Re: [gentoo-user] repair FAT-fs

[thelma]

On 03/02/2018 11:01 PM, Grant Taylor wrote:
> On 03/02/2018 10:34 PM, the...@sys-concept.com wrote:
>> No, my system is not recognizing "sdb"
> 
> Hum.  :-/
> 
> Your original dmesg output showed that the kernel detected sdb.
> 
> What does lsblk (?) show?
> 
> Does your system detect USB flash drives properly?  (USB Mass Storage)

I think, I got confused by those messages.  Maybe the  message I was
getting:

 FAT-fs (sdb1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

was referring to another an earlier device :-/
I re-install a new firmware  on that android tv box and it installed OK
now.  And I was afraid that I bricked that TV "T95Z plus" device.  But
it works now.

Re: [gentoo-user] repair FAT-fs

[thelma]

On 03/02/2018 10:24 PM, Grant Taylor wrote:
> On 03/02/2018 10:17 PM, the...@sys-concept.com wrote:
>> I've tried:
>> fsck.vfat -v -a -w /dev/sdb1
>> fsck.fat 4.0 (2016-05-06)
>> open: No such file or directory
>>
>> This doesn't work either:
>> fdisk /dev/sdb
>>
>> Welcome to fdisk (util-linux 2.28.2).
>> Changes will remain in memory only, until you decide to write them.
>> Be careful before using the write command.
>>
>> fdisk: cannot open /dev/sdb: No such file or directory
> 
> I think that the "No such file or directory" is quite literally telling
> you that you don't have a /dev/sdb (device) file.
> 
> Please try "ls -l /dev/sd*"
> 
> I'm sort of guessing that you're missing the device nodes.  Without
> them, fsck and fdisk won't be able to work.

When I mount standard usb the nodes are detected:

 ls -l /dev/sd*
brw-rw 1 root disk 8,  0 Dec 31 17:20 /dev/sda
brw-rw 1 root disk 8,  1 Dec 31 17:20 /dev/sda1
brw-rw 1 root disk 8,  2 Dec 31 17:20 /dev/sda2
brw-rw 1 root disk 8,  3 Dec 31 17:20 /dev/sda3
brw-rw 1 root disk 8,  4 Dec 31 17:20 /dev/sda4
brw-rw 1 root disk 8,  5 Dec 31 17:20 /dev/sda5
brw-rw 1 root disk 8, 16 Mar  2 22:46 /dev/sdb
brw-rw 1 root disk 8, 17 Mar  2 22:46 /dev/sdb1

But the TV Box (T95Z Plus) is not recognized and dmesg  is only showing:

[10936422.554836] usb 3-2: new high-speed USB device number 23 using ehci-pci
[10936422.676557] usb 3-2: New USB device found, idVendor=1b8e, idProduct=c003
[10936422.676559] usb 3-2: New USB device strings: Mfr=0, Product=0, 
SerialNumber=0

Re: [gentoo-user] repair FAT-fs

[Grant Taylor]

On 03/02/2018 10:34 PM, the...@sys-concept.com wrote:

No, my system is not recognizing "sdb"


Hum.  :-/

Your original dmesg output showed that the kernel detected sdb.

What does lsblk (?) show?

Does your system detect USB flash drives properly?  (USB Mass Storage)



--
Grant. . . .
unix || die

Re: [gentoo-user] repair FAT-fs

[thelma]

On 03/02/2018 10:24 PM, Grant Taylor wrote:
> On 03/02/2018 10:17 PM, the...@sys-concept.com wrote:
>> I've tried:
>> fsck.vfat -v -a -w /dev/sdb1
>> fsck.fat 4.0 (2016-05-06)
>> open: No such file or directory
>>
>> This doesn't work either:
>> fdisk /dev/sdb
>>
>> Welcome to fdisk (util-linux 2.28.2).
>> Changes will remain in memory only, until you decide to write them.
>> Be careful before using the write command.
>>
>> fdisk: cannot open /dev/sdb: No such file or directory
> 
> I think that the "No such file or directory" is quite literally telling
> you that you don't have a /dev/sdb (device) file.
> 
> Please try "ls -l /dev/sd*"
> 
> I'm sort of guessing that you're missing the device nodes.  Without
> them, fsck and fdisk won't be able to work.

On my other system I'm getting from "dmesg"

[   82.144011] usb 1-1: new high-speed USB device number 3 using ehci-pci
[   82.265345] usb 1-1: New USB device found, idVendor=1b8e, idProduct=c003
[   82.265348] usb 1-1: New USB device strings: Mfr=0, Product=0,
SerialNumber=0

Re: [gentoo-user] repair FAT-fs

[thelma]

On 03/02/2018 10:24 PM, Grant Taylor wrote:
> On 03/02/2018 10:17 PM, the...@sys-concept.com wrote:
>> I've tried:
>> fsck.vfat -v -a -w /dev/sdb1
>> fsck.fat 4.0 (2016-05-06)
>> open: No such file or directory
>>
>> This doesn't work either:
>> fdisk /dev/sdb
>>
>> Welcome to fdisk (util-linux 2.28.2).
>> Changes will remain in memory only, until you decide to write them.
>> Be careful before using the write command.
>>
>> fdisk: cannot open /dev/sdb: No such file or directory
> 
> I think that the "No such file or directory" is quite literally telling
> you that you don't have a /dev/sdb (device) file.
> 
> Please try "ls -l /dev/sd*"
> 
> I'm sort of guessing that you're missing the device nodes.  Without
> them, fsck and fdisk won't be able to work.

No, my system is not recognizing "sdb"

ls -l /dev/sd*
brw-rw 1 root disk 8, 0 Dec 31 17:20 /dev/sda
brw-rw 1 root disk 8, 1 Dec 31 17:20 /dev/sda1
brw-rw 1 root disk 8, 2 Dec 31 17:20 /dev/sda2
brw-rw 1 root disk 8, 3 Dec 31 17:20 /dev/sda3
brw-rw 1 root disk 8, 4 Dec 31 17:20 /dev/sda4
brw-rw 1 root disk 8, 5 Dec 31 17:20 /dev/sda5

I've try to connect that box to another system and same thing:

ls -l /dev/sd*
brw-rw 1 root disk 8, 0 Mar  2 22:31 /dev/sda
brw-rw 1 root disk 8, 1 Mar  2 22:31 /dev/sda1
brw-rw 1 root disk 8, 2 Mar  2 22:31 /dev/sda2
brw-rw 1 root disk 8, 3 Mar  2 22:31 /dev/sda3
brw-rw 1 root disk 8, 4 Mar  2 22:31 /dev/sda4

Re: [gentoo-user] repair FAT-fs

[Grant Taylor]

On 03/02/2018 10:17 PM, the...@sys-concept.com wrote:

I've tried:
fsck.vfat -v -a -w /dev/sdb1
fsck.fat 4.0 (2016-05-06)
open: No such file or directory

This doesn't work either:
fdisk /dev/sdb

Welcome to fdisk (util-linux 2.28.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

fdisk: cannot open /dev/sdb: No such file or directory


I think that the "No such file or directory" is quite literally telling 
you that you don't have a /dev/sdb (device) file.


Please try "ls -l /dev/sd*"

I'm sort of guessing that you're missing the device nodes.  Without 
them, fsck and fdisk won't be able to work.




