Re: Filesystem recommendations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stan Hoeppner wrote: Rob Owens put forth on 4/28/2010 8:26 PM: Many/most users don't run a UPS and sudden unexpected power loss is a real possibility for them. Really? I was under the impression that laptops and netbooks are now the primary computer of well over 50% of users worldwide (not counting smart phones). Laptops have a built-in UPS. A battery is kinda like an UPS, but not really. Two reasons: Some folks take it out when plugged in. This prolongs its lifetime. Obviously reduces UPS functionality a bit. The battery may not correcly predict running time, hence actually causing the powerdown which the UPS is supposed to protect against. This can happen even when the user plugged in their laptop but forgot to connect one end of the cable and does not check the little battery/plug icon on their screen. sure there are many people who can barely afford a PC let alone a UPS. Used laptops are a great fit for those users, assuming the batteries aren't shot. But the battery is usually the first thing to go. You can't even get a decently long warranty on a new battery AFAIK. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvZ/7YACgkQ+VSRxYk440/kvACeKOQNdWJEWP9N+S6Vhw+uZCJt ejcAn0pHNocxrdx3/YAgvRvyJi4m5Zrd =Y6hn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bd9ffb6.4070...@web.de
Re: VM software for personal use?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Allums wrote: On 4/26/2010 5:24 PM, Clive McBarton wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Allums wrote: Some people are scared of shared folders as possible attack vectors, thus security risks. What exactly are those risks? It depends on the mechanism used to share the folders. If if is through a network interface, then the risks are similar to the risks on any trusted intranet. OK. If the folders are provided by the VM internals, then the risk is what you can lose by a successful attack on the guest kernel or the host VM. And how much is that? Assuming there's one folder on the host that the guest can write to (that's what I understand by shared folder), than a successful attack can fill up space on the host, but that's it. It cannot get out of this folder as far as I can see. If the host VM is kernel-based, then the risk is that of a (host) kernel attack. OK. Note: I'm using risk as in what can you lose? If you mean attack vectors, then those should be evident I'm not sure I get the distinction risk vs attack vector. Nor do I find those particularly evident. Which is probably my lack of knowledge in that area. Could you please enlighten me here? Google Joanna Rutkowska. She probably knows as much as anyone about breaking out of a VM to attack the host. Just one person can do this? I feel safe now. I'm sure others on this list know more than I do about it. I hope they share their knowledge here, so I can learn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvaBk0ACgkQ+VSRxYk4408DpwCfVxGZgQGKka2YCBCZJToGQKFB 2iEAn0CucSotl67SjbdQBAMAOPRNhg4S =zYGb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bda064d.5010...@web.de
Re: Icedove/Thunderbird 3.0 (was Re: The future of nv ...)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kevin Ross wrote: Reply to List button (which I know was available as an add-on before) You remember what the add-on is called? Searching for reply to list in add-ons didn't give me anything. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvWEDUACgkQ+VSRxYk440/PrQCcCgUqTAimdGbz9Dq/HkjOjZTz scYAoOqOkoR0vXRSYnLSkXs7O5CVqbph =bsaZ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bd61035.1050...@web.de
Re: VM software for personal use?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Allums wrote: Some people are scared of shared folders as possible attack vectors, thus security risks. What exactly are those risks? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvWErIACgkQ+VSRxYk440/yagCgpGbHFBQjg7hR3cTuLVaKloGm R6QAoIurlXiK/EBR6ei+5eCKYyKDAyjY =PBJS -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bd612b2.1060...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian Kulzer wrote: On Tue, Apr 20, 2010 at 07:08:23 -0500, John Hasler wrote: Clive McBarton writes: The debian-multimedia-keyring is not restricted by patents or any other licence issues. I understand why the other d-m packages are not in debian, but the keyring (and just the keyring) should be in debian. Debian-multimedia is not part of Debian, The archive signing key of debian-multimedia is nevertheless in Debian already: Christian Marillat uses his developer key to sign his Release files, so anyone who cares about security can take this key from the (authenticated) debian-keyring package and feed it to apt-key before installing any packages from debian-multimedia. Great! Thanks! Just what I was looking for. What would be the simplest command to achieve this key extraction and insertion? In my case, his key is already on my keyring, so I have some difficulty testing any command that I'd think up myself. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvPguwACgkQ+VSRxYk440+SywCePFUniAjFfsV4NhZc2p38ydhH cSsAoJSMiIM5r+KgkI4HgGinCPnzU1/m =C+Mx -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bcf82ed.3010...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alan Ianson wrote: Clive McBarton wrote: It would help a lot if the key of d-m (package debian-multimedia-keyring) was in the debian repos, not just the d-m repos. All the stuff at debian-multimedia can't be included in debian for various reasons, mostly freedom I think, so you won't find it in debian at all. It's made for debian but it isn't debian. John Hasler wrote: Most of it is Free Software but encumbered by actively-enforced patents. d-mm.o has a non-free section for non-free stuff. The debian-multimedia-keyring is not restricted by patents or any other licence issues. I understand why the other d-m packages are not in debian, but the keyring (and just the keyring) should be in debian. It will not affect anyone who does not include d-m in their sources.list, and provides peace-of-mind for those who do, plus protection against MITM. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvNUisACgkQ+VSRxYk4409EMACgp5BHx0A1xa4dnN8HVSLNMMML N34An0fkc3P2jL9TgxmmC6JFqMyQ290L =6/K1 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bcd522c.3000...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark wrote: I also have been using debian-multimedia for LAME mp3 and am very thankful for its existence. Yes, it's useful for that. Though if it's just lame, it's probably simpler to compile the source than to add a repo. without the debian-multimedia, in which the .mov file played great in mplayer. Can you check your installed version of libavcodec51? That's one of the things which d-m modifies. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvMw8kACgkQ+VSRxYk4409f2wCfcIcqL0QBYDHy4Hq6Cs51ovQd QL4An22TeCGLYbIkjrAbIjxPjupqikxt =8iQ3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bccc3c9.9030...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Liam O'Toole wrote: Adding debian-multimedia.org breaks a couple of things. Including vlc. I don't know why they don't fix their repository. I'm curious if many people use debian-multimedia. Is it trustworthy? I have been using debian-multimedia with Debian stable for years without any problems. It is a vauluable and reliable service, Valuable yes, since it provides useful video processing apps. I'm using it also since recently. It probably is reliable, although for me it did break vlc the moment I started using it. and is provided by a well-known Debian developer. Good to know. How come there is no link anywhere on debian.org pointing to debian-multimedia.org? Anything to establish a chain of trust. As it is, I looked and looked but didn't find. Even when searching for multimedia on debian.org, it does not mention debian-multimedia.org at all. Not even when searching for debian-multimedia. Every new debian user trying to verify the credibilitiy of debian-multimedia.org would have given up at this point for sure. With the information that Marillat is a Debian developer (and the precise spelling of his name) I was actually able to go to the developer's page on debian org, find him, and see a link to d-m. So in a very roundabout way, d-m is actually endorsed by debian.org. But how would anybody find out about this in a reasonable amount of time? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvMyOsACgkQ+VSRxYk4409xCwCgiXo8AS/wA8db8M2SP4Kv3c2l knAAnA2Xq8lPi6RtGd06yiMcbrMe45Ih =Kc7/ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bccc8eb.8000...@web.de
Re: How to remove oowriter delay on opening document?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: There use to be a preloader, but I don't see it anymore. There was a feature where GNOME or KDE would pre-load OOo at DE startup. That way, it *appears* that OOo loads much faster, even though it was really just shifted. There's still the preload package. It preloads whatever is needed most, hence presumably also OOo if that is what's run often. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvMy40ACgkQ+VSRxYk440+4KgCeICkxgv7RQocTznsCZOfFg2lo sCcAoIEJAAV5yO4axm+y96NGpvlVPQoI =jDBy -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bcccb8d.6010...@web.de
Re: Timezones for Kontact seriously broken in Lenny
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CamaleĆ³n wrote: I was a KDE 3.5.x user for long time (2003-2010) but switched to GNOME as soon as the first KDE 4.0 came to scene (it was not intended for end- users but *we had* to deal with it and the result was many people searched another alternatives, me included). *Had*? External decisions? That sounds like workplace, production environment. Where people tend to use Debian stable. But 3.5 is still the default in Debian stable (lenny) to this day. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvMzMwACgkQ+VSRxYk4409q2gCeJo4vuKm5HJjjSJshJl/s3goe EXsAnixEhntaY/zHV0SxSPl/b8k/5DkX =XPs2 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bcc.8030...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: On 2010-04-19 16:19, Clive McBarton wrote: [snip] How come there is no link anywhere on debian.org pointing to debian-multimedia.org? Anything to establish a chain of trust. As it is, I looked and looked but didn't find. Even when searching for multimedia on debian.org, it does not mention debian-multimedia.org at all. Not even when searching for debian-multimedia. Every new debian user trying to verify the credibilitiy of debian-multimedia.org would have given up at this point for sure. Google is pretty darned ubiquitous, and has been for 8+ years. Putting Debian play in the FF/IW search bar auto-completes debian play encrypted dvd, and each of the first 5 links mentions d-mm.o. Yes, google (and all other search sites) quickly lead to d-m. But what does this really prove? We all know that google (and all other search sites) are far from immune against finding malware sites. Example: google windows multimedia. On the first page of results, half the hits are sites with pretty dubious names. I wouldn't be surprised if some of them actually distributed malware. Linux is generally better protected against malware as Windows, but this is one vulnerability that is common to both: if you install anything from an untrusted repo, and if that repo had malware, you're toast. Mentioned does *not* mean endorsed. Never has, never will. d-mm.o is not an official Debian site, so it's nor mentioned anywhere except his personal page and the list archives. I understand that point of view. But it is a point of view that will make people stay away from d-m (and pretty much all other repos for that matter). It would help a lot if the key of d-m (package debian-multimedia-keyring) was in the debian repos, not just the d-m repos. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvM0msACgkQ+VSRxYk440+0dwCgj57XNX8Clqcwiib5Hln1HxVZ k1wAoOxWT7C1A2xQ6N4kWSl0rs2Z3/l5 =+WNb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bccd26b.4020...@web.de
Re: recent mobo recommendation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: ATX means you'll get lots of built-in features. I like my Gigabyte GA-MA780G-UD3H mobo with AM2+/AM2 socket. 8GM RAM, 6 SATA, 1 (or 2, I forget) rear eSATA, lots of USB, a front and rear Firewire and decent on-board audio. On-board ATI video with separate video RAM, but I installed a fanless NVIDIA card because the driver situation is *simple*, and it's fast. That's good to hear, and it makes me curious. Does the simple refer to the open-source or the closed-source NVIDIA driver? And is it general consensus that NVIDIA is easier to deal with than ATI? After all, you installed a card after you already had on-board graphics. Also, I vagely recall having heard that a 64bit-OS might be trickier to deal with when it comes to graphics drivers. Is that true? Here I see 8 Gig of RAM, hence presumably a 64bit system. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvLZxkACgkQ+VSRxYk4409sSQCeLyHCUBOv+T2BggQSJxn+ohGb IM8AoNU3KYTW4LpVzR9HJkXB+GMMk1ac =SHLp -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bcb6719.3030...@web.de
Re: [SOLVED] Debian-multimedia breaks mplayer .mov playback on Lenny?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark wrote: On Thu, Apr 15, 2010 at 11:06 AM, Mark mamar...@gmail.com wrote: Has anyone else experienced mplayer generating Fatal Error Error opening/initializing the selected video_out (-vo) device after adding debian-multimedia.org to sources.list and performing the subsequent Smart Upgrades? I'm trying to figure out if that's the cause; since other machines I have without debian-multimedia.org in the sources.list tab play the same .mov files fine I'm suspecting this. I've tried various tweaks I found on-line to the /etc/mplayer/mplayer.conf file for the vo section but nothing worked. I'll be re-doing the installation for a friend and wanted to avoid breaking mplayer if possible. I have confirmed one of the Smart Upgrades contained in debian-multimedia on Lenny does in fact cause this Fatal Error. I reinstalled Lenny on the same machine tonight, without adding debian-multimedia to /etc/apt/sources.list, and mplayer plays the .mov files just fine. Wanted to share in case anyone else has this problem. Mark Adding debian-multimedia.org breaks a couple of things. Including vlc. I don't know why they don't fix their repository. I'm curious if many people use debian-multimedia. Is it trustworthy? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvJNKcACgkQ+VSRxYk440/8vgCgkfVbqXroqRN3KGq6ZkxR+GjR k50An2+UMfJg6mjacseTyqvQG87E0Ai3 =oWcy -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc934a7.3050...@web.de
Re: Boot / LVM best practices
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 M.Lewis wrote: Would it be better to move the LVM to a larger SATA drive and migrate the boot drive on to a new small IDE HD? I've even thought to set it up to boot from a flash drive. Not sure that would be wise either. My question is is this a 'wise' thing. If not, why not and what would be the better approach? Mike, you didn't say how important speed is to you, and how large your wallet is. If the answer to both is very, you can think about getting 1 HD + 1 SSD (solid state disk). A decent SSD costs 3 times as much as a small HD but will be more than twice as fast, hence faster than any RAID made from 2 HDs, at least while reading. Reading probably matters to you most since you talk about the boot drive. Writing speed on a decent SSD is about as high as on a single HD. A SSD is presumably the best (fastest) method to boot from. I assume they qualify as flash drives. On the other hand, USB flash drives cannot be particularly fast, unless you have USB 3.0 (hardly the case for your computer, since it runs on a 250GB IDE HD). USB 2.0 limits the speed to about 34MB per second, less than half the speed of a cheap HD. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvE1lEACgkQ+VSRxYk440/fIACcD0OGlwgv97zDsJ0X6DKwTgcC lyMAn2vuVEwRkhjV/wCCnr+ExGiSVI3u =Tu/h -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc4d651.1010...@web.de
Re: What prevents mounting of USB devices?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian Kulzer wrote: Did you have any security upgrades lately Sure, I install them regularly. Doesn't everybody? or did you install packages from backports or volatile I do have the following as part of my sources.conf: deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free deb-src http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free deb http://www.debian-multimedia.org lenny main I am not sure if I actually installed anything from volatile. or any non-Debian stuff? Yes, from debian-multimedia.org. Presumably that counts as non-Debian. Another thing to try is to activate the desktop icons for removable devices and test if users can mount the devices by clicking on the icons. Sorry to sound stupid, but how do I activate those? Right now I don't see any icons on the desktop when plugging devices in. I suspect that the fstab entry is not really a problem. Maybe you can setup pmount for the individual users so that it is more convenient. Yes, the pmount works fine now, it did not even require setting anything up. Unfortunately I do not understand what else your dbus error message is trying to tell us. I would run lshal --monitor, then plug in a USB stick and try to mount it; maybe that will turn up something useful. Seeing what hal knows about a USB stick might also help; hal can be queried like this: lshal -u $(hal-find-by-property --key block.device --string /dev/sdX) lshal -u $(hal-find-by-property --key block.device --string /dev/sdX1) (Replace sdX as is appropriate) Thanks for showing and explaining lshal to me. I'll explore with it and report if I find something interesting. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvDqA4ACgkQ+VSRxYk4408SyACeLV3a1tt3VKgvTwya+oBz71Nu IgQAn0hgk+w/0ykMQB/vtjNRf1oeLyib =3B0A -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc3a80f.5010...@web.de
Re: Migrate OS to smaller drive?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sjoerd Hardeman wrote: Clive McBarton schreef: Sjoerd Hardeman wrote: mount the new device (mount -odev /dev/newdevice), and do a rsync -ax / /media/newdevice. What exactly is the advantage of this approach over cp -a or mv? Added to the points others make the don't cross filesystem borders-option (-x), which makes it useful for the task at hand. Then again, now probably somebody will reply that cp can do that too... Indeed. The option for cp even has exactly the same name as the option for rsync, namely -x or --one-file-system. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvDqfcACgkQ+VSRxYk4409OSwCfQUbrWYLwoNQME/98sIdFSzNd Y+4AnRkojnSeHm77jVJzPi1g497+U+Yp =VbRe -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc3a9f7.6090...@web.de
Re: About USB hard drives and errors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul E Condon wrote: My understanding is that S.M.A.R.T. doesn't generally work over USB. So, the fact that my WD drives don't play well with S.M.A.R.T doesn't make them special, and I should not spend much, if any, time looking for a USB solution. What other options are there for external HD? A quick partial solution could be: If you just want to read the SMART tables once, say to see how many sectors have been remapped, you can simply take the HD out of its enclosure and temporarily connect it directly inside your PC. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvDrRAACgkQ+VSRxYk440/TwACg6US5ORZajsE0+8fIgAdsnD2o T9sAn2+wxSvbTdJ4G1RpGcF29J2coTVh =7LV8 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc3ad10.6080...@web.de
Re: What prevents mounting of USB devices?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian Kulzer wrote: On Sat, Apr 10, 2010 at 19:20:42 +0200, Clive McBarton wrote: I run KDE and normally mount usb devices with the Storage Media applet in the task bar. Recently I have been getting strange errors and mounting failed: Which version of KDE, 3.x or 4.x? (I don't remember a task bar applet for mounting removable media from my KDE 3.x days - I always triggered mounting via the icons that appeared on the desktop for removable media - but I might simply not know about alternatives.) 