Re: [gentoo-user] 'Heartbleed' bug
On Thu, Apr 10, 2014 at 05:53:44PM +0800, J?n Zahornadsk? wrote: On 04/10/2014 05:03 PM, Adam Carter wrote: What surprises me here is OpenSSH. It's not supposed to use OpenSSL but Debian update process suggests to restart it after updating OpenSSL to a fixed version. Is it an overkill on their part? It might confuse admins. adam@proxy ~ $ ldd /usr/sbin/sshd linux-vdso.so.1 (0x7fffb068e000) libwrap.so.0 = /lib64/libwrap.so.0 (0x7f68db1e6000) libpam.so.0 = /lib64/libpam.so.0 (0x7f68dafd8000) libcrypto.so.1.0.0 = /usr/lib64/libcrypto.so.1.0.0 (0x7f68dabf5000) libutil.so.1 = /lib64/libutil.so.1 (0x7f68da9f2000) libz.so.1 = /lib64/libz.so.1 (0x7f68da7db000) libcrypt.so.1 = /lib64/libcrypt.so.1 (0x7f68da5a4000) libpthread.so.0 = /lib64/libpthread.so.0 (0x7f68da387000) libc.so.6 = /lib64/libc.so.6 (0x7f68d9fd7000) libgcc_s.so.1 = /usr/lib/gcc/x86_64-pc-linux-gnu/4.8.2/libgcc_s.so.1 (0x7f68d9dc) libdl.so.2 = /lib64/libdl.so.2 (0x7f68d9bbc000) /lib64/ld-linux-x86-64.so.2 (0x7f68db3f1000) adam@proxy ~ $ qfile /usr/lib64/libcrypto.so.1.0.0 dev-libs/openssl (/usr/lib64/libcrypto.so.1.0.0) adam@proxy ~ $ So OpenSSH clearly IS using OpenSSL, and you need to restart sshd after upgrading OpenSSL. As far as I know, it doesn't use it for the communication itself, just some key generations, so it shouldn't be affected by this bug. But I guess better safe than sorry... Right. heartbleed does not directly affect openssh, but openssh uses openssl and it's good practice to keep the shared libraries on-disk and the shared libraries in-memory in sync.
Re: [gentoo-user] Re: 'Heartbleed' bug
On Thu, Apr 10, 2014 at 03:55:47PM -0700, walt wrote: On 04/09/2014 05:06 PM, Joseph wrote: Is gentoo effected by this new 'Heartbleed' bug? The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library http://heartbleed.com/ This topic was discussed in my favorite podcast, http://twit.tv/sn Steve Gibson explained that the heartbeat feature was introduced in openssl to allow *UDP* connections to mimic the 'keepalive' function of the TCP protocol. IIRC Steve didn't explain how UDP bugs can compromise TCP connections. Anyone here really understand the underlying principles? If so, please explain! Thanks. Yes, but no, actually. It's main use is in DTLS, over UDP and similar protocols, however it is also supported in TLS (over TCP). From the RFC [0]: DTLS is designed to secure traffic running on top of unreliable transport protocols. Usually, such protocols have no session management. The only mechanism available at the DTLS layer to figure out if a peer is still alive is a costly renegotiation, particularly when the application uses unidirectional traffic[...] TLS is based on reliable protocols, but there is not necessarily a feature available to keep the connection alive without continuous data transfer. The Heartbeat Extension as described in this document overcomes these limitations. So the heartbeat in [D]TLS, as implemented in OpenSSL, is standard-compliant. It's more useful in datagram communication (i.e. UDP, connectionless) but it is available for connection-oriented protocols (i.e. TCP), as well. It was the TLS heartbeat-implementation that suffered from this vulnerability. You can see the patch-fix here[1], if you're interested. [0] https://tools.ietf.org/html/rfc6520 [1] https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3
Re: [gentoo-user] Is my system (really) using nptl
On 10/13/2012 02:40 PM, Mark Knecht wrote: Now, this does make me curious about some things running on my system. Two for instance, Google Chrome and akonadi_agent, have LOTS of pids. I was assuming those were different threads and were demonstrating what the OP was asking about, but now I'm not so sure. How does a single program on an nptl system generate all these different pids? If I'm not mistaken, Chrome breaks out different tabs into different processes (which you can see if you open View Background Pages from the menu). I can't say anything about akonadi_agent, though. Thanks, Mark
Re: [gentoo-user] Re: Want to start open source development
On 10/10/2012 12:30 PM, karan garg wrote: Thanks a lot for the feedback. But I am a bit scared as this is going to be my first such experience. I have a basic knowledge about these languages, and definitely even if I fall short of the required standards, I shall learn them on the way, but it sort of is making me nervous. Can you plz explain how the procedure works if i try to enhance a software or fix a bug? Like will i be provided with a particular task? Or if i dont know something then i will be guided through that problem by your advices? Or I'l just be on my own except for where i get stuck and just be provided with the resources? My apologies for trying your patience. -- Regards :) Karan Well, I suppose first and foremost, do you have a particular project in mind to which you would like to contribute? I understand being worried about potentially not knowing what you're doing and becoming overwhelmed, but for a situation like this where you *want* to volunteer to do something, at some point the want will override the fear. You just need to find the correct project and task that most appeals to you! :) As for any guidance you may receive, it really depends on how you go about getting involved. Many of the larger projects have guidelines that you can follow to become comfortable with their specific coding style and the way patches are accepted, etc, etc [1][2] and as long as you read the pages carefully and try to adhere to their customs the main devs will probably be more than happy to assist you along the way if you need some clarification here and there. If you're more interested in helping a smaller project, then their process is generally less documented[3][4] and you'll find that you can form a more close, one-on-one relationship with the devs (as long as their not too overwhelmed with other things) and they'll also probably be happy to help you, as needed. Just be aware, if you want to help with the programming, then that's awesome! However, just keep in mind that most devs would prefer not to teach you the language the project is written in, so you most likely will have a tough time at first while you're trying to understand the codebase AND learn potentially foreign syntax and such. But if you're determined to help out and contribute then the community will welcome you with open arms. :) And as a side note, some devs can be grumpy and difficult to work with, but they are few and far between. On the vast majority of projects, the devs have a TODO that will take them years to get through so any help is usually appreciated and any additional features that will make their project more useful/worthwhile are appreciated, too. Summary/tl;dr Look for a Getting Started or Get Involved page on the projects website. If you can't find one, see if there's a HACKING doc in the project repository. If the project looks like something you want to work on but you need help, contact the dev and let him/her/them know your interested but need some help. HTH [1] http://www.libreoffice.org/get-involved/ [2] http://www.gnome.org/get-involved/ [3] https://github.com/ioerror/tlsdate/blob/master/HACKING [4] https://github.com/memcached/memcached/blob/master/HACKING
Re: [gentoo-user] mounting samsung galaxy S III (android ics)
On Thu, Jul 19, 2012 at 2:04 AM, Allan Gottlieb gottl...@nyu.edu wrote: I just purchased a new smartphone (samsung galaxy S III), which runs android ice cream sandwitch 4.0.4). I would like to copy files to and from the phone. The phone manual describes how to do this for windows (nothing needed) and Mac (a program to download), but not for gnu-linux. Apparently the phone supports MTP (media transfer protocol) and PTP (picture transfer protocol) I did some googling and there are a number of comments but no clear recommendations. Has anyone here performed file transfer gentoo -- samsung S3. I run amd64, but I don't think that is very relevant. Just mounting or ftp would be enough; I really just want to move some files. You should be able to mount it without any problems. I have ICS on my Nexus S and the only requirement to mounting the phone as a USB device is to toggle the USB Mass Storage option (it should show up in the notification bar). On my phone, the usb storage uses ext4 (IIRC), so drivers for this aren't an problem. Once the setting is toggled, it's automatically assigned a device mapping and it's usable as a normal USB drive from there.
[gentoo-user] Re: [gentoo-user] Oszkár Ocsenás
On Tue, Jun 19, 2012 at 11:12 AM, Oszkár Ocsenás ocsen...@gmail.com wrote: Hy! I'm new in this list. My name is Oszkár Ocsenás I'm from Hungary I'm interested in Linux@work, and Linux@daily use My most known distributions are: Ubuntu, Fedora, Sabayon and Gentoo Welcome! I saw you also introduced yourself on the -laptop (and I think one other) list, as well. Those are generally very quiet, so don't expect a response from them. -user is one of the most interesting and friendly lists to which I subscribe, and it's quite active, so I hope you're ready. =) We're all here if you have any questions and hopefully you'll be able to help us along the way, too! As friendly advice, make sure you read through any documentation that is available before asking and be patient if you don't get an immediate response. (People don't like to be pestered =D). Again, welcome and enjoy! - Matt
Re: [gentoo-user] Re: OT: Linus ranting about Gnome3
On Sat, Jun 16, 2012 at 5:00 PM, Nikos Chantziaras rea...@gmail.com wrote: On 16/06/12 21:27, walt wrote: I guess they figure the desktop will be extinct relatively soon and their customer base will vanish unless they capture the smartphone market. Ah yes, the death of the desktop PC, which is happening for 15 years now. Are we dead yet? I'm not holding my breath. There will always be a divide for the power users. A single, under-powered interface isn't going to cut it for a lot of us. X provides us with the flexibility that isn't available with the mobile interface.
