automounting /dev/mqueue
I am making some use of posix messages queues, and in order to interactively view/manipulate these queues on my Debian squeeze system it is necessary, as described in mq_overview(7), in to manually: mkdir /dev/mqueue mount -t mqueue none /dev/mqueue after each boot I am looking for the best way to make this automatic, and as /dev/shm is already being automatically mounted to give access posix semaphores and shared memory, it seems logical and consistent to mount mqueue the same way... There appears to be a line D shm /etc/udev/links.conf, to create the mount point which suggests that a similar entry for mqueue would be appropriate, although the comment at the top of the file suggests that its use is discouraged. The alternative of /lib/udev/devices suggested in the comment does not seem appropriate as what is being created is a directory (mount point), not a device There also appears to be a line to create the mount point 'shm' if it doesn't already exist (and then mount it) in /etc/init.d/mountdevsubfs.sh, plus an unmounting command in /etc/init.d/udev. Then again, I can't see any reason why the mounting couldn't be handled a little more intuitively by adding an entry to /etc/fstab... Does anyone know if there is a reason why shm is mounted by default and mqueue is not? Is there any consensus on the best way to have this filesystem mounted on boot? DigbyT
Re: Debian secure by default?
On Sat, May 17, 2008 at 06:42:57AM +0530, Raj Kiran Grandhi wrote: Rico Secada wrote: Hi. Why is Debian not setup to be secure be default? Not everyone is a security expert so imho the system should be fully secured out-of-the-box. Please elaborate on what you consider to be the insecure parts of a default installation. Describe a process by which an etch system can be compromised remotely. Obviously, the ability to become root by tweaking the boot parameters from the grub screen does not count as a vulnerability. -- Raj Kiran Grandhi -- One thing that I find rather hard to justify is that even on an Etch system installed from scratch just a few weeks ago, /etc/pam.d/common-password has password required pam_unix.so nullok obscure min=4 max=8 md5 so I can be confidently entering my 200 character uber password thinking that it is hacker proof, when all the time debian is truncating it to eight characters... :-/ Unless you require it for backward compatability (because you are importing passwrds from an old (less secure) system) I don't see why you would want to limit password length at all? (except, of course, to set a lower limit) Something I always like to add to my systems when when I need to be able to ssh from outside is an 'ssh' group (although debian has claimed that group name, so I now use something less convenient) with sshd configured to allow logins only to accounts in that group. That way I can limit the facility to accounts which need it, and at least all of those thousands of daily login attempts by script kiddies are to accounts which are bound to fail no matter what password they try - even if I have forgotten to remove the upper limit on password length... A length restricted root password which can be entered from a remote ssh client would be more of a concern to me than the occasional unnecessarily suided application... Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian secure by default?
On Sat, May 17, 2008 at 10:06:05AM -0700, Mike Bird wrote: On Sat May 17 2008 09:34:21 Sven Joachim wrote: On 2008-05-17 17:35 +0200, Digby Tarvin wrote: One thing that I find rather hard to justify is that even on an Etch system installed from scratch just a few weeks ago, /etc/pam.d/common-password has password required pam_unix.so nullok obscure min=4 max=8 md5 so I can be confidently entering my 200 character uber password thinking that it is hacker proof, when all the time debian is truncating it to eight characters... :-/ Good catch. If you're the sysadmin, you should change that. If not, convince him to do it. max= was never intended to limit password lengths and, certainly in Etch and Lenny, does not do so. I haven't tested earlier distros. Unless you require it for backward compatability (because you are importing passwrds from an old (less secure) system) I don't see why you would want to limit password length at all? (except, of course, to set a lower limit) Apparently it is for backward-compatibility, yes. The limit has been dropped in pam 0.99.7.1-5, so Lenny will come with a better default. As of 0.99.7.1-4, pam simply ignores max=. However max=8 will remain in /etc/pam.d/common-password of upgraded systems (but not fresh installs) because common-password is simply copied from /usr/share/pam on the first install. If you change max= with earlier versions of pam it may have unintended consequences. EXECUTIVE SUMMARY: max=8 is ignored, this is a non-issue, OP can use 200 character uber password with confidence. --Mike Bird Good to hear, although my Etch system (freshly upgraded) reports: | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++--- ii libpam-modules 0.79-5 Pluggable Authentication Modules for PAM ii libpam-runtime 0.79-5 Runtime support for the PAM library ii libpam0g 0.79-5 Pluggable Authentication Modules library and the docs at http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s-auth-pam say Now edit /etc/pam.d/passwd and change the first line. You should add the option md5 to use MD5 passwords, change the minimum length of password from 4 to 6 (or more) and set a maximum length, if you desire. So the situation doesn't seem as clear as it might be. But a quick test does seem to indicate that I am getting more password length than the max keyword setting would indicate - even with 0.79-5. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
problem with fonts in bitchx?
I have just performed an 'apt-get install bitchx' on a debian x86 Etch system, but there seems to be a problem with with the package configuration. The install finishes with a warning: Warning: /usr/lib/X11/fonts/misc does not exist.. This is understandable, as it seems that the installation should have been looking for the fonts in /usr/share/fonts/X11/misc Running the application produces warning such as: bitchx: unable to open font default8x16, trying fixed Warning: Cannot convert string default8x16 to type FontStruct Warning: Missing charsets in String to FontSet conversion so it does seem that it is looking in the wrong place for fonts :( Does this indicate an error in the package? Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Various questions on encrypted partitions
n Thu, Apr 24, 2008 at 08:00:39AM -0500, Jordi Guti0xe9rrez Hermoso wrote: So when I installed Debian, I told d-i to wipe the hard disk and encrypt my lappy's hard drive. My tinfoil-hatted heart loves it. They'll never take me or my data alive. I am curious, though, as to the exact nature of the encryption. I'd rtfm, but I don't know where to begin. I understand the encryption is AES-256, supposedly good enough to keep spooks at bay, but how exactly does it work? I chose a ridiculous 25-character random printable ASCII password that I have committed to my cerebellum and muscle memory, because I thought that AES-256 actually uses my password to encrypt the hard drive. Is this true? I also see that it uses something called LUKS, and I understand that LUKS is the way to change my encryption password. How does that work, exactly, at the mathematical level? If I change the encryption password, does the hard drive get reencrypted a different way, or what? My last question is about potential data loss. Is an encrypted hard drive more vulnerable to data loss than an unencrypted one? Suppose I have a hardware failure or something. Will the encryption make it harder to recover my data than if I weren't using encryption? That is, if a few bytes are off, can AES-256 still decrypt gracefully? Thanks, - Jordi G. H. try looking at the manual entries for cryptsetup and luksformat... The encryption algorithm used will depend on the options you chose when you setup your filesystems. I think it defaults to AES-256. And no, it doesn't use your password to encrypt all the data. It generates a random key for that. Your password is used to encrypt the random key, and the resuld stored in the LUKS header. So when you change your password, all that happens is the random key gets re-encrypted with the new password and replaced. It even allows you to assign multiple passwords, by storing multiple copies of the random key, encrypted by each of the passwords. I think the man pages above, and the other resouces they site, should answer your other questions. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel sources for Debian kernel 2.6.18-6-686
On Wed, Apr 23, 2008 at 08:30:27AM -0700, Oliver wrote: I just installed Debian with a netinstall CD. uname -r tells me that I am using the kernel 2.6.18-6-686. Now I am installing a driver (Diva for Linux) and this driver needs the kernel sources to compile a .deb package. (Instructions on page 17 of this document: http://www.dialogic.com/download/p/linux/source.8.5/108-80/Diva_SR_LIN_Referen ceGuide.pdf) I really do not know where to find the sources for this kernel version, as it is a customized Debian kernel. If you can not help, I need to download the newest kernel from Kernel.org and recompile? Thank you for you help Oliver What do you mean by a customised kernel? Where did you get it from? If you just mean it is a distribution debian kernel and hence different from the vanila kernel.org version, then apt-get install linux-source-2.6.18 and untaring the resultant archive should give you what you want. For more details, see the thread 'Kernel source packages..' from where I was working out how to reproduce my kernel from source. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Using a second display adapter
On Sun, Apr 20, 2008 at 09:06:02AM -0700, Daniel Burrows wrote: On Sat, Apr 19, 2008 at 07:06:55PM +, Digby Tarvin [EMAIL PROTECTED] .org was heard to say: . . Perfermance is definately way down the list, as I'm not really planning in implementing support for fancy acceleration features. Have you heard of the Open Graphics Project? It sounds like perhaps you're looking for something like that. The URL is: http://www.opengraphics.org Note, though, that the only thing they have available now is a rather expensive model for people who want to help develop the board, so it won't really help you right now. But I thought you might be interested. Daniel Hi, yes - I did come across that project. It would be ideal for what I want. The only problems being that their development board doesn't seem to be readily available yet, and as you say, the pre-production version is rather expensive even if you can one allocated to you. As I don't need anything particularly powerful or fancy, I think I should be able to pick up something suitable on eBay fairly cheaply, if only I can find a board where decent information on its programming interface is available. Partly because I think manufacturers should be rewarded for making information available to open source developers, but mostly because it will make the board more useful to me. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Using a second display adapter
n Sat, Apr 19, 2008 at 07:53:58AM -0500, Hugo Vanwoerkom wrote: Digby Tarvin wrote: . . Can anyone explain what happens hardware wise when a second adapter is present? For example, adding a PCI adapter to a system that already has an AGP card. Just put the second one in xorg. conf: . . I assume that video memory for more advanced modes will be mapped to unique addresses by the PCI magic, but arn't the legacy modes like CGA etc tied down to fixed addresses (eg SVGA tex mode to segment b000h)? Is it possible to have have two text mode displays simultaneously? No. Video of the Linux console is rather primitive. Only the first adapter has the VT's. As soon as X dies you lose the other monitors/keyboards/mice. Interesting, thanks, but not really what I had in mind on this occasion. I am really more interested in the hardware level, not using Linux Console or xorg driver at all. By text mode suppert I mean I would like to know if a second adapter can be configured (via a custom driver) to provide a block of memory whereby writing one byte the the memory results in one character displayed on a screen. The same hardware mode used by the linux console when not in framebuffer mode. Ideally I would like to be able to tell Linux to keep its hands of the card so that I can write my own (non X, non glass tty) driver for it. Although if the framebuffer driver can be put in text mode then that might do what I want without needing a new driver. Anyone know? I only use Nvidia. Best cards best support although proprietary driver. Unfortunately I think that probably rules out nVidia for me if I am looking at writing a custom driver. Details programmers documentation is probably my highest priority after the basic requirement that it be able to co-exist with anohter card, with clean/simple interface being the next priority (eg framebuffer directly addressible without any indirection). Perfermance is definately way down the list, as I'm not really planning in implementing support for fancy acceleration features. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: moving /usr, /var, and /etc
On Fri, Apr 18, 2008 at 01:29:29PM +0800, Antony wrote: I have a Debian system on really small Flash memory like an embed system. A hard drive is mounted onto the system. I want to add more processes to the system like mail server. But the problem is /usr, /var, /etc are running out of space on the Flash memory. I'm planning to do the following: - make /usr, /var, /etc, /home directories on the mounted hard drive. - copy /usr, /var, /etc, /home original directories to new created directories. - edit /etc/fstab to mount these directories to new created locations. - remove the old /usr, /var, /etc, /home directories. Is that unsafe to do so? Do files in these directories being accessed before mounting from /etc/fstab? Let me get this straight you are going to update fstab, which resides in /etc, with information telling the system how to mount /etc? Moving /usr, /var and /home should be fine - it is quite normal to have those as separate filesystems. You shouldn't really have to move /etc (it shouldn't grow that much) but if you really want to it won't be a simple minded task. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Using a second display adapter
I am thinkng of adding a second display adapter to experiment with. I'm not really interested in dual head X (I'd use single dual head adapter for that). I am more interested in having some display hardware that I can experiment with without effecting my console/X display. Can anyone explain what happens hardware wise when a second adapter is present? For example, adding a PCI adapter to a system that already has an AGP card. I assume that video memory for more advanced modes will be mapped to unique addresses by the PCI magic, but arn't the legacy modes like CGA etc tied down to fixed addresses (eg SVGA tex mode to segment b000h)? Is it possible to have have two text mode displays simultaneously? The sort of thing I would like to experiment with is having a 'diagnostic' screen which the kernel can write a message to in real time by just writing ascii to a memory address. Perhaps it is something I can do without a custom driver using the framebuffer interface? Except I don't necessarily want the complexity/ overheads of rendering fonts. Can I have a text mode frame buffer? Anyway, the current adapter in this system is a AGP nVidia: 01:00.0 VGA compatible controller: nVidia Corporation NV25 [GeForce4 Ti 4200] (rev a3) (prog-if 00 [VGA]) Flags: bus master, 66MHz, medium devsel, latency 64, IRQ 137 Memory at fd00 (32-bit, non-prefetchable) [size=16M] Memory at f000 (32-bit, prefetchable) [size=64M] Memory at f488 (32-bit, prefetchable) [size=512K] Expansion ROM at feae [disabled] [size=128K] Capabilities: [60] Power Management version 2 Capabilities: [44] AGP version 2.0 Any reccomendations on a goood card adapter to look for for this? The main thing is probably a clean and simple hardware interface, and good open source friendly documentation for driver writers. Doesn't need to be state of the art - Something I can find cheaply on eBay (along with a 1280x1024 LCD display) would probably suffice. Thanks, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: taming resolv.conf
On Wed, Apr 16, 2008 at 05:16:16PM -0600, Bob Proulx wrote: Digby Tarvin wrote: My new /etc/resolv.conf is coming up as: nameserver 127.0.0.1 This is correct if you have bind9 installed. Since this is automatically detected then I assume that you do have bind9 installed in order to see this result. If you remove bind9 then you would see the DHCP nameserver addresses there. In which case there is one manual step to installing resolvconf. You would need to change: include /etc/bind/named.conf.options; To this: include /var/run/bind/named.options; The resolvconf package scripts know about bind9 and if it is installed then they assume that you want to use it and automatically set up /var/run/bind/named.options with the nameservers offered by DHCP. Bob Aha! Yes, that was it. Thanks! Just removing bind9 was enough to produce the expected behaviour. Not sure I follow the bit about the manual step required. Which file is it that is being edited? can't find anything in etc/resolvconf.. Or is that a step which would allow use of the DHCP values with bind9 still isntalled? I suppose the latter would be useful to be able to do, so that all my servers could be configured to run off a single nameserver, but be able to take over as the nameserver with a simple change of config if desired. (I am setting one up for a friend that wants to give debian a try, but is not experienced in Linux admin, so fairly simple but flexible network adaptability would be a big advantage) Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
taming resolv.conf
Another little niggle from my recent install which doesn't seem to be as straight forward as it should be... I hope someone can point me at what I am doing wrong... Immediately following my Etch 40r3 netinstall my /etc/network/interfaces had a pretty standard looking precision:/etc/network# grep -v '#' /etc/network/interfaces.orig auto lo iface lo inet loopback allow-hotplug eth0 iface eth0 inet dhcp My /etc/resolv.conf file looked ok, except the DHCP server in my router provides nameserver IP only, no search list. After a bit of searching it looked like the resolvconf package would be an simple solution, so I installed it and updated my loopback device entry to insert the search list as follows: auto lo iface lo inet loopback dns-search cthulhu.dircon.co.uk That all worked fine, except that ever since resolvconf was installed the nameserver address returned by the DHCP server seems to be being installed. My new /etc/resolv.conf is coming up as: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 search cthulhu.dircon.co.uk If I revert to the original interfaces file, /etc/resolv.conf is # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 And if I then apt-get remove resolvconf and reboot then the original resolv.conf with correct dhcp supplied nameserver (but no search) returns: # generated by NetworkManager, do not edit! nameserver 203.27.41.5 Any suggestions? I do like the idea of having any static nameserver information in the /etc/network/interfaces file with the rest of the network config, so resolvconf would be good if it worked as expected Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: taming resolv.conf
On Wed, Apr 16, 2008 at 08:00:12PM +0300, Andrei Popescu wrote: On Wed, Apr 16, 2008 at 04:16:13PM +, Digby Tarvin wrote: Any suggestions? I do like the idea of having any static nameserver information in the /etc/network/interfaces file with the rest of the network config, so resolvconf would be good if it worked as expected If I understood correctly what you want you need this is /etc/network/interfaces: dns-nameserver 123.234.123.234 More info in /usr/share/doc/resolvconf/README.gz section 3.4 Regards, Andrei Not quite. I only want the static information in the interfaces file. I still want the nameserver address that is supplied by DHCP to be used. I do know how to hardwire a nameserver and IP address if I am not using DHCP, but resolvconf is not really so necessary in that situation. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: taming resolv.conf
Combining the responses to the previous to posters... On Wed, Apr 16, 2008 at 08:37:30PM +0300, Andrei Popescu wrote: On Wed, Apr 16, 2008 at 05:08:08PM +, Digby Tarvin wrote: Not quite. I only want the static information in the interfaces file. I still want the nameserver address that is supplied by DHCP to be used. I do know how to hardwire a nameserver and IP address if I am not using DHCP, but resolvconf is not really so necessary in that situation. I don't think the static dns server in the interfaces file will override the DHCP provided one, but I can't tell for sure. You will have to read the resolvconf docs for this. I hope it didn't sound like I hadn't bothered to read any documentation ;) My understanding is that one of the main functions of resolvconf is to deal with multiple sources of DNS information (such as a mixture of HDCP and static interfaces in one system) and to merge all the server addresses and domains into a single resolv.conf - rather than have the last interface that is brought up to over write the data from the earlier ones. Consequently, whilst in my case it is using a sledge hammer to crack a nut, I seems to be that it should be able to do what I want. That is, to merge the information obtained by dhcp with a static search domain. AND... On Wed, Apr 16, 2008 at 02:30:39PM -0500, Michael Shuler wrote: Digby Tarvin wrote: My /etc/resolv.conf file looked ok, except the DHCP server in my router provides nameserver IP only, no search list. Any suggestions? I do like the idea of having any static nameserver information in the /etc/network/interfaces file with the rest of the network config, so resolvconf would be good if it worked as expected I do this all in /etc/dhcp3/dhclient.conf - custom prepended domains for search, as well as superseding some rather useless caching resolvers in favor of another pair. Works regardless of whether I use the interfaces file, resolvconf, NetworkManager, etc., which all use dhclient in the end. Hope that helps! Thanks. That might be a workaround. Although I don't think it is ideal because: 1. I am setting up four systems, and only two are using dhcp. The others are servers on the local lan, and hence will have static ip addresses. 2. I was hoping to hoping to make these systems fairly interchangeable and potable, with all of the network configuraiton customizing localized to the /etc/network/interfaces file.. So I would really like to get to the bottom of why resolvconf is not honouring the dns server address obtained by dhcp if at all possible. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel source packages..
Many thanks to David, NN_il_Confusion and martin for their suggestions, in particular.. On Sun, Apr 13, 2008 at 08:24:09PM -0700, David Witbrodt wrote: The book is great, but already a bit out of date. Krafft has a website (not recently updated) which includes error corrections and new information here: http://debiansystem.info . . Excellent! Very glad to know about that we site. Thanks! (and to Martin for setting it up) On Mon, Apr 14, 2008 at 07:05:33AM +0200, NN_il_Confusionario wrote: On Mon, Apr 14, 2008 at 12:52:41AM +, Digby Tarvin wrote: Can anyone shed any light on the differences between the various kernel source packages in the repository, kernel-source-* are for sarge and below linux-source-* are for etch and beyond Then do apt-cache show $PACKAGE and read the Description: (for example, difference between linux-source-2.6.18 and linux-tree-2.6.18) . . I'm still a bit of a newbie with the Debian package management stuff. Obviously a bit more reading to do, but it is nice to know there are ways to get the answers to these things... thanks for the clues as to where to look.. On Mon, Apr 14, 2008 at 08:19:41AM +0200, martin f krafft wrote: Try linux-source-*. The kernel packaging has changed substantially since my book was published. I am working on a new edition. Unfortunately, I cannot foresee a release date yet. Must be quite a job keeping up with a moving target like the Debian system... I hate the thought of throwing away my well thumbed first edition, but I suppose it is inevitable. Maybe you should think of putting out a yearly addendum between editions. I'd subscribe ;) Are there, incidentally, any journals out there that are particulalry good for debian users? Can anyone explain what the reasonaing is behind this organization? Did you see kernel-handbook.alioth.debian.org? Thanks, stumbled across a link to this on the debian.org site after I sent the original message. Still reading... Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Firewall froth..
