Re: [OT] two domains and one ip / apache
On Mon, Jan 15, 2001 at 10:09:57PM -0600, ktb wrote: I've been searching for a while in the Apache documentation. I have heard it is possible to have a working setup where you have one ip and two domain names. Do I use aliasing with Apache to do this on the server side or what? The examples I see use aliasing for sub domains. I want one domain to go to one directory on the server and the other a different directory. http://httpd.apache.org/docs/vhosts/name-based.html -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp4F43SOa3tp.pgp Description: PGP signature
Re: X development packages broken in woody?
On Fri, Jan 12, 2001 at 12:58:39PM -0700, [EMAIL PROTECTED] wrote: Uggh, they removed X4 from Woody? I'm not sure I like this testing distribution thing. If I'm pointing at woody the whole time (which I have), I don't expect packages to be rolled back unless something is really wrong. So now that X has been removed from Woody, I must either roll back to X3 also, or get my X stuff from unstable. I don't want to move to unstable completely, as this workstation cannot afford any downtime. Is there any way to see which packages have been rolled back in Woody (I guess they're listed as obsolete in dselect)? Is there any way to automatically downgrade all the packages which have been rolled back? What was wrong with the old way of unstable-frozen-stable? You contradict yourself - if you were tracking woody you were tracking unstable. Since you were tracking unstable before I don't see why it's such a big deal to track it now ... The new release system mimics (as far as I can tell) the BSD development track: there's really stable, sorta stable, and not guaranteed to even work. Many find this arrangement preferable. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpwpJ3cLPBgz.pgp Description: PGP signature
Re: X development packages broken in woody?
On Fri, Jan 12, 2001 at 03:39:15PM -0700, [EMAIL PROTECTED] wrote: You contradict yourself - if you were tracking woody you were tracking unstable. Since you were tracking unstable before I don't see why it's such a big deal to track it now ... Maybe it's not worth a discussion, but when I started using woody before, the stability of this machine was much less critical than it is now (nobody else relied on it then, but several people/machines do now). Also, I figure that unstable at the start of development of a new release (sid now) is probably a bit more unstable than unstable near the end of development of the release (woody of 2 months ago). You might be right in your assumption, but my (anecdotal) evidence is that unstable isn't very unstable at all. As long as you review what exactly apt-get has decided it's going to do today and upgrade selectively at times. Having said that I wouldn't run unstable on a server I didn't have console access to 24/7, and probably not even then. The new release system mimics (as far as I can tell) the BSD development track: there's really stable, sorta stable, and not guaranteed to even work. Many find this arrangement preferable. So will testing always be available? I like the idea. I'm just not used to packages being rolled back in a release. But if I have apt-get always looking at testing, maybe that's what will make me happy. The way I understand it is this: stable --- frozen --- testing --- unstable whereas the old way was stable --- frozen --- unstable Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp2sQYCIx16n.pgp Description: PGP signature
Re: X development packages broken in woody?
On Fri, Jan 12, 2001 at 03:50:08PM -0700, [EMAIL PROTECTED] wrote: You wouldn't have these problems if you would ignore the damn code names and track the appropriate distribution. If you want to track unstable point to unstable, not woody. _Don't_ _use_ _code_ _names_. But I did not want to track unstable, I wanted to track woody. That is, I didn't want apt-get update; apt-get upgrade to start tracking sid the moment sid became available. I wanted to stick with woody when it became frozen/stable. This is what I did near the end of potato's development. But, I guess I can't do that anymore. You're not listening. You can still do that. It's just that this _one time_, when testing was introduced, the woody distribution experienced a hiccup as it became testing and the new unstable appeared. As David Maze says, this should never happen again. I beleive that sid will always equal unstable (but I could be wrong :) The plan as I understand it is for new code names to become testing, eligible packages from the current unstable pool (which is a constantly moving target) are elevated to testing as appropriate. I respect John Hasler's opinion, but in this case I must disagree with him. It's useful to track code names if you like tracking a code base as it moves from stage to stage. On the other hand, perhaps the ability to track testing will change my mind on the code name issue ... Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp8NtVU2BLoa.pgp Description: PGP signature
Re: Anonymous FTP
On Thu, Jan 11, 2001 at 04:07:45PM -0700, Robert Kerr wrote: On Thu, 11 Jan 2001, Jason Mogavero wrote: If you use ssh to administer the machines that need to transfer files, you can use scp, which is an encrypted file transfer method using the ssh daemon. If you're transferring files into an unsecure network, you'd be better off using scp anyway. The downfall of this is that you need valid accounts on both boxesthere's no anonymous login, as it authenticates the same way ssh does. (as far as I know) I was under the impression that I couldn't run scp unattended. Is that not correct? If you create an RSA indentity key with a null password this works fine unattended. It's also possible to use rsync via ssh this way (in fact I do that to copy files from a linux box at work to a windows me box at home). Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpiGErOG9wxy.pgp Description: PGP signature
Re: Whirl logo instead of Tux
On Tue, Jan 09, 2001 at 05:12:30PM +0100, Peter Hugosson-Miller wrote: I'm trying to make sense of this thread, but I guess I'm too dense: exactly when would this boot logo show up? 1) post LILO but pre kernel load? 2) post kernel load but pre init? 3) Is it used as a background picture for xdm or gdm? 2 would be closest ... the logo shows up when framebuffer support is compiled into the kernel. I believe the compact kernel has this. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpEWxOhYeXG5.pgp Description: PGP signature
Re: System security question
On Sat, Jan 06, 2001 at 02:15:53AM +1100, Martin Bishop wrote: Netstat shows the following services on my home machine: Active Internet connections (servers and established) *:printer This is lpd. You only need this if your mascine has a printer atteched to it AND accepts print jobs from other PCs. Id you don't have a printer then don't run lpd. If you have a printer but only print locally, I think you can unbind the tcp port but I'd have to look it up. I really hate lpd; I think it's the worst part of unix-like systems. *:dict This is a dictionary server ... not sure why you're running this :) *:sunrpc You only need this if you're running NFS or NIS (or some other RPC service). Chances are you're not, so remove the start links for portmap. *:auth This is the ident (RFC1412) protocol ... it's stupid but lots of servers want to connect here before they let you use the service. I recommend oidentd. *:smtp Unless you _receive_ mail from the network, you don't need to bind to the smtp port. For sending mail you simply need to run through the queue periodically. Exim used to have a default setup where reception was controlled by inetd and sending was a cronjob. I'm sure this is still documented somewhere (in other words, you don't run exim as a daemon, you fire off a queue runner every 10 minutes ...) HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpBp0etIYBXB.pgp Description: PGP signature
Re: pump, dhcp question
On Thu, Jan 04, 2001 at 05:04:41PM -0600, Bill Bell wrote: Hello all, I have a box which is using mostly woody and I have a quesiton about using pump as a DHCP client. Documentation for pump is scarce, perhaps because functionality is limited. How do I run a script each time pump refreshes it's information? Did you read the man page? It says: ] CONFIG FILE ]Pump supports a simple configuration file which lets you ]tune its behavior. ] ... ]script executable-filename ] ] ] When events occur in negotiation with the server, ] calls the given executable or script. Scripts are ] called when a lease is granted, when a renewal is ] negotiated, and when the interface is brought down ] and the address released. The scripts are called ] with two or three arguments, depending on the con- ] dition, as documented in the table above. Now, I notice the table isn't there. It is in the man-page source though ... here's what it says: ] Condition arg1arg2arg3 ] - --- --- --- ] lease up eth01.2.3.4 ] renewal renewal eth02.3.4.5 ] release downeth0 So in the case of a renewal teh script should expect 'renewal', dev, ip as the three args. Have fun, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgppFceMIdniM.pgp Description: PGP signature
Re: remote x via ssh question
On Tue, Jan 02, 2001 at 04:22:31AM -0500, D-Man wrote: This thread has invoked some curiosity in me. If I use ssh to forward X connections, does that mean I can use X through an IP masquerading router? Yup, if the box you're sitting at is inside the firewall. It's a bit trickier the other way around. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpKIwmoKeJOe.pgp Description: PGP signature
Re: Tracking down IP's
On Tue, Jan 02, 2001 at 02:09:20AM -0600, will trillich wrote: i've got something quite similar to this, but mine's on INPUT-- Jan 2 01:18:48 server kernel: Packet log: input DENY eth0 PROTO=1 172.156.51.114:10 224.0.0.2:0 L=28 S=0x00 I=8964 F=0x T=128 (#9) Jan 2 01:18:51 server kernel: Packet log: input DENY eth0 PROTO=1 172.156.51.114:10 224.0.0.2:0 L=28 S=0x00 I=9220 F=0x T=128 (#9) Jan 2 01:20:07 server kernel: Packet log: input DENY eth0 PROTO=1 172.167.37.113:10 224.0.0.2:0 L=28 S=0x00 I=33028 F=0x T=128 (#9) Jan 2 01:20:10 server kernel: Packet log: input DENY eth0 PROTO=1 172.167.37.113:10 224.0.0.2:0 L=28 S=0x00 I=34308 F=0x T=128 (#9) Jan 2 01:20:13 server kernel: Packet log: input DENY eth0 PROTO=1 172.167.37.113:10 224.0.0.2:0 L=28 S=0x00 I=34564 F=0x T=128 (#9) This is multicast traffic. 224.0.0.2 means all routers on this subnet. This is probably router discovery traffic; I'd bet if you nmap (with tcp fingerprint) 172.167.37.113 you'll find it's a router. btw, unless you editted it, 172.167.37.113 is not a private address (though someone might be laboring under the illusion that it is). RFC 1918 says 172.16.0.0 thru 172.31.255.255 are reserved for private networks. ] [EMAIL PROTECTED]:~$ whois -h rs.arin.net 172.167 ] America Online, Inc. (NETBLK-AOL-172BLK) ]12100 Sunrise Valley Drive ]Reston, VA 20191 ]US ] ]Netname: AOL-172BLK ]Netblock: 172.128.0.0 - 172.185.255.255 ]Maintainer: AOL ] ]Coordinator: ] America Online, Inc. (AOL-NOC-ARIN) [EMAIL PROTECTED] ] 703-265-4670 ] ]Domain System inverse mapping provided by: ] ]DAHA-01.NS.AOL.COM 152.163.159.233 ]DAHA-02.NS.AOL.COM 205.188.157.233 ] ]ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE ] ]Record last updated on 21-Nov-2000. ]Database last updated on 1-Jan-2001 18:15:35 EDT. ] ] The ARIN Registration Services Host contains ONLY Internet ] Network Information: Networks, ASN's, and related POC's. ] Please use the whois server at rs.internic.net for DOMAIN related ] Information and whois.nic.mil for NIPRNET Information. How about that :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpVSbWkpF0WD.pgp Description: PGP signature
Re: sharing internet between WINDOZE and LINUX
On Mon, Jan 01, 2001 at 07:19:38PM -0700, Cameron Matheson wrote: Hey, My family's crappy windows computer has this beautiful DSL connection, which I have lusted after for many months. Anyway, I can't steal the modem or anything, so I was wondering, is their a way to share a window's internet with a linux box? Internal or external dsl modem? If it's external, set up the linux box as a masquerading firewall (explain the benefits of a firewall) or find a shitty box to do the job. Here I have a 486/66 w/32MN ram doing ipmasq, dhcp for internal network, etc. off a cable modem. If it's internal then you're hosed unless you want to run windows routing :) NT and 2000 can route out of the box (tho I don't think they can do masq out of the box). There are some utilities out there to do ipmasq with a windows box. I personally would not do this. Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgptbuxfgR3m9.pgp Description: PGP signature
Re: Tracking down IP's
On Sun, Dec 31, 2000 at 03:36:13PM -0500, Bob Bernstein wrote: On Sun, Dec 31, 2000 at 12:16:59PM -0700, JD Kitch wrote: Dec 31 11:06:47 tower kernel: Packet log: output REJECT eth0 PROTO=17 xx.xx.xxx.xx:61662 172.16.72.113:161 L=106 S=0x00 I=7632 F=0x T=127 (#43) I don't know what tool generated this log entry. This is a situation where a good IDS such as snort would shed a lot of light. For example, grepping a set of snort rules for that port yields: While I agree snort is a good tool, I fail to see why the poster blanked out the source address but left the dest address. Therefore all speculation about where this packet came from is a bit premature. What I gather is that this could be a student at isi.edu, which is apparently part of the Univ. of California, trying his or her hand at configuring an NT box in some weird way. Who knows? Come ON people, 172.16.0.0/12 is part of RFC 1918 Private Network Addresses. Also, in this case it's the poster's IP address (must be using NAT somewhere along the way). My (worthless) guess: the provider just got a new HP Openview box and it's doing autodiscovery on the network. Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp9cI6selcC2.pgp Description: PGP signature
Re: Xwoes continue: tried to apt-get install xserver-common, but...
