FYI NVidia guide to improve performance and stability on Debian

Hi, Because i've had my share of 'blues' with NVidia on Debian i've compiled a guide which documents what i believe to be a permanent fix for many issues. http://www.oxitech.info/helpdesk/nvidia.html Basically, the below resolves most if not all troubles. 1. set nomodeset as a boot pa

Re: sudo and firefox (was: Off-topic: Gmail Grrrr.)

On Wed, 2013-12-25 at 08:28 +0100, Ralf Mardorf wrote: > On Wed, 2013-12-25 at 11:05 +0400, Reco wrote: > > And that assumes you're keeping browsing history. Why people are doin' > > this is something that I can never understand. > > Ok, in this case I recommend to use > > [rocketmouse@archlinux

Re: sudo and firefox (was: Off-topic: Gmail Grrrr.)

On Wed, 2013-12-25 at 11:05 +0400, Reco wrote: > And that assumes you're keeping browsing history. Why people are doin' > this is something that I can never understand. Ok, in this case I recommend to use [rocketmouse@archlinux ~]$ pacman -Q tor-browser-en tor-browser-en 3.5-1 For my Debian and

Re: sudo and firefox (was: Off-topic: Gmail Grrrr.)

Hi. On Wed, 25 Dec 2013 07:33:53 +0100 Ralf Mardorf wrote: > On Wed, 2013-12-25 at 10:15 +0400, Reco wrote: > > b) That sneaky sandbox user can override firefox with something > > like /home/user9-boxed/bin/firefox, which is bad. > > Here we are again ;). > > Using a profile, supported by fir

Re: sudo and firefox (was: Off-topic: Gmail Grrrr.)

On Wed, 2013-12-25 at 10:15 +0400, Reco wrote: > b) That sneaky sandbox user can override firefox with something > like /home/user9-boxed/bin/firefox, which is bad. Here we are again ;). Using a profile, supported by firefox, is the easiest and securest way. I only use another user, instead of a

Re: sudo and firefox (was: Off-topic: Gmail Grrrr.)

Hi. On Wed, 25 Dec 2013 12:08:01 +0900 Joel Rees wrote: > On Tue, Dec 24, 2013 at 9:42 PM, Reco wrote: > > Hi. > > > > On Tue, 24 Dec 2013 13:29:28 +0100 > > Ralf Mardorf wrote: > > > >> This would lead to "Error: cannot open display: :0.0". > >> Sure, $ xhost +; sudo -u [...] does the trick

Re: Off-topic: Gmail Grrrr.

On Tue, Dec 24, 2013 at 9:42 PM, Reco wrote: > Hi. > > On Tue, 24 Dec 2013 13:29:28 +0100 > Ralf Mardorf wrote: > >> This would lead to "Error: cannot open display: :0.0". >> Sure, $ xhost +; sudo -u [...] does the trick, > > No, if you do it smart way, such as (in .xsessionrc): > > xauth extrac

Re: testiing and sid

On Mon, 23 Dec 2013 23:16:51 -0500, erosenberg wrote: > 1]  My apologies to those who noted that I was sending HTML emails. >  Thunderbird is on the computer with no X windows. When I fix that > computer the HTML emails will be a thing of the past. > 2] In reference to fixing the the computer with

Re: NVIDIA Problem?

On Thu, 07 Nov 2013 00:26:12 -0500, erosenberg wrote: > If you don't have an NVIDIA graphics card, then remove the nvidia > packages: > * glx-alternative-nvidia * nvidia-driver * libgl1-nvidia-glx and > instead, install libgl1-mesa-glx. This should allow your INTEL > card > to do the 3D accele

Re: Nvidia 210 with HDMI

On Fri, 01 Nov 2013 10:59:10 +0100, Gábor Hársfalvi wrote: > Hi, > > Could someone help about using audio with Nvidia 210 videocard with Asus > Motherboard with Nvidia onboard Soundcard? > > How to configure Alsa? > > Thanks Hi,Could someone help > about using audio with Nvidia 210 videocard wi

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On Mon, 23 Dec 2013 18:42:24 +0100, Gilles Mocellin wrote: > Le 23/12/2013 15:30, Raffaele Morelli a écrit : >> 2013/12/14 Lukasz Szybalski > > >> >> >> [...] >> >> >> root should not own files served by apache for any reason, that's >> really "dangerous"! >> you sh

