Re: [gentoo-user] bloated by gcc
Am 28.09.2014 um 10:44 schrieb Jorge Almeida: I'm having a somewhat disgusting issue on my Gentoo: binaries are unaccountably large. I'm talking about C programs of my own, so no version related issues whatsoever. The computer is a core i3 with a 32 bit system. Example, for the same program: 10275 B on an atom running Slackware 14.1 (gcc 4.8.2) 5896 B (same, stripped with strip --strip-unneeded) 11675 B on i3, Gentoo, gcc 4.8.3 (with default gcc it was worse) 9704 B stripped 8207 B on *the same i3 box* running LFS (gcc 4.9.1) 5768 B stripped When compiling against dietlibc, the difference is even more shocking (almost double size in Gentoo after stripping). Compiled with: gcc -Os -march=i686 -fomit-frame-pointer -pipe -Wall -pedantic -fdata-sections -ffunction-sections -Wl,--gc-sections -fno-asynchronous-unwind-tables -std=c99 Gentoo: $ gcc -v Using built-in specs. COLLECT_GCC=/usr/i686-pc-linux-gnu/gcc-bin/4.8.3/gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/i686-pc-linux-gnu/4.8.3/lto-wrapper Target: i686-pc-linux-gnu Configured with: /var/tmp/portage/sys-devel/gcc-4.8.3/work/gcc-4.8.3/configure --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --prefix=/usr --bindir=/usr/i686-pc-linux-gnu/gcc-bin/4.8.3 --includedir=/usr/lib/gcc/i686-pc-linux-gnu/4.8.3/include --datadir=/usr/share/gcc-data/i686-pc-linux-gnu/4.8.3 --mandir=/usr/share/gcc-data/i686-pc-linux-gnu/4.8.3/man --infodir=/usr/share/gcc-data/i686-pc-linux-gnu/4.8.3/info --with-gxx-include-dir=/usr/lib/gcc/i686-pc-linux-gnu/4.8.3/include/g++-v4 --with-python-dir=/share/gcc-data/i686-pc-linux-gnu/4.8.3/python --enable-languages=c,c++,fortran --enable-obsolete --enable-secureplt --disable-werror --with-system-zlib --disable-nls --enable-checking=release --with-bugurl=https://bugs.gentoo.org/ --with-pkgversion='Gentoo 4.8.3' --enable-libstdcxx-time --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu --disable-multilib --disable-altivec --disable-fixed-point --with-arch=i686 --enable-targets=all --disable-libgcj --enable-libgomp --disable-libmudflap --disable-libssp --enable-lto --without-cloog Thread model: posix gcc version 4.8.3 (Gentoo 4.8.3) LFS: ## gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/i686-pc-linux-gnu/4.9.1/lto-wrapper Target: i686-pc-linux-gnu Configured with: ../gcc-4.9.1/configure --prefix=/usr --enable-languages=c,c++ --disable-multilib --disable-bootstrap --with-system-zlib Thread model: posix gcc version 4.9.1 (GCC) Slackware: Reading specs from /slash/usr/bin/../lib/gcc/i486-slackware-linux/4.8.2/specs COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/slash/usr/bin/../libexec/gcc/i486-slackware-linux/4.8.2/lto-wrapper Target: i486-slackware-linux Configured with: ../gcc-4.8.2/configure --prefix=/usr --libdir=/usr/lib --mandir=/usr/man --infodir=/usr/info --enable-shared --enable-bootstrap --enable-languages=ada,c,c++,fortran,go,java,lto,objc --enable-threads=posix --enable-checking=release --enable-objc-gc --with-system-zlib --with-python-dir=/lib/python2.7/site-packages --disable-libunwind-exceptions --enable-__cxa_atexit --enable-libssp --enable-lto --with-gnu-ld --verbose --enable-java-home --with-java-home=/usr/lib/jvm/jre --with-jvm-root-dir=/usr/lib/jvm --with-jvm-jar-dir=/usr/lib/jvm/jvm-exports --with-arch-directory=i386 --with-antlr-jar=/root/slackware-current/source/d/gcc/antlr-runtime-3.4.jar --enable-java-awt=gtk --disable-gtktest --with-arch=i486 --target=i486-slackware-linux --build=i486-slackware-linux --host=i486-slackware-linux Thread model: posix gcc version 4.8.2 (GCC) I'm not elfwise, but I could post something to google drive if needed. TIA Jorge Almeida Hi :) I have compared some exes and libs from Ubuntu 14.04 and my Gentoo (both x86_64) and for similar versions it seems like most of _my_ Gentoo binaries are around 10% bigger (a few are 10% smaller). I have completely ignored GCC settings (both are 4.8.x though). IMO your sample (one 5-10 kb program) is not representative for the distro in general. I compared: /bin/bash /usr/bin/xterm /bin/bzip2 /bin/gzip /usr/bin/xz /usr/bin/xev /usr/lib/libaspell.so /usr/lib/libdaemon.so IMO you shouldn't compare 4.8.x with 4.9.x. I don't want to dismiss your concern with your specific program. In your case it is a big difference, and I'm curios too, where it comes from. Maybe you can find out more by a more thorough comparation of the flags GCC uses at runtime by comparing the output of: gcc -Q your flags (w/o -pipe) --help=target gcc -Q your flags (w/o -pipe) --help=optimizers (Find more --help= in the man page.) Greetings Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Systemd upower
Am 04.06.2014 06:05, schrieb Samuli Suominen: On 04/06/14 05:17, Dutch Ingraham wrote: No, sys-fs/udev is not masked, but an update is indicated in the emerge above. That's a good catch, the MATE stuff is from the overlay. Unfortunately, the xfce stuff is not, so even if the overlay currency was an issue, I'll still be showing some dependencies. Try re-emerging on un-emerging the offending packages, like xfce4-session and xfce4-power-manager, it has helped some people, to refresh the .ebuild copy that is installed with the .ebuild copy from Portage - Samuli Thanks - that fixed it for me: # emerge -C xfce-base/xfce4-session xfce-extra/xfce4-power-manager xfce-extra/xfce4-systemload-plugin # emerge -uND xfce-base/xfce4-meta xfce-extra/xfce4-power-manager xfce-extra/xfce4-systemload-plugin Greetings Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Systemd upower
Am 04.06.2014 13:22, schrieb Daniel Troeder: Am 04.06.2014 06:05, schrieb Samuli Suominen: On 04/06/14 05:17, Dutch Ingraham wrote: No, sys-fs/udev is not masked, but an update is indicated in the emerge above. That's a good catch, the MATE stuff is from the overlay. Unfortunately, the xfce stuff is not, so even if the overlay currency was an issue, I'll still be showing some dependencies. Try re-emerging on un-emerging the offending packages, like xfce4-session and xfce4-power-manager, it has helped some people, to refresh the .ebuild copy that is installed with the .ebuild copy from Portage - Samuli Thanks - that fixed it for me: # emerge -C xfce-base/xfce4-session xfce-extra/xfce4-power-manager xfce-extra/xfce4-systemload-plugin # emerge -uND xfce-base/xfce4-meta xfce-extra/xfce4-power-manager xfce-extra/xfce4-systemload-plugin Greetings Daniel BTW: I also had to unmerge gnome-base/gnome-control-center and gnome-base/gnome-settings-daemon and mask all gnome-* 3.10 -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Only 4 of 8 GB usable
Am 21.05.2014 23:37, schrieb Alex Schuster: Hi there! So I installed another 4 GiB RAM into a Gentoo amd64 system that had 4 GiB already. But it still sees only 4 GiB, not 8 GiB: leela ~ # uname -a Linux leela 3.6.11-gentoo #3 SMP Mon Feb 4 15:37:48 CET 2013 x86_64 AMD A6-3500 APU with Radeon(tm) HD Graphics AuthenticAMD GNU/Linux leela ~ # free -m total used free sharedbuffers cached Mem: 3688 3269419 0108 1050 -/+ buffers/cache: 2110 1577 Swap: 2047 54 1993 Huh? Any idea why this is? The BIOS shows the full 8GiB, and lshw finds it. dmidecode shows that 8G should work: leela ~ # dmidecode -t 16 # dmidecode 2.11 SMBIOS 2.7 present. Handle 0x0008, DMI type 16, 23 bytes Physical Memory Array Location: System Board Or Motherboard Use: System Memory Error Correction Type: None Maximum Capacity: 8 GB Error Information Handle: Not Provided Number Of Devices: 2 In case this helps, I uploaded the outputs of dmesg [1], lshw -c memory [2] and full dmidecode output [3]. The dmesg output is somewhat weird though, it has several 'vmalloc: allocation failure: 0 bytes' entries. I suspected those were causing the problem, but I found that I needed to activate CONFIG_KALLSYMS=y, and they are gone. But still only 4 GiB RAM. The system is using an old kernel right now, so I cannot get the current dmesg, sorry for this. Probably related: Since I inserted this 2nd RAM module, wakeup from hibernate-ram does no longer work. Does this ring any bells? I'm out of ideas. Except than pulling out the 4 GB, or trying another mainboard. [1] http://www.wonkology.org/tmp/lshw.txt [2] http://www.wonkology.org/tmp/dmesg.txt [3] http://www.wonkology.org/tmp/dmidecode.txt Wonko To be sure, that the new RAM isn't broken, try booting with only the new RAM inserted in the 1st slot. If it works, insert the old RAM into the 2nd slot and see if the problem persists. Good luck Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Copying data efficiently
Am 17.05.2014 11:58, schrieb Neil Bothwick: On Sat, 17 May 2014 09:59:08 +0200, meino.cra...@gmx.de wrote: 3. Or you could use a sequential copy: cp -a /home /dev/sdb1/ cp -a /home /dev/sdc1 3.) The files I want to copy are in the size of some GB each. So the cache isnt big enough to hold ALL files for the second part. Run the two copies simultaneously, start the first, switch to another tab, start the second. That way the data for the second copy is always the most recently cached. However, I expect the speed limit here may be the USB bus unless you are using USB 3.0 drives on different buses. I was thinking about how to make sure cache is used, and that two simultanious cp won't work, because the progress for the two cp will quickly diverge. But then I realized: there is no need to think about the read cache - the limiting factor is always the writing side, especially with USB! So IMO it doesn't matter at all how you do it! I guess two simultaneous cp will be the same as two sequential cp, except if you have two separate USB-buses. Usually you have just one externally connectible, use lsusb -t to check. If you have less that 2 times the size of your files, IMO simultaneous cp will be worse, because Linux (don't know if USB-subsystem or cp) creates big buffers when cp'ing (check with free -m), and you'll probably get into memory trouble. Greetings, Daniel PS: Quickest way is always to open USB-case and plug SATA cable from motherboard into drive. With 80GB it's always worth the trouble. -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] PORTAGE_COMPRESS
Am 02.04.2014 14:27, schrieb Douglas J Hunley: I was reviewing my Portage settings yesterday and I noticed that I have PORTAGE_COMPRESS set (to bzip2, the default) on both of my servers and it occurred to me that both of these servers have filesystems that support compression (btrfs on one, zfs on the other). So I'm wondering if it still makes sense to have PORTAGE_COMPRESS set or if I should unset it and just let the fs-level compression handle it. Portage is already slow, why have it take the time to do this when the fs does it better and transparently? Thoughts on the matter? I think you have a good point disabling portage compression, but I wanted to correct one statement: Decompression in the kernel takes as much time as decompression in userspace - if it's the same algorithm. The differences here are: * creation of an additional process (bz[ip2, cat]), negligible compared to the cpu time compression takes * bz[ip2, cat] runs in user space (safer) vs in kernel space (risky) * different [de]compression algorithm (fs usually uses weaker but faster compression algorithms like lz4, lzo or gz) * different [de]compression setting (portage uses -9, kernel at best -6 - the difference in the resulting file size is small, but the difference in used cpu time is high) For me two things decide the question: * Assuming you write more man pages than you read, and disk space is not an issue, a weaker compression ratio to save cpu time makes sense. * If you have compression _already_ on for the fs, then compressing textual data before storing it on that fs is a waist of cpu time: For example LZ4 will detect already compressed data (compression ratio 12.5%), abort compression and store the file uncompressed. That's nice, but it means that it has already compressed some blocks, before it could measure it - waisting cpu time. Greetings, Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] SSD success - I think
Am 22.02.2014 16:24, schrieb thegee...@thegeezer.net: you might want this to read relatime,discard to handle the trim automagically. if you are concerned about writes i'd suggest noatime for all of these noatime yes - you need atimes only with _ancient_ news/mail servers/clients. But I'd recommend to use offline discard with a daily cron job (https://wiki.gentoo.org/wiki/SSD#cron). This results in way less writes during the day. Not sure if the total number of writes will be lower as well. As long as the SSD is not 80% full (all partitions included) you don't need to worry to much anyway. signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] how to use my SSD the right way ;-)
Am 03.01.2014 15:07, schrieb Alan McKinnon: On 03/01/2014 15:13, William Kenworthy wrote: On 03/01/14 15:34, Alan McKinnon wrote: On 03/01/2014 09:25, Stefan G. Weichinger wrote: Am 03.01.2014 07:52, schrieb Alan McKinnon: On 03/01/2014 00:46, Stefan G. Weichinger wrote: BFQ only for the SSDs ? Yes. The scheduler knows how to deal with SSDs while keeping everything responsive even under load. BFQ seems a good fit for your workcase - desktop/laptop. For those, interactive performance is the most important thing. So you set BFQ for the SSDs and CFQ for the hdds ? I have both in my desktop. BFQ for both is the recommendation. But do try it both ways to see how it performs and compare. hmm, is BFQ good for VM's too? I am currently using noops (storage is ceph) and was going to experiment but have not had the time yet. I have no idea, but I'd like to find out. Instinct tells me one of the host or guest should be NOOP so that the other one can get on with scheduling without conflict. But I also reckon the question is wy more complex than that. A VM should always use noop, as it doesn't know about the physical layout of the disk (except if you did pass the devices card through... with a SAS interface over PCIe for example). What IO-scheduler you'd use for the host depends on your hardware and the desired optimization goal (throughput vs latency). My _personal_ opinion for the desktop(!): If you're content with the general performance I would not optimize for your most common use case (global maximum), but for the use case that is not-to-uncommon and that benefits most of it. The idea is, that if most of you life is good, try to make the remaining part suck less :) Greetings, Daniel signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] FlashPlayer crashes in FireFox
Am 09.09.2013 11:45, schrieb Dan Johansson: As of lately (I can not really remember since when) FlashPlayer has stopped working in FireFox. I'm running an stable AMD64 system with FireFox (www-client/firefox-17.0.8), FlasPlayer (www-plugins/adobe-flash-11.2.202.297) and NS-Plugin-Wraper (www-plugins/nspluginwrapper-1.4.4-r3). If I emerge the 64bit FlasPlayer I get the following errormessage when trying to wiev a video on YouTube The Adobe Flash plugin has crashed and I get the following in the .xsession-errors: plugin-container: htab.c:83: vlGetDataHTAB: Assertion `handle' failed. WARNING: pipe error (51): Connection reset by peer: file /var/tmp/notmpfs/portage/www-client/firefox-17.0.8/work/mozilla-esr17/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 421 If I on the other hand emerge the 32bit version + nspluginwraper nothing happens in FF (the video-pane just stays black) and I get the following messages in .xsession-errors: npviewer.bin: htab.c:83: vlGetDataHTAB: Assertion `handle' failed. *** NSPlugin Wrapper *** ERROR: NPP_WriteReady() invoke: Broken pipe *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2705):invoke_NPP_Write: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2478):invoke_NPP_NewStream: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2550):invoke_NPP_DestroyStream: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2434):invoke_NPP_URLNotify: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2434):invoke_NPP_URLNotify: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2550):invoke_NPP_DestroyStream: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2434):invoke_NPP_URLNotify: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2478):invoke_NPP_NewStream: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2434):invoke_NPP_URLNotify: assertion failed: (rpc_method_invoke_possible(plugin-connection)) Send additional request to http://www.youtube.com/watch?v=mRbnLYHzsfI *** NSPlugin Wrapper *** WARNING:(/var/tmp/portage/www-plugins/nspluginwrapper-1.4.4-r3/work/nspluginwrapper-1.4.4/src/npw-wrapper.c:2219):invoke_NPP_SetWindow: assertion failed: (rpc_method_invoke_possible(plugin-connection)) *** NSPlugin Wrapper *** ERROR: NPObject proxy 0x7f33d3c27de0 is no longer valid! *** NSPlugin Wrapper *** ERROR: NPObject proxy 0x7f33d3c27de0 is no longer valid! *** NSPlugin Wrapper *** ERROR: NPObject proxy 0x7f33d3c27de0 is no longer valid! (The last line just keeps repeating) Any suggestions what my problem could be and how to solve it? Regards, Adobe doesn't support the plugin API that FF uses anymore. Flash video is almost certain to crash for most users. Chrome uses (created?) the pepper API that Adobe supports, ships a recent Flash version and videos work there. I didn't test it, but there is www-plugins/chrome-binary-plugins for Chromium that should deliver the same.
Re: [gentoo-user] Complete list of USE flags?