On Sat, Dec 30, 2000 at 07:06:48PM -0800, kmself@ix.netcom.com wrote: You've tried to configure your server first with, say, XF86Setup (for XFree86 v3, not sure for v4)? That would be dexter. XFree86 4.0 has run fairly well here FWIW (yes, I know it's anecdotal) Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpcueVsWWKOk.pgp Description: PGP signature
Re: Apache Error: srm.conf
On Wed, Dec 27, 2000 at 03:19:13PM -0600, Rob VanFleet wrote: Invalid command 'AddDefaultCharsetName', perhaps mis-spelled or defined by a module not included in the server configuration I'm somewhat leery of removing the offending line, as it seems to be a security fix for cross-site scripting. Here are the values from /etc/apache/conf/srm.conf: AddDefaultCharset on AddDefaultCharsetName iso-8859-1 Anyone know how to fix this without possibly opening up the server to security risks? According to the online Apache documentation [0], the directive AddDefaultCharsetName does not exist. The AddDefaultCharset line appears to do the right thing; I don't kow why that other line got in there. Comment it out and give it a try. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton [0] http://www.apache.org/docs/mod/core.html#adddefaultcharset pgpcQklV9eoVV.pgp Description: PGP signature
Re: putting Apache into chroot()-prison
On Thu, Dec 28, 2000 at 01:35:50PM +0400, Rino Mardo wrote: On Wed, Dec 27, 2000 at 03:57:27PM -0800 or thereabouts, Nate Amsden wrote: [ 21 lines deleted ] not to discourage youb ut its pretty well known chroot() is not an ultimate solution for security, it has been in the past rather easy to break out of it, from what i remember you may be better off running freebsd and it's jail() (??) function which is a suped up chroot(). all im trying to say what about OpenBSD (OAMP)? What about it? If OpenBSD has jail() I expect the same reasoning applies. [ 19 lines deleted + 9 for sig ] Do you realise you quoted 40 lines of the original message and added 1 meaningful line? What a waste of bandwidth. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpzzwWoVUwh9.pgp Description: PGP signature
Re: [OT] Hardware recommendation
On Thu, Dec 28, 2000 at 07:14:47PM +0100, Stephan Kulka wrote: Hi all I should buy a new SCSI harddisk. In the box where it should be used, there is an ultrawide Adaptec controller. Are there any disk which are recommendend, the size should be around 15 -20 gigabyte, the price doesn't play such a role. Sorry for being off topic. Me too :) I'm a big fan of IBM SCSI disks; they run fairly quiet, they're fast, and they're reliable in my experience, anecdotal evidence, and the reviews I've read (don't have sources atm sorry). Otherwise I'd look at Seagate. I would never buy Quantum, WD, Maxtor, etc. Look for a drive that's at least 7200 rpm; 1 rpm is faster (a little bit noisier though). Don't even think about using passive termination on that uw bus! And no, I don't currently and have never worked for IBM :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpEJifzFfzmi.pgp Description: PGP signature
Re: putting Apache into chroot()-prison
On Thu, Dec 28, 2000 at 04:02:03PM -0500, [EMAIL PROTECTED] wrote: Hey Norman, The name's Nathan ... I realize it's a difficult name to parse. As an unbiased observer I will comment on your comment concerning the quote/content ratio of the other poster. You have your preferences. Tons of flamewars are started when people selectively quote and people respond t o statementso the out of context. Nine lines is an excessive .sig, I grant. I've never used a .sig though, so I can say that. My comments (and preferences) are based on long-standing Use-Net tradition which is generally followed by caring mailing list participants. When in Rome, do as the Romans do and all that. You should quote enough material so that successive posters can't take a quote out of context. You don't need to quote everything, especially sigs and blank lines. If you want to pass a law, write your representative, or become a representative. I don't believe I said anything about passing a law. What are you, some kind of troll? Hey, is micro muse a statement about small thoughts? No, it's a company as demonstrated by the Micromuse Inc.. `whois micromuse.com', and a look at http://www.micromuse.com. Thanks for the well thought out attempt at a put-down. I'll avoid condescending remarks based on your email address. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpIjWaybUjdZ.pgp Description: PGP signature
Re: New course for Debian University
On Thu, Dec 28, 2000 at 04:30:07PM -0600, Rob VanFleet wrote: On Thu, Dec 28, 2000 at 07:29:12PM +0100, Carel Fellinger wrote: I think it would be wise (and more debian like:) to explain how to compile the kernel as *non* root using fakeroot. Furthermore I seem to recall discussions on this list that it's better to refrain from using/creating that /usr/src/linux link. I've been reading that as well, but I have yet to find out why it is a bad idea. Also, when my system was originally installed I didn't have /usr/src/linux symlink, but until I made one I couldn't compile any modules. So how would one tell code that needs to look for the kernel headers to look somewhere else? I think there's confusion between making links in /usr/include and links in /usr/src. The first is bad [0], the second is (afaik) not. HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton [0] /usr/share/doc/kernel-package/README.headers pgpFdxwcJsFKN.pgp Description: PGP signature
Re: New course for Debian University
On Thu, Dec 28, 2000 at 05:05:30PM -0600, Rob VanFleet wrote: I think there's confusion between making links in /usr/include and links in /usr/src. The first is bad [0], the second is (afaik) not. Hmm, as I understood it, making a /usr/src/linux link is bad, /usr/include, AFAIK, is not the issue. The module I tried to compiled looked for the kernel-includes in /usr/src/linux/include. I'm just wondering why /usr/src/linux is bad, and how to tell compiles to look somewhere other than /usr/src/linux. I'm not trying to be rude, but the only person saying the /usr/src/linux symlink is bad is you (and you don't sound convinced :) I've never heard that a /usr/src/linux symlink is bad; I have heard people freak out if the entire kernel-source tree is unpacked in a /usr/src/linux directory ... So far, everyone agrees that a /usr/src/linux symlink is ok, especially if some module depends on its presence. Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpEoz4d3xXba.pgp Description: PGP signature
Re: 'testing' dep conflicts
On Fri, Dec 29, 2000 at 12:10:41AM +0100, Sven Burgener wrote: Hello I am running 'testing', upgraded from potato a few days ago. Two questions: 1. Why are packages kept back like follows? $ apt-get update apt-get upgrade [ snip ] The following packages have been kept back base-passwd bin86 bsdgames bsdutils cpp cron e2fsprogs ed fetchmail fileutils findutils ftp g++ gcc libc6 libc6-dev libreadline4 libstdc++2.10-dev locales login mount ntop passwd patch pciutils setserial telnet traceroute util-linux wget The following packages will be upgraded debianutils dialog gettext-base gnupg groff info libnewt0 libstdc++2.10 procmail whiptail 10 packages upgraded, 0 newly installed, 0 to remove and 30 not upgraded. First, since you're upgrading from potato to woody (you've changed distributions), you should use `apt-get dist-upgrade'. Sorry, but the following packages have unmet dependencies: debianutils: PreDepends: libc6 (= 2.1.97) but 2.1.3-13 is to be installed E: Internal Error, InstallPackages was called with broken packages! I just did an update/upgrade here (running woody) and I've now got debianutils 1.14 and libc6 2.2-6. What's your apt sources/list look like? Perhaps your mirror is off kilter. No, now that I look at it the problem is that libc6 is being held back. Try the dist-upgrade method instead. HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpCpO3q0RU8j.pgp Description: PGP signature
Re: New course for Debian University
On Thu, Dec 28, 2000 at 05:40:23PM -0600, Rob VanFleet wrote: In /usr/share/doc/kernel-package/README.gz: ...unpack your kernel somewhere. Preferably somewhere other than /usr/src/linux... Unpacking implies a directory, which is not the same as a symlink. Don't worry about this. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp0MNBQIlc5c.pgp Description: PGP signature
Re: can't install Netscape
On Mon, Dec 25, 2000 at 10:02:43PM -0800, Robin Rowe wrote: I read somewhere that if I put the Netscape gz file in /tmp then dselect will figure out to install it. That doesn't do it. I'm trying to install 4.75. What's the procedure? apt-get install netscape-browser-475 Related question, for gz files that have no debian install smarts at all how do I install those? Do I just create a directory somewhere? How do I gunzip and untar in one step? Is there an easy/automated way to install a program in the WindowMaker menus or do I need to manually config files? If manual, what config file do I look for? Generally you want to install these in /usr/local. Sometimes alien (apt-get install alien) can do something useful with a tar.gz package, but usually not). Cheers, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpcsRlHZawMo.pgp Description: PGP signature
Re: lilo
On Thu, Dec 21, 2000 at 10:36:08PM +0200, Stefaans Mostert wrote: But the mbr IS overritten and the floppy gone! can't get in! What now Does the new mbr at least allow you to boot to windows? If so, do that and head on over to http.us.debian.org. Grab rescue.bin and rawrite2.exe. Use rawrite2 to create a rescue floppy. Boot with the rescue floppy, but instead of merely hitting enter at the syslinux prompt, type rescue root=/dev/hda3 (or whatever your actual root device is, and hit enter. Within seconds you should be looking at a login prompt. Log in as root and run lilo. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpjNpSSIOck1.pgp Description: PGP signature
Weird Gnome problem, wm acts non-compliant when non-root
Hi, Running woody with Helix Gnome packages. I use gdm as my display manager, gnome-session as my session manager, and sawfish as my window manager. For the past week or two I've had this weird problem: if I log in as a normal (non-root) user, the window manager acts non-gnome compliant - the desktop gmc icons show up in the task list applet. Startup is painfully slow. Logging in as root solves this problem, but I don't view that as a real solution. It sure looks like a permissions problem, but I don't know where to start. I tried switching window managers (enlightenment) and had the same problem. I did use dpkg-reconfigure to reconfigure the xserver-common package as the rootonly line had snuck into my Xwrapper.config. Changing that to console didn't solve the problem. Does this sound familiar? I looked at the BTS for sawfish bugs (though I think I've decided this isn't a sawfish bug at all). Help :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpXPjkDM9YIQ.pgp Description: PGP signature
