Re: tiger: howto manage flood of `deleted files' alerts ???
On Wed, Jan 07, 2004 at 02:13:19PM -0600, Michael D Schleif wrote: Server /usr/sbin/apache \(pid \d+\) is using deleted files The parent process of server /usr/sbin/apache \(pid \d+\) is using deleted files Program apache \(pid \d+, parent \d+\) is using a deleted file: .* /tmp/session_mm_apache0.sem \(deleted\) snip / Yes, I found these helpful. However, `\d' does *NOT* work on my system; rather, I had to change these to `[0-9]' -- and, yes, I did debug these with egrep, with same result. Oops. You are right, it should be [[:digit:]]+ instead of \d+ Javi signature.asc Description: Digital signature
Re: Infrastructer back online?
Am Mi Jan 07, 2004 at 06:5432 -0800 gab Matt Zimmerman [EMAIL PROTECTED] von sich: On Wed, Jan 07, 2004 at 10:35:30PM +0100, Jan L??hr wrote: noticing the increasing amount of secure-adv I'd like to ask, wheter the buid-deamons are back or wheter another issue is increasing the amount of advs rapidly. Everything is working again. what's about p.d.o ? -- Regards,| Debian GNU / / _ _ _ _ _ __ __ . | / /__ / / / \// //_// \ \/ / Martin Helas| // /_/ /_/\/ /___/ /_/\_\ mailto:[EMAIL PROTECTED] | because reboots are for hardware upgrades. PGP-Fingerprint: 1474 4CAC EF5C ECFA E29E 2CB1 7929 AB90 F7AC 3AF signature.asc Description: Digital signature
Re: GnuPG can not read some pgp signatures
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). Greetings - -- vbi [1] http://kmail.kde.org/kmail-pgpmime-howto.html - -- Protect your privacy - encrypt your email: http://fortytwo.ch/gpg/intro -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: get my key from http://fortytwo.ch/gpg/92082481 iKcEARECAGcFAj/7tpJgGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjUmbWQ1c3VtPTVkZmY4NjhkMTE4NDMyNzYw NzFiMjVlYjcwMDZkYTNlAAoJEIukMYvlp/fW9IUAnA5gbmjLW2jKye7xLCJOTv4L IAlsAKC+aho9Af526mxbicP5t9nd8zzzUA== =XZ8c -END PGP SIGNATURE-
Re: Content-Type in DSAs
On Tuesday, 2004-01-06 at 18:00:13 +0100, Adrian 'Dagurashibanipal' von Bidder wrote: Clinging to sanity, Alexander Neumann mumbled in his beard: * Lupe Christoph [EMAIL PROTECTED] wrote: Comparing the DSAs and reading how mutt recognizes a PGP signed message, I found that only some DSAs from Martin Schulze have a Content-Type as mutt wants it: Content-Type: application/pgp; format=text; x-action=sign - PGP/MIME No. PGP/MIME is multipart/signed on the top level, whatever the mime type of the message is in the first MIME part, and application/pgp-signature in the second MIME part. application/pgp is a never standardized text/plain variant of an inline signed message, with the main problem that some Mailers do not render it correctly (since they assume that unknown application/... is binary, not text). Martin Schulze does not use application/pgp anymore. I found it only in older DSAs sent by him. I now understand why the text/plain format is used. For something as important as DSAs, I would use that myself. Thanks for your explanations, people! Lupe Christoph -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | Violence is the resort of the violent Lu Tze | | Thief of Time, Terry Pratchett |
Re: GnuPG can not read some pgp signatures
On Wed, Jan 07, 2004 at 08:34:42AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: Reason: No appropriate crypto plug-in was found. I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. The fact that he is reporting that kmail specifically doesn't like an attached .asc does not suggest that the problem is with inline signatures. IMHO, inline signatures should not be used ever as they are liable to corruption unless the entire message + signature is encoded in quoted-printable before sending. Matthew
Re: GnuPG can not read some pgp signatures
Wednesday 07 January 2004 08:34 dátummal Adrian 'Dagurashibanipal' von Bidder ezt írta: Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. Not really. Your messages doesn't produce that No appropriate crypto plug-in was found. message. For your mail, KMail says this: Message was signed with unknown key 0xE5A7F7D6. The validity of the signature cannot be verified. There are some emails, which has an attached *.asc file. For these mails, KMail says this: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. Any idea? Daniel There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). Greetings -- vbi [1] http://kmail.kde.org/kmail-pgpmime-howto.html -- Protect your privacy - encrypt your email: http://fortytwo.ch/gpg/intro -- LeVA
Re: GnuPG can not read some pgp signatures
* LeVA [Wed, 07 Jan 2004 11:59:25 +0100]: Wednesday 07 January 2004 08:34 dátummal Adrian 'Dagurashibanipal' von Bidder ezt írta: Clinging to sanity, LeVA mumbled in his beard: Reason: No appropriate crypto plug-in was found. Hi, I guess that your problem is NOT idea, but inline gpg signed msgs (like this one) versus PGP/MIME signed messages. Not really. Your messages doesn't produce that No appropriate crypto plug-in was found. message. For your mail, KMail says this: It is that, *indeed*. But the other way round: inline gpg signed msgs do not cause trouble to KMail, but PGP/MIME ones (like *this* one) do. If I'm correct, you should just have seen: The message is signed, but the validity of the signature can't be verified. Reason: No appropriate crypto plug-in was found. Any idea? Yep, the KMail PGP/MIME Howto which Adrian already pointed you to: [1] http://kmail.kde.org/kmail-pgpmime-howto.html -- Adeodato Simó (a.k.a. thibaut) EM: asp16 [ykwim] alu.ua.es | IM: my_dato [jabber.org] | PK: DA6AE621 When all is summed up, a man never speaks of himself without loss; his accusations of himself are always believed; his praises never. -- Michel de Montaigne signature.asc Description: Digital signature
Re: tiger: howto manage flood of `deleted files' alerts ???