Re: Nvidia package installation problems

Hi, I've ran into the same issues on an old NVidia Quadro FX 360M. Honestly, i don't know what's going with Debian lately. Wheezy looked promising and has been quite a dissapointment when it comes to package quality. Golden hint include nomodeset in /etc/default/grub on the line GRUB_CMD_LINE

Re: Acpi "Lid" Suspend with Eeepc 900 Not Working

On Tue, 24 Dec 2013, Selim T. Erdogan wrote: > Patrick Bartek, 21.12.2013: > > Installed Wheezy-LXDE 32-bit off LXDE flavor ISO via thumb drive to > > replace Eeebuntu 3.0 that I installed on it 3 years ago or so. > > Chose Base, Desktop GUI and Laptop tasks. Nothing else. All went > > well and

Re: Acpi "Lid" Suspend with Eeepc 900 Not Working

Patrick Bartek, 21.12.2013: > Installed Wheezy-LXDE 32-bit off LXDE flavor ISO via thumb drive to > replace Eeebuntu 3.0 that I installed on it 3 years ago or so. Chose > Base, Desktop GUI and Laptop tasks. Nothing else. All went well and > as far as I can tell everything works, except Suspend (

Re: wi-fi hardware disabled

On 23/12/13 20:47, Gregory Nowak wrote: On Mon, Dec 23, 2013 at 08:14:29PM +0200, andrey.ry...@bilkent.edu.tr wrote: hi everybody! in my network icon in Gnome3 i have "wi-fi hardware disabled". How i can enable it? # lspci -k|grep -i wi -A 3 03:00.0 Network controller: Qualcomm Atheros AR9485 W

Re: carrying running laptop, was: Re: Acpi "Lid" Suspend with Eeepc 900 Not Working

On Mon, Dec 23, 2013 at 04:36:24PM -0700, Bob Proulx wrote: > Gregory Nowak wrote: > > Bob Proulx wrote: > > > That is my normal method of sleeping my laptop. I consider it a > > > feature. It sleeps when I tell it to and not just because I closed > > > the lid. Allows me to carry my laptop from

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 10:37 AM, Raffaele Morelli wrote: Are u kidding? Apache writes and creates everything you want if directory/files permissions are designed for and that is what you want. Incorrect. Apache writes or creates NOTHING. The web server user can create and write files from a script

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On Tue, 24 Dec 2013 17:08:48 +0100 Raffaele Morelli wrote: > 2013/12/24 Reco > > > > > > > > > That's one way of doin' it. Now, to rely on poorly-implemented > > > > 'security' features of PHP - that's something really not worth doing. > > > > > > > > > That's absolutely you point of view, a wi

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 11:08 PM, Raffaele Morelli wrote: IMHO your claim is a little bit conceited, it sounds like a self-styled web developer "guru" talking to his ego. Hey Raffaele, You and Reco are talking about root - www-data, chown - chroot... things, not his personal characteristics. Your reply

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 Reco > > > > > That's one way of doin' it. Now, to rely on poorly-implemented > > > 'security' features of PHP - that's something really not worth doing. > > > > > > That's absolutely you point of view, a wise and skilled developer does > > everything safe, a poor minded simply does no

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On Tue, 24 Dec 2013 16:37:45 +0100 Raffaele Morelli wrote: > > > So ownership to root does matter? > > > > Which ownership are you talking about? > > Was directory in question was owned by root, the attacker could not > > create own files. > > Was php files in question was owned by root, the atta

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 Reco > Hi. > > On Tue, 24 Dec 2013 15:40:39 +0100 > Raffaele Morelli wrote: > > > 2013/12/24 Reco > > > > > On Tue, 24 Dec 2013 14:32:58 +0100 > > > Raffaele Morelli wrote: > > > > > > > The main point was that an attacker wrote a php script in the OP > > > > (wordpress? joomla?) t

Re: Off-topic: Gmail Grrrr.

On Tue, 24 Dec 2013 15:51:25 +0100 Ralf Mardorf wrote: > On Tue, 2013-12-24 at 15:40 +0100, Ralf Mardorf wrote: > > On Tue, 2013-12-24 at 18:04 +0400, Reco wrote: > > > I wrote "one runs two instances of firefox with different profiles > > > > and I replied that you can start your default browse

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

Hi. On Tue, 24 Dec 2013 15:40:39 +0100 Raffaele Morelli wrote: > 2013/12/24 Reco > > > On Tue, 24 Dec 2013 14:32:58 +0100 > > Raffaele Morelli wrote: > > > > > The main point was that an attacker wrote a php script in the OP > > > (wordpress? joomla?) theme folder and used this script to acc

Re: Nvidia package installation problems

On Mon, Dec 23, 2013 at 11:37 AM, Brad Rogers wrote: <---snip---> >>have any trouble doing that. But I don't want to have a package from >>repository still installed at the same time as the nvidia download. > > There are problems with that as you can imagine. Debian packages can > get confused

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 15:40 +0100, Ralf Mardorf wrote: > On Tue, 2013-12-24 at 18:04 +0400, Reco wrote: > > I wrote "one runs two instances of firefox with different profiles > > and I replied that you can start your default browser with a profile > too. The issue you pointed out is the same for t

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 18:04 +0400, Reco wrote: > I wrote "one runs two instances of firefox with different profiles and I replied that you can start your default browser with a profile too. The issue you pointed out is the same for the profile approach and another user account approach. If you wan

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 Reco > On Tue, 24 Dec 2013 14:32:58 +0100 > Raffaele Morelli wrote: > > > The main point was that an attacker wrote a php script in the OP > > (wordpress? joomla?) theme folder and used this script to access sendmail > > executable (I wonder those file/folder ownership, root? www-data

Re: carrying running laptop, was: Re: Acpi "Lid" Suspend with Eeepc 900 Not Working

On Mon, 23 Dec 2013 18:27:56 -0600 John Hasler wrote: > Bob Proulx writes: > > I agree that seems intuitive. But apparently they are effective > > enough in practice. I don't know if they are a marketing success only > > but I note that they have been successfully marketed for years. I > > hav

Re: Off-topic: Gmail Grrrr.

On Tue, 24 Dec 2013 14:54:35 +0100 Ralf Mardorf wrote: > A last note, before I go off-line for holidays. > > A user is allowed to add a profile, but a user needs to ask the admin to > add a new user ;). Ok, I've read all your contribution to the thread. Let us start with something simple. You'

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On Tue, 24 Dec 2013 14:32:58 +0100 Raffaele Morelli wrote: > The main point was that an attacker wrote a php script in the OP > (wordpress? joomla?) theme folder and used this script to access sendmail > executable (I wonder those file/folder ownership, root? www-data?). Directory's owner is www

Re: Off-topic: Gmail Grrrr.

A last note, before I go off-line for holidays. A user is allowed to add a profile, but a user needs to ask the admin to add a new user ;). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: ht

Re: Off-topic: Gmail Grrrr.

> > Sudo can be configured for passwordless access, but that's not the > > point. > > That is a point, you want users to tinker with root privileges, when > there is a better, a KISS solution that is idiotproof. Sorry, with privileges, not root privileges. Anyway completely unneeded, and anti-KI

Re: Off-topic: Gmail Grrrr.

Oops, Reco wrote, not I ;). > On Tue, 2013-12-24 at 14:35 +0100, Ralf Mardorf wrote: > > Sudo can be configured for passwordless access, but that's not the > > point. > > That is a point, you want users to tinker with root privileges, when > there is a better, a KISS solution that is idiotproof.

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 14:35 +0100, Ralf Mardorf wrote: > Sudo can be configured for passwordless access, but that's not the > point. That is a point, you want users to tinker with root privileges, when there is a better, a KISS solution that is idiotproof. -- To UNSUBSCRIBE, email to debian-us

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 16:42 +0400, Reco wrote: > Hi. > > On Tue, 24 Dec 2013 13:29:28 +0100 > Ralf Mardorf wrote: > > > This would lead to "Error: cannot open display: :0.0". > > Sure, $ xhost +; sudo -u [...] does the trick, > > No, if you do it smart way, such as (in .xsessionrc): > > xaut

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 PaulNM > > > On 12/24/2013 04:37 AM, Reco wrote: > > Hi. > > > > On Tue, 24 Dec 2013 09:59:39 +0100 > > Raffaele Morelli wrote: > >> Yes, I missed this point. > >> > >> BTW, as I don't want to rewrite someone else system security rules, > let's > >> say that: MY best practice is to h

Re: Default Desktop Environment in Jessie

On Tue 24 Dec 2013 at 17:37:37 +0600, Muntasim-Ul-Haque wrote: > Recently I've noticed hype regarding XFCE as the probable default > desktop environment in Debian Jeesie. It's going to replace GNOME. But > does it matter that much? I mean, GNOME would be a desktop environment > option, if not defa

Re: Off-topic: Gmail Grrrr.

