Re: localhost:631 and sudouser

[Erwan David]

On Thu, Jan 27, 2011 at 08:39:59AM CET, Sthu Deus  said:
> Good day.
> 
> How the printers are administered through the 631th port when only sudo
> users are available?
> 
> Thank You for Your time.
> 

You can configure (in /etc/cups/cupsd.conf) for a group to have
administrative rights on printers.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110127074839.gc12...@rail.eu.org

Re: localhost:631 and sudouser

[der.hans]

Am 27. Jan, 2011 schwätzte Sthu Deus so:

moin moin,


How the printers are administered through the 631th port when only sudo
users are available?


Not sudo users, rather the root user. By default sudo switches to root
account privileges, but it can grant access as other users as well.

On my system cups is running as root, so it has permissions to bind to
port 631.

Other services such as apache start as root in order to bind to a
privileged port, but then shed the root privileges and run as an
unprivileged user.

ciao,

der.hans
--
#  http://www.LuftHans.com/http://www.LuftHans.com/Classes/
#  ABLEconf - 2011Apr02 - CfP 2010Feb06 - Free Software for Free Enterprise
#  A t-shirt a day keeps the noose away. - der.hans

localhost:631 and sudouser

[Sthu Deus]

Good day.

How the printers are administered through the 631th port when only sudo
users are available?

Thank You for Your time.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d412159.ca7a0e0a.7620.a...@mx.google.com

aptitude upgrade errors

[Kelly Harding]

hi

have been getting following errors when tryign to upgrade my Debian sid box:

dpkg-query: parse error, in file '/var/lib/dpkg/status' near line
29666 package 'virtualbox-2.1':
 error in Version string `2.1.4-42893_Debian_lenny': invalid character
in revision number
exim4-config.postinst: [WARN] Installed debconf version is broken.
Aborting preconfigure.
dpkg: parse error, in file '/var/lib/dpkg/status' near line 29666
package 'virtualbox-2.1':
 error in Version string `2.1.4-42893_Debian_lenny': invalid character
in revision number
E: Sub-process /usr/bin/dpkg returned an error code (2)
A package failed to install.  Trying to recover:
dpkg: parse error, in file '/var/lib/dpkg/status' near line 29666
package 'virtualbox-2.1':
 error in Version string `2.1.4-42893_Debian_lenny': invalid character
in revision number


Results in inability to upgrade any packages on the system.

Anyone come across this and know how to fix? or is a system re-install needed?

kelly


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/AANLkTi=khy1grzvbag8zigknaaqwpwdyk1913_jqw...@mail.gmail.com

Re: Linux disk partition encryption

[Jochen Schulz]

Celejar:
> Jochen Schulz  wrote:
>> Celejar:
>>> 
>>> Why does putting /boot on a USB stick gain you anything?
>> 
>> Because an unencrypted /boot may be altered by an attacker without you
>> noticing it.  Theoretically, the kernel may be replaced by another one
>> that reports your passphrase to the attacker.
> 
> Oh, basically the Evil Maid attack.  Fair enough.  But then you have to
> make sure the attacker can't flash the BIOS ...

Exactly. I didn't remember there was a name for this attack.

J.
-- 
There is no justice in road accidents.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

Problems in PMDF Mailserv V6.1 command processing

[PMDF Mailserv V6.1]

Error in the command: The original message was received at Thu, 27 Jan 2011 
11:22:04 +0700
Unrecognized command verb: THE
Subsequent commands ignored because of previous error.
Ignored: from lists.debian.org [26.119.204.166]
Ignored: - The following addresses had permanent fatal errors -
Ignored: mails...@mail.apps.ietf.org
Use the HELP command to get a list of legal MAILSERV commands.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/01nx3bl5kp8y00j...@mauve.mrochek.com

Re: editing /var/lib/dpkg/available

[godo]

On 01/24/2011 11:36 PM, Waqqas Dadabhoy wrote:

I played around with Zimbra a while ago, but have removed it now. I
get the following error whenever I use apt-get:

warning, in file '/var/lib/dpkg/available' near line 8727 package 'zimbra-ldap':
  error in Version string '6.0.8_GA_2661.DEBIAN5_64': invalid character
in version number

Since I won't be using Zimbra again, I am considering removing the
Zimbra-related lines from /var/lib/dpkg/available. To me the
hand-editing seems crude, is there a 'more clean' or 'recommended' way
to get rid of the error?

Thanks.



Hi,
I have this problem with old version of VirtualBox.
What was working for me is deleting block inside /var/lib/dpkg/available 
where was mentioning old VirtualBox or in your case zimbra-ldap (near 
line 8727).


Before doing that back up /var/lib/dpkg/available just in case 
somethings go wrong.


--
Bye,
Goran Dobosevic
Hrvatski: www.dobosevic.com
 English: www.dobosevic.com/en/
Registered Linux User #503414


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/4d40ed57.9000...@dobosevic.com

How to start gdm by default

[T o n g]

Hi,

I need to start gdm by default on one of my boxes, which is currently 
booting into text mode.

I do have gdm installed:

$ dpkg -l | grep gdm 
ii  gdm2.20.11-4  GNOME Display Manager

It's still activated as the bootup service:

% update-rc.d gdm defaults
gdm already in /etc/runlevel.conf: No change.

$ grep gdm /etc/runlevel.conf
01  0,1,6   -   /etc/init.d/gdm
30  -   2,3,4,5 /etc/init.d/gdm

which should mean business as usual to start it when system boot up. But 
my gdm is not starting. 

Actually, I'm been booting to text mode ever since I use Linux, and have 
forgot what trick I played to switch the booting mode (from gui to text) 
now. 

Here are my current (related) settings:

$ grep initdefault /etc/inittab
id:2:initdefault:

$ tail -3 /boot/grub/menu.lst 
title   os11 :: Debian kernel 2.6.35-grml64
 kernel /boot/vmlinuz-2.6.35-grml64 root=/dev/sda8 ro vga=normal
 initrd /boot/initrd.img-2.6.35-grml64

Where should I tweak? Is above enough?

Thanks

-- 
Tong (remove underscore(s) to reply)
  http://xpt.sourceforge.net/techdocs/
  http://xpt.sourceforge.net/tools/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/ihqod4$udv$1...@dough.gmane.org

Re: Any package for surveys?

[elbbit]

On 25/01/11 10:11, Daniel Andersson wrote:
> Is there a package for doing surveys? Preferably a web solution.
> 
> Any suggestions?

Sorry for coming late to the thread with this one.

I held off writing back because I have just launched a new website at:
http://www.tibble.net/

Wait!  Don't go!  This isn't spam!   Please!  Just listen!

For anyone who is half in the know about the goings on in the world, and
are aware of Project Venus or the Zeitgeist Movement, you will
understand that there is a growing concern over many global issues:
- over-population of the planet
- resources might run out (as a result of too many people)
- money is a form of slavery
- the choices available to us are set by corporations/governments, not
by us the people
... the list goes on.

I'm not here to preach one form of belief system or another.  I do not
enter into argument with those who want to push their beliefs.  You may
believe in God.  I may not.  Whatever.  What I want to know is... what
does EVERYONE think about stuff?  I mean, why are no global surveys
being cast.

Up steps me.  My name is Simon Tibble, and I am here to take your vote
please.  Come join me at my site and give your view about all and every,
and learn more about what other people think.  The sooner the global
consensus is reached... the better our world will become.

Yes, I really do believe I can change the world.  Are you with me?  Or
do you want to ridicule me?

Go to my site.  Go now.  Give up a little bit of your very precious time
- and I thank all in advance who help contribute - because I need you -
we need each other - to develop as a whole we need to think as a whole.

I post here first rather than elsewhere because I believe computer
experts like ourselves are at the forefront of development.  Through the
application of science comes wisdom, understanding and knowledge.

For those who have a head for big words, you may want to read more about
the idea at:
http://www.tibble.net/idea.txt

There is one more thing you should know about the site.  Once you decide
your vote, it does not end there.  You can change your mind at any time
on any matter, and any one can make a new vote.  So, you see, the
organic flow of energy in nature can relate to information... because as
more people come online at Tibble.net and register their vote, the more
we gain an understanding of how everyone is feeling.  We learn what we
want as a whole and we will obviously adapt according to our majority
thought.

Accept that this moment is inevitable.  Some call this the technological
singularity, others call it the awakening.  Whatever you call it, you
are either part of planet earth or you are not, and if you know what is
right, you will realise this is bigger than Facebook or Google will ever be.

Please forward this message to everyone, even if you know full well they
probably won't read or understand it.  This message must travel the
matrix in order to flourish.

Simon Tibble
si...@tibble.net

-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d40d77d.1000...@gmail.com

Happy Chinese New Year 2011

[Export]

Dear Value Customers/ Business Partners

We'll be closing for Chinese New Year on 1st February 2011 (Tues) and
commencing business on 6 February 2011 (Tues).

Thank you.

Gong Xi Fai Chai & Happy Chinese New Year.       

Exportxcel Sdn. Bhd. (660022-p)

~your excellent deal~

Add: BG06, 07 & 08, Block B, KL Industrial Park,

Old Klang Road, 58200 K.L.

Tel: 03-7782 4448Fax: 03-7785 0940

Mobile: 012-255 1525 (Ms. BeVerLy Ng)

Email: sa...@exportxcel.com
This message was sent by: MYAC, BG06 K.L. Industrial Park,5th Mile, Old Klang 
Road, KL, WP 58200

Manage your subscription:
http://app.icontact.com/icp/mmail-mprofile.pl?r=53431360&l=96993&s=YLRL&m=719583&c=322308

Forward to a friend: 
http://app.icontact.com/icp/core/message/forward?m=719583&s=53431360&c=YLRL&cid=322308

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Boyd Stephen Smith Jr.]

On Wednesday 26 January 2011 17:20:05 Rob Owens wrote:
> [M]aybe there is a way to convince apt/aptitude
> to tell you what applications were installed purposedly (not
> automatically installed to resolve dependencies).

aptitude search '~i!~M'
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net  ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/


signature.asc
Description: This is a digitally signed message part.

Re: loud f'ing noise

[shawn wilson]

On Wed, Jan 26, 2011 at 6:53 PM, Simon Hollenbach  wrote:

> On Wed, 2011-01-26 at 18:22 -0500, shawn wilson wrote:
>
> > so for next time, is there any software to reset hardware alarms?
> > i know there's ipmi stuff, but i don't have an ipmi card for this
> > computer. when i googled, i found a man page for 'hwreset' but i
> > didn't find anything with 'apt-cache search' (on either the kubuntu
> > install or a debian box).
>
> Hi Shawn,
> those alarms are useful and usually have a cause, maybe your fan did
> spin too slow for BIOS, that happened to me at some point, having a
> temperature-controlled fan and a MB caring about its CPU-Fan-Speed. And
> I think they don't go away because the guys who made it thought it was a
> good idea to turn your system off immediately if this noise appears. You
> should find the cause of your alarm and by eliminating that you minimize
> the probability you'll hear that ever again.
>
> Sorry if I misunderstood, I just don't want you to harm a system running
> debian :)
>
>
 first, fear not - it's not "debian" it's kubuntu :)

second, where do i find the cause of this alarm? i looked in my the log
files of when it started (well, kern, messages, syslog) and sent along the
only thing i saw... now, this was a $400 supermicro motherboard when i
bought it a few years ago, so i suppose the bios might have a logging
mechanism (like i've seen on some dells). how would i access that?

i agree that i should get notified of messed up things. however, if
something happens (ie, ram issue that ecc catches) i should be notified
about it and allowed to go about my day. just saying, i think i lost quite a
bit of sanity listening to that thing for over an hour.

Re: loud f'ing noise

[Simon Hollenbach]

On Wed, 2011-01-26 at 18:22 -0500, shawn wilson wrote:

> so for next time, is there any software to reset hardware alarms?
> i know there's ipmi stuff, but i don't have an ipmi card for this
> computer. when i googled, i found a man page for 'hwreset' but i
> didn't find anything with 'apt-cache search' (on either the kubuntu
> install or a debian box). 

Hi Shawn,
those alarms are useful and usually have a cause, maybe your fan did
spin too slow for BIOS, that happened to me at some point, having a
temperature-controlled fan and a MB caring about its CPU-Fan-Speed. And
I think they don't go away because the guys who made it thought it was a
good idea to turn your system off immediately if this noise appears. You
should find the cause of your alarm and by eliminating that you minimize
the probability you'll hear that ever again.