--
Grant. . . .
unix || die

Re: [gentoo-user] repair FAT-fs

[thelma]

On 03/02/2018 09:40 PM, Paul Colquhoun wrote:
> On Saturday, 3 March 2018 3:24:32 PM AEDT the...@sys-concept.com wrote:
>> I've an android TV box (T95Z Plus) that has a corrupted File System.
>> dmes is showing :
>>
>> usb-storage 8-1:1.0: USB Mass Storage device detected
>> scsi host8: usb-storage 8-1:1.0
>> scsi 8:0:0:0: Direct-Access Kingston DataTraveler G3  PMAP PQ: 0 ANSI: 4
>> sd 8:0:0:0: Attached scsi generic sg2 type 0
>> sd 8:0:0:0: [sdb] 30489408 512-byte logical blocks: (15.6 GB/14.5 GiB)
>> sd 8:0:0:0: [sdb] Write Protect is off
>> sd 8:0:0:0: [sdb] Mode Sense: 23 00 00 00
>> sd 8:0:0:0: [sdb] No Caching mode page found
>> sd 8:0:0:0: [sdb] Assuming drive cache: write through
>> sdb: sdb1
>> sd 8:0:0:0: [sdb] Attached SCSI removable disk
>> FAT-fs (sdb1): Volume was not properly unmounted. Some data may be
>> corrupt. Please run fsck.
>>
>> I 've "dosfstools" installed but I can not run: dosfsck - it doesn't exist.
> 
> 
> Try 'fsck.vfat' instead. There is also 'fsck.fat' or 'fsck.exfat', at least 
> on my installation.

I've tried: 
fsck.vfat -v -a -w /dev/sdb1
fsck.fat 4.0 (2016-05-06)
open: No such file or directory

This doesn't work either:
fdisk /dev/sdb

Welcome to fdisk (util-linux 2.28.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

fdisk: cannot open /dev/sdb: No such file or directory


Here is a dmesg:

[10930879.950647] usb-storage 8-1:1.0: USB Mass Storage device detected
[10930879.950742] scsi host8: usb-storage 8-1:1.0
[10930881.068652] scsi 8:0:0:0: Direct-Access Kingston DataTraveler G3  
PMAP PQ: 0 ANSI: 4
[10930881.068839] sd 8:0:0:0: Attached scsi generic sg2 type 0
[10930882.544966] sd 8:0:0:0: [sdb] 30489408 512-byte logical blocks: (15.6 
GB/14.5 GiB)
[10930882.545153] sd 8:0:0:0: [sdb] Write Protect is off
[10930882.545155] sd 8:0:0:0: [sdb] Mode Sense: 23 00 00 00
[10930882.545283] sd 8:0:0:0: [sdb] No Caching mode page found
[10930882.545284] sd 8:0:0:0: [sdb] Assuming drive cache: write through
[10930882.567263]  sdb: sdb1
[10930882.568351] sd 8:0:0:0: [sdb] Attached SCSI removable disk
[10930887.640395] FAT-fs (sdb1): Volume was not properly unmounted. Some data 
may be corrupt. Please run fsck.
[10930894.488038] sd 8:0:0:0: [sdb] tag#0 FAILED Result: hostbyte=DID_ERROR 
driverbyte=DRIVER_SENSE
[10930894.488041] sd 8:0:0:0: [sdb] tag#0 Sense Key : Hardware Error [current] 
[10930894.488043] sd 8:0:0:0: [sdb] tag#0 Add. Sense: No additional sense 
information
[10930894.488045] sd 8:0:0:0: [sdb] tag#0 CDB: Synchronize Cache(10) 35 00 00 
00 00 00 00 00 00 00
[10930894.497472] usb 8-1: USB disconnect, device number 106
[10932073.936844] usb 3-1: USB disconnect, device number 19
[10932092.353300] usb 3-1: new high-speed USB device number 20 using ehci-pci
[10932092.473483] usb 3-1: New USB device found, idVendor=1043, idProduct=8012
[10932092.473486] usb 3-1: New USB device strings: Mfr=1, Product=2, 
SerialNumber=0
[10932092.473487] usb 3-1: Product: Flash Disk
[10932092.473488] usb 3-1: Manufacturer: Generic

--
Thelma

Re: [gentoo-user] repair FAT-fs

[Paul Colquhoun]

On Saturday, 3 March 2018 3:24:32 PM AEDT the...@sys-concept.com wrote:
> I've an android TV box (T95Z Plus) that has a corrupted File System.
> dmes is showing :
> 
> usb-storage 8-1:1.0: USB Mass Storage device detected
> scsi host8: usb-storage 8-1:1.0
> scsi 8:0:0:0: Direct-Access Kingston DataTraveler G3  PMAP PQ: 0 ANSI: 4
> sd 8:0:0:0: Attached scsi generic sg2 type 0
> sd 8:0:0:0: [sdb] 30489408 512-byte logical blocks: (15.6 GB/14.5 GiB)
> sd 8:0:0:0: [sdb] Write Protect is off
> sd 8:0:0:0: [sdb] Mode Sense: 23 00 00 00
> sd 8:0:0:0: [sdb] No Caching mode page found
> sd 8:0:0:0: [sdb] Assuming drive cache: write through
> sdb: sdb1
> sd 8:0:0:0: [sdb] Attached SCSI removable disk
> FAT-fs (sdb1): Volume was not properly unmounted. Some data may be
> corrupt. Please run fsck.
> 
> I 've "dosfstools" installed but I can not run: dosfsck - it doesn't exist.


Try 'fsck.vfat' instead. There is also 'fsck.fat' or 'fsck.exfat', at least on 
my installation.


-- 
Reverend Paul Colquhoun, ULC. http://andor.dropbear.id.au/
  Asking for technical help in newsgroups?  Read this first:
 http://catb.org/~esr/faqs/smart-questions.html#intro

[gentoo-user] repair FAT-fs

[thelma]

I've an android TV box (T95Z Plus) that has a corrupted File System.
dmes is showing :

usb-storage 8-1:1.0: USB Mass Storage device detected
scsi host8: usb-storage 8-1:1.0
scsi 8:0:0:0: Direct-Access Kingston DataTraveler G3  PMAP PQ: 0 ANSI: 4
sd 8:0:0:0: Attached scsi generic sg2 type 0
sd 8:0:0:0: [sdb] 30489408 512-byte logical blocks: (15.6 GB/14.5 GiB)
sd 8:0:0:0: [sdb] Write Protect is off
sd 8:0:0:0: [sdb] Mode Sense: 23 00 00 00
sd 8:0:0:0: [sdb] No Caching mode page found
sd 8:0:0:0: [sdb] Assuming drive cache: write through
sdb: sdb1
sd 8:0:0:0: [sdb] Attached SCSI removable disk
FAT-fs (sdb1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

I 've "dosfstools" installed but I can not run: dosfsck - it doesn't exist.

-- 
Thelma

[gentoo-user] Re: QEMU on a partition

[Ian Zimmerman]

On 2018-03-02 20:12, R0b0t1 wrote:

> I can't find it again, but there was a neat writeup investigating the
> TCP over TCP "tunnel collapse" phenomena. When two layers are doing
> the same thing, there is a tendency for both to behave poorly. I'm not
> sure any deeper explanation was or can be offered, but it is something
> that holds true not only for network traffic, but disk IO and
> databases as well.

I think I've seen that too, and it was when I decided to install and
learn openvpn in place of the everything-over-ssh setup I had before.

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.

Re: [gentoo-user] Re: Bouncing Messages

[Grant Taylor]

On 03/02/2018 05:47 PM, Ian Zimmerman wrote:
Flam^H^H^H^H value judgments aside, does DMARC also change the long 
standing standard of sending rejections to the envelope address?


No, DMARC should not change the principle operation of SMTP, save for 
additional checks that messages must pass.  All other aspects of sending 
email should be the same.


MTAs should continue to send bounces back to the SMTP envelope address. 
Though, ideally the MTA would reject the message during SMTP time 
instead of accepting and bouncing the message.


DMARC does offer the ability to have reports about DMARC failures sent 
to the domain publishing the DMARC record.




--
Grant. . . .
unix || die

Re: [gentoo-user] QEMU on a partition

[R0b0t1]

On Fri, Mar 2, 2018 at 5:56 PM, Grant Taylor
 wrote:
> I've found that removing not-strictly-needed layers of abstraction reduces
> complexity and makes things faster.
>

I can't find it again, but there was a neat writeup investigating the
TCP over TCP "tunnel collapse" phenomena. When two layers are doing
the same thing, there is a tendency for both to behave poorly. I'm not
sure any deeper explanation was or can be offered, but it is something
that holds true not only for network traffic, but disk IO and
databases as well.

Cheers,
 R0b0t1

[gentoo-user] Enable SSH Logging with Sysklogd

[Lucas Ramage]

Hello,

I have sshd running and I have sysklogd installed, but I do not see any
logs for attempted or successful connections.

Here is my /etc/ssh/sshd_config,

LoginGraceTime 2m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3
MaxSessions 2

PasswordAuthentication no
ChallengeResponseAuthentication no

UsePAM no

PrintMotd no
PrintLastLog no
Subsystem   sftp/usr/lib64/misc/sftp-server

AcceptEnv LANG LC_*

That's the whole thing.

Thanks,

-- 

[image: Visit online journal] 

*Lucas Ramage* / Software Engineer
ramage.lu...@openmailbox.org / (941) 404-6794

*PGP Fingerprint* / Learn More 
EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7


*Visit online journal*
http://lramage94.github.io 

[image: Github]  [image: Linkedin]

[gentoo-user] Re: Bouncing Messages

[Ian Zimmerman]

On 2018-03-02 15:51, Grant Taylor wrote:

> The reason that messages are being rejected is because of the DMARC
> policy.  1) I publish DMARC records and 2) Gmail honor published DMARC
> records.

[...]

> - This is a growing change in the email industry.  - I just happen to
> live towards (but not on) the bleeding edge of email.

Flam^H^H^H^H value judgments aside, does DMARC also change the
long standing standard of sending rejections to the envelope address?

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.

Re: [gentoo-user] Bouncing Messages

[Grant Taylor]

On 03/02/2018 04:59 PM, Dale wrote:
I admit.  This is all over my head.  I'm just hoping I didn't miss 
anything important.  The biggest thing, some of you figured out what 
happened, created a roach report and hopefully it will lead to a fix 
at some point.  Heck, I'm happy that whatever the heck is going on, 
it will be corrected.


I'm taking the fact that you're replying to my message to mean that you 
did receive it.  Which sounds like the workaround is functioning.  :-)


Now to go play with my new battery charger.  It's a XTAR VC4 with a 
really pretty blue display.  O_O


#hazFun



--
Grant. . . .
unix || die

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

[Rich Freeman]

On Fri, Mar 2, 2018 at 6:34 PM, Grant Taylor
 wrote:
> On 03/02/2018 05:08 AM, Rich Freeman wrote:
>>
>> On the other hand, if netfilter were implemented in userspace such as via
>> a microkernel, then if it contained a bug the remote attacker would be able
>> to MITM all network traffic on the machine, but that would be the extent of
>> the access they have.
>
>
> I don't know that it would be the extent of the access the attacker would
> have.  It might also be a beachhead that could be used as a starting point
> for future attacks.

How?  You'd need a local priv escalation vulnerability to do anything
further.  If the same bug existed in kernel space you'd already have
kernel privs and own the machine.

It would be the exact same code whether it is running in userspace or
kernelspace.  It isn't like code is magically immune to bugs if it is
in the kernel.  It would probably be maintained by the exact same
people either way.

>
>> The process running the netfilter code doesn't need anything other than a
>> pipe back to the kernel to receive packets and send packets back, so it can
>> run with minimal privs otherwise.
>
>
> I think that more than a simple pipe (as in unix socket) is needed.
> Currently, any program that uses IP is expecting a socket to behave like it
> currently behaves.  I don't think a simple pipe can provide that.

There would be no change to regular software.  They would use the same
system calls to open sockets.  They would send their packets to the
kernel.  The kernel would send them to the userspace netfilter
process.  The userspace netfilter process would send them back to the
kernel.  The kernel would then send them to the physical layer for
transport.

That is how microkernels work.  The kernel is still the central point
of contact and the system calls basically work the same way as they do
today.  However, the kernel offloads as much processing to userspace
as possible.

With filesystems it is no different with a microkernel.  You use the
same system calls to write to a file.  The data to be written goes to
the kernel.  However, instead of the kernel calling the filesystem
layer in kernel space it instead sends the data via IPC of some sort
to a filesystem driver running in userspace.  It then sends the raw
block device instructions back to the kernel, which then passes it to
the device driver for the disk.

>> a lot of the boot-time mounting logic and devfs/etc logic has gone away in
>> favor of initramfs and udev.
>
>
> Please provide examples of this "…boot-time mounting logic and devfs/etc
> logic…" that used to be in kernel.
>
> I'll argue that devfs is now in kernel when it used to be files on a file
> system or dynamically created by a user space process.  As far as I know,
> mounting (more than root as RO) has always been driven from user space via
> init scripts.

I'm talking about mounting root.  Capabilities such as identifying
devices by UUID have not been added to the kernel, with this being
done in an initramfs instead.  The trends has been in that direction
with assembling RAID arrays and such as well.  They haven't removed
much code that is working, but they haven't been enhancing it either.
If you use an initramfs the kernel automatically disables most of the
RAID handling.

I believe there was a period of time after devfs came along but before
udev came along that the complexity of hotplug/etc seemed to be
growing on the kernel side.  This was quickly recognized as a losing
battle which is why we have udev today (or its alternate
implementations - one of the benefits of moving this stuff out of the
kernel is that it makes it easier to use alternate implementations).

Obviously mounting filesystems other than root have never been in the kernel.

> Sure, there's a LOT of changes going on in that space, particularly around
> (anti)systemd.

Well, unless you're referring to udev (which got absorbed by systemd
though it is more-or-less still separate), I don't think there is
actually a great deal that systemd does that would otherwise be done
in kernel space.  Maybe some of the maintenance of CGROUPS, but that
was all done in userspace from the start, as this trend is fairly
established now and it was never done in kernel space.

>> And of course if this is done it is done correctly, and not as some kind
>> of userspace hack on top of an OS to add features that it lacks.
>
> ???
>

I said that because I think your view might be a bit tainted by
previous experiences in Windows/etc.  There is a difference between
designing a kernel subsystem to provide a capability but to offload
some of the work to userspace, and trying to layer some kind of
capability into an OS that otherwise lacks it.  All this stuff is
designed into linux so that it is robust.

There are pros and cons to microkernels, and of course linux will
probably never turn into a proper microkernel, and I'm not really even
saying it should.  However, the fact that stuff 

Re: [gentoo-user] Bouncing Messages

[Dale]

Grant Taylor wrote:
> On 03/02/2018 02:52 PM, Dale wrote:
>> I did send a help message first, so that I would know exactly what to
>> do.  I followed it.  Still, I don't think I received anything even now.
>
> I'm not surprised.
>
> The testing that I did last night when you posted the links caused me
> to believe that the original messages were re-sent to the requester
> the exact same way that they were originally sent.  (I actually like
> that feature.)
>
> I sort of expect that you won't get the re-sent message because it
> will very likely fail the same tests that the original message failed.
>
>> I know I didn't get anything new for at least 15 or 20 minutes and
>> even then, it was a reply to a recent post.  I wouldn't think that
>> would be a missing message from a few days ago.
>>
>> Maybe it is something else.  Maybe it is google on my end in this
>> case anyway.  I dunno.
>
> The re-sent messages that I saw were the original message, re-sent.
> This means that they would have the same subject, date, etc, not
> updated for when you requested them to be re-sent.  Thus if you're
> threading messages, they will show up in the thread where the original
> message belonged.
>
>
>

I admit.  This is all over my head.  I'm just hoping I didn't miss
anything important.  The biggest thing, some of you figured out what
happened, created a roach report and hopefully it will lead to a fix at
some point.  Heck, I'm happy that whatever the heck is going on, it will
be corrected. 

