Re: Which programming Language
On 02/06/2009 11:25 AM, Abdelkader Belahcene wrote: which is better. Similar to: what is the best ice cream flavor? what is the best car? :) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: dialing modem as normal user
On 01/23/2009 08:53 AM, Eugene V. Lyubimkin wrote: Umarzuki Mochlis wrote: How do i give permission to normal user to dial my 3g modem since wvdial can only be invoked by root. correct me if I'm wrong. Incorrect - 'ls -l /usr/bin/wvdial' - exec by all. Add yourself to 'dip' group? Correct, but just to help the OP understand why this works - wvdial is executable by all, but it's just a wrapper around pppd. pppd is setuid root and executable by the 'dip' group - 'ls -l /usr/sbin/pppd' -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: RT2560F wireless
On 01/21/2009 02:55 PM, Kevin Philp wrote: I have been using a computer with a wireless card with an RT2560F chip that works with network manager on Ubuntu Intrepid but does not work under Debian Lenny. I am connecting to a wireless router with WPA-PSK. Does anyone have experience of this chip and how to get it working under Lenny? I do not have this chipset, but an 'apt-cache search ralink' shows some interesting packages, and the upstream docs look promising. http://rt2x00.serialmonkey.com/wiki/index.php/Debian_rt2500_Howto -- Kind Regards, Michael -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Who is logged into this box?
Dotan Cohen wrote: On a machine that I have root access to, how can I see who is logged into the machine? Specifically, I suspect that a malicious entity is logging on in a compromised account over SSH, even while the account's user is sitting at the machine and logged in, so if I can catch two simultaneous login sessions (one on the physical hardware, one over ssh) then I can be sure. Thanks. Since it has not been mentioned in the other replies, I would certainly think that scrutiny of /var/log/auth.log is due. The logs should show you when the user has logged in, and from what remote IP addresses. it should be quite simple to correlate those times and locations with your user. 'whois 11.22.33.44' on those IP addresses will get you an idea of the physical location (not precise in all cases, but an idea) the logins came from. In any case - do not delay changing that user's password to a new strong one! -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: OpenDNS on Debian?
Dan-Simon Myrland wrote: Hay! I really need to use OpenDNS on my Debian Computer, is there a way to make this program work in Debian? I use OpenDNS with a couple of DHCP-served computers, and a simple way to use their recursive name servers, instead of those handed out by DHCP, is to modify /etc/dhcp3/dhclient.conf with the following line: prepend domain-name-servers 208.67.222.222,208.67.220.220; this works for me with standard DHCP /etc/network/interfaces configs, along with with resolvconf, openvpn, and vpnc. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: need a past release of Debian
On 12/29/2008 11:19 AM, ttmann wrote: I am in need of a past release which i have misplaced the originals this is the DVD iso release I require Debian GNU/Linux 4.0 r0 2007 You should be able to find some older images in the cdimage archive area: http://cdimage.debian.org/cdimage/archive/ - it appears that the DVD images for 4.0_r0 are available via jigdo from the archive, but a search of the full file name will likely turn up some full images somewhere.. However, I would *strongly* suggest just using the latest stable images - the original Etch release has remote, exploitable vulnerabilities, which have been addressed by security updates. If these are public boxes, then you should absolutely be using 4.0_r6. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: To-do-list Application
On 12/18/2008 09:44 AM, Zaki Akhmad wrote: I am looking for such a post it application. So that I can write my to-do-list and view it on my Desktop. Any suggestion? 'apt-cache search todo list' shows quite a few interesting options - gtodo/gtodo-applet look about right, if you are using gnome and looking specifically for a desktop app, but some of the cli tools look interesting to me.. might have to try one or two. I use the sticky-note and notepad widgets on a google personal page for quick lists, and trac for work projects. Hope that helps you find something that might work out. -- Kind Regards, Michael -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: kernel help
On 12/18/2008 03:20 PM, Daniel Dalton wrote: Is there a madwifi patch around that I could just apply to the source of the kernel and then rebuild? I do not use madwifi, so have zero experiential help, but have you tried the existing madwifi-source package? It appears to use module-assistant, so there will be a /usr/share/doc/madwifi-source/README.Debian file that will document how to build and install the madwifi kernel module. Make sure you have non-free in your sources.list and 'apt-get install madwifi-source' and take a look. Sounds a whole lot easier than compiling the entire kernel ;) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: OT: laptop recomendations
On 12/12/2008 05:58 AM, tyler wrote: Micha Feigin mi...@post.tau.ac.il writes: Not completely, what newer batteries hate is heat, over and under charging. If it's always plugged in it may kill the battery rather quickly. What I have on my current thinkpad is the ability to stop charging before 100% and that can add quite a bit of like to the battery. How do you do this? I've got a thinkpad R60, and I've been plugging it in when it runs low, then (when I remember), unplugging it when it reaches full charge. Is there some way to automate this? I know the Windows partition has some configuration options, but I don't know how to do this under Debian. Been using settings for charge control from here for a year or so: http://www.thinkwiki.org/wiki/Tp_smapi#Battery_charge_control_features -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Possible DNS issue in Debian/Lenny?
On 11/28/2008 06:07 AM, Michael Shuler wrote: Facebook is still going to load slowly due to 30 second TTL on the A record for www. and 10 minute TTL on inconsistent NS records. They are announcing a set of NS records from the .com TLD servers, then handing out completely different short-TTL NS records where the client needs to perform final lookups, then handing out a final record that expires in 30 seconds, so the client has to go do it all again.. the price of popularity and having to implement gss load balancing, I suppose.. Just to correct my coffee-deprived quick look.. the www. NS records are consistent - they are delegating the www. subdomain to their gss load balancers, which hand out the final A record lookup. A 'dig +trace www.facebook.com' will show you the full authoritative path. -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Possible DNS issue in Debian/Lenny?