Sorry if I misunderstood, I just don't want you to harm a system running
debian :)

Bye
Simon



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1296085981.918.5.camel@localhost

Re: help

[Rob Owens]

On Wed, Jan 26, 2011 at 08:05:42PM +, Camaleón wrote:
> On Wed, 26 Jan 2011 20:54:01 +0100, Johan Grönqvist wrote:
> 
> > 2011-01-26 20:16, Hans-J. Ullrich skrev:
> >> Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:
> 
> (...)
> 
> >>> 3 adobe flash player
> >> There is no package for adobe flashplayer, but you can install the
> >> package "flashplayer-unfree" from the repository, which includes a
> >> script for installing adobes flashplayer. Works best with iceweasel.
> >> Both architectures are supported.
> >>
> >>
> > That would be flashplugin-nonfree, and it is available in the "contrib"
> > repository, which has to be activated.
> > 
> > According to the wiki-page the flashplugin may not work with debian
> > 5.0.7 (Lenny), but may need debian 6.0 (squeeze).
> 
> Uh? How bad! :-(
> 
> Anyway, you can always get it from Adobe site:
> 
> http://get.adobe.com/flashplayer/
> 
How about www.debian-multimedia.org?  He's got flashplayer in his repos.

-Rob


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126234236.gb23...@aurora.owens.net

Re: help

[Robert Holtzman]

On Wed, Jan 26, 2011 at 01:03:55PM -0800, Alan Hutchinson wrote:
> Hi people ,I just recently installed Debian -507-i38 , and I have bean trying
> to install ndiswrapper-1.9 but every time I try to install the driver I get
> >>
>  sudo ndiswrapper -i NetA3AB.inf
> couldn't open NetA3AB.inf: No such file or directory at /usr/sbin/
> ndiswrapper-1.9 line 219.
> why cant ndiswrapper find the NetA3AB.inf ? Driver file,the Wi Fi card is
> ¨WDA-2320 D-Link >> Atheros AR5212/AR5213 ,chip set 168C:0013 if you could
> pleas get get to me on this matter, I have bean working on this since about 
> mid
> 2010, thanks in advance.

Congratulations, you just hijacked a thread.

-- 
Bob Holtzman
Key ID: 8D549279
"If you think you're getting free lunch,
 check the price of the beer"


signature.asc
Description: Digital signature

Re: loud f'ing noise

[shawn wilson]

On Wed, Jan 26, 2011 at 4:34 PM, Boyd Stephen Smith Jr. <
b...@iguanasuicide.net> wrote:

> In 
> >,
> shawn
> wilson wrote:
> >i was messing around with forwarding ports with connectbot (android app)
> and
> >all of a sudden my computer started making this loud beep - solid beep.
> it's
> >still going on now and it's quite distracting. i don't see a pc speaker
> >module loaded and this is the the only log entry that was around when it
> >started:
>
> Sounds to be like a hardware or case alarm.  There's probably a reset
> button
> on the case, but you might have to hard reset to clear it up.  Usually, the
> pcspkr module is not very loud.
>
>
heh, i rebooted. i couldn't get any work done with that noise.

so for next time, is there any software to reset hardware alarms? i know
there's ipmi stuff, but i don't have an ipmi card for this computer. when i
googled, i found a man page for 'hwreset' but i didn't find anything with
'apt-cache search' (on either the kubuntu install or a debian box).

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Rob Owens]

On Wed, Jan 26, 2011 at 01:23:37PM -0500, Tom Roche wrote:
> The final thing I believe I need to do (please suggest anything else I
> should know) is to backup the list of currently-active (installed and
> selected) packages so as to be able to restore them quickly and
> completely in the new environment, so that I don't need to manually
> install, e.g., chromium and emacs. Am I missing anything? If not:
> 
> >From other reading, one way to do this is
> 
> # in terminal in ubuntu
> dpkg --get-selections > "${PACKAGE_FILE}"
> # in terminal in LMDE
> sudo dpkg --set-selections < "${PACKAGE_FILE}"
> sudo apt-get dselect-upgrade
> sudo aptitude update
> sudo aptitude -s full-upgrade
> 
While this is technically correct, 'dpkg --get-selections' is going to
give you a huge list of files (which somebody else already pointed out,
will not necessarily all be available in LMDE).  Your list will have
"libthis" and "libthat" -- a bunch of things that were installed as
dependencies of the applications you really care about.

I would try to get a list of those applications that you really care
about.  Maybe the best way to do this is by simply looking through your
"Applications" menu.  Or maybe there is a way to convince apt/aptitude
to tell you what applications were installed purposedly (not
automatically installed to resolve dependencies).  If you can get such a
list, I think your job will be a lot easier.

-Rob


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126232005.ga23...@aurora.owens.net

Re: Linux disk partition encryption

[tv.deb...@googlemail.com]

>On the 26/01/2011 06:36, T o n g wrote:
> Hi,
> 
> I'm thinking to do the disk partition encryptions now. However 
> 
> "Hard drive encryption sounds like an intimating concept, mostly because 
> it is. The thought of taking your precious files, then using a 
> mathematical formula to convert them into random noise before scattering 
> them back across your disk is a hard sell. " [1]
> 
> 1. http://www.maximumpc.com/article/howtos/
> how_to_encrypt_your_entire_hard_drive_for_free_using_true_crypt
> 
> So I need some demystify of the whole thing around disk/partition 
> encryption
[...]
Can't comment on the crypto science, but I am using it and it works just
fine, both full disk (cryptsetup LUKS on raid and usb sticks) and for
files (ecryptfs).

> 
> Here are my questions, 
> 
> - First very noob question, I don't want whole disk encryption, just want 
> to encrypt some selected already partitioned partitions. If someone mount 
> those encrypted partitions, will they shows up as empty or, there are 
> some hints that the partitions have been encrypted?

Don't know what you mean exactly by "show up as empty", with ecryptfs
the mountpoint will indeed be empty unless the crypted directory is
open. But it's always possible to guess that encryption is being used,
or guess it from "missing space" on the hard drive.

> 
> - The Ubuntu [3] and CentOS [4] seems to endorse dm-crypt, instead of 
> (widely-used?) cryptsetup-luks. So I need a bit of explanation which is 
> better than others. 
> 
> 3. http://www.humboldt.edu/its/security-encryption-linuxubuntu
> 4. http://beginlinux.com/blog/2009/04/centos-53-encrypted-block-devices/

Using cryptsetup and doing good. cryptsetup (LUKS) is using dm_crypt.
The old alternative (and insecure) way was cryptoloop.

> 
> - In terms of encryption used, TrueCrypt supports the following 
> encryption algorithms: AES, Serpent, Twofish, AES-Twofish, AES-Twofish-
> Serpent, Serpent-AES, Serpent-Twofish-AES, Twofish-Serpent; And these 
> hash algorithms: RIPEMD-160, SHA-512 & Whirlpool [5]
> 
> 5. http://www.informit.com/articles/article.aspx?p=1276279
> 
> So I need a bit of explanation why your chosen algorithm is better than 
> others. Very very brief will do.

Used standard aes (256), serpent and twofish, settled with twofish since
it seems really solid, standard enough, and didn't show any speed hit
with my workload.
More specifically lately I used twofish-cbc-essiv:sha256 with a keysize
of 256. I believe unless I am nominated as public enemy my data are safe
from the average lone cracker, and most probably even the serious ones.

> - Is your partition encryption choice as cross-platform as TrueCrypt?
I don't care about cross-platform, can't comment. For me if it works on
any linux flavours it's good enough, I will always be able to retrieve
my data.

> 
> - If I put the encrypted partitions in fstab, then I have to enter 
> passphrase for each one of them when PC boot up, I guess. Will the whole 
> boot up be hold up waiting for encrypted partitions passphrases?
Yes, unless you do as mentioned below. Yes the boot process will "wait"
for you to type in the passphrases, or will look for the keyfiles.

> 
> - Since I need to encrypt more than one selected partitions, if I want to 
> mount encrypted partitions manually, is there any alternative way than to 
> typing in passphrase for each one of them when mounting them?
You can "chain" the mounting by using a passphrase or keyfile for the
first, and then store keyfiles for the subsequent in keyfiles on the
first encrypted partition to be mounted (unsafe, maybe just for swap ?),
or all the keyfiles on a usb stick. This is less secure since if the
system is compromised the keyfiles could be stolen, but using a usb
stick only when mounting is needed reduces the risk.
I never tried but maybe pam could be used for this ?

For swap I resorted to use (clear) swap file on encrypted partitions
(could be /, /home or any as long as it's mounted at boot time), it's
more flexible and works as good as a dedicated partition for me, but my
systems have plenty of ram with reduced swappiness and I rarely see
swapping.

> 
> - how passphrase are cached? Do I have to repeatedly typing in passphrase  
> each time I do the mount? I also heard of passphrase-less disk 
> encryptions. Hmm... I don't want to go there so maybe I can skip that.
I don't think caching the passphrases anywhere would be secure, when the
volume is in use it is "in clear" (as opposed to encrypted), so is the
swap and ram, caching would not be safe. Maybe some "keyring" daemon can
take care of that, but then your passphrases are only as safe as the one
of the keyring.

> 
> BTW, I just need a mini intro about disk encryption, it does not need to 
> be in-depth or comprehensive but rather short and to the point.
> 
> Thanks a lot. 
> 
> 
I used the man and:

General:

https://secure.wikimedia.org/wikipedia/en/wiki/Disk_encryption_theory#XTS

https://secure.wikimedia.org/wikipedia/en/

Re: Linux disk partition encryption

[Celejar]

On Wed, 26 Jan 2011 23:24:07 +0100
Jochen Schulz  wrote:

> Celejar:
> > Brad Alexander  wrote:
> > 
> >> Linux admins used LUKS, and as a further step, I put /boot (the only
> >> partition that cannot be encrypted) on a USB stick, so that if anyone
> >> got the laptop, they had no access to the data.
> > 
> > Why does putting /boot on a USB stick gain you anything?
> 
> Because an unencrypted /boot may be altered by an attacker without you
> noticing it.  Theoretically, the kernel may be replaced by another one
> that reports your passphrase to the attacker.

Oh, basically the Evil Maid attack.  Fair enough.  But then you have to
make sure the attacker can't flash the BIOS ...

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126174600.a8866289.cele...@gmail.com

Re: Weird server mystery: self-reset, mostly

[elbbit]

On 26/01/11 20:58, Bob Proulx wrote:
> will trillich wrote:
>>  23:58:11 up 583 days,  3:03,  6 users,  load average: 0.00, 0.02, 0.08
> You have not rebooted your system in 583 days meaning that you have
> NOT taken any of the posted Linux kernel security upgrades in that
> time period.  You may have been hit by any of the cracks running in
> the wild that are known and fixed but you have not installed.  After a
> couple of years of being vulnerable to security issues it could be
> anything.  You should install security upgrades and reboot to activate
> the new kernels otherwise you are not protected.
> 
> Subscribe to security-announce and keep updated.

I totally agree with Bob.  We know our systems run fine now that Debian
is very mature, and the old notion of safeguarding an uptime whilst
neglecting security is a bit old fashioned.

-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d40a3d2.7020...@gmail.com

Re: Why are my emails not making it to the list?

[elbbit]

On 26/01/11 22:01, Andrei Popescu wrote:
> On Mi, 26 ian 11, 21:37:26, Neil Youngman wrote:
>> On Wednesday 26 Jan 2011 20:52:34 elbbit wrote:
>>> I have replied to several threads now, but my emails are not appearing?
>>>
>>> According to the mailman page I am supposed to receive my own copies.
>>> Did I miss something?  Do I need to RTFM somewhere?
>>
>> I believe it's a Gmail feature the inbound copy of the message is discarded 
>> because it already has a copy in the sent folder.
> 
> Yes, I've been working around that "feature" by receiving all list mail 
> to a different account.
> 
> Regards,
> Andrei
Many thanks to all who replied.  I appreciate you taking the time.

It is moderately annoying as I use my Gmail account with POP3, set to
download and remove all messages from the server.  I am also using the
Gmail SMTP server, and it appears that mail sent goes to the webmail's
Sent folder - and there is no option in the Gmail interface to disable
Google saving a copy when I deliver mail via SMTP.

