Re: [gentoo-user] portage problems
Carter, Dwayne wrote: SNIP [blocks B ] dev-lang/python-2.3.6-r2 (is blocking app-admin/python-updater-0.2) [blocks B ] sys-apps/pam-login (is blocking sys-apps/shadow-4.0.18.1-r1) [blocks B ] net-misc/dhcpcd-2.0.0 (is blocking sys-apps/baselayout-1.12.10-r5) [blocks B ] sys-apps/modutils (is blocking sys-apps/module-init-tools-3.4) SNIP Normally I would say unmerge the blocks and emerge the blockers and update them first. However, I'm not sure about that pam-login one. If you do unmerge that one, do NOT logout until you have it updated. I would recommend switching to another console and logging in to make sure it works too. [ebuild U ] dev-libs/expat-2.0.1 [1.95.6-r1] Oh no, is that the one I think it is. You may want to search the forums for the expat update. Let me know if you can't find it. Has it been a while since you updated? Maybe someone else will see something else and chime in. Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] portage problems
On Saturday 02 February 2008, Dale wrote: Carter, Dwayne wrote: SNIP [blocks B ] dev-lang/python-2.3.6-r2 (is blocking app-admin/python-updater-0.2) [blocks B ] sys-apps/pam-login (is blocking sys-apps/shadow-4.0.18.1-r1) [blocks B ] net-misc/dhcpcd-2.0.0 (is blocking sys-apps/baselayout-1.12.10-r5) [blocks B ] sys-apps/modutils (is blocking sys-apps/module-init-tools-3.4) SNIP Normally I would say unmerge the blocks and emerge the blockers and update them first. However, I'm not sure about that pam-login one. If you do unmerge that one, do NOT logout until you have it updated. I would recommend switching to another console and logging in to make sure it works too. [ebuild U ] dev-libs/expat-2.0.1 [1.95.6-r1] Oh no, is that the one I think it is. You may want to search the forums for the expat update. Let me know if you can't find it. Has it been a while since you updated? Yes, Dale is correct. Dwayne, you have all the major updates from the past year hitting your box in one go, and they all have to be approached in specific sequence. The general idea is of course to unmerge the blockers and merge the things that replace them. I would handle pam first. Keep a root console or two open, find the howto or wiki page that tells you how to do this step and do just that one (i.e. don't try and do it along with everything else in world). Get this one working, then handle the python-updater in the same way (btw, your version of python - 2.3 - is now unmaintained and will be leaving the tree soon). Finally do the expat upgrade. Now this is the big one and there is a complete howto/wiki page that tells you how to do it. This one will take a long time, as half your system will use the old version of expat and you will only have a new one (!) Use revdep-rebuild to fix that, preferably overnight. Finally, you have two packages that are not in portage anymore: gs-sources vi I don't know what gs-sources were for, you should switch to a supported set of kernel sources. The vi ebuild has been replace with app-editors/vim, so do: emerge -C vi ; emerge vim To fix this. When was this box last updated? 2005 sometime? -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] portage problems
Carter, Dwayne schrieb: [blocks B ] dev-lang/python-2.3.6-r2 (is blocking app-admin/python-updater-0.2) You also have to be careful with this blocker, never unmerge python or you are lost as portage does not work without python. You have to do something like this to get around it. quickpkg =dev-lang/python-2.3.5 this makes a backup of your old python version in case something gets wrong (adapt the version to match your currently installed one) emerge --nodeps -avt =dev-lang/python-2.4.4-r6 installs the new python version without dependencies so the python-updater can not block the old python version emerge -avC =dev-lang/python-2.3.5 removes the old version of python emerge -avt python-updater installs python-updater emerge -avt portage reinstalls portage so it uses the new python version It is also good thing to run python-updater after this. Please could someone confirm this, as i have never done this myself, just googling! :) !!! Problems have been detected with your world file !!! Please run emaint --check world You should also consider this! There are some invalid entries in your world file. Normally this are packages which are in world but are not installed on the system. Regards, Daniel -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] (OT) Reboot to Windows (using grub)
Dear Gentoo Community, I was wondering if anyone knew how (whether) it is possible to set temporary options to grub. I am on a dual-boot setup with Gentoo Linux being the first choice in grub's config file. When I perform a restart, most of the times it is in order to subsequently boot Windows. With the current setup, however, I need to press the restart button (in Xfce), wait patiently till the computer restarts, wait for the grub screen and change the option before the 5 seconds time-out expires. I find annoying when I miss out the time-out, because of my going away from the computer screen. Basically, I would like to issue a command (restart with a certain grub temporary setup change), go make myself a cup of tee and come back and see the Windows login screen. Could anyone suggest a way to do something similar? Liviu -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] (OT) Reboot to Windows (using grub)
On 2 Feb 2008, at 12:57, Liviu Andronic wrote: ... With the current setup, however, I need to press the restart button (in Xfce), wait patiently till the computer restarts, wait for the grub screen and change the option before the 5 seconds time-out expires. I find annoying when I miss out the time-out, because of my going away from the computer screen. Basically, I would like to issue a command (restart with a certain grub temporary setup change), go make myself a cup of tee and come back and see the Windows login screen. One answer to this is to change the default entry in /boot/grub/ grub.conf If you don't want to do this manually using $editor each time you want to start Windows then you could surely write a script which would do so. In order to change /boot/grub/grub.conf from Windows you would need to install an ext3-write driver for 'doze or format your / boot partition FAT32. Surely one could easily write a script which would change the default entry in /boot/grub/grub.conf. In order to change it back one would probably need to have it also write a /boot/grub/ my.next.boot.txt file, too, and have start-up scripts under each o/s to recognise that once again edit /boot/grub/grub.conf. I do not think such a facility is built-in to grub. Stroller. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] (OT) Reboot to Windows (using grub)
