Re: [gentoo-user] Encryption questions

2018-12-10 Thread Grant Taylor
On 12/10/2018 02:25 AM, Neil Bothwick wrote: It sounds like ecryptfs would suit your needs best. As it works on directories, you don't need separate mount points for each encrypted directory. The last time I looked at eCryptFS it /did/ need mount points for accessing the unencrypted

Re: [gentoo-user] Encryption questions

2018-12-09 Thread Grant Taylor
On 12/9/18 10:15 PM, Dale wrote: Well, I don't really think I need to encrypt the entire /home mount point. To me, that would be overkill. Of course, that may be easier. I would like to have certain directories that I can store things in that is encrypted. For example, I have some financial

Re: [gentoo-user] CPU upgrade and LVM questions.

2018-12-09 Thread Grant Taylor
On 12/9/18 7:38 PM, Dale wrote: Just making sense of it. Trying to get it firmly in my mind. It just seems to simple and easy to move that much data around and swap drives even while in use. o-O Welcome to the wonders of LVM. You turn a drive / partition into something that LVM can use.

Re: [gentoo-user] Encryption questions

2018-12-09 Thread Grant Taylor
On 12/9/18 4:46 PM, Dale wrote: Howdy, Hi, As some may know, I'm making some changes and upgrades to my puter. One thing I'm considering, encryption of a select directory/mount point/file system. Please elaborate on a hypothetical setup that you would like. It might be worth starting

Re: [gentoo-user] CPU upgrade and LVM questions.

2018-12-09 Thread Grant Taylor
On 12/9/18 3:45 PM, Dale wrote: Grant, Hi Dale, I'm not ignoring this email. I didn't presume you were. ;-) I just keep rereading it. ;-) Okay. Is there an aspect of it that doesn't make sense? Or that you're uncomfortable with? Can I help alleviate the worry? I'm uncertain

Re: [gentoo-user] CPU upgrade and LVM questions.

2018-12-06 Thread Grant Taylor
On 12/06/2018 02:27 AM, Dale wrote: From what I've read, I can use pvmove and pvremove to replace that drive. Just tell pv to move the data and when done, remove the old drive. After that, the new 6TB drive will be used in that PV and the 3TB drive can be used for something else. Is it really

[gentoo-user] net-nntp/inn - This package is masked and could be removed soon!

2018-11-25 Thread Grant Taylor
Hi, I happily use net-nntp/inn on my server and was surprised to find that it is now masked and apparently up for removal. It looks like maintenance has dropped off on the package. I've never maintained a portage overlay or otherwise contributed to Gentoo (save for mailing lists). As such

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

2018-11-17 Thread Grant Taylor
On 11/17/2018 10:33 PM, Andrew Udvare wrote: I switched fully to ACCEPT_KEYWORDS="~amd64" (make.conf) after running mixed for a while. These kinds of issues come up too often and I don't have a lot of time to solve them, plus for my dev machine I just don't notice stable vs unstable most of

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

2018-11-17 Thread Grant Taylor
On 11/17/2018 10:13 PM, Andrew Udvare wrote: It looks like you need to unmask virtual/cargo because you need to have virtual/cargo 1.30.1. These version numbers have to match. That seems to have done it. I added virtual/cargo to /etc/portage/package.accept_keywords/cargo which did have

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

2018-11-17 Thread Grant Taylor
On 11/17/2018 07:58 PM, Adam Carter wrote: Do you have  virtual/cargo installed? Not presently. I removed the following packages as part of troubleshooting. dev-util/cargo virtual/cargo dev-lang/rust virtual/rust I then (re)installed dev-lang/rust per Andrew U.'s recommendation. Sorry

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

2018-11-17 Thread Grant Taylor
On 11/17/2018 06:11 PM, Andrew Udvare wrote: Uninstall dev-util/cargo and emerge -1 dev-lang/rust. dev-lang/rust comes with Cargo. Hum. That didn't solve the problem. #[5828:root@alpha:~]# eselect rust list Available Rust versions: [1] rust-1.30.1 * #[5829:root@alpha:~]# emerge -aDuN

[gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

2018-11-17 Thread Grant Taylor
Hi, Would someone please point me in the proper direction to start reading what I need to do to resolve this problem? [blocks B ] dev-util/cargo ("dev-util/cargo" is blocking dev-lang/rust-1.30.1-r1) * Error: The above package list contains packages which cannot be * installed at

Re: [gentoo-user] Autoexecute when "returning" from sudo ?

