Re: [gentoo-user] trouble with evince (mime bad?)
On Mon, Feb 16, 2009 at 8:15 AM, Mick michaelkintz...@gmail.com wrote: On Monday 16 February 2009, Dale wrote: Allan Gottlieb wrote: PS In this mailing list the custom and member preference is not to top post. That is, we prefer to have replies after (or interspersed with) the original, not before it. Bottom post and text only is preferred. I think replies in the middle are OK. Sort of keeps some things in context too. Not to forget trimming the 2 pages of previous historic messages and leaving in only what is relevant to the current stage in the conversation ... OK, Thanks. Marcin
[gentoo-user] problems updating system
Hi all, I'm trying to upgrade my system and I found this problem: # emerge -uD world Calculating world dependencies / !!! All ebuilds that could satisfy =sys-libs/e2fsprogs-libs-1.41 have been masked. !!! One of the following masked packages is required to complete your request: - sys-libs/e2fsprogs-libs-1.41.3-r1 (masked by: required EAPI 2, supported EAPI 1) - sys-libs/e2fsprogs-libs-1.41.4 (masked by: required EAPI 2, supported EAPI 1) **What EAPI means? I'm on portage 2.1.3.19, and I've read that I should upgrade portage to 2.1.6 (minimum) and then my error will disappear, but when trying to upgrade portage I find: i686-pc-linux-gnu-gcc -o .libs/setfattr -Wl,-O1 -Wl,-O1 -Wl,-O1 setfattr.o ../libmisc/.libs/libmisc.a ../libattr/.libs/libattr.so creating setfattr === examples === gmake[1]: Nothing to be done for `default'. === test === gmake[1]: Nothing to be done for `default'. === m4 === gmake[1]: Nothing to be done for `default'. === man === === man1 === gmake[2]: Nothing to be done for `default'. === man2 === gmake[2]: Nothing to be done for `default'. === man3 === gmake[2]: Nothing to be done for `default'. === man5 === gmake[2]: Nothing to be done for `default'. === doc === /bin/gzip --best -c CHANGES CHANGES.gz === po === /usr/bin/xgettext --language=C --keyword=_ -o attr.pot ../attr/attr.c ../getfattr/getfattr.c ../setfattr/setfattr.c ../libattr/attr_copy_fd.c ../libattr/attr_copy_file.c /usr/bin/xgettext: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory gmake[1]: *** [attr.pot] Error 127 make: *** [default] Error 2 * * ERROR: sys-apps/attr-2.4.41 failed. * Call stack: *ebuild.sh, line 1701: Called dyn_compile *ebuild.sh, line 1039: Called qa_call 'src_compile' *ebuild.sh, line 44: Called src_compile * attr-2.4.41.ebuild, line 50: Called die * The specific snippet of code: * emake || die * The die message: * (no error message) # ls -lsa /usr/lib/libexpat.* 160 -rw-r--r-- 1 root root 157620 Feb 16 09:26 /usr/lib/libexpat.a 4 -rw-r--r-- 1 root root793 Feb 16 09:26 /usr/lib/libexpat.la 0 lrwxrwxrwx 1 root root 17 Feb 16 09:26 /usr/lib/libexpat.so - libexpat.so.1.5.2 0 lrwxrwxrwx 1 root root 17 Feb 16 09:26 /usr/lib/libexpat.so.1 - libexpat.so.1.5.2 136 -rwxr-xr-x 1 root root 132396 Feb 16 09:26 /usr/lib/libexpat.so.1.5.2 I've tried to rebuild expat, but did not solve my problem... Anyopne knows what's happening in my system? # emerge --info Portage 2.1.3.19 (default/linux/x86/2008.0, gcc-4.1.2, glibc-2.5-r4, 2.6.21-gentoo-r4 i686) = System uname: 2.6.21-gentoo-r4 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz Timestamp of tree: Fri, 13 Feb 2009 08:00:01 + distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] app-shells/bash: 3.2_p17 dev-lang/python: 2.4.4-r4, 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.9-r2 sys-apps/sandbox:1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS=x86 CBUILD=i686-pc-linux-gnu CFLAGS=-O2 -march=i686 -pipe CHOST=i686-pc-linux-gnu CONFIG_PROTECT=/etc CONFIG_PROTECT_MASK=/etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo CXXFLAGS=-O2 -march=i686 -pipe DISTDIR=/usr/portage/distfiles FEATURES=distcc distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch GENTOO_MIRRORS=http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo; LDFLAGS=-Wl,-O1 PKGDIR=/usr/portage/packages PORTAGE_RSYNC_OPTS=--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-* PORTAGE_TMPDIR=/var/tmp PORTDIR=/usr/portage SYNC=rsync://lx-arnau.pic.es/gentoo-portage USE=acl berkdb bzip2 cli cracklib crypt cups dri fortran gdbm gpm iconv ipv6 isdnlog jpeg jpg midi mudflap ncurses nls nptl nptlonly openmp pam pcre perl pppd python readline reflection session slang spl ssl sysfs tcpd unicode x86 xorg zlib ALSA_CARDS=ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci ALSA_PCM_PLUGINS=adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol APACHE2_MODULES=actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default
Re: [gentoo-user] problems updating system
On 16 Feb 2009, at 08:40, Arnau Bria wrote: Hi all, I'm trying to upgrade my system and I found this problem: # emerge -uD world Calculating world dependencies / !!! All ebuilds that could satisfy =sys-libs/e2fsprogs-libs-1.41 have been masked. !!! One of the following masked packages is required to complete your request: - sys-libs/e2fsprogs-libs-1.41.3-r1 (masked by: required EAPI 2, supported EAPI 1) - sys-libs/e2fsprogs-libs-1.41.4 (masked by: required EAPI 2, supported EAPI 1) Old thread is old. http://www.gossamer-threads.com/lists/engine?list=gentoodo=search_resultssearch_forum=forum_18search_string=e2fsprogs-libssearch_type=AND Stroller.