Now to go play with my new battery charger.  It's a XTAR VC4 with a
really pretty blue display.  O_O 

Dale

:-)  :-) 

Re: [gentoo-user] QEMU on a partition

[Grant Taylor]

On 03/02/2018 09:45 AM, Mick wrote:

Does it make a measurable difference, after the guest OS has booted?


IMHO, /bin/yes


I'll need to try this out.  :-)


Yes, you should try it out for yourself.

I've found that removing not-strictly-needed layers of abstraction 
reduces complexity and makes things faster.


I only use partitions (when using the entire disk) on PCs because so 
many recovery tools assume that they are there and work a LOT better 
than with raw disks.




--
Grant. . . .
unix || die

Re: [gentoo-user] QEMU on a partition

[Grant Taylor]

On 03/02/2018 08:33 AM, R0b0t1 wrote:
You can pass a block device directly to QEMU, and this is recommended 
for performance reasons. I have a Windows 10 VM that was passed an 
entire SSD; it runs fine, and you can take the disk and plug it into 
other computers. Passing a partition is a little different, if you wish 
to load it directly, you would need to chainload it with GRUB, as the 
MBR/GPT information would be duplicated.


Agreed on all accounts.

All OP needs to do is pass something like "-drive 
file=/dev/block,if=virtio". There should be more options, such as AIO 
implementation, but you likely won't need to mess with them.


If you pass a block device the MBR/GPT information will be stored 
there. In the case of passing a partition, this means you can't boot it 
"directly" because the BIOS/EFI firmware can't read it.


I think that it might be possible to pass the partitions (FS & swap) as 
individual drives to the guest VM.  Make sure that the guest VM mounts 
them by the UUID and not by path as the path in the VM and bare metal 
will be different.


I've not tried this, but I think that it will work.  Guest would "mkfs 
/dev/sda" and "mkswap /dev/sdb"




--
Grant. . . .
unix || die

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

[Grant Taylor]

On 03/02/2018 05:08 AM, Rich Freeman wrote:
On the other hand, if netfilter were implemented in userspace such as 
via a microkernel, then if it contained a bug the remote attacker would 
be able to MITM all network traffic on the machine, but that would 
be the extent of the access they have.


I don't know that it would be the extent of the access the attacker 
would have.  It might also be a beachhead that could be used as a 
starting point for future attacks.


The process running the netfilter code doesn't need anything other than 
a pipe back to the kernel to receive packets and send packets back, 
so it can run with minimal privs otherwise.


I think that more than a simple pipe (as in unix socket) is needed. 
Currently, any program that uses IP is expecting a socket to behave like 
it currently behaves.  I don't think a simple pipe can provide that.


I can see a way now, using existing technology, to have an isolated 
firewall that runs in user space.  Remove all IP processing from eth0 in 
the main kernel.  Connect eth0 to a User Mode Linux kernel which does 
the filtering (in user space) and routes the traffic back over another 
connection to the host kernel, i.e. uml0.


 +-+
 | Host|
 |   +--+  |
 |   | UML Firewall |  |
-+ eth0eth1 +---uml0   |
 |   +--+  |
 +-+

Processes running on the host can use the uml0 interface just like they 
formerly used the eth0 interface.


All the firewalling / filtering / routing happens in user space 
(possibly a container) and independent of the host kernel.


a lot of the boot-time mounting logic and devfs/etc logic has gone away 
in favor of initramfs and udev.


Please provide examples of this "…boot-time mounting logic and devfs/etc 
logic…" that used to be in kernel.


I'll argue that devfs is now in kernel when it used to be files on a 
file system or dynamically created by a user space process.  As far as I 
know, mounting (more than root as RO) has always been driven from user 
space via init scripts.


Sure, there's a LOT of changes going on in that space, particularly 
around (anti)systemd.  But IMHO this has been user space for as long as 
I have known.


Please provide examples where I'm wrong.  I'd like to learn.

And of course if this is done it is done correctly, and not as some kind 
of userspace hack on top of an OS to add features that it lacks.


???



--
Grant. . . .
unix || die

Re: [gentoo-user] Bouncing Messages

[Grant Taylor]

On 03/02/2018 02:52 PM, Dale wrote:
I did send a help message first, so that I would know exactly what to do. 
 I followed it.  Still, I don't think I received anything even now.


I'm not surprised.

The testing that I did last night when you posted the links caused me to 
believe that the original messages were re-sent to the requester the 
exact same way that they were originally sent.  (I actually like that 
feature.)


I sort of expect that you won't get the re-sent message because it will 
very likely fail the same tests that the original message failed.


I know I didn't get anything new for at least 15 or 20 minutes and even 
then, it was a reply to a recent post.  I wouldn't think that would be 
a missing message from a few days ago.


Maybe it is something else.  Maybe it is google on my end in this 
case anyway.  I dunno.


The re-sent messages that I saw were the original message, re-sent. 
This means that they would have the same subject, date, etc, not updated 
for when you requested them to be re-sent.  Thus if you're threading 
messages, they will show up in the thread where the original message 
belonged.




--
Grant. . . .
unix || die

Re: [gentoo-user] Re: Bouncing Messages

[Grant Taylor]

On 03/02/2018 09:36 AM, Ian Zimmerman wrote:
These are all from Grant Taylor.  They are DKIM-signed, and, not 
surprisingly given the list header and footer munging, signature 
verification fails (on my mail server).


Correct.  DKIM verification is failing and my DMARC policy is configured 
to REJECT messages that fail DKIM or SPF tests.


The reason that messages are being rejected is because of the DMARC 
policy.  1)  I publish DMARC records and 2) Gmail honor published DMARC 
records.


The same type of problem will happen with any other sending domain that 
publishes REJECT records to a recipient where the receiving server 
honors said REJECT records.


This is not just me.  More and more sending domains are publishing DMARC 
records and more and more receiving servers are honoring said records. 
Further, multiple governments are mandating that governmental agencies 
and sub-contractors implement DMARC (which also means DKIM and SPF). 
The US and Germany come to mind immediately.  -  This is a growing 
change in the email industry.  -  I just happen to live towards (but not 
on) the bleeding edge of email.


Munging by lists should just die.  Why do it?  Windoze and Goo users may 
have to split their mail into folders by Subject, but surely Gentooers 
know better?


I do not believe that munging is a bad thing.  I'll even go so far as to 
say that I think it's a good thing.  (This can turn into a long running 
discussion that likely doesn't belong on the Gentoo-User mailing list.)


IMHO the biggest issue is that the messages aren't munged enough.  From 
also needs to be munged to make the message appear to be from a 
different address.  (Ideally one that the mailing list owns.)


I also think that any security headers that exist on the incoming 
message should be removed as messages come into the mailing list and 
certainly before going out from the mailing list.


 - ARC-*
 - Authentication-Results
 - DKIM-*

Removing these extra headers should help ensure that they don't 
accidentally get mis-interpreted by servers receiving messages from the 
mailing list manager.


I have created a new email address in a sub-domain and (re)subscribed to 
the Gentoo-User mailing list with it and unsubscribed my main email 
address.  This new sub-domain has a different DMARC policy ("NONE" 
instead of "REJECT") and I'm hoping that it will minimize the number of 
messages that get bounced.  (This is the first time I'm testing it, so I 
may not have things correctly configured for the new sub-domain yet.)