2018-10-31 Thread Grant Taylor
On 10/31/2018 10:49 AM, Stefan Schmiedl wrote: You could also define a function like … and skip the extra script file. Agreed. Though I've found that scripts are nicer for some things, like remote command execution. ;-) -- Grant. . . . unix || die

Re: [gentoo-user] logging my activity for audits

2018-09-12 Thread Grant Taylor
On 09/12/2018 09:59 AM, J. Roeleveld wrote: This piqued my interest and decided to google a little bit. Found the following, which might help: https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server I would not want to rely on the PROMPT_COMMAND

Re: [gentoo-user] logging my activity for audits

2018-09-12 Thread Grant Taylor
On 09/12/2018 12:24 AM, J. Roeleveld wrote: Does sudo have a shell-mode? You can use "-i" to invoke a shell, but that's just the target users destination shell. I prefer to use a utility (wrapper) that I wrote that allows me to leverage sudo in my user shell without having to think about

Re: [gentoo-user] logging my activity for audits

2018-09-11 Thread Grant Taylor
On 09/11/2018 06:51 AM, wiicontrol...@gmail.com wrote: If by “all” activity, the customer means all activity, pam_tty_audit is the only solution I have heard of that fits the bill:

Re: [gentoo-user] logging my activity for audits

2018-09-11 Thread Grant Taylor
On 09/11/2018 04:52 AM, Stefan G. Weichinger wrote: Is there a recommended way to track the logs? Specific setup for syslog-ng or in my case journald? Tracking log files is different than getting things into log files. By default, shell history is decidedly excluded from system logs. There

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-19 Thread Grant Taylor
On 06/19/2018 05:57 AM, Mick wrote: Actually, I don't know if there is a way to set up multiple nameservers for corresponding name resolution in/out of the tunnel, without using a domain- specific override as you would with dnsmasq and without leaking DNS queries to the ISP if you are meant to

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-18 Thread Grant Taylor
On 06/18/2018 04:30 AM, Mick wrote: Hi Grant, Hi Mick, I am not overly familiar with networkmanager and the OP has not shared any screenshots or tab-by-tab NM settings, but had a look on a Gnome desktop and when hovering over the "Use only for resources on this connection" setting in the

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-17 Thread Grant Taylor
On 06/17/2018 03:05 PM, Mick wrote: TBH I wouldn't select "Use only for resources on this connection", I thought "Use only for resources on this connection" would enable (what I know as) "split horizon", which is what I thought the OP wanted to do. In other words route company traffic

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-12 Thread Grant Taylor
On 06/12/2018 09:17 AM, Hilco Wijbenga wrote: Okay, I've got it mostly working now. The missing route seems to be "10.0.0.0", "255.0.0.0", "0.0.0.0", "100". 255.0.0.0/8 is special and 0.0.0.0/0 is very special. 255/8 is not globally routed and contains 255.255.255.255 which is used as a

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-11 Thread Grant Taylor
On 06/11/2018 06:50 PM, Alarig Le Lay wrote: The “dev” syntax is correct. As tun0 is a L3 tunnel, you don’t have to bother about ARP next-hop resolution. Thank you for the confirmation Alarig. -- Grant. . . . unix || die

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-11 Thread Grant Taylor
On 06/11/2018 02:51 PM, Mick wrote: As I understand it, the CGN router will rewrite the IP headers and ports from/ to the SOHO router using PCP. This is not a TCP-over-TCP tunnel. The VPN could be TCP based and it could be sending TCP through it. Yes, the potential pitfalls of TCP-in-TCP

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-11 Thread Grant Taylor
On 06/11/2018 04:55 AM, Mick wrote: You'll need a trusted gateway to do the unwrapping and then forwarding to the next hop (SSH forwarding). If you attempt TCP-tunneling (TCP-over-TCP) you'll soon experience 'TCP meltdown' with upper and lower TCP layers' retransmission timeouts. I