On 11/28/2008 03:50 AM, Mike Chorak wrote: On Fri, 2008-11-28 at 09:55 +0100, Mike Chorak wrote: I'm having a rather annoying problem. It seems when I try to navigate to www.facebook.com, in either Iceweasel or Epiphany, the browser will sometimes hang for upwards of 30 seconds, until it finally navigates to the site. After this delay, I can surf the site for maybe a minute or so before it hangs again. Turns out that disabling IPv6 solved my problemMaybe my router doesn't like it? But at any rate, doing that seemed to improve my connection all around so I'm happy :) That drops the IPv6 lookups - you may be able to just disable IPv6 in your browser, but glad it helped a bit. Facebook is still going to load slowly due to 30 second TTL on the A record for www. and 10 minute TTL on inconsistent NS records. They are announcing a set of NS records from the .com TLD servers, then handing out completely different short-TTL NS records where the client needs to perform final lookups, then handing out a final record that expires in 30 seconds, so the client has to go do it all again.. the price of popularity and having to implement gss load balancing, I suppose.. -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: unable to upgrade to lenny
On 11/25/2008 12:38 PM, raman narasimhan wrote: added deb http://ftp.de.debian.org/debian lenny main to apt and tried upgrade... got this error: debian:~# apt-get -u dist-upgrade Reading package lists... Error! E: Dynamic MMap ran out of room E: Error occurred while processing rosegarden (NewVersion1) E: Problem with MergeList /var/lib/apt/lists/ftp.de.debian.org_debian_dists_lenny_main_binary-i386_Packages E: The package lists or status file could not be parsed or opened. debian:~# You need to increase the amount of cache allowed to apt: [EMAIL PROTECTED]:~$ cat /etc/apt/apt.conf APT::Default-Release lenny; APT::Cache-Limit 33554432; -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: bandwidth logger/report
On 11/18/2008 12:23 PM, Celejar wrote: On Tue, 18 Nov 2008 03:50:18 -0800 (PST) Phillipus Gunawan [EMAIL PROTECTED] wrote: Is there any application to log bandwidth for each clients/hosts connected to debian gateway? Won't bandwidthd do what you want? I haven't tried it, but from the description, it seems to. bandwidthd looks pretty slick - thanks, Celejar. I have been using net-acct to log network stats on a bunch of web servers as an additional bit of data beyond web logs - it's extremely lightweight and does not output anything other than the log files, but then you can do whatever you want with the data :) -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: OT: Linode VPSVille
On 10/16/2008 10:25 AM, Eric Gerlach wrote: Anyone have any experience with Linode? I have had a $20US/mo. linode running Etch for about 3 months. It was dead simple to set up, has been completely stable, has seen no host load issues, and the bandwidth has been outstanding. I've been using it as a remote application benchmarking client, so low latency and high throughput was a welcome surprise. The Linode control panel seems to be well thought out. I have no experience with Slicehost (nor VPSville), but what sold me on Linode was the slightly better hardware specs for the same price, and the fact that I did not have to pay up front for 3 months, as Slicehost requires. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: mp3 player with adjustable speed and pitch correction
On 06/30/2008 12:27 PM, Joachim Reichel wrote: I'm looking for an mp3 player that allows to adjust the speed, but haven't been successful so far. What you are looking for is really not just a player, but an audio editor. Give audacity a try - works well for me. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: where is xmms?
On 06/19/2008 02:46 PM, Ivan Glushkov wrote: I have a sid x64 installed. I am wandering why there is no possibility to install xmms? Audacious is a fork of xmms and works quite well for me. http://audacious-media-player.org/ -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: changing xterm colors [solved]
On 05/30/2008 07:31 AM, Jamie Griffin wrote: whilst i've got this sorted, presumably there is a way to make these changes system-wide - how would i do that? /etc/X11/Xsession defines the system-wide and user Xresources locations, and /etc/X11/Xsession.d/30x11-common_xresources will run all the system-wide configuration files found under /etc/X11/Xresources/. -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: keeping package selection with new install
On 04/29/2008 01:44 PM, frits wrote: I have a rather old PC running Etch just the way I want it. Om my new PC I want to instal Lenny, and with the same set of packages I have on Etch. Is there a trick to transport my installed package list in a clever way? I believe this should get you close - there may be some added/removed/split packages you might have to deal with since you are going from etch - lenny repositories, but a close inspection of the apt-get output should be fairly obvious. http://www.debian.org/doc/manuals/reference/ch-package.en.html#s-record -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: crashes... Perhaps a clone problem?
Daniel Dalton wrote: I installed debian to my new computer and cloned from my old box to my new box... I'm not clear on what you mean by cloned, but assume you mean that you just copied your home directory. So my plan: unclone (is that a word) anyway, get all the packages installed from the old box off the new one and if it removed anything install it back. Again, this is unclear - if you did more than just copy your home dir, like rsync'ing the entire filesystem, then I would, personally, just start a fresh install. So I basically want it back to how it was just after the install: a working desktop and command line with the standard apps off the cd. So how can I do this? If my assumption on copying your home dir is all you did, then as root, just move your home directory out of the way, create a fresh one, log completely out and log back in - you will have to consider whatever proper $USER and $GROUP to use. # mv /home/$USER /home/$USER-backup # cp -a /etc/skel /home/$USER # chown -R $USER:$GROUP /home/$USER If your definition of clone is something else, please, be more specific. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Forcing specific IP address with DHCP
On 04/17/2008 09:31 AM, Celejar wrote: I find myself in a bizarre networking predicament. I need to have a server (henceforth 'edith') accept incoming connections (e.g. ssh) from the Internet. edith is behind a home gateway / router / switch ( Trendware / Trendnet TEW-452BRP [0] - henceforth 'gwen'). gwen will forward specific ports to specific private, internal IP addresses, but bizarrely, it seems to provide no facility for ensuring that a specific host will be assigned, via DHCP, a particular IP address. Not such a bizarre thing - I do this for several servers running behind a Debian router/firewall server for my home connection. I don't know about the particular router you are using, but if it does not allow MAC-IP mapping, I think assuming that it has no dynamic DHCP client is fair :P What would you do in this situation (besides getting a different router or using a general purpose computer as one)? Stick a Debian box behind your ISP modem and set it up as your gateway and DHCP server - then run ddclient with a service like DynDNS (apt-cache show ddclient) - I do this at home, at work, on my laptop - I can always get to the machines I might need by hostname - who cares what the IP is :) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Forcing specific IP address with DHCP
On 04/17/2008 02:12 PM, Celejar wrote: On Thu, 17 Apr 2008 11:36:53 -0500 Michael Shuler [EMAIL PROTECTED] wrote: dynamic DHCP client I don't quite follow you here. What's a dynamic DHCP client? bleh.. s/DHCP/DNS/ I meant dynamic DNS there.. -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: keeping track of network throughput (volume, or bandwidth(?) )
On 04/17/2008 11:43 AM, H.S. wrote: Hello, Which tool is best installed on a little machine running as a router to keep track of the network throughput? I am primarily interested in keeping track of the network usage on a monthly basis so that I know how much I have used from my ISP. Munin might work nicely for this information, and is very simple to customize. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: taming resolv.conf
Digby Tarvin wrote: My /etc/resolv.conf file looked ok, except the DHCP server in my router provides nameserver IP only, no search list. Any suggestions? I do like the idea of having any static nameserver information in the /etc/network/interfaces file with the rest of the network config, so resolvconf would be good if it worked as expected I do this all in /etc/dhcp3/dhclient.conf - custom prepended domains for search, as well as superseding some rather useless caching resolvers in favor of another pair. Works regardless of whether I use the interfaces file, resolvconf, NetworkManager, etc., which all use dhclient in the end. Hope that helps! -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How do you get this mailing list name inserted in the subject header?