My personal system is connected to the Internet via an ADSL router which doesn't give me any information about what doesn't get through. However I recently helped a friend setup a Debian box to act as firewall/router between his cable modem and local LAN, which has given me access to a lot more detail... The system is a Debian Etch 40r3 netinstall with Shorewall used to configure an iptables firewall/router. The hardware has two ethernet interfaces, eth0 connects to the cable modem, eth1 connects to the local lan.. The problem I am having is that the messages from the firewall really flood /var/log/messages to the point where I am concerned they may cause me to miss other important things. My rules file is setup with: ACCEPT net fw tcp 22 ACCEPT net fw icmp DROPnet fw udp 1026:1029 where the list line was to filter out the most frequent messages, but I am not really sure what, if any, rejected connections/packets I should be looking out for, and what should just be ignored... Perhaps I should redirect the firewall logs to a separate file? Or just stick my head in the sand and log nothing - which is presumably the situation with my dsl router.. Here is an example of the last dozen or so messages in the log: DF PROTO=TCP SPT=1739 DPT=2933 WINDOW=65535 RES=0x00 SYN URGP=0 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=125.45.93.1 DST=81.105.30.126 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=44567 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=71.156.118.7 DST=81.105.30.126 LEN=48 TOS=0x00 PREC=0x20 TTL=116 ID=17119 DF PROTO=TCP SPT=3968 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=71.156.118.7 DST=81.105.30.126 LEN=48 TOS=0x00 PREC=0x20 TTL=116 ID=18256 DF PROTO=TCP SPT=3968 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=88.109.202.188 DST=81.105.30.126 LEN=58 TOS=0x00 PREC=0x00 TTL=119 ID=4407 PROTO=UDP SPT=8184 DPT=2933 LEN=38 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=88.109.202.188 DST=81.105.30.126 LEN=58 TOS=0x00 PREC=0x00 TTL=119 ID=4409 PROTO=UDP SPT=8184 DPT=2933 LEN=38 Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:a5:f7:47:a8:00:0b:bf:51:60:01:08:00 SRC=88.109.202.188 DST=81.105.30.126 LEN=58 TOS=0x00 PREC=0x00 TTL=119 ID=4410 PROTO=UDP SPT=8184 DPT=2933 LEN=38 Is this normal? Anyone know where all this rejected traffic represents? Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Firewall froth..
On Tue, Apr 15, 2008 at 01:23:59PM -0400, Brian McKee wrote: On 15-Apr-08, at 11:42 AM, Digby Tarvin wrote: The problem I am having is that the messages from the firewall really flood /var/log/messages to the point where I am concerned they may cause me to miss other important things. ... Perhaps I should redirect the firewall logs to a separate file? Or just stick my head in the sand and log nothing - which is presumably the situation with my dsl router.. If it's dropped - then the firewall did it's job. Why look at the results unless you have a problem? Worry about what's getting through, not what isn't Brian Thanks, that's what I was thinking. If anyone can think of a reason not to extend the DROPnet fw udp 1026:1029 so that logging for all blocked packets is supressed i'd be interested in hearing it.. Just out of curousity, does anyone know what any of this bogus traffic to (for example ports 1947 and 1948 are popular at the moment) might be? Is it common to see this much noise? Is it perhaps undocumented traffic generated by windows systems that others have connected directly to the net? Or perhaps malicious traffic targeting vulnerabilities of windows systems that might be unfirewalled on the net? Regards,. DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
SMP apm
Just been chaseing up some post install loose ends, one of which was getting the 'automatic power off on halt' to work... The steps required turned out to be: a. apt-get install apm b. echo apm /etc/modules c. echo 'options apm power_off=1' /etc/modprobe.d/apm which seems to have done the trick nicely. However I am a little concerned about the messages produced when apm is loaded: apm: BIOS version 1.2 Flags 0x03 (Driver version 1.16ac) apm: disabled - APM is not SMP safe (power off active). This is a SMP motherboard with two cpu's installed: Intel MultiProcessor Specification v1.1 Virtual Wire compatibility mode. OEM ID: INTELProduct ID: 440GXAPIC at: 0xFEE0 Processor #0 6:8 APIC version 17 Processor #1 6:8 APIC version 17 I/O APIC #2 Version 17 at 0xFEC0. Enabling APIC mode: Flat. Using 1 I/O APICs Processors: 2 So is the message about apm being disabled lying - it is doing something as it is enabling my auto power off, and /proc/apm appears showing: penemunde:/etc# cat /proc/apm 1.16ac 1.2 0x03 0xff 0xff 0xff -1% -1 ? I have skimmed through the apm source, at it looks to me like it is just that the message is a listtle misleading and that the power off part of apm is safe with SMP, and the unsafe bits are disabled. I think this is right, but thought it worth mentioning as it seems like something that should be in an Etch FAQ.. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Read-only root (/) except /etc
n Sun, Apr 13, 2008 at 12:04:31PM -0400, Douglas A. Tutty wrote: On Sun, Apr 13, 2008 at 03:12:08PM +, [EMAIL PROTECTED] wrote: I don't *need* things read-only. I would just rather not *need* to have my root filesystem read write. I gave some reasons above for why I would like to be able to crontrol if and when the root filesystem is subject to writes.. However, consider: as things stand now, only root can alter files which don't have write permissions for others. Sure, if the filesystem were mounted ro then root couldn't write to the files either (or delete files). However, root could always remount / rw. Therefore there is no security in a system once root is compromised whatever you do. If root is not compromised, then standard unix permission scheme will provide the security. Doug. The trouble is that isn't really true. As long as you have standard utilities like 'passwd' and 'chsh' normal users can cause the root filesystem to be modified any time they want.. And in the examples I gave (running root off a DVD or drive with hardware write protect), a remount rw will only succeed in getting write failures logged But it isn't just security. It is another file system needing regular backup, and fewer writes means less likelihood of corruption eg if power goes off at the wrong instant.. The files that are a problem are the ones where either a change can result from user activity (passwrd/shadow) or where they are changed by demons, such as resolv.conf. I don't mind explicit changes by the administrator, who can take care or write-protects or reburning media. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Kernel source packages..
Can anyone shed any light on the differences between the various kernel source packages in the repository, and which is the best choice for just being able to reproduce the running kernel? The example in my Martin Kraft book refers to: apt-get install kernel-source-2.6.8 but I can't find a 'kernel-source-anything'.. The docs on debian.org suggest apt-get install linux-source-2.6 but looking in the repository I also see linux-source as well as linux-tree-2.6.18-n where n is a number between 1 and 8, and there are also linux-tree-2.6.18.dfag.1-n where n is 9-19, some with 'etch' followed by a digit appaended. The above are all 'v' packages. There is also linux-source-2.6.18 and linux-tree-2.6.18 which are actual packages. Can anyone explain what the reasonaing is behind this organization? Thanks, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Read-only root (/) except /et
On Sun, Apr 13, 2008 at 07:30:55PM -0400, Douglas A. Tutty wrote: snip The trouble is that isn't really true. As long as you have standard utilities like 'passwd' and 'chsh' normal users can cause the root filesystem to be modified any time they want.. No. The user isn't modifying anything really, its the suid utility which is. User's don't have write permission on the /etc/passwd file. The only security concern is if the suid utility is replaced by another; in other words, again root is compromised. Well sure, when a user modifies somethign it always boils down to a progrma doing it on the users behalf. The important point is that the user can invoke such a change at any time. The suid file only restricts the nature of the chance. That means that in a standard config the root filesystem cannot be made read-only without braeaking things, preventing one possible security enhancing stategy. And in the examples I gave (running root off a DVD or drive with hardware write protect), a remount rw will only succeed in getting write failures logged So root turns off logging to. If we're talking about running off a DVD then this is a LiveCD scenario with union mounting. so the worst case is a remount gains an infiltrator nothing if the filesystem non-writeability is enforced via hardware. And yes, I think a LiveCD is a very good example of the sort of hoops you have to jump through to have some of the root filesystem content run off read-only media. But it isn't just security. It is another file system needing regular backup, and fewer writes means less likelihood of corruption eg if power goes off at the wrong instant.. Well sure, that makes sense. However, the only part that needs the backup is /etc/ anyway, which would need backup if it was separate, so no gain there. The /etc on a separate filesystem was the suggestion of the original poster. Its not a solution that achieves my ideal of having only one system and one user filesystem that have to be read/write. As for e.g. corruption, I'd suggest having a duplicate root filesystem taken care of by a script (which checks somehow that all is well) which rsyncs them. This second root fs would be on its own partition with its own entry in the boot loader. This suggests that /boot is on its own partition and it is very easy to have /boot ro. Exactly what I am doing now on my bsd system: skaro:/usr/home/digbyt mount /dev/wd0a on / (NFS exported, local) /dev/wd0h on /usr (NFS exported, local, read-only) /dev/wd0g on /var (local) /dev/wd0f on /usr/local (NFS exported, local, nodev, read-only) /dev/wd0e on /usr/home (NFS exported, local) /dev/wd0d on /user1 (local, nodev, nosuid, read-only) /dev/wd1h on /backup/usr (local, nodev, nosuid, read-only) /dev/wd1f on /backup/local (local, nodev, nosuid, read-only) /dev/wd1d on /backup/user1 (local, nodev, nosuid, read-only) localhost:/cfs/null on /cfs/crypt /dev/wd1a on /backup/root (local, nodev, nosuid, read-only) /dev/wd1g on /backup/var (local, nodev, nosuid, read-only) /dev/wd1e on /backup/home (local, nodev, nosuid, read-only) Note that all my live partitions are rsync'd with identical partitions on the backup disk every night, and by default all except home, var and root are read-only. The backup scripts know that they only have to backup live partitions that are read-write, and to remount the backup filesystems read-write during the procedure. If I do need to chance something on, for example, /usr/local, I remount it and leave it read/write. The backup scripts will see that it is r/w, back it up, and then make it read-only again when they finish so that it won't be backed up again till I repeat the process. User1 lets me arhive static user files in a way that leaves them accessible without making work for the backup scripts. If it were not for root, then there would be no writeable filesystem with suid and dev enabled. And of course if root could be mounted read-only, that would be one less filesystem that needed to be scanned for differences every night. There is also a big saving in boot time if there is a crash, because only filesystems mounted r/w will be dirty and need preening. The files that are a problem are the ones where either a change can result from user activity (passwrd/shadow) or where they are changed by demons, such as resolv.conf. I don't mind explicit changes by the administrator, who can take care or write-protects or reburning media. I'd suggest to approach it as a live CD thingy, its a well tried path. Anything else is frought with dragons. Sure. I didn't mean to hijack the topic. Its just something I have thought about and experimented with, so wanted to add my 2p worth to the original posters suggestion/query. Regards, DigbyT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Etch 2.6.18-5-486 stable but 2.6.18-5-686 crashes on PIII SMP???
I have installed Etch using a recent netinstall on a Dell Precision 410, and had a lot of trouble initially with mysterious frequent 'segmentation fault' errors and total system freezes which required a reset. After some trial and error and some advice from the net I discovered that if I installed the 2.6.18-5-486 kernel and booted that instead of the 2.6.18-5-686 kernel from the installer then all the instability went away. However this leaves me without use of my second CPU and without access to a 'bigmem' kernel to access all of my ram :( I am hoping that there might be some kernel experts out there that can offer some suggestions as to what might be going wrong with the 686 kernel, and which I might be able to try in order to resolve (or at least explain) the problem... /proc/cpuinfo returns: processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 7 model name : Pentium III (Katmai) stepping: 2 cpu MHz : 447.728 cache size : 512 KB fdiv_bug: no hlt_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 mmx fxsr sse bogomips: 896.10 I tried booting the 686 kernel with the 'nosmp' option to see if there was a problem with the SMP implementation on this machine, but that made no difference (other than giving me a single processor). Anyone come across anything like this? Any kernel experts with any idea what difference between these two kernels might explain this problem? A 'diff config-2.6.18-5-486 config-2.6.18-5-686' produces 4c4 # Tue Oct 2 23:31:31 2007 --- # Tue Oct 2 23:31:49 2007 24c24 CONFIG_BROKEN_ON_SMP=y --- CONFIG_LOCK_KERNEL=y 40a41 CONFIG_CPUSETS=y 72a74 CONFIG_STOP_MACHINE=y 97c99 # CONFIG_SMP is not set --- CONFIG_SMP=y 108c110 CONFIG_M486=y --- # CONFIG_M486 is not set 112c114 # CONFIG_M686 is not set --- CONFIG_M686=y 129c131 CONFIG_X86_GENERIC=y --- # CONFIG_X86_GENERIC is not set 132c134 CONFIG_X86_L1_CACHE_SHIFT=7 --- CONFIG_X86_L1_CACHE_SHIFT=5 136d137 CONFIG_X86_F00F_BUG=y 141,142c142,145 CONFIG_X86_ALIGNMENT_16=y CONFIG_X86_INTEL_USERCOPY=y --- CONFIG_X86_CMPXCHG64=y CONFIG_X86_GOOD_APIC=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y 143a147,149 CONFIG_NR_CPUS=8 CONFIG_SCHED_SMT=y CONFIG_SCHED_MC=y 147,148c153 CONFIG_X86_UP_APIC=y CONFIG_X86_UP_IOAPIC=y --- # CONFIG_PREEMPT_BKL is not set 151c156,158 # CONFIG_X86_MCE is not set --- CONFIG_X86_MCE=y CONFIG_X86_MCE_NONFATAL=m CONFIG_X86_MCE_P4THERMAL=y 167,168c174,175 CONFIG_NOHIGHMEM=y # CONFIG_HIGHMEM4G is not set --- # CONFIG_NOHIGHMEM is not set CONFIG_HIGHMEM4G=y 170a178 CONFIG_HIGHMEM=y 183c191,192 CONFIG_MATH_EMULATION=y --- # CONFIG_HIGHPTE is not set # CONFIG_MATH_EMULATION is not set 185a195 CONFIG_IRQBALANCE=y 193a204 # CONFIG_CRASH_DUMP is not set 194a206 CONFIG_HOTPLUG_CPU=y 195a208 CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y 204a218 CONFIG_SUSPEND_SMP=y 220a235 CONFIG_ACPI_HOTPLUG_CPU=y 253c268 CONFIG_CPU_FREQ_STAT_DETAILS=y --- # CONFIG_CPU_FREQ_STAT_DETAILS is not set 306,313c321,322 CONFIG_EISA=y CONFIG_EISA_VLB_PRIMING=y CONFIG_EISA_PCI_EISA=y CONFIG_EISA_VIRTUAL_ROOT=y CONFIG_EISA_NAMES=y CONFIG_MCA=y CONFIG_MCA_LEGACY=y # CONFIG_MCA_PROC_FS is not set --- # CONFIG_EISA is not set # CONFIG_MCA is not set 350c359 CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM=y --- # CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM is not set 762d770 CONFIG_DMASCC=m 815d822 CONFIG_IRPORT_SIR=m 820d826 # CONFIG_DONGLE_OLD is not set 1210d1215 CONFIG_SCSI_AHA1740=m 1215d1219 CONFIG_AIC7XXX_PROBE_EISA_VL=y 1262d1265 CONFIG_SCSI_FD_MCS=m 1267,1269d1269 CONFIG_SCSI_IBMMCA=m CONFIG_IBMMCA_SCSI_ORDER_STANDARD=y # CONFIG_IBMMCA_SCSI_DEV_RESET is not set 1278d1277 CONFIG_SCSI_NCR_D700=m 1287,1292d1285 CONFIG_SCSI_NCR_Q720=m CONFIG_SCSI_NCR53C8XX_DEFAULT_TAGS=8
getting sound to stick in Etch...
I am having a problem getting audio functionality to stick in a newly installed Etch system on a Dell precision 410 MT. There was no sound device immediately after install, so I ran alsaconf, selected: legacy Probe legacy ISA (non-PnP) chips told it to probe cs4236 Cirrus Logic CS4235-9 then answered Y to Do you want to modify /etc/modprobe.d/sound And I get OK, sound driver is configured. ALSA CONFIGURATOR will prepare the card for playing now. Now I will load the ALSA sound driver and use amixer to raise the default volumes. This results in /etc/modprobe.d/sound containing: alias snd-card-0 snd-cs4236 options snd-cs4236 index=0 port=0x530 cport=0x538 isapnp=0 dma1=1 dma2=0 irq=5 and /proc/asound contains: dr-xr-xr-x 4 root root 0 2007-10-30 15:23 card0 -r--r--r-- 1 root root 0 2007-10-30 15:23 cards lrwxrwxrwx 1 root root 5 2007-10-30 15:23 CS4237B - card0 -r--r--r-- 1 root root 0 2007-10-30 15:23 devices -r--r--r-- 1 root root 0 2007-10-30 15:23 hwdep -r--r--r-- 1 root root 0 2007-10-30 15:23 modules dr-xr-xr-x 2 root root 0 2007-10-30 15:23 oss -r--r--r-- 1 root root 0 2007-10-30 15:23 pcm dr-xr-xr-x 2 root root 0 2007-10-30 15:23 seq -r--r--r-- 1 root root 0 2007-10-30 15:23 timers -r--r--r-- 1 root root 0 2007-10-30 15:23 version Two problems... 1. after rebooting it is all gone and I have no sound again :( I assume the modprobe.d/sound file should be causing sound to be configured at boot time, but it appears not to be.. Any ideas what is going wrong or what I still need to do? 2. No /dev/dsp, so attempting to run esd for gnome fails... Could it be anything to do with the /etc/modprobe.d entry: lrwxrwxrwx 1 root root41 2007-10-27 21:42 linux-sound-base_noOSS - /lib/linux-sound-base/noOSS.modprobe.conf Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: getting sound to stick in Etch...
That did it - Thanks!! On Tue, Oct 30, 2007 at 03:59:25PM +0100, Florian Kulzer wrote: On Tue, Oct 30, 2007 at 14:28:27 +, Digby Tarvin wrote: I am having a problem getting audio functionality to stick in a newly installed Etch system on a Dell precision 410 MT. There was no sound device immediately after install, so I ran alsaconf, selected: legacy Probe legacy ISA (non-PnP) chips told it to probe cs4236 Cirrus Logic CS4235-9 then answered Y to Do you want to modify /etc/modprobe.d/sound And I get OK, sound driver is configured. ALSA CONFIGURATOR will prepare the card for playing now. Now I will load the ALSA sound driver and use amixer to raise the default volumes. This results in /etc/modprobe.d/sound containing: alias snd-card-0 snd-cs4236 options snd-cs4236 index=0 port=0x530 cport=0x538 isapnp=0 dma1=1 dma2=0 irq=5 [...] Two problems... 1. after rebooting it is all gone and I have no sound again :( I assume the modprobe.d/sound file should be causing sound to be configured at boot time, but it appears not to be.. Any ideas what is going wrong or what I still need to do? 2. No /dev/dsp, so attempting to run esd for gnome fails... Could it be anything to do with the /etc/modprobe.d entry: lrwxrwxrwx 1 root root41 2007-10-27 21:42 linux-sound-base_noOSS - /lib/linux-sound-base/noOSS.modprobe.conf Adding the following two lines to /etc/modules might help: snd_cs4236 snd_pcm_oss -- Regards,| http://users.icfo.es/Florian.Kulzer Florian | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Getting power off to work in Etch...