Re: crontab
On Wed, Dec 20, 2000 at 08:16:18PM -, Ari Sigurðsson wrote: how do I get crontab -e to use my favorite editor? Set the environment variable EDITOR to your favorite editor, e.g. EDITOR=/usr/bin/vi or EDITOR=/usr/bin/emacs (If you're using csh do five hail marys and alter the above accordingly :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpAIQjkBuSq7.pgp Description: PGP signature
Re: Weird Gnome problem, wm acts non-compliant when non-root
On Wed, Dec 20, 2000 at 05:52:56PM -0500, David Z Maze wrote: Keep in mind that the Helix packages aren't part of Debian. Unstable seems to have had pretty current GNOME packages for a while now. Yeah, it was with some trepidation that I went with Helix in the first place. All in all I've been happy, though sometimes you have to wait a day or two for dependencies to get sorted out. I may have to try the non-Helix packages again sometime. NEN I use gdm as my display manager, gnome-session as my session NEN manager, and sawfish as my window manager. For the past week or two NEN I've had this weird problem: if I log in as a normal (non-root) NEN user, the window manager acts non-gnome compliant - the desktop gmc NEN icons show up in the task list applet. Startup is painfully slow. I don't get this with an identical setup, but then I'm running the Debian GNOME. YMMV. The problem went away after some surgery :) Read on ... NEN Logging in as root solves this problem, but I don't view that as a NEN real solution. It sure looks like a permissions problem, but I don't NEN know where to start. Well, are any interesting messages printed to your X session log (with xdm, in $HOME/.xsession-errors; with gdm, either there or in $HOME/.gnome-errors, IIRC)? Are you running a GNOME-enabled Sawfish? In Debian-land, at least, the 'sawfish' package doesn't have GNOME support, but the 'sawfish-gnome' package does. I do have sawfish-gnome installed; in the Helix package this seems to consist solely of the sawfish config tool for GNOME. Apparently the Helix sawfish package contains GNOME hooks; it always worked that way before :) Nothing useful in .gnome-errors. However, I realised that my first post was not quite complete; I logged in as root and as nnorman, but never did try logging in as another non-root user. I gave that a shot and voila, the problem disappeared! Ok, it was obviously some misconfiguration in a file in my home dir ... I did a rm -r on the .gnome, .gnome-desktop and .sawfish dirs. Problem remained. Since this is a development box my $PATH is pretty wild, so I rearranged my path additions at the end instead of the beginning. I also set LC_ALL to C (I had set it to en_US). I doubt LC_ALL was the problem but it was giving me grief with ls ... The long and the short of it is the problem has vanished. Weird. I suppose $PATH was the culprit, but I don't see how. NEN Does this sound familiar? I looked at the BTS for sawfish bugs NEN (though I think I've decided this isn't a sawfish bug at all). Note that bugs on Helix packages wouldn't/shouldn't be in the Debian BTS. If the same bug was present in the official Debian packages, there might be. In this case, the bug seems to have been loose nut behind keyboard. Thanks for your reply, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpjz9sWJd6IX.pgp Description: PGP signature
Re: playing sounds from command line
On Wed, Dec 20, 2000 at 06:37:17PM -0600, Rob VanFleet wrote: Stupid Question: I'm used to other distros having a 'play' command to play sounds from the command line. Does Debian have a similar tool, or am I just missing the package with the play command? I believe sox has a play command. If you're using the esound daemon (I like it; more than one process can produce sound at the same time :) you can use esdplay. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpmaW6hJq1Li.pgp Description: PGP signature
Re: exim outgoing addresses...
On Thu, Dec 14, 2000 at 11:36:59AM -0600, Gregory Guthrie wrote: I have my system setup as a satellite, which forwards all email to a sh\marthost, who delivers it. But when it arrives, I'd like the addresses to show where they came from, e.g. From: [EMAIL PROTECTED] instead of From; user Hints? First, please don't respond to a message when you really intend to start a new thread ... that confuses threading email readers (and anyone who's reading via a mail to news gateway). What is the value for qualify_domain in /etc/exim.conf? -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpmuEtiaz0SC.pgp Description: PGP signature
Re: serving user's homes with apache
On Thu, Dec 14, 2000 at 08:18:27AM -0500, D-Man wrote: For one thing, the user's home directory must be excecutable (otherwise apache can't cd to it). Also, apache must be configured to know which directory in $HOME is the magic one. I believe that public_html is the default. Also, public_html must be both world readable and world executable. This isn't necessarily true; as long as apache has group read privs (and group execute for dirs) you're ok. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpmlDj8lNBgk.pgp Description: PGP signature
Re: Sound Card Blues
On Thu, Dec 14, 2000 at 01:56:54PM -0800, Henry House wrote: On Thu, Dec 14, 2000 at 01:07:57AM +, [EMAIL PROTECTED] wrote: lsmod gave bash: lsmod: command not found 1. You must be root to run lsmod I don't think so. You do need to have /sbin in your path or call out /sbin/lsmod specifically. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpaiTxUlzcVn.pgp Description: PGP signature
Re: Can't see 192MB of memory
On Sun, Dec 10, 2000 at 05:56:04PM -0600, Pradhan, Ravi wrote: I've just installed Debian 2.2. I just upgraded from 64MB to 192MB, and added the line append=mem=192M to lilo.conf. However, Linux continues to see only 64M (checking with top). What else do I need to do? Did you actually re-run lilo after you editted lilo.conf? 7225 Northland Dr., Brooklyn Park, MN 55428 Greetings from Bloomington :) -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpwambhVA84t.pgp Description: PGP signature
Re: Finding and installing lp.o from 2.2.15
On Sat, Dec 09, 2000 at 02:28:39AM -0600, Gordon Pedersen wrote: (Please reply to [EMAIL PROTECTED] in addition to debian-users. Thanks.) What are my options? If I were you I'd install the kernel 2.2.18 source, the kernel-package package, and build a kernel. yes. it's a bit daunting the firstr time, but I figured it out a few years ago and I'm not the brightest bulb on the tree :) The kernel-package setup makes it all really easy. Here's what you do: - Install kernel-source, kernel-package, fakeroot, and libncurses5-dev - make menuconfig (or make xconfig) make sure you pick the lp and parport modules! - run `kernel-package --clean' - run `fakeroot kernel-package --revision=local.2.2.18-1 kernel_image' - cd ..; dpkg -i kernel-image-2.2.18_local.2.2.18-1_i386.deb That's it! Modules will be installed where they should be, lilo will run if you want it (and you point it at a generic target like /vmlinuz). Of course it's a good idea to check your lilo config and run it again as root before you reboot :) Simply install some package? Must I upgrade first? --- If so, what package gets me a slew of modules, or at least the lp.o module? You could punt on the above, and run `apt-get install kernel-image-2.2.18pre21' Compile from source? --- I have the file kernel-source-2.2.15.tar. I know that lp.c is in there, but I wonder if all the header files, etc, that I need are there. (I don't often compile c programs, and don't undertand well enough how debian divvies up the various files into packages.) I haven't found a document which describes how to proceed to locate all the pieces and compile a module from source, but could probably follow it if I had one. You could follow the directions above with your 2.2.15 source, but 2.2.15 has enough problems that I'd go with newer code. Good luck! -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpNXUjt1x5kW.pgp Description: PGP signature
Re: dhcpd problem
On Thu, Dec 07, 2000 at 09:44:00AM +0100, Martin Würtele wrote: hi, i have a problem with the dhcpd: nt clients get a correct ip address, the name servers, the subnet mask and everything but the default gateway my dhcpd.conf as follows: opition domain-name office.factline.com; option domain-name-servers 192.168.0.10, 195.34.133.10, 195.34.133.11; option subnet-mask 255.255.255.255; option routers 192.168.0.1; option broadcast-address 192.168.0.255; default-lease-time 600; max-lease-time 7200; subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.1 192.168.0.252; } any ideas what's wrong? Yes. Your option subnet-mask statement is incorrect - it's a 32 bit mask which precludes the possibility of a network. You include the router's address in the range assignable to clients. Ditto the DNS server's address. You typo option as opition at one point. I think it's better to include subnet-specific options within the subnet declaration. I'd write the file like this: option domain-name office.factline.com; option domain-name-servers 192.168.0.10, 195.34.133.10, 195.34.133.11; default-lease-time 600; max-lease-time 7200; subnet 192.168.0.0 netmask 255.255.255.0 { option broadcast-address 192.168.0.255; option routers 192.168.0.1; option subnet-mask 255.255.255.0; # make sure the range doesn't collide with existing address allocation # the next statement provides 150 assignable addresses range 192.168.0.100 192.168.0.249; } HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpI9tGZLnqwo.pgp Description: PGP signature
Re: setting up dns
On Thu, Dec 07, 2000 at 11:27:55AM -0600, Phil Brutsche wrote: A long time ago, in a galaxy far, far way, someone said... I have managed to get named running, but there is no /vary/named dir. Debian keeps the zone files under /var/cache/bind I believe this is where zone files retrieved via zone transfers are kept, but I think the intent was that all zone files that you are primarily authoritative for should be kept in /etc/bind. I put mine in /etc/bind/primary just to be clear :) I'm not sure where the new zone files are put when you're doing dynamic dns updates though. I wouldn't want those being written to /etc/bind! -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpBKgLIdrcqv.pgp Description: PGP signature
Re: apt: http vs. ftp?