Hi. On Tue, 24 Dec 2013 13:29:28 +0100 Ralf Mardorf wrote: > This would lead to "Error: cannot open display: :0.0". > Sure, $ xhost +; sudo -u [...] does the trick, No, if you do it smart way, such as (in .xsessionrc): xauth extract - $DISPLAY | sudo -u user1 -- sh -c \ "cat -> /home/user1/.

Re: bumblebee on laptop

Hi, Dňa Tue, 24 Dec 2013 14:56:29 +0400 Reco napísal: > In Debian, at least, they provide 'glx-alternative-*' packages > which allows the user to switch between different implementations of > GL.so. > > > Now, they say there's that 'bumblebee' project, which allows to run an > X client on a NV

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 16:17 +0400, Reco wrote: > On Tue, 24 Dec 2013 13:13:26 +0100 > Ralf Mardorf wrote: > > > If I start Firefox with profile A, I might have cookies enabled by > > default and the history only includes Linux links. > > > > When using Firefox profile B, I perhaps have cookies d

Re: Off-topic: Gmail Grrrr.

On Tue, 24 Dec 2013 13:13:26 +0100 Ralf Mardorf wrote: > If I start Firefox with profile A, I might have cookies enabled by > default and the history only includes Linux links. > > When using Firefox profile B, I perhaps have cookies disabled by default > and the history only includes links to a

Re: Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 16:05 +0400, Reco wrote: > Hi. > > On Tue, 24 Dec 2013 12:55:23 +0100 > Ralf Mardorf wrote: > > > I want to have different profiles on Linux machines to have different > > settings, different histories without changing the user. > > A classic example of a 'XY problem', Ra

Re: Off-topic: Gmail Grrrr.

Hi. On Tue, 24 Dec 2013 12:55:23 +0100 Ralf Mardorf wrote: > I want to have different profiles on Linux machines to have different > settings, different histories without changing the user. A classic example of a 'XY problem', Ralf. What problem are you trying to solve with this approach? Re

Re: Default Desktop Environment in Jessie

Hi. On Tue, 24 Dec 2013 17:37:37 +0600 Muntasim-Ul-Haque wrote: > Hi, > Recently I've noticed hype regarding XFCE as the probable default > desktop environment in Debian Jeesie. It's going to replace GNOME. But > does it matter that much? Never underestimate the power of default settings. XFC

Re: Default Desktop Environment in Jessie

At least the hardware requirements are really important. You simply can't run GNOME 3 on every computer, but there shouldn't be an issue with using Xfce 4 on all computers. Regards, Ralf -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Off-topic: Gmail Grrrr.

On Tue, 2013-12-24 at 08:08 +, Bonno Bloksma wrote: > Different browser profiles is like the way Outlook (Express) on > Windows have/had different profiles. That is a leftover from the old > times like Windows 3, 9x, etc when there was no possibility to have > different logins. Unix style compu

Default Desktop Environment in Jessie

Hi, Recently I've noticed hype regarding XFCE as the probable default desktop environment in Debian Jeesie. It's going to replace GNOME. But does it matter that much? I mean, GNOME would be a desktop environment option, if not default. What's the big deal about being the default DE? How much it di

Re: Gmail Grrrr.

On Tue, 2013-12-24 at 11:24 +, Lisi Reisz wrote: > But I didn't have much time Adding a new user and _copying the home directory from one user to the other_ and then making a few changes would save some time. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject

Re: Gmail Grrrr.

On Tuesday 24 December 2013 08:08:21 Bonno Bloksma wrote: > Hi Ralf, > > >> But, isn't this the whole reason we use different login names > >> and let people have different home directories with their own > >> configs? > > > > Not necessarily when it's a family computer. > > I would almost say espe

Re: bumblebee on laptop

On Tue, 24 Dec 2013 11:37:45 +0100 Slavko wrote: > Hi, > > Thanks, i will try it. But i see, that you know more than I about this. > Please, can you describe me in short, what are differences between usage > the mesa-glx and the nvidia-glx? The way I see it - nvidia-glx and mesa-glx are differe

Re: bumblebee on laptop

Hi, Dňa Tue, 24 Dec 2013 10:02:34 +0400 Reco napísal: > > > Try running it like this: > > > > > > vblank_mode=0 glxgears > > > > I tried this at my desktop PC (only one VGA - GeForce GT 220). The > > numbers are with vblank_mode are the same as without this variable > > and both are cca 60 fps

Re: Gmail Grrrr.

