[semi-OT] Creating new fonts
Can anybody give me a quick rundown on the process, or point me to docs that offer a more complete description, of how to go about creating a new font? I'm interesting in developing a couple of custom fonts for a theme I'm creating, but have absolutely no idea how! Thanks! Colin
Re: fetchmail at login
I want a program to start automatically each time I login into my account. In which initializing file should I write the name of the program? You could add the command to your .bashrc file, it will be executed after you login. Might be better to add it to his .bash_profile, unless he's got .bash_profile set up to read .bashrc (which, I believe, is not the default in Debian).
Re: Functionality simular to FreeBSD's jails
No. chroot is not safe enough. I want to create virtual boxes in which I can give root rights to other people and I want to be sure that they can't break other boxes. AGAIK if you have root you can escape chroot'ed directory. Another problems that root can have direct access to devices. I don't want to allow it. Good solution is really independant virtual boxes which are run from one real. This is what FreeBSD's jails provides. User-mode linux kernel seems to allow it too but I'm not sure how stable is it and if there are exist any limitations. I just found a page that might contain what you are looking for: http://www.gnu.org/directory/vsd.html VSD - Facilitates Linux Virtual Servers within a 'chroot' environment. The Virtual Server Daemon is free software that creates Linux Virtual Servers with the look, feel, and functionality of a dedicated Linux appliance. This lets web servers and other applications be deployed and administered discretely without a security threat. VSD powered servers run just one instance of the Linux kernel per host server. A single Intel P-III with sufficient RAM can service 250 Virtual Servers. VSD was developed for situations where leased lines and server colocation were impossible for financial or technical reasons. VSD creates replicas of a working GNU Linux file system and uses this as a template for Virtual Servers. The replica files (not the entire OS) are 'hardlinked' to the original image, and share the same inode as the original file (which saves disk space). Each replica is assigned a unique IP address, and a user can then log into that Virtual Server transparently using Telnet or FTP. Using 'chroot' software, the user is then 'locked' into the Virtual Server environment and cannot reach adjacent Virtual Servers or the main Operating System files, thus reducing the security risk.
Re: woody installation
Or i reccomend slackware if they are more interested in learning. only after they are used to linux do i reccomend debian as a reward for getting the hard stuff done first(at least in the slackware users). I was suprised how many people at my last job chose slackware despite my clear warnings that it was a very manual distribution. and these were people that didn't even know the word/term/name Linux 6 months earlier. At what point would you consider somebody ready to be rewarded with Debian? What level of knowledge, or what length of experience, would separate those not-yet-ready from those-who-are-ready?
Bash .bashrc
I have .bashrc set up to support color ls, but .bashrc isn't called when I log in. If I subsequently start a new shell, however, or 'source .bashrc' then the file is read and processed. What's the best way to handle this so it's done automagically upon logging in? Just throw source .bashrc onto the end of the .bash_profile file?
upgrading libc6 from 2.1 to 2.2 - trouble brewing?
Tonight I tried to install the latest version of ssh onto my system, but I wasn't paying close enough attention to the dependencies. Ssh 2.5.1p1 requires libc-2.2.1-2 or higher, and potato uses libc6-2.1.3-15. I have a vague recollection of problems running apps using libc-2.1 with libc-2.2, so I thought I'd ask the list since I'm sure at least one person has tried it. :) Should I expect any trouble if I simply upgrade to libc-2.2? If so, what is the best strategy to resolve those problems? Thanks in advance! Colin
Getting rid of Vim's startup screen
Every time I start Vim with a new file, I get an intro screen. How do I surpress that?