--
Grant. . . .
unix || die

Re: [gentoo-user] Bouncing Messages

[Dale]

Floyd Anderson wrote:
> On Thu, 01 Mar 2018 23:28:51 -0600
> Dale  wrote:
>> Floyd Anderson wrote:
>>> On Thu, 01 Mar 2018 20:21:52 -0800
>>> Ian Zimmerman  wrote:
 On 2018-03-01 18:12, Dale wrote:

> Here is the list of the bounced messages:
> - 182748
> - 182749
> - 182751

 If you succeed in retrieving them, please let us know which ones they
 were, so we can guess as to the cause.

>>>
>>> Just send an empty mail to:
>>>
>>>    
>>>
>>> where ‘N’ is the message number, for instance:
>>>
>>>    
>>>
>>> and you should receive the requested mail (182749). I got it within
>>> one minute.
>>>
>>>
>>
>> Interesting.  The plot thickens.  I sent mine hours ago and got nothing
>> yet, other than the recent replies which are in sequence so far.  This
>> is what I sent to get them:
>>
>> gentoo-user+get-182...@lists.gentoo.org
>
> that should give you [1]
>
>> gentoo-user+get-182...@lists.gentoo.org
>
> and also [2]
>
>> gentoo-user+get-182...@lists.gentoo.org
>
> and finally [3]. The sequence order shouldn’t play any role I think. A
> year ago I got also massive bounces here (due to my mail provider) and
> requested a bunch of (collected) list mails by a script – nearly
> without problems (sometimes I had to do it twice for certain emails).
>
>> Am I missing something?
>
> I don’t think so. Did you previously receive a help message from
> ? Or just try your success with
>  (my previous reply or try
> your own [182794] email), so the Gentoo side can probably be excluded.
>
>> I wonder if google is blocking them. I have to BCC myself to get my
>> replies since google sends them to /dev/null otherwise. Annoying thing.
>
> Since all three emails have the same source, I found some blacklist
> results on [4] but I don’t know whether this is relevant, i.e. I’m
> purely guessing here.
>
>
> References:
>   - [1] 
> 
>
>   - [2] 
> 
>
>   - [3] 
> 
>
>   - [4] 
>
>
>

I did send a help message first, so that I would know exactly what to
do.  I followed it.  Still, I don't think I received anything even now. 
I know I didn't get anything new for at least 15 or 20 minutes and even
then, it was a reply to a recent post.  I wouldn't think that would be a
missing message from a few days ago. 

Maybe it is something else.  Maybe it is google on my end in this case
anyway.  I dunno. 

Dale

:-)  :-) 

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

[Dale]

Daniel Frey wrote:
> On 03/01/18 23:33, zlg wrote:
>> On Tue, Feb 27, 2018 at 01:22:57PM -0600, Dale wrote:
>>> P. S.  On the rare occasion I want to add something to the world file, I
>>> either do it directly or use --select y to override the -1 in
>>> make.conf.  That helps keep the world file from getting cluttered up to
>>> no end with things that shouldn't be there.
>>>
>> I recently took --oneshot out of EMERGE_DEFAULT_OPTS due to failing to
>> find --select y; now I can add it back in. Thanks for the tip!
>>
>> ~zlg
>>
> I've always used --noreplace or -n for that purpose.
>
> Dan
>
>


The reason I have been using --select y is this:


  --select [ y | n ] (-w short option)
  Add specified packages to the world set (inverse of
--oneshot). This is useful if you want to use EMERGE_DEFAULT_OPTS to
make --oneshot behavior default.


If I've already installed the package and don't want to rebuild it
again, I add -n to the line.  I never tried just -n because it doesn't
mention adding anything to the world file only that it doesn't build the
package. 


   --noreplace (-n)
  Skips the packages specified on the command-line that have
already been installed.  Without this option, any package atoms or
package sets  you  specify  on
  the  command-line  will  cause Portage to remerge the
package, even if it is already installed.  Note that Portage will not
remerge dependencies by default.
  This option can be used to update the world file without
rebuilding the packages.


For the way I do packages, I guess my way works better.  Sometimes I
install something, play with it a while and then decide whether to keep
it or not or let --depclean remove it and it's friends. 

Dale

:-)  :-) 

[gentoo-user] trying to emerge package and it says Header files have changed between ABIs

[John Covici]

Hi.  I tried to emerge at-spi2-core-2.26.2 so I coulld get orca to
work, but I get the following during the install phase:
Running custom install script '/usr/bin/python3.5
/usr/lib/python-exec/python3.5/meson --internal gettext install
--subdir=po --localedir=share/locale --pkgname=at-spi2-core'
 * Header files have changed between ABIs.
  * ---
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/temp/.multilib_header_cksum
  2018-03-01 08:31:25.343627784 -0500
   * +++
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/temp/.multilib_header_cksum.new
  2018-03-01 08:31:31.253547622 -0500
   * @@ -14,7 +14,7 @@
*  2540359343 2588
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-editabletext.h
   *  2054567643 2683
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-collection.h
   *  1103423554 2805
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-hyperlink.h
   * -2718813153 2856
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-enum-types.h
   * +3014770134 2860
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-enum-types.h
   *  2138110643 2869
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-stateset.h
   *  1115458382 2973
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-matchrule.h
   *  3466982628 2995
  
/var/tmp/portage/app-accessibility/at-spi2-core-2.26.2/image/usr/include/at-spi-2.0/atspi/atspi-table-cell.h
   * ERROR: app-accessibility/at-spi2-core-2.26.2::gnome failed
  (install phase):
   *   Header checksum mismatch, aborting.

So, what can I do to fix?  What does this actually mean or can I
bypass this check?

Thanks in advance for any suggestions.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: [gentoo-user] Bouncing Messages

[Floyd Anderson]

On Fri, 02 Mar 2018 08:36:23 -0800
Ian Zimmerman  wrote:

On 2018-03-02 12:04, Floyd Anderson wrote:







These are all from Grant Taylor.  They are DKIM-signed, and, not
surprisingly given the list header and footer munging, signature
verification fails (on my mail server).

Munging by lists should just die.  Why do it?  Windoze and Goo users may
have to split their mail into folders by Subject, but surely Gentooers
know better?


Yes, after reading the Gmail log snippet from the bug that Branko has 
filed, there is also a DMARC policy involved with an unauthenticated 
email. The site linked in that snippet mentioned also:


“[…] Google rejects all messages from eBay or PayPal that aren’t 
authenticated.”



--
Regards,
floyd

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

[Daniel Frey]

On 03/01/18 23:33, zlg wrote:
> On Tue, Feb 27, 2018 at 01:22:57PM -0600, Dale wrote:
>>
>> P. S.  On the rare occasion I want to add something to the world file, I
>> either do it directly or use --select y to override the -1 in
>> make.conf.  That helps keep the world file from getting cluttered up to
>> no end with things that shouldn't be there.
>>
> 
> I recently took --oneshot out of EMERGE_DEFAULT_OPTS due to failing to
> find --select y; now I can add it back in. Thanks for the tip!
> 
> ~zlg
> 

I've always used --noreplace or -n for that purpose.

Dan

Re: [gentoo-user] QEMU on a partition

[R0b0t1]

On Fri, Mar 2, 2018 at 10:45 AM, Mick  wrote:
> On Friday, 2 March 2018 15:33:02 GMT R0b0t1 wrote:
>> You can pass a block device directly to QEMU, and this is recommended
>> for performance reasons.
>
> Does it make a measurable difference, after the guest OS has booted?
>
> I'll need to try this out.  :-)
>

If I remember right it makes a huge difference in raw IO speed, but
one of the most noticeable benefits is that there are no delays as
filesystem cache is flushed to service VM IO operations (which would
be noticed outside of the VM as well).

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

[Neil Bothwick]

On Fri, 2 Mar 2018 10:51:04 -0600, Dale wrote:

> > I recently took --oneshot out of EMERGE_DEFAULT_OPTS due to failing to
> > find --select y; now I can add it back in. Thanks for the tip!

> For a while, I had to remove it to add things to the world file, or add
> it directly.  I don't know if the option wasn't there or I just couldn't
> find it.

emerge has had the -n option for some years.


-- 
Neil Bothwick

"We can't solve problems by using the same kind of thinking we used when
we created them." (Albert Einstein)


pgp0I1p7rulTV.pgp
Description: OpenPGP digital signature

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

[Dale]

zlg wrote:
> On Tue, Feb 27, 2018 at 01:22:57PM -0600, Dale wrote:
>> Ian Zimmerman wrote:
>>> On 2018-02-27 11:02, Neil Bothwick wrote:
>>>
 A combination of --changed-deps, --with-bdeps=y and --deep is bound to
 result in plenty of unnecessary re-emerging.
>>> So, what _is_ the recommended set of emerge flags for regular daily or
>>> weekly updates (assuming no binary packages)?
>>>
>>
>> Over the years, I've ended up with this command and options set that
>> seem to work pretty well for most everything.  This is in make.conf:
>>
>> EMERGE_DEFAULT_OPTS="--with-bdeps y --backtrack=100 --keep-going -v -j5
>> --quiet-build=n -1 --unordered-display"
>>
>> After I run eix-sync, I then run emerge -uaDN world and give the updates
>> a looking over, to make sure the USE flags are like I want etc etc.  I
>> started out with fewer options but as issues popped up or options were
>> added that made things work better, they were added.  Some are done in
>> make.conf to make sure they are the default for every command, unless I
>> override it on the command line.  So far, it has resulted in a fairly
>> stable system even if I have some arch packages installed, KDE for
>> example. 
>>
>> As usual, you may need something different but that has worked for me
>> and could be a starting point at least. 
>>
>> Hope that helps.
>>
>> Dale
>>
>> :-)  :-) 
>>
>> P. S.  On the rare occasion I want to add something to the world file, I
>> either do it directly or use --select y to override the -1 in
>> make.conf.  That helps keep the world file from getting cluttered up to
>> no end with things that shouldn't be there.
>>
> I recently took --oneshot out of EMERGE_DEFAULT_OPTS due to failing to
> find --select y; now I can add it back in. Thanks for the tip!
>
> ~zlg


For a while, I had to remove it to add things to the world file, or add
it directly.  I don't know if the option wasn't there or I just couldn't
find it.  Either way, it sure does help to have that on by default. 
Without it the world file can easily turn into a mess. 

Glad the post helped one person at least.  ;-)

Dale

:-)  :-) 

Re: [gentoo-user] QEMU on a partition

[Mick]

On Friday, 2 March 2018 15:33:02 GMT R0b0t1 wrote:
> You can pass a block device directly to QEMU, and this is recommended
> for performance reasons.

Does it make a measurable difference, after the guest OS has booted?

I'll need to try this out.  :-)

-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

[gentoo-user] Re: Bouncing Messages

[Ian Zimmerman]

On 2018-03-02 12:04, Floyd Anderson wrote:

> 
> 
> 

These are all from Grant Taylor.  They are DKIM-signed, and, not
surprisingly given the list header and footer munging, signature
verification fails (on my mail server).

Munging by lists should just die.  Why do it?  Windoze and Goo users may
have to split their mail into folders by Subject, but surely Gentooers
know better?

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.

Re: [gentoo-user] Bouncing Messages

[Daniel Frey]

On 03/01/18 12:42, R0b0t1 wrote:
> I keep getting emails from the mailer daemon about bouncing messages.
> I am worried. Am I missing messages from my internet friends? Please
> send help.
> 
> With much concern,
>  R0b0t1
> 

I've noticed quite a few in the last couple weeks myself. Gmail perhaps
doesn't like mailer traffic now?

Although I don't recall ever getting any message about this in the past.

Dan

Re: [gentoo-user] QEMU on a partition

[R0b0t1]

On Fri, Mar 2, 2018 at 9:00 AM, Mick  wrote:
> On Friday, 2 March 2018 11:34:09 GMT Peter Humphrey wrote:
>> On Friday, 2 March 2018 11:12:36 GMT Helmut Jarausch wrote:
>> > Hi,
>> >
>> > I'd like to install a second Gentoo system on a partition by running
>> > QEMU using that partition (directly) - this is to create and update a
>> > Gentoo
>> > system with different CFLAGS (for an older machine).
>
> The QEMU guest's complete filesystem is contained within a *virtual* disk
> image.  As far as the host OS is concerned, the guest's disk with all
> partitions on it, is a file.  You can store this image file wherever you want
> and map the QEMU on the host to launch it.
>

You can pass a block device directly to QEMU, and this is recommended
for performance reasons. I have a Windows 10 VM that was passed an
entire SSD; it runs fine, and you can take the disk and plug it into
other computers. Passing a partition is a little different, if you
wish to load it directly, you would need to chainload it with GRUB, as
the MBR/GPT information would be duplicated.

All OP needs to do is pass something like "-drive
file=/dev/block,if=virtio". There should be more options, such as AIO
implementation, but you likely won't need to mess with them.


>
>> > Having no experience in such setups my initial problem is how to
>> > install grub2 on that partition (only). I don't want to modify the MBR
>> > of the whole drive containing that partition.
>
> You do not install the guest's GRUB or any other boot loader on the host's
> partition.  You install it within the virtual disk after you have launched the
> guest having attached a LiveCD to it, using QEMU.
>

If you pass a block device the MBR/GPT information will be stored
there. In the case of passing a partition, this means you can't boot
it "directly" because the BIOS/EFI firmware can't read it.

>
>> I do the same for my Atom machine by NFS-exporting its /usr/portage to a
>> chroot on my main machine. The question of booting doesn't arise; all that's
>> needed is a copy of /etc/portage* and the world file. If that sounds
>> interesting I can show you some more detail.
>>
>> * Things like -march and --jobs differ to suit the host machine, but that's
>> about all.
>
> As noted above you'll need to set up CFLAGS in the guest's make.conf file to
> suit the *guest* platform and its CPU.  Setting up "-march=native" won't work
> here.
>

QEMU should, by default, emulate the host processor exactly if your
machine has VT-x. The VM runs directly on the processor and all
instructions are available except the virtualization ones, but you can
enable nested VT-x or the AMD equivalent.

Cheers,
 R0b0t1

Re: [gentoo-user] Bouncing Messages

[Branko Grubic]

On Thu, 1 Mar 2018 14:42:35 -0600
R0b0t1  wrote:

> I keep getting emails from the mailer daemon about bouncing messages.
> I am worried. Am I missing messages from my internet friends? Please
> send help.
> 
> With much concern,
>  R0b0t1
> 

I opened a bug[1] for the infra team, possibly they can analyze the
logs/reports to see why this happens.

[1] https://bugs.gentoo.org/649366

Re: [gentoo-user] mono broken?

