Re: unattended-upgrades: apache won't restart
Can anyone help with this? Just to be clear, after apache is upgraded via unattended-upgrades, apache is in the stopped state. I have to manually start it again. On 27/02/2017 12:45 PM, Yasir Assam wrote: > Running Jessie. Every time apache is upgraded through > unattended-upgrades, it isn't restarted. > > Here's an excerpt from syslog: > > Feb 27 06:41:32 musomates systemd[1]: Starting LSB: Apache2 web server... > Feb 27 06:41:32 musomates apache2[24650]: Starting web server: apache2. > Feb 27 06:41:33 musomates apache2[24659]: Stopping web server: apache2. > Feb 27 06:41:33 musomates systemd[1]: Started LSB: Apache2 web server. > > Here's what it looks like when I run aptitude upgrade manually on a > different machine, not via unattended-upgrades: > > Feb 27 12:06:50 buildoneforme systemd[1]: Stopping LSB: Apache2 web > server... > Feb 27 12:06:52 buildoneforme apache2[11958]: Stopping web server: > apache2. > Feb 27 12:06:52 buildoneforme systemd[1]: Starting LSB: Apache2 web > server... > Feb 27 12:06:52 buildoneforme apache2[11983]: Starting web server: > apache... > Feb 27 12:06:53 buildoneforme systemd[1]: Started LSB: Apache2 web server. > > On the machine with unattended-upgrades running, it looks like it's > trying to start apache before stopping it. Obviously it should be the > other way round. > > Anyone have a clue what's going on here? > > Yasir >
unattended-upgrades: apache won't restart
Running Jessie. Every time apache is upgraded through unattended-upgrades, it isn't restarted. Here's an excerpt from syslog: Feb 27 06:41:32 musomates systemd[1]: Starting LSB: Apache2 web server... Feb 27 06:41:32 musomates apache2[24650]: Starting web server: apache2. Feb 27 06:41:33 musomates apache2[24659]: Stopping web server: apache2. Feb 27 06:41:33 musomates systemd[1]: Started LSB: Apache2 web server. Here's what it looks like when I run aptitude upgrade manually on a different machine, not via unattended-upgrades: Feb 27 12:06:50 buildoneforme systemd[1]: Stopping LSB: Apache2 web server... Feb 27 12:06:52 buildoneforme apache2[11958]: Stopping web server: apache2. Feb 27 12:06:52 buildoneforme systemd[1]: Starting LSB: Apache2 web server... Feb 27 12:06:52 buildoneforme apache2[11983]: Starting web server: apache... Feb 27 12:06:53 buildoneforme systemd[1]: Started LSB: Apache2 web server. On the machine with unattended-upgrades running, it looks like it's trying to start apache before stopping it. Obviously it should be the other way round. Anyone have a clue what's going on here? Yasir
Xorg xserver blank using one kernel, but ok using another
I was happily using an unstable version of xen built July from source (pre 3.0.3) and I downloaded the 3.0.3 source and built it using: # make world # make install it boots ok, but when the the xorg xserver starts I just get a blank screen - I think it's not picking up the right modes. (BTW - 640x480 does work, but it's the only resolution that works). It's really strange, because xorg.conf is the same whether it's runinng under Xen or a normal kernel. Here's a diff between the xorg log starting on a normal kernel and the xen 3.0.3 kernel: 6c6 Current Operating System: Linux eir 2.6.17.4-eir #1 SMP Tue Jul 11 12:19:50 EST 2006 i686 --- Current Operating System: Linux eir 2.6.16.29-xen #1 SMP Sun Oct 22 19:30:13 EST 2006 i686 14c14 (==) Log file: "/var/log/Xorg.0.log", Time: Mon Oct 23 09:44:56 2006 --- (==) Log file: "/var/log/Xorg.0.log", Time: Mon Oct 23 09:41:44 2006 436,486c436 (II) VESA(0): VESA VBE DDC supported (II) VESA(0): VESA VBE DDC Level 2 (II) VESA(0): VESA VBE DDC transfer in appr. 1 sec. (II) VESA(0): VESA VBE DDC read successfully (II) VESA(0): Manufacturer: MEL Model: 4625 Serial#: 16843009 (II) VESA(0): Year: 2003 Week: 18 (II) VESA(0): EDID Version: 1.3 (II) VESA(0): Analog Display Input, Input Voltage Level: 0.700/0.300 V (II) VESA(0): Sync: Separate Composite (II) VESA(0): Max H-Image Size [cm]: horiz.: 37 vert.: 27 (II) VESA(0): Gamma: 2.20 (II) VESA(0): DPMS capabilities: StandBy Suspend Off; RGB/Color Display (II) VESA(0): First detailed timing is preferred mode (II) VESA(0): GTF timings supported (II) VESA(0): redX: 0.626 redY: 0.339 greenX: 0.279 greenY: 0.600 (II) VESA(0): blueX: 0.149 blueY: 0.072 whiteX: 0.283 whiteY: 0.297 (II) VESA(0): Supported VESA Video Modes: (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (interlaced) (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): Manufacturer's mask: 0 (II) VESA(0): Supported Future Video Modes: (II) VESA(0): #0: hsize: 640 vsize 480 refresh: 85 vid: 22833 (II) VESA(0): #1: hsize: 800 vsize 600 refresh: 85 vid: 22853 (II) VESA(0): #2: hsize: 1024 vsize 768 refresh: 85 vid: 22881 (II) VESA(0): #3: hsize: 1152 vsize 864 refresh: 75 vid: 20337 (II) VESA(0): #4: hsize: 1280 vsize 960 refresh: 85 vid: 22913 (II) VESA(0): #5: hsize: 1280 vsize 1024 refresh: 85 vid: 39297 (II) VESA(0): #6: hsize: 1600 vsize 1200 refresh: 75 vid: 20393 (II) VESA(0): #7: hsize: 1792 vsize 1344 refresh: 65 vid: 17857 (II) VESA(0): Supported additional Video Mode: (II) VESA(0): clock: 157.5 MHz Image Size: 356 x 266 mm (II) VESA(0): h_active: 1280 h_sync: 1344 h_sync_end 1504 h_blank_end 1728 h_border: 0 (II) VESA(0): v_active: 1024 v_sync: 1025 v_sync_end 1028 v_blanking: 1072 v_border: 0 (II) VESA(0): Ranges: V min: 50 V max: 160 Hz, H min: 30 H max: 96 kHz, PixClock max 230 MHz (II) VESA(0): Monitor name: DPLUS93SB (II) VESA(0): Serial No: 3500101YR --- (II) VESA(0): VESA VBE DDC not supported 517c467 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 559c509 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 643c593 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 727c677 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 811c761 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 853c803 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 895c845 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 937c887 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 979c929 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1021c971 