-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d40a2cf.5060...@gmail.com

Re: Mplayer question??

[elbbit]

On 26/01/11 22:11, I Rattan wrote:
> 
> What is the command to .ogg file to .mp3 file?
> 
> Thanks in advance.
> 
> -ishwar
> 
> 

http://lmgtfy.com/?q=mencoder+ogg+to+mp3

-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d409f0e.1090...@gmail.com

Re: Linux disk partition encryption

[Jochen Schulz]

Celejar:
> Brad Alexander  wrote:
> 
>> Linux admins used LUKS, and as a further step, I put /boot (the only
>> partition that cannot be encrypted) on a USB stick, so that if anyone
>> got the laptop, they had no access to the data.
> 
> Why does putting /boot on a USB stick gain you anything?

Because an unencrypted /boot may be altered by an attacker without you
noticing it.  Theoretically, the kernel may be replaced by another one
that reports your passphrase to the attacker.

J.
-- 
I feel yawning hollowness whilst talking to people at parties.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

Re: Testing

[Boyd Stephen Smith Jr.]

In <20110126213523.959ac32a...@smtp.hushmail.com>, ced...@hush.ai wrote:
>Testing email functionality.

http://www.debian.org/MailingLists/#codeofconduct

Specifically this point: "Do not send test messages to determine whether your 
mail client is working."
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/


signature.asc
Description: This is a digitally signed message part.

Mplayer question??

[I Rattan]

What is the command to .ogg file to .mp3 file?

Thanks in advance.

-ishwar


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/Pine.GSO.4.64.1101261710390.16746@unknown

Re: Why are my emails not making it to the list?

[Andrei Popescu]

On Mi, 26 ian 11, 21:37:26, Neil Youngman wrote:
> On Wednesday 26 Jan 2011 20:52:34 elbbit wrote:
> > I have replied to several threads now, but my emails are not appearing?
> > 
> > According to the mailman page I am supposed to receive my own copies.
> > Did I miss something?  Do I need to RTFM somewhere?
> 
> I believe it's a Gmail feature the inbound copy of the message is discarded 
> because it already has a copy in the sent folder.

Yes, I've been working around that "feature" by receiving all list mail 
to a different account.

Regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic


signature.asc
Description: Digital signature

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Roman Khomasuridze]

>
> Can work around these package-naming differences?

Sorry for dirty and incomplete solution, it's first that came on my mind.
but on the other hand, you may build something upon this:
 first of all, you need to find packages that have different names.. so you
must issue command:
dpkg --get selections > ubuntu_packages

than on LMDE system create shell script:

#
#!/bin/bash

while read line
do
aptitude search $line
done < "ubuntu_packages" > lmde_packages
#

then with diff, compare these two files - ubuntu_packages and
lmde_packages... after all that you'll know what packages have different
names, are incompatible etc.

chances are (that depends on your current ubuntu installation) that there
will be close to zero incompatibilities package naming mismatches...

hope that helps.


Regards

Roman

Re: Why are my emails not making it to the list?

[Wayne Topa]

On 01/26/2011 03:52 PM, elbbit wrote:

I have replied to several threads now, but my emails are not appearing?

According to the mailman page I am supposed to receive my own copies.
Did I miss something?  Do I need to RTFM somewhere?

Thanks in advance.



You are on gmail.  They (it) does not send you copies of your own mail.
If you are using icedove set it to put a copy of your sent mail into the
D-U folder.

Wayne


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/4d4099e9.8080...@gmail.com

Re: Linux disk partition encryption

[Celejar]

On Wed, 26 Jan 2011 16:21:41 -0500
Brad Alexander  wrote:

> Because if your laptop gets stolen, the odds are that they will not
> get the USB drive. Thus, it is another layer of security. Plus, if
> they have /boot, they will be prompted for the passphrase, which means
> they can brute force it. If /boot is missing, then all they get is a
> grub message saying "Grub error 11".
> 
> I admit that most people stealing a laptop are more interested in the
> hardware than the data, and that unless you are running a custom
> kernel, it wouldn't be rocket science to generate a new /boot, but
> again, it is another layer and would probably dissuade the script
> kiddy.

What I meant was just that it's trivial to write a /boot, so there's no
real security gain.

> --b
> 
> On Wed, Jan 26, 2011 at 4:01 PM, Celejar  wrote:
> > [Please don't cc me on replies.]
> >
> > On Wed, 26 Jan 2011 15:48:15 -0500
> > Brad Alexander  wrote:
> >
> > ...
> >
> >> Linux admins used LUKS, and as a further step, I put /boot (the only
> >> partition that cannot be encrypted) on a USB stick, so that if anyone
> >> got the laptop, they had no access to the data.
> >
> > Why does putting /boot on a USB stick gain you anything?
> >
> > Celejar
> > --
> > foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
> > mailmin.sourceforge.net - remote access via secure (OpenPGP) email
> > ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
> >
> >
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: 
> http://lists.debian.org/aanlktinofcwvlvy1yn4jdxtjvuynhvop4zysy6n74...@mail.gmail.com


Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126165646.1be97ecc.cele...@gmail.com

Re: Why are my emails not making it to the list?

[Neil Youngman]

On Wednesday 26 Jan 2011 20:52:34 elbbit wrote:
> I have replied to several threads now, but my emails are not appearing?
> 
> According to the mailman page I am supposed to receive my own copies.
> Did I miss something?  Do I need to RTFM somewhere?

I believe it's a Gmail feature the inbound copy of the message is discarded 
because it already has a copy in the sent folder.

Neil Youngman


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201101262137.27124...@youngman.org.uk

Re: Debian Squeeze Installation

[Andrei Popescu]

> >>>On Du, 23 ian 11, 13:06:15, Hugo Vanwoerkom wrote:
> I wholeheartedly agree. Except that the current mc for squeeze and
> sid is 4.0.7 which is very unfriendly in that it has moved to skin
> support of which there are none. Better stick with lenny which is
> 4.6.2 which is much friendlier.

and...
 
On Mi, 26 ian 11, 09:18:32, Hugo Vanwoerkom wrote:
> The coloring scheme of mcedit is just unacceptable with that ini
> under 4.0.7, take a look at it.
> Aside from that the color scheme with that ini is weird under 4.0.7,
> totally unlike 4.6.2.
> I went through this on the mc mailing list and got nowhere, my ini
> file was deemed "wrong". But it does exactly what I want it to do on
> 4.6.2 and previous, just that 4.0.7 handles it totally different.
> OK, I would switch to a skin, but there are no skins to be had with
> a light background that keep mcedit as the default has it.

I hardly consider that a reason to advise people to stick with the lenny 
version, especially if they have never used mc and are unlikely to be 
using an old ini file ;)

Regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic


signature.asc
Description: Digital signature

Re: help

[Robert Blair Mason Jr.]

On Wed, 26 Jan 2011 13:41:23 -0500
Padilla Juan Leon II  wrote:

> greetings !
> 
> i just installed my debian 5.0.7 in my laptop.
> 
> i just want to install 3 things in my debian OS
> 
> 1 google chrome
> 2 skype
> 3 adobe flash player
> 
> i read some of the text in the web but i can't install any of those things
> above.
> 
> if you don't mind can you make the instruction very simple im not that very
> good in comp laguage.
> 
> thank you and more power!
> 
> juan padilla


As far as chrome goes, you can easily do this by opening up a terminal (command 
prompt) and typing:

sudo aptitude install chromium-browser

This will prompt you for your password.  The characters in your password will 
not be displayed on the screen (not even as *s or dots), so don't worry if it 
seems like nothing is being typed.

To install flash player on Lenny, you should try the following:

sudo aptitude install flashplugin-nonfree

If this fails, saying something along the lines of "no package found", then you 
should do the following:

sudo echo "deb http://www.backports.org/debian lenny-backports main contrib 
non-free" >> /etc/apt/sources.list
sudo aptitude update
sudo aptitude -t lenny-backports install flashplugin-nonfree
sudo /usr/sbin/update-flashplugin-nonfree --install

Skype can be installed by going here: 
http://www.skype.com/intl/en-us/get-skype/on-your-computer/linux/post-download/ 
and clicking on the "Debian Lenny" link.  This will
download a .deb package that you can install.  You'll want to make note of 
where it downloads it to. There are then two ways to go:

1. Download and install gdebi (sudo aptitude install gdebi), and then just 
clicking on the file should launch a simple window with an easy "install" 
button, or

2. Find what directory you downloaded the .deb to (lets just say its called 
/home/juan/downloads - note that this is CaSe SeNsItIvE) and do the following:

cd /home/juan/downloads
sudo dpkg -i skype-debian_2.1.0.81-1_i386.deb

Note that that's what it was called when I downloaded it, but you should check 
to make sure the filename is the same.  This may have errors with dependency 
resolution, so unless there is a reason you don't want to install gdebi, then 
use it. Also, if you are having trouble with just clicking on it, you can 
invoke gdebi from the command line:

cd /home/juan/downloads
sudo gdebi skype-debian_2.1.0.81-1_i386.deb

again, check the filename and directory, and if you already have issued the cd 
command, you won't need it again.

Hope this helps!

-- 
rbmj


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126213508.3c35f82e@blair-laptop

Testing

[cedric]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Testing email functionality.
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAk1Ak5sACgkQvK3RHH9DvDXMDwP/cYDr5T3Tr+YhPY2rKYa1FFW/uXpw
tU+EWlRQTfZ0D44EM/zdFBXhdOECUmg8R9FFBYM0kmcuIg8ZNAsT+tk+nPn5X7+BgYsE
THxYVXJWaDJrlFS6KjZJMTQwmXc+eTpE2Yy/QWpu0WEytUoUdnxRGS3d5OiYiDpAft66
e+BsP4U=
=unpD
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126213523.959ac32a...@smtp.hushmail.com

Re: loud f'ing noise

[Boyd Stephen Smith Jr.]

In , shawn 
wilson wrote:
>i was messing around with forwarding ports with connectbot (android app) and
>all of a sudden my computer started making this loud beep - solid beep. it's
>still going on now and it's quite distracting. i don't see a pc speaker
>module loaded and this is the the only log entry that was around when it
>started:

Sounds to be like a hardware or case alarm.  There's probably a reset button 
on the case, but you might have to hard reset to clear it up.  Usually, the 
pcspkr module is not very loud.
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/


signature.asc
Description: This is a digitally signed message part.

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Boyd Stephen Smith Jr.]

In <87pqrjxu2t@pobox.com>, Tom Roche wrote:
>Roman Khomasuridze Wed, 26 Jan 2011 23:23:58 +0400
>> one thing you have to take in account while doing
>> "dpkg --get-selections" part: AFAIK Ubuntu package naming [departed]
>> quite much from Debian’s, and thus LMDE's ([especially] python
>> packages as i recall), so you _might_ experience some problems when
>> [you do] "dpkg --set-selections"...
>
>Can work around these package-naming differences?

Short Answer: No.

Long Answer: Sure.  Do the research to determine how to map Ubuntu package 
names to LMDE package names.  There may be some cases where multiple Ubuntu 
packages map to a single LMDE package, or vice versa, or multiple-to-multiple, 
or the mapping might vary depending on the version of the package.

Then, write a script to preform these substitutions on the dpkg-selections-
file.

>If not, how best to prepare or react?

Review error messages and proposed actions to detect things as soon as 
possible.
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/


signature.asc
Description: This is a digitally signed message part.

Re: approx for new "netinst" installation

[Tixy]

On Tue, 2011-01-25 at 22:17 +, Russell L. Harris wrote: 
> And even if I complete a minimal installation, then a subsequent
> invocation of tasksel does not offer all the options which are offered
> during the initial installation.

It does if you use "tasksel --new-install". "man tasksel" shows some
other options as well.

-- 
Tixy   ()  The ASCII Ribbon Campaign (www.asciiribbon.org)
   /\  Against HTML e-mail and proprietary attachments


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1296077333.8278.3.ca...@computer2.home

Re: Linux disk partition encryption

[Brad Alexander]

Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it. If /boot is missing, then all they get is a
grub message saying "Grub error 11".

I admit that most people stealing a laptop are more interested in the
hardware than the data, and that unless you are running a custom
kernel, it wouldn't be rocket science to generate a new /boot, but
again, it is another layer and would probably dissuade the script
kiddy.

