Re: [gentoo-user] telephony

[Yahya Mohammad]

On Wed, Apr 22, 2009 at 12:30:52PM -0400, Simon wrote:
 hi there,
   i'm looking for suggestions and guidance.  I have a vps host with
 gentoo on it, i dont think the vps is stable enough to ensure a good
 quality of service, but it could just need an upgrade, no big deal.  I
 need a phone and the way i decided to go was to get a connection to
 the internet and use voip or similar services.
 

I've set up Asterisk on Gentoo on both Xen and OpenVZ based VPS and it
works great. I use it with the speex codec and voice quality is really
good. It was even usable when those middle east cables were cut some
time ago, and latency was over 1 second for me.

Asterisk in portage hasn't been updated in ages. It's still at version
1.2, while 1.4 and 1.6 have been available since dec 2006 and jan 2008
respectively. There is a VoIP overlay where you can get newer ebuilds.
Actually now that I think about it, it might be better to use an older
version as most documentation online refers to the older ones.

One interesting feature of v1.6 (if your asterisk box is not in a remote
location) is chan_mobile.  It can hook up asterisk via bluetooth to a
cell phone using the handsfree profile, and then use the phone as a PSTN
trunk. It works with my phone, but I don't think anyone uses this in a 
production environment.

I would recommend reading chapters 4,5,6 of The Future of Telephony
book [1] at least three times before starting. The new edition of the
book refers to Asterisk ver1.4.

It's not that hard especially if your goal is to learn. Otherwise just
buy an appliance like [2] for a couple of hundred bucks, click around in
its GUI config and be done with it.

[1] 
http://astbook.asteriskdocs.org/en/2nd_Edition/asterisk-book-html-chunk/index.html
[2] http://atcom.cn/En_products_IP01.htm  

Re: [gentoo-user] ebuild description

[Neil Bothwick]

On Sun, 26 Apr 2009 20:59:42 -0400, Michael P. Soulier wrote:

 eix dev-lang/python
 
 I see that it's highlighting version ~2.5.4-r2, which is what I have
 installed. If the 2.5.4-r2 version is masked by keyword, why's it
 installed on my system? :)

It's not keyword-masked according to eix here

% eix -e python
[I] dev-lang/python
 Available versions:
(2.4)   2.4.4-r5 2.4.4-r6 2.4.4-r14 ~2.4.4-r15
(2.5)   2.5.2-r7 ~2.5.2-r8 2.5.4-r2
(2.6)   ~2.6-r5 ~2.6.1-r1 ~2.6.2
{berkdb bootstrap build cxx doc elibc_uclibc examples gdbm ipv6 ncurses 
nocxx nothreads readline sqlite ssl threads tk ucs2 wininst xml} 
 Installed versions:  2.5.4-r2(2.5)(08:37:17 04/20/09)(berkdb gdbm ncurses 
readline ssl threads xml -build -doc -elibc_uclibc -examples -ipv6 -sqlite -tk 
-ucs2 -wininst) Homepage:http://www.python.org/
 Description: Python is an interpreted, interactive, 
object-oriented programming language.


-- 
Neil Bothwick

Three kinds of people: Those who can count, and those who can't.


signature.asc
Description: PGP signature

Re: [gentoo-user] Failed to start /etc/init.d/checkroot

[Chuanwen Wu]

Hi, thanks!

 It seems a bit strange that checkroot gave no output, just failure -
 as if it's execution didn't even started, and, since it's one of the
 first initscripts to start, prehaps there's a problem with bash
 interpreter or access to init.d path.

 Since you've mounted filesystem and it looks okay, you can try changing
 last two columns in /etc/fstab for root filesystem to 0 0, so script
 won't try to check it - that way you can see if it's something with
 fsck - prehaps the system will just boot.

I have tried it, but nothing change.



 Then, if the rest of the initscripts won't throw some similar errors
 (possibly exposing the real problem), you can probably insert a lot of
 echoes/einfos to that initscript to see at which point everything hangs
 and check what's wrong with the command causing it.

I have inserted some echos,  now the checkroot script is:
/*/
#!/sbin/runscript
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

depend() {
before *
}

start() {
local retval=0

echo 1

if [[ ! -f /fastboot  -z ${CDBOOT} ]] \
 ! is_net_fs /  ! is_union_fs / ; then
echo 2
if touch -c /  /dev/null ; then
ebegin Remounting root filesystem read-only
mount -n -o remount,ro /
eend $?
fi

if [[ -f /forcefsck ]] || get_bootparam forcefsck ; then
ebegin Checking root filesystem (full fsck forced)
fsck -C -a -f /
# /forcefsck isn't deleted because checkfs needs it.
# it'll be deleted in that script.
retval=$?
else
# Obey the fs_passno setting for / (see fstab(5))
# - find the / entry
# - make sure we have 6 fields
# - see if fs_passno is something other than 0
if [[ -n $(awk '($1 ~ /^(\/|UUID|LABEL)/  $2 == / \
 NF == 6  $6 != 0) { print }' /etc/fstab) ]]
then
ebegin Checking root filesystem
fsck -C -T -a /
retval=$?
else
ebegin Skipping root filesystem check (fstab's passno ==
0)
retval=0
fi
fi

