date:20141015

El Sat, 11 Oct 2014 09:25:50 -0300
Felix Perez felix.listadeb...@gmail.com escribió:

 El día 11 de octubre de 2014, 2:56, William Romero
 wromer...@hotmail.com escribió:
 
 
 
 
  ¿Se puede hacer usado yum o es mejor instalarlo desde 0?
 
 
 
  Un saludo.
 
  Que yo sepa , red hat es linux!!!. De todas formas si me pudierais ayudar 
  os lo agradeceria.
 
 
  Ya y? Bueno ahora cuéntanos el chiste.
 
 
  Suse , como siempre el Pele de Angel Claudio no tenes idea de lo que 
  dices .
 
  para su informacion red hat se unio en diciembre 2013 con centos y salio  
  la version 7 , el cual solo esta disponible a 64 bits.
 
  Instalar desde cero si que no sabeis nada bien por eso, pero hay mucha 
  documentacion de esto tambien
  http://www.centos.org/docs/
 
 
 U.  No hay caso.  En fin es lo que hay.
 

Me parece que le voy a tener que hacer un dibujo para explicarle al infeliz la 
ironia
que me recomendas Felix? uso gimp??
 -- 
 usuario linux  #274354
 normas de la lista:  http://wiki.debian.org/es/NormasLista
 como hacer preguntas inteligentes:
 http://www.sindominio.net/ayuda/preguntas-inteligentes.html
 
 
 -- 
 To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 https://lists.debian.org/CAAiZAx5opQPgjD6tj_PXHLkppv_2lq8vmpnrizyr5mff...@mail.gmail.com
 


-- 
Angel Claudio Alvarez an...@angel-alvarez.com.ar


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20141015183132.440b0f42a78d33abae9b5...@angel-alvarez.com.ar

Re: Actualizar red hat 6.3 (Santiago) a 6.3 (FINAL)

El Sat, 11 Oct 2014 01:56:11 -0400
William Romero wromer...@hotmail.com escribió:

 
 
 
 
  ¿Se puede hacer usado yum o es mejor instalarlo desde 0?
 
 
 
  Un saludo.
 
  Que yo sepa , red hat es linux!!!. De todas formas si me pudierais ayudar 
  os lo agradeceria.
 
 
  Ya y? Bueno ahora cuéntanos el chiste.
 
 
 Suse , como siempre el Pele de Angel Claudio no tenes idea de lo que 
 dices .
 

el que nace para pito...nuca llega a ser trompeta ( si no lo entendes te hago 
un esquema)

 para su informacion red hat se unio en diciembre 2013 con centos y salio  la 
 version 7 , el cual solo esta disponible a 64 bits.
 
 Instalar desde cero si que no sabeis nada bien por eso, pero hay mucha 
 documentacion de esto tambien
 http://www.centos.org/docs/
 
 saludos 
 
 WRC 
 
 
 
 
 
 -- 
 To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: https://lists.debian.org/bay177-w509f51d0918f835197f681b6...@phx.gbl
 


-- 
Angel Claudio Alvarez an...@angel-alvarez.com.ar


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20141015183257.203f03c0fb09fd337c4c5...@angel-alvarez.com.ar

Re: Alternativas para server de correo sobre Debian

El Wed, 15 Oct 2014 10:52:26 -0300
ciracusa cirac...@gmail.com escribió:

 Hola Lista.
 
 Les consulto, estoy analizando la idea de montar mi propio server de 
 correo para alojar 150 cuentas (mas o menos) en modalidad pop3/smtp 
 (osea no van a ser imap).
 
 Que solución aconsejan?
 
 Que opinión les merece Zimbra?

es interno?? es para una empresa??

 
 Muchas Gracias.
 
 Salu2.
 
 
 -- 
 To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: https://lists.debian.org/543e7c1a.60...@gmail.com
 


-- 
Angel Claudio Alvarez an...@angel-alvarez.com.ar


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20141015183441.94ce607e06d7409c1b0e9...@angel-alvarez.com.ar

Re: Personalizar espacio de trabajo.

El Tue, 14 Oct 2014 12:56:36 +0200
Ala de Dragón aladedra...@gmail.com escribió:

Hola :-D

Solo tengo un Pc disponible para mis cosas personales y me gustaría
hacer alguna personalizacion en mi Linux pc 3.2.0-4-686-pae #1 SMP
Debian 3.2.60-1+deb7u3 i686 GNU/Linux Xfce.

Me gustaría separar mediante usuarios las diferentes tareas.

Por ejemplo, aquí mi primera duda, estoy estudiando idiomas y he
creado un usuario para tal fin. La configuración del teclado y de
writer la tengo en ese idioma, pero los menus y la consola me aparecen
en el lenguaje nativo es-ES.

Le la parte de configuracion regional de la documentacion de Debian

Por otro lado compilo y trabajo con diferentes programas y una vez
compilados suelen instalarse de forma predeterminada en /usr/local
/opt etc... lo que me gus taria saber es si pueden crearse en otro
sitio, por ejemplo /home/desarrollo/programa_Z/version_X siendo
desarrollo un usuario. Disponer de las herramientas de compilación
instaladas de forma global solo si fuera necesario, a fin de cuentas
ese usuario seria el único que necesite compilar. En caso de hacer una
gran trastada, solo se ve afectado un usuario y no todo un sistema
tras un make install.

El make install solo podran instalar programas/librerias SOLO si el directorio
que dice en el configure permite al usuario hacerlo
Ningun usuario comun puede hacer un make install en /usr/bin o /usr/local/bin
por lo que ningun usuario comun puede arruinarte el sistema

Muchas gracias por su tiempo

--
El cielo es para los dragones
lo que el agua es para las ninfas

--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/ca+924hrtvxjs+redd68hn5ty_uuwwue2ynh46q3acdqjdqb...@mail.gmail.com

--
Angel Claudio Alvarez an...@angel-alvarez.com.ar

--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20141015184619.6d7106aefaaa7ff4eadc3...@angel-alvarez.com.ar

Re: La carpeta raíz se llena sin motivo

2014-10-15 Thread Manolo Díaz



El 15/10/14 a las 16:10, Manolo Díaz escribió:
 El 15/10/14 a las 00:25, Manolo Díaz escribió:
 Hola

 Tengo Debian Jessie  con una partición para la raíz de 902G  y otra para
 home de 1,8T.

 Pues desde hace poco la partición raíz se llena al 100%, si reinicio no
 me deja entrar de nuevo, se queda en bucle del siguiente aviso  [Núm en
 aumento] rt2800 pci 000:05:00.0: firmvare: failed to load rt2860.bin (-2)

 Entro en modo si fallos, y compruebo que la carpeta /var es la pesada y
 dentro de ella la carpeta /log con unos 800G, borro ficheros hasta
 reducirlo a 131G, y reinicio. hace un amago de entrar en el bucle unas
 20 líneas, pero consigo entrar. Así estoy un tiempo hasta que se
 vuelve a llenar y si reinicio el sistema volvemos a inicial todo el
 proceso indicado antes.
 ¿Cuánto tiempo; horas, días, meses, años...?

 He buscado en Google y gracias a ello, he podido hacer lo anterior, pero
 no doy con la soluciÃ³n definitiva.

 Me podían ayudar indicándome donde puede estar el fallo y como
 solucionarlo. Gracias de antemano

 Espero noticias de ustedes y reitero mi agradecimiento.

 Lo siguiente te puede ayudar a ver cuál(es) son los ficheros que más
 engordan y, a partir de ahí, buscar el culpable

 du -a /var/log | sort -rn | head

 Saludos.

 Hola Manolo
 Gracias por contestar:

 Esto es lo que hay ahora, como ya he dicho borre algunos ficheros:

 root@debian-PAPA:/var/log# du -a /var/log | sort -rn | head
 236722120   /var/log
 71978764/var/log/syslog.1
 58199376/var/log/kern.log
 51837764/var/log/daemon.log
 38058460/var/log/syslog
 16626600/var/log/messages
 17184   /var/log/installer
 14488   /var/log/installer/cdebconf
 14360   /var/log/installer/cdebconf/templates.dat
 2060/var/log/apt
 root@debian-PAPA:/var/log#

 También utilice el siguiente comando, que vi en Google:
 root@debian-PAPA:/var/log# du -h --max-depth 1
 52K ./exim4
 4,0K./speech-dispatcher
 4,0K./unattended-upgrades
 2,1M./apt
 12K ./fsck
 120K./cups
 4,0K./firebird
 17M ./installer
 226G.
 root@debian-PAPA:/var/log#

 Se ve que en /var/log hay 226G

 Gracias.

 Respondo a la lista.

 Esos ficheros son tremendamente grandes. Si tienen solo un día de vida
 podemos descartar que el problema esté en la rotación. ¿Puedes buscar a
 ver dentro de syslog si hay algún tipo de mensaje que se repita una y
 otra vez?

 Saludos.
Hola Manolo,

Primero disculpas por mandarte el mensaje al privado.

Nada que disculpar.

Con respecto a mi problema. los ficheros syslog y syslog.1 no los puedo 
abrir, con nano desde la consola se bloque al intentar abrirlo, y con 
kate (dando permiso) pero al intentar abrirlo se cierra Kate de golpe.

Normal, son más de 36 GB. Prueba con less en un terminal. La barra
espaciadora hace de paginador, pulsando q termina.

Saludos.
-- 
Manolo Díaz


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015234747.7bc80...@gmail.com

Seleccionar texto en consola para copiar borrar

2014-10-15 Thread Maykel Franco

Hola buenas, me gustaría saber si se puede copiar texto en la consola como
si de un bloc de notas se tratase. Y no tener que seleccionar el texto
usando el ratón.

Nunca e visto esto en ningún lado.

Saludos.

Re: La carpeta raíz se llena sin motivo

2014-10-15 Thread Alejandro G Sánchez martínez

El Mié 15 Oct 2014 16:28:39 Alejandro G Sánchez martínez escribió:
 El Mié 15 Oct 2014 00:06:48 José Manuel escribió:
  Hola
  
  Tengo Debian Jessie  con una partición para la raíz de 902G  y otra para
  home de 1,8T.
  
  Pues desde hace poco la partición raíz se llena al 100%, si reinicio no
  me deja entrar de nuevo, se queda en bucle del siguiente aviso  [Núm en
  aumento] rt2800 pci 000:05:00.0: firmvare: failed to load rt2860.bin (-2)
  
  Entro en modo si fallos, y compruebo que la carpeta /var es la pesada y
  dentro de ella la carpeta /log con unos 800G, borro ficheros hasta
  reducirlo a 131G, y reinicio. hace un amago de entrar en el bucle unas
  20 líneas, pero consigo entrar. Así estoy un tiempo hasta que se
  vuelve a llenar y si reinicio el sistema volvemos a inicial todo el
  proceso indicado antes.
 
 Son directorios nunca e visto un disco duro que internamente tenga una
 carpeta, eso haría que perdiera su garantía  o su funcionamiento.
 
 
 Di que log es el que esta creciendo tanto luego  que te parece si le das
 tail -20 /var/log/ el que esta creciendo mucho y ves que esta pasando,
 

dale tail -20 /var/log/syslog y analiza que esta pasando

 los log que etan crecinco te deberán decir que esta pasando.
 
  He buscado en Google y gracias a ello, he podido hacer lo anterior, pero
  no doy con la soluciÃ³n definitiva.
  
  Me podían ayudar indicándome donde puede estar el fallo y como
  solucionarlo. Gracias de antemano
  
  Espero noticias de ustedes y reitero mi agradecimiento.


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1763286.HRXTjNl64Y@lurkan-desktop

Re: Seleccionar texto en consola para copiar borrar

2014-10-15 Thread Maykel Franco

Me respondo a mi mismo. Usando el comando screen se puede realizar.

Alguna forma mas elegante?

Saludos.
El 15/10/2014 23:53, Maykel Franco maykeldeb...@gmail.com escribió:

 Hola buenas, me gustaría saber si se puede copiar texto en la consola como
 si de un bloc de notas se tratase. Y no tener que seleccionar el texto
 usando el ratón.

 Nunca e visto esto en ningún lado.

 Saludos.

Re: Seleccionar texto en consola para copiar borrar

2014-10-15 Thread fernando sainz

El día 15 de octubre de 2014, 23:53, Maykel Franco
maykeldeb...@gmail.com escribió:
 Hola buenas, me gustaría saber si se puede copiar texto en la consola como
 si de un bloc de notas se tratase. Y no tener que seleccionar el texto
 usando el ratón.

 Nunca e visto esto en ningún lado.

 Saludos.

No entiendo muy bien lo que quieres hacer.

Si ejecutas un comando en consola y quieres capturar lo que pinta tal
vez te sirva el comando tee.

$ ls | tee kk.txt

S2.


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAGw=rhjn-bw-ncwfa62kutf+inuqoyddphw+cqtcra91mx7...@mail.gmail.com

RE: Actualizar red hat 6.3 (Santiago) a 6.3 (FINAL)

2014-10-15 Thread William Romero


 ¿Se puede hacer usado yum o es mejor instalarlo desde 0?



 Un saludo.

 Que yo sepa , red hat es linux!!!. De todas formas si me pudierais ayudar 
 os lo agradeceria.


 Ya y? Bueno ahora cuéntanos el chiste.


 Suse , como siempre el Pelele de Angel Claudio no tenes idea de lo que 
 dices .


 el que nace para pito...nuca llega a ser trompeta ( si no lo entendes te hago 
 un esquema)

Tu pito lo pones donde no te llega el sol.

equema! ponte a dibujar tu trompeta. a ver si entendes 



 WRC




  

--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/bay177-w2524a8221cd384c453fa05b6...@phx.gbl

Re: La carpeta raíz se llena sin motivo

2014-10-15 Thread Santiago Vila

On Wed, Oct 15, 2014 at 10:23:52PM +0100, José Manuel (EB8CXW) wrote:
 51837764/var/log/daemon.log

¡51 Gigas de daemon.log! Sin duda este parece uno de los culpables.

Para ver cómo crece en directo un fichero de registro prueba esto:

tail -f /var/log/daemon.log

 Con respecto a mi problema. los ficheros syslog y syslog.1 no los puedo
 abrir, con nano desde la consola se bloque al intentar abrirlo, y con kate
 (dando permiso) pero al intentar abrirlo se cierra Kate de golpe.

Normal. Tanto nano como kate son editores de texto y para editar un
fichero de 50 Gigas necesitas aproximadamente 50 Gigas de memoria,
cosa que probablemente no tengas.

Pero es que los ficheros de registro están pensados para ser leídos,
*no* para ser editados. Por eso debes probar con less y tail.


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015231001.ga...@cantor.unex.es

Re: Problema mutt para enviar archivos adjuntos

2014-10-15 Thread Ricardo

El día 7 de octubre de 2014, 11:59, Camaleón noela...@gmail.com escribió:
 El Mon, 06 Oct 2014 20:24:52 -0500, Debia Linux escribió:

 El Tue, 03 May 2011 08:31:48 -0300, ,_(º Alejandro Lucas escribió:

 Buen dia listas. Necesito enviar archivos adjuntos con mutt a traves de
 una linea de comando. Primeramente ejecute el script, muy bueno por
 cierto, que me envio Camaleón, y me decia que lo envio, y al no recibir
 nada, ejecute desde consola el comando, y me tiraba que era imposible
 adjuntar el archivo.

 Recuerda que tienes que tener el Mutt configurado para poder enviar
 mensajes con el script.

 Los comandos que probe fueron:

 mutt -a [Archivo_Adjunto] -s Asunto destinatario mutt -a
  [Archivo_Adjunto] -s Asunto destinatario  Cuerpo Mensaje

 Te has olvidado del echo:

 echo Cuerpo del mensaje | mutt -a archivo -s asunto usua...@dominio.com

 Pues yo realice lo que dijiste Camaleon y me arroja el siguiente error

 Como no me refresques la memoria, porque no recuerdo qué dije hace 3
 años ;-)

 Supongo que será esto:

 https://lists.debian.org/debian-user-spanish/2011/05/msg00073.html

 echo Cuerpo del mensaje | mutt -a zztirar.png -s este es el asunto 
 mim...@gmail.com
 Can't stat mim...@gmail.com: No existe el fichero o el directorio

 Ya lo intente varias veces y modificando la posicion del adjunto,
 atnes, despues de el asunto y sigue igual.

 ¿Cual sera el problema?

 Pues espera que revise el manual... vale, hay que añadir 2 guiones:

 echo Cuerpo del mensaje | mutt -a zztirar.png -s este es el asunto -- 
 usua...@example.com

 Saludos,

 --
 Camaleón



Hola.

Quizás sirva este link también:

http://www.tecmint.com/send-mail-from-command-line-using-mutt-command/

Saludos


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAH45FxfDehDnEYz552XjgmQq9DaRJCz0r_uHkbeb0qbJdzr=9...@mail.gmail.com

Re: Actualizar red hat 6.3 (Santiago) a 6.3 (FINAL)

2014-10-15 Thread Felix Perez

El día 15 de octubre de 2014, 18:31, Angel Claudio Alvarez
an...@angel-alvarez.com.ar escribió:
 El Sat, 11 Oct 2014 09:25:50 -0300
 Felix Perez felix.listadeb...@gmail.com escribió:

 El día 11 de octubre de 2014, 2:56, William Romero
 wromer...@hotmail.com escribió:
 
 
 
 
  ¿Se puede hacer usado yum o es mejor instalarlo desde 0?
 