Re: [gentoo-user] Re: OT: Linus ranting about Gnome3
On Sat, Jun 16, 2012 at 5:30 PM, Michael Mol mike...@gmail.com wrote: On Sat, Jun 16, 2012 at 5:10 PM, Matthew Finkel matthew.fin...@gmail.com wrote: On Sat, Jun 16, 2012 at 5:00 PM, Nikos Chantziaras rea...@gmail.com wrote: On 16/06/12 21:27, walt wrote: I guess they figure the desktop will be extinct relatively soon and their customer base will vanish unless they capture the smartphone market. Ah yes, the death of the desktop PC, which is happening for 15 years now. Are we dead yet? I'm not holding my breath. There will always be a divide for the power users. A single, under-powered interface isn't going to cut it for a lot of us. X provides us with the flexibility that isn't available with the mobile interface. Even in the Microsoft world, I can't easily imagine them ditching the old UI paradigm for their Windows Server products. They've come a long way in making Windows CLI-friendly (see PowerShell), but they haven't yet (AFAIK) provided a good mechanism for remote CLI access. True, and they've been working hard to get it to the state it is in now. In many cases, sys admins have had to unlearn relying on their mouse for complete power. The CLI provides options that are, obviously, very difficult to express in a simple GUI (I know I'm preaching to the choir). Powershell has made huge progress in this respect, but it still has a long way to go in order to compete with what we have. And I doubt the server environment would ever become stripped down to the state we're talking about. Not that they won't be able to bolt one in easily enough; CSRSS means they should be able to provide, e.g. an SSH daemon, give the connecting user a PowerShell login session[1], and give it equal privileges and security controls as they have for any other login session. How many years have they had? I'd given up on this years ago.
Re: [gentoo-user] Re: OT: Linus ranting about Gnome3
On Sat, Jun 16, 2012 at 6:59 PM, Michael Mol mike...@gmail.com wrote: On Sat, Jun 16, 2012 at 6:42 PM, Matthew Finkel matthew.fin...@gmail.com wrote: On Sat, Jun 16, 2012 at 5:30 PM, Michael Mol mike...@gmail.com wrote: On Sat, Jun 16, 2012 at 5:10 PM, Matthew Finkel matthew.fin...@gmail.com wrote: On Sat, Jun 16, 2012 at 5:00 PM, Nikos Chantziaras rea...@gmail.com wrote: On 16/06/12 21:27, walt wrote: I guess they figure the desktop will be extinct relatively soon and their customer base will vanish unless they capture the smartphone market. Ah yes, the death of the desktop PC, which is happening for 15 years now. Are we dead yet? I'm not holding my breath. There will always be a divide for the power users. A single, under-powered interface isn't going to cut it for a lot of us. X provides us with the flexibility that isn't available with the mobile interface. Even in the Microsoft world, I can't easily imagine them ditching the old UI paradigm for their Windows Server products. They've come a long way in making Windows CLI-friendly (see PowerShell), but they haven't yet (AFAIK) provided a good mechanism for remote CLI access. True, and they've been working hard to get it to the state it is in now. In many cases, sys admins have had to unlearn relying on their mouse for complete power. The CLI provides options that are, obviously, very difficult to express in a simple GUI (I know I'm preaching to the choir). Powershell has made huge progress in this respect, but it still has a long way to go in order to compete with what we have. And I doubt the server environment would ever become stripped down to the state we're talking about. Actually, they're there as of Windows Server 2008. It's called Windows Server 2008 Core. According to Windows Server 2008: The Definitive Guide, you log into one of these systems and all you get (by default) is a terminal window with an instance of cmd.exe. It goes on to list seven server roles this configuration supports: * Active Directory and Active Directory Lightweight Domain Services (LDS) * DHCP Server * DNS Server * File Services (including DFSR and NFS) * Print Services * Streaming Media Services * Windows Server Virtualization (Curiously, one of the things you _can't_ do is run Managed Code.) Huh, I didn't know about this. It's still too limited, though. At least they've duplicated a lot of the core gui elements on cli. Not that they won't be able to bolt one in easily enough; CSRSS means they should be able to provide, e.g. an SSH daemon, give the connecting user a PowerShell login session[1], and give it equal privileges and security controls as they have for any other login session. How many years have they had? I'd given up on this years ago. SFU is available in the Server Core configuration. I imagine you could run OpenSSH under there. Or some commercial entity could come along and provide an SSH+screen(ish) component to snap into the CSRSS framework. I'd actually forgotten about that, I would never trust their implement though. Apparently there's a binary available of OpenSSH that runs on SFU (so says wiki [1]). I've been out of the Windows Server environment for a few years now, so I guess I've missed out on some of the progress MS has made in this area. It's good they are pushing the CLI now. Perhaps in a few releases they'll implement their own of encrypting telnet sessions with a screen/tmux lookalike. Microsoft never ceases to amaze me - with the good and the bad. [1] http://en.wikipedia.org/wiki/Windows_Services_for_UNIX
Re: [gentoo-user] Goodbye to gentoo?
On Mon, Mar 19, 2012 at 12:44 AM, Maxim Wexler maxim.wex...@gmail.comwrote: Hi Maxim, what changed when the modem stopped working? Dunno Also can you supply the output of the route -n and ifconfig commands to give us a chance of seeing if anything has gone adrift there. Also if you are using (and have tested that its not the problem) any firewall running. I don't use the /etc/conf.d/net file. Also all net hotplug services are turned of in rc.conf. route -n shows nothing except ppp0 (this is from ubuntu, but it was the same for gentoo when it was working) root@gnubu:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 00 ppp0 161.184.0.199 0.0.0.0 255.255.255.255 UH0 00 ppp0 I am too young to know the details of dial-up, but going on the assumption that it uses DHCP or something similar, that last line is definitely a problem. In order for packets to reach an outside network, they need to know where to go. This may be your local router or a router from your ISP. Regardless of the configuration, with a gateway of 0.0.0.0, any packets with a destination on the internet will never get there. Because you experience this problem under both Gentoo and Ubuntu, it sounds like an issue elsewhere. Does the other computer on your LAN have a problem accessing the internet? - Matt
Re: [gentoo-user] Changing compilers
On Mon, Mar 19, 2012 at 1:26 AM, Andrew Lowe a...@wht.com.au wrote: Hi all, Has anyone played around with the various better known compilers on Gentoo? By better known, I'm referring to gcc, Intel, llvm, pathscale. My situation is that I've just started my PhD which requires me to do Finite Element Analysis, FEA, and Computational Fluid Dynamics, CFD, and I want to find the best compiler for the job. Before anyone says Why bother, XXX compiler is only 1 - 2% faster than gcc, in the context of the work I'm doing this 1 - 2% IS important. What I'm looking for is any feedback people may have on ability to compile the Gentoo environment, the ability to change compilers easily, gcc-config or flags in make.conf, as to whether the compiler/linker can use the libraries as compiled by gcc on a standard gentoo install and so on. Obviously there is much web trawling to be done to find what other people are saying as well. Any thoughts, greatly appreciated, Andrew Lowe With regard to speed, are you looking for a faster compile time or higher optimization of the compiled code such that the run time is faster? -- Matthew Finkel
Re: [gentoo-user] MySQL MariaDB - is it time?
On Thu, Mar 1, 2012 at 3:47 PM, Tanstaafl tansta...@libertytrek.org wrote: Hi all, I just came across this thread today on the MariaDB discuss list about the poor stewardship of Oracle with respect to MySQL (and it references Oracle's track record of poor handling of the FLOSS projects it inherited when it bought Sun): https://lists.launchpad.net/**maria-discuss/msg00514.htmlhttps://lists.launchpad.net/maria-discuss/msg00514.html In it is discussed - among many other things including lots of good reason *why* - the possibility of replacing MySQL with MariaDB in anticipation of Oracle's current poor stewardship of MySQL... My question is - shouldn't gentoo be considering this move as well? I've been seriously considering this for my own servers for some time, and after reading this, I think it is time to stop thinking about it and just do it, but I'm a bit nervous - ianap, and don't want to shoot myself in the foot in the process. Anyone here ever done the switch want to share their experience? It's definitely an interesting dilemma, but one that was expected to happen eventually. Lucky Gentoo doesn't have to worry about release cycles. MariaDB is in portage so, in theory, it shouldn't be too difficult for any of us to make the switch. - Matt
Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.
On Thu, Jan 19, 2012 at 5:04 PM, Dale rdalek1...@gmail.com wrote: Chris Walters wrote: This is a test. Enigmail has been trying to use a revoked and expired key to sign my messages, lately. Chris I have a question now. I got a message from Paul Hartman and replied to it, off list, and it was encrypted and I hope my reply was too. My question is this. How do you make a email that only the sender and receiver can read? As a example. I'm talking to a Doctor or a lawyer and I don't want anyone but that person to see the email. How do I do that? Can that be done. Yes, this occurs when the messages are actually encrypted. Both the sender and receiver must generate a public and private key. The public key is...public. Anyone and everyone can use it to encipher a message. However, the private key should be..well, private. It is the key that can decipher the message. Assuming the receiver keeps this key secret, all messages that are encrypted with the public key will only be read by him/her. The message that I am repying to appears to be something, encypted maybe, but I think anyone on this list that uses the tool can read it. Am I correct? I'm using gmail right now, so I can't verify, but the message was most likely signed but not encrypted. By signing the message, Chris verified that he actually sent it and it wasn't someone impersonating. (This all hinges on the fact that you previously received his signature and trust that it was authentic then) I'm trying to get a full understanding of this thing. Ya'll know how I am. lol Dale :-) :-) Matt -- Matthew Finkel
Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.
On Thu, Jan 19, 2012 at 6:20 PM, Dale rdalek1...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mud is clearing up a bit. Excellent! Lookin good! Dale :-) :-) - -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words! Miss the compile output? Hint: EMERGE_DEFAULT_OPTS=--quiet-build=n -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8YpUwACgkQiBoxVpK2GMCz4QCeNBRDf8wmErruB5SVREcra4uu 6dQAnRnR8OuS0Mo5jcBnLNRGug0hkhK/ =XWWa -END PGP SIGNATURE- - Matt
Re: [gentoo-user] S.O.P.A and P.I.P.A and the blackout.
On Thu, Jan 19, 2012 at 6:55 PM, Dale rdalek1...@gmail.com wrote: Matthew Finkel wrote: On Thu, Jan 19, 2012 at 6:20 PM, Dale rdalek1...@gmail.com mailto:rdalek1...@gmail.com wrote: Mud is clearing up a bit. Excellent! Lookin good! Well, I get this on top of your message: Error - No valid armored OpenPGP data block found What's wrong with that? Yours or mine? Dale :-) :-) I'm using gmail right now, so my messages aren't signed. As such, I would have to say neither. =) I may be wrong and there actually is something amiss, anything is possible.