if [[ ${retval} -eq 0 ]] ; then
eend 0
elif [[ ${retval} -eq 1 ]] ; then
ewend 1 Filesystem repaired
elif [[ ${retval} -eq 2 || ${retval} -eq 3 ]] ; then
ewend 1 Filesystem repaired, but reboot needed!
if [[ ${RC_FORCE_AUTO} != yes ]] ; then
echo -ne \a; sleep 1; echo -ne \a; sleep 1
echo -ne \a; sleep 1; echo -ne \a; sleep 1
ewarn Rebooting in 10 seconds ...
sleep 10
fi
einfo Rebooting
/sbin/reboot -f
else
if [[ ${RC_FORCE_AUTO} == yes ]] ; then
eend 2 Rerunning fsck in force mode
fsck -y -C -T /
else
eend 2 Filesystem couldn't be fixed :(
sulogin ${CONSOLE}
fi
einfo Unmounting filesystems
/bin/mount -a -o remount,ro  /dev/null
einfo Rebooting
/sbin/reboot -f
fi
fi

echo 3

# Should we mount root rw ?  the touch check is to see if the / is
# already mounted rw in which case there's nothing for us to do
[...]
/*/

Now the booting message is :
/*/
mounting devpts at /dev/pts OK
1
/*/
I am not quite understand the script. But I guess somethink must be wrong in
the if' statement which contain echo 2.

Any help will be appreciated!

-- 
wcw

[gentoo-user] Software RAID vs Fake RAID

[Yahya Mohammad]

Hi list,

I'm setting up a new desktop machine with RAID 0. The motherboard I
bought supports the so-called Fake RAID, which offloads most of the
processing to the system CPU. What are the pros and cons of using this
as opposed to  pure software RAID?

Re: [gentoo-user] Software RAID vs Fake RAID

[Neil Bothwick]

On Mon, 27 Apr 2009 16:18:39 +0400, Yahya Mohammad wrote:

 I'm setting up a new desktop machine with RAID 0. The motherboard I
 bought supports the so-called Fake RAID, which offloads most of the
 processing to the system CPU. What are the pros and cons of using this
 as opposed to  pure software RAID?

The advantage of FakeRAID is that you get to depend on a Windows-only
driver that only works with your motherboard and will prevent the RAID
working if the motherboard files and you try to connect the drives to a
different system. For some reason,this gives Windows users a warm, fuzzy
feeling.


-- 
Neil Bothwick

Bumper Sticker: If you can read this, you are in phaser range.


signature.asc
Description: PGP signature

Re: [gentoo-user] Software RAID vs Fake RAID

[Andrei Susnea]

Neil Bothwick wrote:

On Mon, 27 Apr 2009 16:18:39 +0400, Yahya Mohammad wrote:

  

I'm setting up a new desktop machine with RAID 0. The motherboard I
bought supports the so-called Fake RAID, which offloads most of the
processing to the system CPU. What are the pros and cons of using this
as opposed to  pure software RAID?



The advantage of FakeRAID is that you get to depend on a Windows-only
driver that only works with your motherboard and will prevent the RAID
working if the motherboard files and you try to connect the drives to a
different system. For some reason,this gives Windows users a warm, fuzzy
feeling.


  
Maybe you want pure hardware raid that's a pci(-e) slot that has a chip 
doing all the parity calculations plus a battery keeping data that 
didn't manage to write in case of a power failure. That's the best option.
For a mb in order to have fake raid capabilities from my understanding 
it has to have a raid chip itself but still most of the calculation is 
done by the CPU.
Software raid can be done OS dependant... and you don't need any 
hardware or chips for that, it's a form of OS fooling itself instead of 
the MB fooling the OS (fake one).


From my experience with fake raid 0 on 2 hdd's the speeds would be very 
nice when talking about small files, but for files with 1gb or more the 
writing speed would decrease as the parity calculations get more 
complicated.

Re: [gentoo-user] Software RAID vs Fake RAID

[Volker Armin Hemmann]

On Montag 27 April 2009, Andrei Susnea wrote:
 Neil Bothwick wrote:
  On Mon, 27 Apr 2009 16:18:39 +0400, Yahya Mohammad wrote:
  I'm setting up a new desktop machine with RAID 0. The motherboard I
  bought supports the so-called Fake RAID, which offloads most of the
  processing to the system CPU. What are the pros and cons of using this
  as opposed to  pure software RAID?
 
  The advantage of FakeRAID is that you get to depend on a Windows-only
  driver that only works with your motherboard and will prevent the RAID
  working if the motherboard files and you try to connect the drives to a
  different system. For some reason,this gives Windows users a warm, fuzzy
  feeling.

 Maybe you want pure hardware raid that's a pci(-e) slot that has a chip
 doing all the parity calculations plus a battery keeping data that
 didn't manage to write in case of a power failure. That's the best option.
 For a mb in order to have fake raid capabilities from my understanding
 it has to have a raid chip itself but still most of the calculation is
 done by the CPU.
 Software raid can be done OS dependant... and you don't need any
 hardware or chips for that, it's a form of OS fooling itself instead of
 the MB fooling the OS (fake one).

  From my experience with fake raid 0 on 2 hdd's the speeds would be very
 nice when talking about small files, but for files with 1gb or more the
 writing speed would decrease as the parity calculations get more
 complicated.

there is no parity with raid 0.

Re: [gentoo-user] Software RAID vs Fake RAID

[Simon]

I would recommend software raid.  Because it's made by some great
folks in the linux community and it is a project in development (so
you can get lots of support and updates, though it is very stable and
is used in many prod systems).

Also the tool 'mdadm' combined with the output of /proc/mdstat gives a
very good flexibility and ease of administering the raid.