3.x, Lenny default. Probably 3.5.10 if I see correctly. The task bar applet is called Storage Media or Media Applet. The right-click options in the taskbar are Move Storage Media, Remove Storage Media, Configure Storage Media, About Storage Media. When I bring up its preferences it has different ideas about its name and now says Media Applet Preferences - KDE Panel. The About says using KDE 3.5.10. Mounting worked for you earlier, so I assume that your users are all members of the plugdev group already. Yes they are. I would like to see the output of: awk '/policy group=plugdev/,/\/policy/' /etc/dbus-1/system.d/hal.conf Here: policy group=plugdev allow send_interface=org.freedesktop.Hal.Device.Volume send_destination=org.freedesktop.Hal/ allow send_interface=org.freedesktop.Hal.Device.Volume.Crypto send_destination=org.freedesktop.Hal/ /policy By looking at the modify time, I see that this file has not been modified since I installed Debian, so it must still be in the default state. It would be interesting to know if regular users can mount USB sticks using pmount or pmount-hal on the command line. Good idea. I never used pmount before. I just tried it with one user (insert USB stick, pmount it as the user) and it works. Thanks! Meanwhile, the KDE applet would not have worked, it does not even display an icon indicating that the USB stick has been plugged in at all. And the UUID of the usb stick is even listed in /etc/fstab so that it is supposed to mount automatically when plugged in (though that does not seem to work). But that may be an unrelated issue. AFAIK, you should not have any entries in fstab for removable devices that you want to be handled by KDE/Gnome/whatever_other_DE via the dbus/hal mechanism. In any case, I would avoid trying to mix different approaches. I would avoid that too, if any single one of them would work, but neither did. I did not try pmount so far, that would actually have worked. Another (possibly also unrelated) issue is that when several X are running (different users, all with KDE) then it seems that only one of them can mount and unmount, usually the wrong user. I have seen that complaint before, also for systems on which mounting worked perfectly for single-user sessions, and I am not sure if a satisfactory solution exists. (I have no need for running multiple KDE sessions on the same machine, therefore I do not know much about this issue.) That is why I made the fstab entries, so I can write the correct user in it, in the case when a certain device is known to belong to a particular user. I was hoping that they could mount it then. Is it worth digging into hal to correct this? Given that hal won't be in Debian much longer. Well, it is a problem for you right now, so why not try to solve it? Besides, udisks has the same main developer as hal, so I doubt that it will be so radically different that hal know-how will become useless. I have played around a bit with udisks yesterday, it seems to follow the same basic concepts as hal. AFAICT, udisks-daemon is simply an upgraded version of hald that is specialized on block devices, as one part of a more modular approach to hardware abstraction. Good to know. So far, I was always staying far away from hal for fear of completely wasting my time. But if hal knowledge will still be useful after hal is gone, that makes me reconsider. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvBxx0ACgkQ+VSRxYk44089ogCeOClzg2MfMnr8M0mX15UbT8cs XBcAoMC7SiK54cGFhVz01AkuXNNJvqG7 =QeCR -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc1c71d.8020...@web.de
Re: Migrate OS to smaller drive?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sjoerd Hardeman wrote: mount the new device (mount -odev /dev/newdevice), and do a rsync -ax / /media/newdevice. What exactly is the advantage of this approach over cp -a or mv? I would have suggested mv. It has the useful property that you can easily spot aborted transfers by the fact that the original device is not empty afterwards. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvBymgACgkQ+VSRxYk440+GBQCgq0EvrFUI7Hm4A8Q73ncz7KTF 51UAn0weYuo1nka6TqTxggBp4Y/tzA8O =QZnM -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc1ca69.4080...@web.de
Re: Migrate OS to smaller drive?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eduardo M KALINOWSKI wrote: mount the new device (mount -odev /dev/newdevice), and do a rsync -ax / /media/newdevice. What exactly is the advantage of this approach over cp -a or mv? Over mv? That you keep the original files. Of course. But in this case the OP said migrate. Over cp? That you can resume from where you left off in case the transfer is stopped for any reason. Useful point. With cp you'd have to start over. What are the disadvantages of rsync? E.g., doesn't it compress and decompress everything, hence hogging the CPU and possibly slowing transfers? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvBzscACgkQ+VSRxYk4409N6QCg2H+F4XhpS/eRmSUaxiFAZG5v nNUAoL1+BijzOvhecWOzULmWvIBJ2Nyb =FU3d -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc1cec7.7030...@web.de
Re: Migrate OS to smaller drive?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: Never destroy the original until you know the copy works! In my earlier days I would have avoided mv for exactly that reason. But when copying (including rsync), you cannot easily see that it worked from the emptyness of the original file system. And comparing large filesystem trees (not just 4GB as in this case) is trickier than most people realize. At least a simple diff -r will be far from doing it. Maybe you have some good way of comparing FS trees? hence hogging the CPU You won't be doing anything else at the time... The OP didn't say that. Maybe you would do it that way. Maybe me too. Not that it matters once compression is disabled. and possibly slowing transfers? Hah. Speeding up transfers is more likely, since the wire is always the bottleneck, and compression means it will be carrying more bits per bit. There's no mention of wire transfer anywhere in this thread, and in fact for most people the upload of 4GB would be too much anyway. I presume he has both drives build into the same computer. Note that he talks about migrating / . Cases of remote transfer (transferring / to a remote machine, which must hence already have a / ) are theoretically possible but probably not relevant here. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvCNrwACgkQ+VSRxYk440/d8wCgkOhMNQfa7OTWUEtcdCKJ5mdr H20AoNgy5CYLmTdy1Ki1DK4dj58uIe/r =CzO1 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc236bc.1050...@web.de
Re: automate updates in Lenny
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Hasler wrote: Clive writes: It does help the OP since he uses apt-get, but what about the people who normally use aptitude? If you are only using it for downloads (usual) it doesn't matter. Certainly so. What I meant to ask is what to do if you (like the OP) want automatic upgrades (downloaded and installed without the admin present) but (unlike the OP) only use aptitude and never apt-get. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAH+QACgkQ+VSRxYk440/QbACgrL9aJaRWGQhmJ30aDYGTDnQF G5YAn3Rj1JHGPCZ3pZcPs5cpAQOvlRfx =TE7p -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc01fe4.8040...@web.de
Re: About USB hard drives and errors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul E Condon wrote: dumpe2fs -b device is supposed to print the bad blocks that have been marked on a device. When I run it, it prints nothing. I find it hard to believe that a 500GB HD contains ZERO bad blocks. Every HD that is even remotely close to being usable will always have zero bad blocks when seen from outside the HD. All HDs have error recognition and error correction and automatic replacement of faulty sectors with spare ones. A HD will only show bad blocks after all of its remapping area is used, at which point it is far beyond being usable. In other words, scanning for bad blocks on a HD cannot work. You can see the internal count of the remapped sectors with SMART, as others have already pointed out here. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAJssACgkQ+VSRxYk4408n6gCgrLFCZRpvissG4/Q8WXoAHnHU E1sAnRmcsZbxX1Bei7JYD0ZNhGaXVCrC =GN/u -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc026cc.8000...@web.de
Re: automate updates in Lenny
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrei Popescu wrote: On Sat,10.Apr.10, 08:51:16, Clive McBarton wrote: Certainly so. What I meant to ask is what to do if you (like the OP) want automatic upgrades (downloaded and installed without the admin present) but (unlike the OP) only use aptitude and never apt-get. It doesn't matter. Mixing apt-get and aptitude is not a problem anymore. I believe that this is not complelely true. What is true is that, on the command line, in interactive mode, you can use either and it will work fine. But the options you can pass to aptitude and apt-get are not the same. Back to the specific question of cron-apt, I tried it myself (replacing apt-get with aptitude in its config) to notify me by email of pending upgrades, and it was useless. I had to remove it. Had I left apt-get in its config, it probably would have worked. I could probably dig out or try to reproduce some of the error msgs I got, but far more helpful for the list would be if someone who ever managed cron-apt with aptitude (if such a person exists) would post here how they did it. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAqisACgkQ+VSRxYk4408RlQCgivHltFne3WaGR109u648Mdx/ a28AnilCApaoy2XdmdiKT1iHXwDA1ABG =oqmY -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc0aa2b.2060...@web.de
Re: About USB hard drives and errors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian Kulzer wrote: Interesting. So what is /badblocks/ for, I would say it is useful to make the drive access every single block; afterwards you can check in the SMART log if that caused any remappings. That's a good idea. Another application is if you suspect that part of the HD surface is bad (old age, you dropped the HD, etc.) but the HD does not know it yet because it has not accessed the damaged sectors yet. Then badblocks (or dd) will force it to do so, probably bricking the HD in the process (sometimes with audible clicking noises or such) which, if you think about it, can be very useful if you intended to store valuable data on it later. should it be removed in order to remove useless complexity? I would not consider a command-line utility that can simply be ignored to be useless complexity. Indeed, and that is true for thousands of CLI commands. ImageMagick alone installs dozens which add complexity to your system if unused. Back to the topic of HDs, I even remember seeing a unix program for low-level formatting them, though formattable HDs probably have ceased to be sold a long time ago. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAsE0ACgkQ+VSRxYk440/yowCgj8/SSjj3PtgHVdq3BWuUG6MF txMAn3HMUtUM+tTnZ0PyYhzx6qUy0V2p =D76w -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc0b04d.3090...@web.de
What prevents mounting of USB devices?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I run KDE and normally mount usb devices with the Storage Media applet in the task bar. Recently I have been getting strange errors and mounting failed: Rejected send message, 3 matched rules; type=method_call, sender=:1.21 (uid=101 pid=13921 comm=kded [kdeinit] --new-startup ) interface=org.freedesktop.Hal.Device.Volume member=Mount error name=(unset) requested_reply=0 destination=org.freedesktop.Hal (uid=0 pid=11879 comm=/usr/sbin/hald )) Mounting as root on the commandline still works, but it's a hassle for the user who wants to simple use their usb stick. And the UUID of the usb stick is even listed in /etc/fstab so that it is supposed to mount automatically when plugged in (though that does not seem to work). But that may be an unrelated issue. Another (possibly also unrelated) issue is that when several X are running (different users, all with KDE) then it seems that only one of them can mount and unmount, usually the wrong user. Is it worth digging into hal to correct this? Given that hal won't be in Debian much longer. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAs2oACgkQ+VSRxYk4409soQCeJS9yoZLdAL4HH+FVMYJIB3or GuIAnA5nFILteZkTtK94c84dF7tDjiCr =uq+P -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc0b36a.6010...@web.de