Am 04.08.2013 20:31, schrieb Pandu Poluan: Hello guys, I'm a bit ashamed to ask this question, as it belies how long I haven't actually installed a 'lightweight' Gentoo system... But I digress. On to my question: Anyone knows an exhaustive list of USE flags? And a related subquestion: Is the USE flags list at znurt.org http://znurt.org up-to-date? The reason I'm asking, is because I'm planning on building *very* lightweight systems with as small attack surface as possible. Rgds, -- I have two symlinks in all of my gentoo installations in $HOME: use.desc - /usr/portage/profiles/use.desc use.local.desc - /usr/portage/profiles/use.local.desc When I want to look something up, I use: $ grep something ~/use* To narrow results down, I sometimes prepend or append ':' to something. Greetings, Daniel
Re: [gentoo-user] gcc4.7.2-r1 to 4.7.3 upgrade - hosed system?
Am 16.05.2013 13:49, schrieb Adam Carter: My system no longer had a /lib64/libgcc_s.so.1 which made it quite unhappy. I eventually copied one over from a fedora live iso i had and things are operational again. Is there some way i can confirm if it was the gcc upgrade? This looks damning; # gcc-config 2 * Switching native-compiler to x86_64-pc-linux-gnu-4.7.3 ... /usr/bin/python2.7: error while loading shared libraries: libgcc_s.so.1: cannot open shared object file: No such file or directory ewarn: error while loading shared libraries: libgcc_s.so.1: cannot open shared object file: No such file or directory ewarn: error while loading shared libraries: libgcc_s.so.1: cannot open shared object file: No such file or directory I had the same yesterday - run: LD_LIBRARY_PATH=/usr/lib/gcc/x86_64-pc-linux-gnu/4.7.3/ ldconfig to fix your system. Thanx to chithanh for this life-saving oneliner (http://forums.gentoo.org/viewtopic-p-7053126.html). Greetings, Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] GNOME configuration problem
Am 04.02.2013 11:52, schrieb Helmut Jarausch: Hi, I'm not using the full GNOME desktop but only single applications like 'meld'. (Only) for some users (including root on one machine and a non-root user on an another machine) meld fails with : File /usr/lib64/meld/meld/ui/historyentry.py, line 121, in _save_history self.__gconf_client.set_list(key, gconf.VALUE_STRING, gconf_items) glib.GError: Configuration server couldn't be contacted: D-BUS error: Can't overwrite existing read-only value: Value for `/apps/gnome-settings/meld/history-direntry' set in a read-only source at the front of your configuration path I have even removed $HOME/.gconf and $HOME/.local/meld with no success. Any hints are very much appreciated, Helmut. The read-only source of gconf is in /etc/gconf/, probably /etc/gconf/gconf.xml.defaults/%gconf-tree.xml I use meld too, but I have no entry of it in /etc/gconf (checked with grep -ri meld /etc/gconf/). But I do have entries for the gconf-path `/apps/gnome-settings/meld/history-direntry' if I look at it with gconf-editor. They are stored in ~/.gconf/apps/gnome-settings/meld/%gconf.xml It seems history-direntry is a list of directories I used meld in. Hope the info helps debugging, Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] cairo USE flags
Am 19.01.2013 11:49, schrieb Florian Philipp: Hi list! I've noticed that there is probably a lot of performance to be gained from activating backend acceleration in cairo. It's just that I have no clue about the details: drm, gallium and opengl are all described as accelerating backends. Does that mean they are mutually exclusive or can I activate them all and cairo will sort it out? What does the qt4 use flag do? Is it just a language binding? Does anyone know a simple benchmark for cairo? Thanks in advance! Florian Philipp I found your question very interesting, and so I used... google :D - Cairo seems to bring a benchmark with the source in cairo\perf. - http://cworth.org/intel/performance_measurement/ - The Phoronix test suit ofc has a performance test for cairo :) - I looked into some examples, and there are BIG differences between gfx cards: http://openbenchmarking.org/prospect/1204129-SU-NVIDIAGEF19/3653c29c52e5da38d1879d193dc660515f97d242 - This posting is most interesting: http://lists.cairographics.org/archives/cairo/2012-October/023609.html As a nvidia blob user it seems I should be using the XRender backend. But how? I can USE=-opengl to have that out of the way, but what's with the other USE flags? looking at the ebuild I see, that I only need X :) $(use_with X x) \ $(use_enable X xlib) \ $(use_enable X xlib-xrender) \ $(use_enable aqua quartz) \ $(use_enable aqua quartz-image) \ $(use_enable debug test-surfaces) \ $(use_enable directfb) \ $(use_enable glib gobject) \ $(use_enable doc gtk-doc) \ $(use_enable openvg vg) \ $(use_enable opengl gl) \ $(use_enable qt4 qt) \ $(use_enable static-libs static) \ $(use_enable svg) \ $(use_enable xcb) \ $(use_enable xcb xcb-shm) \ $(use_enable drm) \ $(use_enable gallium) \ Now I wonder if cairo doesn't simply choose the best one automatically? Or should I X -xcb -opengl -openvg? (Keeping glib qt4 svg for apps on.) [..] I used cairo-trace to start some programs and it seems like programs can set their desired backend. There is a /type setting: /type 42 set (firefox, soffice, clementine, evince, opera, crack-attack, digikam, inkscape) /type /xlib set(firefox, soffice, clementine, evince, crack-attack, digikam, inkscape) /type /xrender set (firefox, soffice, clementine) I wonder what 42 is... Greetings, Daniel
Re: [gentoo-user] disk accesses per subdirectory tree
On 21.12.2012 14:42, Helmut Jarausch wrote: Hi, I'd like to put some subdirectory trees (of / and of /usr and of /home) onto an SSD. For that I'd like to count the disk accesses which go to a given subdirectory tree in some given time intervall. Is there any utility which can measure this? Many thanks for a hint, Helmut. Just an idea: IMO it is not difficult to write a small program that uses inotify to do that. Just register those paths with inotify and count. I think there is also a inotify-using cron and a scriptable inotify client a little search: dev-haskell/hinotify dev-perl/Linux-Inotify2 dev-python/inotifyx dev-python/pyinotify dev-ruby/rb-inotify sys-fs/inotify-tools The last one... just opened the homepage: https://github.com/rvoicilas/inotify-tools/wiki and scrolled down to inotifywatch - I think you'll be able to do it with that :) Greetings, Daniel -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] {OT} anyone tried egroupware?
On 21.12.2012 06:13, J. Roeleveld wrote: Grant emailgr...@gmail.com wrote: Has anyone tried egroupware? Any opinions on it? Yes. I have been using the community version for several years. +1 Works good with (user)groups, important modules are well integrated into each other (f.e.: you can link objects from address book, file manager or project manager to a calendar entry as an attachment), easy to install, fine granular permission system, sync through carddav, ical, caldav, webdav works, but feels kind of limited, activesync only in commercial version, works also with php-fcgi, devs help in community forum.
Re: [gentoo-user] {OT} anyone tried egroupware?
On 21.12.2012 12:19, J. Roeleveld wrote: On Friday, December 21, 2012 11:33:49 AM Daniel Troeder wrote: On 21.12.2012 06:13, J. Roeleveld wrote: Grant emailgr...@gmail.com wrote: Has anyone tried egroupware? Any opinions on it? Yes. I have been using the community version for several years. +1 Works good with (user)groups, important modules are well integrated into each other (f.e.: you can link objects from address book, file manager or project manager to a calendar entry as an attachment), easy to install, fine granular permission system, sync through carddav, ical, caldav, webdav works, but feels kind of limited, activesync only in commercial version, works also with php-fcgi, devs help in community forum. Syncml works as well with the synthesis client on my Android phone. hmm... nice... a question: If a calendar entry has invitaions to multiple users and some categories are selected, und you change that entry on your phone, will the invitaions and categories be preserved or reset? The lack of activesync makes me consider the commercial version, but that's not for this year yet. -- Joost -- Get my PGP key at: * http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 * $ gpg --recv-keys --keyserver keyserver.ubuntu.com 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] SSD configuration
On 26.11.2012 15:01, Volker Armin Hemmann wrote: 2 year warranty only covers production defects. Not failure because of abuse. I cannot imagine it to say do not let your OS swap on this flash disk. Most people have no clue what swap is, and all those netbooks nowadays have only a cheap SSD at all... but to be ure, I'll look into the warrenty later. Greetings, Daniel -- PGP key @ http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] SSD configuration
On 26.11.2012 15:35, Alex Schuster wrote: Luis Gustavo Vilela de Oliveira writes: Well, with 8Gb RAM, i recommend use tmpfs on PORTAGE_TMPDIR, just while u are compiling anything. Or even with 6Gb too. I have 16 GB, with 8GB for $PORTAGE_TMPDIR on tmpfs. There were issues with some packages having not enough space, so I have this in /etc/portage/package.env: app-office/libreoffice notmpfs.conf dev-java/icedteanotmpfs.conf games-fps/alienarenanotmpfs.conf games-fps/worldofpadman notmpfs.conf games-sports/vdrift notmpfs.conf mail-client/thunderbird notmpfs.conf www-client/firefox notmpfs.conf /etc/portage/env.d/notmpfs.conf has this entry, changing PORTAGE_TMPDIR to real HDD space: PORTAGE_TMPDIR=/var/portage/tmp Most of these packages compile with 8 GB of space, but not with parallel merges, like when Thunderbird and Firefox are both being built at the same time. Alex THANK YOU!! You solved a problem I have been having for some time. This should go to the easy Gentoo tricks thread :) Very happy, Daniel -- PGP key @ http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] swap on ssd?
On 26.11.2012 00:18, Neil Bothwick wrote: On Mon, 26 Nov 2012 06:46:28 +0800, William Kenworthy wrote: Has anyone tried swap on ssd? - has it killed the drive prematurely? - any other effects? Yes, no, improved virtual memory performance. +1 SSDs aren't cheapo SD cards, they are meant to be written to. A storage device that broke if you tried to store stuff on it would break trading laws in any civilised country. +1 Even if the SSD failed inside the 2 year guerantee time - you'd get a new one for free. And in 2y you'll need the new mobo anyway - so there's nothing to loose. -- PGP key @ http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] SSD configuration
On 25.11.2012 22:43, Jacques Montier wrote: Each time you sync the portage, you should write on the SSD... Is it a good thing ? It is the best thing since rsync! Really - it is amazing! And about portage: you write in your portage tree not nearly as often as in /home. SSDs don't die as quickly as you think. The most important thing about wear leveling is to keep 10% free disk space in all partitions and enable discard. You'll be fine then. -- PGP key @ http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] davical thunderbird
On 07.11.2012 08:57, Stefan G. Weichinger wrote: Am 2012-11-07 01:48, schrieb Michael Orlitzky: I tried too. It doesn't work. I guess this is our best hope? https://bugzilla.mozilla.org/show_bug.cgi?id=546932 oh my ;) Is it not working at all or is only the import problematic? In my tests with much less data I had the impression that it works as soon as the bulk of adresses is in there. Thunderbird addressbook is from Netscapes time :( Many people have complaint about it, but noone has stepped up to make a new one. Now the Mozilla foundation has the opinion that TB is feature complete, and will not support its development anymore - so there goes any hope :( Sad, Daniel PS: _reading_ from a LDAP directory is the only thing that works well with TB addressbook.
Re: [gentoo-user] Fast file system for cache directory with lot's of files
On 13.08.2012 16:53, Michael Hampicke wrote: 2012/8/13 Daniel Troeder dan...@admin-box.com 3rd thought: purging old files with find? your cache system should have some kind of DB that holds that information. 3: Well, it's a 3rd party application that - in theory - should take care of removing old files. Sadly, it does not work as it's supposed to be, While time passes the number of orphans grow :( There is also the possibility to write a really small daemon (less than 50 lines of C) that registers with inotify for the entire fs and journals the file activity to a sqlite-db. A simple sql-query from a cron/bash script will then give you all the files to delete with paths. It will probably be less work to write the daemon than to do 40 fs-benchmarks - and the result will be the most efficient.
Re: [gentoo-user] Fast file system for cache directory with lot's of files
On 14.08.2012 11:46, Neil Bothwick wrote: On Tue, 14 Aug 2012 10:21:54 +0200, Daniel Troeder wrote: There is also the possibility to write a really small daemon (less than 50 lines of C) that registers with inotify for the entire fs and journals the file activity to a sqlite-db. sys-process/incron ? Uh... didn't know that one! ... very interesting :) Have you used it? How does it perform if there are lots of modifications going on? Does it have a throttle against fork bombing? must-read-myself-a-little. A incron line # sqlite3 /file.sql 'INSERT filename, date INTO table' would be inefficient, because it spawn lots of processes, but it would be very nice to simply test out the idea. Then a # sqlite3 /file.sql 'SELECT filename FROM table SORTBY date date-30days' or something to get the files older than 30 days, and voilá :)
Re: [gentoo-user] Fast file system for cache directory with lot's of files
On 13.08.2012 15:16, Michael Hampicke wrote: - about 20GB - 100.000 directories - about 2 million files The system has 2x Intel Xon Quad-cores (Nehalem), 16GB of RAM and two 10.000rpm hard drives running a RAID1. 1st thought: switch to SSDs 2nd thought: maybe lots of writes? - get a SSD for the fs metadata 3rd thought: purging old files with find? your cache system should have some kind of DB that holds that information.
Re: [gentoo-user] nvidia NVS 5200M
On 31.07.2012 16:30, Allan Gottlieb wrote: latitudes E6430 6430s nvidia through optimus :( latitudes E6330 No nvidia.
Re: [gentoo-user] nvidia NVS 5200M
On 26.07.2012 22:50, Allan Gottlieb wrote: I am buying a new laptop, most likely a dell 6340. My choices for video are intel 4000 and nvidia nvs 5200M. Just make sure, that you don't get a optimus notebook.
Re: [gentoo-user] Re: Nvidia-drivers + kernel 3.4
On 18.06.2012 11:29, Philip Webb wrote: I've updated to the latest testing 302.17 it's working ok so far. Just wanted to let you know, that there is a bug that affects lots of people with 302.xx: X-console-switch and resume-from-suspend are broken. http://www.nvnews.net/vbulletin/showthread.php?t=179956 http://www.nvnews.net/vbulletin/showthread.php?t=179891 I have to revert back to 295.xx for my notebook to suspend again :( Greetings, Daniel
Re: [gentoo-user] Are those green drives any good?
I'm using big WD Caviar Green (WDxxEAxx) SATA HDDs for some years now in my home 24/7 server, and haven't had any issues - they run cool and low-noise, and the performance is good. Low power and heat was what was important for me when choosing. HDD performance isn't an issue anyway, when storing media files over a home network :)
Re: [gentoo-user] WARNING dev-libs/icu-49.1 is BAD
On 04.04.2012 20:12, Allan Gottlieb wrote: Another scare. No emacs, no apache, gnome in trouble ... don't install icu-49.1 I was going to file a bug but I see that there are a few stating that some things fail with 49.1 so I don't know that my adding to the list will help. To see the list just ask for ALL icu I now have to reinstall everything that was installed after icu, or at least try them to see if they fail. allan Why can't ebuilds like icu be made like openssl or openldap where the libs are not replaced, but old libs stay and a text is displayed to use redep-rebuild and afterwards rm the old libs? That way software doesn't suddenly brake until you reemerge half your desktop/servers (only to reemerge everything again the next day, because that lib gets suddenly masked). I like the behavior of openldap and openssl, I'd like to have that for gfx-libs that brake the desktop (like icu) too. Please, please do it dear gentoo devs :) Daniel -- PGP key @ http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x837FB8B5BB9D4887 # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] WARNING dev-libs/icu-49.1 is BAD
On 05.04.2012 14:51, Neil Bothwick wrote: On Thu, 05 Apr 2012 11:36:54 +0200, Daniel Troeder wrote: Why can't ebuilds like icu be made like openssl or openldap where the libs are not replaced, but old libs stay and a text is displayed to use redep-rebuild and afterwards rm the old libs? They are, the old libs stay around until you emerge @preserved-rebuild... and then everything breaks. Revisited my aliases and saw that that's exactly what I did... *blushes*
Re: [gentoo-user] On login, hostname ends with .O instead of my domain
On 27.02.2012 16:16, Pandu Poluan wrote: On Feb 27, 2012 9:15 PM, Alan McKinnon alan.mckin...@gmail.com mailto:alan.mckin...@gmail.com wrote: On Mon, 27 Feb 2012 16:58:48 +0700 Pandu Poluan pa...@poluan.info mailto:pa...@poluan.info wrote: I knew I've read about this somewhere, but I couldn't find it again... I'm installing a new Gentoo box, and it boots successfully... but the login screen indicates the machine's name as NAME.O Where does the .O part comes from? How to replace that with my actual domain? What do you have in et/c/conf.d/hostname and /etc/hosts? IIRC, both have been set properly, but I might made a mistake. I'll get back to you tomorrow. Internet at my home is very splotchy tonight. Rgds, Just guessing: do you use the NetworkManager? It sets the domain name from DHCP by default. I had X-issues because of that :) If it is that you can edit /etc/NetworkManager/nm-system-settings.conf : -- [main] plugins=keyfile [keyfile] hostname=moja.local -- (In my nm-system-settings.conf there is also a ifnet section, so the plugins directive is actually plugins=ifnet,keyfile.) By, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] vlc and mplayer crash with nvidia-drivers-295.20-r1
On 20.02.2012 13:53, Bernd Butscheidt wrote: as told in the subject. Both crash instantly or after a few seconds when accessing or trying to play a video-dvd. Strange enough, xine doesn't seem to be affected. Prob. xine isn't configured to use hw acceleration :) Seems to me to be related to: https://bugs.gentoo.org/show_bug.cgi?id=404261 It is more general a bug in libnvidia-tls.so.295.20. gnome-shell users have problems too. So I recompiled nvidia-drivers-290.10-r2. Downgrading seems to be the only solution atm. nVidias forum (http://www.nvnews.net/vbulletin/) is full of bug reports. Daniel
Re: [gentoo-user] Python+readline?