On Saturday 02 Feb 2008 18:27:55 Liviu Andronic wrote: Basically, I would like to issue a command (restart with a certain grub temporary setup change), go make myself a cup of tee and come back and see the Windows login screen. info grub Look for grub-set-default. What I've done is to add the default entry in grub.conf normally. After every menu entry, I've added `savedefault 0'. Then when rebooting, you could issue a `grub-set-default foo', it'll reboot into that entry without you having to wait. If KDE has grub support, it'll allow you to pick which entry to boot into with the restart button. HTH -- Mrugesh Karnik GPG Key 0xBA6F1DA8 Public key on http://wwwkeys.pgp.net signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] (OT) Reboot to Windows (using grub)
On Saturday 2 February 2008, Stroller wrote: One answer to this is to change the default entry in /boot/grub/ grub.conf If you don't want to do this manually using $editor each time you want to start Windows then you could surely write a script which would do so. In order to change /boot/grub/grub.conf from Windows you would need to install an ext3-write driver for 'doze or format your / boot partition FAT32. Surely one could easily write a script which would change the default entry in /boot/grub/grub.conf. In order to change it back one would probably need to have it also write a /boot/grub/ my.next.boot.txt file, too, and have start-up scripts under each o/s to recognise that once again edit /boot/grub/grub.conf. I do not think such a facility is built-in to grub. There is the savedefault command, which can be used to boot an OS only once while keeping the original OS as default, thus booting the original OS the next time. It's explained in the grub info file. So, I suppose the OP could write a wrapper script to /sbin/shutdown which does a grub-set-default to boot windows once. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] (OT) Reboot to Windows (using grub)
Liviu Andronic writes: I was wondering if anyone knew how (whether) it is possible to set temporary options to grub. [...] Basically, I would like to issue a command (restart with a certain grub temporary setup change), go make myself a cup of tee and come back and see the Windows login screen. grub-set-default n N is the number of the entry in grub.conf, counting from 0. So, if you have 2 entries only, grub-set-default 1 would activate the 2nd entry, probably windows. You need to have the line default saved in grub.conf for this to work. See info grub, section Invoking grub-set-default:: for more infomation. Wonko -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] portage problems
On Saturday 02 February 2008, Daniel Pielmeier wrote: !!! Problems have been detected with your world file !!! Please run emaint --check world You should also consider this! There are some invalid entries in your world file. Normally this are packages which are in world but are not installed on the system. You mean packages which are installed on the system but are not in portage surely? -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] portage problems
Alan McKinnon schrieb: On Saturday 02 February 2008, Daniel Pielmeier wrote: !!! Problems have been detected with your world file !!! Please run emaint --check world You should also consider this! There are some invalid entries in your world file. Normally this are packages which are in world but are not installed on the system. You mean packages which are installed on the system but are not in portage surely? No! This error occurs for instance when you have a package listed in the world file but it is not installed. Just test it and manually put some cat/some-pkg you have not installed in the world file and run emerge -pv world then portage starts complaining, although it would install the newly added entry with its dependencies. Emaint checks the world file for a few problems. For entries with invalid atoms, entries with a package that is not installed (see above example) and entries that have a category that is not listed in /etc/portage/categories. -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] {OT} CUPS alternative?
I'm trying to print from my remote server to my local printer. It's working great via CUPS, but I've been warned that this is not a good idea and that I should be using Net::Printer instead. Net::Printer docs say: Net::Printer, by itself, does not speak to printers running the CUPS protocol. In order to provide support for legacy clients, most modern CUPS distributions include the cups-lpd mini-server which can be set up to run out of either inetd or xinetd depending on preference. You will need to set up this functionality in order to use Net::Printer with a CUPS server. I thought CUPS was *the* way to print on Linux. Is there another solution that would work better with Net::Printer? - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] portage problems
On Saturday 02 February 2008, Daniel Pielmeier wrote: Alan McKinnon schrieb: On Saturday 02 February 2008, Daniel Pielmeier wrote: You should also consider this! There are some invalid entries in your world file. Normally this are packages which are in world but are not installed on the system. You mean packages which are installed on the system but are not in portage surely? No! This error occurs for instance when you have a package listed in the world file but it is not installed. OK, I see what you mean. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] {OT} CUPS alternative?
On Saturday 02 February 2008, Grant wrote: I thought CUPS was *the* way to print on Linux. Is there another solution that would work better with Net::Printer? CUPS is the latest in a long string of different print systems, all trying to solve this infernally difficult problem called putting dots on the right place on a bit of paper. And all systems seem to fail at it. Admittedly, CUPS is better than most and to my mind best suited to modern printing needs. What amuses me is what kind of project would recommend you not use CUPS, and what is their reasoning? -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] {OT} CUPS alternative?