--b

On Wed, Jan 26, 2011 at 4:01 PM, Celejar  wrote:
> [Please don't cc me on replies.]
>
> On Wed, 26 Jan 2011 15:48:15 -0500
> Brad Alexander  wrote:
>
> ...
>
>> Linux admins used LUKS, and as a further step, I put /boot (the only
>> partition that cannot be encrypted) on a USB stick, so that if anyone
>> got the laptop, they had no access to the data.
>
> Why does putting /boot on a USB stick gain you anything?
>
> Celejar
> --
> foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
> mailmin.sourceforge.net - remote access via secure (OpenPGP) email
> ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
>
>


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktinofcwvlvy1yn4jdxtjvuynhvop4zysy6n74...@mail.gmail.com

loud f'ing noise

[shawn wilson]

i was messing around with forwarding ports with connectbot (android app) and
all of a sudden my computer started making this loud beep - solid beep. it's
still going on now and it's quite distracting. i don't see a pc speaker
module loaded and this is the the only log entry that was around when it
started:
root@shawn-desktop:~# tail -4 /var/log/kern.log
Jan 26 16:02:01 shawn-desktop kernel: [1459082.839342] type=1400
audit(1296075721.353:597): avc:  denied  { read } for  pid=29308
comm="hostname" scontext=system_u:system_r:hostname_t:s0-s0:c0.c255
tcontext=system_u:system_r:hostname_t:s0-s0:c0.c255
tclass=netlink_route_socket
Jan 26 16:02:01 shawn-desktop kernel: [1459082.839531] type=1400
audit(1296075721.353:598): avc:  denied  { search } for  pid=29308
comm="hostname" name="/" dev=tmpfs ino=4460
scontext=system_u:system_r:hostname_t:s0-s0:c0.c255
tcontext=system_u:object_r:var_run_t:s0 tclass=dir
Jan 26 16:05:01 shawn-desktop kernel: [1459262.861555] __ratelimit: 9
callbacks suppressed
Jan 26 16:05:01 shawn-desktop kernel: [1459262.861565] type=1400
audit(1296075901.372:602): avc:  denied  { transition } for  pid=30318
comm="cron" path="/bin/dash" dev=sda1 ino=16154628
scontext=system_u:system_r:crond_t:s0
tcontext=system_u:system_r:initrc_t:s0-s0:c0.c255 tclass=process

and the module list:
root@shawn-desktop:~# lsmod
Module  Size  Used by
binfmt_misc 7960  1
microcode  13627  0
dm_crypt   13043  0
rfcomm 40393  4
snd_intel8x0   31187  0
snd_ac97_codec125394  1 snd_intel8x0
ac97_bus1450  1 snd_ac97_codec
snd_pcm_oss41394  0
snd_mixer_oss  16299  1 snd_pcm_oss
snd_pcm87946  3 snd_intel8x0,snd_ac97_codec,snd_pcm_oss
sco 9649  2
snd_seq_dummy   1782  0
bridge 53216  0
snd_seq_oss31191  0
snd_seq_midi5829  0
stp 2171  1 bridge
snd_rawmidi23420  1 snd_seq_midi
bnep   11884  2
snd_seq_midi_event  7267  2 snd_seq_oss,snd_seq_midi
i5000_edac  9254  0
l2cap  34807  16 rfcomm,bnep
snd_seq57481  6
snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_seq_midi_event
snd_timer  23649  2 snd_pcm,snd_seq
snd_seq_device  6888  5
snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_rawmidi,snd_seq
edac_core  45423  3 i5000_edac
snd71251  10
snd_intel8x0,snd_ac97_codec,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_seq_oss,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
soundcore   8052  1 snd
snd_page_alloc  8500  2 snd_intel8x0,snd_pcm
i5k_amb 5320  0
btusb  13001  2
ppdev   6375  0
shpchp 33711  0
ioatdma42737  9
dca 6637  1 ioatdma
parport_pc 29958  1
psmouse64576  0
serio_raw   4918  0
bluetooth  58685  9 rfcomm,sco,bnep,l2cap,btusb
lp  9336  0
parport37160  3 ppdev,parport_pc,lp
fbcon  39270  71
tileblit2487  1 fbcon
font8053  1 fbcon
bitblit 5811  1 fbcon
softcursor  1565  1 bitblit
vga16fb12757  0
vgastate9857  1 vga16fb
nouveau   515227  1
drm_kms_helper 30742  1 nouveau
aic79xx   154147  0
floppy 63156  0
scsi_transport_spi 26284  1 aic79xx
ahci   37870  0
drm   198948  3 nouveau,ttm,drm_kms_helper
i2c_algo_bit6024  1 nouveau
e1000e136269  0

and other info
root@shawn-desktop:~# cat /proc/version
Linux version 2.6.32-27-generic (buildd@crested) (gcc version 4.4.3 (Ubuntu
4.4.3-4ubuntu5) ) #49-Ubuntu SMP Thu Dec 2 00:51:09 UTC 2010
root@shawn-desktop:~# uname -a
Linux shawn-desktop 2.6.32-27-generic #49-Ubuntu SMP Thu Dec 2 00:51:09 UTC
2010 x86_64 GNU/Linux
root@shawn-desktop:~# file /sbin/init
/sbin/init: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV),
dynamically linked (uses shared libs), for GNU/Linux 2.6.15, stripped


now, this machine is a sql and web server. i don't even have xwindows
running on it right now, so any suggestions of modules to kill make this
stop or any logs that i might send for what might be causing this or how to
make this stop.. i can't really think with this noise, so i might be
missing something - let me know.

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Tom Roche]

Tom Roche Wed, 26 Jan 2011 13:23:37 -0500
>> The final thing I believe I need to do [to migrate Ubuntu -> LMDE] is
>> to backup the list of currently-active (installed and selected)
>> packages so as to be able to restore them quickly and completely in
>> the new environment, so that I don't need to manually install, e.g.,
>> chromium and emacs. Am I missing anything? If not:

>> From other reading, one way to do this is

>> # in terminal in ubuntu
>> dpkg --get-selections > "${PACKAGE_FILE}"
>> # in terminal in LMDE
>> sudo dpkg --set-selections < "${PACKAGE_FILE}"
>> sudo apt-get dselect-upgrade
>> sudo aptitude update
>> sudo aptitude -s full-upgrade

Roman Khomasuridze Wed, 26 Jan 2011 23:23:58 +0400
> one thing you have to take in account while doing
> "dpkg --get-selections" part: AFAIK Ubuntu package naming [departed]
> quite much from Debian’s, and thus LMDE's ([especially] python
> packages as i recall), so you _might_ experience some problems when
> [you do] "dpkg --set-selections"...

Can work around these package-naming differences?
If not, how best to prepare or react?

thanks for your assistance, Tom Roche 


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87pqrjxu2t@pobox.com

Re: Why are my emails not making it to the list?

[Bob Proulx]

elbbit wrote:
> I have replied to several threads now, but my emails are not appearing?

I see four messages from you in the past little bit.  As far as I
can see your messages are making it to the mailing list fine.

> According to the mailman page I am supposed to receive my own copies.
> Did I miss something?  Do I need to RTFM somewhere?

  http://lists.debian.org/debian-user/2011/01/msg01315.html
  http://lists.debian.org/debian-user/2011/01/msg01520.html
  http://lists.debian.org/debian-user/2011/01/msg01828.html
  http://lists.debian.org/debian-user/2011/01/msg01836.html

Perhaps you are blocking the list on your end?

Bob


signature.asc
Description: Digital signature

Re: help

[Alan Hutchinson]

Hi people ,I just recently installed Debian -507-i38 , and I have bean
trying to install ndiswrapper-1.9 but every time I try to install the driver
I get >>
 sudo ndiswrapper -i NetA3AB.inf
couldn't open NetA3AB.inf: No such file or directory at
/usr/sbin/ndiswrapper-1.9 line 219.
why cant ndiswrapper find the NetA3AB.inf ? Driver file,the Wi Fi card is
¨WDA-2320 D-Link >> Atheros AR5212/AR5213 ,chip set 168C:0013 if you could
pleas get get to me on this matter, I have bean working on this since about
mid 2010, thanks in advance.

On Wed, Jan 26, 2011 at 12:20 PM, Hans-J. Ullrich wrote:

> Am Mittwoch, 26. Januar 2011 schrieb Camaleón:
> > On Wed, 26 Jan 2011 20:54:01 +0100, Johan Grönqvist wrote:
> > > 2011-01-26 20:16, Hans-J. Ullrich skrev:
> > >> Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:
> > (...)
> >
> > >>> 3 adobe flash player
> > >>
> > >> There is no package for adobe flashplayer, but you can install the
> > >> package "flashplayer-unfree" from the repository, which includes a
> > >> script for installing adobes flashplayer. Works best with iceweasel.
> > >> Both architectures are supported.
> > >
> > > That would be flashplugin-nonfree, and it is available in the "contrib"
> > > repository, which has to be activated.
> > >
> > > According to the wiki-page the flashplugin may not work with debian
> > > 5.0.7 (Lenny), but may need debian 6.0 (squeeze).
> >
> > Uh? How bad! :-(
> >
> > Anyway, you can always get it from Adobe site:
> >
> > http://get.adobe.com/flashplayer/
> >
> > Installation should be straight-forward (download the "tar.gz" and put
> > the extracted "*.so" file under the plugins directory, system-wide or
> > under the user's browser profile).
> >
> > Greetings,
>
> Yes guys, you are right. Sorry for that, I meant "flashplugin-nonfree", and
> yes, I am running squeeze.
>
> Besides, I personally recommend squeeze, as squeeze will be very soon
> becoming
> stable, and it is running without any problems on any of my systems (32-bit
> and 64-bit). IMO lenny is nowadays a little bit old, with kde3 and old
> kernel,
> although lenny is very well tested. The decision, which one to use, must
> one
> do for himself.
>
> IMO lenny might cause more problems at special wishes, than squeeze, just
> because of outdated packages. But that is only my personal opinion.
>
> Just ask for any help.
>
> Have fun!
>
> Hans
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org
> Archive: http://lists.debian.org/201101262120.55144.hans.ullr...@loop.de
>
>

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Brad Alexander]

Hi Tom,

On Wed, Jan 26, 2011 at 1:23 PM, Tom Roche  wrote:

> >From other reading, one way to do this is
>
> # in terminal in ubuntu
> dpkg --get-selections > "${PACKAGE_FILE}"
> # in terminal in LMDE
> sudo dpkg --set-selections < "${PACKAGE_FILE}"
> sudo apt-get dselect-upgrade
> sudo aptitude update
> sudo aptitude -s full-upgrade

I'm not sure whether you can do it with aptitude alone, but this
method should work. The only issue may be if there are packages in
Ubuntu that are not in LMDE. Also, if you do the aptitiude update
prior to the dselect-upgrade, I don't think you'll need the last
full-upgrade...But again, I've always gone through Debian, so all bets
may be off going Ubuntu -> LMDE.

> Is that correct? If so:
>
> I've been managing its packages exclusively with `aptitude` and would
> prefer to continue doing so. I'd like to know,
>
> 1 Is there a way to do all of the above using only `aptitude`?
>
> if not,
>
> 2 Is there a way to do all of the above using only `aptitude` and `dpkg`?
>  I.e. is there an `aptitude` equivalent of `apt-get dselect-upgrade`?
>  FWIW I don't see that argument in `info aptitude`.
>
> alternatively,
>
> 3 Is there a reason to prefer the [`dpkg`, `apt-get`, `aptitude`]
>  workflow above to a purely-`aptitude` workflow for this usecase?

Well, for me, dpkg + apt-get is what works. Plus I back up the package
lists, drive partitions, etc daily.

> If possible please reply to me as well as the list (I'm on the digest),
> and TIA, Tom Roche 
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: http://lists.debian.org/87y667y15i@pobox.com
>
>
--b


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/AANLkTim89VeMGk+7XoY4=dt_yq5gpawj9w4lzldpq...@mail.gmail.com

Re: Linux disk partition encryption

[Celejar]

[Please don't cc me on replies.]

On Wed, 26 Jan 2011 15:48:15 -0500
Brad Alexander  wrote:

...

> Linux admins used LUKS, and as a further step, I put /boot (the only
> partition that cannot be encrypted) on a USB stick, so that if anyone
> got the laptop, they had no access to the data.

Why does putting /boot on a USB stick gain you anything?

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126160149.39fd71f2.cele...@gmail.com

Re: Weird server mystery: self-reset, mostly

[Bob Proulx]

will trillich wrote:
> Never seen this before -- all daemons and all user processes killed. Zap. It
> happened around 23:17 Chicago time (that's when the log-daemons quit
> logging). What would cause this?
> ...
> will@darth:~$ uptime
>  23:58:11 up 583 days,  3:03,  6 users,  load average: 0.00, 0.02, 0.08

You have not rebooted your system in 583 days meaning that you have
NOT taken any of the posted Linux kernel security upgrades in that
time period.  You may have been hit by any of the cracks running in
the wild that are known and fixed but you have not installed.  After a
couple of years of being vulnerable to security issues it could be
anything.  You should install security upgrades and reboot to activate
the new kernels otherwise you are not protected.

Here is a quick list of just the Linux kernel Debian Security
Advisories.

  http://www.debian.org/security/2010/dsa-2126
  http://www.debian.org/security/2010/dsa-2110
  http://www.debian.org/security/2010/dsa-2094
  http://www.debian.org/security/2010/dsa-2053
  http://www.debian.org/security/2010/dsa-2012
  http://www.debian.org/security/2010/dsa-2005
  http://www.debian.org/security/2010/dsa-2003
  http://www.debian.org/security/2010/dsa-1996
  http://www.debian.org/security/2009/dsa-1929
  http://www.debian.org/security/2009/dsa-1928
  http://www.debian.org/security/2009/dsa-1927
  http://www.debian.org/security/2009/dsa-1915
  http://www.debian.org/security/2009/dsa-1872
  http://www.debian.org/security/2009/dsa-1865
  http://www.debian.org/security/2009/dsa-1864
  http://www.debian.org/security/2009/dsa-1862
  http://www.debian.org/security/2009/dsa-1845
  http://www.debian.org/security/2009/dsa-1844
  http://www.debian.org/security/2009/dsa-1809
  http://www.debian.org/security/2009/dsa-1800
  http://www.debian.org/security/2009/dsa-1794
  http://www.debian.org/security/2009/dsa-1787
  http://www.debian.org/security/2009/dsa-1749

Subscribe to security-announce and keep updated.

Bob


signature.asc
Description: Digital signature

Why are my emails not making it to the list?

[elbbit]

I have replied to several threads now, but my emails are not appearing?

According to the mailman page I am supposed to receive my own copies.
Did I miss something?  Do I need to RTFM somewhere?

Thanks in advance.

-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d408992.2080...@gmail.com

Re: Linux disk partition encryption

[Brad Alexander]

On Wed, Jan 26, 2011 at 9:29 AM, Celejar  wrote:

> A partition cannot be mounted; filesystems can.  If the partition is
> encrypted, no filesystem will be visible.  If you mean to ask whether
> someone analyzing the disk will be able to detect an encrypted
> datastore, in general the answer is probably yes.  There may be some
> methods to prevent that, but I'm unfamiliar with them.


Basically, the primary way to slow down this analysis is to write
random data to the entire hard drive. This is how the full-disk LUKS
encryption works from the installer. Obviously, since the OP is only
wanting to encrypt certain directories, this has limited utility.

However, IMHO, if you are considering building or rebuilding a
machine, you should consider using the full-disk LUKS encryption. I
have been using it for years on a number of machines in a variety of
settings. In fact, in my last job, it was required for laptops that
their drives be encrypted (it was mainly a Mac/Windows shop), so we
Linux admins used LUKS, and as a further step, I put /boot (the only
partition that cannot be encrypted) on a USB stick, so that if anyone
got the laptop, they had no access to the data.

The way I set it up is as follows:

Hard drive
  --> /boot partition
  --> encrypted swap partition (filled w/random data)
  --> rest of disk for encryption (filled w/random data)
--> LVM
--> filesystems

As you can see, the LVM and filesystems are within the encrypted
portion of the disk. On boot, I am prompted for my passphrase, and
once I give it, the filesystems are made available and booting
continues. It is possible to place key files on other media and be
able to, for instance, boot from a USB key or even boot one encrypted
partition from a key file on another encrypted partition. I have done
this before, as I have not been able to figure out how to get one
encrypted partition to traverse multiple drives.) An additional
benefit is that having a key file on another encrypted partiton means
that you only have to unlock one partition with a passphrase. The rest
will be decrypted automatically.

Further reading (Ubuntu has some really good docs on this):
https://help.ubuntu.com/community/EncryptedFilesystemHowto
http://main.uab.edu/Sites/it/faqs/63837/
There are a number of other Ubuntu EncryptedFilesystemHowto docs,
ranging in age from 6.06 to present. Search on help.ubuntu.com...

--b


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/AANLkTikyHiEaTunK3qEFzG=egvinnbugxnbwp1r8_...@mail.gmail.com

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Boyd Stephen Smith Jr.]

In <87y667y15i@pobox.com>, Tom Roche wrote:
>summary: I'm preparing to migrate a laptop from Ubuntu Lucid to Linux
>Mint Debian Edition 10 and want to have the same packages (c.p.) active
>after the migration. I believe I know how to migrate the packages using
>`dpkg` and `apt-get`, but would prefer to migrate the packages using
>`aptitude` alone. Is this possible? Are there reasons not to do this?

There are plenty of reasons not to do it that way.  It's not supported by the 
LMDE team or the Ubuntu team would be the first one.  Package names varying 
between distributions is the other big one.  There's quite a lot that can go 
wrong so I hope you are comfortable with your package manager.

># in terminal in ubuntu
>dpkg --get-selections > "${PACKAGE_FILE}"
># in terminal in LMDE
>sudo dpkg --set-selections < "${PACKAGE_FILE}"

I think this loses the information on what package as "automatically 
installed" which can ease upgrades.  I think the easiest way to access that 
right now is through aptitude, but I know that information was supposed to be 
stored by APT, at least post-Squeeze.

(FWIW, I'm not as familiar with Ubuntu as I am with Debian and I've never used 
LMDE.)

>sudo apt-get dselect-upgrade
>sudo aptitude update
>sudo aptitude -s full-upgrade
>
>Is that correct? If so:
>
>I've been managing its packages exclusively with `aptitude` and would
>prefer to continue doing so. I'd like to know,
>
>1 Is there a way to do all of the above using only `aptitude`?

If you aren't picky about specific *versions* of the packages, I think so.  
It's unlikely you'll be able to preserve much version information anyway since 
your are migrating between distributions.

# Source
aptitude search '~i' --disable-columns -F '%p' > installed_packages
aptitude search '~i~M' --disable-columns -F '%p' > auto_installed_packages

# Destination
sudo aptitude purge --schedule-only '~i'
sudo xargs -- aptitude install --schedule-only < installed_packages
sudo xargs -- aptitude markauto --schedule-only < auto_installed_packages

That should handle everything you did with dpkg, but without even the pretense 
of preserving version numbers.

>2 Is there a way to do all of the above using only `aptitude` and `dpkg`?
>  I.e. is there an `aptitude` equivalent of `apt-get dselect-upgrade`?
>  FWIW I don't see that argument in `info aptitude`.

No, although aptitude does something similar when simply run as (aptitude 
install).  It tries to satisfy the current selections even if the specific 
versions requested are not available.  I propose this instead:

# After dpkg stuff (or aptitude stuff above)
sudo aptitude
press 'U'
press 'e'
Use interactive resolver to get your system in a consistent state.  You 
can use this simple process: Are the proposed actions acceptable?  If so, 
press '!'.  If not, highlight the least acceptable action, press 'r' then '.' 
and repeat.
press 'g'
Final confirmation of actions.
press 'g'

That said, I've never tried something this big and messy with aptitude.  I'm 
also a big fan of the interactive resolver and the CUI.  You might try the 
much more risky (sudo aptitude -y install) instead of using the CUI if you 
don't like it.

>3 Is there a reason to prefer the [`dpkg`, `apt-get`, `aptitude`]
>  workflow above to a purely-`aptitude` workflow for this usecase?

Probably not.  That said, the aptitude and apt-get resolvers do differ in 
their behavior, so if you run into dependency problems, it might be worth it 
to use both tools.

I wouldn't do something like you are proposing anyway, but it seems like most 
(if not all) the problems with the migration should be caught by the package 
managers.  If you can make them happy, I think your system will probably be 
fine after the migration.
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/


signature.asc
Description: This is a digitally signed message part.

Re: Weird server mystery: self-reset, mostly

[will trillich]

Ooh, hadn't noticed that. "I'm sorry, Dave, I'm afraid I can't do that..."
:)

So... Nobody else has had a weird
shut-down-all-user-processes-and-all-daemons event? I must be special!


On Wed, Jan 26, 2011 at 1:58 PM, elbbit  wrote:

> On 26/01/11 01:26, will trillich wrote:
> > In kern.log there's only
> > Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault
> at
> > 10c00b ip  sp deadc01d error 6
> 
>
> Am I the only one to see "Dead Cold" in there?  That error code right
> THERE is freaky enough on it's own.
>
> Who knows... maybe the internet is becoming self aware.
>
>
> --
>
> elbbit
>



-- 
-- 
will trillich -- http://faq.serensoft.com/
"The truth is that many people set rules to keep
from making decisions." -- Mike Krzyzewski

Re: Linux disk partition encryption

[Celejar]

On Wed, 26 Jan 2011 14:13:09 -0600
green  wrote:

> Hopefully your questions have been answered.  I used cryptsetup and LUKS for 
> 2 
> partitions.  I have never had exactly 0 problems with it.  LUKS support for 
> multiple passwords has been helpful.

I've had several problems:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541835
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524485
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588697

That first one was a real head-scratcher, causing a fair amount of time
and aggravation.  It baffled the the Debian maintainer, as well as
kernel devs, for a while.

> Now I don't remember that you actually requested a HOWTO, but here it is 
> anyway.
> 
> It is easy, just:
> 1. Create/choose partition

It is often suggested to first write random data to the partition, to
make attacks more difficult, e.g.:

http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian

> 2. cryptsetup luksFormat /dev/sdxn (Give it a passphrase and verify)
> 3. cryptsetup luksOpen /dev/sdxn name (give it the passphrase)
> 4. mkfs /dev/mapper/name
> 5. Add a line to /etc/crypttab
> 6. Add a line to /etc/fstab
> 7. mount /dev/mapper/name /mnt/point
> 
> Now everything should be operational and should show up the same way on a 
> reboot (will ask you for the passphrase).

You can also look into using keyfiles, as I mentioned in another
message in this thread.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126153524.c718f9ec.cele...@gmail.com

Re: help

[Hans-J. Ullrich]

Am Mittwoch, 26. Januar 2011 schrieb Camaleón:
> On Wed, 26 Jan 2011 20:54:01 +0100, Johan Grönqvist wrote:
> > 2011-01-26 20:16, Hans-J. Ullrich skrev:
> >> Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:
> (...)
> 
> >>> 3 adobe flash player
> >> 
> >> There is no package for adobe flashplayer, but you can install the
> >> package "flashplayer-unfree" from the repository, which includes a
> >> script for installing adobes flashplayer. Works best with iceweasel.
> >> Both architectures are supported.
> > 
> > That would be flashplugin-nonfree, and it is available in the "contrib"
> > repository, which has to be activated.
> > 
> > According to the wiki-page the flashplugin may not work with debian
> > 5.0.7 (Lenny), but may need debian 6.0 (squeeze).
> 
> Uh? How bad! :-(
> 
> Anyway, you can always get it from Adobe site:
> 
> http://get.adobe.com/flashplayer/
> 
> Installation should be straight-forward (download the "tar.gz" and put
> the extracted "*.so" file under the plugins directory, system-wide or
> under the user's browser profile).
> 
> Greetings,

Yes guys, you are right. Sorry for that, I meant "flashplugin-nonfree", and 
yes, I am running squeeze. 

Besides, I personally recommend squeeze, as squeeze will be very soon becoming 
stable, and it is running without any problems on any of my systems (32-bit 
and 64-bit). IMO lenny is nowadays a little bit old, with kde3 and old kernel, 
although lenny is very well tested. The decision, which one to use, must one 
do for himself.

IMO lenny might cause more problems at special wishes, than squeeze, just 
because of outdated packages. But that is only my personal opinion.

Just ask for any help.

Have fun!

Hans



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201101262120.55144.hans.ullr...@loop.de

Re: Linux disk partition encryption

[green]

Hopefully your questions have been answered.  I used cryptsetup and LUKS for 2 
partitions.  I have never had exactly 0 problems with it.  LUKS support for 
multiple passwords has been helpful.

Now I don't remember that you actually requested a HOWTO, but here it is 
anyway.

It is easy, just:
1. Create/choose partition
2. cryptsetup luksFormat /dev/sdxn (Give it a passphrase and verify)
3. cryptsetup luksOpen /dev/sdxn name (give it the passphrase)
4. mkfs /dev/mapper/name
5. Add a line to /etc/crypttab
6. Add a line to /etc/fstab
7. mount /dev/mapper/name /mnt/point

Now everything should be operational and should show up the same way on a 
reboot (will ask you for the passphrase).


signature.asc
Description: Digital signature

Re: help

[Camaleón]

On Wed, 26 Jan 2011 20:54:01 +0100, Johan Grönqvist wrote:

> 2011-01-26 20:16, Hans-J. Ullrich skrev:
>> Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:

(...)

>>> 3 adobe flash player
>> There is no package for adobe flashplayer, but you can install the
>> package "flashplayer-unfree" from the repository, which includes a
>> script for installing adobes flashplayer. Works best with iceweasel.
>> Both architectures are supported.
>>
>>
> That would be flashplugin-nonfree, and it is available in the "contrib"
> repository, which has to be activated.
> 
> According to the wiki-page the flashplugin may not work with debian
> 5.0.7 (Lenny), but may need debian 6.0 (squeeze).

Uh? How bad! :-(

Anyway, you can always get it from Adobe site:

http://get.adobe.com/flashplayer/

Installation should be straight-forward (download the "tar.gz" and put 
the extracted "*.so" file under the plugins directory, system-wide or 
under the user's browser profile).

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/pan.2011.01.26.20.05...@gmail.com

Re: Weird server mystery: self-reset, mostly

[elbbit]

On 26/01/11 01:26, will trillich wrote:
> In kern.log there's only
> Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault at
> 10c00b ip  sp deadc01d error 6


Am I the only one to see "Dead Cold" in there?  That error code right
THERE is freaky enough on it's own.

Who knows... maybe the internet is becoming self aware.


-- 

elbbit


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d407ce7.2080...@gmail.com

Re: help

[Johan Grönqvist]

2011-01-26 20:16, Hans-J. Ullrich skrev:

Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:

i just installed my debian 5.0.7 in my laptop.



1 google chrome

Chrome and chromium-browser are in the repository and can be installed using
aptitude or apt. If you do not know, how, read the documentation of apt.
You can also use synaptic, but aptitude is recommended.


That is correct, but they are not in the man debian repositories  debian 
5.0.7, so you have to add extra repositories for chromium-browser. See 
links at end of this message.


The next version of debian, 6.0 (also known as "squeeze"), will be 
released in less than two weeks, and therein you will find chromium in 
the debian repositories. If you are just starting with debian, I would 
recommend installing that version. Either from the release candidate 
installer, or by waiting two weeks and then installing it.



3 adobe flash player

There is no package for adobe flashplayer, but you can install the package
"flashplayer-unfree" from the repository, which includes a script for
installing adobes flashplayer. Works best with iceweasel. Both architectures
are supported.



That would be flashplugin-nonfree, and it is available in the "contrib" 
repository, which has to be activated.


According to the wiki-page the flashplugin may not work with debian 
5.0.7 (Lenny), but may need debian 6.0 (squeeze).



i read some of the text in the web but i can't install any of those things
above.


Did you find the following?






if you don't mind can you make the instruction very simple im not that very
good in comp laguage.


Have a look at the links to the debian wiki and ask again if you fail. 
(And do not be discouraged by initial problems, I had lots of them.)




Have fun.

/ johan


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/ihpu4s$ne$1...@dough.gmane.org

Re: Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Roman Khomasuridze]

It's not the direct answer to your question, because I'm not quite sure you
can do all this with aptitude.
BUT, there's one thing you have to take in account while doing "dpkg
--get-selections" part: AFAIK Ubuntu package naming derived quite much from
Debian’s, and thus LMDE's (espesically python packages as i recall), so you
_might_ experience some problems when you'll "dpkg --set-selections"...


btw,

> 3 Is there a reason to prefer the [`dpkg`, `apt-get`, `aptitude`]
>  workflow above to a purely-`aptitude` workflow for this usecase?
>

Yes, there is reason: it is well tested path...

Regards

Roman


>
>
>

Re: help

[Hans-J. Ullrich]

Am Mittwoch, 26. Januar 2011 schrieb Padilla Juan Leon II:
> greetings !
> 

Hi Padilla,

> i just installed my debian 5.0.7 in my laptop.
> 

Good choice!

> i just want to install 3 things in my debian OS
> 
> 1 google chrome
Chrome and chromium-browser are in the repository and can be installed using 
aptitude or apt. If you do not know, how, read the documentation of apt.
You can also use synaptic, but aptitude is recommended.

> 2 skype

Skype can be downloaded at the skype site. You can install it by 
using "dpkg -i skype-bla-whatever.deb". If libs are missing, use them from the 
repository, then try again. Runs only on 32-bit systems, but using 32-bit-libs  
of a chroot you can run it on 64-bit systems.

> 3 adobe flash player
There is no package for adobe flashplayer, but you can install the package 
"flashplayer-unfree" from the repository, which includes a script for 
installing adobes flashplayer. Works best with iceweasel. Both architectures 
are supported. 

> 
> i read some of the text in the web but i can't install any of those things
> above.
> 

See above. :=)
> if you don't mind can you make the instruction very simple im not that very
> good in comp laguage.
> 
> thank you and more power!
> 
> juan padilla

Have fun and good luck!

Hans


signature.asc
Description: This is a digitally signed message part.

Re (3): message threading in debian lists.

[peasthope]

From:   Bob Proulx 
Date:   Tue, 18 Jan 2011 21:12:47 -0700
> And you have been having such trouble with your vpn(s).  To me that is
> like a house of cards.  A light breeze blows it over.  In order to be
> more robust it needs to be simpler, less rigid, and more flexible.

Iprovements in progress.  Will reply after my documentation page 
is updated.

> But you asked the question!  :-) It isn't fair to ask a question, get
> an answer, and then complain about it.  :-)  That is dirty dealing!

OK, sorry, sorry.  My disappointment is with http://lists.debian.org/ ; 
not with your answer.  I've added this section. 
  
"http://wiki.debian.org/DebianMailingLists#MessageThreadingandReplyingtoaQuestion";
The preceeding sub-section, "How to continue a discussion",  is inadequate.

Some archived messages have links under the heading "References".
In some cases there is more than one "layer" of reference.  Presumeably 
the list software traces back recursively.  Also there are "Follow-ups".
A retroactive edit must occur to make one of these.  Any additional 
ideas?

If there are any comments or suggestions I am happy to continue work 
on the wiki page.  Anyone who is registered can edit the page of course.

Regards,  ... Peter E.





-- 
Telephone 1 360 450 2132.
Shop pages http://carnot.yi.org/ accessible as long as the old drives survive.
Personal pages http://members.shaw.ca/peasthope/ .


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/171056890.45653.31504@cantor.invalid

Re: Re: debian - ubuntu

[artorius]

Yes ... the error appears in Ubuntu and i was thinking if it depends on
a bad iso that i have burned.

Now i'm looking for on an Ubuntu mailing list. 

thank you.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1296067991.5418.5.camel@dhcppc0

Re: Re: debian - ubuntu

[artorius]

  thank you ... artorius to Mr. Tsang

Computer



Summary
---

-Computer-
Processor   : Intel(R) Pentium(R) M processor 1400MHz
Memory  : 256MB (173MB used)
Operating System: Debian GNU/Linux 5.0.8
User Name   : arthur (iuza3)
Date/Time   : Wed 26 Jan 2011 07:46:00 PM CET
-Display-
Resolution  : 1024x768 pixels
OpenGL Renderer : Unknown
X11 Vendor  : The X.Org Foundation
-Multimedia-
Audio Adapter   : ICH4 - Intel 82801DB-ICH4
Audio Adapter   : ICH-MODEM - Intel 82801DB-ICH4 Modem
-Input Devices-
 AT Translated Set 2 keyboard
 Power Button (FF)
 Sleep Button (CM)
 Lid Switch
 Video Bus
 PC Speaker
 SynPS/2 Synaptics TouchPad
 PS/2 Generic Mouse
-Printers-
No printers found
-IDE Disks-
HITACHI_DK23FA-30
Compaq DVD-ROM DV28EB
-SCSI Disks-

Operating System


-Version-
Kernel  : Linux 2.6.26-2-686 (i686)
Compiled: #1 SMP Thu Nov 25 01:53:57 UTC 2010
C Library   : GNU C Library version 2.7 (stable)
Distribution: Debian GNU/Linux 5.0.8
-Current Session-
Computer Name   : dhcppc0
User Name   : iuza3 (iuza3)
Home Directory  : /home/iuza3
Desktop Environment : GNOME 2.20 (session name: Default)
-Misc-
Uptime  : 3 hours, 17 minutes
Load Average: 0.26, 0.15, 0.11

Kernel Modules
--

-Loaded Modules-
radeon  : ATI Radeon
drm : DRM shared core routines
appletalk   : AppleTalk 0.20
rfcomm  : Bluetooth RFCOMM ver 1.8
l2cap   : Bluetooth L2CAP ver 2.9
bluetooth   : Bluetooth Core ver 2.11
nfsd
lockd   : NFS file locking service version 0.5.
nfs_acl
auth_rpcgss
sunrpc
exportfs
ppdev
lp
acpi_cpufreq: ACPI Processor P-States Driver
cpufreq_ondemand: 'cpufreq_ondemand' - A dynamic 
cpufreq
governor for Low Latency Frequency Transition capable processors
cpufreq_userspace   : CPUfreq policy governor 'userspace'
cpufreq_stats   : 'cpufreq_stats' - A driver to export cpufreq
stats through sysfs filesystem
freq_table  : CPUfreq frequency table helpers
cpufreq_conservative: 'cpufreq_conservative' - A dynamic
cpufreq governor for Low Latency Frequency Transition capable processors
optimised for use in a battery environment
cpufreq_powersave   : CPUfreq policy governor 'powersave'
ipv6: IPv6 protocol stack for Linux
loop
pcmcia  : PCMCIA Driver Services
firmware_class  : Multi purpose firmware loading support
joydev  : Joystick device interfaces
arc4: ARC4 Cipher Algorithm
ecb : ECB block cipher algorithm
crypto_blkcipher: Generic block chaining cipher type
irtty_sir   : IrDA TTY device driver
sir_dev : IrDA SIR core
smsc_ircc2  : SMC IrCC SIR/FIR controller driver
irda: The Linux IrDA Protocol Stack
parport_pc  : PC-style parallel port driver
parport
crc_ccitt   : CRC-CCITT calculations
pcspkr  : PC Speaker beeper driver
ath5k   : Support for 5xxx series of Atheros 802.11 wireless LAN cards.
mac80211: IEEE 802.11 subsystem
serio_raw   : Raw serio driver
cfg80211: wireless configuration support
yenta_socket
rsrc_nonstatic
pcmcia_core : Linux Kernel Card Services
psmouse : PS/2 mouse driver
snd_intel8x0: Intel 82801AA,82901AB,i810,i820,i830,i840,i845,MX440;
SiS 7012; Ali 5455
snd_intel8x0m   : Intel 82801AA,82901AB,i810,i820,i830,i840,i845,MX440;
SiS 7013; NVidia MCP/2/2S/3 modems
snd_ac97_codec  : Universal interface for Audio Codec '97
ac97_bus
snd_pcm : Midlevel PCM code for ALSA.
snd_seq : Advanced Linux Sound Architecture sequencer.
snd_timer   : ALSA timer interface
snd_seq_device  : ALSA sequencer device management
i2c_i801: I801 SMBus driver
snd : Advanced Linux Sound Architecture driver for soundcards.
i2c_core: I2C-Bus main module
soundcore   : Core sound module
snd_page_alloc  : Memory allocator for ALSA system.
rng_core: H/W Random Number Generator (RNG) driver
container   : ACPI container driver
video   : ACPI Video Driver
output  : Display Output Switcher Lowlevel Control Abstraction
wmi : ACPI-WMI Mapping Driver
battery : ACPI Battery Driver
ac  : ACPI AC Adapter Driver
button  : ACPI Button Driver
shpchp  : Standard Hot Plug PCI Controller Driver
pci_hotplug : PCI Hot Plug PCI Core
intel_agp
agpgart : AGP GART driver
evdev   : Input driver event char devices
ext3: Second Extended Filesystem with journaling extensions
jbd
mbcache : Me

help

[Padilla Juan Leon II]

greetings !

i just installed my debian 5.0.7 in my laptop.

i just want to install 3 things in my debian OS

1 google chrome
2 skype
3 adobe flash player

i read some of the text in the web but i can't install any of those things
above.

if you don't mind can you make the instruction very simple im not that very
good in comp laguage.

thank you and more power!

juan padilla

Ubuntu -> LMDE: migrate packages using `aptitude` alone?

[Tom Roche]

summary: I'm preparing to migrate a laptop from Ubuntu Lucid to Linux
Mint Debian Edition 10 and want to have the same packages (c.p.) active
after the migration. I believe I know how to migrate the packages using
`dpkg` and `apt-get`, but would prefer to migrate the packages using
`aptitude` alone. Is this possible? Are there reasons not to do this?

details:

I've been running Ubuntu on a laptop mostly happily for some time, but
have wanted to get

* proprietary multimedia working "out of the box"
* "rolling releases" (aka, more updates without upgrades)

So when I heard about LMDE, I immediately tried it, and was pleased to
see that everything (that I checked, anyway) worked OOTB (i.e. when
booting the live DVD).

I'm now preparing to migrate Ubuntu -> LMDE. The box has separate
root and home partitions, so to CMA I first made

* images of both partitions (using clonezilla)
* backed up /home (with a script using partly `duplicity` and partly just 
`rsync`)

The final thing I believe I need to do (please suggest anything else I
should know) is to backup the list of currently-active (installed and
selected) packages so as to be able to restore them quickly and
completely in the new environment, so that I don't need to manually
install, e.g., chromium and emacs. Am I missing anything? If not:

>From other reading, one way to do this is

# in terminal in ubuntu
dpkg --get-selections > "${PACKAGE_FILE}"
# in terminal in LMDE
sudo dpkg --set-selections < "${PACKAGE_FILE}"
sudo apt-get dselect-upgrade
sudo aptitude update
sudo aptitude -s full-upgrade

Is that correct? If so:

I've been managing its packages exclusively with `aptitude` and would
prefer to continue doing so. I'd like to know,

1 Is there a way to do all of the above using only `aptitude`?

if not,

2 Is there a way to do all of the above using only `aptitude` and `dpkg`?
  I.e. is there an `aptitude` equivalent of `apt-get dselect-upgrade`?
  FWIW I don't see that argument in `info aptitude`.

alternatively,

3 Is there a reason to prefer the [`dpkg`, `apt-get`, `aptitude`]
  workflow above to a purely-`aptitude` workflow for this usecase?

If possible please reply to me as well as the list (I'm on the digest),
and TIA, Tom Roche 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87y667y15i@pobox.com

grub2 not displaying boot menu on serial redirect

[Lev Lvovsky]

Hello,

I run a headless box in conjunction with serial redirect.

I posted about a year ago in regards to grub2 not displaying the boot menu to 
the serial output:

http://www.mail-archive.com/debian-user@lists.debian.org/msg565218.html

Since that post, I'd just waited for upstream to fix the bug, and didn't think 
much of it.  Grub2 had since then been upgraded, and somehow my problem went 
away.

Yesterday I ran update-grub, and the problem has resurfaced.  The menu appears 
on video out, but no longer to the serial.  The boot process redirects to 
serial just fine (at which point grub hands over control the the kernel iirc).

any advice would be appreciated - below is a snippet of my grub.cfg:


### BEGIN /etc/grub.d/00_header ###
set default=0
set timeout=20
serial --unit=0 --speed=9600 --word=8 --parity=no --stop=1
terminal serial
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/10_linux ###
menuentry "Debian GNU/Linux, linux 2.6.26-2-686.21" {
  set root=(hd0,6)
  search --fs-uuid --set 7abda901-2a56-4917-96af-c6dc983d015c
  linux   /vmlinuz-2.6.26-2-686.21 
root=UUID=25ed25b7-64bb-4949-ba5e-932093b1fcef ro console=tty0 
console=ttyS0,9600
  initrd  /initrd.img-2.6.26-2-686.21
}


thanks,
-lev

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/57cadb85-3121-4c06-823b-ed8f18743...@sonous.com

Re: debian - ubuntu

[Camaleón]

On Wed, 26 Jan 2011 12:45:46 +0100, artorius wrote:

> hi, it's my first post and i'm newbie on debian an ubuntu too. the
> prbolem is that i have tried to install ubuntu rigt after the setup of
> debian and the laptop (hp nc6000) gives me this message:
> 
> (process:285) : Glib - warning xx : getpw id : failed due to unknown
> user (0) id.



You could be facing this bug:
https://bugs.launchpad.net/ubuntu/+bug/531027



Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/pan.2011.01.26.17.01...@gmail.com

Re: access point using 3945

[Celejar]

On Fri, 31 Dec 2010 14:00:04 -0800
 wrote:

> Hello,
> 
> looks like one good way to go about it is to use hostapd.
> 
> however there's supposed to be nl80211 driver which I need.
> 
> I can .h files when I search through debian, but no binary looking
> thingy, and the hostapd package does not contain it.
> 
> Can anyone shed some light on this.
> 
> Looks like the iwl3945 driver can NOT be used to operate as an access
> point.

According to this page, it indeed unfortunately cannot:

http://wireless.kernel.org/en/users/Drivers

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126114334.d590a78f.cele...@gmail.com

Re: Lenny Apache2: ReverseProxy -> https -> http://localhost:port

[Bob Proulx]

Denny Schierz wrote:
> nothing helps. It's all the same. Maybe a bug, or unsupported. Or a
> configuration problem with the proxy module 
> 
> hmmm

Hmm...  Works okay for me.  What modules do you have enabled?

  ls /etc/apache2/mods-enabled

If you do not have the proxy modules enabled then enable them,
restart, and try again.

  a2enmod proxy
  a2enmod proxy_balancer
  a2enmod proxy_http
  a2enmod rewrite

  /etc/init.d/apache2 restart

I am not sure what modules are needed.  You may need to try a few
things.  I think those are needed at the least.

Bob


signature.asc
Description: Digital signature

Re: Kernel Failure on Gnome Startup - Squeeze

[Camaleón]

On Tue, 25 Jan 2011 23:37:14 -0700, david wildgoose wrote:

> Running Debian Squeeze here inside a VM (virtual box) and kernelopps is
> popping up with a warning on Gnome startup.
> 
> Your system had a kernel failure
> There is diagnostic information available for this failure. Do you want
> to submit this information to the www.kerneloops.org website for use by
> the Linux kernel developers?

It happens on every start or it just hapenned once?

Review your log (/var/log/dmesg) and search for any error ("oops" or 
kernel bug) you may have experienced.

> Also, I get the following error in /var/log/syslog:
> 
>   nm_dbus_get_networks_cb(): error received:
> org.freedesktop.NetworkManagerInfo.NoNetworks - There are no wireless
> networks stored..

I think this is just a warning of networkmanager, not related to the 
kerneloops daemon.
 
Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/pan.2011.01.26.16.22...@gmail.com

Re: debian - ubuntu

[shawn wilson]

On Wed, Jan 26, 2011 at 6:45 AM, artorius  wrote:

> hi, it's my first post and i'm newbie on debian an ubuntu too.
> the prbolem is that i have tried to install ubuntu rigt after the setup
> of debian and the laptop (hp nc6000) gives me this message:
>
> (process:285) : Glib - warning xx : getpw id : failed due to unknown
> user (0) id.
>
>
first - we were all new once. however, when you post a question, atleast
take the time to reread it. proper grammar is good, but i don't hold that
against people for whom english is not their first language. but, not even
giving a crap about what you are typing

second, switch to a console and do a 'cat /proc/version; tail -10
/var/log/messages'  and we might be able to provide more insight.

Re: Debian Squeeze Installation

[Hugo Vanwoerkom]

Andrei Popescu wrote:

On Lu, 24 ian 11, 13:55:30, Hugo Vanwoerkom wrote:

Andrei Popescu wrote:

On Du, 23 ian 11, 13:06:15, Hugo Vanwoerkom wrote:

I wholeheartedly agree. Except that the current mc for squeeze and
sid is 4.0.7 which is very unfriendly in that it has moved to skin
support of which there are none. Better stick with lenny which is
4.6.2 which is much friendlier.

I suspect something is broken with your mc, I did not notice any
difference between mc on lenny, squeeze and various versions in
between (I'm running sid).


Also running Sid. But it is the .mc/ini file that is the problem. I
have been running with that for years and it won't work with 4.0.7
in that the results are disastrous. I attach the ini file if you
want to try it out.


Hmm, except for the changed color scheme I don't notice any difference 
on a quick glance. What seems to be the problem?




The coloring scheme of mcedit is just unacceptable with that ini under 
4.0.7, take a look at it.
Aside from that the color scheme with that ini is weird under 4.0.7, 
totally unlike 4.6.2.
I went through this on the mc mailing list and got nowhere, my ini file 
was deemed "wrong". But it does exactly what I want it to do on 4.6.2 
and previous, just that 4.0.7 handles it totally different.
OK, I would switch to a skin, but there are no skins to be had with a 
light background that keep mcedit as the default has it.


Hugo


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/ihpe09$1ld$1...@dough.gmane.org

Re: debian - ubuntu

[Johan Grönqvist]

2011-01-26 12:45, artorius skrev:

hi, it's my first post and i'm newbie on debian an ubuntu too.
the prbolem is that i have tried to install ubuntu rigt after the setup
of debian and the laptop (hp nc6000) gives me this message:

(process:285) : Glib - warning xx : getpw id : failed due to unknown
user (0) id.


As the other poster, I do not understand if the error message appeared 
in debian or ubuntu, so please tell us more about your system to get 
more help.


If you see this in debian, then I have no suggestion.

[Brief note: User 0, as mentioned in the error message is the 
administrator (root-user) in debian. In ubuntu it is not used by default.]



As you mention both debian and ubuntu, and their handling of user 0 is 
different, I will assume that you see this in ubuntu but not in debian.


If the problem appears in ubuntu, then it has been known, but was (I 
believe) supposedly fixed for ubuntu 10.04 and 10.10. Pasting your error 
message into google gives as first hit something on bugs.launchpad.net 
(the bug-site of ubuntu), and there may be more information there.


I found the 5th result on google useful, and it leads me to 
ubuntuforums.net.


As this is a debian-list, and I guess that you saw this in ubuntu, I 
will also suggest the following. For questions about ubuntu that are not 
related to debian you will be suggested to ask them on ubuntu-lists as 
described on .



Hope it helps

/ johan


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/ihpd3g$rmv$1...@dough.gmane.org

usage of debian keyring rsync service

[Andrew McGlashan]

Hi,

Please let me know if the following method is appropriate to handle
processing of gpg keys as served by Debian's keyring server.
Specifically, is the handling correct for revoked keys, ie, exact same
process to import ALL files?


#!/bin/bash

WRK_DIR=/root/debian-keys
echo $WRK_DIR

if [ -d $WRK_DIR ]; then cd $WRK_DIR; else echo -e "\n\t$WRK_DIR does
not exit!\a";exit 9; fi

(
rsync -az --progress keyring.debian.org::keyrings/keyrings/ .

for x in *gpg *pgp
do
echo -e "\n processing $x \n"
gpg --import $x
done

) 2>&1 |tee /tmp/$(basename $0).out


Thanks.

--
Kind Regards
AndrewM

Andrew McGlashan
Broadband Solutions now including VoIP

Current Land Line No: 03 9912 0504
Mobile: 04 2574 1827 Fax: 03 9012 2178

National No: 1300 85 3804

Affinity Vision Australia Pty Ltd
http://www.affinityvision.com.au
http://adsl2choice.net.au

In Case of Emergency --  http://www.affinityvision.com.au/ice.html



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/4d403216.8000...@affinityvision.com.au

Re: Let's talk about HTTPS Everywhere

[Celejar]

On Wed, 26 Jan 2011 14:31:55 +0100
Jochen Schulz  wrote:

> Celejar:
> > On Tue, 25 Jan 2011 07:58:28 +0100
> >> 
> >> A single core get's used 100% by the kworker thread. But actually it's
> >> not 20MB/s, but 25MB/s while reading (decrypting) and 35MB/s while
> >> writing (encrypting). I just tested it again.
> > 
> > So does that mean that your wireless throughput with encryption enabled
> > is CPU-bound, and that you'd be getting better throughput with a more
> > powerful CPU (or without encryption)?
> 
> No. The numbers I posted were about disk encryption. They were just
> meant to illustrate what throughput is possible with AES if it is done
> by a comparably slow CPU (Atom D510, 1.66GHz).
> 
> With WPA2/AES you have significantly less throughput (typically <10%)
> and, as far as I know, wifi encrpytion is done by the hardware and not
> the host CPU. But even if it's done on the host CPU: my numbers show
> that you really don't need to care about that very much, as long as your
> system isn't older than, say, 6-8 years.
> 
> (Disclaimer: I am unsure whether WPA2 with AES actually performs the
> same as LUKS using AES. But my guess is that it's not far off.)

Okay - thanks for the clarification.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126093738.d566a3d2.cele...@gmail.com

Re: Linux disk partition encryption

[Celejar]

On Wed, 26 Jan 2011 10:26:16 +0100
Sjoerd Hardeman  wrote:

...

> No, luks and dm-crypt are linux only

There's purportedly Windows support for LUKS / dm-crypt volumes with
FreeOTFE:

http://en.wikipedia.org/wiki/FreeOTFE

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126093112.212006c8.cele...@gmail.com

Re: Linux disk partition encryption

[Celejar]

On Wed, 26 Jan 2011 05:36:22 + (UTC)
T o n g  wrote:

...

> 2. http://www.tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/
> also, Linux Encryption HOWTO
> http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html
> v0.2.2, 04 October 2000
> 
> Here are my questions, 
> 
> - First very noob question, I don't want whole disk encryption, just want 
> to encrypt some selected already partitioned partitions. If someone mount 
> those encrypted partitions, will they shows up as empty or, there are 
> some hints that the partitions have been encrypted? 

A partition cannot be mounted; filesystems can.  If the partition is
encrypted, no filesystem will be visible.  If you mean to ask whether
someone analyzing the disk will be able to detect an encrypted
datastore, in general the answer is probably yes.  There may be some
methods to prevent that, but I'm unfamiliar with them.

> - The Ubuntu [3] and CentOS [4] seems to endorse dm-crypt, instead of 
> (widely-used?) cryptsetup-luks. So I need a bit of explanation which is 
> better than others. 

Don't understand this.  In Debian, there's cryptsetup, which includes
LUKS support (cryptsetup-luks is a virtual package satisfied (only) by
cryptsetup).  From the cryptsetup README.Debian:

"Cryptsetup is a command-line interface for configuring encrypted block
devices via dm-crypt, a kernel device-mapper target."

> 3. http://www.humboldt.edu/its/security-encryption-linuxubuntu
> 4. http://beginlinux.com/blog/2009/04/centos-53-encrypted-block-devices/
> 
> - In terms of encryption used, TrueCrypt supports the following 
> encryption algorithms: AES, Serpent, Twofish, AES-Twofish, AES-Twofish-
> Serpent, Serpent-AES, Serpent-Twofish-AES, Twofish-Serpent; And these 
> hash algorithms: RIPEMD-160, SHA-512 & Whirlpool [5]
> 
> 5. http://www.informit.com/articles/article.aspx?p=1276279
> 
> So I need a bit of explanation why your chosen algorithm is better than 
> others. Very very brief will do.

[Rough, brief explanation - may not be totally accurate.]

AES is both a standards process, as well as a method chosen by that
process.  AES was the winner of that process; some of the others on
your list were finalists.  AES has the advantage of having been
extensively tested, in both labs and the real world, but some of the
others (e.g., Twofish) are supposed to be quite good.

Further reading:

http://www.schneier.com/paper-aes-comparison.html
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard_process
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
http://www.brighthub.com/computing/smb-security/articles/53270.aspx
http://en.wikipedia.org/wiki/Twofish
http://www.schneier.com/twofish.html
http://www.image-in.co.il/HTML/SEC4NET/aes_history.html

> - Is your partition encryption choice as cross-platform as TrueCrypt?

No idea, but LUKS / dm-crypt can apparently be used on Windows with
FreeOTFE:

"This software is compatible with Linux encrypted volumes (e.g. LUKS,
cryptoloop, dm-crypt), allowing data encrypted under Linux to be read
(and written) freely. It was the first open source transparent disk
encryption system to support Windows Vista and PDAs."

http://en.wikipedia.org/wiki/FreeOTFE>

> - If I put the encrypted partitions in fstab, then I have to enter 
> passphrase for each one of them when PC boot up, I guess. Will the whole 
> boot up be hold up waiting for encrypted partitions passphrases?

This obviously depends what's on the partitions you encrypt.

> - Since I need to encrypt more than one selected partitions, if I want to 
> mount encrypted partitions manually, is there any alternative way than to 
> typing in passphrase for each one of them when mounting them?

Yes - use keyfiles, and have the system use them to unlock partitions.
You can / should encrypt the keyfile, or put it on an encrypted disk
which requires a passphrase.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126092929.adc7f6c8.cele...@gmail.com

Re: making a pdf file smaller the debian way....

[Celejar]

On Sat, 1 Jan 2011 23:36:51 +
Michael Fothergill  wrote:

> Dear Debian folks,
> 
> I have pdf file that is too big to be emailed around easily.   I tried
> making a zip file out of it but that only made it 1% smaller.  I don't
> have the scanner with me or I could have scanned it at lower
> resolution.

PDFs already utilize some compression, so that's probably why
compressing further won't help all that much.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110126085919.e7c85235.cele...@gmail.com

Re: Let's talk about HTTPS Everywhere

[Jochen Schulz]

Celejar:
> On Tue, 25 Jan 2011 07:58:28 +0100
>> 
>> A single core get's used 100% by the kworker thread. But actually it's
>> not 20MB/s, but 25MB/s while reading (decrypting) and 35MB/s while
>> writing (encrypting). I just tested it again.
> 
> So does that mean that your wireless throughput with encryption enabled
> is CPU-bound, and that you'd be getting better throughput with a more
> powerful CPU (or without encryption)?

No. The numbers I posted were about disk encryption. They were just
meant to illustrate what throughput is possible with AES if it is done
by a comparably slow CPU (Atom D510, 1.66GHz).

With WPA2/AES you have significantly less throughput (typically <10%)
and, as far as I know, wifi encrpytion is done by the hardware and not
the host CPU. But even if it's done on the host CPU: my numbers show
that you really don't need to care about that very much, as long as your
system isn't older than, say, 6-8 years.

(Disclaimer: I am unsure whether WPA2 with AES actually performs the
same as LUKS using AES. But my guess is that it's not far off.)

J.
-- 
I am not scared of death but terrified of people in Tommy Hilfiger
sweatshirts.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

Re: debian - ubuntu

[Michael Tsang]

On Wednesday 26 January 2011 19:45:46 artorius wrote:
> hi, it's my first post and i'm newbie on debian an ubuntu too.
> the prbolem is that i have tried to install ubuntu rigt after the setup
> of debian and the laptop (hp nc6000) gives me this message:
> 
> (process:285) : Glib - warning xx : getpw id : failed due to unknown
> user (0) id.
> 
> thank you very much.
> artorius
Can you give me more information about your system?
-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html


signature.asc
Description: This is a digitally signed message part.

debian - ubuntu

[artorius]

hi, it's my first post and i'm newbie on debian an ubuntu too.
the prbolem is that i have tried to install ubuntu rigt after the setup
of debian and the laptop (hp nc6000) gives me this message:

(process:285) : Glib - warning xx : getpw id : failed due to unknown
user (0) id.

thank you very much.
artorius



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1296042347.6111.7.camel@dhcppc0

Re: Local DNS

[Pascal Hambourg]

Hello,

Jesus arteche a écrit :
> 
> Now I have a debian server, and a bind installed working as a local
> dns(cache), with 3 zones...it work the next way:
> 
> -  One a petition occurs, it check the domain asked
> - if teh domain is a zone configured in the local dns, it solve it in local
> - If it's not a zone, it forward the petition to a external dns(google)
> 
> What I want to change is the sequence...I mean:
> 
> - Bind received a petition.
> - it forward outside, for all domains.
> - And if it doesn't receive an answer, it checks the zones of the local
> dns and if it finds it solve it.

What do you mean exactly by "doesn't receive an answer" ? No aswer at
all (time-out, REFUSED), error (SERVFAIL...), negative answer
(NXDOMAIN...) ?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d3ff5af.6090...@plouf.fr.eu.org

Re: Linux disk partition encryption

[Sjoerd Hardeman]

T o n g schreef:

Hi,

I'm thinking to do the disk partition encryptions now. However 

"Hard drive encryption sounds like an intimating concept, mostly because 
it is. The thought of taking your precious files, then using a 
mathematical formula to convert them into random noise before scattering 
them back across your disk is a hard sell. " [1]
There is no such thing as random noise generated from mathematical 
formulas. But I do of course understand your issues. I have a more 
pragmatic view: if you know the algorithm and password, you'll be fine, 
so keep that secure.


Here are my questions, 

- First very noob question, I don't want whole disk encryption, just want 
to encrypt some selected already partitioned partitions. If someone mount 
those encrypted partitions, will they shows up as empty or, there are 
some hints that the partitions have been encrypted? 
Truecrypt seems to support "hidden" partitions, that show up as empty 
space. As far as I know the luks-dmcrypt setup that I'm advertising does 
not have that option.


- The Ubuntu [3] and CentOS [4] seems to endorse dm-crypt, instead of 
(widely-used?) cryptsetup-luks. So I need a bit of explanation which is 
better than others. 

http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian

I have a luks-encrypted external hard drive partition, which is great. 
When I plug in the disk under kde it will automatically ask for the 
password.


- In terms of encryption used, TrueCrypt supports the following 
encryption algorithms: AES, Serpent, Twofish, AES-Twofish, AES-Twofish-
Serpent, Serpent-AES, Serpent-Twofish-AES, Twofish-Serpent; And these 
hash algorithms: RIPEMD-160, SHA-512 & Whirlpool [5]
Good question. I think for keeping your files safe from the 
kid-next-door, they'll all be fine. For more serious encryption, they'll 
probably also be fine.

- Is your partition encryption choice as cross-platform as TrueCrypt?

No, luks and dm-crypt are linux only


- If I put the encrypted partitions in fstab, then I have to enter 
passphrase for each one of them when PC boot up, I guess. Will the whole 
boot up be hold up waiting for encrypted partitions passphrases?
There's such a thing as the crypttab for automatically decrypting during 
the boot cycle. I have no experience, though. Another, long explanation 
of dm-crypt with luks:

https://wiki.archlinux.org/index.php/System_Encryption_with_LUKS_for_dm-crypt


- how passphrase are cached? Do I have to repeatedly typing in passphrase  
each time I do the mount? I also heard of passphrase-less disk 
encryptions. Hmm... I don't want to go there so maybe I can skip that.
It is cached until you close the encrypted volume. For proper 
encryption, you therefore need to go for at least an encrypted swap 
page, and secure your RAM-memory for something like 30 minutes after 
switching off power so than nobody can get the password from there.


I hope my comments were of some help, others may know more about this.



signature.asc
Description: OpenPGP digital signature

Re: Lenny Apache2: ReverseProxy -> https -> http://localhost:port

[Denny Schierz]

hi,

Am Montag, den 24.01.2011, 11:41 -0700 schrieb Bob Proulx:
> Turn the rewrite engine on and then try it again.  I think that is the
> missing component for you.
> 
>   RewriteEngine On 

nothing helps. It's all the same. Maybe a bug, or unsupported. Or a
configuration problem with the proxy module 

hmmm

cu denny


signature.asc
Description: This is a digitally signed message part