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1063c1013 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1105c1055 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1147c1097 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1189c1139 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1231c1181 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1273c1223 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1315c1265 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1357c1307 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1399c1349 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1441c1391 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1483c1433 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1525c1475 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1567c1517 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1609c1559 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1651c1601 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0
Re: Xorg xserver blank using one kernel, but ok using another
Apologies - I should have mentioned that this is all running on an up to date version of Etch. Yasir I was happily using an unstable version of xen built July from source (pre 3.0.3) and I downloaded the 3.0.3 source and built it using: # make world # make install it boots ok, but when the the xorg xserver starts I just get a blank screen - I think it's not picking up the right modes. (BTW - 640x480 does work, but it's the only resolution that works). It's really strange, because xorg.conf is the same whether it's runinng under Xen or a normal kernel. Here's a diff between the xorg log starting on a normal kernel and the xen 3.0.3 kernel: 6c6 Current Operating System: Linux eir 2.6.17.4-eir #1 SMP Tue Jul 11 12:19:50 EST 2006 i686 --- Current Operating System: Linux eir 2.6.16.29-xen #1 SMP Sun Oct 22 19:30:13 EST 2006 i686 14c14 (==) Log file: "/var/log/Xorg.0.log", Time: Mon Oct 23 09:44:56 2006 --- (==) Log file: "/var/log/Xorg.0.log", Time: Mon Oct 23 09:41:44 2006 436,486c436 (II) VESA(0): VESA VBE DDC supported (II) VESA(0): VESA VBE DDC Level 2 (II) VESA(0): VESA VBE DDC transfer in appr. 1 sec. (II) VESA(0): VESA VBE DDC read successfully (II) VESA(0): Manufacturer: MEL Model: 4625 Serial#: 16843009 (II) VESA(0): Year: 2003 Week: 18 (II) VESA(0): EDID Version: 1.3 (II) VESA(0): Analog Display Input, Input Voltage Level: 0.700/0.300 V (II) VESA(0): Sync: Separate Composite (II) VESA(0): Max H-Image Size [cm]: horiz.: 37 vert.: 27 (II) VESA(0): Gamma: 2.20 (II) VESA(0): DPMS capabilities: StandBy Suspend Off; RGB/Color Display (II) VESA(0): First detailed timing is preferred mode (II) VESA(0): GTF timings supported (II) VESA(0): redX: 0.626 redY: 0.339 greenX: 0.279 greenY: 0.600 (II) VESA(0): blueX: 0.149 blueY: 0.072 whiteX: 0.283 whiteY: 0.297 (II) VESA(0): Supported VESA Video Modes: (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (interlaced) (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): Manufacturer's mask: 0 (II) VESA(0): Supported Future Video Modes: (II) VESA(0): #0: hsize: 640 vsize 480 refresh: 85 vid: 22833 (II) VESA(0): #1: hsize: 800 vsize 600 refresh: 85 vid: 22853 (II) VESA(0): #2: hsize: 1024 vsize 768 refresh: 85 vid: 22881 (II) VESA(0): #3: hsize: 1152 vsize 864 refresh: 75 vid: 20337 (II) VESA(0): #4: hsize: 1280 vsize 960 refresh: 85 vid: 22913 (II) VESA(0): #5: hsize: 1280 vsize 1024 refresh: 85 vid: 39297 (II) VESA(0): #6: hsize: 1600 vsize 1200 refresh: 75 vid: 20393 (II) VESA(0): #7: hsize: 1792 vsize 1344 refresh: 65 vid: 17857 (II) VESA(0): Supported additional Video Mode: (II) VESA(0): clock: 157.5 MHz Image Size: 356 x 266 mm (II) VESA(0): h_active: 1280 h_sync: 1344 h_sync_end 1504 h_blank_end 1728 h_border: 0 (II) VESA(0): v_active: 1024 v_sync: 1025 v_sync_end 1028 v_blanking: 1072 v_border: 0 (II) VESA(0): Ranges: V min: 50 V max: 160 Hz, H min: 30 H max: 96 kHz, PixClock max 230 MHz (II) VESA(0): Monitor name: DPLUS93SB (II) VESA(0): Serial No: 3500101YR --- (II) VESA(0): VESA VBE DDC not supported 517c467 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 559c509 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 643c593 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 727c677 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 811c761 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 853c803 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 895c845 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 937c887 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 979c929 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1021c971 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1063c1013 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1105c1055 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1147c1097 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1189c1139 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1231c1181 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1273c1223 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1315c1265 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1357c1307 PhysBasePtr: 0xe000 --- PhysBasePtr: 0x0 1399c1349 PhysBasePtr:
Re: xorg: Ctrl+Alt+F7 doesn't bring back WindowMaker
Whoops! I didn't see the other thread! Yasir I've never used WindowMaker, but have you tried just pressing Alt+F7 (no ctrl)? That works for me using gdm + gnome. Hi! I don't know since when Ctrl+Alt+F7 does not bring me back to WindowMaker any more. Once I switch from WindowMaker to console by hitting Ctrl+Alt+F1 ~ F6, I lose my GUI forever and killing process xinit is my only solution to this problem. Helps will be much appreciated. Regards, CN -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: xorg: Ctrl+Alt+F7 doesn't bring back WindowMaker
I've never used WindowMaker, but have you tried just pressing Alt+F7 (no ctrl)? That works for me using gdm + gnome. Hi! I don't know since when Ctrl+Alt+F7 does not bring me back to WindowMaker any more. Once I switch from WindowMaker to console by hitting Ctrl+Alt+F1 ~ F6, I lose my GUI forever and killing process xinit is my only solution to this problem. Helps will be much appreciated. Regards, CN -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