I thought CUPS was *the* way to print on Linux. Is there another solution that would work better with Net::Printer? CUPS is the latest in a long string of different print systems, all trying to solve this infernally difficult problem called putting dots on the right place on a bit of paper. And all systems seem to fail at it. Admittedly, CUPS is better than most and to my mind best suited to modern printing needs. What amuses me is what kind of project would recommend you not use CUPS, and what is their reasoning? What they've suggested is that using lpr on the remote system and opening port 631 to the world is a bad idea and that it's much better to use Net::Printer. Would you agree? Net::Printer doesn't work with CUPS directly so I thought maybe I should be using something else. I'd rather not set up inetd or xinetd if I can avoid it. - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
I would emerge Qt-3. You may continue your world update with emerge --resume afterwards. That did it! Seven days, one hour and 28 minutes after I started, -uD world is complete! mw Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
--- Mateusz Mierzwinski [EMAIL PROTECTED] wrote: Total: 246 packages (201 upgrades, 1 downgrade, 38 new, 6 in new slots), Size of downloads: 1,047,420 kB Man, those must be tiny packages. I just completed -uD world which took 351 packages totalling ~800M Maxim Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
On Sat, 2008-02-02 at 07:47 -0800, maxim wexler wrote: I would emerge Qt-3. You may continue your world update with emerge --resume afterwards. That did it! Seven days, one hour and 28 minutes after I started, -uD world is complete! 7 days? Time to emerge --sync, and update world again! -- Iain Buchanan iaindb at netspace dot net dot au Horse sense is the thing a horse has which keeps it from betting on people. -- W. C. Fields -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
On Sat, 2008-02-02 at 07:53 -0800, maxim wexler wrote: --- Mateusz Mierzwinski [EMAIL PROTECTED] wrote: Total: 246 packages (201 upgrades, 1 downgrade, 38 new, 6 in new slots), Size of downloads: 1,047,420 kB Man, those must be tiny packages. I just completed -uD world which took 351 packages totalling ~800M read again :) He has approximately 1Gb of downloads... -- Iain Buchanan iaindb at netspace dot net dot au The Golden Rule of Arts and Sciences: He who has the gold makes the rules. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] {OT} CUPS alternative?
On Saturday 02 February 2008, Grant wrote: I thought CUPS was *the* way to print on Linux. Is there another solution that would work better with Net::Printer? CUPS is the latest in a long string of different print systems, all trying to solve this infernally difficult problem called putting dots on the right place on a bit of paper. And all systems seem to fail at it. Admittedly, CUPS is better than most and to my mind best suited to modern printing needs. What amuses me is what kind of project would recommend you not use CUPS, and what is their reasoning? What they've suggested is that using lpr on the remote system and opening port 631 to the world is a bad idea and that it's much better to use Net::Printer. Would you agree? I don't know Net::Printer, but if it prints over the network - as the name implies - it has to use a port. So you have to open that port. That's how TCP/IP works. No way around it. Certainly, the organisation you are working in is behind a firewall that allows pretty little from the outside to the inside. (If not so, their network administrator or external consultant or or or should be beaten over his head until he can spell Bruce Schneier.) So you are *not* opening port 631 to the world. You are certainly opening it to your organisation. I have messed up my CUPS configuration right now and can't look it up for sure but I remember CUPS being able to listen only to certain hosts (IP addresses) other than localhost. If if this is not so, you can still set up a firewall on the client box (the one that is supposed to do the printing) that allows only your server to connect to port 631 on it. If someone then argues about source IP spoofing, just let him. If someone in your organisation is able to do it, make him your network admin. ;-) Uwe -- Informal Linux Group Namibia: http://www.linux.org.na/ SysEx (Pty) Ltd.: http://www.SysEx.com.na/ -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] {OT} CUPS alternative?
I thought CUPS was *the* way to print on Linux. Is there another solution that would work better with Net::Printer? CUPS is the latest in a long string of different print systems, all trying to solve this infernally difficult problem called putting dots on the right place on a bit of paper. And all systems seem to fail at it. Admittedly, CUPS is better than most and to my mind best suited to modern printing needs. What amuses me is what kind of project would recommend you not use CUPS, and what is their reasoning? What they've suggested is that using lpr on the remote system and opening port 631 to the world is a bad idea and that it's much better to use Net::Printer. Would you agree? I don't know Net::Printer, but if it prints over the network - as the name implies - it has to use a port. So you have to open that port. That's how TCP/IP works. No way around it. Certainly, the organisation you are working in is behind a firewall that allows pretty little from the outside to the inside. (If not so, their network administrator or external consultant or or or should be beaten over his head until he can spell Bruce Schneier.) So you are *not* opening port 631 to the world. You are certainly opening it to your organisation. I have messed up my CUPS configuration right now and can't look it up for sure but I remember CUPS being able to listen only to certain hosts (IP addresses) other than localhost. If if this is not so, you can still set up a firewall on the client box (the one that is supposed to do the printing) that allows only your server to connect to port 631 on it. If someone then argues about source IP spoofing, just let him. If someone in your organisation is able to do it, make him your network admin. ;-) You're right, access to the printer can be given only to certain hosts. So simply using 'lpr file.pdf' on the remote machine doesn't strike you as a bad idea? - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
Don't forget: etc-update, revdep-rebuild tools. HTH. Rumen At the end of an emerge process I saw two recommendations: etc-update and ?-update. The exact name escapes me and I can't find it in the logs. It seems pretty significant with 100+ updates pending. Do you recall the full name? Maxim Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
Emerge recommends that you run 'etc-update' and 'revdep-rebuild' after updating. -Hal maxim wexler wrote: Don't forget: etc-update, revdep-rebuild tools. HTH. Rumen At the end of an emerge process I saw two recommendations: etc-update and ?-update. The exact name escapes me and I can't find it in the logs. It seems pretty significant with 100+ updates pending. Do you recall the full name? Maxim Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
On Saturday 02 February 2008, maxim wexler wrote: Don't forget: etc-update, revdep-rebuild tools. HTH. Rumen At the end of an emerge process I saw two recommendations: etc-update and ?-update. The exact name escapes me and I can't find it in the logs. It seems pretty significant with 100+ updates pending. Do you recall the full name? Maxim modules-update if you have out-of-tree kernel modules env-update follwed by '. /etc/profile/ to avoid the hassle of logging out and back in just to update the environment possibly conf-update which does the same thing as etc-update, just with a much nicer ui that is easier to see what is going on -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
On Saturday 02 February 2008, Iain Buchanan wrote: On Sat, 2008-02-02 at 07:47 -0800, maxim wexler wrote: I would emerge Qt-3. You may continue your world update with emerge --resume afterwards. That did it! Seven days, one hour and 28 minutes after I started, -uD world is complete! 7 days? Time to emerge --sync, and update world again! hehehehe, only a true gentooite would get that one :-) on reflection, it would probably have been easier for maxim to just reinstall the box. But then again he learned a heap of stuff that's hard to learn any other way -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] Re: {OT} CUPS alternative?