On Thu, Dec 07, 2000 at 12:13:26PM -0500, David Teague wrote: I am not a networking authority, so I asked a colleague (Mark Holliday) who is. He says http is optimized for relatively small files, mainly web pages, which are not terribly large, (what? 2 or 3 K?) whereas ftp was designed to be optimal files that may be very large. I'm no authority either, but I believe your colleague is thinking of HTTP 1.0 which is everything he says it is. HTTP 1.1 has several enhancements which make it more suitable as a generic file transfer protocol, and thus apt uses HTTP 1.1. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpLvHfbK4uVa.pgp Description: PGP signature
Re: how to load aic7xxx?
On Thu, Dec 07, 2000 at 05:37:40PM -0500, Ken Weingold wrote: Sorry for sort of asking the same question again, but I am trying to load the Debian 2.1 cdrom but it will not load aic7xxx. I try from the boot prompt and then also from a prompt from within the install, but it says that it can't find aic7xxx, or aic7xxx=.no_. Can anyone help me on this? It's for an Adaptec 2930CU. From the bootprompt you must first specify the image name to load (typically linux) followed by any options. Generally the rescue floppy kernel (which is what you get with the CD-ROM as well AFAIK) already has the aic7xxx stuff built in. Are you sure the 2930 is AIC7xxx based? I thought it was Buslogic or something that Adaptec bought. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpyyqJ6tF4UD.pgp Description: PGP signature
Re: how to load aic7xxx?
On Thu, Dec 07, 2000 at 06:15:07PM -0500, Ken Weingold wrote: On Thu, Dec 7, 2000, Nathan E Norman wrote: On Thu, Dec 07, 2000 at 05:37:40PM -0500, Ken Weingold wrote: Sorry for sort of asking the same question again, but I am trying to load the Debian 2.1 cdrom but it will not load aic7xxx. I try from the boot prompt and then also from a prompt from within the install, but it says that it can't find aic7xxx, or aic7xxx=.no_. Can anyone help me on this? It's for an Adaptec 2930CU. From the bootprompt you must first specify the image name to load (typically linux) followed by any options. This is at the bootable CD or floppy prompt. From the boot how-to, I tried 'aic7xxx=extended,no_reset'. So it would be 'linux aic7xxx=extended,no_reset'? I'm not sure what image name it would want when the OS is not installed. I believe that's the correct syntax. I thought one of the f-keys will show you image names when you're using syslinux from the boot floppy/cd-rom ... Good luck! -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpTbXHIx0FDR.pgp Description: PGP signature
Re: modinfo [was: Re: 3Com network card]
On Wed, Dec 06, 2000 at 09:30:06AM -0500, urbanyon wrote: On Tue, 5 Dec 2000, Nathan E Norman wrote: On Tue, Dec 05, 2000 at 04:41:04PM -0500, urbanyon wrote: this relates to a problem i've been having as well - do you know what the command-line arguments are for the 3c59x module (if any)? i have a 3CSOHO100-TX card. modinfo -p 3c59x what am i looking for when i run this? [EMAIL PROTECTED]:~ $ modinfo -p 3c59x debug int options int array (min = 1, max = 8) full_duplex int array (min = 1, max = 8) rx_copybreak int max_interrupt_work int compaq_ioaddr int compaq_irq int compaq_device_id int What you see is a list of parameters on the left-hand side followed by the option type. Admittedly this information isn't very explicit and you almost always have to look at the driver source to figure out what values to fill in (particularly in the case of full_duplex :) Sometimes you can use the file /usr/src/linux/Documentation/networking/net-modules.txt to find these values and their descriptions; in the 3c59x case this doesn't seem to work. I don't want to say much more without knowing what sort of problems you're actually having. If you're trying the 3c905C for example your problem is almost certainly the driver version. HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpt8CJZtHuUn.pgp Description: PGP signature
Re: rpm -qf /path/somefile equivalent in debian
On Wed, Dec 06, 2000 at 11:16:59PM +0100, Bostjan Muller wrote: Hi! Is there an rpm -qf /some/path/file equivalent in debian? I need to find out which package contains libGLU.so.* couse I need to recompile it to use it with nvidia... If anyone knows I'd really appreciate the answer.. To search installed packages: dpkg -S libGLU.so To search all packages: wget http://http.us.debian.org/debian/dists/stable/Contents-i386.gz zgrep libGLU.so Contents-i386.gz HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpyPgNGxtWG1.pgp Description: PGP signature
Re: Wanna run potato X 4.0.1?
On Wed, Dec 06, 2000 at 06:55:15PM -0200, Rogerio Brito wrote: It seems that Branden, Debian's X maintainer, may be considering uploading XFree 4.0.1 packages compiled for potato to his homepage (http://people.debian.org/~branden/), in a handy apt-get'able format. No, that's not what's going to happen. What has happened is that another developer has recompiled for potato and made the debs available via apt. Search the debian-devel archive for details. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpeL7GqNKMHD.pgp Description: PGP signature
Re: One more question
On Wed, Dec 06, 2000 at 03:43:55PM -0800, Nate Amsden wrote: Jim Lynch wrote: What ever happened to /usr/tmp? It wasn't created on this system. is that abnormal? i dont have /usr/tmp either ..doesn't seem to cause a problem. It'd be abnormal if you had it as it violates FSSTND/FHS afaik. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpRP3ocdz13S.pgp Description: PGP signature
Re: exim doesn't deliver
On Wed, Dec 06, 2000 at 09:49:16PM -0200, [EMAIL PROTECTED] wrote: Hello, I am trying to use exim+fetchmail. Fetchmail is fetching emails from my ISP without problems. The problem is with exim, because after fetchmail sends the messages to exim for local delivery, all messages are frozen in /var/spool/exim/input and in /var/spool/msglog appear a lot of messages, all of them saying the following: local_delivery transport deferred: mailbox /var/spool/mail/myaccount has wrong uid (0 != 1000) *** Frozen What should be the correct uid? how can I change it? Wild-ass guess here, but it looks like the mbox is owned by root. That's wrong, unless you regularly log in as root (and if you do you've got more problems then you thought :) Your UID is most likely 1000. This is the first UID assigned to joe user, and it's also the uid exim thinks the file should have :) Head on over to /var/spool/mail and fix the permissions. I like to use the sudo package when root privs are required for such activity. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpj1sNd1h0GV.pgp Description: PGP signature
Re: 3Com network card
On Tue, Dec 05, 2000 at 09:11:19AM +0100, Philipp Schulte wrote: On Tue, Dec 05, 2000 at 12:12:32AM -, Robert Feri wrote: I've heard somwhere that you must firstly disable pp mode under DOS and then try to install it under linux. No, not in DOS. The setting you are talking about is in the BIOS. Um, not in this case. 3Com has a DOS utility on their site which disables PnP mode on the card. There's supposed to be a linux version of this utility as well but I've never used it. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp2iy9T37MHx.pgp Description: PGP signature
Re: Number of processors
On Tue, Dec 05, 2000 at 02:53:01PM -0500, Christopher W. Aiken wrote: On Tue, 5 Dec 2000, Harry Henry Gebel wrote: Nope. We have to use some C or C++ system/function call. Our programmers don't want to depend on the /proc file system being available. I doubt there is such a system call that's portable. Why don't you try one of the C newsgroups? This list isn't likely to be filled with C hackers. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp3usEVyP24q.pgp Description: PGP signature
modinfo [was: Re: 3Com network card]
On Tue, Dec 05, 2000 at 04:41:04PM -0500, urbanyon wrote: this relates to a problem i've been having as well - do you know what the command-line arguments are for the 3c59x module (if any)? i have a 3CSOHO100-TX card. modinfo -p 3c59x -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgp8AXI4epDJ2.pgp Description: PGP signature
Re: kernel-module confusion
On Tue, Dec 05, 2000 at 10:29:01PM +, maart wrote: Hai all. This is my first ever post to a newsgroup, so please forgive me if I do/say something weird... I use potato, and have been trying the 2.4test-kernels for a couple of weeks. I have trouble using modules that I compile with the kernel. Whenever I compile a kernel that uses modules I type : make dep clean bzImage modules modules_install. I think this should work. When this works, however, I think there should be some file called 'modules.dep' in the /lib/modules/2.4.0-test10/. This file is present, however: it is empty. All the modules seem to have been made, and installed in the right place, but this modules.dep file, that I guess is needed to load modules with modprobe, is completely empty. Run `depmod -a' as root once you complete the above steps. This is supposed to happen on reboot; at least that's how the boot scripts used to work. blatant plug You should install and use the package kernel-package to build your kernels ... it's quite slick /blatant plug -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpb8GpMunaKU.pgp Description: PGP signature
Re: Routing question
On Mon, Dec 04, 2000 at 03:55:58PM -0300, Eduardo Gargiulo wrote: Hi all. I have a subnet with real IPs and I want configure a firewall with two interfaces, the first one (eth0) connected to the router ant the other (eth1) connected to the hub. Two interfaces have the same subnetmask. When I log to the router, I can ping eth0, but not eth1. Which is my problem? You are actually configuring a bridge, not a router (a router divides subnets and thus each NIC in a router needs to belong to a seperate network). You'll need to recompile your kernel to support bridging at the very least. I believe there's a bridge HOWTO but I've never set up bridging in Linux. HTH, -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpdt2tMPlwQ9.pgp Description: PGP signature
long fsck [was Re: Apt should be called inapt (rhymes with inept)]
On Wed, Oct 18, 2000 at 01:05:56AM +0100, Jeff Green wrote: Try remote rebooting a server with a 120Gig Raid array and 1GB Ram takes several hours to come up if wants an fsck! Not if you're using reiserfs or some other journalling filesystem on the RAID array! What does this have to do with the original topic anyway? -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpNAqdj25brH.pgp Description: PGP signature
Re: inetd in netbase package
On Wed, Oct 11, 2000 at 11:40:07AM -0500, Dave Sherohman wrote: On Wed, Oct 11, 2000 at 04:08:08PM +0200, Magnus Sandberg wrote: What happends if I remove /etc/rc2.d/S20inetd, will APT/dpkg recreate the link when I do a upgrade? Not sure whether is will get replaced if you completely delete the link, but if you use update-rc.d to disable inetd, it will do it in such a way that apt will not reenable it. Mostly true :) man update-rc.d says If any files /etc/rcrunlevel.d/[SK]??name already exist then update-rc.d does nothing. This is so that the system administrator can rearrange the links, provided that they leave at least one link remaining, without having their configuration overwritten. which means you should delete all the S??name links but leave at least one K??name link. This will prevent dpkg from enabling inetd during an upgrade. HTH, -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpKRyivs0lXJ.pgp Description: PGP signature
Re: pronounce
On Thu, Oct 12, 2000 at 02:01:29AM +0900, Yuji Toyoda wrote: Simple question. How do you pronounce apt-get? I say apt dash get ... YMMV. Especially I'd like to know how do everyone pronounce apt. It's a one syllable word with a short a, rhymes with wrapped. Thank you for your help. I hope it is help :) -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgp8sUa1CV0OA.pgp Description: PGP signature
Re: Debian vs. Red Hat
On Thu, Sep 07, 2000 at 10:17:03AM +1000, [EMAIL PROTECTED] wrote: That argument is total horse [EMAIL PROTECTED] Would you like to edit a text file without an editor??? Either way you need tools to do the work, this idea that you can't assemble a binary file to be easy to human correct in the event of partial corruption is crap. It just needs good design. [ nice quoting. lotus notes sucks big time ] You only need a shell to edit a text file. You also only need to read and understand pseudo-english. -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpoW75uPTQrl.pgp Description: PGP signature
Re: auto power off
On Wed, Aug 30, 2000 at 12:10:24AM -0400, John Anderson wrote: I was wondering if there is anyway in Debian, when I use the halt command the computer will shut off automatically if equpped with an electronic power switch. Distributions such as SuSE and Redhat would shut down my computer in that manner. Is there anyway to do this with Debian? No. (Just kidding). _If_ APM support is compiled into the stock kernel (and it used to be), add this line to your /etc/lilo.conf append=apm=on Run lilo, and reboot. If that doesn't work, you need to build your own kernel. You should do this anyway to get rid of all the drivers you don't need. Some tips: 1) Get the kernel source wherever you want. You don't _have_ to use the debian kernel-source package if you'd rather download from www.kernel.org ... 2) Use Debian's kernel-package. it makes things a lot easier and is well documented. For the RTFM impaired, here's a _brief_ synopsis: a) make menuconfig b) make-kpkg clean c) make-kpkg --revision=custom.2.2.17-0 kernel_image 3) Make sure you enable APM support, and enable the power off at shutdown option. HTH, -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpWAVO1PWgrZ.pgp Description: PGP signature
Re: auto power off
On Wed, Aug 30, 2000 at 11:40:50AM +0200, Philipp Schulte wrote: On Tue, Aug 29, 2000 at 11:20:14PM -0500, Nathan E Norman wrote: 3) Make sure you enable APM support, and enable the power off at shutdown option. The option is calld something like Use real APM mode ... and I have seen a system, where the system would *not* power off if this option was enabled. It had to be disabled. I think this is one of those options made for buggy BIOS and if it works without (like it dies here) you don't need it. Bah; you're absolutely correct. Sorry for the bad advice (that'll teach me to send email instead of going to bed :) -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpB59poGNW3h.pgp Description: PGP signature
Re: block pings
On Tue, Aug 29, 2000 at 02:24:25PM -0700, Nick wrote: how do you stop linux from replying to pings like microsoft does. you can't ping www.microsoft.com or www.msn.com Too bad you can still get to their web site(s). I agree with joeyh that disabling pings is silly and fairly unfriendly to the net. However, there are two ways to do it that I can think of: 1) RTFM ipchains (for 2.2.x kernels) or iptables 2) Look through /proc/sys/net/ipv4 and learn about sysctl. Deliberately vague, -- Nathan E Norman Eschew Obfuscation email:[EMAIL PROTECTED] http://incanus.net/~nnorman pgpiTz1m7FuBO.pgp Description: PGP signature
Re: slow inetd
On Tue, Aug 22, 2000 at 11:01:03AM -0700, Mike wrote: I do have the PARANOID option set but I also have the ip address of the local machine in hosts.allow. Shouldn't the hosts.allow entry negate the PARANOID option for the specified ip addresses? Also, the service does start eventually, it just takes 2-3 minutes. If PARANOID was disallowing the connection, the service would never start, right? Try disabling IDENT in the FTP daemon and see what happens ... the -I option does this for wu-ftpd. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgp62sojKxBJN.pgp Description: PGP signature
Re: slow inetd
On Tue, Aug 22, 2000 at 11:26:02AM -0700, Mike wrote: Try disabling IDENT in the FTP daemon and see what happens ... the -I option does this for wu-ftpd. Assuming this works, what are the ramifications of disabling IDENT? If something's wrong with my resolving setup, I'd like to fix it. It means you will no longer be using a broken and worthless protocol to find out who the remote user is :) It has nothing to do with the DNS resolver (and I don't think that's your problem). -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgp3YY2d5xSGy.pgp Description: PGP signature
Re: Please Help: Configuring a Debian station for work with DHCP
On Mon, Aug 21, 2000 at 03:08:17PM +0300, Aviv Gurwitz wrote: Hello, I am part of a system administration team. We have recently moved our network to a DHCP-based configuration. One of our clients is using Debian 2.1 and I would like to know what changes I need to make on his computer in order to configure it for use with DHCP. On our RedHat 6.2 systems I would run linuxconf, delete the IP address and subnet mask and DNS servers, change the search path to dns, NIS, hosts, and also mv /etc/resolv.conf to /etc/resolv.orig. What should the equivalent procedure be on such a system running Debian? # apt-get install dhcp-client or # apt-get install dhcpcd or # apt-get install pump -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpsKYoiwJBMk.pgp Description: PGP signature
Re: (3Com) Ethernet card 100Base-only capable?
On Thu, Aug 17, 2000 at 12:18:18AM +0200, Sven Burgener wrote: Now, this 3Com card sitting in this box I got given from a friend. From what dmesg says it looks like it's a 100Base-only card ...? (It certainly hasn't a BNC plug on it) There isn't any LED lighting up on either the card or the (10Base-only) hub. The funny thing is that on the card there *is* a LED for 10Base...? Hmmm On the card itself it says what dmesg says: 3Com 3c905B. Here I have only a 10Base hub though... looks like I *have* to get a new (10Base-only) card for this box then. If this is really so, I think it's annoying for cards as this to exist. Are there any specific reasons for having Ethernet cards that are only 100Base capable and not 10Base also. Where to start ... 1) the 3C905B is a 10/100 card. However, it may not be able to figure out that your hub is 10 Mb ... you'll have to try to pass parameters at boot or when you load the module. See the BootPrompt HOWTO for details (I swore off 3Com cards a year or two ago so I can't remember the specifics, but you need to force the card to 10/half). 2) There are valid reasons for 100 Mb only cards ... you avoid the annoying and often faulty autodetection problem. Simpler to build == cheaper. HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpEPIIwrQod0.pgp Description: PGP signature
Re: ** Emegancy Request **
On Fri, Aug 18, 2000 at 12:17:28AM +0300, Shaul Karl wrote: For some reason that I do not understand the authors of the Hrad Disk Upgrade Mini How-To claim about this or very similar one that Previous versions of the Mini How-To stated that you could also use tar to copy the disk, but this method was found to have a bug. tar doesn't deal well with device files. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpCOblil7UIJ.pgp Description: PGP signature
Re: Dual-Boot Win2K Debian
On Sat, Aug 12, 2000 at 12:29:11PM -0600, Nate Duehr wrote: The question I have is, how to properly dual-boot Win2K and Linux? Does 2K act more like 95/98 which is easy to dual-boot from LILO, or is it more like NT in which you edited the boot.ini file and could boot Linux from the NT bootloader easier than messing with LILO? I have a laptop that does this; I used GRUB. Works great! -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpU9Fp71Cmoc.pgp Description: PGP signature
Re: Passwords longer than 8 chars
On Sun, Aug 13, 2000 at 01:48:04AM +0200, Moritz Schulte wrote: On Sat, Aug 12, 2000 at 07:05:36PM -0300, Paulo Henrique Baptista de Oliveira wrote: I want to setup a Debian server and abilitate passwords wih more than 8 chars. Where I have to setup this? Potato asks you during the installation, wether you want to enable passwords, longer than 8 chars. if you haven't enabled it during the installation, you can do it with 'dpkg-reconfigure base-config'... The sane person will listen to the advice above. The masochist will directly edit the appropriate files in /etc/pam.d/ ... :) -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpm6yJoDVtWk.pgp Description: PGP signature
Re: t-dsl
On Tue, Aug 01, 2000 at 08:06:42PM +0200, Stefan Nobis wrote: Nathan E Norman [EMAIL PROTECTED] writes: Smart people *can* get IPs that haven't been assigned to them, and it's a PITA to root them out. PPPoE, while a hack, addresses this concern for providers. I wish we used it. Tell me more about this. What about configuring the routers only to route IPs that are assigned on each connection? In the worst case you set for each connection a static IP. How can anyone use IPs they haven't been assigned to in this case? Well, first of all, you want to assign the user an address via DHCP, or else it's an administrative nightmare. I don't understand why you'd want to have to enable host routes for each assigned address ... what a mess (administratively and technically). You could hard code the ARP tables but that doesn't prevent people from messing with each other. On the other hand, the client device (DSL modem or cable modem) should be able to block access by MAC and IP. Not all client devices do this however. Do you want to tell me that for leased lines there is no way to stop bad people to use IPs that haven't been assigned to them? Where is the big difference between leased lines and DSL? I'm not talking about leased lines, I'm talking about high-capacity broadband services like DSL and data over HFC cable. The big difference is that broadband services are a shared network. Leased lines are not (from a layer 3 point of view, anyway). I'm a beginner in the networking section but even i know some ways to secure the ISP-side. I can't imagine that all those big ISP like Worldcom/UUnet have no idea how to secure their IPs. I'm not talking about UUNet, I'm talking about broadband providers like Road Runner, @Home, USWest, etc. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgp62j8wPfRqR.pgp Description: PGP signature
Re: t-dsl
On Wed, Aug 02, 2000 at 09:34:08AM -0600, Arthur H. Edwards wrote: I'm a bit confused. On a normal dial-up I have been using PPP and do have a static IP address. If ADSL is using PPP what about DSL prevents PPP from doing the same thing? Dialup is point-to-point, hence the natural application of the Point-to-Point protocol. DSL is a shared medium, and thus PPP has to be hacked to work. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpK6pO5A6vVY.pgp Description: PGP signature
Re: t-dsl
On Tue, Aug 01, 2000 at 03:56:35AM -0500, Sean Richardson wrote: ... Apparently some of their initial customers were setting up home networks and not masking the machines behind a router(of whatever sort) and so their machines were each grabbing an IP address. This was quickly eating up their valuable address space. Well, rather than configure their end of the system so users could only get on address they just switched to PPPoe so they didn't even have to worry about it. And how exactly would they configure their end of the system so users could only get one address ? Worked much with DSLAMs? How about HFC data modems? Smart people *can* get IPs that haven't been assigned to them, and it's a PITA to root them out. PPPoE, while a hack, addresses this concern for providers. I wish we used it. As the net becomes unfriendly, blame the idiots who force providers to become unfriendly before you assume the provider is at fault. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpR5cvB2Khes.pgp Description: PGP signature
Re: Is Debian the last OS ? (Long reply)
On Sun, Jul 30, 2000 at 11:03:57PM -0400, Adam Scriven wrote: Also, as you mentioned, kernel 2.4 is out now, however many known problems it has, it is out. 2.2 has known problems as well, it just has less of them. However, 2.2 in some incarnations has proven useful and stable. The evidence thus far indicates that 2.4 is only useful for a desktop which may crash (and in your case, this may be a point for you). Which means that Debian, for all it's good things (and I am using it, and I will continue to use it, because I like it), is SLOW in it's release schedule, and this IS a deterrent for some intelligent people, who are LEARNING Linux. Why is this a deterrent? At least the existing behavior is well documented. Quick releases don't equal quality releases. Hang out on the devel list for a while if you doubt the competence of the people who are actually *engineering* Debian ... I don't find the argument of a slow distribution schedule silly in the least, and to be perfectly honest, I find the attitude rather condescending. Ah, but that's not what I said! If you had read what I wrote, I said it's silly to make decisions regarding a distribution depending on which *kernel* is included, which is what *you* said. Linux is a wonderful tool. We all know it. But it IS just that, a tool. If a distribution, no matter how good it's intentions, can't keep up, then it will be relegated to the footers of history, and the world will turn around it. Hmm, Debian has been receiving more press, not less. Perhaps technical excellence actually is more important that bleeding edge releases? I don't want to see this happen with Debian. It won't. I apologize for the rant, and I hope I didn't offend anyone too much, but this attitude is one of the things that's personally stopping me from learning more about Linux. Which attitude is that? The current frozen release is extremely usable and well supported via written documentation and the mailing lists. The unstable distribution is also well supported; it's just known to be, well, unstable (since it undergoes active development). This is true in any software project; some just choose to release before complete testing (RedHat). Some of us learn slower, or just differently. Seeing all the pluses of Debian, including the philosophy behind it (which I happen to agree with), I get frustrated having to tell people, who are less than comfortable with Linux, to use an (IMHO) inferior distribution, merely to get the options that they need. Someone else already posted why Debian should be the *first* distribution that a Linux newcomer tries, so I won't go into that here. I will say that Debian's technical excellence makes it the superior distribution, so I don't know which inferior distribution you're talking about. If you think Debian is inferior because it doesn't always have the latest and greatest, then I suggest you learn how to grab the source and compile. If you're unwilling to do that, perhaps Debian (and Linux) isn't for you. I apologize if *that* sounds elitist, but, well, it is. Being elitist is the point of using Linux; otherwise you can stick with the huddled masses using Microsoft. Welcome to Linux! I hope you enjoy your stay. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpRchkbxoWm9.pgp Description: PGP signature
Re: Is Debian the last OS ?
On Sun, Jul 30, 2000 at 11:09:28PM -0600, Art Edwards wrote: If I am right, then to keep users, you should try to update kernels in minor releases. The kernel is upgraded in point releases when justified (an exploit for example). However, there's no way Debian can release a new major kernel revision in a point release and still call it stable (think about a feature freeze as to why this is the case). More to the point, there's no reason a user can't upgrade the kernel themselves! -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpNqU8RhdMiq.pgp Description: PGP signature
Re: Network Printing, from an Apple, to Debian.
On Mon, Jul 31, 2000 at 08:21:46AM -0400, Adam Scriven wrote: Hey all. I'm picking up a new computer tomorrow, that will be a fileserver on my home network. One of the things I need it to do is share files/printer with Windows (samba) and Macs (netatalk+asun). I've setup and run both of those programs on other systems, so that's OK. My problem is, I need the printer (Canon BJC-1000) to be available to the Mac as a LaserWriter (since the Mac+ that I have only reliably prints to a LaserWriter, AFAIK). The Mac+ wants to talk Postscript to the Laserwriter, yes? If so, this should be no problem ... I'd use lprng and magicfilter to do the dirty work on the Debian side, and configure netatalk to share out a Laserwriter (I've not gotten around to doing this with my lonely Macs at home, alas). HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpeV4XsLgaty.pgp Description: PGP signature
Re: Is Debian the last OS ?
On Sun, Jul 30, 2000 at 10:42:29AM -0400, Adam Scriven wrote: I'm still very much getting used to Debian, however, and the long time between releases is stopping my Dad from switching, since he wants to switch to the most updated release possible if he switches, but even Potato's just 2.2.16/17. As opposed to what? An unstable 2.3.x release? A 2.4.x with known problems? That's a silly argument to not use a distribution (and always has been). Kernel sources are *always* available at www.kernel.org. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpPZ0s2YJTsR.pgp Description: PGP signature
Re: ReiserFS with Debian (Potato)?
On Thu, Jul 27, 2000 at 08:03:11AM -0200, John Leuner wrote: Then I tried to extract a tar.gz file from an NFS mount onto my (reiser) home partition. Worked fine, but when I tried to build the application (dosemu-1.0.1) the configure script got stuck and filled up the entire 2.5 gig partition. I extracted the same file to /var/ (which was still ext2) and of course then it worked. I don't know where I should file this bug though, since I don't really know where the problem was. tar has known issues with reiserfs; it's possible you tickled one of those. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpjDZHSRSflR.pgp Description: PGP signature
Re: Accton Cheetah PCI network card
On Wed, Jul 26, 2000 at 10:31:05AM +0200, J.T. Wenting wrote: Yah. I have an RTL8139 based card as well. I think the problem is in linux, not the card, as I have them also in several other systems (running Windows95 and Windows2000) and they work great there. No, it's the card. Reading the source for the driver reveals that the hardware has a half-assed design ... The error I get is something related to the PCI bus, followed by an interrupt error on the card. I thought it might be my mainboard (it is an old machine) but now that others seem to have similar trouble I begin to suspect the driver again. Having said the above, it's possible that the driver is FUBAR as well :) -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpauask8fqS0.pgp Description: PGP signature
Re: what's 224.0.0.0 -- and other newbie net-questions
On Fri, Jun 23, 2000 at 08:03:21AM +0100, Tom Furie wrote: On Thu, Jun 22, 2000 at 01:08:02AM -0500, Will Trillich wrote: Q: what's the 224.0.0.0 ip/netmask for? That's for multicast. I don't know much about multicast, maybe someone else can help there. According to Stevens TCP/IP Illustrated Vol. 1 24.220.0.2 is all routers on this subnet, and ICMP type 10 is router solicitation (router discovery). This information can also be found in RFC 1700 Assigned Numbers (STD0002), but it's not quite the same read as Stevens ... -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpp6JlEOvlCr.pgp Description: PGP signature
Re: Compressed mailboxes with mutt
On Sun, Jul 23, 2000 at 08:25:02PM -0700, Mark Wagnon wrote: Hi all, Anyone using compressed folders with mutt? My mailboxes are getting out of hand. I have a couple that are fast approaching the 10 meg point. I read a thread on comp.mail.mutt that says one can utilize compressed folders if the source is patched with some special patch. I was wondering if the debian package (woody, mutt 1.2i) is able to access compressed folders. If so, how might I go about doing that? AFAIK you'll need to download the patch and apply it. Use apt-get source mutt to get the mutt source ... -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpXseeJZEwhH.pgp Description: PGP signature
Re: Loopback in interfaces Wrongly Commented on Upgrade
On Fri, Jul 21, 2000 at 01:27:16AM -0400, Jameson Burt wrote: As I upgraded from slink to potato, I believe an interactive comment mentioned that 2.2.* kernels (I run kernel 2.2.16) need no explicit loopback. Because of my selection, the upgrade script produced a file /etc/network/interfaces with all lines commented. In particular, this interfaces file had the following line # iface lo inet loopback not iface lo inet loopback UNCOMMENTING THIS LINE GOT MY SYSTEM WORKING AGAIN. Well, duh. It's commented out by default because lo is initialised in /etc/init.d/network in slink. Not sure what happened to your /etc/init.d/network ... (I had to delete mine by hand - good riddance). -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpmA16nHYFTX.pgp Description: PGP signature
Re: PS2 mouse and gpm
On Fri, Jul 21, 2000 at 11:02:07AM -0500, Bolan Meek wrote: Ethan Pierce wrote: There was some talk on the list earlier today about removing gpm to get better results with the paste feature. I plan to try this later when I get home from workbut does anyone know if taking out gpm will mess up the x server? Taking out gpm will not mess up the x server, however, if X is configured to get data from /dev/gpmdata, it will not know from where to get the mouse movements buttons. You may want to check into that. You've got an Intellimouse? Try this in your /etc/X11/XF86Config: Section Pointer ProtocolIMPS/2 Device /dev/psaux Resolution 100 Buttons 3 ZAxisMapping4 5 EndSection Remove gpm. It's never caused me anything but grief when trying to run X. For console only machines gpm is cool. HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpExqO5Jx2yT.pgp Description: PGP signature
Re: xfree86 4.01
On Wed, Jul 19, 2000 at 12:26:12PM -0400, Noah L. Meyerhans wrote: On Wed, 19 Jul 2000, Ethan Pierce wrote: The deb packages for xfree4 dont seem to be out yet...will it happen do you guys think? This is becoming a FAQ. Unfortunately, I don't know where the answer is. Somebody will post the URL of the web page discussing this issue. http://www.debian.org/~branden/ -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpGU2vIXtkIG.pgp Description: PGP signature
Re: Combining 4 C-class networks: how?
On Mon, Jul 10, 2000 at 08:59:13AM +0200, Harald Thingelstad wrote: First: The 10.x.x.x network range is, due to standard ip ranges, class A. You have used a subnet mask to divide it into 2^16 sub-ip-ranges, using four of them. So a simple solution might be (i've not actually done this) to treat it like the class A network it actually is. This requires reconfiguration of the windows machines however. (Or multiple broadcast adresses, if possible.) The real world hasn't used classful addressing for years. Ever hear of variable length subnetting? Try a whois on net 24 sometime. To answer the original question: what happens if you use the IP your sysadmin has assigned and set a default route pointing to the gateway for that /24? -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpBeZopY27GS.pgp Description: PGP signature
Re: Combining 4 C-class networks: how?