On 03/08/2008 06:35 AM, Don Saklad wrote: How do you get the mailing list name inserted in the subject header?... [debian-user] It would be convenient for reviewing the messages. Filter on the List-Id header - it's in every message to the list. List-Id: debian-user.lists.debian.org -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: force kernel panic
On 03/07/2008 06:20 AM, [EMAIL PROTECTED] wrote: I have a problem, I need to test a kernel panic crash, I have an server Debian 4.0, some body know the way to force, may be to ins a module in the kernel, a kernel panic? If you are testing netdump or such, you can trigger a crash dump with Alt-SysReq-c at the console or # echo c /proc/sysrq-trigger help: # echo h /proc/sysrq-trigger ; tail -1 /var/log/syslog -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Displaying hardware devices on Debian.
On 03/03/2008 10:18 AM, Kamaraju S Kusumanchi wrote: Here is a list of things I gathered over couple of years. cat /proc/cpuinfo -- displays info about your processor cat /proc/meminfo -- displays info about your memory ls -al /proc/kcore -- to see how much ram is installed df -h -- displays disk usage information lspci -vv -- displays all devices connected to your PCI bus lsusb lshw lshw-gtk fdisk -l -- displays all disks/partitions that your computer knows about free -m -- displays memory usage /proc/ide -- to see the detected IDE drives /proc/bus/scsi -- to see the identified scsi systems /proc/sys/dev/cdrom/info -- to see capabilities of CD drives. Please let me know if there is something else that could be included in this list. dmidecode -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 4 gigs of ram shows only 3 in meminfo
On 02/29/2008 02:24 PM, Ed Curtis wrote: Just installed a new server that has 4 gigs of ram. Running cat /proc/meminfo shows only 3 gigs of memory. I though maybe there was a bad stick. Checking the bios screen at boot does show 4 gigs. Any ideas why etch isn't seeing all 4 gigs? $ apt-cache search linux-image bigmem or install a 64-bit flavor of Debian, if you have a 64-bit processor. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: cleanup a directory
On 02/27/2008 09:39 AM, Jerome BENOIT wrote:
to clean some directories of mine, I use
rm -rf *
but files named as `.log' are not removed.
Dot files are not expanded by * - to remove just the .log files, for
example:
find ./ -type f -name .log -exec rm -rf {} \;
To remove everything in $PWD, similar to rm -rf:
find ./ -exec rm -rf {} \;
These are just quick examples - find has many powerful options to make
the above much safer - be careful.. ;)
--
Kind Regards,
Michael
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: dhcp connects but cannot resolve names
On Mon, 4 Feb 2008 13:15:17 +0100, oxy [EMAIL PROTECTED] wrote: me% dhclient ath0 There is already a pid file /var/run/dhclient.pid with pid 5104 killed old client process, removed PID file Internet Systems Consortium DHCP Client V3.0.4 Copyright 2004-2006 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ wifi0: unknown hardware address type 801 wifi0: unknown hardware address type 801 Listening on LPF/ath0/hardware address Sending on LPF/ath0/hardware address Sending on Socket/fallback DHCPREQUEST on ath0 to 255.255.255.255 port 67 DHCPACK from 192.168.2.1 bound to 192.168.2.36 -- renewal in 164964 seconds. me% ifconfig ath0 ath0 Link encap:Ethernet HWaddr hardware address inet addr:192.168.2.36 Bcast:192.168.2.255 Mask:255.255.255.0 The DHCP server at 192.168.2.1 handed you an address - OK. It should have also handed the client additional network information such as a default route, name servers, etc. me% route add default gw 192.168.2.36 This is incorrect. The gateway will be a router - you have defined the default gateway to be your own client machine. I would start over downing the ath0 interface, and going back through your routine, stopping after you get an IP from 'dhclient ath0'. Assuming the DHCP server is also the gateway router (and the DHCP server is configured properly), you should already have a default gateway route of 192.168.2.1. What is the output of the command 'route -n'? me% nslookup www.yahoo.com ;; connection timed out; no servers could be reached Check the contents of /etc/resolv.conf for 'nameserver [IP_address]' entries. 'cat /etc/resolv.conf'? Can you ping those IP addresses? To see what the DHCP server is actually handing the client, 'cat /var/lib/dhcp3/dhclient.ath0.leases', please. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: vanishing spam -- a puzzle
On 01/21/2008 11:42 AM, Russell L. Harris wrote: About a week ago, the volume of spam (flagged by SpamAssassin at the outfit which hosts my web site and supplies me with a pop3 account) suddenly plumeted by an order of magnitude. I had been receiving about a thousand spam mails each day; now I am receiving only about a hundred. Perhaps school/work starting back up after a holiday break has a bunch of bored script kiddies busy with more important things to do? -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSH slowness
On 01/20/2008 04:29 PM, Curt Howland wrote: In the last few days, ssh connections have turned dog slow. I mean very slow, like 20-30 seconds of just sitting there after issuing ssh server before it asks for my password. This is very strange, as both client and server are on the same LAN with an average ping response time of 1.1ms. Does ssh do a dns lookup or something that could be messing up? Yes. The SSH server performs a reverse DNS lookup on the connecting IP address. If there is no reverse DNS record for that IP address or the name server is foobar'ed, the SSH server will wait until timeout on the DNS lookup, then prompt for password and log the connection by IP. Sounds like something on the LAN changed a few days ago - someone jacked up the in-addr.arpa zone for that range, the name server itself is not functioning properly.. you can get around it temporarily by adding IP/host entries to /etc/hosts file on the server you are connecting to. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: flock, fcntl, lockf?
On 01/14/2008 09:34 AM, Hendrik Boom wrote: What's the right way these days to lock a file (or possibly a part of a file) to prevent damage from simultaneous writing? I suppose the answer could be, depends on what you want to do.. I think that flock() does not work on NFS mounts, if that is any consideration. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: badblocks -- how much time does it take?
On 01/12/2008 11:40 AM, Towncat wrote: /sbin/badblocks -c 10240 -w -t random -v /dev/sda2 where sda2 is a 320 gb partition. The process has been running for approx 18 hours and is just over three thirds. Is this really supposed to be so slow, or is there something wrong? The machine is a Core Duo 1,6, 2GB memory. Yes, and no. badblocks -w is a full write-mode check - you could do a default read-only check, which would certainly be faster, but it all depends on how thorough you would like to be - you chose the most thorough check, so it will take a while, yeah. Just over 3/3's (= 1/1 = done)? ;) Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: azureus
On 01/12/2008 05:15 PM, Rick Pasotto wrote: On Sun, Jan 13, 2008 at 12:01:09AM +0100, Peter Greff wrote: On Sat, 12 Jan 2008 17:37:02 -0500 Rick Pasotto [EMAIL PROTECTED] wrote: When I launch azureus I get a full-screen window with a black background in the middle of which in white letters is: Loading...Please Wait. Fifteen+ minutes and there has been no change. How long am I supposed to wait? What is it I'm supposed to be waiting for? Maybe you're waiting for someone who updates your Java installation? We're waitiing for more information. :) What version of Java, Azureus and Debian are you using? I update daily to testing (unless listbugs indicates a problem). azureus: Installed: 3.0.3.4-2 The dependencies are whatever aptitude determines is required. I do not use azureus, but many client issues that I have had with various applications were rectified by starting fresh with no configurations, letting the app write new defaults. I am curious if you get the same behavior without any old ~/.azureus around - make sure you have no azureus running, and: $ mv ~/.azureus ~/.azureus-OLD Then start it up and see what happens. The java version you have installed might be helpful. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Prism wireless drivers.