Javier Fernández-Sanguino Peña [EMAIL PROTECTED] [2004:01:07:18:52:45+0100] scribed: On Mon, Jan 05, 2004 at 01:04:18AM -0600, Michael D Schleif wrote: I have been using tiger for nearly a year. Several months ago, a new test was added in: /usr/lib/tiger/scripts/check_finddeleted I wrote this (probably too agressive test) after reading one of Brain Hatch's excellent articles [1]. It's probably written in a very broad way (to catch all the culprits) but fires off in many common cases. Since Tiger 3.2.1 provides an ignore mechanism (similar to logcheck's) you can add those common cases to your tiger.ignore file. In bug # 225112 I mention some common ones (in my case) which include the following regular expressions (for apache): Yes, I use several ignore regexps -- I had hoped that there is some configuration option that I missed. Server /usr/sbin/apache \(pid \d+\) is using deleted files The parent process of server /usr/sbin/apache \(pid \d+\) is using deleted files Program apache \(pid \d+, parent \d+\) is using a deleted file: .* /tmp/session_mm_apache0.sem \(deleted\) snip / Yes, I found these helpful. However, `\d' does *NOT* work on my system; rather, I had to change these to `[0-9]' -- and, yes, I did debug these with egrep, with same result. Thank you. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp6lOA9wRAzW.pgp Description: PGP signature
tiger: howto eliminate spurious cron errors?
In the spirit of my current endeavor to eliminate noise from tiger, I find myself receiving the following stderr reports from tiger via cron: stdin: is not a tty /usr/bin/find: /usr/X11R6/bin/: No such file or directory /bin/sed: can't read /etc/printcap: No such file or directory /bin/ls: /boot/boot.b: No such file or directory Unfortunately, tiger.ignore cannot help me to eliminate this noise. That first one is especially annoying, since I receive it several times per day on several servers. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgpuiwKQqsKN9.pgp Description: PGP signature
Infrastructer back online?
Greetings, noticing the increasing amount of secure-adv I'd like to ask, wheter the buid-deamons are back or wheter another issue is increasing the amount of advs rapidly. Keep smiling yanosz
Re: tiger: howto eliminate spurious cron errors?
Michael, On Wed, 2004-01-07 at 13:26, Michael D Schleif wrote: In the spirit of my current endeavor to eliminate noise from tiger, I find myself receiving the following stderr reports from tiger via cron: Excellent. Not sure if this is the correct list (if not, feel free to submit bugs or discuss them on the tiger-user/tiger-devel list at: http://savannah.nongnu.org/projects/tiger). stdin: is not a tty This is probably from the check_root cron entry. Upstream should have this fixed: http://mail.nongnu.org/archive/html/tiger-devel/2003-09/msg00031.html /usr/bin/find: /usr/X11R6/bin/: No such file or directory /bin/sed: can't read /etc/printcap: No such file or directory /bin/ls: /boot/boot.b: No such file or directory These need to be fixed. I know right where the last two are and have a good idea on the third one. I will look at this and get a patch committed upstream. Unfortunately, tiger.ignore cannot help me to eliminate this noise. That first one is especially annoying, since I receive it several times per day on several servers. Correct, these are generated via stderr instead of a tiger generate message so they are nor processes using tiger.ignore. What do you think? Thanks for reporting these! - Ryan
Re: tiger: howto manage flood of `deleted files' alerts ???
On Wed, Jan 07, 2004 at 02:13:19PM -0600, Michael D Schleif wrote: Server /usr/sbin/apache \(pid \d+\) is using deleted files The parent process of server /usr/sbin/apache \(pid \d+\) is using deleted files Program apache \(pid \d+, parent \d+\) is using a deleted file: .* /tmp/session_mm_apache0.sem \(deleted\) snip / Yes, I found these helpful. However, `\d' does *NOT* work on my system; rather, I had to change these to `[0-9]' -- and, yes, I did debug these with egrep, with same result. Oops. You are right, it should be [[:digit:]]+ instead of \d+ Javi signature.asc Description: Digital signature
Re: GnuPG can not read some pgp signatures
Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] wrote: There is currently no official gpg-agent and pinentry Debian packages, so you'll need to either get some unofficial ones (did anybody do any lately? I think Ralf Nolden's packages are not online anymore), or compile the software yourself as per [1] (last I tried, I had to disable threading on some components. But it's been a while, and new releases of most parts are out, so I don't know what the current status is). FWIW, I have this repository in my sources.list: # gpgme, pinentry, etc. deb http://bulma.net/~daneel/debian/ ./ Zoran
Re: tiger: howto eliminate spurious cron errors?
Ryan Bradetich [EMAIL PROTECTED] [2004:01:07:15:08:22-0700] scribed: Michael, On Wed, 2004-01-07 at 13:26, Michael D Schleif wrote: In the spirit of my current endeavor to eliminate noise from tiger, I find myself receiving the following stderr reports from tiger via cron: Excellent. Not sure if this is the correct list (if not, feel free to submit bugs or discuss them on the tiger-user/tiger-devel list at: http://savannah.nongnu.org/projects/tiger). OK. First, I did not know whether or not these qualify as bugs. In that uncertain phase, I usually ping a user group for opinions on the matter. Second, I have been subscribed to the tiger mailing lists for several months, and tiger-user has not had any posts since August 2003, which were announcements; and, tiger-devel appears to be -- well -- development oriented. stdin: is not a tty This is probably from the check_root cron entry. Upstream should have this fixed: http://mail.nongnu.org/archive/html/tiger-devel/2003-09/msg00031.html Even Google has few references to this error, and none are tiger related. /usr/bin/find: /usr/X11R6/bin/: No such file or directory /bin/sed: can't read /etc/printcap: No such file or directory /bin/ls: /boot/boot.b: No such file or directory These need to be fixed. I know right where the last two are and have a good idea on the third one. I will look at this and get a patch committed upstream. ``last two'' and ``third one'' make me wonder about that pesky _first_ find error ; Unfortunately, tiger.ignore cannot help me to eliminate this noise. That first one is especially annoying, since I receive it several times per day on several servers. Correct, these are generated via stderr instead of a tiger generate message so they are nor processes using tiger.ignore. What do you think? Thanks for reporting these! If there is a better forum for these posts, please, advise. Thank you. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgpcsOELZ6HrT.pgp Description: PGP signature
Re: Infrastructer back online?
On Wed, Jan 07, 2004 at 10:35:30PM +0100, Jan L??hr wrote: noticing the increasing amount of secure-adv I'd like to ask, wheter the buid-deamons are back or wheter another issue is increasing the amount of advs rapidly. Everything is working again. -- - mdz
Re: Infrastructer back online?
On Thu, Jan 08, 2004 at 04:08:23AM +0100, Martin Helas wrote: Am Mi Jan 07, 2004 at 06:5432 -0800 gab Matt Zimmerman [EMAIL PROTECTED] von sich: On Wed, Jan 07, 2004 at 10:35:30PM +0100, Jan L??hr wrote: noticing the increasing amount of secure-adv I'd like to ask, wheter the buid-deamons are back or wheter another issue is increasing the amount of advs rapidly. Everything is working again. what's about p.d.o ? There is more than one p.d.o and only one of them is not operational. That has nothing to do with security, thankfully. -- - mdz
Re: Infrastructer back online?
Am Mi Jan 07, 2004 at 06:5432 -0800 gab Matt Zimmerman [EMAIL PROTECTED] von sich: On Wed, Jan 07, 2004 at 10:35:30PM +0100, Jan L??hr wrote: noticing the increasing amount of secure-adv I'd like to ask, wheter the buid-deamons are back or wheter another issue is increasing the amount of advs rapidly. Everything is working again. what's about p.d.o ? -- Regards,| Debian GNU / / _ _ _ _ _ __ __ . | / /__ / / / \// //_// \ \/ / Martin Helas| // /_/ /_/\/ /___/ /_/\_\ mailto:[EMAIL PROTECTED] | because reboots are for hardware upgrades. PGP-Fingerprint: 1474 4CAC EF5C ECFA E29E 2CB1 7929 AB90 F7AC 3AF signature.asc Description: Digital signature