 
 
  Un saludo.
 
  Que yo sepa , red hat es linux!!!. De todas formas si me pudierais 
  ayudar os lo agradeceria.
 
 
  Ya y? Bueno ahora cuéntanos el chiste.
 
 
  Suse , como siempre el Pele de Angel Claudio no tenes idea de lo que 
  dices .
 
  para su informacion red hat se unio en diciembre 2013 con centos y salio  
  la version 7 , el cual solo esta disponible a 64 bits.
 
  Instalar desde cero si que no sabeis nada bien por eso, pero hay mucha 
  documentacion de esto tambien
  http://www.centos.org/docs/
 

 U.  No hay caso.  En fin es lo que hay.


 Me parece que le voy a tener que hacer un dibujo para explicarle al infeliz 
 la ironia
 que me recomendas Felix? uso gimp??

Jajajaja, n, mejor con blender así lo haces animado y en 3D.

Saludos.

 --
 usuario linux  #274354
 normas de la lista:  http://wiki.debian.org/es/NormasLista
 como hacer preguntas inteligentes:
 http://www.sindominio.net/ayuda/preguntas-inteligentes.html


 --
 To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: https://lists.debian.org/CAAiZAx5opQPgjD6tj_PXHL 
 kppv_2lq8vmpnrizyr5mff...@mail.gmail.com



 --
 Angel Claudio Alvarez an...@angel-alvarez.com.ar


 --
 To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 https://lists.debian.org/20141015183132.440b0f42a78d33abae9b5...@angel-alvarez.com.ar




-- 
usuario linux  #274354
normas de la lista:  http://wiki.debian.org/es/NormasLista
como hacer preguntas inteligentes:
http://www.sindominio.net/ayuda/preguntas-inteligentes.html


--
To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/caaizax7npmxqduz1q2glih-10p5yl2cwe2d_-krvpkq27my...@mail.gmail.com

Re: Como remover o Akamaihd

2014-10-15 Thread julio santos peppe

O porque desse malware estar infectado em uma máquina linux, agora não
vem mais ao caso, sugestão:

- tudo o que você possa fazer agora dentro do sistema pode ser
monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
utilize o DD para apagar tudo no disco dependendo do tamanho do disco
vai demorar um tempão e finalmente instale um linux estável e seguro da
versão STABLE prefiro utilizar distribuições DEBIAN...

Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
acesso ao root dentro de sua conta de usuário 

se seguir esses passos acredito que seu pc funcionará perfeitamente
BEM...

é só  :P

Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
 Boa tarde amigos listeiros.
 
 
   De uns tempos para cá percebi que minha máquina, rodando o bom e
 velho sistema do pinguim, está me dando trabalho com este adware,
 malware, malditoware, seja lá como costumam chamá-lo.
 
 
   A navegação está lenta, a tela é invadida por popups e ao
 acessar sites como o facebook, por exemplo, a tela de login é
 substituída por uma bem diferente da original do site.
 
 
   Pesquisando na internet, achei muita coisa para windows
 (inclusive recomendações para substituí-lo por Linux), mas nada que
 atendesse ao nosso sistema. Encontrei também informações para a
 remoção desta praga de máquinas rodando mac os, mas nada para o
 pinguim.
 
 
   Alguém faz alguma ideia de como me livrar desta tranqueira?
 
 
 Obrigado a todos.
 
 -- 
 Atenciosamente,
  
 Nelson P. Ramos
 Linux User #448514
 



-- 
To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1413369604.4092.5.camel@note-juliopeppe

Re: como atualizar kernel?

2014-10-15 Thread julio santos peppe

EU mantenho servidores linux VIRTUALIZADOS com sistemas em 8gb. USANDO O
PADRÃO da instalação debian... tudo que faço é pelo prompt. o problema é
querer utilizar uma isntalçao de sistema prompt para subir interfaces
gráficas e outras coisinhas que vem junto com o gnome/KDE. 
pARA SERVIDOR FUNCIONA BEM 8GB AQUI...


Em Dom, 2014-10-12 às 09:59 -0300, Gunther Furtado escreveu:
 Em 11.10.2014, sábado, Leandro disse:
 
  Nao sei o que os colegas vao achar mas por padrao 10GB e o mínimo
  para para o /.
 
 
 Bem, não é servidor, é Desktop. 1,5GB acho que estaria até de mais, mas
 definitivamente, 315MB (tamanho escolhido pelo instalador) foi muito
 pouco.
 
 Abrax,
 
 
  Em 11/10/2014 12:03, Gunther Furtado gunfurt...@gmail.com
  escreveu:
  
   Prezad@s,
  
   Toda vez que tento atualizar o pacote linux-image-686-pae da
   testing ele tenta instalar o linux-image-3.16-2-686-pae e surge um
   erro:
  
   dpkg: error processing archive
   /var/cache/apt/archives/linux-image-3.16-2-686-pae_3.16.3-2_i386.deb
   (--unpack):
cannot copy extracted data for
   './lib/modules/3.16-2-686-pae/kernel/drivers/scsi/megaraid.ko' to
   '/lib/modules/3.16-2-686-pae/kernel/drivers/scsi/megaraid.ko.dpkg-new':
   unexpected end of file or stream
   dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
  
   sempre nos drivers scsi, mas nem sempre no megaraid
  
   Acho que, apesar do erro ser 'unexpected end of file or stream',
   isto está relacionado à falta de espaço em /.
  
   root@kidos:~# df -h
   Filesystem  Size  Used Avail Use% Mounted on
   /dev/sda1   315M  223M   71M  76% /
   udev 10M 0   10M   0% /dev
   tmpfs   200M  5,2M  195M   3% /run
   tmpfs   500M   92K  500M   1% /dev/shm
   tmpfs   5,0M  4,0K  5,0M   1% /run/lock
   tmpfs   500M 0  500M   0% /sys/fs/cgroup
   /dev/sda978G  713M   74G   1% /home
   /dev/sda6   2,7G  585M  2,0G  23% /var
   /dev/sda5   8,2G  3,0G  4,8G  38% /usr
   tmpfs   100M  4,0K  100M   1% /run/user/109
   /dev/sda8   360M  2,8M  335M   1% /tmp
   tmpfs   100M  8,0K  100M   1% /run/user/1000
   root@kidos:~#
  
   Os modulos da versão instalada do kernel ocupam 111,0 MB.
   Imaginando que o memo espaço deva ser ocupado pelos módulos novos,
   é preciso liberar uns 60MB em / para conseguir atualizar o
   kernel. localepurge instalado e operando, /var e /tmp em partições
   separadas.
  
   O diretório  /lib etá ocupando 175,3 MB, ou seja, mais de metade de
   /, /bin+/bin/etc=26MB, então, se eu quiser liberar 50 MB, tenho
   que apagar alguma coisa em /lib?
  
   Preciso liberar 50MB em /lib:
   root@kidos:~# du -kh --max-depth=1 /lib
   13M/lib/udev
   41K/lib/startpar
   29K/lib/crda
   4,2M/lib/discover
   2,0K/lib/modules-load.d
   19K/lib/lsb
   94K/lib/terminfo
   1,1M/lib/xtables
   2,0K/lib/ifupdown
   7,1M/lib/systemd
   36K/lib/init
   10K/lib/hdparm
   47K/lib/security
   2,0K/lib/modprobe.d
   40K/lib/sysvinit
   19M/lib/firmware
   19M/lib/i386-linux-gnu
   109M/lib/modules
   171M/lib
   root@kidos:~#
  
   Alguém sabe dizer se tem alguma valor fora do normal na lita acima?
  
   Acho que posso quebrar o sistema se apagar alguma coisa, logo, não
   vou liberar espaço em /lib.
  
   Vou ter que apelar para redimensionamentos de partições, é isso?
  
   Uma dúvida: porque o particionador automático do instalador do
   Debian reserva tão pouco espaço para /?
  
   Abraço,
  
   --
  
   ¿De dónde viene tu mentir,
   y adónde empieza tu verdad?
   ¡Parece broma tu mirar,
   llanto parece tu reír! Violeta Parra
  
  
   Gunther Furtado
   Curitiba - Paraná - Brasil
   gunfurt...@gmail.com
   sip:furta...@ekiga.net
  
  
  
 
 
 -- 
 
 Se não posso dançar, não é minha revolução Emma Goldman
 
 Gunther Furtado
 Curitiba - Paraná - Brasil
 gunfurt...@gmail.com
 skype:gunfurtado
 
 



-- 
To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1413370307.4173.2.camel@note-juliopeppe

Re: como atualizar kernel?

2014-10-15 Thread Gunther Furtado

Bom dia Julio,



Em 15 de outubro de 2014 07:51, julio santos peppe juliope...@gmail.com
escreveu:

 EU mantenho servidores linux VIRTUALIZADOS com sistemas em 8gb. USANDO O
 PADRÃO da instalação debian... tudo que faço é pelo prompt. o problema é
 querer utilizar uma isntalçao de sistema prompt para subir interfaces
 gráficas e outras coisinhas que vem junto com o gnome/KDE.
 pARA SERVIDOR FUNCIONA BEM 8GB AQUI...


Então, não usei o cd mais recente, portanto não sei quais são os tamanhos
padrão hoje. Quando fiz a instalação o padrão para o / é insuficiente
atualizar o kernel padrão debian, assim, sem qualificações.




 Em Dom, 2014-10-12 às 09:59 -0300, Gunther Furtado escreveu:
  Em 11.10.2014, sábado, Leandro disse:
 
   Nao sei o que os colegas vao achar mas por padrao 10GB e o mínimo
   para para o /.
 
 
  Bem, não é servidor, é Desktop. 1,5GB acho que estaria até de mais, mas
  definitivamente, 315MB (tamanho escolhido pelo instalador) foi muito
  pouco.
 
  Abrax,
 
 
   Em 11/10/2014 12:03, Gunther Furtado gunfurt...@gmail.com
   escreveu:
  
Prezad@s,
   
Toda vez que tento atualizar o pacote linux-image-686-pae da
testing ele tenta instalar o linux-image-3.16-2-686-pae e surge um
erro:
   
dpkg: error processing archive
/var/cache/apt/archives/linux-image-3.16-2-686-pae_3.16.3-2_i386.deb
(--unpack):
 cannot copy extracted data for
'./lib/modules/3.16-2-686-pae/kernel/drivers/scsi/megaraid.ko' to
   
 '/lib/modules/3.16-2-686-pae/kernel/drivers/scsi/megaraid.ko.dpkg-new':
unexpected end of file or stream
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
   
sempre nos drivers scsi, mas nem sempre no megaraid
   
Acho que, apesar do erro ser 'unexpected end of file or stream',
isto está relacionado à falta de espaço em /.
   
root@kidos:~# df -h
Filesystem  Size  Used Avail Use% Mounted on
/dev/sda1   315M  223M   71M  76% /
udev 10M 0   10M   0% /dev
tmpfs   200M  5,2M  195M   3% /run
tmpfs   500M   92K  500M   1% /dev/shm
tmpfs   5,0M  4,0K  5,0M   1% /run/lock
tmpfs   500M 0  500M   0% /sys/fs/cgroup
/dev/sda978G  713M   74G   1% /home
/dev/sda6   2,7G  585M  2,0G  23% /var
/dev/sda5   8,2G  3,0G  4,8G  38% /usr
tmpfs   100M  4,0K  100M   1% /run/user/109
/dev/sda8   360M  2,8M  335M   1% /tmp
tmpfs   100M  8,0K  100M   1% /run/user/1000
root@kidos:~#
   
Os modulos da versão instalada do kernel ocupam 111,0 MB.
Imaginando que o memo espaço deva ser ocupado pelos módulos novos,
é preciso liberar uns 60MB em / para conseguir atualizar o
kernel. localepurge instalado e operando, /var e /tmp em partições
separadas.
   
O diretório  /lib etá ocupando 175,3 MB, ou seja, mais de metade de
/, /bin+/bin/etc=26MB, então, se eu quiser liberar 50 MB, tenho
que apagar alguma coisa em /lib?
   
Preciso liberar 50MB em /lib:
root@kidos:~# du -kh --max-depth=1 /lib
13M/lib/udev
41K/lib/startpar
29K/lib/crda
4,2M/lib/discover
2,0K/lib/modules-load.d
19K/lib/lsb
94K/lib/terminfo
1,1M/lib/xtables
2,0K/lib/ifupdown
7,1M/lib/systemd
36K/lib/init
10K/lib/hdparm
47K/lib/security
2,0K/lib/modprobe.d
40K/lib/sysvinit
19M/lib/firmware
19M/lib/i386-linux-gnu
109M/lib/modules
171M/lib
root@kidos:~#
   
Alguém sabe dizer se tem alguma valor fora do normal na lita acima?
   
Acho que posso quebrar o sistema se apagar alguma coisa, logo, não
vou liberar espaço em /lib.
   
Vou ter que apelar para redimensionamentos de partições, é isso?
   
Uma dúvida: porque o particionador automático do instalador do
Debian reserva tão pouco espaço para /?
   
Abraço,
   
--
   
¿De dónde viene tu mentir,
y adónde empieza tu verdad?
¡Parece broma tu mirar,
llanto parece tu reír! Violeta Parra
   
   
Gunther Furtado
Curitiba - Paraná - Brasil
gunfurt...@gmail.com
sip:furta...@ekiga.net
   
   
   
 
 
  --
 
  Se não posso dançar, não é minha revolução Emma Goldman
 
  Gunther Furtado
  Curitiba - Paraná - Brasil
  gunfurt...@gmail.com
  skype:gunfurtado
 
 



 --
 To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/1413370307.4173.2.camel@note-juliopeppe

Re: Como remover o Akamaihd

2014-10-15 Thread Nelson Ramos

Obrigado pela resposta!

  Concordo que zerando o disco e reinstalando o sistema resolverá o
problema, porém se o malware entrou, deve ter uma forma de removê-lo de lá
sem reinstalar tudo, e é esse o caminho que eu gostaria de trilhar. Não
descarto a sua sugestão, mas prefiro deixar para pô-la em prática quando as
demais alternativas menos destrutivas tiverem se esgotado.

  Se mais alguém tiver alguma sugestão neste sentido será muito bem
vinda.

Obrigado a todos!

Em 15 de outubro de 2014 07:40, julio santos peppe juliope...@gmail.com
escreveu:

 O porque desse malware estar infectado em uma máquina linux, agora não
 vem mais ao caso, sugestão:

 - tudo o que você possa fazer agora dentro do sistema pode ser
 monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
 drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
 utilize o DD para apagar tudo no disco dependendo do tamanho do disco
 vai demorar um tempão e finalmente instale um linux estável e seguro da
 versão STABLE prefiro utilizar distribuições DEBIAN...

 Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
 sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
 acesso ao root dentro de sua conta de usuário

 se seguir esses passos acredito que seu pc funcionará perfeitamente
 BEM...

 é só  :P

 Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
  Boa tarde amigos listeiros.
 
 
De uns tempos para cá percebi que minha máquina, rodando o bom e
  velho sistema do pinguim, está me dando trabalho com este adware,
  malware, malditoware, seja lá como costumam chamá-lo.
 
 
A navegação está lenta, a tela é invadida por popups e ao
  acessar sites como o facebook, por exemplo, a tela de login é
  substituída por uma bem diferente da original do site.
 
 
Pesquisando na internet, achei muita coisa para windows
  (inclusive recomendações para substituí-lo por Linux), mas nada que
  atendesse ao nosso sistema. Encontrei também informações para a
  remoção desta praga de máquinas rodando mac os, mas nada para o
  pinguim.
 
 
Alguém faz alguma ideia de como me livrar desta tranqueira?
 
 
  Obrigado a todos.
 
  --
  Atenciosamente,
 
  Nelson P. Ramos
  Linux User #448514
 



 --
 To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/1413369604.4092.5.camel@note-juliopeppe




-- 
Atenciosamente,

Nelson P. Ramos
Linux User #448514

Re: Como remover o Akamaihd

2014-10-15 Thread Nelson Ramos

Esqueci de citar a sugestão proposta pelo Diego!

   Vou tentar o que sugeriu, embora acredite que não seja o caso da
infecção ser limitada somente ao navegador, uma vez que tanto o Chrome
quanto o Firefox estão com o mesmo problema.

   Tentarei instalar o Opera e, sem mais modificações ou adições de
plugins e demais complementos, testar a navegação. Se o problema não
ocorrer, provavelmente você está certo e trata-se de um problema restrito
aos navegadores. Caso contrário, o buraco é mais embaixo.

Obrigado mais uma vez.

Em 15 de outubro de 2014 13:30, Nelson Ramos nelson.pra...@gmail.com
escreveu:

 Obrigado pela resposta!

   Concordo que zerando o disco e reinstalando o sistema resolverá o
 problema, porém se o malware entrou, deve ter uma forma de removê-lo de lá
 sem reinstalar tudo, e é esse o caminho que eu gostaria de trilhar. Não
 descarto a sua sugestão, mas prefiro deixar para pô-la em prática quando as
 demais alternativas menos destrutivas tiverem se esgotado.

   Se mais alguém tiver alguma sugestão neste sentido será muito bem
 vinda.

 Obrigado a todos!

 Em 15 de outubro de 2014 07:40, julio santos peppe juliope...@gmail.com
 escreveu:

 O porque desse malware estar infectado em uma máquina linux, agora não
 vem mais ao caso, sugestão:

 - tudo o que você possa fazer agora dentro do sistema pode ser
 monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
 drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
 utilize o DD para apagar tudo no disco dependendo do tamanho do disco
 vai demorar um tempão e finalmente instale um linux estável e seguro da
 versão STABLE prefiro utilizar distribuições DEBIAN...

 Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
 sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
 acesso ao root dentro de sua conta de usuário

 se seguir esses passos acredito que seu pc funcionará perfeitamente
 BEM...

 é só  :P

 Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
  Boa tarde amigos listeiros.
 
 
De uns tempos para cá percebi que minha máquina, rodando o bom e
  velho sistema do pinguim, está me dando trabalho com este adware,
  malware, malditoware, seja lá como costumam chamá-lo.
 
 
A navegação está lenta, a tela é invadida por popups e ao
  acessar sites como o facebook, por exemplo, a tela de login é
  substituída por uma bem diferente da original do site.
 
 
Pesquisando na internet, achei muita coisa para windows
  (inclusive recomendações para substituí-lo por Linux), mas nada que
  atendesse ao nosso sistema. Encontrei também informações para a
  remoção desta praga de máquinas rodando mac os, mas nada para o
  pinguim.
 
 
Alguém faz alguma ideia de como me livrar desta tranqueira?
 
 
  Obrigado a todos.
 
  --
  Atenciosamente,
 
  Nelson P. Ramos
  Linux User #448514
 



 --
 To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/1413369604.4092.5.camel@note-juliopeppe




 --
 Atenciosamente,

 Nelson P. Ramos
 Linux User #448514




-- 
Atenciosamente,

Nelson P. Ramos
Linux User #448514

Re: Como remover o Akamaihd

2014-10-15 Thread Rodolfo

grep -r nome do malware como é exibido /*

Irá mostrar todos os arquivos que contém dentro de seu conteúdo o texto
informado.

Acho que isso já ajuda a procurar o mesmo.

Em 15 de outubro de 2014 12:30, Nelson Ramos nelson.pra...@gmail.com
escreveu:

 Obrigado pela resposta!

   Concordo que zerando o disco e reinstalando o sistema resolverá o
 problema, porém se o malware entrou, deve ter uma forma de removê-lo de lá
 sem reinstalar tudo, e é esse o caminho que eu gostaria de trilhar. Não
 descarto a sua sugestão, mas prefiro deixar para pô-la em prática quando as
 demais alternativas menos destrutivas tiverem se esgotado.

   Se mais alguém tiver alguma sugestão neste sentido será muito bem
 vinda.

 Obrigado a todos!

 Em 15 de outubro de 2014 07:40, julio santos peppe juliope...@gmail.com
 escreveu:

 O porque desse malware estar infectado em uma máquina linux, agora não
 vem mais ao caso, sugestão:

 - tudo o que você possa fazer agora dentro do sistema pode ser
 monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
 drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
 utilize o DD para apagar tudo no disco dependendo do tamanho do disco
 vai demorar um tempão e finalmente instale um linux estável e seguro da
 versão STABLE prefiro utilizar distribuições DEBIAN...

 Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
 sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
 acesso ao root dentro de sua conta de usuário

 se seguir esses passos acredito que seu pc funcionará perfeitamente
 BEM...

 é só  :P

 Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
  Boa tarde amigos listeiros.
 
 
De uns tempos para cá percebi que minha máquina, rodando o bom e
  velho sistema do pinguim, está me dando trabalho com este adware,
  malware, malditoware, seja lá como costumam chamá-lo.
 
 
A navegação está lenta, a tela é invadida por popups e ao
  acessar sites como o facebook, por exemplo, a tela de login é
  substituída por uma bem diferente da original do site.
 
 
Pesquisando na internet, achei muita coisa para windows
  (inclusive recomendações para substituí-lo por Linux), mas nada que
  atendesse ao nosso sistema. Encontrei também informações para a
  remoção desta praga de máquinas rodando mac os, mas nada para o
  pinguim.
 
 
Alguém faz alguma ideia de como me livrar desta tranqueira?
 
 
  Obrigado a todos.
 
  --
  Atenciosamente,
 
  Nelson P. Ramos
  Linux User #448514
 



 --
 To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/1413369604.4092.5.camel@note-juliopeppe




 --
 Atenciosamente,

 Nelson P. Ramos
 Linux User #448514

Re: Como remover o Akamaihd

2014-10-15 Thread Leandro

Cara monitore pelo shell a atividade ao abrir o navegador assim e mais
acertivo de mata-lo top ps iostat...
Em 15/10/2014 13:30, Nelson Ramos nelson.pra...@gmail.com escreveu:

 Obrigado pela resposta!

   Concordo que zerando o disco e reinstalando o sistema resolverá o
 problema, porém se o malware entrou, deve ter uma forma de removê-lo de lá
 sem reinstalar tudo, e é esse o caminho que eu gostaria de trilhar. Não
 descarto a sua sugestão, mas prefiro deixar para pô-la em prática quando as
 demais alternativas menos destrutivas tiverem se esgotado.

   Se mais alguém tiver alguma sugestão neste sentido será muito bem
 vinda.

 Obrigado a todos!

 Em 15 de outubro de 2014 07:40, julio santos peppe juliope...@gmail.com
 escreveu:

 O porque desse malware estar infectado em uma máquina linux, agora não
 vem mais ao caso, sugestão:

 - tudo o que você possa fazer agora dentro do sistema pode ser
 monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
 drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
 utilize o DD para apagar tudo no disco dependendo do tamanho do disco
 vai demorar um tempão e finalmente instale um linux estável e seguro da
 versão STABLE prefiro utilizar distribuições DEBIAN...

 Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
 sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
 acesso ao root dentro de sua conta de usuário

 se seguir esses passos acredito que seu pc funcionará perfeitamente
 BEM...

 é só  :P

 Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
  Boa tarde amigos listeiros.
 
 
De uns tempos para cá percebi que minha máquina, rodando o bom e
  velho sistema do pinguim, está me dando trabalho com este adware,
  malware, malditoware, seja lá como costumam chamá-lo.
 
 
A navegação está lenta, a tela é invadida por popups e ao
  acessar sites como o facebook, por exemplo, a tela de login é
  substituída por uma bem diferente da original do site.
 
 
Pesquisando na internet, achei muita coisa para windows
  (inclusive recomendações para substituí-lo por Linux), mas nada que
  atendesse ao nosso sistema. Encontrei também informações para a
  remoção desta praga de máquinas rodando mac os, mas nada para o
  pinguim.
 
 
Alguém faz alguma ideia de como me livrar desta tranqueira?
 
 
  Obrigado a todos.
 
  --
  Atenciosamente,
 
  Nelson P. Ramos
  Linux User #448514
 



 --
 To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/1413369604.4092.5.camel@note-juliopeppe




 --
 Atenciosamente,

 Nelson P. Ramos
 Linux User #448514

Re: Como remover o Akamaihd

2014-10-15 Thread Paulino Kenji Sato

Bom dia.
Esse Akamaihd parece ser somente um dessas extensões que afetam somente o
navegador. Um profile novo resolve.

Essa semana me deparei com um problema muito mais sério.
Quando instalo o debian, uma das primeiras providencias e configurar o sshd
para não aceitar login do root.
Em um host, pelo visto não fiz isso. Esse host a principio deveria ficar em
uma intranet, sem conexão com a internet. Em alguma época, tive que
configurar um redirecionamento no roteador para ter acesso a esse host,
porta 22022 mapeda para tal. A senha to root, ficou com uma facinha de
lembrar.
Outro dia enquanto estava fazendo uma manutenção nesse host, vejo na lista
do ps algo suspeito, um processo /etc/spell. Um exec rodando a partir do
/etc ? Muito suspeito.
Submeti esse arquivo ao site virustotal, deu que 19 de 54 anti-vírus
detectaram como vírus.
Ad-Aware  Linux.Mayday.C  20141015   Avast  ELF:Elknot-M [Trj]  20141015
BitDefender  Linux.Mayday.C  20141015   CAT-QuickHeal  Linux.Elknot.E61
20141015   DrWeb  Linux.DDoS.1  20141015   ESET-NOD32  Linux/Agent.W
20141015   Emsisoft  Linux.Mayday.C (B)  20141015   F-Secure
Linux.Mayday.C  20141015   GData  Linux.Mayday.C  20141015   Ikarus
DoS.Linux.Elknot  20141015   Kaspersky  HEUR:Backdoor.Linux.Mayday.h
20141015   MicroWorld-eScan  Linux.Mayday.C  20141015   Microsoft
DoS:Linux/Elknot.E  20141015   Qihoo-360  Trojan.Generic  20141015   Sophos
Linux/DDoS-AZ  20141015   Symantec  Trojan.Chikdos.B!gen1  20141015
Tencent  Linux.Backdoor.Mayday.Hoew  20141015   Zillya
Downloader.OpenConnection.JS.104102  20141015   nProtect  Linux.Mayday.C
20141015

O ClamAV diz que esta ok. Amostra enviada a eles.

Ação adequada nesse caso seria providenciar uma nova maquina e substituir,
e colocar a comprometida em quarentena. Mas, a analize inicial mostrou que
nenhum outro arquivo aparenta ter sido alterado. Além do binário /etc/spell
o rc.local foi modificado, com as seguintes linhas
/etc/init.d/iptables stop
service iptables stop
SuSEfirewall2 stop
reSuSEfirewall2 stop
chmod 0755 /etc/spell
nohup /etc/spell  /dev/null 21

um usuário chamado kang com id 0 também foi criado, com senha.

O /etc/spell e um binário estaticamente lincado.

spell: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically
linked, for GNU/Linux 2.6.4, not stripped
md5sum: 242efa8a7d52332a11a810ac069023e7
shasum: 4841ffda99f86188582b2c548fd9c1e1e98ea4ab
algumas palavras que surgem quando se usa o strings
SuSESuSE
183.60.149.219

Pela pesquisa que fiz, variações desse 'bicho estão infectando roteadores
SOHO.
Nesse caso, foi via ssh, mas nada impede que isso seja injetado por outros
meios, como bugs na shell, daemons, etc.

Uma analise de caso similar.
http://blog.malwaremustdie.org/2014/05/linux-reversing-is-fun-toying-with-elf.html

Esse caso da freenode e bem mais preocupante
https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-
freenode-irc-network-compromise/

Preocupante...



2014-10-15 13:46 GMT-03:00 Leandro leandro...@gmail.com:

 Cara monitore pelo shell a atividade ao abrir o navegador assim e mais
 acertivo de mata-lo top ps iostat...
 Em 15/10/2014 13:30, Nelson Ramos nelson.pra...@gmail.com escreveu:

 Obrigado pela resposta!

   Concordo que zerando o disco e reinstalando o sistema resolverá o
 problema, porém se o malware entrou, deve ter uma forma de removê-lo de lá
 sem reinstalar tudo, e é esse o caminho que eu gostaria de trilhar. Não
 descarto a sua sugestão, mas prefiro deixar para pô-la em prática quando as
 demais alternativas menos destrutivas tiverem se esgotado.

   Se mais alguém tiver alguma sugestão neste sentido será muito bem
 vinda.

 Obrigado a todos!

 Em 15 de outubro de 2014 07:40, julio santos peppe juliope...@gmail.com
 escreveu:

 O porque desse malware estar infectado em uma máquina linux, agora não
 vem mais ao caso, sugestão:

 - tudo o que você possa fazer agora dentro do sistema pode ser
 monitorado pelo MALWARE, portanto sugiro que salve seus dados em um pem
 drive, dê um boot com uma versão livecd do linux prefiro a rescueCD,
 utilize o DD para apagar tudo no disco dependendo do tamanho do disco
 vai demorar um tempão e finalmente instale um linux estável e seguro da
 versão STABLE prefiro utilizar distribuições DEBIAN...

 Enfim depois dessa manutenção toda, você pode instalar um clamav no seu
 sistema novo e lembre-se utilize sempre a conta de usuário, evite dar
 acesso ao root dentro de sua conta de usuário

 se seguir esses passos acredito que seu pc funcionará perfeitamente
 BEM...

 é só  :P

 Em Ter, 2014-10-14 às 14:00 -0300, Nelson Ramos escreveu:
  Boa tarde amigos listeiros.
 
 
De uns tempos para cá percebi que minha máquina, rodando o bom e
  velho sistema do pinguim, está me dando trabalho com este adware,
  malware, malditoware, seja lá como costumam chamá-lo.
 
 
A navegação está lenta, a tela é invadida por popups e ao
  acessar sites como o facebook, por exemplo, a tela de login é

Re: Hospedagem Terceirizada?!

2014-10-15 Thread Andre N Batista

On Tue, Oct 14, 2014 at 08:04:31PM -0300, Marcio Benedito (China) wrote:
 E o PRISM? Lá fora tudo é espionado. Vc não se importa com isso? Não existe 
 almoço grátis, nem barato. Baixam o preço lá fora pra poder incentivar 
 pessoas, governos e empresas a deixar dados lá pra serem vasculhados.


Acho que se você está preocupado com agências supragovernamentais, não
há muita diferença entre aqui e lá. De qualquer forma sua comunicação já
opera em um backbone gringo e passa por lá antes de ir pra qualquer
outro lugar do mundo.

A arquitetura da rede diz muito sobre nossa submissão técnico-política.


signature.asc
Description: Digital signature

Re: OT_Enlightenment Terminology-0.7 released

2014-10-15 Thread maderios


On 10/14/2014 11:35 PM, John Aten wrote:

Terminology work with full functionality (cat pictures, etc) on Debian without 
installing the whole Enlightenment window manager? For some reason, I didn't 
think this was the case.


To compile Terminology,  install all Enlightenment + Efl dev libs 
packages, of course...

It works fine with Sid and Jessie


On Oct 14, 2014, at 11:38 AM, maderios wrote:


Hi
Excellent terminal (oddly not available in Debian) named Terminology 0.7 just 
released
http://download.enlightenment.org/rel/apps/terminology/
https://www.enlightenment.org/p.php?p=downloadl=en


--
Maderios



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e19fb.80...@gmail.com

Re: piece of mind (Re: Moderated posts?)

On Ma, 14 oct 14, 17:56:58, Steve Litt wrote:
 
 Because you don't want to inextricably drag a giant monolith into your
 Desktop Environment just to do a few things.

If you compare systemd with a Desktop Environment I'm not quite sure 
who's the giant ;)

 And how were they handling
 this task before systemd? It's not like Desktops, Window Managers and
 whatever things like lightdm are called didn't exist before systemd.

ConsoleKit, unmaintained.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: piece of mind (Re: Moderated posts?)

On Ma, 14 oct 14, 22:56:15, The Wanderer wrote:
 
 Not to mention that just offhand I'm not sure I'd even know how to turn
 off basic tab completion - whereas turning off programmable tab
 completion is pretty much just a matter of not sourcing the
 tab-completion files in the effective bash environment, IIRC. (Though I
 always have to look up where to do it, every time I build a new system.)

Removing the package bash-completion (package name verified by courtesy 
of programmable tab completion) should do it ;)

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Conflict of interest in Debian

2014-10-15 Thread Jonathan Dowland

On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
 Check out what single company has 30% of the gatekeepers. Surprise,
 surprise. 

Damned for their success. We want Linux to be successful, but woe betide any
company that actually gets us there...


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015071110.ga16...@chew.redmars.org

Re: debian-advocacy?

On Ma, 14 oct 14, 18:11:31, Anders Wegge Keller wrote:
 
  I'll never hear from you again, as you are clearly getting a kick out of
 fuelling the flames.

I can assure you it is not my intention to fuel the flames, though this 
doesn't mean I couldn't be doing it anyway, inadvertently.

I hereby apologise to the list if (some of) my posts have fueled the 
flames, I'll try to be more careful about it.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: debian-advocacy?

On Mi, 15 oct 14, 15:34:22, Andrew McGlashan wrote:
 
 I'm not so sure that squeeze-lts will be supported well enough for long
 enough.  Hopefully wheezy gets good support with a wheezy-lts.

From https://wiki.debian.org/LTS

Companies using Debian who are interested in aiding this effort 
should help directly (see LTS Development below).

Importantly, the success of Squeeze-LTS will be used to judge the 
viability of LTS support for Debian 7 (wheezy) and Debian 8 
(jessie).

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: how to identify reverse dependencies?