On 01/08/2008 04:37 PM, Rui Martins wrote: Can anybody sent me the prism54 drivers for wireless pci device. I use Debian Etch. It's a stock kernel module. # modprobe prism54 -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: X warning messages, why?
On 01/06/2008 10:36 AM, Hugo Vanwoerkom wrote: Hugo Vanwoerkom wrote: (WW) The directory /usr/share/fonts/X11/cyrillic does not exist. Entry deleted from font path. (WW) The directory /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType does not exist. 2nd one goes away when you install x-ttcidfont-conf and then run mkfontdir /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType 1st one I don't know yet. $ apt-file search /usr/share/fonts/X11/cyrillic xfonts-cyrillic: usr/share/fonts/X11/cyrillic/crox1c.pcf.gz (...) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ATI X1600 Radeon Missing 1600x1050 Resolution After fglrx Upgrade
On 01/05/2008 02:04 PM, David Jantzen wrote: After reboot, my only usable resolution (1600x1050) is unavailable. Perhaps this item from the release notes: Known Issues - Connecting a display device that supports 1680x1050 to a system running Linux may result in a maximum display resolution of 1280x1024 only being available https://a248.e.akamai.net/f/674/9206/0/www2.ati.com/drivers/linux/catalyst_712_linux.html#183417 -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: dell 6850
On 01/03/2008 08:12 PM, Chris Parker wrote: I just recently got a new Dell Poweredge 6850 with 14 disk array and 132t Tape library. Does anyone have any experience with this server? The 6850 should just work with Etch. If you are using 4G RAM, you might consider using the amd64 flavor. I don't spend a whole lot of time in testing/unstable land, but I would be surprised if there were any major installer problems. Are there any issues/problems to be aware of? It's a power-hungry beast.. ;) but will be a faithful workhorse. An Oracle database will be run on it. What would be a recommended config? The only issue I have ever run into with Oracle is an installer abend if I there was smaller than 2xRAM swap space - although there is a bypass on that config check in the installer somewhere. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: install etch from usb onto xp machine
On 01/02/2008 12:15 PM, Rick Dooling wrote: I can't really log into the XP machine, the tech fellows just installed a separate hard drive and said I could put Debian on it. Getting it on there is up to me :) As Administrator, I guess you mean? Any easy way to make the XP machine see the usb drive, boot from it, and do an install? If you don't have admin rights, then installing/reconfiguring stuff on your managed workstation might be difficult. Although I have never used this installer, perhaps it would be worth a try: http://goodbye-microsoft.com/ Another route might be to just open the box and connect a CDROM drive for the install - would probably be the simple way to go, however if they locked you out of the BIOS to go set the CD to boot first, you might need to find the magic reset jumper ;) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to give remote access through ssh login only to my /home/user/some/ directory?
On 12/29/2007 01:39 PM, Paul Csanyi wrote: How can I give someone remote access through ssh login only to my /home/user/some/ directory? Depending on what you might wish them to be able to do, such as log into a chroot or just upload files, I have used rssh or scponly under various circumstances. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: function key problem
On 12/21/2007 08:53 AM, Deephay wrote: I have some problem with the function keys for a laptop Details on the specific laptop and your desktop environment would certainly bring better help - all laptop manufacturers have different hotkey usage, and some desktop env's have some built-in widgets you might find easier to use. That said, I have a Lenovo T60, and found some good documentation [0] on setting up the keys I wanted - some of the configs on the page would also work on just about anything, if you check the returned keycodes and configure your own specifics accordingly. -- Kind Regards, Michael Shuler [0] http://thinkwiki.org/wiki/How_to_get_special_keys_to_work -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to get debian.org to accept my yahoo.com email
On 12/15/2007 10:01 PM, Kevin Mark wrote: On Sat, Dec 08, 2007 at 02:35:53PM -0600, Michael Shuler wrote: On 12/08/2007 02:05 PM, Kevin Mark wrote: Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings Would this be yourself? The relevant bits: Received: from unknown (HELO horacrux) (...) Received: from kevin by horacrux with local (Exim 4.67) It appears that you are running your own mail server named 'horacrux' - my own mail servers would reject any messages from 'horacrux' as well because this is not a resolvable hostname: $ host horacrux Host horacrux not found: 3(NXDOMAIN) You need to properly configure your mail server to HELO as a valid host as a first step in delivering mail. Please post this to the list, otherwise it wont get seem. I am subscribed to many mailing lists. I can send and recieve from all but debian.org lists. Well debian.org was ok until the last few months. Done ;) This is how things go: a) mutt(sending)-exim-verizon/yahoo-ML server b) ML server-verizon/yahoo-exim-mutt(reading) Process a for debian now does not work but Process b still does. So what happends now is this: mutt(sending)-exim-verizon/yahoo-debian.org rejects mail but debian.org does not accept verizon/yahoo mail, verizon/yahoo notes the response and forwards the response back to my local server(horacrux) like this: debian.org reject is sent back-verizon/yahoo-exim-mutt(reading) At least that is what I understand. Have you updated your exim configuration to send as a valid DNS resolvable host name, as well as set up DNS for that host name? I think that is your problem, here. I have no problems sending email from quite a few hosts, using a similar path as you describe, but I have configured the local MTA on each box to send as valid DNS resolvable names: [EMAIL PROTECTED]:~$ sudo grep -r kokopelli /etc/exim4/ /etc/exim4/update-exim4.conf.conf:dc_readhost='kokopelli.pbandjelly.org' /etc/exim4/email-addresses:[EMAIL PROTECTED]: [EMAIL PROTECTED] [EMAIL PROTECTED]:~$ host kokopelli.pbandjelly.org kokopelli.pbandjelly.org is an alias for kokopelli.homeunix.org. kokopelli.homeunix.org has address 10.9.109.79 The above is my laptop. Hope that helps! -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Where to report bug? sparc64 crashes probably from mysqld
On 12/10/2007 11:04 AM, Cassiano Bertol Leal wrote:
Dominik Reusser wrote:
[...]
Dec 10 10:11:45 libdb kernel: current-{active_,}mm-context =
099b
Dec 10 10:11:45 libdb kernel: current-{active_,}mm-pgd = f80016884000
Dec 10 10:11:45 libdb kernel: \|/ \|/
Dec 10 10:11:45 libdb kernel: @'/ .. \`@
Dec 10 10:11:45 libdb kernel: /_| \__/ |_\
Dec 10 10:11:45 libdb kernel: \__U_/
[...]
Is this for real???
Yes. This is still in the 2.6.23.9 sparc and sparc64 arch
kernel/traps.c source.
