote: ... http://support.microsoft.com/kb/314834 There is a registry setting in Windows to clear the pagefile.sys at shutdown. What does clear mean? To overwrite with 0? To delete? I don't know. From memory it's just to delete it, which is perfect. It would take too long to zero it out - I don't think that's the purpose. Instead, I think, it should prevent swapfile fragmentation - making it a very good general-purpose setting to enable. What would be really idea for the OP is some kind of grub setting a bash script that formats the partition to the appropriate format for the o/s being booted. But you'd have to be clever about it to avoid long boot times. Stroller. After further googling, it appears it *does* fill the pagefile.sys with zeros, and adds a significant delay to windows shutdown times. So it won't do anything for the OP in this case.
[gentoo-user] Re: Howto share Linux swap partition with Windows XP
On 2009-01-23, Stroller strol...@stellar.eclipse.co.uk wrote: On 23 Jan 2009, at 17:09, Paul Hartman wrote: ... http://support.microsoft.com/kb/314834 There is a registry setting in Windows to clear the pagefile.sys at shutdown. What does clear mean? To overwrite with 0? To delete? I don't know. From memory it's just to delete it, which is perfect. That would eliminate the issue of a backup snapshot having 2GB of pagefile.sys and 1.7GB of other stuff. It would take too long to zero it out - I don't think that's the purpose. Instead, I think, it should prevent swapfile fragmentation - making it a very good general-purpose setting to enable. What would be really idea for the OP is some kind of grub setting a bash script that formats the partition to the appropriate format for the o/s being booted. But you'd have to be clever about it to avoid long boot times. I found some old postings from 6-8 years ago from people who were trying to do that. Nobody seemed to have come up with anything that worked very well. Since then disks have gotten large enough that normal people don't care about a few GB. -- Grant Edwards grante Yow! I have many CHARTS at and DIAGRAMS.. visi.com
[gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Fri, Jan 23, 2009 at 2:22 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: On Tue, Jan 20, 2009 at 3:33 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: Hi, After setting up public key authentication i changed my sshd back to port 22 and got the expected bombardment of connection attempts. However, it doesn't seem to ever stop them. I'm using sshd with this setting: MaxAuthTries 3 in my /etc/ssh/sshd_config [cut] Okay, I have some possible new embarrassing information... as well as some new questions about access control. After combining all logs in chronological order, it appears denyhosts IS properly adding the new host to /etc/hosts.deny but it is simply not causing it to be denied... See this sample: Jan 22 18:42:58 [sshd] Invalid user staff from 59.185.104.218 Jan 22 18:43:01 [sshd] Invalid user sales from 59.185.104.218 Jan 22 18:43:03 [sshd] Invalid user recruit from 59.185.104.218 Jan 22 18:43:06 [denyhosts] Added the following hosts to /etc/hosts.deny - 59.185.104.218 (triband-mum-59.185.104.218.mtnl.net.in) Jan 22 18:43:06 [sshd] Invalid user alias from 59.185.104.218 Jan 22 18:43:09 [sshd] Invalid user office from 59.185.104.218 Jan 22 18:43:11 [sshd] Invalid user samba from 59.185.104.218 Jan 22 18:43:14 [sshd] Invalid user tomcat from 59.185.104.218 Jan 22 18:43:22 [sshd] Invalid user webadmin from 59.185.104.218 So now I am going back to what I should have looked at in the very beginning, my hosts.allow and hosts.deny rules. hosts.allow: sshd: ALL portmap: 127.0.0.1, 192.168.0.0/255.255.255.0 lockd: 127.0.0.1, 192.168.0.0/255.255.255.0 rquotad: 127.0.0.1, 192.168.0.0/255.255.255.0 mountd: 127.0.0.1, 192.168.0.0/255.255.255.0 statd: 127.0.0.1, 192.168.0.0/255.255.255.0 ALL: 127.0.0.1, 192.168.0.0/255.255.255.0 hosts.deny: ALL: ALL sshd: 58.213.125.25 sshd: 75.37.250.107 sshd: 147.83.29.83 sshd: 59.185.104.218 sshd: 210.40.128.31 (and so on) From the manpage: ACCESS CONTROL FILES The access control software consults two files. The search stops at the first match: - Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file. - Otherwise, access will be granted. doh! So, basically, when it sees sshd: ALL in hosts.allow, it stops and allows access to everyone. It never even gets around to checking the hosts.deny file. The fact that the login attempts stopped after about an hour must have been purely coincidence. My intended purpose for those entires was to allow all sshd unless they are in the deny file, but I also want to deny everything else that doesn't have an explicit allow/deny rule. I don't think this is possible using hosts.allow/hosts.deny unless I enumerate every service. The deny ALL: ALL will deny me access to sshd. I essentially want it to work the other way around. Deny access by default unless there is an allow rule. I don't think I can do that, though. If I put ALL: ALL or sshd: ALL in the hosts.deny file, it will deny ME access to my own machine. I don't want that. Since I don't have a specific IP i will connect from, I can't allow any specific IP (or else I'd be doing it that way already). How can I accomplish this?: Allow all ssh connections unless they are in hosts.deny Deny all other connections unless they are in hosts.allow Thanks and sorry for the misdirection :) Paul After reading more, I see there is an EXCEPT rule as well.. so I can theoretically deny: ALL: ALL EXCEPT sshd and hopefully that will do what I was wanting... time to try it :)
Re: [gentoo-user] shoutcast problem 64bit gentoo
Wojtek Dalętka wrote: Saphirus Sage wrote: Have you emerged emul-linux-x86-baselibs or other precompiled 32-bit libraries? YES: * app-emulation/emul-linux-x86-baselibs Latest version available: 20080316 Latest version installed: 20080316 app-emulation/emul-linux-x86-compat Latest version available: 20071125-r1 Latest version installed: 20071125-r1 app-emulation/emul-linux-x86-glibc-errno-compat Latest version available: 2.5 Latest version installed: 2.5 other emul-linux..libs are masked... w.d. I can't help but think that your problem comes from shoutcast doesn't have full support for 64-bit architectures, so I think you do need emul-linux-x86-soundlibs and emul-linux-x86-sdl or to recompile shoutcast from source with the 32-bit glibc. Consider unmasking those two listed packages, installing and trying again to run the shoutcast daemon.