On 28.01.2012 10:01, Walter Dnes wrote: I've enabled the readline flag for the python build, but it doesn't seem to work. Are there any other settings I'm missing? daniel@moja ~ $ cat .pythonstartup #!/usr/bin/python try: import readline except ImportError: print Module readline not available. else: import rlcompleter readline.parse_and_bind(tab: complete) -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] PDF export/import in LibreOffice
On 23.01.2012 01:00, Philip Webb wrote: During my usual Saturday system update, I noticed LibreOffice 3.5.0.1 is now testing, while there's an upgrade of LO 3.4 in stable. I tried 3.5.0.0 when it was briefly released a few weeks ago, but PDF export was not working. Has anyone used it with LO 3.5.0.1 ? Also, I compiled LO 3.4.3.2-r1 with USE=pdfimport, but it refuses actually to import a PDF when presented with one. Does anyone know if/how it is possible to get that to work as well ? Lots of those functions need java - make sure you have it configured in Options-LO-Java. The problem I'd have is: $ sudo revdep-rebuild -ie -- -pv Password: * Configuring search environment for revdep-rebuild * Checking reverse dependencies * Packages containing binaries and libraries broken by a package update * will be emerged. * Collecting system binaries and libraries * Generated new 1_files.rr * Collecting complete LD_LIBRARY_PATH * Generated new 2_ldpath.rr * Checking dynamic linking consistency [ 68% ] * broken /usr/lib64/libreoffice/share/extensions/pdfimport/xpdfimport (requires libpoppler.so.13) [..] Which stems from using a binary package (app-office/libreoffice-bin-3.4.3.2-r1) I guess... Maybe you have the same problem? Greetings, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: OT crontab not understood
On 09.01.2012 19:31, James wrote: Daniel Troeder daniel at admin-box.com writes: So I have installed sys-process/vixie-cron Ah, excellent. Just so you know, Paul Vixie is one of the un_sung heros of the the internet. just look up Paul Vixie on wikepedia and you'll quickly realize that he is one of the Titans that has worked tirelessly over the decades to make the internet what it is today. Some think of him as the daddy of DNS http://www.techdirt.com/articles/20110825/23232315691/paul-vixie-explains-how-protect-ip-will-break-internet.shtml hth, James WOW - great CV (@wikipedia)! and he's also funny: note that i hold the single-author record for total CERT advisories, proving that in my copious youth i knew how to sling code but not how to manage risk. (I guess this comes from authoring bind :) signature.asc Description: OpenPGP digital signature
[gentoo-user] OT crontab not understood
Hi :) It seems I don't understand something about cron(tab). Can someone help me pls: I want to run flexbackup with the following backup plan: * monthly full * weekly diff * daily incr So I have installed sys-process/vixie-cron-4.1-r12 (and virtual/cron-0 and sys-process/cronbase-0.3.3). My crontab (created with crontab -e) contains: 00 03 2-31 * 1-6 /usr/bin/flexbackup -set root -level incremental 00 03 2-31 * 0 /usr/bin/flexbackup -set root -level differential 00 03 1* * /usr/bin/flexbackup -set root -level full The problem I'm facing is, that incr and diff are executed each day _both_ at the same time (which flexbackup luckily handles well). From my understanding the 2nd line (diff) should only be run on sundays, and the 1st line (inc) should not run sundays. Can someone please explain me what I'm doing wrong? Thank you, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] OT crontab not understood
On 09.01.2012 12:33, Alan McKinnon wrote:
On Mon, 09 Jan 2012 13:10:50 +0100
Daniel Troeder dan...@admin-box.com wrote:
Hi :)
It seems I don't understand something about cron(tab). Can someone
help me pls:
I want to run flexbackup with the following backup plan:
* monthly full
* weekly diff
* daily incr
So I have installed sys-process/vixie-cron-4.1-r12 (and virtual/cron-0
and sys-process/cronbase-0.3.3).
My crontab (created with crontab -e) contains:
00 03 2-31 * 1-6 /usr/bin/flexbackup -set root -level incremental
00 03 2-31 * 0 /usr/bin/flexbackup -set root -level differential
00 03 1* * /usr/bin/flexbackup -set root -level full
The problem I'm facing is, that incr and diff are executed each day
_both_ at the same time (which flexbackup luckily handles well).
From my understanding the 2nd line (diff) should only be run on
sundays, and the 1st line (inc) should not run sundays.
Can someone please explain me what I'm doing wrong?
You are combining fields 3 and 5, those two work funny.
Unlike the other datetime specs, they are not ANDed, they are ORed.
Taking the first one, you obviously want the cron to run at 3 am
between the 2nd and 31st of the month AND if the day is Mon-Sat.
What it is doing is running at 3am every day between the 2nd and 31st
and also every day Mon-Sat (even if that is the 1st of the month).
Vixie cron does not directly allow you to do what you want. It's
designed to run things periodically on a set schedule and doesn't do
except very well.
A better approach would be to fire off a wrapper script every day at
3am. This script will then check for date, time and day of week and
launch the app with the appropriate options.
Thank you for the explanation!
Unfortunately that it's ORd :(
So I wrote this:
### /etc/cron.daily/run_flexbackup ###
#!/bin/bash
DOM=$(date +%d)
DOW=$(date +%w)
function run_backup() {
# do some stuff
/usr/bin/flexbackup -set root -level $1
# do more stuff
}
if [ $DOM = 1 ]; then
run_backup full
else
if [ $DOW = 0 ]; then
run_backup differential
else
run_backup incremental
fi
fi
Bye,
Daniel
--
PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get
# gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887
signature.asc
Description: OpenPGP digital signature
Re: [gentoo-user] CLI Torrent client(s)?
On 29.12.2011 12:07, Pandu Poluan wrote: I'm wondering: what's your recommended CLI Torrent client(s)? And why? Rgds, I'm definitely a fan (and user) of deluge. It has nice plugins, and can receive torrents from rss-parser flexget, which is very nice for tv-shows - ezrss.it. But this was not meant to be the 3rd msg regarding deluge - I wanted to add: rtorrent - works very well and is curses based, but does lack a daemon-mode. Now there is a optional web-frontend: rutorrent. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] From where the word 'gentoo' came?
On 20.12.2011 18:31, LinuxIsOne wrote: Hi, From where the word gentoo came into existence? Thanks. Also (ir)relevant: bug report concerning the mascot Larry the cow: https://bugs.gentoo.org/show_bug.cgi?id=27727 -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] ext4 inode limit reached
On 13.12.2011 01:44, Frank Steinmetzger wrote: On my system, /usr/portage currently contains 127000 files. But for reason of increased performance I put it into a squashfs file. (There was a nice howto on this ML some months ago). You could try that, which will free those inodes up and ideally leaves you with one used inode for the squashfs image. Plus, if you have enough RAM, you could put /var/tmp/portage into tmpfs. I have 3GB, and this is fairly enough. For other hogs like firefox, LO and java, I use binary packages though. For comparision, I too have one (seldom two) kernel source trees and everything else on / except /home. And while of the 17GB capacity barely 1GB is left free, I still have 480k inodes free of the 1M in total. (I figured that I may have more space for content if I reserved less for inodes). I had portage in a squashfs before too - that was nice :) That's also the reason I had /usr/portage /var/cache/edb and /var/db/pkg on one filesystem - all together in the squashfs :) Because one day my / became full I moved /usr/src onto that partition too (it was now on a reiser3fs). All fine, and other partitions less fragmented... until I moved to ext4. Now I have a SSD, and it's simpler than squashfs'ing and still fast. distfiles is on a HDD (Thinkpad notebook with ultrabay - love it) and compilation on tmpfs (8GB RAM, so no problems). I always have like 8 kernel trees lying around, so there are already like 400k files... For various reasons I like to keep my stuff on separate partitions - my system is distributed over 6 partitions and my personal data over 3 partitions :) That inode-trouble was actually quiet interesting ;) Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
[gentoo-user] ext4 inode limit reached
Hello :) I have an ext4-filesystem that contains /usr/src, the /usr/portage and /var/cache/edb. It previously also contained /var/db/pkg, but I had to move that some weeks ago, because the fs was full. Now it's full again, though it has free blocks. But no inodes are left: $ fsck -vf /dev/sda5 [..] 655360 inodes used (100.00%) [..] $ find /gentoo -xdev | wc -l 655338 That's really disappointing. I was using reiser3fs and XFS before, and they didn't have that kind of limitation... Uhm... not meant as a rant - I like ext4 - that's why I'm moving (almost?) everything to it... Is there any way to raise the number of inodes without using $ mkfs.ext4 -N BIGNUM Thank you, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] ext4 inode limit reached
On 12.12.2011 15:54, Alex Schuster wrote: Joseph writes: That is scary. I just install new HD with 2TB capacity and ext4 that is 2% full and: $ find /home/joseph/ -xdev | wc -l shows: 169977 that is 26% full. No, that is 26% of the number of total inodes _Daniel_ has on his small partition. Yours is bigger, so you have more inodes. My largest partition has 724G, and 46 million inodes. Use df -i to see how many you have. Ah yes... My partition is only 10GB, and mkfs.ext4 sais in its man page (at -N option) it uses a calculation [..] based on the number of blocks and the bytes-per-inode ratio. So a small partition will have fewer inodes than a big partition. mkfs.extX uses settings for the inode-block-ratio from /etc/mke2fs.conf. The -T option configures which one to use, my partition falls into category 512MB default 4TB, which makes it use inode_ratio=16384. I think I should use the news type. It has inode_ratio=4096, which should give me 4 times the inodes testing... yes: 2621440 inodes instead of 655360. Previously I used reiser3fs for this kind of filesystem usage, but it's not faster than extX anymore. Moreover it's running on a SSD now, and afaik reiser3fs doesn't support TRIM :( OK - thank you all. It seems I'll have to reformat. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: multi-threaded mplayer
On 11/15/2011 10:55 AM, Raffaele BELARDI wrote: I'll answer myself: just pass the option. And when happy, put them in the config file: daniel@moja ~ $ grep threads .mplayer/config lavdopts=threads=4 http://forums.gentoo.org/viewtopic-t-789673-postdays-0-postorder-asc-start-75.html On 11/15/2011 08:58 AM, Raffaele Belardi wrote: Do I need to set any particular USE flag to enable multi-threaded decoding with mplayer, or is it just a matter of passing the appropriate 'threads=' on the command line? raffaele
Re: [gentoo-user] [off-topic] - can /var be placed in a separate partition?
On 09/12/2011 01:53 AM, Alex Schuster wrote: Francisco Ares writes: Is it possible to have /var in a separate partition, mounted during boot? This is very common. The advantage is that a process filling up the /var directory (which is bad) will not fill the root partition (which would be worse). Just wanted to throw in, that on servers I also create a separate /var/log partition. Reasoning: If your logs fill up /var, than for ex. mysql won't be able to write anymore. So to decouple systems and problems even further I have /var and /var/log on separate partitions, hoping for higher service availability. Daniel
Re: [gentoo-user] Network Topology Diagrams
On 08/05/2011 07:48 PM, Michael Mol wrote: On Fri, Aug 5, 2011 at 1:42 PM, James wirel...@tampabay.rr.com wrote: Hello one and all, It's been a while since I've created diagrams. I'd be curious to learn what tools (software ebuilds) and techniques that folks employ to: Graphically map an existing network topology. Create new designs and implementation details a proposed Network Topology Design. Create paper printable diagrams. I'm thinking about getting an 11 x 17 color printer for the actual printed (paper) diagrams. It'd be nice to include (graphical colors) that shows wireless, cat(5), fiber and POE segments in different colors, even if I have to manually edit what a software tool cannot distinguish within it's features. BISCI, RCDD, TIA, NEC and any other related standards or regulatory (regardless of country) types of related issues and support are of interest, but not necessary for a general response and discussion. Hopefully the industry has move passed creating much of these sorts of materials, uniquely by hand, using Autocad? All comments and suggestions are welcome. Templates are most welcome! To my knowledge, Dia is the most common Linux answer to Microsoft Visio, and sounds somewhat close to what you're looking for. I'd *love* to see a tool that sniffs the network and tries to build a visible topology graph, though... Zenmap - part of net-analyzer/nmap can do that for you. It lists all hosts found. When clicked you can access their scan data. You can import export those scans in a XML format. It draws a topological chart of the network. It uses only circles as icons, so it's not apt for presentations, but to get a quick overview. It's handy to make a thorough scan at customers and make its export accessible to your colleagues in your admin-firm. Greetings, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Near freezes during large emerges
On 01/16/2011 08:25 PM, Grant wrote: I've been running without swap for quite a while, but my system goes into a near freeze whenever I undertake a large emerge such as chromium or openoffice. Is there anything I can do to prevent this besides turning swap back on? I have 3GB RAM and MAKEOPTS=-j1. - Grant The near freeze is probably the result from Linux' bad IO-scheduling. I know the phenomena :( I'm very much looking forward to some future changes in the kernel :) For now it'll help to use ionice -c 3. This is the IO-equivalent to nice -n 19. $ ionice -c 3 emerge something Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] xen-sources and igb (intel network) driver
On 01/11/2011 03:09 PM, Konstantinos Agouros wrote: In 1294686017.7979@rumba elw...@agouros.de (Konstantinos Agouros) writes: Hi, I just upgraded my box to a phenom and an intel quad gbit card. The card is a 82575GB. It is recognized (I use xen-sources 2.6.34-r4) and also tried the latest driver available at intel (2.4.12). Ifconfig show the interfaces mac addresses etc. However I do not get a link. Neither on a switch nor on a laptop with gbit interface. I found googling that there seems to be an issue with xen and this card/ chip. Anybody knows a way out of it? Especially since the card should have some virtualization optimizations? OK more googling gave me the answer: ethtool -K tx off Now the question is: what is the 'gentooest' way to put this into /etc/conf.d/net? From reading the example file I would guess a preup() function. Also: is /etc/conf.d/net the place to put in the bridge definitions for the xen guests? If yes, how do I get it to create empty bridges for inter- guest communications? Regards, Konstantin - brctl_br0=( setfd 0 sethello 0 stp on ) config_br0=( aa.bb.cc.dd netmask dd.ee.ff.gg broadcast hh.ii.jj.kk ) routes_br0=( default via ll.mm.nn.oo ) dns_domain_br0=example.com dns_servers_br0=pp.qq.rr.ss tt.uu.vv.ww dns_search_br0=example.com bridge_add_eth0=br0 config_eth0=( null ) brctl_br1=( setfd 0 sethello 0 stp on ) config_br1=( null ) This should create two bridges: br0 gets the public IP and the physical interface is connected to it br1 can be used to interconnect two VMs without connection to dom0 and the outside world /etc/conf.d/net is super powerfull, and super bad documented :( Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] postfixadmin vacation user uid/home in /etc/passwd
On 12/30/2010 12:59 AM, kashani wrote: On 12/29/2010 1:36 PM, Tanstaafl wrote: On 2010-12-29 3:50 PM, kashani wrote: On 12/29/2010 9:14 AM, Tanstaafl wrote: I'm updating an old system I inherited that has postfixadmin 2.1 installed, and I have a question about the vacation user entry in /etc/passwd... snip I would consider a plan to upgrade to 2.3.2, I guess I could have been clearer - I said I was updating the system, and updating pfadmin to 2.3.2 is what I'm doing now... and I want to configure everything *correctly*. Right now, vacation has a shell, and it shouldn't - I just want to know if simply editing /etc/passwd is the correct way to fix it... but it would be far simpler to build a new system and switch over to it than upgrade in place. And safer. I already have the new pfadmin up and running, and I'll be switching over this weekend... Any idea about my other question: Also, out of curiosity - can /etc/passwd file contain comments? Thanks... Sure you can edit it directly though you'll break anyone currently using vacation as soon as you do. Make sure you fix /etc/shadow and /etc/group too. Or use usermod which would be the proper way to make the change. /etc/passwd shouldn't have stand alone comments which might cause weird problems with pwconv, grpconv, etc. Use the comment field of the user. kashani See $ man -S5 passwd for the format of /etc/passwd. Or in short: Each line of the file describes a single user, and has the following format: account:password:UID:GID:GECOS:directory:shell So there is no comment allowed. But you can place this stuff in GECOS if you like and need it. Will be visible to users though. About editing /etc/passwd directly: don't! It can mess up your system, so that noone can login anymore. The recomended way is $ usermod, the direct way is $ vipw. It is a wrapper around vi that does simple sytax checks, so you don't break things. I use it if I have to edit /etc/passwd. There is also vigr :) $ vipw -s and $vigr -s lets you edit the shadow files. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Normal disk speed?
On 10/07/2010 12:59 AM, Adam Carter wrote: WOW! Those differences are crazy! Please - I know benchmarking takes a lot of time - but could you check something: the behavior those fs have at what time they flush data from cache to disk is very different. Have you made sure that you measured the time it really needs? I mean the difference between: $ sync; time cp source dest and $ sync; time (cp source dest; sync) Only the last measures somewhat correctly. I had noticed that there was, say, 5 seconds of disk activity after the cp command complete which I assumed was buffers getting flushed, but 5 seconds didnt seem that significant overall. I will run the tests as you suggest and post back. Do you think btrfs (with or without compression) would be faster than reiser? If so I will try that as well. On my system it is twice as fast as reiser3 for _lots_ (200.000) of small files with compression on (didn't test is without compression). I didn't test if with big files. But your results may vary anyway. For example btrfs is very cpu-intensive (even more with compression). If you've got a slow cpu (like in embedded devices), jfs might perform better. BTW: _all_ my partitions are encrypted and on LVM, so your use case is probably very different :) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Normal disk speed?