/* Amuse the user. */
printk(
\\|/ \\|/\n
\@'/ .. [EMAIL PROTECTED]\n
/_| \\__/ |_\\\n
\\__U_/\n);
--
Michael
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to get debian.org to accept my yahoo.com email
On 12/08/2007 02:05 PM, Kevin Mark wrote: Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings Would this be yourself? The relevant bits: Received: from unknown (HELO horacrux) (...) Received: from kevin by horacrux with local (Exim 4.67) It appears that you are running your own mail server named 'horacrux' - my own mail servers would reject any messages from 'horacrux' as well because this is not a resolvable hostname: $ host horacrux Host horacrux not found: 3(NXDOMAIN) You need to properly configure your mail server to HELO as a valid host as a first step in delivering mail. -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: need help with BIND9
On 11/14/2007 02:53 AM, [EMAIL PROTECTED] wrote: I need help setting up nameservers for my own domain. The IPs and domains have been changed for privacy ;-) ..which makes it difficult to properly troubleshoot. $TTL 1h @ SOA ns1.mydomain.com. root.mydomain.com. ( 2007110805; Serial (date + two digit serial) 10800 ; Refresh (3 hours) 3600 ; Retry (1 hour) 86400 ; Expire (1 day) 60 ) ; Default TTL 1 min NS ns1.mydomain.com. MX mail.mydomain.com. A 1.1.1.1 ns1A1.1.1.1 mailA1.1.1.1 wwwA1.1.1.1 What could be the problem? If you are going to host authoritative DNS for mydomain.com. on a name server host under the same domain, for example ns1.mydomain.com., then you need to seed the process of finding your authoritative name server via a glue A record at your domain registrar - this A record for ns1.mydomain.com. gets pushed up to the com. TLD servers, so that recursive resolvers around the Internet can find the correct name server to ask, where is mydomain.com.. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: video capture with KWorld DVD Maker USB 2.0
On 11/12/2007 03:34 PM, Russ Cook wrote: Is anyone successfully using the KWorld USB product under Linux? If so, can you offer me some help or tips for getting mine to work? I have zero experience with this hardware, but this thread from the linux-video list looks semi-promising - the linux-video list may be a better place to seek help, as well: http://marc.info/?t=11566708532r=1w=2 -- Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DNS CNAME question
On 10/25/2007 07:51 AM, Rogelio wrote: Not sure if this is the best place to ask this question (and if so, please point me to a better listserv), but is there anything wrong RFC or best practice wise with pointing a CNAME record to a DNS server? (I'm using EveryDNS.net, and I'd like to make my CNAME records ns1-4.myDomain.com http://4.myDomain.com correspond to ns1-ns4.EveryDNS.net.) While aliasing your name servers might work, it also may not, depending on the various DNS server software implementations and configurations around the planet. With that in mind, aliasing your name servers introduces a high probability of problematic DNS resolution, query failure, and improper authority. RFC 1034 [0] 4.2.1. Technical considerations: One of the goals of the zone structure is that any zone have all the data required to set up communications with the name servers for any subzones. That is, parent zones have all the information needed to access servers for their children zones. The NS RRs that name the servers for subzones are often not enough for this task since they name the servers, but do not give their addresses. In particular, if the name of the name server is itself in the subzone, we could be faced with the situation where the NS RRs tell us that in order to learn a name server's address, we should contact the server using the address we wish to learn. To fix this problem, a zone contains glue RRs which are not part of the authoritative data, and are address RRs for the servers. If you alias to some other zone, then you potentially run into a state of gluelessness - expect issues and possibly failures. By using aliases for your NS hosts, you have intentionally moved full resolution of your zone records, as well as those zones dependent on your name servers outside of the ability to have all the data they need in the current authority chain. In addition, a glue record can never be an alias, as this completely defeats the entire purpose of seeding the authority chain. See section 6 of RFC 1034 for details on authority. RFC 1035 [1] 3.3.11. NS RDATA format NSDNAME A domain-name which specifies a host which should be authoritative for the specified class and domain. The NS RR states that the named host should be expected to have a zone starting at owner name of the specified class. NS records should point to a *host* - a host is an A record: 3.2.2. TYPE values A 1 a host address If you alias your NS records to some other name server hosts, then your name server will be intentionally stating, I don't have the expected information you are asking for - go somewhere else and ask... - expect issues and possibly failures. == OK, enough with RFCs and on to my opinion... From experience in running large-scale DNS services, the only real reason for doing what you wish to do, when you strip out the seemingly logical justifications for doing so, is vanity... You wish to appear to the world, or your vhost customers, or for whatever reason you may have, as personally performing your own DNS services and maintaining a larger infrastructure than you really have. Use the proper NS hosts of the DNS service provider that you are actually using - give them the credit for providing you (in the case of everydns.net, for free (have you donated?)) a robust DNS setup, and have your customers use the proper everydns.net NS hosts, if this is the case. Glue records, authority chaining, forward/reverse records of those in authority, etc. will all be proper, and you give public props, via whois database entries, to the folks that are actually providing the service and servers you are using. If you absolutely must have vanity NS records pointing to someone else's hosts, they must be A records, and you must provide glue at the TLD name server, if you are using your own vanity NS names for your own domain. Expect serious issues when everydns.net needs to move IP addresses. -- Kind Regards, Michael Shuler [0] http://www.rfc-archive.org/getrfc.php?rfc=1034 [1] http://www.rfc-archive.org/getrfc.php?rfc=1035 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (mod-) ssl for apache 2.2.x
On 10/14/2007 06:34 AM, Georgi Alexandrov wrote: Michael Shuler wrote: The package is libapache-mod-ssl - install that, then run 'a2enmod ssl' to enable the module in your apache configuration. That's wrong. ssl is included in the apache2 packages for Debian etch. You don't need a separate package for that as it was with apache 1.3. You just need to enable the module. You are absolutely correct with regards to libapache-mod-ssl - my error. I just happened to have it installed alongside apache2.2 and made an assumption. Looks like all one needs to do is enable the module. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to wifi with ipw3945 on Dell Vostro ???