Re: [gentoo-user] problems updating system
On Mon, 16 Feb 2009 08:53:03 + Stroller Stroller wrote: Hi, Old thread is old. http://www.gossamer-threads.com/lists/engine?list=gentoodo=search_resultssearch_forum=forum_18search_string=e2fsprogs-libssearch_type=AND I found that too, but as I recommended to download a patch from a strange site: http://casidiablo.net/wordpress/descargar/Parche+Portage I did not believe it... Portage needing some code from casadiablo?¿¿ Stroller. Thanks, -- Arnau Bria http://blog.emergetux.net Bombing for peace is like fucking for virginity
Re: [gentoo-user] problems updating system
On Mon, 16 Feb 2009 09:59:14 +0100 Arnau Bria wrote: Portage needing some code from casadiablo?¿¿ And now: # patch /usr/lib/portage/bin/emerge search_invalid.patch patching file /usr/lib/portage/bin/emerge Hunk #1 FAILED at 634. 1 out of 1 hunk FAILED -- saving rejects to file /usr/lib/portage/bin/emerge.rej is this the only solution available? cheers! -- Arnau Bria http://blog.emergetux.net Bombing for peace is like fucking for virginity
Re: [gentoo-user] problems updating system
On Mon, 16 Feb 2009 09:40:53 +0100, Arnau Bria wrote: /usr/bin/xgettext --language=C --keyword=_ -o attr.pot ../attr/attr.c ../getfattr/getfattr.c ../setfattr/setfattr.c ../libattr/attr_copy_fd.c ../libattr/attr_copy_file.c /usr/bin/xgettext: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory Run revdep-rebuild, then update portage. -- Neil Bothwick WinErr 018: Unrecoverable error - System has been destroyed. Buy a new one. Old Windows licence is not valid anymore. signature.asc Description: PGP signature
Re: [gentoo-user] problems updating system
Arnau Bria 写道: Hi all, I'm trying to upgrade my system and I found this problem: # emerge -uD world Calculating world dependencies / !!! All ebuilds that could satisfy =sys-libs/e2fsprogs-libs-1.41 have been masked. !!! One of the following masked packages is required to complete your request: - sys-libs/e2fsprogs-libs-1.41.3-r1 (masked by: required EAPI 2, supported EAPI 1) - sys-libs/e2fsprogs-libs-1.41.4 (masked by: required EAPI 2, supported EAPI 1) **What EAPI means? 'emerage portage' before 'emerge -uD world'
Re: [gentoo-user] problems updating system
On 16 Feb 2009, at 08:59, Arnau Bria wrote: On Mon, 16 Feb 2009 08:53:03 + Stroller Stroller wrote: Hi, Old thread is old. http://www.gossamer-threads.com/lists/engine?list=gentoodo=search_resultssearch_forum=forum_18search_string=e2fsprogs-libssearch_type=AND I found that too, but as I recommended to download a patch from a strange site: http://casidiablo.net/wordpress/descargar/Parche+Portage I did not believe it... Portage needing some code from casadiablo?¿¿ Um... I don't believe that was recommended in the majority of those threads. I can find casadiablo mentioned in neither of these threads: http://www.gossamer-threads.com/lists/gentoo/user/174970 http://www.gossamer-threads.com/lists/gentoo/user/174371 Personally, casually uninstalling the blockers re-emerging world has worked fine for me (I think it's necessary to upgrade to e2fsprogs-1.40.9 as the very first step), but I hesitate to recommend that because it goes against the combined wisdom of the whole blogosphere. Stroller.
Re: [gentoo-user] /etc/init.d/: ntpd or ntp-client?
* Stroller (strol...@stellar.eclipse.co.uk) [16.02.09 02:10]: On 15 Feb 2009, at 21:51, Sebastian Günther wrote: * Stroller (strol...@stellar.eclipse.co.uk) [14.02.09 08:29]: On 4 Feb 2009, at 13:40, Justin wrote: Except that here, ntp-client seems to start *before* the network, so fails to find the ntp-server. I'll investigate this more later. If you have baselayout2 and openrc check /etc/rc.conf for the following: rc_depend_strict=NO If you have this, this is your problem... Nope, sys-apps/baselayout-1.12.11.1 here. Well in /etc/conf.d/rc iirc should be something similar... Stroller. Sebastian -- Religion ist das Opium des Volkes. Karl Marx s...@sti@N GÜNTHER mailto:sam...@guenther-roetgen.de pgpdOWNFhztHk.pgp Description: PGP signature
Re: [gentoo-user] problems updating system
On Mon, 16 Feb 2009 09:02:35 + Neil Bothwick wrote: On Mon, 16 Feb 2009 09:40:53 +0100, Arnau Bria wrote: /usr/bin/xgettext --language=C --keyword=_ -o attr.pot ../attr/attr.c ../getfattr/getfattr.c ../setfattr/setfattr.c ../libattr/attr_copy_fd.c ../libattr/attr_copy_file.c /usr/bin/xgettext: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory Run revdep-rebuild, then update portage. * Generated new 4_raw.rr and 4_owners.rr * Cleaning list of packages to rebuild * Generated new 4_pkgs.rr * Assigning packages to ebuilds * Generated new 4_ebuilds.rr * Evaluating package order * Generated new 5_order.rr * All prepared. Starting rebuild emerge --oneshot dev-libs/apr-util:0 dev-perl/DBD-mysql:0 net-libs/gnutls:0 sys-devel/gettext:0 .. Calculating dependencies | emerge: there are no ebuilds to satisfy dev-libs/apr-util:0. Seems that my system has some other problems... going to sync again cheers, -- Arnau Bria http://blog.emergetux.net Bombing for peace is like fucking for virginity
Re: [gentoo-user] Commenting out multiple lines in vim
On Fri, February 13, 2009 9:01 pm, Stroller wrote: On 13 Feb 2009, at 09:24, Joost Roeleveld wrote: ... On my system I then need to move the cursor to actually see the change, is this normal? Here the change appears when you move the cursor... or after a slow second. Ok, this was clearly a case of impatience :) Just tried it again and the change shows after about a second. -- Joost
[gentoo-user] custom-cxxflags not supported but on anyway
Hi, I'm in the process of installing KDE 4 and noticed something new to me. I generally check my USE flags and make sure I am getting what I want and not getting what I don't. I noticed this tho: [ebuild R ] x11-libs/qt-core-4.4.2 USE=qt3support ssl -custom-cxxflags% -debug -doc -glib -pch 0 kB [ebuild R ] x11-libs/qt-test-4.4.2 USE=-custom-cxxflags% -debug -pch 0 kB [ebuild R ] x11-libs/qt-script-4.4.2 USE=-custom-cxxflags% -debug -pch 0 kB [ebuild NS ] app-crypt/qca-2.0.0-r2 [1.0-r3] USE=-debug -doc -examples 0 kB [ebuild R ] x11-libs/qt-sql-4.4.2 USE=qt3support sqlite -custom-cxxflags% -debug -firebird -mysql -odbc -pch -postgres 0 kB [ebuild N] net-libs/libvncserver-0.9.1 USE=jpeg zlib -no24bpp -nobackchannel 0 kB [ebuild N] media-libs/xvid-1.1.3 USE=(-altivec) -examples 0 kB [ebuild N] media-libs/libmodplug-0.8.4-r2 0 kB [ebuild N] sys-libs/libieee1284-0.2.8 USE=-doc 0 kB [ebuild N] dev-libs/libpthread-stubs-0.1 USE=-debug 0 kB [ebuild R ] x11-libs/qt-dbus-4.4.2 USE=-custom-cxxflags% -debug -pch 0 kB [ebuild R ] x11-libs/qt-gui-4.4.2-r1 USE=accessibility cups dbus qt3support tiff -custom-cxxflags% -debug -glib -mng -nas -nis -pch -xinerama INPUT_DEVICES=-wacom 0 kB [ebuild R ] x11-libs/qt-qt3support-4.4.2 USE=accessibility -custom-cxxflags% -debug -pch 0 kB [ebuild R ] x11-libs/qt-svg-4.4.2 USE=-custom-cxxflags% -debug -pch 0 kB [ebuild R ] x11-libs/qt-webkit-4.4.2 USE=-custom-cxxflags% -debug -pch 0 kB [ebuild R ] x11-libs/qt-opengl-4.4.2 USE=qt3support -custom-cxxflags% -debug -pch 0 kB This is just a few that are clumped together. There are quite a few others as well. After checking I find out this: r...@smoker / # euse -i custom-cxxflags global use flags (searching: custom-cxxflags) [-] custom-cxxflags - Build with user-specified CXXFLAGS (unsupported) local use flags (searching: custom-cxxflags) no matching entries found r...@smoker / # I notice it says unsupported. So I thought maybe I added this at some point but didn't remember it. Here is my related make.conf info: r...