Re: [gentoo-user] OT: GPG Signatures
On Thu, Jan 19, 2012 at 7:01 PM, Chris Walters cjw20...@comcast.net wrote: On 1/19/2012 06:55 PM, Dale wrote: Matthew Finkel wrote: On Thu, Jan 19, 2012 at 6:20 PM, Dale rdalek1...@gmail.com mailto:rdalek1...@gmail.com wrote: Mud is clearing up a bit. Excellent! Lookin good! When he quoted your message, he included part of your PGP signature in the quoted part. That's what caused that error. Ah, that makes perfect sense! Thanks Chris -- Matthew Finkel
Re: [gentoo-user] Error with sunrise overlay during eix-sync...
On Thu, Dec 15, 2011 at 12:15 PM, Tanstaafl tansta...@libertytrek.orgwrote: Anyone else getting this error? It started this morning... Same here. I would say it is due to a bad push, but the changelog doesn't show any changes for months. I don't know ebuild syntax well enough to figure out the problem at first glace, though. -- Matthew Finkel
Re: [gentoo-user] Error with sunrise overlay during eix-sync...
On Thu, Dec 15, 2011 at 12:48 PM, Matthew Finkel matthew.fin...@gmail.comwrote: On Thu, Dec 15, 2011 at 12:15 PM, Tanstaafl tansta...@libertytrek.orgwrote: Anyone else getting this error? It started this morning... Same here. I would say it is due to a bad push, but the changelog doesn't show any changes for months. I don't know ebuild syntax well enough to figure out the problem at first glace, though. Actually, I take back half of what I said. I know the error is being caused by the last line of the ebuild, need_php_by_category, I just don't know why it gives an error or how that line is supposed to work. Perhaps it's the dev-php5 category that's confusing portage, but I really don't know. - Matt
Re: [gentoo-user] Gentoo + HP + Quickmedia
On Thu, Dec 15, 2011 at 7:24 PM, Carlos Sura carlos.su...@googlemail.comwrote: Well, Thank you for your answer Mick, but after numerous test also many times I've tried, could't make this happen, because quick media is without the HD (or at least I think) because I don't need to get to windows, is a OS very light to use, email, navigation, skype and some others things. Correct, so it should be completely independent of Windows or Gentoo or whichever OS you have installed on your hard drive. Also, I have to delete RECOVERY partition, because it did not work (I tried with extended partition, same results) Those partitions are pretty useless anyway :) Now, I'm running Gentoo + Windows 7 (Dual Boot) a little problems, but for now, I can work in both systems very well. Awesome! Glad to hear you have Gentoo working! Just out of curiosity, what types of problems are you still having? Regards -- Carlos Sura.- www.carlossura.com - Matt -- Matthew Finkel
Re: [gentoo-user] Gentoo + HP + Quickmedia
On Thu, Dec 15, 2011 at 8:56 PM, Carlos Sura carlos.su...@googlemail.comwrote: Well, My laptop has 2 video cards INTEL (integrated video card) That's the only one that works. And Ati Mobility Radeon Premium Graphics: lspci: 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev a5) 01:00.0 VGA compatible controller: ATI Technologies Inc Manhattan [Mobility Radeon HD 5400 Series] I tried with switchero but it just only work with INTEL not for ATI, also I've tried to use just ATI (ati-drivers) package, but when I try to: X -configure it says something like: Screen found, but driver: fxglrs (not found) If the Intel video card is working correctly, then you should only need to adjust which driver X uses when it starts. This can be changed within /etc/X11/xorg.conf. The ATI driver should be called fglrx which is installed when you emerge ati-drivers. It's strange that it can not find the driver, though. If it's possible, can you attach the error message? The ati-drivers package also comes with a tool, aticonfig, which may help auto-configure xorg.conf, as well. I tried following all gentoo wiki about ATI, but it just simply don't work. I don't care to use both video cards, but I would like to use ATI insted INTEL. If there any way or someone who knows how to solve this, it would be great for me! Regards -- Carlos Sura.- www.carlossura.com - Matt -- Matthew Finkel
Re: [gentoo-user] apache - virtual host not working
On Mon, Dec 12, 2011 at 1:23 AM, Joseph syscon...@gmail.com wrote: In /etc/hosts I have: 127.0.0.1 localhost.localdomain localhost mydomain.ca syscon5 10.0.0.100 www.mydomain.ca If I comment out: #10.0.0.100 www.mydomain.ca I can access this domain. By access, do you mean the website loads without the access restriction? in: modules.d/00_default_settings.**conf # We configure the default to be a very restrictive set of features. Directory / Options FollowSymLinks AllowOverride None Order deny,allow Deny from all /Directory Is there a reason you're giving access to / ? # added below Directory /var/www/localhost/htdocs AllowOverride All Order allow,deny Allow from all /Directory FilesMatch ^\.ht Order allow,deny Deny from all /FilesMatch Do you set the DocumentRoot within the file to a location to which the apache user has read access? I don't know where else to look. I can not access virtual domain on port 80 nor on 443 The server is working perfectly on my other computer running the same version of apache. As stated earlier I've compare configuration file with meld so I'm sure there are no mistakes. -- Joseph Hope we can get this resolved. - Matt -- Matthew Finkel
Re: [gentoo-user] [SOLVED] apache - virtual host not working
On Mon, Dec 12, 2011 at 2:26 AM, J. Roeleveld jo...@antarean.org wrote: On Mon, December 12, 2011 8:21 am, Joseph wrote: On 12/12/11 02:03, Matthew Finkel wrote: On Mon, Dec 12, 2011 at 1:23 AM, Joseph syscon...@gmail.com wrote in: modules.d/00_default_settings.conf # We configure the default to be a very restrictive set of features. Directory / Options FollowSymLinks AllowOverride None Order deny,allow Deny from all /Directory Is there a reason you're giving access to / ? No the above statement actually prevent access, am I correct? Yes, you are correct. It prevents access. Configuration in the vhosts-config will add access to the required directories. I'm sorry, I skimmed over it and misread it. It's much better the way you have it! :) Thanks folks, SOLVED! That's good to hear. Another lesson learned! Awesome! Live and learn - Matt
Re: [gentoo-user] New Server, considering hardened, need pointers to tfm...
On Sat, Dec 10, 2011 at 12:45 PM, Tanstaafl tansta...@libertytrek.orgwrote: Hello all, I'm considering rolling out a new server with gentoo, but wanted to base it on the hardened profile, but the docs I've read so far all seem to be a bit vague about all the details. I've been using gentoo for a while on my hobby server, but I installed it about 8 years ago, and chose the 'server' profile, and I must say it has been a real pleasure to maintain, and the only real hiccup I ever experienced was the mailman update that moved the directories for the lists without telling me what to do about it (the fix was simple, and the devs swiftly fixed the lack of post-install docs). Does anyone know of a good How-To that covers *all* of the bases? Ie, which model is best - grsecurity, PAX, SeLinux - and how best to implement it? Thanks... You may be able to get a better response from the -hardened list, but I built a hardened server a few months ago without much difficulty. As far as I know, the correct model to use depends on what you want to do with the server/what security you are looking to implement. When I went hardened, I used PaX and grsec [1] because it offered the security I was looking for but didn't restrict userland usability on a server on which I was the only user. My understanding is that this restriction would be a consequence of using SeLinux. [1] http://www.gentoo.org/proj/en/hardened/grsecurity.xml As for a solid comparison of the different models and tutorials for them, I don't know of any. I just used [1] as well as the PaX page to install and configure them and I didn't run into any problems. hope that helps a bit (and I hopefully didn't describe anything incorrectly). - Matt
Re: [gentoo-user] Another Install Issue
On Sun, Oct 16, 2011 at 11:05 AM, CJoeB colleen.bea...@gmail.com wrote: Also: Are the modules actually loaded before you unload them? Use `modprobe -vr broadcom tg3`. If there is no output, the module was not loaded. Prior to unloading the modules, output from 'modprobe -vr broadcom tg3' is rmmod /lib/modules/2.6.39-gentoo-r3/kernel/drivers/net/tg3.ko Hi Colleen, Looks like broadcom isn't loading at boot. Also, I'm not too familiar with broadcom, but why must you load two modules? I found [1] which sound like your problem (possibly the site you mentioned earlier) which references a similar problem when tg3 is loaded before broadcom. You may have already tried this, but have you tested changing the order in /etc/conf.d/modules? [1] https://bbs.archlinux.org/viewtopic.php?id=110026 - Matt -- Matthew Finkel
[gentoo-user] Re: this is spam (was: Re: [gentoo-user] 回复: [gentoo-user] Anyone can afford information about build kernel?)
On Tue, Oct 11, 2011 at 11:08 AM, Jonas de Buhr jonas.de.b...@gmx.netwrote: Am Tue, 11 Oct 2011 13:54:06 +0100 schrieb Mick michaelkintz...@gmail.com: On Tuesday 11 Oct 2011 12:51:12 Jonas de Buhr wrote: Am Tue, 11 Oct 2011 13:03:27 +0200 schrieb Jonas de Buhr jonas.de.b...@gmx.net: it's nice how much many people on this this list are willing to help in spite of all this. but am i really the only one who finds the behavior described above at least confusing? anyway, i'm quite convinced it is fake. no, apparently i am not the only one thinking that: http://www.stopforumspam.com/ipcheck/58.243.95.123 Interesting! Well, the broken English is not an insurmountable problem as long as we understand the question asked. Not everyone is blessed with good knowledge of the English language. i totally agree to that given any effort on the other end i would do my best to help as well. The questions seem genuine, so it may help the OP or others that have similar problems. right, the replies probably gave the thread some value ;) but there was *no* reaction at all to the proposed solutions, hints and info requests. why ask for help if you don't even try the suggestions? it takes you about ten minutes of reading this list to realize that the usual way of solving problems is a cycle of i am trying to do X and receive error Y-hey, try Z-oh, now A happens-try B too etc. Now, if as you say it is indeed spam, what escapes me is why would someone spam the list in this manner? It doesn't make sense. my point exactly! i don't get it - this intially led me to post this comment in the first place. what really points into the direction of spam in my opinion is using the different names mentioned of stopforumspam. and that others went as far as reporting it. So I am led to believe that the peculiarities you mention are probably a cultural (or personal) issue. possible. but what makes it even more confusing is that this doesn't go well with my experience of chinese people having a hard time with english (i can't really put my finger on it, but it doesn't feel right) and how they react to hey, you're doing X wrong, thats rude. not meaning to stereotype, it just made it more suspicious. I understand why you would think the OP is a spammer, but the topic just seems too genuine (to me at least) for this to actually be spam. It definitely would have been more polite if Lavender had replied to the other suggestions, but (assuming the thread is not spam) you don't know what is going on in their life and it may take a few days to respond. Just because the person is from China, doesn't mean we should assume they're a spammer (following Alan's last reply). -- Matthew Finkel
Re: [gentoo-user] Re: Is Qemu dead?