I wouldnt touch fakeraid, and i would only use hardware raid for a
serious purpose (ie business) since it costs a lot and efficiency gain
can only mean something in a serious project.  (I'm using several
raids on USB keys, dont laugh!, for my small 4gb EeePC, it raid6 has
been working super fine on software linux raid).

Simon

On Mon, Apr 27, 2009 at 8:18 AM, Yahya Mohammad mfya...@gmail.com wrote:
 Hi list,

 I'm setting up a new desktop machine with RAID 0. The motherboard I
 bought supports the so-called Fake RAID, which offloads most of the
 processing to the system CPU. What are the pros and cons of using this
 as opposed to  pure software RAID?





-- 
When Earth was the only inhabited planet in the Galaxy, it was a
primitive place, militarily speaking.  The only weapon they had ever
invented worth mentioning was a crude and inefficient nuclear-reaction
bomb for which they had not even developed the logical defense. -
Asimov

Re: [gentoo-user] conflict in update

[Mike Kazantsev]

On Sun, 26 Apr 2009 10:39:55 +0100
Neil Bothwick n...@digimed.co.uk wrote:

 Incidentally, I almost always install software with --oneshot. That way
 the programs I install to try out show up on --depclean's output until I
 decide I want to keep them. It prevents accumulating cruft from various
 experiments, although I am now using sets to achieve the same end.

Last sentence got me, since the idea seems interesting, but I wonder
about how - I haven't seen any mention of emerging package to a
set, other than world feature, but I guess it can be fairly easy
implemented via emerge hooks.

Can you please explain a little, so I can put my mind at ease? ;)

-- 
Mike Kazantsev // fraggod.net


signature.asc
Description: PGP signature

Re: [gentoo-user] Software RAID vs Fake RAID

[Paul Hartman]

On Mon, Apr 27, 2009 at 9:14 AM, Simon turne...@gmail.com wrote:
 I would recommend software raid.  Because it's made by some great
 folks in the linux community and it is a project in development (so
 you can get lots of support and updates, though it is very stable and
 is used in many prod systems).

I'm using software RAID5 (with SATA hard drives) for a couple years
and -- without having any drive failures so far -- it seems to work
well. I've got dmcrypt on top of it and performance is pretty
transparent for the most part. Having core 2 duo helps, I guess. :)

It was dead simple to set up, but I have (thankfully) not run into any
drive failures so far. I should really prepare an off-line document
with the recovery procedure should that happen. I'm not sure off the
top of my head (other than pull bad drive, replace with new drive). In
fact I need to make sure I know which drive is which!

It has survived several crashes/power outages. For my RAID5 (four
500gb drives) it took about 90 minutes for the raid to verify after
such incidents. I know there are benefits to hardware RAID but for low
cost/low importance (it's my home PC) the software RAID is good enough
for me.

Re: [gentoo-user] Re: Domain name registration

[Paul Hartman]

On Sun, Apr 26, 2009 at 12:47 PM, James wirel...@tampabay.rr.com wrote:
 Paul Hartman paul.hartman+gentoo at gmail.com writes:


 On Sat, Apr 25, 2009 at 5:02 PM, Paul Hartman
 paul.hartman+gentoo at gmail.com wrote:
  On Sat, Apr 25, 2009 at 3:41 PM, James wireless at tampabay.rr.com 
  wrote:
  Hello,
 
  I'm looking for suggestions to use for DNS registrars.
 
  I've been using namecheap for years (they are a reseller for eNom).
  It's cheap and you get what you're looking for. I've got a few
  domains, and been able to set them up for DKIM, Google Apps, etc
  without any issues.
 

 There is also a coupon code this month that will give you a discount: 7tulips




 Thanks Paul...

 I guess I should have clearly stated that I was looking for a DNS registrar
 that, by default, make the customer the DNS registrant, instead of themselves.
 As you know, if you are the DNS registrant, then, you own the DN. Many folks
 discover this only when they try to migrate ?their? DN.

 http://www.keytlaw.com/urls/whoowns.htm

 Most registrars do not do this, and personally it miffs me quite a lot...

 I'll Look into namecheap and see what their  policy and practices are.

Don't worry, with them you own it and there are no catches that I've
seen... it's just a straight up domain name registration, no web
hosting or other nonsense. Your own info (whatever you tell it) goes
into all of the fields in the whois database... they offer a
whoisguard service which masks your info, if you want privacy (and
to reduce the amount of spam and physical junk mail you'll get -- and
you'll get plenty) but it's completely optional and if you're worried
about having their whoisguard as the name in the whois database, you
don't need to use it.

Re: [gentoo-user] Software RAID vs Fake RAID

[Simon]

 It has survived several crashes/power outages. For my RAID5 (four
 500gb drives) it took about 90 minutes for the raid to verify after
 such incidents. I know there are benefits to hardware RAID but for low
 cost/low importance (it's my home PC) the software RAID is good enough
 for me.

Software raid is perfect for a situation like this, also, the choice
for raid5 (or raid6) is good because while it provides redundance
(security when a drive fails) it also supports growing (you can make
the array bigger by adding drives), as long as the file system on it
supports growing.

I'm not sure how 'growing' support is handled in hardware raid and i'm
ready to believe it is inexistant in fakeraid...  but I'm saying so
without knowing...