Does anyone know the secret to getting Etch to power down the system after a halt. I have tried 'apt-get install apmd', but it doesn't seem to have helped. I know the hardware can do it, because it worked with the very old version of Ubuntu I tried before Debian (5.04). The machine is a Dell Precision 410 with new Etch netinst just done... Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Getting power off to work in Etch...
On Tue, Oct 30, 2007 at 09:44:38PM +0100, Nigel Henry wrote: On Tuesday 30 October 2007 18:58, Digby Tarvin wrote: Does anyone know the secret to getting Etch to power down the system after a halt. I have tried 'apt-get install apmd', but it doesn't seem to have helped. I know the hardware can do it, because it worked with the very old version of Ubuntu I tried before Debian (5.04). The machine is a Dell Precision 410 with new Etch netinst just done... Thanks, DigbyT Hi Digby. Just an update. I found the the link to the bugreport for the shutdown problem. It may, or may not resolve your problem, but is below. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=390547 Cordialement. Nigel. Hi Nigel, I went through that bugreport, and creating a /etc/modprobe.d/apm containing options apm power_off=1 fixed it for me. Many thanks for all the pointers. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Fresh Etch netinstall problems...
Hi Doug, Many thanks again for your help and suggestions.. I've moved your comments around to intersperse them for easier reading. On Sun, Oct 28, 2007 at 01:09:32AM +, Digby Tarvin wrote: On Sat, Oct 27, 2007 at 07:40:27PM -0400, Douglas A. Tutty wrote: On Sat, Oct 27, 2007 at 05:30:49PM +0100, Digby Tarvin wrote: I hope there are some experts out there that can offer some suggestions regarding a problem I am having installing Debian Etch (40r1-386-netinst downloaded on 23/10/07) on a Dell Precision 410 MT... Everything goes fine through the initial install, up to the point where I have to reboot using the freshly installed kernel on the hard drive. Either the package transfer fails after a few minutes with messages like E: Method http has died unexpectedly! segmentation fault or dpkg falls over during the installation of the package, eg /bin/sh: line 1: 2284 Segmentation fault /usr/bin/dpkg_preconfigure... It seems that the kernel used during the initial install was stable, but the kernel it installed on the hard disk is not. Model: Dell Precision Workstation 410 MT BIOS revision A08 CPU: 2xPIII 450MHz Video card: 3DLabs Oxygen GVX1 Ram: 1024MB Adaptec AIC-7890 BIOS DELL-V2.01.05 SCSI ID 0 COMPAQ DDRS-34560W ULTRA2-SE SCSI ID 1 SEAGATE ST173404LW ULTRA2-SE Adaptec AIC-7880 BIOS DELL-V2.01.05 SCSI ID 1 MATSHITA DVD-RAM LF-200 Primary IDE1ZIP drive Uname -a returns: Linux precision 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux looks OK. and /etc/apt/sources.list contains: # # deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 20070820-20:21]/ etch contrib main deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 20070820-20:21]/ etch contrib main deb http://ftp.uk.debian.org/debian/ etch main deb-src http://ftp.uk.debian.org/debian/ etch main deb http://security.debian.org/ etch/updates main contrib deb-src http://security.debian.org/ etch/updates main contrib looks OK. You could use the install CD as a rescue system, choose run a command on the rootfs (or whatever it says); it runs your command chrooted to the system. Try aptitude there (thus with the installer's kernel). If that works, do a uname -a there and notice any difference. Ok, that seemed to work ok. Here is what uname -a produces: Linux precision 2.6.18-5-486 #1 Fri Jun 1 00:07:22 UTC 2007 i686 GNU/Linux vs the kernel on the hard drive, which is: Linux precision 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux The only difference I see is the SMP - which as mentioned, I have tried disabling with a 'nosmp' argument. Needless to say, what you're experiencing shouldn't happen under any circumstances with Etch (stable). The initial install seems to require the 'aic7xxx.aic7xxx=no_probe' to complete properly. If I omit that then I get no error but the install completes much sooner and I assume was truncated by an unreported error, as much less software ends up being installed. /usr/share/doc/linux-doc-2.6.18/Documentation/scsi/aic7xxx.txt.gz says that probing is disabled by default. Perhaps somehow your's is being probed. The question is, is it happening in the initrd or on a module insertion. If its happing in the regular filesystem boot (after initrd) then you can add in /etc/modprobe.conf a line: options aic7xxx aic7xxx=no_probe Tried that, but it didn't seem to have any effect. There was no /etc/modprobe.conf to start with, so I created one with the line you suggested. But I'm not sure how to tell if the system is paying any attention to it at all... if its happening in the initrd, then you have to get the module parameters set there. I've never tinkered with initramfs, so the first thing to do is to copy your initrd to something like initrd-works. Then, since /etc/initramfs-tools/initramfs.conf likely has a line: MODULES=most which means that all hard drive modules will be loaded, including presumabley the aic7xxx, try adding the module to /etc/initramfs-tools/modules with the parameter aic7xxx no_probe Then you'll need to re-run update-initramfs (possibly from a rescue CD). I expected this to be the more likely solution, as the hard disk drivers will obviously need to be loaded before any modules can be loaded from hard disk... Havn't tried it yet - it will be next on my agenda... In order to try and decide once and for all if it is the AIC-7890 that is causing the problem, I tried disabling it in the bios and re-installing onto an external usb drive. Unfortunately the bios doesnt know how to boot from usb, but I figured I could get
Re: Fresh Etch netinstall problems...
Some progress... On Sun, Oct 28, 2007 at 03:55:24PM +, Digby Tarvin wrote: It seems that the kernel used during the initial install was stable, but the kernel it installed on the hard disk is not. Model: Dell Precision Workstation 410 MT BIOS revision A08 CPU: 2xPIII 450MHz Video card: 3DLabs Oxygen GVX1 Ram: 1024MB Adaptec AIC-7890 BIOS DELL-V2.01.05 SCSI ID 0 COMPAQ DDRS-34560W ULTRA2-SE SCSI ID 1 SEAGATE ST173404LW ULTRA2-SE Adaptec AIC-7880 BIOS DELL-V2.01.05 SCSI ID 1 MATSHITA DVD-RAM LF-200 Primary IDE1ZIP drive snip.. Try aptitude there (thus with the installer's kernel). If that works, do a uname -a there and notice any difference. Ok, that seemed to work ok. Here is what uname -a produces: Linux precision 2.6.18-5-486 #1 Fri Jun 1 00:07:22 UTC 2007 i686 GNU/Linux vs the kernel on the hard drive, which is: Linux precision 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux The only difference I see is the SMP - which as mentioned, I have tried disabling with a 'nosmp' argument. Oops - overlooked the 486/686 difference initially.. When I spotted that, I tried installing the 486 kernel from the chrooted rescue media... Bingo - It booted all the way and I now seem to have a working (though at reduced functionality) system... X comes up fully and everything seems to work, except that I only have a uni-processor system now, which is a bit of a bummer... But this is progress, and hopefully a clue as to the problem... So now I wonder what kernel difference could be causing a problem on this particular system. Could it be a SMP problem, even though running the 686 kernel with 'nosmp' option still exibits the instability? Or does that mean it is some other difference between 686/486 kernel?? Any idea where I can go from here? I really would hate to have to settle for 50% of my processing power... I suppose I could try to lay my hands on an IDE drive and do a test install on that with the 7890 disabled. That would determine if the SCSI controller really is complicit in my problem. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re(OT): Fresh Etch netinstall problems...
OT: I've never had a SMP box. Do you find for normal desktop use that top shows the second processor actually doing anything? (I know you can't answer this for Etch until this problem is solved, but what about previous versions or other OSs (e.g. BSD). Doug. I have BSDI running on a dual processor Tyan motherboard, and xosview does show them both being quite well utilised. It isn't so important if you are only running a single processor intensive application (although even then it means that app can run at full speed while your interactive work remains nice and responsive) but with two processor intensive tasks (like an xserver processing screen updates for xosview whilst I'm compressing a movie) it is very worthwhile. This box is intended to be a server (SMB, HTTP, SMTP etc) as well as being usable as a workstation, so I think it would be worthwhile. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Fresh 7.10 netinstall problems...
I hope there are some experts out there that can offer some suggestions regarding a problem I am having installing Debian Etch (40r1-386-netinst downloaded on 23/10/07) on a Dell Precision 410 MT... Everything goes fine through the initial install, up to the point where I have to reboot using the freshly installed kernel on the hard drive. I can log in after the reboot, and everything looks ok, but when I then proceed to try and complete the install by adding other packages like 'xorg', things start going wrong... Either the package transfer fails after a few minutes with messages like E: Method http has died unexpectedly! segmentation fault or dpkg falls over during the installation of the package, eg /bin/sh: line 1: 2284 Segmentation fault /usr/bin/dpkg_preconfigure... I tried doing an 'apt-get update; apt-get upgrade' but the system did not survive long enough to get the updated kernel installed. It seems that the kernel used during the initial install was stable, but the kernel it installed on the hard disk is not. I tried adding 'nosmp' to the command line in case there were problems with that, but it made no difference. Any suggestions much appreciated. For anyone who has read this far - here are some more details about the target hardware: Model: Dell Precision Workstation 410 MT BIOS revision A08 CPU: 2xPIII 450MHz Video card: 3DLabs Oxygen GVX1 Ram: 1024MB Adaptec AIC-7890 BIOS DELL-V2.01.05 SCSI ID 0 COMPAQ DDRS-34560W ULTRA2-SE SCSI ID 1 SEAGATE ST173404LW ULTRA2-SE Adaptec AIC-7880 BIOS DELL-V2.01.05 SCSI ID 1 MATSHITA DVD-RAM LF-200 Primary IDE1ZIP drive Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Fresh 7.10 netinstall problems...
On Sat, Oct 27, 2007 at 07:40:27PM -0400, Douglas A. Tutty wrote: On Sat, Oct 27, 2007 at 05:30:49PM +0100, Digby Tarvin wrote: I hope there are some experts out there that can offer some suggestions regarding a problem I am having installing Debian Etch (40r1-386-netinst downloaded on 23/10/07) on a Dell Precision 410 MT... Everything goes fine through the initial install, up to the point where I have to reboot using the freshly installed kernel on the hard drive. I can log in after the reboot, and everything looks ok, but when I then proceed to try and complete the install by adding other packages like 'xorg', things start going wrong... Either the package transfer fails after a few minutes with messages like E: Method http has died unexpectedly! segmentation fault or dpkg falls over during the installation of the package, eg /bin/sh: line 1: 2284 Segmentation fault /usr/bin/dpkg_preconfigure... I tried doing an 'apt-get update; apt-get upgrade' but the system did not survive long enough to get the updated kernel installed. It seems that the kernel used during the initial install was stable, but the kernel it installed on the hard disk is not. I tried adding 'nosmp' to the command line in case there were problems with that, but it made no difference. For anyone who has read this far - here are some more details about the target hardware: Model: Dell Precision Workstation 410 MT BIOS revision A08 CPU: 2xPIII 450MHz Video card: 3DLabs Oxygen GVX1 Ram: 1024MB Adaptec AIC-7890 BIOS DELL-V2.01.05 SCSI ID 0 COMPAQ DDRS-34560W ULTRA2-SE SCSI ID 1 SEAGATE ST173404LW ULTRA2-SE Adaptec AIC-7880 BIOS DELL-V2.01.05 SCSI ID 1 MATSHITA DVD-RAM LF-200 Primary IDE1ZIP drive What kernel was installed? As soon as you login, type $ uname -a If the system is still up, send us: cat /etc/apt/sources.list You could use the install CD as a rescue system, choose run a command on the rootfs (or whatever it says); it runs your command chrooted to the system. Try aptitude there (thus with the installer's kernel). If that works, do a uname -a there and notice any difference. Needless to say, what you're experiencing shouldn't happen under any circumstances with Etch (stable). Doug. Hi Doug, Thanks for responding. Here are some more details I forgot to mention in my initial post: The initial install seems to require the 'aic7xxx.aic7xxx=no_probe' to complete properly. If I omit that then I get no error but the install completes much sooner and I assume was truncated by an unreported error, as much less software ends up being installed. After rebooting the system comes up with initd.rc aborting at some random place with a 'segmentation fault'. But I usually end up with a login prompt and can log in and execute commands. Errors are sporadic and unpredictable, and usually involve a command failing with a segmentation fault. But eventually I get a system lockup that requires a hard reset to recover from (CTL-ALT-DEL ignored, no key echo etc). Uname -a returns: Linux precision 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686 GNU/Linux and /etc/apt/sources.list contains: # # deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 20070820-20:21]/ etch contrib main deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 20070820-20:21]/ etch contrib main deb http://ftp.uk.debian.org/debian/ etch main deb-src http://ftp.uk.debian.org/debian/ etch main deb http://security.debian.org/ etch/updates main contrib deb-src http://security.debian.org/ etch/updates main contrib I have also tried adding the aic7xxx.aic7xxx=no_probe kernel option to /boot/grub/menu.lst as follows: title Debian GNU/Linux, kernel 2.6.18-5-686 root(hd1,0) kernel /boot/vmlinuz-2.6.18-5-686 root=/dev/sdb1 ro aic7xxx.aic7xxx=no_probe initrd /boot/initrd.img-2.6.18-5-686 savedefault But that produced no appreciable change. Is there anything wrong with the way I am doing it? I should also add that the Windows 2000 which was already installed when I got he system seems to run reliably, as does the obsolete Ubuntu 5.04. Newer versions of Ubuntu wont install - some giving me a blank screen after trying to boot the install media, others (including the latest 7.10 release) freeze if the adaptec AIC-7890 is not disabled in the BIOS (which prevents the install getting very far. Regards, DigbyT p.s. ignore the reference to 7.10 in the subject line. I meant Etch. I was getting confused with the most recent Ubuntu which I had also tried. -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
gcc docs and linking...
Just when I thought I just about had a Debian system that was complete enough to develop on without needing access to my older distros Does anyone know how to fix: [EMAIL PROTECTED]:~/work/audio$ man gcc No manual entry for gcc I have tried installing the gcc-4.1-doc package, but it didn't seem to help. I know man pages for gcc do exist, as all my other (non-Debian) systems seem to have them installed out of the box.. This is a Debian Etch system on a Fujitsu notebook. The immediate issue that led me to attempt to consult the man page (in case someone can point out where I am going wrong) was a problem statically linking the oggfile libraries. cc -lvorbis -lvorbisfile -static -o oggplay oggplay.o oggplay.o: In function `main': oggplay.c:(.text+0xe7): undefined reference to `ov_open' oggplay.c:(.text+0x2b6): undefined reference to `ov_info' oggplay.c:(.text+0x473): undefined reference to `ov_read' oggplay.c:(.text+0x48e): undefined reference to `ov_clear' collect2: ld returned 1 exit status make: *** [oggplay] Error 1 If I leave out the '-static' argument then the compile completes successfully (but using the shared version of the libs). As far as I can see, the static library exists and defines the missing symbols, for example: [EMAIL PROTECTED]:~/work/audio$ nm /usr/lib/libvorbisfile.a | grep ov_open 36e0 T ov_open 3470 t _ov_open1 2f90 t _ov_open2 3690 T ov_open_callbacks [EMAIL PROTECTED]:~/work/audio$ nm /usr/lib/libvorbisfile.a | grep ov_info 03e0 T ov_info Anyone see where I am going wrong there? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: gcc docs and linking...
On Tue, Jan 30, 2007 at 07:18:07PM +, Digby Tarvin wrote: Just when I thought I just about had a Debian system that was complete enough to develop on without needing access to my older distros Does anyone know how to fix: [EMAIL PROTECTED]:~/work/audio$ man gcc No manual entry for gcc I have tried installing the gcc-4.1-doc package, but it didn't seem to help. I know man pages for gcc do exist, as all my other (non-Debian) systems seem to have them installed out of the box.. This is a Debian Etch system on a Fujitsu notebook. The immediate issue that led me to attempt to consult the man page (in case someone can point out where I am going wrong) was a problem statically linking the oggfile libraries. cc -lvorbis -lvorbisfile -static -o oggplay oggplay.o oggplay.o: In function `main': oggplay.c:(.text+0xe7): undefined reference to `ov_open' oggplay.c:(.text+0x2b6): undefined reference to `ov_info' oggplay.c:(.text+0x473): undefined reference to `ov_read' oggplay.c:(.text+0x48e): undefined reference to `ov_clear' collect2: ld returned 1 exit status make: *** [oggplay] Error 1 If I leave out the '-static' argument then the compile completes successfully (but using the shared version of the libs). As far as I can see, the static library exists and defines the missing symbols, for example: [EMAIL PROTECTED]:~/work/audio$ nm /usr/lib/libvorbisfile.a | grep ov_open 36e0 T ov_open 3470 t _ov_open1 2f90 t _ov_open2 3690 T ov_open_callbacks [EMAIL PROTECTED]:~/work/audio$ nm /usr/lib/libvorbisfile.a | grep ov_info 03e0 T ov_info Anyone see where I am going wrong there? Just to answer my own question here, it appears that static linking is more fussy about the order of arguments, and also needs to have more libraries specified on the command line (to resolve references made by the linked in libraries... In my case, the following command line worked: cc oggplay.o -lvorbisfile -lvorbis -logg -lm -static -o oggplay Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: File encryption
On Sun, Jan 28, 2007 at 03:03:59PM +, Mark Crean wrote: If wonder if anyone's got experience or advice to share about a good way of using file encryption on Debian Etch? There seem to be a lot of different methods, but which one might suit the following: I only want to encrypt a single folder with personal stuff in it. Around 200 files or so. (The Truecrypt virtual disk/containers idea sounds ideal, but I don't want to use Truecrypt. It's not in the Debian repositories and I'm looking for something that has full Debian support.) I guess I could use pgp but I'm wondering if there is something else that offers the virtual disk/containers idea or similar. TIA :) Mark When I want to encrypt a single file I tend to use pgp. To enctypt an entire filesystem I use dm-crypt. For encrypting just a personal directory tree (which I think is what you want) I find that Matt Blaze's CFS works very well. I have been using it for over 10 years now , originally on a BSD system, without a problem. Once the daemon is running, anyone can create encrypted directories and mount/unmount them as required. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: VMware?
On Sun, Jan 28, 2007 at 12:20:56PM -0500, Carl Fink wrote: I just wanted to thank everyone who has contributed to this thread. I was about to start evaluating alternatives for virtual setups for two of my boxes, and you've collectively made my job much easier. -- Carl Fink [EMAIL PROTECTED] Just to add my 2c to this thread... I tried vmware a little while back, and was quite impressed by it as far as performance and usability went. I especially liked the way it was able to record changes to your virtual disks and allowed you to roll back to an earlier snapshot if something went wrong - invaluable for avoiding those regular re-installs if one has to run Windows, such as when some piece of software makes the system unstable or interferes with an existing application and doesn't uninstall properly! I also didn't mind the fact that it is commercial/proprietary - I don't object to paying for software if it is good and the developers need to make a living out of it. What I didn't like so much was the unavailability of source code, and the real killer for me was that certain aspects of the programming interface to the 'virtual hardware' were kept confidential, which meant I could not port unsupported O/Ss myself or do OS development and experimentation except in a reduced functionality mode. One such limitation that springs to mind was getting access to the full resolution video device. I havn't tried it since the free execution environment was released. Does anyone know if the full programming interface to the virtual hardware is still unavailable? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Reflection on Debian
On Thu, Jan 18, 2007 at 01:37:20PM +0100, Robert Tom??ek wrote: Hi. Is there somebody, who have ReflectionX connected to Debian. I was install Debian for placing developed web pages only, and without monitor. I can connect by Reflection for Unix and Digital via telnet, but if i try X (on debian is installed KDE package), there is after any minute past login, blank screen only. I use XDMCP broadcast method... Bob. Which XDM server are you using on your Debian box (xdm, gdm or kdm)? Whichever it is, have you enabled TCP connections? I don't use Reflection, but I connect to my Debian Etch using an external X-Terminal using gdm with no problem once I have uncommented the line DisallowTCP=false in /etc/gdm/gdm.conf Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Reflection on Debian
On Thu, Jan 18, 2007 at 01:59:59PM +0100, Robert Tomek wrote: I tried it once more and here is error log: debian:/home/rtomasek# cat .xsession-errors Xsession: X session started for rtomasek at ??t led 18 13:50:31 CET 2007 startkde: Starting up... QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used kbuildsycoca running... Server has no DPMS extension Xlib: extension XFree86-Misc missing on display 10.24.188.201:0.0. server does not have extension for r rate option QFont::setPointSize: Point size = 0 (-3) kdecore (KAction): WARNING: KAction::insertKAccel( kaccel = 0x80f27e8 ): KAccel object already contains an action name del X Error: BadValue (integer parameter out of range for operation) 2 Major opcode: 102 Minor opcode: 0 Resource id: 0x0 X Error: BadValue (integer parameter out of range for operation) 2 Major opcode: 102 Minor opcode: 0 Resource id: 0x0 QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used kio (KIOConnection): ERROR: Header read failed, errno=104 kio (KIOConnection): ERROR: Header has invalid size (-1) DCOP aborting call from 'anonymous-15674' to 'ktip' ERROR: Communication problem with ktip, it probably crashed. kicker: crashHandler called kded: Fatal IO error: client killed KWrited - Listening on Device /dev/pts/2 kdeinit: Fatal IO error: client killed kdeinit: sending SIGHUP to children. ksmserver: Fatal IO error: client killed ICE default IO error handler doing an exit(), pid = 15662, errno = 0 kdeinit: sending SIGTERM to children. kdeinit: Exit. klauncher: Exiting on signal 15 startkde: Shutting down... Warning: connect() failed: : No such file or directory Error: Can't contact kdeinit! startkde: Running shutdown scripts... startkde: Done. debian:/home/rtomasek# Reflection as old (ver.7) If you are seeing an xsession startup attempted, then I assume you successfully got an XDM login screen and entered a user name/password. Have you tried selecting something simpler than KDE as your session, such as fvwm or twm? If that works then you know it is a problem with KDE requiring some functionality that Reflection isn't providing. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to get those nice console fonts?
On Tue, Jan 16, 2007 at 02:00:53PM +0100, Daniel Haude wrote: Florian Kulzer wrote: I use vga=0x303 and that looks exactly like Knoppix's fonts on my terminals. However, I think this also depends on the kernel configuration options related to the console fonts. Here is what I have: $ grep -i font /boot/config-$(uname -r) # CONFIG_FONTS is not set CONFIG_FONT_8x8=y CONFIG_FONT_8x16=y (I use a self-compiled kernel, therefore I do not know how the stock Debian kernels are set up in that respect.) My stock kernel (2.4.27-3-k7) gives the same settings, but doesn't let me change anything. In fact it seems to ignore any of the vga= options, including vga=ask. Here's what I see in dmesg's output: Kernel command line: root=/dev/hda5 ro vga=4 hdc=ide-scsi hdd=ide-scsi vga=791 Initializing CPU#0 Detected 2104.783 MHz processor. Console: colour VGA+ 80x30 This is sad because it's a non-X system and I'd like to see some more info on the console screen. Thanks for any hints, I found by accident that I got a *much* nicer font when I rebuilt my kernel with a framebuffer driver. Otherwise I assume the system is using some 'lowest common denominator' graphics which provides limited font options. I still have to explore all of the other things one can do with the framebuffer driver, like the fancy graphics during boot that so many other distros come with as standard. A little superficial, but the sort of thing that is quite important if you want convince non-technical people that it is a professional quality system. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
curious USB hard drive problem
I have a 2.5 Toshiba MK1032GAX hard drive in a USB powered enclosure which doesn't seem to work properly with Debian. I'm wondering if anyone has ever seen anything similar, or has any ideas about what might be happening... The curious thing is that I am fairly sure that the drive is ok, because if I put it into an older (looks like the same product but with older PCB version) enclosure it boots without error. But if I plug the problem enclosure into a Windows system with the same hard drive installed it works fine, making it hard to justify returning the enclosure as faulty. I have also tried booting a different version of Linux (Foundry) from different media and it can access the drive without problem. Hence it is starting to look like an issue with this Debian kernel and this particular USB HDD enclosure. The symptoms I see are that the boot starts normally Lilo reads the kernel and initrd successfully The kernel reports the HDD manufacturer/model/capacity correctly Then... sda: assuming drive cache: write through SCSI device sda: 195371568 512-byte hdwr sectors (100030 MB) sda: Write Protect is off sda: assuming drive cache: write through sda:6usb 1-2 : reset high speed USB device using ehci_hdc and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 sd 0:0:0:0: SCSI error: return code = 0x0005 The Debian install is Etch using RC1 install and kernel 2.6.18-3-486. (the original 2.6.17 kernel behaves the same). Does anyone have any ideas of what might be missing from this particular enclosure that would effect Debian but not Windows or Foundry Linux? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: curious USB hard drive problem
On Mon, Jan 15, 2007 at 12:09:08PM -0400, David Garcia wrote: To my it happens to me the same. I have a card pci USB 4 ports with chipset VIA model VT6212L, and after of several days investigating I could not determine if is bug of kernel or is problem with the model of chipset. In the end I had to place another card pci with chipset old model VIA VT6202 and at least I fix the problem to me. I connect a hard disk Maxtor 320GB, usb 2.0. If beams rmmode ehci_hcd;modprobe ehci_hcd, fixes of temporary way the problem. I believe that is bug with module ehci_hcd because this are many happening to him the same. Excuses my ingles. Interesting - That does suggest that my problem is a Debian/Kernel compatability issue rather than faulty hardware. Wish I knew what had changed in the design of this particular enclosure to stop the newer pcb version from working. Some protocol enhancement that the Linux kernel doesn't like yet, or cutting a corner to reduce cost at the expense of compatability? Another clue I noticed is that if I boot a system from the internal (non USB) drive, using a non-Debian kernel with all AMDs patches for this chipset applied, I can plug in the USB drive and it works fine. But it it is plugged in before the booting then the drive is recognised but none of the partitions appear in /proc/partitions. I think I forgot to mention that this problem was occuring on an AMD Geode LX system. lspci shows the following devices on board: 00:01.0 Host bridge: Advanced Micro Devices [AMD] Unknown device 2080 (rev 30) 00:01.1 VGA compatible controller: Advanced Micro Devices [AMD] Geode LX Video 00:01.2 Entertainment encryption device: Advanced Micro Devices [AMD] Geode LX AES Security Block 00:0d.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 10) 00:0e.0 Network controller: Intel Corporation PRO/Wireless 2915ABG Network Connection (rev 05) 00:0f.0 ISA bridge: Advanced Micro Devices [AMD] CS5536 [Geode companion] ISA (rev 03) 00:0f.2 IDE interface: Advanced Micro Devices [AMD] CS5536 [Geode companion] IDE (rev 01) 00:0f.3 Multimedia audio controller: Advanced Micro Devices [AMD] CS5536 [Geode companion] Audio (rev 01) 00:0f.4 USB Controller: Advanced Micro Devices [AMD] CS5536 [Geode companion] OHC (rev 02) 00:0f.5 USB Controller: Advanced Micro Devices [AMD] CS5536 [Geode companion] EHC (rev 02) One last experiment I tried - I didn't have any other machine with a bios that could boot from USB HDD, but tried booting to this drive from my notebook by putting grub on a CD. Booted fine on the old enclosure, but with the new enclosure get: root (hd1,4) Error 21: Selected disk does not exist So it doesn't seem to be a problem limited to AMD chipsets. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: curious USB hard drive problem
On Mon, Jan 15, 2007 at 04:31:51PM +, Mihira Fernando wrote: On 1/15/07, Digby Tarvin [EMAIL PROTECTED] wrote: I have a 2.5 Toshiba MK1032GAX hard drive in a USB powered enclosure which doesn't seem to work properly with Debian. I'm wondering if anyone has ever seen anything similar, or has any ideas about what might be happening... The curious thing is that I am fairly sure that the drive is ok, because if I put it into an older (looks like the same product but with older PCB version) enclosure it boots without error. But if I plug the problem enclosure into a Windows system with the same hard drive installed it works fine, making it hard to justify returning the enclosure as faulty. I have also tried booting a different version of Linux (Foundry) from different media and it can access the drive without problem. Hence it is starting to look like an issue with this Debian kernel and this particular USB HDD enclosure. The symptoms I see are that the boot starts normally Lilo reads the kernel and initrd successfully The kernel reports the HDD manufacturer/model/capacity correctly Then... sda: assuming drive cache: write through SCSI device sda: 195371568 512-byte hdwr sectors (100030 MB) sda: Write Protect is off sda: assuming drive cache: write through sda:6usb 1-2 : reset high speed USB device using ehci_hdc and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 usb 1-2: reset high speed USB device using ehci_hcd and address 2 sd 0:0:0:0: SCSI error: return code = 0x0005 The Debian install is Etch using RC1 install and kernel 2.6.18-3-486. (the original 2.6.17 kernel behaves the same). Does anyone have any ideas of what might be missing from this particular enclosure that would effect Debian but not Windows or Foundry Linux? Regards, DigbyT Did you try it after installing hal and pmount ? The Debian install was done with the older (working) enclosure, so everything seems to be there. pmount and hal are installed - is there any configuration that needs to be done to try what you have in mind? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Multimedia docs..
Has anyone found any good references on multimedia programming applicable to a Debian/Linux system? I have the O'Reilly Linux Multimedia Guide, but having been published in 1996 is getting a bit dated now, and for audio only covers OSS and not ALSA. I have found using the online documentation a bit disjointed in the sense that you have to know what to look for and I keep finding out that there are better/newer ways of doing things after epending effort going in another direction. For instance knowing which interface to use, what libraries, sound daemons, etc... Would appreciate any suggestions if anyone has found anything they would recommend. Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Another Xorg in Etch question...
It looks like the X.org display driver for the AMD Geode LX I am installing on hasn't made it into a deb package yet - though I have found it in the list of requested packages here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400748 and what looks like the sources here: http://dl.exactcode.de/oss/xorg/ Can anyone point me at any instructions/tutorial/suggestions re what is required to get a driver going for hardware that is supported by Xorg but not yet by Debian? Has anyone else done it? The driver does appear to have made it into Ubuntu, but didn't find any debian packages (unofficial or Sid) with a google search - if anyone knows of a source that it missed, please let me know. Is it a case of installing the Debian Xorg source package and adding the relevent driver source to the tree and then doing a build? I am installing Etch, and in view of the current install problems have installed the following packages x-window-system-core x-window-system xserver-xorg-input-kbd/mouse xserver-xorg-video-vesa and done dpkg-reconfigure xserver-xorg. This seems to allow 'startx' to work, but I still havn't got to the point of getting the system to come up to an xdm login, so I suppose I have missed something :-( Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: small form factor recommendations
On Fri, Jan 05, 2007 at 03:44:34PM -0800, Andrew Sackville-West wrote: On Fri, Jan 05, 2007 at 06:40:13PM -0500, Roberto C. Sanchez wrote: On Fri, Jan 05, 2007 at 03:08:42PM -0800, Andrew Sackville-West wrote: Hi list, I've got to put in an additional system at work with a high-level of USB support (camera's, ugh). I'm looking for something that is a pretty small form factor as space is a definite consideration. I came I have an iBox Slim I got from iDot (http://www.idotpc.com) which is very nice, small and quiet. However, if I had it to do over, I'd get the iBox Crystal, which has space for two hard drives (the slim has space for only one), space for a regular optical drive (the slim requires a notebook style optical drive) and does not require a stand for vertical placement (since the crystal is rather square in profile). yeah, that looks nice. Do you have the flash drive option? and if so, can you boot off the thing? I have been using the A4F machines which are also mini-ITX based computers: http://www.mappit.de/a4fsite_englisch/ Plus points were that they were available in a solid state configuration (no flash, fans or other moving parts) and could be bought without Windows pre-installed. However for a really small formfactor and low price, I have recently been experimenting with the sumo thin client: http://wmltd.co.uk/index.php/products/nomachine_thin_client which has a AMD Geode GX533 or LX800 Processor. I am using the 1GB flash version with 100GB USB disk, but can be fitted with internal HDD. It has 4 USB ports and comes with Linux (Foundry) pre-installed as an embedded system for thin client use (xterm etc). I did a Debian install on the USB drive without a problem. If you really want very small formfactor, silent operation and low power, they seem very good. But probably not ideal for demanding applications like video compression. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: small form factor recommendations
On Sat, Jan 06, 2007 at 11:38:35AM -0800, Andrew Sackville-West wrote: I have been using the A4F machines which are also mini-ITX based computers: http://www.mappit.de/a4fsite_englisch/ Plus points were that they were available in a solid state configuration (no flash, fans or other moving parts) and could be bought without Windows pre-installed. Of course what I meant to say there was 'no HDD, fans or other moving parts'... However for a really small formfactor and low price, I have recently been experimenting with the sumo thin client: http://wmltd.co.uk/index.php/products/nomachine_thin_client which has a AMD Geode GX533 or LX800 Processor. I am using the 1GB flash version with 100GB USB disk, but can be fitted with internal HDD. It has 4 USB ports and comes with Linux (Foundry) pre-installed as an embedded system for thin client use (xterm etc). I did a Debian install on the USB drive without a problem. If you really want very small formfactor, silent operation and low power, they seem very good. But probably not ideal for demanding applications like video compression. A couple more good options, thanks. I've been doing some load testing using motion and a simple, cheap usb webcam. It seems pretty minimal. I can barely see the cpu monitor on my panel flicker when it fires up. I haven't checked it with tops yet, but it seems promising. I think I can probably run 4-5 of these off one little mini-itx box with ease. I probably won't even bother with the hard rive and just use nfs shares on another machine to store the video. for those interested, I found a nice little bit of mini=itx stuff at www.damnsmalllinux.org/store the prices aren't the best, but it does support a debian based project... If you don't need a hard drive or heavy processing power, then the minimal sumo would probably be ideal - with GX processor, 128Mb Ram and 64MB flash and Linux pre-installed is only GBP 179.00 here. My LX procesor currently shows up as follows: [EMAIL PROTECTED] uname -a Linux esfclient 2.6.11-geode-02.03.0100-wml-wmllx #30 Mon Nov 27 14:11:07 Local time zone must be set--see zic man i586 unknown [EMAIL PROTECTED] free total used free shared buffers Mem: 246260 101408 144852011128 Swap:000 Total: 246260 101408 144852 [EMAIL PROTECTED] df Filesystem 1k-blocks Used Available Use% Mounted on /dev/hda289216 89216 0 100% / tmpfs66560 232 66328 0% /tmp /dev/hda3 853240 1692808204 0% /etc/persistent The root filesystem as supplied on the flash is squashfs so always shows full. It certainly saves a lot of space on my desktop. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: small form factor recommendations
On Sat, Jan 06, 2007 at 04:18:45PM -0500, Roberto C. Sanchez wrote: On Sat, Jan 06, 2007 at 08:55:33PM +, Digby Tarvin wrote: Of course what I meant to say there was 'no HDD, fans or other moving parts'... The iBox that I have is the same way, except that I opted for two small case fans since I wanted a hard drive in there. If you don't need a hard drive or heavy processing power, then the minimal sumo would probably be ideal - with GX processor, 128Mb Ram and 64MB flash and Linux pre-installed is only GBP 179.00 here. Is the geode i486, i586 or i686 compatible? I have the Via C3 [0], which is technically i586, but doesn't implement a couple of the Pentium instructions, and so I must run a -386 kernel variant and I don't believe I can run a JVM on it (at least from sun). cat /proc/cpuinfo processor : 0 vendor_id : CentaurHauls cpu family : 6 model : 7 model name : VIA Samuel 2 stepping: 3 cpu MHz : 599.904 cache size : 64 KB fdiv_bug: no hlt_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu de tsc msr cx8 mtrr pge mmx 3dnow bogomips: 1196.03 I think the Geode is much the same - but I havn't seen any specific claim to Intel equivalent. The kernel supplied with it is 586. [EMAIL PROTECTED] cat /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 5 model : 10 model name : Geode(TM) Integrated Processor by AMD PCS stepping: 2 cpu MHz : 498.119 cache size : 128 KB fdiv_bug: no hlt_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu de pse tsc msr cx8 sep pge cmov clflush mmx pni mmxext 3dnowext 3dnow bogomips: 976.89 Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sat, Dec 30, 2006 at 04:59:40PM -0600, John Hasler wrote: Digby Tarvin wrote: So what puzzles me is why it is no longer in 'non-free', and if it was removed because of some objection to the licensing terms, surely there should be something documenting this? It may have been removed simply because no one was willing to maintain it any more. That often happens when a non-free package ceases to provide any functionality not available in a Free package. -- John Hasler Its not so much the removal of a package that disturbs me - it is the apparent lack of warning or explanation. It makes me rather reluctant to upgrade if some package that I have come to rely on might unexpectedly disappear - perhaps unnoticed until it is urgently needed... Another package I just noticed is missing since my dist-upgrade is xlockmore. I searched packages.qa.debian.org and all I found was what looks like an automated logging of the fact that the package is gone - no reason or dialogue that I can see: http://packages.qa.debian.org/x/xlockmore/news/20061119T233918Z.html Is there some mailing list I should be on to receive warnings about packages being considered for removal (assuming the disappearance was intentional)? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sun, Dec 31, 2006 at 11:56:07AM +0100, Florian Kulzer wrote: Is there any way to check the origin of an deb archive in my /var/cache/apt/archives? You could try dpkg-deb --info /var/cache/apt/archives/name-of-the.deb As far as I know there is no standard field to denote the origin of a .deb file, but maybe you will find a clue somewhere, e.g. in the Maintainer field. Here is what it says: new debian package, version 2.0. size 471666 bytes: control archive= 1534 bytes. 752 bytes,15 lines control 1300 bytes,22 lines md5sums 351 bytes,12 lines * postinst #!/bin/sh 293 bytes, 8 lines * postrm #!/bin/sh Package: xv Version: 3.10a-1duo+etch1 Section: non-free/graphics Priority: optional Architecture: i386 Depends: libc6 (= 2.3.5-1), libjpeg62, libpng12-0 (= 1.2.8rel), libtiff4, libx11-6, zlib1g (= 1:1.2.1) Suggests: xv-doc, gs Installed-Size: 1156 Maintainer: Fabian Greffrath [EMAIL PROTECTED] Description: An image viewer and manipulator for the X Window System xv is an interactive image manipulation program for the X Window System. It can operate on images in the GIF, JPEG, TIFF, PBM, PGM, PPM, XPM, X11 bitmap, Sun Rasterfile, Targa, RLE, RGB, BMP, PCX, FITS, and PM formats on all known types of X displays. It can generate PostScript files, and if you have ghostscript installed on your machine, it can also display them. Looks consistent with Debian 'non-free' to me. You could also check if you can find the .deb on snapshot.debian.net or with a google search. I have tried google, and whilest I have found the same deb package that I have (or derivatives) elsewhere, I haven't found any explanation as to why its gone - though I did find one site mirroring it because 'debian hates XV'...?? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Missing packages (was Re: update messages)