@smoker / # cat /etc/make.conf | grep USE= USE=-a52 acl acpi alsa amd arts artswrappersuid automount -bluetooth -branding bzip2 cddb cdr chroot crypt curl dbus -doc -dts dvd dvdr dvdread esd exif fdftk -fftw -firefox -gcj gif gimp gkrellm -gnome gphoto2 gtk hal hbci htmlhandbook ipv6 java javascript jbig jpeg jpeg2k justify kde kdeprefix libwww logrotate loop-aes mmx mplayer mp3 -musepack -mysql -nls nsplugin ofx offensive opengl -oss parport pdf ppds qt3 qt3support qt4 realmedia seamonkey sqlite sse syslog tcl -theora tiff tk truetype usb -v4l webkit win32codecs wma wmf wmp X xml xprint yahoo -xulrunner zeroconf 3dnow r...@smoker / # cat /etc/make.conf | grep FLAG CFLAGS=-march=athlon-xp -O2 -pipe -fomit-frame-pointer CXXFLAGS=${CFLAGS} r...@smoker / # I try to keep my USE line in alphabetical order but I just don't see that flag in there. I know KDE 4 is not stable but some of the packages are being recompiled because of the USE flag being changed. This is my profile info: r...@smoker / # eselect profile list Available profile symlink targets: [1] hardened/x86/2.6 [2] selinux/2007.0/x86 [3] selinux/2007.0/x86/hardened [4] default/linux/x86/2008.0 [5] default/linux/x86/2008.0/desktop * [6] default/linux/x86/2008.0/developer [7] default/linux/x86/2008.0/server [8] hardened/linux/x86 r...@smoker / # I also checked the profile USE but don't see the change in there either. So, why is this enabled but not supported? Is this safe to have enabled? Does it even matter anyway? What is making it even change to begin with? Thanks. Dale :-) :-) P. S. I bet this will be simple too. o_O
Re: [gentoo-user] custom-cxxflags not supported but on anyway
[ebuild R ] x11-libs/qt-core-4.4.2 USE=qt3support ssl -custom-cxxflags% -debug -doc -glib -pch 0 kB -custom-cxxflags To me it looks like it is disabled! This flag has been added recently to the qt packages and although it is disabled the affected packages need a rebuild when newuse is triggered. -- Regards, Daniel
[gentoo-user] Mailing Lists
Hi is there a mailing lists to discuss about perl or python or bash scripting language ? Thanks and Regards Kaushal
Re: [gentoo-user] Mailing Lists
On Monday 16 February 2009, 13:05, Kaushal Shriyan wrote: Hi is there a mailing lists to discuss about perl or python or bash scripting language ? Yes. Search in the respective sites for more information. There are also dedicated newsgroups.
Re: [gentoo-user] custom-cxxflags not supported but on anyway
On Mon, 16 Feb 2009 12:38:25 +0100, Daniel Pielmeier wrote: This flag has been added recently to the qt packages and although it is disabled the affected packages need a rebuild when newuse is triggered. Use --reinstall changed-use instead of --newuse. It saves on pointless rebuilds. -- Neil Bothwick The trouble with life is that you are halfway through it before you realize it's a do it yourself thing. signature.asc Description: PGP signature
[gentoo-user] Gentoo as a production server - insecure?
I got in to a discussion about which server to recommend for running the php5 symfony framework, and I recommended Gentoo as I had been using it my self for a couple of years and have been very satisfied with it. Somebody pointed out that having a productions server with a gcc installed was a big no no security wise, so I did a bit of goggling on that topic and found a couple of articles supporting that view. Maybe I'm just ill informed, but I can't really see the big problem here. Sure if there is a gcc compiler installed you can recompile everything to your hearts content, but you still need to get access to the server first. And if you have server access you can install gcc on any distribution. Even openbsd (to my knowledge) comes with gcc bundled and they claim to be the most secure *nix available. Im using the gentoo hardened profile for my production servers with a lamp stack and have considered them reasonably secure, but am I wrong in assuming this? Joe
Re: [gentoo-user] custom-cxxflags not supported but on anyway
2009/2/16 Neil Bothwick n...@digimed.co.uk: On Mon, 16 Feb 2009 12:38:25 +0100, Daniel Pielmeier wrote: This flag has been added recently to the qt packages and although it is disabled the affected packages need a rebuild when newuse is triggered. Use --reinstall changed-use instead of --newuse. It saves on pointless rebuilds. Hm I must have missed this option somehow. Good to know there is such feature. I guess in this case only the portage package database is updated. -- Regards, Daniel
Re: [gentoo-user] Gentoo as a production server - insecure?
On Mon, 16 Feb 2009 13:48:04 +0100 Johannes Frandsen j...@imento.dk wrote: I got in to a discussion about which server to recommend for running the php5 symfony framework, and I recommended Gentoo as I had been using it my self for a couple of years and have been very satisfied with it. Somebody pointed out that having a productions server with a gcc installed was a big no no security wise, so I did a bit of goggling on that topic and found a couple of articles supporting that view. I suppose it makes sense only in much broader context: remove everything that isn't necessary, even gcc. It might certainly give attacker a harder time, but if it's x86/64 linux machine, I think that hardly matters - static binaries won't be a problem, so, if you're seriously considering that step to be necessary - get rid of coreutils (especially that 'rm' utility) and all the interpreters (even awk!) first. -- Mike Kazantsev // fraggod.net signature.asc Description: PGP signature
Re: [gentoo-user] Gentoo as a production server - insecure?
I happened to browse through a FreeBSD and a CentOS based virtual server and was amazed on both occasions as to how slim these machines were. I've seen embedded Linux running more processes on hardware servers than what these machines were running. In that sense, gcc and toolchain will be easily perceived as bloat and potential for vulnerabilities and exploitation. In my humble opinion, it is all relevant. If you understand SELinux you may want to have a look at it. One of these days I promised myself to have a good read of it without falling asleep or developing a migraine! :p The beauty of Gentoo is that you can build it as you want it. 2009/2/16 Mike Kazantsev mike_kazant...@fraggod.net: On Mon, 16 Feb 2009 13:48:04 +0100 Johannes Frandsen j...@imento.dk wrote: I got in to a discussion about which server to recommend for running the php5 symfony framework, and I recommended Gentoo as I had been using it my self for a couple of years and have been very satisfied with it. Somebody pointed out that having a productions server with a gcc installed was a big no no security wise, so I did a bit of goggling on that topic and found a couple of articles supporting that view. I suppose it makes sense only in much broader context: remove everything that isn't necessary, even gcc. It might certainly give attacker a harder time, but if it's x86/64 linux machine, I think that hardly matters - static binaries won't be a problem, so, if you're seriously considering that step to be necessary - get rid of coreutils (especially that 'rm' utility) and all the interpreters (even awk!) first. -- Mike Kazantsev // fraggod.net -- Regards, Mick
Re: [gentoo-user] Mailing Lists
On Mon, Feb 16, 2009 at 7:05 AM, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi is there a mailing lists to discuss about perl or python or bash scripting language ? Thanks and Regards Kaushal http://lmgtfy.com/?q=perl+mailing+list http://lmgtfy.com/?q=python+mailing+list As far as I can tell, there is no Bash mailing list apart from bug-bash. You'll probably get flamed if you post questions there.
[gentoo-user] Re: Gentoo as a production server - insecure?
Johannes Frandsen jsf at imento.dk writes: Somebody pointed out that having a productions server with a gcc installed was a big no no security wise, so I did a bit of goggling on that topic and found a couple of articles supporting that view. From 10,000 feet above, for those less versed in running a daily tight network, it totally misses the point. If you want to run a really secure network. Model and profile the activity, set soft (say 5%) and hard alarms (10%) for certain types of traffic flows that could contain interloper activity. Then add tools that analyze the traffic, where you perceive vulnerability. If your organization does not have a pathelogical hacker on the payroll, then consider retaining a consultant periodically to perform penetration tests. Stay away from corporations, as most of their talent pool, is on the weak side of modern genectic apptitude. Lock up your special consultant with a aggressive legal contract. Some really paranoid groups get different special consultants to perform penetration tests over time. Layer your security through several firewalls. Partition the network via managed switches. If you suspect an internal interloper, then put him on an isolated segment with a stealth sniffer monitoring his activities. (my idea of a stealth sniffer is set the eth-int to 0.0.0.0) on that segment. But why stop there. Most cell phone protocols/encyption have been cracked. Spend some money and start sniffing the local cell phone calls. (monitoring for quality assurance) Note, may be illegal in your area, unless you pay the local goverments money and show them how to do the same Amature lie detection electronics are a lot of fun too! (at least for the prick that gets to ask the questions). Then there are urine tests. Anyone that has a good time with recreational drugs is automatically an interloper, (guilty by association right?) Build a network that requires tons of manual intervention, unlike what anyone else doesLots of other out of the box security ideas abound == caveat emptor! If the rub is really the gcc compiler, then do not have it installed; activate a remote partition with any such tools as gcc, coreutils and use them for admin things. Then unmount these (NFS or such) necessary system tools, when your not actively using them. Or put then on a usb stick with (ivman or your favorite mechanism). Prolly (I like this term so much, I borrowed it from another gentooer...) what you will discover is other admins do not like your Gentoo tendencies, because it's not their idea (just a hunch) My experience is when you constantly flesh_out a system and constantly update stuff, it stays more secure. Systems that get little attention are where the interlopers like to hide; imho. Gentoo does fall short on anomaly detection as do most operating systems, but, it's easy to remedy with modeling, profiling and analysis of the traffic flows I find the best security is obscurity, and secrecy of the admin's tools and traits for administration. Don't follow the herd/vendor rhetoric. Using the common approaches to security, makes your life much easier. Add your own unique spices to the mixture of security tools you use. The change_up is the best and easiest pitch in baseball. Some admins never use the change_up? SElinux is superb but a pain in the waz. Lots of folks do not trust the NSA, mostly from a historical perspective. All governments have a vested interest in their citizens and businesses having really secure computers and networks. It makes their jobs (the spoofs) much easier. SElinux is focused on software security policy enforcement (orange book). SElinux in and of itself, is not a complete solution for a tight network. It is a component that needs to be augmented with network and statistical tools and lots of tricks. Without admin tools, it is tedious and laborious, imho. I found a really cool java based tool to implement and manage it, but there was not much enthusiasm , amongst the java nor selinux folks here at gentoo to implement the tool: http://bugs.gentoo.org/show_bug.cgi?id=209435 This is just the tip of the ice-burg, you can (and many do) go crazy with security. My best advice is make security fun for the nerds that perform the security admin work on a daily basis. You get a lot of satisfaction, watching the CFO play video games or the board members connect to a foreign bank account, on a network you secure(grin). Not to mention folks with elite skills, never seem to go unemployed, nor suffer from a lack of resources.. Our planet is corrupt, then questions is who do we throw the first stone at, and for what 'bonafide' reasons. ymmv, James
[gentoo-user] build failure for sys-libs/libstdc++-v3-3.3.6 (no xregex.h)
I just did emerge --deep --verbose --tree --ask --update --newuse world The first package to be rebuilt was libstdc++ The failure was creating config.h make[1]: Entering directory `/mnt/a/portage/tmp/portage/sys-libs/libstdc++-v3-3.3.6/work/gcc-3.3.6/i686-pc-linux-gnu/libiberty' if [ x-fpic != x ] [ ! -d pic ]; then \ mkdir pic; \ else true; fi make[1]: *** No rule to make target `../include/xregex.h', needed by `regex.o'. Stop. make[1]: *** Waiting for unfinished jobs touch stamp-picdir make[1]: Leaving directory `/mnt/a/portage/tmp/portage/sys-libs/libstdc++-v3-3.3.6/work/gcc-3.3.6/i686-pc-linux-gnu/libiberty' make: *** [all-target-libiberty] Error 2 * * ERROR: sys-libs/libstdc++-v3-3.3.6 failed. I could find nothing relevant in bugs.gentoo.org and googling didn't help Any help would be appreciated allan emerge --info yields Portage 2.1.6.4 (default/linux/x86/2008.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.23-gentoo-r3-ajg2 i686) = System uname: linux-2.6.23-gentoo-r3-ajg2-i686-intel-r-_core-tm-2_cpu_t72...@_2.00ghz-with-glibc2.0 Timestamp of tree: Mon, 16 Feb 2009 14:30:01 + app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.6-r1 dev-lang/python: 2.5.2-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox:1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS=x86 CBUILD=i686-pc-linux-gnu CFLAGS=-O2 -march=prescott -pipe CHOST=i686-pc-linux-gnu CONFIG_PROTECT=/etc /var/lib/hsqldb CONFIG_PROTECT_MASK=/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d CXXFLAGS=-O2 -march=prescott -pipe DISTDIR=/a/portage/distfiles EMERGE_DEFAULT_OPTS=--ask --deep --tree --verbose --with-bdeps=y FEATURES=buildsyspkg collision-protect distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch GENTOO_MIRRORS=http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo; LDFLAGS=-Wl,-O1 LINGUAS=en_US MAKEOPTS=-j3 PKGDIR=/usr/portage/packages PORTAGE_RSYNC_OPTS=--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages PORTAGE_TMPDIR=/a/portage/tmp PORTDIR=/usr/portage SYNC=rsync://rsync.gentoo.org/gentoo-portage USE=X a52 aac accessibility acl acpi alsa apache2 berkdb bzip2 cdr cli cracklib crypt cups dbus doc dri dvd dvdr emacs esd fortran gdbm gif gimp gnome gpm gtk guile hal iconv imap ipv6 isdnlog java jpeg mad midi mmx mp3 mpeg mudflap ncurses nls nptl nptlonly nsplugin ogg openmp oss pam pcre perl png ppds pppd python quicktime readline reflection scanner session snmp sound spl sse sse2 ssl sysfs tcpd tiff tk truetype unicode vorbis x86 xft xorg xulrunner xvid xvmc zlib ALSA_CARDS=ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci ALSA_PCM_PLUGINS=adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol APACHE2_MODULES=actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connectproxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias ELIBC=glibc INPUT_DEVICES=keyboard mouse evdev KERNEL=linux LCD_DEVICES=bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text LINGUAS=en_US USERLAND=GNU VIDEO_CARDS=i810 vesa Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Re: [gentoo-user] build failure for sys-libs/libstdc++-v3-3.3.6 (no xregex.h)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Allan Gottlieb escreveu: I just did emerge --deep --verbose --tree --ask --update --newuse world The first package to be rebuilt was libstdc++ The failure was creating config.h make[1]: Entering directory `/mnt/a/portage/tmp/portage/sys-libs/libstdc++-v3-3.3.6/work/gcc-3.3.6/i686-pc-linux-gnu/libiberty' if [ x-fpic != x ] [ ! -d pic ]; then \ mkdir pic; \ else true; fi make[1]: *** No rule to make target `../include/xregex.h', needed by `regex.o'. Stop. make[1]: *** Waiting for unfinished jobs touch stamp-picdir make[1]: Leaving directory `/mnt/a/portage/tmp/portage/sys-libs/libstdc++-v3-3.3.6/work/gcc-3.3.6/i686-pc-linux-gnu/libiberty' make: *** [all-target-libiberty] Error 2 * * ERROR: sys-libs/libstdc++-v3-3.3.6 failed. I could find nothing relevant in bugs.gentoo.org and googling didn't help Any help would be appreciated allan emerge --info yields Portage 2.1.6.4 (default/linux/x86/2008.