/etc/security/limits.conf: ulimit -l (max locked memory) reports 32 when it should be unlimited
Hello, I'm using Sarge. I'm learning to use /etc/security/limits.conf in order to set user limits via PAM. According to the doc if I specify a user or group followed by '-' and omit the type and value, then no limits will apply to that user/group, e.g. @root - will ensure that no limits will apply to use users belonging to the group 'root'. However, when I run uname -a I get 32 kb instead of unlimited for the max locked memory: $ ulimit -a core file size(blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) unlimited open files(-n) 1024 pipe size (512 bytes, -p) 8 stack size(kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes(-u) 2112 virtual memory(kbytes, -v) unlimited If I leave /etc/security/limits.conf empty, then I get the following results: $ ulimit -a core file size(blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files(-n) 1024 pipe size (512 bytes, -p) 8 stack size(kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes(-u) unlimited virtual memory(kbytes, -v) unlimited Can anyone explain the reason why max locked memory is reduced from unlimited to 32? I presume that the max locked memory is the maximum amount of memory that must stay in physical RAM, and that anything over that can be swapped to disk. Is that right? Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
nForce5 chipset support?
Apologies if this is the wrong list to ask this question. I'd like to buy the ASUS M2N-E motherboard which uses the nForce5 chipset: http://au.asus.com/products4.aspx?l1=3l2=101l3=0model=1181modelmenu=1 Does anyone know whether there are drivers to support this board? I need to make sure that I can use the onboard network sound, as well all the interfaces (SATA, IDE, USB etc.) I'm a Debian Testing user, I'm comfortable building my own kernel, and I'll use Unstable if I have to. Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unsure about security requirements for workstation/server
Here is a very good starter for Shorewall on Debian http://www.cyberdogtech.com/firewalls/firewall/ Looks useful - thanks. Yasir Regards Andrei P.S. Please send replies only to the list -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unsure about security requirements for workstation/server
Wow - thanks for that! Yasir There are some programs and ways to secure your system. The program "tiger" scans your system for local holes. Just run "tiger" from your shell and check /var/log/tiger/security-? Bastille does about the same. Run it with "InteractiveBastille" from a shell. Logcheck checks your logs for security messages and emails them to you. You will only have to put your email address in /etc/logcheck/logcheck.conf, and configre your mail client. It is best to ignore the unimportand messages with logcheck, because people will get demotivated to keep reading when there is to much information in these messages. There is a file in /usr/share/doc/logcheck that explains how you can achieve this. Programs like Aide and Osiris check your filesystem for changes. This way you can monitor your filesystem for unauthorized changes. Osiris is pretty convienient to start with I'll presume. You can monitor which packages get updated at http://www.debian.org/security When the logs of osiris and such show changes you can do "dpkg -L packagename" to see what files belong to a new package. You can the use diff to compare the output with the log to see only the files that don't belong to this package. If there are a few new packages you can direct the output of dpkg -L for each package into a file after which you can compare this file with the log. This way you will only see the relevant information. Monitoring your system is importand. You can use programs like Grsecurity and Lids to further define permissions on your system. You can for example hide directories with them, deny tampering with processes and more. http://www.grsecurity.org http://www.lids.org They are pretty difficult to handle, but they are worth it. About Lids: after you learn what commands you'll have to use to setup your system with Lids, you can copy and paste rules from the Lids and Lids wiki site. If these kind of programs are too difficult you can take a look a the "chroot" command to try to minimize the impact on your filesystem when you are compromised. Makejail will automaticly setup programs for chrooting. There are some "templates" for programs in /usr/share/makejail/examples if you install Makejail. There is one for apache for example. You use makejail by doing: "makejail /usr/share/doc/makejail/examples/templatename" After you have used makejail you can chroot your program with the command: "chroot /directory/makejail/created 'programname options'" You can also use something like user-mode-linux instead of chroot. You can find more info about this at http://www.debian-administration.org Use chkrootkit and rkhunter to see if someone installed a rootkit on your system. Rkhunter is not available on Debian but is easily installable and available from http://www.rootkit.nl You can run them from cron and email the output to you by doing: date /usr/sbin/chkrootkit|mail -s chkrootkit youremailaddress date /usr/local/bin/rkhunter --update date /usr/local/bin/rkhunter -c --cronjob|mail -s rkhunter youremailaddress You will have to substitute date with the proper cron entries. (See below) It is best to install as few as possible. This way you have less programs that could be used to compromise your computer when they have holes in them. Close ports of programs you don't use. You can achieve this with: update-rc.d -f "programname" remove With this command the program "programname" does not start anymore during the system boot. You can setup what commands certain users can run with ssh. You can read how to do that here: http://www.hackinglinuxexposed.com/articles/20021211.html Run programs like apache as a user with limited rights on the system. Documents about securing apache and such can be found here: http://www.securityfocus.com/unix This documents shows very well how you can secure linux: http://www.gentoo.org/doc/en/security/security-handbook.xml I guess I have shown well how to get your system secure but the document is detailed and will give you a better view on security on Linux. Last but not least: keep your system up to date. People often get in systems because of holes in programs. You can for example run this to achieve that: "crontab -e" 0/14 0/24 * * * /usr/bin/apt-get update 0/15 0/24 * * * /usr/bin/apt-get upgrade -y "ctrl X" This will update your system with security updates each 15 minutes 24/7 when they are available. 