Simon

Re: [gentoo-user] Software RAID vs Fake RAID

[Alan McKinnon]

On Monday 27 April 2009 14:18:39 Yahya Mohammad wrote:
 Hi list,

 I'm setting up a new desktop machine with RAID 0. The motherboard I
 bought supports the so-called Fake RAID, which offloads most of the
 processing to the system CPU. What are the pros and cons of using this
 as opposed to  pure software RAID?

There are no pros that I have ever seen and plenty of cons. Notably - 
performance sucks.

You are almost always better off using software RAID. Big plus - you can 
actually configure it to get a result closer to what you want as opposed to 
what the firmware manufacturer wants you to have.


-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Software RAID vs Fake RAID

[Hazen Valliant-Saunders]

Ok,

1. Motherboard Raid is often Fake Raid
2. In Gentoo the Software Raid fucntions for Linux are probably faster than
your motherboard's
3. Having had and seen issues with mother board raid I'd suggest using the
mdtools. Since there is a FAR LARGER support base; that way if somthing goes
awry you'll have a far larger pool of knowledge to draw from.

When Considering Raid always look to see if you have a MB that has it's own
XOR implemented in silicon, these are a little pricy but they are the
Engine that speeds up the whole checksumming process.

Server Motherboards and high end workstations will have integrated RAID
controllers from repudible providers (LSI, Adaptec, AMI...) and even those
break down and forget configuration's some times.

If you are going to do a whole bunch of storage on the cheap the software
raid is fine, and if you have a quad core you won't even notice the
overhead.

On Mon, Apr 27, 2009 at 11:35 AM, Alan McKinnon alan.mckin...@gmail.comwrote:

 On Monday 27 April 2009 14:18:39 Yahya Mohammad wrote:
  Hi list,
 
  I'm setting up a new desktop machine with RAID 0. The motherboard I
  bought supports the so-called Fake RAID, which offloads most of the
  processing to the system CPU. What are the pros and cons of using this
  as opposed to  pure software RAID?

 There are no pros that I have ever seen and plenty of cons. Notably -
 performance sucks.

 You are almost always better off using software RAID. Big plus - you can
 actually configure it to get a result closer to what you want as opposed to
 what the firmware manufacturer wants you to have.


 --
 alan dot mckinnon at gmail dot com




-- 
Hazen Valliant-Saunders
IT/IS Consultant
(613) 355-5977

[gentoo-user] udev problem assigning persistent names

[maxim wexler]

Hi group,

Having upgraded from the 2.6.23 kernel to the 2.6.28 and enabling the rt2x00 
driver I get the following message at boot

...
*  UDEV: Your system has a problem assigning persistent 
*  names to these network interfaces: wlan0-rename
*  Checking persistent rules:
*  Found no duplicate names in persistent-net rules
*  there must be some other problem!
...

some background:

heat...@kyzyl ~ $ cat /proc/net/wireless
Inter-| sta-|   Quality|   Discarded packets   | Missed | WE
 face | tus | link level noise |  nwid  crypt   frag  retry   misc | beacon | 22
wlan0_rename: 0 0 00  0  0  0  00

heat...@kyzyl ~ $ cat /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single line.

# PCI device 0x10de:0x00df (forcedeth)
SUBSYSTEM==net, DRIVERS==?*, ATTR{address}==00:13:8f:33:32:e2, NAME=eth0

# USB device 0x0eb0:0x9020 (rt2570)
SUBSYSTEM==net, DRIVERS==?*, ATTR{address}==00:d0:41:ac:32:0b, 
NAME=rausb0
  ^^
rausb0 was the former name, when I was using the older kernel w/o Ralink 
support and the driver had to be downloaded from the serialmonkey site.

Why is udev confused?

The old driver, rt2750, is *not* being used:

heat...@kyzyl ~ $ lsmod|grep rt2
rt2500usb  17792  0
rt2x00usb   7296  1 rt2500usb
rt2x00lib  19072  2 rt2500usb,rt2x00usb
rfkill  8268  2 rt2x00lib
mac80211  103436  2 rt2x00usb,rt2x00lib
cfg80211   25744  2 rt2x00lib,mac80211
usbcore   109552  6 usbhid,rt2500usb,rt2x00usb,ehci_hcd,ohci_hcd

Maxim



  __
Be smarter than spam. See how smart SpamGuard is at giving junk email the boot 
with the All-new Yahoo! Mail.  Click on Options in Mail and switch to New Mail 
today or register for free at http://mail.yahoo.ca

[gentoo-user] Compiz broke on latest portage update?

[Alex Bennee]

I updated compiz today which required me to unmask:

dev-libs/iniparser ~amd64

And it promptly broke with:

18:44 a...@danny/x86_64 [~] ~/bin/start-compiz.sh
compiz: symbol lookup error: /usr/lib/libcompizconfig.so.0: undefined
symbol: iniparser_new

However revdep-rebuild seems quite happy. Has anyone else seen this today?

-- 
Alex, homepage: http://www.bennee.com/~alex/
CV: http://www.bennee.com/~alex/cv.php

[gentoo-user] Re: X-forwarding fails with Invalid MIT-MAGIC-COOKIE-1 key

[Nikos Chantziaras]

Grant wrote:

X-forwarding used to work for me but I haven't used it in a while and now I get:

Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
Xlib: connection to localhost:10.0 refused by server
Xlib: Invalid MIT-MAGIC-COOKIE-1 key
Cannot open display:

I have:

# cat /etc/ssh/sshd_config | grep X11Forwarding
X11Forwarding yes

Does anyone know how to fix this?