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.23-gentoo-r3-ajg2 i686) = System uname: linux-2.6.23-gentoo-r3-ajg2-i686-intel-r-_core-tm-2_cpu_t72...@_2.00ghz-with-glibc2.0 Timestamp of tree: Mon, 16 Feb 2009 14:30:01 + app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.6-r1 dev-lang/python: 2.5.2-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox:1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS=x86 CBUILD=i686-pc-linux-gnu CFLAGS=-O2 -march=prescott -pipe CHOST=i686-pc-linux-gnu CONFIG_PROTECT=/etc /var/lib/hsqldb CONFIG_PROTECT_MASK=/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d CXXFLAGS=-O2 -march=prescott -pipe DISTDIR=/a/portage/distfiles EMERGE_DEFAULT_OPTS=--ask --deep --tree --verbose --with-bdeps=y FEATURES=buildsyspkg collision-protect distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch GENTOO_MIRRORS=http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo; LDFLAGS=-Wl,-O1 LINGUAS=en_US MAKEOPTS=-j3 PKGDIR=/usr/portage/packages PORTAGE_RSYNC_OPTS=--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages PORTAGE_TMPDIR=/a/portage/tmp PORTDIR=/usr/portage SYNC=rsync://rsync.gentoo.org/gentoo-portage USE=X a52 aac accessibility acl acpi alsa apache2 berkdb bzip2 cdr cli cracklib crypt cups dbus doc dri dvd dvdr emacs esd fortran gdbm gif gimp gnome gpm gtk guile hal iconv imap ipv6 isdnlog java jpeg mad midi mmx mp3 mpeg mudflap ncurses nls nptl nptlonly nsplugin ogg openmp oss pam pcre perl png ppds pppd python quicktime readline reflection scanner session snmp sound spl sse sse2 ssl sysfs tcpd tiff tk truetype unicode vorbis x86 xft xorg xulrunner xvid xvmc zlib ALSA_CARDS=ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci ALSA_PCM_PLUGINS=adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol APACHE2_MODULES=actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias ELIBC=glibc INPUT_DEVICES=keyboard mouse evdev KERNEL=linux LCD_DEVICES=bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text LINGUAS=en_US USERLAND=GNU VIDEO_CARDS=i810 vesa Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY Looking at forum in gentoo.org a lot of people with the same problem. The hint that don't upgrade already. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmZl18ACgkQ35zeJy7JhCj/CQCfc0UeNuo7jK8G2IGgaAYzTuXh
Re: [gentoo-user] build failure for sys-libs/libstdc++-v3-3.3.6 (no xregex.h)
At Mon, 16 Feb 2009 13:42:07 -0300 Zhu Sha Zang zhushaz...@yahoo.com.br wrote: Allan Gottlieb escreveu: I just did emerge --deep --verbose --tree --ask --update --newuse world The first package to be rebuilt was libstdc++ The failure was [ snip ] Looking at forum in gentoo.org a lot of people with the same problem. The hint that don't upgrade already. Thanks. I will sit tight for a day or two. allan
Re: [gentoo-user] build failure for sys-libs/libstdc++-v3-3.3.6 (no xregex.h)
On Mon, Feb 16, 2009 at 8:26 AM, Allan Gottlieb gottl...@nyu.edu wrote: At Mon, 16 Feb 2009 13:42:07 -0300 Zhu Sha Zang zhushaz...@yahoo.com.br wrote: Allan Gottlieb escreveu: I just did emerge --deep --verbose --tree --ask --update --newuse world The first package to be rebuilt was libstdc++ The failure was [ snip ] Looking at forum in gentoo.org a lot of people with the same problem. The hint that don't upgrade already. Thanks. I will sit tight for a day or two. allan I saw this issue this morning myself. Just hang tight for awhile. - Mark
Re: [gentoo-user] Mailing Lists
2009/2/16 Dan Cowsill danthe...@gmail.com: On Mon, Feb 16, 2009 at 7:05 AM, Kaushal Shriyan kaushalshri...@gmail.com wrote: Hi is there a mailing lists to discuss about perl or python or bash scripting language ? Thanks and Regards Kaushal http://lmgtfy.com/?q=perl+mailing+list http://lmgtfy.com/?q=python+mailing+list As far as I can tell, there is no Bash mailing list apart from bug-bash. You'll probably get flamed if you post questions there. Despite the name, this list is for general Bash questions too.
[gentoo-user] Re: spontaneous reboots.. what to look for
Volker Armin Hemmann volkerar...@googlemail.com writes: Do the easy thing first. Clean your case, reseat all cards and memory modules and check all caps while doing so. Any of them deformed? The 'head' going up? Strange stuff around its feet? Congratulation, you need new hardware. Sorry to be a numb skull here but what do you mean by `caps'
Re: [gentoo-user] Gentoo as a production server - insecure?
Hi, would you please be so kind and avoid hijacking other threads next time. Thanks... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] NIC not detected after Kernel upgrade
Am Sonntag, 15. Februar 2009 22:52:42 schrieb Guillermo Garron: sudo lspci -v | grep Ether 00:19.0 Ethernet controller: Intel Corporation 82566DC Gigabit Network Connection (rev 02) Where did I write |grep Ether? That's pretty much useless as there is nothing new in it. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] NIC not detected after Kernel upgrade
Am Montag, 16. Februar 2009 02:17:36 schrieb Stroller: System Rescue CD uses a kernel of about the same vintage as the one you're trying to upgrade to. I suggest you boot with it see if your NIC works. If so, copy the kernel config `make oldconfig`. Or even better: use lspci -v while running from CD, and enable the driver it tells you. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: spontaneous reboots.. what to look for
On Mon, Feb 16, 2009 at 9:30 AM, Harry Putnam rea...@newsguy.com wrote: Volker Armin Hemmann volkerar...@googlemail.com writes: Do the easy thing first. Clean your case, reseat all cards and memory modules and check all caps while doing so. Any of them deformed? The 'head' going up? Strange stuff around its feet? Congratulation, you need new hardware. Sorry to be a numb skull here but what do you mean by `caps' Capacitors. They are small electronic compenents on your circuit board that hold charge and tend to help smooth out noise on power circuits, among other things. Sometimes they start to break down, overheat, etc., and if they do then you might be able to spot this change physically. In my experience the ones that go bad and that you have some small chance of fixing are generally little cylinders sitting upright so you see the circle on top. If you're old like me you might need a magnifying glass to look closely. They can be quite small and they are likely sitting all around your processor, etc. Good luck, Mark
Re: [gentoo-user] Re: spontaneous reboots.. what to look for
I believe he is referring to capacitors, you should be able to google for some pictures of common capacitors. They look like little barrels, usually dark blue as I look at my motherboard... They have special electrical paste in them, if it leaks, they are dead. Harry Putnam wrote: Volker Armin Hemmann volkerar...@googlemail.com writes: Do the easy thing first. Clean your case, reseat all cards and memory modules and check all caps while doing so. Any of them deformed? The 'head' going up? Strange stuff around its feet? Congratulation, you need new hardware. Sorry to be a numb skull here but what do you mean by `caps'
Re: [gentoo-user] Re: spontaneous reboots.. what to look for
On Montag 16 Februar 2009, Harry Putnam wrote: Volker Armin Hemmann volkerar...@googlemail.com writes: Do the easy thing first. Clean your case, reseat all cards and memory modules and check all caps while doing so. Any of them deformed? The 'head' going up? Strange stuff around its feet? Congratulation, you need new hardware. Sorry to be a numb skull here but what do you mean by `caps' capacitors. http://en.wikipedia.org/wiki/Capacitor that little blackwhite or greenwhite or blacksilver or all silver cylindrical thingies that are all over your mainboard. Some of them are on your cards too. And this little guys aren't known for their robustness. In fact they don't like heat - dying very fast when things get hot. (excpet polymer/'solid' cap).