Grant emailgrant at gmail.com writes: If someone then argues about source IP spoofing, just let him. If someone in your organisation is able to do it, make him your network admin. You're right, access to the printer can be given only to certain hosts. So simply using 'lpr file.pdf' on the remote machine doesn't strike you as a bad idea? Might this be an opportunity to use 'port-knocking' ? http://www.linuxjournal.com/article/6811 just a thought, never really tried this before. James -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] {OT} CUPS alternative?
On Saturday 02 February 2008, Grant wrote: You're right, access to the printer can be given only to certain hosts. So simply using 'lpr file.pdf' on the remote machine doesn't strike you as a bad idea? Lets look at this from the perspective of what is really going on. You have a process on one machine that opens a high numbered port to knock on a low numbered port on another machine and conduct a TCP/IP session. Data moves up and down blah blah blah. The process on the first machine just happens to be lpr, and the port on your machine just happens to be 631. Here's another scenario: You have a process on one machine (which just happens to be Firefox) that opens a high numbered port to knock on a low numbered port (which just happens to be port 80) on another machine and conduct a TCP/IP session with the process listening on port 80 which just happens to be Apache. Data moves up and down blah blah blah. How are these two things different in any fundamental way? They are not. Gladly setting up say Apache and also being hesitant about setting up a print server is totally inconsistent (and yet you would be amazed at the amount of clueless knuckleheads out there advising exactly this attitude). The only reason I would not do that remote printing setup is if I knew of specific weaknesses/exploits in lpr and CUPS. But I don't. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: {OT} CUPS alternative?
On Saturday 02 February 2008, James wrote: Grant emailgrant at gmail.com writes: If someone then argues about source IP spoofing, just let him. If someone in your organisation is able to do it, make him your network admin. You're right, access to the printer can be given only to certain hosts. So simply using 'lpr file.pdf' on the remote machine doesn't strike you as a bad idea? Might this be an opportunity to use 'port-knocking' ? http://www.linuxjournal.com/article/6811 just a thought, never really tried this before. port-knocking is the biggest load of fud (Microsoft products apart) I have heard about in ages. The term snake-oil comes to mind, as does security by obscurity and obfuscation which we all know is no security at all. I don't care if the originating process knocks on the well known port with gold plated gloves hand braided from the finest Unobtainium by seductive alluring Puerto Rican virgins, the receiving machine still has to open another port short thereafter. This is not a magic port and is not wrapped in Star Trek's finest stealth cloak, it's a port that does TCP/IP stuff. If the end process listening on the newly opened port is in any way weak - and this is the only possible reason anyone would ever try the port knocking workaround - it's just as weak when it's listening on an obfuscated port number. If it's open, I can find it. If it's weak, I can get in. Then it's game over, go home, I win. I've yet to hear positive things about port knocking from someone who actually implemented it fully. In truth it's just a major pain in the arse that makes the admin's life miserable and gives the boss a warm fuzzy feeling based on hot air. End of rant. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] gentoo rebuild, cups won't work
On Feb 1, 2008 2:26 AM, Dale [EMAIL PROTECTED] wrote: Dave Jones wrote: Hi Kevin Kevin O'Gorman wrote on 27/01/08 19:58: I've installed cups and hplip. I cannot follow the Gentoo printing guide, because that worthy document requires me to add hplip to the default runlevel, but hplip does not put anything in /etc/init.d. My printer is an old HP Laserjet 4M, which I usually run as a Postscrpt printer. What have I missed? Run hp-setup You'll probably need to rework your cups config files if you've retained them from the broken install. hp-setup should enable local printing OK. /etc/init.d/hplip is no longer necessary with recent hplip ebuilds. Cheers, Dave And if it still gives you problems, delete /etc/cups then reemerge cups. I had to do that last part too. Dale The problem is that my printer is on the LPT port (/dev/lp0), and hp-setup does not find it. In fact it has an option for LPT printers, but it is greyed out. The printer is really there: I can print by cat printme /dev/lp0 with a suitably formed printme file (lines need CR, file ends with ^L^D). ++ kevin -- Kevin O'Gorman, PhD
Re: [gentoo-user] Re: {OT} CUPS alternative?
If someone then argues about source IP spoofing, just let him. If someone in your organisation is able to do it, make him your network admin. You're right, access to the printer can be given only to certain hosts. So simply using 'lpr file.pdf' on the remote machine doesn't strike you as a bad idea? Might this be an opportunity to use 'port-knocking' ? http://www.linuxjournal.com/article/6811 just a thought, never really tried this before. port-knocking is the biggest load of fud (Microsoft products apart) I have heard about in ages. The term snake-oil comes to mind, as does security by obscurity and obfuscation which we all know is no security at all. I don't care if the originating process knocks on the well known port with gold plated gloves hand braided from the finest Unobtainium by seductive alluring Puerto Rican virgins, the receiving machine still has to open another port short thereafter. This is not a magic port and is not wrapped in Star Trek's finest stealth cloak, it's a port that does TCP/IP stuff. If the end process listening on the newly opened port is in any way weak - and this is the only possible reason anyone would ever try the port knocking workaround - it's just as weak when it's listening on an obfuscated port number. If it's open, I can find it. If it's weak, I can get in. Then it's game over, go home, I win. I've yet to hear positive things about port knocking from someone who actually implemented it fully. In truth it's just a major pain in the arse that makes the admin's life miserable and gives the boss a warm fuzzy feeling based on hot air. End of rant. Well thank you for that. I had planned on setting up port knocking for ssh and cups but I guess I'm just as well off leaving them listening on 22 and 631? As for printing from lpr to cups across the internet, I should be encrypting that data shouldn't I? Nothing too sensitive but it sounds like a good thing to do. It looks like cups can use ssl but I don't see any mention of it in man lpr. - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] gentoo rebuild, cups won't work
On Feb 2, 2008 10:18 AM, Kevin O'Gorman [EMAIL PROTECTED] wrote: On Feb 1, 2008 2:26 AM, Dale [EMAIL PROTECTED] wrote: Dave Jones wrote: Hi Kevin Kevin O'Gorman wrote on 27/01/08 19:58: I've installed cups and hplip. I cannot follow the Gentoo printing guide, because that worthy document requires me to add hplip to the default runlevel, but hplip does not put anything in /etc/init.d. My printer is an old HP Laserjet 4M, which I usually run as a Postscrpt printer. What have I missed? Run hp-setup You'll probably need to rework your cups config files if you've retained them from the broken install. hp-setup should enable local printing OK. /etc/init.d/hplip is no longer necessary with recent hplip ebuilds. Cheers, Dave And if it still gives you problems, delete /etc/cups then reemerge cups. I had to do that last part too. Dale The problem is that my printer is on the LPT port (/dev/lp0), and hp-setup does not find it. In fact it has an option for LPT printers, but it is greyed out. The printer is really there: I can print by cat printme /dev/lp0 with a suitably formed printme file (lines need CR, file ends with ^L^D). ++ kevin Hmmm. Digging slightly deeper, I found the /usr/bin/hp-probe program. It lets me specifically request a probe of LPT, but finds nothing there. The printer remains attached. I'm even more deeply stumped than before. ++ kevin -- Kevin O'Gorman, PhD
[gentoo-user] {OT} Dynamic HTML to PDF
I'm currently printing a dynamic HTML web page via firefox, but I'm trying to switch to a method that will allow me to print across the internet in an automated fashion with lpr. I've tried printing a static HTML file with lpr, but it comes out in raw code. I think I need a way to convert a dynamic web page to a static HTML file and then convert that HTML file to PDF for printing. I'm having trouble getting my mind around how to convert the dynamic HTML web page to a static HTML file, but I think going from HTML to PDF is best accomplished with htmldoc. How would you guys do this? - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: {OT} CUPS alternative?
On Saturday 2 February 2008, Alan McKinnon wrote: port-knocking is the biggest load of fud (Microsoft products apart) I have heard about in ages. The term snake-oil comes to mind, as does security by obscurity and obfuscation which we all know is no security at all. Uhm. Security by obscurity is not good because it hides something *that is known for sure to be there*. Port knocking, on the other hand, makes a computer appear as if nothing is there. No open ports. A computer with all ports closed which uses portknocking and a computer with just all ports closed cannot be told apart from remote, either by portscanning or whatever mean. What the attacker sees is just no open ports. It could, of course, imagine that port knocking might be in use, but even in that case, he would have to discover the knock sequence. With a knock sequence long enough (say, 8 ports), the likeliness of such a discovery is really low (1/65535^8 in this case). And, even if he succeeds, he just opens a port (as if there was no portknocking), and still has to violate whatever security measure is in place for the service (eg, ssh authentication). I don't care if the originating process knocks on the well known port with gold plated gloves hand braided from the finest Unobtainium by seductive alluring Puerto Rican virgins, the receiving machine still has to open another port short thereafter. This is not a magic port and is not wrapped in Star Trek's finest stealth cloak, it's a port that does TCP/IP stuff. If the end process listening on the newly opened port is in any way weak - and this is the only possible reason anyone would ever try the port knocking workaround - it's just as weak when it's listening on an obfuscated port number. This is not true, for at least two reasons: - the port stays open only for the duration of the connection, not all the time; - at least with some implementations, the port is opened *only to the IP address of the user who did the knock*, not to the whole world. If it's open, I can find it. If it's weak, I can get in. Then it's game over, go home, I win. See above. I've yet to hear positive things about port knocking from someone who actually implemented it fully. In truth it's just a major pain in the arse that makes the admin's life miserable and gives the boss a warm fuzzy feeling based on hot air. I don't know about large setups, where it might be very possible that port knocking becomes a major PITA as you say. But I have setup and used port knocking for remote ssh access lots of time in the past, and never had a problem. This is just my little experience, of course. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