[R0b0t1]

On Fri, Mar 2, 2018 at 12:48 AM, Alan Grimes  wrote:
> Hey, what should I do next to try to resolve this, I am pretty sure it's
> an install issue on my mono, haven't really tried to use it like this in
> years...
>
> As below, the "test install" tool tells me it's broken but doesn't give
> me any clue as to the next step. =(
>
>
> atg@tortoise ~/test/kerbal/DMP_SERVER/Soviet $ mono DMPServer.exe
>
> Unhandled Exception:
> System.TypeInitializationException: The type initializer for
> 'System.Console' threw an exception. --->
> System.TypeInitializationException: The type initializer for
> 'System.ConsoleDriver' threw an exception. ---> System.Exception: Magic
> number is wrong: 542
>   at System.TermInfoReader.ReadHeader (System.Byte[] buffer,
> System.Int32& position) [0x00028] in :0
>   at System.TermInfoReader..ctor (System.String term, System.String
> filename) [0x0005f] in :0
>   at System.TermInfoDriver..ctor (System.String term) [0x00055] in
> :0
>   at System.ConsoleDriver.CreateTermInfoDriver (System.String term)
> [0x0] in :0
>   at System.ConsoleDriver..cctor () [0x0004d] in
> :0
>--- End of inner exception stack trace ---
>   at System.Console.SetupStreams (System.Text.Encoding inputEncoding,
> System.Text.Encoding outputEncoding) [0x7] in
> :0
>   at System.Console..cctor () [0x0008e] in
> :0
>--- End of inner exception stack trace ---
>   at DarkMultiPlayerServer.DarkLog.Fatal (System.String message)
> [0x0] in <14a0c0e70def4065931f8240b7201327>:0
>   at DarkMultiPlayerServer.Server.Main () [0x0066e] in
> <14a0c0e70def4065931f8240b7201327>:0
> [ERROR] FATAL UNHANDLED EXCEPTION: System.TypeInitializationException:
> The type initializer for 'System.Console' threw an exception. --->
> System.TypeInitializationException: The type initializer for
> 'System.ConsoleDriver' threw an exception. ---> System.Exception: Magic
> number is wrong: 542
>   at System.TermInfoReader.ReadHeader (System.Byte[] buffer,
> System.Int32& position) [0x00028] in :0
>   at System.TermInfoReader..ctor (System.String term, System.String
> filename) [0x0005f] in :0
>   at System.TermInfoDriver..ctor (System.String term) [0x00055] in
> :0
>   at System.ConsoleDriver.CreateTermInfoDriver (System.String term)
> [0x0] in :0
>   at System.ConsoleDriver..cctor () [0x0004d] in
> :0
>--- End of inner exception stack trace ---
>   at System.Console.SetupStreams (System.Text.Encoding inputEncoding,
> System.Text.Encoding outputEncoding) [0x7] in
> :0
>   at System.Console..cctor () [0x0008e] in
> :0
>--- End of inner exception stack trace ---
>   at DarkMultiPlayerServer.DarkLog.Fatal (System.String message)
> [0x0] in <14a0c0e70def4065931f8240b7201327>:0
>   at DarkMultiPlayerServer.Server.Main () [0x0066e] in
> <14a0c0e70def4065931f8240b7201327>:0
> atg@tortoise ~/test/kerbal/DMP_SERVER/Soviet $ mono-
> mono-api-html  mono-cil-strip
> mono-find-requires mono-package-runtime
> mono-sgen  mono-test-install
> mono-api-info  mono-configuration-crypto
> mono-fpm   mono-service
> mono-shlib-cop mono-xmltool
> mono-boehm mono-find-provides
> mono-heapviz   mono-service2
> mono-symbolicate
>
>
>
> atg@tortoise ~/test/kerbal/DMP_SERVER/Soviet $ mono-test-install
> Active Mono: /usr/bin/mono
>
> Failed to compile sample System.Drawing program, your installation is broken
>

Which version do you have installed? Can you try remerging?

Cheers,
 R0b0t1

Re: [gentoo-user] QEMU on a partition

[Mick]

On Friday, 2 March 2018 11:34:09 GMT Peter Humphrey wrote:
> On Friday, 2 March 2018 11:12:36 GMT Helmut Jarausch wrote:
> > Hi,
> > 
> > I'd like to install a second Gentoo system on a partition by running
> > QEMU using that partition (directly) - this is to create and update a
> > Gentoo
> > system with different CFLAGS (for an older machine).

The QEMU guest's complete filesystem is contained within a *virtual* disk 
image.  As far as the host OS is concerned, the guest's disk with all 
partitions on it, is a file.  You can store this image file wherever you want 
and map the QEMU on the host to launch it.


> > Having no experience in such setups my initial problem is how to
> > install grub2 on that partition (only). I don't want to modify the MBR
> > of the whole drive containing that partition.

You do not install the guest's GRUB or any other boot loader on the host's 
partition.  You install it within the virtual disk after you have launched the 
guest having attached a LiveCD to it, using QEMU.


> I do the same for my Atom machine by NFS-exporting its /usr/portage to a
> chroot on my main machine. The question of booting doesn't arise; all that's
> needed is a copy of /etc/portage* and the world file. If that sounds
> interesting I can show you some more detail.
> 
> * Things like -march and --jobs differ to suit the host machine, but that's
> about all.

As noted above you'll need to set up CFLAGS in the guest's make.conf file to 
suit the *guest* platform and its CPU.  Setting up "-march=native" won't work 
here.

-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Re: Printer

[Neil Bothwick]

On Fri, 2 Mar 2018 10:56:35 +, Wols Lists wrote:

> > That's not correct. My HP laser AIO can scan to email, a network
> > folder or a USB stick.
> > 
> >   
> Just downloaded an AIO manual (3050 series). It says the functionality
> is Windows only, and needs to be configured using a Windows program.
> Okay, that's probably bullshit, but ...

Maybe that's true of that model, but it's certainly not true of all HP
AIO devices.
 
> The Dell is programmed via its web interface, and will scan to any CIFS
> share.

As can my HP.
 
> But as I say, I'm sure when I've investigated in the past, it's always
> required software on the computer to do the scan or email - oh - the AIO
> manual says they can scan TO AN EMAIL PROGRAM. They can't "scan to
> email" as I understand it ... it sounds like it fires up Outlook or
> whatever, and sticks the scan in as an attachment. It doesn't sound like
> it will talk to an email server and send an email with the scan
> attached.

Then why does the configuration web interface ask for the mail server
details?


-- 
Neil Bothwick

The voices in my head may not be real, but they have some good ideas!


pgpVCdmtFiwQv.pgp
Description: OpenPGP digital signature

Re: [gentoo-user] Re: Printer

[Neil Bothwick]

On Fri, 2 Mar 2018 10:18:34 +, Wols Lists wrote:

> >> Make sure you check the specs. Either it'll be expensive, or it
> >> probably won't do it. My Dells have been the only printer/scanners
> >> I've had that do it - HP's don't, Epsons don't ...  
> > 
> > That's not correct. My HP laser AIO can scan to email, a network
> > folder or a USB stick.
> >   
> I've seen printers advertised as scanning to email and network folders,
> and it turns out you need to control it FROM THE COMPUTER. (I saw the
> adverts, downloaded the manual, and there was no mention of doing from
> the front panel, but copious explanation of how to use the computer
> software.)

Bear in mind that I am not using adverts as my source of information but
the printer sitting next to my desk.

> My Dell, you need the computer to configure it, but then everything is
> controlled from the printer front panel.

It's exactly the same with my HP. You don't even need a windows program
to configure it, although they do supply one, as the printer has a built
in web server for configuration. And if you plug in a USB stick it opens
a menu that includes an option to scan to the stick.


-- 
Neil Bothwick

Help put the "fun" back in "dysfunctional" !


pgpf0sZDzhSgk.pgp
Description: OpenPGP digital signature

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

[Rich Freeman]

On Fri, Mar 2, 2018 at 6:42 AM, Heiko Baums  wrote:
> Am Thu, 1 Mar 2018 21:45:46 -0500
> schrieb Rich Freeman :
>
>> If they did move netfilter to userspace, then it would
>
> most likely be more insecure because a userspace process can be easier
> bypassed, killed, hacked or whatever. That's a lot harder with the
> kernel if not impossible.

It is actually the opposite.  The whole appeal of microkernels is that
they can potentially be a lot more robust.