On Thu, Sep 29, 2011 at 1:13 PM, Michael Orlitzky mich...@orlitzky.comwrote: On 09/28/2011 10:42 AM, Grant Edwards wrote: Doh! I had forgotten there was a seperate kvm-enabled build of Qemu. I'll have to give that a try. You can use qemu-kvm whether or not you have a kernel/CPU with KVM support: $ cat /usr/bin/kvm #!/bin/sh exec /usr/bin/qemu-system-x86_64 --enable-kvm $@ But I was under the impression you can only use -enable-kvm if you have KVM built into the kernel/load the module.
Re: [gentoo-user] Is Qemu dead?
On Wed, Sep 28, 2011 at 10:14 AM, Grant Edwards grant.b.edwa...@gmail.comwrote: I've been trying to use Qemu to do some test installs of Ubuntu server. I've used Qemu successfully in the past, but it seems to have hit a dead end. The stable version (0.11) of Qemu just plain doesn't work. There are constant segfaults and kernel panics in the guest environment. I updated to the ~x86 version (0.14) -- while the guest OS installs and runs OK, kernel acceleration (kqemu module) is no longer supported, and without it Qemu is really slow. For now I've switched to VirtualBox, but the console implementation in VirtualBox is nightmarishly slow. When I do -l looks like it's scrolling by at about 9600 baud. Is Qemu dead? Or just dying? -- Grant Edwards grant.b.edwardsYow! What UNIVERSE is this, at please?? gmail.com I've been using QEMU on, nearly, a daily basis for the last few months. Last I checked, I believe they're on track for a v1.0 release in November or December. I, honestly, haven't had many problems with unexpected segfaults on either Gentoo or Ubuntu, so I can't give any advice for that. As for the speed issue, have you tried building KVM into the kernel or at least as a mod? - Matt
Re: [gentoo-user] Chromium and Google Chrome
On Fri, Sep 2, 2011 at 4:31 AM, András Csányi sayusi.a...@gmail.com wrote: On 2 September 2011 10:17, JD Horelick jdho...@gmail.com wrote: Also, one is a binary, one is source that you need to compile. And Chromium is an EXTREMELY long compile I agree it takes long time (1-2 hours on my machine) but the compile time doesn't matter for me. I upgrade my machine from my workplace. -- - - -- Csanyi Andras (Sayusi Ando) -- http://sayusi.hu -- http://facebook.com/andras.csanyi -- Trust in God and keep your gunpowder dry! - Cromwell This was brought up on gentoo-dev ML last week by Mike Gilbert (aka floppym) . ---Snip I have been maintaining an ebuild for Google Chrome in an overlay. It basically extracts a deb file to /opt. This serves as an easy alternative for people who do not have the patience to compile Chromium. Now that I have developer access, I would like to move this to the tree. Before doing so, I need some advice on how to deal with the EULA[1]. --Snip-- hth, Matt -- Matthew Finkel
Re: [gentoo-user] Cheapest dedicated gentoo servers?
On Fri, Sep 2, 2011 at 9:41 AM, Nilesh Govindarajan cont...@nileshgr.comwrote: Hi, I'm looking for dedicated server providers whose rates are low, support Gentoo and most importantly are reliable. Service should be stable. Location is not important, but preferable in EU. -- Nilesh Govindarajan http://nileshgr.com I don't know of any dedicated services that meet your requirements, but is it a hard requirement that the server be dedicated? VPSs can be just as stable as a dedicated and are usually much cheaper. KVM and Xen environments are becoming much more prevalent. What type of storage/memory requirements do you have, if you don't mind me asking? - Matt -- Matthew Finkel
Re: [gentoo-user] Mercurial Server
On Sat, Aug 20, 2011 at 1:51 PM, Nilesh Govindarajan cont...@nileshgr.comwrote: Hi, I managed to configure mercurial-server on my gentoo vps, and add my public key for the root user to it. I can ssh to hg@myvps. But this is what I get when I run hg clone ssh://hg@myvps/hgadmin: running ssh hg@myvps hg -R hgadmin serve --stdio remote: Traceback (most recent call last): remote: File /usr/share/mercurial-server/hg-ssh, line 76, in module remote: dispatch.dispatch(['-R', repo, 'serve', '--stdio']) remote: File /usr/lib64/python2.7/site-packages/mercurial/dispatch.py, line 31, in dispatch remote: if req.ferr: remote: AttributeError: 'list' object has no attribute 'ferr' abort: no suitable response from remote hg! Any clues? -- Nilesh Govindarajan http://nileshgr.com I started to write some questions for you to answer, but then I decided I'd see if anyone else was having this issue [0]. Maybe that'll help. It looks like a bug that should be filed. [0] http://stackoverflow.com/questions/6730735/troubles-with-mercurial-1-9-and-ssh
Re: [gentoo-user] Hoping someone can help explain distcc to me
On Sat, Aug 20, 2011 at 10:46 PM, Dale rdalek1...@gmail.com wrote: Peter Humphrey wrote: On Sunday 21 August 2011 02:08:51 Paul Hartman wrote: Could I just export the entire laptop - everything from the root directory and below - and chroot into that over the network? Then I wouldn't even need to emerge -k... No, I tried that and got myself tied in knots - well, actually it was the whole portage tree that I exported, not the entire system. I forget what went wrong now, but it's definitely cleaner to tell the server to build the packages and the client to install from them. The emerge -k step is quick too, and you have the advantage that you can see whether the packages are actually there, unless you've switched colours off or not specified -v. (I once found that they weren't there, which prompted me to go looking for the config problem. Like Dale, I'm quite a good tester!) You just have to make sure that the chroot is identical to the client. Since you mentioned me. I wish I could set up a quicky from my 4 core 64 bit machine to compile 32 bit packages for a older 2GHz machine that belongs to a friend. I was going to put Mandriva on it but the CD won;t boot up properly. It stops at starting udev. Gr. How hard is it to set up a 64 bit machine to compile programs for a 32 bit system? Dale :-) :-) It's actually quite easy. IIRC, when I did it last, the only difference is that when you chroot into the subsystem you need prefix the command with linux32, e.g. linux32 chroot /path/to/chroot /bin/bash
Re: [gentoo-user] OT: but cool - NASDAQ is gentoo powered
On Thu, Aug 18, 2011 at 12:45 AM, Norman Rieß nor...@smash-net.org wrote: Am 08/17/11 13:44, schrieb Joost Roeleveld: On Wednesday, August 17, 2011 09:59:50 AM Peter Humphrey wrote: On Tuesday 16 August 2011 02:48:30 Michael Mol wrote: How does everybody here use Gentoo? For personal use? Production use? For server, desktop or embedded roles? What's your most interesting setup or use case? Since you ask: my workstation runs Gentoo. My old workstation sometimes does; at other times it's experimenting with other distributions. I have a midget server on the LAN (Atom N270) which runs Gentoo, but it's too underpowered to do all the compiling itself, so it NFS-exports its packages directory to my workstation, where I have a 32-bit chroot set up as an image of the Atom. Emerging is done here, making the packages available for installation on the Atom. This is a cumbersome operation though. The Atom serves web, time, squid proxy, dns, cups and mysql to the LAN. It runs http-replicator and rsyncd to keep a local portage tree for the other boxes. I'd like it to serve mail too, but I've never managed to set that up. Putting email on the Atom using IMAP might not be the best option. IMAP can be quite heavy on resources on the server-side. I use a quad-core AMD for my server. -- Joost Depends on how you use it. I have an IMAP-Server running on Atom which holds my email archive. Also depends on the Software you use for the IMAP-Server. I can not see why a N270 could not serve a moderate amount of users on IMAP. Concerning the Atom not fast enough for compiling-Problem. I compiled, run and update a Gentoo System on a AMD Geode LX, which is way less powerfull and it works just fine. Norman Just out of curiosity, how long does it take to compile gcc? - Matt
Re: [gentoo-user] {OT} Can I retrieve my SSL key?
On Wed, Aug 17, 2011 at 10:24 PM, Michael Mol mike...@gmail.com wrote: On Wed, Aug 17, 2011 at 9:45 PM, Francisco Blas Izquierdo Riera (klondike) klond...@gentoo.org wrote: El 18/08/11 03:37, Grant escribió: I just accidentally overwrote my SSL certificate key. Is there any way to retrieve it? Possibly some sort of export since I haven't restarted apache2 yet? What, exactly, did you do that caused the overwrite? I generated a new key but used the wrong filename so it overwrote a key that has an associated certificate. Hopefully you can still ext3undelete it Worst case you have to parse the whole disk looking for a pattern with a custom C program (AHH the pain!) There are file carver tools I've not had any luck with them, though. -- :wq As Francisco mentioned, depending on the filesystem you're using, there may exist an 'undelete' tool which came with the util package. If not, then assuming you have at least a few gigs of free space on your drive/partition the chances that the file was /actually/ overwritten are quite slim, so the cert is most likely still there. Any decent data recovery program should be able to find it (and just about every single other file you've ever deleted). I wish I could recommend one, but I thankfully have not needed one recently (hopefully this won't jinx it :) ). Good Luck! - Matt
Re: [gentoo-user] What's the status of ht://Dig?