Re: [gentoo-user] Re: spontaneous reboots.. what to look for
On 16 Feb 2009, at 17:30, Harry Putnam wrote: Volker Armin Hemmann volkerar...@googlemail.com writes: Do the easy thing first. Clean your case, reseat all cards and memory modules and check all caps while doing so. Any of them deformed? The 'head' going up? Strange stuff around its feet? Congratulation, you need new hardware. Sorry to be a numb skull here but what do you mean by `caps' Capacitors. http://images.google.com/images?q=bad%20capacitors But don't rely on this - a component can fail fail without it being visible. IME the most common cure for nonspecific hardware failures is replacing the PSU, but in your case I would also swap out the graphics card early. Stroller.
Re: [gentoo-user] a multi-process browser?
On Sun, Feb 15, 2009 at 08:27:15PM +0100, Etaoin Shrdlu wrote: On Sunday 15 February 2009, 05:10, Joshua Murphy wrote: Google Chrome's another that has this wonderful feature... and doesn't run on Linux (yet). And even when it will, I bet it would be under wine. Nope, it will be native linux using the gtk toolkit. http://groups.google.com/group/chromium-dev/msg/f3507e2ded99b354?pli=1 --- === TopperH http://topperh.blogspot.com === pgpGseA8ww7G0.pgp Description: PGP signature
Re: [gentoo-user] custom-cxxflags not supported but on anyway
Daniel Pielmeier wrote: [ebuild R ] x11-libs/qt-core-4.4.2 USE=qt3support ssl -custom-cxxflags% -debug -doc -glib -pch 0 kB -custom-cxxflags To me it looks like it is disabled! This flag has been added recently to the qt packages and although it is disabled the affected packages need a rebuild when newuse is triggered. But since it is changing, I would assume it was on before? If it was off before then why would it rebuild it? I do have to say, I don't recall ever seeing this one before. Dale :-) :-)
Re: [gentoo-user] custom-cxxflags not supported but on anyway
2009/2/16 Dale rdalek1...@gmail.com: But since it is changing, I would assume it was on before? If it was off before then why would it rebuild it? I do have to say, I don't recall ever seeing this one before. The use flag was intruduced to the stable version without a version bump. So it is a new flag but if you don't enable it nothing will change if you do a rebuild. Thus following the suggestion from Neil would be the best solution. If I had known this option before it would have saved me a useless rebuild. -- Regards, Daniel
Re: [gentoo-user] Installing outside of Portage cruft removal
I'd like to install the latest miro from their nightlies and that means installing manually without an ebuild. I've always avoided this because I don't want files spread across my system without an easy way to remove them. I've also always wanted to set up a good cruft removal script for keeping my system clean (I'll admit that takes me in the hobbyist direction) and I'm thinking the two might work well together. I could temporarily install apps without an ebuild and use a cruft removal script to remove them. What do you guys think of this? Do you know of a good cruft removal script? If you can install your apps into a specific location, I'd use xstow. emerge xstow cd ~/install/myapp-1.2.3 ./configure --prefix=/usr/local/stow/myapp-1.2.3 make make install cd /usr/local/stow xstow myapp-1.2.3 myapp-1.2.3 is installed into /usr/local/stow/myapp-1.2.3, but xstow created symlinks into the /usr/local hierarchy, so it looks as if it were directly installed there. No need to add /usr/local/stow/myapp-1.2.3/bin to the PATH and such. Use xstow -D myapp-1.2.3 to remove the symlinks if you want to uninstall, then remove /usr/local/stow/myapp-1.2.3. That would still leave anything installed outside of /usr/local (/etc for example) right? - Grant
Re: [gentoo-user] custom-cxxflags not supported but on anyway
Neil Bothwick wrote: On Mon, 16 Feb 2009 12:38:25 +0100, Daniel Pielmeier wrote: This flag has been added recently to the qt packages and although it is disabled the affected packages need a rebuild when newuse is triggered. Use --reinstall changed-use instead of --newuse. It saves on pointless rebuilds. Well, it is done now. You know what would be nice, a mailing list that announces these new features. Maybe one that only devs can post to but anyone can receive. Just a little note that something new is coming and what it does would be really nice. Dale :-) :-)
Re: [gentoo-user] Installing outside of Portage cruft removal
Am Montag, 16. Februar 2009 19:33:11 schrieb Grant: If you can install your apps into a specific location, I'd use xstow. emerge xstow cd ~/install/myapp-1.2.3 ./configure --prefix=/usr/local/stow/myapp-1.2.3 make make install cd /usr/local/stow xstow myapp-1.2.3 myapp-1.2.3 is installed into /usr/local/stow/myapp-1.2.3, but xstow created symlinks into the /usr/local hierarchy, so it looks as if it were directly installed there. No need to add /usr/local/stow/myapp-1.2.3/bin to the PATH and such. Use xstow -D myapp-1.2.3 to remove the symlinks if you want to uninstall, then remove /usr/local/stow/myapp-1.2.3. That would still leave anything installed outside of /usr/local (/etc for example) right? No. All the symlinks will be in /usr/local or subdirectories of it (or more general: in the parent directory of the stow dir). Bye... Dirk signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: Gentoo as a production server - insecure?
