Re: [gentoo-user] USB permission/owner - change not allowed as root
On 30/12/2013 09:51, Edward M wrote: On Sun, 29 Dec 2013 19:42:33 -0700 Joseph syscon...@gmail.com wrote: After recent upgrade when I mount my USB and try as root: chown joseph:users /media/stick/Ancient-Electricity_new.ppt chown: changing ownership of ‘/media/stick/Ancient-Electricity_new.ppt’: Operation not permitted file ownership is: -rwxr-xr-x 1 root root 5796864 Mar 6 2013 Ancient-Electricity_new.ppt I too ran the chown command on my USB flash and got the same response as you did: localhost001 media # chown cru:users flash-drive1/ chown: changing ownership of ‘flash-drive1/’: Operation not permitted drwxr-xr-x 7 root root 16384 Dec 31 1969 flash-drive1 Don't know what to tell you. interestingmy says Dec 31 1969. Read the man page for mount, section vfat. You can't change the owner as FAT doesn't have a concept of owner, so it's simulated at mount time. You can't change it at runtime. To change it you have to umount the device and remount it using the appropriate option, all in the man page -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] USB permission/owner - change not allowed as root
On Mon, 30 Dec 2013 10:38:03 +0200 Alan McKinnon alan.mckin...@gmail.com wrote: On 30/12/2013 09:51, Edward M wrote: On Sun, 29 Dec 2013 19:42:33 -0700 Joseph syscon...@gmail.com wrote: After recent upgrade when I mount my USB and try as root: chown joseph:users /media/stick/Ancient-Electricity_new.ppt chown: changing ownership of ‘/media/stick/Ancient-Electricity_new.ppt’: Operation not permitted file ownership is: -rwxr-xr-x 1 root root 5796864 Mar 6 2013 Ancient-Electricity_new.ppt I too ran the chown command on my USB flash and got the same response as you did: localhost001 media # chown cru:users flash-drive1/ chown: changing ownership of ‘flash-drive1/’: Operation not permitted drwxr-xr-x 7 root root 16384 Dec 31 1969 flash-drive1 Don't know what to tell you. interestingmy says Dec 31 1969. Read the man page for mount, section vfat. You can't change the owner as FAT doesn't have a concept of owner, so it's simulated at mount time. You can't change it at runtime. To change it you have to umount the device and remount it using the appropriate option, all in the man page Thank you for the explanation. I appreciate it a lot. I will read the man page for mount and experiment a little.
[gentoo-user] Apache died this morning... why?
Good morning everyone, Came in this morning to a server with a non-running apache... It did restart ok, but when I checked the error log, I found this: [Mon Dec 30 03:10:02 2013] [notice] Graceful restart requested, doing restart [Mon Dec 30 03:10:02 2013] [error] (9)Bad file descriptor: apr_socket_accept: (client socket) apache2: Syntax error on line 169 of /etc/apache2/httpd.conf: Syntax error on line 4 of /etc/apache2/modules.d/70_mod_php5.conf: Cannot load /usr/lib64/apache2/modules/libphp5.so into server: /lib64/libc.so.6: version `GLIBC_2.16' not found (required by /usr//lib64/libcurl.so.4) I did recently do the gcc upgrade to 4.7... so is this because I failed to rebuild sys-devel/libtool? Or do I need to rebuild apache? Or both? The GCC Upgrade guide is a bit outdated (still referring to gcc 3.4 and 4.1, with no mention of newer versions, so I wasn't sure if that was still necessary... Thanks
Re: [gentoo-user] IPTables question... simple as possible for starters
On 2013-12-29 1:39 PM, shawn wilson ag4ve...@gmail.com wrote: On Sun, Dec 29, 2013 at 1:07 PM, Tanstaafl tansta...@libertytrek.org wrote: Hi all, Ok, I'm setting up a new server, and I'd like to rethink my iptables rules. I'd like to start with something fairly simple: 1. Allow connections from anywhere ONLY to certain ports ie, for encrypted IMAP/SMTP connections from users 2. Allow connections from only certain IP addresses to certain ports ie, for limiting SSH access I'd reverse the order that #1 and #2 appear. Well, I was just writing that as a general description. Looking in the rules 3. DROP ALL other connection attempts ie, I don't want to see these disallowed attempts in the logs In order to keep my rules more manageable, I have a commented text file that I manually edit whenever modifying my rules, then I do an 'iptables-restore /path/to/iptables-rules' to update them. My first question is about a trick I learned some time ago (but don't remember where)... For the ports for which I want to allow only restricted access, I have something like: ### # bgn exceptions blocks ### :f_22_I - [0:0] :f_25_I - [0:0] :f_22_O - [0:0] :f_25_O - [0:0] Am I correct that the above are what are called 'chains' in iptables speak? That defines non-kernel chains but you still need to jump to them from INPUT/OUTPUT or whatever. So, something like: -A -m tcp -p tcp --dport 22 --sport 1024:65535 -j f_22_I Well, yeah... I didn't post my entire ruleset... ;) ^ I just And am I also correct that the above adds each rule to the named chain in order, and that the order is significant? Yep - like ACLs, rules are processed from top down. ACCEPT, REJECT, and DROP are end points when they match. Good, thanks. Then... assuming that I have all of the specific rules after these set up to allow just the traffic I want, and I wanted to add a final rule that just silently DROPped all other inbound connection attempts, it would be: -A INPUT -j DROP What you're looking for is the policy which are by default ACCEPT on all kernel rules and which you change in the save file with something like this: :INPUT DROP [0:0] And, just so that there's no confusion, you should state the policy of OUTPUT and FORWARD at the top of your save file along with INPUT - see the output of iptables-save as an example of what your file should look like. Ok, well, maybe I should have posted my entire ruleset... I have this above where I define my chains: # *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] # Does it matter where this goes? And then above that, I have something else that I've never understood: *mangle :PREROUTING ACCEPT [1378800222:449528056411] :INPUT ACCEPT [1363738727:447358082301] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1221121261:1103241097263] :POSTROUTING ACCEPT [1221116979:1103240864155] -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP COMMIT Also, if you're creating a chain just to do the same thing with different addresses, look at using ipset. Then you just: ipset create ssh_in iphash ipset add ssh_in 1.2.3.4 and then this works: -A -m set --match-set ssh_in src -j ACCEPT ipset has the same save/load type things as ipt (minor differences with how you handle reload, but google or ask if you want to know). The set needs to be in place before the ipt rule is added, so ipset comes first in your boot sequence. Thanks, looks interesting and useful... So much to learn, so little time... ;)
Re: [gentoo-user] Apache died this morning... why?
On 30/12/2013 12:47, Tanstaafl wrote: Good morning everyone, Came in this morning to a server with a non-running apache... It did restart ok, but when I checked the error log, I found this: [Mon Dec 30 03:10:02 2013] [notice] Graceful restart requested, doing restart [Mon Dec 30 03:10:02 2013] [error] (9)Bad file descriptor: apr_socket_accept: (client socket) apache2: Syntax error on line 169 of /etc/apache2/httpd.conf: Syntax error on line 4 of /etc/apache2/modules.d/70_mod_php5.conf: Cannot load /usr/lib64/apache2/modules/libphp5.so into server: /lib64/libc.so.6: version `GLIBC_2.16' not found (required by /usr//lib64/libcurl.so.4) I did recently do the gcc upgrade to 4.7... so is this because I failed to rebuild sys-devel/libtool? The error is that PHP5 cannot load as it wants libcurl which is complaining about a missing libc version. To see what's going on, run ldd on: /usr/lib64/apache2/modules/libphp5.s /usr//lib64/libcurl.so.4 preserved-rebuild should just take care of all this automagically. Do you have preserve-libs in FEATURES? Or do I need to rebuild apache? Or both? Do a pretend run of revdep-rebuild. I'll bet you end up rebuilding curl and/or php, but not apache. Apache is unlikely to be at fault, it loads a dynamic module and use it, that module either works or it doesn't. The GCC Upgrade guide is a bit outdated (still referring to gcc 3.4 and 4.1, with no mention of newer versions, so I wasn't sure if that was still necessary... According to the posted error, this has nothing to do with compiler versions, it is linker errors related to glibc You do not have to rebuild system, world or the known universe. You only have to do that when the a gcc upgrade changes the data format on-disk that the C++ compiler generates. That has not happened here. There's an insane amounts of FUD around about rebuilding gcc, all of it originating from ricers without a clue. You run strictly stable-only so never fear, if a gcc upgrade required a world rebuild you would have already been subjected to 12-month long threads about it right here on this list -- Alan McKinnon alan.mckin...@gmail.com
[gentoo-user] Mysterious fetch failures
Hi list, For a few weeks now I've been having trouble emerging certain packages: they abort on checksum failure every time. Yet when I wget them myself from the first mirror in the list they're fine. Eh? The problem can't be the presence of a distfile that's been renamed *_checksum_failure_* because those were still present during the successful emerge. I can't think of any other possibility at the moment. The ones I fell over last night were gdk-pixbuf, vala-common, apg and nss. I'm building a new 32-bit system in a chroot for my mini LAN server. The first two have been persistent for several weeks. -- Regards Peter
Re: [gentoo-user] IPTables question... simple as possible for starters
On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl tansta...@libertytrek.org wrote: [-- LE SNIP --] Ok, well, maybe I should have posted my entire ruleset... I have this above where I define my chains: # *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] # Does it matter where this goes? Yes. Chain declarations must come before the rules themselves. And then above that, I have something else that I've never understood: *mangle Begin declaration of the mangle table. :PREROUTING ACCEPT [1378800222:449528056411] :INPUT ACCEPT [1363738727:447358082301] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1221121261:1103241097263] :POSTROUTING ACCEPT [1221116979:1103240864155] The numbers within [brackets] are statistics/countes. Just replace them with [0:0], unless you really really really have a good reason to not start counting from 0... The second word is the 'policy' of the chain, i.e., the default action taken if no rules match in the chain -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP Alright, the `--tcp-flags` option takes two parameters: flags_to_check and expected_flags These 4 rules collectively block 'well-known TCP Attacks', which I've listed here: http://serverfault.com/a/245713/15440 NOTE: In that ServerFault posting, I suggested using the anti-attack rules in -t raw -A PREROUTING. This saves a great deal of processing, becase the raw table is just that: raw, unadulterated, unanalyzed packets. The CPU assumes nothing, it merely tries to match well-known fields' values. You *do* have to make sure that you don't forget to compile kernel support for RAW tables ;-) COMMIT End of mangle table declaration. Commit all chain definitions and chain rules in one atomic operation. ipset create ssh_in iphash ipset add ssh_in 1.2.3.4 and then this works: -A -m set --match-set ssh_in src -j ACCEPT ipset has the same save/load type things as ipt (minor differences with how you handle reload, but google or ask if you want to know). The set needs to be in place before the ipt rule is added, so ipset comes first in your boot sequence. Thanks, looks interesting and useful... So much to learn, so little time... ;) iptables is a powerful beast; learn it well, and you'll prosper :-) Rgds, -- FdS Pandu E Poluan ~ IT Optimizer ~ • LOPSA Member #15248 • Blog : http://pandu.poluan.info/blog/ • Linked-In : http://id.linkedin.com/in/pepoluan
Re: [gentoo-user] Apache died this morning... why?