Further to the loss of 'xv', 'xearth' and 'xlock' after my recent 'apt-get dist-upgrade' of my etch system I tried adding deb http://ftp.debian-unofficial.org/debian etch main contrib non-free restricted To my '/etc/apt/sources.list', and this does give me an 'xv' package to try to install. However when I attempt to do so I get: fujitsu:/etc/apt# apt-get install xv Reading package lists... Done Building dependency tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. Since you only requested a single operation it is extremely likely that the package is simply not installable and a bug report against that package should be filed. The following information may help to resolve the situation: The following packages have unmet dependencies. xv: Depends: libx11-6 but it is not going to be installed E: Broken packages Which looks reasonable enough if there is an unsatisfied dependency, but fujitsu:/etc/apt# apt-get install libx11-6 Reading package lists... Done Building dependency tree... Done libx11-6 is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 14 not upgraded. Which leaves me thinking that apt-get hasn't really provided a sufficient explanation of why the installation couldn't be completed? Could it be that the message is just misleading and it really meant that libx11-6 is an incompatable version rather than simply not installed?? If it is a library version problem, then I assume the best solution is to find and install a debian source package for this application? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sun, Dec 31, 2006 at 07:31:04PM +0100, Sven Arvidsson wrote: On Sun, 2006-12-31 at 17:37 +, Digby Tarvin wrote: Here is what it says: [...] Maintainer: Fabian Greffrath [EMAIL PROTECTED] That says it all, doesn't it? Afraid the name doesn't mean anything to me. I have tried google, and whilest I have found the same deb package that I have (or derivatives) elsewhere, I haven't found any explanation as to why its gone - though I did find one site mirroring it because 'debian hates XV'...?? Didn't you see my link to the bug report about the removal, in an earlier message in the thread? Sorry, couldn't find the message you are referring to - was it posted under the same name? All I can find other than the the one I am replying to is 8113 OsL 12/28 [ 0] Sven Arvidsson (1.8K) Re: installing java (for limewire) 8142 OsL 12/28 [ 0] Sven Arvidsson (2.0K) Re: installing java (for limewire) 8212 OsL 12/29 [ 0] Sven Arvidsson (0.9K) Re: installing java (for limewire) 8271 OsL 12/29 [ 0] Sven Arvidsson (2.9K) Re: bridging eth1 to eth0 8405 NsL 12/31 [ 0] Sven Arvidsson (0.9K) Re: /dev/dsp missing 8406 NsL 12/31 [ 0] Sven Arvidsson (1.6K) Re: Looking for music player softw 8414 NsL 12/31 [ 0] Sven Arvidsson (1.6K) Re: Looking for music player softw Is there a history file/database somewhere where additions and removals from the official debian package repository are logged? Something which came back with 'removed on such and such a date for such and such a reason' would be so much more useful than a database which only mentioned packages that still existed. After all, if there is a philosophical objection to a package on some ground, removing it makes a much stronger statement if people know why it isn't there. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
xv resolved (was Re: update messages)
On Sun, Dec 31, 2006 at 11:55:38AM -0800, Andrew Sackville-West wrote: Its not so much the removal of a package that disturbs me - it is the apparent lack of warning or explanation. well, since it was removed from the official repositories in 2001: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98215 it is very unlikely that you successfully installed it from official repositories in 2006. you obviously installed it from another source. so technically, it was not Removed without notice. You have simply lost track of where it came from ;-P I don't remember doing it, but it looks like I must have done, so mea culpa on that one... Mind you - it still looks like xlockmore and xearth disappeared from the official packages with only an automated acknowledgement that they are gone rather than an explanation: http://packages.qa.debian.org/x/xlockmore/news/20061119T233918Z.html http://packages.qa.debian.org/x/xearth/news/20060610T210838Z.html And a were it not for those examples of things that had disappeared from the official packages I probably would have been less quick to jump to conclusions about xv ;) It makes me rather reluctant to upgrade if some package that I have come to rely on might unexpectedly disappear - perhaps unnoticed until it is urgently needed... that is the problem with using packages outside the official debian repositories. You got caught because a non-official package you were using has gotten out of sync with the official libraries that support it. best bet is to file a bug report with the group that is supplying the package. or use the source, luke. Don't want to sound like I am just complaining without offering anything constructive, so here is the solution I have found to obtaining xv for the current Etch system: 1. Visit http://bok.fas.harvard.edu/debian/xv/index.html and obtain: xv-3.10a.tar.gz xv-3.10a-jumbo-patches-20050501.tar.gz xv-3.10a-jumbo20050501-1.diff.gz 2. Make sure the following packages are installed xlibs-dev, dpkg-dev, libc6-dev, libtiff4-dev, libjpeg62-dev libpng-dev, zlib1g-dev, debhelper, libxt-dev 3. Follow the instructions on the URL as follows: tar -xvzf xv-3.10a.tar.gz mv xv-3.10a xv-3.10a-jumbo20050501-1 cd xv-3.10a-jumbo20050501-1 patch -p1 ../xv-3.10a-jumbo-fix-patch-20050410.txt patch -p1 ../xv-3.10a-jumbo-enh-patch-20050501.txt patch -p1 ../xv-3.10a-jumbo20050501-1.diff chmod 755 debian/rules dpkg-buildpackage -rfakeroot -uc -b cd .. sudo dpkg -i xv_3.10a-jumbo20050501-1_i386.deb sudo dpkg -i xv-doc_3.10a-jumbo20050501-1_all.deb It would be nice if that procedure could be bundled up into a debian source package if my understanding is correct and the problem with xv was that the licence prohibits distribution of modified binaries. Perhaps it is possible - I don't know enough about debian packages to know for sure. The good thing about that is the entire dist-upgrade requirement stemmed from my needing the X development libraries, and at least this exercise has verified my ability to build X applications now :) Now to see if I can find the other two applications that I lost in the process of the upgrade... Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sun, Dec 31, 2006 at 05:05:27PM -0800, Marc Wilson wrote: On Sun, Dec 31, 2006 at 05:31:59PM +, Digby Tarvin wrote: It makes me rather reluctant to upgrade if some package that I have come to rely on might unexpectedly disappear - perhaps unnoticed until it is urgently needed... Not to belabor the obvious, but no one seems to have pointed this out in the remainder of the thread... If you're using stable, there's no chance that a package is going to disappear from your box unless you deliberately remove it, or deliberately install something that conflicts with it and forces it off. See the definition of a stable distribution If you're using testing or unstable, implicit in that use is that you have a modicum of clue. If you have such clue, exactly how is this package going to disappear? You're actually going to be paying attention to what dselect, or apt-get, or aptitude (shudder), or synaptic, or whatever, tell you when you attempt to upgrade, and you won't give them permission to remove it. Aren't you? Actually yes, it was covered earlier in the thread, but to re-iterate: I agree it would have been better to start with stable having had no previous Debian experience, and I did attempt to, but it wouldn't install on my Fujitsu notebook. The Debian release system is very good in theory, but the rate at which hardware changes means that stable if often not usable on new hardware :( However even if I had been able to run on stable initially, at some point the disincentive to upgrade would have become relevent because upgrading would have involved moving to a new stable release (Etch), and at that point things could apparently disappear. Another package I just noticed is missing since my dist-upgrade is xlockmore. And there's the answer. Obviously not. Noticed *since* the dist-upgrade? Why didn't you notice *before* the dist-upgrade? It's not like you weren't told. For that matter, why did you give explicit permission to remove packages by using dist-upgrade in the first place? Again, it was covered earlier - but the upgrade was because I *needed* to install the X development libraries, and the only was to satisfy the dependicies after exploring all suggested alternatives was to go with the dist-upgrade and accepting the fact that I was going to lose some packages that I needed. (apparently xorg had undergone a significant modularity change since my last upgrade). As to xlockmore - I described the situation badly. Yes, xlockmore was listed as one of the packages that had to go, but I didn't recognise it as one that I routinely used. It was afterwards that I noticed that xlock was gone and then worked out that it was part of the xlockmore package (rather than an alternative package as I had mistakenly assumed). Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages (resolution)
On Sun, Dec 31, 2006 at 05:01:30PM -0600, W Paul Mills wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 None of these are easy to find, and not really what you are looking for, so I can see why it's a bit frustrating. Most likely the only way you will get it to install is compile it yourself. The license is fairly restrictive, therefore not in debian at all. For more info and downloads, go to the official site... http://www.trilon.com/xv/ I use it, but have had to recompile from time to time to keep it working. Thanks - as per my earlier post, I have built a new debian package from source, which did the trick. Perhaps the best solution would be to have a comprehensive debian package database into which not only listed the packages in the official archive, but for those applications which for whatever reason can't be in the archive can have entries donated outlining where to find them or how to build them (or even experiences from people that have tried to get it working and failed). As another contribution (in case anyone else finds themselves looking for it in the list archives) here is my recipe for installing xearth in current Etch: 1. Download from http://packages.qa.debian.org/x/xearth.html xearth_1.1-10.1.dsc xearth_1.1.orig.tar.gz xearth_1.1-10.1.diff.gz 2. tar -xvzf xearth_1.1.orig.tar.gz gunzip xearth_1.1-10.1.diff.gz cd xearth-1.1 patch -p1 ../xearth_1.1-10.1.diff chmod ugo+x debian/rules 3. edit debian/changelog and add an entry such as xearth (1.1-10.3) unstable; urgency=low * increment version number (10.1 - 10.3) to reflect recompile and avoid * conflict declaration in x11-common package -- Digby Tarvin [EMAIL PROTECTED] Mon, 1 Jan 2007 04:33:01 + 4. dpkg-buildpackage -rfakeroot -uc -b cd .. sudo dpkg -i xearth_1.1-10.1_i386.deb It worked for me, but please let me know if there is better way or something I should have done differently... Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Clone root partition
I did this only yesterday - but in my case I wanted a mirror image of the entire system, not just the root partition. The simplest most bullet proof procedure I could come up with was: 1. dd if=/dev/hda of=/dev/sda 2. vi /etc/fstab in the copy and 1,$s/hda/sda/ 3. either a. edit /boot/grub/menu.lst on the internal drive to add a boot obtion passing the USB root to the kernel or b. if your host supports USB booting, update the boot sector on sda to look for the stage 2 boot in the USB partition. I used for first option, so am not sure if I have covered everything required for a direct USB boot... I booted using the USB copy and everything looked to be working fine. Didn't use 'sync,noerror' in the dd operation because I count on having perfect media, and if I don't I want to know about it! Regards, DigbyT On Sat, Dec 30, 2006 at 05:45:34PM +, T wrote: Hi, I'm trying to compile a comprehensive document on cloning root partitions. My immediate goal is to clone my current working Linux to external USB HD, so that I can use it wherever I go. By comprehensive I mean it should not be as simple minded as dd if=/dev/hda2 of=/dev/sda2 or cp -a / /mnt/point or tar -p -m cf - / | (cd /mnt/point; tar xf - ) I know they work, but there are so many things have been left out. By comprehensive, I mean I want to know all relevant things that need to be considered. For example for dd, let alone its rigid limitation, if you use it, at least the 'conv=sync,noerror bs=4k' options should be used: sync,noerror just means continue and zero fill any error blocks, bs=4k just writes 4k at a time which will speed things up a lot. For cp, at least 'cp -ax' should be used. But there are still much more to it. First, directories that don't need to copy over, like /tmp, /proc. With modern Linux that uses udev, the /dev and /sys don't need to be copied either. Anything else (besides distro specifics like /var/cache/apt/archives)? 2nd, the clone partition should be made bootable, by grub or lilo. Anything else? Like the concerns of /etc/fstab... Last, with all the above concerns, how to achieve them with various tools? Keywords: tar rsync find cpio dd thanks PS. If you come across this message late, be it a week or even a month late, please do comment, I hope this thread can be a one stop place for people looking for concerns over cloning root partitions. -- Tong (remove underscore(s) to reply) http://xpt.sourceforge.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sat, Dec 30, 2006 at 03:41:31PM -0500, [EMAIL PROTECTED] wrote: On Thu, Dec 28, 2006 at 07:50:34PM -0800, Andrew Sackville-West wrote: On Fri, Dec 29, 2006 at 02:23:27AM +, Digby Tarvin wrote: On Thu, Dec 28, 2006 at 05:28:55PM -0800, Andrew Sackville-West wrote: And xv I havn't found at all in the packages database :-/ I can only vaguely recall xv. what is it? John Bradley's image viewer program. Probably frowned upon by Debian for being non-free, but I registered my copy years ago so I feel entitled to keep using it ;) oh yeah. not in deb. Then why is Debian trying to remove it if ti isn't a package? Could it be trying to remove another thing called xv, which I think is some X thing relating to video? -- hendrik I think I may have confused matters by not knowing exactly what the 'standard' Debian terminology is. To Clarify: 1. John Bradley's xv program was in the debian archive for Etch when I installed it back in April: /var/cache/apt/archives/xv_3.10a-1duo+etch1_i386.deb 2. It is not there now. 3. When I referred to it not being in the 'package database' I meant that I didn't find any mention of its existance (or removal) in http://packages.qa.debian.org/common/index.html which is where I had found messages referring to the removal of xearth. So what puzzles me is why it is no longer in 'non-free', and if it was removed because of some objection to the licensing terms, surely there should be something documenting this?? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Sat, Dec 30, 2006 at 11:37:01PM +0100, Sven Arvidsson wrote: So what puzzles me is why it is no longer in 'non-free', and if it was removed because of some objection to the licensing terms, surely there should be something documenting this?? Are you quite sure it was in the official Debian archives? I can only find it in the non-free section on debian-unofficial.org, and the package name seems to match. http://ftp.debian-unofficial.org/debian/pool/non-free/x/xv/ I also found this old bug from 2001, dealing with removing xv from the archive as distribution of modified binaries is prohibited. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98215 If so then I forgot to make a note of it, but I suppose in all the excitement of the initial install that is possible. Is there any way to check the origin of an deb archive in my /var/cache/apt/archives? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: What's the difference between a display manager and a window manager?
On Fri, Dec 29, 2006 at 10:56:30AM +0100, Misko wrote: On Thu, Dec 28, 2006 at 05:21:35PM -0500, Rick Thomas wrote: What's the difference between a display manager and a window manager? Maybe Rick wanted to ask (if not him than I am :) What is the difference between a desktop manager/enviroment (GNOME/KDE/XFce4) and a window manager (fluxbox/metacity/IceWm)? The concept of a 'window manager' exists as a well defined term in the X Window System. There is no 'Desktop Environment/desktop manager' defined in X11, so it has to be considered an application layer sitting on top of X11. A 'window manager' looks after the placement, stacking and decoration of root level windows, usually provides a few menus in the root window, and often includes libraries/style guide to assist in developing applications which are consistent and follow similar conventions and aesthetics. The 'desktop environment' like KDE/GNOME/MacOS/MSWindows includes a window manager (in the latter two examples hard wired into the OS) plus a suite of application programs with consistent GUIs intended to make a complete self contained easy to use work environment, usually designed to eliminate the requirement to use a command line shell and hence be more accessible to a broader customer base.. The terms are not always used consistently, and I am not aware of an 'official' definition of 'desktop environment', but the 'X Window System' documentation is pretty clear on exactly what is meant by the term 'window manager'. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Fri, Dec 29, 2006 at 09:47:20AM -0500, celejar wrote: On 12/28/06, Digby Tarvin [EMAIL PROTECTED] wrote: [snip] The page which I found indicating the removal of xearth from testing is http://packages.qa.debian.org/x/xearth.html but it doesn't give any explanation of why, and I am not sure where to look next. Should I be fetching the unstable version? Or would it be better to just install from source and forget the debian packages for this application? Did you see this [0]? Celejar [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382654 Sure, but unless I am misunderstanding the debian release process, that doesn't explain why it disappeared from testing back on June 10th, but the discussion you refer to which seems to have eventually resulted in removal from unstable didn't start till August 12th... I thought package removal was supposed to start in unstable and then seep back into testing when no dependant packages remained. Regards, DigbyT P.S. The reason I prefer xearth over xplanet is that something that is just decorating my root window (and letting me know if it is night or day outside) shouldn't be too resource hungry, and: [EMAIL PROTECTED]:~$ ls -l /usr/bin/xplanet /usr/bin/X11/xearth -rwxr-xr-x 1 root root 183640 2004-07-17 17:25 /usr/bin/X11/xearth -rwxr-xr-x 1 root root 996396 2006-11-26 11:18 /usr/bin/xplanet -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: lvm vs traditional partitioning
On Fri, Dec 29, 2006 at 11:06:38AM -0400, E0x wrote: i asking it because i was thinking in use lvm in desktop setup , and i can live with a harddisk lose and the data on it , but not with all data lost pd: i have some small HD On 12/29/06, Roberto C. Sanchez [EMAIL PROTECTED] wrote: On Fri, Dec 29, 2006 at 10:50:53AM -0400, E0x wrote: a question about lvm , if i have 3 harddisk in a lvm setup for save data , and dont have any raid setup , just lvm for make a big virtual HD , now on of the 3 HD goes damage i can start with the other 2 left and only missing the data that was copy in the 3 HD area ? That is only if you are very lucky. When you create a volume group or a logical volume, you can specify which physical volumes it should use for those, but that sort of defeats the purpose of LVM, which should handle those sorts of things for you transparently. Without RAID, you are really relying only on luck to keep your data safe. Do yourself a favor setup a RAID5 and run your LVM over that. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com I think (as Roberto implied) the answer in general is no. Losing one drive in a multi-drive LVM is a bit like losing a group of cylinders in a single drive. It depends on your partitioning scheme and the filesystem format - if you are unlucky all of your inodes could be on the failed disk and you lose everything. Not much better would be to have holes appearing randomly throughout your files. Only partitions which you know were not allocated any space on the failed drive would be safe and could be trusted. The one good thing is that unlike the situation with a single damaged or corrupted drive, in this case you would be able to determine fairly unambiguously which files were intact and which were damaged. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: X11 session over ssh, problem
On Fri, Dec 29, 2006 at 10:33:14AM +, Roger Morgan wrote: The problem is that I ssh to a server, and then try to run a program that requires an X display. I want it to use the X server on my workstation. It doesn't. It just does nothing. Details: Three machines on my LAN are relevant. Call the one I'm sitting at O, and the others A and B. O runs Sarge, A runs Etch, and B runs woody. From O, I can successfully use X over ssh on A; I do this on O: xterm -e ssh A then on A I can run stuff like xpdf and it opens a window on O, as expected. But if I do the same to B (i.e. xterm -e ssh B ), then try to run a program like xpdf which uses X, it doesn't work. xpdf just sits in the background, doing nothing, until some timeout occurs, then emits the error message: Cannot connect to X server localhost:10.0. The problem is not specific to xpdf, it's the same with any X program (but some emit additional error-message text). Here's the contents of /etc/ssh/sshd_config on B, excluding comments: Port 22 ListenAddress 192.168.1.9 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key UsePrivilegeSeparation yes PAMAuthenticationViaKbdInt no KeyRegenerationInterval 3600 ServerKeyBits 768 SyslogFacility AUTH LogLevel INFO LoginGraceTime 600 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes RhostsAuthentication no IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no PasswordAuthentication yes X11Forwarding yes AllowTcpForwarding yes X11DisplayOffset 10 PrintMotd no KeepAlive yes Subsystem sftp/usr/lib/sftp-server and here's the contents of ssh_config on B (comments stripped): Host * ForwardX11 yes The contents of files on O are presumably correct, since everything works when I do xterm -e ssh A The DISPLAY environment variable seems to be set correctly on B: echo $DISPLAY gives localhost:10.0 which is correct for redirecting an X session back to my workstation, it has applied the X11DisplayOffset from the config file correctly. The /etc/hosts file on B starts with: 127.0.0.1 localhost xauth is installed on B, and if I delete the .Xauthority file, it gets re-created when I ssh to B (as it should). The files /etc/hosts.allow and /etc/hosts.deny are empty except for comments on all these machines. The file ~/.ssh/config on B contains one line: ForwardX11 yes (the file does not exist on A, by the way). I can't think of anything else to check. Ideas, anyone? I would step back and just use 'ssh' from within the xterm rather than trying to create a new xterm and the ssh connection at once. Unlikely to make a difference in itself, but reduces the complexity of what is going on. Then pass '-v' or '-v -v' to ssh to see the details of the handshake, and check for differences between the working and non-working combinations. I don't have woody running anyware, so don't know if there are any issues with it. It might also be worth trying to ssh to each machine from itself to make sure that degenerate case is working. The last thing that springs to mind would be to swap the IP addresses (and locations if not on the same subnet) of A and B to determine if the problem is network related rather than a function of the installed software. Alternatively, boot identical operating systems on the two machines (perhaps a live CD) and confirm if the difference if due the the specific OS install rather than networking issues or issues with the way O is configured. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Fri, Dec 29, 2006 at 11:01:00AM +0100, Florian Kulzer wrote: On Thu, Dec 28, 2006 at 23:14:23 +, Digby Tarvin wrote: [...] I'm still stuck with the big red warning box complaining about the missing public key for multimedia.org after an update, and I'm still not clear if this is normal and expected (which would be annoying), or something specific to me (which would be worrying). If it is the former, I would have thought it would be better to just have some way of just not signing packages rather than signing with a key that can't be checked. Marillat's key is not part of the debian-archive-keyring package, therefore it is not added to apt's trusted keys automatically. You can download it from the usual public key servers or you can take it from the debian-keyring package. The latter method is more secure because the integrity of the debian-keyring package is checked by apt before installation. Once this package is installed you can run gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg -a --export 07DC563D1F41B907 | sudo apt-key add - (The first two options make sure that the key is taken from the Debian keyring; the rest tells gpg to export the key in ASCII-armored format, which can be piped to apt-key directly.) Ah - that did it. I already had the debian-keyring package installed, but didn't realise that last step was necessary to make the required key visible to apt... Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