On 10/06/2010 10:04 AM, Adam Carter wrote: FYI some braindead benchmarking, reiserfs vs ext4, kernel 2.6.35-gentoo-r8 Copy same DVD image from internal reiserfs drive to freshly formatted external drive; reiserfs1m37.530s ext43m15.074s Then image copy on that external drive; # time cp CentOS-5.3-x86_64-bin-DVD.iso CentOS-5.3-x86_64-bin-DVD.iso2 # time cp CentOS-5.3-x86_64-bin-DVD.iso CentOS-5.3-x86_64-bin-DVD.iso3 reiser1m44.719s and 1m51.441s ext43m24.337s and 4m30.534s Not that is matters, but create filesystem on 2TB drive; reiserfs1m17.373s ext46m3.421s Didnt see that coming, I guess i'll stick with reiser3 WOW! Those differences are crazy! Please - I know benchmarking takes a lot of time - but could you check something: the behavior those fs have at what time they flush data from cache to disk is very different. Have you made sure that you measured the time it really needs? I mean the difference between: $ sync; time cp source dest and $ sync; time (cp source dest; sync) Only the last measures somewhat correctly. I'm irritated, because ext4 is extends based, and should behave much better with big files than reiser3... not only less fragmentation, but should also be faster... Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Normal disk speed?
On 10/01/2010 04:40 PM, James wrote: Daniel Troeder daniel at admin-box.com writes: As I read about the nice performance of btrfs with compression I tried it out two weeks ago. I'll be posting my benchmarks to this list soon. Until now I didn't have any problems, but still would not use btrfs on production systems. What tool(how) did you setup btrfs? As I'm going to use it (test it) on an old drive (system), with / /boot and swap all using btrfs. Fdisk(gentoo_handbook)? What would a grub entry look like? /etc/fstab ? Other affected files? Well, I'm going to take the BTRFS plung. Any words of wisdom, howto's or caveats are most welcome. James I read the man and web page, and ended up using the defaults: $ mkfs.btrfs /dev/xyz To use compression, just mount with -o compress. That's all :) /etc/fstab: /dev/mapper/vg0-portage /gentoo btrfs noatime,compress 0 2 I installed sys-fs/btrfs-progs-0.19-r1 and I have the 'acl' flag on. I haven't done anything fancy since then, and it justworks(tm) ;) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Normal disk speed?
On 10/01/2010 03:12 AM, Adam Carter wrote: Your harddisk seeks, everything is slow. So does that then mean that my options are; 1. Defragment, so there is less seeking 2. Get an SSD Since 2 is too expensive for a decent size drive, is there anything i can do about 1 without a backup and restore operation? Or will the fragmentation be very small on reiser3 anyway (i mount with notail) so I should just accept things as they are. You can gain a significant performance win by choosing your fs carefully (and benchmarking). If you've got a fs with mostly files of middle size or big size like a root fs or media collection you can use ext4 or xfs and they will perform as good or better than reiser3 because they fragment less. In my experience reiser3 fragments strongly after a year or so of heavy usage. xfs has a online-defragment tool xfs_fsr in sys-fs/xfsdump that works very well and is officially supported. (No other fs has that, to my knowledge.) xfs is especially fast and efficient with big files (media files). ext4 and xfs perform well in most use cases and are actively developed. Read phoronix for benchmarks. :) If you've got lots of small files (4kb) (like in a portage tree, mail or news server) you want to go with reiser3 or ext4. ext4 can be formatted with -T news to optimize for small files. The optimization is not in speed, but in small block size, to save disk space. As I read about the nice performance of btrfs with compression I tried it out two weeks ago. I'll be posting my benchmarks to this list soon. Until now I didn't have any problems, but still would not use btrfs on production systems. I store all my small portage files (/usr/portage, /var/cache/edb and /var/db/pkg - 215000 files) on a btrfs partition and have benchmarked it against reiser3 (which I was using before). -- double speed! (For example emerge --metadata and rsync yesterday-portage today-portage needs *half* the time on btrfs than reiser3!!!) For work I use VirtualBox a lot. I store my VM disk images on a xfs-fs, because I can defragment it, and fragmented VM disks are really slow. If you're working on a RAID or have a 4k-disk, you'll have to align your partitions to the stripe size. (See lots of long threads in this mailing list.) BTW: You wrote you mount with notail. I hope you also use noatime. This is _ultra_important_ if you have lots of metadata work (reading/modifying lots of files and/or their attributes, like in portage-trees). You probably never need atimes, no you should always mount all your filesystems with it. mkfs.xfs has an option -l lazy-count=1 that helps in metadata heavy workloads. My point: The speed of your file access can vary a lot depending on the file system and its options. But the right file system to choose depends on your use case. In the end you'll have to benchmark... Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Native 32 and 64-bit linux Flash 10 Preview Release available
On 09/19/2010 08:05 AM, Walter Dnes wrote: This is of interest to those of us running old versions of Flash, especially on 64-bit installs without 32-bit support (looks in mirrorg). Download site is http://labs.adobe.com/downloads/flashplayer10.html To find out where to install, go to about:plugins in Firefox, and see where your current version of libflashplayer.so is installed. In my case it's /opt/Adobe/flash-player/libflashplayer.so To install... * for 64-bit version download the file http://download.macromedia.com/pub/labs/flashplayer10/flashplayer_square_p1_64bit_linux_091510.tar.gz * for 32-bit version download the file http://download.macromedia.com/pub/labs/flashplayer10/flashplayer_square_p1_32bit_linux_091510.tar.gz * exit Firefox * mv your current copy of libflashplayer.so to another directory as a backup, in case the new one doesn't work for you * extract libflashplayer.so from the downloaded tar.gz into the directory which you removed libflashplayer.so from. * fire up Firefox, and away you go * note that when the release version comes out, you'll need to manually remove the Preview Release libflashplayer.so Good news = It works for me, so far. I've tried live365.com, both via my paid account and via the free (with commercials) option. It works. So does Youtube. Bad news It's more painfull building up a collection of flv videos. The old version used to copy Youtube videos/songs/whatever into /tmp with a filename beginning with Flash. It would get wiped each time you played a new video/whatever. But you could always move it out to another place before playing the next video. Rename the file to something.flv and mplayer plays it beautifully. Nice way to build up a collection. The new version dumps it in the Cache directory of whatever Firefox profile I'm using. You have to cd to the Cache subdirectory, and execute... file * | grep Macro and you'll get a list of all Macromedia Flash files in the directory. One of them is the most recent Flash file you played on Youtube. You have to do some digging. Again, copy it to another file elsewhere to keep a copy. I have not tried the new version, but this should still work: the flash-process has a file-open-link in /proc/PID/fd/ The /tmp/Flashxx file was symlinked there. So now the filename and path are different, but you can probably still find it like that faster (at least as long as the flv is open by the plugin :) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Pipe Lines - A really basic question
On 09/09/2010 07:24 PM, Matt Neimeyer wrote: My generic question is: When I'm using a pipe line series of commands do I use up more/less space than doing things in sequence? For example, I have a development Gentoo VM that has a hard drive that is too small... I wanted to move a database off of that onto another machine but when I tried the following I filled my partition and 'evil things' happened... mysqldump blah... gzip blah... In this specific case I added another virtual drive, mounted that and went on with life but I'm curious if I could have gotten away with the pipe line instead. Will doing something like this still use twice the space? mysqldump | gzip file.sql.gz OR going back to my generic question if I pipe line like type | sort | unique output does that only use 1x or 3x the disk space? Thanks in advance! Matt P.S. If the answer is it depends how do know what it depends on? Everyone already answered the disk space question. I want to add just this: It also saves you lots of i/o-bandwidth: only the compressed data gets written to disk. As i/o is the most common bottleneck, it is often an imperative to do as much as possible in a pipe. If you're lucky it can also mean, that multiple programs run at the same time, resulting in higher throughput. Lucky is, when consumer and producer (right and left of pipe) can work simultaneously because the buffer is big enough. You can see this every time you (un)pack a tar.gz. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Gentoos community communication rant
On 09/09/2010 08:21 AM, J. Roeleveld wrote: On Wednesday 08 September 2010 23:27:52 Daniel Troeder wrote: On 09/08/2010 05:27 PM, J. Roeleveld wrote: On Wednesday 08 September 2010 17:14:13 Jonathan wrote: On Tue, 7 Sep 2010 22:49:37 +0200 Volker Armin Hemmann volkerar...@googlemail.com wrote: We go in circles here. NNTP is be default organzed in threads. You don't open a topic that you are not interested in, even if the thread has 500 messages. Nothing to filter. emails too. But you still get the 'new mails' indicator. Claws mail has a Ignore thread mark. Which I'm about to use on this thread. So does KMail, but never tested what it actually does. Maybe I should on this one... That's cool - what does it do? I could imagine it does mark all msg as read... or what? I mean it's still mail... so it needs to dl it... maybe it does automagically only download the headers? Oh I like the idea :D I run my own IMAP at home, so mail is automatically downloaded and filtered on that server. KMAil is only the client to access that. Not sure if it would stop at the headers. A quick check showed me that all unread messages are not shown as unread. Unmarking it as ignore does show the unread as unread again. So it only appears to be hiding the fact new messages appeared. In Thunderbird I look at all the topics (mails sorted by thread), and if not interested mark the hole folder (mails sorted into folders on server) as read. But the next time I check my mails there are new unread mails that belong to that same thread I didn't want to read. So I have to mark them as read again. A function like in Claws and Kmail... I have to search for add-ons for Thunderbird... thanx for that idea! Good luck/fun hunting. Let us know if a similar feature exists for Thunderbird. I found something: https://addons.mozilla.org/en-US/thunderbird/addon/221519/ I'm testing it now... have to wait for messages - will report back tomorrow :) (please note: I'm talking about client-features, not delivery/storage-systems) Bye, Daniel (sorry for this traffic, I hope this mail is more worth a smile on your face than an annoyance :) BTW: I know n00b-unfriendly communities - and gentoo isn't one! I agree :) -- Joost -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Gentoos community communication rant
On 09/08/2010 05:27 PM, J. Roeleveld wrote: On Wednesday 08 September 2010 17:14:13 Jonathan wrote: On Tue, 7 Sep 2010 22:49:37 +0200 Volker Armin Hemmann volkerar...@googlemail.com wrote: We go in circles here. NNTP is be default organzed in threads. You don't open a topic that you are not interested in, even if the thread has 500 messages. Nothing to filter. emails too. But you still get the 'new mails' indicator. Claws mail has a Ignore thread mark. Which I'm about to use on this thread. So does KMail, but never tested what it actually does. Maybe I should on this one... That's cool - what does it do? I could imagine it does mark all msg as read... or what? I mean it's still mail... so it needs to dl it... maybe it does automagically only download the headers? Oh I like the idea :D In Thunderbird I look at all the topics (mails sorted by thread), and if not interested mark the hole folder (mails sorted into folders on server) as read. But the next time I check my mails there are new unread mails that belong to that same thread I didn't want to read. So I have to mark them as read again. A function like in Claws and Kmail... I have to search for add-ons for Thunderbird... thanx for that idea! (please note: I'm talking about client-features, not delivery/storage-systems) Bye, Daniel (sorry for this traffic, I hope this mail is more worth a smile on your face than an annoyance :) BTW: I know n00b-unfriendly communities - and gentoo isn't one! -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] OT: new mail client
On 08/30/2010 04:10 PM, James wrote: OK, so I/m ready to move a few users from the mail client in Seamonkey to a new mail client package. Thunderbird looks reasonable, runs on Winblows and Linux and is not tied to a given desktop platform. I did read bugzilla about enigmail not working with the latest thunderbird: Bug 301114. ;-) Is there a better(alternative) way to use encryption with thunderbird? Enigmail works great, if installed via usual extension mechanism. It's just, that the user (or you for them) has to do it once... In general, I like the way the mozilla mail systems work, but, I want something, easy to admin (users do email backups), easy to migrate from seamonkey, and able to run on Winblows or Linux. A nice system wide backup strategy with around 2 dozen thunderbird clients, is also part of the strategy. So first users try to retrieve their lost emails, then ask an admin.. I like a separate backup system for email not part of the regular backup system. TB3 brings archive support. I don't know if that is what you need, but see for yourself: http://support.mozillamessaging.com/en-US/kb/Archived+messages I prefer having all mails stored on the server (used with IMAP) and backing that up. Most users I know just forget to make backups/archives. Of course if they need a lost mail - you're right - it's work for us :( I think dovecot-imap has an automated archiving mechanism too... Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] nss_updatedb pam_ccreds
On 07/29/2010 06:50 PM, Giampiero Gabbiani wrote: Hi all, I configured nss pam in order to make LDAP authentication. In order to have a proper authentication and attributes retrieving I added also ccreds and nss_updatedb modifying /etc/pam.d/system-auth for the first and /etc/nsswithch for both: /etc/pam.d/system-auth: auth[success=done default=ignore] pam_unix.so nullok_secure try_first_pass debug auth[authinfo_unavail=ignore success=1 default=2] pam_ldap.so use_first_pass auth[default=done] pam_ccreds.so action=validate use_first_pass auth[default=done] pam_ccreds.so action=store auth[default=bad] pam_ccreds.so action=update account [user_unknown=ignore authinfo_unavail=ignore default=done] pam_unix.so debug account [user_unknown=ignore authinfo_unavail=ignore default=done] pam_ldap.so debug account required pam_permit.so passwordrequiredpam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3 passwordsufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow passwordsufficient pam_ldap.so use_authtok use_first_pass passwordrequiredpam_deny.so session optionalpam_mkhomedir.so skel=/etc/skel/ umask=0022 session requiredpam_limits.so session requiredpam_env.so session requiredpam_unix.so session optionalpam_permit.so session optionalpam_ldap.so # /etc/nsswitch.conf: # $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nsswitch.conf,v 1.1 2006/09/29 23:52:23 vapier Exp $ passwd: files ldap [NOTFOUND=return] db shadow: files ldap group: files ldap [NOTFOUND=return] db #passwd: files ldap #shadow: files ldap #group: files ldap # passwd:db files nis # shadow:db files nis # group: db files nis hosts: files dns networks:files dns services:db files protocols: db files rpc: db files ethers: db files netmasks:files netgroup:files ldap bootparams: files automount: files ldap aliases: files sudoers:ldap files the problem is that, when the connection to the ldap server is down, I can't login: Jul 18 19:22:59 athena login[10600]: pam_unix(login:auth): check pass; user unknown Jul 18 19:22:59 athena login[10600]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty2 ruser= rhost= Jul 18 19:22:59 athena login[10600]: pam_ldap: ldap_simple_bind Can't contact LDAP server Jul 18 19:23:02 athena login[10600]: nss_ldap: failed to bind to LDAP server ldap://vesta.homenet.telecomitalia.it: Can't contact LDAP server Jul 18 19:23:02 athena login[10600]: nss_ldap: could not search LDAP server - Server is unavailable Jul 18 19:23:02 athena login[10600]: FAILED LOGIN (1) on 'tty2' FOR `UNKNOWN', User not known to the underlying authentication module from the last line above it seems like the credentials were not cached or the nss switch doesn't use the db service for the passwd and shadow database. Is there someone that has a working configuration in order to have the cached credentials systems working properly ? Regards Giampiero I haven't done this on Gentoo, only on a Ubuntu 10.04 system of a client, but there it works like a charm. So I don't know if the following applies, but here are my ideas: Did you run sudo nss_updatedb ldap? In Ubuntu it fetches the (non-password) data for getent passwd and getent group and stores it in /var/lib/misc/passwd.db and /var/lib/misc/group.db. Check those files. You should be able to list LDAP-users and LDAP-groups now without connection to the LDAP (by running getent passwd and getent group). The PAM configuration is very different of course. Then to be able to login the user must have logged in once with the LDAP connected, so that the password can be stored locally. If that was successful, can be checked by running sudo cc_dump. It prints: $ sudo cc_dump Credential Type User Service Cached Credentials Salted SHA1 daniel any 788e8f863a089211911dbbf1774ce141516936f4 Hope it helps... Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: State of Radeon drivers
Oh yes - considering support time is a really good hint! Just one thing: On 07/26/2010 01:01 AM, James wrote: http://www.x.org/wiki/radeonhd The radeonhd driver has been abandoned recently by its last supporter (Novell), because the radeon-driver includes now practically all features of radeonhd. So you should look at http://www.x.org/wiki/radeon Bye :) Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] State of Radeon drivers
On 07/25/2010 06:00 PM, Florian Philipp wrote: Hi list! I have a quick question: I plan to buy a notebook with an ATI Mobility Radeon HD 4250. How well would that one work? Can I reasonably expect Suspend2Ram, 3d acceleration etc to work stable? Thanks in advance! Florian Philipp Open Source (x11-drivers/xf86-video-ati) and Close Source drivers (x11-drivers/ati-drivers) do both work with suspend2ram. From this mailing list (my post) 06/24/2010 10:22 AM +0200, Subject Re: [gentoo-user] ATI RV710/730 in regards to ATI only: - ATI: 3D is very good - a must for gaming, 2D is SLOW! (thou they did something about that with 10.6 - experience differs for users - its said that window management is fast now, but video still has tearing effect [also my exp.]) Latest driver (10.6) work with xorg-server-1.7.x only and kernel module has problems with =2.6.34 (exp. differ). Xorg: 3D is basic and very slow but works (the newer the driver/server the better, development is VERY fast), 2D is a dream (very fast, no tearing with video)! Driver is released with Xorg - so work always with newest Xorg, kernel module is in-kernel - work always with newest kernel :) Driver supports both KMS and user space MS. - So... for buying... if u need only 2D (and basic 3d) - intel. If you want to play games: nvidia or ati/amd... The OSS-driver 4 ATI is MUCH more mature and ATI/AMD gives out documentation and also develops - work is going very well, but will take time for 3d to catch up. Still for OSS - ATI. The closed source drivers of nvidia are much better (very fast match new kernels and Xorg releases) than the closed source drivers of ati (they are like a year behind kernel/xorg releases)! So if you plan on being always on closed source drivers (because you game often or use 3D-software for modeling or so) then x11-drivers/nvidia-drivers works better. The nvidia driver also offers hardware accelerated HD-video playback (1080p H264 - only 10% CPU, rest in GPU). Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] xorg.conf and ATI 4350 card
On 07/21/2010 04:46 AM, James wrote: hello, I can get X(kde 4.4) to start and run without a xorg.conf file but at the wrong screen resolution. (1600x1200) instead of 1920x1280, as it was before. Every attempt to edit the old xorg.conf or roll a new xorg.conf with the new 2.6.34-gentoo-r1 kernel results in X that crashes. Maybe somebody could post a minimal xorg.conf to set the resolution only on the screen? 2.6.34-gentoo-r1 ati-drivers 10.6 xorg-x11 7.4-r1 xorg-server 1.7.6 Try: $ sudo aticonfig --initial --input=/etc/X11/xorg.conf (last argument optional, use aticonfig --help to see like 1000 more options) Daniel
Re: [gentoo-user] Re: Why does high-res video drop frames at 60% CPU?
On 07/07/2010 05:33 AM, Grant wrote: I've been using VDPAU acceleration to play back Blu-Ray rips for a while, but the extra layer is getting to be quite a hassle so I'm trying to get decent performance via software decoding. It has actually come a long way since the last time I tried and playing Blu-Ray rips via mplayer is nearly watchable. I'm using a dual-core 3.1Ghz CPU and one of the cores is only taxed up to 60% during playback, but frames are still being dropped constantly. Does anyone know where the bottleneck might be? Not sure. Could be wrong CPU load display; which tool do you use to get the CPU load? I use top. On the mplayer list, people were saying they too get 60% CPU load but no playback problems. Anyway, if you're not already doing so, you might want to try the multithreaded version of mplayer so both CPU cores can do decoding. It's in the multimedia overlay. More details here: http://forums.gentoo.org/viewtopic-t-789673.html I really don't think it's a CPU issue. What other factors could be at play? Could it be my nouveau video drivers? - Grant Regarding mplayer: There is another ebuild in the multimedia-overlay that I prefer now to mplayer(-mt) and that also uses ffmpeg-mt : media-video/mplayer-uau. It fetches the mplayer-version from one of the mplayer-devs and creates a binary called mplayer-uau which can be installed at the same time as the official mplayer package. Regarding your frame drops: it is highly likely that sound is the problem. Please try playing the video with -ao null to see if that's the case. I assume you use pulseaudio? Check if it has real time capabilities (kill it, start it with verbose/debug in foreground, read log). Also try -ao alsa and -ao oss. Your data-source (gard disk, network?) is fast enough? Copy 1GB into RAM to be sure by ether using RAM-disk or cache-settings. Try nvidia-binary. You'll get VDPAU in that case, which will result in about 5% CPU usage when decoding h264! Hope some of this helps... Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Why does high-res video drop frames at 60% CPU?
On 07/07/2010 12:35 PM, App Deb wrote: You have dual core so 60% means: 50% (full one core) is for decoding, and the rest 10% is for audio, resizing etc. Oh - didn't think about this - yes... you could be seeing the wrong thing in top. If you have more than 1 CPU/Core you should push 1 in top to get separate statistics per CPU/Core. Push W to save your settings. (Use s to change statistics collection time, 1 sec. is good.) Use htop to see threads. As far as I know top won't show those. So you can't check if your multi-threaded mplayer is really using more than 1 thread/process. BTW: On my core2duo 2,4 GHz I have no problems watching H.264 encoded 1080p videos with AAC sound. All decoding is done in software. When I use original mplayer 720p is possible without problem, 1080p only with low bitrate. For high bitrate 1080p I need the mt-version. Daniel You can't play the video correctly because your decoder is not multithreaded and uses just the one CPU at its fullest. Try using multithreaded version of mplayer mplayer-mt (in some overlay probably) with lavdopts=threads=2 in mplayer config. On Wed, Jul 7, 2010 at 5:17 AM, Grant emailgr...@gmail.com mailto:emailgr...@gmail.com wrote: I've been using VDPAU acceleration to play back Blu-Ray rips for a while, but the extra layer is getting to be quite a hassle so I'm trying to get decent performance via software decoding. It has actually come a long way since the last time I tried and playing Blu-Ray rips via mplayer is nearly watchable. I'm using a dual-core 3.1Ghz CPU and one of the cores is only taxed up to 60% during playback, but frames are still being dropped constantly. Does anyone know where the bottleneck might be? - Grant
Re: [gentoo-user] Why does high-res video drop frames at 60% CPU?
On 07/07/2010 03:01 PM, Mick wrote: On 7 July 2010 12:27, Daniel Troeder dan...@admin-box.com wrote: Use htop to see threads. As far as I know top won't show those. So you can't check if your multi-threaded mplayer is really using more than 1 thread/process. What do you get when you press upper case 'H' in top? Oh - I wasn't aware of that key - nice :) With htop I do see 4 mplayer processes with both mplayer and mplayer-uau... (can't sort properly with top) but only 1 process really uses any cpu time... I wonder if mplayer-uau is really using ffmpeg-mt (I did set the use flag)... Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] VFAQ mirroring a live root FS
On 07/01/2010 05:12 PM, Helmut Jarausch wrote: Hi, would anybody please explain to me what difficulties might occur if I mirror a live root file system and use that for booting (in an emergency case). I know that for proper mirroring I may mirror a live root file system but I have to rsync it after booting from a different device (USB,...) But what happens if I have to boot a system from a backup which has been mirrored from a live root file system. Many thanks for sharing your experience, Helmut. This will probably be no problem at all: it's (nearly) the same thing as pushing the reset knob and booting :) I suggest you use a LVM-snapshot. If you use cp or rsync, then use the -x switch (and -S with rsync). Those methods have worked for me for bare-metal-recovery until now. The only thing that mostly breaks are databases. So create a dump before copying, and copy it too. Or if possible stop the DB and make a copy of the files, then start it again. Or both ;) Bye, Daniel Just in case: When booting from CD always use --numeric-owner with tar and --numeric-ids with rsync or uids and gids will get messed up. -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] ATI RV710/730
On 06/23/2010 11:47 PM, Mick wrote: On Wednesday 23 June 2010 09:08:02 Daniel Troeder wrote: On 06/07/2010 01:33 AM, James wrote: Hello, I have this ati card. I'm having trouble finding a stable ati-driver + xorg-server combination that will compile. Any recommendations as to open source drivers or getting ati-drivers happy with 9.x or 10.x is most welcome. I read a lot of bugs but not much clear on how to proceed James x11-base/xorg-server-1.7.6 x11-drivers/xf86-video-ati-6.12.6 x11-drivers/ati-drivers-10.6 both drivers work well. to install both you have to make drm a module and not load radeon with kms. switching is possible if you shutdown X but might require a reboot (it doesn't, but you lack hw-accel. if you don't). Hmm interesting! How do the ati drivers perform Vs xorg? ATI: 3D is very good - a must for gaming, 2D is SLOW! (thou they did something about that with 10.6 - experience differs for users - its said that window management is fast now, but video still has tearing effect [also my exp.]) Latest driver (10.6) work with xorg-server-1.7.x only and kernel module has problems with =2.6.34 (exp. differ). Xorg: 3D is basic and very slow but works (the newer the driver/server the better, development is VERY fast), 2D is a dream (very fast, no tearing with video)! Driver is released with Xorg - so work always with newest Xorg, kernel module is in-kernel - work always with newest kernel :) Driver supports both KMS and user space MS. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] ATI RV710/730
On 06/07/2010 01:33 AM, James wrote: Hello, I have this ati card. I'm having trouble finding a stable ati-driver + xorg-server combination that will compile. Any recommendations as to open source drivers or getting ati-drivers happy with 9.x or 10.x is most welcome. I read a lot of bugs but not much clear on how to proceed James x11-base/xorg-server-1.7.6 x11-drivers/xf86-video-ati-6.12.6 x11-drivers/ati-drivers-10.6 both drivers work well. to install both you have to make drm a module and not load radeon with kms. switching is possible if you shutdown X but might require a reboot (it doesn't, but you lack hw-accel. if you don't). Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Performing a backup during the boot sequence
On 05/26/2010 12:30 AM, Allan Gottlieb wrote: For quite a while I have used the following steps to perform a single-user backup 1. Boot to single user mode via the grub command kernel /boot/vmlinuz root=/dev/sda6 single 2. Type in the root password. 3. Execute a single command /usr/local/sbin/ajg-backup-init-3 which does the backup and then executes init 3 4. This gets me to multi-user mode. I would like to automate this so that booting directly to multi-user mode via kernel /boot/vmlinuz root=/dev/sda6 All I need to do is to execute the single command /usr/local/sbin/ajg-backup-init-3 at the right moment. This didn't seem hard; I want it after everything in boot but before everything currently in default. So I was going to put it in default with a before * in depend() Reading the gentoo handbook chapter B4.d Writing Init Scripts I find two comments criticizing this approach 1. You can also use the * glob [argument to before] to catch all services in the same runlevel, although this isn't advisable. 2. Note: Make sure that --exec actually calls a service and not just a shell script that launches services and exits -- that's what the init script is supposed to do. I can see problems with multiple before * directives, but no other script has one so I think I would be OK with my before *. Criticism 2 has me concerned since my backup routing is indeed a shell script that exits. Indeed, my backup is not really a service so I am worried that I shouldn't be using an initscript at all. Any advice/comments would be welcome. thanks, allan You could create a LVM-snapshot of the partition/data you wish to backup at before * or inside boot and then later run the backup on the mounted snapshot, removing it afterwards. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure
On 05/18/2010 07:57 PM, Jan Engelhardt wrote: On Tuesday 2010-05-18 18:56, Stefan G. Weichinger wrote: Do you know any howto where it is done the right way? The right and easy way is to just use the supplied pmt-ehd(8) tool, which works both interactively and non-interactively, depending on whether it's called with enough arguments or not, so there's something for everybody's flavor. It does not do LUKS yet as of pam_mount 2.2, though. Guess my todo list gets longer.. :-) But given the fact that I store the key on the same hard-disk with the shadowed user-pw I could also leave that openssl-part straight away, correct?? seems the same level of (in)security to me ... Yes. The point of keyfiles is to be able to change the password on a volume. Without a keyfile, a crypto program would take the password, hash it somehow, and you get your AES key. Changing the password means having a different AES key, meaning decrypting the disk will yield a different result. In other words, changing the password would require at least reading the old data, reencrypting it and writing it again. Takes time. With a keyfile, you retain the same AES key all the time, and encrypt the AES key itself - reencrypting the AES key is quick, as it's only some xyz bits, not terabytes. That's not true for LUKS. This is one of the nice things about it: Multiple keys can be used on a volume, and it is possible to change the passwords in a safe way. (You have 8 key slots, each can be used to decrypt the volume. To change a PW use a new slot, then remove the old one.) The trick here is that LUKS does by itself safely, what you are trying to do with the SSL-key in a hackish way (no offense). The key setup scheme is a modified TKS1 (nice Paper: http://clemens.endorphin.org/TKS1-draft.pdf - read section 2 Two Level Encryption) which uses the keys in the key slots to encrypt a master key which is used to encrypt the volume. So the only key(s) you ever change is the key(s) encrypting the master key. LUKS really does by itself already, what you are doing :) So I'm pretty sure, that it is safer to use the LUKS key setup (that has been peer-reviewed by security experts), than a self written shell script. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure
On 05/17/2010 11:14 AM, Stefan G. Weichinger wrote: Am 16.05.2010 14:36, schrieb Jan Engelhardt: [Replying to http://thread.gmane.org/gmane.linux.gentoo.user/229533/focus=229542 ] In my personal opinion, both the quality of shell commands and key generation is suboptimal. What makes it bad is that people follow it. First, it generates a key which does not exploit the entire space. People claim it's because they want an ASCII readout, but frankly, you get the same with `hexdump -C`. Second, it's using echo without the -n parameter, thus implicitly inserting a newline into the key -- which is the cause for yoru observed mounting problems. Third, because you are passing the key via stdin into cryptsetup, it only uses the first line of whatever you pipe into it; whereas pam_mount uses the entire keyfile as it is supposed to be. (Fourth, the howto suggests ECB, which, well, looks rather weak considering the ECB's Tux picture on Wikipedia.) All of that should be in doc/bugs.txt, and mount.crypt even warns about ECB. You really cannot ignore seeing that. Phew! Jan, thanks for your suggestions. I created a new LUKS-volume and tried to avoid all the mentioned pitfalls (I used echo -n, avoided stdin etc.), but this didn't help here. The new volume is not mounted with pam_mount-2.1, but mounted OK with pam_mount-1.33. And, btw, as mentioned in the original thread, I use CBC, not ECB ;-) -- Your CCing Daniel didn't work maybe, wrong address, I corrected it for this reply) -- I CC: ha...@gentoo.org to link to the gentoo bug http://bugs.gentoo.org/show_bug.cgi?id=318865 Thanks, regards, Stefan Hello :) In a more general discussion I wonder what the advantage of using a SSL encrypted key for HDD-encryption is. As the SSL-keyfile is as well protected as the password to decrypt it is difficult, so would be a directly encrypted HDD with the same password - or not? If this assumption is correct, then I think the direct approach would be better, as in less complexity - less errors. For the paranoid I think it is much easier to hide a trojan/keylogger on an unencrypted root-partition than in an initramfs - and not be detected. (Both is easy to do, but the latter can be detected easier.) Unfortunately that detection is never done... after opening the root-dev some form of file-/partition-manipulation check should run. Though the kernel could be already compromised... Only a secure boot-path like with TCG is really secure... well this is only if you fear strong attackers, and not only loosing your notebook :) I head that really strong attackers would hide a keylogger beneath your keyboard... but if you have that kind of opponent, then you really have other problems too :) /For the paranoid Anyway - if your /tmp is not encrypted you should put it on a ram-disk: gives you speed and privacy in case of robbery. Also important is to have the screensaver lock the screen. On a technical note: I use xts as I read it's a good (although new) algo. Bye, Daniel BTW: No need to CC mailing list mails to me - I'll read and reply the ML-thread when I have time :) -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure.
On 05/07/2010 11:14 PM, Stefan G. Weichinger wrote: Am 07.05.2010 16:24, schrieb Stefan G. Weichinger: Am 07.05.2010 10:53, schrieb Stefan G. Weichinger: I think I am gonna file a bug for this now. http://bugs.gentoo.org/show_bug.cgi?id=318865 Aside from the potential bug: As I store the verysekrit.key on the same hdd as the encrypted device and use the rather simple shadowed password to decrypt that key ... isn't that just plain stupid? The overall security is just as good as my password. Cracking it with john opens the key to decrypting the LUKS-volume ... Yes, if I would store the key on another volume (stick or something) as mentioned in that howto it would make sense but in my case ... *scratches head* ;-) Stefan I prefer to encrypt my entire harddisk. Well - a hugh partition (excl. only Windows and Solaris :) which I encrypt, then the decrypted partition is used as a PV for LVM and all OS and partitions an in LVs. This way I have to type in the password to decrypt the PV once, and all LVs are decrypted. Then I have to use a second PW to login of course. As all Linux destros support encrypted roots and LVM nowadays I have Gentoo, Fedora and Ubuntu all in the same VG. The speed disadvantage is small, as my CPU+RAM is so much faster than the HDD. But in terms of security it's better to have everything encrypted, because it makes it more difficult to manipulate your system to get the key (the kernel is still unencrypted), and no possibly private information can be obtained from /tmp and /var. I compile all needed modules into the kernel, so I don't need to recreate my initrd for every new kernel. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure.
On 05/05/2010 10:23 PM, Stefan G. Weichinger wrote: Am 05.05.2010 22:17, schrieb Stefan G. Weichinger: Remember that I said: I am not sure which HOWTO I followed ? What if I didn't use aes-256-ecb? You don't need to supplay that information to cryptsetup, it can (should) autodetect it. To see that info for yourself run: $ cryptsetup luksDump /dev/mapper/VG01-crypthome Yep. See pam_mount.conf.xml: It's aes-256-cbc in my case. I was now able to luksOpen and I have the decrypted device mounted. Hooray :) Nice. So: the user-pw didn't change and the keyfile is OK. So why is pam_mount unable to mount it? I will now pull another backup and check/add fallback keys ;-) There are interesting options in the cryptsetup-man page: luksHeaderBackup and luksHeaderRestore... I think I'll add that to my backup scripts :) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Ldap authentication issues.