On 2013-12-30 6:30 AM, Alan McKinnon alan.mckin...@gmail.com wrote: To see what's going on, run ldd on: /usr/lib64/apache2/modules/libphp5.s Result: # ldd /usr/lib64/apache2/modules/libphp5.so ldd: warning: you do not have execution permission for `/usr/lib64/apache2/modules/libphp5.so' linux-vdso.so.1 (0x7fffc3cbf000) libc-client.so.1 = /usr//lib64/libc-client.so.1 (0x7f279599d000) libresolv.so.2 = /lib64/libresolv.so.2 (0x7f279577b000) libreadline.so.6 = /lib64/libreadline.so.6 (0x7f2795535000) libaspell.so.15 = /usr//lib64/libaspell.so.15 (0x7f2795263000) libm.so.6 = /lib64/libm.so.6 (0x7f2794f69000) libssl.so.1.0.0 = /usr//lib64/libssl.so.1.0.0 (0x7f2794cff000) libcrypto.so.1.0.0 = /usr//lib64/libcrypto.so.1.0.0 (0x7f279491a000) libz.so.1 = /lib64/libz.so.1 (0x7f2794703000) libmcrypt.so.4 = /usr//lib64/libmcrypt.so.4 (0x7f27944d1000) libdl.so.2 = /lib64/libdl.so.2 (0x7f27942cd000) libonig.so.2 = /usr//lib64/libonig.so.2 (0x7f2794062000) libt1.so.5 = /usr//lib64/libt1.so.5 (0x7f2793e03000) libfreetype.so.6 = /usr//lib64/libfreetype.so.6 (0x7f2793b64000) libpng15.so.15 = /usr//lib64/libpng15.so.15 (0x7f2793939000) libjpeg.so.8 = /usr//lib64/libjpeg.so.8 (0x7f27936e4000) libdb-4.8.so = /usr//lib64/libdb-4.8.so (0x7f279336a000) libpthread.so.0 = /lib64/libpthread.so.0 (0x7f279314c000) libgdbm.so.3 = /usr//lib64/libgdbm.so.3 (0x7f2792f46000) libcurl.so.4 = /usr//lib64/libcurl.so.4 (0x7f2792ceb000) libbz2.so.1 = /lib64/libbz2.so.1 (0x7f2792ada000) libpcre.so.1 = /lib64/libpcre.so.1 (0x7f2792873000) libxml2.so.2 = /usr//lib64/libxml2.so.2 (0x7f2792512000) libmysqlclient.so.16 = /usr/lib64/mysql/libmysqlclient.so.16 (0x7f279218b000) libnetsnmp.so.30 = /usr//lib64/libnetsnmp.so.30 (0x7f2791eb) libc.so.6 = /lib64/libc.so.6 (0x7f2791b0a000) libpam.so.0 = /lib64/libpam.so.0 (0x7f27918fb000) libncurses.so.5 = /lib64/libncurses.so.5 (0x7f27916d8000) libstdc++.so.6 = /usr/lib/gcc/x86_64-pc-linux-gnu/4.7.3/libstdc++.so.6 (0x7f27913d3000) /lib64/ld-linux-x86-64.so.2 (0x7f279681b000) librt.so.1 = /lib64/librt.so.1 (0x7f27911ca000) libtinfo.so.5 = /lib64/libtinfo.so.5 (0x7f2790f95000) libgcc_s.so.1 = /usr/lib/gcc/x86_64-pc-linux-gnu/4.7.3/libgcc_s.so.1 (0x7f2790d7e000) and /usr//lib64/libcurl.so.4 # ldd /usr//lib64/libcurl.so.4 linux-vdso.so.1 (0x7fffa7bff000) libssl.so.1.0.0 = /usr/lib64/libssl.so.1.0.0 (0x7f510232b000) libcrypto.so.1.0.0 = /usr/lib64/libcrypto.so.1.0.0 (0x7f5101f46000) libz.so.1 = /lib64/libz.so.1 (0x7f5101d2f000) librt.so.1 = /lib64/librt.so.1 (0x7f5101b27000) libc.so.6 = /lib64/libc.so.6 (0x7f5101781000) libdl.so.2 = /lib64/libdl.so.2 (0x7f510157c000) libpthread.so.0 = /lib64/libpthread.so.0 (0x7f510135f000) /lib64/ld-linux-x86-64.so.2 (0x7f51027fb000) Doesn't mean anything to me though... ;) preserved-rebuild should just take care of all this automagically. Do you have preserve-libs in FEATURES? Nope... is this now recommended? Is it the default on new installs? Do a pretend run of revdep-rebuild. I'll bet you end up rebuilding curl and/or php, but not apache. Actually, I did that right after the updates and it didn't recommend anything (I always do revdep-rebuild -p after any system updates like gcc, glib/c, etc)... Apache is unlikely to be at fault, it loads a dynamic module and use it, that module either works or it doesn't. Ok... so, the question is still why did it die? This happened by the way when the logs were rotated by logrotate. Maybe that is significant? The GCC Upgrade guide is a bit outdated (still referring to gcc 3.4 and 4.1, with no mention of newer versions, so I wasn't sure if that was still necessary... According to the posted error, this has nothing to do with compiler versions, it is linker errors related to glibc You do not have to rebuild system, world or the known universe. You only have to do that when the a gcc upgrade changes the data format on-disk that the C++ compiler generates. That has not happened here. There's an insane amounts of FUD around about rebuilding gcc, all of it originating from ricers without a clue. You run strictly stable-only so never fear, if a gcc upgrade required a world rebuild you would have already been subjected to 12-month long threads about it right here on this list I know, and the GCC upgrade guide is pretty clear on that point, and since I didn't say anything about rebuilding anything other than sys-devel/libtool, which it does specifically mention, I'm not sure why you brought that up
Re: [gentoo-user] IPTables question... simple as possible for starters
Minor additions to what Pandu said... On Mon, Dec 30, 2013 at 7:02 AM, Pandu Poluan pa...@poluan.info wrote: On Mon, Dec 30, 2013 at 6:07 PM, Tanstaafl tansta...@libertytrek.org wrote: The numbers within [brackets] are statistics/countes. Just replace them with [0:0], unless you really really really have a good reason to not start counting from 0... AFAIK, there's no reason this shouldn't alway be set to 0. If you want to keep your counter do --noflush NOTE: In that ServerFault posting, I suggested using the anti-attack rules in -t raw -A PREROUTING. This saves a great deal of processing, becase the raw table is just that: raw, unadulterated, unanalyzed packets. The CPU assumes nothing, it merely tries to match well-known fields' values. And because nothing is assumed, you can't prepend a conntrack rule. I can't think of why you'd ever want those packets (and I should probably move at least those 4 masks to raw) but just an FYI - no processing means no processing. Also see nftables: http://netfilter.org/projects/nftables/
Re: [gentoo-user] Apache died this morning... why?