modules-update if you have out-of-tree kernel modules env-update follwed by '. /etc/profile/ to avoid the hassle of logging out and back in just to update the environment possibly conf-update which does the same thing as etc-update, just with a much nicer ui that is easier to see what is going on No it was none of those. It was the same format as that for etc-upate, Bold yellow text followed by recommended action. And in the line right next to it. IIRC it would appear at the end of some of the successful emerges, just not the last one, and there wasn't enough in the buffer to scroll back for it. I 'tail'ed some likely suspects in /var/log/portage but it didn't show. 'grep'ing emerg.log for update only finds the --update switch. I'm all askeerd to reboot before finding out what it was ;( -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] gentoo rebuild, cups won't work
Hi Kevin Kevin O'Gorman wrote on 02/02/08 19:31: I've installed cups and hplip. I cannot follow the Gentoo printing guide, because that worthy document requires me to add hplip to the default runlevel, but hplip does not put anything in /etc/init.d. My printer is an old HP Laserjet 4M, which I usually run as a Postscrpt printer. What have I missed? Run hp-setup You'll probably need to rework your cups config files if you've retained them from the broken install. hp-setup should enable local printing OK. And if it still gives you problems, delete /etc/cups then reemerge cups. I had to do that last part too. The problem is that my printer is on the LPT port (/dev/lp0), and hp-setup does not find it. In fact it has an option for LPT printers, but it is greyed out. The printer is really there: I can print by cat printme /dev/lp0 with a suitably formed printme file (lines need CR, file ends with ^L^D). Hmmm. Digging slightly deeper, I found the /usr/bin/hp-probe program. It lets me specifically request a probe of LPT, but finds nothing there. The printer remains attached. I'm even more deeply stumped than before. Try: hp-setup -i /dev/parport0 See if that helps. Try hp-setup -hfor other options. I take it that your kernel has parallel port support generated, and that you have file permission to access /dev/lp0 ? Cheers, Dave -- gentoo-user@lists.gentoo.org mailing list
RE: [gentoo-user] portage problems
Dale: Thanks for the input, I have successfully resolved the pam-login issue, I have to adjusted all the /etc/pam.d entry to remove the pam_stack entry and update them with type include system-auth. I just removed the dhcpcd-2.0.0 since it is not part of the system tree anymore. I am still working on the python and modutils. As far as updates I just inherited this server at work so, I don't really know when it was last updated. Thanks for the great information and input. Dwayne Carter -Original Message- From: Dale [mailto:[EMAIL PROTECTED] Sent: Saturday, February 02, 2008 3:06 AM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] portage problems Carter, Dwayne wrote: SNIP [blocks B ] dev-lang/python-2.3.6-r2 (is blocking app-admin/python-updater-0.2) [blocks B ] sys-apps/pam-login (is blocking sys-apps/shadow-4.0.18.1-r1) [blocks B ] net-misc/dhcpcd-2.0.0 (is blocking sys-apps/baselayout-1.12.10-r5) [blocks B ] sys-apps/modutils (is blocking sys-apps/module-init-tools-3.4) SNIP Normally I would say unmerge the blocks and emerge the blockers and update them first. However, I'm not sure about that pam-login one. If you do unmerge that one, do NOT logout until you have it updated. I would recommend switching to another console and logging in to make sure it works too. [ebuild U ] dev-libs/expat-2.0.1 [1.95.6-r1] Oh no, is that the one I think it is. You may want to search the forums for the expat update. Let me know if you can't find it. Has it been a while since you updated? Maybe someone else will see something else and chime in. Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
On Saturday 02 February 2008, maxim wexler wrote: I 'tail'ed some likely suspects in /var/log/portage but it didn't show. 'grep'ing emerg.log for update only finds the --update switch. I'm all askeerd to reboot before finding out what it was ;( did you grep all the files in /var/log/portage/elog/ as well? That's where such notifications are normally stored. Some more likely candidates are gcc-config, java-config, perhaps python-updater or maybe one of these: nazgul ~ # ls -al /sbin/*update /usr/sbin/*update lrwxrwxrwx 1 root root14 Nov 2 09:55 /sbin/modules-update - update-modules -rwxr-xr-x 1 root root 5546 Jan 17 22:33 /sbin/rc-update -rwxr-xr-x 1 root root 30356 Nov 2 10:00 /usr/sbin/conf-update lrwxrwxrwx 1 root root29 Feb 1 20:14 /usr/sbin/env-update - ../lib/portage/bin/env-update lrwxrwxrwx 1 root root29 Feb 1 20:14 /usr/sbin/etc-update - ../lib/portage/bin/etc-update -rwxr-xr-x 1 root root 1873 Jan 10 15:14 /usr/sbin/texmf-update nazgul ~ # ls -al /sbin/*config /usr/sbin/*config -rwxr-xr-x 1 root root 53788 Nov 1 22:24 /sbin/ifconfig -rwxr-xr-x 1 root root 71460 Nov 5 14:42 /sbin/iwconfig -rwxr-xr-x 1 root root 564648 Nov 2 08:00 /sbin/ldconfig -rwxr-xr-x 1 root root 4412 Nov 1 22:24 /sbin/plipconfig -rwxr-xr-x 1 root root 26020 Nov 2 08:00 /usr/sbin/iconvconfig -rwxr-xr-x 1 root root 4171 Jan 2 13:48 /usr/sbin/paperconfig -rwxr-xr-x 1 root root 10284 Nov 1 22:24 /usr/sbin/pci-config -rwxr-xr-x 1 root root 18563 Nov 7 23:25 /usr/sbin/pwmconfig -rwxr-xr-x 1 root root 3084 Nov 5 13:27 /usr/sbin/ruby-config -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] gentoo rebuild, cups won't work
On Feb 2, 2008 1:01 PM, Dave Jones [EMAIL PROTECTED] wrote: Hi Kevin Kevin O'Gorman wrote on 02/02/08 19:31: I've installed cups and hplip. I cannot follow the Gentoo printing guide, because that worthy document requires me to add hplip to the default runlevel, but hplip does not put anything in /etc/init.d. My printer is an old HP Laserjet 4M, which I usually run as a Postscrpt printer. What have I missed? Run hp-setup You'll probably need to rework your cups config files if you've retained them from the broken install. hp-setup should enable local printing OK. And if it still gives you problems, delete /etc/cups then reemerge cups. I had to do that last part too. The problem is that my printer is on the LPT port (/dev/lp0), and hp-setup does not find it. In fact it has an option for LPT printers, but it is greyed out. The printer is really there: I can print by cat printme /dev/lp0 with a suitably formed printme file (lines need CR, file ends with ^L^D). Hmmm. Digging slightly deeper, I found the /usr/bin/hp-probe program. It lets me specifically request a probe of LPT, but finds nothing there. The printer remains attached. I'm even more deeply stumped than before. Try: hp-setup -i /dev/parport0 See if that helps. Try hp-setup -hfor other options. I take it that your kernel has parallel port support generated, and that you have file permission to access /dev/lp0 ? Cheers, Dave -- gentoo-user@lists.gentoo.org mailing list It runs, but only gives me options for usb and net. This makes some sense since there are no /dev/parport* entries in my system. Nevertheless, I have parallel port support as I understand it. From my kernel (2.6.22-gentoo-r6) .config file: # # Generic Driver Options # CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=m # CONFIG_SYS_HYPERVISOR is not set # CONFIG_CONNECTOR is not set # CONFIG_MTD is not set CONFIG_PARPORT=yparallel port CONFIG_PARPORT_PC=y PC style # CONFIG_PARPORT_SERIAL is not set # CONFIG_PARPORT_PC_FIFO is not set # CONFIG_PARPORT_PC_SUPERIO is not set # CONFIG_PARPORT_GSC is not set # CONFIG_PARPORT_AX88796 is not set CONFIG_PARPORT_1284=y CONFIG_PNP=y # CONFIG_PNP_DEBUG is not set Thanks for the help. -- Kevin O'Gorman, PhD
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
Alan McKinnon wrote: On Saturday 02 February 2008, Iain Buchanan wrote: On Sat, 2008-02-02 at 07:47 -0800, maxim wexler wrote: I would emerge Qt-3. You may continue your world update with emerge --resume afterwards. That did it! Seven days, one hour and 28 minutes after I started, -uD world is complete! 7 days? Time to emerge --sync, and update world again! hehehehe, only a true gentooite would get that one :-) on reflection, it would probably have been easier for maxim to just reinstall the box. But then again he learned a heap of stuff that's hard to learn any other way Yea, if it breaks again, he's going to have a lot more ammo to work with. Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
On Saturday 02 February 2008, Dale wrote: on reflection, it would probably have been easier for maxim to just reinstall the box. But then again he learned a heap of stuff that's hard to learn any other way Yea, if it breaks again, he's going to have a lot more ammo to work with. Or, in the tried and trusted Unix tradition of 37 years, when he breaks it himself next time he gets to keep both pieces AND have the glue that puts them back together :-) Sometimes I find myself deliberately breaking stuff just to see if I can fix it. Try this one, it's not as easy as it looks: emerge busybox to / on a machine in use without making symlinks Now emerge something. You get an impressive error message. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] [OT] VNC viewer in listening mode
Hi All, Would you know if krdc can work in listening mode (like the traditional vncviewer can?). If krdc won't cut it, then should I emerge vnc or tightvnc? Which is better? I'm only interested on the viewer part to connect to a remote WinXP machine which is seating behind a firewall. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] emerge -uD world: another obstacle FIXED
Alan McKinnon wrote: On Saturday 02 February 2008, Dale wrote: on reflection, it would probably have been easier for maxim to just reinstall the box. But then again he learned a heap of stuff that's hard to learn any other way Yea, if it breaks again, he's going to have a lot more ammo to work with. Or, in the tried and trusted Unix tradition of 37 years, when he breaks it himself next time he gets to keep both pieces AND have the glue that puts them back together :-) Yea but you know we will all help again. :-) Sometimes I find myself deliberately breaking stuff just to see if I can fix it. I break enough by mistake than to do that on purpose. Try this one, it's not as easy as it looks: emerge busybox to / on a machine in use without making symlinks Now emerge something. You get an impressive error message. I'll take your word for it. ;-) Does sound . . . interesting tho. LOL Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] (OT) Reboot to Windows (using grub)
Thanks all for their respective input. From the information provided, I've assembled a short Gentoo Wiki Tip [1]. Regards, Liviu [1] http://gentoo-wiki.com/TIP_Reboot_to_Windows_(using_grub) -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: {OT} CUPS alternative?
port-knocking is the biggest load of fud (Microsoft products apart) I have heard about in ages. The term snake-oil comes to mind, as does security by obscurity and obfuscation which we all know is no security at all. Uhm. Security by obscurity is not good because it hides something *that is known for sure to be there*. Port knocking, on the other hand, makes a computer appear as if nothing is there. No open ports. A computer with all ports closed which uses portknocking and a computer with just all ports closed cannot be told apart from remote, either by portscanning or whatever mean. What the attacker sees is just no open ports. It could, of course, imagine that port knocking might be in use, but even in that case, he would have to discover the knock sequence. With a knock sequence long enough (say, 8 ports), the likeliness of such a discovery is really low (1/65535^8 in this case). And, even if he succeeds, he just opens a port (as if there was no portknocking), and still has to violate whatever security measure is in place for the service (eg, ssh authentication). I don't care if the originating process knocks on the well known port with gold plated gloves hand braided from the finest Unobtainium by seductive alluring Puerto Rican virgins, the receiving machine still has to open another port short thereafter. This is not a magic port and is not wrapped in Star Trek's finest stealth cloak, it's a port that does TCP/IP stuff. If the end process listening on the newly opened port is in any way weak - and this is the only possible reason anyone would ever try the port knocking workaround - it's just as weak when it's listening on an obfuscated port number. This is not true, for at least two reasons: - the port stays open only for the duration of the connection, not all the time; - at least with some implementations, the port is opened *only to the IP address of the user who did the knock*, not to the whole world. If it's open, I can find it. If it's weak, I can get in. Then it's game over, go home, I win. See above. I've yet to hear positive things about port knocking from someone who actually implemented it fully. In truth it's just a major pain in the arse that makes the admin's life miserable and gives the boss a warm fuzzy feeling based on hot air. I don't know about large setups, where it might be very possible that port knocking becomes a major PITA as you say. But I have setup and used port knocking for remote ssh access lots of time in the past, and never had a problem. This is just my little experience, of course. OK, port knocking is going back on the todo list. - Grant -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Re: {OT} CUPS alternative?