Re: About USB hard drives and errors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tony Nelson wrote: If the data in a sector was not readable, the sector will be listed as Pending. Pending sectors are much worse than Reallocated sectors, as Pending sectors mean lost data (if the sector was in actual use, which SMART does not know -- and figuring out which file might have been affected is, umm, tedious). OK. Usually (during regular use) the internal errors probably increase more slowly. If a single sector is already really unreadable, then every last one of the internal error correction mechanisms has already tried and failed. Such many errors probably indicate that either the HD is terminally worn out, or that a sector got damaged due to external influences. Either way, I would not use such a HD any more. I keep SMART's Offline Surface Scan enabled on my drives, to have the best chance that any failing sectors will be noticed early while they can still be recovered. I don't mind if there are a few Reallocated sectors, as long as there are never any Pending sectors. I'd mind if the number of Reallocated sectors kept increasing. Of course, I also keep backups. Good practice. But I believe that HDs always try to recover failing sectors whenever possible, with or without offline surface scan. Presumably sectors are remapped when the number of errors is still way below the maximum of correctable errors. The world outside the HD never hears anything about it unless they ask the HD to report the SMART tables. In other words, scanning for bad blocks on a HD cannot work. Or at least normally won't, unless Data Has Been Lost. Yes, that's what I meant. It does work for proving for sure that the HD is broken. And to push a HD over the edge which is about to break (useful particularly for people with backups). I was assuming that the HD does not contain data, since the write test of badblocks deletes everything anyway and does not restore the original. Speaking of, does anybody know why the programmers of badblocks left out the ability to write the original content back after a read-write scan? That makes no sense to me. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvAybYACgkQ+VSRxYk4408JNgCg59NgXTrJd+LbdzS+x/1QgAJm 6WIAoI66+djV1dAA7aVCe1VbLsdHn8U8 =g2yo -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bc0c9b6.8090...@web.de
Re: automate updates in Lenny
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: Anyway, the cron-apt package does what you want. It is recommended, though, to use it only for downloads. It does help the OP since he uses apt-get, but what about the people who normally use aptitude? There's no cron-aptitude package. And though cron-apt can be configured to actually run aptitude, I don't get the impression that it has really been tested that way. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAku/ujoACgkQ+VSRxYk44081HACgi1eRESKUeGr3uCMTvANuvrFJ 6uUAni0/x+HETBqXee0iaemKsl3gAiff =zNjl -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bbfba3b.20...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rick Thomas wrote: On Mar 22, 2010, at 7:10 PM, Clive McBarton wrote: prepends it with sufficiently many (3 suffices?) good nameservers, so it never gets used and everything is fine. Nothing is 100.000% certain, of course. But as long as your 3 are independent of each other -- i.e. not subject to a single-point-of-failure (short of complete failure of all the root servers, thus taking down the entire DNS [-; ) You should be OK. Fine. I read somewhere that only the first 3 nameservers count, but can't remember where. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkupAX0ACgkQ+VSRxYk440+RhQCg01eyJB3cYpdO+EK3Xa69TMGF GssAoO1O5mj49dfzeyEvH7A+0ZmYTKK8 =ysnW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba9017d.6020...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Zuelow wrote: Yet, relying on the immutability of /etc/resolv/conf is like relying on the persistence of files on /tmp: just DON'T! 2nd note that my suggestion to make /etc/resolv.conf immutable was not to keep his changes, but to cause the application making the changes to complain in the event log. Then the OP could fix or configure the offending application. He probably realized that. He is criticizing not you but me for wanting resolv.conf to stay the same. BTW, your suggestion did not work for me: # chattr +i /etc/resolv.conf chattr: Operation not supported while reading flags on /etc/resolv.conf Anyway, having reinstalled resolvconf, I know exactly what is modifying resolv.conf now, namely resolvconf (and possibly others, but resolvconf overrides those). While unable to stop the modifications, I noticed that I can put my stuff in /etc/resolvconf/resolv.conf.d/head and it will then still be there after resolvconf runs. It does not keep the unwanted provider nameserver out of resolv.conf, but prepends it with sufficiently many (3 suffices?) good nameservers, so it never gets used and everything is fine. Problem solved. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkun+N8ACgkQ+VSRxYk440+mlwCfVz6N+gLHQn/SLc1C1iJ2N7vl ErQAn267U4tXeXgPv5Ke7l6FseQr9351 =QdJa -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba7f8df.9050...@web.de
Re: Transferring files over SSH in the console
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dotan Cohen wrote: I can have as many open connections as I want, it's on the LAN. But I would _prefer_ just one terminal window for both commands (SSH) and file transfers. First of all, I believe the ssh protocol (not necessarily the ssh program) already support exactly what you want: logging in and, if you want, sending files through the already opened tunnel. PuTTY does exactly that. If you are logged in, you can press a button to open a (local) file browser for the remote files. Without new password entering. So I guess it uses the same tunnel. So here's your first solution: use putty. It exists for Linux also. Second solution: if the ssh protocol supports what you want but the ssh program does not, then complain to whoever maintains ssh (program) to include that option. For example, a hotkey to switch it into sftp mode in the already open connection. More solutions (sshfs, or just giving up and typing several commands) have already been posted here. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkum91QACgkQ+VSRxYk440+4pQCgtPJZ02AUmIcZ7cEN/kUL1BHe V64AnRtd2VkXPx4N3XDKLM2U2T5PogI4 =7xt3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba6f755.4030...@web.de
Re: Mailing list policy change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Allums wrote: probably more and more people have a mail UA that has reply-to-list, like Thunderbird 3. Lenny's default Thunderbird (that is, 2.0.0.22) doesn't though. I believe it requires manually changing Cc: to To: in the list address and manual backspacing over the unwanted email address. Please correct me if I'm wrong (which I hope is the case). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuj7rUACgkQ+VSRxYk440/gXgCgiksaqLod8xJWLXeKl8aBjMMU aE8AoMyTmYMT4yzgZL66nAOIdH6H8zKf =Lxwu -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba3eeb5.9020...@web.de
Re: IOMMU option in bios
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CamaleĆ³n wrote: Didn' you try some of the tips? They only require passing some options to the kernel at boot time and there is nothing harmful in doing that :-? Most of them are harmless. Some even make the error message go away. At least one of the suggestions (passing the option iommu=false) ist harmful though (disables USB). I passed the link not because it provided a magic solution but for you get an idea of the origin of that message and how to bypass it ;-) Yes, I agree. I am not getting that message in dmesg (running lenny amd64, 8 GiB.) *but* my BIOS has memory reclaiming enabled. Interesting. Intel CPU? Because in the forum whose link you posted, all the CPUs in people's signatures were (as far as I see) made by AMD. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuj/ycACgkQ+VSRxYk4409zRQCggK2l7xS3F0Ii15Q3p2wF7PI9 UQYAoNnAXYD3PI/L3I7nn0e9xnxUSzd0 =hNyn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba3ff27.6000...@web.de
why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My /etc/resolv.conf gets overwritten periodically. Any ideas why? I thought network-manager was the culprit and deinstaled it, but the problem persists. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuiTHAACgkQ+VSRxYk440/stQCg5m+4SQMeIWd/Z3DulcUCkeO1 qTsAoJ1noERVXo+49K5jCE9qXObT7NdB =w/w4 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba24c70.8030...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CamaleĆ³n wrote: On Thu, 18 Mar 2010 16:53:20 +0100, Clive McBarton wrote: My /etc/resolv.conf gets overwritten periodically. Any ideas why? Maybe because you are using a DHCP setup? Yes. http://wiki.debian.org/NetworkConfiguration#Definingthe.28DNS.29Nameservers That explains how the resolvconf program and network-manager can change /etc/resolv.conf. But I carefully deinstalled resolvconf and network-manager. The C library and other resolver libraries look to /etc/resolv.conf for a list of nameservers. In the simplest case, that is the file to edit to set the list of name servers. *But note that various other programs for dynamic configuration will be happy to overwrite your settings:* 1. The resolvconf program 2. The network-manager daemon 3. DHCP clients I assume that means dhcpd. How do I stop it from changing resolv.conf? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuilpQACgkQ+VSRxYk4408jLQCfbWFv/upLvbRvJdVG8LYI1Dd4 TuQAnRdODQoZ2bdtFByULy9COK3TDqYP =3uRE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba29694.2040...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To make my original question more precise: I want the stuff I write into resolv.conf to persist, but it does not have to be in that file. I'm happy to write things elsewhere as long as *some place* makes my changes persistent. Sjoerd Hardeman wrote: Therefore, dns settings should be set either via dhcp, in /etc/networks/interfaces or via some user-leven config framework like wicd or network-manager. So maybe I should actually *install* resolvconf or reinstall network-manager? In that case, I need help with where the new config goes. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuil7UACgkQ+VSRxYk440/tjgCg3WQ5vMMkDDgQStu6Ytolua9g 6yoAnjbfG4wK1Dkd6iizF+oGa+iuN2Rx =ybV1 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba297b5.3050...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stephen Powell wrote: What kinds of changes do you see happening and what changes are you trying to prevent? What harm is being caused by those changes? In other words, what is the real world problem you are trying to solve? I carefully type a domain name and some decent nameservers into resolv.conf. Then all of it gets deleted and replaced by one single nameserver, which is the router and the nameserver of my provider. If you have your machine configured with a static IP address, for example, you won't need DHCP. For servers, that's the usual way to do it. User desktop machines normally use DHCP. I use dial-up internet. The provider gives me a (different) address each time. Presumably that means that I must have DHCP? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuitZAACgkQ+VSRxYk440+FWQCfVrqqELqVO2iQZvM9o8JQMfsk ZGYAnA6VcWz+bKDWBvjG7ILemaY9DsoR =J5EV -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba2b590.6000...@web.de
