Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Sat, 2009-05-30 at 09:33 -0400, Gene Heskett wrote: Why can't all of this audio crap have a 'service audio restart'? function? Seconded! There's a way of doing something like that, to restart the daemon started per user, but I never remember the magic incantation. I always have to google it. Alternatively, don't use pulseaudio the way Fedora does. Don't start a personal daemon with each user's session. Start one central server, and twiddle Fedora to make use of it. I don't recall the details of how to do that, but it seems familiar that you'd be adding your users to a pulseaudio group. -- [...@localhost ~]$ uname -r 2.6.27.21-78.2.41.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
Once upon a time, Bruno Wolff III br...@wolff.to said: On Sun, May 31, 2009 at 13:26:17 -0500, Chris Adams cmad...@hiwaay.net wrote: HTTPS with an unknown self-signed cert is barely any more secure than unencrypted HTTP, since a man-in-the-middle attack could just be replacing the cert and decrypting all communications. No it is a much harder attack than snooping. To do man in the middle you need to be able to take packets out of the stream and redirect them. This needs to be done in real time and if you guess wrong about whether the other end knows what the certificate is, people are going to notice you doing it. ISTR if you can snoop you can hijack the TCP session setup by responding first (aren't out-of-window packets ignored?). You don't have to cause the real responses to be dropped, you just have to respond faster. And be sure to note that certificate signed by RSA, Thawte or whoever doesn't equate to secure either. Unless you have verified the end certificate yourself you don't know that the organization on the other end is who you really mean to be talking to. You are trusting that the CAs have done the verification, which they do (to differing degrees). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Mon, Jun 01, 2009 at 14:01:54 -0500, Chris Adams cmad...@hiwaay.net wrote: ISTR if you can snoop you can hijack the TCP session setup by responding first (aren't out-of-window packets ignored?). You don't have to cause the real responses to be dropped, you just have to respond faster. That's still an active attack. You have to be able to see the incoming packets and try to send replies back fast. You need to be doing this from some place that doesn't do proper egress filtering or very close to the destination. This is still hard to do broadly, unlike being able to peruse through all of the traffic that goes through major exchange points on the internet. And be sure to note that certificate signed by RSA, Thawte or whoever doesn't equate to secure either. Unless you have verified the end certificate yourself you don't know that the organization on the other end is who you really mean to be talking to. You are trusting that the CAs have done the verification, which they do (to differing degrees). They don't have a way to verify that the site I am going to is the one I mean to. It isn't that hard to trick someone to going to a valid https site, that isn't really the one they mean to. And Firefox doesn't try to help with this case at all. The whole hierarchical design is a bad fit for what it is trying to do. Web of trust would be a lot better. But even with the current system the Firefox UI could do more to help people notice changes. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
Gene Heskett wrote: Also, I tried to join the pulse mailing list, but FF had a whole cow over the https certificate, and I have never seen such a strong warning from FF before so I didn't ok it. Could someone advise Lennert that his sites ssh certificate is dead or compromised? Most likely it's just a self-signed SSL certificate. Very common, and Firefox stupidly throws a fit over it (which is dumb because it encourages sites to just use unencrypted HTTP instead, which is even less secure, yet gets through with no warning). Just OK the certificate. Kevin Kofler -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Sunday 31 May 2009, Kevin Kofler wrote: Gene Heskett wrote: Also, I tried to join the pulse mailing list, but FF had a whole cow over the https certificate, and I have never seen such a strong warning from FF before so I didn't ok it. Could someone advise Lennert that his sites ssh certificate is dead or compromised? Most likely it's just a self-signed SSL certificate. Very common, and Firefox stupidly throws a fit over it (which is dumb because it encourages sites to just use unencrypted HTTP instead, which is even less secure, yet gets through with no warning). Just OK the certificate. Kevin Kofler Its a self signed certificate, apparently it is more paranoid about that than it is about an expired certificate. But then since its a redhat certificate, should it not be a properly signed certificate. Seems to me like it should be. I did, and went thru the knothole to subscribe, and that was fun. The new kmail apparently is messing with the hash numbers they use to confirm a subscription, and my reply to the confirmation message bounced exactly as it did for trying to join the nut-users list. The only way I could confirm was to use the web page link. That was about 14 hours ago, and I have rx'd exactly zero messages after the confirmation was rx'd. For all the pulse problems extant, that doesn't feel right. I also removed those 4 pieces that I had installed, and rebooted yet another time, and now I can listen to the news sites again. With the