On Saturday 02 February 2008 08:42:25 pm Grant wrote: port-knocking is the biggest load of fud (Microsoft products apart) I have heard about in ages. The term snake-oil comes to mind, as does security by obscurity and obfuscation which we all know is no security at all. Uhm. Security by obscurity is not good because it hides something *that is known for sure to be there*. Port knocking, on the other hand, makes a computer appear as if nothing is there. No open ports. A computer with all ports closed which uses portknocking and a computer with just all ports closed cannot be told apart from remote, either by portscanning or whatever mean. What the attacker sees is just no open ports. It could, of course, imagine that port knocking might be in use, but even in that case, he would have to discover the knock sequence. With a knock sequence long enough (say, 8 ports), the likeliness of such a discovery is really low (1/65535^8 in this case). And, even if he succeeds, he just opens a port (as if there was no portknocking), and still has to violate whatever security measure is in place for the service (eg, ssh authentication). I don't care if the originating process knocks on the well known port with gold plated gloves hand braided from the finest Unobtainium by seductive alluring Puerto Rican virgins, the receiving machine still has to open another port short thereafter. This is not a magic port and is not wrapped in Star Trek's finest stealth cloak, it's a port that does TCP/IP stuff. If the end process listening on the newly opened port is in any way weak - and this is the only possible reason anyone would ever try the port knocking workaround - it's just as weak when it's listening on an obfuscated port number. This is not true, for at least two reasons: - the port stays open only for the duration of the connection, not all the time; - at least with some implementations, the port is opened *only to the IP address of the user who did the knock*, not to the whole world. If it's open, I can find it. If it's weak, I can get in. Then it's game over, go home, I win. See above. I've yet to hear positive things about port knocking from someone who actually implemented it fully. In truth it's just a major pain in the arse that makes the admin's life miserable and gives the boss a warm fuzzy feeling based on hot air. I don't know about large setups, where it might be very possible that port knocking becomes a major PITA as you say. But I have setup and used port knocking for remote ssh access lots of time in the past, and never had a problem. This is just my little experience, of course. OK, port knocking is going back on the todo list. - Grant Wow... that was easy... :') -- From the Desk of: Jerome D. McBride -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] BIG-UPDATE! ;) If I survive, then gentoo rulezz... :)
maxim wexler wrote: Don't forget: etc-update, revdep-rebuild tools. HTH. Rumen At the end of an emerge process I saw two recommendations: etc-update and ?-update. The exact name escapes me and I can't find it in the logs. It seems pretty significant with 100+ updates pending. Do you recall the full name? Maxim Was it dispatch-conf by any chance? It does the same thing as etc-update. 100+, WOW. he he he I'm not going to tell how many times I hit the tab key when trying to type in those commands. ;-) Dale :-) :-) :-) -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] gentoo rebuild, cups won't work
Kevin O'Gorman wrote: It runs, but only gives me options for usb and net. This makes some sense since there are no /dev/parport* entries in my system. Nevertheless, I have parallel port support as I understand it. From my kernel (2.6.22-gentoo-r6) .config file: # # Generic Driver Options # CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=m # CONFIG_SYS_HYPERVISOR is not set # CONFIG_CONNECTOR is not set # CONFIG_MTD is not set CONFIG_PARPORT=yparallel port CONFIG_PARPORT_PC=y PC style # CONFIG_PARPORT_SERIAL is not set # CONFIG_PARPORT_PC_FIFO is not set # CONFIG_PARPORT_PC_SUPERIO is not set # CONFIG_PARPORT_GSC is not set # CONFIG_PARPORT_AX88796 is not set CONFIG_PARPORT_1284=y CONFIG_PNP=y # CONFIG_PNP_DEBUG is not set Thanks for the help. -- Kevin O'Gorman, PhD My printer is on my USB port now. It used to be on parport tho. Here is my kernel config, shortened version: [EMAIL PROTECTED] / # cat /usr/src/linux/.config | grep PARPORT CONFIG_PARPORT=y CONFIG_PARPORT_PC=y CONFIG_PARPORT_SERIAL=y # CONFIG_PARPORT_PC_FIFO is not set # CONFIG_PARPORT_PC_SUPERIO is not set # CONFIG_PARPORT_GSC is not set # CONFIG_PARPORT_AX88796 is not set CONFIG_PARPORT_1284=y # CONFIG_I2C_PARPORT is not set # CONFIG_I2C_PARPORT_LIGHT is not set [EMAIL PROTECTED] / # Looks like you have the same two I have. Mine did used to work anyway. Not real sure on that one. You check your USE flags for the HP package? Here is mine: [EMAIL PROTECTED] / # emerge -pv hplip These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild R ] net-print/hplip-2.7.10 USE=X ppds -doc -fax -minimal -parport -scanner -snmp 14,104 kB Total: 1 package (1 reinstall), Size of downloads: 14,104 kB [EMAIL PROTECTED] / # Note the parport option? Mine is disabled, by default I guess. You can add it to the package.use file if yours is disabled too. Dale :-) :-) -- gentoo-user@lists.gentoo.org mailing list