Re: [gentoo-user] iproute2 reference

2018-06-10 Thread Grant Taylor
On 06/10/2018 01:13 PM, Grant Taylor wrote: I'll respond later with more details as to what I do to run various things in Network Namespaces. I create the following directories ("mkdir -p" type thing): - /run/mountns/$NSname - /run/netns/$NSname - /utsns/$NSname Firs

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-10 Thread Grant Taylor
On 06/10/2018 12:30 PM, Mick wrote: If NAT'ed between guest and host and then NAT'ed again at the home router, you are double NAT'ed. Or possibly triple NATed if your ISP is using Carrier Grade NAT. At least that's one definition of "double NAT". I tend to use a different definition, one

Re: [gentoo-user] iproute2 reference

2018-06-10 Thread Grant Taylor
On 06/10/2018 12:22 PM, Andrew Udvare wrote: Is it possible to have a VPN clent set up in one of these namespaces and route certain traffic through it from the main stack? I see no reason why it couldn't. It may be entertaining to start and stop the VPN client. I'll respond later with more

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-10 Thread Grant Taylor
On 06/10/2018 10:53 AM, Mick wrote: Ahh! If you're trying to set this up within a VM, this adds a whole new layer of complexity. I assume you're setting up a bridge between host and guest device(s)? Yes, VMs can add additional complexity to the situation. However I suspect that's not the

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-10 Thread Grant Taylor
On 06/09/2018 06:31 PM, Hilco Wijbenga wrote: Okay, with all that advice, I gave it another try. I'm also setting up a VirtualBox for my WFH stuff and VB wants to use 10.0.0.0 for its networking. I've changed this to 172.16.0.0 so now I can easily tell that network from work network (which

Re: [gentoo-user] iproute2 reference

2018-06-10 Thread Grant Taylor
It helps if I actually add the foot note. On 06/10/2018 10:38 AM, Grant Taylor wrote: I will say that you'll likely need other systems [1] to test things like tunnels to / between. [1] You can easily have one machine be multiple systems via Network Namespaces. I routinely use Network

Re: [gentoo-user] iproute2 reference

2018-06-10 Thread Grant Taylor
On 06/10/2018 07:15 AM, Peter Humphrey wrote: Hello list, Hi, I'm trying to learn how to use the "ip" command to manage routing on one of my boxes, which has two Ethernet interfaces. Cool. There's a LOT that you can do. I will say that you'll likely need other systems [1] to test things

Re: [gentoo-user] NFS and user IDs

2018-06-09 Thread Grant Taylor
On 06/08/2018 10:42 PM, Ian Zimmerman wrote: Is there _any_ way around the need to keep the user IDs matched on NFS clients and servers? I can argue that the IDs don't have to be synchronized to use NFS. You just end up with unexpected complications from different IDs on different systems.

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-08 Thread Grant Taylor
On 06/08/2018 06:20 PM, Hilco Wijbenga wrote: What would be the "correct" output for "ip route"? It's difficult to say. I'd look up some of the *.i.company.com names and see what IP addresses they resolve to. I'd then reconfigure the VPN with "Use only for resources on this connection."

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-08 Thread Grant Taylor
On 06/08/2018 03:31 PM, Hilco Wijbenga wrote: Sigh, I take it back. That causes the internal sites to no longer work. Okay. So you're on the proper track. I'm guessing the work network isn't a simple single prefix. Or at least the VPN client doesn't route enough through the VPN. Check

Re: [gentoo-user] Enable "regular" network traffic when using VPN

2018-06-08 Thread Grant Taylor
On 06/08/2018 01:42 PM, Hilco Wijbenga wrote: Hi all, Hi Hilco, I am logging all DNS requests and I can see that dnsmasq is responding correctly (and, in fact, identically) to, say, google.com with or without VPN. But the browser just hangs. Until I disconnect VPN, then everything works

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 07:33 PM, tu...@posteo.de wrote: putty (has a gui and minimal configuration possibilities for serial connections and bunch more...) plink is the command line / text equivalent of PuTTY, from the same authors. -- Grant. . . . unix || die

Re: [gentoo-user] Re: Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 05:12 PM, Grant Edwards wrote: The 3270 was completely screen-oriented. An entire screen was loaded from the host. That screen included fields with various attributes (e.g. editable vs. read-only). You could edit whatever was editable on the screen, and then when you hit

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 03:44 PM, R0b0t1 wrote: Yes - screen can hold everything until you hit enter and allow you to edit the line and do wrapping clientside. Screen also handles control codes properly. Good to know. Aside: Now my brain is trying to remember the old differences between telnet and

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 03:06 PM, David M. Fellows wrote: As a terminal emulator that has a lot of configurabilty. I'm quite curious what sort of configuration you use in (what I understand to be) a text based communications package in your day to day activities. I do so much via SSH that I don't

Re: [gentoo-user] Re: Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 02:39 PM, Grant Edwards wrote: Just to be pedantic, ckermit isn't a terminal emulator. It's a serial comm package that will connect a serial port to whatever terminal/tty you used to run the ckermit command. It's also a file transfer protocol, but that's pretty much irrelevant

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 02:43 PM, R0b0t1 wrote: Have you tried screen? It may have more features than kermit by default, but it is intended for speaking with "smart" terminal devices and will do lots of input processing. Are you saying that screen (and possibly tmux, etc.) have the ability to inject

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 12:45 PM, David M. Fellows wrote: Since you want to blast to the past... kermit may do what you need. Back in the day it connected everything to everything. See http://www.kermitproject.org/ emerge ckermit. Are you advocating kermit as a protocol or as a terminal (emulator)

Re: [gentoo-user] Re: Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 01:00 PM, Håkon Alstadheim wrote: Pro-tip: if running emacs on the remote machine, make sure your terminal-connection does not interpret Control-S as a STOP signal, i.e. anything to do with XON/XOFF you do NOT want enabled in your shell-connection. Just to clarify, this is a

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 11:54 AM, Grant Taylor wrote: Random thought:  I have no idea if Plan9's terminal emulator has any features for this or not.  It may be worth looking at.  I believe it's been ported to Linux. You might also want to check out using vim or emacs as they have terminal emulators

Re: [gentoo-user] Console serial terminal/console with command history?

2018-05-22 Thread Grant Taylor
On 05/22/2018 11:39 AM, tu...@posteo.de wrote: I am currently exploring Mecrisp-Stellaris FORTH on a STM32F103C8 uC. #learningIsFun To communicate with the FORTH-system I use a serlal terminal console like picocom. Okay. Since I am still learning this quirky though fascinating language I

Re: [gentoo-user] Globally Disable Prompt Formatting, In All Programs Everywhere For All Time

2018-05-17 Thread Grant Taylor
On 05/16/2018 03:11 PM, R0b0t1 wrote: Today, I feel the need to ask about how to Globally Disable Prompt Formatting, In All Programs Everywhere For All Time. I'm not aware of a universal way to disable prompt formatting. Are you talking specifically about the shell prompt? What other things

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-06 Thread Grant Taylor
On 04/06/2018 04:51 PM, Mick wrote: Domestic grade routers which offer IKEv1, typically use PSK for authentication, not TLS certificates. The PSK is what IKE uses in userspace to establish a secure connection with authentication between peers for the purpose of exchanging the IPSec keys to

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-06 Thread Grant Taylor
On 04/06/2018 11:58 AM, Mick wrote: I think you mean IKEv2 + IPSec? I don't remember IKE involved the last time I had to manually set up an IPSec connection between two Windows systems (or Windows and a Netgear router). I think it was /completely/ manual and PSK. IKEv2 is used to exchange

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-05 Thread Grant Taylor
On 04/05/2018 03:51 AM, gevisz wrote: Yes, the Host is running Windows. Seeing as how both the ""Host and the ""Client are running Windows, I would think seriously about trying to leverage Windows' built in VPN capabilities. The following things come to mind: - (raw) IPSec - this might

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-05 Thread Grant Taylor
On 04/05/2018 08:51 AM, gevisz wrote: It is strange because just today I have learned that VPN server should be set on the host with static IP visible the in Internet. Otherwise a VPN-client has no way to connect to the VPN-server. The static IP is not a strict requirement. It just greatly

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-05 Thread Grant Taylor
On 04/05/2018 03:51 AM, gevisz wrote: Yes. And the Client also has static IP. Moreover, both OR and IR have static IPs from the inside. So, the Host can make a connection request to the Client. With the client having a static IP, things become a LOT simpler. Simply flip things around and

Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux?

2018-04-04 Thread Grant Taylor
On 04/04/2018 02:18 PM, gevisz wrote: A friend of mine asked me to recommend him an open-source VPN-server for Linux but unfortunately I never used one. That's a loaded ask. After some googling, I have found OpenVPN but do not know if it is the best choice that suits his purposes, namely to

Re: [gentoo-user] xterm ignoring "XTerm*titeInhibit: true" in .Xresources

2018-04-03 Thread Grant Taylor
On 04/03/2018 05:19 PM, Grant Taylor wrote: "mtr", "vim", and "less" all three use what Xterm calls the "Alternate Screen".  You can see this while the programs are running by looking at the VT Options menu (Ctrl+Middle Click) and seeing that the "Sh

Re: [gentoo-user] xterm ignoring "XTerm*titeInhibit: true" in .Xresources

2018-04-03 Thread Grant Taylor
On 04/03/2018 02:50 PM, Walter Dnes wrote: Lately, I've noticed that text apps under xterm snap back to the original screen after the app finishes. This doesn't happen with all apps. When I hit "q" in "top", the output stays on the screen. But other apps like "mtr" and "vim" and "less"

Re: [gentoo-user] Re: Gentoo Hardened vs Kali Linux

2018-04-03 Thread Grant Taylor
On 04/02/2018 10:15 PM, Ian Zimmerman wrote: Does that mean LFS is dead? That would be a pity. Nope. I see "2018" on the http://www.linuxfromscratch.org/ website. At a quick glance, it looks like LFS is still alive. I was referring to my ignorance of if LFS has changed since I last

Re: [gentoo-user] Gentoo Hardened vs Kali Linux

2018-04-02 Thread Grant Taylor
On 04/02/2018 08:47 PM, Adam Carter wrote: If you haven't installed and maintained a gentoo system before, its a great way of building a solid foundation of knowledge. Agreed. Though I do think that reading the Linux from Scratch book and doing the install along with the book will likely

Re: [gentoo-user] Gentoo Hardened vs Kali Linux

2018-04-02 Thread Grant Taylor
On 03/31/2018 09:37 AM, Hubert Hauser wrote: Hello! Hi, I want to learn from scratch securing Linux and ethical hacking. Should I do as the most people so install Kali Linux on virtual machine or install Gentoo Hardened with Pentoo overlay on my PC? I heard a lot of negative opinions about

Re: [gentoo-user] Re: gcc-6.4.0-r1::gentoo failed (compile phase)

2018-03-28 Thread Grant Taylor
On 03/28/2018 03:53 PM, Ian Zimmerman wrote: Well, that's too many 3-letter acronyms for me It is lower level, yes. All the filesystem code is on the client; the server only handles requests of the form "here's the new contents of block 1234, and be sure to tell me when it's safely on disk".

Re: [gentoo-user] Re: gcc-6.4.0-r1::gentoo failed (compile phase)

2018-03-28 Thread Grant Taylor
On 03/28/2018 02:51 PM, Ian Zimmerman wrote: NBD (Network Block Device) may be an alternative to NFS in some situations. Doesn't NBD (iSCSI and ATA over Ethernet) show up more like SAN compared to NFS which is NAS? -- Grant. . . . unix || die

Re: [gentoo-user] Bouncing Messages

2018-03-04 Thread Grant Taylor
On 03/04/2018 05:45 AM, Stroller wrote: Yet the above had a from: address at the tnetconsulting.net domain. Said from address was a sub-domain, which has a different DMARC policy. Moaning to me won't change how the mailing list software works. Sharing my opinion on things without expecting

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

2018-03-03 Thread Grant Taylor
On 03/03/2018 05:55 PM, Walter Dnes wrote: Assuming I just want filtering, could I emerge nftables and unmerge iptables and have a functional firewall? Simplistically, yes. It's my understanding that iptables and nftables are two completely different firewalling technologies. So you will

Re: [gentoo-user] Bouncing Messages

2018-03-03 Thread Grant Taylor
On 03/03/2018 12:00 PM, Grant Taylor wrote: * I do not consider messages from me re-sent by mailing lists to be messages that I send.  I say this because my email infrastructure does NOT connect to any of the mailing list subscribers receiving email infrastructure.  IMHO the mailing list