One other thing that I am unsure about is that aptitude reports a number of packages being 'held back'. I havn't intentionally asked for this, could it have occured automatically or have I unintentionally done something when initially learning to use aptitude? Hugo is right, just fully backup the partition, if it will make you feel better. The 'held-back' refers to packages which have newer versions available but can't be installed because some dependency is not available. 'Dist-upgrade' is what you need to resolve some of these. You will at some point just have to do it and be prepared for the results. Personally, I've done many very large upgrades in sid with generally no problems. ymmv. Thanks - in that case I will give it a go. Just wanted to be sure everything looked normal before letting it run. I have had problems in the past after upgrades on gentoo which has led me to be reticent about updating software in advance of actually needing some new feature... Finally, if you aren't prepared to maintain the system properly to avoid these issues, maybe you shouldn't be running a more volatile set of packages like testing and focus on stable instead. no offense intended if so perceived. Point taken, and it was my intention to stick to stable for my first Debian install, but I was forced into Etch because the Toshiba Lifebook included hardware that needed drivers not included in stable. In fact even Etch hasn't managed to get everything working - but at least it allowed me to get most of what was working under a Ubuntu live CD also working in Debian. (I can survive with microphone and modem problems, but not a non-working X server..) Can you elaborate on what you consider to be necessary to 'maintain the system properly'? I recall reading somewhere that it was considered anti-social to update with excessive frequency, but I don't recall seeing any warning that using unstable involved a commitment to a minimum upgrade frequency. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 01:04:52PM -0500, Greg Folkert wrote: Reading package lists... Done W: There are no public key available for the following key IDs: A70DAF536070D3A1 W: GPG error: http://www.debian-multimedia.org etch Release: The following signa tures couldn't be verified because the public key is not available: NO_PUBKEY 07 DC563D1F41B907 W: You may want to run apt-get update to correct these problems install the debian-keyring and debian-archive-keyring That should take care of your issue. Once you do that, the keys will be in place and no W: (warnings) will be around. Thanks - that helped. But I am still being left with: Reading package lists... Done W: GPG error: http://www.debian-multimedia.org etch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907 W: You may want to run apt-get update to correct these problems I thought perhaps the 'NO_PUBKEY' signature name might imply that this was intentional - but if that is so then presumably everyone with the multimedia stuff in their sources.list should be seeing this warning?? Ign just means Ignore. Since the Release file isn't critical for now, it is no big deal. I tried upgrading 'aptitude' with apt-get install aptitude because my version didn't quite match the html documentation I just installed and am reading through, but now when I try to run the 'u[pdate]' command it crashes out with: aptitude: symbol lookup error: aptitude: undefined symbol: _ZN9pkgPolicyD2Ev which doesn't help my confidence :-/ I'm not sure if this new error was introduced by the upgrade or by the keyring install, as I didn't try between the two actions. I suppose I could just go ahead with a dist-upgrade and hope that resolves things (on the asumption that this error was just some slipup in the dependency management). Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 02:42:13PM -0500, Greg Folkert wrote: http://www.debian-multimedia.org/faq.html Actually I had read through that FAQ - that was where I got the (non-working) instructions on obtaining the PGP key for validating the multimedia signatures.. What was it you were trying to draw my attention to? It does say that 'apt-check-sigs' only works with apt-get 0.5.x, but I have never knowingly used 'apt-check-sigs' so didn't worry about that... Also, I literally hate aptitude. I'd rather use apt-get period. For me I do apt-get update apt-get -u dist-upgrade everyday, using Sid. Not really familiar enough to comment on their respective merits. I did see a comment from someone else recently indicating that they preferred to avoid 'apt-get install' because it gets the aptitude database out of sync. Anyway, I assume that either tool should be able to be made to work, and I should learn to use both before deciding to write one of them off :) Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 11:36:10AM -0800, Andrew Sackville-West wrote: Maintaining a system properly is, of course, subjective. If you use a volatile system and don't regularly upgrade, then you will have to face a massive upgrade and be prepared for the consequences. I bet those consequences are minimal at this time. My choice of words was unfortunate. I should have said something like if you aren't prepared to handle the massive upgrades involved in a more volatile system, maybe you should be running a less volatile one. I think that rather than letting aptitude loose to do everything it wants in one fell swoop, it might be more conservative to start with an apt-get update apt-get upgrade to get the easier updates done first, and then if that goes well follow up with a hopefully smaller apt-get dist-upgrade to deal with the remainder in a separate run. Then I can try running aptitude and hopefully it will have stopped crashing and can tell me what else it thinks is left to be done One of the things that bothered me about what aptitude wanted to do was that it included several packages it threatened to remove because they were 'no longer used'. I don't know how it decided this, as the list included packages like 'xv' and 'xearth' which I explicitly installed and definately use quite regularly Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 01:02:25PM -0800, Andrew Sackville-West wrote: as you know, running apt-get and aptitude can cause a database to get out of sync... Actually I have only recently become aware of this. I had previously just thought of aptitude as a menu based front end for apt, so I tended to use 'apt-get install' when I knew exactly what I wanted, and 'aptitude' when I needed to browse or couldn't remember the command to do something :-/ but your plan is not without merit. If you have previously used aptitude exclusively, you can do the same thing as above but s/apt-get/aptitude/g. aptitude update aptitude upgrade will give you the same behavior as apt-get... Ah, thanks. That is worth knowing. to get the easier updates done first, and then if that goes well follow up with a hopefully smaller apt-get dist-upgrade to deal with the remainder in a separate run. and then follow up with aptitude dist-upgrade Is that last line what is needed to get aptitude back into sync? If not, how is that achieved? Then I can try running aptitude and hopefully it will have stopped crashing and can tell me what else it thinks is left to be done I missed the bit about it crashing. what's happening? It only started happening after I had tried an 'apt-get install aptitude' to upgrade to the latest version (and co-incidentally after I had done the 'apt-get install' of the pgp keyring - so I am not certain which was responsible). What happens now is that after any attempt to issue a 'u' command in aptitude, I get an abort leaving me back in the command line (with a garbled display) and the error message: aptitude: symbol lookup error: aptitude: undefined symbol: _ZN9pkgPolicyD2Ev One of the things that bothered me about what aptitude wanted to do was that it included several packages it threatened to remove because they were 'no longer used'. I don't know how it decided this, as the list included packages like 'xv' and 'xearth' which I explicitly installed and definately use quite regularly run aptitude in interactive mode and manually mark those packages: aptitude then 'u' to update, 'U' to mark for upgrade, then 'g' to see what it want to do. scroll through and mark 'm' on those you want to keep, which should mark them as manually installed. you may need to '+' them as well, to keep them around. I have not been using aptitude long (having used apt-get exclusively before), but am learning that you can actually get it to do what *you* want with a little fiddling. Then it will generally respect what you want... So this behaviour could be the result of my having installed some applications using 'apt-get install' rather than aptitude, leaving aptitude unaware of them being manual rather than automatic installs? That would explain things. Thanks for the advice. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: What's the difference between a display manager and a window manager?
'plain old X11' included 'xdm' as the display manager, and 'twm' as the window manager. The 'display manager' is responsible for giving 'users' access to 'displays' - although in this context you could probably replace 'display' with 'X-terminal' as it really includes screen/mouse and keyboard as the resources managed. You don't need a 'display manager'. Many old X11 systems, such as Sun workstations, were managed by letting users log in via a normal text 'login' session, and then starting the X server manually by executing 'startx' (or openwin) at the command line prompt. The 'Window Manager' is responsible for implementing the 'look and feel' of your GUI, controlling such things as window placement, window title bars, some way to get applications started etc. The 'desktop' is a relatively new concept, of which 'window management' tends to be a subset. Having the window manager as a separate program is what allows X to configured to look like a Mac or MSWindows box, whereas with the other two you are stuck with the standard paradigm. You can work without a 'window manager' if you are running a dedicated application having total control of the display, such as an ATM machine. Regards, DigbyT On Thu, Dec 28, 2006 at 04:29:35PM -0600, Shawn Parker wrote: i could be wrong, but isn't the display manager simply the 'login screen? like gnome's gdm or x's xdm. the window manager is the minimal desktop. something like fluxbox or similar. although, i'm sure there is more to it than that...and probably a better explination. On 12/28/06, Rick Thomas [EMAIL PROTECTED] wrote: Showing my ignorance... (I'm an old command line guy who mostly just needs a simple console terminal.) Can anyone explain (or point me to a good document on) the following questions: What's the difference between a display manager and a window manager? Do I need both? Can you give some examples of each and explain their features/advantages/disadvantages? And how does any of this differ from plain old X11? Thanks! Rick -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- http://silolabs.net/~sparker/pubkey.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 02:45:56PM -0800, Andrew Sackville-West wrote: Is that last line what is needed to get aptitude back into sync? If not, how is that achieved? no, it won't. there are a variety of ways to do this. I prefer the method below where you watch for problems and fix them as they appear. There are several threads on this int he recent archives that detail other methods of solving this problem (I think they essentially mark *everything* as manual). Ah, ok. I'll guess I will just have to keep an eye on what aptitude says it wants to do and intervene if it isn't what I want... I think it was my initial ignorance of the problems of mixing apt-get and aptitude that lead to my initial inability to understand why aptitude wanted to do what it threatened to do, so I am glad I asked... Then I can try running aptitude and hopefully it will have stopped crashing and can tell me what else it thinks is left to be done I missed the bit about it crashing. what's happening? It only started happening after I had tried an 'apt-get install aptitude' to upgrade to the latest version (and co-incidentally after I had done the 'apt-get install' of the pgp keyring - so I am not certain which was responsible). What happens now is that after any attempt to issue a 'u' command in aptitude, I get an abort leaving me back in the command line (with a garbled display) and the error message: aptitude: symbol lookup error: aptitude: undefined symbol: _ZN9pkgPolicyD2Ev yuck. that sounds like a bug. does it do the same from command line? aptitude update Not sure, but the 'apt-get upgrade' which just finished seems to have fixed it - whew!. I'm still stuck with the big red warning box complaining about the missing public key for multimedia.org after an update, and I'm still not clear if this is normal and expected (which would be annoying), or something specific to me (which would be worrying). If it is the former, I would have thought it would be better to just have some way of just not signing packages rather than signing with a key that can't be checked. Anway, guess its time to hold my breath and see if the system still boots after the initial upgrade... Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
One of the things that bothered me about what aptitude wanted to do was that it included several packages it threatened to remove because they were 'no longer used'. I don't know how it decided this, as the list included packages like 'xv' and 'xearth' which I explicitly installed and definately use quite regularly run aptitude in interactive mode and manually mark those packages: aptitude then 'u' to update, 'U' to mark for upgrade, then 'g' to see what it want to do. scroll through and mark 'm' on those you want to keep, which should mark them as manually installed. you may need to '+' them as well, to keep them around. I have not been using aptitude long (having used apt-get exclusively before), but am learning that you can actually get it to do what *you* want with a little fiddling. Then it will generally respect what you want... So this behaviour could be the result of my having installed some applications using 'apt-get install' rather than aptitude, leaving aptitude unaware of them being manual rather than automatic installs? That would explain things. absolutely correct. keep on pluggin' away It seems I am not out of the woods yet. I just tried executing apt-get install libx11-dev which is the package I needed to install in the first place when I got distracted onto upgrading my system.. Amoungst the actions it threatened to do was: The following packages will be REMOVED gnome gnome-core gnome-desktop-environment gnome-doc-utils gnome-office lbxproxy libapache2-mod-php4 libapache2-mod-python proxymngr python-libxml2 python-newt python2.3-imaging-tk python2.3-tk skencil sketch totem x-window-system xdm xearth xfs xfwp xlibs xlibs-data xlockmore-gl xprint xserver-common xv xvfb yelp I was again disturbed by the threatened removal of some applications I know I regularly use (such as xearth, xv and totem), so I did some digging starting with 'xearth', and it seems that package has been removed from testing (but not stable or unstable) and the version I had installed (1.1-10.1) requires xbase 3.3.2.3a-2 which presumably conflicts with other packages which are required for for the libx11-dev package.. The page which I found indicating the removal of xearth from testing is http://packages.qa.debian.org/x/xearth.html but it doesn't give any explanation of why, and I am not sure where to look next. Should I be fetching the unstable version? Or would it be better to just install from source and forget the debian packages for this application? Not sure about the other packages - totem for example appears to have a newer version available, so I don't understand why the threat to delete it. And xv I havn't found at all in the packages database :-/ Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 05:28:55PM -0800, Andrew Sackville-West wrote: It seems I am not out of the woods yet. I just tried executing apt-get install libx11-dev which is the package I needed to install in the first place when I got distracted onto upgrading my system.. was this before or after a successful upgrade? After a successful upgrade, but I haven't yet attempted a 'dist-upgrade'.. Amoungst the actions it threatened to do was: The following packages will be REMOVED gnome gnome-core gnome-desktop-environment gnome-doc-utils gnome-office lbxproxy libapache2-mod-php4 libapache2-mod-python proxymngr python-libxml2 python-newt python2.3-imaging-tk python2.3-tk skencil sketch totem x-window-system xdm xearth xfs xfwp xlibs xlibs-data xlockmore-gl xprint xserver-common xv xvfb yelp you're losing all of X here. that's not good. are you running xorg or xfree86 still? there was a transition, to xorg, did you miss it? maybe the transition packages have already been pulled? you may have to go in and mark xorg for installation. aptitude shows: xserver-xorg 6.9.0.dfsg.1-6 as being installed, and isn't one of the packages listed for removal (but is listed for upgrade) There is quite a list of new packages to be installed - perhaps too much to post to the list. Here is a sample: The following NEW packages will be installed cdrdao epiphany-browser evolution-common evolution-data-server-common gnome-cards-data gnome-media-common gtk2-engines industrial-cursor-theme libavcodec0d libcamel1.2-8 libdbus-1-3 libdrm2 libecal1.2-6 libedata-cal1.2-5 libedataserver1.2-7 libegroupwise1.2-10 libexchange-storage1.2-1 libfontenc1 libglu1-mesa libgnome-media0 libgnome-window-settings1 libgnutls13 libgtop2-7 libgtop2-common libnautilus-burn3 libnm-glib0 libpisock9 libpostproc0d libtasn1-3 libtotem-plparser1 libx11-data libx11-dev libxau-dev libxdmcp-dev libxext-dev libxfont1 python-central python-gnome2-desktop python-pyorbit python-support type-handling wodim x11proto-core-dev x11proto-input-dev x11proto-kb-dev x11proto-xext-dev xbitmaps xfonts-encodings xfonts-utils xkb-data xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev xserver-xorg-input-kbd xserver-xorg-input-mouse xserver-xorg-input-synaptics xserver-xorg-input-wacom xserver-xorg-video-all xserver-xorg-video-apm the rest are all xserver-xorg-... I was again disturbed by the threatened removal of some applications I know I regularly use (such as xearth, xv and totem), so I did some digging starting with 'xearth', and it seems that package has been removed from testing (but not stable or unstable) and the version I had installed (1.1-10.1) requires xbase 3.3.2.3a-2 which presumably conflicts with other packages which are required for for the libx11-dev package.. The page which I found indicating the removal of xearth from testing is http://packages.qa.debian.org/x/xearth.html but it doesn't give any explanation of why, and I am not sure where to look next. Should I be fetching the unstable version? Or would it be better to just install from source and forget the debian packages for this application? well, its probably got bugs that prevent it from being included in etch. With etch frozen, I imagine you're sol for using it when etch goes stable, so you'll either have to backport it from sid or install from source. Either way, you'll probably have to let that one go. I suppose my own build from source with static libraries in /usr/local/bin should prevent future problems with it for some time. Not sure about the other packages - totem for example appears to have a newer version available, so I don't understand why the threat to delete it. I believe totem depends on gnome which you are losing altogether above. I don't really understand what is happening with gnome. I do seem to be getting some gnome related packages added and upgraded... And xv I havn't found at all in the packages database :-/ I can only vaguely recall xv. what is it? John Bradley's image viewer program. Probably frowned upon by Debian for being non-free, but I registered my copy years ago so I feel entitled to keep using it ;) Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
etch upgrade problems (was Re: update messages)
I'm now trying to work out why apt-get install libx11-dev results in apt wanting to delete a large number of X related packages... I noted that 'gnome' was one of the packages to be removed rather then upgraded to the latest version, so I tried to force an upgrade to see if there was some impediment to that: apt-get install gnome This produces the output: fujitsu:/var/log# apt-get install gnome Reading package lists... Done Building dependency tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. Since you only requested a single operation it is extremely likely that the package is simply not installable and a bug report against that package should be filed. The following information may help to resolve the situation: The following packages have unmet dependencies. gnome: Depends: gnome-desktop-environment (= 1:2.14.3.3) but it is not going to be installed Depends: gnome-office (= 1:2.14.3.3) but it is not going to be installed E: Broken packages I then repeated this for gnome-desktop-environment to find out why it is 'not going to be installed', and that produced: The following packages have unmet dependencies. gnome-desktop-environment: Depends: gnome-core (= 1:2.14.3.3) but it is not going to be installed Depends: nautilus-cd-burner (= 2.14.3) but it is not going to be installed Depends: fast-user-switch-applet (= 2.14.2) but it is not going to be installed E: Broken packages Next I try one of those dependencies (gnome-core) and get: The following packages have unmet dependencies. gnome-core: Depends: bug-buddy (= 2.12.1) but it is not going to be installed Depends: eog (= 2.14.3) but it is not going to be installed Depends: gedit (= 2.14.4) but it is not going to be installed Depends: gnome-applets (= 2.14.3) but it is not going to be installed Depends: gnome-control-center (= 1:2.14.2) but it is not going to be installed Depends: gnome-menus (= 2.14.3) but it is not going to be installed Depends: gnome-panel (= 2.14.3) but it is not going to be installed Depends: gnome-session (= 2.14.3) but it is not going to be installed Depends: gnome-terminal (= 2.14.2) but it is not going to be installed Depends: nautilus (= 2.14.3) but it is not going to be installed Depends: yelp (= 2.14.3) but it is not going to be installed E: Broken packages And finally: fujitsu:/var/log# apt-get install gnome-session Reading package lists... Done Building dependency tree... Done gnome-session is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 507 not upgraded. So does anyone have any idea why 'gnome-session' is a problem dependency for gnome-core (saying it is not going to be installed), when the lastest version (2.14.3-3) is already installed ??? I really can't follow what apt is complaining about here - are there any gurus out there that can explain why I can't upgrade to the latest gnome?? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update messages
On Thu, Dec 28, 2006 at 07:50:34PM -0800, Andrew Sackville-West wrote: was this before or after a successful upgrade? After a successful upgrade, but I haven't yet attempted a 'dist-upgrade'.. you might do that and see what it says. I was trying to find a way to ease into the dist-upgrade by explicitly upgrading a few of the more problematic packages explicitly... But it is looking like I might just have to let it run and see what happens. I'm doing a full backup now in preparation, so it will probably be tomorrow before that and the dist-upgrade attempt are all done... Thanks for the advice. I'll let you know what the result it. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
update messages
I am trying to get up the courage to update my debian etch system after a few months of neglecting to do so, but am dreading the thought of some mishap leaving the system unusable. The system was installed back in April, and is on a Fujitsu P7120, and aptitude produces quite a long list of things it wants to delete and upgrade, so I want to be cautious about telling it to go ahead. The first thing that gives me cause for concern is that the output resulting from a 'apt-get update' does not look very clean: Get:1 http://www.debian-multimedia.org etch Release.gpg [189B] Get:2 http://mirror.ox.ac.uk etch Release.gpg [378B] Hit http://www.debian-multimedia.org etch Release Hit http://mirror.ox.ac.uk etch Release Err http://www.debian-multimedia.org etch Release Get:3 http://www.debian-multimedia.org etch Release [5560B] Hit http://mirror.ox.ac.uk etch/main Packages Ign http://www.debian-multimedia.org etch Release Hit http://mirror.ox.ac.uk etch/main Sources Hit http://www.debian-multimedia.org etch/main Packages Get:4 http://security.debian.org etch/updates Release.gpg [189B] Hit http://security.debian.org etch/updates Release Hit http://security.debian.org etch/updates/main Packages Hit http://security.debian.org etch/updates/main Sources Fetched 5751B in 0s (7515B/s) Reading package lists... Done W: There are no public key available for the following key IDs: A70DAF536070D3A1 W: GPG error: http://www.debian-multimedia.org etch Release: The following signa tures couldn't be verified because the public key is not available: NO_PUBKEY 07 DC563D1F41B907 W: You may want to run apt-get update to correct these problems Are any of these messages things that should concern me? Why the 'Err', 'Ign' and 'W:' messages? My sources.list looks like this: deb http://mirror.ox.ac.uk/debian/ etch main deb-src http://mirror.ox.ac.uk/debian/ etch main deb http://security.debian.org/ etch/updates main deb-src http://security.debian.org/ etch/updates main deb http://www.debian-multimedia.org etch main The multimedia web site only mentions deb-src http://www.debian-multimedia.org sid main for sources - nothing specifically for Etch. Is it safe/desireble to add that to my sources list? I have tried adding the PGP key for the multimedia packages as per the instructions on the web site, but get: [EMAIL PROTECTED]:~$ gpg --keyserver hkp://wwwkeys.eu.pgp.net --recv-keys 1F41B907 gpg: requesting key 1F41B907 from hkp server wwwkeys.eu.pgp.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error One other thing that I am unsure about is that aptitude reports a number of packages being 'held back'. I havn't intentionally asked for this, could it have occured automatically or have I unintentionally done something when initially learning to use aptitude? Any advice or reassurance would be appreciated. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Linux friendly colour printer?
I'm after thoughts on the current best colour printer to go for (or sites I should consult for this information)... I don't do a lot of colour printing, so I don't care about speed or heavy duty construction. It is mainly for CD/DVD labels, and the occasional print of a digital photograph. Ability to print direct to a DVD/CD would be convenient, but not essential. Still quite happy with my old HP 5MP (which has performed flawlessly for years) for monochrome printing. Main requirements are: Works well with Debian/Linux, ideally with good documentation and a manufacturer that supports Linux directly, and all features accessible from Linux. Good print quality Plain paper and consumables that don't have too short a shelf life. Doesn't have to be the cheapest printer on the market, but I am not looking for a professional machine designed for heavy use either. Any suggestions? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mobile phone management utility
On Thu, Aug 03, 2006 at 04:32:50PM +0300, Jabka Atu wrote: deb http://mirror.hamakor.org.il/pub/mirrors/debian/ testing main contrib non-free deb http://mirror.hamakor.org.il/pub/mirrors/debian/ unstable main contrib non-free Rodolfo Medina wrote: Rodolfo Medina wrote: I installed `gumma' and tried it with a Nokia, but even this one didn't work: $ gammu --getmemory DC 1 Warning: No configuration file found! Unknown connection type string. Check config file. $ gnokii --getphonebook SM 1 GNOKII Version 0.6.5 Telephone interface init failed: Command timed out. Quitting. , so there must be something important that I'm missing. Can anyone point that out? Jabka Atu [EMAIL PROTECTED] writes: Rodolfo you could you use apt-get : apt-get update. apt-get install moto4lin. here is my policy for this package: debian:/home/mha13# apt-cache policy moto4lin moto4lin: Installed: 0.3+cvs20050925-2 Candidate: 0.3+cvs20050925-2 Version table: *** 0.3+cvs20050925-2 0 500 http://mirror.hamakor.org.il testing/main Packages 500 http://mirror.hamakor.org.il unstable/main Packages 100 /var/lib/dpkg/status Thanks. Could you please send out your /etc/apt/sources.list? Cheers, Rodolfo I have experimented with this, and have been able to use it to nevigate the filesystem and upload and download audio and image files, I still havn't found a way to upload/download the content of the phone book or backup text messages. Anyone have any idea how to do this? My phone is a Motorola C380. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Help in understanding XDMCP required
On Sat, Jul 29, 2006 at 08:34:09PM +0100, Alan Chandler wrote: In my house, I have two linux machines, both running debian. One, a server, acts as the firewall /gateway between my internal network and the external internet and runs sshd. I have a logon account on this machine. The other is my workstation, and runs KDM to allow me to logon and run KDE. I also have a (work provided) laptop running Windows XP, onto which I have installed Putty and Gygwin/X. When this laptop is on my home network, I can run up a remote session into the KDM logon using XDMCP, and effectively log into my workstation from the laptop. When I am outside my house, this is not possible directly, because of the firewall. I do have an open port, which allows me to SSH (using Putty) from my laptop into my logon account on the server, and I do have X-Forwarding enabled in the sshd on my server machine. I have been able, with a second ssh hop onto my workstation from the server (also forwarding X) to run individual X based applications so that the display is on the laptop, but I can't figure out how to get it to operate so the whole desktop gets displayed there. Is it possible? and if so How Sure it is possible, but probably unwise. Using XDMCP involves having the X server (on your laptop) asking the asking a display manager (in this case KDM) on the target host (your home workstation) to open and control the remote server using the X protocol. So to work the way you were doing from home would require opening up the xdmcp ports (177) on your router, and letting the workstation connect to an external X server. If you were using broadcast XDMCP requests, you will probably have to switch to using a specific IP, as broadcasts don't generally work except on a single LAN. In any case, running raw X packets over the Internet is is generally insecure, ant not adviseable. By displaying 'the whole desktop' I assume you mean having the window manager running on your workstation, with the login environment as configured there. You can probably do that via ssh with separate scripts to perform the same environment initialization that you get when logging in the the worstation using XDM. That would have the advantage of keeping the traffic encrypted. You might be able to fool KDM into managing the port forwarded display after establishing your ssh connection - it depends on the capabilities of you X server (I am not familiar with Windows apps like Gygwin/X). It would involve establishing an ssh connection without having a window manager already in control of your server, and adding the port forwarded server to your local managed server list, as the XDMCP wouldn't work. A neater way of being able to do exactly what you do from home would be to establish a VPN connection from the laptop to your home LAN. It takes a bit more configuration, but is secure and once done will give you the same capabilities as when you are at home. However I am no windows expert, so the only way I have done this when someone has wanted to be able to use Windows at the remote end was to use a router with the VPN code built in (in that case, a draytek). Someone else can probably advise what software only options are available for a windows platform. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Help in understanding XDMCP required (p.s.)
Another fairly easy approach I forgot to mention would be VNC, but in that would involve opening the appropriate port on your router, and replacing cygwin/X with a vncviewer on the laptop. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: USB serial adapters - resolution
On Fri, Jul 28, 2006 at 11:07:06AM +0200, [EMAIL PROTECTED] wrote: Hello Every USB to serial adapter I've seen so far is using these Prolific drivers. Seems it's same thing as for the USB to Bluetooth, a great majority is using the very same hardware. How many have you tried? I have tested two so far, and have seen two different drivers. The 'Prolific' as previously described for the Newlink device, and the device whose manufacturer I do not know, whose driver offers these different characteristics: Driver Provider:FTDI Date: 19May2006 Version 2.0.0.0 Baud Rates: 300-921600 Data Bits: 7,[8] Stop bits: [1],2 Flow control: Xon/Xoff,Hardwarre,[None] USB Transfer rates Rv: 64-[4096] USB Transfer rates Tx: 64-[4096] Latency timer(ms): 1-255 [16] Read Timeout (ms): [0]-1 Write Timeout (ms): [0]-1 Miscellaneous: Serial Enumerator (on), Serial Printer (off), Cancel if Power off (off), Event on surprise removal (off), Set RTS on close (off), Disable Modem Ctrl at Startup (off) The driver for the borrowed device was found by letting Windows search on the Internet - and connecting a Windows machine to the network is something I don't normally like doing.. It also results in the system being permanently lumbered with this driver - as doing an 'uninstall' of the driver doesn't result in a need for the network to be connected next time I plug it in :-/ My guess is that the USB devices can not provide details of their capabilities, but can provide a unique device identifier which can be matched with information provided by the manufactuerer (via a Windows driver). Can anyone familiar with the USB hardware interface or USB serial spec confirm or correct this? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: USB serial adapters - resolution
On Tue, Jul 18, 2006 at 12:10:54AM +0100, Digby Tarvin wrote: I have just tried connecting a USB serial adapter to my Debian Etch system, and happily it seems to have been recognised and worked right out of the box But these things seem to come with very little documentation, and what I havn't yet discovered how to interrogate it to find out what baud rates, formats or other stty options it supports (other than using trial and error)? Anyone know if this information can be found? Didn't get any takers on this, so I have done some more investigating, and my conclusions are as follows.. Having failed to find any way of determining device capabilities from within Linux, I decided to attempt to find out if the information was there to be found by plugging the device into a system running a less capable but more common operating system to see what it could tell me. The assumption being that it would have to be able to find it out in order to be able to provide the menu based configuration that its users depend on. What I found was that Windows seems to require a manufacturer supplied driver before it would talk to the device. That seems to answer the question, as the only reason that I can think of for requiring a custom driver for Windows for something with a sufficiently standard inferface to work out of the box with Linux is that that is the only way for windows to know the settings it can offer in the menus. As I didn't have a driver for the borrowed USB/serial adapter I was trying to use, and it didn't have any marking to identify a manufacturer, I bought a new one for GBP 13.00, which also worked fine on my Etch system. I loaded up the Windows drivers, and that identified the following capabilities (in case anyone is searching for information on compatible devices): Manufacturer: Prolific (driver 16/7/2003) Speeds: 75,110,134,150,300,600,1200,1800,2400,4800,7200,[9600], 14400,19200,38400,57600,115200,128000 Data Bits: 4,5,6,7,[8] Parity: Even,Odd,[None],Mark,Space Stop bits: [1],1.5,2 Flow control Xon/Xoff,Hardware,[none] Receive Buffer up to 14 Transmit buffer up to 16 So my conclusion is that whilst the Linux driver can operate the serial adapters, they ship with Windows drivers which are the only way the manufacturers make the capabilities/limitations available. That is probably the only reason why drivers are required when using these devices with Windows. In short, windows can't work it out either, so the information is provided in the form of a driver that Linux can't use.. One last thing I noticed about the one I bought (NEWlink USB Serial Adapter) was it came with a piece of paper called the 'quick installation guide' which basically told you how to install the windows driver, and said For more information, please refer to the Users Manual on the supplied CD-ROM but when I checked, there was no such manual. This is all there was: MAC MAC/MAC 10.1.x~10.3 MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/PkgInfo MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources/English.lproj MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources/English.lproj/PL2303_1.0.8b4.info MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources/PL2303_1.0.8b4.bom MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources/PL2303_1.0.8b4.pax MAC/MAC 10.1.x~10.3/PL2303_1.0.8b4.pkg/Contents/Resources/PL2303_1.0.8b4.sizes MAC/MAC 8X9X MAC/MAC 8X9X/ProlificUSBSerial.sit WINDOWS WINDOWS/DRemover98_2K.exe WINDOWS/PL2303.CAT WINDOWS/SER2PL.INF WINDOWS/SER2PL.SYS WINDOWS/SER9PL.SYS WINDOWS/SERSPL.INF WINDOWS/SERSPL.VXD WINDOWS/SERWPL.INF Nothing that looks like a user manual So in conclusion, Linux compatability seems pretty good, but if you have specific requirements there seems to be no way to tell if a particular device will do what you want other than to buy one, install it on a Windows machine (or presumably MacOS) to find out what its capabilities are, and then install on a Linux machine to verify that it is compatable. Or else to find a posting like this from someone who has already tried a particular device. (www.newlinkproducts.co.uk if anyone is interested, though I am not endorsing this manufacturer - if you find one that is more Linux aware, then let us know). Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Copy CD to disk + copy disk to CD + reuse
On Wed, Jul 19, 2006 at 08:14:34AM -0500, Hugo Vanwoerkom wrote: Hi, I have only 10 CD-RW disks that I use for mondoarchive. But I wanted to try Grml-0.7 on one of them. So I needed to save the contents of one of them and use that. So I found this site: http://www.yolinux.com/TUTORIALS/LinuxTutorialCDBurn.html So I did: 1. mount /cdrom 2. mkisofs -r -o 11.iso /cdrom Then I copied the Grml-0.7 iso to that CD-RW, tried Grml, and copied the mondo iso back on to it: cdrecord -v blank=fast speed=4 dev=ATA:1,1,0 11.iso Guess what? That CD-RW does not boot. What's wrong with the scheme? Thanks! H mkisofs is what you would use if the data was not already stored in iso format. If you wanted to create an exact duplicate of the original CD-RW, all you need is dd if=/dev/cdrom of=image.iso Then use cdrecord to put it back later. (replace /dev/cdrom with whatever device name you have for /cdrom in /etc/fstab). Look at all the options to mkisofs and that will give you an idea of all the things that could be different between the original and your copy. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: setting up partition before cryptsetup
On Wed, Jul 19, 2006 at 09:31:19PM +0700, Dave Patterson wrote: * [EMAIL PROTECTED] [EMAIL PROTECTED] [2006-07-19 12:02:42 -]: Do I need to make an extra, unused partition when I install Debian on a new computer, before I try to use cryptsetup to add an encrypted filesystem? It depends on how you want to do this. If you want a completely encrypted filesystem with swap, yes. A how-to here: http://www.debianhelp.org/node/1074 This one takes GRUB completely off the hard drive, and you boot Debian with a USB key. Modify it according to your tastes. As far as I know, the debian procedure requires encryption of whole filesystems. It is up to you how many of your partitions are encrypted. If you don't have at least one unencrypted filesystem on the disk then you will of course need some removable media to boot off. The /etc/crypttab file contains the list of encrypted filesystems to be configured (by default during boot) resulting in a new device with the unencrypted partition, which can then be mounted via an entry in /etc/fstab. In my opinion it is more secure to keep confidential data in a dedicated encrypted partition which is only initialised and mounted when really needed. If you are really paranoid, you can remove your network connection whenever the secred data is mounted. If you have the entire system encrypted and mount everything at boot, then your data is only safe with the computer is turned off. A hacker who gains root has everything... If you don't want to encrypt entire partitions, then look at CFS, which uses loopback NFS hooks to create personal encrypted file trees on a per user basis. Users can create their own encrypted directories without needing root access once it is installed. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: setting up partition before cryptsetup
On Wed, Jul 19, 2006 at 11:17:33PM +0700, Dave Patterson wrote: * Digby Tarvin [EMAIL PROTECTED] [2006-07-19 15:58:19 +0100]: In my opinion it is more secure to keep confidential data in a dedicated encrypted partition which is only initialised and mounted when really needed. If you are really paranoid, you can remove your network connection whenever the secred data is mounted. If you have the entire system encrypted and mount everything at boot, then your data is only safe with the computer is turned off. A hacker who gains root has everything... The flipside to that is the cracker that searches journals on journalled filesystems for sensitive data (keys for encrypted partitions, even the sensitive document itself). A healthy dose of paranoia is in order here. Look at how you plan to manage your encrypted data. I'm not sure that I see how any of the sensitive data would find its way into the journal of a an unencrypted filesystem? Unless of course anyone were silly enough to copy stuff there... Two extra caveats I neglected to mention is: 1. I create 'secure' users with home directories in the secure home partition. When I access secure data, I mount the partition and then have to log in as my secure alter-ego. This is very important to ensure that your browser caches etc are also encrypted. The secure users shouldn't have write access to any unencrypted filesystem, including /tmp, to prevent inadvertant data compromise. I use a swap backed memory based filesystem for /tmp - ramfs or tmpfs, I can never remember which is which :-/ 2. If the data is very sensitive, either encrypt your swap partition or disable it when the secure partition is mounted. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Anyone seen this?
On Wed, Jul 19, 2006 at 10:34:11AM -0500, John Mason wrote: unlink is not really a link... it's the name of the command. The unlink command really just means delete. Not a clue why they call it unlink and not delete but basically calling unlink on a file OR a hard link OR a symbolic link will remove the link/file. Actually it is the other way around. There is no command to delete a file - all you can do is decrement the inode link count. The file gets deleted as a side effect when the link count drops to zero. The only thing an 'unlink' is sure to remove is the directory entry. That is how hard links work. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Sequential background tasks
On Mon, Jul 17, 2006 at 06:36:55AM -0400, Gary R. Leaf wrote: hi I find that in many cases I need my background tasks to be executed in sequence. Ie, I need background task-b to start right after background task-a has properly started. So far I haven't found a good way to do it. I used task-a sleep 2; task-b but that 'sleep 2' has changed to 'sleep 5' and still sometimes task-b starts before task-a. I can raise the wait time, but it means that task-b would normally start too late... Any good way? thanks Set up a script that checks the return codes. if return code of task A is 0 then task B else do something else if rturn code of task B is 0 then task C else do something else and so on execute the controlling script in the background You don't need a script - just use the 'conditional and' operator of the shell: (cmd1 cmd2 cmd3) will execute cmd1 to cmd3 in sequence, aborting if any fail. If you don't want to abort on error, use ';' to separate the commands... from the 'sh' manpage: ``'' and ``||'' are AND-OR list operators. ``'' exe- cutes the first command, and then executes the second com- mand iff the exit status of the first command is zero. ``||'' is similar, but executes the second command iff the exit status of the first command is nonzero. ``'' and ``||'' both have the same priority. DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
USB serial adapters
I have just tried connecting a USB serial adapter to my Debian Etch system, and happily it seems to have been recognised and worked right out of the box But these things seem to come with very little documentation, and what I havn't yet discovered how to interrogate it to find out what baud rates, formats or other stty options it supports (other than using trial and error)? Anyone know if this information can be found? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Why?