On Mi, 15 oct 14, 15:00:22, Andrew McGlashan wrote:
 
 At a later date, everything changes ... some things later than other
 things.  I guess that gnome's version for 7.6 is too old to /need/ systemd.

As I've already said in another post, Gnome (the Desktop Environment) 
doesn't need systemd, but some interfaces that are currently only 
provided by systemd-logind (currently part of package systemd).

Using Debian package dependencies this is expressed as
Depends: libpam-systemd by those packages that actually require those 
interfaces

$ aptitude search '?depends(libpam-systemd)'
p   gdm3- GNOME 
Display Manager
p   gnome-bluetooth - GNOME 
Bluetooth tools
p   gnome-settings-daemon   - 
daemon handling the GNOME session settings
i   lightdm - 
simple display manager
i A network-manager - 
network management framework (daemon and userspace tools)
i A policykit-1 - 
framework for managing administrative policies and privileges
i A udisks2 - D-Bus 
service to access and manipulate storage devices

These are all desktop (related) packages, one should need any of these 
on a typical server.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Persistent hash sum mismatch in aptitude

On Ma, 14 oct 14, 21:57:30, Hendrik Boom wrote:
 Whenever I do an
aptitude update
 it seems to work OK, except for a series of messages at the end:
... 
 Notice that this happens with *two* mirrors.
 
 Is there something I should do to stop this?

You could try reporting this to debian-mirrors.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: debian-advocacy?

2014-10-15 Thread Anders Wegge Keller

On Wed, 15 Oct 2014 04:07:25 +1100
Scott Ferguson scott.ferguson.debian.u...@gmail.com wrote:

 Given that your only contribution to the list is outright and offensive
 hypocrisy why should you not be rightfully dismissed as an abusive and
 offensive poster who contributes nothing to the subject. I do know you
 and your work - and sadly in one post you've changed your name to mud.

 Go ahead and do that, if that makes you feel better. Just remember that it
proves my point. Suppressing dissent will not work.
-- 
//Wegge


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015094300.0a7f3...@wegge.dk

Re: piece of mind (Re: Moderated posts?)

2014-10-15 Thread Martin Read


On 14/10/14 22:56, Steve Litt wrote:

On Wed, 15 Oct 2014 00:15:40 +0300
Andrei POPESCU andreimpope...@gmail.com wrote:

As far as I understand none of the upstreams are actually requiring
systemd itself (or more accurately systemd-logind), but the
interfaces it is providing.


I fail to see the distinction.


As long as the interface is there (and works), they don't care how it's 
implemented. The interface is defined, and it certainly *looks* 
externally reimplementable.



And it also seems to make sense (why
should every Desktop Environment implement it's own solution for
this?).


Because you don't want to inextricably drag a giant monolith into your
Desktop Environment just to do a few things.


If I have seen further than other men, it is by standing on the 
shoulders of giants.


The alleged monolith does a bunch of (probably mostly neither 
interesting nor trivial) stuff for me. That means I don't have to do 
that stuff myself, and can concentrate on doing the things that are 
either interesting or trivial.


Besides, the average DE is pretty beefy itself.


And how were they handling this task before systemd?


They were using ConsoleKit, which was orphaned upstream some time after 
systemd-logind came along.



It's not like Desktops, Window Managers and whatever things like
lightdm are called didn't exist before systemd.


(For reference: things like lightdm, xdm, slim, gdm3, etc. are called 
display managers, and have been since 1988.)



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e2b7a.50...@zen.co.uk

Re: Conflict of interest in Debian

2014-10-15 Thread berenger . morel




Le 15.10.2014 09:11, Jonathan Dowland a écrit :

On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:

Check out what single company has 30% of the gatekeepers. Surprise,
surprise.


Damned for their success. We want Linux to be successful, but woe 
betide any

company that actually gets us there...


Maybe you want.
But I think that most users just want it to work fine and efficiently, 
which does not necessarily imply being sold massively around the world.


The fact is, that linux is actually a success, but it has never been 
it's objective. It's a consequence of what we like in it: freeness, 
efficiency, and stability.
Market share should not be the objective, it should stay a simple 
secondary effect.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/5c3d04630c750c113ba8e530bacbb...@neutralite.org

Re: Conflict of interest in Debian

On Mi, 15 oct 14, 10:41:12, berenger.mo...@neutralite.org wrote:
 
 Maybe you want.
 But I think that most users just want it to work fine and efficiently, which
 does not necessarily imply being sold massively around the world.
 
 The fact is, that linux is actually a success, but it has never been it's
 objective. It's a consequence of what we like in it: freeness, efficiency,
 and stability.
 Market share should not be the objective, it should stay a simple secondary
 effect.

Well said. See also this:

http://www.eyrie.org/~eagle/journal/2012-01/004.html

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: [sendmail] outgoing mail leaves dead letter

2014-10-15 Thread Brian

On Tue 14 Oct 2014 at 19:10:05 -0400, Harry Putnam wrote:

 OK, here we go.
 
 mailx -v -s TEST 141014_184452 2xd1 rea...@jtan.com  /tmp/tstmsg.txt

Two mails are being sent.

 550 5.1.1 2...@2xd1.local.lan... User unknown

This one didn't make it.
 
  Why does it go to a dead letter? 

So it was saved in dead letter.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/15102014105408.ecc6a52e8...@desktop.copernicus.demon.co.uk

Re: debian-advocacy?

2014-10-15 Thread Scott Ferguson

On 15/10/14 18:43, Anders Wegge Keller wrote:
 On Wed, 15 Oct 2014 04:07:25 +1100 Scott Ferguson 
 scott.ferguson.debian.u...@gmail.com wrote:
 
 Given that your only contribution to the list is outright and 
 offensive hypocrisy why should you not be rightfully dismissed as 
 an abusive and offensive poster who contributes nothing to the 
 subject. I do know you and your work - and sadly in one post
 you've changed your name to mud.
 
 Go ahead and do that,

Do what? Dismiss your post as a pointless criticism just as you accuse
Andrei? Your post-event permission is redundant.

 if that makes you feel better.

That claim says nothing of me and speaks volumes of you. If I felt that
way I'd just ignore you (though I draw the line at childish kill-filing).

 Just remember that it proves my point.

You conflate point with pointless.

 Suppressing dissent will not work.

You'd do well to study history instead of throwing rocks at yourself and
claiming persecution.
Do you truly believe that Andrei is being abusive and stifling
discussion? If so I hope it due to lack of sleep, and that you get some
soon, and return to being the non-misguided obnoxious Anders. I truly
believe you've serious misjudged him and your offence is pure illusion -
you have my sympathy, just short of the pity that would recommend a
biblical solution for the offence to your eye.
My sarcasm meter works well and I detect none in his postings - I don't
agree with all his views, but I can't fault the patient, polite, and
dignified way he deals with deliberate malcontents (yourself included) -
nor can I think of single occasion where he treated a poster
disrespectfully - despite more than ample justification. Perhaps you
could benefit from studying his style instead of posing as a model for
how *not* to act (effectively, if not intentionally).

Without sarcasm (lest those intolerant of humour and above critique
claim offence) - Kind regards


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e3809.4050...@gmail.com

Re: Conflict of interest in Debian

2014-10-15 Thread Brian

On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org wrote:

 Le 15.10.2014 09:11, Jonathan Dowland a écrit :
 On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
 Check out what single company has 30% of the gatekeepers. Surprise,
 surprise.
 
 Damned for their success. We want Linux to be successful, but woe
 betide any
 company that actually gets us there...
 
 Maybe you want.
 But I think that most users just want it to work fine and
 efficiently, which does not necessarily imply being sold massively
 around the world.

He's doing some of the work on Debian; others work with different
distributions. They get what they want. Users get what they want.
Everyone's a winner. :)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015100953.gc23...@copernicus.demon.co.uk

Re: OT: Re: Recipient validation - WAS: Re: Moderated posts?

On 10/14/2014 1:58 PM, Miles Fidelman mfidel...@meetinghouse.net wrote:
 Well, this really is OT for debian-users, but  Turns out that SMTP 
 WAS/IS intended to be reliable.

Reliable, absolutely. 100% reliable? That simply isn't possible when
people are involved in the equation (people mis-configure servers -
whether accidentally, through ignorance, or intentionally (just because
that is the way they want it).

 I'd always lumped SMTP in the category of unreliable protocols, w/o 
 guaranteed delivery

The protocol itself is extremely reliable. It is what people *do* with
it that can cause it to become less reliable/resilient.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e4da8.2060...@libertytrek.org

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/14/2014 12:03 PM, Tanstaafl tansta...@libertytrek.org wrote:
 The 'silly statements' reference was about your suggestion
 that it is in any way shape or form 'ok' to *accept* mail to invalid
 recipients then send it to dev/null.

Incidentally, yes there may be some circumstances where this could be
considered ok... a hobby server, or your own, personal server.

Your server, your rules.

But I'm talking about mail servers with lots of users who expect to be
able to communicate via email effectively and reliably with others on
the internet.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e4ec5.2000...@libertytrek.org

How to set up services depending on encrypted filesystems with systemd (was Re: How to do this ?)

2014-10-15 Thread Jonathan de Boyne Pollard

Jonathan Dowland:
 Next step, adjust the daemon to depend on this. In my example,
 transmission-daemon supplies a .service file in the package. Copy this to
 /etc/systemd/system, and add a line (the line prefixed +):

   [Unit]
   Description=Transmission BitTorrent Daemon
   After=network.target
  +Requires=torrents.mount
 
   [Service]
   User=debian-transmission

That's certainly the case for Debian 7, but in Debian 8 I believe that
the systemd package will have this later growth of the mechanism:

cat  /etc/systemd/system/transmission-daemon.service.d/requires-mount.conf
 EOT
[Unit]
Requires=torrents.mount
EOT
systemctl daemon-reload

Obvious intended advantage: If the transmission-daemon changes its
service unit, you'll get the change in your next package upgrade
without further explicit work updating your private local copy of the
unit file.

* https://wiki.archlinux.org/index.php/systemd#Editing_provided_unit_files
* 
https://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
* ... and, of course, the (up-to-date) manual page for systemd.unit .


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CACF=bdvdowfghwv4z2l2iub5au9n9kxmfss76m-we52fdhr...@mail.gmail.com

Re: Conflict of interest in Debian

2014-10-15 Thread berenger . morel




Le 15.10.2014 12:09, Brian a écrit :
On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org 
wrote:



Le 15.10.2014 09:11, Jonathan Dowland a écrit :
On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
Check out what single company has 30% of the gatekeepers. 
Surprise,

surprise.

Damned for their success. We want Linux to be successful, but woe
betide any
company that actually gets us there...

Maybe you want.
But I think that most users just want it to work fine and
efficiently, which does not necessarily imply being sold massively
around the world.


He's doing some of the work on Debian; others work with different
distributions. They get what they want. Users get what they want.
Everyone's a winner. :)


Maybe. But, when someone tries to sell stuff a lot, to have a big 
market share, then that guy must take a large target, which leads to 
systems which might become less stable or less efficient. And if that 
guy want to keep his market, then he'll have to avoid people escaping 
his stuff, this is why vendor locks exists.
Definitely, I hope that Debian won't take that road. It it does, then, 
I'll switch. I'm taking a look at netBSD, even if I guess that I'll have 
a hard time being successful in feeling as comfortable with it than with 
Debian.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/d03f4a85b74311e6b5c80fd2dbab9...@neutralite.org

Re: Conflict of interest in Debian

2014-10-15 Thread Scott Ferguson

On 15/10/14 22:08, berenger.mo...@neutralite.org wrote:
 
 
 Le 15.10.2014 12:09, Brian a écrit :
 On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org
 wrote:

 Le 15.10.2014 09:11, Jonathan Dowland a écrit :
 On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
 Check out what single company has 30% of the gatekeepers. Surprise,
 surprise.
 
 Damned for their success. We want Linux to be successful, but woe
 betide any
 company that actually gets us there...

 Maybe you want.
 But I think that most users just want it to work fine and
 efficiently, which does not necessarily imply being sold massively
 around the world.

I would have 'thought' all users want it to be useful - but surely I
miss your point? (was there a point? I can only work with the words you
write and it reads like sophist rhetoric, assume the first nonsense is
not and it follows that neither is the second). As far as I'm aware
Debian has *never* been sold anywhere, nor are there plans to - did I
miss another meeting down the docks?


 He's doing some of the work on Debian; others work with different
 distributions. They get what they want. Users get what they want.
 Everyone's a winner. :)
 
 Maybe. But, when someone tries to sell stuff a lot, to have a big market
 share, then that guy must take a large target, which leads to systems
 which might become less stable or less efficient. And if that guy want
 to keep his market, then he'll have to avoid people escaping his stuff,
 this is why vendor locks exists.

I could quote you Adam Smith on commerce and conspiracy - though I
seriously doubt he ever meant there are no non-business conspiracies. He
was smarter than that.

But it'd be more pertinent to note that servers cost money to run and
Debian (and the FSF) do a good job of not allowing any contributions in
labour or money to control it's production or direction. To allow the
former would be both foolish and ignore the nature of Free Open Source
Software. I can't think of any distro that doesn't accept assistance
from business.
With the possible exception of Hairshirtix (forked from
SelfFlagellantOS) but I'm pretty sure they haven't produced any actual
working code. ;)

 Definitely, I hope that Debian won't take that road. 

Likewise, and I'm sure Intel don't want RedHat driving anymore than
RedHat want Google in control - even if IBM was prepared to let them,
and in the end it's still down to the programmers. And can only buy so
much with a paycheck. (last time I checked Linus gets paid to work on
the kernel).

 It it does, then,
 I'll switch. I'm taking a look at netBSD, even if I guess that I'll have
 a hard time being successful in feeling as comfortable with it than with
 Debian.

Here's a good place to start your looking:-
http://www.netbsd.org/contrib/org/

Kind regards


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e4e85.7010...@gmail.com

Re: OT: Re: Recipient validation - WAS: Re: Moderated posts?


Tanstaafl wrote:

On 10/14/2014 1:58 PM, Miles Fidelman mfidel...@meetinghouse.net wrote:

Well, this really is OT for debian-users, but  Turns out that SMTP
WAS/IS intended to be reliable.

Reliable, absolutely. 100% reliable? That simply isn't possible when
people are involved in the equation (people mis-configure servers -
whether accidentally, through ignorance, or intentionally (just because
that is the way they want it).


I'd always lumped SMTP in the category of unreliable protocols, w/o
guaranteed delivery

The protocol itself is extremely reliable. It is what people *do* with
it that can cause it to become less reliable/resilient.



There is a technical distinction between best efforts (unreliable) 
protocols, such as IP ('fire and forget' if you will), and reliable 
protocols, such as TCP (with explicit acks and retransmits).


At least in the technical circles I run in (BBN - you know, we built the 
ARPANET; Ray Tomlinson, who coined use of the @ sign in email nominally 
worked for me, for a short period - in a matrixy version of worked 
for), SMTP is usually discussed as providing a best efforts 
(unreliable) service -- which, in reality, it is (particularly in real 
world configurations where mail often gets relayed through multiple 
servers).


So.. I was just a bit surprised to go back and read the RFC and discover 
that SMTP is explicitly intended to provide a reliable service.


As to 100% reliable - nothing is 100% reliable.

Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e6219.6030...@meetinghouse.net

preseeding question (yes, re. systemd / sysvinit-core)


Folks,

So, it's been suggested here that one might write a preseed file to 
install sysvinit-core instead of systemd - but for the life of me, I 
can't figure out how to do that.


What I've been able to determine so far:

1. There is now an essential metapackage called init that depends on one 
of systemd-sysv, or sysvinit-core, or upstart.   (parenthetical 
question: What distinguishes a metapackage from a virtual package? Or 
perhaps, more precisely, why is init defined as a metapackage rather 
than a virtual package?)


2. In order to default to systemd, priorities have been set to:

sysvinit:admin/optional
sysvinit-core:admin/extra

(see Bug Report #757650 override: sysvinit:admin/optional 
sysvinit-core:admin/extra)


What I can't seem to figure out, after perusing what documentation I can 
find for the installer, including some code spelunking is:


3. Where during installation are init related packages actually 
installed (as close as I can figure out, it's during tasksel, as part of 
base packages that are installed regardless for all answers to the 
tasksel questions, including no packages).


4. How, in a preseed file, does one identify one's preferred choice for 
meeting the dependencies of a virtual package or metapackage (in this 
case, specifically installing sysvinit-core to satisfy init's 
dependencies) - either by:

a. over-riding package priorities, or,
b. making an explicit selection of the real package to meet a dependency

Can anyone enlighten me?

Thanks!

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e5f34.6060...@meetinghouse.net

Re: piece of mind (Re: Moderated posts?)

2014-10-15 Thread Andrew McGlashan

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 15/10/2014 6:02 PM, Andrei POPESCU wrote:
 ConsoleKit, unmaintained.

But fixed, for kFreeBSD

A.