On 05/05/2010 02:02 AM, Indexer wrote: I have solved this issue late last night. I took my inspiration from fedora, who has a really nice automatic tool for adding ldap servers, and i looked at their changes. The issue was that pam_unix was set as required, not sufficient / optional. I also found that in fedora they do includes in their pam, and my setup did not have it so you need to modify the correct module for the system, you are using. Find below my corrected pam config, and i will do a write up of this process. nice :) I have also found that when the user logs in it takes a long tine for commands to execute, and in this time it sends alot of requests to the slapd server, using anonymous binds. Any idea how i make anonymous binds return attrs such as groupUid etc? You have to allow that using ACLs in slapd.conf. In your first post they were: access to attrs=userPassword by dn=uid=william,ou=Admin,dc=chocolate,dc=lan write by anonymous auth by self write by * none access to * by self write by users read I think you should have at least this: access to dn.base= by * read So that anonymous can at least get to the root of your LDAP tree. This is important to some clients (especially SASL). And then I'd also open up read access to anonymous for everything else, or at least Users+Groups, as that is also the case with /etc/passwd. There is really no point in being more secretive than file permissions on /etc/passwd. access to * by * read or, more secure I think: access to ou=Group,dc=chocolate,dc=lan by dn.subtree=ou=Admin,dc=chocolate,dc=lan write by * read access to ou=Admin,dc=chocolate,dc=lan by dn.subtree=ou=Admin,dc=chocolate,dc=lan write by * read access to ou=Users,dc=chocolate,dc=lan by dn.subtree=ou=Admin,dc=chocolate,dc=lan write by * read I'm not 100% sure with the by dn.subtree=... though I think that should work ($ man slapd.access). Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure.
On 05/05/2010 06:42 AM, Stefan G. Weichinger wrote: Am 04.05.2010 23:24, schrieb Daniel Troeder: I'm using sys-fs/cryptsetup-1.1.1_rc1 since 02.05.2010 and didn't have any issues. Please decrypt your partition from the command line, so we can see if it is a cryptsetup/luks/kernel problem or a pam_mount problem. Cmdline should something like: $ sudo cryptsetup -d /etc/security/verysekrit.key luksOpen /dev/mapper/VG01-crypthome myhome Which should create /dev/mapper/myhome. My user sgw is currently not allowed to sudo this (should it be? it never was). And for root it says Kein SchlĂĽssel mit diesem Passsatz verfĂĽgbar. (german) which should be No key available with this passphrase. in english. That is a message from cryptsetup. As you are using openssl to get the key, I think the problem might be there. I followed the guide you linked here (website is down, but google-cache works: http://webcache.googleusercontent.com/search?q=cache:7eaSac72CoIJ:home.coming.dk/index.php/2009/05/20/encrypted_home_partition_using_luks_pam_+encrypted_home_partition_using_luks_pamcd=2hl=dect=clnkgl=declient=firefox-a) and it works for me (kernel is 2.6.33-zen2): lvcreate -n crypttest -L 100M vg0 KEY=`tr -cd [:graph:] /dev/urandom | head -c 79` echo $KEY | openssl aes-256-ecb verysekrit.key openssl aes-256-ecb -d -in verysekrit.key # (aha :) openssl aes-256-ecb -d -in verysekrit.key | cryptsetup -v --cipher aes-cbc-plain --key-size 256 luksFormat /dev/vg0/crypttest openssl aes-256-ecb -d -in verysekrit.key | cryptsetup luksOpen /dev/vg0/crypttest decryptedtest cryptsetup luksClose crypttest # (i couldn't close it... don't know why...) The key that cryptsetup is given to decrypt the partition is created by openssl from the file. Please check the output of $ openssl aes-256-ecb -d -in verysekrit.key under both kernel - it should be identical. BTW: You'll get your error message if you run: $ echo notmykey | cryptsetup luksOpen /dev/vg0/crypttest decryptedtes Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure.
On 05/05/2010 10:42 AM, Stefan G. Weichinger wrote: Am 05.05.2010 10:00, schrieb Daniel Troeder: That is a message from cryptsetup. As you are using openssl to get the key, I think the problem might be there. ok lvcreate -n crypttest -L 100M vg0 KEY=`tr -cd [:graph:] /dev/urandom | head -c 79` echo $KEY | openssl aes-256-ecb verysekrit.key openssl aes-256-ecb -d -in verysekrit.key # (aha :) openssl aes-256-ecb -d -in verysekrit.key | cryptsetup -v --cipher aes-cbc-plain --key-size 256 luksFormat /dev/vg0/crypttest openssl aes-256-ecb -d -in verysekrit.key | cryptsetup luksOpen /dev/vg0/crypttest decryptedtest cryptsetup luksClose crypttest # (i couldn't close it... don't know why...) The key that cryptsetup is given to decrypt the partition is created by openssl from the file. Please check the output of $ openssl aes-256-ecb -d -in verysekrit.key under both kernel - it should be identical. At first, thank you for your time and work! Tried that. I have to admit that I don't know the decryption password ... but as far as I understand it should be the same as the unix-password of the user sgw. pam_mount.so should read it when I log in, correct? Yes. Than pam_mount man page (http://linux.die.net/man/8/pam_mount) says so. It's actually quite verbose on the topic. With this password I get a bad decrypt so this explains why it fails. If you cannot decrypt your keyfile (with openssl) then you have just lost any way to decrypt your partition! But there is an idea in the man page of which I didn't think: did you maybe change your users password? If so, you need to use the old pw to decrypt the keyfile. If you can, then you can use the new pw to encrypt the key again (make backups of the original file). There is also the possibility your keyfile was corrupted somehow (file system corruption?). Do you have a backup of the keyfile (and your data:)? BTW: a LUKS encrypted partition can have 8 keys (in so called key slots), so that you can add a fallback key the next time, which you store at a trusted place. Good luck, Daniel Please let me repeat/point out that it is the same for 3 kernels (2.6.32-r1, 2.6.33-r[12] ... ), so I should change the subject to stay correct ... BTW: You'll get your error message if you run: $ echo notmykey | cryptsetup luksOpen /dev/vg0/crypttest decryptedtes Yes, correct. - I really wonder what the reason is ... should I downgrade openssl? Thanks Stefan -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure.
On 05/04/2010 09:28 PM, Stefan G. Weichinger wrote: Am 04.05.2010 19:38, schrieb Stefan G. Weichinger: I don't yet have the whole picture ... I did some emerge -avuDN world, quite some packages updated even though I am doing emerge -avu world nearly every day ... After a reboot and setting debug to 1 for pam_mount it says: May 4 21:25:38 enzo slim: pam_mount(pam_mount.c:364): pam_mount 2.0: entering auth stage May 4 21:25:38 enzo slim: gkr-pam: invalid option: use_first_pass May 4 21:25:38 enzo slim: pam_unix(slim:session): session opened for user sgw by (uid=0) May 4 21:25:38 enzo slim: pam_mount(pam_mount.c:552): pam_mount 2.0: entering session stage May 4 21:25:38 enzo slim: pam_mount(misc.c:38): Session open: (uid=0, euid=0, gid=0, egid=0) May 4 21:25:38 enzo slim: pam_mount(mount.c:196): Mount info: globalconf, user=sgw volume fstype=crypt server=(null) path=/dev/mapper/VG01-crypthome mountpoint=/home/sgw cipher=aes-cbc-plain fskeypath=/etc/security/verysekrit.key fskeycipher=aes-256-cbc fskeyhash=md5 options=data=journal,commit=15 / fstab=0 May 4 21:25:38 enzo slim: command: 'mount.crypt' '-ocipher=aes-cbc-plain' '-ofsk_cipher=aes-256-cbc' '-ofsk_hash=md5' '-okeyfile=/etc/security/verysekrit.key' '-odata=journal,commit=15' '/dev/mapper/VG01-crypthome' '/home/sgw' May 4 21:25:38 enzo slim: pam_mount(misc.c:38): set_myuidpre: (uid=0, euid=0, gid=0, egid=0) May 4 21:25:38 enzo slim: pam_mount(misc.c:38): set_myuidpost: (uid=0, euid=0, gid=0, egid=0) May 4 21:25:40 enzo slim: pam_mount(mount.c:64): Errors from underlying mount program: May 4 21:25:40 enzo slim: pam_mount(mount.c:68): crypt_activate_by_passphrase: Operation not permitted May 4 21:25:40 enzo slim: pam_mount(pam_mount.c:520): mount of /dev/mapper/VG01-crypthome failed May 4 21:25:40 enzo slim: command: 'pmvarrun' '-u' 'sgw' '-o' '1' May 4 21:25:40 enzo slim: pam_mount(misc.c:38): set_myuidpre: (uid=0, euid=0, gid=0, egid=0) May 4 21:25:40 enzo slim: pam_mount(misc.c:38): set_myuidpost: (uid=0, euid=0, gid=0, egid=0) May 4 21:25:40 enzo slim: pam_mount(pam_mount.c:440): pmvarrun says login count is 1 May 4 21:25:40 enzo slim: pam_mount(pam_mount.c:642): done opening session (ret=0) May 4 21:25:40 enzo slim: pam_mount(pam_mount.c:115): Clean global config (0) May 4 21:25:40 enzo slim: pam_mount(pam_mount.c:132): clean system authtok=0x80e6870 (0) May 4 21:25:40 enzo seahorse-daemon[1426]: DNS-SD initialization failed: Daemon not running May 4 21:25:40 enzo seahorse-daemon[1426]: unsupported key server uri scheme: ldap May 4 21:25:40 enzo seahorse-daemon[1426]: init gpgme version 1.3.0 May 4 21:25:41 enzo pulseaudio[1475]: module-alsa-card.c: Failed to find a working profile. May 4 21:25:41 enzo pulseaudio[1475]: module.c: Failed to load module module-alsa-card (argument: device_id=5 name=platform-thinkpad_acpi card_name=alsa_card.platform-thinkpad_acpi tsched=yes ignore_dB=no card_properties=module-udev-detect.discovered=1): initialization failed. May 4 21:25:41 enzo polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session3 (system bus name :1.49 [/usr/libexec/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8) - (maybe I pasted too much, this was everything from typing my username to the Gnome-session opened, but with the wrong /home for user sgw) Some bits of additional info: # cat /etc/pam.d/system-auth auth requiredpam_env.so auth requiredpam_unix.so try_first_pass likeauth nullok auth optional pam_mount.so auth optional pam_gnome_keyring.so account requiredpam_unix.so password requiredpam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password optional pam_gnome_keyring.so password requiredpam_unix.so try_first_pass use_authtok nullok sha512 shadow session requiredpam_limits.so session optional pam_gnome_keyring.so auto_start session requiredpam_env.so session requiredpam_unix.so session optionalpam_permit.so session optional pam_mount.so # cat /etc/security/pam_mount.conf.xml ?xml version=1.0 encoding=utf-8 ? !DOCTYPE pam_mount SYSTEM pam_mount.conf.xml.dtd !-- See pam_mount.conf(5) for a description. -- pam_mount !-- debug should come before everything else, since this file is still processed in a single pass from top-to-bottom -- debug enable=0 / !-- Volume definitions -- !-- volume user=username path=/dev/mmcblk0p1 mountpoint=/mnt/mmc fstype=auto / -- volume user=sgw path=/dev/mapper/VG01-crypthome mountpoint=/home/sgw fstype=crypt options=data=journal,commit=15 cipher=aes-cbc-plain
Re: [gentoo-user] Ldap authentication issues.
On 05/03/2010 02:37 PM, Indexer wrote: On 03/05/2010, at 9:41 PM, Ward Poelmans wrote: On Mon, May 3, 2010 at 09:41, Indexer inde...@internode.on.net wrote: I am currently trying to make a ldap server which i can use to authenticate users. Sadly a large number of how to's are incomplete and don't work, so after reading alot of how to's and manuals I have got 99.9% of the way. On attempting to authenticate a user it denies the user access with a error from auth.log May 4 02:21:08 nemo sshd[1271]: error: PAM: authentication error for william from 172.20.0.1 What does you ssh file in /etc/pam.d look like? # auth authsufficient pam_opie.so no_warn no_fake_prompts authrequisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass #auth sufficient /usr/local/lib/pam_ldap.so no_warn use_first_pass authrequiredpam_unix.so no_warn try_first_pass # account account requiredpam_nologin.so #accountrequiredpam_krb5.so account requiredpam_login_access.so account requiredpam_unix.so #accountrequired/usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user # session #sessionoptionalpam_ssh.so session requiredpam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass passwordrequiredpam_unix.so no_warn try_first_pass Ward I was under the impression that SSH was able to use pam from the system module? I will try this out now uncommenting the ldap settings. Can the user login from a console? And what about su - william from a non-root account? (From a root-account it should work without problems.) Daniel
Re: [gentoo-user] Ldap authentication issues.
On 05/03/2010 09:41 AM, Indexer wrote: I am currently trying to make a ldap server which i can use to authenticate users. Sadly a large number of how to's are incomplete and don't work, so after reading alot of how to's and manuals I have got 99.9% of the way. On attempting to authenticate a user it denies the user access with a error from auth.log May 4 02:21:08 nemo sshd[1271]: error: PAM: authentication error for william from 172.20.0.1 I can succesfully search the ldap with this user binding to the ldap ldapsearch -x -D uid=william,ou=Admin,dc=chocolate,dc=lan -W '(uid=william)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base dc=chocolate,dc=lan (default) with scope subtree # filter: (uid=william) # requesting: ALL # # william, Admin, chocolate.lan dn: uid=william,ou=Admin,dc=chocolate,dc=lan uid: william cn: william objectClass: account objectClass: posixAccount objectClass: shadowAccount objectClass: top loginShell: /bin/bash uidNumber: 1 gidNumber: 1 homeDirectory: /home/william userPassword:: e1NTSEF9Z3BQd05Lc3JUMWwxSVNhOVQvN1dPb3ZOcnVBSXJwVTE= gecos: William Brown description: William Brown shadowLastChange: 1 shadowMax: 0 shadowExpire: 0 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Slapd when trying to authenticate shows this. /usr/local/libexec/slapd -4 -d 256 slapd starting conn=0 fd=10 ACCEPT from IP=127.0.0.1:28629 (IP=0.0.0.0:389) conn=0 op=0 BIND dn= method=128 conn=0 op=0 RESULT tag=97 err=0 text= connection_input: conn=0 deferring operation: binding conn=0 op=1 SRCH base=ou=Nemo,ou=Group,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixGroup)) conn=0 op=1 SRCH attr=cn userPassword memberUid uniqueMember gidNumber conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=0 op=2 SRCH base=ou=Marvin,ou=Group,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixGroup)) conn=0 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber conn=0 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= conn=0 fd=10 closed (connection lost) conn=1 fd=10 ACCEPT from IP=127.0.0.1:43475 (IP=0.0.0.0:389) conn=1 op=0 BIND dn= method=128 conn=1 op=0 RESULT tag=97 err=0 text= connection_input: conn=1 deferring operation: binding conn=1 op=1 SRCH base=ou=Admin,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixAccount)(uid=william)) conn=1 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire = bdb_equality_candidates: (uid) not indexed conn=1 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=2 fd=12 ACCEPT from IP=127.0.0.1:15318 (IP=0.0.0.0:389) conn=2 op=0 BIND dn= method=128 conn=2 op=0 RESULT tag=97 err=0 text= connection_input: conn=2 deferring operation: binding conn=2 op=1 SRCH base=ou=Admin,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixAccount)(uid=william)) conn=2 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire = bdb_equality_candidates: (uid) not indexed conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=2 op=2 SRCH base=ou=Admin,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixAccount)(uid=william)) conn=2 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire = bdb_equality_candidates: (uid) not indexed conn=2 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=2 fd=12 closed (connection lost) conn=3 fd=12 ACCEPT from IP=127.0.0.1:63485 (IP=0.0.0.0:389) conn=3 op=0 BIND dn= method=128 conn=3 op=0 RESULT tag=97 err=0 text= connection_input: conn=3 deferring operation: binding conn=3 op=1 SRCH base=ou=Admin,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixAccount)(uid=william)) conn=3 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire = bdb_equality_candidates: (uid) not indexed conn=3 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=3 op=2 SRCH base=ou=Admin,dc=chocolate,dc=lan scope=1 deref=0 filter=((objectClass=posixAccount)(uid=william)) conn=3 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire = bdb_equality_candidates: (uid) not indexed conn=3 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= conn=3 fd=12 closed (connection lost) conn=1 fd=10 closed (connection lost) Here is my /etc/ldap.conf base dc=chocolate,dc=lan suffix dc=chocolate,dc=lan uri ldap://ldap.srv.chocolate.lan ldap_version 3 rootbinddn cn=Manager,dc=chocolate,dc=lan scope one timelimit 3 bind_timelimit 3 bind_policy soft
Re: [gentoo-user] X11 and HP2475w: First steps?