First, ssh to the box without X forwarding and:

  rm ~/.Xauthority
  rm ~/.ICEauthority
  logout

Then try to ssh again with X forwarding enabled.  It should work.

Re: [gentoo-user] voice or touch data entry apps

[Valmor de Almeida]

James wrote:

Hello,

I'm looking for special types of applications that allow 
for data entry, via voice commands or using the touch screen

on a  touch screen enabled laptop.

KDE4 is my preferred desktop, but any application that 
will run on kde4 and gentoo is of interest. Is there

anything like this out there? My specific application
is for live data entry into some form of interface
that resembles a the kind of score sheet used manually
for stats during a basketball game.


Any ideas or resources are welcome related to software, touch screen 
enabled laptops or tablets or voice input/response are all of

keen (gentoo) interest for me.


James



I have gentoo on a tablet fujitsu P1610 but I've not had time to look 
into the touch screen setup. Busy now and still need to move from xorg 
1.3 to 1.5. However I intend to take a look at


app-text/xournal

as soon as I have the stylus working.

--
Valmor

[gentoo-user] Re: Domain name registration

[James]

Anthony Metcalf nevyn at anferny.me.uk writes:


 I use http://freedns.afraid.org/ . Doesn't meet your not-free
 stipulation, but I think just about encompasses everything else

Thanks Everyone for the suggestions and information.
I've got to build up several machines and get the DNS
registered.

Since it's been a while, I think I'm first going to use
Bind-9 for now. I'm sure I'll be posting for some 
help, file tweaking and deeper wisdom as to 
any mods with the firewall. I'm actually looking
forward to this project, since it is for me,
over the next few weekends


thanks again,

James

Re: [gentoo-user] voice or touch data entry apps

[Paul Hartman]

On Sat, Apr 25, 2009 at 1:55 PM, James wirel...@tampabay.rr.com wrote:
 Hello,

 I'm looking for special types of applications that allow
 for data entry, via voice commands or using the touch screen
 on a  touch screen enabled laptop.

Don't know how accurate it is, but I found this article:

http://en.wikipedia.org/wiki/Linux_speech_recognition_software

It basically says no with regard to a complete voice recognition
software, but there are lots of incomplete projects.


As far as touchscreen, there is this video on youtube from 2006
showing touchscreen + Gentoo, so I assume it should be possible once
you find the howto (depending on exactly what you want to do with it):

http://www.youtube.com/watch?v=dQkSObRtw0o

Re: [gentoo-user] Is this firewall safe?

[Daniel Troeder]

On Fri, 2009-04-24 at 16:28 -0500, Chris Frederick wrote:
 Now I'm also keeping in mind that you are on a laptop with no remote
 services.  If you start allowing services, then that will change things.
  If clients are going to be connection to you for certain services, you
 should be more accommodating to them and play nice with the network
 where possible.
I think you're right. I often tend to think in my server/network admin
ways. For a notebook - possibly connecting to unknown, public networks,
it may be a good idea to stay hidden.

 segway
 I would recommend running nmap in crontab if you want to scan your
 network (look up ndiff on nmap's website).
 /segway
Oh cool - I didn't know about ndiff. Fetching nmap from SVN now... :)

What does segway mean? I just found a personal transporter thingy
online...

 P.S.  Daniel, no offense taken.  I enjoy these debates, it helps us
 think differently and learn new tricks.  If we are not challenged once
 in a while we get complacent, and that's typically when we start making
 mistakes.
nice :)

Bye,
Daniel

-- 
PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get
# gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887



signature.asc
Description: This is a digitally signed message part

[gentoo-user] Re: Compiz broke on latest portage update?

[Alex Bennee]

2009/4/27 Alex Bennee kernel-hac...@bennee.com:
 I updated compiz today which required me to unmask:

 dev-libs/iniparser                     ~amd64

 And it promptly broke with:

 18:44 a...@danny/x86_64 [~] ~/bin/start-compiz.sh
 compiz: symbol lookup error: /usr/lib/libcompizconfig.so.0: undefined
 symbol: iniparser_new

http://bugs.gentoo.org/show_bug.cgi?id=259715

Fixed by:

emerge -v =x11-libs/libcompizconfig-0.8.2



-- 
Alex, homepage: http://www.bennee.com/~alex/
CV: http://www.bennee.com/~alex/cv.php

Re: [gentoo-user] Is this firewall safe?

[Eric Martin]

Marco wrote:
 On Fri, Apr 24, 2009 at 4:59 PM, Eric Martin freak4u...@gmail.com wrote:
   
 Marco wrote:
 
 Hi all,

 I set up my first firewall on my notebook (not running any services
 reachable from outside) using iptables. Since I am new to the topic,
 could you please verify if the output of 'iptables -L -v' is
 considered to be a safe firewall? Thanks!

 Chain INPUT (policy DROP 0 packets, 0 bytes)
  pkts bytes target prot opt in out source
 destination
 0 0 ACCEPT all  --  lo any anywhere
 anywhere
 0 0 ACCEPT all  --  eth0   any anywhere
 anywherestate RELATED,ESTABLISHED
 0 0 REJECT tcp  --  eth0   any anywhere
 anywherereject-with tcp-reset
 0 0 REJECT udp  --  eth0   any anywhere
 anywherereject-with icmp-port-unreachable
 0 0 DROP   udp  --  eth0   any anywhere
 anywhereudp spt:bootps
 0 0 LOGall  --  eth0   any anywhere
 anywhereLOG level warning prefix `INPUT   '
 179 ACCEPT all  --  wlan0  any anywhere
 anywherestate RELATED,ESTABLISHED
 0 0 REJECT tcp  --  wlan0  any anywhere
 anywherereject-with tcp-reset
 0 0 REJECT udp  --  wlan0  any anywhere
 anywherereject-with icmp-port-unreachable
 0 0 DROP   udp  --  wlan0  any anywhere
 anywhereudp spt:bootps
 0 0 LOGall  --  wlan0  any anywhere
 anywhereLOG level warning prefix `INPUT   '

 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
  pkts bytes target prot opt in out source
 destination
 0 0 LOGall  --  anyany anywhere
 anywhereLOG level warning prefix `FORWARD '
 0 0 LOGall  --  anyany anywhere
 anywhereLOG level warning prefix `FORWARD '

 Chain OUTPUT (policy ACCEPT 5 packets, 1691 bytes)
  pkts bytes target prot opt in out source
 destination
 0 0 ACCEPT all  --  anylo  anywhere
 anywhere
 0 0 LOGall  --  anyeth0anywhere
 anywhereLOG level warning prefix `OUTPUT  '
 152 LOGall  --  anywlan0   anywhere
 anywhereLOG level warning prefix `OUTPUT  '

   
   
snip
 Sorry for the bad format. gmail decided to insert some sub ideal pagebreaks...

 Talking about the 1 log line at the bottom you mean I should configure
 it to not specify an interface (eth0, wlan0)?

 Thanks!

   
Yeah, not specifying an interface for the log rule to apply to will make
it catch all interfaces (including lo but all traffic has already been
approved ahead of time so it won't catch).

Re: [gentoo-user] Is this firewall safe?

[Alan McKinnon]

On Monday 27 April 2009 20:56:07 Daniel Troeder wrote:
  segway
  I would recommend running nmap in crontab if you want to scan your
  network (look up ndiff on nmap's website).
  /segway

 Oh cool - I didn't know about ndiff. Fetching nmap from SVN now... :)

 What does segway mean? I just found a personal transporter thingy
 online...

It's a typo, should have been segue which according to Wikipedia[1] means

A segue is a smooth transition from one topic or section to the next.

[1]http://en.wikipedia.org/wiki/Segue

-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Backup and Restore

[Mick]

On Thursday 23 April 2009, Volker Armin Hemmann wrote:
 On Donnerstag 23 April 2009, Joerg Schilling wrote:
  Volker Armin Hemmann volkerar...@googlemail.com wrote:
   as I wrote above, you got me thinking. If I can extract a multivolume
   archive created with star with gnutar I am sold and will try star. I
   have to have a closer look at the -fifo/fs= options. The man page makes
   it look promising.
 
  Star implements aprox. twice as many features than GNU tar. Star is even
  able to extract most if not all of those multi volume GNU tar archives
  that GNU tar does not like (while not being able to verify whether the
  follow up archive is the right one). Star intentionally does not
  implement write support for GNU tar multi volume archives because the GNU
  tar format is not a good idea.
 
  Jörg

 ok, I tried star last night. Backup worked well, but I made some mistake
 with the exclude file. Now I have a backup of /sys as well. Won't kill me.
 The - FF... option + .exclude is a very nice feature.
 Will test restore early next week.

This has puzzled me too.  Is there a way of passing the equivalent of 
tar's --exclude file_pattern at star, rather than a file containing a list 
of files to be excluded?  I have been reading the -F,-FF ... but have failed 
to understand it so far  :(

Also, what happens if you run star to archive a directory that contains man  
info files?  I have run this on a CentOS machine and I think I had to abort 
because it was taking for ever and the size of the archive had already frown 
to twice the size of a tar archive ... (not sure if it was related to me 
using exustar as a format?)  The complete command was something like:

star -c -xattr -H=exustar -sparce -M -C /media/hda6 . -f 
/media/backup/hda6_date.star

PS. Is Ctrl+c meant to exit star, or was I too impatient - I recall having to 
kill the PID to get it to stop.
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Backup and Restore

[Joerg Schilling]

Mick michaelkintz...@gmail.com wrote:

 This has puzzled me too.  Is there a way of passing the equivalent of 
 tar's --exclude file_pattern at star, rather than a file containing a list 
 of files to be excluded?  I have been reading the -F,-FF ... but have failed 
 to understand it so far  :(

Tar has no --exclude option.

You may be talking about a program that is not really tar compatible and that 
is called gtar ;-)

Star has a pat= option since more than 20 years.

In any case, if you like to make incremental backups, you should be very 
careful with exclude options as incremental restore it cannot work if an
exclude file is renamed into the non-excluded universe.

 Also, what happens if you run star to archive a directory that contains man  
 info files?  I have run this on a CentOS machine and I think I had to abort 
 because it was taking for ever and the size of the archive had already frown 
 to twice the size of a tar archive ... (not sure if it was related to me 

Star does not go into infinite loops as long as your filesystem is not broken.

 using exustar as a format?)  The complete command was something like:

 star -c -xattr -H=exustar -sparce -M -C /media/hda6 . -f 
 /media/backup/hda6_date.star

It seems that I need to enhance the substitute parser to abort star when a 
nonsense parameter is given to the -s option.


 PS. Is Ctrl+c meant to exit star, or was I too impatient - I recall having to 
 kill the PID to get it to stop.

Star works the same way as tar does: it does not abort leaving an inconsistent
archive. For this reason, star first finishes with the current archive before 
exiting.

Jörg

-- 
 EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
   j...@cs.tu-berlin.de(uni)  
   joerg.schill...@fokus.fraunhofer.de (work) Blog: 
http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

Re: [gentoo-user] conflict in update

[Neil Bothwick]

On Mon, 27 Apr 2009 20:29:01 +0600, Mike Kazantsev wrote:

  Incidentally, I almost always install software with --oneshot. That
  way the programs I install to try out show up on --depclean's output
  until I decide I want to keep them. It prevents accumulating cruft
  from various experiments, although I am now using sets to achieve the
  same end.  
 
 Last sentence got me, since the idea seems interesting, but I wonder
 about how - I haven't seen any mention of emerging package to a
 set, other than world feature, but I guess it can be fairly easy
 implemented via emerge hooks.

Nothing as clever as that. I simply

echo cat/pkg /etc/portage/sets/temp

and have @temp in /var/lib/portage/world_sets

Each week I look at the set and decide what should be removed or
transferred to world.


-- 
Neil Bothwick

I don't know what makes you tick but I wish it was a time bomb.


signature.asc
Description: PGP signature

Re: [gentoo-user] Backup and Restore

[Mick]

On Monday 27 April 2009, Joerg Schilling wrote:
 Mick michaelkintz...@gmail.com wrote:
  This has puzzled me too.  Is there a way of passing the equivalent of
  tar's --exclude file_pattern at star, rather than a file containing a
  list of files to be excluded?  I have been reading the -F,-FF ... but
  have failed to understand it so far  :(

 Tar has no --exclude option.

 You may be talking about a program that is not really tar compatible and
 that is called gtar ;-)

Fair enough ...

 Star has a pat= option since more than 20 years.

Is this a matter of running something like -V -pat=/sys ?

 In any case, if you like to make incremental backups, you should be very
 careful with exclude options as incremental restore it cannot work if an
 exclude file is renamed into the non-excluded universe.

Good point, but something like /proc /sys and friends will stay the same, 
right?

  Also, what happens if you run star to archive a directory that contains
  man  info files?  I have run this on a CentOS machine and I think I had
  to abort because it was taking for ever and the size of the archive had
  already grown to twice the size of a tar archive ... (not sure if it was
  related to me

 Star does not go into infinite loops as long as your filesystem is not
 broken.

What!  RHEL?  Ha, ha!

I don't know if it went into a loop.  The way that the archive size was 
growing I guessed that star was trying to unpack all the .gz man pages.  I'll 
remember to try -xstar next time to see if it makes a difference.  However, 
as you say there were some errors about missing attributes and what not 
(can't recall off hand).
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.

[gentoo-user] Re: conflict in update

[Francesco Talamona]

On Sunday 26 April 2009, Mark Knecht wrote:
 On Sun, Apr 26, 2009 at 10:39 AM, Dale rdalek1...@gmail.com wrote:
  Alan McKinnon wrote:
  It should be easy enough to write a program that examines world
  and displays all packages it finds that are dependencies of
  something else in world, but I haven't found one, and prefer the
  manual approach above.
 
  I know you can use eix-test-obsolete to find outdated/unneeded
  thing in /etc/portage but I wish it would also do something
  similiar for the world file.  I just wonder if the person that
  wrote eix and friends could add that in as a feature?  It would be
  neat.  eix works really well for what it does.
 
  Is their anyone we could sort of poke to work on this?
 
  Dale

 My experience with the world file is I'll first make a copy and then
 start deleting individual lines I think aren't required. If I'm right
 then emerge -p --depclean won't try to take anything off the system.
 If I'm wrong then I add the line back in.

 I'm blank right now as to whether you can just comment out a line in
 the world file. Maybe that works also.

 Anyway, my definition of a minimal world file is I have all the
 software I want and need, the fewest lines in the world file, and
 --depclean/revdep-rebuild are happy.

 - Mark

Have you ever tried regenworld? It sounds less time consuming.

Ciao
Francesco

-- 
Linux Version 2.6.29-gentoo-r1, Compiled #3 SMP PREEMPT Sun Apr 12 
09:01:02 CEST 2009
Two 1GHz AMD Athlon 64 Processors, 4GB RAM, 4018.44 Bogomips Total
aemaeth

[gentoo-user] ebuild log for net-print/cups-1.3.10-r1

[Michael Higgins]

I _remember_ doing this just a few days ago, so I'm not doing it again... but 
why is it still throwing a warning? Is this a limitation of portage or the 
ebuild?

--
WARN: postinst
/usr/lib/cups exists - You need to remerge every ebuild that
installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:
# FEATURES=-collision-protect emerge -va1 $(qfile -qC /usr/lib/cups /etc/cups | 
sed s:net-print/cups$::)
FEATURES=-collision-protect is needed to overwrite the compatibility
symlinks installed by this package, it won't be needed on later merges.
You should also run revdep-rebuild
--

Did they forget to tell me what to do so that the warning stops? '-)

Is it possible that it's necessary to re-emerge all those packages on every 
cups *ebuild* update?

Cheers,

-- 
 |\  /||   |  ~ ~  
 | \/ ||---|  `|` ?
 ||ichael  |   |iggins\^ /
 michael.higgins[at]evolone[dot]org

[gentoo-user] really old box for a firewall

[alex stone]

Hello all, my first post here.