Replies inter-posted On 30/12/2013 14:25, Tanstaafl wrote: On 2013-12-30 6:30 AM, Alan McKinnon alan.mckin...@gmail.com wrote: To see what's going on, run ldd on: /usr/lib64/apache2/modules/libphp5.s Result: # ldd /usr/lib64/apache2/modules/libphp5.so ldd: warning: you do not have execution permission for `/usr/lib64/apache2/modules/libphp5.so' linux-vdso.so.1 (0x7fffc3cbf000) libc-client.so.1 = /usr//lib64/libc-client.so.1 (0x7f279599d000) libresolv.so.2 = /lib64/libresolv.so.2 (0x7f279577b000) libreadline.so.6 = /lib64/libreadline.so.6 (0x7f2795535000) libaspell.so.15 = /usr//lib64/libaspell.so.15 (0x7f2795263000) libm.so.6 = /lib64/libm.so.6 (0x7f2794f69000) libssl.so.1.0.0 = /usr//lib64/libssl.so.1.0.0 (0x7f2794cff000) libcrypto.so.1.0.0 = /usr//lib64/libcrypto.so.1.0.0 (0x7f279491a000) libz.so.1 = /lib64/libz.so.1 (0x7f2794703000) libmcrypt.so.4 = /usr//lib64/libmcrypt.so.4 (0x7f27944d1000) libdl.so.2 = /lib64/libdl.so.2 (0x7f27942cd000) libonig.so.2 = /usr//lib64/libonig.so.2 (0x7f2794062000) libt1.so.5 = /usr//lib64/libt1.so.5 (0x7f2793e03000) libfreetype.so.6 = /usr//lib64/libfreetype.so.6 (0x7f2793b64000) libpng15.so.15 = /usr//lib64/libpng15.so.15 (0x7f2793939000) libjpeg.so.8 = /usr//lib64/libjpeg.so.8 (0x7f27936e4000) libdb-4.8.so = /usr//lib64/libdb-4.8.so (0x7f279336a000) libpthread.so.0 = /lib64/libpthread.so.0 (0x7f279314c000) libgdbm.so.3 = /usr//lib64/libgdbm.so.3 (0x7f2792f46000) libcurl.so.4 = /usr//lib64/libcurl.so.4 (0x7f2792ceb000) libbz2.so.1 = /lib64/libbz2.so.1 (0x7f2792ada000) libpcre.so.1 = /lib64/libpcre.so.1 (0x7f2792873000) libxml2.so.2 = /usr//lib64/libxml2.so.2 (0x7f2792512000) libmysqlclient.so.16 = /usr/lib64/mysql/libmysqlclient.so.16 (0x7f279218b000) libnetsnmp.so.30 = /usr//lib64/libnetsnmp.so.30 (0x7f2791eb) libc.so.6 = /lib64/libc.so.6 (0x7f2791b0a000) libpam.so.0 = /lib64/libpam.so.0 (0x7f27918fb000) libncurses.so.5 = /lib64/libncurses.so.5 (0x7f27916d8000) libstdc++.so.6 = /usr/lib/gcc/x86_64-pc-linux-gnu/4.7.3/libstdc++.so.6 (0x7f27913d3000) /lib64/ld-linux-x86-64.so.2 (0x7f279681b000) librt.so.1 = /lib64/librt.so.1 (0x7f27911ca000) libtinfo.so.5 = /lib64/libtinfo.so.5 (0x7f2790f95000) libgcc_s.so.1 = /usr/lib/gcc/x86_64-pc-linux-gnu/4.7.3/libgcc_s.so.1 (0x7f2790d7e000) looks fine and /usr//lib64/libcurl.so.4 # ldd /usr//lib64/libcurl.so.4 linux-vdso.so.1 (0x7fffa7bff000) libssl.so.1.0.0 = /usr/lib64/libssl.so.1.0.0 (0x7f510232b000) libcrypto.so.1.0.0 = /usr/lib64/libcrypto.so.1.0.0 (0x7f5101f46000) libz.so.1 = /lib64/libz.so.1 (0x7f5101d2f000) librt.so.1 = /lib64/librt.so.1 (0x7f5101b27000) libc.so.6 = /lib64/libc.so.6 (0x7f5101781000) libdl.so.2 = /lib64/libdl.so.2 (0x7f510157c000) libpthread.so.0 = /lib64/libpthread.so.0 (0x7f510135f000) /lib64/ld-linux-x86-64.so.2 (0x7f51027fb000) looks fine Doesn't mean anything to me though... ;) It's just a list of the libs a file knows it is linked to. First is the lib name then the big arrow (=) then the file containing that lib then a bunch of numbers. Ignore the numbers, pay most attention to anything that says not found - that's the junk revdep-rebuild looks for preserved-rebuild should just take care of all this automagically. Do you have preserve-libs in FEATURES? Nope... is this now recommended? Is it the default on new installs? Yes it's the default for new installs and comes highly recommended (unless you like having stuff not work at all till revdep-rebuild completes...) There was a news item 2013-06-07: 2013-06-07-portage-preserve-libs-default Title Portage preserve-libs default AuthorZac Medico zmed...@gentoo.org Posted2013-06-07 Revision 1 Beginning with sys-apps/portage-2.1.12, FEATURES=preserve-libs is enabled by default. Even though preserve-libs makes it unnecessary to use revdep-rebuild for most common updates, it is still a good practice to run `revdep-rebuild -ip` after updates, in order to check if there are any broken library dependencies that preserve-libs was not able to handle. For example, see http://bugs.gentoo.org/show_bug.cgi?id=459038. If you would like to disable preserve-libs by default, then set FEATURES=-preserve-libs in make.conf. See the make.conf(5) man page or the following wiki page for more information: http://wiki.gentoo.org/wiki/Preserve-libs Do a pretend run of revdep-rebuild. I'll bet you
Re: [gentoo-user] metasploit jumping into emerge -uDN world
Em 29-12-2013 20:35, Alan McKinnon escreveu: On 29/12/2013 17:54, Zhu wrote: Em 29-12-2013 11:47, Hinnerk van Bruinehsen escreveu: Zhu zhushaz...@yahoo.com.br wrote: Hello, every time that i try to made a emerge -uDN world, metasploit jump in the process installation. I've check and there aren't dependencies ask for him: /[root@asgard ~]$ equery d net-analyzer/metasploit// // * These packages depend on net-analyzer/metasploit:// //[root@asgard ~]$ equery d dev-ruby/metasploit_data_models// // * These packages depend on dev-ruby/metasploit_data_models:// //[root@asgard ~]$ equery d app-admin/eselect-metasploit * These packages depend on app-admin/eselect-metasploit:// / but, /[root@asgard ~]$ emerge -pvauDN world These are the packages that would be merged, in order: Calculating dependencies ... done! [ebuild R] sys-devel/gcc-4.8.2:4.8 [4.8.2:4.8.2] USE=cxx fortran gcj go graphite mudflap (multilib) multislot nls nptl objc objc++ objc-gc openmp (-altivec) -awt% -doc (-fixed-point) (-hardened) (-libssp) -nopie -nossp -regression-test -vanilla (-gtk%*) (-lto%) 0 kB [ebuild N ] net-analyzer/metasploit-4.8.2:4.8 USE=java lorcon pcap (-development) {-test} 0 kB Total: 2 packages (1 new, 1 reinstall), Size of downloads: 0 kB / How to discover what are putting metasploit into updatable world list? Most likely metasploit itself is in world. You can check you worldfile with your favourite editor (/var/lib/portage/world). It should also be printed bold in the emerge output if your terminal supports it Yeah, metasploit is in there. Is it safe just remove him from the file? yes, and it will be removed from the system next time you run emerge --depclean To remove it immediately run emerge -avC metasploit But the big question is, do you want to keep that package or not? You didn't say if you want it, you only wondered why it was being updated. I don't want it. But, problem solved. Thank you. Regards
Re: [gentoo-user] Apache died this morning... why?
On 2013-12-30 7:40 AM, Alan McKinnon alan.mckin...@gmail.com wrote: snip Doesn't mean anything to me though... ;) It's just a list of the libs a file knows it is linked to. First is the lib name then the big arrow (=) then the file containing that lib then a bunch of numbers. Ignore the numbers, pay most attention to anything that says not found - that's the junk revdep-rebuild looks for Ok, thx for the explanation... makes it a little less mysterious at least. preserved-rebuild should just take care of all this automagically. Do you have preserve-libs in FEATURES? Nope... is this now recommended? Is it the default on new installs? Yes it's the default for new installs and comes highly recommended (unless you like having stuff not work at all till revdep-rebuild completes...) There was a news item 2013-06-07: Interesting. Wonder how I missed that, or why my new install doesn't have it enabled - or is it enabled somewhere other than in /etc/portage/make.conf? Anyway, just changed mine to FEATURES=buildpkg preserve-libs This happened by the way when the logs were rotated by logrotate. Maybe that is significant? Yes, that is highly significant. IIRC logrotate can work in one of two ways: 1. rename the log file and create a new empty one 2. copy the log file elsewhere and truncate the original I forget which way it does it for the moment... #1 is fast but leaves the daemon (apache or syslog) trying to write to a file that isn't there anymore. Or worse, it's writing to an open file that has been deleted and a new one with the same name still exists. #2 is slower but safer. Either way, the apache daemon has to be told it's log file went away. Not all daemons can use inotify to just find this out, some have to be told, so logrotate resets/restarts/hups them. In the case of apache it does a graceful restart (what you get with apachectl graceful). Your apache re-read it's config file at that point, found any error for php and decided to roll over and die. Ok, but, if that is the case, why did it startup just fine when I simply did /etc/init.d/apache2 start? Shouldn't it have still died?
[gentoo-user] RUBY_TARGETS and eselect ruby
I currently set my RUBY_TARGETS in make.conf to: RUBY_TARGETS=ruby20 ruby21 World is updated. But ruby21 profile can't be selected with eselect: $ eselect ruby list Available Ruby profiles: [1] ruby20 (with Rubygems) * If I remove ruby20 from RUBY_TARGETS, there would be no profiles left. Why?
Re: [gentoo-user] Re: unwanted msgs from cron after upgrade : solved
131230 James wrote: Philip Webb purslow at ca.inter.net writes: Yesterday I did my usual Sat system update, emerging new versions of libassuan HTTP-Cookies dialog curl coreutils binutils procps virtual/man . Today after restarting the system, mail continues to be downloaded normally, my mailbox is receiving notices every 5 min from my cron mail job : I've been reading about many folks upgrading the deprecated cron to the maintained cronie. You might want to read re /sys-process/cronie. Thanks for the suggestion sorry for the noise. The problem was a planned power outage which affected the server ; all is now back to normal. -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
Re: [gentoo-user] USB permission/owner - change not allowed as root
On 12/30/13 10:38, Alan McKinnon wrote: [snip] I too ran the chown command on my USB flash and got the same response as you did: localhost001 media # chown cru:users flash-drive1/ chown: changing ownership of ‘flash-drive1/’: Operation not permitted drwxr-xr-x 7 root root 16384 Dec 31 1969 flash-drive1 Don't know what to tell you. interestingmy says Dec 31 1969. Read the man page for mount, section vfat. You can't change the owner as FAT doesn't have a concept of owner, so it's simulated at mount time. You can't change it at runtime. To change it you have to umount the device and remount it using the appropriate option, all in the man page I don't think it has anything to do with FAT. Everything was working just find on my system before upgrade. With the line in fstab: /dev/sdb1 /media/stickautonoauto,rw,users 0 0 Some USB stick are mounted as root:root and I can not change that even as root. When I remove this like from fstab. The USB stick are mounting correctly as joseph:users owner except they have different mounting location which I don't like. -- Joseph
Re: [gentoo-user] USB permission/owner - change not allowed as root
2013/12/30 Joseph syscon...@gmail.com: On 12/30/13 10:38, Alan McKinnon wrote: [snip] I too ran the chown command on my USB flash and got the same response as you did: localhost001 media # chown cru:users flash-drive1/ chown: changing ownership of ‘flash-drive1/’: Operation not permitted drwxr-xr-x 7 root root 16384 Dec 31 1969 flash-drive1 Don't know what to tell you. interestingmy says Dec 31 1969. Read the man page for mount, section vfat. You can't change the owner as FAT doesn't have a concept of owner, so it's simulated at mount time. You can't change it at runtime. To change it you have to umount the device and remount it using the appropriate option, all in the man page I don't think it has anything to do with FAT. Everything was working just find on my system before upgrade. With the line in fstab: /dev/sdb1 /media/stickautonoauto,rw,users 0 0 Some USB stick are mounted as root:root and I can not change that even as root. When I remove this like from fstab. The USB stick are mounting correctly as joseph:users owner except they have different mounting location which I don't like. -- Joseph You can specify the user/group that mounts a device with some mount options. I think they are uid=username/gid=groupname but I'm not sure and unfortunatly not on my Linux box at the moment. -- Mit freundlichen Grüßen / Best regards Randolph Maaßen
Re: [gentoo-user] USB permission/owner - change not allowed as root
Am Sonntag, 29.12.2013 um 21:12 schrieb Joseph syscon...@gmail.com: For some reason or another the system doesn't like my fstab entry: /dev/sdb1 /media/stickauto noauto,rw,users 0 0 AFAIK the option to permit user mount is user and not users. Could this cause the problem?
Re: [gentoo-user] USB permission/owner - change not allowed as root
On 12/30/13 17:36, Randolph Maaßen wrote: [snip] With the line in fstab: /dev/sdb1 /media/stickautonoauto,rw,users 0 0 Some USB stick are mounted as root:root and I can not change that even as root. When I remove this like from fstab. The USB stick are mounting correctly as joseph:users owner except they have different mounting location which I don't like. -- Joseph You can specify the user/group that mounts a device with some mount options. I think they are uid=username/gid=groupname but I'm not sure and unfortunatly not on my Linux box at the moment. I've tried in fstab: /dev/sdb1 /media/stickauto noauto,uid=1000,gid=100,umask=0770 0 but I'm getting an error: Error mounting system-managed device /dev/sdb1: Command-line `mount /media/stick' exited with non-zero exit status 32: mount: wrong fs type, bad option, bad superblock on /dev/sdb1, What am I missing? -- Joseph
[gentoo-user] Re: IPTables question... simple as possible for starters
shawn wilson ag4ve.us at gmail.com writes: Also see nftables: http://netfilter.org/projects/nftables/ Interesting read. http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg http://upload.wikimedia.org/wikipedia/commons/d/dd/Netfilter-components.svg Where is the diagram for nftables, in some detail? How secure is nftables, currently? I could not find any results of published penetration testing against nftables vs ip,eb,x(tables)?. Any published results against an array of penetration testing? Also, libmnl, seems to be a library looking for developers to use? It seems very early stage to me, and not ready for prime-time, at first glance? What did I miss? curiously, James
Re: [gentoo-user] USB permission/owner - change not allowed as root
On Sun, Dec 29, 2013 at 07:42:33PM -0700, Joseph wrote: After recent upgrade when I mount my USB and try as root: chown joseph:users /media/stick/Ancient-Electricity_new.ppt chown: changing ownership of ‘/media/stick/Ancient-Electricity_new.ppt’: Operation not permitted file ownership is: -rwxr-xr-x 1 root root 5796864 Mar 6 2013 Ancient-Electricity_new.ppt The thread kinda zig-zagged off on me, so hope you don't mind a post here. Perhaps this guide would be as nice a read for you as it was for me. It brings back memories as I started using Linux in June, 2003, just before he wrote it: http://www.linuxquestions.org/linux/answers/Security/Quick_and_Dirty_Guide_to_Linux_File_Permissions Second, please issue blkid and give the line for this USB device. Cheers, Bruce -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Re: IPTables question... simple as possible for starters
On Mon, Dec 30, 2013 at 1:04 PM, James wirel...@tampabay.rr.com wrote: shawn wilson ag4ve.us at gmail.com writes: Also see nftables: http://netfilter.org/projects/nftables/ Interesting read. http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg http://upload.wikimedia.org/wikipedia/commons/d/dd/Netfilter-components.svg Where is the diagram for nftables, in some detail? How secure is nftables, currently? I could not find any results of published penetration testing against nftables vs ip,eb,x(tables)?. Any published results against an array of penetration testing? First, I don't know what they mean by xtables vs iptables: # whereis iptables iptables: /sbin/iptables /usr/include/iptables /usr/include/iptables.h /usr/share/man/man8/iptables.8.bz2 # readlink /sbin/iptables xtables-multi # whereis xtables-multi xtables-multi: /sbin/xtables-multi Right? So, that's just being neadlessly verbose. Per testing. As long as they didn't do anything stupid (I seriously doubt that): http://www.cvedetails.com/product/1656/Netfilter-Core-Team-Iptables.html?vendor_id=959 Would I convert a prime time server to using nftables right now? Hell no. Is it safe, probably. Also, libmnl, seems to be a library looking for developers to use? It seems very early stage to me, and not ready for prime-time, at first glance? What did I miss? No idea.
[gentoo-user] MidnightCommander - exit in working directory
Greetings; This should be simple, I've done it before, yet googling hasn't landed me the correct answer yet. I've killed exiting config files to start over and applied assorted wrong answers. How does one get MC to exit in the current working directory instead of the directory it started in? Much thanks - Skippy
[gentoo-user] NFS static ports - driving me crazy...
Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). This is for NFS CLIENT... I'm mounting NFS shares from my remote QNAP NAS boxes. I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Thx...
Re: [gentoo-user] NFS static ports - driving me crazy...
Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg -- EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin j...@cs.tu-berlin.de(uni) joerg.schill...@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Re: [gentoo-user] NFS static ports - driving me crazy...
On Mon, Dec 30, 2013 at 09:27:19PM +0100, Joerg Schilling wrote: Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 Let us know if the info there helps. -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2013-12-30 3:27 PM, Joerg Schilling joerg.schill...@fokus.fraunhofer.de wrote: Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. I'm pretty sure these QNAP boxes don't support nfsv4
Re: [gentoo-user] NFS static ports - driving me crazy...
Bruce Hill da...@happypenguincomputers.com wrote: Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 This info unfortunately misses the port number: 2049 Jörg -- EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin j...@cs.tu-berlin.de(uni) joerg.schill...@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Re: [gentoo-user] MidnightCommander - exit in working directory
On the last update, there was an explanation of how to do this either in postinstall or man pages. I'm not near my puter, but will reply with more specifics once I can read the logs. On Dec 30, 2013 12:09 PM, Skippy linux...@204eastsouth.com wrote: Greetings; This should be simple, I've done it before, yet googling hasn't landed me the correct answer yet. I've killed exiting config files to start over and applied assorted wrong answers. How does one get MC to exit in the current working directory instead of the directory it started in? Much thanks - Skippy
Re: [gentoo-user] MidnightCommander - exit in working directory
On Mon, Dec 30, 2013 at 3:08 PM, Skippy linux...@204eastsouth.com wrote: Greetings; This should be simple, I've done it before, yet googling hasn't landed me the correct answer yet. I've killed exiting config files to start over and applied assorted wrong answers. How does one get MC to exit in the current working directory instead of the directory it started in? Much thanks - Skippy From the ebuild elog; LOG: postinst To enable exiting to latest working directory, put this into your ~/.bashrc: . /usr/libexec/mc/mc.sh HTH :) -- David Abbott (dabbott)
Re: [gentoo-user] NFS static ports - driving me crazy...
On Mon, Dec 30, 2013 at 10:04:29PM +0100, Joerg Schilling wrote: Bruce Hill da...@happypenguincomputers.com wrote: It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 This info unfortunately misses the port number: 2049 What do you mean by misses the port number: 2049? It's covered in the Troubleshooting section, as well as in man nfs. -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] MidnightCommander - exit in working directory
On 12/30/2013 02:44 PM, David Abbott wrote: From the ebuild elog; LOG: postinst To enable exiting to latest working directory, put this into your ~/.bashrc: . /usr/libexec/mc/mc.sh HTH :) Yes, I knew I was doing something stupid. I tried that, but I forgot the . in from of it. Solved and done. Thank you. -Skippy
Re: [gentoo-user] NFS static ports - driving me crazy...
On Monday 30 December 2013 15:25:02 Tanstaafl wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). This is for NFS CLIENT... I'm mounting NFS shares from my remote QNAP NAS boxes. I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Maybe you it's the lockd port: $ cat /etc/modprobe.d/lockd.conf options lockd nlm_udpport=13003 nlm_tcpport=13003
Re: [gentoo-user] Apache died this morning... why?
On Mon, 30 Dec 2013 08:44:45 -0500, Tanstaafl wrote: preserved-rebuild should just take care of all this automagically. Do you have preserve-libs in FEATURES? Nope... is this now recommended? Is it the default on new installs? Yes it's the default for new installs and comes highly recommended (unless you like having stuff not work at all till revdep-rebuild completes...) There was a news item 2013-06-07: Interesting. Wonder how I missed that, or why my new install doesn't have it enabled - or is it enabled somewhere other than in /etc/portage/make.conf? It's enabled in the profile, like most defaults. You can see whether it is set by looking at the output from emerge --info. -- Neil Bothwick The truth shall make you free, but first it shall piss you off. signature.asc Description: PGP signature
Re: [gentoo-user] USB permission/owner - change not allowed as root
On Mon, 30 Dec 2013 17:52:56 +0100, waben...@gmail.com wrote: For some reason or another the system doesn't like my fstab entry: /dev/sdb1 /media/stickauto noauto,rw,users 0 0 AFAIK the option to permit user mount is user and not users. Could this cause the problem? user and users are both valid, slightly different, options. -- Neil Bothwick In 1750 Issac Newton became discouraged when he fell up a flight of stairs. signature.asc Description: PGP signature
Re: [gentoo-user] USB permission/owner - change not allowed as root
Am Dienstag, 31.12.2013 um 01:38 schrieb Neil Bothwick n...@digimed.co.uk: On Mon, 30 Dec 2013 17:52:56 +0100, waben...@gmail.com wrote: For some reason or another the system doesn't like my fstab entry: /dev/sdb1 /media/stickauto noauto,rw,users 0 0 AFAIK the option to permit user mount is user and not users. Could this cause the problem? user and users are both valid, slightly different, options. THX for the info, I didn't know that.
[gentoo-user] Firefox 24.1.1 - and PFD viewer UGLY fonts
I just upgraded to Firefox-24.1.1 and when an online pdf file is generated some ugly view pops up that is using monospace fonts impossible to read and it looks ugly on a print out. Is there a solution to it? -- Joseph
Re: [gentoo-user] Firefox 24.1.1 - and PFD viewer UGLY fonts
On Mon, Dec 30, 2013 at 07:38:00PM -0700, Joseph wrote: I just upgraded to Firefox-24.1.1 and when an online pdf file is generated some ugly view pops up that is using monospace fonts impossible to read and it looks ugly on a print out. Is there a solution to it? How about giving a link to that file? How does this one look? http://www.adobe.com/content/dam/Adobe/en/products/acrobat/pdfs/adobe-acrobat-xi-pdf-sanitization-remove-hidden-data-from-pdf-files-tutorial-ue.pdf Cheers, Bruce -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Firefox 24.1.1 - and PFD viewer UGLY fonts