Dirk Heinrichs dirk.heinrichs at online.de writes: would you please be so kind and avoid hijacking other threads next time. Um, you must not have read the response. I did specifically address and provide remedy if indeed having gcc installed on a machine is a security threat. Sure I expounded on the whole concept of security, because one of the most important aspect of any or all security is a measure of reasonableness and sufficiency. There are many instances, imho, that overkill for security is applied and often does not work, such as removing gcc from a system. A good hacker (security interloper) can patch a system without ever compiling anything on that system Your opinion that I hijacked a thread is, well, your opinion, at best. Ignore what you do not like, or give a more singularly focused response, if you deem that necessary, but avoid pissing into a fan and telling the rest of us how cool and relevant you are. After all, you did not even respond with any relevance to what the poster was look for, did you ? (your just another pompous a.) hth, James
Re: [gentoo-user] Re: Gentoo as a production server - insecure?
james wrote: Dirk Heinrichs dirk.heinrichs at online.de writes: would you please be so kind and avoid hijacking other threads next time. Um, you must not have read the response. I did specifically address and provide remedy if indeed having gcc installed on a machine is a security threat. Sure I expounded on the whole concept of security, because one of the most important aspect of any or all security is a measure of reasonableness and sufficiency. There are many instances, imho, that overkill for security is applied and often does not work, such as removing gcc from a system. A good hacker (security interloper) can patch a system without ever compiling anything on that system Your opinion that I hijacked a thread is, well, your opinion, at best. Ignore what you do not like, or give a more singularly focused response, if you deem that necessary, but avoid pissing into a fan and telling the rest of us how cool and relevant you are. After all, you did not even respond with any relevance to what the poster was look for, did you ? (your just another pompous a.) hth, James Actually Dirk wasn't talking to you at all, he was talking to the person that did indeed hijack the thread (titled Mailing Lists) by replying to it with an unrelated email (titled Gentoo as a production server - insecure?). This was a valid point, as it was thread hijacking and it does make threads very difficult to manage. It does not however make it so difficult to manage that you cannot see Dirk replied to the original hijacking email, and not to you. Now lets all kiss and make up :) Matt
Re: [gentoo-user] Installing outside of Portage cruft removal
If you can install your apps into a specific location, I'd use xstow. emerge xstow cd ~/install/myapp-1.2.3 ./configure --prefix=/usr/local/stow/myapp-1.2.3 make make install cd /usr/local/stow xstow myapp-1.2.3 myapp-1.2.3 is installed into /usr/local/stow/myapp-1.2.3, but xstow created symlinks into the /usr/local hierarchy, so it looks as if it were directly installed there. No need to add /usr/local/stow/myapp-1.2.3/bin to the PATH and such. Use xstow -D myapp-1.2.3 to remove the symlinks if you want to uninstall, then remove /usr/local/stow/myapp-1.2.3. That would still leave anything installed outside of /usr/local (/etc for example) right? No. All the symlinks will be in /usr/local or subdirectories of it (or more general: in the parent directory of the stow dir). I thought running something like '.configure --prefix=/usr/local make make install' could still install files outside of /usr/local. No? - Grant
Re: [gentoo-user] Re: Gentoo as a production server - insecure?
Am Montag, 16. Februar 2009 21:15:50 schrieb james: Um, you must not have read the response. I didn't reply to you, but to Johannes. Maybe your email client doesn't display the threads correctly. You can verify this by reading the headers, especially In-reply-to:. I did specifically address and provide remedy if indeed having gcc installed on a machine is a security threat. The original thread was about Mailing Lists to discuss about python or perl and was started by Kaushal Shriyan. It was hijacked by replying to it and changing the topic, again see the In-reply-to: header. Bye... Dirk signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: Installing outside of Portage cruft removal
Grant wrote: I thought running something like '.configure --prefix=/usr/local make make install' could still install files outside of /usr/local. No? That's true, it can. But *usually* it doesn't.
Re: [gentoo-user] Installing outside of Portage cruft removal
Am Montag, 16. Februar 2009 21:31:39 schrieb Grant: I thought running something like '.configure --prefix=/usr/local make make install' could still install files outside of /usr/local. No? As long as you don't specify otherwise, no. Everything will be under the directory specified by --prefix unless you specify exceptions, see ./configure --help. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: Installing outside of Portage cruft removal
Am Montag, 16. Februar 2009 21:40:19 schrieb Nikos Chantziaras: Grant wrote: I thought running something like '.configure --prefix=/usr/local make make install' could still install files outside of /usr/local. No? That's true, it can. But *usually* it doesn't. No, it can't. You have to tell it to so explicitely. Otherwise it wouldn't be possible to install software as unprivileged user. Bye... Dirk signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: Installing outside of Portage cruft removal
Dirk Heinrichs wrote: Am Montag, 16. Februar 2009 21:40:19 schrieb Nikos Chantziaras: Grant wrote: I thought running something like '.configure --prefix=/usr/local make make install' could still install files outside of /usr/local. No? That's true, it can. But *usually* it doesn't. No, it can't. You have to tell it to so explicitely. Otherwise it wouldn't be possible to install software as unprivileged user. It's up the application to decide how to use prefix variable. Most applications are respecting it. But you make it sound like it's impossible to not respect it, which is not true. I can write automake rules which completely ignore prefix.
Re: [gentoo-user] Re: Installing outside of Portage cruft removal
Am Montag, 16. Februar 2009 21:54:51 schrieb Nikos Chantziaras: It's up the application to decide how to use prefix variable. Most applications are respecting it. Up to now, I didn't find one that doesn't. And if so, it'll receive a bug report right away. But you make it sound like it's impossible to not respect it, which is not true. Well, if you don't, your package won't be spread widely until you've fixed it. You'll always find people who install sw as unprivileged user. If they can't install a package, they file a bug. Even some package managers build and install sw to a temporary directory as an unprivileged user to avoid messing up the system. I can write automake rules which completely ignore prefix. Which in the end means the unprivileged user can't install your package. And even as root, I wouldn't. Nobody does this. It's a hipothetical case. Bye... Dirk signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: Gentoo as a production server - insecure?
Dirk Heinrichs dirk.heinrichs at online.de writes: I didn't reply to you, but to Johannes. Maybe your email client doesn't display the threads correctly. You can verify this by reading the headers, especially In-reply-to:. The original thread was about Mailing Lists to discuss about python or perl and was started by Kaushal Shriyan. It was hijacked by replying to it and changing the topic, again see the In-reply-to: header. OOPs, I did not even notice (sorry). Gmane does show the threads correctly (although sometimes it borks). My bad; I just saw your response under mine in gmane.. I missed the original thread poster completely. Sometimes gmane does not process all postings, timely. It'd help if you mentioned the persons name, explicitly, when you or anyone chastize a poster. But, I missed it in the thread listing, so ... on me. James
Re: [gentoo-user] custom-cxxflags not supported but on anyway
On Monday 16 February 2009 20:36:02 Dale wrote: Well, it is done now. You know what would be nice, a mailing list that announces these new features. Maybe one that only devs can post to but anyone can receive. Just a little note that something new is coming and what it does would be really nice. Well, there sort-of is something like that already - the Changelog. The trouble with news-announce-change lists is that no-one can ever make up their mind as to what goes on it and what doesn't, so they end up sooner or later being a dump for the entire Changelog (which you already have :-) ) I've been caught out by this stuff too many times. Now I always read /var/portage/profiles/package.mask before an update. With a bit of practise anf doing it frequently, you get a good idea of what parts of the tree are active and where changes are being made. Helps with predicting stuff :-) -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Re: Gentoo as a production server - insecure?