2006/2/2, Andrei Popescu [EMAIL PROTECTED]: On Thu, 02 Feb 2006 14:12:09 +1100 Yasir Assam [EMAIL PROTECTED] wrote: Thanks for your feedback Andrei - I appreciate it. I think I'll invest time in learning shorewall. Yasir Here is a very good starter for Shorewall on Debian http
Re: Unsure about security requirements for workstation/server
Thanks for your feedback Andrei - I appreciate it. I think I'll invest time in learning shorewall. Yasir On Wed, 01 Feb 2006 10:40:57 +1100 Yasir Assam [EMAIL PROTECTED] wrote: I suppose shorewall will be useful for monitoring/blocking outgoing connections. Outgoing? This is not windoze! Unless you get rooted there should be no concern regarding the outgoing traffic. But having shorewall as a second line of defense is a good idea. With it you can, for example, limit the ssh access to only specific IP's, as you said you want that only for select friends. If you have X on that machine you could also use firestarter, which is much easier to configure, it has a GUI ;) As for the XP machine, you still need personal firewall anti-virus anti-spyware software. The Linux firewall can't guard you against that nasty stuff. It can, however, filter your e-mail if you set it up as mail server with anti-virus. Thanks, Yasir Regards Andrei -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Unsure about security requirements for workstation/server
Hi, I have a requirement for a machine that will double-up as a server and a workstation for me, and I'm not sure what to install on it. I currently use a laptop. It's a dual-boot system, with Debian Testing (I plan to upgrade to Unstable soon) and Windows XP. Most of the time I work on Debian, but occasionally I switch to Windows. I'd like to be able to run Windows Debian at the same time and my plan is to run WinXP on my laptop and Debian on another machine which I haven't bought yet (I'll be running an X-server on my laptop under WinXP in order to run my X apps). I'd also like to make my Debian machine accessible from the Internet as a server. I'd like my clients (I'm a web/software developer) to be able to see work in progress for testing etc., so I'll be opening up Apache/PHP/MySQL/Tomcat to the Internet. I'd also like to give a few chosen people SSH/FTP/CVS access via the Internet. NOTE: High availability is not that important - if I have to reboot or I get a powercut it's no big deal. I'm not expecting constant hits on the server (if I did I wouldn't host at home). I realize that I'm trying to do two things with one machine. I'm trying to create a publically visible server (it won't be used that much as a server, but it does need to be secure) and a personal workstation. Ideally I should buy two machines, but I'd like to save space/money and only have one machine acting as a server and a workstation. I know that for production servers only the Stable distribution is recommended and as little software as possible should be installed. But as a workstation, I'd like to install Unstable and a lot more software on it than I would on a pure server (e.g. Gnome/KDE, GIMP and loads of other stuff that I like to play around with). What should I do? Is it possible to run Unstable in a secure fashion? I know the security team focuses on releasing security updates to Stable first, but doesn't Unstable get the updates soon after? Any advice/thoughts on this would be greatly appreciated. Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unsure about security requirements for workstation/server
Thanks Oliver. I didn't know about shorewall, so it's good that you recommended it. I should have mentioned that I already use a router, built in to my ADSL modem, so as far as incoming connections go I have to explicitly set up those ports on my ADSL modem/router (so I will have to forward ports 80 etc. to my Debian machine). I suppose shorewall will be useful for monitoring/blocking outgoing connections. I'm not a security expect by any means, so I guess my concern is that by having Testing or Unstable installed, with lots of software not normally used on a server, and by having Apache and other services open to the net, that someone with malicious intent on the net could exploit a hole somewhere that I'm not aware of. Thanks, Yasir On Tue, 2006-01-31 at 20:03 +1100, Yasir Assam wrote: ... I know that for production servers only the Stable distribution is recommended and as little software as possible should be installed. But as a workstation, I'd like to install Unstable and a lot more software on it than I would on a pure server (e.g. Gnome/KDE, GIMP and loads of other stuff that I like to play around with). What should I do? Is it possible to run Unstable in a secure fashion? I know the security team focuses on releasing security updates to Stable first, but doesn't Unstable get the updates soon after? unstable is most likely to get the updates first, if the same version is being used, because the security team will then need to check the changes. If it is a different version the security updates may be irrelevant and you will depend on having problems promptly fixed by the package maintainers. As a compromise, you could install testing, which will be some way behind unstable, but somewhat less likely to contain serious problems. For security of your internet connection, install a firewall such as shorewall (Debian package) and configure it very restrictively. Oliver Elphick -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