Consider something like netfilter.  The code in netfilter is exposed
to unfiltered network traffic.  If it contains a bug then a remote
attacker might be able to run arbitrary code in kernel space, where
there is no separation of privs.  That code can access everything on
the machine.

On the other hand, if netfilter were implemented in userspace such as
via a microkernel, then if it contained a bug the remote attacker
would be able to MITM all network traffic on the machine, but that
would be the extent of the access they have.  Granted, it still
wouldn't be ideal because it probably would include local traffic that
might not be encrypted (think localhost traffic and socket
connections/etc).  Then again, depending on the implementation
different interfaces or connections might run in separate processes in
which case a remote attacker might only be able to MITM his own
connection.  The process running the netfilter code doesn't need
anything other than a pipe back to the kernel to receive packets and
send packets back, so it can run with minimal privs otherwise.

The fact that there are convenient command-line utilities to kill a
process does not mean that they are less secure/robust than kernel
modules.  Generally you have to be running as root to kill a process
with a different UID, and bugs that allow this to be exploited are
treated as severe by the kernel team (and in a microkernel they would
be very severe since it is one of the few things the kernel actually
does, and since the kernel doesn't do much the things it does do get
more attention).  If you are root, then you can also mess with the
kernel if you want to.  You might not know how to do it, but messing
with kernel processes certainly isn't impossible, as is crashing your
machine.

This is why the Linux maintainers actually prefer to move stuff to
userspace when it makes sense.  They're not looking to transition to a
microkernel, but a lot of the boot-time mounting logic and devfs/etc
logic has gone away in favor of initramfs and udev.  This allows for
alternate implementations, and it helps cut down on the complexity of
kernel code.

And of course if this is done it is done correctly, and not as some
kind of userspace hack on top of an OS to add features that it lacks.

-- 
Rich

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

[Heiko Baums]

Am Thu, 1 Mar 2018 21:45:46 -0500
schrieb Rich Freeman :

> If they did move netfilter to userspace, then it would

most likely be more insecure because a userspace process can be easier
bypassed, killed, hacked or whatever. That's a lot harder with the
kernel if not impossible.

See all those personal firewalls for Windows like Kerio Personal
Firewall, Zone Alarm or whatever when Windows didn't have its own
firewall.

I hope netfilter will never move to userspace. And I'm pretty sure it
won't.

Re: [gentoo-user] QEMU on a partition

[Peter Humphrey]

On Friday, 2 March 2018 11:12:36 GMT Helmut Jarausch wrote:
> Hi,
> 
> I'd like to install a second Gentoo system on a partition by running
> QEMU using that partition (directly) - this is to create and update a
> Gentoo
> system with different CFLAGS (for an older machine).
> 
> Having no experience in such setups my initial problem is how to
> install grub2 on that partition (only). I don't want to modify the MBR
> of the whole drive containing that partition.

I do the same for my Atom machine by NFS-exporting its /usr/portage to a 
chroot on my main machine. The question of booting doesn't arise; all that's 
needed is a copy of /etc/portage* and the world file. If that sounds 
interesting I can show you some more detail.

* Things like -march and --jobs differ to suit the host machine, but that's 
about all.

-- 
Regards,
Peter.

[gentoo-user] QEMU on a partition

[Helmut Jarausch]

Hi,

I'd like to install a second Gentoo system on a partition by running
QEMU using that partition (directly) - this is to create and update a  
Gentoo

system with different CFLAGS (for an older machine).

Having no experience in such setups my initial problem is how to
install grub2 on that partition (only). I don't want to modify the MBR
of the whole drive containing that partition.

Is is possible?

Many thanks for some hints or pointers,
Helmut

Re: [gentoo-user] Bouncing Messages

[Floyd Anderson]

On Thu, 01 Mar 2018 23:28:51 -0600
Dale  wrote:

Floyd Anderson wrote:

On Thu, 01 Mar 2018 20:21:52 -0800
Ian Zimmerman  wrote:

On 2018-03-01 18:12, Dale wrote:


Here is the list of the bounced messages:
- 182748
- 182749
- 182751


If you succeed in retrieving them, please let us know which ones they
were, so we can guess as to the cause.



Just send an empty mail to:

   

where ‘N’ is the message number, for instance:

   

and you should receive the requested mail (182749). I got it within
one minute.




Interesting.  The plot thickens.  I sent mine hours ago and got nothing
yet, other than the recent replies which are in sequence so far.  This
is what I sent to get them:

gentoo-user+get-182...@lists.gentoo.org


that should give you [1]


gentoo-user+get-182...@lists.gentoo.org


and also [2]


gentoo-user+get-182...@lists.gentoo.org


and finally [3]. The sequence order shouldn’t play any role I think. A 
year ago I got also massive bounces here (due to my mail provider) and 
requested a bunch of (collected) list mails by a script – nearly without 
problems (sometimes I had to do it twice for certain emails).



Am I missing something?


I don’t think so. Did you previously receive a help message from 
? Or just try your success with
 (my previous reply or try your 
own [182794] email), so the Gentoo side can probably be excluded.



I wonder if google is blocking them. I have to BCC myself to get my
replies since google sends them to /dev/null otherwise. Annoying thing.


Since all three emails have the same source, I found some blacklist 
results on [4] but I don’t know whether this is relevant, i.e. I’m 
purely guessing here.



References:
  - [1] 

  - [2] 

  - [3] 

  - [4] 



--
Regards,
floyd

Re: [gentoo-user] Re: Printer

[Wols Lists]

On 01/03/18 22:08, Neil Bothwick wrote:
> On Thu, 1 Mar 2018 17:56:15 +, Wols Lists wrote:
> 
>>> If I cared about scanning, I'd be very tempted to spend enough money
>>> to get a network-connected printer that just e-mails me a PDF document
>>> or writes it to a network file server.  
>>
>> Make sure you check the specs. Either it'll be expensive, or it probably
>> won't do it. My Dells have been the only printer/scanners I've had that
>> do it - HP's don't, Epsons don't ...
> 
> That's not correct. My HP laser AIO can scan to email, a network folder
> or a USB stick.
> 
> 
Just downloaded an AIO manual (3050 series). It says the functionality
is Windows only, and needs to be configured using a Windows program.
Okay, that's probably bullshit, but ...

The Dell is programmed via its web interface, and will scan to any CIFS
share.

But as I say, I'm sure when I've investigated in the past, it's always
required software on the computer to do the scan or email - oh - the AIO
manual says they can scan TO AN EMAIL PROGRAM. They can't "scan to
email" as I understand it ... it sounds like it fires up Outlook or
whatever, and sticks the scan in as an attachment. It doesn't sound like
it will talk to an email server and send an email with the scan attached.

Cheers,
Wol

Re: [gentoo-user] Re: Printer

[Wols Lists]

On 01/03/18 22:08, Neil Bothwick wrote:
> On Thu, 1 Mar 2018 17:56:15 +, Wols Lists wrote:
> 
>>> If I cared about scanning, I'd be very tempted to spend enough money
>>> to get a network-connected printer that just e-mails me a PDF document
>>> or writes it to a network file server.  
>>
>> Make sure you check the specs. Either it'll be expensive, or it probably
>> won't do it. My Dells have been the only printer/scanners I've had that
>> do it - HP's don't, Epsons don't ...
> 
> That's not correct. My HP laser AIO can scan to email, a network folder
> or a USB stick.
> 
> 
I've seen printers advertised as scanning to email and network folders,
and it turns out you need to control it FROM THE COMPUTER. (I saw the
adverts, downloaded the manual, and there was no mention of doing from
the front panel, but copious explanation of how to use the computer
software.)

My Dell, you need the computer to configure it, but then everything is
controlled from the printer front panel.

Cheers,
Wol