[gentoo-user] A bash query ...
I know that /dev/null redirects standard output , and that 2 /dev/null redirects standard error Is there an expression that redirects standard output and standard error - at present I am using the ungainly /dev/null 2 /dev/null Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] large .avi video files, re-encode ?
Hi all, I have a bunch of .avi video files that I use in a openoffice presentation, they are nice and clear but really large files (1 - 2 GB each !). I know nothing of video files, is it possible for me to re-encode them to a more efficient format without loosing quality ? Any suggestions ? Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] large .avi video files, re-encode ?
On Thursday 28 December 2006 17:39, Arturo 'Buanzo' Busleiman wrote: Dave S wrote: Hi all, I have a bunch of .avi video files that I use in a openoffice presentation, they are nice and clear but really large files (1 - 2 GB each !). I know nothing of video files, is it possible for me to re-encode them to a more efficient format without loosing quality ? I use something like this. Adapt for your usage. It takes some parameters, but it's mainly used for dvd ripping: #!/bin/sh rm frameno.avi echo DVD TITLE: $1 echo OUTPUTFILE: $2 echo SID: $3 echo AID: $4 echo Is that what you want? Press enter for OK, CTRL+C to cancel. read k mencoder dvd://$1 -sid $3 -aid $4 -ovc frameno -o frameno.avi -oac mp3lame -lameopts mode=1:vbr=2:q=6 -af volnorm -af-adv force=0 mencoder -oac copy -ovc xvid -xvidencopts bitrate=-140:me_quality=6:chroma_opt:vhq=0:pass=1 dvd://$1 -sid $3 -aid $4 -o /dev/null mencoder -oac copy -ovc xvid -xvidencopts bitrate=-140:me_quality=6:chroma_opt:vhq=0:pass=2 dvd://$1 -sid $3 -aid $4 -o $2 Check out the bitrate= parameter in the last two commands. The negative number tells mencoder to create a 1.4gb file (that's 140kilobytes, rounded up, not exact 1.4gb). -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica ¿No sabés a dónde ir a comer o tomar algo? Visitá www.vivamoslavida.com.ar LISTA DE CASAMIENTO: Cualquier Fravega a nombre de Busleiman (37520). Thanks for that I will give it a go :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] large .avi video files, re-encode ?
On Thursday 28 December 2006 17:40, Strong Cypher wrote: could you give us the original format of your video ? The .avi files were directly generated by a screen capture program Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] large .avi video files, re-encode ?
On Thursday 28 December 2006 17:39, Arturo 'Buanzo' Busleiman wrote: Dave S wrote: Hi all, I have a bunch of .avi video files that I use in a openoffice presentation, they are nice and clear but really large files (1 - 2 GB each !). I know nothing of video files, is it possible for me to re-encode them to a more efficient format without loosing quality ? I use something like this. Adapt for your usage. It takes some parameters, but it's mainly used for dvd ripping: #!/bin/sh rm frameno.avi echo DVD TITLE: $1 echo OUTPUTFILE: $2 echo SID: $3 echo AID: $4 echo Is that what you want? Press enter for OK, CTRL+C to cancel. read k mencoder dvd://$1 -sid $3 -aid $4 -ovc frameno -o frameno.avi -oac mp3lame -lameopts mode=1:vbr=2:q=6 -af volnorm -af-adv force=0 mencoder -oac copy -ovc xvid -xvidencopts bitrate=-140:me_quality=6:chroma_opt:vhq=0:pass=1 dvd://$1 -sid $3 -aid $4 -o /dev/null mencoder -oac copy -ovc xvid -xvidencopts bitrate=-140:me_quality=6:chroma_opt:vhq=0:pass=2 dvd://$1 -sid $3 -aid $4 -o $2 Check out the bitrate= parameter in the last two commands. The negative number tells mencoder to create a 1.4gb file (that's 140kilobytes, rounded up, not exact 1.4gb). -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica ¿No sabés a dónde ir a comer o tomar algo? Visitá www.vivamoslavida.com.ar LISTA DE CASAMIENTO: Cualquier Fravega a nombre de Busleiman (37520). 1GB file compressed to 5M (OK so there was not too much changing on the screen, mainly cursor some popups) - I call that a success :) Cheers Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] logcheck rule problem
Hi,
I have setup logcheck and added various filters - it works great apart from
one niggle ...
Oct 8 07:38:56 localhost exiting on signal 15
Oct 8 07:38:57 localhost syslogd 1.4.1#17ubuntu7: restart.
I can filter out the restart with
/etc/logcheck/ignore.d.server/syslogd
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslogd 1.4.1#17ubuntu7: restart.$
but I cannot find out a way of ignoring 'localhost exiting ...' it does not
have a service associated with it so I cannot create a blocking rule in the
services name.
This happens every cron.daily and so I get a message every day - kind of
irritating.
Any suggestions ?
Dave
(PS its a ubuntu system ... just err ... you guys are more tech savy :)
--
gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Re: chkrootkit LKM trojan ?
On Monday 17 July 2006 21:35, Hans-Werner Hilse wrote: Hi, On Mon, 17 Jul 2006 19:36:30 +0100 Dave S [EMAIL PROTECTED] wrote: How accurate is chkproc? If you run chkproc on a server that runs lots of short time processes it could report some false positives. chkproc compares the ps output with the /proc contents. If processes are created/killed during this operation chkproc could point out these PIDs as suspicious. That fits in with the fact that chkrootkit rkhunter now report clean ( also fits in with someone tinkering from the inside !) The problem I see here is that you can't expect chkrootkit to find something when scanning from a clean base (Live-CD) when the only hint you had was an alert from chkproc. You probably would have gotten the alert from chkrootkit in the first place. chkproc inspects the currently running system (and the /proc for the currently running kernel). I.e. if it has no signature for the rootkit itself, it can't find it again from that clean kernel. Do you have the possibility to monitor internet connections on an intermediary gateway? I think monitoring it for a few days would give you a better hint if there might be something active. And there are other things to think about. Do you have a webserver running? Nope CGI scripts? Nope PHP applications? Nope Do you have other network reachable services? Nope none outside of my LAN Were you running a firewall? Yep - a netgear router firewall, NAT state aware The past kernel bugs had very early exploit scripts. It is really a no-brainer to insert a rootkit if something lets you, say, write a script to /tmp and call it by exploitable buffer overflows, badly written CGI... And remember that there's (nearly) no possibility for a positive proof of the non-existence of a root kit. I am now seriously considering installing tripwire - To be sure of a clean tripwire database I know it means a clean install ... gulp ... -hwh -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Re: chkrootkit LKM trojan ?