On Wed, Aug 17, 2011 at 11:02 PM, Peter Humphrey pe...@humphrey.ukfsn.orgwrote: Hello list, I'd like to add a search facility to my choir's website, and a likely- looking candidate is ht://Dig, but its News dates from seven years ago. Does this mean it's dead or absolutely stable? If this isn't a runner, does the team wish to offer an alternative? I have over 100 pages in this site, and I'm sure a visitor would like to be able to search for a particular member, song, venue etc. -- Rgds Peter Linux Counter 5290, 1994-04-23 Browsing through the page, the project looks pretty dead which seems strange considering how many contributors it had. As such, I've never used it but Hyper Estraier[0] may do what you want, as well. There are probably others out there. There's also always the Google option. [0] http://fallabs.com/hyperestraier/ - Matt
Re: [gentoo-user] OT: but cool - NASDAQ is gentoo powered
On Thu, Aug 18, 2011 at 4:23 AM, Norman Rieß nor...@smash-net.org wrote: Am 08/18/11 09:11, schrieb Matthew Finkel: On Thu, Aug 18, 2011 at 12:45 AM, Norman Rieß nor...@smash-net.org mailto:nor...@smash-net.org wrote: Am 08/17/11 13:44, schrieb Joost Roeleveld: On Wednesday, August 17, 2011 09:59:50 AM Peter Humphrey wrote: On Tuesday 16 August 2011 02:48:30 Michael Mol wrote: How does everybody here use Gentoo? For personal use? Production use? For server, desktop or embedded roles? What's your most interesting setup or use case? Since you ask: my workstation runs Gentoo. My old workstation sometimes does; at other times it's experimenting with other distributions. I have a midget server on the LAN (Atom N270) which runs Gentoo, but it's too underpowered to do all the compiling itself, so it NFS-exports its packages directory to my workstation, where I have a 32-bit chroot set up as an image of the Atom. Emerging is done here, making the packages available for installation on the Atom. This is a cumbersome operation though. The Atom serves web, time, squid proxy, dns, cups and mysql to the LAN. It runs http-replicator and rsyncd to keep a local portage tree for the other boxes. I'd like it to serve mail too, but I've never managed to set that up. Putting email on the Atom using IMAP might not be the best option. IMAP can be quite heavy on resources on the server-side. I use a quad-core AMD for my server. -- Joost Depends on how you use it. I have an IMAP-Server running on Atom which holds my email archive. Also depends on the Software you use for the IMAP-Server. I can not see why a N270 could not serve a moderate amount of users on IMAP. Concerning the Atom not fast enough for compiling-Problem. I compiled, run and update a Gentoo System on a AMD Geode LX, which is way less powerfull and it works just fine. Norman Just out of curiosity, how long does it take to compile gcc? - Matt Atom: genlop -t sys-devel/gcc-4.4.5 * sys-devel/gcc Sat Feb 26 13:06:08 2011 sys-devel/gcc-4.4.5 merge time: 1 hour, 12 minutes and 27 seconds. Wed Mar 23 23:01:12 2011 sys-devel/gcc-4.4.5 merge time: 1 hour, 10 minutes and 22 seconds. Geode: genlop -t sys-devel/gcc-4.4.5 * sys-devel/gcc Sat Feb 26 19:11:36 2011 sys-devel/gcc-4.4.5 merge time: 7 hours, 17 minutes and 41 seconds. Fri Mar 25 05:51:21 2011 sys-devel/gcc-4.4.5 merge time: 7 hours, 17 minutes and 2 seconds. Norman Interesting, thanks! I was interested in a comparison of compile times. I was originally going to ask how long it takes to compile OO/LibreOffice but then figured your system most likely didn't have it. haha And as you said in your other reply, if you rarely have to interact with this system, and compiling doesn't result in significant lag, why not compile it? It'd take a century to emerge an entire feature-full desktop/server build, but as a small embedded system it actually sounds reasonable.
Re: [gentoo-user] OT: but cool - NASDAQ is gentoo powered
On Thu, Aug 18, 2011 at 3:58 AM, Dale rdalek1...@gmail.com wrote: Matthew Finkel wrote: Just out of curiosity, how long does it take to compile gcc? - Matt This may help. I saw one Atom CPU in the list. http://gentoo.linuxhowtos.org/**compiletimeestimator/http://gentoo.linuxhowtos.org/compiletimeestimator/ It must be pretty slow since it is at about the bottom of the list. The list goes from fastest to slowest. Dale :-) :-) huh, that's a pretty neat site, thanks. A funny thing about this site is that the 'slowest' core listed is a P2 which has an estimated compile time that's twice as fast for gcc as Norman's Geo. His atom is quite snappy though. :)
Re: [gentoo-user] /dev/sda* missing at boot
On Thu, Aug 18, 2011 at 2:59 PM, fra...@gmail.com wrote: Hi, guys It is a shame, I know, but after several years using Gentoo, it is the first time I try to build a kernel without genkernel. And now I can't boot to that new kernel, it does not find (and really do not have a) /dev/sda* root partition (real-root); during the boot it stops, complaining about that, gives me the option to get a shell, from which I am able to see that there is no /dev/sda* . I have included everything SATA, so it looks like that is not a kernel problem, but a initramfs issue, I guess. What am I missing? Thanks a lot Francisco P.S.: my boot partition is sda2, sda3 is a swap partition, and everything else is in sda4. sda1 is not used (up to now) and this is my grub.conf : title Gentoo Linux 2.6.39-gentoo-r3 root (hd0,1) kernel /boot/kernel-genkernel-x86_64-2.6.39-gentoo-r3 ro root=/dev/ram0 init=/linuxrc real_root=/dev/sda4 vga=0x318 video=uvesafb:1024x768-32 nodevfs udev devfs=nomount quiet CONSOLE=/dev/tty1 initrd /boot/initramfs-genkernel-x86_64-2.6.39-gentoo-r3 Do you have a block device driver built into the kernel? And what type of shell are you dropped into when then happens? Is it a single-user mode shell or grub (or something else entirely)? Also, while you're booted into the livecd/dvd/usb and you chroot, try lspci -k and check to see what modules/drivers that lists as installed and see if you have them enabled in your config. - Matt
Re: [gentoo-user] OT: but cool - NASDAQ is gentoo powered
On Mon, Aug 15, 2011 at 9:48 PM, Michael Mol mike...@gmail.com wrote: On Mon, Aug 15, 2011 at 8:28 PM, Adam Carter adamcart...@gmail.com wrote: http://www.itworld.com/open-source/193823/how-linux-mastered-wall-street This is related to a question I wanted to poll the list with. How does everybody here use Gentoo? For personal use? Production use? For server, desktop or embedded roles? What's your most interesting setup or use case? I had Gentoo on both my desktop and HTPC, but I had to cannibalize the HTPC for parts, so now it's just on my primary desktop box. -- :wq Here I have it on my laptop, desktop, build server, build binary packages server, web server, backup servers, file servers and (hopefully) a media server/htpc soon. And Adam, nice find. -- Matthew Finkel
Re: [gentoo-user] www-client/chromium
2011/8/5 Jesús J. Guerrero Botella jesus.guerrero.bote...@gmail.com 2011/8/5 Matthew Finkel matthew.fin...@gmail.com: On Fri, Aug 5, 2011 at 12:05 AM, Thanasis thana...@asyr.hopto.org wrote: I noticed that chromium's code has a lot of vulnerabilities. https://bugs.gentoo.org/buglist.cgi?quicksearch=www-client%2Fchromium I suppose this is why we see so often version upgrades of it (and it's not a small app to build). Why is its code so, should I say prone to bugs, compared to other browsers? Firefox isn't perfect either https://bugs.gentoo.org/buglist.cgi?quicksearch=www-client%2Ffirefoxlist_id=337885 I think you hit the nail on the head by saying that it's not a small app to build. The more code that's written increases the the chances a security holes will be introduced into the application. I don't think so. It's not the raw number of source code lines which makes it more prone to bugs. I think that a closer and more realistic number would be the number of lines divided by the number of full-time developers, and don't forget to put in the middle of that formula how skilled they are. Having that into account, chromium has a good base since few teams in the planet will have the quantity and quality of man power that Google has to devote to this project. And as an internet browser, they're also susceptible to many more vectors of attack than most other packages. For chromium specifically, I haven't looked at the CVEs but I suspect many are for webkit and not just Chromium. Just my 2c. The webkit branch into chromium is not the same that you can find in any other webkit-based project. They just have a common origin, but they are maintained separately and it is my understanding that they have diverged enough to be considered as separate things. -- Jesús Guerrero Botella Your points on code quality and developer quality/experience are well taken, and I completely agree; the number of lines of source code is never really a good criterion for comparison. I also wasn't aware the chromium-base and webkit-base had diverged so much. On second look of the bug reports, all of them are linked to the Google Chrome Release blog, where the vast majority of the vulnerabilities/bugs are attributed to bounty hunters. So I believe this also heavily contributes to the quick release cycle. To Thanasis' point, I think the quick release cycle is two-fold. The first being that Google has a policy of release early-release often, so I would guess that once the new feature set is stable they push it out. Second is the fact that most people like using stable and secure software as well as making money. Also, quite a few of the bugs, in the Google Chrome Team's words, were clever, so I would assume they weren't easy to find. I didn't go digging around to see how old these bugs were, to see when they were introduced, but it did appear that a large portion were due to common coding error, i.e. use-after-free, memory corruption, etc. As an aside, a similar (condensed) list of vulnerabilities in all Mozilla projects can be found here [0]. I think, overall, compared to Chrome/Chromium, there are significantly less vulnerabilities reported for Firefox. But there is also far less money going towards the discoveries, as well. 0. http://www.mozilla.org/security/known-vulnerabilities/ - Matt
Re: [gentoo-user] portage no longer in world?