Re: IOMMU option in bios
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CamaleĆ³n wrote: Not sure if this has something to do with some BIOS option that allow memmory remapping :-? There's no such option. Not in any BIOS I've ever seen. There is an Ubuntu forum thread that may help a bit It doesn't. It's a long thread with people talking about the problem, suggesting a great number of solutions (some of them harmful) without solving the problem. On the other hand, nothing else I've seen so far solves the problem either. Most people ignore it, since it may be just an annoying message, the loss of a tiny fraction of RAM, and possibly your RAM becoming slightly slower. Are there any users of 64bit Debian with 4GB or more who are not affected? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuivyoACgkQ+VSRxYk440/7WQCgs02+kUgIU1ZVaNdU+fdA5WKF TwwAoIHuqG+ZIB9LybyEqcwsF1yth2jf =WAWp -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba2bf2a.1070...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: I carefully type a domain name and some decent nameservers into resolv.conf. Then all of it gets deleted and replaced by one single nameserver, which is the router and the nameserver of my provider. Well, yeah, that's how dial-up works! Hardly. The provider is welcome to provide their own nameserver as a service, but I certainly can (and in this case want to) use another. Also, since the machine is always in the same place, there's no need for the nameservers to change unless I say so. As for the internal domain name of my machine (and my network for that matter), that should also be up to me to choose. This would not be relevant for servers which need to have the same name internally and as seen from the internet, but for a home machine it makes sense to set the machine name and domain name independent of the provider. You've still never answered why you *care* about whether resolv.conf gets overridden on a regular basis. See above. As long as The Internet Just Works, why do you care what's in resolv.conf? It doesn't work because my provider's name servers do not. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkui6OMACgkQ+VSRxYk4409jyQCg5kAaXXZp3caGXc5AeFTYtB3W kzAAnAwT5xhGDRKTMZGUf4Fa+cCXPNdJ =plcE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba2e8e3.2090...@web.de
Re: why does resolv.conf change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: You must have missed the BIG BOLD LETTERS that tell you not to write into resolv.conf by hand. $ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver xx.yy.zz.aa nameserver xx.yy.zz.bb search snagglefrob I certainly noticed that comment. Had there also been a description which file to edit instead, it would even have been a helpful comment. But there hasn't, so it isn't helpful. Also the comment stated generated by resolvconf, indicating that resolvconf was the program that changed it. But as I said it still happened to me after deinstalling resolvconf. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkui6qQACgkQ+VSRxYk440+B3ACgmUwELLACZJt6sM4WQElZf/S6 1HsAnjwAPylvSYUsut0ewM2GwY3/0kp5 =3tYh -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ba2eaa4.4040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Richard Hector wrote: On Mon, 2010-03-08 at 23:11 +0100, Clive McBarton wrote: When I reboot, the partition /boot (it is a separate partition, not a directory) changes. It is not supposed to. None of the files on it have changed or can change, since it is mounted with option ro. But the checksum of the partition changes. Are you using grub's 'savedefault' feature? Certainly not. I thought about that too, and that's not it. As I said, no files, including where grub saves its last OS booted, are modified in any way. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZDC4ACgkQ+VSRxYk4408GLACgzLtKqd8j46DBPUpZKpEh1FXL /osAoJBb1aAgGO8oqY3ETcGvw6a0eLtK =AJO6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b990c2e.20...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Brockway wrote: Are you concerned about corruption Filesystem corruption? Not at all. It's a read-only partition. It cannot go corrupt unless the disk breaks. or someone (with root) compromising your kernel image Indeed. Also even if /boot was merely a directory on the rootfileeystem you could still md5sum all the files within it. Indeed aide and tripwire do just that. Yes. I want to notice the stuff that's not in files. Like files temporarily created and deleted. Or unallocated blocks written to. No HIDS I know is able to check that. So you're wondering what is changing the checksum? The ext2/3 keeps metadata on mount times, number of mounts, etc. Merely rebooting would be sufficient to update the mount count and therefore completely change the md5sum. Yes, I'm pretty sure that's it. Which annoys me, since the partition is read-only, and read-only mount is not supposed to change mount count and mount time. And indeed it does not when done manually while the system is running. If you want to confirm that no files are changing take md5sums of all files and compare back file by file. As with any IDS keep your hash list off the system to avouf potential compromise. ...and keep the whole IDS off the system too, and the OS it runs on as well... :( There's no end to this, unfortunately. There's a reason I'm doing this offline. Nothing done online (no matter where the list is kept) can be fully trustworthy. I do NO write operation whatsoever on it. It is not allowed to change in ANY way. To the extent that you can assert this. Indeed. Because something does write to it. What I assert is that write operations are neither desired nor required. They just happen unwanted. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZDnEACgkQ+VSRxYk4409t1ACfX3Z72y1Aq7zBmpd/pyVaTJYN KTEAnjom1ThI1SlANZUOSMnc7aX+y1io =ieKn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b990e71.7040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Brockway wrote: Hi Clive. I've never used diff to compare binary files. Is the md5sum of the different files the same? diff works fine on binary, why shouldn't it? The output is empty or binary files differ. I never bothered to verify md5 of files reported equal by diff, but I'll try with the next one I make and report back here in the unimaginably unlikely case they have different md5. Why not just use Aide? It's a path of least resistance IMHO and will produce a better overall result. Did they make a manual for aide yet? Sorry to sound cynical, but I found its documentation horrible and unhelpful. So you know how to actually use it? Well that's a big topic in itself. I think you'd need to get in to mandatory access controls to do this in an effective way. Nice suggestion. Where do I learn about these mandatory access controls? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZEIYACgkQ+VSRxYk440+ckACgsCxF9Jx7D4Hb+5Ju1/ChxPcd aoYAoOUGVx43Sb6HOO7az/WajWnA8W+M =7dSD -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b991086.8030...@web.de
Re: Linux should not be booting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Carlos Davila wrote: I deleted the following files from /: initrd.img initrd.img.old vmlinuz vmlinuz.old and I deleted all files in /boot: config-2.6.26-2-686initrd.img-2.6.26-2-686 System.map-2.6.26-2-amd64 config-2.6.26-2-amd64 initrd.img-2.6.26-2-amd64 vmlinuz-2.6.26-2-686 grub System.map-2.6.26-2-686vmlinuz-2.6.26-2-amd64 Yet linux still boots. I am using Lenny and grub. Interesting. You seem to have figured out some secret block mode of grub, which I have been looking for but didn't find. Can you post your boot sector here? Typing the following (as root) will print the boot sector in ASCII, which you can post here. dd if=/dev/sda bs=512 count=1|uuencode bootsector -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZFFIACgkQ+VSRxYk4409cEACgoqH85Fzht3YmUAZdb0JW/X78 PHAAoNDpwjnH6NKi/EXRDhlJMOd48Dhu =1irS -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b991452.2050...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bob McGowan wrote: This brings up the question, though, as to why these forced checks are done in the first place. The man page talks about failed hardware and kernel bugs, etc., but ... Very interesting point. Indeed running fsck when the shutdown was clean seems pointless. Many people or manuals warn you in big letters not to disable them, but then again don't provide info about what parameters are good. A server may stay up and running for months, perhaps longer (?), whereas personal system may be shut down every day. So counts are quickly reached in the personal system case, while time limits are probably not only exceeded in the server case, they may be exceeded by substantial amounts of time. Exactly. Thus a server (where it counts) is never checked for months, and a PC (where it doesn't matter so much) is pestered with fsck all the time, usually while the user needs the PC in a hurry. Which means I need to periodically run fsck manually, to be sure things are OK, but at least it's under my control. Good idea. Run it when it's not in the way. My $.02: If it was all that important, there would be an option to run fsck at shut down instead of startup. And clearly whoever started fsck had no idea that it would take longer and longer as drives got newer. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZP/cACgkQ+VSRxYk4408wpwCgrwGdCbKaCmY3RR3fVVY1hLWD z4EAnA0UDs/CyApcDZjf7gryV/lugfcl =7VwO -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b993ff7.1010...@web.de
Re: Linux should not be booting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stefan Monnier wrote: this evidently does not overwrite the boot sector, does grub-install do this? I have yet to run grub-install. Of course, this would not explain why my system still boots after deleting the vmlinuz files. Yes it could: you installed `grub' on your Debian system, but you haven't activated it, so you're still booting with Lilo, which uses a list of disk blocks to find the kernel, so as long as those disk blocks don't get overwritten, it'll boot just fine. The bootsector which Carlos posted here (uuencoded) is a grub boot sector. It contains the characteristic strings GRUB .Geom.Hard Disk.Read. Error which can be seen by uudecoding and looking at it with hexedit. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZiNwACgkQ+VSRxYk4408zQACfdylkPQHTy6A9o+pZVxLAuEPC BXAAoJQ8RVwHQyL+EyZJ073H3C1ZG0HG =6DC8 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b9988dc.7090...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stephen Powell wrote: If you can't figure out how to make grub use the list of sectors method, I once again suggest that you switch to lilo. The whole point is to make the system secure. So let's look at lilo's security: Password stored as plaintext in world-readable config file. And it gets worse: Password stored in actual bootsector as... not even documented. Even the many web pages that talk about lilo don't even bother documenting this. So the password support in lilo is at best as good as if it wasn't there. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuZjS8ACgkQ+VSRxYk440+n8gCeMXVkSPp93Kl0zfybB1JeBUE7 0QYAn1LSzI/FDStMS1YQGRc8mzVTRXm8 =T2Vb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b998d2f.5080...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: Sorry, I meant, how would you run the hashing program before the reboot? I think it has little value if it's ran by the live system beeing checked. Sames goes for a check after the actual boot - only a hypervising or external system should do it. The online to offline comparison has value, just the offline to online comparison does not. More precisely: You never know if any checksums taken on a running system are reported correctly. But: If you take an online system (powered up), take checksums of important files or partitions, and they are the same after the system later becomes offline (powered down), then they were reported correctly to begin with. Whereas if they were correct before running it and are then are reported correct while the system is running, it does not tell you anything. Would you care to share your solution, Clive? Currently I take checksums of the partition regularly during operation and while the system is turned off. The online to offline comparison works fine, whereas the offline to online does not always work, hence this thread. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYABcACgkQ+VSRxYk440+zggCff46xqEFwasjC1gxwvNFduWwn DesAoOPKI/to4BAHs5bs96E3cM9Erud1 =qOjq -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b980017.9080...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cameron Hutchison wrote: If it were me trying to diagnose this, I would be diffing the images that should be the same and seeing where they are different. OK. I tried that. Unfortunately more rebooting did not produce any new change in the boot partition. :( Things get even more mysterious. Not that I mind it not changing, but now I can't find out why it did change previously. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYABAACgkQ+VSRxYk4408xTgCgteI53ywawcJKfeEyTvUq0VTy ukIAoNkNlH9cRhKQ9ejyBpgzkD6vgH3H =ixxv -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b980010.5070...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: # dumpe2fs -h /dev/sda2 | grep time dumpe2fs 1.41.10 (10-Feb-2009) Last mount time: Sat Feb 13 08:39:01 2010 Last write time: Sat Feb 13 08:39:01 2010 Great command. Good to know it. I used that and found out that the last mount last write time are indeed the time I booted (actually 15 minutes later, surprisingly enough). So indeed something behaves badly during boot, or shortly thereafter. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYQD4ACgkQ+VSRxYk440+0lgCeL0KiE8i1Eg/MuJaE6Ed3y6fK /H8AoNL0dmLzrkYnXUZyfid0ymINil/c =UEya -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b98403f.6080...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron Johnson wrote: Note that Last write time: might not mean what you think it does. I say that because on my system /dev/sda2 is / and I've written a whole bunch of data to it in the past 25.5 days, yet the LWT still matches the LMT. Very interesting. I wasn't surprised that they match for me, since I mount it read-only, so as soon as my kernel is up enough to read and care about /etc/fstab, it will not modify it anymore anyway. It's interesting to know that even people with read-write partitions see similar behavior. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYSh4ACgkQ+VSRxYk4408vTgCcCelh4AV8rsI5oKaykUsuEw+r hGQAn1TvwoPL/k0/LwCIz6rPsGh2v1/A =jgL+ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b984a1e.6010...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: Would you care to share your solution, Clive? Currently I take checksums of the partition regularly during operation and while the system is turned off. The online to offline comparison works fine, whereas the offline to online does not always work, hence this thread. Just curious actually; do you use a simple live CD, a USB device, bootstrap via a secure network (PXE?), or..? Do you know of/use some targetted software/efforts to do that or did you hack something together? Any boot medium like CD or USB works, it does not matter which. Network might work but is more hassle (extra server needed) and less secure, since that boot server might be vulnerable the same way as the machine it's supposed to check. I know of no software that does what I want, so I just take checksums with md5sum manually and write the result on paper somewhate. That's low-tech, slow, time-consuming, but very robust. There may be software out there but I don't know of any, particularly such that can check partitions, just software that merely checks files. To get back on the original topic, do you plan to forward the discussion to an extfs specific list (or somewhere else)? I think d-user@ is stuck at this point. I'm asking because I'm interested, too. I'm pretty sure now that the last mont time and last modify time are what I see changing. Hence this is no longer an ext3 issue that I could discuss on an extfs list. On the contrary, if there is an fs that does not change on boot, I'd use it. Maybe your beloved xfs, thib? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYTKMACgkQ+VSRxYk440/LwgCfa0bcYZwvb3JgtdLuVJhnPJHt yMcAn1FQGBlh5ZMiB0j4upZMpU1uziT+ =fEPc -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b984ca3.9040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mario 'BitKoenig' Holbe wrote: Clive McBarton clivemcbar...@web.de wrote: and while the system is turned off. The online to offline comparison works fine, whereas the offline to online does not always work, hence What exactly does not always mean? That's what I tried to explain in the paragraph before (before what you quoted): More precisely: You never know if any checksums taken on a running system are reported correctly. But: If you take an online system (powered up), take checksums of important files or partitions, and they are the same after the system later becomes offline (powered down), then they were reported correctly to begin with. Whereas if they were correct before running it and are then are reported correct while the system is running, it does not tell you anything. Maybe it's just the periodic fsck which changes the mount count? Check your fstab for the last field (fs_passno). Set either this to 0 to disable periodic checks and/or use tune2fs -c and tune2fs -i to disable periodic full checks (not recommended, btw.). Good idea. I now turned off the fstab checks and also both entries with tune2fs. Since nothing on the /boot partition is allowed to change, fsck serves no purpose any longer. More precisely, the change detector must notice anything anyway that fsck would see. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuYdbgACgkQ+VSRxYk44094qQCaA6dGZwOgm24xyMnIz+rLMA2I 99MAn2qQrUoKS520k97rDsb45QR63sfR =Logz -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b9875b8.4030...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: For the record, grub can also load a kernel and an initrd by just providing a block list, as you described for lilo. Since the filesystem is made read-only, this shouldn't be too ugly and certainly worth trying. Really? Great. How exactly? I looked at the man and info page and didn't see this option. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuW2Q0ACgkQ+VSRxYk440/KXQCgoevWtzaQ0A4kg+yb4ojGu8UA EZ8AoJPK7ai+Xqlughote3dWPbQlUD5y =pGD1 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b96d90d.4040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ro Mount filesystem read only. Note that ext3 will replay the journal (and thus write to the partition) even when mounted read only. Mount options ro,noload can be used to prevent writes to the filesystem. Great! Spectacular find! I didn't know this. There is really no need for a journal on /boot. Why not use ext2? Up to now, I never heard of any advantage whatsoever of ext2 over ext3. Stephen Powell wrote: The most likely causes are a dirty shutdown Definitely not the case here. or alterations made by the boot loader. That's what I suspect. For example, the boot loader may be updating the mount count or updating the last referenced date/time, if there is such a field in the filesystem, for the kernel image or the initial RAM disk image. I assume you mean atime, which exists in ext3. And no, it was not updated. I checked with ls, it has the same value it had since the last kernel update. Many filesystems have a last referenced date/time field for a file, which gets updated even if the file itself is accessed read-only. Yes, so does ext3. No, it did not update the atime record of anything in /boot. If the filesystem is mounted read-only, then this field may not be maintained. For ext3, ro implies noatime, and I put noatime in fstab anyway. But the boot loader doesn't know that Linux is going to mount the filesystem read-only. That's a highly interesting point. It doesn't? I thought everything in the boot process mounts everything it finds read-only until when the kernel is running. Even the kernel at some point during boot says it now remounts the / filesystem read-write, hence even that must have been read-only until then. And it may be maintaining that field when it reads the kernel image or the initial RAM disk image. As I said, nothing in the filesystem metadata got updated. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuW3uMACgkQ+VSRxYk440/B2QCgh7g6KDBarZV+K9/JbB+dKIWE MfUAoIGKG1qDRVqGvaWFvB/b7yah/ydo =gdM3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b96dee3.3050...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: Clive McBarton wrote: For the record, grub can also load a kernel and an initrd by just providing a block list, as you described for lilo. Since the filesystem is made read-only, this shouldn't be too ugly and certainly worth trying. Really? Great. How exactly? I looked at the man and info page and didn't see this option. Actually, I haven't studied grub2 yet, but I see no reason they would have gone backwards regarding this feature. I'm not saying grub cannot do it, but I do see a reason: grub has its config in a *file*. By default anyway. Something called menu.lst which controls how the grub display looks like and so on. When grub loads, it loads this file first. There are also other files, like device.map. Another reason: I read somewhere that grub is too fat to fit in the boot sector. So only half sits in it and loads the other half, which is a *file* on a file system. In grub1, you need to get dirty with the install command, from the grub shell. Basically, you wouldn't specify a stage 1.5 (which loads the fs driver), and instead load stage2 directly. It's all documented in the manual[1]. I have been in the grub shell, in the grub-install Unix commands, and have read in the manual, but have never seen an option for providing a sector or a sector list. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuW4gEACgkQ+VSRxYk4409ISgCeKmtHMvQJtjUyKaE9aO2JoSRJ jgEAoKqSnU6fkAYBLFvNvNjIGzyLE5KA =mFiV -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b96e201.3030...@web.de
Re: Overwrite existing partition with zeros without hurting partition table? (Debian Lenny)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stan Hoeppner wrote: http://www.debian-administration.org/articles/388 Based on all testing done for this benchmark essay, XFS appears to be the most appropriate filesystem to install on a file server for home or small-business needs : * It uses the maximum capacity of your server hard disk(s) * It is the quickest FS to create, mount and unmount * It is the quickest FS for operations on large files (500MB) * This FS gets a good second place for operations on a large number of small to moderate-size files and directories * It constitutes a good CPU vs time compromise for large directory listing or file search * It is not the least CPU demanding FS but its use of system ressources is quite acceptable for older generation hardware That benchmark/article is from 2006 though, and the references are from 2003 and 2006. The hard disks are PATA and slow (100 and 133). Are there any newer benchmarks? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVbDcACgkQ+VSRxYk440/HuACgxH+ViIaFb4J3ZfOGupFbLr0x 5nMAniDoeCvK34si/wr6wqUc3z8KRUpb =YEVd -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b956c37.8080...@web.de
/boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 When I reboot, the partition /boot (it is a separate partition, not a directory) changes. It is not supposed to. None of the files on it have changed or can change, since it is mounted with option ro. But the checksum of the partition changes. Is this some kind of mount count? Can it be avoided? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVdfkACgkQ+VSRxYk4408nTQCgqAG+X/4I7ny48p10EoN1bZnz EA4AnRTFtugNf3c/tmlkKlZCFVLZHgbw =UvcH -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b9575f9.4040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: I'm guessing OP literally checksums the volume from the block device. Yes, of course. I mean md5sum /dev/sda1. If I'm right, it could be anything, really, lots of filesystem metadata moving around without actually touching any file contents (access times, for example). It's mounted read-only (actually also noatime, although that is implied by ro). The access times cannot change. Nor the other metadata. And in fact they don't: ls -Rl, ls -Rlc, ls -Rlu report no changes in the metadata. So, Clive, what filesystem are you using? Good point, that is probably important. ext3. I wouldn't worry, the read-only option should be enough, as long as you don't do any maintenance operations on it I do NO write operation whatsoever on it. It is not allowed to change in ANY way. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVljcACgkQ+VSRxYk440/OngCgtMoeCoabmK3GRkamg6khVjdI ze0AoN00jeHU3eKeXQ3DL/bmHCjctcDI =IkoQ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b959638.7040...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Matthew Moore wrote: Is this checksum failing for every file, or just some? It's the checksum for the partition that changes. I don't have checksums of the individual files but since the metadata of every single file stays the same, presumably so do all of their contents. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVlrMACgkQ+VSRxYk440/zWACg13gu6A23wJleOen3TECDSRfG 8/UAmQFMOWc5dAWGCJfqshGBEZPFCkOX =hkk3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b9596b4.8050...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bob McGowan wrote: It is almost certainly the mount count. I just manually unmounted and mounted the device a few times. With the arguments I have in fstab (ro,noatime). In other words, I did umount /boot; mount /boot; dd_rescue /dev/sda1 /tmp/boot1; umount /boot; mount /boot; dd_rescue /dev/sda1 /tmp/boot2; diff /tmp/boot1 /tmp/boot2 Result: No change. Hence it does not increment a mount count as long as it is manually unmounted and remounted while the system is up. What do I have to change in the boot process so that the mount count does not get updated? How do I get the boot process to honor the fstab options? It is worth noting that the read-only mount prevents writes via normal filesystem functions, only. You could still have a write done directly to the device, using the reverse of what the OP did to get the checksum, and completely destroy the disk content. Or, more to the point, use a disk editor and twiddle a bit here and there. Malicious modifying of files with a disk editor is exactly the undesired stuff that this whole checksumming is supposed to detect. To get an absolute, no write, ever, to the device, the OP will need to figure out how to force read only permissions on the device /dev/sda1, across boots. Phantastic idea! Can it be done? I have not heard about this yet. It would be great. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVopMACgkQ+VSRxYk4408KQwCg54fWN8Vgb0/onHgM/YqHJ/1o wUMAoLgmBikojb51vtXAT11GOM4F0jFy =lEFC -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b95a293.1030...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: I would suggest going through the tune2fs(8) manpage and find out what could be.. tuned. You know what? I think your first suggestion is a good one - look at the mount count configuration for a starter. OK, I studied the tune2fs manpage. I found that it controls what happens when a certain mount count or mount interval is reached. Which requires mount count and time to be already stored in the filesystem. What I need is not to prevent the reaction to this data (count and time). What I need is to prevent this data to be updated in the first place during mount while booting. The question is, then, as usual; why is it important? It detects malicious tampering with the boot system. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVouYACgkQ+VSRxYk4409D0QCeLyNQ3HbvOuEJfENE8IFt1ML7 hsgAn2yWY48F0j1OPLowLtc9EEPW2tFj =RVfM -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b95a2f1.8020...@web.de
Re: /boot fs (was Re: /boot partition changes when it should not)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: Maybe someone simply has reasons not to put /boot on a separate volume. Now I sure agree that it isn't needed in virtually every other cases, but would it really hurt? We are already discussing this in your thread Single root filesystem evilness decreasing in 2010? (on workstations), so no need to bring it into mine ;) And no, it wouldn't hurt, and you are welcome to have /boot as a folder (instead of partition) into your filesystem. Probably many people already do. Which is why I specifically mentioned in the first post in this thread that I (possibly unlike most others) use a separate partition for /boot. The reason being exactly that I (certainly unlike most others) want to do checksums of it, and that only works if it is a separate partition. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVra4ACgkQ+VSRxYk440+Z9ACdGlvkfytSGgd88PCzKeYe+AkQ AXUAoJ4qfhhfqQSqTe76Hae9lU7j27U2 =eC+2 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b95adae.2060...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: maybe it would be acceptable to ask for a new little switch. Or hack ext3. Ask who? The maintainers of tune2fs? The maintainers of ext3? Both will say what I already know, that manually mounting and unmounting an ext3 partition read-only does not modify it in any way whatsoever, so the problem lies with whatever modifies my partition (boot process). The maintainers of the kernel? You mean a rootkit detection tool or something? Is it some kind of offline system you plug-in to boot the system after doing some basic checks? Good guess. Yes. Anyway, you should use a smarter tool, I guess, one that can understand the filesystem and checksum the files inside, not the entire volume. Storing many checksums (one for each file) takes a storage mechanism to write them to. Storing just one can be done in your head. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVsEQACgkQ+VSRxYk440/ybwCfZoPJ9B6BNFpzn2hfvJICp3bG WsAAn0zkrnUOFVYM4JQ2XySrO9kyQpwq =w4+r -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b95b044.4050...@web.de
Re: /boot partition changes when it should not
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: Well, ask the developers of whatever is touching it. If noboby knows, that will require some code digging. But I don't know what is touching it. That's what this thread is about. It's about me asking what is touching it. All I know is that it happens during the boot process. A natural culprit would be the mount command. But as I explained, I can manually mount and unmount several times and nothing gets touched on the filesystem. So something must behave badly during booting. How about storing a hash of all the hashes? Yes, that would probably work. Thanks! I'm still interested in the answer to the original question though. ;) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuVzWwACgkQ+VSRxYk440+UpQCeIakU2r2Rc2SW2zG3s0A7j1co E8QAn1RpqhavP5zgFwlQMjyCzMfnndyU =whw3 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b95cd6c.3000...@web.de