-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iF4EAREIAAYFAlQ+ZOQACgkQqBZry7fv4vtv5gEAqxefTmCV1PLqwNWgJOGeFwGD
zc00RNvDgol9E3waTeUA/3VV1gqBmLnO2dYcydok6SlSN2S53dQGK+IEpSn3kRpg
=Q1fk
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e64e7.8060...@affinityvision.com.au

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/14/2014 3:28 PM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/14/2014 12:03 PM, Tanstaafl wrote:
 On 10/14/2014 11:17 AM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/14/2014 8:05 AM, Tanstaafl wrote:
 If you think I'm kidding, please by all means go make these silly
 statements on the postfix list and I'll just sit and watch the fun.

 You don't read very well.  This has nothing to do with emails to a valid
 address.  A large amount of that spam goes to invalid addresses.  I see
 them go through the logs regularly.

 I read fine. The 'silly statements' reference was about your suggestion
 that it is in any way shape or form 'ok' to *accept* mail to invalid
 recipients then send it to dev/null.

 But you just said it was OK to delete emails.

Please don't misquote me. I said it was the *worst case*, meaning, only
marginally better than *bouncing* them, which you should never do.

I certainly did not say it was 'OK'.

 Wrong.  Rejecting garbage sends a message back to the originator,

 No, it doesn't. It closes the connection with a response code.

snip

 I know how it works.

Apparently not, since you keep saying that the RECEIVING server 'sends a
message back to the originator' - unless maybe you simply have a hard
time saying what you really mean, which always causes confusion.

 Now how often do you get an email of 1MB?

Like a large percentage of businesses, we get mail *all the time* that
is many MB's in size. Even all of the freemailers have very large max
sizes they accept now (I think gmail is up to 25MB or 30MB?).

But, I'd say 10-15% of our email traffic consists of messages that are 1MB+

And yes, even lots of spam now has larger attachments (even seen them
over 2MB, though not very often).

 If I reject the mail at the RCPT-TO stage, then I only accepted a few
 bytes of traffic before terminating the connection with an SMTP response
 (error) code. The connecting machine then decides whether to pass the
 response back or not (again, a few bytes at most).

 That's your option.

No, it is the right thing to do.

 If you *accept* the mail, then you accepted the entire 1MB of traffic.

 So, who is responsible for more traffic in such a case?

 Sure.

Thank you for acknowledging that at least this argument in support of
breaking recipient validation (that rejecting emails results in more
traffic than accepting/deleting them) is wrong. We're making progress.

 But spammers don't know whether it is a good address or not.

Nor do they if I reject the transaction way before the RCPT-TO stage,
which postscreen does *very* well, which is what happens most of the time.

Also, my understanding is that there the vast majority of spammers no
longer engage in dictionary attacks to harvest valid email addresses.

 I said NOTHING about security.  I just don't want them to know what the
 valid email addresses are.

In my mind saying 'I am doing this because I don't want them to know
what the valid email addresses are' is the exact same thing as saying 'I
am doing this for security purposes.'.

 That way they don't send more SPAM to the good addresses.

It isn't about how much spam is targeted at your users, it is about how
much gets through, and an effective anti-spam solution block 99+% of it
- *without* breaking SMTP. And again, my understanding is that there the
vast majority of spammers no longer engage in dictionary attacks to
harvest valid email addresses, so you are continuing to break smtp for
your users and getting very little to no real world value out of it.

 Passwords, by their very nature, are intended to be
 difficult/impossible to 'guess'.

 To suggest that this is even in the same universe as 'security through
 obscurity' is ludicrous.

 Then what is that if it isn't obscurity?

I didn't say it wasn't 'obscurity', I said it wasn't *security through
obscurity*. The first is a simple word that has a very broad and
general meaning. The second has a very specific and limited meaning.

 You don't necessarily need to explictly violate any give RFC to 'break
 SMTP', Jerry.

 Breaking recipient validation defacto breaks SMTP. It tells the sending
 server that everything is OK, when it isn't. It allows someone who

 Tell me what RFC I am violating.  Unless I am violating an RFC, there is
 no breaking of SMTP.

Objection: asked and answered (see directly above).

 No one should. What I do care about is if the President of NBC typos an
 email address to our President when sending an important email, I want
 him to know the email didn't make it.

 And what if he sends a letter, but misaddresses the letter?

He'll (hopefully) know about it when it gets returned, because his
secretary (hopefully) isn't stupid and puts the correct return address
on it.

 Please explain what is *Seriously Fraudulent* or *otherwise
 inappropriate* about a typo in the recipient address of an otherwise
 perfectly legitimate email, Jerry.

 How many valid emails do you get to a bad email address?

Please answer the

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/14/2014 3:20 PM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/14/2014 11:24 AM, Tanstaafl wrote:
 However, once a message has been accepted - ie, *after* the DATA phase
 is complete, it should never be bounced, it should be delivered - or,
 worse, quarantined, or worst case, deleted (ie, itf it is later found to
 contain a malicious payload).
 
 But I was speaking mainly toward the botnet junk that postscreen is so
 good at rejecting now, and that is the vast majority...

 And that is exactly what I do - I delete the email.

Right... the 'worst case' (with the exception of bouncing) I mentioned
above.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e6611.9040...@libertytrek.org

Re: Conflict of interest in Debian

2014-10-15 Thread Mike McGinn

Comments inline below:

On Wednesday, October 15, 2014 06:37:57 Scott Ferguson wrote:
 On 15/10/14 22:08, berenger.mo...@neutralite.org wrote:
  Le 15.10.2014 12:09, Brian a écrit :
  On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org
  
  wrote:
  Le 15.10.2014 09:11, Jonathan Dowland a écrit :
  On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
  Check out what single company has 30% of the gatekeepers. Surprise,
  surprise.
  
  Damned for their success. We want Linux to be successful, but woe
  betide any
  company that actually gets us there...
  
  Maybe you want.
  But I think that most users just want it to work fine and
  efficiently, which does not necessarily imply being sold massively
  around the world.
 
 I would have 'thought' all users want it to be useful - but surely I
 miss your point? (was there a point? I can only work with the words you
 write and it reads like sophist rhetoric, assume the first nonsense is
 not and it follows that neither is the second). As far as I'm aware
 Debian has *never* been sold anywhere, nor are there plans to - did I
 miss another meeting down the docks?
 
  He's doing some of the work on Debian; others work with different
  distributions. They get what they want. Users get what they want.
  Everyone's a winner. :)
  
  Maybe. But, when someone tries to sell stuff a lot, to have a big market
  share, then that guy must take a large target, which leads to systems
  which might become less stable or less efficient. And if that guy want
  to keep his market, then he'll have to avoid people escaping his stuff,
  this is why vendor locks exists.
 
 I could quote you Adam Smith on commerce and conspiracy - though I
 seriously doubt he ever meant there are no non-business conspiracies. He
 was smarter than that.
 
I used to run Red Hat on some of my servers. We paid RH for support. Years ago 
when I worked for Philips T  M we sold service contracts. The economic 
incentives for the seller are much the same as when you sell support. You make 
the most money when you supply the least support. That would give RH an 
economic incentive to make sure things are as reliable as possible. Businesses 
buy these contracts because they can not afford downtime. The upside for the 
business is they have a contract specifying a response. It is expensive to 
send folks out to fix stuff. Red Hat contributes a lot of patches. They pay 
people to work on the kernel. IBM employs the author of Postfix who provides 
support on the Postfix list. These companies are investing in Linux because it 
makes economic sense for them to have Linux as solid and reliable as possible.

We all benefit from these investments.

 But it'd be more pertinent to note that servers cost money to run and
 Debian (and the FSF) do a good job of not allowing any contributions in
 labour or money to control it's production or direction. To allow the
 former would be both foolish and ignore the nature of Free Open Source
 Software. I can't think of any distro that doesn't accept assistance
 from business.
 With the possible exception of Hairshirtix (forked from
 SelfFlagellantOS) but I'm pretty sure they haven't produced any actual
 working code. ;)
 
  Definitely, I hope that Debian won't take that road.
 
 Likewise, and I'm sure Intel don't want RedHat driving anymore than
 RedHat want Google in control - even if IBM was prepared to let them,
 and in the end it's still down to the programmers. And can only buy so
 much with a paycheck. (last time I checked Linus gets paid to work on
 the kernel).

Another thing to note is that people have to eat. If companies like IBM and RH 
did not pay developers to work on Linux those people would have to work 
somewhere else. Maybe they would be at Google, Microsoft or Facebook. I have 
been hearing a lot of unwarranted chatter about the evils of the PID 1 
replacement because Red Hat used. I do not hear so much about people pulling 
the patches contributed by Red Hat out of the kernel.

All you people are accomplishing is raising the price of tinfoil.


 
  It it does, then,
  I'll switch. I'm taking a look at netBSD, even if I guess that I'll have
  a hard time being successful in feeling as comfortable with it than with
  Debian.

 
 Here's a good place to start your looking:-
 http://www.netbsd.org/contrib/org/
 
 Kind regards
-- 
Mike McGinn KD2CNU
Be happy that brainfarts don't smell.
No electrons were harmed in sending this message, some were inconvenienced.
** Registered Linux User 377849

Re: preseeding question (yes, re. systemd / sysvinit-core)

2014-10-15 Thread Jonathan Dowland

On Wed, Oct 15, 2014 at 07:49:08AM -0400, Miles Fidelman wrote:
 1. There is now an essential metapackage called init that depends on
 one of systemd-sysv, or sysvinit-core, or upstart.   (parenthetical
 question: What distinguishes a metapackage from a virtual package?
 Or perhaps, more precisely, why is init defined as a metapackage
 rather than a virtual package?)

A virtual package doesn't exist, but is listed in Provides: or Requires: fields
in other packages.

A metapackage does exist, but doesn't contain any files, so only it's metadata
is relevant.

You may need a metapackage rather than a virtual package for upgrade
situations. A metapackage can provide: something else, can Replaces: something
else, etc.; whereas a virtual package can't (because it doesn't exist.)

 4. How, in a preseed file, does one identify one's preferred choice
 for meeting the dependencies of a virtual package or metapackage (in
 this case, specifically installing sysvinit-core to satisfy init's
 dependencies) - either by:
 a. over-riding package priorities, or,
 b. making an explicit selection of the real package to meet a dependency

I *think* that if the dependency is already satisfied by another package
selection, the resolver won't go out and try to satisfy it with another, as of
yet unmarked package.  So if you have d-i pkgsel/include string sysvinit-core
systemd-shim or similar, the resolver shouldn't then select systemd to satisfy
the init dependency, as it is already satisfied.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015124455.ga25...@chew.redmars.org

Re: Conflict of interest in Debian

2014-10-15 Thread berenger . morel




Le 15.10.2014 12:37, Scott Ferguson a écrit :

On 15/10/14 22:08, berenger.mo...@neutralite.org wrote:



Le 15.10.2014 12:09, Brian a écrit :

On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org
wrote:


Le 15.10.2014 09:11, Jonathan Dowland a écrit :
On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
Check out what single company has 30% of the gatekeepers. 
Surprise,

surprise.

Damned for their success. We want Linux to be successful, but woe
betide any
company that actually gets us there...

Maybe you want.
But I think that most users just want it to work fine and
efficiently, which does not necessarily imply being sold massively
around the world.


I would have 'thought' all users want it to be useful - but 
surely I
miss your point? (was there a point? I can only work with the words 
you
write and it reads like sophist rhetoric, assume the first nonsense 
is

not and it follows that neither is the second). As far as I'm aware
Debian has *never* been sold anywhere, nor are there plans to - did I
miss another meeting down the docks?


I have never seen Debian sold either. But I was replying to a mail 
speaking about linux (which is, indirectly, sold with a lot of devices).
My point is that there is no need to linux to have commercial 
sex-appeal to work fine and efficiently, or to make it useful. The fact 
that companies uses it in their products is simply because it suits 
their needs better than the alternatives they have checked.






He's doing some of the work on Debian; others work with different
distributions. They get what they want. Users get what they want.
Everyone's a winner. :)


Maybe. But, when someone tries to sell stuff a lot, to have a big 
market
share, then that guy must take a large target, which leads to 
systems
which might become less stable or less efficient. And if that guy 
want
to keep his market, then he'll have to avoid people escaping his 
stuff,

this is why vendor locks exists.


I could quote you Adam Smith on commerce and conspiracy - though I
seriously doubt he ever meant there are no non-business conspiracies. 
He

was smarter than that.

But it'd be more pertinent to note that servers cost money to run and
Debian (and the FSF) do a good job of not allowing any contributions 
in

labour or money to control it's production or direction. To allow the
former would be both foolish and ignore the nature of Free Open 
Source

Software. I can't think of any distro that doesn't accept assistance
from business.


I never said that Debian, or whatever free software, should refuse 
contributions because the contributor is financially interested by the 
quality of the project. I simply said that big companies' input is not 
necessary (not that it's not useful), and I think I can argue that, 
AFAIK, either linux or debian, started without such inputs. If there is 
now that kind of input, it's good, but it's not because those projects 
wanted to seduce those big companies.



Here's a good place to start your looking:-
http://www.netbsd.org/contrib/org/

Kind regards


Indeed.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/9d47fbbc3844c2457dce6e39459c2...@neutralite.org

Re: piece of mind (Re: Moderated posts?)

On 10/15/2014 at 04:08 AM, Martin Read wrote:

 On 14/10/14 22:56, Steve Litt wrote:
 
 On Wed, 15 Oct 2014 00:15:40 +0300 Andrei POPESCU
 andreimpope...@gmail.com wrote:

 And it also seems to make sense (why should every Desktop
 Environment implement it's own solution for this?).

 And how were they handling this task before systemd?
 
 They were using ConsoleKit, which was orphaned upstream some time
 after systemd-logind came along.

And how were they handling it (or an analogous / equivalent task) before
ConsoleKit, and the other *kit thingies, became a thing?

I suspect that the answer is they just didn't provide the functionality
which ConsoleKit, and later systemd-logind, now enable them to provide,
but I'm not aware - in a clear-understanding, defined-boundaries sense -
of exactly what that functionality is, or of why it would be necessary
or otherwise valuable, or of what the problem is which that
functionality was intended to address.

I have a similar lack of awareness and/or understanding about all of the
*kit packages / projects / tools / what-have-you, actually; I'm not
positive I even know how many there are, much less all of their names.
This has probably contributed to the lack of that awareness /
understanding, since any partial explanation I see for one of them gets
partly conflated with and/or applied to the other(s?), and the whole
thing gets muddied by that mire.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: piece of mind (Re: Moderated posts?)

On 10/14/2014 at 04:15 PM, Olav Vitters wrote:

 On Sun, Oct 12, 2014 at 06:18:01PM +0200, lee wrote:
 
 Considering that the users are Debians' priority, couldn't this
 issue be a case in which significant concerns from/of the users
 about an issue might initiate a GR?  Wouldn't it speak loudly for
 Debian and its ways and for what it stands for, or used to stand
 for, if it was established procedure that issues arising
 significant concerns amongst the users can lead to a GR?
 
 I'm sure we could find quite a few supporters for having a GR
 amongst the users (here).  And after all, we're all kinda stuck in
 the same boat.  A GR might have the potential to make the gap
 between users and devs/maintainers a lot smaller.  Otherwise, this
 gap will only continue to become wider and wider.
 
 Debian is known for focussing a lot on focussing on quality.
 Upgrading from one version to the next is expected to be utterly
 smooth. Any bug encountered is exceptional.

Definitions of what constitutes utterly smooth may vary, however.


The should upgrading from wheezy to jessie automatically switch the
init system to systemd, unless the admin has taken some sufficiently
clear action to prevent it? question is one possible example. One side
of that debate seems to think that a properly smooth upgrade requires
that such an automatic switch take place (because otherwise the init
system doesn't get upgraded to what would be put in place by a new
install, so the upgrade can't be said to have actually completed);
another seems to think that a properly smooth upgrade requires that such
an automatic switch *not* take place (because of the chance of breaking
existing local configuration, among possibly other things).


For another example: some time ago, on debian-devel, the question arose
of whether it's reasonable to expect people to reboot promptly after
installing e.g. a new kernel, or a new init system. While of course you
can't expect to gain any functionality advantage from the
newly-installed software until the reboot in those cases, it still seems
reasonable to me to expect that no previously-existing functionality
will be *lost* in the window between such an upgrade and the next reboot.

However, at least one of the systemd Debian maintainers stated in that
discussion that while having a keep going as normal and reboot at
leisure scenario work smoothly would be nice, he does not consider it a
hard requirement. (The functionality at hand apparently included, but
was not necessarily limited to, power-management functionality - such as
the reboot button. I think that particular piece of functionality may
have been addressed since then, but the larger principle still exists.)

I think that for such a scenario to not work would place the upgrade
outside the bounds of what constitutes utterly smooth, and I would
consider any such functionality loss to be a bug - quite possibly an RC
bug. The maintainer in question, at least, does not appear to think
that; he does appear to agree that it would be a bug, but a minor one at
best. Thus, definitions vary, Q.E.D..

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/14/2014 at 03:28 PM, Jerry Stuckle wrote:

 On 10/14/2014 12:03 PM, Tanstaafl wrote:
 
 On 10/14/2014 11:17 AM, Jerry Stuckle jstuc...@attglobal.net
 wrote:

 Wrong on two counts.  First of all, the false notion Security
 through obscurity *never* works.  This has nothing to do with
 security.