Re: Optical mice
Despite my intense dislike for Microsoft, I have an MS IntelliMouse, and I'm very fond of it. If it helps at all, Logitech builds most of Microsoft's mice for them. I don't know if it works with Debian (still getting my box configured), but I'm quite partial to the Logitech USB optical mouse. Three buttons, one of which is the wheel, and it's about $30. It's not the fanciest mouse in the world, but if you're looking for a nice, simple optical mouse I'd definitely recommend it. (It is rather comfortable in the hand, although it isn't shaped specifically for right-handers like some of the Microsoft optical mice are.) Product link: http://www.logitech.com/cf/products/productoverview.cfm/55
Re: Optical mice
Product link: http://www.logitech.com/cf/products/productoverview.cfm/55 I know it's bad form to reply to oneself, but I thought I should also state that this mouse comes with a USB-to-PS/2 adapter. If you don't have USB support, you can still use the mouse. I've been running it for several weeks with said adapter, and haven't noticed any degredation in accuracy or response.
Muddled explanation of classed vs. classless IPs (was Re: RES: networking partly broken after upgrade to testing)
I don't know what all this is about. Still, it woke me up. I was just reading this in one of the TCP/IP books I have, so I'll take a stab at explaining it (and let somebody else explain the errors). IP addresses are divided into host portions and network portions. The host portion is assigned by whoever doles out blocks of IP addresses, and is fixed once you get it. The network portion is what you get to play around with after you are assigned your block of IP addresses. The host portion always comes first. Somebody might assigned you the block of IP addresses 45.67.0.1 - 45.67.255.255. The host portion is 45.67, whereas the network potion is .0.1 - .255.255. In the olden days, networks were divided into classes: A, B, and C. Class A networks had an 8-bit host value, and a 24-bit network value. So a class A network would appear as 45.xxx.xxx.xxx. On that network, you could assign any machine an IP address from 45.0.0.1 - 45.255.255.255. Class B networks had a 16-bit host and a 16-bit network value, such as 45.67.xxx.xxx (in the example in the last paragraph). Class C networks had a 24-bit host and an 8-bit network value (45.67.112.xxx). However, this addressing scheme had its limitations. You might not need the 65,536 IP addresses provided by a class B network, but more than the 256 addresses provided by a class C network. In the old days, you'd suck it up, take the class B network, and the unused addresses would go to waste. However, as the Internet grew, IP addresses started becoming a scarce commodity. So what happened was the assignment of IP addresses went from fixed classes to classless to prevent that type of waste. In classless assignment, IP addresses take the form of xxx.xxx.xxx.xxx/YY. The /YY portion tells you how many bits to use as the host portion, and how many to use as the network portion. Converting from the old scheme, a class B address of 45.67.xxx.xxx would now become 45.67.xxx.xxx/16. Class C addresses would become 45.67.112.xxx/24. The power that this provides is demonstrated when you need, say, 32,000 addresses. Obviously, this is more than an old class C address could provide, but if you picked up a class B address you'd be wasting another 32,000+ addresses. So what you do is you take a class B address and move one bit from the network portion to the host portion (e.g., 45.67.xxx.xxx/17 rather than 45.67.xxx.xxx/16). What this does is chops up the 45.67.xxx.xxx range into two separate networks, the first going from 45.67.0.1 to 45.67.127.255, and the second going from 45.67.128.1 to 45.67.255.255. Rather than get 32,000+ IP addresses that would go unassigned, you can get 32,768 addresses - and let somebody else get the other 32,768 addresses who could actually use them. Instead of throwing away 32k+ addresses, you only let a few hundred go unassigned. A netmask address is an alternate way of expressing the /YY for an IP address. The netmask is simply the /YY portion converted into IP address notation. For instance, /16 would become 255.255.0.0. /17 would be 255.255.127.0. Using the netmask, you can figure out how a network is partitioned much easier than you can be simply looking at /17. So that's the quite and dirty run-down. I'm sure somebody will step in with corrections about math or terminology, but I think you can get the gist of it from the explanation above.
Re: Muddled explanation of classed vs. classless IPs
You've made me feel guilty. I would have expressed myself better if I'd known you were going to this trouble. Oops. :) I actually knew about the range of addresses, but I couldn't remember which ones went with which. Besides, I also omitted the fact that *.0 and *.255 are reserved addresses.
Resetting installed package list?