On Wed, Jul 12, 2006 at 05:47:56PM -0600, Paul E Condon wrote: ... And -both- gdm -and- kdm can be told to start up either kdm or gnome. (xdm doesn't seem to have this feature.) Back when I first tried using it (around 2001) KDM presented a login box with the following items: Text entry box labelled 'Login' Text entry box labelled 'Password' Drop down menu labelled 'Session Type' which shows the currently active default when a user name is entered Along the bottom of the box were three buttons labelled 'Go!', 'Clear' and 'Shutdown', plus one drop down menu item labelled 'Menu' which by default just contained 'restart X server'. I don't know what version number this is, because it has no man page and the binary does not seem to have any strings to identify itself... Configuring the analog clock to the right of text entries produced something that worked well for me.. The only improvements I would really have made to this would be to get rid of the superfluous 'Go!' and 'Clear' buttons, and to add an 'XDMCP chooser' and maybe 'configure' option to the bottom menu. Later versions of KDM have gone down hill IMHO, because the selection of of desktop environment has been demoted to a bottom menu which does not provide an indication of the current default when the user name is entered. I for one change my desktop frequently according to what I want to do, and often log in using two different desktop (running X servers in two different virtual consoles simultaneously), so it was very useful to me to be able to see at a glance what the default desktop is going to be when I log in (I can't always remember what my last choice was) and it was more convenient when I wanted to change. A more prominently displayed desktop selection would also help make it obvious to inexperienced users that there is a choice if they don't like the default. I have also tried GDM, which similarly seems to assume that users will GUI monogomous. And no, the original XDM is very 'no frills' and assumes you need to log in to change your window manager. Perhaps it is time for an agnostic display manager which is totally independent of the two heavy desktops. Regards, DigbyT P.S. I wish the Debian community would be as intolerant of packages with inadequate documentation as they are about licensing issues. The two paramount concerns for me personally are source and documentation. Licence is a secondary issue, and I don't even object to paying a fair price if someone has done a good job and I am going to make good use of it... -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Run command on shutdown
On Wed, Jul 12, 2006 at 10:28:15AM -0500, Ron Johnson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Ott wrote: Hello Marco! What's the safest way to run a command on every shutdown? Create an init script and create a link into rc0.d rc0.d or rc6.d? If you look at the contents of /etc/rc6.d and /etc/rc0.d, by default they are identical except for the reboot and halt scripts: [EMAIL PROTECTED]:/etc/X11$ cd /etc/rc0.d [EMAIL PROTECTED]:/etc/rc0.d$ ls -l /tmp/0 [EMAIL PROTECTED]:/etc/rc0.d$ cd ../rc6.d [EMAIL PROTECTED]:/etc/rc6.d$ ls -l /tmp/6 [EMAIL PROTECTED]:/etc/rc6.d$ diff /tmp/6 /tmp/0 49c49 -rw-r--r-- 1 root root 353 2006-03-27 14:42 README --- -rw-r--r-- 1 root root 355 2006-03-27 14:42 README 58c58 lrwxrwxrwx 1 root root 16 2006-04-26 07:50 S90reboot - ../init.d/reboot --- lrwxrwxrwx 1 root root 14 2006-04-26 07:50 S90halt - ../init.d/halt So if you really only want to run your script on shutdown and not on reboot, then put it in rc0.d only. If you want it run on shutdown or reboot, then put it in both... Regars, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Shutdown my Laptop? Why should I?
On Wed, Jul 12, 2006 at 10:45:20AM -0700, Greg Ryman wrote: I would say to do a reboot and possible a file system check once a month to avoid corruption and unintended loss of data. Other then that, you don't need to reboot. I would also suggest a reboot any time you use apt to do an upgrade, or otherwise change or reconfigure your system. It is much easier to solve a booting problem if you can remember what has changed since it was last working... It is the same logic as for servers which run 24/7. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: encrypted filesystem that can be mounted remotely?
On Tue, Jul 11, 2006 at 05:00:56PM -, Anonymous wrote: I'd like to keep some of the data on my computer's hard drive encrypted, but not necessarily all of it. But I also need to be able to reboot the computer remotely and log into by SSH without the encrypted FS mounted, then mount the encrypted partition in the SSH session (from a trusted machine, of course) presumably by giving a sort of mount command and entering the passphrase. I've never used an encrypted FS before. Is what I want possible? What encrypted FS supports this? apt-get install crytsetup man 8 cryptsetup... The only customization you will need is to remove the link to /etc/init.d/cryptdisks from your start runlevel so that the system doesn't stop and request a password during the boot process... When your system has finished booting, log in and run /etc/init.d/cryptdisks enter the password, and finally mount the encrypted filesystem. In my opinion it would be better if cryptdisks actually did the mounting (as I believe /etc/init.d/boot.crypto does on SuSE). It seems in Debian there is an assumption that someone will be on hand to enter a password at boot time, so that the normal fstab 'mount -a' can be used to mount it. For me it makes sense to delay the mount, not just to avoid preventing a successful unatended reboot, but because if data is sensitive enough to store on an encrypted filesystem, it should only be mounted when needed... Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Force kill a process?
On Tue, Jul 11, 2006 at 08:19:42PM +0200, heba wrote: 2006/7/11, helices [EMAIL PROTECTED]: man ps Read this section: PROCESS STATE CODES thanks very much. But I've a question. Is it possible change the D state in other state that it is possible to kill the process? thanks again The kernel trumps any user process, including root, so no - if the kernel code doesn't want to exit, you can't force it (except of course by shutting down - because then it doesn't matter if the termination damages the system). The 'D' state is just a an indicator telling you that the process is suspended at some point in the kernel code where the author has decided it would not be safe to return prematurely. It is not the 'D' state that is stopping you from killing it - it just tells you that the kernel won't let you.. In general the 'D' state tells you that the process is suspended waiting on some I/O operation to complete, and the code doesn't allow for any way to exit earlier. As an example, if you issue a write request to a serial port when XOFF has been asserted, the system won't let the task exit until the write is finished. If this is just normal flow control, that won't take too long, but if it is being used as a screen pause by someone who has gone home, it could imply an arbitrarily long delay... Think of the 'D' state as saying The operating system will be damaged if the process is allowed to exit now. DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Editing run level S (was encrypted filesystem that can be mounted remotely?)
Leading on from the earlier posters question about configuring an encrypted filesystem that does not interrupt the boot process with a password prompt... Can anyone tell me what the 'Debian way' is to remove something (in this case 'cryptdisks') from runlevel 'S'? The relevent links are: /etc/rc0.d/K48cryptdisks /etc/rc6.d/K48cryptdisks /etc/rcS.d/S28cryptdisks Ultimately I just need to achieve the equivalent of rm /etc/rc[06S].d/*cryptdisks but in a way that won't fall faul of the APT system.. I am sure I have seen 'update-rc.d' suggested in the past, but the manpage warns: Please note that this program was designed for use in package main? tainer scripts and, accordingly, has only the very limited functional? ity required by such scripts. System administrators are not encouraged to use update-rc.d to manage runlevels. They should edit the links directly or use runlevel editors such as sysv-rc-conf and bum instead. indicating that it isn't the approved way to do it.. I tried the graphical runlevel editor 'bum', but it gives a message stating: Editing in run level S is not allowed! Playing with rcS.d symlinks is an administration activity requiring deep knowledge of the runlevel system. (it also bus-errors when I try to run it on a remote Xterm, but that is another story...) Finally, I tried using 'sysv-rc-conf', and it seems that it did allow me to deactivate cryptdisks - although not by just removing the links, but instead changed the /etc/rcS.d/S28cryptdisks symlink to /etc/rcS.d/K48cryptdisks which I suppose has the desired effect, although I am not clear on the logic behind doing it this way... Does anyone know what is 'best practice', and what the logic is behind the way things are being done? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Another thread about a non-killable process
On Tue, Jul 11, 2006 at 12:26:57PM -0800, Joshua J. Kugler wrote: On Tuesday 11 July 2006 12:18, Michael Marsh wrote: On 7/11/06, Joshua J. Kugler [EMAIL PROTECTED] wrote: Win32? Huh? This is a Debian system. Proftpd is locked (won't accept connections, even though it shows listening on *:ftp. Does it respond to kill -HUP? Nope, or to 3, 6, or 11. So, yeah, I'm down to trying random things. :) 'kill -9' is the biggest gun you've got - if that doesn't work, then nothing will. If it won't die, then it is stuck in a kernel mode loop, which usually means a bug in a driver somewhere. I can't think of legitimate reason for a process to get into that state... Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to redirect sound
On Thu, Jul 06, 2006 at 02:10:42PM -0400, Joe Smith wrote: Lubos Vrbka [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] belahcene abdelkader wrote: Hi, every body I am using a set of thin client (neoware) connected to a llinux server, I want to redirect the audio to the client. It exists probably the way to do that in same way as the image. i mean the user logs on a thin client on the remote server, and he receives the graphics on his terminal, ( the xdm does this in fact). the question is : there a procedure to redisrect the sound to the sound devices on the thin client instead of running it on the server? i am sure you can use esound (enlightened sound daemon) to perform this task. i have, although, never done that. so my only advice would be to I can confirm this. I have used ESD under cygwin for this porpose. Actually the remote machine was a VMware virtual machine running on the client computer, so I don't rember why I did not just let VMware take care of the sound, but I can definately confrim that it works. Isn't ESD and the like more intended as a way of sharing a sounds device between several applications? I am using an original 'thin client', in the form of an NCD X terminal, at the moment, and the solution there is an audio architecture called NAS which works almost the same way as X. It works very well, but the applications have to use the special libraries which map audio calls to network packets (the same way Xlib translates calls to it into network packets). If you don't have source to your application, there are workarounds such as using a library wrapper which intercepts open calls which reference /dev/audio - I think this is what facilities like ESD do. I used this to get skype going on my NCD at one point. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Using remote apps on local X server
On Tue, Jul 04, 2006 at 11:35:53PM -0500, Damon L. Chesser wrote: Bob Smither wrote: This must be a FAQ, but I could not stumble upon a solution. With other Linux boxen, I can ssh -X into them, then run X apps on the remote with local display. On a newly installed Sarge Debian box, doing this results in the following error: Gtk-WARNING **: cannot open display: Any suggestions as to why I can't run the remote app and see it locally? Thanks! You will need to set the DISPLAY variable and export it. I don't know what you set it to, but I do know you will have to export DISPLAY serverx: X,XX here = display and serverx=name or ipaddress of the desired server (such as 192.168.2.4: 0,0. I have just exhausted my knowledge of the matter as I don't play with exporting displays, but I hope that helps, and at the very least, get you on the right track. This would be correct for traditional X sessions without ssh, but I don't think you quite understand the mechanics of port forwarding with ssh as specified by the original poster. The traditional method is OK on local LANs, but on the Internet is insecure and usually foiled by NAT and/or firewalls. With port forwardign the ssh daemon creates a port on the remote host and forwards all traffic to and from that port back via the client to the local X display. The DISPLAY environment variable should be created automatically, and be configured to point to a unique display number on the remote host, so the real IP address of the X server is not required. For the original poster, I would suggest you check that DISPLAY has been setup correctly, and use 'netstat -a' for the existance of the associated port. For example, I just executed ssh -X voyager2 and got a shell giving me [EMAIL PROTECTED]:/home/digbyt echo $DISPLAY voyager2:10.0 The display number '10' means that the port number will be 6010 (ie the port number 6000 + n), and netstat shows: tcp0 0 *:6010 *:* LISTEN If things don't look right, and you are sure the port forwarding is enabled in your config files, then check the sshd logs for indications of what is going wrong. If it looks ok, try running 'xdpyinfo' to check communication with the server, just in case it is an application compatability issue. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Driver for I915 GM graphics card in LINUX DEBIAN...plz help
On Mon, Jun 19, 2006 at 12:38:54PM -0700, Sajid Ayaz wrote: I am really sorry . i am a newbie to linux ..but still after a lot of help that add ubuntu sources list in the source list file after downloading the i dont know how to substitute the vesa driver..with the i810 and there was some site where the proper editing of xorg.conf file was given i did add and delete according to that but still the x server coudnt find my screen i tried a lot but in vain i cudnt succeed.could somebody explain me step by step Digby Tarvin [EMAIL PROTECTED] wrote: I have a Fujitsu notebook with the same chip. The driver in etch works fine, though you might need to install the '915resolution' utility if your display resolution is non-standard and you want to use the highest resolution. If you don't want to use etch, then you might be able to use the 'vesa' driver in Sarge. It definately worked for me on some of the systems that didn't support the correct driver, though it will probably mean sacrificing some resolution or acceleration. Regards, DigbyT On Sun, Jun 18, 2006 at 06:50:49AM -0700, Sajid Ayaz wrote: hi, I own a dell inspiron 6000 with standard hardware. It comes with a Intel 915 GM graphics card. I installed Dedian Sarge DIstro on my dell Laptop. the X server is not starting as it gives me an error on the screen and gives a prompt of not recognizing my Graphics card i.e. the startx command is not working or help me with some driver installation for this graphic card. Can anybody suggest me the way to get debian started (desktop environment) on my laptop and I am a newbie as well to linux. I have tried the DELL forums but no support. But i can manage the problems so please help me and will be greatly appreciated.. THanks You seem to have sent your reply directly to me - you probably want to direct it back to the list to have a better chance of finding someone with the solution to your problem. To switch to the vesa driver should just be a case of changing a line in /etc/xorg.conf, replacing the string 'i810' with 'vesa'. If that fails, check the output of the x server log file for error messages, and if you can't work out what it wrong from there, try posting the relevent content to the list. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to find play length of .ogg file using python?
On Wed, Jun 14, 2006 at 11:19:08AM -0700, Marc Shapiro wrote: I am writing a program using pygame to play musical sound cues. I need a way to determine the play length of a sound file. I can get the length of .mp3 files with python-pymad. I have also installed python-pyogg and python-pyvorbis. It seems that I should be able to get the length of .ogg files with one of these packages, but the documentation and examples do not show how. I have googled for these packages and basically have found that documentation does not seem to exist, yet. It was suggesated to check the docs for libvorbis, but I haven't been able to find this, either. The output of VorbisFile.info() seems to be an object with various attributes, probably including the play length, but the only attributes shown in the example are channels and rate. The module is a .so file, so I can not look at python source to determine the other attributes and I would rather not have to download C source code and plow through that. Is there a list of the attributes for this object, somewhere? Can anyone give me an easy way to find the play length of an .ogg file, or point me to where the documentation exists. I would take a look at the source for the 'ogginfo' command, or if performance is not important, just parse its output: [EMAIL PROTECTED]:/home/digbyt ogginfo /home/digbyt/work2/... filename=/home/digbyt/work2/localize/testdata/alphabet.ogg header_integrity=pass stream_integrity=pass file_truncated=false version=0 channels=1 bitrate_upper=-1000 bitrate_nominal=128000 bitrate_lower=-1000 bitrate_average=84458 length=59.443084 playtime=0:59 -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Audio CD problems..
On Fri, Jun 09, 2006 at 09:43:04PM -0700, Christopher Nelson wrote: On Fri, Jun 09, 2006 at 07:55:01PM +0100, Digby Tarvin wrote: snip about DAE That seems to explain my playout problems. The remaining issue, which seems to be unrelated, is my inability to rip... have you tried using 'abcde'? it seems more fault-tolerant than KAudioCreator was on my system. it also may give you more info on the problem? (haven't had a problem ripping w/ it, so I don't know it's error output) No, I wasn't aware of it. But I have tried it now, and it does indeed seem to work a whole lot better than the KDE one. I guess my Laptop just doesn't like these KDE tools It would be nice to get to the bottom of why the default ripper doesn't work some time, but at least I have something that works. Thanks for the suggestion. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ejecting CD in a program....
On Sat, Jun 10, 2006 at 10:02:17AM +0200, Philippe De Ryck wrote: On Fri, 2006-06-09 at 23:17 +0100, Digby Tarvin wrote: Anyone know the reason for this mysterious behaviour?: I am writing a little application which has to wait for a CD to be loaded into the drive, obtain some data from the CD, and then eject it ready for the next one What I have found is that if there is initially no CD in the drive, the program waits successfully, but fails to eject. If there is an initial CD in the drive it does not need to wait, and the eject succeeds.. With a little trial and error, I have found that closing and re-opening the device before the eject can solve the problem, but ONLY with a sleep between close and open. If I leave the device open, then no amount of sleeping before the eject will help... ... Hi, No solution here, but maybe you could check out the source of the command eject? This works pretty good, so maybe you find some clues in there. Thanks for the suggestion, but the subset of things that eject does also seem to work fine in my code, so I don't think it will shed any light on what is happening. To reproduce the conditions that cause the problem I am seeing, eject would need to have a mode where it could be told to wait for a CD to be inserted into a currently empty drive, and then eject it. Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Target filesystem
On Fri, Jun 09, 2006 at 09:04:39AM -0400, Brent Clark wrote: Jon Dowland wrote: At 1149839151 past the epoch, Brent Clark wrote: I seem to be experiencing problems booting up (Thank goodness for Knoppix) There are a host of errors, but the end message is: Target filesystem doesn't have /sbin/init /bin/sh: can't access tty; job control turned off If you boot to knoppix and mount said filesystem, are sbin/init and /bin/sh present? Hi Jon [EMAIL PROTECTED] sudo mount /dev/hdb1 /mnt [EMAIL PROTECTED] ls -la /mnt/ | grep bin drwxr-xr-x2 root root 4096 Jun 9 02:27 bin drwxr-xr-x2 root root 4096 Jun 9 02:27 sbin [EMAIL PROTECTED] ls -la /bin/s sash sedsetpci setserial sh sleep stty su sync [EMAIL PROTECTED] ls -la /bin/s* -rwxr-xr-x 1 root root 551064 Feb 5 2005 /bin/sash -rwxr-xr-x 1 root root 41336 Feb 10 2005 /bin/sed lrwxrwxrwx 1 root root 15 May 3 2005 /bin/setpci - /usr/bin/setpci -rwxr-xr-x 1 root root 20816 May 25 2005 /bin/setserial lrwxrwxrwx 1 root root 4 May 26 2005 /bin/sh - bash -rwxr-xr-x 1 root root 14424 Jul 16 2004 /bin/sleep -rwxr-xr-x 1 root root 36856 Jul 16 2004 /bin/stty -rwsr-xr-x 1 root root 23248 Jul 25 2005 /bin/su -rwxr-xr-x 1 root root 12216 Jul 16 2004 /bin/sync [EMAIL PROTECTED] ls -la /sbin/ini* -rwxr-xr-x 1 root root 50816 Sep 23 2005 /sbin/init [EMAIL PROTECTED] /bin/sh is a symbolic link, so you will need to verify that /bin/bash exists as well - but I suspect that is not the problem... Looks more like a problem with booting to the wrong filesystem. We probably need to know what the first few error messages were rather that the final result. Have you changed to boot config recently? What is the kernel command line? DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Audio CD problems..
I am experiencing a strange problem accessing audio CD's on Fujitsu P7120 running Etch using the internal CD/DVD drive. Kernel is 2.6.15. I just tried playing an audio CD, which I wasn't expecting to have trouble with because I know my audio is working (I have been playing WAV files using xmms and movies using totem from the HDD just fine, and the CD seems ok as I can mount data CDs and DVDs with the CD/DVD drive. However if I attempt to play an audio CD using KsCD, it displays the track name and duration correctly and the counter counts up plausibly, but no audio is produced, even with all faders fully up. If I attempt to rip a track using kaudiocreator it performs its freedb.com lookup successfully and displays the tracks, but the rip failes. Using KDE or GNOME I get an error box stating: The file or folder /Wav/Track 01.wav does not exist regardless of the encoder setting or default temp directory. If I run it under fvwm, I see the same error box, and in the xterm window see the messages: [EMAIL PROTECTED]:~$ kaudiocreator kbuildsycoca running... Launched ok, pid = 7431 Checking /dev/cdrom for cdrom... Testing /dev/cdrom for cooked ioctl() interface /dev/scd0 is not a cooked ioctl CDROM. Testing /dev/cdrom for SCSI interface generic device: /dev/sg0 ioctl device: /dev/scd0 Found an accessible SCSI CDROM drive. Looking at revision of the SG interface in use... SG interface version 3.5.33; OK. CDROM model sensed sensed: MATSHITA DVD-RAM UJ-832S 1.01 kio (KIOConnection): ERROR: Header read failed, errno=104 kio (KIOConnection): ERROR: Header has invalid size (-1) I have tried an external USB CD/DVD, but KsCD produces the same result, which seems to indicate that it isn't a drive specific problem. One last clue, when I am attempting to rip a track, I see messages such as the following in /var/log/messages: sg_write: data in/out 56/56 bytes for SCSI command 0x12--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 26/26 bytes for SCSI command 0x5a--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly sg_write: data in/out 12/12 bytes for SCSI command 0x43--guessing data in; program kio_audiocd not setting count and/or reply_len properly Anyone have any idea what might be going on here? Regards, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]