Re: [gentoo-user] best CAD app for industrial machining/molding?
Have a look at FreeCAD. Not the best cad app in the world, but imho it reached the point when it can be quite usable. Jarry On 19-Apr-21 4:47, caveman رجل الكهف 穴居人 wrote: hi. i want to design complex shapes, and then send them to some manufacturers. so my drawings need to be very accurate, and compatible with the manufacturers. plus, it would be nice to have the ability of being able to test how structurally strong my design is. e.g. how well it supports loads, and where are the pressured points, etc. a piece of extra information in case it helps: my 1st project has to do with car parts. thoughts on what to use? should i use autocad? else? how should i think? any tips? notes: - i'm on linux. - i'm not a very RMS-moral person. rgrds, cm. -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How do I compress jpeg files?
jpeg is already compressed. You can reduce its size by resampling to lower resolution and/or higher-level lossy compression. In both cases you are going to loose quality... Jarry On 18-Sep-20 15:32, Alan Mackenzie wrote: Hello, Gentoo! I've a number of jpeg files, 17 to be precise, which are high resolution and are around 3½ megabytes each. I would like to compress them down to around 100 kb each. I'm sure this is possible, if tedious, in gimp, somehow, but I can't for the life of me work out how (since it's years since I last did this). What is the best way (minimal learning, scriptable if possible), to do this? Thanks in advance! -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] tips on running a mail server in a cheap vps provider run but not-so-trusty admins?
On 18-Aug-20 8:43, Caveman Al Toraboran wrote: would i get blacklisted for simply not using spf/dkim/etc? even if no other user is using the mail service other than me and i'm not mass mailing? Well, hear my story: I too was running simple mail-server. Just a few users I trust, no public relaying, so what could possibly go wrong? As it turned out later: everything! For a few months all was running as expected, but then some time later all valid email sent by my mail-server was suddenly flagged as spam and rejected. It took me some time to investigate but finally I found my domain (not IP) was on Spamhaus' DBL (domain block list). How did it get there? It seems that someone has created faked spf-record for my domain (I was not using dnssec at that time) and somehow spread it out (maybe using dns cache-poisoning?) to many public dn-resolvers. With that spf-record he authorised many spam-sending hosts to send email with sender field pointing to my domain. And that was even bigger problem, because one can easily switch to different vps/IP if it gets blacklisted, but I did not want to abandon my domain. It took me quite long time to fix everything. So short answer is yes! Even if you are not mass-mailing, you can still get blacklisted, if you do not secure your IP, domain and mail-server properly... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] tips on running a mail server in a cheap vps provider run but not-so-trusty admins?
On 17-Aug-20 6:50, Caveman Al Toraboran wrote: hi. context: 1. tinfoil hat is on. 2. i feel disrespected when someone does things to my stuff without getting my approval. 3. vps admin is not trusty and their sys admin may read my emails, and laugh at me! 4. whole thing is not worth much money. so not welling to pay more than the price of a cheap vps. moving to dedicated hardware for me is not worth it. my goal is to make it annoying enough that cheap-vps's admins find it a bad idea for them to allocate their time to mingle with my stuff. thoughts on how to maximally satisfy these requirements? Rent VPS and be your own admin. But running properly configured mail-server is not so easy. Setting up postfix/exim/sendmail is just a beginning. If you mean it seriously and do not want your IP to land on blacklists (and you vps suspended), there is much more to do, i.e. spf, dkim, dmarc, dnssec, etc... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Joining PDF files together.
On 09-Jul-20 19:32, Jack wrote: > On 2020.07.09 13:25, Jarry wrote: >> On Thu, 9 Jul 2020 at 16:32, Alan Mackenzie wrote: >> > I've just scanned in a two-page document using sane, and it's given me >> > as output two separate files. I would like to join these together into >> > a single document. >> > >> > Would somebody please suggest to me an appropriate package to do this >> > with. >> >> Sorry for stealing this topic, but does any of mentioned packages >> support "overlapping" one pdf-page over the other? Not sure if >> I'm using the right word, but what I mean is "joining" two pdf >> pages of the same size to single page, with content of both those >> original pages written over each other to single output page. >> >> I have been using "stamp" option of pdftk for this, but it crashes >> sometimes... > I haven't done it, but would gimp work? It might be overkill, but > something about layers sounds appropriate. > It might work, but I'm doing it sometimes on large batches of files, so I'd prefer scripted solution. From my experience pdftk crashes about 4-5 times out of 100 operations. So I have to find those cases when it failed and run them again... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Joining PDF files together.
On Thu, 9 Jul 2020 at 16:32, Alan Mackenzie wrote: > I've just scanned in a two-page document using sane, and it's given me > as output two separate files. I would like to join these together into > a single document. > > Would somebody please suggest to me an appropriate package to do this > with. Sorry for stealing this topic, but does any of mentioned packages support "overlapping" one pdf-page over the other? Not sure if I'm using the right word, but what I mean is "joining" two pdf pages of the same size to single page, with content of both those original pages written over each other to single output page. I have been using "stamp" option of pdftk for this, but it crashes sometimes... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: A bit O/T: Running android apps in QEMU
On 21-Aug-19 17:49, Mick wrote: > On Monday, 19 August 2019 20:00:36 BST Nikos Chantziaras wrote: >> On 19/08/2019 21:36, Mick wrote: >>> I was wondering if I can run some/any of these apps as VM guests >>> within QEMU, on my amd64 Gentoo. >> >> You can, although it seems very complicated to make it work. Projects >> like Anbox (https://github.com/anbox/anbox) exist for that reason. >> Unfortunately, Anbox is not in portage so you'll have to build from source. > > This looks simpler than creating an ARM chroot on an x86 box. :-) > > Thanks Nikos, I'll give this a spin when I get minute. > Just curious: Is ARM for you a "must"? I'm running android-x86.org in virtualbox and the only problem is non-accelerated graphics (there are no virtualbox-additions for android). Appart from that, all works as expected. Network is emulated as "wifi", Google services are integrated and I can install apps as on any other android device... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] Xen with Gentoo as dom0: sw or hw raid?
Hi Gentoo-users, I'm going to build a small server with Xen-hypervisor with Gentoo as dom0 (if it is possible). Comming from ESXi-world, there is no choice (only true hw-raid is supported). But what about Linux? What's preffered way to go? Software-raid (mdadm), or true hardware raid-controller? I have a few spares (LSI-9271), these worked quite well with ESXi but I'm not sure they are supported by Linux at all, and if there is actually some way of monitoring controller-health... Concerning sw-raid, I have used it for quite some time, but never with Xen (is it actually possible?). Moreover, grub-config for Xen itself is somehow more complicated and sw-raid could add extra complexity... So the question is simple. For Xen-server with Gentoo as dom0, what do you recommend: sofware- or hardware-raid? Any other general tips concerning Xen (particularly with Gentoo as dom0)? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Bind stole my /
On 10-Nov-15 14:22, Tom H wrote: On Tue, Nov 10, 2015 at 12:32 AM, Mike Gilbert wrote: On Mon, Nov 9, 2015 at 2:36 PM, Jarry wrote: On 08-Nov-15 17:58, Mike Gilbert wrote: On Fri, Nov 6, 2015 at 12:19 PM, Jarry wrote: I noted one strange thing today: It seems one of my servers lost "/"! vs5-dns ~ # df Filesystem1K-blocksUsed Available Use% Mounted on /var/log/named 10138552 2223148 7377344 24% /chroot/dns/var/log/named tmpfs308196 420307776 1% /run dev 10240 0 10240 0% /dev shm 1540968 0 1540968 0% /dev/shm cgroup_root 10240 0 10240 0% /sys/fs/cgroup none1048576 0 1048576 0% /var/tmp/portage Is your /etc/mtab a regular file, or is it a symlink to /proc/self/mounts? The latter is recommended. It is regular file. I never changed it... vs5-dns ~ # ls -l /etc/mtab -rw-r--r-- 1 root root 908 Nov 9 19:14 /etc/mtab Anyway, please have a look at the contents of /etc/mtab, /proc/self/mounts, and proc/self/mountinfo while named is running and when it is stopped. If you pastebin them we can take a look for key differences. With bind running: http://pastebin.com/wkTW6xAY without bind: http://pastebin.com/JG5FPNDW Can you try replacing /etc/mtab with a symlink to /proc/self/mounts to see if it makes any difference? That triggers different code paths in several programs. Is "/" shown when you run "df -a"? If it's shown, then there's a bug in coreutils (as long as they accept a bug on a system where mtab isn't a symlink) because, AFAIR, "df" should show the mount with the shortest mount path if a filesystem's mounted more than once. vs5-dns ~ # df -a Filesystem1K-blocksUsed Available Use% Mounted on /dev/sda2 - - -- / proc 0 0 0- /proc tmpfs308188 420307768 1% /run dev 10240 0 10240 0% /dev mqueue0 0 0- /dev/mqueue devpts0 0 0- /dev/pts shm 1540940 0 1540940 0% /dev/shm sysfs 0 0 0- /sys cgroup_root 10240 0 10240 0% /sys/fs/cgroup openrc0 0 0- /sys/fs/cgroup/openrc none1048576 0 1048576 0% /var/tmp/portage /etc/bind - - -- /chroot/dns/etc/bind /var/bind - - -- /chroot/dns/var/bind /var/log/named 10138552 2300032 7300460 24% /chroot/dns/var/log/named So there *is* /, but strangely it has no size. But it suddenly does have its proper size as soon as I stop bind running: vs5-dns ~ # df -a Filesystem 1K-blocksUsed Available Use% Mounted on /dev/sda2 10138552 2300024 7300468 24% / proc 0 0 0- /proc tmpfs308188 416307772 1% /run dev 10240 0 10240 0% /dev mqueue0 0 0- /dev/mqueue devpts0 0 0- /dev/pts shm 1540940 0 1540940 0% /dev/shm sysfs 0 0 0- /sys cgroup_root 10240 0 10240 0% /sys/fs/cgroup openrc0 0 0- /sys/fs/cgroup/openrc none 1048576 0 1048576 0% /var/tmp/portage Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Bind stole my /
On 08-Nov-15 17:58, Mike Gilbert wrote: On Fri, Nov 6, 2015 at 12:19 PM, Jarry wrote: Hi Gentoo-users, I noted one strange thing today: It seems one of my servers lost "/"! vs5-dns ~ # df Filesystem1K-blocksUsed Available Use% Mounted on /var/log/named 10138552 2223148 7377344 24% /chroot/dns/var/log/named tmpfs308196 420307776 1% /run dev 10240 0 10240 0% /dev shm 1540968 0 1540968 0% /dev/shm cgroup_root 10240 0 10240 0% /sys/fs/cgroup none1048576 0 1048576 0% /var/tmp/portage Is your /etc/mtab a regular file, or is it a symlink to /proc/self/mounts? The latter is recommended. It is regular file. I never changed it... vs5-dns ~ # ls -l /etc/mtab -rw-r--r-- 1 root root 908 Nov 9 19:14 /etc/mtab Anyway, please have a look at the contents of /etc/mtab, /proc/self/mounts, and proc/self/mountinfo while named is running and when it is stopped. If you pastebin them we can take a look for key differences. With bind running: http://pastebin.com/wkTW6xAY without bind: http://pastebin.com/JG5FPNDW While I can see some differences there, I still do not understand why is "/" missing in "df" output. BTW I can not proove it, but this was not the case all the time. At least when I was tuning monitoring software, I'm pretty sure "/" was there... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] Bind stole my /