 And BTW, that statement is also wrong - why do you think people
 are encouraged to use obscure passwords if it doesn't work? But
 that's another subject.
 
 Lol! Not even in the same ballpark, Jerry. Passwords, by their
 very nature, are intended to be difficult/impossible to 'guess'.
 
 To suggest that this is even in the same universe as 'security
 through obscurity' is ludicrous.
 
 Then what is that if it isn't obscurity?

Security by obscurity isn't no one knows the password or no one
knows the account name; it's something more like no one knows there's
a place to enter an account name or a password.

It isn't no one knows how to unlock the door; it's no one knows where
the door is, or even closer, no one knows that there even is a door.

(There's a mall near where I live which has an out-of-the-way door which
is never locked at any hour, and which does not appear to be covered by
security cameras. As far as I can tell, the after-hours security there
relies entirely on the fact that the general public does not know the
door exists. That's security by obscurity.)

I'm not entirely positive on which side of that distinction this
situation falls, overall. Keeping passwords secret is definitely not
security by obscurity, but concealing the fact that a given account
exists may arguably be.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: OT: Re: Recipient validation - WAS: Re: Moderated posts?

2014-10-15 Thread Joel Rees

On Wed, Oct 15, 2014 at 9:01 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
Tanstaafl wrote:

On 10/14/2014 1:58 PM, Miles Fidelman mfidel...@meetinghouse.net wrote:

Well, this really is OT for debian-users, but Turns out that SMTP
WAS/IS intended to be reliable.

Reliable, absolutely. 100% reliable? That simply isn't possible when
people are involved in the equation (people mis-configure servers -
whether accidentally, through ignorance, or intentionally (just because
that is the way they want it).

I'd always lumped SMTP in the category of unreliable protocols, w/o
guaranteed delivery

The protocol itself is extremely reliable. It is what people *do* with
it that can cause it to become less reliable/resilient.

There are three ways in which machines can be unreliable.

One, they can break.

Two, they can do what they are told to do, but what they are told to
do can be wrong.

Three, they can operate in a context in which they were not designed to operate.

Unfortunately, most machines operated outside the context in which
they were designed to operate. It's a limitation of design. We are the
designers, and we can't think of everything, therefore we cannot
really design for a real context.

Put another way, any context we can design for is necessarily more
constrained than reality.

Fortunately, most of the contexts we design for are close enough to
be useful under many real contexts. But we have to quit being taken by
surprise when our machines hit corner cases, or we end up wasting our
energy being surprised.

That's one of the reasons the Requests For Comments were RFCs and not
standards dictated from on high (like many of the earlier network
definitions that ended up too inflexible).

There is a technical distinction between best efforts (unreliable)
protocols, such as IP ('fire and forget' if you will), and reliable
protocols, such as TCP (with explicit acks and retransmits).

At least in the technical circles I run in (BBN - you know, we built the
ARPANET; Ray Tomlinson, who coined use of the @ sign in email nominally
worked for me, for a short period - in a matrixy version of worked for),
SMTP is usually discussed as providing a best efforts (unreliable) service
-- which, in reality, it is (particularly in real world configurations where
mail often gets relayed through multiple servers).

So.. I was just a bit surprised to go back and read the RFC and discover
that SMTP is explicitly intended to provide a reliable service.

If it is, that has changed.

Elsewhere from the part you quoted, there used to be an explanation of
the self-contradictory nature of the requirements.

Specifically, machines cannot actually (the illusions of PKI becoming
widely accepted notwithstanding) certify delivery. That requires a
human at both ends of the chain, in addition to the possibly human
sender and recipient. RFC 821 messages were intended not to require
any human in the chain.

If that has changed, it would be the unreasoning demands of people who
want e-mail to perfect in ways snail mail only almost could be in the
best of times: people who want to be able to do things like sue other
people for not complying with obscure rules when informed of those
rules by e-mail.

As to 100% reliable - nothing is 100% reliable.

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is. Yogi Berra

--
Joel Rees

Be careful when you see conspiracy.
Look first in your own heart,
and ask yourself if you are not your own worst enemy.
Arm yourself with knowledge of yourself.

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CAAr43iP9t8iJYmPNLkVw_Pg8UAJYHHZeacftZ=fm_rt2cr1...@mail.gmail.com

Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Jape Person


Hi, folks!

Sorry about the title. I'm just addicted to movie titles from the 60s.

(-:

I am seeing this during the boot sequence on a Debian testing 
installation. Sometimes it is actually left showing on TTY1 after the DM 
(lightdm in this case) comes up, and sometimes not.


From TTY1
...
systemd-gpt-auto-generator[152]: Failed to determine partition table 
type of /dev/sda: Input/output error

...

So, I checked dmesg:

From dmesg
...[4.853751] systemd-gpt-auto-generator[154]: Failed to determine 
partition table type of /dev/sda: Input/output error
[4.854298] systemd[151]: 
/lib/systemd/system-generators/systemd-gpt-auto-generator failed with 
error code 1.

... and later on ...
[12650.204616] systemd-gpt-auto-generator[7555]: Failed to determine 
partition table type of /dev/sda: Input/output error

...

I looked in the BTS and couldn't even find a package named 
systemd-gpt-auto-generator, much less a bug that had been filed for it. 
I guess it's a routine or function name?


The drive came originally from Lenovo (T520i) with and MSDOS parititon 
table. I just used the standard partition scheme provided by the netinst 
d-i (testing), so there are only /dev/sda1 and the swap partition 
present. I used ext4 as the file system.


I'm also having the drive checked by smartmontools at boot time and have 
received no warnings. In addition, I run fsck -Cfat ext4 on the drive 
at boot time every week with no untoward signs.


This has been happening for a couple of weeks, and I haven't seen any 
odd behaviors from the system. Nevertheless, I thought I ought to check 
to see if anyone thinks this is likely to indicate that I'm about to get 
bit in the butt.


It would also be nice to know why I'm seeing this only on this 
particular system and not on any of the other three systems with very 
similar Debian testing installations on them.


Thanks!

Jape


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e813a.5040...@comcast.net

Re: Conflict of interest in Debian

2014-10-15 Thread John Hasler

Steve Litt writes:
 Check out what single company has 30% of the gatekeepers. Surprise,
 surprise.

Better Red Hat than just about anybody else.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87iojlcsed@thumper.dhh.gt.org

Re: Conflict of interest in Debian

2014-10-15 Thread Joel Rees

2014/10/15 1:47 Brian a...@cityscape.co.uk:

 On Tue 14 Oct 2014 at 12:06:11 -0400, Henning Follmann wrote:

  On Tue, Oct 14, 2014 at 11:02:10AM -0400, Steve Litt wrote:
   On Tue, 14 Oct 2014 08:05:06 -0400
   Henning Follmann hfollm...@itcfollmann.com wrote:
  
On Tue, Oct 14, 2014 at 07:56:40AM -0400, Marty wrote:
 It seems like free software employment and market share come with
 increasing risk to objectivity and technical quality. It's my main
 concern as a Debian user, as I consider recent trends.

 I hope that Debian members consider an amendment to restrict voting
 rights for members who have a financial interest in Debian or in any
 project used by Debian, to promote and protect the public interest.


   
Why, what is the reason for that? Explain why they are less objective
or anyone having no financial interest is more objective.
  
   You know darn well, Henning. In anything, not just Linux, not just
   Debian, not just systemd, when somebody has the responsibility of doing
   the best thing for the community or other entity, but they also have a
   financial stake in which way the thing goes, they have a huge incentive
   to vote in a way detrimental to the community or other entity. This is
   why bribery is a crime.
  
 
  Well thanks for pointing that out. But this effort can be seen as a way to
  tilt the voting based on one aspect. And this being _systemd_. Now a group
  has identified that another group with financial interest is more likely
  to vote for sytemd. So lets disenfranchise those. That is equally bad.
 
  And second financial interest != bribery. This is a very distorted view.
  My work is based on debian as a development platform. So I do have a
  financial interest in debian being a stable platform. So I shall be
  disenfranchised?

 The depths are really beginning to be plumbed. We have a proposer of an
 resolution linking financial gain with the work people do in their free
 time to give us a free OS. This is rapidly followed by a seconder who
 has found another bandwaggon to jump on. All this is supposed to be for
 the benefit of Debian.

 Give me swearing in posts rather than innuendo and attempted character
 assassination of a group dedicated workers.

Do you realize that a lot of your posts, jumping on anti-systemd
topics, might appear, to casual examination, to be innuendo and/or
character assassination?

Any time people believe strongly in something, it becomes difficult to
examine their own position carefully. (That's part of the meaning of
my other sig.)

You need to understand. We have a bunch of old fogies, including
myself, whose training included the KISS mantra, Murphy's laws, the
proverb, Fast, correct, delivered on time, pick any two., another
proverb about how computers excel at making mistakes at high speed,
another about how the computer could only do exactly what you told it
to, so that bug is your fault, and many other metaphors that helped us
understand the limits of the machine that is easy to see as a magic
box.

That last one is no longer true. You often don't know who wrote the
compilers or libraries you use or how they interpreted the standards,
so the best you can do is try to avoid corner cases and areas of known
disagreement.

Looking at the architecture and goals of systemd is, for me, like
seeing the world turned upside down. (I could be more explicit, but
I'm fully aware by now how it would be received here.) I look at the
code and it does not reassure me in the slightest, even though,
superficially, the code has significantly improved over the last year.

You have to understand that. For people who were trained the way I
was, systemd proves itself completely wrong by design. Any attempt to
defend it is already tainted, and it's hard to work around that point
of view.

I know that we have a different set of expectations. Nanosecond
instruction timings and multi-gigabytes of main memory make some
things that were impossible to even consider when I was in college
something in the way of commonplace now. Cellphones? My feature
phone has more raw horsepower and more memory than any of the
computers I used in college.

(Unfortunately, I can't run a C compile on it, and sometimes the irony
of that is a bit painful. Maybe that pain is part of why systemd gets
my back up.)

Some things become possible. Some do not. Instructions still take
time, and they just basically aren't going to get any faster with any
of the technology that we have any Moore.

systemd tries to do too much, and fixing the corner cases will kill it
eventually. Processors aren't going to get faster and save the day
like they have with so many formerly impossible things.

Hopefully, by that point, Poettering will cease to believe he's
Supercoder and start having systemd delegate the hard stuff. Or
someone will fork the code and fix what he is refusing to fix.

He could have designed it that way from the start, but then it would

Re: how to identify reverse dependencies?

Thanks to those who've provided scripts and pointers to apt- 
capabilities.  But...  both out of curiosity and practicality - to the 
Debian developers out there - are there any tools on the SCM or build 
servers that run dependency graphs across the package database?


Miles Fidelman

Andrew McGlashan wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 14/10/2014 8:09 PM, Andrei POPESCU wrote:

aptitude search '?depends(^systemd$)'

# aptitude search '?depends(^systemd$)'
Wednesday 15 October 14:54:30 EST 2014 -- search ?depends(^systemd$)
p   libpam-systemd
   - system and service manager - PAM module
p   lighttpd
   - fast webserver with minimal memory footprint
p   live-config-systemd
   - Live System Configuration Scripts (systemd backend)
p   systemd-gui
   - system and service manager - GUI
p   systemd-sysv
   - system and service manager - SysV links


That's on a standard wheezy 7.6 system at this time.

I don't have gnome installed, but on wheezy, systemd is not a depend for
gnome:

# aptitude show gnome
Wednesday 15 October 14:56:38 EST 2014 -- show gnome
Package: gnome
State: not installed
Version: 1:3.4+7+deb7u1
Priority: optional
Section: gnome
Maintainer: Debian GNOME Maintainers
pkg-gnome-maintain...@lists.alioth.debian.org
Architecture: amd64
Uncompressed Size: 53.2 k
Depends: gnome-core (= 1:3.4+7+deb7u1), desktop-base,
network-manager-gnome (= 0.9.4), aisleriot (= 1:3.4), cheese (= 3.4),
evolution (= 3.4), evolution-plugins (= 3.4),
  file-roller (= 3.4), gedit (= 3.4), gnome-color-manager (=
3.4), gnome-documents (= 0.4), gnome-games (= 1:3.4), gnome-nettool
(= 3.2), nautilus-sendto (= 3.0),
  gnome-orca (= 3.4), rygel-preferences (= 0.14), seahorse (=
3.4), totem (= 3.0), vinagre (= 3.4), alacarte (= 0.13.4),
avahi-daemon, gimp (= 2.8), gnome-media (=
  3.4), gnome-tweak-tool (= 3.4), hamster-applet (= 2.91.3),
inkscape (= 0.48), libreoffice-gnome, libreoffice-writer | abiword (=
2.8), libreoffice-calc | gnumeric (=
  1.10), libreoffice-impress, rhythmbox (= 2.96), shotwell,
simple-scan, sound-juicer (= 3.4), tomboy (= 1.10) | gnote,
tracker-gui, transmission-gtk, xdg-user-dirs-gtk,
  cups-pk-helper (= 0.2), gedit-plugins (= 3.4), gnome-applets
(= 3.4), gnome-shell-extensions (= 3.4), gstreamer0.10-ffmpeg (=
0.10.13), gstreamer0.10-plugins-ugly (=
  0.10.19), rhythmbox-plugins, rhythmbox-plugin-cdrecorder,
rygel-playbin, rygel-tracker, telepathy-gabble, telepathy-rakia,
telepathy-salut, totem-plugins, libgtk2-perl (=
  1:1.130)
Recommends: browser-plugin-gnash, gdebi, gnome-games-extra-data (=
3.0), nautilus-sendto-empathy, telepathy-idle
Suggests: dia-gnome, gnome-boxes, gnucash, libreoffice-evolution,
planner, iceweasel-l10n-all, xul-ext-adblock-plus, xul-ext-gnome-keyring
Description: Full GNOME Desktop Environment, with extra components
  This is the GNOME Desktop environment, an intuitive and attractive
desktop, with extra components.

  This meta-package depends on the standard distribution of the GNOME
desktop environment, plus a complete range of plugins and other
applications integrating with GNOME and Debian,
  providing the best possible environment to date.


At a later date, everything changes ... some things later than other
things.  I guess that gnome's version for 7.6 is too old to /need/ systemd.

A.

-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iF4EAREIAAYFAlQ98U4ACgkQqBZry7fv4vsKsgD/ScNMGf7q4cQW9BbZ3NNAxvUN
r6msHDtkuylCy+oRD18BAJnhcfU5ojqj6l2eB2X6Hq2d9ylzcd/oKhnbsjkNVtAr
=yMUJ
-END PGP SIGNATURE-





--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e93ed.9070...@meetinghouse.net

Re: Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Sven Joachim

On 2014-10-15 16:14 +0200, Jape Person wrote:

 I am seeing this during the boot sequence on a Debian testing
 installation. Sometimes it is actually left showing on TTY1 after the
 DM (lightdm in this case) comes up, and sometimes not.

 From TTY1
 ...
 systemd-gpt-auto-generator[152]: Failed to determine partition table
 type of /dev/sda: Input/output error
 ...

 So, I checked dmesg:

 From dmesg
 ...[4.853751] systemd-gpt-auto-generator[154]: Failed to determine
 partition table type of /dev/sda: Input/output error
 [4.854298] systemd[151]:
 /lib/systemd/system-generators/systemd-gpt-auto-generator failed with
 error code 1.
 ... and later on ...
 [12650.204616] systemd-gpt-auto-generator[7555]: Failed to determine
 partition table type of /dev/sda: Input/output error
 ...

 I looked in the BTS and couldn't even find a package named
 systemd-gpt-auto-generator, much less a bug that had been filed for
 it. I guess it's a routine or function name?

It's a program that is part of the systemd package.  See the manpage for
what it does.

 It would also be nice to know why I'm seeing this only on this
 particular system and not on any of the other three systems with very
 similar Debian testing installations on them.

Can you please show your /etc/fstab file and the output of
fdisk -l /dev/sda ?

Cheers,
   Sven


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/8738apuz1g@turtle.gmx.de

Re: Recipient validation - WAS: Re: Moderated posts?

2014-10-15 Thread Jerry Stuckle

On 10/15/2014 8:14 AM, Tanstaafl wrote:
 On 10/14/2014 3:28 PM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/14/2014 12:03 PM, Tanstaafl wrote:
 On 10/14/2014 11:17 AM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/14/2014 8:05 AM, Tanstaafl wrote:
 If you think I'm kidding, please by all means go make these silly
 statements on the postfix list and I'll just sit and watch the fun.

 You don't read very well.  This has nothing to do with emails to a valid
 address.  A large amount of that spam goes to invalid addresses.  I see
 them go through the logs regularly.

 I read fine. The 'silly statements' reference was about your suggestion
 that it is in any way shape or form 'ok' to *accept* mail to invalid
 recipients then send it to dev/null.
 
 But you just said it was OK to delete emails.
 
 Please don't misquote me. I said it was the *worst case*, meaning, only
 marginally better than *bouncing* them, which you should never do.
 