On 04/10/2010 10:21 AM, meino.cra...@gmx.de wrote: Hi, before damaging delicate electronic equipment I want to ask, what the best way is to switch from a 1600x1200 pixel analogous Iiyama monitor to an Flat panel HP2475w (LCD) with 1980x1200 pixel monitor? Graphics card is a (info via lspci): nVidia Corporation G73 [GeForce 7600 GT] (rev a2) With one analog and one digital output. Thank you very much for any help in advance! Keep hacking! mcc Hi, I'm not sure if I understand your question correctly... Do you have 2 screens, and want to switch the output of your gfx-card from one screen to the other? You could use both at the same time :) Anyway - xrandr is your friend. To see your adapters and modes run xrandr without options, then use something like xrandr --output VGA --off --output LCD --auto (maybe use --mode 1920x1200 instead of --auto. You have to experiment with this... Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Re: ffmpeg threads parameter
On 03/28/2010 04:02 AM, 7v5w7go9ub0o wrote: On 03/27/10 21:17, Nikos Chantziaras wrote: On 03/28/2010 02:40 AM, 7v5w7go9ub0o wrote: Some ffmpeg-using applications (e.g. mplayer) allow you to pass numbers of threads (e.g. I use 6 on my Core-I7) to ffmpeg; others (e.g. chromium) do not. First, mplayer uses its own bundled ffmpeg. It doesn't use media-video/ffmpeg at all. Furthermore, this is not what the threads USE flag does for ffmpeg. Thank you for replying!!! What would you guess the threads parameter is for ffmpeg? I've not found an explanation, and thought it might be the author catching up with Alexander Strange. http://ffmpeg.org/ffmpeg-doc.html The normal ffmpeg probably (just guessing here) uses threads for asynchronous i/o, buffering etc.. ffmpeg-mt includes a H.264 codec that decodes (and encodes?) HD videos with multiple threads. Maybe there are even more codecs that they have multithreaded, and probably a lot of infrastructure code had to be changed as well. Bye, Daniel Those applications that allow you to specify an amount of threads assume you're using ffmpeg-mt instead of normal ffmpeg. ffmpeg-mt is a fork of ffmpeg and is not in Portage because it's still considered non-stable upstream. There's an ebuild in Gentoo Bugzilla for ffmpeg-mt and an mplayer that uses ffmpeg-mt as its bundled ffmpeg version. The mt mplayer ebuild can also be found in the wirelay overlay (it's in layman.) AH! I had switched from bugzilla to the overlay for mplayer (thank you for providing it); but was unaware that ffmpeg-mt had a separate ebuild. Where is it, please? So the same question, then, for ffmpeg-mt; if I replace ffmpeg with ffmpeg-mt after setting a default of 6, can you imagine any problems (other than it is not stable)? Thanks for the help! -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Playing Apple Trailers
On 03/22/2010 07:58 AM, Mick wrote: What's the trick for playing Apple Trailers these days? It used to work fine years ago, but now all I get is a pop-up telling me to download Apple's Quicktime player. :-( I looked for mplayer USE flags to enable it, but can't find any. I did find media-libs/libquicktime, but I am not sure if this is needed or which video player will use it. You have to use $ mplayer -user-agent=QuickTime/7.6.2 http://trailers.apple.com/movies/disney/aliceinwonderland/aliceinwonderland-clip1_480p.mov $ echo user-agent=QuickTime/7.6.2 ~/.mplayer/config The links on the web pages don't work for me - I search for the URL in the HTML-source :( Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] When copying an os to new disk
On 02/19/2010 09:34 PM, Harry Putnam wrote:
I'm currently rsyncing an OS (new gentoo install) from one vmware disk
to a newly created one.
I know not to copy /proc but not sure about /dev. Looking at an
unbooted OS disk with an install on it... I see /dev/ is populated
(with no boot up), but I recall seeing things during boot like
`populating /dev' (I think).
So should I copy it over to new disk or not?
OH, what this is all about is maybe worth mention here for someone
else doing similar.
I opened a vmware appliance (pre made install of gentoo 1008),
thinking I'd be able to fairly quickly get it up to date.
The reason I went with the premade appliance is that I've tried
several times to get a vmware gentoo guest going but always have
trouble when booting off the newly built kernel. I've fussed with
that repeatedly and only managed long ago to get one gentoo vmware
guest running. (There was quite a tirade of threads initiated by me
here back then),
So anyway the appliance turned out to be a real chore to get
updated... Circular dependancies involving different versions of
portage and somekind of api... maybe eapi1 not working with various
pkgs, all in all a big nasty circle jerk... so went ahead and tried
the `from scratch' route.
And true to form having plenty of trouble getting my kernel to see the
vmware disk I installed on, once I boot off the new kernel.
I chose to install on a scsi disk as recommended by vmwares' help.
That, I think is where the rub currently is.
I noticed the appliance (From bagvapp) was built on an IDE disk, And
its worth noting that even when booting from the appliance,,, that
kernel doesn't see the scsi disk either... (with fdisk).
So the livecd kernel sees both the appliance IDE disk and the scsi
disk I installed on. That kernel appears to be genkernel built and
uses the initrd approach, so all mod are in play before the actual
kernel starts booting.
Anyway, cutting to the chase, I added an IDE disk myself and am copying
the OS from the original SCSI to the IDE (I foolishly did quite a bit
of emerging and configuring from the chroot before actually testing if
it would boot so, don't wan't to lose that work and do another fresh
install).
So, I'm about to find out if any of it is going to work but wondered
about copying /dev/ over.
You can copy static /dev - no problem. When udev starts it will just
mount its own stuff over the static /dev. You do actually always need
some files to boot: at least /dev/null and often also
/dev/{tty*,console} and possibly others (depends on your init system).
Anyway: copying /dev is a good idea.
Bye,
Daniel
--
PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get
# gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887
signature.asc
Description: OpenPGP digital signature
Re: [gentoo-user] Find out what emerge is up to in a large number of installations.
On 02/16/2010 06:56 PM, ubiquitous1980 wrote: If emerge has a large number of installs to do, for example, during a world update, and I am in a tty, how would I find which one emerge is up to? Not sure if I understand your question, but you possibly want to take a look at /var/log/emerge.log -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] help with inaccessible (trashed?) file
On 02/07/2010 11:08 PM, Walt Rarus wrote: WALRUS ~ # whoami root WALRUS ~ # ls -l /usr/portage/x11-misc/icesndcfg/ ls: cannot access /usr/portage/x11-misc/icesndcfg/icesndcfg-1.3.ebuild: Permission denied total 12 -rw-r--r-- 1 rootroot2675 2008-05-09 09:37 ChangeLog -rw-r--r-- 1 rootroot 771 2008-05-09 09:37 Manifest ?? ? ? ? ?? icesndcfg-1.3.ebuild -rw-r--r-- 1 portage portage 224 2003-07-07 09:54 metadata.xml The situation with icesndcfg-1.3.ebuild above is disallowing a complete emerge --sync. I don't know how to resolve the problem since even root can't access/overwrite this (bogus?) file. Any help available? Most likely a filesystem corruption. - fsck signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] GNOME: Selecting shut down in the menu sometimes lands me back a gdm login screen.
On 02/02/2010 06:10 PM, ubiquitous1980 wrote: Selecting shut down in the menu sometimes lands me back a gdm login screen. At other times, the computer shuts down normally. When I had similar problems it was sometimes because of permission-problems when talking to some service over the dbus. Check your ~/.xsession-errors for dbus-send errors. Just a wild guess :) Daniel signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] GNOME: Selecting shut down in the menu sometimes lands me back a gdm login screen.
On 02/03/2010 05:50 PM, ubiquitous1980 wrote: Alan McKinnon wrote: On Wednesday 03 February 2010 09:15:05 ubiquitous1980 wrote: Daniel Troeder wrote: On 02/02/2010 06:10 PM, ubiquitous1980 wrote: Selecting shut down in the menu sometimes lands me back a gdm login screen. At other times, the computer shuts down normally. When I had similar problems it was sometimes because of permission-problems when talking to some service over the dbus. Check your ~/.xsession-errors for dbus-send errors. Just a wild guess :) Daniel It hasn't done it in the last few reboots, but I have nopasted it: http://dpaste.com/154084/ to see if you might find any problems Please don't use short-lived URL shorteners here. This list is archived and after a time your posted info goes away and cannot help any future user. The post was very small anyway and it's perfectly acceptable to insert it in- line. No worries Alan. Here are the full details of that config file. /etc/X11/gdm/Xsession: Beginning session setup... which: no keychain in (/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.3.4:/usr/lib64/subversion/bin:/usr/games/bin) /etc/X11/gdm/Xsession: Setup done, will execute: gnome-session GNOME_KEYRING_SOCKET=/tmp/keyring-OaCPoA/socket SSH_AUTH_SOCK=/tmp/keyring-OaCPoA/socket.ssh shm_open() failed: Permission denied Window manager warning: Failed to read saved session file /home/ubiquitous1980/.config/metacity/sessions/10f50da8e07be8ee3112651893384549780046660017.ms: Failed to open file '/home/ubiquitous1980/.config/metacity/sessions/10f50da8e07be8ee3112651893384549780046660017.ms': No such file or directory (gnome-settings-daemon:4705): GLib-GObject-CRITICAL **: g_param_spec_flags: assertion `G_TYPE_IS_FLAGS (flags_type)' failed (gnome-settings-daemon:4705): GLib-GObject-CRITICAL **: g_object_class_install_property: assertion `G_IS_PARAM_SPEC (pspec)' failed ** Message: NumLock remembering disabled because hostname is set to localhost shm_open() failed: Permission denied shm_open() failed: Permission denied shm_open() failed: Permission denied shm_open() failed: Permission denied ** (gnome-volume-control-applet:4822): DEBUG: Disabling debugging shm_open() failed: Permission denied shm_open() failed: Permission denied shm_open() failed: Permission denied Failure: Module initalization failed ** (nm-applet:4811): WARNING **: WARN request_name(): Could not acquire the session service as it is already taken. Return: 3 ** (nm-applet:4811): WARNING **: WARN constructor(): Couldn't initialize the D-Bus manager. ** Message: Initializing gksu extension... (gnome-panel:4771): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate widget with width -9 and height 24 Unable to open desktop file epiphany.desktop for panel launcher Unable to open desktop file evolution.desktop for panel launcher ** (nautilus:4792): WARNING **: Unable to add monitor: Not supported ** (nautilus:4792): WARNING **: Unable to add monitor: Not supported error: option --qt not a unique prefix HP Linux Imaging and Printing System (ver. 2.8.6b) System Tray Status Service ver. 0.1 Copyright (c) 2001-8 Hewlett-Packard Development Company, LP This software comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to distribute it under certain conditions. See COPYING file for more details. Usage: hp-systray [OPTIONS] [OPTIONS] Force Qt3: --qt3 (default) Force Qt4: --qt4 Startup even if no -x or --force-startup hplip CUPS queues are present: Set the logging -llevel or --logging=level level: level: none, info*, error, warn, debug (*default) Run in debug mode: -g (same as option: -ldebug) This help -h or --help information: ** (gnome-settings-daemon:4705): WARNING **: No screensaver available No running windows found Window manager warning: Buggy client sent a _NET_ACTIVE_WINDOW message with a timestamp of 0 for 0x2200045 (Mozilla Fi) Window manager warning: meta_window_activate called by a pager with a 0 timestamp; the pager needs to be fixed. Window manager warning: Buggy client sent a _NET_ACTIVE_WINDOW message with a timestamp of 0 for 0x2200045 (Mozilla Fi) Window manager warning: meta_window_activate called by a pager with a 0 timestamp; the pager needs to be fixed. It hasn't done it in the last few reboots
Re: [gentoo-user] What magic does portage use?
On 12/11/2009 08:00 PM, Dale wrote: Alan McKinnon wrote: On Friday 11 December 2009 17:07:17 Dale wrote: Alan McKinnon wrote: On Friday 11 December 2009 15:16:01 Dale wrote: Rebooting will also do all of this but it is not needed. From a technical stand point, the only time you must reboot is to load a new kernel. And these days, not even then :-) [it requires some voodoo but is certainly possible] [[and I don't mean build and install a new kernel, I really do mean loa ti into memory and run it, dispensing with the old one]] I have read about that but never read something from someone who has actually done it. I have always been curious as to how that would work, in reality not just theory. kexec and CONFIG_RELOCATABLE I have also wondered why a person would go to all that trouble. Wouldn't all the services have to be restarted anyway? Nope. userspace ABI is stable so services just carry on as normal once he new kernel comes up. You don't need to restart SeaMonkey if you restart a local apache on your machine - same thing That would be cool of you had a system that just couldn't be rebooted. Is there such a thing tho? What would be the reason a machine just could not be rebooted? I guess one would be if the puter was on planet Mars maybe? Is that how NASA does it? lol Could you imagine getting a blue screen of death on a computer that is on Mars? O_O Dale :-) :-) A real world scenario would be a bank server doing transactions. Those big irons do never ever get shut down. (But they also don't ever get really updated ;) Did you know, that they still use cobol-code from decades ago. The code has to interact with newer systems, but the existing code is not allowed to be altered, they just run it inside hugh java application servers on their main frames :D Bye, Daniel -- use PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] What magic does portage use?
On Fri, 2009-12-11 at 07:16 -0600, Dale wrote: Helmut Jarausch wrote: On 11 Dec, Alan McKinnon wrote: On Friday 11 December 2009 11:11:41 Helmut Jarausch wrote: Hi, I'm curious how portage solves its most difficult part (in my eyes). When installing a dynamic library (by hand) I have often got an error messages if the corresponding library is currently in use. How does portage succeed anyway. (I have the suspicion that it does not succeed always, since sometimes only rebooting solves some very strange problems) How to replace fundamental X11-libaries on a system running X11 or even more suprising, how can I replace a running glibc ? Many thanks for enlightening me, Helmut. Portage does nothing special, as dealing with this is a Unix thing. On Unix, the inode is the file, not the directory entry. If you want to replace an open file, the system simply does it and updates the dentry to point to a new inode. Any spp using the old file will continue to use it as it still has a handle to the inode. The inode is only fully deleted when the last app using it closes it If you update a library to a new version with an API break, the lib should get a new soname so the file is a different name, hence no collision (symlinks to libraries excepted). This is how it should work, any code that tries to do it a different way is by definition broken, that's why portage needs take no special measures. All of this is in complete contrast to other broken systems, such as Windows for example. On Windows, the filename IS the file, so upgrades are horrible. Installers must put the file somewhere else and have the final steps and registry updates done at next reboot before anything has a chance to open libs. This is why fairly deep updates on Windows often require multiple reboot - multiple apps installed multiple libs to be fiddled with multiple times Many thanks Alan, so I conclude that rebooting IS necessary to get the new libraries used, isn't it? On the other hand running applications should continue to run, which is not always the case, e.g. recently using cvs as non-root user just hanged. Rebooting the system solved it (since I update my system nearly each day). Thanks again Alan, Helmut. I'll add two cents here. Let's say I upgrade Seamonkey which is my web browser / email program. I sync and notice there is a update to Seamonkey available and I let emerge update it. When the install is complete, I don't have to reboot or even log out of KDE. All I have to do is close Seamonkey and start it again. It will then load the new updated version and run it. The same could be said for a service like cups. If you update cups, all you have to do is restart the service. It will stop the old service then load up the new service that was just installed. Just a simple /etc/init.d/cupsd restart will work just fine. If you upgrade something kde, say kdelibs or some other kde base package, then all you need to do is log out of KDE and log back in again. Sort of the same with updating xorg, logout, go to a console and restart xdm or whatever you use to start X. I usually use the ctrl alt backspace key but restarting the service is better, or so some have said anyway. Rebooting will also do all of this but it is not needed. From a technical stand point, the only time you must reboot is to load a new kernel. Hope that helps a little. Dale :-) :-) I absolutely concur with Alan and Dale, I just want to warn a bit about complex X11-environments like gnome or kde. If you logout and login again, it is NOT secure, that all gnome/kde/qt apps have been closed. There are services (gconf, kded, pulse, etc) that take a time to quit, or sometimes just don't :( Then, when an app was linked against a symlink, and that left-over-app too, the dynamic loader may not load a newly installed library, but reuses the one in memory (from the left-over-app). [1] It's still valid, that no reboot is needed, but you sure can be unlucky :) Bye, Daniel [1] don't take this info for granted, I'm no expert in this - just what I understood from reading... -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] Bittorent black box
On Tue, 2009-11-24 at 00:02 +0100, laurent wrote: Hi, I would like to use my server as bittorent client and maybe tracker later. I would like to have a web interface but I could also develop it myself later. I saw, qbittorent and hrktorrent that looks good. I don't know any features of the last one. What would you recommend to use? thanks Laurent I'd recommend net-p2p/deluge (http://deluge-torrent.org/). It has all the features I ever wanted and its written in Python using libtorrent as engine. It runs as a non-ui daemon to which you can connect clients via network. Existing clients are: console, web and gtk+. I start the daemon and a web client on my server, and connect ether via web or with the gtk-ui :) It has no build-in tracker, but I recommend using a public one anyway (for example http://openbittorrent.com/). Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] ~amd64 : X11 (?) crashing
On Sun, 2009-11-15 at 01:06 +0100, Stefan G. Weichinger wrote: greets ... As mentioned lately in another thread I moved to amd64 unstable last week. So far OK ... but: I see X11 crashing repeatedly but I don't have a clue what component might be the reason. Sometimes my gnome-session (2.28) works for hours, sometimes for minutes. It crashes when starting a new program like opera, firefox, thunderbird, amarok, ... something I don't have a clear way to reproduce the crash and the logs don't tell me anything. -- I rebuilt xorg-server, xorg-drivers, xf86-input-* opera, etc I re-emerged @system overnight, ran revdep-rebuild, lalefixer etc (yeah, I know, X11 isn't @system ... but just to do the basement right) I use nvidia-drivers here, so I also did eselect opengl ... again. I erased xorg.conf and redid it via nvidia-xconfig ... and changed it to use absolute coordinates, as the xorg-server-1.7 seems to have issues with LeftOf ... Additional info: I use compiz and xinerama ... two monitors ... might add some problems. The two monitors are the reason for still using xorg.conf with xorg-server-1.7.x (maybe there's a better solution? I don't know yet). bugs.gentoo.org doesn't show anything describing my issues, I hesitate to file a bug as long as the symptoms are that vague ... Some clues, someone? There were NO such crashes before moving to full ~amd64, I ran xorg-server-1.6 before (mixing stable and unstable ...). Simply going back to xorg-server-1.6 ? Thanks a lot, Stefan. I might have a similar problem, that is definitely related to the second monitor and power management. If you disconnect your 2nd monitor, do the crashes still occur? But maybe this isn't related, because I have a Radeon card... just a lucky guess... Daniel
Re: [gentoo-user] Re: gnome 2.26 stable?