Hi Gentoo-users, I noted one strange thing today: It seems one of my servers lost "/"! vs5-dns ~ # df Filesystem1K-blocksUsed Available Use% Mounted on /var/log/named 10138552 2223148 7377344 24% /chroot/dns/var/log/named tmpfs308196 420307776 1% /run dev 10240 0 10240 0% /dev shm 1540968 0 1540968 0% /dev/shm cgroup_root 10240 0 10240 0% /sys/fs/cgroup none1048576 0 1048576 0% /var/tmp/portage And it seems I found the thief who stole it: vs5-dns ~ # /etc/init.d/named stop * Caching service dependencies ...[ ok ] * Stopping chrooted named ... * Umounting chroot dirs ... * umounting /chroot/dns/etc/bind ... [ ok ] * umounting /chroot/dns/var/log/named ... [ ok ] * umounting /chroot/dns/var/bind ... [ ok ] vs5-dns ~ # df Filesystem1K-blocksUsed Available Use% Mounted on /dev/sda2 10138552 2223140 7377352 24% / tmpfs308196 416307780 1% /run dev 10240 0 10240 0% /dev shm 1540968 0 1540968 0% /dev/shm cgroup_root 10240 0 10240 0% /sys/fs/cgroup none1048576 0 1048576 0% /var/tmp/portage vs5-dns ~ # /etc/init.d/named start * Starting chrooted named ... * Mounting chroot dirs * mounting /etc/bind to /chroot/dns/etc/bind [ ok ] * mounting /var/bind to /chroot/dns/var/bind [ ok ] * mounting /var/log/named to /chroot/dns/var/log/named [ ok ] * Checking named configuration ... [ ok ] vs5-dns ~ # df Filesystem1K-blocksUsed Available Use% Mounted on /var/log/named 10138552 2223160 7377332 24% /chroot/dns/var/log/named tmpfs308196 420307776 1% /run dev 10240 0 10240 0% /dev shm 1540968 0 1540968 0% /dev/shm cgroup_root 10240 0 10240 0% /sys/fs/cgroup none1048576 0 1048576 0% /var/tmp/portage vs5-dns ~ # So it seems whenever chrooted bind/named is running, "/" simply dissapeares from the list of mounted filesystem. Instead of it, chrooted /var/log/named is listed. Is this correct behaviour??? This is a little problem for me, as I run monitoring software which (appart from other things) check filesystems if they are not close to being full. With bind/named running it complains it can not find "/" in df output. I'd like to get my "/" back, but I do not know how to do it... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: grub-2 update
On 16-Jul-15 22:08, James wrote: I have similar setup as you and upgraded grub without any problem. If beta2-r3 worked for you, beta2-r7 will as well. If you did not disable /boot automount, there are no special steps needed. Portage will mount /boot, update grub, and dismound afterwards... AH do tell me more:: /dev/sda1 /bootext2defaults,noatime 0 2 /dev/sda3 /ext4defaults,noatime 0 1 /dev/sda4 /usr/local ext4defaults,noatime 0 1 How do I make sure it's set to automount? It is per default so. You can only disable it by some variable (forgot its name). If you want to be sure, simply mount /boot (if it is not yet) before updating grub. changes I should make ?? I've been bitten too many times on kernel updates to not be very cautious-- No changes are necessary. Config-files remain as they were. I'have been using grub2 since it went stable and never had any problem with it... Jarry ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] grub-2 update
On 16-Jul-15 21:34, James wrote: Grub-2.02_beta2-r3 wants to upgrade to grub-2.02_beta2-r7 It appears to be marked stable. So if I do this, what will I have to do to keep the system booting. No interamfs just a big partition with everything but /boot and /usr/local. /dev/sda3 746G 96G 612G 14% / devtmpfs 10M 0 10M 0% /dev tmpfs 3.2G 1020K 3.2G 1% /run shm 16G 12K 16G 1% /dev/shm cgroup_root 10M 0 10M 0% /sys/fs/cgroup /dev/sda1 194M 45M 139M 25% /boot /dev/sda4 962G 121G 792G 14% /usr/local So the upgrade will be trivial or are there caveats. I do not have a good record with grub-2 . I have similar setup as you and upgraded grub without any problem. If beta2-r3 worked for you, beta2-r7 will as well. If you did not disable /boot automount, there are no special steps needed. Portage will mount /boot, update grub, and dismound afterwards... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] ipset: hash or bitmap?
Hi Gentoo-users, what is "prefered" way of storing ipsets (i.e. for IP): hash or bitmap? I have been searching for some time but still did not find any info concerning hash/bitmap comparison, dis/advantages, features, etc. And one more question: when ipset starts "making sense"? I mean, for 2 IPs it is probably easier to forget ipset and just include 2 iptables-rules. But what if I have to define the same iptables-rule for 5 (or 10, 20) IPs? Does it make sense to use ipset already? Or is such a set still too small to be used? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I block incomming tor-traffic?
Hi Gentoo-users, my web-server gets constantly abused by users which appear to be using tor-network (ip-lookup of source addresses always points to tor-exit.watever). How can I block this tor-traffic completely? I know I can get the list of tor exit-nodes on: check.torproject.org/exit-addresses How can I feed this list to iptables? Is there some ready-to-use solution, or do I have to parse this list through some script I have to write first? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] amavisd: running or not running???
Hi Gentoo-users, I have this strange problem: I can not start amavisd because it is running, and at the same time I can not stop amavisd because it is not running. How's that possible? vs4 ~ # /etc/init.d/amavisd start * WARNING: amavisd has already been started vs4 ~ # /etc/init.d/amavisd stop * Stopping amavisd-new ... The amavisd daemon is not running [ !! ] * ERROR: amavisd failed to stop vs4 ~ # /etc/init.d/amavisd start * WARNING: amavisd has already been started vs4 ~ # ps -e | grep amavis vs4 ~ # How can I fix this mess? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] USE-flags description?
On 01-Feb-15 18:53, Markos Chandras wrote: where can I find description of *all* USE flags? I checked /usr/portage/profiles/use.desc and use.local.desc but still I can not find some... try /usr/portage/desc/cpu_flags_x86.desc You probably mean /usr/portage/profiles/desc/cpu_flags_x86.desc Thanks, I did not know about that "desc" sub-dir at all... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] USE-flags description?
Hi Gentoo-users, where can I find description of *all* USE flags? I checked /usr/portage/profiles/use.desc and use.local.desc but still I can not find some... cpuinfo2cpuflags-x86 suggested my CPU_FLAGS_X86 should be: "aes avx mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" But I'd like to know what they means, but I could not find any description for "aes" and "popcnt"... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] "emerge --depclean" wants to remove active python?
On 06-Dec-14 18:25, Alec Ten Harmsel wrote: If 3.4.1 gets removed, I will have to run python-updater and compile all against 3.3. But why? 3.4.1 is stable, so why does Portage want to remove it??? Check out this thread from a day or two ago: http://thread.gmane.org/gmane.linux.gentoo.user/279158. Thanks, Alec. How could I have missed that thread??? Mea culpa... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] "emerge --depclean" wants to remove active python?
Hi Gentoo-users, I just updated my box (iirc, there was something python-related) but depite of having python 3.4 active, emerge wants to remove it: # eselect python list Available Python interpreters: [1] python2.7 [2] python3.3 [3] python3.4 * # emerge --pretend --depclean Calculating dependencies... done! >>> Calculating removal order... >>> These are the packages that would be unmerged: dev-lang/python selected: 3.4.1 protected: none omitted: 2.7.7 3.3.5-r1 All selected packages: =dev-lang/python-3.4.1 If 3.4.1 gets removed, I will have to run python-updater and compile all against 3.3. But why? 3.4.1 is stable, so why does Portage want to remove it??? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: World update and changed PYTHON_TARGETS
On 26-Nov-14 21:03, »Q« wrote: during yesterday's upgrade I read the news about python 3.4 being the new profile default. [...] Perhaps you've noticed by now, but the change was reverted in the meantime. Furthermore, eselect news shows that the news entry got deleted, too: % eselect news list News items: [36] 2014-11-23 (2014-11-23-python-targets - removed?) At least that is the state as of my last sync at 23:00 UTC+1 last night. Oh, great. I changed my settings in make.conf, eselected 3.4, rebuilt some packages, and depcleaned 3.3. No bugs are apparent on my machine so far, so I guess I'll keep it like this until something explodes or there's another news item. I did the same. Except I could not depclean 3.3 because it is still used by something. So now I have 2.7, 3.3 and 3.4 Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Anyone using Veeam to backup Gentoo VMs on vmware hosts?
On 10-Nov-14 18:06, Tanstaafl wrote: Wondering if this is supported? It is supported, but not on ESXi-hypervisor (free) anymore. AFAIK only Trilead VM-Explorer works on free-ESXi (and command line tools i.e. ghettoVCB). Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] PAM auto-adding ".db" suffix: feature or bug?
On 24-Aug-14 17:44, Alan McKinnon wrote: Consult Google and find out more about postfix's postmaps with particular reference to how it's done if you use db files from sleepycat This has nothing to do with postfix, I used it just as an example. I had the very same problem with ftp. My Postfix uses cyrus-sasl for smtp-authentification, and cyrus-sasl in my example uses pam with user-db. Problem is PAM configuration, which must contain: db=/etc/postfix/virtual_users (without ".db") But real user database is in: /etc/postfix/virtual_users.db This I find very strange... It's unusual, but it's also the way it is. Why are you so concerned? You edit the file without extension and create a db file with .db extension which the software uses. Perhaps not 100% what you were expecting but if that's how the bits of software are written, what's the problem? I see two problems: 1. pam-docs says nothing about it (or it is so deep I did not find it). If the user-db file is /etc/postfix/virtual_users.db then how in the hell should user know he must write: db=/etc/postfix/virtual_users in pam-config file and not: db=/etc/postfix/virtual_users.db ??? 2. error-log is very misleading. It says '/etc/postfix/virtual_users.db': no such file or directory while in fact pam was looking for '/etc/postfix/virtual_users.db.db'. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] PAM auto-adding ".db" suffix: feature or bug?
On 24-Aug-14 0:07, Alan McKinnon wrote: On 23/08/2014 21:21, Jarry wrote: Hi Gentoo-users, after playing with PAM for a few days I discovered one strange thing: PAM adds ".db" suffix to database definition on its own! What I mean is following: _ more /etc/pam.d/postfix authrequired pam_userdb.so db=/etc/postfix/virtual_users.db account required pam_userdb.so db=/etc/postfix/virtual_users.db ls -l /etc/postfix/virtual_users.db -rw--- 1 root root 12288 Aug 20 18:45 /etc/postfix/virtual_users.db testsaslauthd -u user1 -p password1 -s postfix 0: NO "authentication failed" tail -n1 saslauth.log saslauthd: pam_userdb(postfix:auth): user_lookup: could not open database '/etc/postfix/virtual_users.db': no such file or directory __ Then I changed /etc/pam.d/postfix to: authrequired pam_userdb.so db=/etc/postfix/virtual_users account required pam_userdb.so db=/etc/postfix/virtual_users And now everything works. But there is no /etc/postfix/virtual_users file, only /etc/postfix/virtual_users.db! So it seems to me PAM adds ".db" to database-definition itself and user has to define it without ".db", otherwise what PAM is actually looking for is /etc/postfix/virtual_users.db.db Is this normal? Never seen this "Windows-like" behaviour with auto-adding suffix in *nix world. And I did not find anything about it in PAM-documentation. It says just: pam_userdb.so db=/path/database Not a single word that user has to cut ".db" suffix from "database" off. If all this is feature and not bug, then it should definitely be mentioned somewhere... Consult Google and find out more about postfix's postmaps with particular reference to how it's done if you use db files from sleepycat This has nothing to do with postfix, I used it just as an example. I had the very same problem with ftp. My Postfix uses cyrus-sasl for smtp-authentification, and cyrus-sasl in my example uses pam with user-db. Problem is PAM configuration, which must contain: db=/etc/postfix/virtual_users (without ".db") But real user database is in: /etc/postfix/virtual_users.db This I find very strange... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] PAM auto-adding ".db" suffix: feature or bug?
Hi Gentoo-users, after playing with PAM for a few days I discovered one strange thing: PAM adds ".db" suffix to database definition on its own! What I mean is following: _ more /etc/pam.d/postfix authrequired pam_userdb.so db=/etc/postfix/virtual_users.db account required pam_userdb.so db=/etc/postfix/virtual_users.db ls -l /etc/postfix/virtual_users.db -rw--- 1 root root 12288 Aug 20 18:45 /etc/postfix/virtual_users.db testsaslauthd -u user1 -p password1 -s postfix 0: NO "authentication failed" tail -n1 saslauth.log saslauthd: pam_userdb(postfix:auth): user_lookup: could not open database '/etc/postfix/virtual_users.db': no such file or directory __ Then I changed /etc/pam.d/postfix to: authrequired pam_userdb.so db=/etc/postfix/virtual_users account required pam_userdb.so db=/etc/postfix/virtual_users And now everything works. But there is no /etc/postfix/virtual_users file, only /etc/postfix/virtual_users.db! So it seems to me PAM adds ".db" to database-definition itself and user has to define it without ".db", otherwise what PAM is actually looking for is /etc/postfix/virtual_users.db.db Is this normal? Never seen this "Windows-like" behaviour with auto-adding suffix in *nix world. And I did not find anything about it in PAM-documentation. It says just: pam_userdb.so db=/path/database Not a single word that user has to cut ".db" suffix from "database" off. If all this is feature and not bug, then it should definitely be mentioned somewhere... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] apachetop compilation failed; something missing?
On 16-Aug-14 14:07, Stroller wrote: … I just tried to install app-admin/apachetop-0.12.6-r1 (USE="pcre -adns -fam") but compilation failed with these messages: __ Makefile:342: .deps/apachetop.Po: No such file or directory Makefile:343: .deps/display.Po: No such file or directory Makefile:344: .deps/filters.Po: No such file or directory Makefile:345: .deps/hits_circle.Po: No such file or directory Are these files / directory present? They were apparently missing but... Today apachetop compiled without any problem. I did not change anything in between, just synced portage-tree again and problem dissapeared... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] apachetop compilation failed; something missing?
Hi Gentoo-users, I just tried to install app-admin/apachetop-0.12.6-r1 (USE="pcre -adns -fam") but compilation failed with these messages: __ Makefile:342: .deps/apachetop.Po: No such file or directory Makefile:343: .deps/display.Po: No such file or directory Makefile:344: .deps/filters.Po: No such file or directory Makefile:345: .deps/hits_circle.Po: No such file or directory Makefile:346: .deps/inlines.Po: No such file or directory Makefile:347: .deps/log.Po: No such file or directory Makefile:348: .deps/map.Po: No such file or directory Makefile:349: .deps/ohtbl.Po: No such file or directory Makefile:350: .deps/queue.Po: No such file or directory Makefile:351: .deps/resolver.Po: No such file or directory Makefile:352: .deps/timed_circle.Po: No such file or directory Makefile:355: *** missing separator. Stop. make[2]: Leaving directory `/var/tmp/portage/app-admin/apachetop-0.12.6-r1/work/ apachetop-0.12.6/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/app-admin/apachetop-0.12.6-r1/work/ apachetop-0.12.6' make: *** [all] Error 2 emake failed __ Any idea what it means and how I can fix it? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] vsftpd: virtual users with own directory?
Hi Gentoo-users, I have small problem with vsftpd, and because that software has neither mailing-list nor user-forum, I have to ask here: I'm moving my ftp users from local to virtual. My problem is: how can I permit users to write only to their own directories, but read/see all (even those of other users)? With local users I simply created them with: useradd -m -g users -b /home/ftp -s /bin/false user1 And for each of them I created subdirectory: mkdir /home/ftp/user1 chown user1 /home/ftp/user1 In vsftpd.conf I had: chroot_local_user=YES local_root=/home/ftp So when local user1 logged in (with ftp-client), he was in /home/ftp, could see sub-dirs user1, user2, user3, etc., but could write only to his own sub-dir user1. How can I do this with virtual users? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] modules.devname not found...
On 29-Jul-14 19:25, Samuli Suominen wrote: On 29/07/14 20:22, Neil Bothwick wrote: On Tue, 29 Jul 2014 18:25:15 +0200, Jarry wrote: * Creating list of required static device nodes for the current kernel... Warning: /lib/modules/3.12.21-gentoo-r1/modules.devname not found - ignor What does it mean and how can I get rid of it? By creating the missing file :) Right, and if he is using monolitic kernel with CONFIG_MODULES=n in kernel /usr/src/linux/.config, with no modules at all, then he should remove 'kmod-static-nodes' init script from the runlevels to silence the warning That is, if that's really true, otherwise use `depmod -a` That's the right solution! I'm absolutely sure I never disabled kmod-static-nodes on other system, but it is not started there. But on this freshly installed system, kmod-static-nodes is started at sysinit. I removed it, and that message is gone. Thanks! Jarry-- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] modules.devname not found...
Hi Gentoo-users, I just installed Gentoo on one more system and everything seems to be OK except for one strange boot-up message between "Mounting /dev/shm" and "Mounting /sys": * Creating list of required static device nodes for the current kernel... Warning: /lib/modules/3.12.21-gentoo-r1/modules.devname not found - ignor What does it mean and how can I get rid of it? Strange is, I do not have this message on any other system (and I installed them the same way). All are updated, using the same kernel. None of them is using modules, none of them has /lib/modules/3.12.21-gentoo-r1/modules.devname and none of them complains. Except this new one... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How can I find 2nd network adapter?
On 18-Jul-14 18:37, Alexander Kapshuk wrote: On 07/18/2014 07:28 PM, Jarry wrote: So how can I find name of the new network adapter? Example command to get the information for the new interface name before booting (replace with, for example, eth0): # udevadm test-builtin net_id /sys/class/net/ 2> /dev/null That's the place to search! I just checked /sys/class/net/ and found new adapter called "enp11s0" there. With ifconfig I can bring it now up and cofigure. Thanks! Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I find 2nd network adapter?
Hi Gentoo-users, I added the 2nd network adapteer to my gentoo-box and I want to use it. But... I do not know how it is called! ifconfig shows only the one adapter I had, called "enp3s0". I remember some time ago I moved from "human" network names (i.e. eth0) to this and now I see the first disadvantage: while before I could guess new network name (probably eth1, eth2, etc), now I can not. I tried "enp4s0", "enp3s1", "enp4s1" but I always get only "No such device" error. I checked gentoo-handbook but it works with those old & good network devices (eth0, eth1). So how can I find name of the new network adapter? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Raspberry Pi & Gentoo?
On 16-Apr-14 17:46, Stroller wrote: On Wed, 16 April 2014, at 4:34 pm, Jarry wrote: … 1. What is better to use as OS-storage: USB-stick or SD-card? I have read horror stories about SD-cards being fried/bricked quite frequently so I'm a little scared. But I never found single post about problems with USB-stick... In terms of frying/bricking USB sticks are just the same kind of flash memory as in SD-cards, surely? Both are $8 for 16GB of storage, so wear / failure is only a concern if the server is to be inaccessible. But not every flash-memory is the same. Are you sure SD and USB are about the same? I thought USB-sticks were a little higher (comparable with CF, which is surely more reliable than SD)... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] Raspberry Pi & Gentoo?
Hi Gentoo-users, I have read all articles about Raspberry Pi on Gentoo-wiki, but want to ask: Is anybody here really using Gentoo on RPi? Is it usable? I have a chance of free housing for my RPi so I thought I give it a try, using RPi as backup-DNS/MX (and watchdog) for my primary server. Right now I'm facing two questions: 1. What is better to use as OS-storage: USB-stick or SD-card? I have read horror stories about SD-cards being fried/bricked quite frequently so I'm a little scared. But I never found single post about problems with USB-stick... 2. What distro? Right now I'm using Gentoo on all my servers but I'm not sure it is the best option for this puppy (Gentoo puts quite high demands on filesystem). If I redirect all the compilation work to other "mature" server (distcc/crossdev), can I use even Gentoo? Or is Raspbian still the better choice? BR, Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] shutdown for non-root users?
Hi, how can I allow other (not-root) users to shut down system? I tried to add them to /etc/shutdown.allow but it works only for "Ctrl-Alt-Del". When they try shutdown per command line (/sbin/shutdown -a -h now) they still get: shutdown: you must be root to do that! Usage: ... Is there any way to achieve this without installing sudo? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] python-updater: updating cracklib forever...
On 06-Mar-14 20:59, Daniel Frey wrote: If I understand it correctly, then "-python" means package is compiled *without* python-support. So a) it should not depend on python at all and b) recompilation does not change anything... I wonder if python-updater can even tell the package is built without the python USE flag. It sounds to me like it can't, and it notices that modules are missing, so it adds it to the rebuild list. Easy way to find out is emerge cracklib with the python USE flag enabled. If python-updater gives an all-clear after that, maybe it's a bug? I did try it. When I recompiled "cracklib" with "python" flag, python-updater was satisfied. But when I removed that flag, as soon as "emerge --update --newuse" recompiled cracklib it was all back again... It looks so that python-updater insists on having python-support in cracklib. If it does not find any ABI it thinks recompilation could "fix" it (without checking actuall cracklib use-flags): * check: PYTHON_ABIS [Previous Python ABIs: , new Python ABIs: 2.7] You see? Previous ABIs none, so it wants to compile cracklib to include python ABIs 2.7. But with "-python" USE flag it will never be there, no matter how many times cracklib will be recompilled. Seems to me like bug in python-updater. It should recompile cracklib only if it was compiled with *some* ABIs, but older than the new one. But not if cracklib was compiled with no python-ABIs at all... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] python-updater: updating cracklib forever...
On 06-Mar-14 19:25, Peter Humphrey wrote: On Thursday 06 Mar 2014 18:57:51 Jarry wrote: today after emerging python-exec (from 2.0.1 to 2.0.1-r1) I tried python-upadter and found out it wants to update cracklib. OK, I did, and then tested python-updater again. An it updated cracklib again! I tried it again, again, again, still the same: python-updater keeps re-emerging cracklib... Is this normal? I hope so, because I've been finding the same thing for some years now. Usually I have a couple of other packages to rebuild too, but not so recently. I just assume that python-updater can't tell whether it needs to update cracklib, so it plays safe and adds it to the list for remerging. Seems to me like bug in python-updater. Why does it want to update cracklib, when it was compiled with "-python" use-flag? sys-libs/cracklib-2.8.19 USE="nls zlib -build -python -static-libs" And I found the same with bind on different system: net-dns/bind-9.9.4_p2 USE="berkdb dlz ipv6 ssl -caps -doc -filter- -fixed-rrset -geoip -gost -gssapi -idn -ldap -mysql -odbc -postgres -python -rpz -rrl -sdb-ldap (-selinux) -static-libs -threads -urandom -xml" If I understand it correctly, then "-python" means package is compiled *without* python-support. So a) it should not depend on python at all and b) recompilation does not change anything... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] python-updater: updating cracklib forever...
Hi Gentoo-users, today after emerging python-exec (from 2.0.1 to 2.0.1-r1) I tried python-upadter and found out it wants to update cracklib. OK, I did, and then tested python-updater again. An it updated cracklib again! I tried it again, again, again, still the same: python-updater keeps re-emerging cracklib... Is this normal? man-page says "python-updater -- Find & rebuild packages broken due to a Python upgrade"; so I do not think it should run forever... Jarry # eselect python list Available Python interpreters: [1] python2.7 [2] python3.3 * # python-updater -v -p * Starting Python Updater... * Main active version of Python:3.3 * Active version of Python 2: 2.7 * Active version of Python 3: 3.3 * Globally supported Python ABIs in installed repositories: * gentoo: 2.4 2.5 2.6 2.7 3.1 3.2 3.3 2.5-jython 2.7-jython 2.7-pypy-1.7 2.7-pypy-1.8 2.7-pypy-1.9 2.7-pypy-2.0 * Check "manual" enabled. * Check "need_rebuild" enabled. * Check "pylibdir" enabled. * Check "PYTHON_ABIS" enabled. * Check "shared_linking" enabled. * Check "static_linking" enabled. * Adding to list: sys-libs/cracklib:0 * check: PYTHON_ABIS [ Previous Python ABIs: , new Python ABIs: 2.7 ] * emerge -Dv1 --keep-going -p sys-libs/cracklib:0 These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild R] sys-libs/cracklib-2.8.19 USE="nls zlib -build -python -static-libs" 0 kB Total: 1 package (1 reinstall), Size of downloads: 0 kB # -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] RAID 1 vs RAID 0 - Read perfonmance
On 24-Feb-14 7:27, Facundo Curti wrote: n= number of disks reads: raid1: n*2 raid0: n*2 writes: raid1: n raid0: n*2 But, in real life, the reads from raid 0 doesn't work at all, because if you use "chunk size" from 4k, and you need to read just 2kb (most binary files, txt files, etc..). the read speed should be just of n. Definitely not true. Very rarely you need to read just one small file. Mostly you need many small files (i.e. compilation) or a few big files (i.e. database). I do not know what load you expect, but in my case raid0 (with SSD) gave me about twice the r/w speed on heavily-loaded virtualization platform with many virtual machines. And not only speed is higher, but also IOPS are splitted to two disks (nearly doubled). I did some testing with 2xSSD/512GB in raid1, 2xSSD/256GB in raid0 and 3xSSD/256GB in raid5 (I used 840/pro SSD with quite good HW-controller but I think with mdadm it might be similar). Raid0 was way ahead of other two configurations in my case. Finally I went for 4xSSD/256GB in raid10 as I needed both speed and redundancy... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] tmpfs for portage: how much?
Jarry wrote: I would like to use tmpfs for all the package-compilation to spare my SSD from too many writing-cycles, but I can not guess how much do I need. I'm rather limited with RAM, if I use more than 512MB for /var/tmp/portage... OMG, I was really over-optimistic! Even 2 GB tmpfs for /var/tmp/portage was not enough to re-compile gcc-4.7.3! In case someone is interested, I created /var/tmp/portage as 4GB-big tmpfs, and then recompilled @system. I checked how much /var/tmp/portage space is needed for each pachage: gcc-4.7.3-r1: ~2.4 GB glibc-2.17: ~490 MB perl-5.6.13: ~250 MB binutils-2.23.2: ~300 MB And a few from my @world: php-5.5.7: ~540 MB mysql-5.1.70: ~420 MB Packages not listed needed less than 200MB and/or were compiled fast and not recorded by my script (it checked /var/tmp/portage every 5 seconds). Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] tmpfs for portage: how much?
On 21-Jan-14 18:14, Neil Bothwick wrote: On Tue, 21 Jan 2014 18:03:08 +0100, Jarry wrote: I would like to use tmpfs for all the package-compilation to spare my SSD from too many writing-cycles, but I can not guess how much do I need. I'm rather limited with RAM, if I use more than 512MB for /var/tmp/portage, my server lowers buffers/cache to nearly zero and starts swapping... Then don't use more than 512MB, I certainly wouldn't use less for the packages you mention. OMG, I was really over-optimistic! Even 2 GB tmpfs for /var/tmp/portage was not enough to re-compile gcc-4.7.3! This is really no way for me. I think I will get some small SLC-based SSD instead... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] tmpfs for portage: how much?
Hi Gentoo-users, I would like to use tmpfs for all the package-compilation to spare my SSD from too many writing-cycles, but I can not guess how much do I need. I'm rather limited with RAM, if I use more than 512MB for /var/tmp/portage, my server lowers buffers/cache to nearly zero and starts swapping... So what do your think? Would it be enought to have 512MB for packages like GCC, Apache, MySQL, Sendmail, Bind? These are the biggest, rest are much smaller... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Anyone using open-vm-tools w/ESXi?
On 16-Jan-14 22:17, Daniel Frey wrote: Yes, the guest shutdown seems to still be working. I've tested both manual (i.e. asking for a guest shutdown) and it works, and I've set up my APC ups to shutdown the host and all VMs, again all working. If you're interested in the howtos for the APC shutdown I think I have a bookmark around somewhere. BTW if all you want is safe shutdown, it can be done even without vm-tools (which I personally do not like at all). In vSphere-client I have "suspend" instead of shutdown (current state with memory snapshot is saved), from ESXi you'd have to play a little with /sbin/shutdown.sh script (i.e. with ssh/keys to log into all VM and shut them down), and for power-interruption you can use NUT (which I find better than apcupsd or PowerChute, because there is native NUT-client for ESXi)... apart from apcupsd you can use NUT (which I find better, there is native ESXi-client). Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] x11-misc/shared-mime-info update problem...
On 05-Jan-14 15:02, Neil Bothwick wrote: On Sun, 05 Jan 2014 14:06:31 +0100, Jarry wrote: You are right and this fixed my problem. Thanks! I really updated perl recently but I did not know I had to run perl-cleaner. Never heard of it. Should not it be done automaticaly, always after new perl version has been installed? Did ou not see this n the elog message from Perl? UPDATE THE PERL MODULES: After updating dev-lang/perl you must reinstall the installed perl modules. Use: perl-cleaner --all Well, I tested it on another computer and the problem is perl and shared-mime-info are updated at the same update-run. So I can find this message *after* update of shared-mime-info already crashed. And I have to scroll way back to see any perl-related messages... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] x11-misc/shared-mime-info update problem...
On 05-Jan-14 13:48, Pavel Kazakov wrote: On 01/05/2014 04:32 AM, Jarry wrote: ... I see it failed in config-phase with: "error: XML::Parser perl module is required for intltool" The proper dependency should be pulled in (x11-misc/shared-mime-info depends on dev-util/intltool, which depends on dev-perl/XML-Parser). My guess is that you recently upgraded perl, which might require you to rebuild the perl modules. You can try rebuilding just dev-perl/XML-Parser, but I recommend using perl-cleaner [1] to rebuild all the modules: perl-cleaner --allmodules -v And then try to rebuild shared-mime-info. You are right and this fixed my problem. Thanks! I really updated perl recently but I did not know I had to run perl-cleaner. Never heard of it. Should not it be done automaticaly, always after new perl version has been installed? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] x11-misc/shared-mime-info update problem...
Hi Gentoo-users, while trying to update my box I ran into some problem with x11-misc/shared-mime-info (updating from 1.0 to 1.2-r1). Maybe someone could help me to understand what the problem is. I see it failed in config-phase with: "error: XML::Parser perl module is required for intltool" But why was XML::Parser not pulled as dependency, when it is required? What ebuild is it in? Jarry _ >>> Emerging (1 of 14) x11-misc/shared-mime-info-1.2-r1 * shared-mime-info-1.2.tar.xz SHA256 SHA512 WHIRLPOOL size ;-) ... [ ok ] >>> Unpacking source... >>> Unpacking shared-mime-info-1.2.tar.xz to /var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work >>> Source unpacked in /var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work >>> Preparing source in /var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work/shared-mime-info-1.2 ... * Applying shared-mime-info-1.2-g_type_init.patch ... [ ok ] >>> Source prepared. >>> Configuring source in /var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work/shared-mime-info-1.2 ... ./configure --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --libdir=/usr/lib64 --disable-silent-rules --disable-dependency-tracking --disable-default-make-check --disable-update-mimedb checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking whether make supports nested variables... (cached) yes checking for x86_64-pc-linux-gnu-gcc... x86_64-pc-linux-gnu-gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether x86_64-pc-linux-gnu-gcc accepts -g... yes checking for x86_64-pc-linux-gnu-gcc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of x86_64-pc-linux-gnu-gcc... none checking for an ANSI C-conforming const... yes checking whether NLS is requested... yes checking for intltool >= 0.35.0... 0.50.2 found checking for intltool-update... /usr/bin/intltool-update checking for intltool-merge... /usr/bin/intltool-merge checking for intltool-extract... /usr/bin/intltool-extract checking for xgettext... /usr/bin/xgettext checking for msgmerge... /usr/bin/msgmerge checking for msgfmt... /usr/bin/msgfmt checking for gmsgfmt... /usr/bin/gmsgfmt checking for perl... /usr/bin/perl checking for perl >= 5.8.1... 5.16.3 checking for XML::Parser... configure: error: XML::Parser perl module is required for intltool !!! Please attach the following file when seeking support: !!! /var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work/shared-mime-info-1.2/config.log * ERROR: x11-misc/shared-mime-info-1.2-r1::gentoo failed (configure phase): * econf failed * * Call stack: * ebuild.sh, line 93: Called src_configure *environment, line 2173: Called econf '--disable-default-make-check' '--disable-update-mimedb' * phase-helpers.sh, line 577: Called die * The specific snippet of code: * die "econf failed" * * If you need support, post the output of `emerge --info '=x11-misc/shared-mime-info-1.2-r1::gentoo'`, * the complete build log and the output of `emerge -pqv '=x11-misc/shared-mime-info-1.2-r1::gentoo'`. * The complete build log is located at '/var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/temp/environment'. * Working directory: '/var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work/shared-mime-info-1.2' * S: '/var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/work/shared-mime-info-1.2' >>> Failed to emerge x11-misc/shared-mime-info-1.2-r1, Log file: >>> '/var/tmp/portage/x11-misc/shared-mime-info-1.2-r1/temp/build.log' * Messages for package x11-misc/shared-mime-info-1.2-r1: * ERROR: x11-misc/shared-mime-info-1.2-r1::gentoo failed (configure phase): * econf failed * * Call stack: * ebuild.sh, line 93: Called src_configure *environment, line 2173: Called econf '--disable-default-make-check' '--disable-update-mimedb' * phase-helpers.sh, line 577: Called die * The specific snippet of code: * die "
Re: [gentoo-user] How can I fix wrong boot order?
On 30-Oct-13 2:49, Dustin C. Hatch wrote: So how can I fix it on the 1st server, so that syslog-ng starts after network interface is up? I would probably fix this by adding rc_need="net" to /etc/conf.d/syslog-ng That's probably cleanest solution. Thanks, it worked like a charm! The only thing that remains mystery for me is: why on my other servers syslog-ng is started after network even without this trick? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I fix wrong boot order?
Hi Gentoo-users, I noticed strange message during boot-up of one of my servers: __ * Bringing up interface lo * 127.0.0.1/8 ...[ok] * Adding routes * 127.0.0.0/8 via 127.0.0.1 ...[ok] * Activating additional swap space ... [ok] * setting up tmpfiles.d entries ...[ok] * Initializing random number generator ... [ok] INIT: Entering runlevel: 3 * Starting clamd ... [ok] * Starting freshclam ... [ok] * Checking your configfile (/etc/syslog-ng/syslog-ng.conf) [ok] * Starting syslog-ng... Connection failed; fd='10', server='AF_INET(10.0.0.171:514)', local='AF_INET(0.0.0.0:0)', error='Network is unreachable (101)' Initiating connection failed, reconnecting: time_reopen='60' * Loading iptables state and starting firewall ... [ok] * Bringing up interface enp3s0 * 10.0.0.174 ... [ok] * Adding routes * default via 10.0.0.138 ... [ok] * Starting saslauthd ... [ok] * Starting dovecot ... [ok] * Starting monit ... [ok] __ As you see, syslog-ng can not open conection to remote syslog collector. Reason seems to be quite clear: at the time when syslog-ng starts, enp3s0 interface is not up (only loopback). I do not know how this happened, but I think it has something to do with either sendmail, clamav, or dovecot. This is boot-up of my other server (syslog-collector) where neither sendmail nor clamav is installed. As you can see, boot-up order is correct (network interface before syslog-ng): __ * Bringing up interface lo * 127.0.0.1/8 ...[ok] * Adding routes * 127.0.0.0/8 via 127.0.0.1 ...[ok] * Activating additional swap space ... [ok] * setting up tmpfiles.d entries ...[ok] * Initializing random number generator ... [ok] INIT: Entering runlevel: 3 * Loading iptables state and starting firewall ... [ok] * Starting monit ... [ok] * Bringing up interface enp3s0 * 10.0.0.171 ... [ok] * Adding routes * default via 10.0.0.138 ... [ok] * Mounting network filesystems ... [ok] * Checking your configfile (/etc/syslog-ng/syslog-ng.conf) [ok] * Starting syslog-ng...[ok] * Starting sshd ...[ok] * Starting vixie-cron ... [ok] __ So how can I fix it on the 1st server, so that syslog-ng starts after network interface is up? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] gcc-bin for stupid user
On 29-Sep-13 16:44, Alain Didierjean wrote: I'm in trouble for having stupidly unmerged gcc and gcc-config ! What's the easiest way, if any, to grab and install a binary gcc allowing me to emerge... gcc ! We're talking about amd64. IMHO the easiest way is to restore system from backup. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] No mailer for Gentoo???
On 06-Sep-13 18:56, Alan McKinnon wrote: On 06/09/2013 18:21, Canek Peláez Valdés wrote: On Fri, Sep 6, 2013 at 11:14 AM, Canek Peláez Valdés wrote: On Fri, Sep 6, 2013 at 10:51 AM, Jarry wrote: On 06-Sep-13 17:32, Michael Orlitzky wrote: On 09/06/2013 11:23 AM, Jarry wrote: It wasn't part of @system before, you just removed the thing that pulled it in. No I did not. mail-mta/ssmtp was part of stage3. And I did not remove now any "thing" that pulled it in. All I did was "emerge --ask --update --deep --newuse world". As a result, python-exec, python-argparse and libxml2 were reinstalled and automake-wrapper, gtk-doc-am, eselect and linux-header updated. Nothing else. After that I did "emerge --depclean" and the above mentioned packages were suddenly removed... It could be that a package's deps were updated to no longer include virtual/mta. But it was never part of @system, you can check for yourself: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/profiles/base/packages?view=log Then something got broken because I have packages installed that need mailer (i.e. app-admin/monit or sys-fs/mdadm are configured to send emails). And these packages do not have "mail" use-flag, because their maintainers apparently expect standard *nix mailer (/usr/bin/sendmail) exists on the system... So now I have "stable" system, updated to the latest level, where a lot of things suddenly do not work. This should *never* happen! If it was some package's dep that caused it, it's clear this change was premature... I think is a bug in the packages. In my system the only package that pulls vitual/mta (and therefore ssmtp) is vixie-cron. The change happened in the cron eclass: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/eclass/cron.eclass?r1=1.15&r2=1.16 From the commit log: "Per extensive discussion with zmedico about removing the need for package.provided, several packages have been changed, like sudo, to not explicitly require an mta. Cron will follow, leaving mta support optional." The rationale (I suppose) is that the programs in question still work, just the sending of emails fails. Good riddance, if you ask me. If you need/want an MTA, just install ssmtp by hand. Agreed. It's a bit daft relying on a cron daemon to be the only package pulling in a mailer. One can't even argue that it makes sense as a default - cron merely has this feature to notify the root user if a cron job wrote something to STDOUT. That's a notification. It is not an absolute need to have sendmail. If you want a syslogger, install a syslogger. If you want a print server, install a print server. Likewise, if you want a mailer, install one. If I want syslog-support, I add "syslog" to USE. If I want ssl-support, I add "ssl" to USE. If I want perl-support, I add "perl" to USE. If I want mta-support, I add... wait, no! I can not add "mta" to USE, I have to install mta manually... Got the picture now? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] No mailer for Gentoo???
On 06-Sep-13 18:29, Canek Peláez Valdés wrote: On Fri, Sep 6, 2013 at 11:22 AM, Jarry wrote: On 06-Sep-13 18:14, Canek Peláez Valdés wrote: On Fri, Sep 6, 2013 at 10:51 AM, Jarry wrote: On 06-Sep-13 17:32, Michael Orlitzky wrote: On 09/06/2013 11:23 AM, Jarry wrote: It wasn't part of @system before, you just removed the thing that pulled it in. No I did not. mail-mta/ssmtp was part of stage3. And I did not remove now any "thing" that pulled it in. All I did was "emerge --ask --update --deep --newuse world". As a result, python-exec, python-argparse and libxml2 were reinstalled and automake-wrapper, gtk-doc-am, eselect and linux-header updated. Nothing else. After that I did "emerge --depclean" and the above mentioned packages were suddenly removed... It could be that a package's deps were updated to no longer include virtual/mta. But it was never part of @system, you can check for yourself: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/profiles/base/packages?view=log Then something got broken because I have packages installed that need mailer (i.e. app-admin/monit or sys-fs/mdadm are configured to send emails). And these packages do not have "mail" use-flag, because their maintainers apparently expect standard *nix mailer (/usr/bin/sendmail) exists on the system... So now I have "stable" system, updated to the latest level, where a lot of things suddenly do not work. This should *never* happen! If it was some package's dep that caused it, it's clear this change was premature... I think is a bug in the packages. In my system the only package that pulls vitual/mta (and therefore ssmtp) is vixie-cron. That is strange. I have sys-process/vixie-cron-4.1-r12 and yet revdep-rebuild does not want to pull virtual/mta. But It should, as cron can be configured to send emails too. Read my last mail; they changed the RDEPEND for the cron eclass. As I wrote: there are *many* packages that expect standard *nix mailer exists! If it does not, a lot of packages must be fixed to include mailer as dependency. The devs disagree. I think I'm with them; the packages in question actually work, it just happens that they can't send mails anymore. If you need/want them to send mails, install an MTA. "Just" can't send mails. So if mdadm detects failed drive in raid1 and I do not get mail about it, I will discover it at least when the 2nd drive fails. That's a relief... Why is there no global use-variable "mta"? Why not even local for packages that might use mailer? This goes completely against Gentoo-principles, if user has to search which other packages are required and install them manually. Is it not what we have use-flags for? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] No mailer for Gentoo???
On 06-Sep-13 17:32, Michael Orlitzky wrote: On 09/06/2013 11:23 AM, Jarry wrote: It wasn't part of @system before, you just removed the thing that pulled it in. No I did not. mail-mta/ssmtp was part of stage3. And I did not remove now any "thing" that pulled it in. All I did was "emerge --ask --update --deep --newuse world". As a result, python-exec, python-argparse and libxml2 were reinstalled and automake-wrapper, gtk-doc-am, eselect and linux-header updated. Nothing else. After that I did "emerge --depclean" and the above mentioned packages were suddenly removed... It could be that a package's deps were updated to no longer include virtual/mta. But it was never part of @system, you can check for yourself: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/profiles/base/packages?view=log Then something got broken because I have packages installed that need mailer (i.e. app-admin/monit or sys-fs/mdadm are configured to send emails). And these packages do not have "mail" use-flag, because their maintainers apparently expect standard *nix mailer (/usr/bin/sendmail) exists on the system... So now I have "stable" system, updated to the latest level, where a lot of things suddenly do not work. This should *never* happen! If it was some package's dep that caused it, it's clear this change was premature... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] No mailer for Gentoo???
On 06-Sep-13 18:14, Canek Peláez Valdés wrote: On Fri, Sep 6, 2013 at 10:51 AM, Jarry wrote: On 06-Sep-13 17:32, Michael Orlitzky wrote: On 09/06/2013 11:23 AM, Jarry wrote: It wasn't part of @system before, you just removed the thing that pulled it in. No I did not. mail-mta/ssmtp was part of stage3. And I did not remove now any "thing" that pulled it in. All I did was "emerge --ask --update --deep --newuse world". As a result, python-exec, python-argparse and libxml2 were reinstalled and automake-wrapper, gtk-doc-am, eselect and linux-header updated. Nothing else. After that I did "emerge --depclean" and the above mentioned packages were suddenly removed... It could be that a package's deps were updated to no longer include virtual/mta. But it was never part of @system, you can check for yourself: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/profiles/base/packages?view=log Then something got broken because I have packages installed that need mailer (i.e. app-admin/monit or sys-fs/mdadm are configured to send emails). And these packages do not have "mail" use-flag, because their maintainers apparently expect standard *nix mailer (/usr/bin/sendmail) exists on the system... So now I have "stable" system, updated to the latest level, where a lot of things suddenly do not work. This should *never* happen! If it was some package's dep that caused it, it's clear this change was premature... I think is a bug in the packages. In my system the only package that pulls vitual/mta (and therefore ssmtp) is vixie-cron. That is strange. I have sys-process/vixie-cron-4.1-r12 and yet revdep-rebuild does not want to pull virtual/mta. But It should, as cron can be configured to send emails too. As I wrote: there are *many* packages that expect standard *nix mailer exists! If it does not, a lot of packages must be fixed to include mailer as dependency. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] No mailer for Gentoo???
Hi Gentoo-users, after the last update I noticed that "emerge --depclean" removed virtual/mta, mail-mta/ssmtp und net-mail/mailbase. Does it mean mailer is no more part of system? I hope devs know what they are doing. I always thought every *nix system must have mailer. But now, there is not even /var/spool/mail on my Gentoo. That's strange... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] No mailer for Gentoo???
On 06-Sep-13 17:13, Michael Orlitzky wrote: On 09/06/2013 11:01 AM, Jarry wrote: after the last update I noticed that "emerge --depclean" removed virtual/mta, mail-mta/ssmtp und net-mail/mailbase. Does it mean mailer is no more part of system? I hope devs know what they are doing. I always thought every *nix system must have mailer. But now, there is not even /var/spool/mail on my Gentoo. That's strange... It wasn't part of @system before, you just removed the thing that pulled it in. No I did not. mail-mta/ssmtp was part of stage3. And I did not remove now any "thing" that pulled it in. All I did was "emerge --ask --update --deep --newuse world". As a result, python-exec, python-argparse and libxml2 were reinstalled and automake-wrapper, gtk-doc-am, eselect and linux-header updated. Nothing else. After that I did "emerge --depclean" and the above mentioned packages were suddenly removed... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How can I unsubscribe from gentoo-news?
On 27-Aug-13 21:59, Alan McKinnon wrote: On 27/08/2013 18:35, Jarry wrote: I'd like to stop receiving news, how can I do that? Or better said, I'd like to receive gentoo-news only on one of my 6 servers, and turn this feature off on remaining 5... It's in the mail headers: <mailto:gentoo-user+unsubscr...@lists.gentoo.org> you would obviously use -news and not -user I probably did not express myself correctly. What I mean is portage-news. News I get sometimes after "emerge --sync". Not news-mailinglist... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I unsubscribe from gentoo-news?
Hi Gentoo-users, I'd like to stop receiving news, how can I do that? Or better said, I'd like to receive gentoo-news only on one of my 6 servers, and turn this feature off on remaining 5... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] more on SSD: swap
On 21-Jul-13 16:31, luis jure wrote: so what i'm planning to do now is: - put swap on the SSD - reduce swappiness - put /var/tmp/portage on tmpfs so, do you guys think that's a good setup? Sounds good to me. But with 12GB RAM the question is: Do you need swap at all? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] syslog-ng-3.4: time_sleep() deprecated or not?
Hi Gentoo-users, today I updated syslog-ng on my server. When I checked config file, I got this message: # /etc/init.d/syslog-ng checkconfig * Checking your configfile (/etc/syslog-ng/syslog-ng.conf) ... WARNING: Your configuration file uses an obsoleted keyword, please update your configuration; keyword='time_sleep', change='time_sleep() has been deprecated since syslog-ng 3.3' [ ok ] # So I checked the new syslog-ng-ose-v3.4-guide-admin.pdf, but there is nothing about time_sleep() being obsolete or deprecated. Quite on the contrary: it is listed as valid option, and even mentioned in the chapter 17 "best practices" as a way of handling lots of parallel connections. So how is it then? Is time_sleep() supported and valid, or obsolete/deprecated? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I run apache as non-root user?
Hi Gentoo community, I modified apache config to have it running on non-private port 8080. I restarted apache and verified that it is really listening on port 8080 (netstat). But when I check all running apache processes for owners, I see there is still one apache process running as root (rest are running as "apache" user). So my question is: how can I run apache completely as non-root user? IIRC, "root" is necessary only if I want to use "low" port numbers (0-1023), but my apache is using 8080... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] IPTables - Going Stateless
On 21-May-13 17:07, Nick Khamis wrote: We recently moved our stateful firewall inside, and would like to strip down the firewall at our router connected to the outside world. The problem I am experiencing is getting things to work properly without connection tracking. I hope I am not in breach of mailing list rules however, a stripped down configuration is as follows: #echo -e " - Defined Chains" $IPTABLES -N TCP $IPTABLES -N UDP #echo -e " - Accepting SSH Traffic" $IPTABLES -A TCP -p tcp -m tcp -s 192.168.2.0/24 -d 192.168.2.5 --dport 22 -j ACCEPT $IPTABLES -A TCP -p tcp -m tcp -s 0.0.0.0/0 -d 192.168.2.5 --dport 22 -j DROP #echo -e " - Accepting input TCP and UDP traffic to open ports" $IPTABLES -A INPUT -i $INTIF1 -p tcp --syn -j TCP $IPTABLES -A INPUT -i $INTIF1 -p udp -j UDP #echo -e " - Accepting output TCP and UDP traffic to open ports" $IPTABLES -A OUTPUT -o $INTIF1 -p tcp --syn -j TCP $IPTABLES -A OUTPUT -o $INTIF1 -p udp -j UDP Everything works fine with the REJECT rules commented out, but when included SSH access is blocked out. Not sure why, isn't the sequence correct (i.e., the ACCPET entries before the DROP and REJECT)? Also, any pointers or heads up when going stateless would be greatly appreciated. I do not understand why you *want* to omit statefullness, but if you do, you have to take care of corresponding part of ip-traffic yourself. First, you'd better learn someting about "3-way handshaking". That's the way tcp/ip connection is opened. Shortly: 1. client sends to server tcp/ip packet with "syn" flag 2. server responds with "syn/ack" flags 3. client sends "ack" Now look at your rules: you covered only the first part with: $IPTABLES -A INPUT -i $INTIF1 -p tcp --syn -j TCP Where is OUTPUT rule for "syn/ack", and INPUT for "ack"? Nowhere, and because of that you can not open tcp-connection if drop/reject rules are in effect. But instead of playing with tcp-flags I strongly recommend to use statefull firewall, which takes care of this with one simple rule. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] SMART error (CurrentPendingSector) detected on host
On 20-May-13 10:34, Clemente Aguiar wrote: The following warning/error was logged by the smartd daemon: Device: /dev/sda [SAT], 2 Currently unreadable (pending) sectors For details see host's SYSLOG. You can also use the smartctl utility for further investigation. No additional email messages about this problem will be sent. No need to replace disk right now, this is quite normal. Every disk has reserved area, which is used for reallocating "weak" sectors (before they actually become unreadable). If this number does not increase, you can live with it. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] Local root exploit (not?) working...
Hi Gentoo-users, have you noticed the latest local priviledge escalation exploit? http://packetstormsecurity.com/files/121616/semtex.c Actually, it does not (?) work on my box even with PERF_EVENTS, but when I compile & run it (as non-root user), my system is instantly restarted. So it seems that gentoo-sources 3.7.10-r1 are at least partially affected. I hope to see fix soon! Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] vsftpd & syslog-ng: enemies?
Hi Gentoo-users, I have strange problem: I want to collect vsftpd-logs by syslog-ng, so I added this single line at the end of /etc/vsftpd/vsftpd.conf: syslog_enable=YES Then I restarted vsftpd, but now I can not connect to it! I do not get login/password prompt, all I see is: $ ftp 10.0.0.173 Connected to 10.0.0.173 (10.0.0.173). 500 OOPS: priv_sock_get_cmd ftp> I removed that above mentioned line from vsftpd-config, restarted vsftpd, tried again. And everything works as expected. So the problem is caused by that single line. But why "syslog_enable" option does not work? Apart from that my vsftpd.conf is default as it comes with vsftpd-installation, nothing changed. The same is true for syslog-ng.conf. I noticed one more strange thing: whenever I restart vsftpd (/etc/init.d/vsftpd restart), I see messages on the screen but nothing is saved to /var/log/messages (or to any other log-file). When I restart any other service (i.e. sshd, sendmail, bind), corresponding message is recorded to /var/log/messages. Why is it not so in case of vsftpd? It seems to me vsftpd has problem accessing /dev/log... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] open-vm-tools install fails because I have modules disabled??
On 26-Apr-13 18:41, Alan McKinnon wrote: On 26/04/2013 18:37, Jarry wrote: On 26-Apr-13 18:11, Tanstaafl wrote: compile fails with lots of "...error "No Module support in this kernel. Please configure with CONFIG_MODULES" Please tell me that I'm not going to have to enable modules just so I can use the vmware tools?? Yes you are. If you want to use vm-tools ("open" or "vmware"), you have to enable kernel modules. And also some strange options (i.e. vmware-graphics). And as I told you previously, updating to new kernel is really pain in a**. That's why I got rid of the whole vm-stuff and I'm happy without it... Are you aware of "module-rebuild rebuild"? Yes I am. Believe me or not, but this did not work. Nice little scriplet that reduces all that pain to running one single command after installing a new built kernel. I mean there is a problem with new kernel version. Not sure but I suppose open-vm-tools sources are installed into kernel sources tree. And if you install new kernel, open-vm-tools sources are not moved to the new kernel-sources tree. Whenever I installed new kernel-sources and re-created link /usr/src/linux pointing to the new sources, I had to re-emerge open-vm-tools too... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] open-vm-tools install fails because I have modules disabled??
On 26-Apr-13 18:11, Tanstaafl wrote: compile fails with lots of "...error "No Module support in this kernel. Please configure with CONFIG_MODULES" Please tell me that I'm not going to have to enable modules just so I can use the vmware tools?? Yes you are. If you want to use vm-tools ("open" or "vmware"), you have to enable kernel modules. And also some strange options (i.e. vmware-graphics). And as I told you previously, updating to new kernel is really pain in a**. That's why I got rid of the whole vm-stuff and I'm happy without it... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Server system date synchronizaion
On 26-Apr-13 16:10, Joseph wrote: On 04/25/13 10:33, Nick Khamis wrote: We are trying to sync our server's time with an accurate ntp server, and was wondering which of the many solutions are considered viable. I did see the http://en.gentoo-wiki.com/wiki/Time_Synchronization. Our services are quite time sensitive. put this script on a cron and enjoy :-) #!/bin/sh /usr/bin/rdate -s 128.138.140.44 /sbin/hwclock --systohc Yeah, enjoy mysterious crashes of some services which die whenever system time changes rapidly, in one big step (i.e. dovecot, TS, etc)! Man, I sincerely hope you do *NOT* mean this seriously. It might work on desktop but that's definitely NOT the way time on servers should be updated! Some services are so sensitive they crash even if you shift time 0.2s back or forth! I had even to include "tinker step 0" in my ntpd.conf just because of that problem (it means ntpd will now never adjust time by stepping, always only by slewing, which in my case is max 0.5ms per second)... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How reliable is ext3?
On 23-Apr-13 22:40, Alan McKinnon wrote: ext4 is fine. All the horror stories ended years ago and almost all major distros ship it as a default. Hm, I remember one horror story about "ext4 data corruption bug" which circulated in public just a few months ago: https://lkml.org/lkml/2012/10/23/690 Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] LVM on VM or not? - WAS Re: Best filesystem for virtualized gentoo mail server - WAS: vmWare HowTo / best practices
On 21-Apr-13 18:15, Tanstaafl wrote: Ok, googling reveals lots of conflicting opinions about using LVM in a VM environment. I was wanting to use it mainly for its snapshot ability (to get consistent backups of my mailstore and mysql DBs). Also it would be very nice to be able to resize things if needed (I have adequate storage available). But I've found lots of opinions that using LVM in a virtualized environment can lead to data corruption, and if this is true, I'd rather not risk it... So, LVM or not? You can make snapshots from ESXi (btw snapshot is *not* backup), and you can resize VM-disks as well. So the right question is: What are the LVM features I need? If I do not need any, then why should I bother with it? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Best filesystem for virtualized gentoo mail server - WAS: vmWare HowTo / best practices
On 20-Apr-13 17:00, Tanstaafl wrote: Another question - are there any caveats as to which filesystem to use for a mail server, for virtualized systems? Ir do the same issues/questions apply (ie, does the fact that it is virtualized not change anything)? Problem of virtualized filesystem is not that it is virtualized, but that it is located on datastore with more virtual systems, all of them competing for the same i/o. *That* is the bottleneck. If you switch reiser for xfs or btrfs, you might win (or loose) a few %. If you optimize your esxi-datastore design, you might win much more than what you have ever dreamed of. I have 8 VMs (out of them 6 are Gentoo) hosted on ESXi, intended for various tasks (mail, dns, mysql, web, etc), moderately loaded. I used hw-raid controller with 2x sata-hdd in raid1 but performance was quite dissapointing and I experienced all sorts of i/o jams. Then I switched hdd for ssd (yes I use 2 of them in raid1, even if this is not generally recommended) and performance rocks now! I can start now kernel compilation on all 6 VMs at the same time, with near-zero performance penalty (depending on cpu/vcpu ratio and number of threads used). Unthinkable with hdd-based datastore. I would definitely recommend using SSD. Either directly as datastore for VMs, or at least as EXSi host-cache. There is also possibility of "hybrid-raid" (1xSSD and 1xHDD in raid1) on some raid-controllers. Or if your pocket is really deep, you could grab one of those FusionIO-cards to avoid being limited by rather slow sata-interface (SSD for PCIe)... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] vmWare HowTo / best practices
On 19-Apr-13 17:52, Pandu Poluan wrote: Well, for me, XenServer-based virtualization is very very simple. And if I compile the kernel with all Xen PV (paravirtualized) 'FrontEnds', it runs near-natively. Only the xend daemon need some 'tweaking' to run properly. Do a Google search for "gentoo xenserver" and if you find pages written by me, those are my experiences running Gentoo on top of XenServer, successfully. What I had in mind is administration of hypervisor itself. ESXi is feature-rich product, and to handle all its possibilities (i.e. vMotion, vShield, HA, FT, vCenter, DRS/DPM, FW, etc) one have to spend quite long time by studying and the learning curve is very steep (again, I'm comparing with VServer or OpenVZ/Virtuozzo, I do not know XenServer). Deploying Gentoo-guest (or "VM" / "DomU" as they call it) is actually very easy. And after reading your wiki-page I'd say it is easier on ESXi then on XenServer, because there is actually no difference between installing Gentoo on VM, or real hardware (no need for special compile options or special device-files, no limit on boot-loader, etc.). Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] vmWare HowTo / best practices
On 19-Apr-13 16:21, Tanstaafl wrote: Previously I had asked for some help with a preconfigured image, but decided against that, and have been playing and reading. I'm ready to get down to brass tacks with the ultimate goal of getting a new gentoo vm up and running on my esxi host this weekend. Can someone point me to some recent/decent docs on best practices for this? Ideally gentoo related, but just general linux related would be ok too. Things like vmware-tools installation (is open-vm-tools good enough nowadays?), time syncing, snapshots/backups, etc is what I'm looking for. May I join the club? I have been running a few Gentoo-VMs for some time, but I'm still quite new to this "ESXi-world". But one I know for sure is that hypervisor-virtualization is much more complex than OS-virtualization (i.e. VServer or OpenVZ which I have used previously). vmware-tools: I have tested open-vm-tools but now I'm running my VMs without them because every kernel upgrade was a real pain in a**. And trully I did not see any benefit in running vm-tools (maybe it would be different on desktop). For shutdown of Gentoo-VMs from ESXi I use ssh-script or hibernation. Snapshots are very well covered by esxi and for backup I use ghetto-vcb tool (script). It tried backup&restore on one of my running Gentoo-VM servers and it works like charm. For VM-hardware I used (iirc) CentOS template, because with "other linux 64b" I did not get hw-options I wanted to use (LSI-Logic Parallel SCSI controller, and VMXNET3 network adapter). Unfortunatelly there is not a lot info about Gentoo & ESXi and what exists is quite outdated (i.e. Gentoo-wiki). But I used guidelines for general linux-VM, and I consulted problems on VMware community web-page... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: Eth0 interface not found - udev that little slut!!!!!
On 08-Apr-13 19:19, Michael Mol wrote: On 04/08/2013 12:28 PM, Bruce Hill wrote: On Sat, Apr 06, 2013 at 10:58:38PM -0400, Randy Barlow wrote: On Sat, 6 Apr 2013 22:35:22 -0400 Nick Khamis wrote: As for /sbin/ip. I have no such command. I'd recommend installing and becoming familiar with the iproute2 package. I personally find the tools it delivers to be more intuitive than the older tools, and I *think* they are considered to obsolote some tools, such as ifconfig. Ack to Randy's. FWIW: http://inai.de/2008/02/19 That page has a handy list at the end. I've gone back to the page twice today...bookmarked. Maybe time to update our Gentoo Handbook to use "ip" instead of "ifconfig/route" so that users could get used to it right during installation... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Eth0 interface not found - udev that little slut!!!!!
On 07-Apr-13 18:03, Tanstaafl wrote: On 2013-04-07 6:55 AM, Neil Bothwick wrote: On Sat, 06 Apr 2013 17:14:00 -0400, Tanstaafl wrote: Well, in my case 80-net-names-slot.rules was neither empty, nor symlink to dev null, but FULL OF COMMENTS AND NOTING ELSE, Well... even I know enough to reason that 'empty' in this context means no UNcommented lines. Comments are just that, and if there are no UNcommented lines, then nothing is active, hence it is effectively 'empty'. But not actually empty. If you are correct, and I suspect you are, then the news item is poorly worded. No effective content is not the same as no content at all. Oh, I agree that it was poorly worded, I was just pointing out that it was kind of silly to take quite it so literally... Every sysadmin knows (or should know) that a config file full of nothing but comments isn't going to do *anything* other than provide whatever defaults the program is designed to use in such a case. True, but only if admin checks content of the file. The lazy one (me) just checked size (ls -l /etc/udev/rules.d/80-net-name-slot.rules), found it is not linked to /dev/null and the file size is 1667 bytes, and satisfied that he checked all what was in news-item rebooted... Devs should not over-estimate users. Or I put it other way: every news-item should be fool-proof (if it is possible)... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Eth0 interface not found - udev that little slut!!!!!
On 06-Apr-13 19:10, Alan Mackenzie wrote: STOP SPREADING THIS FUD It did not happen to pretty much everybody. It happened to people who blindly updated thignsd and walked away, who did not read the news announcement, who did not read the CLEARLY WORDED wiki article at freedesktop.org or alternatively went into mod-induced panic and started making shit up in their heads. Steady on, old chap! By "it" I was meaning the general inconvenience all round occasioned by the changes between udev-{197,200}. Not everybody encountered this. For example Dale, and Walt D. didn't have to do anything. But pretty much everybody else did. The problem is, news item is not correct! I followed it and yet finished with server having old network name (eth0). Problem was the point 4. in news item, which is not quite clear: - 4. predictable network interface names: If /etc/udev/rules.d/80-net-name-slot.rules is an empty file or a symlink to /dev/null, the new names will be disabled and the kernel will do all the interface naming... - Well, in my case 80-net-names-slot.rules was neither empty, nor symlink to dev null, but FULL OF COMMENTS AND NOTING ELSE, which basically did the same thing as empty file: disabled new network names. Unfortunatelly, I found it just after screwed reboot. But I did everything I found in news item: checked and verified that file was not symlink to /dev/null and that it was not empty (1667 bytes does not seem to me to be empty file). As I wrote previously, I am pretty sure I never created this file manually so it must have been created by som previous udev-version. So I finished up with similar problem as OP: after rebooting I did not find interface I expected. The only difference is I expected already interface with new name, and OP is probably the old one... So I must add my point to complaining about news item not beeing quite clear. And this happens quite often... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: Udev update and persistent net rules changes
On 02-Apr-13 21:58, Alan McKinnon wrote: On 02/04/2013 21:41, Tanstaafl wrote: Are you saying that now, with udev-200, the default is the OLD way, and you have to intentionally enable the NEW way?? No, you are stilling misunderstanding. The news item goes to great lengths to explain that there is a new way and it is different from the old way. Jarry mentioned an EMPTY file, not an absent file. The ebuild does not install an empty file, so it is not the default. Well, believe me or not, but I had "empty" (only comments) file /etc/udev/rules.d/80-net-name-slot.rules : -- # Udev 197 and above has implemented predictable network interface names ... # To activate this function, move this file to a name that doesn't end # in .rules, or remove it then reboot your system -- And I am pretty sure I did not create it manually, so it must have come previously with some stable package, maybe udev197 (it has 25-Jan-2013 time-stamp). So yes, I had to "activate" new interface names manually by renaming the above mentioned file... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Re: Udev update and persistent net rules changes
On 02-Apr-13 21:13, Paul Hartman wrote: On Mon, Apr 1, 2013 at 7:00 PM, Peter Humphrey wrote: The most important para to me in the news item was: "The feature can also be completely disabled using net.ifnames=0 on the kernel command line." I just added that to my grub.conf entries and I sail blissfully on with eth0. I updated remote virtual server (xen guest) and added this same option, crossed my fingers and rebooted, eth0 was still there and I was happy. I think it is not necessary to add any options. If after upgrading to udev200 you do not do anything, after reboot you still have eth0. "Empty" 80-net-name-slot.rules takes care of it... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How to prevent a dns amplification attack
On 31-Mar-13 4:08, Paul Hartman wrote: Coincidentally, yesterday US-CERT published a small article about DNS amplification attacks and mitigation strategies: http://www.us-cert.gov/ncas/alerts/TA13-088A Thanks for interesting link. I did not know bind has support for response rate-limiting... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] iptables (not) started?
On 29-Mar-13 19:43, Mick wrote: On Friday 29 Mar 2013 18:25:11 Jarry wrote: Hi Gentoo-users, I noticed one thing on my server: during boot-up no message about firewall being started is printed on console. I always have to check manually if iptables-rules have been loaded. Strange thing, when doing shutdown, I see messages I expect: * Saving iptables state ... [ ok ] * Stopping firewall ... [ ok ] I checked also /etc/init.d/iptables and I think it should show some messages at start: start() { checkconfig || return 1 ebegin "Loading ${iptables_name} state and starting firewall" ${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}" eend $? } Can someone explain to me why this message is not printed? Do you have some other script starting your iptables, rather than the vanilla /etc/init.d/iptables? No. Does '/etc/init.d/iptables status' show that it is running? * status: started I recorded screen with my video-camera to be sure I did not miss some message. But I found no trace about iptables being started... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] iptables (not) started?
Hi Gentoo-users, I noticed one thing on my server: during boot-up no message about firewall being started is printed on console. I always have to check manually if iptables-rules have been loaded. Strange thing, when doing shutdown, I see messages I expect: * Saving iptables state ... [ ok ] * Stopping firewall ... [ ok ] I checked also /etc/init.d/iptables and I think it should show some messages at start: start() { checkconfig || return 1 ebegin "Loading ${iptables_name} state and starting firewall" ${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}" eend $? } Can someone explain to me why this message is not printed? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How to prevent a dns amplification attack
On 28-Mar-13 9:51, Norman Rieß wrote: Hello, i am using pdns recursor to provide a dns server which should be usable for everybody.The problem is, that the server seems to be used in dns amplification attacks. I googled around on how to prevent this but did not really find something usefull. Does anyone got an idea about this? Try to set-up connection rate limiting using iptables... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How can I prevent gentoo-sources being installed?
On 24-Mar-13 18:39, Canek Peláez Valdés wrote: BTW why should kmod depend on kernel-sources? Or even better, why should be kmod installed, if I have static (non-modular) kernel? Because your use case is not standard. The normal situation for users with kmod installed (and you have already kmod installed, since in your --pretend run appears as to be reinstalled) is for them to use kernel modules. The developers cannot handle every possible combination of configurations, so defaults are set for the least weird cases, or the common case even. But what are kernel-sources good for after kernel has been compiled? They take some disk-space (~700MB in my case!), so I think it is quite logical to compile kernel, install & test it, and after that get rid of kernel-sources. And I still do not know what does kmod need from kernel-sources. Some part of kernel source-code? Strange is, up to now kmod was satisfied even without kernel-sources... I know some other packages look for kernel-sources, but issue only warning if can not found any (i.e. udev). But why does kmod need kernel-sources so badly it pulls them as dependency? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How can I prevent gentoo-sources being installed?
On 24-Mar-13 17:46, Neil Bothwick wrote: On Sun, 24 Mar 2013 17:26:03 +0100, Jarry wrote: [ebuild N ] sys-kernel/gentoo-sources-3.7.10:3.7.10 USE="-build -deblob -symlink" 68,335 kB [ebuild N ] virtual/linux-sources-0 0 kB [ebuild R] sys-apps/kmod-12-r1 USE="tools zlib -debug -doc -lzma -static-libs" KERNEL="(linux%*)" 0 kB Why in the heavens name should be gentoo-sources pulled in as dependency of whatever? As a dependency of virtual-sources, which is probably pulled in by kmod. Adding --tree would have told you for sure. You may get away with adding gentoo-sources to package.provided. Thanks, this works (never heard of this file before). But there is one small problem: no wildcards are allowed, so whenever new sorces come I'll have to edit package.provided again, and again... BTW why should kmod depend on kernel-sources? Or even better, why should be kmod installed, if I have static (non-modular) kernel? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I prevent gentoo-sources being installed?
Hi Gentoo-users, what an unpleasant surprise awaited me today when I tried to update my systems: gentoo-sources want to be installed everywhere! --- # emerge --pretend --update --deep --newuse --verbose world These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild N ] sys-devel/bc-1.06.95 USE="readline -libedit -static" 284 kB [ebuild U ] app-admin/eselect-python-2008 [20100321] 64 kB [ebuild N ] sys-kernel/gentoo-sources-3.7.10:3.7.10 USE="-build -deblob -symlink" 68,335 kB [ebuild N ] virtual/linux-sources-0 0 kB [ebuild R] sys-apps/kmod-12-r1 USE="tools zlib -debug -doc -lzma -static-libs" KERNEL="(linux%*)" 0 kB Total: 5 packages (1 upgrade, 3 new, 1 reinstall), Size of downloads: 68,682 kB --- Why in the heavens name should be gentoo-sources pulled in as dependency of whatever? I have 6 nearly identical machines, and use only one for kernel compilation, so why should I now have gentoo-sources on every system? Can I somehow prevent it? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] Changing static IP remotely...
Hi Gentoo users, what is the proper way of changing static IP-address remotely without the need to restart the whole system (or locking me out)? I have one interface with static IP, so first I'm going to edit /etc/conf.d/net. Then I will set up command for later execution: # echo '#!/bin/bash' > /root/eth-restart # echo '/etc/init.d/net.eth0 restart' >> /root/eth-restart # chmod 0700 /root/eth-restart # at -f /root/eth-restart now + 5 min Then I terminate my ssh-session hoping 5 minutes later I can connect using new IP. Is this correct and all that is necessary? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] "auto-config" of new gentoo-sources?
Hi Gentoo-users, I noticed one thing so I want to ask if it is a coincidence or intentional behaviour. It concerns "installation" of kernel sources (more exactly gentoo-sources). When I installed Gentoo on new computer I followed oficial guide. So I emerged gentoo-sources, went through "make menuconfig", configured everything I needed, compiled kernel, installed, etc. Now the funny thing: When I update sources (like now, 3.7.9) and go through "make menuconfig" again (this time in new tree), there is nearly nothing to do, except a few new features. It looks like they are "pre-configured" exactly for me! :-) So my question is: how is this possible? Is maybe ".config" file from the old sources-tree copied to new sources-tree? Or is the actual configuration of running kernel somehow detected and ".config" file generated? Just curious, because I think it was not always this way. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] No server profile anymore???
Hi gentoo-users, today after syncing portage tree I tried to update my system, but I was "greeted" with message: !!! Your current profile is deprecated and not supported anymore. !!! Use eselect profile to update your profile. !!! Please upgrade to the following profile if possible: default/linux/amd64/13.0 So I reverted to previous snapshot just to see what I had before ("eselect profile list" did not show any selected). Till today I had "default/linux/amd64/10.0/server". To my big surprise, there is no "server" profile for "default/linux/amd64/13.0". So is server-profile not suported anymore??? I hope devs had good reason for this, but anyway a change like *this* should definitely be communicated with users in advance... Right now I'm not sure if Gentoo is not supported for server at all or "13.0" is substitution for "10.0/server". But before there were pure "10.0" and "10.0/server" profiles. So it seems to me server profile was simply removed without any substitution. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How can I update *every* ebuild?