On Mon, Jul 10, 2000 at 02:33:58PM -0500, Bolan Meek wrote: Don't networking configuration tools default to using the Classes for computing netmasks, unless they are specified? ... and Ciscos default to using stupid proprietary protocols when you set up a circuit. How are stupid defaults relevant? Yes, many people still talk about classes as if they exist (in fact some providers still filter backbone routes with classful assumptions. Bad. Bad). Some people talk about the earth being flat or mourn the passing of horse-drawn carriages. The simple fact is that CIDR notation (variable length subnet addressing) is the STANDARD. Anyone who tells you otherwise is selling something (or worse, running RIP v1). Cheers, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgphdjSgnaTVW.pgp Description: PGP signature
Re: IMP issue
On Mon, Jul 10, 2000 at 01:05:14PM -0700, Matthew Thompson wrote: What does your /etc/nsswitch.conf look like? Is it only using DNS for host name resolution? If so, 1) insert files before dns, or 2) is there any internal nameserver for your LAN? One that'll forward queries for the rest of the world? Then put that first in the nameserver entries in /etc/resolv.conf. Both of those files are indeed set up as you suggest and the problem persists. It seems strange that imp would be interested in the IP for doma. Can anyone shed some light? This is off the cuff, but I think the problem lies in your /etc/apache/httpd.conf. Try playing with the ServerName directive or set UseCanonicalName to off HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpO90HSKCokk.pgp Description: PGP signature
Re: Ethercard Plus Elite 16: (WD/8013EP); Slink, Potato, Corel
On Thu, Jul 06, 2000 at 08:39:20AM +0300, virtanen wrote: On Wed, 5 Jul 2000, Bob Nielsen wrote: It's a kernel problem, not a distribution problem. Your kernel, as compiled, probably does not have the wd.o module. Try recompiling the kernel and select Western Digital/SMC cards in 'make menuconfig', either 'y' or 'm'. That doesn't admit wd module at all. So the network didn't start working. The wd module was there on the list, but install failed. The latest set of boot disks is missing the 8390 module which is loaded before the wd module. That should be fixed soon. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpJLJgWeCybb.pgp Description: PGP signature
Re: Compaq ProLiant ML350
On Tue, Jul 04, 2000 at 08:55:38PM +0100, Lee Elliott wrote: Nathan E Norman wrote: On Mon, Jul 03, 2000 at 09:03:43PM +0100, Lee Elliott wrote: There is an option for Compaq Smart Array support when compiling kernels, so you may need to compile a kernel with this support. There seems to be a catch-22 situation here though - you compile a kernel with Smart Array support, but it's got to sit on a drive that needs Smart Array support to be accessed. Presumably though, if the ntloader, which I doubt has special Smart Array support, can be found off the array, there's no reason why a linux loader couldn't be used instead. Dunno if this applies to Compaq Smart Raid, but IBM ServeRAID didn't work with LILO at all. It worked fine with GRUB, which after cursing the docs I found easier to use. HTH, I wonder if that's due to the LILO 1024 cylinder limit? I've never looked at the device parameters presented by a raid controller - must have a gander. Because the raid controller is presenting a logical/virtual HD, I'd expect the same problem regardless of which controller was used. It seemed to have something to do with the CHS translation; I can assure you that I re-RTFM the lilo docs several times and used all sorts of lilo config directives I'd never used before :) The furthest I could get was LI- (FWIW I've been using LILO for 5+ years though I wouldn't call myself a guru). I really do like GRUB; it's especially nice on a dual boot machine. It also presents a nicer interface at boot which makes my boss happy during the infrequent reboots that these servers experience ... -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpAGaHy65DzA.pgp Description: PGP signature
Re: Helix Gnome vs Debian Gnome -- worth the upgrade?
On Wed, Jul 05, 2000 at 01:15:34PM -0500, Kent West wrote: I tried to install HelixGNOME via the instructions for Debian on the helixcore website (lynx -source blah blah blah), and chose option 3 (full install), and it looked like everything was going fine, until I got a dependency error that libsound is apparently not available. I haven't been able to find this package anywhere .deb form, so I've just put HelixGNOME on the back burner for now. Erm, Helix supplies debs. They work, too. # Helix GNOME deb http://spidermonkey.helixcode.com/distributions/debian unstable main deb-src http://spidermonkey.helixcode.com/distributions/debian unstable main -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpQRiDdeBlfg.pgp Description: PGP signature
Re: Image copy of a floppy, how?
On Wed, Jul 05, 2000 at 08:02:34PM -0400, Antonio Rodriguez wrote: I created a boot floppy during my kernel upgrade, but I would like to create another copy-backup in case a problem occurs with my only boot floppy. I am not sure how to do it, I read that: 5.5.4.1 Writing Disk Images From a Linux or Unix System To write the floppy disk image files to the floppy disks, you will probably need root access to the system. Place a good, blank floppy in the floppy drive. Next, use the command dd if=file of=/dev/fd0 bs=512 conv=sync ; sync %% But is not enough yet, since it is not clear how I put the contents of the boot floppy into file. Thanks in advance, [ with floppy to copy in the drive ] dd if=/dev/fd0 of-file bs=512 [ with target floppy in drive ] dd if=file of=/dev/fd0 bs=512 conv=sync ; sync -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpzZMBlmR0So.pgp Description: PGP signature
Re: Offering external services, rlogins, smtp etc: how does it work?
On Thu, Jul 06, 2000 at 09:56:11AM +0930, Mark Phillips wrote: Hi, I am a little confused about how the external services thing works. Suppose for example you want to allow exteral rlogins to your computer. I presume you modify the inetd.conf file to include the line: login stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogind Now when is this file read? Is it only when you do something like /etc/init.d/inetd restart, or is it whenever an external machine asks to connect to one of your ports? It's read every time inetd starts, or you send inetd a HUP signal like kill -hup `cat /var/run/inetd.pid` or /etc/init.d/inetd reload Now am I right in thinking that there is not an rlogin daemon running all the time, listening for rlogin connections? I think what happens is that inetd listens for connections, and then if it receives one for rlogin, it executes in.rlogind --- one for each incomming connection --- is that right? Sort of. First it executes /usr/sbin/tcpd which applies rules found in /etc/hosts/allow and /etc/hosts.deny. Now the above is all correct, I'm still a little confused, because what about smtp? Currently I have the following line in inetd.conf #disabled#smtp stream tcp nowait mail /usr/sbin/exim exim -bs So it is disabled, yet mail still works on my system! Is this because it is handled through a different mechanism? I notice that I have the following process: It's disabled in inetd ... doesn't mean it's disabled for the system! mail 286 0.0 0.3 2324 204 ? S Jun24 0:00 /usr/sbin/exim -bd -q30m ^^ Be a Daemon - exim opens port 25 itself and forks off children as connections arrive. inetd is out of the picture altogether. Which I am guessing does the job instead of inetd? If so, why do it this way instead of through inetd? Daemons are fast - you skip the overhead of inetd! On the other hand, sometimes inetd gives you more security (it depends on the service). Any clarifications of my understanding of these things would be much appreciated. Hope this helps. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpSU6imyA4Dc.pgp Description: PGP signature
Re: Ethercard Plus Elite 16: (WD/8013EP)
On Tue, Jul 04, 2000 at 01:53:30PM +0300, virtanen wrote: 2) dmesg: wd.c. presently autoprobing (etc) eth0: WD80x3 at 0x200, 00 00 CO AO 6C 66 WD8013, IRQ7, Shared memory at 0xc800 0-0xcbfff (In my opinion) this means that the card is working anyway? Yup, the card is there. That's good ... a) I tried to install 'slink' by installing 'base' from a dos-partition and tried the rest by 'apt'. But when going to 'dselect' the box doesn't get any connection to anywhere. b) What to do next? How could I probe that my IP address, netmask, gateway, etc are correct? I took all that info from a win partition. Would be advisable/possible to install some package, which could do automaticly all this job? Well, that depends on your network ... if they're using DHCP you should use a DHCP client. Debian has three that I know of: pump, dhcpcd, and dhcp-client. I've had the best luck with dhcp-client, though your experience may be different. Once you configure your IP settings either manually or via DHCP, make sure the output of `ifconfig' lists both lo and eth0 interfaces. `netstat -rn' should show a network route for your ethernet segment and a default route. Try to ping the gateway for the default route. If you can't ping the gateway something is screwed up with your ethernet or with your IP settings. If you can ping the gateway but can't get out to the world something (or someone) is blocking your traffic. Make sure you haven't installed any firewalling packages; those can cause a lot of trouble if you're trying to get setup for the first time. HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpw3C6j4KEXT.pgp Description: PGP signature
Re: Compaq ProLiant ML350
On Mon, Jul 03, 2000 at 10:27:00AM -0500, A. Scott White wrote: I have a new Compaq ProLiant ML350 server. It has a Compaq Smart Array 431 Raid Controller. It also has a NC3123 Fast Ethernet NIC PCI 10/100 Wake on LAN card. Is there any hope for installing Debian on this? The default 2.1 install disks hang while trying to reset the SCSI. The TECRA boot disks detect no drive at all. Try the potato (Debian 2.2) boot disks instead. potato is frozen right now but it's quite stable and has lots of things you'll want (or even need) on your server anyway. I know Compaq Smart Array support is available in the latest 2.2.x kernels. Specifically, I have heard people say things like: You need to compile support for Compaq Smart Array controllers into your kernel. I am always perplexed by this. How do I compile a kernel if I don't have Debian installed yet? Do I compile the kernel on another Debian machine? If I do so, how do I get that kernel onto the install disks and ready to install? Well, you have to have access to a linux box to compile a kernel, or get someone to do it for you. There are certain kernel options you must include for the rescue disk kernel; the applicable README is in the same dir as the images on the FTP site. Once you have a vmlinuz and have applied the appropriate rdev commands, you simply mount the rescue floppy (it's an msdos filesystem) and copy vmlinuz to the file named linux on the floppy. This is all described in the README. If you need someone to compile a kernel for you send me an email. HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpnd92cdH457.pgp Description: PGP signature
Re: Ethercard Plus Elite 16: (WD/8013EP)
On Mon, Jul 03, 2000 at 07:49:58PM +0300, [EMAIL PROTECTED] wrote: Hi, I've got an ethercard as shown on the subject line. Can't get it wortking. Somebody else has got the same or knows, what is the problem. Hard to say since you didn't tell us what the problem is. Please do a `modprobe wd' and tell us the output of that (if any) plus the relavent bits from dmesg. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpITPICH61n3.pgp Description: PGP signature
Re: Compaq ProLiant ML350
On Mon, Jul 03, 2000 at 09:03:43PM +0100, Lee Elliott wrote: There is an option for Compaq Smart Array support when compiling kernels, so you may need to compile a kernel with this support. There seems to be a catch-22 situation here though - you compile a kernel with Smart Array support, but it's got to sit on a drive that needs Smart Array support to be accessed. Presumably though, if the ntloader, which I doubt has special Smart Array support, can be found off the array, there's no reason why a linux loader couldn't be used instead. Dunno if this applies to Compaq Smart Raid, but IBM ServeRAID didn't work with LILO at all. It worked fine with GRUB, which after cursing the docs I found easier to use. HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpihyMKQEZH0.pgp Description: PGP signature
Re: Postgresql 7.02 and Debian
On Tue, Jun 27, 2000 at 12:02:17PM -0400, Bill Barnes wrote: Hello the list: Anybody in this subject category? Last used 6.5.3 in SuSE, so new to both 7.02 and debian. Debian not in the list of supported platforms at Postgresql web site. Installation seemed to be okay, but maybe directories are different??? Specifically: su postgres /etc/rc.d/init.d/postgresql start -i responds: /etc/rc.d/init.d/functions: No such file or directory Try /etc/init.d/postgresql start -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgplUC7b0DwyC.pgp Description: PGP signature
Re: Compiling the Kernel.