enablers installed, I get white noise for the audio with a news video I'm watching, and its about 120 db louder than the kde sound effects which were the only thing working, and I had to crank the PA gain to +480% to get that to work. As a config tool, pavucontrol sucks. Yes, it shows all the HDA (or whatever that acronym is) stuff that is on this mobo (or on this ATI based HD2400-Pro (rv610) video card but not bonded out for use, I wasn't able to determine which from what it was telling me), but while you can reset the defaults to use the audigy 2, you cannot disable or remove an unwanted choice. And I have NDI where it (pa) was getting the speaker shredding white noise, which FWIW, was only present when story was playing. And no one here seems to have run into this before as I didn't get anything that might have been a clue as to what to do next from this list in about 24 or so hours. No fault of yours, apparently I have the most unique ASUS motherboard ever made, an M2N-SLI Deluxe. So obviously what is nuke able, has been nuked, I've rebooted, and everything is back to working. What I take home from this experiment is that you want us to use it cuz it sounds interesting to you, but that no one other than Lennert has a clue how it works. And there may be job assignment walls around that preclude his using any paid time to support users with problem hardware. IMO, if this is to be the default for fedora, then time should be allowed for him to support those installs which are problematic. -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Christ was born in 4 B.C. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On 05/31/2009 08:50 PM, Gene Heskett wrote: Its a self signed certificate, apparently it is more paranoid about that than it is about an expired certificate. But then since its a redhat certificate, should it not be a properly signed certificate. Seems to me like it should be. It is not a Red Hat site. I am not sure why you think it is. It is his private website as confirmed by both the certificate as well as the whois records. IMO, if this is to be the default for fedora, then time should be allowed for him to support those installs which are problematic. Yes, assuming you post to a place where he can see it. That would be either bugzilla or upstream mailing list. Rahul -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Sunday 31 May 2009, Rahul Sundaram wrote: On 05/31/2009 08:50 PM, Gene Heskett wrote: Its a self signed certificate, apparently it is more paranoid about that than it is about an expired certificate. But then since its a redhat certificate, should it not be a properly signed certificate. Seems to me like it should be. It is not a Red Hat site. I am not sure why you think it is. It is his private website as confirmed by both the certificate as well as the whois records. IMO, if this is to be the default for fedora, then time should be allowed for him to support those installs which are problematic. Yes, assuming you post to a place where he can see it. That would be either bugzilla or upstream mailing list. Rahul Humm, what email msgs I have seen from Lennart, came from a redhat.com address. And, from that pulseaudio.org web page: --- People ¶ PulseAudio has been developed by: * Lennart Poettering (mezcalero) through his employer Red Hat --- That speaks volumes. So also does my unfortunate miss-spelling of his name in one or 3 messages. My apologies. Thanks Rahul. -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Success is relative: It is what we can make of the mess we have made of things. -- T.S. Eliot, The Family Reunion -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On 05/31/2009 09:38 PM, Gene Heskett wrote: Humm, what email msgs I have seen from Lennart, came from a redhat.com address. Yes. He is currently employed by Red Hat but he was not when he started the project. Red Hat generally hires people who are already working in Free software projects. Rahul -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
Gene Heskett wrote: I've since rebooted, trying a different kernel build not related to this. On the reboot, it logged: May 30 10:02:11 coyote pulseaudio[4417]: alsa-util.c: Cannot find fallback mixer control PCM or mixer control is no combination of switch/volume. May 30 10:02:11 coyote pulseaudio[4417]: alsa-util.c: Cannot find fallback mixer control Mic or mixer control is no combination of switch/volume. So this may explain by inference what isn't right. Clues please. You may want to check /etc/asound.conf. I had a problem where it had the wrong device listed. The file is generated by system-config-soundcard, but it seams to have problems correcting it when it makes a mistake. If I could reporduce it, I would file a bug report... Mike -- Remember: Sometimes the dragon wins! [Polite Dragon Smile] signature.asc Description: OpenPGP digital signature -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: Most likely it's just a self-signed SSL certificate. Very common, and Firefox stupidly throws a fit over it (which is dumb because it encourages sites to just use unencrypted HTTP instead, which is even less secure, yet gets through with no warning). Just OK the certificate. HTTPS with an unknown self-signed cert is barely any more secure than unencrypted HTTP, since a man-in-the-middle attack could just be replacing the cert and decrypting all communications. However, the reason to throw a fit is that end-users have been trained that HTTPS == secure. They know that HTTP is not secure, but they don't know the details of how SSL/TLS work to know that HTTPS with unknown cert != secure. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Sunday 31 May 2009, Chris Adams wrote: Once upon a time, Kevin Kofler kevin.kof...@chello.at said: Most likely it's just a self-signed SSL certificate. Very common, and Firefox stupidly throws a fit over it (which is dumb because it encourages sites to just use unencrypted HTTP instead, which is even less secure, yet gets through with no warning). Just OK the certificate. HTTPS with an unknown self-signed cert is barely any more secure than unencrypted HTTP, since a man-in-the-middle attack could just be replacing the cert and decrypting all communications. However, the reason to throw a fit is that end-users have been trained that HTTPS == secure. They know that HTTP is not secure, but they don't know the details of how SSL/TLS work to know that HTTPS with unknown cert != secure. +1000 -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. Yeah, my mouth has been known to write checks I then had to cover. :) -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp A closed mouth gathers no foot. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
2009/5/31 jdow j...@earthlink.net: You'd think if Linux and Fedora were so hot and wonderful there would be a system wide audio service that actually worked from consoles as well as from X. I need both to work to make my setup function correctly. So I am stuck, crippled. That does not seem to be a problem in Windows with multiple sessions as with Windows Server editions. While not usually necessary, Pulseaudio can be run as a system-wide service. http://www.pulseaudio.org/wiki/SystemWideInstance I don't know if the instructions work on Fedora (The example is for Debian), but hopefully someone more informed can enlighten us on that. I also don't know if the vt sessions also start pulseaudio if it isn't running. At least I have had audio working nice when using a vt. -- Joonas Sarajärvi mue...@gmail.com -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
2009/5/30 Gene Heskett gene.hesk...@verizon.net: Why can't all of this audio crap have a 'service audio restart'? function? Probably because there isn't a system-wide audio service. The pulseaudio server usually runs in the user's desktop session. -- Joonas Sarajärvi mue...@gmail.com -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
On Saturday 30 May 2009, Joonas Sarajärvi wrote: 2009/5/30 Gene Heskett gene.hesk...@verizon.net: Why can't all of this audio crap have a 'service audio restart'? function? Probably because there isn't a system-wide audio service. The pulseaudio server usually runs in the user's desktop session. Ok, so I add or remove a line in one of the /etc/pulse files. What do I have to kill and restart to make it re-read those config files and put the effect into service? Is a restart of X sufficient? Right now, the only thing working is the kde sound effects. Any other source, like a new video with sound, is pure white noise at 120 db above the kde sound effects. Since I like to tour the news sites of an evening, I'll remove what I installed and reboot in about an hour if no helpful advice seems to be forthcoming. Also, I tried to join the pulse mailing list, but FF had a whole cow over the https certificate, and I have never seen such a strong warning from FF before so I didn't ok it. Could someone advise Lennert that his sites ssh certificate is dead or compromised? Thanks Joonas. -- Joonas Sarajärvi mue...@gmail.com -- Cheers, Gene There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order. -Ed Howdershelt (Author) The NRA is offering FREE Associate memberships to anyone who wants them. https://www.nrahq.org/nrabonus/accept-membership.asp Beauty is truth, truth beauty, that is all Ye know on earth, and all ye need to know. -- John Keats -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: I'd like to get rid of pulseaudio but ... (Gene Heskett)
From: Gene Heskett gene.hesk...@verizon.net Sent: Saturday, 2009/May/30 17:09 On Saturday 30 May 2009, Joonas Sarajärvi wrote: 2009/5/30 Gene Heskett gene.hesk...@verizon.net: Why can't all of this audio crap have a 'service audio restart'? function? Probably because there isn't a system-wide audio service. The pulseaudio server usually runs in the user's desktop session. Ok, so I add or remove a line in one of the /etc/pulse files. What do I have to kill and restart to make it re-read those config files and put the effect into service? Is a restart of X sufficient? Right now, the only thing working is the kde sound effects. Any other source, like a new video with sound, is pure white noise at 120 db above the kde sound effects. Since I like to tour the news sites of an evening, I'll remove what I installed and reboot in about an hour if no helpful advice seems to be forthcoming. Also, I tried to join the pulse mailing list, but FF had a whole cow over the https certificate, and I have never seen such a strong warning from FF before so I didn't ok it. Could someone advise Lennert that his sites ssh certificate is dead or compromised? Thanks Joonas. -- Joonas Sarajärvi mue...@gmail.com -- Cheers, Gene You'd think if Linux and Fedora were so hot and wonderful there would be a system wide audio service that actually worked from consoles as well as from X. I need both to work to make my setup function correctly. So I am stuck, crippled. That does not seem to be a problem in Windows with multiple sessions as with Windows Server editions. {^_^} -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines