Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
I had same block yesterday, below is what I did worked a treat for me -snip- 555 emerge -aDuv world {block showed up here} 556 emerge -aCv qmail 557 emerge -av qmail -snip- stu On 23/10/05, Mike Williams [EMAIL PROTECTED] wrote: On Sunday 23 October 2005 00:18, [EMAIL PROTECTED] wrote: Still something to learn I guess. my poppasswd file is still the example file that came with whatever it came with. My pop accounts are authenticated via the regular linux logins, so for every pop user (3 at the moment) I have a user acount in linux. Good good. What package uses this poppasswd file? cmd5checkpw, and anything else which does CRAM MD5 authentication at a guess. CRAM is done by sending a hash of the password over the wire, the salt is unique for each connection, so you need the plain text password on the server to check against, which are kept in poppasswd. Secure over the wire, hideously insecure on the server. I tried qpkg, but that doesn't seem to exist any more? Yeah, it got moved to another package as it's depreciated in favour of equery. Does the above mean I can safely enable noauthcram? Yes. -- Mike Williams -- gentoo-user@gentoo.org mailing list -- There are 10 types of people in this world: those who understand binary, those who don't --Unknown -- gentoo-user@gentoo.org mailing list
[gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
Hello, I get the message from the subject when trying to emerge -pu world. This is on a standard system, that is only mythtv related lines in package.keywords. I tried to unmerge cmd5checkpw, but that doesn't help, because emerge -pu world immediately wants to merge the package again, with the same blocker. unmergin qmail doesn't seem like an option to me. Any ideas? Thanks. Henk, -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
Try emerge -pvu world (verbose option). It should tell you a bit more information.On 10/22/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello,I get the message from the subject when trying to emerge -pu world.This is on a standard system, that is only mythtv related lines inpackage.keywords.I tried to unmerge cmd5checkpw, but that doesn't help, because emerge -pu world immediately wants to merge the package again, with the sameblocker.unmergin qmail doesn't seem like an option to me.Any ideas?Thanks.Henk,-- gentoo-user@gentoo.org mailing list-- - Mark Shields
Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
It only shosw the use flags for the qmail ebuild. one of them is -authcram. In the Rdepend= part of the ebuild for qmail, the following was added compared to R15: !noauthcram? ( || ( =net-mail/checkpassword-0.90 =net-mail/checkpassword-pam-0.99 ) =net-mail/cmd5checkpw-0.30 ) I'm not sure what this means, but I guess this causes the problem. Kind regards, Henk. On Sat, Oct 22, 2005 at 02:56:21PM -0400, Mark Shields wrote: Try emerge -pvu world (verbose option). It should tell you a bit more information. On 10/22/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello, I get the message from the subject when trying to emerge -pu world. This is on a standard system, that is only mythtv related lines in package.keywords. I tried to unmerge cmd5checkpw, but that doesn't help, because emerge -pu world immediately wants to merge the package again, with the same blocker. unmergin qmail doesn't seem like an option to me. Any ideas? Thanks. Henk, -- gentoo-user@gentoo.org mailing list -- - Mark Shields -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
On Saturday 22 October 2005 19:04, [EMAIL PROTECTED] wrote: I get the message from the subject when trying to emerge -pu world. This is on a standard system, that is only mythtv related lines in package.keywords. I tried to unmerge cmd5checkpw, but that doesn't help, because emerge -pu world immediately wants to merge the package again, with the same blocker. unmergin qmail doesn't seem like an option to me. http://bugs.gentoo.org/show_bug.cgi?id=100693 And the following output when doing a fresh install of qmail-1.03-r16 and net-mail/cmd5checkpw-0.30: * this version is in NO WAY COMPATIBLE with cmd5checkpw-0.2x * it actually receives the authentication credentials * in a different order then the old implementation * see bug #100693 for details * this version IS needed by =qmail-1.03-r16 You could turn on noauthcram if you don't need/want CRAM MD5 authentication (do you have plain text passwords in /etc/poppasswd?), or emerge qmail --nodeps to update qmail then emerge world. -- Mike Williams -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
On Sat, Oct 22, 2005 at 10:08:46PM +0100, Mike Williams wrote: You could turn on noauthcram if you don't need/want CRAM MD5 authentication (do you have plain text passwords in /etc/poppasswd?), or emerge qmail --nodeps to update qmail then emerge world. Still something to learn I guess. my poppasswd file is still the example file that came with whatever it came with. My pop accounts are authenticated via the regular linux logins, so for every pop user (3 at the moment) I have a user acount in linux. What package uses this poppasswd file? I tried qpkg, but that doesn't seem to exist any more? Does the above mean I can safely enable noauthcram? Thanks, Henk. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [blocks B ] mail-mta/qmail-1.03-r16 (is blocking net-mail/cmd5checkpw-0.30)
On Sunday 23 October 2005 00:18, [EMAIL PROTECTED] wrote: Still something to learn I guess. my poppasswd file is still the example file that came with whatever it came with. My pop accounts are authenticated via the regular linux logins, so for every pop user (3 at the moment) I have a user acount in linux. Good good. What package uses this poppasswd file? cmd5checkpw, and anything else which does CRAM MD5 authentication at a guess. CRAM is done by sending a hash of the password over the wire, the salt is unique for each connection, so you need the plain text password on the server to check against, which are kept in poppasswd. Secure over the wire, hideously insecure on the server. I tried qpkg, but that doesn't seem to exist any more? Yeah, it got moved to another package as it's depreciated in favour of equery. Does the above mean I can safely enable noauthcram? Yes. -- Mike Williams -- gentoo-user@gentoo.org mailing list