On Sunday 16 July 2006 21:52, dnlt0hn5ntzhbqkv51 wrote: On Sun, 16 Jul 2006 15:54:18 -0400, Dave S [EMAIL PROTECTED] wrote: On Sunday 16 July 2006 19:54, Hemmann, Volker Armin wrote: On Sunday 16 July 2006 20:25, Dave S wrote: HI, I have a potential security problem ... and err its not on gentoo, its on ubuntu but I am not getting any response there you guys are the most tech bunch I know - Thought I would lay it on the table :) I just had an email from chkrootkit last night - --- The following suspicious files and directories were found: You have 3 process hidden for readdir command You have 3 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed --- Running chkrootkit now and all is OK [EMAIL PROTECTED]:~# [EMAIL PROTECTED]:~# chkrootkit | grep chkproc Checking `lkm'... chkproc: nothing detected [EMAIL PROTECTED]:~# I have even 'sudo install --reinstall chkrootkit' in case its binarys have been modified (paranoid) if you installed using the tools of the system, it could be worthless, because compromised. Boot from a cd and check from the cd. I understand. Booted from knoppix 5.0.1, executed a 'chroot /mnt/hda1 chkrootkit' and a 'chroot /mnt/hda1 rkhunter -c' - both scans brought back nothing. From what I have read the chkrootkit rkhunter binarys would have been from the CD and therefore untainted ? Am I correct ? Are there any other checks I can do - re-installing the system is not my preferred option :) Dave I'm a newbie, so discount this appropriately. 1. IIUC, running rkhunter/chkrootkit from knoppix simply checks the knoppix cd. 2. You want second/third opinions. IIWU, i. I'd scan the box with a Trojan signature scanner - e.g. fprotect, AntiVir, etc. from Knoppix - first assuring that you have current signatures. ii. I'd reemerge/recompile the kernel WITHOUT modules or module support, and clear out your usr/lib/modules (though IIUC, this can be foiled). iii. I'd try zeppoo. 3. Try to figure out how you got it. e.g. you installed software from an unreliable source; your privileges are screwed up; you have an unpatched server(s) running; etc. I am pretty picky about my software - have not messed with permissions its a desktop machine not running any external services. Maybe you could find the both the vector and the lkm - but understanding that the only real solution to a rootkit is restoring from a clean backup, or rebuilding :-( ... gulp ... On digging around and listening to you guys I am going to go with a false +ve. My clue came when I discovered how chkrootkit detected the problem ... How accurate is chkproc? If you run chkproc on a server that runs lots of short time processes it could report some false positives. chkproc compares the ps output with the /proc contents. If processes are created/killed during this operation chkproc could point out these PIDs as suspicious. That fits in with the fact that chkrootkit rkhunter now report clean ( also fits in with someone tinkering from the inside !) I will keep a slightly suspicious eye on the box from now on :) Cheers Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] chkrootkit LKM trojan ?
On Sunday 16 July 2006 22:25, Jerry McBride wrote: On Sunday 16 July 2006 15:54, Dave S wrote: On Sunday 16 July 2006 19:54, Hemmann, Volker Armin wrote: On Sunday 16 July 2006 20:25, Dave S wrote: HI, I have a potential security problem ... and err its not on gentoo, its on ubuntu but I am not getting any response there you guys are the most tech bunch I know - Thought I would lay it on the table :) I just had an email from chkrootkit last night - --- The following suspicious files and directories were found: You have 3 process hidden for readdir command You have 3 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed --- Running chkrootkit now and all is OK [EMAIL PROTECTED]:~# [EMAIL PROTECTED]:~# chkrootkit | grep chkproc Checking `lkm'... chkproc: nothing detected [EMAIL PROTECTED]:~# I have even 'sudo install --reinstall chkrootkit' in case its binarys have been modified (paranoid) if you installed using the tools of the system, it could be worthless, because compromised. Boot from a cd and check from the cd. I understand. Booted from knoppix 5.0.1, executed a 'chroot /mnt/hda1 chkrootkit' and a 'chroot /mnt/hda1 rkhunter -c' - both scans brought back nothing. From what I have read the chkrootkit rkhunter binarys would have been from the CD and therefore untainted ? Am I correct ? Are there any other checks I can do - re-installing the system is not my preferred option :) Dave Hi Dave, Just went through the same scare with an OLD linux server a few weeks ago. This could be a false positive... What you should do is run chkrootkit with verbose option turned on. Take the pids it show you and compare them to what's listed in /proc. Each running process has a pid and it's listed under /proc. In each pid listed under proc there's a /exe link that gives you the path to the program owning the pid. There a /status file that will give you the name of the program. There's other info there also. If there's any discrepancies between what's list in /proc and what ps tells you, you've been infected with LKM for sure. Naturally, you have to be there when chkrootkit complains... Thats the problem it was an automated email at midnight - all looks OK now - apart from my paranoia that is ... But don't stop here... You can also try running rootkit-hunter and compare the output. Done it - it reports clean You can cp known good tools (in your case, ps) from a backup to your infected box and run it to get true information. I knew a co-worker that ran tree across a suspected infected box and found a number of hidden directories on it. It was indeed infected. I will look into it. Also, if this machine was running a firewall, look in the logs. If you've kept a running archive, hopefully spanning a week or two, you may be able to figure out when and where the attack came from. Netgear firewall ADSL NAT, tea machine, router - I will have a look in the logs for anything suspicious - good idea. Hope that helps. Jerry Cheers Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] chkrootkit LKM trojan ?
HI, I have a potential security problem ... and err its not on gentoo, its on ubuntu but I am not getting any response there you guys are the most tech bunch I know - Thought I would lay it on the table :) I just had an email from chkrootkit last night - --- The following suspicious files and directories were found: You have 3 process hidden for readdir command You have 3 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed --- Running chkrootkit now and all is OK [EMAIL PROTECTED]:~# [EMAIL PROTECTED]:~# chkrootkit | grep chkproc Checking `lkm'... chkproc: nothing detected [EMAIL PROTECTED]:~# I have even 'sudo install --reinstall chkrootkit' in case its binarys have been modified (paranoid) Running rkhunter shows no problems I am at a bit off a loss and would value some advice / opinions. I can see two possibilities (a) I have a trojan, seems unlikely I am behind a netgear router firewall NAT with no incoming ports open. Running nothing more than samba, ssh and unison on the local network though I have to admit I have not hardened my system. (b) Its a false alarm - it is called by /etc/cron.daily so a lot of different scripts are called at the same time - though I have no idea what could have caused it. Any help / advice greatfully received Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] chkrootkit LKM trojan ?
On Sunday 16 July 2006 19:54, Hemmann, Volker Armin wrote: On Sunday 16 July 2006 20:25, Dave S wrote: HI, I have a potential security problem ... and err its not on gentoo, its on ubuntu but I am not getting any response there you guys are the most tech bunch I know - Thought I would lay it on the table :) I just had an email from chkrootkit last night - --- The following suspicious files and directories were found: You have 3 process hidden for readdir command You have 3 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed --- Running chkrootkit now and all is OK [EMAIL PROTECTED]:~# [EMAIL PROTECTED]:~# chkrootkit | grep chkproc Checking `lkm'... chkproc: nothing detected [EMAIL PROTECTED]:~# I have even 'sudo install --reinstall chkrootkit' in case its binarys have been modified (paranoid) if you installed using the tools of the system, it could be worthless, because compromised. Boot from a cd and check from the cd. I understand. Booted from knoppix 5.0.1, executed a 'chroot /mnt/hda1 chkrootkit' and a 'chroot /mnt/hda1 rkhunter -c' - both scans brought back nothing. From what I have read the chkrootkit rkhunter binarys would have been from the CD and therefore untainted ? Am I correct ? Are there any other checks I can do - re-installing the system is not my preferred option :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] chkrootkit LKM trojan ?
On Sunday 16 July 2006 21:36, Hemmann, Volker Armin wrote: oh, and read this: http://www.chkrootkit.org/faq/ Interesting ... How accurate is chkproc? If you run chkproc on a server that runs lots of short time processes it could report some false positives. chkproc compares the ps output with the /proc contents. If processes are created/killed during this operation chkproc could point out these PIDs as suspicious. no, if you chroot, the binaries from the chroot are used. use chkrootkit without chrooting - best with full path (/usr/sbin/chkrootkit) The problem is if I do not chroot chkrootkit will scan the knoppix CD - tried it :). It needs to access the live proc etc on a running system. Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] chkrootkit LKM trojan ?
On Sunday 16 July 2006 22:12, Benno Schulenberg wrote: Dave S wrote: On Sunday 16 July 2006 21:36, Hemmann, Volker Armin wrote: no, if you chroot, the binaries from the chroot are used. The problem is if I do not chroot chkrootkit will scan the knoppix CD - tried it :). It needs to access the live proc etc on a running system. Use -r. Even when you chroot, still the /proc of your Knoppix system will be used, as it's the only system running. Benno Did a chrootlit -r /mnt/hda1 ... all clear. Looks good - can never be 100% sure of cource :) Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] Bash query OT
Hi all, I have written a script in /etc/cron.daily for chkrootkit to screen out known suspect files that are OK to email me with anthing else ... (ahem its not a gentoo system ... just thought I should come clean :)) #!/bin/sh # Adds a primitive filter of repeating false positives OUTFILE=`mktemp` || exit 1 chkrootkit -q\ | grep -v 'PACKET SNIFFER(/sbin/dhclient3'\ | grep -v '/usr/lib/jvm/.java-gcj.jinfo'\ | grep -v '/usr/lib/realplay-10.0.6/share/default/.realplayerrc'\ | grep -v '/usr/lib/jvm/java-1.5.0-sun-1.5.0.06/.systemPrefs'\ | grep -v '/usr/lib/jvm/.java-1.5.0-sun.jinfo'\ | grep -v '/usr/lib/mindi/rootfs/root/.profile'\ | grep -v '/usr/lib/mindi/rootfs/proc/.keep'\ $OUTFILE 2 /dev/null val1=$(wc -l $OUTFILE) if [ $val1 -ge 3 ] ; then cat $OUTFILE | mail -s [ckrootkit] Daily run root fi rm -f $OUTFILE All works as expected except the 2 /dev/null appears not to work. I get the following emailed to me ... /etc/cron.daily/chkrootkit-filter: /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.19.43.912205.vanda-comp.ful: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.38.48.421654.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.40.10.454279.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-03_10.19.03.870135.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-04_11.36.46.651743.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-05_07.37.17.335699.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-06_17.37.02.619804.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-07_09.04.20.615943.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.19.43.912205.vanda-comp.ful: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.38.48.421654.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-02_07.40.10.454279.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-03_10.19.03.870135.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-04_11.36.46.651743.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-05_07.37.17.335699.vanda-comp.inc: Permission denied /usr/bin/find: //mnt/samba/archive/vanda-comp_backup/2006-07-06_17.37.02.619804.vanda-comp.inc: Permission denied Is there a way to avoid script errors being emailed to me ? Apart from maybe executing this script within a wrapper script ie ... chkrootkit /dev/null Any suggestions very welcome Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Bash query OT
Thanks for you input, I see the error of my ways :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] environmental variables ?
On Monday 03 July 2006 00:46, Iain Buchanan wrote: On Sun, 2006-07-02 at 13:50 +0100, Dave S wrote: On Sunday 02 July 2006 12:40, Bo Ørsted Andresen wrote: On Sunday 02 July 2006 09:09, Dave S wrote: HOME = /root --- HOME = /home/vanda This is only a theory but could it be that one reads config files in /root and the other in /home/vanda? The only related config I can find is for /etc/gksu.conf and thats not user dependent. I cant find any config relevent in /root or /home/vanda you'll probably find its a gnome (or kde) theme that is causing the issue, and the gnome (or kde) themes are stored in $HOME. Since you usually don't log in graphically as root (which is usually good) you don't have theme folders set up in root's home... am I making sense?! You sure are :) try running `visudo` and commenting out the line: Defaultsenv_reset I don't know if gksudo uses this file, but if it does, your problem should go away... If it does go away, then uncomment the line and do something better like: Defaults:yourname env_keep-=TERMCAP Unfortunately my /etc/gksudo is pretty sparse - it consists of ... [EMAIL PROTECTED]:/etc# cat sudoers # /etc/sudoers # # This file MUST be edited with the 'visudo' command as root. # # See the man page for details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification # Defaults Defaults!lecture,tty_tickets,!fqdn # User privilege specification rootALL=(ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL [EMAIL PROTECTED]:/etc# HTH, -- Iain Buchanan iaindb at netspace dot net dot au It's not reality that's important, but how you perceive things. -- gentoo-user@gentoo.org mailing list
[gentoo-user] environmental variables ?
I throw myself on your mercy, this is for a kubuntu install not a gentoo install - but you guys are the most technical bunch I know :) I start an app with 'gksudo simple-backup-config', (a gtk backup utility 'sbackup') and all is well, the GUI it is rendered perfectly. I upgrade my system. I start the app with 'gksudo simple-backup-config', YUK it looks like someone chewed it, the graphics are so primitive, white blocks around the GUI radio buttons, the tabs are separated and look like loose teeth, the buttons have lost their border and are just icons. Experimenting I found that 'gksudo -k simple-backup-config' restored it to its former beauty, as did straight 'sudo simple-backup-config'. Ahh I thought - environmental variables so I dug out a script to dump all environmental variables, did a diff between gksudo and gksudo -k and got ... DESKTOP_STARTUP_ID = gksudo/|home|vanda| test/27282-0-vanda-comp_TIME771509819 --- DESKTOP_STARTUP_ID = gksudo/|home|vanda| test/27292-0-vanda-comp_TIME771642528 13c13 HOME = /root --- HOME = /home/vanda 38c38 XAUTHORITY = /tmp/libgksu1.2-AbpNh8/.Xauthority --- XAUTHORITY = /tmp/libgksu1.2-wNoSTR/.Xauthority Not much change there. OK I am stumped. what else changes between gksudo and gksudo -k to affect GUI rendering ? I know its no big deal but I would like to know. :) Thanks in advance Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] environmental variables ?
On Sunday 02 July 2006 12:40, Bo Ørsted Andresen wrote: On Sunday 02 July 2006 09:09, Dave S wrote: HOME = /root --- HOME = /home/vanda This is only a theory but could it be that one reads config files in /root and the other in /home/vanda? The only related config I can find is for /etc/gksu.conf and thats not user dependent. I cant find any config relevent in /root or /home/vanda Its a bit of a teaser this :) Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] Which process is using port 5060 ?
Hi all, Apparently my SIP port 5060 is in use. Is there a Linux command to tell me what process is using this port. I have a vague memory of seeing such a command but just cannot remember or find it. Many thanks in advance Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Which process is using port 5060 ?
On Thursday 15 June 2006 17:21, Dave S wrote: Hi all, Apparently my SIP port 5060 is in use. Is there a Linux command to tell me what process is using this port. I have a vague memory of seeing such a command but just cannot remember or find it. Many thanks in advance Dave Thanks for all your answers - thats what I needed :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT 0.0.0.0 security query
On Monday 29 May 2006 11:14, Jonathan Chocron wrote: Le Dimanche 28 Mai 2006 16:53, Dave S a écrit : Yep, same here. I was trying to lock down my router. By default it allows any outgoing packets and only allows incoming packets if they are related to the incoming packets. I was trying to lock down my outgoing packets so services such as Samba would not broadcast anything to the WAN. As such I defaulted outgoing to BLOCK and allowed only certain ports. However I then needed to allow ports between computers ie for Samba again. When I opened the port on the LAN between computers my router wanted at least one IP address for the WAN. I did not want to give it a real address so choose 0.0.0.0 I was really asking ... (a) Is it worthwhile setting up my router this way, or am I being paranoid :) I do not think it wise to setup your router that way. Here's a little of theory. I apologize if you're familiar with it, but it is necessary for latter development. When in a LAN, a packet will not reach the WAN unless you specify you want it to, that includes broadcasts. An element of an IP address is a number between 0 and 254. 255 is used only for broadcasting. Moreover, rsync and samba, and most daemons take as a paramater the address or address range they can accept connections from. An incoming connection from the WAN, could not connect to the daemon even if it wanted to. With you so far :) (b) Is 0.0.0.0 and invalid IP address (I though it might be) because that is what i was looking for to trick my router to send nothing to the WAN An IP address is meaningful only in conjunction with a mask. 0.0.0.0 with mask 255.255.255.255 means broadcast to every single IP address that exists. Since the mask indicates between which boundaries the IP number can vary (in this case every IP address item can vary between 0 and 254). As a conclusion, this is definitely not what you want to do ! ;-) Gulp :( So, taking as a hypothesis that you trust everyone on your LAN, here's what you should do : - Et the policy for incomiong connections to BLOCK. - Unblock the services you actually need the net to access. Plus, in the config file of the daemon, specify it should listen to 0.0.0.0 - Allow traffic from your LAN to the WAN (again, if you trust everyone). And set up each daemon to only listen to 192.168.0.1/24 (which means only addresses that begin with 192.168.0). - Set up daemons to broadcast on 192.168.0.255 I hope this was clear, I have hardly slept last night ! That helps a lot, thank you for taking the time to explain. I will have a google so I understand netmasks IPs a bit more :( -- Jonathan PS : No need to apologize for the delay, I know even gentooists have lives ;) Wish I was 247 Linux - have to pay the mortgage though ! Thanks once again Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT 0.0.0.0 security query
On Saturday 27 May 2006 23:46, Jonathan Chocron wrote: Le Samedi 27 Mai 2006 11:40, Dave S a écrit : Hi all, This is a bit OT but I have a netgear router DG834 ADSL firewall router. I have restricted my incoming services with ... Enable Service Name Action LAN Server IP address WAN Users Log on bit torrent ALLOW always 192.168.0.5 Any Always Default Yes Any BLOCK always Any Any Never And tightened my outgoing services with ... Enable Service Name Action LAN Users WAN Servers Log on HTTP ALLOW always Any Any Always on HTTPS ALLOW always Any Any Always on POP ALLOW always Any Any Always on SMTP ALLOW always Any Any Always on NTP ALLOW always Any Any Always on FTP ALLOW always Any Any Always on rsync ALLOW always Any 0.0.0.0 Never on GM Port 389 ALLOW always 192.168.0.6 Any Always on GM Port 1503 ALLOW always 192.168.0.6 Any Always on GM Port 1731 ALLOW always 192.168.0.6 Any Always on GM 1024-65K ALLOW always 192.168.0.6 Any Always on H.323 ALLOW always 192.168.0.6 Any Always on Port 1023 ALLOW always Any Any Always on Samba ALLOW always Any 0.0.0.0 Always on samba2 ALLOW always Any 0.0.0.0 Always on samba3 ALLOW always Any 0.0.0.0 Always on Any(ALL) BLOCK always Any Any Always Default Yes Any ALLOW always Any Any Some services like rsync and samba I want to keep within my LAN but my DG834 insists I give it a least one IP address on the WAN that my service can be broadcast to. I selected 0.0.0.0 Can anyone advise, am I going about this the right way, any comment greatly appreciated :) Cheers Dave I am not the best net admin on earth, but it seems to me that 0.0.0.0 is definitely not a broadcast address. If you want to keep things in your lan, you should have something like 192.168.0.255 instead. Moreover, I do not quite understand what you are trying to do. I had approximately the same router (same brand anyway), and it did not block any lan-only services. Yep, same here. I was trying to lock down my router. By default it allows any outgoing packets and only allows incoming packets if they are related to the incoming packets. I was trying to lock down my outgoing packets so services such as Samba would not broadcast anything to the WAN. As such I defaulted outgoing to BLOCK and allowed only certain ports. However I then needed to allow ports between computers ie for Samba again. When I opened the port on the LAN between computers my router wanted at least one IP address for the WAN. I did not want to give it a real address so choose 0.0.0.0 I was really asking ... (a) Is it worthwhile setting up my router this way, or am I being paranoid :) (b) Is 0.0.0.0 and invalid IP address (I though it might be) because that is what i was looking for to trick my router to send nothing to the WAN Cheers Dave PS Sorry for the delay, I am an on call engineer and have been away. What you're telling it is, for example, to block *outgoing* rsync. This should not in any case be blocking an rsync between two machines inside your LAN. I hope this helps, even if i am not quite sure I understand what you're trying to do. -- Jonathan Apologies for my poor explanation :) -- gentoo-user@gentoo.org mailing list
[gentoo-user] OT 0.0.0.0 security query
Hi all, This is a bit OT but I have a netgear router DG834 ADSL firewall router. I have restricted my incoming services with ... Enable Service Name Action LAN Server IP address WAN Users Log on bit torrent ALLOW always 192.168.0.5 Any Always Default Yes Any BLOCK always Any Any Never And tightened my outgoing services with ... Enable Service Name Action LAN Users WAN Servers Log on HTTP ALLOW always Any Any Always on HTTPS ALLOW always Any Any Always on POP ALLOW always Any Any Always on SMTP ALLOW always Any Any Always on NTP ALLOW always Any Any Always on FTP ALLOW always Any Any Always on rsync ALLOW always Any 0.0.0.0 Never on GM Port 389 ALLOW always 192.168.0.6 Any Always on GM Port 1503 ALLOW always 192.168.0.6 Any Always on GM Port 1731 ALLOW always 192.168.0.6 Any Always on GM 1024-65K ALLOW always 192.168.0.6 Any Always on H.323 ALLOW always 192.168.0.6 Any Always on Port 1023 ALLOW always Any Any Always on Samba ALLOW always Any 0.0.0.0 Always on samba2 ALLOW always Any 0.0.0.0 Always on samba3 ALLOW always Any 0.0.0.0 Always on Any(ALL) BLOCK always Any Any Always Default Yes Any ALLOW always Any Any Some services like rsync and samba I want to keep within my LAN but my DG834 insists I give it a least one IP address on the WAN that my service can be broadcast to. I selected 0.0.0.0 Can anyone advise, am I going about this the right way, any comment greatly appreciated :) Cheers Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] 2.6.10 and realtime [was: where is 'kat']
Christoph Eckert wrote: Furthermore, the best use is with recent kernels with the new notify mechanism. Unfortunately, I'm still on 2.6.10 here due to realtime audio needs :( . Hi! Can you provide a bit more info on that item? See the post of Mark. I still use a vanilla 2.6.10 with the realtime-LSM patch applied. I had no luck with the newer kernels due to probs with my hardware (2.6.11) or PAM needed to be patched. So I went back to 2.6.10. But I'd recommend to use the most recent solution, though there's most often less documentation. Best regards ce I was unaware that kat is so cutting edge - guess thats why there is no ebuild for it yet. I may wait a bit for it to mature a bit more :) Thanks once again Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] where is 'kat' ?
Does anyone know which package 'kat' the kde search tool is in ? Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] OT worth upgrading hardware ?
Hi all, I have a PIII 700Mhz, 256MB RAM, Finances are somewhat tight (read that as very tight) but I could do with some more speed when playing with python scripts + KDE can be a tad sluggish. The processor is going to have to be either a ... Intel Celeron 2.4GHz 128K 400MHz Socket 478 CPU OEM - 512MB RAM AMD Sempron 2800+ 2.0GHz (333FSB) 256K Cache Socket A OEM - 512 MB RAM The GHz sound impressive but I know neither chip is a very powerful, I believe they 'water down' the internals !. I cant find anywhere a comparison between my PIII these two possibilitys. My PIII is old technology, these two are newer technology with faster clock speeds but engineered to a price, would the speed increase be noticeable ? Any comments ? Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT worth upgrading hardware ?