On 10/11/2007 10:11 AM, Andrew Sackville-West wrote: I've been watching for some action on this thread as I have the same chip giving me fits. It appears that I have to use the built-in keys to turn the radio off and then back on to get it to actually wake up and connect. Its been a little frustrating. I've also found Network Manager to be unpredictable if not down right impossible to use. It seems to be too smart for its own good sometimes. I've ended up having to use a different tool: wifi-radar and (shudder) rebooting to get wireless to work. Typically, the dance I had to go (this was on a cross coutnry trip -- different wireless in each hotel) through was down all the interfaces, comment out the wired ethernet from /etc/network/interfaces, reboot, then use wifi-radar to connect entering appropriate keys etc. Sometimes I'd have to manually shutdown the radio (as above) and bring it back up to get it to go. I'm not convinced that my problems are necessarily with the driver/interface but that cycling the radio thing suggests it might be. I'm planning to wipe that lappy and start over anyway (need to use encryption) so I'll start over from scratch on the wireless. If I get anything useful I'll post it up. I simply use the interfaces file with mapping for the various wireless networks I use, and a script with 'iwlist eth1 scan' to figure out which AP I am in range of. I do not recall where I stumbled across this setting, but it definitely helped my issues with connecting to some APs from my T60 w/ipw3945. I added the 'associate=1' option to the module load, and all was well: $ cat /etc/modprobe.d/ipw3945d install ipw3945 modprobe --ignore-install ipw3945 associate=1 /etc/init.d/ipw3945d modprobe-start remove ipw3945 /etc/init.d/ipw3945d modprobe-stop modprobe -r --ignore-remove ipw3945 -- Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (mod-) ssl for apache 2.2.x
On 10/11/2007 02:30 PM, Robert Cates wrote: Hi all, am I wrong - there's no (mod-) ssl package for the etch apache 2.2 server? I can I get my apache 2.2 server ssl enabled? Or do I need to install/use the apache 1.3 package for ssl support? The package is libapache-mod-ssl - install that, then run 'a2enmod ssl' to enable the module in your apache configuration. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Dual Booting linux thin client or windows
On 10/09/2007 08:36 AM, Kent West wrote: Sid Arth wrote: Is it possible to dual boot into either normal windows (booting from the harddrive) or linux which is stored on the network? I was wondering if there is something where you could pick which OS you want to load, and if you pick the linux one, it will boot off a server on my network. Once the BIOS finds the PXE server and starts booting from it, I believe you can have the PXE serve out whatever you want, such as the startup of a Debian boot, or the normally earlier stage of GRUB menu, which would give your users the ability to pick-and-choose from a menu which OS they want to load. A while back for the VMWare appliance competition, I created a pxelinux installer / rescue VM using the same technology and some of the tricks we use in our production data center installers (it does not have a debian installer, I know..). You can set up a short timeout of pxelinux to boot from hard disk by default, if there is no option chosen from the menu. In the case of this VM, it waits forever, but if you just hit ENTER, it boots from disk. Feel free to grab it and rip apart the pxelinux or any other configurations - thought this might inspire a few PXE ideas. http://pbandjelly.net/vmware_challenge/ -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Splitting out apache2 virtual host bandwidth usage
On 10/01/2007 04:17 PM, Chris Searle wrote: I know I can see on the awstats graph for each host the usage there. But - is there a simple way to either get ntop to separate by virtual hosts (not sure if this kind of customization is available) or - some other way to collect this information on a graph showing http bandwidth by virtual host? Note - all are on the same IP (NameVirtualHost config in apache). The only way that I know of to separate out vhost traffic on the same IP is to grok apache logs - this is exactly what awstats is doing for you. The only alternatives I can think of are looking at different web stats packages (they all process log files), or script out bandwidth usage from the various vhost logs or out of awstats to report the bandwidth data in the manner you want to see. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: syslog recommendations?
On 09/28/2007 11:29 PM, Rogelio Bastardo wrote: I'm looking for a few F/OSS syslog programs -- one easy to use (sort of like Kiwi syslog) and another that's much more scalable and would let me, say, aggregate logs from lots of different boxes and maybe even do other sorts of cool things (find patterns, etc). I am not aware of a single package that will do all that you want, but a combination of a few packages should get you there. I use syslog-ng for aggregating logs from many servers, and I think it far surpasses the standard udp syslog daemon for reliability. Running logcheck and/or logtool on the syslog server to parse the raw logs will get you pattern matching and various reporting possibilities. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: trouble installing pidgin (was: trying to get the windows icq program QQ to work under etch)
On 09/25/2007 01:16 PM, tom arnall wrote: warning: pidgin-2.2.0-0.src.rpm: Header V3 DSA signature: NOKEY, key ID a9464aa9warning: pidgin-2.2.0-0.src.rpm: Header V3 DSA signature: NOKEY, key ID a9464aa9pidgin_2.2.0-1_i386.deb generated debian:/home/kloro/zips/pidginRH# debian:/home/kloro/zips/pidginRH# ls -l -rw-r--r-- 1 kloro kloro 8129041 2007-09-25 10:48 pidgin-2.2.0-0.src.rpm -rw-r--r-- 1 root root 8103764 2007-09-25 10:51 pidgin_2.2.0-1_i386.deb That is a *source* rpm, meant to be compiled - it is not a *binary* rpm, meant to be installed/run. What alien built and was installed, is likely under /usr/src/RPM/[SOURCE,SPEC] (I think.. been a long time since I looked at RH) -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: linux-image-2.6.18-5-686 - turn off SMP and then disable local APIC
On 09/23/2007 10:50 AM, Pál Csányi wrote: How can I turn off SMP and then disable local APIC with this kernel? For the options to persist across kernel updates/upgrades, add the options 'nosmp' and 'noapic' to /boot/grub/menu.lst on the kopt= line, then run 'update-grub'. This works for all kenel versions. For example, edit: # kopt=root=/dev/sda1 ro to: # kopt=root=/dev/sda1 ro nosmp noapic Then run 'update-grub' and take a look at /boot/grub/menu.lst - you should see your default options added to all the kernel boot blocks. Take a look at the other option sections, if you wish to enable options only in the alternative or non-alternative boot options. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: exim4 with gpg?
On 09/22/2007 09:42 AM, Peter Jordan wrote: i run debian etch with exim4 (smarthost configuration) for outbound emails. Is it possible to encrypt the outbound emails with gpg? gpg/pgp signing/encryption/decryption is all about trusting the human associated with the key pair. Using gpg relates to the mail *user*, so the mail server has nothing to do with gpg, other than delivering the message. If it is possible how can i do that? Sign/Encrypt with your mail client, then push Send ;) Looks like you are using Thunderbird - I use the Enigmail plugin [0] with Icedove - 'aptitude install enigmail'. -- Kind Regards, Michael Shuler [0] http://enigmail.mozdev.org/ signature.asc Description: OpenPGP digital signature
Re: permissions problems when using libusb
On 09/10/2007 05:39 PM, Britton Kerin wrote: I have a program that uses libusb and it only works from root. When I try to run as a normal user I get errors like this: avrdude: usb_open(): cannot read serial number error sending control message: Operation not permitted avrdude: usb_open(): cannot read product name error sending control message: Operation not permitted avrdude: usbdev_open(): error setting configuration 1: could not set config 1: Operation not permitted I didn't see a usb group in /etc/group or anything like that. Can anyone tell me the preferred way to let users run programs that use libusb? /usr/share/doc/libusb-0.1-4/README.Debian has some mount options that might be helpful in your situation. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: mysqld in hosts.allow / hosts.deny ?
On 09/06/2007 05:43 AM, Pratchaya Chatuphian wrote: Now, Can i use tcpwrapper with mysql on debian ? Yes (this is how I do a quick check on a binary w/o going to find compiled options): $ ldd /usr/sbin/mysqld | grep wrap libwrap.so.0 = /lib/libwrap.so.0 (0xb7ec7000) If it can be used. Which config. that i correct ? ( If i want to only allow from my LAN ( 192.168.2.x netmask 255.255.255.0 ) It is the *daemon* that you wish to wrap that is the first argument in hosts.[allow,deny] - in this case mysqld. Your network/netmask looks fine. 'man hosts.allow' 1. hosts.allow # mysqld: 192.168.2.0/255.255.255.0 hosts.deny # mysqld: ALL -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Rogue Directory
On 09/05/2007 12:03 PM, Hal Vaughan wrote: Yesterday I created a new directory on my workstation so I could mount a few NFS mounts on it. As root, I typed mkdir /thresh and it worked, or seemed to. I realize I didn't actually list it, I just tried mounting the imported filesystems on it and it worked. Now when I list it, I get: ?- ? ???? /thresh This appears that your created or possibly the mounted a directory has some odd permissions - e.g.: $ mkdir -m600 foo $ ls -la foo/ total 0 ?- ? ? ? ?? foo/. ?- ? ? ? ?? foo/.. What can I do to either delete it (the only data in it is mounted from other systems) or make it usable? Try unmounting your NFS share and checking permissions/UMASK on both sides. -- Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Old updates appearing out of the blue
On 08/16/2007 09:39 PM, Simos H wrote: I ran apt-get update/upgrade this afternoon and number of updated packages showed up: Does anyone have any clues on why this might have happened? http://times.debian.net/1161-etch-r1 Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Suggestions for diagramming software
On 08/14/2007 08:51 PM, Anthony M Simonelli wrote: On Wed, 2007-08-15 at 01:39 +, Amit Uttamchandani wrote: Other than xcircuit, any other diagramming software that you guys use/suggest. I use OpenOffice.org Draw. It isn't as nice as Visio and doesn't have as many shapes and such to choose from, but for basic flow charts and things, it certainly does the job. I've used it for a variety of projects. Plus you can export the finished work as a PDF. The openclipart-openoffice.org package has some additional graphics to use in Draw, plus you can just point Draw to include any directory/file - this is what I switched to from dia a while back for diagramming complex server/network configurations. Simple integration to Impress and export to html or pdf for public viewing clinched it for me. Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Google checking my system?
On 08/15/2007 01:39 PM, Wayne Topa wrote: I have noticed recently, while watching iptraf, that I am getting connections from various google addresses. ie bu-in-f93.google.com currently. This would be your browser checking in with google. If you have a browser open, it will connect for updated information periodically. ie., netstat shows these connections on my system: tcp 0 0 10.6.104.165:34120 kc-in-f104.google.c:www ESTABLISHED tcp 0 0 10.6.104.165:34121 kc-in-f104.google.c:www ESTABLISHED The above is from me - google on port 80 when sitting on my igoogle page. This happen on 4 different network boxen, while they have iceweasel running, and sitting on our networks local homepage. As the connections were not initiated by any of the boxen, iptables _should_ be blocking them, so I am wondering if Google has, somehow, got around the firewall (firehol) rules. I pointed by browser away from google.com to some other site, and the connections persisted as ESTABLISHED for a short time, then dropped. After a little time, another connection fired up, same as above, so this appears to be cookie-based(?). Interesting.. Your firewall probably has an iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT rule, meaning accept anything coming in if it is initiated from the inside. Kind Regards, Michael Shuler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: vim kde questions
On 08/14/2007 03:06 PM, Magnus Pedersen wrote: Mark Neidorff wrote: First...vim. (Yeah, I'm old school) OK. I'm in text entry mode and I want to navagate up/down/left or right. If I press an arrow key, a new line is opened and a character (B or D or ...) is put in the first position of that line. If I switch to navagation mode, then the arrow keys work properly. Am I dealing with a vim problem, a terminal problem or a keyboard mapping/character set problem? Whichever it is, how do I solve it? Dunno, I don't see that kind of behavior from my Vim... When calling the default install of vim-tiny as 'vim file', I believe arrow-key navigation works, however, when calling as 'vi file', vim behaves as the old-school vi (h,j,k,l) and the use of arrow-keys will output control characters. dpkg -l vim* |grep ^ii Will likely only show vim-tiny installed. aptitude install vim Will get you the full-featured vim software and 'vi file' should work by default with arrow navigation. Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Font Smoothing in Xterm
On 08/13/2007 07:36 PM, Amit Uttamchandani wrote: Anyways, font smoothing has been working quite well on this laptop screen except for xterm. I finally figured out how to change the font in xterm to bitstream vera sans mono but the fonts in xterm look jagged and terrible in this screen. Any suggestions on how to work around this. I tried several methods including dpkg-reconfigure -plow fontconfig-config but to no avail. I know I could use the GNOME terminal or Konsole but they are not as quick as xterm. Any other alternatives that you guys suggest? You will want an ANSI font for a terminal. I used to use RXVT, and my favorite was the VGA font from the site below - he has a few sizes: http://home.earthlink.net/~us5zahns/enl/ansifont.html I followed the hint, years ago, from the BitchX docs for selecting this font, since it has all the right characters to render properly. Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: broken upgrade of postfix_2.3.7-3 - 2.3.8-2 (etch) (SOLVED)
Michael Shuler wrote: Jochen Schulz wrote: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415670. Thanks for the bug link, Jochen - there was no report in my bug search, prior to posting yesterday. The notes on this bug seem to reflect all the same behavior I am seeing with 2.3.8-2. postfix_2.3.8-2+b1 is working well for me today. Kind Regards, Michael Confidentiality Notice: This e-mail message (including any attached or embedded documents) is intended for the exclusive and confidential use of the individual or entity to which this message is addressed, and unless otherwise expressly indicated, is confidential and privileged information of Rackspace Managed Hosting. Any dissemination, distribution or copying of the enclosed material is prohibited. If you receive this transmission in error, please notify us immediately by e-mail at [EMAIL PROTECTED], and delete the original message. Your cooperation is appreciated. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: broken upgrade of postfix_2.3.7-3 - 2.3.8-2 (etch)
Jochen Schulz wrote: I had the same issue and solved it temporarily by installing OpenSSL from unstable. See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415670. The release manager noted that unstable's version of OpenSSL won't be included in etch, though, so that downgrading postfix until a fixed version becomes available may be a better option. Thanks for the bug link, Jochen - there was no report in my bug search, prior to posting yesterday. The notes on this bug seem to reflect all the same behavior I am seeing with 2.3.8-2. Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to switch between different network configurations?
Zhengquan Zhang mailing list wrote: Is there any easier and smarter way of doing this? There should be no need to edit interfaces every time you want to change network profiles - there are lots of tools out there to try, or you could use something a little simpler, such as native debian networking initialization tools like logical interfaces or scripted interface mapping: http://www.debian.org/doc/manuals/reference/ch-gateway.en.html#s-net-reconf I use mapping for my wireless interface with the Automatic WLAN Picker Script below for roughly a dozen locations and a fallback for any open AP - works beautifully: https://help.ubuntu.com/community/WifiDocs/WiFiHowTo Kind Regards, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
broken upgrade of postfix_2.3.7-3 - 2.3.8-2 (etch)
Today's postfix update has broken my smtp configuration, and I would
enjoy any help troubleshooting - I have downgraded to 2.3.7-3 for the
moment. The changelog looks fairly trivial, but I have not been able to
put my finger on the real problem - is this possibly an libssl/openssl
issue?
I am using tls, sasl authentication, and postgrey. Local delivery for a
logcheck email worked, and postfix bound to the tcp ports, but a telnet
to port 25 showed no banner and accepted no interaction - same behavior
after a restart.
I enabled verbose logging and there is too much to post here - at the
end of the log is the verbose output of 2.3.7-3 starting up, a telnet to
localhost 25, then a non-verbose restart:
http://ftp.pbandjelly.org/pub/postfix_2.3.8-2/mail.log
Thanks for any ideas!
Kind Regards,
Michael
basic mail.log after postfix_2.3.8-2 upgrade (no fatal|error logs):
Mar 20 18:59:54 aesop postfix/master[7364]: terminating on signal 15
Mar 20 18:59:54 aesop postfix/master[7460]: daemon started -- version
2.3.8, configuration /etc/postfix
Mar 20 18:59:57 aesop postfix/master[7460]: warning: process
/usr/lib/postfix/smtpd pid 7467 exit status 127
Mar 20 18:59:57 aesop postfix/master[7460]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
Mar 20 19:00:35 aesop postfix/master[7460]: terminating on signal 15
Mar 20 19:01:24 aesop postfix/master[2010]: daemon started -- version
2.3.8, configuration /etc/postfix
Mar 20 19:01:37 aesop postfix/pickup[2016]: CAD5039C501: uid=108
from=logcheck
Mar 20 19:01:37 aesop postfix/cleanup[3115]: CAD5039C501:
message-id=[EMAIL PROTECTED]
Mar 20 19:01:37 aesop postfix/qmgr[2017]: CAD5039C501:
from=[EMAIL PROTECTED], size=16428, nrcpt=1 (queue active)
Mar 20 19:01:38 aesop postfix/local[3119]: CAD5039C501:
to=[EMAIL PROTECTED], orig_to=root, relay=local,
delay=0.32, delays=0.1
8/0.07/0/0.07, dsn=2.0.0, status=sent (delivered to maildir)
Mar 20 19:01:38 aesop postfix/qmgr[2017]: CAD5039C501: removed
Mar 20 19:02:20 aesop postfix/master[2010]: warning: process
/usr/lib/postfix/smtpd pid 3957 exit status 127
Mar 20 19:02:20 aesop postfix/master[2010]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
Mar 20 19:03:20 aesop postfix/master[2010]: warning: process
/usr/lib/postfix/smtpd pid 3983 exit status 127
Mar 20 19:03:20 aesop postfix/master[2010]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
...
configs:
$ cat main.cf|egrep -v '^#|^$'
smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
smtpd_use_tls=yes
smtpd_tls_cert_file=/etc/ssl/certs/mail.pbandjelly.org.cert
smtpd_tls_key_file=/etc/ssl/private/mail.pbandjelly.org.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
myhostname = aesop.pbandjelly.org
myorigin = /etc/mailname
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, /etc/postfix/virtual/domains
virtual_maps = hash:/etc/postfix/virtual/addresses
home_mailbox = Maildir/
strict_rfc821_envelopes = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sender_restrictions =
reject_non_fqdn_sender,
reject_unknown_sender_domain
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client sbl-xbl.spamhaus.org,
check_policy_service inet:127.0.0.1:6,
reject_unauth_pipelining
$ cat master.cf|egrep -v '^#|^$'
smtp inet n - - - - smtpd
submission inet n - - - - smtpd
pickupfifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgrunix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounceunix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verifyunix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n
Re: broken upgrade of postfix_2.3.7-3 - 2.3.8-2 (etch)
Mihira Fernando wrote:
Michael Shuler wrote:
Mar 20 19:03:20 aesop postfix/master[2010]: warning: process
/usr/lib/postfix/smtpd pid 3983 exit status 127
Mar 20 19:03:20 aesop postfix/master[2010]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
I have also not been able to find any reference in the postfix source
for exit code 127.
Can you post the result of postconf -n ? that shows the actual working
parameters used by postfix.
From the logs I guess (uneducated guess) that the problem is not in the
postfix core but in one or more of the child processes (spam/virus
checker or greylistng).
I am not using virus checking and only using an rbl check and postgrey.
Thanks for looking.
Kind Regards,
Michael
$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command =
mailbox_size_limit = 0
mydestination = $myhostname, /etc/postfix/virtual/domains
myhostname = aesop.pbandjelly.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination, reject_rbl_client
sbl-xbl.spamhaus.org, check_policy_service inet:127.0.0.1:6,
reject_unauth_pipelining
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain
smtpd_tls_cert_file = /etc/ssl/certs/mail.pbandjelly.org.cert
smtpd_tls_key_file = /etc/ssl/private/mail.pbandjelly.org.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: broken upgrade of postfix_2.3.7-3 - 2.3.8-2 (etch)
Mihira Fernando wrote:
Do you have btree support installed for postfix ? As I recall, the
smtp(d)_session_cache_database parameters are in the default main.cf
file but btree support is _not_ installed by default.
If you're not using these 2 parameters I suggest you comment them out
and reload postfix.
I thought btree was berkley db, which is installed, but I could be wrong
there - I have not found any promising looking packages when apt-cache
searching for btree or postfix, so I am not sure what those might be.
I reinstalled 2.3.8, commented out the btree lines, reloaded, and have
the same behavior as previously with the same warnings.
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
Also I assume you got postfix-policyd on 127.0.0.1:6 ? it is fully
operational right ?
postgrey is listening on 127.0.0.1:6 and has been functioning
properly under 2.3.7.
To rule out all the variables, I left the btree lines commented out,
commented out my check_policy_service, set smtpd_use_tls=no, and
restarted. This works fine.
I then added the check_policy_service line back, to re-add postgrey into
the mix, restarted, and this works fine.
When I add back smtpd_use_tls=yes and restart, then I have problems..
From looking at the changelog entry and my trials, this does appear to
be an issue with the current libssl/openssl 0.9.8c-4 that I am hitting -
the postfix changelog states:
20070225
Workaround: Disable SSL/TLS ciphers when the underlying symmetric
algorithm is not available in the OpenSSL crypto library at the required
bit strength. Problem observed with SunOS 5.10's bundled OpenSSL 0.9.7
and AES 256. Also possible with OpenSSL 0.9.8 and CAMELLIA 256. Root
cause fixed in upcoming OpenSSL 0.9.7m, 0.9.8e and 0.9.9 releases.
Kind Regards,
Michael
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