How to use LVM on a file? (as opposed to on a block device)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a file which is a dump of a disk partition. It has LVM on it and a couple of LVs in the LVM, each containing a filesystem. How do I access them? The lvm tools like lvdisplay, vgdisplay, lvs, lvscan, lvdiskscan expect block devices and do not have the option of using a file instead of /dev/something. I'd like to use the LVM on the file without writing it out as a real disk partion. How do I do that? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuOuH0ACgkQ+VSRxYk4408yOACg6Pu2Md50e0BH77aB04oiGyuC PEwAoOzQZs/4x9Z2rRlUVrDSifGLn0fP =fzWE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b8eb87d.1050...@web.de
Re: Single root filesystem evilness decreasing in 2010? (on workstations)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I find the concept very interesting in principle, although I am not sure I can recommend it. In some respects single file systems are more acceptable nowadays. In others they are not. Here are my $.02: * Filesystem corruption containment I use ext4, and I've read enough about it to trust its developers for my workstations. I don't think that's a risky bet. You trust ext4, and so does Ubuntu. Others (including most distros, including Debian) do not. In fact, I believe this old statement dates back to when we hadn't journals, in the ext2 days. It does not date back at all. Filesystem checks on ext3 can still take hours on a perfectly clean filesystem. The quotient of read speed to capacity of drives gets smaller with every new HDD generation, converging to zero. * Free space issues You are right on this one, single workstations have least free space issues without partitions. * Specific mount options mount(8) --bind won't allow me to set specific options to the remounted tree, I wonder if this limitation can possibly be lifted. I have not heard of any way around it, and since you find it annoying, that speaks against your single filesystem plan. * System software replacement For a workstation, I don't need a fast system recovery mechanism, and I want to minimize my backup sizes. But you backup /home and the rest separately? Should. * Fragmentation optimization What's Fragmentation? This is Unix ;) But seriously, unless the difference is really measurable I wouldn't care. What's funny is that the physical extents now get fragmented, there's just no way around it - and I believe that to this date, LVM2's contiguous policy doesn't allow for defragmentation when it's stuck. Should it? Is there any noticeable impact? Hard evidence? Benchmarks? I also know the performance hit is minimal, the PE sizes can be and are typically quite big, but.. it's still there and should be avoided if possible. If it's under 1%, ignore it. there's an online defragmenter for ext4 I can afford to run regularly now. I have not heard of fragmentation being a problem even with ext2. * Metadata (i-node) table sizes Ignore this, +1T or not +1T. Unless you run out of inodes, it won't matter. * Block/Volume level operations (dm-crypt, backup, ...) you know of any good benchmark of the main cryptographic virtual filesystems? Ignore this issue, CPUs are much faster than needed for this. * Special block sizes for specific trees I found a maildir with a 1k block size was more convenient than the current 4k default What's the advantage? Hardly size, unless you have more than 10^8 mails. * (Mad?) positioning optimizations It's often said some sectors on some cylinders get better performance, HDDs nowadays only use logical sector numbers. The old h/t/s 3D-interface is just there for compatibility and cannot access the true h/t/s data of the HDD. Such optimization cannot work. * Boot obligations I guess you'd still need a separate boot partition if you're stuck with another boot loader. If grub2 breaks, you need another tiny partition, so might as well make one now. The space loss won't hurt you. * Swap special-case I'm just OK with my three gigs. The 1:1 mem:swap rule has got to be wasting space here, hasn't it? Ignore swap, that's just small stuff, especially with 3GB. You could have 64GB and it would still be not that important. Put it on any partition or file you want. The rule is 1:2 BTW. Well, here it is; so, should I do it? If you feel like tinkering and sorting out problems, then yes. If you want to just get your computer running and never think about it again, then no. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuKngUACgkQ+VSRxYk4409jVwCfdeZARa+3LjZR9yWZat6na0bv iesAoJ1mYVKnBbupounl709caGPzOEqN =c+qk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b8a9e05.6080...@web.de
Re: Single root filesystem evilness decreasing in 2010? (on workstations)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stan Hoeppner wrote: /var up2uext2sequential write/read, journal unnecessary I don't see the advantage of ext2 over ext3 here (or for that matter anywhere else, which may just be my ignorance). The journal may be unnecessary, but it doesn't cost much either, neither performance nor space in noticeable quantities. *You may trust ext4 at this point, but I, and many others don't. xfs beats ext4 in every category, so why bother with ext4? Exactly. If any Ubuntu maintainers were on this list, we could ask them, they see some reason for it (but I don't know what it is). If you have a 500GB, 750GB, 1TB, 1.5TB, 2TB disk, leave the freak'n bulk of it unallocated until you actually need it. How exactly is that useful w/o LVM? How is the space supposed to be included later? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuKoMEACgkQ+VSRxYk440/lfgCdGMXUb0i7mKyDEHo0JLen8R7o Kn0An0/5BMGeVjoCNk/vWM9psWWJR7sJ =EiW4 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b8aa0c1.1060...@web.de
Re: Single root filesystem evilness decreasing in 2010? (on workstations)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thib wrote: You trust ext4, and so does Ubuntu. Others (including most distros, including Debian) do not. I'm sorry if I should know, but is that a clear position or the general fear around delayed allocation? google ext4 kde4 and the first hit is Data loss may occurr when using ext4 and KDE 4. I think Ubuntu offered ext4 as optional then and many people ran into problems, supposedly massive data loss. XFS would be the same. Application programmers don't cope with delayed allocation, and since you cannot fix all the apps, you'd be stuck with the problem. Apart from specific technical issues, there's general conservatism, most of all in Debian. I'd say that I only trust it for its own integrity management, not that of my data. I don't think anyone should expect that from a filesystem, that's, to my knowledge, what databases are for. That's a very interesting point. Filesystems *not* responsible for data integrity? Whow. While I do get the idea (move integrity checking up to higher-level structures to improve thruput), and I am sure it will speed things up greatly when it works, doesn't this require all your software to first be rewritten to take care of it? * Specific mount options mount(8) --bind won't allow me to set specific options to the remounted tree, I wonder if this limitation can possibly be lifted. I have not heard of any way around it, and since you find it annoying, that speaks against your single filesystem plan. Yep; but that's not right, I don't see how it can't be possible. Can somebody recommend me where I could forward this discussion? The kernel lists? I'm not sure. Your request is perfectly reasonable. It is clearly possible in theory, and I believe some Unix OS actually have it (don't know which though). It is actually required for some backup schemes (which hence don't work under Linux). Quick googling gave me http://lwn.net/Articles/281157/ where they say the limitation exists up to 2.6.25 kernels (the article is from 2008 though). I actually managed to dig a benchmark, yes. Shown a greater hit than that (I won't brag) but when you think about it, you'd really have to torture the filesystem to see it. Possible. I'd like to see it; I don't know any LVM benchmarks, unfortunately. sequential read at the beginning of the disk can be twice as fast as at the end? Sure. That's not fiddling with individual sectors and 3D coordinates on the HDD, but simply using partitions at the beginning of the disk. If you care about a factor 2, then do partition it. I think everybody should keep a handy recovery live CD around; in fact, one would have enough with a separate partition only if the GRUB LVM/RAID modules break - if the core breaks, it's of no help. Good point. A recovery CD obsoletes recovery partitions sometimes. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuLDAwACgkQ+VSRxYk440+bOwCfRowkIKWB4cp6yB9muuzm9KfJ HEcAoLLPlH2C3HvedpvawNsH4uAvMJZX =//v/ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b8b0c0c.2010...@web.de
Re: Single root filesystem evilness decreasing in 2010? (on workstations)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alex Samad wrote: my 2c, with the size of HD's and the processing power we have now, I really wonder if spending more than a second on deciding on a single partition or not is worth it. It's theoretical reasoning. It's good for understanding. And no, it's not worth the time for people who, unlike the thread starter, just want things up and running. But his questions are good to think about in principle, since distros like Debian need such prior to changing the partition recommendations. Are the amount of space lost - expressed as a percentage of the disk really worth all the time being spent on it ? And the cpu overhead for using separate partitions and lvm - again with todays cpus No, *they* wont' be worth it. Neither space nor CPU will show noticeable improvements either way as far as I can see. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkuLDVEACgkQ+VSRxYk440+kWgCfcxDbb+cteK87GH0L9J8YExgr UfwAoLrr/YT0rLFCXROThju6OWbLYy17 =fwwk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b8b0d51.7000...@web.de
www.debian.org/security/ does not know about kernel update??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why does the current major update (kernel even!) not show up on http://www.debian.org/security/ ? Nor does it show up in the list Security Advisories from 2010 http://www.debian.org/security/2010/ . I had to go to http://lists.debian.org/debian-security-announce/2010/ to find it. The one missing is DSA-1996. How can such an important update not be mentioned on the security page, when the much smaller updates are mentioned? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkt8lgsACgkQ+VSRxYk440+OJgCcDvG/SL2e3QbMmOr+LKTLLlKw szYAn2TuBLbNK9izUSPF9/GZuFjpzrMe =Kfhu -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b7c960b.2050...@web.de