On 12/30/13 22:03, Bruce Hill wrote: On Mon, Dec 30, 2013 at 07:38:00PM -0700, Joseph wrote: I just upgraded to Firefox-24.1.1 and when an online pdf file is generated some ugly view pops up that is using monospace fonts impossible to read and it looks ugly on a print out. Is there a solution to it? How about giving a link to that file? How does this one look? http://www.adobe.com/content/dam/Adobe/en/products/acrobat/pdfs/adobe-acrobat-xi-pdf-sanitization-remove-hidden-data-from-pdf-files-tutorial-ue.pdf Cheers, Bruce This one looks perfect with firefox previewer. I usually turn off the previewer and save the pdf to file. This way I don't have a problem with firefox previewer fonts. -- Joseph
[gentoo-user] Can not update @world
I haven't updated my portage tree for a while. I tried to update recently but got some conflicts. So I removed some packages manually. This didnt' solve the issue. So I decided to remove all the masked packages that I unmasked. To do so, I moved package.mask and package.accept_keyword, and did a --autounmask-write. And added: gnome-base/gnome-2.32.1-r2:2.0 to package.mask to prevent gnome3 from being pulled. Now, emerge --update --deep --newuse world Still gives me errors: ... [ebuild N ] virtual/perl-CPAN-Meta-Requirements-2.122.0 0 kB [ebuild U ] perl-core/CPAN-Meta-2.120.921 [2.112.621] 75 kB [blocks b ] perl-core/CPAN-Meta-2.120.920 (perl-core/CPAN-Meta-2.120.920 is blocking perl-core/CPAN-Meta-Requirements-2.122.0) [ebuild U ] virtual/perl-CPAN-Meta-2.120.921 [2.112.621] 0 kB [ebuild U ] perl-core/Module-Build-0.400.300 [0.380.0] USE={-test%} 301 kB [ebuild U ] virtual/perl-Module-Build-0.400.300 [0.380.0-r2] 0 kB [ebuild N ] dev-perl/Error-0.170.160 USE={-test} 21 kB [ebuild U ] dev-vcs/git-1.8.3.2-r1 [1.8.1.5-r1] USE=blksha1 curl gpg iconv nls pcre perl* python threads webdav -cgi -cvs -doc -emacs -gnome-keyring -gtk* -highlight (-ppcsha1) -subversion {-test} -tk -xinetd PYTHON_SINGLE_TARGET=python2_7%* -python2_6% PYTHON_TARGETS=python2_7%* -python2_6% 4,900 kB [ebuild U ] net-libs/libsoup-2.42.3.1:2.4 [2.38.1:2.4] USE=introspection ssl -debug -samba {-test} 723 kB [ebuild U ] net-libs/libsoup-gnome-2.42.3.1:2.4 [2.38.1:2.4] USE=introspection -debug 0 kB [blocks b ] =net-libs/libsoup-2.42 (=net-libs/libsoup-2.42 is blocking net-libs/libsoup-gnome-2.38.1) [ebuild U ] net-libs/webkit-gtk-2.0.4:3/25 [1.8.3-r300:3/3] USE=geoloc gstreamer introspection jit webgl (-aqua) -coverage -debug -libsecret% -spell {-test} (-doc%) (-webkit2%*) 9,619 kB [ebuild N ] net-misc/networkmanager-0.9.8.8 USE=dhcpcd introspection nss ppp wext wifi -avahi -bluetooth -connection-sharing -consolekit -dhclient -gnutls -modemmanager -resolvconf -systemd {-test} -vala 1,980 kB [ebuild N ] dev-libs/libgweather-3.8.3:2/3-3 USE=introspection 0 kB [ebuild NS] gnome-extra/gtkhtml-4.6.6:4.0 [3.32.2:3.14] 1,036 kB [ebuild U ] app-crypt/seahorse-3.8.2 [2.32.0] USE=-avahi -debug -ldap (-doc%) (-introspection%) (-libnotify%) (-test%) 1,966 kB [ebuild U ] app-editors/gedit-3.8.3 [2.30.4] USE=introspection%* python* -spell {-test%} -zeitgeist% (-doc%) PYTHON_TARGETS=python3_3%* -python3_2% 3,003 kB [ebuild U ] net-misc/vino-3.8.1-r1 [2.32.2-r2] USE=crypt jpeg ssl telepathy zlib -avahi -debug -gnome-keyring -ipv6 -networkmanager (-libnotify%) 737 kB [ebuild N ] dev-libs/libgweather-2.30.3:2 USE=-python 0 kB [ebuild U ] gnome-extra/zenity-3.8.0 [2.32.1] USE=webkit%* -debug -libnotify {-test%} (-compat%*) 3,566 kB [ebuild N ] net-libs/rest-0.7.90:0.7 USE=gnome introspection {-test} 299 kB [ebuild U ] dev-libs/totem-pl-parser-3.4.5 [2.32.6-r3] USE=crypt%* introspection quvi -archive {-test%} 1,571 kB [ebuild N ] gnome-base/gnome-panel-3.8.0-r1 USE=introspection -eds -networkmanager 0 kB [ebuild N ] gnome-extra/nm-applet-0.9.8.8 USE=introspection -bluetooth -gconf -modemmanager 1,195 kB [ebuild U ] gnome-extra/yelp-3.8.1 [2.30.2-r200] USE=-debug (-lzma%) 1,393 kB [ebuild U ] www-client/epiphany-3.8.2 [2.30.6-r1] USE=jit%* nss -debug {-test} (-avahi%) (-doc%) (-introspection%) (-networkmanager%) 2,473 kB [ebuild N ] net-libs/libsocialweb-0.25.21 USE=gnome introspection networkmanager -connman -vala 462 kB [ebuild N ] gnome-base/gnome-panel-2.32.1-r3 USE=bonobo introspection -eds -networkmanager 0 kB [ebuild N ] x11-wm/mutter-3.8.4 USE=introspection -debug {-test} 1,666 kB [ebuild U ] x11-wm/metacity-2.34.13 [2.30.3] USE={-test} -xinerama 1,622 kB [ebuild U ] media-video/totem-3.8.2-r1 [2.32.0-r2] USE=introspection%* nsplugin python* -debug -flash% -grilo% -lirc -nautilus {-test%} -zeitgeist% (-bluetooth%) (-iplayer%) (-tracker%) (-upnp-av%) (-youtube%*) PYTHON_SINGLE_TARGET=python2_7%* -python2_6% PYTHON_TARGETS=python2_7%* -python2_6% 3,080 kB [ebuild N ] gnome-base/gnome-applets-2.32.1.1-r2 USE=cpufreq gstreamer -ipv6 -networkmanager -policykit 0 kB [ebuild N ] net-libs/gnome-online-accounts-3.8.5 USE=gnome introspection -debug -kerberos 634 kB [ebuild N ] gnome-base/gnome-control-center-3.8.6:2 USE=bluetooth colord cups gnome-online-accounts i18n socialweb -debug -kerberos -modemmanager -v4l INPUT_DEVICES=-wacom 6,566 kB [ebuild U ] dev-libs/libgdata-0.14.0:0/13 [0.8.1-r2:0/0] USE=gnome introspection -debug -static-libs% -vala% 1,327 kB [ebuild N ] gnome-extra/evolution-data-server-3.8.5:0/40 USE=gnome-online-accounts gtk introspection vala weather -api-doc-extras -ipv6 -kerberos -ldap {-test} 3,843 kB [ebuild N ] gnome-extra/evolution-data-server-2.32.3-r3 USE=weather -gnome-keyring -ipv6 -kerberos -ldap {-test} 0 kB [ebuild N ]