doxymacs configure error
Hello, I'm using Etch and I just tried installing doxymacs - I got the following error: # dpkg --configure doxymacs Setting up doxymacs (1.6.0-3) ... install/doxymacs: Handling install for emacsen flavor emacs21 Loading 00debian-vars... Loading 50autoconf (source)... Loading 50css-mode (source)... Loading 50devhelp (source)... Loading 50dictionaries-common (source)... Loading debian-ispell... Loading /var/cache/dictionaries-common/emacsen-ispell-default.el (source)... Loading /var/cache/dictionaries-common/emacsen-ispell-dicts.el (source)... Loading 50emacs-goodies-el (source)... Loading 50gtk-doc-tools (source)... Loading 50html-helper-mode (source)... Loading 50php-elisp (source)... Loading 50psvn (source)... Loading 50ruby1.8-elisp (source)... Loading 55doxymacs (source)... Source file `/usr/share/emacs21/site-lisp/doxymacs/xml-parse.el' newer than byte-compiled file Error while loading 55doxymacs Source file `/usr/share/emacs21/site-lisp/doxymacs/xml-parse.el' newer than byte-compiled file While compiling toplevel forms in file /usr/share/emacs21/site-lisp/doxymacs/doxymacs.el: !! File error ((Cannot open load file url)) Wrote /usr/share/emacs21/site-lisp/doxymacs/xml-parse.elc Done emacs-package-install: /usr/lib/emacsen-common/packages/install/doxymacs emacs21 emacs21 xemacs21 failed at /usr/lib/emacsen-common/emacs-package-install line 30, TSORT line 1. dpkg: error processing doxymacs (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: doxymacs Does anyone have any ideas as to why I'm getting this error, and how to resolve it? Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: doxymacs configure error
Thanks - I'll do that from now on. Yasir Hello *, On Fri, Jan 13, 2006 at 08:44:39PM +1100, Yasir Assam wrote: I'm using Etch and I just tried installing doxymacs - I got the following error: [...] /usr/share/emacs21/site-lisp/doxymacs/doxymacs.el: !! File error ((Cannot open load file url)) [...] dpkg: error processing doxymacs (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: doxymacs Does anyone have any ideas as to why I'm getting this error, and how to resolve it? Please always check the BTS first, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344942 for details. HTH, Flo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unable to install custom kernel
Hi again, I managed to fix it by installing initramfs-tools, though I don't pretend to understand why it happened. Any explanations would be much appreciated. Thanks, Yasir Hi, I recently upgraded from Sarge to Etch. Today I downloaded kernel 2.6.14.5 from kernel.org and built it with make-kpkg as follows: $ make-kpkg clean $ fakeroot make-kpkg --append_to_version -xyz --initrd \ kernel_image $ cd .. # dpkg -i kernel-image*.deb When I did this though, I got the following error: You are attempting to install an initrd kernel image (version 2.6.14.5-bor01) while running a kernel of version 2.6.14.3-ver01, but you have no suitable ramdisk generation tool installed among /usr/sbin/mkinitrd /usr/sbin/mkinitrd.yaird /usr/sbin/mkinitramfs. This will break the installation, unless a suitable ramdisk generation tool is also being installed right now. This is strange, beceause I do have /usr/sbin/mkinitrd installed - I have the initrd-tools package installed. Is there some other ramdisk generation tool I need? This is the same method I used to build 2.6.14.3 only a few weeks ago, so I don't understand why it's stopped working. Any help would be greatly appreciated. Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Compatible VoIP software on Debian
Hi Chris, If you simply want to have a voice conversation with another person over the internet and if you have no preferences on the underlying protocol, then I say simply to use Skype which is easly available on www.skype.com for both windows and linux (.deb package available too), and lets you talk for free with other skype users. Ah, I should have mentioned this. I am specifically looking for something that is *not* Skype, because (a) Skype has no ALSA support and very bad OSS support, making it a chore to use, and (b) it cannot be installed alongside KDE 3.4, which I plan to dist-upgrade to soon (I'm holding back until amarok is installable). I'm using Skype with ALSA on Etch and I don't have any problems (although I do use Gnome rather than KDE - I guess it must be using the OSS emulation layer if it has no native ALSA support). Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unable to install custom kernel
The strange thing is that it worked ok with 2.6.14.3 using the same .config file. In any case, I found installing initramfs-tools fixed it. Thanks for the info. Yasir Apparently, mkinitrd can no longer support a large number of configurations after kernel 2.6.12 (when devfs was dropped). You need yaird or initramfs-tools, if you want to use an initrd. manoj -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Unable to install custom kernel
Hi, I recently upgraded from Sarge to Etch. Today I downloaded kernel 2.6.14.5 from kernel.org and built it with make-kpkg as follows: $ make-kpkg clean $ fakeroot make-kpkg --append_to_version -xyz --initrd \ kernel_image $ cd .. # dpkg -i kernel-image*.deb When I did this though, I got the following error: You are attempting to install an initrd kernel image (version 2.6.14.5-bor01) while running a kernel of version 2.6.14.3-ver01, but you have no suitable ramdisk generation tool installed among /usr/sbin/mkinitrd /usr/sbin/mkinitrd.yaird /usr/sbin/mkinitramfs. This will break the installation, unless a suitable ramdisk generation tool is also being installed right now. This is strange, beceause I do have /usr/sbin/mkinitrd installed - I have the initrd-tools package installed. Is there some other ramdisk generation tool I need? This is the same method I used to build 2.6.14.3 only a few weeks ago, so I don't understand why it's stopped working. Any help would be greatly appreciated. Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
famd using up lots of CPU time
I've got a current version of Etch and I've noticed that every day (around evening time) famd starts using up lots of CPU time (e.g. 95%, according to top) and it does this for a long time. Is this normal? What's it doing? Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: famd using up lots of CPU time
Thanks Michael - I normally just restart it using # /etc/init.d/fam restart but I was wondering why it was happening. Good to hear that someone else has the same experience - I guess it must be a bug in famd? Thanks, Yasir Hello Yasir! I've got a current version of Etch and I've noticed that every day (around evening time) famd starts using up lots of CPU time (e.g. 95%, according to top) and it does this for a long time. Is this normal? What's it doing? I do not think so. Restart the daemon and everything is okay. Or stop the daemon. That is what i mostly do CU Michael -- Michael Ott, e-mail: [EMAIL PROTECTED], www.zolnott.de I am registered as user #275453 with the Linux Counter, http://counter.li.org. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Upgrading from old Sarge (Testing) to Unstable
Thanks you all for your replies. It sounds like I should stick to stable for now at least (till I get more confident about what I'm doing). The package I'm most concerned about upgrading is the kernel. I built this from the sources at kernel.org and used a Debian tool (can't remember the name now) to make a .deb file from it and installed ith with dpkg I think. Will doing 'apt-get upgrade' or 'apt-get dist-upgrade' install the default kernel? Will it leave mine in the GRUB menu at least? I'd like to make sure that apt-get doesn't overwrite the kernel with the standard prebuilt one - I presume mine will still be in the GRUB menu at least. Thanks, Yasir I recommend using aptitude instead of apt-get, ie. just replace apt-get update by aptitude dist-upgrade. aptitude is said to be better at resolving conflicts and recommendations. Apart from that it might be worthwhile to read the upgrade instructions from woody to sarge as they might apply to some of your packages: http://www.de.debian.org/releases/stable/i386/release-notes/ch-upgrading.en.html#s-upgradingpackages aptitude updates existing software, but doesn't remove any software, ie. your kernel will stay. If you installed it via the debian tools, ie. via a .deb package it will be found in the 'Obsolete and locally created packages' section in aptitude. You can later install a new kernel or compile a new kernel, but as said in the release info, I strongly recommend to do this in a separate step: use your existing kernel to see if everything works fine; then add an additional kernel. If it continues to work fine, you can remove the old kernel. Thank you to everyone for replying. I followed the advice given by Johannes and did aptitude dist-upgrade using http://www.us.debian.org/releases/sarge/i386/release-notes/ch-upgrading.en.html Most things installed ok, but it gave me an error which I'll list below: ...clip up to this point Setting up abiword-common (2.2.7-3sarge2) ... Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 E: Sub-process /usr/bin/dpkg returned an error code (1) Ack! Something bad happened while installing packages. Trying to recover: Setting up kernel-image-2.4.27-2-386 (2.4.27-10) ... /usr/sbin/mkinitrd: device /dev/hda7 is not a block device Failed to create initrd image. dpkg: error processing kernel-image-2.4.27-2-386 (--configure): subprocess post-installation script returned error exit status 9 dpkg: dependency problems prevent configuration of kernel-pcmcia-modules-2.4.27-2-386: kernel-pcmcia-modules-2.4.27-2-386 depends on kernel-image-2.4.27-2-386; however: Package kernel-image-2.4.27-2-386 is not configured yet. dpkg: error processing kernel-pcmcia-modules-2.4.27-2-386 (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 Reading Package Lists... 0% Reading Package Lists... 0% Reading Package Lists... 6% Reading Package Lists... Done Building Dependency Tree... 0% Building Dependency Tree... 0% Building Dependency Tree... 50% Building Dependency Tree... 50% Building Dependency Tree Reading extended state information... 0% Reading extended state information... 0% Reading extended state information... 3% Reading extended state information... 63% Reading extended state information Initializing package states... 0% Initializing package states... Done Reading task descriptions... 0% Reading task descriptions... 2% Reading task descriptions... Done I should say that I originally installed kernel 2.4.x (because it wouldn't boot up when I installed 2.6.x from the Sarge installer) but then I installed 2.6.x myself later, building it myself using make-kpkg. One of the things that changed was that the drive names - I think it might be because of SATA drivers? So for example, /dev/hda became /dev/sda. However, my fstab file still uses hda for some partitions (and still works somehow): $ cat fstab # /etc/fstab: static file system information. # # file system mount point type options dump pass proc/proc procdefaults0 0 /dev/hda7 / ext3defaults,errors=remount-ro 0 1 /dev/hda6 noneswapsw 0 0 /dev/sda2 /mnt/c ntfsro,umask=0 0 0 /dev/sda5 /mnt/e vfatrw,umask=0 0 0 /dev/hdc/media/cdrom0 iso9660 ro,user,noauto 0 0 /dev/fd0/media/floppy0 autorw,user,noauto 0 0 From above, you can see the / partition is still /dev/hda7 in fstab, even though it should be /dev/sha7. Should I just change all /dev/hda to /dev/sda and run aptitude dist-upgrade again? Will that fix the problem? I haven't even rebooted because I don't know what state my system is in. Thanks, Yasir
Re: Upgrading from old Sarge (Testing) to Unstable