[gentoo-user] Re: Why isn't sshd blocking repeated failed login attempts?
On Fri, Jan 23, 2009 at 3:18 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: On Fri, Jan 23, 2009 at 2:22 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: On Tue, Jan 20, 2009 at 3:33 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: Hi, After setting up public key authentication i changed my sshd back to port 22 and got the expected bombardment of connection attempts. However, it doesn't seem to ever stop them. I'm using sshd with this setting: MaxAuthTries 3 in my /etc/ssh/sshd_config [cut] Okay, I have some possible new embarrassing information... as well as some new questions about access control. After combining all logs in chronological order, it appears denyhosts IS properly adding the new host to /etc/hosts.deny but it is simply not causing it to be denied... See this sample: Jan 22 18:42:58 [sshd] Invalid user staff from 59.185.104.218 Jan 22 18:43:01 [sshd] Invalid user sales from 59.185.104.218 Jan 22 18:43:03 [sshd] Invalid user recruit from 59.185.104.218 Jan 22 18:43:06 [denyhosts] Added the following hosts to /etc/hosts.deny - 59.185.104.218 (triband-mum-59.185.104.218.mtnl.net.in) Jan 22 18:43:06 [sshd] Invalid user alias from 59.185.104.218 Jan 22 18:43:09 [sshd] Invalid user office from 59.185.104.218 Jan 22 18:43:11 [sshd] Invalid user samba from 59.185.104.218 Jan 22 18:43:14 [sshd] Invalid user tomcat from 59.185.104.218 Jan 22 18:43:22 [sshd] Invalid user webadmin from 59.185.104.218 So now I am going back to what I should have looked at in the very beginning, my hosts.allow and hosts.deny rules. hosts.allow: sshd: ALL portmap: 127.0.0.1, 192.168.0.0/255.255.255.0 lockd: 127.0.0.1, 192.168.0.0/255.255.255.0 rquotad: 127.0.0.1, 192.168.0.0/255.255.255.0 mountd: 127.0.0.1, 192.168.0.0/255.255.255.0 statd: 127.0.0.1, 192.168.0.0/255.255.255.0 ALL: 127.0.0.1, 192.168.0.0/255.255.255.0 hosts.deny: ALL: ALL sshd: 58.213.125.25 sshd: 75.37.250.107 sshd: 147.83.29.83 sshd: 59.185.104.218 sshd: 210.40.128.31 (and so on) From the manpage: ACCESS CONTROL FILES The access control software consults two files. The search stops at the first match: - Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file. - Otherwise, access will be granted. doh! So, basically, when it sees sshd: ALL in hosts.allow, it stops and allows access to everyone. It never even gets around to checking the hosts.deny file. The fact that the login attempts stopped after about an hour must have been purely coincidence. My intended purpose for those entires was to allow all sshd unless they are in the deny file, but I also want to deny everything else that doesn't have an explicit allow/deny rule. I don't think this is possible using hosts.allow/hosts.deny unless I enumerate every service. The deny ALL: ALL will deny me access to sshd. I essentially want it to work the other way around. Deny access by default unless there is an allow rule. I don't think I can do that, though. If I put ALL: ALL or sshd: ALL in the hosts.deny file, it will deny ME access to my own machine. I don't want that. Since I don't have a specific IP i will connect from, I can't allow any specific IP (or else I'd be doing it that way already). How can I accomplish this?: Allow all ssh connections unless they are in hosts.deny Deny all other connections unless they are in hosts.allow Thanks and sorry for the misdirection :) Paul After reading more, I see there is an EXCEPT rule as well.. so I can theoretically deny: ALL: ALL EXCEPT sshd and hopefully that will do what I was wanting... time to try it :) Sorry, i made a typo in my email. ALL EXCEPT sshd: ALL Tested and working. Paul
Re: [gentoo-user] problems with rtl8187
Dominic Kexel : Hi there! Yesterday I updated my kernel to 2.6.27-gentoo-r8 and wanted to give the rtl8187-module a try. I am using an Alpha-Network WLAN-USB-Adapter with the Realtek 8187-chipset. The problem is following: After loading the module and configuring the interface, everything works fine for about 10 seconds, and then the connections breaks up. /var/log/messages doesn't show anything. I have to reload the module and re-configure the interface to have it work for another 10 seconds. I blacklisted rtl8187 and installed the r8187-driver-module from http://dl.aircrack-ng.org/drivers/. This works fine, but I don't know why the kernel-driver does not work as it should. Any ideas? I'v got a wireless network card in rtl8187 as well. I'm very srue It works well with the kernel =2.6.26. I used the rtl8187 driver of the kernel supported and compiling it as a module. It's working stable with aircrack-ng both monitoring and managing.