When I installed Debian 2.2r0 a couple of weeks ago, I did the smallest install possible - I let dselect install the default initial set of packages. Over the past couple of weeks, I've done very small tailoring to the system: turned off all network services, switched a few programs (for instance, purged nvi and installed vim), and updated to the most recent security fixes. This weekend I'm planning on doing a lot of work to the system. I'd like to have a fairly minimal system - only those apps that are absolutely necessary, and little else. To that end, I'm going to be wandering through dselect quite frequently (apt-get is more powerful, but dselect provides a better overview of what is installed and what isn't). One thing that I've noticed about dselect is that if you mark a package (say, marking an installed package for purge), dselect remembers that setting even if you don't go through the process of actually removing that package. That caused me some consternation one evening when I somehow accidentally marked a dozen or so packages for uninstall that I really wanted to leave alone. Is it possible to rebuild the installed package list so that it reflects the actual status of the packages installed, rather than what you last marked them as?
Re: OT: M$ Outlook Virus
while it is tru you can remove most scriptin support with removin the microsoft scripting host, what if you're a developer ? Or you're environment requires you to be able to run scripts ? Then you have a handful of choices. 1. Run a virus scanner, and make sure you update it EVERY DAY (even if you know that the frequency of updates is slower than that). 2. Have your development machine be an isolated system. Don't connect it to any network, or make sure that the network it's on is a standalone network (not connected to any other networks). This isolates it, and means that any files you bring over have to be on disk - which are much easier to scan for viruses than trying to scan all network traffic. (It also has the side-effect of not being able to spread a virus very far should the network be infected somehow.) 3. Use an email program that does not support scripting. Frankly, there's very little reason for scripting to be in an email program, and whatever bonuses scripting-in-email-apps has are heavily outweighed by the possibility for abuse. Find yourself a nice email app that doesn't support VBS or Javascript (Eudora, I believe, doesn't support the scripting, but I'm sure you can find others as well). 4. Turn off Explorer's hiding of three-letter file extensions. A file named AnnaKournikova.jpg.vbs is a big tip-off that something isn't right. There are, supposedly, viruses that can be loaded even if you preview the message, but for the most part just seeing the attachment filename is enough for you to know that the file shouldn't be double-clicked. 5. Set up a quarantine. Not having used Outlook much, I can't say exactly how to do this, but I'm sure it's possible to set up a quarantine so that any email containing attachments (or specific attachments, such as *.vbs) gets put into a separate folder from Inbox. While this doesn't technically prevent you from getting exposed, it at least puts you on notice that the quarantined files /may/ contain viruses, and so you're less likely to start double-clicking at random.
Re: OT: M$ Outlook Virus
can someone give me anything that micro$oft ever did which makes sense, is secure, and abides to standards??? *chuckle* I can see the sign hanging on the walls of Microsoft: Security, Standards, Sensibility: Choose Two. ;)
Re: Now Stormix is no more . . .
Storm is not quite dead yet. It's, uh, resting. ;)
Dangers in upgrading to unstable?
I recently installed Debian on my laptop, but some of the programs I was planning on using exist only in unstable (for instance, Enlightenment 0.16.5). What are the dangers in upgrading my system to run unstable? What issues am I likely to face if I do upgrade the whole thing to unstable? Would it simply be better to download the specific unstable packages I want and otherwise stick with simply running stable? Thanks in advance! Colin
Re: Dangers in upgrading to unstable?
Are you sure you want Enlightenment? It eats a lot of memory... It's the one I'm most familiar with, and my laptop has 128MB of memory + 256MB swap, so I'm not /overly/ concerned about the memory usage. However, after having read about some of the other window manglers, I'm probably going to put on Blackbox and maybe Sawfish and/or IceWM to see which one I like the best. I wouldn't do it unless you really know what you are doing. Upgrade to testing in stead of unstable, you may end up with a lot of broken packages with unstable (not to say that this couldn't happen with testing). Then upgrade the packages you want but which is only in unstable, by hand. I see! Thanks for the advice!