Thanks you all for your replies. It sounds like I should stick to stable for now at least (till I get more confident about what I'm doing). The package I'm most concerned about upgrading is the kernel. I built this from the sources at kernel.org and used a Debian tool (can't remember the name now) to make a .deb file from it and installed ith with dpkg I think. Will doing 'apt-get upgrade' or 'apt-get dist-upgrade' install the default kernel? Will it leave mine in the GRUB menu at least? I'd like to make sure that apt-get doesn't overwrite the kernel with the standard prebuilt one - I presume mine will still be in the GRUB menu at least. Thanks, Yasir I recommend using aptitude instead of apt-get, ie. just replace apt-get update by aptitude dist-upgrade. aptitude is said to be better at resolving conflicts and recommendations. Apart from that it might be worthwhile to read the upgrade instructions from woody to sarge as they might apply to some of your packages: http://www.de.debian.org/releases/stable/i386/release-notes/ch-upgrading.en.html#s-upgradingpackages aptitude updates existing software, but doesn't remove any software, ie. your kernel will stay. If you installed it via the debian tools, ie. via a .deb package it will be found in the 'Obsolete and locally created packages' section in aptitude. You can later install a new kernel or compile a new kernel, but as said in the release info, I strongly recommend to do this in a separate step: use your existing kernel to see if everything works fine; then add an additional kernel. If it continues to work fine, you can remove the old kernel. Thank you to everyone for replying. I followed the advice given by Johannes and did aptitude dist-upgrade using http://www.us.debian.org/releases/sarge/i386/release-notes/ch-upgrading.en.html Most things installed ok, but it gave me an error which I'll list below: ...clip up to this point Setting up abiword-common (2.2.7-3sarge2) ... Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 E: Sub-process /usr/bin/dpkg returned an error code (1) Ack! Something bad happened while installing packages. Trying to recover: Setting up kernel-image-2.4.27-2-386 (2.4.27-10) ... /usr/sbin/mkinitrd: device /dev/hda7 is not a block device Failed to create initrd image. dpkg: error processing kernel-image-2.4.27-2-386 (--configure): subprocess post-installation script returned error exit status 9 dpkg: dependency problems prevent configuration of kernel-pcmcia-modules-2.4.27-2-386: kernel-pcmcia-modules-2.4.27-2-386 depends on kernel-image-2.4.27-2-386; however: Package kernel-image-2.4.27-2-386 is not configured yet. dpkg: error processing kernel-pcmcia-modules-2.4.27-2-386 (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 Reading Package Lists... 0% Reading Package Lists... 0% Reading Package Lists... 6% Reading Package Lists... Done Building Dependency Tree... 0% Building Dependency Tree... 0% Building Dependency Tree... 50% Building Dependency Tree... 50% Building Dependency Tree Reading extended state information... 0% Reading extended state information... 0% Reading extended state information... 3% Reading extended state information... 63% Reading extended state information Initializing package states... 0% Initializing package states... Done Reading task descriptions... 0%Reading task descriptions... 2% Reading task descriptions... Done I should say that I originally installed kernel 2.4.x (because it wouldn't boot up when I installed 2.6.x from the Sarge installer) but then I installed 2.6.x myself later, building it myself using make-kpkg. One of the things that changed was that the drive names - I think it might be because of SATA drivers? So for example, /dev/hda became /dev/sda. However, my fstab file still uses hda for some partitions (and still works somehow): $ cat fstab # /etc/fstab: static file system information. # # file system mount point type options dump pass proc/proc procdefaults0 0 /dev/hda7 / ext3defaults,errors=remount-ro 0 1 /dev/hda6 noneswapsw 0 0 /dev/sda2 /mnt/c ntfsro,umask=0 0 0 /dev/sda5 /mnt/e vfatrw,umask=0 0 0 /dev/hdc/media/cdrom0 iso9660 ro,user,noauto 0 0 /dev/fd0/media/floppy0 autorw,user,noauto 0 0 From above, you can see the / partition is still /dev/hda7 in fstab, even though it should be /dev/sha7. Should I just change all /dev/hda to /dev/sda and run aptitude dist-upgrade again? Will that fix the problem? OK - I changed /dev/hda to /dev/sda in /etc/fstab and did dpkg --configure on
Re: Upgrading from old Sarge (Testing) to Unstable
Thanks you all for your replies. It sounds like I should stick to stable for now at least (till I get more confident about what I'm doing). The package I'm most concerned about upgrading is the kernel. I built this from the sources at kernel.org and used a Debian tool (can't remember the name now) to make a .deb file from it and installed ith with dpkg I think. Will doing 'apt-get upgrade' or 'apt-get dist-upgrade' install the default kernel? Will it leave mine in the GRUB menu at least? I'd like to make sure that apt-get doesn't overwrite the kernel with the standard prebuilt one - I presume mine will still be in the GRUB menu at least. Thanks, Yasir I recommend using aptitude instead of apt-get, ie. just replace apt-get update by aptitude dist-upgrade. aptitude is said to be better at resolving conflicts and recommendations. Apart from that it might be worthwhile to read the upgrade instructions from woody to sarge as they might apply to some of your packages: http://www.de.debian.org/releases/stable/i386/release-notes/ch-upgrading.en.html#s-upgradingpackages aptitude updates existing software, but doesn't remove any software, ie. your kernel will stay. If you installed it via the debian tools, ie. via a .deb package it will be found in the 'Obsolete and locally created packages' section in aptitude. You can later install a new kernel or compile a new kernel, but as said in the release info, I strongly recommend to do this in a separate step: use your existing kernel to see if everything works fine; then add an additional kernel. If it continues to work fine, you can remove the old kernel. Thank you to everyone for replying. I followed the advice given by Johannes and did aptitude dist-upgrade using http://www.us.debian.org/releases/sarge/i386/release-notes/ch-upgrading.en.html Most things installed ok, but it gave me an error which I'll list below: ...clip up to this point Setting up abiword-common (2.2.7-3sarge2) ... Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 E: Sub-process /usr/bin/dpkg returned an error code (1) Ack! Something bad happened while installing packages. Trying to recover: Setting up kernel-image-2.4.27-2-386 (2.4.27-10) ... /usr/sbin/mkinitrd: device /dev/hda7 is not a block device Failed to create initrd image. dpkg: error processing kernel-image-2.4.27-2-386 (--configure): subprocess post-installation script returned error exit status 9 dpkg: dependency problems prevent configuration of kernel-pcmcia-modules-2.4.27-2-386: kernel-pcmcia-modules-2.4.27-2-386 depends on kernel-image-2.4.27-2-386; however: Package kernel-image-2.4.27-2-386 is not configured yet. dpkg: error processing kernel-pcmcia-modules-2.4.27-2-386 (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: kernel-image-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-386 Reading Package Lists... 0% Reading Package Lists... 0% Reading Package Lists... 6% Reading Package Lists... Done Building Dependency Tree... 0% Building Dependency Tree... 0% Building Dependency Tree... 50% Building Dependency Tree... 50% Building Dependency Tree Reading extended state information... 0% Reading extended state information... 0% Reading extended state information... 3% Reading extended state information... 63% Reading extended state information Initializing package states... 0% Initializing package states... Done Reading task descriptions... 0%Reading task descriptions... 2% Reading task descriptions... Done I should say that I originally installed kernel 2.4.x (because it wouldn't boot up when I installed 2.6.x from the Sarge installer) but then I installed 2.6.x myself later, building it myself using make-kpkg. One of the things that changed was that the drive names - I think it might be because of SATA drivers? So for example, /dev/hda became /dev/sda. However, my fstab file still uses hda for some partitions (and still works somehow): $ cat fstab # /etc/fstab: static file system information. # # file system mount point type options dump pass proc/proc procdefaults0 0 /dev/hda7 / ext3defaults,errors=remount-ro 0 1 /dev/hda6 noneswapsw 0 0 /dev/sda2 /mnt/c ntfsro,umask=0 0 0 /dev/sda5 /mnt/e vfatrw,umask=0 0 0 /dev/hdc/media/cdrom0 iso9660 ro,user,noauto 0 0 /dev/fd0/media/floppy0 autorw,user,noauto 0 0 From above, you can see the / partition is still /dev/hda7 in fstab, even though it should be /dev/sha7. Should I just change all /dev/hda to /dev/sda and run aptitude dist-upgrade again? Will that fix the problem? OK - I changed /dev/hda to /dev/sda in /etc/fstab and did dpkg --configure on
Upgrading from old Sarge (Testing) to Unstable
Hello, I installed DVDs of Sarge when it was the testing distribution (before the 3.1 release). Specifically I installed a snapshot dated 30 April 2005. When I installed it the following lines were added to /etc/apt/sources.list: deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-3 (20050430)]/ unstable contrib main deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-2 (20050430)]/ unstable contrib main deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-1 (20050430)]/ unstable contrib main I now have broadband and would like to upgrade to the Unstable dist. What's the best way of doing this? I added the following line to sources.list: deb http://mirror.aarnet.edu.au/debian unstable main contrib non-free and then did the following: # apt-get update Is it safe just to issue the following command? $ apt-get upgrade Previously, I compiled my own kernel (using the Debian kernal package tools) and I also installed an ATI display driver separately. I also made some changes to various configuration files. Will all that remain intact if I upgrade? I'm trying to avoid doing a complete reinstall. Incidentally, I tried updating a single package (emacs21) and got the following error: E: This installation run will require temporarily removing the essential package e2fsprogs due to a Conflicts/Pre-Depends loop. This is often bad, but if you really want to do it, activate the APT::Force-LoopBreak option. E: Internal Error, Could not early remove e2fsprogs I presume this is because I need to do an upgrade? Thanks, Yasir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Upgrading from old Sarge (Testing) to Unstable
Thanks you all for your replies. It sounds like I should stick to stable for now at least (till I get more confident about what I'm doing). The package I'm most concerned about upgrading is the kernel. I built this from the sources at kernel.org and used a Debian tool (can't remember the name now) to make a .deb file from it and installed ith with dpkg I think. Will doing 'apt-get upgrade' or 'apt-get dist-upgrade' install the default kernel? Will it leave mine in the GRUB menu at least? I'd like to make sure that apt-get doesn't overwrite the kernel with the standard prebuilt one - I presume mine will still be in the GRUB menu at least. Thanks, Yasir Yasir Assam wrote: Hello, I installed DVDs of Sarge when it was the testing distribution (before the 3.1 release). Specifically I installed a snapshot dated 30 April 2005. When I installed it the following lines were added to /etc/apt/sources.list: deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-3 (20050430)]/ unstable contrib main deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-2 (20050430)]/ unstable contrib main deb cdrom:[Debian GNU/Linux testing _Sarge_ - Official Snapshot i386 Binary-1 (20050430)]/ unstable contrib main I now have broadband and would like to upgrade to the Unstable dist. What's the best way of doing this? I added the following line to sources.list: deb http://mirror.aarnet.edu.au/debian unstable main contrib non-free and then did the following: # apt-get update Is it safe just to issue the following command? $ apt-get upgrade With all the transitions that are taking place right now in unstable, I would be very cautious in upgrading to unstable at this moment. However if you are brave enough then you can use the above command. It is safe in the sense that it will not remove any packages from your system and it will not mess up your configuration files etc., bye raju -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]