On Mon, 16 Feb 2009 15:51:11 + (UTC), James wrote: If the rub is really the gcc compiler, then do not have it installed; activate a remote partition with any such tools as gcc, coreutils and use them for admin things. Then unmount these (NFS or such) necessary system tools, when your not actively using them. Or don't install them at all. Put all the toolchain packages in /etc/portage/profile/package.provided or create a custom profile without a toolchain in @system. Then build the packages on another computer. If this is a production server, you'd want to test things before installing on the live server, so build everything on the test box and install on the server with emerge -K. -- Neil Bothwick ALZHEIMER.COM found . . . Out of . . . something . . signature.asc Description: PGP signature
Re: [gentoo-user] custom-cxxflags not supported but on anyway
On Mon, 16 Feb 2009 14:50:37 +0100, Daniel Pielmeier wrote: Use --reinstall changed-use instead of --newuse. It saves on pointless rebuilds. Hm I must have missed this option somehow. Good to know there is such feature. I guess in this case only the portage package database is updated. It's fairly new, especially on stable. AFAIK it doesn't touch the package database, so a subsequent --newuse will still want to rebuild the package. -- Neil Bothwick Check three friends. If they're OK, you're it. signature.asc Description: PGP signature
Re: [gentoo-user] custom-cxxflags not supported but on anyway
Alan McKinnon wrote: On Monday 16 February 2009 20:36:02 Dale wrote: Well, it is done now. You know what would be nice, a mailing list that announces these new features. Maybe one that only devs can post to but anyone can receive. Just a little note that something new is coming and what it does would be really nice. Well, there sort-of is something like that already - the Changelog. The trouble with news-announce-change lists is that no-one can ever make up their mind as to what goes on it and what doesn't, so they end up sooner or later being a dump for the entire Changelog (which you already have :-) ) I've been caught out by this stuff too many times. Now I always read /var/portage/profiles/package.mask before an update. With a bit of practise anf doing it frequently, you get a good idea of what parts of the tree are active and where changes are being made. Helps with predicting stuff :-) Yew a better guru than me tho. ;-) lol Dale :-) :-)
[gentoo-user] Grub broke out of the blue
I've no idea how it broke, but after an emerge --sync, a kernel (gentoo-sources) update was there. After I compiled the kernel, I did the usual make modules_install make install. I edited grub.conf only to the point of changing the booted kernel to the new one (just a matter of changing -r1 to -r2 at the end of the kernel filename). I reboot, Grub stops working. It just displays GRUB and hangs there. What might have cause this? /boot is a 50MB ext3 partition with 14MB free. I had to boot from a live CD and make sda1 bootable (Windows XP) so I can get online and burn a repair CD that supports ext4 (/).
Re: [gentoo-user] Grub broke out of the blue
On 17 Feb 2009, at 04:17, Nikos Chantziaras wrote: I've no idea how it broke, but after an emerge --sync, a kernel (gentoo-sources) update was there. After I compiled the kernel, I did the usual make modules_install make install. I edited grub.conf only to the point of changing the booted kernel to the new one (just a matter of changing -r1 to -r2 at the end of the kernel filename). I reboot, Grub stops working. It just displays GRUB and hangs there. What might have cause this? $ cat /var/log/portage/elog/sys-boot:grub-0.97-r6:20090117-194927.log LOG: preinst To avoid automounting and autoinstalling with /boot, just export the DONT_MOUNT_BOOT variable. WARN: postinst *** IMPORTANT NOTE: you must run grub and install the new version's stage1 to your MBR. Until you do, stage1 and stage2 will still be the old version, but later stages will be the new version, which could cause problems such as an unbootable system. This means you must use either grub-install or perform root/setup manually! For more help, see the handbook: http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1chap=10#grub-install-auto LOG: postinst To interactively install grub files to another device such as a USB stick, just run the following and specify the directory as prompted: emerge --config =grub-0.97-r6 Alternately, you can export GRUB_ALT_INSTALLDIR=/path/to/use to tell grub where to install in a non-interactive way. $ Stroller.
[gentoo-user] Re: Grub broke out of the blue
Nikos Chantziaras wrote: I've no idea how it broke, but after an emerge --sync, a kernel (gentoo-sources) update was there. After I compiled the kernel, I did the usual make modules_install make install. I edited grub.conf only to the point of changing the booted kernel to the new one (just a matter of changing -r1 to -r2 at the end of the kernel filename). I reboot, Grub stops working. It just displays GRUB and hangs there. What might have cause this? /boot is a 50MB ext3 partition with 14MB free. I had to boot from a live CD and make sda1 bootable (Windows XP) so I can get online and burn a repair CD that supports ext4 (/). Back. Grub was booting inside a VM under XP even though it refused to boot for real. So I booted in a VM and reinstalled Grub from there. I'm left to wonder now how copying a new kernel into /boot with make install can possibly make Grub go fubar...
[gentoo-user] Re: Grub broke out of the blue
Stroller wrote: On 17 Feb 2009, at 04:17, Nikos Chantziaras wrote: I've no idea how it broke, but after an emerge --sync, a kernel (gentoo-sources) update was there. After I compiled the kernel, I did the usual make modules_install make install. I edited grub.conf only to the point of changing the booted kernel to the new one (just a matter of changing -r1 to -r2 at the end of the kernel filename). I reboot, Grub stops working. It just displays GRUB and hangs there. What might have cause this? $ cat /var/log/portage/elog/sys-boot:grub-0.97-r6:20090117-194927.log LOG: preinst I did not update or re-install grub. The only thing I did was compile a kernel and copy the kernel image to /boot.
Re: [gentoo-user] Re: Grub broke out of the blue
On 17 Feb 2009, at 04:51, Nikos Chantziaras wrote: Stroller wrote: On 17 Feb 2009, at 04:17, Nikos Chantziaras wrote: I've no idea how it broke, but after an emerge --sync, a kernel (gentoo-sources) update was there. After I compiled the kernel, I did the usual make modules_install make install. I edited grub.conf only to the point of changing the booted kernel to the new one (just a matter of changing -r1 to -r2 at the end of the kernel filename). I reboot, Grub stops working. It just displays GRUB and hangs there. What might have cause this? $ cat /var/log/portage/elog/sys-boot:grub-0.97-r6:20090117-194927.log LOG: preinst I did not update or re-install grub. The only thing I did was compile a kernel and copy the kernel image to /boot. Sorry. The updated grub was only released in the last month or two, so I assumed this was the first time you had rebooted since. Stroller.
[gentoo-user] Re: Fake MAC Address Bungling Wireless
2009/2/14 daid kahl daid...@gmail.com I was bored and playing around with macchanger to change my Wireless MAC address, and wireless has not worked since, even though I'm using my hardware MAC address again. I'm usually using NetworkManager, but I also installed Wicd to see if I could avoid the problem that way. The problem seems to lie in the WEP password authentication to the local network. NetworkManager just kept asking for the password over and over again, never connecting. Wicd will claim to connect and issue an IP address, but the wireless does not function. I'm a dolt; the problem was that the gnome default keyring got mucked up by the changed MAC (which you could probably anticipate), and then that's why NetworkManager stopped working. I'm not sure exactly what happened, but I took a backup copy of ~/.gnome2/keyrings/default* and now it's fine again. Probably you could delete these files and then the nm-applet will make them again, but I'm lazy. I still didn't get wicd working, but I never had that working before, so that's probably a configuration issue, and in any case clearly unrelated to toying around with my MAC address (since I installed wicd later anyway); I originally though since NM was also assigning the default IP addresses that it might be related, but that's because I'm inexperienced. I'm a little embarassed that the solution was so easy and obvious and I bothered everyone. But I did learn some things in the process, so I appreciate the feedback a lot. So, as I eventually move to use wicd, the comments here will be helpful for me. Regards, daid
[gentoo-user] Open Office: PDF import
Has anyone succeeded in importing a PDF to Open Office Impress or Draw ? I've added the add-on from from under /usr/... (as it says), but when I try to 'insert file' using a 1-page PDF , it says 'File could not be opened' (after some CPU activity); OO Writer opens it as 98 pages of garbage. I tried rebooting re-opening OO, but not change. There's nothing in OO Help re the add-on or importing PDFs. I'm using OO 3.0.1 . -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca