Re: [gentoo-user] PORTAGE_COMPRESS

[Daniel Troeder]

Am 02.04.2014 14:27, schrieb Douglas J Hunley:
 I was reviewing my Portage settings yesterday and I noticed that I have
 PORTAGE_COMPRESS set (to bzip2, the default) on both of my servers and
 it occurred to me that both of these servers have filesystems that
 support compression (btrfs on one, zfs on the other). So I'm wondering
 if it still makes sense to have PORTAGE_COMPRESS set or if I should
 unset it and just let the fs-level compression handle it.  Portage is
 already slow, why have it take the time to do this when the fs does it
 better and transparently? Thoughts on the matter?
I think you have a good point disabling portage compression, but I
wanted to correct one statement: Decompression in the kernel takes as
much time as decompression in userspace - if it's the same algorithm.

The differences here are:
* creation of an additional process (bz[ip2, cat]), negligible compared
to the cpu time compression takes
* bz[ip2, cat] runs in user space (safer) vs in kernel space (risky)
* different [de]compression algorithm (fs usually uses weaker but faster
compression algorithms like lz4, lzo or gz)
* different [de]compression setting (portage uses -9, kernel at best -6
- the difference in the resulting file size is small, but the difference
in used cpu time is high)

For me two things decide the question:
* Assuming you write more man pages than you read, and disk space is not
an issue, a weaker compression ratio to save cpu time makes sense.
* If you have compression _already_ on for the fs, then compressing
textual data before storing it on that fs is a waist of cpu time:

For example LZ4 will detect already compressed data (compression ratio
12.5%), abort compression and store the file uncompressed. That's nice,
but it means that it has already compressed some blocks, before it could
measure it - waisting cpu time.

Greetings,
Daniel


-- 
Get my PGP key at:
*
http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887
* $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887



signature.asc
Description: OpenPGP digital signature

[gentoo-user] Honeypot distro?

[Pandu Poluan]

My company ended up with several 'ancient' HP ProLiant G4 servers.

We're thinking of setting up honeypots there.

Although I know Gentoo is perfectly capable of becoming a honeypot, we
currently prefer something... less involving in deployment :-D

Now, since this mailing list unarguably contains the 'creme de la
creme' of Linux users in the world... maybe you can help me in
choosing a honeypot distro?

I've been looking at several, such as ADHD or Stratagem or
Honeydrive, also stalwarts such as BackTrack ... but I still can't
make up my mind yet.

TIA!

Rgds,
-- 
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pandu.poluan.info/blog/
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-user] Honeypot distro?

[hasufell]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Gentoo.
-BEGIN PGP SIGNATURE-

iQJ8BAEBCgBmBQJTPS7RXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMDlCNDQ4NjEyNDI4NjA5REVEMDI3MzIy
MjBDRDFDNUJERUVEMDIwAAoJECIM0cW97tAgEE4QAJwEDQaUdUbzIu1Yr+vN94qN
fNlz9dydP7fEHhh+ohkxRMT1fP736KpSelmIMRqdV8PpF6Rw/MbsD55zGt5v3JVP
9S4Bx5bMizovtHreDv2RhPnsjQos5OV2tpaSnCU84OEbF5ojzI+e8nrOE6aGyJ6t
gcXmOlyjlugxPjRxdkPC+IiAVe5KAoDpMZhdNJy+e34FtyZDiYPjGt+7bTwHNNvq
rm8iZiq/vMksicXXw4zxGjQRcdLykkIZ2HN1rjl+7Q9o4K/rRId0UncLynybj7dc
3y04MvL5BZUE9uXKTNVgtrd7CJ1ARCq7n8ILqH4q74v4Jd0WSn0YnwOZzdQwEYGa
erav+OwJ0KsHDsfSusD4by2nTx/halpnZo8Z8y3OjqROMBoSluV1I2WkxVS8L8b4
0lEz4lyuHBXFktNjyQyZzFSfz6zzyKVo3MgLi5xxj64V1XZPq3rIW9PYwt0NTlH3
ZkBtFZTMd5RRrBZzVcxugjE6V+XzQwK3lVKKL8Rz9yhXH52ReBxlMI2WxL1UXYiL
zGsxc2abSWgROy7oi+Dvtj9E5carM7r/gNm/mZSQL/zlGUzyqNDAv33/5mBToAPW
EoQx35iXyAILmPJEZ2a+NHc+OGRH9bwXY03XDCWrgUTR9KQq3v6z2xbCWpYBMnAC
6ssLl35I1YGtAdkSH1hv
=kpA4
-END PGP SIGNATURE-

Re: [gentoo-user] How to appoint python version for a package

[Tom Wijsman]

On Thu, 3 Apr 2014 13:15:59 +0800
林守磊 linxiu...@gmail.com wrote:

 @all
 
 I found that is a bug from package pygments-1.6_p20140324, and I
 downgrade to 1.6-r1. problem solved !
 
 @Tom that mean pygments-1.6_p20140324 do not support python3_2, thank
 you a lot

Indeed. Bugs appear to have been filed about this:

https://bugs.gentoo.org/show_bug.cgi?id=470962
https://bugs.gentoo.org/show_bug.cgi?id=489198

-- 
With kind regards,

Tom Wijsman (TomWij)
Gentoo Developer

E-mail address  : tom...@gentoo.org
GPG Public Key  : 6D34E57D
GPG Fingerprint : C165 AF18 AB4C 400B C3D2  ABF0 95B2 1FCD 6D34 E57D

[gentoo-user] converting openrc's dmesg to systemd service file

[Douglas J Hunley]

I'm sure this is way more trivial than I'm making it out to be, but how in
the world would one converty /etc/init.d/dmesg to a systemd service file?
Is there a good online pointer about building service files?

-- 
Douglas J Hunley (doug.hun...@gmail.com)
Twitter: @hunleyd   Web:
douglasjhunley.com
G+: http://google.com/+DouglasHunley

Re: [gentoo-user] my gnome-shell break

[Nilesh Govindrajan]

Did you try deleting ~/. *? Sometimes simple things like those help.
Take a backup first.

Sorry for top post, sent from mobile.
On 03-Apr-2014 6:48 am, 林守磊 linxiu...@gmail.com wrote:

 Hi all
 I use gnome-shell-3.10.4-r1

 some problem happen when I upgrade from 3.8, such as  wall-picture
 disappeared, word of clock break

 attached my screenshotsPortage 2.2.10
 (default/linux/amd64/13.0/desktop/gnome, gcc-4.8.2, glibc-2.19,
 3.13.5-gentoo-shelley x86_64)
 =
  System Settings
 =
 System uname:
 Linux-3.13.5-gentoo-shelley-x86_64-Intel-R-_Core-TM-_i5_CPU_M_480_@
 _2.67GHz-with-gentoo-2.2
 KiB Mem: 7970940 total,   4488632 free
 KiB Swap:2097148 total,   2097148 free
 Timestamp of tree: Wed, 02 Apr 2014 21:45:01 +
 ld GNU ld (GNU Binutils) 2.24
 app-shells/bash:  4.2_p46
 dev-java/java-config: 2.2.0
 dev-lang/python:  2.6.9, 2.7.6, 3.2.5-r3, 3.3.5, 3.4.0
 dev-util/cmake:   2.8.12.2
 dev-util/pkgconfig:   0.28-r1
 sys-apps/baselayout:  2.2
 sys-apps/openrc:  0.12.4
 sys-apps/sandbox: 2.6-r1
 sys-devel/autoconf:   2.13, 2.69
 sys-devel/automake:   1.11.6, 1.14.1
 sys-devel/binutils:   2.24-r2
 sys-devel/gcc:4.5.4, 4.8.2
 sys-devel/gcc-config: 1.8
 sys-devel/libtool:2.4.2
 sys-devel/make:   4.0-r1
 sys-kernel/linux-headers: 3.14 (virtual/os-headers)
 sys-libs/glibc:   2.19
 Repositories: gentoo x-portage gentoo-zh sublime-text
 ACCEPT_KEYWORDS=amd64 ~amd64
 ACCEPT_LICENSE=* -@EULA
 CBUILD=x86_64-pc-linux-gnu
 CFLAGS=-march=native -O2 -pipe
 CHOST=x86_64-pc-linux-gnu
 CONFIG_PROTECT=/etc /usr/share/gnupg/qualified.txt
 CONFIG_PROTECT_MASK=/etc/ca-certificates.conf /etc/dconf /etc/env.d
 /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild
 /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d
 /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c
 CXXFLAGS=-march=native -O2 -pipe
 DISTDIR=/usr/portage/distfiles
 FCFLAGS=-O2 -pipe
 FEATURES=assume-digests binpkg-logs config-protect-if-modified distlocks
 ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs
 protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs
 unmerge-orphans userfetch userpriv usersandbox usersync
 FFLAGS=-O2 -pipe
 GENTOO_MIRRORS=http://mirrors.aliyun.com/gentoo/
 http://mirrors.163.com/gentoo/;
 LANG=en_US.utf8
 LC_ALL=en_US.utf8
 LDFLAGS=-Wl,-O1 -Wl,--as-needed
 MAKEOPTS=-j5
 PKGDIR=/usr/portage/packages
 PORTAGE_CONFIGROOT=/
 PORTAGE_RSYNC_OPTS=--recursive --links --safe-links --perms --times
 --omit-dir-times --compress --force --whole-file --delete --stats
 --human-readable --timeout=180 --exclude=/distfiles --exclude=/local
 --exclude=/packages
 PORTAGE_TMPDIR=/var/tmp
 PORTDIR=/usr/portage
 PORTDIR_OVERLAY=/usr/local/portage /var/lib/layman/gentoo-zh
 /var/lib/layman/sublime-text
 SYNC=rsync://mirrors.163.com/gentoo-portage
 USE=X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo
 cdda cdr cli colord consolekit cracklib crypt cups cxx dbus dri dts dvd
 dvdr eds emboss encode evo exif fam firefox flac fortran gdbm gif gnome
 gnome-keyring gnome-online-accounts gpm gstreamer gtk iconv introspection
 jpeg lcms ldap libnotify libsecret mad mmx mng modules mp3 mp4 mpeg
 multilib nautilus ncurses nls nptl ogg opengl openmp pam pango pcre pdf png
 policykit ppds pulseaudio qt3support qt4 readline sdl session socialweb
 spell sse sse2 sse3 ssl startup-notification svg systemd tcpd tiff truetype
 udev udisks unicode upower usb utf vim-syntax vorbis wxwidgets x264 xcb
 xinerama xml xv xvid zlib ABI_X86=64 ALSA_CARDS=ali5451 als4000 atiixp
 atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968
 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx
 via82xx-modem ymfpci APACHE2_MODULES=authn_core authz_core socache_shmcb
 unixd actions alias auth_basic authn_alias authn_anon authn_dbm
 authn_default authn_file authz_dbm authz_default authz_groupfile authz_host
 authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate
 dir disk_cache env expires ext_filter file_cache filter headers include
 info log_config logio mem_cache mime mime_magic negotiation rewrite
 setenvif speling status unique_id userdir usertrack vhost_alias
 CALLIGRA_FEATURES=kexi words flow plan sheets stage tables krita karbon
 braindump author CAMERAS=ptp2 COLLECTD_PLUGINS=df interface irq load
 memory rrdtool swap syslog DRACUT_MODULES=lvm ELIBC=glibc
 GPSD_PROTOCOLS=ashtech aivdm earthmate evermore fv18 garmin garmintxt
 gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore
 rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx
 GRUB_PLATFORMS=pc INPUT_DEVICES=keyboard mouse evdev KERNEL=linux
 LCD_DEVICES=bayrad cfontz cfontz633 glk hd44780 lb216 

[gentoo-user] Self-signed certificate Apache

[Peter Humphrey]

Hello list,

Almost there now...

After receiving help from Mick K and the list (thanks again!) I've now some 
idea of what I'm doing.

I've installed OwnCloud to be served over SSL. I've followed the instructions 
here[1] to create a self-signed certificate, which is in two files: cloud.crt 
and cloud.key. I put both of those under /etc/apache2/private. I ignored the 
vague references to intermediate files. The command I gave was:

# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cloud.key -out 
cloud.crt

Now when I start Apache I get this warning, twice:

RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

Is this to be expected, or is anyone visiting (none expected though) likely to 
think I'm masquerading as a certification authority?

[1] 
http://www.sslshopper.com/article-how-to-create-and-install-an-apache-self-signed-certificate.html

-- 
Regards
Peter

Re: [gentoo-user] Self-signed certificate Apache

[Alan McKinnon]

On 03/04/2014 16:24, Peter Humphrey wrote:
 Hello list,
 
 Almost there now...
 
 After receiving help from Mick K and the list (thanks again!) I've now some 
 idea of what I'm doing.
 
 I've installed OwnCloud to be served over SSL. I've followed the instructions 
 here[1] to create a self-signed certificate, which is in two files: cloud.crt 
 and cloud.key. I put both of those under /etc/apache2/private. I ignored the 
 vague references to intermediate files. The command I gave was:
 
 # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cloud.key -out 
 cloud.crt
 
 Now when I start Apache I get this warning, twice:
 
 RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
 
 Is this to be expected, or is anyone visiting (none expected though) likely 
 to 
 think I'm masquerading as a certification authority?
 
 [1]   
 http://www.sslshopper.com/article-how-to-create-and-install-an-apache-self-signed-certificate.html
 


What you've done works but you didn't do it the way Apache thinks these
things work. You created a signing certs that is to be used to sign
other certs, but instead used it as your SSL cert. Apache thinks this is
unusual enough to warrant a log entry.

To be truthful you don't want to do it that way if only because it's
contrary to what other pros except you to have done.

Third comment in this blog post gives excellent advice on how to do it
better:

http://www.turnkeylinux.org/forum/support/20121228/rsa-server-certificate-ca-certificate-error

-- 
Alan McKinnon
alan.mckin...@gmail.com

Re: [gentoo-user] Kworker use 80% of CPU

[Gleb Klochkov]

Hi everybody, and thank you all!
Excuse me, I did not answer for a long time.
The problem is fixed for now. I delete all old kernels initrd and configs.
The only question now is: why just upgrade to new kernel don`t fix it. For
new kernel it should use default config, shouldn`t it?



С уважением, Клочков Глеб


2014-03-21 14:31 GMT+04:00 Volker Armin Hemmann volkerar...@googlemail.com
:

 Am 20.03.2014 11:24, schrieb Tom Wijsman:
  On Thu, 20 Mar 2014 11:39:58 +0400
  Gleb Klochkov glebiu...@gmail.com wrote:
 
  Tom, thank you for your answer.
 
  $ dmesg  http://bpaste.net/show/187533/
  There this can be seen:
 
  [   18.074574] [drm] Wrong MCH_SSKPD value: 0x16040307
  [   18.074575] [drm] This can cause pipe underruns and display
  issues.
  [   18.074575] [drm] Please upgrade your BIOS to fix this.
  [   18.148162] [drm] GMBUS [i915 gmbus vga] timed out, falling back
  to bit banging on pin 2
 
  Above your messages seem interesting; some expected value is wrong, it
  also times out on a bus and then goes to use a pin instead. Not sure
  how much of this is intended, but try to upgrade your BIOS as suggested.
 
  $ cat /proc/interrupts  http://bpaste.net/show/187537/
  So, that would be this:
 
  8: 63 0 0 0 IO-APIC-edge rtc0
 
  Hmm, nothing about it in the dmesg; also, 63 seems low (on my system,
  however, it's only 1 as I think my system uses something different).
 
  You can try a different timer using this kernel parameter:
 
  clocksource=hpet
 
  Another note-worthy thing:
 
  9: 699799454 0 0 0 IO-APIC-fasteoi acpi
 
  That there are ~700 million ACPI interrupts seems abnormally high;
  maybe the count is off by one, and 8 refers to 9? On my system, that's
  been running for a while by now, it's only at ~6000 (six thousand).

 uptime
  11:29:37 up 49 days, 15:48, 16 users,  load average: 0,38, 0,31, 0,39

8:  0  0  0 48   IO-APIC-edge  rtc0
9:  0  0  0  0   IO-APIC-fasteoi   acpi


 
  Changing the ACPI related kernel parameters to try to get it supported
  differently might be one thing to do here; other than that, it might be
  something going on with the hardware (try disconnecting things?) so the
  BIOS upgrade is certainly of interest.
 
  Try the BIOS upgrade first, then play around with the parameters; if
  things don't work out, I suggest you look for support on one of the
  Linux kernel mailing lists (perhaps acpi-devel*). Good luck.
 
   * https://lists.sourceforge.net/lists/listinfo/acpi-devel
 
 imho he should first use a recent VANILLA kernel. 2.12 or 2.13.

 And build a config without all that unneeded garbage. Also increase the
 dmesg buffer. Most interesting stuff is missing.

Re: [gentoo-user] Kworker use 80% of CPU

[Alan McKinnon]

On 03/04/2014 17:20, Gleb Klochkov wrote:
 Hi everybody, and thank you all!
 Excuse me, I did not answer for a long time.
 The problem is fixed for now. I delete all old kernels initrd and configs.
 The only question now is: why just upgrade to new kernel don`t fix it.
 For new kernel it should use default config, shouldn`t it?


Please don't top post. It messes with people's mail apps.

The kernel is self-contained. You can have 1 or 100 kernels in /boot,
the only one that applies is the one you booted with. The other 99 have
exactly zero influence over the one that is running. The config settings
to kernel is built with are whatever you told it to use. If you don;t
run *config at all, then the default settings are used. If it builds and
runs, then it built and ran. The default config is nothing special, it's
just a config.

So that's not it, and it's not some magic influence.

Most likely you had stuff mixed up in /boot and the image you booted
from is not the one you thought you booted from. Or the initrd is out of
sync.

Something like that - it will be human error.

I'll say it again because it is important - there is no magic
interaction between kernel images and you can have as many as you want.


There's another possibility: some userspace app on your system was the
real problem and you updated it meanwhile, fixing things. You also
deleted old kernels and now wrongly think that is what fixed it.

 
 
 
 С уважением, Клочков Глеб
 
 
 2014-03-21 14:31 GMT+04:00 Volker Armin Hemmann
 volkerar...@googlemail.com mailto:volkerar...@googlemail.com:
 
 Am 20.03.2014 11:24, schrieb Tom Wijsman:
  On Thu, 20 Mar 2014 11:39:58 +0400
  Gleb Klochkov glebiu...@gmail.com mailto:glebiu...@gmail.com
 wrote:
 
  Tom, thank you for your answer.
 
  $ dmesg  http://bpaste.net/show/187533/
  There this can be seen:
 
  [   18.074574] [drm] Wrong MCH_SSKPD value: 0x16040307
  [   18.074575] [drm] This can cause pipe underruns and display
  issues.
  [   18.074575] [drm] Please upgrade your BIOS to fix this.
  [   18.148162] [drm] GMBUS [i915 gmbus vga] timed out, falling
 back
  to bit banging on pin 2
 
  Above your messages seem interesting; some expected value is wrong, it
  also times out on a bus and then goes to use a pin instead. Not sure
  how much of this is intended, but try to upgrade your BIOS as
 suggested.
 
  $ cat /proc/interrupts  http://bpaste.net/show/187537/
  So, that would be this:
 
  8: 63 0 0 0 IO-APIC-edge rtc0
 
  Hmm, nothing about it in the dmesg; also, 63 seems low (on my system,
  however, it's only 1 as I think my system uses something different).
 
  You can try a different timer using this kernel parameter:
 
  clocksource=hpet
 
  Another note-worthy thing:
 
  9: 699799454 0 0 0 IO-APIC-fasteoi acpi
 
  That there are ~700 million ACPI interrupts seems abnormally high;
  maybe the count is off by one, and 8 refers to 9? On my system, that's
  been running for a while by now, it's only at ~6000 (six thousand).
 
 uptime
  11:29:37 up 49 days, 15:48, 16 users,  load average: 0,38, 0,31, 0,39
 
8:  0  0  0 48   IO-APIC-edge
  rtc0
9:  0  0  0  0   IO-APIC-fasteoi
   acpi
 
 
 
  Changing the ACPI related kernel parameters to try to get it supported
  differently might be one thing to do here; other than that, it
 might be
  something going on with the hardware (try disconnecting things?)
 so the
  BIOS upgrade is certainly of interest.
 
  Try the BIOS upgrade first, then play around with the parameters; if
  things don't work out, I suggest you look for support on one of the
  Linux kernel mailing lists (perhaps acpi-devel*). Good luck.
 
   * https://lists.sourceforge.net/lists/listinfo/acpi-devel
 
 imho he should first use a recent VANILLA kernel. 2.12 or 2.13.
 
 And build a config without all that unneeded garbage. Also increase the
 dmesg buffer. Most interesting stuff is missing.
 
 


-- 
Alan McKinnon
alan.mckin...@gmail.com

Re: [gentoo-user] converting openrc's dmesg to systemd service file

[Canek Peláez Valdés]

On Thu, Apr 3, 2014 at 7:25 AM, Douglas J Hunley doug.hun...@gmail.com wrote:
 I'm sure this is way more trivial than I'm making it out to be, but how in
 the world would one converty /etc/init.d/dmesg to a systemd service file?

Mmmh. Seeing [1], I really don't think that's a *service*. It's the
kind of abuse that SysV scripts usually fall into.

What do you want to accomplish? Less output in the console when
booting with systemd? Then you can set the quiet *kernel* command
line. If you want systemd to be more (or less) verbose, then you can
pass it different arguments in the kernel command line; see [2].

 Is there a good online pointer about building service files?

The guide in [3] is a start; but I don't think it will help you, since
/etc/init.d/dmesg is not a service. Is a hack to control console
output behavior jammed into the init system because why not.

Regards.

[1] 
http://git.overlays.gentoo.org/gitweb/?p=proj/openrc.git;a=blob;f=init.d/dmesg.in;h=5b001fca7542ce7e003af30ca49fdf471efd8871;hb=HEAD
[2] 
http://www.freedesktop.org/software/systemd/man/systemd.html#Kernel%20Command%20Line
[3] http://0pointer.de/blog/projects/systemd-for-admins-3.html
-- 
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México

Re: [gentoo-user] converting openrc's dmesg to systemd service file

[Alan McKinnon]

On 03/04/2014 17:35, Canek Peláez Valdés wrote:
 On Thu, Apr 3, 2014 at 7:25 AM, Douglas J Hunley doug.hun...@gmail.com 
 wrote:
 I'm sure this is way more trivial than I'm making it out to be, but how in
 the world would one converty /etc/init.d/dmesg to a systemd service file?
 
 Mmmh. Seeing [1], I really don't think that's a *service*. It's the
 kind of abuse that SysV scripts usually fall into.
 
 What do you want to accomplish? Less output in the console when
 booting with systemd? Then you can set the quiet *kernel* command
 line. If you want systemd to be more (or less) verbose, then you can
 pass it different arguments in the kernel command line; see [2].
 
 Is there a good online pointer about building service files?
 
 The guide in [3] is a start; but I don't think it will help you, since
 /etc/init.d/dmesg is not a service. Is a hack to control console
 output behavior jammed into the init system because why not.
 
 Regards.
 
 [1] 
 http://git.overlays.gentoo.org/gitweb/?p=proj/openrc.git;a=blob;f=init.d/dmesg.in;h=5b001fca7542ce7e003af30ca49fdf471efd8871;hb=HEAD
 [2] 
 http://www.freedesktop.org/software/systemd/man/systemd.html#Kernel%20Command%20Line
 [3] http://0pointer.de/blog/projects/systemd-for-admins-3.html
 

Let's be fair to SysV init though. This is not a hack in the true sense
of the word as SysV doesn't impose the concept of a service as such.
It's more of a $DO_STUFF_HERE concept, as in:

- start pid 1
- read /etc/inittab
- DO_STUFF_HERE (determined by /etc/rc.d/*)
- run login on consoles

SysV init pays no attention to what the various STUFF might be so they
can correctly be anything and are considered to be unmanaged.

Systemd is an effort to categorize things, and to get them consistent,
manageable and *managed*. As such, dmesg indeed does not belong with
services, but somewhere else.


-- 
Alan McKinnon
alan.mckin...@gmail.com

Re: [gentoo-user] converting openrc's dmesg to systemd service file

[Tom H]

On Thu, Apr 3, 2014 at 9:25 AM, Douglas J Hunley doug.hun...@gmail.com wrote:

 I'm sure this is way more trivial than I'm making it out to be, but how in
 the world would one converty /etc/init.d/dmesg to a systemd service file? Is
 there a good online pointer about building service files?

Rather than create a service, drop a conf file into /etc/sysctl.d/
to set kernel.printk where the first of the four levels is the
dmesg_level of /etc/conf.d/dmesg.

Re: [gentoo-user] converting openrc's dmesg to systemd service file

[Douglas J Hunley]

On Thu, Apr 3, 2014 at 1:04 PM, Tom H tomh0...@gmail.com wrote:

 Rather than create a service, drop a conf file into /etc/sysctl.d/
 to set kernel.printk where the first of the four levels is the
 dmesg_level of /etc/conf.d/dmesg.


ah, there it is. trivial. :)

thanks!


-- 
Douglas J Hunley (doug.hun...@gmail.com)
Twitter: @hunleyd   Web:
douglasjhunley.com
G+: http://google.com/+DouglasHunley

Re: [gentoo-user] Self-signed certificate Apache

[Mick]

On Thursday 03 Apr 2014 15:42:13 Alan McKinnon wrote:
 On 03/04/2014 16:24, Peter Humphrey wrote:
  Hello list,
  
  Almost there now...
  
  After receiving help from Mick K and the list (thanks again!) I've now
  some idea of what I'm doing.
  
  I've installed OwnCloud to be served over SSL. I've followed the
  instructions here[1] to create a self-signed certificate, which is in
  two files: cloud.crt and cloud.key. I put both of those under
  /etc/apache2/private. I ignored the vague references to intermediate
  files. The command I gave was:
  
  # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cloud.key
  -out cloud.crt
  
  Now when I start Apache I get this warning, twice:
  
  RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE
  !?)
  
  Is this to be expected, or is anyone visiting (none expected though)
  likely to think I'm masquerading as a certification authority?
  
  [1] http://www.sslshopper.com/article-how-to-create-and-install-an-apache
  -self-signed-certificate.html
 
 What you've done works but you didn't do it the way Apache thinks these
 things work. You created a signing certs that is to be used to sign
 other certs, but instead used it as your SSL cert. Apache thinks this is
 unusual enough to warrant a log entry.
 
 To be truthful you don't want to do it that way if only because it's
 contrary to what other pros except you to have done.
 
 Third comment in this blog post gives excellent advice on how to do it
 better:
 
 http://www.turnkeylinux.org/forum/support/20121228/rsa-server-certificate-c
 a-certificate-error

As Alan said, you have created a self-signed certificate, which in essence 
acts as its own Certification Authority (both Issuer and Subject are the 
same).  Every CA root certificate is a self-signed certificate, but they are 
typically only used to sign other certificates with, intermediate, or end 
certificates.  You configure your client to trust the CA certificate and then 
it will also trust any certificate signed by it.

If you examine the X509 structure, you will see a field like this:

X509v3 Basic Constraints:
CA:TRUE

If it were an intermediate certificate it would say:

X509v3 Basic Constraints:
CA:FALSE

This is what your browser is warning you about.  Anyone visiting the web page 
will either abort thinking that there is something dodgy with the server, or 
click fast on the ignore button on their browser and carry on.  In this case 
they could well fall victim of a man-in-the-middle attack - if they do not 
check the content of the certificate and assure themselves that they are 
visiting the domain they intended to visit.  Illegitimate certificates would 
complain in the same manner.

In any case, unless you obtain a certificate which has been signed by a CA 
that is included in the default browser root CA certificates, random visitors 
are bound to get a browser warning about the CA that issued the certificate 
not being recognised as a trusted root CA by the browser.

If they are instructed by you to accept said certificate as a trusted root CA 
in their browser, then the problem will go away as long as they are using the 
same browser on each visit.

-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.

[gentoo-user] Portage did not remerge dev-perl/XML-Parser after upgrading perl,

[林守磊]

Portage did not remerge dev-perl/XML-Parser after I upgrade perl, which
case new perl can't  require XML::Parser

do revdep-rebuild will sovle it ?

Re: [gentoo-user] Portage did not remerge dev-perl/XML-Parser after upgrading perl,

[Nilesh Govindrajan]

On 04-Apr-2014 6:55 am, 林守磊 linxiu...@gmail.com wrote:

 Portage did not remerge dev-perl/XML-Parser after I upgrade perl, which
case new perl can't  require XML::Parser

 do revdep-rebuild will sovle it ?

perl-cleaner --all

Re: [gentoo-user] my gnome-shell break

[林守磊]

What the path of gnome-shell log,  maybe some error log can trace the
problem


PS: I use journal


2014-04-03 21:28 GMT+08:00 Nilesh Govindrajan m...@nileshgr.com:

 Did you try deleting ~/. *? Sometimes simple things like those help.
 Take a backup first.

 Sorry for top post, sent from mobile.
 On 03-Apr-2014 6:48 am, 林守磊 linxiu...@gmail.com wrote:

 Hi all
 I use gnome-shell-3.10.4-r1

 some problem happen when I upgrade from 3.8, such as  wall-picture
 disappeared, word of clock break

 attached my screenshotsPortage 2.2.10
 (default/linux/amd64/13.0/desktop/gnome, gcc-4.8.2, glibc-2.19,
 3.13.5-gentoo-shelley x86_64)
 =
  System Settings
 =
 System uname:
 Linux-3.13.5-gentoo-shelley-x86_64-Intel-R-_Core-TM-_i5_CPU_M_480_@
 _2.67GHz-with-gentoo-2.2
 KiB Mem: 7970940 total,   4488632 free
 KiB Swap:2097148 total,   2097148 free
 Timestamp of tree: Wed, 02 Apr 2014 21:45:01 +
 ld GNU ld (GNU Binutils) 2.24
 app-shells/bash:  4.2_p46
 dev-java/java-config: 2.2.0
 dev-lang/python:  2.6.9, 2.7.6, 3.2.5-r3, 3.3.5, 3.4.0
 dev-util/cmake:   2.8.12.2
 dev-util/pkgconfig:   0.28-r1
 sys-apps/baselayout:  2.2
 sys-apps/openrc:  0.12.4
 sys-apps/sandbox: 2.6-r1
 sys-devel/autoconf:   2.13, 2.69
 sys-devel/automake:   1.11.6, 1.14.1
 sys-devel/binutils:   2.24-r2
 sys-devel/gcc:4.5.4, 4.8.2
 sys-devel/gcc-config: 1.8
 sys-devel/libtool:2.4.2
 sys-devel/make:   4.0-r1
 sys-kernel/linux-headers: 3.14 (virtual/os-headers)
 sys-libs/glibc:   2.19
 Repositories: gentoo x-portage gentoo-zh sublime-text
 ACCEPT_KEYWORDS=amd64 ~amd64
 ACCEPT_LICENSE=* -@EULA
 CBUILD=x86_64-pc-linux-gnu
 CFLAGS=-march=native -O2 -pipe
 CHOST=x86_64-pc-linux-gnu
 CONFIG_PROTECT=/etc /usr/share/gnupg/qualified.txt
 CONFIG_PROTECT_MASK=/etc/ca-certificates.conf /etc/dconf /etc/env.d
 /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild
 /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d
 /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c
 CXXFLAGS=-march=native -O2 -pipe
 DISTDIR=/usr/portage/distfiles
 FCFLAGS=-O2 -pipe
 FEATURES=assume-digests binpkg-logs config-protect-if-modified distlocks
 ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs
 protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs
 unmerge-orphans userfetch userpriv usersandbox usersync
 FFLAGS=-O2 -pipe
 GENTOO_MIRRORS=http://mirrors.aliyun.com/gentoo/
 http://mirrors.163.com/gentoo/;
 LANG=en_US.utf8
 LC_ALL=en_US.utf8
 LDFLAGS=-Wl,-O1 -Wl,--as-needed
 MAKEOPTS=-j5
 PKGDIR=/usr/portage/packages
 PORTAGE_CONFIGROOT=/
 PORTAGE_RSYNC_OPTS=--recursive --links --safe-links --perms --times
 --omit-dir-times --compress --force --whole-file --delete --stats
 --human-readable --timeout=180 --exclude=/distfiles --exclude=/local
 --exclude=/packages
 PORTAGE_TMPDIR=/var/tmp
 PORTDIR=/usr/portage
 PORTDIR_OVERLAY=/usr/local/portage /var/lib/layman/gentoo-zh
 /var/lib/layman/sublime-text
 SYNC=rsync://mirrors.163.com/gentoo-portage
 USE=X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo
 cdda cdr cli colord consolekit cracklib crypt cups cxx dbus dri dts dvd
 dvdr eds emboss encode evo exif fam firefox flac fortran gdbm gif gnome
 gnome-keyring gnome-online-accounts gpm gstreamer gtk iconv introspection
 jpeg lcms ldap libnotify libsecret mad mmx mng modules mp3 mp4 mpeg
 multilib nautilus ncurses nls nptl ogg opengl openmp pam pango pcre pdf png
 policykit ppds pulseaudio qt3support qt4 readline sdl session socialweb
 spell sse sse2 sse3 ssl startup-notification svg systemd tcpd tiff truetype
 udev udisks unicode upower usb utf vim-syntax vorbis wxwidgets x264 xcb
 xinerama xml xv xvid zlib ABI_X86=64 ALSA_CARDS=ali5451 als4000 atiixp
 atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968
 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx
 via82xx-modem ymfpci APACHE2_MODULES=authn_core authz_core socache_shmcb
 unixd actions alias auth_basic authn_alias authn_anon authn_dbm
 authn_default authn_file authz_dbm authz_default authz_groupfile authz_host
 authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate
 dir disk_cache env expires ext_filter file_cache filter headers include
 info log_config logio mem_cache mime mime_magic negotiation rewrite
 setenvif speling status unique_id userdir usertrack vhost_alias
 CALLIGRA_FEATURES=kexi words flow plan sheets stage tables krita karbon
 braindump author CAMERAS=ptp2 COLLECTD_PLUGINS=df interface irq load
 memory rrdtool swap syslog DRACUT_MODULES=lvm ELIBC=glibc
 GPSD_PROTOCOLS=ashtech aivdm earthmate evermore fv18 garmin garmintxt
 gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore
 rtcm104v2 rtcm104v3 sirf