Since installing Gentoo on my working audio box, i've had a good run,
with no problems. (I'm a full time classical composer)
The audio packages are stable and i get to work all day every day
without having to spend time tweaking anything in the OS. (At last)

So with that in mind, i have an interest in turning a very old box i
have here (pentium-mmx) into a firewall/router.
I tried a live cd, with the intent of building up a 32bit chroot in my
big box, and syncing it into the old one. (All 64bit native in the
studio boxes)

when i inserted the live cd to begin the process, i got an error
message at boot which said (along the lines of ):

There is a feature missing in your CPU (0:15). and the live cd cannot boot.

That was the end of the process, and i couldn't install anything.

So my questions are:

Do i need to install an older version of Gentoo in order for this to work?

Do i need to flag the boot in some way with options in order to get
this to install?

I'm on PPTP cable with a vpn address from the provider. Will an older
version of Gentoo be capable of handling this protocol?

Help would be appreciated, even if it's along the lines of turning the
old box into a boat anchor, as it's not fit for purpose.

Alex.

-- 
Parchment Studios (It started as a joke...)

Re: [gentoo-user] really old box for a firewall

[Daniel de Oliveira]

 Do i need to install an older version of Gentoo in order for this to work?

No, never. You can use the last portage.

 Do i need to flag the boot in some way with options in order to get
 this to install?

I can be wrong, but I believe the livecd is i686, so will not run in
your box (pentium-mmx is i586).
You can use another livecd to do the chroot, btw.


-- 
Daniel de Oliveira

Network and System Analyst
Security Specialist
IBM RISC Specialist
IBM Storage Specialist
Linux/Unix Specialist
Linux User #: 405334

RE: [gentoo-user] really old box for a firewall

[Adam Carter]

 have here (pentium-mmx) into a firewall/router.
 I tried a live cd, with the intent of building up a 32bit chroot in my
 big box, and syncing it into the old one. (All 64bit native in the
 studio boxes)

 when i inserted the live cd to begin the process, i got an error
 message at boot which said (along the lines of ):

 There is a feature missing in your CPU (0:15). and the live
 cd cannot boot.

Pentium-mmx is i586, so the usual i686 livecds wont work. The install cds are 
called x86, so I assume that means they're i386 and should be ok, otherwise;
http://www.gentoo.org/doc/en/altinstall.xml

 Do i need to install an older version of Gentoo in order for
 this to work?

Gentoo doesn't really have versions...

 Do i need to flag the boot in some way with options in order to get
 this to install?

 I'm on PPTP cable with a vpn address from the provider. Will an older
 version of Gentoo be capable of handling this protocol?

Since gentoo doesn't have versions, you will be able to run any software that 
you run on any other Gentoo box.

Re: [gentoo-user] really old box for a firewall

[alex stone]

Thank you gentlemen. That gives me something to chase.

The help is appreciated.

Alex.

On Tue, Apr 28, 2009 at 4:18 AM, Adam Carter adam.car...@optus.com.au wrote:
 have here (pentium-mmx) into a firewall/router.
 I tried a live cd, with the intent of building up a 32bit chroot in my
 big box, and syncing it into the old one. (All 64bit native in the
 studio boxes)

 when i inserted the live cd to begin the process, i got an error
 message at boot which said (along the lines of ):

 There is a feature missing in your CPU (0:15). and the live
 cd cannot boot.

 Pentium-mmx is i586, so the usual i686 livecds wont work. The install cds are 
 called x86, so I assume that means they're i386 and should be ok, otherwise;
 http://www.gentoo.org/doc/en/altinstall.xml

 Do i need to install an older version of Gentoo in order for
 this to work?

 Gentoo doesn't really have versions...

 Do i need to flag the boot in some way with options in order to get
 this to install?

 I'm on PPTP cable with a vpn address from the provider. Will an older
 version of Gentoo be capable of handling this protocol?

 Since gentoo doesn't have versions, you will be able to run any software that 
 you run on any other Gentoo box.





-- 
Parchment Studios (It started as a joke...)

Re: [gentoo-user] conflict in update

[Mike Kazantsev]

On Mon, 27 Apr 2009 23:28:26 +0100
Neil Bothwick n...@digimed.co.uk wrote:

 Nothing as clever as that. I simply
 
 echo cat/pkg /etc/portage/sets/temp
 
 and have @temp in /var/lib/portage/world_sets
 
 Each week I look at the set and decide what should be removed or
 transferred to world.

That brought me to an idea that a simple wrapper script with echo 
emerge will suffice. Nice idea, thanks.

-- 
Mike Kazantsev // fraggod.net


signature.asc
Description: PGP signature

[gentoo-user] Re: really old box for a firewall

[James]

alex stone compose59 at gmail.com writes:


 So with that in mind, i have an interest in turning a very old box i
 have here (pentium-mmx) into a firewall/router.


Ah, I do this all the time.


Use knoppix to boot your target mmx system into a viable linux.
Follow the handbook and get the system so you can ssh into it.
Run 'lspci' and note what hardware you have, for building a
kernel later on.

Once you go chroot and grab the tarballs 

(Code Listing 2.5: Unpacking the stage
# tar xvjpf stage3-*.tar.bz2 )

and

(Code Listing 3.4: Extracting the Portage snapshot
# tar xvjf /mnt/gentoo/portage-latest.tar.bz2 -C /mnt/gentoo/usr)


Continue to follow the handbook.


It's kind of funky, but, gentoo does not really support
it's own install media anymore. I think it's
some sort of test, to see how thick your
skin is.



Understand that we now have autobuilds but the docs
have not been updated to reflect those changes yet.

hth,


James