On Thu, 2009-10-01 at 06:48 +0200, Stefan G. Weichinger wrote: Daniel Troeder schrieb: Same here. After booting no sound ... in PA all looks good, after some searching I find alsamixer mutes things ... sigh ... but as long as there aren't more problems I can live with it. You can set things with alsamixer, and then (save and) restore them on (re)boot with /etc/init.d/alsasound Setup is in /etc/conf.d/alsasound. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] Re: gnome 2.26 stable?
On Thu, 2009-10-01 at 15:08 +0200, Stefan G. Weichinger wrote: Daniel Troeder schrieb: On Thu, 2009-10-01 at 06:48 +0200, Stefan G. Weichinger wrote: Daniel Troeder schrieb: Same here. After booting no sound ... in PA all looks good, after some searching I find alsamixer mutes things ... sigh ... but as long as there aren't more problems I can live with it. You can set things with alsamixer, and then (save and) restore them on (re)boot with /etc/init.d/alsasound Setup is in /etc/conf.d/alsasound. So I have to have both services running, alsasound AND pulseaudio ? I assumed I would have to disable alsasound when using PA (and disabled it ...) ALSA is not a service (it's just drivers and API). There is nothing running. It just loads your configuration (modules and volume levels). PA on the other hand does not have hardware drivers - it relies on ALSA or OSS for that. -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] Re: gnome 2.26 stable?
On Tue, 2009-09-29 at 18:19 -0700, walt wrote: I run gnome on my ~amd64 machine and have had no problems at all (so far). IMHO it's safe to run gnome on an ~amd64 machine, but I've not used the unstable gnome desktop on a stable amd64 machine. Just from past experience I might expect problems from mixing stable/unstable in that manner. But I can offer no evidence either way. I'm running testing GNOME on a stable system, with tesing audio/video/gfx/xorg stuff. Everything I consider moving fast is testing, the rest of the system is stable. Works good for me. Just that I have to unmask more and more base packages too, because they are a dependency of other unmasked packages... $ wc -l /etc/portage/package.* 593 /etc/portage/package.keywords 2 /etc/portage/package.mask 32 /etc/portage/package.unmask 23 /etc/portage/package.use 650 total (cleaned number after checking for comments with $ egrep '^#' /etc/portage/package.* ) $ eix -I --only-names | wc -l 1194 Well... I wouldn't call a system with 50% testing packages officially stable - though it is. :D Bye, Daniel
Re: [gentoo-user] Re: gnome 2.26 stable?
Any way to share a meaningful list of gnome-related pkgs to unmask/keyword? Just for starting off here That's my list of GNOME related packages. Probably some of them are not necessary to unmask anymore, and probably I missed some :) gnome-extra/nm-applet net-misc/networkmanager-vpnc net-misc/networkmanager-pptp net-misc/networkmanager-openvpn net-misc/networkmanager gnome-extra/nm-applet net-misc/openvpn sys-auth/policykit gnome-extra/policykit-gnome sys-auth/pambase sys-auth/consolekit sys-apps/hal app-cdr/brasero dev-libs/libburn media-sound/rhythmbox gnome-extra/nautilus-sendto app-misc/tracker dev-libs/liboil mail-client/evolution gnome-extra/evolution-data-server gnome-extra/evolution-webcal gnome-extra/gtkhtml net-libs/libsoup:2.4 dev-libs/glib net-wireless/bluez-gnome net-wireless/bluez-utils net-wireless/bluez-libs app-mobilephone/obex-data-server gnome-extra/gnome-vfs-obexftp net-wireless/bluez-hcidump app-pda/gnome-pilot app-pda/gnome-pilot-conduits dev-dotnet/gnome-sharp dev-dotnet/gtk-sharp dev-dotnet/gtk-sharp-gapi dev-dotnet/glade-sharp dev-dotnet/atk-sharp dev-dotnet/gdk-sharp dev-dotnet/pango-sharp dev-dotnet/glib-sharp dev-dotnet/gnome-panel-sharp dev-dotnet/gnome-desktop-sharp dev-dotnet/gconf-sharp dev-dotnet/dbus-sharp dev-dotnet/art-sharp dev-dotnet/gnomevfs-sharp dev-libs/gmime dev-dotnet/dbus-glib-sharp gnome-base/gnome-applets gnome-base/gnome-settings-daemon gnome-base/gnome-desktop gnome-base/libgnomekbd dev-libs/libgweather gnome-extra/fast-user-switch-applet gnome-base/gconf gnome-extra/gconf-editor x11-libs/libwnck gnome-base/gnome-panel gnome-base/gvfs gnome-base/gnome-session gnome-base/gnome-keyring app-editors/gedit x11-libs/gtksourceview dev-python/pygtksourceview dev-python/pygtk gnome-base/libgnomeui gnome-base/gnome-vfs dev-python/gnome-vfs-python dev-python/pygobject gnome-extra/deskbar-applet gnome-base/orbit gnome-extra/gucharmap gnome-extra/gnome-utils app-admin/pessulus net-analyzer/gnome-netstatus gnome-base/libgnomeprintui gnome-base/libgnomeprint gnome-extra/nautilus-cd-burner gnome-base/nautilus gnome-base/eel net-misc/vinagre net-libs/gtk-vnc gnome-base/gnome-menus gnome-extra/gnome-system-monitor media-video/totem dev-libs/totem-pl-parser dev-python/totem-python dev-python/gdata gnome-base/gdm x11-themes/gnome-themes media-sound/sound-juicer gnome-extra/bug-buddy media-gfx/eog app-arch/file-roller net-analyzer/gnome-nettool app-crypt/seahorse x11-terms/gnome-terminal x11-themes/gnome-icon-theme gnome-extra/swfdec-gnome media-libs/swfdec gnome-extra/zenity gnome-extra/yelp app-text/rarian gnome-base/gnome-control-center x11-wm/metacity gnome-extra/gnome-games gnome-base/libgnome x11-libs/pango net-misc/vino net-voip/ekiga gnome-extra/gnome-power-manager www-client/epiphany dev-python/gnome-python dev-python/gnome-python-desktop dev-python/gnome-python-base dev-python/gnome-python-desktop-base dev-python/librsvg-python dev-python/gnome-applets-python dev-python/libbonobo-python dev-python/libgnomecanvas-python dev-python/gnome-media-python dev-python/gconf-python dev-python/libwnck-python dev-python/evolution-python dev-python/gtksourceview-python dev-python/libgnomeprint-python dev-python/metacity-python dev-python/gnome-desktop-python dev-python/gnome-keyring-python dev-python/gnome-keyring-python dev-python/nautilus-cd-burner-python dev-python/libgtop-python dev-python/bug-buddy-python dev-python/libgnome-python gnome-extra/gnome-user-docs gnome-base/libgtop gnome-base/gnome-volume-manager gnome-extra/gnome-screensaver gnome-base/libbonobo gnome-base/librsvg app-misc/tomboy dev-dotnet/dbus-sharp dev-dotnet/mono-addins dev-lang/mono dev-dotnet/libgdiplus dev-dotnet/dbus-glib-sharp x11-misc/alacarte dev-libs/atk x11-misc/xdg-utils gnome-base/libbonoboui gnome-extra/gnome-media app-text/evince app-text/libspectre gnome-extra/gcalctool app-admin/sabayon x11-themes/gtk-engines x11-themes/gnome-backgrounds x11-libs/cairo x11-libs/pixman x11-misc/icon-naming-utils x11-libs/gtk+ gnome-base/gail x11-libs/vte GNOME likes gstreamer, and if you think (like me) A/V stuff should be up2date, then here is my list for that: (Personally I prefer mplayer/ffmpeg and the like over gst, but as it gets installed anyway, then it should be modern :) dev-python/gst-python media-libs/gst-plugins-bad media-libs/gst-plugins-base media-libs/gst-plugins-good media-libs/gst-plugins-ugly media-libs/gstreamer media-plugins/gst-plugins-a52dec media-plugins/gst-plugins-alsa media-plugins/gst-plugins-cdparanoia media-plugins/gst-plugins-dvb media-plugins/gst-plugins-dvdread media-plugins/gst-plugins-faad media-plugins/gst-plugins-ffmpeg media-plugins/gst-plugins-flac media-plugins/gst-plugins-fluendo-mpegdemux media-plugins/gst-plugins-gconf media-plugins/gst-plugins-gio media-plugins/gst-plugins-gnomevfs media-plugins/gst-plugins-lame media-plugins/gst-plugins-mad media-plugins/gst-plugins-meta media-plugins/gst-plugins-mpeg2dec media-plugins/gst-plugins-ogg
Re: [gentoo-user] Re: gnome 2.26 stable?
On Wed, 2009-09-30 at 19:15 +0200, Stefan G. Weichinger wrote: Stefan G. Weichinger schrieb: [...] thanks for the list ... after checking my backups I now added your list, edited a bit and started emerging. We'll see ;-) looks good so far, around 60 pkgs emerged, gnome 2.26 up and running. Now I look into the details, pulseaudio-integration and some other pkgs need to be rebuilt. Thanks for sharing and encouraging! Stefan Happy to hear that :) Yes... PA is a mess... it's really necessary and on the other hand it's really a mess... there are lots of web sites out there that describe the way. Still I'm having issues every other day, and I'm never sure if it's because of PA, alsa, apps or just me... I hope this stabilizes soon. I'm eagerly looking forward to GNOME 2.30 :D Have fun :) Daniel
Re: [gentoo-user] HDMI-out working?
On Fri, 2009-09-25 at 13:04 -0700, Grant wrote: Does HDMI-out on laptops work on Gentoo? - Grant Here on a Sony Laptop with ATI/AMD Radeon gfx it works perfectly with both OSS drivers as well as the commercial drivers. They do also distinguish between the HDMI and the VGA output. Can be set nice and easy with xrandr and the OSS drivers or with the closed source driver with the ATI catalyst control center. Daniel
Re: [gentoo-user] kvm and intel E5450 processor
On Thu, 2009-09-24 at 21:48 -0500, James Erickson wrote: You have to en/dis/able: CONFIG_HAVE_KVM=y CONFIG_HAVE_KVM_IRQCHIP=y CONFIG_KVM=m # CONFIG_KVM_INTEL is not set # CONFIG_KVM_AMD is not set # CONFIG_KVM_TRACE is not set Daniel i am getting the following error: make[1]: Entering directory `/usr/src/linux-2.6.31-gentoo' LD /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/built-in.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/svm.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/vmx.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/vmx-debug.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/kvm_main.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/x86.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/mmu.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/x86_emulate.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/../anon_inodes.o CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/irq.o In file included from /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/trace.h:355, from /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/x86.c:83: include/trace/define_trace.h:53:43: error: arch/x86/kvm/trace.h: No such file or directory CC [M] /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/i8259.o make[3]: *** [/dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/x86.o] Error 1 make[3]: *** Waiting for unfinished jobs In file included from /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/mmutrace.h:220, from /dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/mmu.c:184: include/trace/define_trace.h:53:43: error: ./mmutrace.h: No such file or directory make[3]: *** [/dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86/mmu.o] Error 1 make[3]: *** wait: No child processes. Stop. make[2]: *** [/dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88/x86] Error 2 make[1]: *** [_module_/dev/shm/portage/app-emulation/kvm-kmod-88-r1/work/kvm-kmod-devel-88] Error 2 make[1]: Leaving directory `/usr/src/linux-2.6.31-gentoo' make: *** [all] Error 2 A second of google led me here: I think you find the answer to your problem develops from here: http://bugs.gentoo.org/show_bug.cgi?id=280282 And can be found here: http://bugs.gentoo.org/show_bug.cgi?id=286042 [..] if you have 2.6.31 and want to use kvm-88-r1, kvm-kmod-88-r1 is not required and you can use the in kernel modules. if they release kvm-devel-89 for example, it may have newer kvm-kmod code than what is bundled in the kernel. Bye, Daniel
Re: [gentoo-user] kvm and intel E5450 processor
On Wed, 2009-09-23 at 22:17 -0500, James Erickson wrote: today i installed two quad core Intel Xeon E5450's (Harpertown). i notice in /proc/cpuinfo i no longer have a vmx flag as i had with my previous Intel E5405's. i have also noticed that my /dev/kvm device is no longer created. VT is enabled in the bios. the data for the E5450's states that they have Intel Virtualization Technology. so why dont i have a /dev/kvm? have i spent all that money on processors that can't use kvm? can anyone shed some light on this issue for me? i am confused. James Erickson __ Microsoft brings you a new way to search the web. Try Bing™ now hmm?? Wikipedia says you have VT: http://en.wikipedia.org/wiki/List_of_Intel_Xeon_microprocessors#.22Harpertown.22_.28standard-voltage.2C_45_nm.29 In case this is because of modules problem: You have to en/dis/able: CONFIG_HAVE_KVM=y CONFIG_HAVE_KVM_IRQCHIP=y CONFIG_KVM=m # CONFIG_KVM_INTEL is not set # CONFIG_KVM_AMD is not set # CONFIG_KVM_TRACE is not set (Possibly reboot if compile is in wrong directory, or check /usr/src/linux points to correct version.) Then you emerge: app-emulation/kvm-kmod (and app-emulation/kvm :) It is now necessary to have CONFIG_KVM=m and the CPU-specifics OFF and use the modules from app-emulation/kvm-kmod. That results in: /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kernel/arch/x86/kvm /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kernel/arch/x86/kvm/kvm.ko /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kvm /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kvm/kvm.ko /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kvm/kvm-intel.ko /lib/modules/2.6.30-tuxonice-r5.mayo.nofb/kvm/kvm-amd.ko Which seems strange, but works :) (You load kvm-intel.ko which loads the correct kvm.ko) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] Re: [OT] Setting up correct domainname
On Sun, 2009-09-20 at 21:38 +0100, Mick wrote: On Sunday 20 September 2009, Harry Putnam wrote: Mick michaelkintz...@gmail.com writes: -The following addresses had permanent fatal errors- email_acco...@isp.com (reason: 550 5.1.0 nag...@myserver.mydomain.com sender rejected : invalid sender domain) -Transcript of session follows - ... while talking to smtp.ISP.com: MAIL From:nag...@myserver.mydomain.com SIZE=745 AUTH= 550 5.1.0 nag...@myserver.mydomain.com sender rejected : invalid sender domain 554 5.0.0 Service unavailable Does this fail because the ISP's reverse DNS on my dynamically allocated IP address resolves to an ISP domain instead of myserver.mydomain.com? Is there something I could change in the configuration of my server to make this work again? I think you might avoid the problem by making sendmail Impersonate your isps domain. Using some or all of these settings in sendmail.mc MASQUERADE_AS(`yourISP.domain')dnl MASQUERADE_DOMAIN(`youractual.domain')dnl FEATURE(masquerade_entire_domain)dnl FEATURE(masquerade_envelope)dnl Yes, that should fix the reverse DNS problem alright, but then people who receive email notifications from myserver will be confused by the domain that these messages are sent from. I don't know this sendmail feature, but I think sendmail should not modify your message, but just the envelop. So `youractual.domain' would still be in the To-header, while `yourISP.domain' is in the envelop. That should make your ISP happy, and no receiver will ever notice (except if they look at the headers), because MUAs only show the To-header :) Your ISP could still check the To-header - but that would be just plain ugly... I could also use the ISP's domain for my IP address in the server's /etc/hosts file - although it would have the same problem with regards to the domain that messages are sent from.
Re: [gentoo-user] Gnome default file associations broken
On Sun, 2009-09-13 at 12:00 +0200, Sascha Hlusiak wrote: Hello List, somehow all default file associations are broken in my gnome installation and seem to point at the KDE applications instead. When right-clicking in nautilus on a pdf file, the default action is kghostview instead of evince (in kde the default is acroread) and the default action for inode/directory even is cervisia which makes gnome desktop unusable like that. When logging in in KDE the right kde applications are offered as default but in Gnome they used to be different. Where are gnome defaults handled? xdg-mime query default inode/directory shows correct app in kde but is empty in gnome. Calling update-mime-database /usr/share/mime and update-desktop-database do not change anything. Does anyone have a hint where to look? What role does gnome-vfs play? Yes, I can change the settings in my user, but since it's a multiuser system, it is important to change the defaults. Does this happen to all of your users? I mean: does this also happen if you create a new user, and log as it into GNOME? In case it's only a 1-user-problem: take a look at ~/.local/share/applications/mimeapps.list This is where users file associations should be set. Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887 signature.asc Description: This is a digitally signed message part