On Tue, Jun 20, 2000 at 10:21:40PM +0200, Kai Weber wrote: At 14:21 19.06.00, you wrote: Better yet: apt-get update; apt-get install kernel-package make config (or menuconfig or xconfig) make-kpkg clean make-kpkg --revision=local.kernel-version kernel_image dpkg -i ../kernel-image-kernel-version_local.kernel-version_i386.deb I did it. I made a new kernel with settings for my system. But now, whenever I want to install a new package it wants to update the kernel-image as well. I thought it will recognize the installed as a newer version? Apparently a recent kernel-image package used an epoch. To combat this you need use an epoch in your version also. I believe you would do that like this: make-kpkg --revision=5:local.kernel-version kernel_image HTH, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpm4Fo8xTkTA.pgp Description: PGP signature
Re: rmagic trouble [better explained]
On Tue, Jun 20, 2000 at 04:13:19PM +0200, Jaume Teixi wrote: Hi I'm trying to install rmagic from frozen dist. this pkg has dependencies in libgd-graph3d-perl (not avaiable) and libgd-graph-perl (avaiable) but has dependencies on libgd-text-perl (also not avaiable:( So how can I install and get runnig rmagic whith this dependencies not installables ? thanks, jaume. Content-Description: Card for Jaume Teixi ^ Ew. Point your browser at http://incoming.debian.org and grab libgd-graph3d-perl and libgd-text-perl debs there. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpX026ZOBM3v.pgp Description: PGP signature
Re: Storm vs Slink syslog problem
On Tue, Jun 20, 2000 at 11:33:24AM -0400, Paul McHale wrote: I have an older slink system which was replaced by a new storm system. I copied the /etc/syslog.conf file from slink to storm. My router logs to both IPs. Slink works fine but storm doesn't log any messages. Directory permissions are the same. Here is the line in my /etc/syslog.conf local7.*-/var/log/router/router.log Does any know if storm has a modified syslog? Other changes made for Sendmail logging work fine. Is your router the storm box, or is it a seperate box? If it's seperate, I'd make sure storm didn't disable remote syslogging (-r option). Otherwise, I'd make sure the router sofware is still logging as local7. Cheers, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpa7K6qmYOpc.pgp Description: PGP signature
Re: majordomo gone?
On Mon, Jun 19, 2000 at 01:52:39PM +0200, Robert Waldner wrote: Hi! It seems that the majordomo-package is no more on the mirrors, neither in the stable/unstable/frozen hierarchies...it gets listed if you do a search via www.debian.org, though. Majordomo had a security gig, and due to its license a patched copy couldn't be distributed. It's been removed from the distribution. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpb7hbzl7eiF.pgp Description: PGP signature
Re: is the potato apache built using dso?
On Mon, Jun 19, 2000 at 09:06:17PM -0500, John F. Davis wrote: Hello I am interested in testing jserv. The installation instructions say you do not need to rebuild apache if it was built with DSO support. Is the potato apache deb built using DSO? How can I tell if it supports DSO? It does. DSO support means you can use loadable modules like jserv, mod_perl, php3, etc. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpYbUC2qNuVm.pgp Description: PGP signature
Re: SSH again!
On Wed, Jun 14, 2000 at 04:23:38PM -0700, Bob Nielsen wrote: On Wed, Jun 14, 2000 at 04:45:10PM -0500, Timothy C. Phan wrote: Hi all, Don't I suppose to get two prompts for two passwords? One from the key and one from the login? Currently, I only need to enter the login password. that is why I do not understand what are these keys for? If everything is working correctly, you should only be asked for your passphrase (see 'man ssh-keygen'). However, from 'man ssh': If other authentication methods fail, ssh prompts the user for a pass word. The password is sent to the remote host for checking; however, since all communications are encrypted, the password cannot be seen by someone listening on the network. Most of the systems on which I have set up a .ssh/authorized_keys file require only the key. One requires the password instead, although the key file is correct as far as I can tell. It's worth noting that ssh cares about file permissions; it seems to get upset if your key files are group writable. Remove group write permissions and see what happens. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpeed940p1nY.pgp Description: PGP signature
[OT] Stupid sendmail question
I've got one box running sendmail to support some legacy configs. Several clients connect to this server but travel through a PIX firewall to get there. It seems that the PIX gets pissy about allowing ident requests from the sendmail server abck to the client. I'm trying to determine whether ident is indeed the problem. To do that, it'd be handy to be able to get sendmail to quit doing ident lookups altogether - I really don't care what ident says since it's either bogus (a lookup against a WinXX box) or bogus (a lookup against a Linux box running oidentd). So, how does one tell sendmail to dispense with ident? -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpjJCXay71VW.pgp Description: PGP signature
Re: Debian i386 mirror
On Mon, Jun 12, 2000 at 12:20:19AM -0700, Paulo Henrique Baptista de Oliveira wrote: Hi Nathan, and what about a mirror config file to mirror this. Can you (or other) send it for me? I use rsync. However, I don't have a 386 only rsync config handy ... sorry. Perhaps someone could enlighten us? You'll find that many mirrors support anonymous rsync. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpKV888lNiBr.pgp Description: PGP signature
Re: /var/log/syslog entries
On Mon, Jun 12, 2000 at 11:57:32AM -0700, Matthew Thompson wrote: Hello, I'm getting TONS of this: Jun 12 06:36:03 doma kernel: Packet log: input REJECT eth0 PROTO=17 216.39.146.44:513 216.39.146.255:513 L=88 S=0x00 I=56673 F=0x T=64 (#5) Jun 12 06:39:03 doma kernel: Packet log: input REJECT eth0 PROTO=17 216.39.146.44:513 216.39.146.255:513 L=88 S=0x00 I=56686 F=0x T=64 (#5) ...in /var/log/syslog (running potato with ipchains over 2 NIC's). Is this common for a firewall with strong rules, or do I have something amiss? It's common. Looks like 216.39.146.44 is running whod (found in the debian package rwhod). This daemon broadcasts information to other servers on the subnet (216.39.146.255 is a broadcast unless your local admin is as weird as I am). PROTO 17 == udp port 513/udp is who according to /etc/services. I see loads of crap on my cable-modem gateway at home. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpfEGq1FJ4Dz.pgp Description: PGP signature
Re: Debian i386 mirror
On Sat, Jun 10, 2000 at 03:05:04AM -0700, Paulo Henrique Baptista de Oliveira wrote: Hi all, I'm planning to make a mirror of debian i-386 (slink, potato, woody) at my lab and want to know to measure how big it will be and if someone could me provide an rsync line or mirror config file for this. Thanks, Paulo Henrique [check yer line wrap ...] A complete mirror (stable, frozen, unstable looks to be 16094910 blocks as of right now. Mirroring binary-all and binary-i386 only seems to save quite a bit of space: [EMAIL PROTECTED]:/var/spool/ftp/pub/debian $ du -s --total \ dists/{potato,slink,woody}/*/binary-{all,i386} 16024 dists/potato/contrib/binary-all 656454 dists/potato/main/binary-all 125130 dists/potato/non-free/binary-all 54286 dists/potato/contrib/binary-i386 885618 dists/potato/main/binary-i386 114969 dists/potato/non-free/binary-i386 30501 dists/slink/contrib/binary-all 379106 dists/slink/main/binary-all 68699 dists/slink/non-free/binary-all 62384 dists/slink/contrib/binary-i386 492893 dists/slink/main/binary-i386 129032 dists/slink/non-free/binary-i386 5172dists/woody/contrib/binary-all 443615 dists/woody/main/binary-all 61587 dists/woody/non-free/binary-all 46343 dists/woody/contrib/binary-i386 420962 dists/woody/main/binary-i386 42095 dists/woody/non-free/binary-i386 4034870 total Regards, -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgprA774KdZyZ.pgp Description: PGP signature
Re: My quite ordinary comment about Re: GR to remove non-free...
On Thu, Jun 08, 2000 at 04:08:59PM -0400, eric a . Farris wrote: i think that'll be the kicker. those of use with (slow|no) connection at home will pay a price, either through long download times, or having to find/burn our own non-free CD. i would hope that, if non-free (and i assume contrib must follow) is pulled that it would be relatively easy to make a non-free CD, even if it's suddenly Unofficial Debian. Who makes a non-free CD now? That's the whole point of non-free; the bits in there have license or patent issues that prevent distribution via commercial media like CDs. Anyone selling a non-free CD is almost certainly violating laws. It's be cool if everyone would calm down and realise that this is simply a call for a vote; the resolution will likely fail but hopefully it will prompt people to think about what Debian really is (and I agree with those who feel that Debian is primarily here to promote free software; that's why I use it). -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpsUXpH2h4GT.pgp Description: PGP signature
Re: PPP Server (PPP HOWTO very poor)
On Tue, Jun 06, 2000 at 08:38:17AM -0700, Paulo Henrique Baptista de Oliveira wrote: Hi all, I have to setup a PPP Server but the PPP HOWTO is very poor. Only 4 pages for this topic. Anyone knows any doc in the Net explaining better how to do this? Install the mgetty and mgetty-docs packages and read the docs in /usr/share/doc/mgetty/ Works for me. -- Nathan Norman Eschew Obfuscation Network Engineer GPG Key ID 1024D/51F98BB7http://home.midco.net/~nnorman/ Key fingerprint = C5F4 A147 416C E0BF AB73 8BEF F0C8 255C 51F9 8BB7 pgpyLDKcB1D1E.pgp Description: PGP signature