Hi Gentoo-users, I always thought the right way to update everything was: emerge --update --deep --newuse world emerge --update --deep --newuse system When I try the above mentioned, nothing to update is found. Yet when I try i.e. "emerge --pretend nasm", I see: [ebuild U ] dev-lang/nasm-2.10.05 [2.10.01] So there is apparently update for dev-lang/nasm, yet it was not pulled when I tried to update the "world" or "system". And who knows for how many other ebuilds there is update available... So how can I update really *every* ebuild? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] udev-197-r3 update problem...
Hi Gentoo-users, I'm just in the process of updating my nearly identical servers. Some of them I updated without any problem. "Unfortunatelly", right now new udev-197-r3 went stable, and so those servers which I synced with portage-tree later want to pull udev-197, and give this error: --- vs1-sys ~ # emerge --ask --update --deep --newuse --verbose world These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild N ] dev-util/gperf-3.0.4 961 kB [ebuild N ] dev-libs/libgpg-error-1.10 USE="nls -common-lisp -static-libs" 429 kB [ebuild N ] dev-libs/libgcrypt-1.5.0-r2 USE="-static-libs" 1,405 kB [ebuild N ] dev-libs/libxslt-1.1.28 USE="crypt -debug -python -static-libs" 3,356 kB [ebuild N ] sys-apps/kmod-12-r1 USE="tools zlib -debug -doc -lzma -static-libs" 1,246 kB [ebuild U ] sys-fs/udev-197-r3 [171-r9] USE="acl%* kmod%* openrc%* -doc% -gudev -hwdb -introspection -keymap (-selinux) -static-libs% (-action_modeswitch%) (-build%) (-debug%) (-edd%) (-extras%) (-floppy%) (-rule_generator%*) (-test%)" 2,008 kB [ebuild U ] virtual/udev-197 [171] USE="-gudev -hwdb -introspection -keymap (-selinux) -static-libs" 0 kB [ebuild N ] sys-fs/udev-init-scripts-19 5 kB [blocks B ] sys-apps/kmod ("sys-apps/kmod" is blocking sys-apps/module-init-tools-3.16-r2) [blocks B ] sys-apps/module-init-tools ("sys-apps/module-init-tools" is blocking sys-apps/kmod-12-r1) Total: 8 packages (2 upgrades, 6 new), Size of downloads: 9,407 kB Conflict: 2 blocks (2 unsatisfied) * Error: The above package list contains packages which cannot be * installed at the same time on the same system. (sys-apps/kmod-12-r1::gentoo, ebuild scheduled for merge) pulled in by sys-apps/kmod[tools] required by (virtual/modutils-0::gentoo, installed) >=sys-apps/kmod-12 required by (sys-fs/udev-197-r3::gentoo, ebuild scheduled for merge) (sys-apps/module-init-tools-3.16-r2::gentoo, installed) pulled in by >=sys-apps/module-init-tools-3.2 required by (virtual/modutils-0::gentoo, installed) --- So how can I fix this mess? I masked sys-fs/udev-197-r3, now portage does not complain, but it is just temporary solution... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How to get rid of old gcc?
On 10-Jan-13 19:54, Florian Philipp wrote: Am 10.01.2013 19:39, schrieb Jarry: On 10-Jan-13 19:21, Florian Philipp wrote: Am 10.01.2013 19:06, schrieb Paul Hartman: On Thu, Jan 10, 2013 at 10:59 AM, Jarry wrote: I just updated gcc from 4.5.4 to 4.6.3, switched compiler version, rebuilt libtool, but "emerge --depclean" still does not want to remove old gcc. "equery list gcc" shows both are still installed: [IP-] [ ] sys-devel/gcc-4.5.4:4.5 [IP-] [ ] sys-devel/gcc-4.6.3:4.6 If they are in slots, the newer version won't necessarily obsolete the older version. You can use "emerge --depclean -p -v gcc:4.5" to view any remaining dependencies on that slotted version. You can use "emerge -C gcc:4.5" to remove only that slot's version of gcc. Even better: emerge -av --depclean gcc:4.5 This will unmerge the gcc slot if and only if there is no dependency. My guess is you have sys-devel/gcc:4.5 in your world file and not just sys-devel/gcc and that's the reason why depclean won't clean it up. Well, I have *both* sys-devel/gcc *and* sys-devel/gcc:4.5 in /var/lib/portage/world, but how did this happen? I have never put it there! I did not install gcc, I think it came as part of stage3 (system), so why is it suddenly in my world-file? The only thing that comes to mind is that you once did something like `emerge -avu gcc:4.5`. The behavior of -u/--update changed some time ago so that it now adds packages to world if -1/--oneshot is not specified. Maybe time to update "Gentoo GCC Upgrade Guide". There is nothing about this. I just followed it and did only "emerge -u gcc"... Anyway my problem is now solved. Thanks to all who replied. Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] How to get rid of old gcc?
On 10-Jan-13 19:21, Florian Philipp wrote: Am 10.01.2013 19:06, schrieb Paul Hartman: On Thu, Jan 10, 2013 at 10:59 AM, Jarry wrote: I just updated gcc from 4.5.4 to 4.6.3, switched compiler version, rebuilt libtool, but "emerge --depclean" still does not want to remove old gcc. "equery list gcc" shows both are still installed: [IP-] [ ] sys-devel/gcc-4.5.4:4.5 [IP-] [ ] sys-devel/gcc-4.6.3:4.6 If they are in slots, the newer version won't necessarily obsolete the older version. You can use "emerge --depclean -p -v gcc:4.5" to view any remaining dependencies on that slotted version. You can use "emerge -C gcc:4.5" to remove only that slot's version of gcc. Even better: emerge -av --depclean gcc:4.5 This will unmerge the gcc slot if and only if there is no dependency. My guess is you have sys-devel/gcc:4.5 in your world file and not just sys-devel/gcc and that's the reason why depclean won't clean it up. Well, I have *both* sys-devel/gcc *and* sys-devel/gcc:4.5 in /var/lib/portage/world, but how did this happen? I have never put it there! I did not install gcc, I think it came as part of stage3 (system), so why is it suddenly in my world-file? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How to get rid of old gcc?
Hi Gentoo users, I just updated gcc from 4.5.4 to 4.6.3, switched compiler version, rebuilt libtool, but "emerge --depclean" still does not want to remove old gcc. "equery list gcc" shows both are still installed: [IP-] [ ] sys-devel/gcc-4.5.4:4.5 [IP-] [ ] sys-devel/gcc-4.6.3:4.6 So how can I now remove the old gcc? I checked again "Gentoo GCC Upgrade Guide", but did not find a single word about it... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] IPTABLES syntax change?
On 29-Dec-12 19:32, Walter Dnes wrote: 1) I run a desktop, and use passive ftp. Is there any need for me to accept RELATED packets? No, but you must take care of related connections. Even passive ftp opens command (>1023 -> 21) and data (>1023 -> >1023) channel. BTW, icmp-error (i.e. host unreachable) can also be connection related to some other one... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] reboot: something renaming sub-directory in /var/run???
Hi Gentoo-users, I have strange problem: "Something" is renaming /var/run/teamspeak3-server into /var/run/teamspeak3 in every reboot! Maybe it has something to do with udev/openrc/baselayout2, I do not know. This is what happens: I installed teamspeak3-server-bin. It creates (appart from other files/dirs) /var/run/teamspeak3-server for pid-file as it can be found in /etc/init.d/teamspeak3-server: start-stop-daemon --start --quiet --background \ --pidfile "/var/run/teamspeak3-server/server.pid" I can start & stop server as usually and everything works as expected, *as long as I do not restart server*. If I do, after reboot there is no /var/run/teamspeak3-server, but only /var/run/teamspeak3. Now when I try to start ts3-server, it complains: start-stop-daemon: fopen '/var/run/teamspeak3-server/server.pid': No such file or directory Now what the hell is going on? What (and why?) is renaming /var/run/teamspeak3-server into /var/run/teamspeak3 during every restart? /run is on tmpfs but I think it should be saved & restored during restart without any change or lost, or am I wrong? Something is apparently broken, but I do not know what... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] need firewalld?
Hi Gentoo-users, I just noticed some strange message when shutting down my server: ... * Bringing down interface eth0 * Caching network module dependencies need firewalld * Removing addresses ... What does that "need firewalld" mean? Why should it be needed? AFAIK net-firewall/firewalld is masked, moreover I do not want to run it. Why should it be dependency of eth0? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] How to set-up "shutdown-only" user?
Hi Gentoo-users, I'm facing this problem: I *have to* allow one non-root user to shutdown my server remotely (ssh). I know I could create account for him and add his login into /etc/shutdown.allow but I do not want to grant him full shell access. I thought about adding "/sbin/shutdown -a h now" as his shell into /etc/passwd so that right after he authenticates himself, shutdown is called. But I'm not sure something like this is possible (shutdown must be probably called from shel)... Or is there maybe some other way how to create very restricted account where user could not do anything else but call shutdown? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] Unsuscribe
On 10-Nov-12 18:16, cesar diaz wrote: Does anybody knows how can I unsubscribe me of this Gentoo list?.. Pleas help me because I cant do it. Yes, you can. Check header of any mail you got from this list... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] OT: Gentoo as ESXi guest: how to install vmware-tools/open-vm-tools?
On 02-Nov-12 19:50, Michael Hampicke wrote: All I expect from vmware/open-vm-tools is ability for clean shutdown of gentoo-guest in similar way as I can do it with windows-guest. How can I achieve this? You mean shut the guest down via ESXi management console? If you, try installing acpid inside the guest and add it to the default runlevel. I have it running and created /etc/acpi/event/power : event=button/power.* action=/sbin/shutdown -h now But I do not know how to trigger short power-button press. In vSphere-Client "shutdown guest" is still grey, and when I click on "Power->PowerOff", it is just powered off, without shutdown (as if power-button was pressed for long time). I suppose vmware-tools are needed for this... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] OT: Gentoo as ESXi guest: how to install vmware-tools/open-vm-tools?
Hi, this might be a little off-topic, but maybe someone here is running Gentoo on top of VMware/ESXi and could help me. I'm trying to install gentoo-server as vmware esxi guest, but I'm stuck with vmware-tools/open-vm-tools. First I tried "vmware-tools". Installation went smoot, but nothing happened. Just one iso-image got installed in /opt. No doc/readme/txt, nothing. What should I do with it? Then I tried "open-vm-tools" thinking it might be better. But installation of open-vm-tools-kmod failed with message: "CONFIG_DRM_VMWGFX: is not set when it should be" I'm not sure what this option is good for (searched kernel config with grep and did not find it at all), but I think it has something to do with graphics, which I do not want to use on server. Unfortunatelly, open-vm-tools-kmod does not have any use-flags so I can not turn 3d off and I am stuck again. All I expect from vmware/open-vm-tools is ability for clean shutdown of gentoo-guest in similar way as I can do it with windows-guest. How can I achieve this? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] nano in install-amd64-minimal-20121013.iso broken?
I downloaded again, checked hash, but still the same. Apparently broken, so let's wait for this week's autobuild... Jarry On 20-Oct-12 17:30, AleiPhoenix (A.K.A Areverie) wrote: same issue here, even /run is missing (which /var/run symlinked to ), causing dhcpcd cannot work properly already checked sha512 , matched with the hash on the server # SHA512 HASH e3fc90222e30163729a91e203cad6cc742c098e81332396c4aa1a87a8e79e221eb8f75d232173cbe6fb550cfd73af807ffcc0d40c9d4925584028a4eaff5ce48 install-amd64-minimal-20121013.iso what's wrong with it :( livecd gentoo # nano -w /mnt/gentoo/etc/portage/make.conf nano: error while loading shared libraries: libmagic.so.1: cannot open shared object file: No such file or directory livecd gentoo # -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.