Re: [gentoo-user] Laptop Lid Close...
For some reason, the script is not getting called when I press the button. That is not to say that the system doesn't recognize it - if I set KDE to put the system in stand-by when the lid is closed, it very well will. But as I said earlier, that's not what I want - I just want to turn on/off the monitor. I know kacpid is running...but I don't think acpid is...at least, when I tried /etc/init.d/acpid start it complained: * Starting acpid ... acpid: can't open /proc/acpi/event: Device or resource busy Ben - Original Message From: Gregory SACRE gregory.sa...@gmail.com To: gentoo-user@lists.gentoo.org Sent: Friday, January 23, 2009 2:57:31 PM Subject: Re: [gentoo-user] Laptop Lid Close... This is the script I am using. It is spawned by the default.sh from /etc/acpi: -- SCRIPT START -- # default display on current host export XAUTHORITY=/home/your_user/.Xauthority DISPLAY=:0.0 # find out if monitor is on STATUS=`cat /proc/acpi/button/lid/LID0/state` logger monitor: $STATUS # find out if DPMS is enabled DPMS=`xset -display $DISPLAY -q | grep -e 'DPMS is'` logger dpms: $DPMS # enable DPMS if disabled if [ $DPMS == DPMS is Disabled ] then logger Enabling DPMS ... xset -display $DISPLAY +dpms fi if [ `echo $STATUS | grep -i closed | wc -l` -eq 1 ] then logger [`date`] Turning display OFF xset -display $DISPLAY dpms force off else logger [`date`] Turning display ON # shows up in log xset -display $DISPLAY dpms force on# turn monitor on xset -display $DISPLAY s activate # un-blank monitor fi #clean up unset STATUS unset DPMS # comment this line out if you're manually running this script from a shell (put a # in front of it) unset DISPLAY exit 0 -- SCRIPT STOP -- Change the your_user variable. I had also to set xscreensaver to switch off my monitor instead of blanking it, because I think (not sure) that xscreensaver was switching on my monitor when it was supposed to start the screensaver (as after a while, my monitor was switched back on, and as I didn't see that happening since my xscreensaver modification, I can only assume that was the problem). HTH, Greg On Fri, Jan 23, 2009 at 8:14 AM, Joshua Murphy poiso...@gmail.com wrote: On Thu, Jan 22, 2009 at 8:24 PM, BRM bm_witn...@yahoo.com wrote: I'm running a Dell D600, and I've located a number of tools for it but I am not seeing anything related to when I close the lid. Since I got Gentoo running on it, the Monitor continues running when I close the lid. I've found several sources for doing something as an ACPI event, which seems to be the right method. I can toggle the button with the lid open and cat /etc/acpi/button/lid/LID/state and see it change between 'open' and 'closed'; and I know I could write myself a little script do something like calling radeontool to turn off the backlight, but I'd like to find a more official method. I mostly run KDE 3.5 (I'll go to KDE4 when I can...once portage 2.2 comes out and all), but I didn't see anything for a 'turn off monitor on lid close' setting (preferrably root controlled so that it affects all users). The only thing I can find is a the standby/suspend/shutdown/logoff, system performance, and CPU throttling. I don't really want to do any of that - just put the monitor into stand-by, not necessarily the whole system. Any how...I'd really like to get this working. TIA, Ben In... /etc/acpi/default.sh there's a comment (with commented code you can use following it)... # if your laptop doesnt turn on/off the display via hardware # switch and instead just generates an acpi event, you can force # X to turn off the display via dpms. note you will have to run # 'xhost +local:0' so root can access the X DISPLAY. if radeontool or something will allow you to disable the display even when you aren't in X, or without proper access to the display (like xset requires) you might be able to even escape needing that xhost setting. No way of testing it at all myself though. -- Poison [BLX] Joshua M. Murphy