Ahoj, Dňa Tue, 24 Dec 2013 08:08:21 + Bonno Bloksma napísal: > Hi Ralf, > > >> But, isn't this the whole reason we use different login names and > >> let people have different home directories with their own configs? > > > > Not necessarily when it's a family computer. > > I would almost s

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 04:34 AM, Reco wrote: > Hi. > snip > > I'm not Paul, but that's simple. > Setuid bit is ignored for scripts. > > The reason for it is - the only thing that's able to spawn a process is > an executable, which has certain format (ELF for Linux, possibly a.out > - that depends on a

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 04:37 AM, Reco wrote: > Hi. > > On Tue, 24 Dec 2013 09:59:39 +0100 > Raffaele Morelli wrote: >> Yes, I missed this point. >> >> BTW, as I don't want to rewrite someone else system security rules, let's >> say that: MY best practice is to have www-data or any other NON-root user >

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 Reco > Hi. > > On Tue, 24 Dec 2013 09:59:39 +0100 > Raffaele Morelli wrote: > > Yes, I missed this point. > > > > BTW, as I don't want to rewrite someone else system security rules, let's > > say that: MY best practice is to have www-data or any other NON-root user > > as the scripts

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

Hi. On Tue, 24 Dec 2013 09:59:39 +0100 Raffaele Morelli wrote: > Yes, I missed this point. > > BTW, as I don't want to rewrite someone else system security rules, let's > say that: MY best practice is to have www-data or any other NON-root user > as the scripts owner. So, basically you're allo

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

Hi. On Tue, 24 Dec 2013 10:03:15 +0100 "Hans-J. Ullrich" wrote: > Hi Paul, > I do not intend to hijack this discussion but I think I have got the same > problem! > > Fist thank you for your explanation. I am following this discussion and I > have > a similar problem. I made a script, which

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 02:57 AM Raffaele Morelli wrote: Read apache webserver documentation. This is a good idea in general, but a more specific reference would actually be practical. There is no problem whatsoever with files being owned by root. This is done all of the time. It is okay.

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

> > No, php script *RUN* by root -> full system access > > php script run by www-data -> access to what www-data has access to. > > Owner/Group/Other permissions only affect who has access to the > file/folder, not the kind of access the file (process) itself has when > run. Two very different c

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 PaulNM > > > On 12/24/2013 03:00 AM, Raffaele Morelli wrote: > > > > 2013/12/24 Reco mailto:recovery...@gmail.com>> > > > > Hi. > > > > On Tue, 24 Dec 2013 08:47:17 +0100 > > Raffaele Morelli > > wrote: > > > > > I think you shou

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

On 12/24/2013 03:00 AM, Raffaele Morelli wrote: > > 2013/12/24 Reco mailto:recovery...@gmail.com>> > > Hi. > > On Tue, 24 Dec 2013 08:47:17 +0100 > Raffaele Morelli > wrote: > > > I think you should read man pages on shells and privileg

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

Hi. On Tue, 24 Dec 2013 09:00:59 +0100 Raffaele Morelli wrote: > php script is owned by root -> full system access > > now, try `su - www-data` and have a look at the shell you are in. > there you are if you can get it. # apt-get install apache2 php5-cli … # cat > /var/www/test.php << EOF >

RE: Gmail Grrrr.

Hi Ralf, >> But, isn't this the whole reason we use different login names and let >> people have different home directories with their own configs? > > Not necessarily when it's a family computer. I would almost say especially when it is a family computer. This is how I set it up all the time.

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

Hi. On Tue, 24 Dec 2013 08:57:36 +0100 Raffaele Morelli wrote: > Keep in mind that if a php script is owned by root user and there's a > security hole in it, an attacker can easily access every block of your file > system. Executing root-owned php script by www-data user will give you a proces

Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

2013/12/24 Reco > Hi. > > On Tue, 24 Dec 2013 08:47:17 +0100 > Raffaele Morelli wrote: > > > I think you should read man pages on shells and privileges first and > what a > > user can do. > > Can you elaborate please how exactly serving root-owned file with > apache is a bad thing for security?