Raphael Melo de Oliveira Bastos Sales wrote: Perhaps you can get a Semprom with a smaller clock but a higher FSB. I have an AMD Semprom 2400+ with 400 Mhz FSB, 1 GB of Ram and I'm very happy with it. It plays all the games I want and I can work in it very smoothly. I recently upgrade to 1 GB of Ram, used to be 512 Mb and the difference is amazing compared to 256, specially compile speeds. So, unless you might want to upgrade you Celeron to a P4, assuming the motherboard will take both, I'd go with Semprom, I believe it's more cost-effective. 2005/10/2, Folken [EMAIL PROTECTED]: On Sun, Oct 02, 2005 at 08:12:56AM +0100, Dave S wrote: The GHz sound impressive but I know neither chip is a very powerful, I believe they 'water down' the internals !. I cant find anywhere a comparison between my PIII these two possibilitys. I found a comparision between (almost) your target cpus: http://www.pcper.com/article.php?aid=61 (note the celeron is actually the 2.8 GHz Model) My PIII is old technology, these two are newer technology with faster clock speeds but engineered to a price, would the speed increase be noticeable ? Any comments ? The 512 MB Ram will defently noticeable when you work with KDE. KDE is very ram hungry and I wouldn't recommend to run it with less than 512. (Although speed / memory consumption seem to have improved miles with the latest versions of kde) Intel Celeron 2.4GHz 128K 400MHz Socket 478 CPU OEM - 512MB RAM AMD Sempron 2800+ 2.0GHz (333FSB) 256K Cache Socket A OEM - 512 MB RAM As to the processors, I'd go for the Sempron. Celerons are IMO castraded pentiums and really not great for compiler runs. The halved L1 cache really hits on the performance in general. Since you are on a contrained budget I'd even more strongley urge you to amd, since they usually give you more performance for the buck. (That being said.. i'm no fan of intel. Therefore take this with a grain of salt.) Oh btw.. you may ignore GHz numbers now.. they are no longer an indicator of how fast processors are. - Folken -- gentoo-user@gentoo.org mailing list Thanks for all your input guys, its been very helpfull. A Sempron seems the way to go ... Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] OT KDE remote share ?
I am giving KDE a go after being a long term fluxbox-er. I have a NFS hdd on my other machine which I mount with 'mount /mnt/archive' as root. I right clicked, behaviors, device icons and ticked a curiously named 'Mounted NFS share' and 'Unmounted NFS share' I get an icon 'Mounted Share 192.168.0.6', which when I selected its properties and gave it a name of NFS - it shot multiple progress windows up - I canceled everything in a hurry ! Also if I click it, i get a konqueror with the title 'media:/' and an overview of all my drives, not really what I want. What is a mounted 'share', its obviously not just the NFS partition and why do things go crazy when I try and rename it ? Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] GTK fonts
Hi all, Ive got a font problem, apps like abiword gimp that use GTK fonts (I think :-) ) have very small jaggerdy witting for their menus in KDE fluxbox. If I gnome-control-center select anti-aliasing the menus look wonderful, smoother than my kde3.4 menus ! This is great until I log out and back in on either KDE or fluxbox they have reverted. How do I keep my wonderful smooth GTK fonts ? Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] Tape to CD conversion advice needed
Hi all, I need some advice, I need to convert some talks at my local group from tape to CD. I have a mike input on my audio card so connecting the audio should not be a problem. What file formats do standard CD players play ? I would guess mp3 but there do not appear to be any mp3 encoders for linux, ogg would be great but I doubt that it would play. Can anyone suggest an application to get the files from the tape change them into said format ? (Simple is good, I dont need a recording studio :)) Cheers Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Tape to CD conversion advice needed
Thanks for the info, Thats realy usefull, I will go buy a lead explore lame - The server idea is interesting and one I might explore Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] gphoto2 large file problems ?
Zac Medico wrote: Dave S wrote: Hi all, gphoto2 used to work well with my Kodak DX6340 camera. I recently did a emerge -uDv and loads of version numbers have been bumped since I last did an upgrade, some 8ish months ago. Anyhow having sorted the access permission problem It appears that I cannot download .MOV files from my camera. Some of which I previously downloaded without a problem. gphoto2 --debug -P ... now ceashes with the following ... [snip] gp_port_read: Resource temporarily unavailable 39.304760 PTP2/library.c(2): PTP: gp_port_* function returned 0xffde -34 39.304790 context(0): PTP I/O error I googled for your error message and found some mention of known problems with libusb-0.1.10 so I recommend that you try another version. http://www.google.com/search?hl=enq=%22gp_port_read%3A+Resource+temporarily+unavailable%22 Zac Thanks Zac, I checked out gphoto2 libgphoto2 but did not think of libusb, emerged an earlier version and it all works :-) Cheers Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] hotplug permissions xsane
Hello all,
My scanner was working OK till I did a 'emerge -uDv world'. xsane now
picks up my logitech webcam instead of my scanner and does not see my
scanner.
In root xsane sees both devices, asks me which one to use and all is OK,
so its a permissions problem.
vanda_comp dave # lsusb
Bus 002 Device 001: ID :
Bus 001 Device 006: ID 046d:08b2 Logitech, Inc. QuickCam Pro 4000
Bus 001 Device 005: ID 055f:0008 Mustek Systems, Inc. ScanExpress 1200
CU Plus
Bus 001 Device 004: ID 056a:0011 Wacom Co., Ltd Graphire 2
Bus 001 Device 003: ID 04b8:0005 Seiko Epson Corp. Stylus Printer
Bus 001 Device 002: ID 0409:0050 NEC Corp.
Bus 001 Device 001: ID :
vanda_comp dave #
[EMAIL PROTECTED] /proc/bus/usb/001 $ ls -al
total 0
dr-xr-xr-x 2 root root 0 Jul 17 13:15 .
drwxr-xr-x 4 root root 0 Jul 17 13:15 ..
-rw-r--r-- 1 root root 43 Jul 17 13:15 001
-rw-r--r-- 1 root root 43 Jul 17 13:15 002
-rw-r--r-- 1 root root 50 Jul 17 13:15 003
-rw-r--r-- 1 root root 52 Jul 17 13:15 004
-rw-r--r-- 1 root root 57 Jul 17 13:15 005
-rw-r--r-- 1 root root 508 Jul 17 13:15 006
[EMAIL PROTECTED] /proc/bus/usb/001 $
Looking in hotplug I have stripped down the usermap to just my scanners
entry to make sure it is seen - it matches 055f 0008.
[EMAIL PROTECTED] /etc/hotplug/usb $ cat libsane.usermap
# This file is part of sane-backends.
#
# The entries below are used to detect a USB scanner when it's plugged in
# and then run the libusbscanner script to change the ownership and
# permissions on the device node used by libusb.
#
.
#
#
# The following list already contains a lot of scanners. If your scanner
# isn't mentioned there, add it as explained above and mail the entry to
# the sane-devel mailing list.
#
# Hewlett-Packard|ScanJet 4100C
# Mustek Systems Inc.|ScanExpress 1200 CU Plus
libusbscanner 0x0003 0x055f 0x00080x
0x 0x00 0x000x00
0x000x00 0x00 0x
[EMAIL PROTECTED] /etc/hotplug/usb $
[EMAIL PROTECTED] /etc/hotplug/usb $ cat libusbscanner
#!/bin/sh
# This file is part of sane-backends.
#
# This script changes the permissions and ownership of a USB device under
# /proc/bus/usb to grant access to this device to users in the scanner
group.
#
# Ownership is set to root:scanner, permissions are set to 0660.
#
# Arguments :
# ---
# ACTION=[add|remove]
# DEVICE=/proc/bus/usb/BBB/DDD
# TYPE=usb
# latest hotplug doesn't set DEVICE on 2.6.x kernels
if [ -z $DEVICE ] ; then
IF=`echo $DEVPATH | sed 's/\(bus\/usb\/devices\/\)\(.*\)-\(.*\)/\2/'`
DEV=`echo $DEVPATH | sed 's/\(bus\/usb\/devices\/\)\(.*\)-\(.*\)/\3/'`
DEV=`expr $DEV + 1`
DEVICE=`printf '/proc/bus/usb/%.03d/%.03d' $IF $DEV`
fi
if [ -z ${DEVICE} ] ; then
IF=$(echo ${DEVPATH} | sed
's:\(bus/usb/devices/\)\(.*\)-\(.*\):\2:')
if [ -r /sys/${DEVPATH}/devnum ]; then
DEV=$(cat /sys/${DEVPATH}/devnum)
else
DEV=1 # you'll have to adjust this manually for kernel 2.6.6
fi
DEVICE=$(printf '/proc/bus/usb/%.03d/%.03d' ${IF} ${DEV})
fi
if [ $ACTION = add -a $TYPE = usb ]; then
chown root:scanner $DEVICE
chmod 0660 $DEVICE
fi
# That's an insecure but simple alternative
# Everyone has access to the scanner
# if [ $ACTION = add -a $TYPE = usb ]; then
# chmod 0666 $DEVICE
# fi
[EMAIL PROTECTED] /etc/hotplug/usb $
Should set my scanner to the scanner group but does not. If I unplug my
scanner re-plug it in I get ...
vanda_comp dave # lsusb
Bus 002 Device 001: ID :
Bus 001 Device 007: ID 055f:0008 Mustek Systems, Inc. ScanExpress 1200
CU Plus
Bus 001 Device 006: ID 046d:08b2 Logitech, Inc. QuickCam Pro 4000
Bus 001 Device 004: ID 056a:0011 Wacom Co., Ltd Graphire 2
Bus 001 Device 003: ID 04b8:0005 Seiko Epson Corp. Stylus Printer
Bus 001 Device 002: ID 0409:0050 NEC Corp.
Bus 001 Device 001: ID :
vanda_comp dave #
[EMAIL PROTECTED] /proc/bus/usb/001 $ ls -al
total 0
dr-xr-xr-x 2 root root 0 Jul 17 13:15 .
drwxr-xr-x 4 root root 0 Jul 17 13:15 ..
-rw-r--r-- 1 root root 43 Jul 17 13:15 001
-rw-r--r-- 1 root root 43 Jul 17 13:15 002
-rw-r--r-- 1 root root 50 Jul 17 13:15 003
-rw-r--r-- 1 root root 52 Jul 17 13:15 004
-rw-r--r-- 1 root root508 Jul 17 13:15 006
-rw-rw 1 root scanner 57 Jul 17 13:55 007
[EMAIL PROTECTED] /proc/bus/usb/001 $
Everything works AOK and I can scan. However unplugging plugging in
scanners every time the machine starts is a pain.
Hotplug is started on bootup ...
vanda_comp 001 # rc-update add hotplug default
* hotplug already installed in runlevel default; skipping
vanda_comp 001 #
but does not seem to setup my scanner. I also found that just ...
vanda_comp 001 # /etc/init.d/hotplug restart
vanda_comp 001 #
does not setup my scanner, I do have to unplug plug it in.
Any suggestions as to where to go from here ?
Re: [gentoo-user][SOLVED] hotplug permissions xsane
Dave S wrote:
Hello all,
My scanner was working OK till I did a 'emerge -uDv world'. xsane now
picks up my logitech webcam instead of my scanner and does not see my
scanner.
In root xsane sees both devices, asks me which one to use and all is OK,
so its a permissions problem.
vanda_comp dave # lsusb
Bus 002 Device 001: ID :
Bus 001 Device 006: ID 046d:08b2 Logitech, Inc. QuickCam Pro 4000
Bus 001 Device 005: ID 055f:0008 Mustek Systems, Inc. ScanExpress 1200
CU Plus
Bus 001 Device 004: ID 056a:0011 Wacom Co., Ltd Graphire 2
Bus 001 Device 003: ID 04b8:0005 Seiko Epson Corp. Stylus Printer
Bus 001 Device 002: ID 0409:0050 NEC Corp.
Bus 001 Device 001: ID :
vanda_comp dave #
[EMAIL PROTECTED] /proc/bus/usb/001 $ ls -al
total 0
dr-xr-xr-x 2 root root 0 Jul 17 13:15 .
drwxr-xr-x 4 root root 0 Jul 17 13:15 ..
-rw-r--r-- 1 root root 43 Jul 17 13:15 001
-rw-r--r-- 1 root root 43 Jul 17 13:15 002
-rw-r--r-- 1 root root 50 Jul 17 13:15 003
-rw-r--r-- 1 root root 52 Jul 17 13:15 004
-rw-r--r-- 1 root root 57 Jul 17 13:15 005
-rw-r--r-- 1 root root 508 Jul 17 13:15 006
[EMAIL PROTECTED] /proc/bus/usb/001 $
Looking in hotplug I have stripped down the usermap to just my scanners
entry to make sure it is seen - it matches 055f 0008.
[EMAIL PROTECTED] /etc/hotplug/usb $ cat libsane.usermap
# This file is part of sane-backends.
#
# The entries below are used to detect a USB scanner when it's plugged in
# and then run the libusbscanner script to change the ownership and
# permissions on the device node used by libusb.
#
.
#
#
# The following list already contains a lot of scanners. If your scanner
# isn't mentioned there, add it as explained above and mail the entry to
# the sane-devel mailing list.
#
# Hewlett-Packard|ScanJet 4100C
# Mustek Systems Inc.|ScanExpress 1200 CU Plus
libusbscanner 0x0003 0x055f 0x00080x
0x 0x00 0x000x00
0x000x00 0x00 0x
[EMAIL PROTECTED] /etc/hotplug/usb $
[EMAIL PROTECTED] /etc/hotplug/usb $ cat libusbscanner
#!/bin/sh
# This file is part of sane-backends.
#
# This script changes the permissions and ownership of a USB device under
# /proc/bus/usb to grant access to this device to users in the scanner
group.
#
# Ownership is set to root:scanner, permissions are set to 0660.
#
# Arguments :
# ---
# ACTION=[add|remove]
# DEVICE=/proc/bus/usb/BBB/DDD
# TYPE=usb
# latest hotplug doesn't set DEVICE on 2.6.x kernels
if [ -z $DEVICE ] ; then
IF=`echo $DEVPATH | sed 's/\(bus\/usb\/devices\/\)\(.*\)-\(.*\)/\2/'`
DEV=`echo $DEVPATH | sed 's/\(bus\/usb\/devices\/\)\(.*\)-\(.*\)/\3/'`
DEV=`expr $DEV + 1`
DEVICE=`printf '/proc/bus/usb/%.03d/%.03d' $IF $DEV`
fi
if [ -z ${DEVICE} ] ; then
IF=$(echo ${DEVPATH} | sed
's:\(bus/usb/devices/\)\(.*\)-\(.*\):\2:')
if [ -r /sys/${DEVPATH}/devnum ]; then
DEV=$(cat /sys/${DEVPATH}/devnum)
else
DEV=1 # you'll have to adjust this manually for kernel 2.6.6
fi
DEVICE=$(printf '/proc/bus/usb/%.03d/%.03d' ${IF} ${DEV})
fi
if [ $ACTION = add -a $TYPE = usb ]; then
chown root:scanner $DEVICE
chmod 0660 $DEVICE
fi
# That's an insecure but simple alternative
# Everyone has access to the scanner
# if [ $ACTION = add -a $TYPE = usb ]; then
# chmod 0666 $DEVICE
# fi
[EMAIL PROTECTED] /etc/hotplug/usb $
Should set my scanner to the scanner group but does not. If I unplug my
scanner re-plug it in I get ...
vanda_comp dave # lsusb
Bus 002 Device 001: ID :
Bus 001 Device 007: ID 055f:0008 Mustek Systems, Inc. ScanExpress 1200
CU Plus
Bus 001 Device 006: ID 046d:08b2 Logitech, Inc. QuickCam Pro 4000
Bus 001 Device 004: ID 056a:0011 Wacom Co., Ltd Graphire 2
Bus 001 Device 003: ID 04b8:0005 Seiko Epson Corp. Stylus Printer
Bus 001 Device 002: ID 0409:0050 NEC Corp.
Bus 001 Device 001: ID :
vanda_comp dave #
[EMAIL PROTECTED] /proc/bus/usb/001 $ ls -al
total 0
dr-xr-xr-x 2 root root 0 Jul 17 13:15 .
drwxr-xr-x 4 root root 0 Jul 17 13:15 ..
-rw-r--r-- 1 root root 43 Jul 17 13:15 001
-rw-r--r-- 1 root root 43 Jul 17 13:15 002
-rw-r--r-- 1 root root 50 Jul 17 13:15 003
-rw-r--r-- 1 root root 52 Jul 17 13:15 004
-rw-r--r-- 1 root root508 Jul 17 13:15 006
-rw-rw 1 root scanner 57 Jul 17 13:55 007
[EMAIL PROTECTED] /proc/bus/usb/001 $
Everything works AOK and I can scan. However unplugging plugging in
scanners every time the machine starts is a pain.
Hotplug is started on bootup ...
vanda_comp 001 # rc-update add hotplug default
* hotplug already installed in runlevel default; skipping
vanda_comp 001 #
but does not seem to setup my scanner. I also found that just ...
vanda_comp 001 # /etc/init.d/hotplug restart
vanda_comp 001 #
does not setup my scanner, I do have to unplug plug it in.
Any suggestions as to where to go
[gentoo-user] gphoto2 large file problems ?
Hi all,
gphoto2 used to work well with my Kodak DX6340 camera. I recently did a
emerge -uDv and loads of version numbers have been bumped since I last
did an upgrade, some 8ish months ago.
Anyhow having sorted the access permission problem It appears that I
cannot download .MOV files from my camera. Some of which I previously
downloaded without a problem.
gphoto2 --debug -P ... now ceashes with the following ...
01d0 8c 5c a6 c2 ff 25 db 1d-4e 0c 07 80 30 02 40 c0 [EMAIL PROTECTED]
01e0 09 03 00 1a 3f 08 00 c0-fb 17 0f 41 81 f2 ff fc ?..A
01f0 08 61 09 5a b2 f0 3d ff-28 e8 1e 53 04 75 3e 02 .a.Z..=.(..S.u.
31.303548 gphoto2-port(2): Reading 24781709=0x17a238d bytes from port...
gp_port_read: Resource temporarily unavailable
39.304760 PTP2/library.c(2): PTP: gp_port_* function returned
0xffde -34
39.304790 context(0): PTP I/O error
*** Error ***
PTP I/O error
39.304825 libgphoto2/gphoto2-filesys.c(2): Download of '100_1121.MOV'
from '/store_00010001/DCIM/100K6340' (type 1) failed. Reason:
'Unspecified error'
39.304854 gphoto2-camera(2): Operation failed!
*** Error (-1: 'Unspecified error') ***
For debugging messages, please use the --debug option.
Debugging messages may help finding a solution to your problem.
If you intend to send any error or debug messages to the gphoto
developer mailing list [EMAIL PROTECTED], please run
gphoto2 as follows:
env LANG=C gphoto2 --debug --debug -P
Please make sure there is sufficient quoting around the arguments.
39.305209 gp-camera(2): Freeing camera...
39.305224 gphoto2-camera(2): Exiting camera ('Kodak DX6340')...
39.305250 ptp(2): PTP: Closing session
39.305262 gphoto2-port(2): Writing 12=0xc byte(s) to port...
39.305279 gphoto2-port(3): Hexdump of 12 = 0xc bytes follows:
0c 00 00 00 01 00 03 10-62 00 00 00 b...
gp_port_write: Resource temporarily unavailable
47.305854 PTP2/library.c(2): PTP: gp_port_* function returned
0xffdd -35
47.305888 gphoto2-port(2): Clear halt...
47.307820 gphoto2-port(2): Clear halt...
47.310818 gphoto2-port(2): Clear halt...
47.313825 gphoto2-port(2): Closing port...
47.316866 libgphoto2/gphoto2-filesys.c(2): Clearing fscache LRU list...
47.316887 libgphoto2/gphoto2-filesys.c(2): fscache LRU list cleared
(removed 18 items)
47.316906 gphoto2-filesystem(2): Internally deleting all folders from '/'...
47.317544 gphoto2-port(2): Freeing port...
47.317557 gphoto2-port(2): Closing port...
47.317601 libgphoto2/gphoto2-filesys.c(2): Clearing fscache LRU list...
47.317617 libgphoto2/gphoto2-filesys.c(2): fscache LRU list already empty
47.317633 gphoto2-filesystem(2): Internally deleting all folders from '/'...
Any ideas anyone - I checked the bug list but found nothing current, the
nearest was bug *Bugzilla Bug 49699 but this was for canon cameras only
has been fixed*
Dave
vanda_comp dave # emerge -p gphoto2 libgphoto2
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild R ] media-gfx/gphoto2-2.1.5
[ebuild R ] media-libs/libgphoto2-2.1.5
vanda_comp dave #
--
gentoo-user@gentoo.org mailing list
[gentoo-user] cant emerge kdelibs
Hi all,
I cannot emerge kdelibs on my 3000+ AMD, I have tried re-emerging qt
first (found this on the forum), I have edited /etc/make.conf and
removed my -O? flag, usually set to -O3 and tried repeatedly to
re-emerge kdelibs without success.
vanda_comp dave # emerge -p kdelibs gcc
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild NS ] kde-base/kdelibs-3.4.1-r1
[ebuild R ] sys-devel/gcc-3.3.5.20050130-r1
vanda_comp dave #
#CFLAGS=-march=athlon-xp -O3 -pipe -fomit-frame-pointer
CFLAGS=-march=athlon-xp -pipe -fomit-frame-pointer
# If you set a CFLAGS above, then this line will set your default C++
flags to
# the same settings.
CXXFLAGS=${CFLAGS}
Any suggestions ?
Dave
undefined -Wl,--no-undefined -Wl,--allow-shlib-undefined -avoid-version
-module -no-undefined -Wl,--no-undefined -Wl,--allow-shlib-undefined -R
/usr/kde/3.4/lib -R /usr/kde/3.4/lib -R /usr/qt/3/lib -R /usr/lib
kspell_aspellclient.lo kspell_aspelldict.lo ../../ui/libkspell2.la -laspell
grep: /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/libstdc++.la: No such
file or directory
/bin/sed: can't read
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/libstdc++.la: No such file or
directory
libtool: link: `/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/libstdc++.la'
is not a valid libtool archive
make[4]: *** [kspell_aspell.la] Error 1
make[4]: Leaving directory
`/var/tmp/portage/kdelibs-3.4.1-r1/work/kdelibs-3.4.1/kspell2/plugins/aspell'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory
`/var/tmp/portage/kdelibs-3.4.1-r1/work/kdelibs-3.4.1/kspell2/plugins'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory
`/var/tmp/portage/kdelibs-3.4.1-r1/work/kdelibs-3.4.1/kspell2'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory
`/var/tmp/portage/kdelibs-3.4.1-r1/work/kdelibs-3.4.1'
make: *** [all] Error 2
!!! ERROR: kde-base/kdelibs-3.4.1-r1 failed.
!!! Function kde_src_compile, Line 164, Exitcode 2
!!! died running emake, kde_src_compile:make
!!! If you need support, post the topmost build error, NOT this status
message.
--
gentoo-user@gentoo.org mailing list
Re: [gentoo-user] cant emerge kdelibs
Holly Bostick wrote: Holly Bostick schreef: Oops, sorry, forgot part of the command: The way to fix that is: # sh fix_libtool_files.sh should be sh fix_libtool_files.sh 3.3.4 Sorry. Holly It fixed a lot of stuff - am re-trying to emerge kdelibs as I type :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] cant emerge kdelibs
Dave S wrote: Holly Bostick wrote: Holly Bostick schreef: Oops, sorry, forgot part of the command: The way to fix that is: # sh fix_libtool_files.sh should be sh fix_libtool_files.sh 3.3.4 Sorry. Holly It fixed a lot of stuff - am re-trying to emerge kdelibs as I type :) Dave Works a treat - Thanks Holly :-) :-) :-) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Help I have b0rked my system :(
I've gotta say, composite was the first thing I thought of as well-- and I've never even seen it in use, much less used it myself. But would changing xorg.conf help, if the xorg package was compiled with the +composite USE flag set (which is what I at least am wondering about, rather than whether it's activated in the config or not)? I don't know anything about the feature, really, but given that all your problems seem to involve sudden, extreme, and unwanted transparency, and that's what composite does (transparency) ...what about xcompmanager (or whatever it's called)? Is that possibly running? Holly You could be right, Im going out to work now but I tried changing 'nvidia' to 'nv' in xorg.conf and everyting returned to normal, I re-emerged nvidia-glx + nvidia-kernel, re-booted, re-tryed 'nvidia' and wierdness returned. Haven't got any more time but will look at it this evening ... Cheers Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Help I have b0rked my system :(
Ed Jabbour wrote: On Thursday 07 July 2005 02:40 am, Dave S wrote: ...what about xcompmanager (or whatever it's called)? Is that possibly running? Holly You could be right, Im going out to work now but I tried changing 'nvidia' to 'nv' in xorg.conf and everyting returned to normal, I re-emerged nvidia-glx + nvidia-kernel, re-booted, re-tryed 'nvidia' and wierdness returned. Haven't got any more time but will look at it this evening ... If you emerged the nvidia stuff, you got the newest versions. Do you have the RIVA TNT2 by any chance? If so, portage now has 1.0.7664, which acc/to NVidia is not compatible with the TNT2. I use 7174, which works fine. This would explain why nv works, but nvidia doesn't, and also why your X used to work, but doesn't now. -- Ed Jabbour Strangley my video card is a RIVA TNT2 :) I checked Nvidias website, apparently TNT2 is OK with *1.0-7667 so I will give it a go. Thanks for the tip, I will let you know how it goes Dave * -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Help I have b0rked my system :(
Dave S wrote: Ed Jabbour wrote: On Thursday 07 July 2005 02:40 am, Dave S wrote: ...what about xcompmanager (or whatever it's called)? Is that possibly running? Holly You could be right, Im going out to work now but I tried changing 'nvidia' to 'nv' in xorg.conf and everyting returned to normal, I re-emerged nvidia-glx + nvidia-kernel, re-booted, re-tryed 'nvidia' and wierdness returned. Haven't got any more time but will look at it this evening ... If you emerged the nvidia stuff, you got the newest versions. Do you have the RIVA TNT2 by any chance? If so, portage now has 1.0.7664, which acc/to NVidia is not compatible with the TNT2. I use 7174, which works fine. This would explain why nv works, but nvidia doesn't, and also why your X used to work, but doesn't now. -- Ed Jabbour Strangley my video card is a RIVA TNT2 :) I checked Nvidias website, apparently TNT2 is OK with *1.0-7667 so I will give it a go. Thanks for the tip, I will let you know how it goes Dave * Er didn't work, tried 7174 as you suggest, :-) :-) :-) AOK Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] Help I have b0rked my system :(
Please help, I have managed to really screw up my second gentoo box, ** How I did it ** Well, I tried emergeing gnome, liked the look of it but then it appeared to crash, all icons on the desktop went the bottom taskbar stopped working. Going into KDE all the K menus appeared messed up ie no kcontrol but quite a few gnome icons and apps. Not having emerge sync, emerge -e world for some time I did an emerge sync, system runs 247 so its not a problem. I had previously written a bash script to run through all the packages on the system re-emerge them skipping any packages that have problems emergeing. Its still got approx 250 to go kde edu etc ... Has worked great in the past. ** Whats happened ** Well what hasnt :( The kernel boots, all services start, X starts and the xorg logs look OK, etc-update showed no updates needed, weird since I have now emerged approx 230 packages KDM starts and presents me with a default login screen but it has no box, everything is 100% transparent to the background apart from the witting and logos. As I type to login I get no text but I can login to my default fluxbox. When I do, gkrellm shows an outline but is 100% transparent, right clicking for menus causes a menu title to come up but all options are invisible + the screen numbers overlay one gets overwritten by two etc etc and ends up as a confused mess. ** Help ** I am at a loss here, I could tell you more about the graphical problems but I do not know if this would be useful. The system is working but graphicly b0rked, any suggestions please :) Dave -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Help I have b0rked my system :(
Volker Armin Hemmann wrote: Hi, you don't have composite activated, do you? I have looked in xorg.conf but cannot find any reference to it, just in case I swapped xorg.conf for an old copy, same problem :( Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] OT? Gnome no bzip2 utility
I am starting to play with Gnome, I am trying to install some more icons, I drag my icon file to 'Theme Preferences', it downloads then reports ... Can not install theme. The bzip2 utility is not installed bash-2.05b$ emerge -p bzip2 These are the packages that I would merge, in order: Calculating dependencies ...done! [ebuild R ] app-arch/bzip2-1.0.3 bash-2.05b$ So it is there. I have tried comming out and then back into Gnome but with the same result. Any ideas ? Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] Subtle KDE style problem ?
This is a subtle KDE problem, in a nutshell : If I use kde logged in as myself, I go to control center style preview, I see tab 1 tab 2. There is a slight line below the tabs which defines the top of the preview box as it should be. If I use kde logged in as my wife, I go to control center style preview, I see tab 1 tab 2. However there is no line below the tabs to define the top of the preview box, it just merges with the gray background. This phenomena effects several apps including thunderbird making it look washed out with no defined tops to the 'subject', 'recipient', and 'date' fields. I have checked through the control center but all the settings seem the same. I am at a loss, does anyone have any suggestions ? Dave -- gentoo-user@gentoo.org mailing list
[gentoo-user] jpilot-syncmal problem
I have a m505 pda syncing through jpilot. I am running jpilot-syncmal so I can download from the avantgo server. Having set up several channels all of which work perfectly, I cannot get the 'onlineweather.com' to update. If I remove re-install the chanel it updates but not when I just sync. I have setup jpilot-syncmal to update on every sync, Any suggestions ? Dave -- gentoo-user@gentoo.org mailing list