On Thu, Aug 4, 2011 at 3:00 AM, Joost Roeleveld jo...@antarean.org wrote: On Thursday, August 04, 2011 12:10:25 AM Alan McKinnon wrote: On Wed 03 August 2011 17:44:08 Willie Wong did opine thusly: On Sun, Jul 31, 2011 at 01:38:58PM +0200, Alan McKinnon wrote: It's sensible really - portage is not the only package manager out there and therefore should not be in @system. The user did not put portage in world, and did not use -D, so portage is not updating the package. The solution is simple - all users should put their preferred package manager into world and what Stroller is seeing will stop happening. Zac can't force portage into system like he could with less and nano and have few or non side-effects. A virtual package manager only says that you *have* one, not *which* one. So as usual for Gentoo, the user gets to tell the software which one it is. I don't see a problem. Though it is silly IMHO that portage would want to remove itself with depclean. Could it not be hardcoded into portage that it should try to keep itself updated and not commit suicide? (Independently of the @system sets.) What about replacing portage with paludis? In your scenario, portage could not do that. It would be possible by: 1) emerge paludiis 2) paludis - delete portage (I don't know Paludis, so not sure of the exact syntax) This would then be a safer way of doing things as you'd always have at least 1 package manager installed. -- Joost Having something delete/remove itself is always a tricky situation. But in this context it should be possible. Though package managers are extremely useful, they are not mandatory and in some (rare) cases one may not be wanted and there must be a way to appease these environments in such a situation. We're talking about GNU/Linux here, the possible uses are enormous, so the user just needs to understand what they're doing and know which packages are vital in their system to make sure it continues to operate as expected.
Re: [gentoo-user] www-client/chromium
On Fri, Aug 5, 2011 at 12:05 AM, Thanasis thana...@asyr.hopto.org wrote: I noticed that chromium's code has a lot of vulnerabilities. https://bugs.gentoo.org/buglist.cgi?quicksearch=www-client%2Fchromium I suppose this is why we see so often version upgrades of it (and it's not a small app to build). Why is its code so, should I say prone to bugs, compared to other browsers? Firefox isn't perfect either https://bugs.gentoo.org/buglist.cgi?quicksearch=www-client%2Ffirefoxlist_id=337885 I think you hit the nail on the head by saying that it's not a small app to build. The more code that's written increases the the chances a security holes will be introduced into the application. And as an internet browser, they're also susceptible to many more vectors of attack than most other packages. For chromium specifically, I haven't looked at the CVEs but I suspect many are for webkit and not just Chromium. Just my 2c.
Re: [gentoo-user] www-client/chromium
On Fri, Aug 5, 2011 at 12:36 AM, Michael Mol mike...@gmail.com wrote: At least one of the multiple vulnerabilities bugs linked to a Chrome update notice which didn't list any vulnerabilities. (Well, except a Flash update, which I didn't dig into) -- :wq M Flash. Now there is a nice and secure piece of software! -- Matthew Finkel
Re: [gentoo-user] www-client/chromium
On Fri, Aug 5, 2011 at 1:14 AM, Adam Carter adamcart...@gmail.com wrote: You've made an assumption there. Maybe my assumption isn't true, after all seeing the list for firefox that Matthew pointed to, although with firefox we don't see upgrades so often, I guess we should *not* feel more secure with it... The noscript firefox addon gives significant protection with only a little inconvenience. There was no equivalent for chromium last time I checked, and it still doesn't have a master password to protect saved webform passwords. Chromium is faster than a pgo build of firefox so i would prefer to use it, but not until those two issues are addressed. I felt the same way, but then I found NotScript [0]. It's decent, I do like noscript a bit better, but it gets the job done. I can't recall anything about a master password, though, so that may still be a valid concern. 0. https://chrome.google.com/webstore/detail/odjhifogjcknibkahlpidmdajjpkkcfn -- Matthew Finkel
Re: [gentoo-user] Virtualbox VMs not running under 3.0.0-gentoo
On 07/24/11 22:02, Mark Knecht wrote: On Sun, Jul 24, 2011 at 5:16 PM, Daniel Wagenerst...@gmx.net wrote: On Sun, 24 Jul 2011 17:09:13 -0700 Mark Knechtmarkkne...@gmail.com wrote: Hi, I just got around to trying my Virtualbox VMs under the new 3.0.0 kernel and they aren't working. It says vboxdrv is not set up. I drop back to 2.6.39 and they run fine. Please note I really mean only the VMs won't start. The Vbox GUI runs fine but then cannot start the VMs. I used make oldconfig to get 3.0.0 working so maybe that caused the problem but I don't yet see what's wrong looking at the config files. Most likely this is some problem caused by the new numbering but I Googled around looking for a solution and didn't find one. Has anyone else here checked Virtualbox under the new kernel? Note that VMWare seems to be running fine under 3.0.0, only Virtualbox is failing. Thanks, Mark You know that these Modules have to be compiled against the running kernel? A re-emerge should do: emerge -1av virtualbox-modules Almost forgot: youd also have to reload these modules via modprobe (or rebooting *hides*) Actually, I think I just figured it out. The new way of loading modules re Baselayout/OpenRC I think requires that we tell it what kernel version we're loading the modules for. I'm on the wrong machine right now but this machine has this sort of stuff in /etc/conf.d/modules: k2 ~ # cat /etc/conf.d/modules # You can define a list modules for a specific kernel version, # a released kernel version, a main kernel version or just a list. #modules_2_6_23_gentoo_r5=ieee1394 ohci1394 #modules_2_6_23=tun ieee1394 #modules_2_6=tun #modules=ohci1394 I'm guessing I need to modify this file to tell it to load the vbox modules for 3_0 kernels Would you concur? Cheers, Mark Yes, I believe that would be your issue. I just handled that when I first moved over to openrc that i just added: modules=vboxdrv vboxnetadp vboxnetflt without even thinking out/dealing with kernel versions. Give it a whirl and see if it works after you reload 'em.
Re: [gentoo-user] [OT]: grep -Z not working ???
On 07/18/11 23:12, meino.cra...@gmx.de wrote:
Hi,
the manual page of grep mentioned the following:
-Z, --null
Output a zero byte (the ASCII NUL character) instead of the
character that normally follows a file name. For example, grep -lZ outputs a
zero byte
after each file name instead of the usual newline. This option
makes the output unambiguous, even in the presence of file names containing
unusual
characters like newlines. This option can be used with
commands like find -print0, perl -0, sort -z, and xargs -0 to process
arbitrary file names,
even those that contain newline characters.
for me (as a non-native English speak ;) ) this means:
Replace a newlie after a filename with a zero-byte.
So when doing
find /tmp | grep -Z tmp | xargs -0 md5sum
it should work comparable to
find /tmp -print0 | xargs -0 md5sum
but for me it does not.
If my logic is not complete nonsense I dont understand the second
part of the text of the manual page:
This option can be used with commands like find -print0, perl
-0, sort -z, and xargs -0 to process arbitrary file names,
even those that contain newline characters.
If I would do
find /tmp -print0 | grep -Z tmp | xargs -0 md5sum
there are no newlines which could be printed instead of the character that
normally follows a file name. For example, grep -lZ outputs a zero byte
after each file name instead of the usual newline.
This took me a few minutes to actually figure out exactly what -Z in
supposed to do. But I *think* it does exactly this. Whatever character
comes directly after the filename is replaces by NUL. As you can see in
my example below, the character that normally follows a filename is ':'
(a colon), but with the -Z option, the colon is replace with NUL, this
no 'character' follows it.
~/joe/sullivan $ grep -Z document ./*
./core.js$(document).ready(function() {
./core.js$(document).pngFix();
./core.jsvar map = new
google.maps.Map(document.getElementById(map_of_region), myOptions);
~/joe/sullivan $ grep document ./*
./core.js:$(document).ready(function() {
./core.js:$(document).pngFix();
./core.js:var map = new
google.maps.Map(document.getElementById(map_of_region), myOptions);
But please do correct me if I'm wrong.
At this point confusion fills my head and nonsense follows my commands
on the command line.
What does that all mean?
Thank you very much for any help and de-confusion in advance! :)
Best regards,
mcc
HTH (and that I'm not totally off track)
- Matt
Re: [gentoo-user] qemu-kvm
On 07/15/11 20:24, john wrote: I am running a gentoo amd64 qemu-kvm virtual image on my gentoo amd64 box. Everything is running well. Machine boots up and all looks to be ok. When I startx the screen goes purple (on guest) and locks up. The only error message I get is on host. KVM internal error. Suberror: 1 emulation failure I would guess this is a graphics issue but not entirely sure. I have tried -vga cirrus, std, vmware but all have the same effect. I have emerged these in guest as xorg-drivers. Any suggestions! Are there any entries in /var/log/messages or /var/log/X.0.log on the guest related to the lock up?
Re: [gentoo-user] bridge
On 07/10/11 10:50, Daniel Hilst Selli wrote: Hi people, I'm using brctl to create bridges for some qemu guests... I create a br0 with brctl addbr br0 the I attach my wireless card to it with brctl addif br0 eth1 Then some times I get right ip with dhcpcd br0 (after doing 'ifconfig br0 promisc up') but some times I got an strange ip The questions are What the promisc means? I can't understand for really the bridge concepts .. I just know that you attach cards to it, but can't understand how it route things cheers Hi Daniel, What instructions were you following that told you to use promiscuous mode on the wireless card? For normal operation, the card should (usually) be in managed mode. - Matt
Re: [gentoo-user] no keyboard no mouse
On 06/24/11 04:47, alain.didierj...@free.fr wrote: After upgrading xcb, ati driver and rebooting xorg can't read mouse and keyboard anymore. No more access to the system besides booting an unbuntu livecd. According to /var/log/Xorg.0.log, evdev cant't be loaded any more (see below). What can I do ? Is there an upgrade to evdev ? - excerpt from /var/log/Xorg.0.log- 13.246] (II) LoadModule: evdev 786 [13.246] (II) Loading /usr/lib64/xorg/modules/input/evdev_drv.so 787 [13.247] (II) Module evdev: vendor=X.Org Foundation 788 [13.247]compiled for 1.9.4, module version = 2.6.0 789 [13.247]Module class: X.Org XInput Driver 790 [13.247]ABI class: X.Org XInput driver, version 11.0 791 [13.247] (EE) module ABI major version (11) doesn't match the server's version (12) 792 [13.247] (II) UnloadModule: evdev 793 [13.247] (II) Unloading evdev 794 [13.247] (EE) Failed to load module evdev (module requirement mismatch, 0) 795 [13.247] (EE) No input driver matching `evdev' 796 [13.252] (II) config/udev: Adding input device Power Button (/dev/input/event0) 797 [13.252] (**) Power Button: Applying InputClass evdev keyboard catchall 798 [13.252] (II) LoadModule: evdev 799 [13.253] (II) Loading /usr/lib64/xorg/modules/input/evdev_drv.so 800 [13.253] (II) Module evdev: vendor=X.Org Foundation 801 [13.253]compiled for 1.9.4, module version = 2.6.0 802 [13.253]Module class: X.Org XInput Driver 803 [13.253]ABI class: X.Org XInput driver, version 11.0 804 [13.253] (EE) module ABI major version (11) doesn't match the server's version (12) 805 [13.253] (II) UnloadModule: evdev 806 [13.253] (II) Unloading evdev 807 [13.253] (EE) Failed to load module evdev (module requirement mismatch, 0) 808 [13.253] (EE) No input driver matching `evdev' 809 [13.254] (II) config/udev: Adding input device Logitech Logitech Illuminated Keyboard (/dev/input/event2) 810 [13.254] (**) Logitech Logitech Illuminated Keyboard: Applying InputClass evdev keyboard catchall 811 [13.254] (II) LoadModule: evdev 812 [13.254] (II) Loading /usr/lib64/xorg/modules/input/evdev_drv.so 813 [13.254] (II) Module evdev: vendor=X.Org Foundation 814 [13.254]compiled for 1.9.4, module version = 2.6.0 815 [13.254]Module class: X.Org XInput Driver 816 [13.254]ABI class: X.Org XInput driver, version 11.0 817 [13.254] (EE) module ABI major version (11) doesn't match the server's version (12) 818 [13.254] (II) UnloadModule: evdev 819 [13.254] (II) Unloading evdev 820 [13.254] (EE) Failed to load module evdev (module requirement mismatch, 0) 821 [13.254] (EE) No input driver matching `evdev' 822 [13.255] (II) config/udev: Adding input device Logitech Logitech Illuminated Keyboard (/dev/input/event3) 823 [13.255] (**) Logitech Logitech Illuminated Keyboard: Applying InputClass evdev keyboard catchall 824 [13.255] (II) LoadModule: evdev Did you try remerging evdev? I believe there's another package you need to reemerge also, I can't remember off the top of my head. If some one else doesn't chime in by the time I wake up then I'll look it up.
Re: [gentoo-user] [OT virtual stuff] gentoo vm appliance
On 06/23/11 07:15, Albert Hopkins wrote: On Thursday, June 23 at 00:35 (-0400), Matthew Finkel said: Oh, don't get me wrong, that's one reason I use qcow2 myself, but it's either something he would have to deal with when he received it or the conversion would increase the size of the disk image that would be shipped to him. Yes, of course a raw image file will typically be bigger than a compressed qcow, just as an unpacked stage4..tar.bz2 file is going to be bigger than the original archive. But in terms transferability, compressed qcows are more efficient since they only include *used* blocks and they are compressed. I can convert the image into any of a number of formats, but the issue then is it will be bigger, and thus take me longer to upload it and the OP to download it Yup, exactly :-)
Re: [gentoo-user] [OT/rant] Self-replicating programmer stupidity
On 06/23/11 19:54, walt wrote: I've been reading the monthly security bulletin from sans.org for several years. During that time I've noticed some recurring themes, including multiple appearances from Adobe products like Flash. Another recurring theme is ftp servers (of which there are dozens) like this month's report: Platform: Cross Platform Title: Wing FTP Server ssh public key Authentication Security Bypass Vulnerability Description: Wing FTP Server is a secure file server for Windows, Linux, Mac, FreeBSD and Solaris. Wing FTP Server is exposed to a security bypass issue that affects the SSH authentication mechanism. Versions prior to Wing FTP Server 3.8.8 are affected. Ref: http://www.securityfocus.com/bid/48335/info Mind you, this is the first time I've seen Wing mentioned, but over the years there have been dozens of other ftp servers cited for other flaws in security. My question: WTF uses these poorly written ftp servers? Why do they exist? Who asked for them? Who wrote the code, and why? My tentative guess: either evil programmers, or incompetent programmers. (I suspect the intersection of the two sets is very small.) Many years ago when I was still using M$ Windows I wrote my own hex editor in Visual Basic. I can't explain why I chose to do it, other than as an exercise to learn Visual Basic. (I haven't used it since.) I'm quite certain that my hex editor would flunk even the most basic security tests today because I wasn't programming with security in mind. (In other words, I was the rankest of amateurs.) I'm running out of indignation now, and going to bed, but I'd welcome other indignant comments :) Programming secure software is not the easiest task to master. It takes a lot of planning and enough knowledge about the components you're using to know exactly how they all work together, as well as how they are not supposed to be used. In many cases, vulnerabilities originate from lack of knowledge in novice programmers. Other's are just something that was overlooked in the planning stage, which becomes much more possible as the size of the program increases. And, of course, sometimes people make a mistake. As for the ftp(, etc) programs, this is what you get in the FOSS world. I'm not referring to the programs with security hole, but to the abundance of available programs of all shapes and sizes. Many are great, some are not; but you have the option to pick and choose which work best for you. The same is generally true for proprietary software too. No one necessarily asked for them, but it was a choice the dev made to spend the time to write the program. It's possible they purposefully implemented a flawed security model, but I don't *think* that's usually the case (but I could just be very naive). Personally, I don't know why anyone would pay for software anymore, but that's just me :-P
Re: [gentoo-user] Do we have to build gcc with fortran now?
On 06/22/11 02:29, Thanasis wrote: on 06/22/2011 08:46 AM justin wrote the following: One little note, if portage requests that you should install dev-lang/ifc instead of gcc[fortran], you most probably have an entry sys-devel/gcc -fortran in your /etc/portage/package.use Just remove that. I didn't have fortran in my USE flags at all, yet portage requested to install dev-lang/ifc Was ifc pulled in as a dependency for another package?
Re: [gentoo-user] vpnc built without oppenssl
On 06/22/11 10:03, dhk...@optonline.net wrote: After emerge'ing vpnc it won't run and displays the following message. # vpnc vpnc was built without openssl: Can't do hybrid or cert mode. There doesn't seem to be an openssl use variable either. # cat /usr/portage/profiles/use.desc | grep -i openssl How can I get this to work? Thanks dhk Hi, According to equery u vpnc, there is a local use variable openssl ~ $ equery u vpnc [ Legend : U - final flag setting for installation] [: I - package is installed with flag ] [ Colors : set, unset ] * Found these USE flags for net-misc/vpnc-0.5.3_p457-r1: U I - - bindist: Flag to enable or disable options for prebuilt (GRP) packages (eg. due to licensing issues) - - openssl: Use dev-libs/openssl for hybrid-auth instead of net-libs/gnutls, may cause license issues when redistributing. - - resolvconf : Enable support for DNS managing framework net-dns/openresolv You can create a package.use file in /etc/portage and add a line to it that includes the package name and use variable that will enable it. [0] ex. echo net-misc/vpnc openssl /etc/portage/package.use - HTH (and wasn't too confusing) [0] http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=2chap=2 http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=2chap=2
Re: [gentoo-user] Do we have to build gcc with fortran now?
On 06/22/11 14:10, Dale wrote: I put -fortran in make.conf. I ran emerge -uvDNa world and let it rebuild a few packages. Then I get this: Emerging (1 of 2) sci-libs/blas-reference-20070226 * lapack-lite-3.1.1.tgz RMD160 SHA1 SHA256 size ;-) ... [ ok ] * Package:sci-libs/blas-reference-20070226 * Repository: gentoo * Maintainer: s...@gentoo.org * USE:amd64 consolekit elibc_glibc kernel_linux multilib policykit userland_GNU * FEATURES: preserve-libs sandbox * Please install currently selected gcc version with USE=fortran. * If you intend to use a different compiler then gfortran, please * set FC variable accordingly and take care that the neccessary * fortran dialects are support. * ERROR: sci-libs/blas-reference-20070226 failed (setup phase): * Currently no working fortran compiler is available * * Call stack: * ebuild.sh, line 56: Called pkg_setup * ebuild.sh, line 1446: Called fortran-2_pkg_setup * fortran-2.eclass, line 134: Called _die_msg * fortran-2.eclass, line 120: Called die * The specific snippet of code: * die Currently no working fortran compiler is available * * If you need support, post the output of 'emerge --info =sci-libs/blas-reference-20070226', * the complete build log and the output of 'emerge -pqv =sci-libs/blas-reference-20070226'. * The complete build log is located at '/var/log/portage/sci-libs:blas-reference-20070226:20110622-180601.log'. * The ebuild environment file is located at '/var/tmp/portage/sci-libs/blas-reference-20070226/temp/die.env'. * S: '/var/tmp/portage/sci-libs/blas-reference-20070226/work/lapack-lite-3.1.1' Failed to emerge sci-libs/blas-reference-20070226, Log file: '/var/log/portage/sci-libs:blas-reference-20070226:20110622-180601.log' root@fireball / # Am I going in circles again? I don't drink because I don't like being drunk. I also don't spin around in my chair for the same reason. One of those may be needed to reverse the problem here. Now to go see how to fix this mess once and for all. Dale :-) :-) Do correct me if I'm wrong, but wasn't blas-reference pulled in by merging gcc with USE=fortran? Or did you install blas-reference for another reason?