 I certainly did not say it was 'OK'.
 

You said it was OK.  You may try to attack conditions to it - but you
still said it was OK.

 Wrong.  Rejecting garbage sends a message back to the originator,
 
 No, it doesn't. It closes the connection with a response code.
 
 snip
 
 I know how it works.
 
 Apparently not, since you keep saying that the RECEIVING server 'sends a
 message back to the originator' - unless maybe you simply have a hard
 time saying what you really mean, which always causes confusion.
 

Yes, I do.  And it does send a message back to the originator - it may
only be a status code, but it is still a message.

 Now how often do you get an email of 1MB?
 
 Like a large percentage of businesses, we get mail *all the time* that
 is many MB's in size. Even all of the freemailers have very large max
 sizes they accept now (I think gmail is up to 25MB or 30MB?).
 

Provide figures for your claim of a large percentage of businesses.
Seldom do I see messages that big on ANY of my systems.  Additionally,
often times ISPs will limit the size of messages users can send.  And
many systems have limits on how much storage email can take up.  Just
because a couple of free email services accept larger messages does not
mean EVERYONE does.

 But, I'd say 10-15% of our email traffic consists of messages that are 1MB+
 

For my systems, it is  1%.  And the average email size is around 20-30K.

 And yes, even lots of spam now has larger attachments (even seen them
 over 2MB, though not very often).
 

Yes, spam with trojans and viruses often have large attachments.  But
those are quickly taken care of by the antivirus routines.

 If I reject the mail at the RCPT-TO stage, then I only accepted a few
 bytes of traffic before terminating the connection with an SMTP response
 (error) code. The connecting machine then decides whether to pass the
 response back or not (again, a few bytes at most).
 
 That's your option.
 
 No, it is the right thing to do.
 

According to which RFC?  Until you can point me to what RFC I am
violating, it is just your opinion.

 If you *accept* the mail, then you accepted the entire 1MB of traffic.

 So, who is responsible for more traffic in such a case?
 
 Sure.
 
 Thank you for acknowledging that at least this argument in support of
 breaking recipient validation (that rejecting emails results in more
 traffic than accepting/deleting them) is wrong. We're making progress.
 

You don't recognize sarcasm very well.

 But spammers don't know whether it is a good address or not.
 
 Nor do they if I reject the transaction way before the RCPT-TO stage,
 which postscreen does *very* well, which is what happens most of the time.
 

Sure they do.  They get a status message back indicating the message was
rejected and why it was rejected.  The fact they DON'T get that message
indicates they have found a valid EMAIL address.

And validated EMAIL addresses are a spammer's dream.

 Also, my understanding is that there the vast majority of spammers no
 longer engage in dictionary attacks to harvest valid email addresses.
 

Your understanding is incorrect.  I see it regularly.

 I said NOTHING about security.  I just don't want them to know what the
 valid email addresses are.
 
 In my mind saying 'I am doing this because I don't want them to know
 what the valid email addresses are' is the exact same thing as saying 'I
 am doing this for security purposes.'.
 

It has nothing to do with security, no matter is in your mind.

 That way they don't send more SPAM to the good addresses.
 
 It isn't about how much spam is targeted at your users, it is about how
 much gets through, and an effective anti-spam solution block 99+% of it
 - *without* breaking SMTP. And again, my understanding is that there the
 vast majority of spammers no longer engage in dictionary attacks to
 harvest valid email addresses, so you are continuing to break smtp for
 your users and getting very little to no real world value out of it.
 

It's also about how much is targeted at my

Re: Conflict of interest in Debian

2014-10-15 Thread Slavko

Ahoj,

Dňa Wed, 15 Oct 2014 11:09:53 +0100 Brian a...@cityscape.co.uk
napísal:

 On Wed 15 Oct 2014 at 10:41:12 +0200, berenger.mo...@neutralite.org
 wrote:
 
  Le 15.10.2014 09:11, Jonathan Dowland a écrit :
  On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
  Check out what single company has 30% of the gatekeepers.
  Surprise, surprise.
  
  Damned for their success. We want Linux to be successful, but woe
  betide any
  company that actually gets us there...
  
  Maybe you want.
  But I think that most users just want it to work fine and
  efficiently, which does not necessarily imply being sold massively
  around the world.
 
 He's doing some of the work on Debian; others work with different
 distributions. They get what they want. Users get what they want.
 Everyone's a winner. :)

I get systemd. Are you sure, that i want it? Or am i not a user?

regards

-- 
Slavko
http://slavino.sk


signature.asc
Description: PGP signature

Re: Recipient validation - WAS: Re: Moderated posts?

2014-10-15 Thread Jerry Stuckle

On 10/15/2014 10:17 AM, The Wanderer wrote:
 On 10/14/2014 at 03:28 PM, Jerry Stuckle wrote:
 
 On 10/14/2014 12:03 PM, Tanstaafl wrote:

 On 10/14/2014 11:17 AM, Jerry Stuckle jstuc...@attglobal.net
 wrote:
 
 Wrong on two counts.  First of all, the false notion Security
 through obscurity *never* works.  This has nothing to do with
 security.
 
 And BTW, that statement is also wrong - why do you think people
 are encouraged to use obscure passwords if it doesn't work? But
 that's another subject.

 Lol! Not even in the same ballpark, Jerry. Passwords, by their
 very nature, are intended to be difficult/impossible to 'guess'.

 To suggest that this is even in the same universe as 'security
 through obscurity' is ludicrous.

 Then what is that if it isn't obscurity?
 
 Security by obscurity isn't no one knows the password or no one
 knows the account name; it's something more like no one knows there's
 a place to enter an account name or a password.


You're limiting it too much.  From Dictionary.com:

obscurity
noun, plural obscurities.
1. the state or quality of being obscure.
2. the condition of being unknown:
...

A complex password is, by definition, obscure according to #2.  And
easily guessable password is not obscure, nor is it secure.


 It isn't no one knows how to unlock the door; it's no one knows where
 the door is, or even closer, no one knows that there even is a door.


See above.

 (There's a mall near where I live which has an out-of-the-way door which
 is never locked at any hour, and which does not appear to be covered by
 security cameras. As far as I can tell, the after-hours security there
 relies entirely on the fact that the general public does not know the
 door exists. That's security by obscurity.)


That's one example.

 I'm not entirely positive on which side of that distinction this
 situation falls, overall. Keeping passwords secret is definitely not
 security by obscurity, but concealing the fact that a given account
 exists may arguably be.
 

See above.

Jerry


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543e9cb5.9020...@attglobal.net

Re: OT (Sorta): Pepperflash Now Working on Wheezy 64-bit

2014-10-15 Thread Hugo Vanwoerkom


Patrick Bartek wrote:

Just got latest upgrade of Chrome Stable (38.0.2125.104-1) for my Wheezy
64-bit (Openbox WM only) directly from Google repo.  Pepperflash player
(15.0.0.189) now working.

And it only took a month and a half. ;-)

B




with libc6 from Jessie?

Hugo


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/m1m6f5$9s2$1...@ger.gmane.org

Re: Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Don Armstrong

On Wed, 15 Oct 2014, Jape Person wrote:
 From dmesg
 ...[4.853751] systemd-gpt-auto-generator[154]: Failed to determine
 partition table type of /dev/sda: Input/output error
 [4.854298] systemd[151]:
 /lib/systemd/system-generators/systemd-gpt-auto-generator failed with error
 code 1.
 ... and later on ...
 [12650.204616] systemd-gpt-auto-generator[7555]: Failed to determine
 partition table type of /dev/sda: Input/output error
 ...
 
 I looked in the BTS and couldn't even find a package named
 systemd-gpt-auto-generator, much less a bug that had been filed for
 it. I guess it's a routine or function name?

It's part of systemd; it generates rules to mount partitions from GPT
partition tables without needing to express them in /etc/fstab. [See man
systemd-gpt-auto-generator for details.]

 The drive came originally from Lenovo (T520i) with and MSDOS parititon
 table. I just used the standard partition scheme provided by the
 netinst d-i (testing), so there are only /dev/sda1 and the swap
 partition present. I used ext4 as the file system.

 I'm also having the drive checked by smartmontools at boot time and
 have received no warnings.

You're basically not supposed to get I/O errors on drives like that. I'd
try running smartctl -a /dev/sda; or similar just to see whether any
errors have occured on the drive. It's possible that there's a bad
sector early on which is only exposed when something tries to find a gpt
partition table, or it could be a bug in systemd-gpt-auto-generator
which your particular setup is triggering.

You might be able to trigger it with gdisk -l /dev/sda; or similar, too.

If that doesn't turn up anything useful, file a bug against systemd, and
ask the maintainers what additional debugging information you can
provide. [It's probably severity minor, since this particularly failure
isn't going to hurt anything.]

 I thought I ought to check to see if anyone thinks this is likely to
 indicate that I'm about to get bit in the butt.

I'd make sure that I had my backups in order, but that's really just out
an abundance of caution.
 

-- 
Don Armstrong  http://www.donarmstrong.com

I stared at the mountain rising over me. Empty. It was a pointless
thing to have done -- climb up it, across it, and down it. Stupid! It
looked perfect; so clean and untouched, and we had changed nothing.
[...] I had been on it too long, and it had taken everything.
 -- Joe Simpson Touching the Void p117


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015155348.gi4...@teltox.donarmstrong.com

Re: how to identify reverse dependencies?

2014-10-15 Thread Slavko

Ahoj,

Dňa Wed, 15 Oct 2014 10:31:02 +0300 Andrei POPESCU
andreimpope...@gmail.com napísal:

 Using Debian package dependencies this is expressed as
 Depends: libpam-systemd by those packages that actually require those 
 interfaces
 
 $ aptitude search '?depends(libpam-systemd)'

Not always right results:

aptitude search -w 60 -F %c%a %p %v '~i?depends(libsystemd0)'
ih cups-daemon1.7.5-1
ih dbus   1.8.8-1sla1   
ih fcgiwrap   1.1.0-2   
ih gvfs-daemons   1.20.3-1  
ih libpolkit-backend-1-0  0.105-6.1 
ih libpolkit-gobject-1-0  0.105-6.1 
ih libpulse0  5.0-6 
ih php5-fpm   5.6.0+dfsg-1  
ih systemd204-14
ih udisks22.1.3-3   

But e.g. my dbus package doesn't depends on systemd at all:

LANG=en aptitude show dbus | grep Depends -A2
Depends: libaudit1 (= 1:2.2.1), libc6 (= 2.17), libcap-ng0, libdbus-1-3 (=
 1.7.6), libexpat1 (= 2.0.1), libselinux1 (= 2.0.65), adduser,
 lsb-base (= 3.2-14)

regards

-- 
Slavko
http://slavino.sk


signature.asc
Description: PGP signature

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/15/2014 at 12:11 PM, Jerry Stuckle wrote:

 On 10/15/2014 10:17 AM, The Wanderer wrote:
 
 On 10/14/2014 at 03:28 PM, Jerry Stuckle wrote:

 Then what is that if it isn't obscurity?
 
 Security by obscurity isn't no one knows the password or no
 one knows the account name; it's something more like no one knows
 there's a place to enter an account name or a password.
 
 You're limiting it too much.  From Dictionary.com:
 
 obscurity
 noun, plural obscurities.
 1. the state or quality of being obscure.
 2. the condition of being unknown:
 ...

That's a definition of obscurity, which is indeed fairly broad.

It's not a definition of security by obscurity, which is considerably
more narrow than the generic definition of obscurity would indicate.

In many contexts, the use of the jargon phrase security by obscurity
occurs specifically in order to draw on that more narrow definition. I
believe that this is one such context.

(I think that I also believe that using security by obscurity with a
broader sense than that narrow one is inappropriate, because it
introduces ambiguity as to which meaning is intended, and is therefore
likely to be confusing to a potential reader. But that's a bit of a
tangent.)

Invoking the generic definition of obscurity in the face of a use of
the jargon phrase security by obscurity is completely missing the
intent, and the sense of that phrase.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Jape Person


On 10/15/2014 11:34 AM, Sven Joachim wrote:

On 2014-10-15 16:14 +0200, Jape Person wrote:


I am seeing this during the boot sequence on a Debian testing
installation. Sometimes it is actually left showing on TTY1 after the
DM (lightdm in this case) comes up, and sometimes not.

 From TTY1
...
systemd-gpt-auto-generator[152]: Failed to determine partition table
type of /dev/sda: Input/output error
...

So, I checked dmesg:

 From dmesg
...[4.853751] systemd-gpt-auto-generator[154]: Failed to determine
partition table type of /dev/sda: Input/output error
[4.854298] systemd[151]:
/lib/systemd/system-generators/systemd-gpt-auto-generator failed with
error code 1.
... and later on ...
[12650.204616] systemd-gpt-auto-generator[7555]: Failed to determine
partition table type of /dev/sda: Input/output error
...

I looked in the BTS and couldn't even find a package named
systemd-gpt-auto-generator, much less a bug that had been filed for
it. I guess it's a routine or function name?


It's a program that is part of the systemd package.  See the manpage for
what it does.



Ah, thanks for that! Looking in the systemd manpage hadn't occurred to 
me. Duh!



It would also be nice to know why I'm seeing this only on this
particular system and not on any of the other three systems with very
similar Debian testing installations on them.


Can you please show your /etc/fstab file and the output of
fdisk -l /dev/sda ?



/etc/fstab:

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# file system mount point   type  options   dump  pass
# / was on /dev/sda1 during installation
UUID=7ffec658-3f62-4b7c-b944-bb60bc257b83 /   ext4 
errors=remount-ro 0   1

# swap was on /dev/sda5 during installation
UUID=e44c4b27-a764-4fcc-b4f8-a1d1d7542fd7 noneswapsw 
  0   0

/dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0

Hmm. I haven't edited this file on this system. I have usually removed 
references to optical drives in the past. Maybe that entry (/dev/sr0) is 
why I've been hearing the optical drive get activated once-in-a-while on 
this system.


output of # fdisk -l /dev/sda:

Disk /dev/sda: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xe553ae0a

   Device Boot  Start End  Blocks   Id  System
/dev/sda1   *2048   943697919   471847936   83  Linux
/dev/sda2   943699966   976771071165355535  Extended
/dev/sda5   943699968   97677107116535552   82  Linux swap / Solaris


Cheers,
Sven




Thank you for taking an interest!

Jape


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543e9a91.3000...@comcast.net

Re: piece of mind (Re: Moderated posts?)

On Wed, 15 Oct 2014 10:02:03 +0300
Andrei POPESCU andreimpope...@gmail.com wrote:

 On Ma, 14 oct 14, 17:56:58, Steve Litt wrote:
  
  Because you don't want to inextricably drag a giant monolith into
  your Desktop Environment just to do a few things.
 
 If you compare systemd with a Desktop Environment I'm not quite sure 
 who's the giant ;)

Yeah, I wasn't clear. I meant giant relative to what needed to be done.
In other words, you need to verify passwords, so you bring in the
entirety of systemd to do it, instead of just writing the code yourself.

I completely understand not reinventing the wheel, but if all you need
is a spoke, you don't construct an interface to a whole wheel just to
get your spoke.

 
  And how were they handling
  this task before systemd? It's not like Desktops, Window Managers
  and whatever things like lightdm are called didn't exist before
  systemd.
 
 ConsoleKit, unmaintained.

Pre-cisely. I see Red Hat's fingerprints all over that unmaintained
status. If not for Red Hat, somebody would have picked up ConsoleKit.
After all, as shown in
http://spectrum.ieee.org/computing/software/whos-writing-linux ,
there's plenty of money floating around to pay for free software
development.

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015123026.5f396...@mydesq2.domain.cxm

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/15/2014 at 12:06 PM, Jerry Stuckle wrote:

 On 10/15/2014 8:14 AM, Tanstaafl wrote:
 
 On 10/14/2014 3:28 PM, Jerry Stuckle jstuc...@attglobal.net
 wrote:

 But you just said it was OK to delete emails.
 
 Please don't misquote me. I said it was the *worst case*, meaning,
 only marginally better than *bouncing* them, which you should never
 do.
 
 I certainly did not say it was 'OK'.
 
 You said it was OK.  You may try to attack conditions to it - but
 you still said it was OK.

In a quick search, I haven't been able to find a mail from him which
uses the term OK, prior to the quoted one which is responding to your
use of that term.

He did say (in close paraphrase) that there are circumstances in which
silently deleting received mails can be barely acceptable. That's a far
cry from saying that it's OK, either in the modern colloquial sense or
in the literal original sense of all correct.

 I said NOTHING about security.  I just don't want them to know
 what the valid email addresses are.
 
 In my mind saying 'I am doing this because I don't want them to
 know what the valid email addresses are' is the exact same thing as
 saying 'I am doing this for security purposes.'.
 
 It has nothing to do with security, no matter is in your mind.

What is the non-security-related reason why you don't want them to know
what the valid E-mail addresses are?

I suspect that the reason is something which Tanstaafl would classify as
falling under security purposes.

Even if you don't come to agreement on whether that reason is a security
reason, it might still be easier to agree to disagree if there's a
clear understanding about exactly what you're disagreeing over, rather
than just conflicting assertions about some consequence of that
underlying point.

 Please explain what is *Seriously Fraudulent* or *otherwise
 inappropriate* about a typo in the recipient address of an
 otherwise perfectly legitimate email, Jerry.
 
 How many valid emails do you get to a bad email address?
 
 Please answer the question.
 
 Any email to a bad email address is fraudulent and/or inappropriate.

That's just repeating the assertion, not answering the question. It does
not provide the requested explanation.

What is fraudulent about a typo?

What is inappropriate about a typo?

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/15/2014 12:25 PM, The Wanderer wande...@fastmail.fm wrote:
 On 10/15/2014 at 12:11 PM, Jerry Stuckle wrote:
 You're limiting it too much.  From Dictionary.com:

 obscurity
 noun, plural obscurities.
 1. the state or quality of being obscure.
 2. the condition of being unknown:
 ...

 That's a definition of obscurity, which is indeed fairly broad.

Thanks, saved me the trouble - although I don't expect Jerry to 'get
it', so this is probably a waste of everyones time to pursue.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543ea18f.9050...@libertytrek.org

Re: Recipient validation - WAS: Re: Moderated posts?

On 10/15/2014 12:06 PM, Jerry Stuckle jstuc...@attglobal.net wrote:
 On 10/15/2014 8:14 AM, Tanstaafl wrote:
 On 10/14/2014 3:28 PM, Jerry Stuckle jstuc...@attglobal.net wrote:
 But you just said it was OK to delete emails.

 Please don't misquote me. I said it was the *worst case*, meaning, only
 marginally better than *bouncing* them, which you should never do.

 I certainly did not say it was 'OK'.

 You said it was OK.  You may try to attack conditions to it - but you
 still said it was OK.

Easy enough to prove. By all means, quote the actual text of me saying
this was 'OK'...

 you keep saying that the RECEIVING server 'sends a message back to
 the originator' - unless maybe you simply have a hard time saying
 what you really mean, which always causes confusion.

 it does send a message back to the originator - it may only be a
 status code, but it is still a message.

The status code is not *sent* anywhere - it is a response directly to
the connecting machine.

It is then the responsibility of that machine that was talking to your
server to pass the response code back to the originating *server* (not
the sender of the email - there is a difference).

It is then the responsibility of the 'originating server' to generate
the NDR (non-delivery response) email that the sender then receives in
their Inbox.

So, again, no, *your* server doesn't 'send anything back to the
originating server'.

I'm done with this thread, since Jerry is free to believe whatever he
wants and run his servers however he wants.

Thankfully the vast majority of other mail admins use best practices...


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/543ea368.8000...@libertytrek.org

Re: Conflict of interest in Debian

On Wed, 15 Oct 2014 08:11:10 +0100
Jonathan Dowland j...@debian.org wrote:

 On Wed, Oct 15, 2014 at 12:51:07AM -0400, Steve Litt wrote:
  Check out what single company has 30% of the gatekeepers. Surprise,
  surprise. 
 
 Damned for their success. We want Linux to be successful, but woe
 betide any company that actually gets us there...

Hi Jonathan,

Parse the preceding sentence. We want *Linux* to be successful, but woe
betied any *company* ...

I want *Linux* to succeed, and it would be nice for that success to
float the boats of the companies making Linux succeed, but not the
companies trying to completely change the Linux that attracted most of
us to it.

We've actually been in this place before. Wonderful Linux company
Caldera became SCO (oversimplification, but you know what I mean).
Wonderful Linux company Corel changed their CEO, and promptly accepted
money from Microsoft and dropped all their Windows software.

No doubt, mid 1990's to mid 2000's, Red Hat got us there, and I thanked
and celebrated them. What Red Hat is doing now is anti-Linux, as
demonstrated by timestamps 1:35 and 2:20 in the following:

https://www.youtube.com/watch?v=LdRmnSHHVw4

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015123909.55ec1...@mydesq2.domain.cxm

Re: piece of mind (Re: Moderated posts?)

On Wed, 15 Oct 2014 09:08:26 +0100
Martin Read zen75...@zen.co.uk wrote:

 On 14/10/14 22:56, Steve Litt wrote:

  And how were they handling this task before systemd?
 
 They were using ConsoleKit, which was orphaned upstream some time
 after systemd-logind came along.

I rest my case.

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015124258.53bd8...@mydesq2.domain.cxm

Re: preseeding question (yes, re. systemd / sysvinit-core)


Jonathan Dowland wrote:

On Wed, Oct 15, 2014 at 07:49:08AM -0400, Miles Fidelman wrote:

1. There is now an essential metapackage called init that depends on
one of systemd-sysv, or sysvinit-core, or upstart.   (parenthetical
question: What distinguishes a metapackage from a virtual package?
Or perhaps, more precisely, why is init defined as a metapackage
rather than a virtual package?)

A virtual package doesn't exist, but is listed in Provides: or Requires: fields
in other packages.

A metapackage does exist, but doesn't contain any files, so only it's metadata
is relevant.

You may need a metapackage rather than a virtual package for upgrade
situations. A metapackage can provide: something else, can Replaces: something
else, etc.; whereas a virtual package can't (because it doesn't exist.)


Thanks for the clarification!

Re. 



4. How, in a preseed file, does one identify one's preferred choice
for meeting the dependencies of a virtual package or metapackage (in
this case, specifically installing sysvinit-core to satisfy init's
dependencies) - either by:
a. over-riding package priorities, or,
b. making an explicit selection of the real package to meet a dependency

I *think* that if the dependency is already satisfied by another package
selection, the resolver won't go out and try to satisfy it with another, as of
yet unmarked package.  So if you have d-i pkgsel/include string sysvinit-core
systemd-shim or similar, the resolver shouldn't then select systemd to satisfy
the init dependency, as it is already satisfied.


any thoughts re. conflicts between what's in, say

tasksel tasksel/first standard, web-server
and
d-i pkgsel/include string sysvinit-core systemd-shim


If I understand the installer, tasksel, the definition of the standard task 
description
--
Task: standard
Section: user
Description: standard system utilities
 This task sets up a basic user environment, providing a reasonably
 small selection of services and tools usable on the command line.
Packages: standard
Test-new-install: mark skip
---
properly, then the line tasksel tasksel/first standard, web-server is going to install 
all packages with priority standard.

Which leads to a couple of questions:

1. Since the priorities for sysvinit and sysvinit-core are
sysvinit:admin/optional
sysvinit-core:admin/extra

and I assume that the priority for systemd is set to standard, does the 
installer do:
a. install systemd as part of the tasksel phase, the uninstall systemd and 
install sysvinit when it hits the pkgsel step, or,
b. configure the list of packages for both the tasksel step and the pkgsel step 
before actually doing any installs?

2. If b., all is copacetic.  If a., then are there any directives that might 
adjust the operation of the tasksel step, other
than to either create a custom task description or bypass this step and 
designate all packages manually? [There's a line
in the tasksel documentation that says Debian derived distributions can add a 
new .desc file to /usr/share/tasksel/ to add
additional tasks, or modify/divert debian-tasks.desc to remove tasks but how 
one might do that at install time is not discussed anywhere
that I can find.]


3. Is there a way to list all packages with priority standard - preferably 
via the package repo or one of the staging servers rather than
having to first setup up a jessie installation and pulling in the source list?

Thanks,

Miles



--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543ea0e3.7020...@meetinghouse.net

Re: OT: Re: Recipient validation - WAS: Re: Moderated posts?


Joel Rees wrote:

On Wed, Oct 15, 2014 at 9:01 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:

Tanstaafl wrote:

On 10/14/2014 1:58 PM, Miles Fidelman mfidel...@meetinghouse.net wrote:

Well, this really is OT for debian-users, but  Turns out that SMTP
WAS/IS intended to be reliable.

Reliable, absolutely. 100% reliable? That simply isn't possible when
people are involved in the equation (people mis-configure servers -
whether accidentally, through ignorance, or intentionally (just because
that is the way they want it).


I'd always lumped SMTP in the category of unreliable protocols, w/o
guaranteed delivery

The protocol itself is extremely reliable. It is what people *do* with
it that can cause it to become less reliable/resilient.

There are three ways in which machines can be unreliable.

One, they can break.

Two, they can do what they are told to do, but what they are told to
do can be wrong.

Three, they can operate in a context in which they were not designed to operate.


Oh come on, there are lots more ways that PROTOCOLS can be unreliable.

We're talking about an environment plagued with noise, congestion, bit 
errors, routing errors, filtering - all kinds of things that are 
probabilistic in nature.


Unreliable protocols are generally 'fire-and-forget' in nature (e.g., 
UDP) and promise, at most, best efforts.


Reliable protocols are those that include end-to-end (or, more 
accurately, peer-to-peer) error checking, ACKs and NACKs, 
retransmission, and so forth.  In a protocol context, reliable means, 
essentially, 'once I get an ACK, I can assume that my PDU has been 
delivered to my peer' - and has nothing to do with what happens beyond that.




That's one of the reasons the Requests For Comments were RFCs and not
standards dictated from on high (like many of the earlier network
definitions that ended up too inflexible).


Ummm no.  RFCs were RFCs because that's how the early ARPANET RD 
community, and its leadership decided to conduct their business, and the 
model stuck.



There is a technical distinction between best efforts (unreliable)
protocols, such as IP ('fire and forget' if you will), and reliable
protocols, such as TCP (with explicit acks and retransmits).

At least in the technical circles I run in (BBN - you know, we built the
ARPANET; Ray Tomlinson, who coined use of the @ sign in email nominally
worked for me, for a short period - in a matrixy version of worked for),
SMTP is usually discussed as providing a best efforts (unreliable) service
-- which, in reality, it is (particularly in real world configurations where
mail often gets relayed through multiple servers).

So.. I was just a bit surprised to go back and read the RFC and discover
that SMTP is explicitly intended to provide a reliable service.

If it is, that has changed.


Umm no.  The goal statement hasn't changed.  Limitations to that 
goal have been elaborated on - i.e., specific limits and exceptions to 
that reliability have been elaborated on.  But, on the whole, the notion 
of peer-to-peer transmission of email, as a reliable service, with 
acks/nacks/retransmission/error messages/etc/, remains unchanged.


Elsewhere from the part you quoted, there used to be an explanation of
the self-contradictory nature of the requirements.

Specifically, machines cannot actually (the illusions of PKI becoming
widely accepted notwithstanding) certify delivery. That requires a
human at both ends of the chain, in addition to the possibly human
sender and recipient. RFC 821 messages were intended not to require
any human in the chain.

If that has changed, it would be the unreasoning demands of people who
want e-mail to perfect in ways snail mail only almost could be in the
best of times: people who want to be able to do things like sue other
people for not complying with obscure rules when informed of those
rules by e-mail.

Exactly.  RFC 821 and its successors do not address human-to-human 
communications, they specify a reliable protocol for MTA-to-MTA 
communication.  Period.


I'll close by noting that this branch of discussion started with a focus 
on silently dropping spam, and whether that's a violation of standards.  
It used to be a clear violation of the various MUST statements re. 
sending non-delivery messages.  It looks like more recent standards now 
allow for dropping spam as a specific exception case.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.    Yogi Berra


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543ea5ea.1030...@meetinghouse.net

Re: Conflict of interest in Debian

On Wed, 15 Oct 2014 23:37:37 +0900
Joel Rees joel.r...@gmail.com wrote:

 2014/10/15 1:47 Brian a...@cityscape.co.uk:
 

  Give me swearing in posts rather than innuendo and attempted
  character assassination of a group dedicated workers.
 
 Do you realize that a lot of your posts, jumping on anti-systemd
 topics, might appear, to casual examination, to be innuendo and/or
 character assassination?

Yes. Let's get rid of the innuendo.

It is my belief that Red Hat is foisting systemd on Linux for the
purpose of making Linux harder to repair and manage, and have hired
clever Rube Goldberg software creator Leonart Poettering to create
something that works, but in the long term will be a house of cards
only specialists (primarily Red Hat specialists, they hope) can work on.

Well, that's certainly character assassination (and well deserved in my
opinion), but I think I got rid of the innuendo :-)

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141015125352.037f4...@mydesq2.domain.cxm

Re: Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Jape Person


On 10/15/2014 11:53 AM, Don Armstrong wrote:

On Wed, 15 Oct 2014, Jape Person wrote:

 From dmesg
...[4.853751] systemd-gpt-auto-generator[154]: Failed to determine
partition table type of /dev/sda: Input/output error
[4.854298] systemd[151]:
/lib/systemd/system-generators/systemd-gpt-auto-generator failed with error
code 1.
... and later on ...
[12650.204616] systemd-gpt-auto-generator[7555]: Failed to determine
partition table type of /dev/sda: Input/output error
...

I looked in the BTS and couldn't even find a package named
systemd-gpt-auto-generator, much less a bug that had been filed for
it. I guess it's a routine or function name?


It's part of systemd; it generates rules to mount partitions from GPT
partition tables without needing to express them in /etc/fstab. [See man
systemd-gpt-auto-generator for details.]



Now that's weird, or maybe it's just me. I tried to look for manpages 
for systemd-gpt-auto-generator, and I'd swear I was told No manual 
entry for...


Sven Joachim told me to check the manpages, and I looked at man systemd, 
which gave me an online reference for Generators Specifications which 
wasn't helpful at all.


But I'm now seeing documentation when I type man 
systemd-gpt-auto-generator, so I'm guessing I made a typo earlier on 
and didn't even notice in the output from the man request.



The drive came originally from Lenovo (T520i) with and MSDOS parititon
table. I just used the standard partition scheme provided by the
netinst d-i (testing), so there are only /dev/sda1 and the swap
partition present. I used ext4 as the file system.



I'm also having the drive checked by smartmontools at boot time and
have received no warnings.


You're basically not supposed to get I/O errors on drives like that. I'd
try running smartctl -a /dev/sda; or similar just to see whether any
errors have occured on the drive. It's possible that there's a bad
sector early on which is only exposed when something tries to find a gpt
partition table, or it could be a bug in systemd-gpt-auto-generator
which your particular setup is triggering.

You might be able to trigger it with gdisk -l /dev/sda; or similar, too.



I checked with smartctl and was told the test completed without error. 
There were no errors in the log at all.


However, the output from the gdisk command was:

GPT fdisk (gdisk) version 0.8.10

Partition table scan:
  MBR: MBR only
  BSD: not present
  APM: not present
  GPT: not present


***
Found invalid GPT and valid MBR; converting MBR to GPT format
in memory.
***

Disk /dev/sda: 976773168 sectors, 465.8 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 43493272-B516-4A14-95E5-BF0E895243CB
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 2048-sector boundaries
Total free space is 6125 sectors (3.0 MiB)

Number  Start (sector)End (sector)  Size   Code  Name
   12048   943697919   450.0 GiB   8300  Linux filesystem
   5   943699968   976771071   15.8 GiB8200  Linux swap

I can see the words invalid GPT and valid MBR in that report, but -- 
save for the sizes and locations pertinent to the different disks -- 
this is exactly the same output that command gives me on my other systems.


Do you see anything significant?

If not, I'll try my hand at filing a severity minor bug against systemd 
to see if the maintainers think anything of it.



If that doesn't turn up anything useful, file a bug against systemd, and
ask the maintainers what additional debugging information you can
provide. [It's probably severity minor, since this particularly failure
isn't going to hurt anything.]


I thought I ought to check to see if anyone thinks this is likely to
indicate that I'm about to get bit in the butt.


I'd make sure that I had my backups in order, but that's really just out
an abundance of caution.



Yup. I'm meticulous about backup strategy and practice. I'm retired, so 
I have plenty of time to implement it. I never allow myself any excuses.


Thank you for your suggestions.

Jape


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/543ea384.6090...@comcast.net

Re: Who is systemd-gpt-auto-generator, and why does s/he not like my partition table?

2014-10-15 Thread Sven Joachim

On 2014-10-15 17:53 +0200, Don Armstrong wrote:

 On Wed, 15 Oct 2014, Jape Person wrote:

 I'm also having the drive checked by smartmontools at boot time and
 have received no warnings.

 You're basically not supposed to get I/O errors on drives like that. I'd
 try running smartctl -a /dev/sda; or similar just to see whether any
 errors have occured on the drive. It's possible that there's a bad
 sector early on which is only exposed when something tries to find a gpt
 partition table, or it could be a bug in systemd-gpt-auto-generator
 which your particular setup is triggering.

I don't think there is actually an I/O error here, looking at the code
systemd-gpt-auto-generator makes this error up:

,
| errno = 0;
| r = blkid_probe_lookup_value(b, PTTYPE, pttype, NULL);
| if (r != 0) {
| if (errno == 0)
| errno = EIO;
| log_error(Failed to determine partition table type of %s: 
%m, node);
| return -errno;
`

Somebody who is familiar with libblkid (i.e. not me) might explain why
blkid_probe_lookup_value() apparently failed but did not set errno.

Cheers,
   Sven


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87tx35th1w@turtle.gmx.de

Re: OT: Re: Recipient validation - WAS: Re: Moderated posts?