Re: [gentoo-user] [OT virtual stuff] gentoo vm appliance
On 06/22/11 20:11, Albert Hopkins wrote: On Wednesday, June 22 at 16:52 (-0500), Harry Putnam said: The times I've tried to get a recent gentoo version running in a vm on windows turned out to be labor taking days to get right. Does anyone know if there is a fairly current gentoo appliance somewhere that I can just install and then update or customize? I'd prefer to run it with vbox but if the appliance is vmware created that's ok too. I do have a license up to 6.5. If that isn't available maybe someone has a fairly current kernel config that is known to boot on a windows host with guest gentoo. As I recall from my efforts, there were always problems with something to do with scuzzi drivers or whatnot. I have a program that I use to create Gentoo VM appliances. I have no idea if it works with vbox or vmware as I run KVM, but I think it *should* work. Anyway if you want to try it you can or, if you want, it also builds stage4 tarballs, so I can build you a stage4 tarball of a base Gentoo install pretty easily (including kernel). The stage4 (excluding portage) would be ~90MB (bz2). The disk image (compressed QCOW is about 120MB) The only issue with qcow2 is that in order to use it with VB, IIRC you need to convert it to raw before you can import it.
Re: [gentoo-user] portage getting mixed up with USE?
On 06/22/11 18:58, Neil Bothwick wrote: On Wed, 22 Jun 2011 21:16:30 +0200, Sebastian Beßler wrote: This new behavior is bad, but not as bad as Windows. This is Gentoo after all and not Ubuntu ;-P :-) Some people won't be happy until we go back to Grub style error messages, preferably in binary :( How could there possibly be a better solution than going back to the basics? :-P
Re: [gentoo-user] [OT virtual stuff] gentoo vm appliance
On 06/22/11 22:14, Albert Hopkins wrote: Perhaps, but it's trivial to convert qcows to other formats. Oh, don't get me wrong, that's one reason I use qcow2 myself, but it's either something he would have to deal with when he received it or the conversion would increase the size of the disk image that would be shipped to him. Was just throwing in my 2-cents :)
Re: [gentoo-user] hal?
On 06/21/11 22:03, meino.cra...@gmx.de wrote: With quse hal I get ALL packages in portage, which has the hal use flag. That is too much ...hrmmm... info... If possible I want to remove hal from my system... Any better way to do this? Thank you very much for any help! Best regards, mcc I'm not sure how different it is, but what do you get when you do equery d hal? Just a thought...could be wrong.
Re: [gentoo-user] Do we have to build gcc with fortran now?
On 06/21/11 23:55, Dale wrote: I just did my updates and ran into this: * Maintainer: s...@gentoo.org * USE:amd64 consolekit elibc_glibc kernel_linux multilib policykit userland_GNU * FEATURES: preserve-libs sandbox * Please install currently selected gcc version with USE=fortran. * If you intend to use a different compiler then gfortran, please * set FC variable accordingly and take care that the neccessary * fortran dialects are support. * ERROR: sci-libs/blas-reference-20070226 failed (setup phase): * Currently no working fortran compiler is available * * Call stack: * ebuild.sh, line 56: Called pkg_setup * ebuild.sh, line 1446: Called fortran-2_pkg_setup * fortran-2.eclass, line 134: Called _die_msg * fortran-2.eclass, line 120: Called die * The specific snippet of code: * die Currently no working fortran compiler is available * * If you need support, post the output of 'emerge --info =sci-libs/blas-reference-20070226', * the complete build log and the output of 'emerge -pqv =sci-libs/blas-reference-20070226'. * The complete build log is located at '/var/log/portage/sci-libs:blas-reference-20070226:20110622-034357.log'. * The ebuild environment file is located at '/var/tmp/portage/sci-libs/blas-reference-20070226/temp/die.env'. * S: '/var/tmp/portage/sci-libs/blas-reference-20070226/work/lapack-lite-3.1.1' Failed to emerge sci-libs/blas-reference-20070226, Log file: '/var/log/portage/sci-libs:blas-reference-20070226:20110622-034357.log' root@fireball / # This is my gcc info: [ebuild R] sys-devel/gcc-4.4.5 USE=gtk mudflap (multilib) nls nptl openmp (-altivec) -bootstrap -build -doc (-fixed-point) -fortran -gcj -graphite (-hardened) (-libffi) -multislot -nocxx -nopie -nossp -objc -objc++ -objc-gc -test -vanilla So, does everyone need to turn on the fortran USE flag so that they don't break anything? May I also add, the USE flag description is worth about as much as a screen door on a submarine. fortran - Adds support for fortran (formerly f77) That doesn't tell me very much. Heads up for folks about to do their updates, check into the USE flag fortran to see if you need to add it to yours before updating a bunch of stuff. Dale :-) :-) If I had to guess, I'd say =sci-libs/blas-reference-20070226 requires fortran (ebuild depends on it) and you don't have another fortran compiler installed. Could be wrong though. - Matt
Re: [gentoo-user] To be a dvd drive or not to be dvd drive...
On 06/20/11 13:50, meino.cra...@gmx.de wrote: Hi, Attached to a USB port of my PC (linux-2.6.39.1 vanilla) there is a USB to IDE converter, which makes my old dvd burner accessible via my SATA only PC. I thought... When I connect everything as described, insert an empty DVD and start k3b, an error message is displayed saying that there is no DVD drive (or better no drive at all). Things change, when I insert an already written DVD first, connect everything, start k3b and replace the dvd with an emplty one. Then this world is one of the best to burn dvds. ;) I took a look into /dev and found, that there is a /deb/usbdev2.5 when the drive is loaded with an empty dvd. This one is replaced by /dev/sr0 (including correct links to /dev/dvd and such) when the drive gets loaded with a already filled dvd. Can you create a symlink from /dev/usbdev2.5 to /dev/dvd?
Re: [gentoo-user] tethering an htc incredible
On Sun, Jun 19, 2011 at 6:40 AM, Indi thebeelzebubtrig...@gmail.com wrote: Tethering with a blackberry via USB (using the BB as a USB modem) is extremely easy, not sure why your HTC is so stubborn... Yea, I have the Nexus S, and it's pretty much as close to plug-n-play as I've found on linux... These are the steps I take in order to get usb tethering to work: 1) Plug the phone into the computer via usb cable 2) From the Setting-Wireless netwoks submenu I enable USB Tethering 3) I wait until the device settles (just monitor dmesg) 4) After it's ready, ifconfig will show an available but non-configured device (usb0 in my case) 5) I run dhclient usb0 and once it pulls an IP, I'm up and running. When you plug in your phone to tether it, do you see any error messages in the logs?
Re: [gentoo-user] Why can't I emerge telnet?
Thanks, I've installed this and it seems to work. learn to search portage. either eix or emerge -s That I'll have to do. I'm not fully comfortable with emerge yet. Jeremy Sounds like you are new. Interesting commands: The q family. Just do a man q and check it out since there is a few of them. There is also eix, genlop which sort of has some common tools as the q family. You also need use eselect from time to time as well. There are also times when revdep-rebuild will rear its head too. To search for specific packages, I think Dale and Mark did a good set. As for the others, like revdep-rebuild, there is also python-updater and etc-update. Huh, I've been using gentoo for years and never knew about the q's, definitely learned something new today! But I just wanted to make a note that a few of these programs are part of the gentoolkit package. Querying portage for revdep, equery, etc won't give you the package it belongs to.
Re: [gentoo-user] /usr/src/linux gone
On Sun, Mar 13, 2011 at 8:46 AM, sean tech.j...@myfairpoint.net wrote: On 03/12/2011 01:28 PM, Matthew Finkel wrote: But if this was a pre-existing build, he should have had numerous kernels configured, unless he removed/moved the config each time he upgraded. Sean, Two questions. I don't think you ever replied as to whether /usr/src is a mounted partition, is it? Also, did you have multiple kernels emerged into different slots before this happened? if so, does portage still think they're installed? It was not a mounted partition. No multiple kernels. I try to clean up after myself. Is it possible you ran depclean prior to compiling the newest kernel that you emerged?
Re: [gentoo-user] /usr/src/linux gone
On Tue, Mar 15, 2011 at 10:13 AM, Matthew Finkel matthew.fin...@gmail.comwrote: On Sun, Mar 13, 2011 at 8:46 AM, sean tech.j...@myfairpoint.net wrote: On 03/12/2011 01:28 PM, Matthew Finkel wrote: But if this was a pre-existing build, he should have had numerous kernels configured, unless he removed/moved the config each time he upgraded. Sean, Two questions. I don't think you ever replied as to whether /usr/src is a mounted partition, is it? Also, did you have multiple kernels emerged into different slots before this happened? if so, does portage still think they're installed? It was not a mounted partition. No multiple kernels. I try to clean up after myself. Is it possible you ran depclean prior to compiling the newest kernel that you emerged? Actually, scratch that though. Do you have any emerged packages that depend directly on gentoo-sources?
Re: [gentoo-user] /usr/src/linux gone
2011/3/12 Thanasis thana...@asyr.hopto.org on 03/12/2011 02:11 PM sean wrote the following: I su'd in the terminal, started the updates, and as mentioned eventually saw the nvidia-drivers complaining about not finding a .config. Not finding a .config is an indication that the kernel source may have never been touched (configured) so all files (including the directory) might be removed by an emerge --depclean. That is what led me to discover the missing directory. I update the system regularly. But if this was a pre-existing build, he should have had numerous kernels configured, unless he removed/moved the config each time he upgraded. Sean, Two questions. I don't think you ever replied as to whether /usr/src is a mounted partition, is it? Also, did you have multiple kernels emerged into different slots before this happened? if so, does portage still think they're installed?
Re: [gentoo-user] /usr/src/linux gone
On Wed, Mar 9, 2011 at 11:29 PM, sean tech.j...@myfairpoint.net wrote: I just did an update of my system and now the linux directory under /usr/src is not there. In fact under /usr/src there is nothing. Something change or would anyone have any ideas of what might have happened, and how to fix? Thanks Sean Did you reboot your system and then realize it was empty or did you notice it was empty after merging the updates?