Re: [gentoo-user] Bouncing Messages

2018-03-03 Thread Grant Taylor
On 03/03/2018 07:47 AM, Stroller wrote: My recollection is that I read this isn't that beneficial - that a policy of ~ is adequate. I'm guessing that you're referring to SPF's "~all" policy. Why, as a domain owner that knows for a fact where messages are sent from, want to allow for the

Re: [gentoo-user] Re: QEMU on a partition

2018-03-03 Thread Grant Taylor
On 03/03/2018 05:54 AM, Mick wrote: UDP encapsulation as used for e.g. VPN does not suffer with the same problem because it does not use the same transmission quality control mechanism as TCP. I think it's fair to say that it doesn't suffer at the protocol (TCP / UDP) level. There is

Re: [gentoo-user] repair FAT-fs

2018-03-02 Thread Grant Taylor
On 03/02/2018 10:34 PM, the...@sys-concept.com wrote: No, my system is not recognizing "sdb" Hum. :-/ Your original dmesg output showed that the kernel detected sdb. What does lsblk (?) show? Does your system detect USB flash drives properly? (USB Mass Storage) -- Grant. . . . unix ||

Re: [gentoo-user] repair FAT-fs

2018-03-02 Thread Grant Taylor
On 03/02/2018 10:17 PM, the...@sys-concept.com wrote: I've tried: fsck.vfat -v -a -w /dev/sdb1 fsck.fat 4.0 (2016-05-06) open: No such file or directory This doesn't work either: fdisk /dev/sdb Welcome to fdisk (util-linux 2.28.2). Changes will remain in memory only, until you decide to write

Re: [gentoo-user] Re: Bouncing Messages

2018-03-02 Thread Grant Taylor
On 03/02/2018 05:47 PM, Ian Zimmerman wrote: Flam^H^H^H^H value judgments aside, does DMARC also change the long standing standard of sending rejections to the envelope address? No, DMARC should not change the principle operation of SMTP, save for additional checks that messages must pass.

Re: [gentoo-user] Bouncing Messages

2018-03-02 Thread Grant Taylor
On 03/02/2018 04:59 PM, Dale wrote: I admit. This is all over my head. I'm just hoping I didn't miss anything important. The biggest thing, some of you figured out what happened, created a roach report and hopefully it will lead to a fix at some point. Heck, I'm happy that whatever the

Re: [gentoo-user] QEMU on a partition

2018-03-02 Thread Grant Taylor
On 03/02/2018 09:45 AM, Mick wrote: Does it make a measurable difference, after the guest OS has booted? IMHO, /bin/yes I'll need to try this out. :-) Yes, you should try it out for yourself. I've found that removing not-strictly-needed layers of abstraction reduces complexity and makes

Re: [gentoo-user] QEMU on a partition

2018-03-02 Thread Grant Taylor
On 03/02/2018 08:33 AM, R0b0t1 wrote: You can pass a block device directly to QEMU, and this is recommended for performance reasons. I have a Windows 10 VM that was passed an entire SSD; it runs fine, and you can take the disk and plug it into other computers. Passing a partition is a little

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

2018-03-02 Thread Grant Taylor
On 03/02/2018 05:08 AM, Rich Freeman wrote: On the other hand, if netfilter were implemented in userspace such as via a microkernel, then if it contained a bug the remote attacker would be able to MITM all network traffic on the machine, but that would be the extent of the access they have.

Re: [gentoo-user] Bouncing Messages

2018-03-02 Thread Grant Taylor
On 03/02/2018 02:52 PM, Dale wrote: I did send a help message first, so that I would know exactly what to do. I followed it. Still, I don't think I received anything even now. I'm not surprised. The testing that I did last night when you posted the links caused me to believe that the

Re: [gentoo-user] Re: Bouncing Messages

2018-03-02 Thread Grant Taylor
On 03/02/2018 09:36 AM, Ian Zimmerman wrote: These are all from Grant Taylor. They are DKIM-signed, and, not surprisingly given the list header and footer munging, signature verification fails (on my mail server). Correct. DKIM verification is failing and my DMARC policy is configured

Re: [gentoo-user] [okey..] [OT] Best *SIMPLE* firewall?

2018-03-01 Thread Grant Taylor
On 03/01/2018 03:12 AM, Wols Lists wrote: I had great trouble with yahoo and a mailing list - it kept filing all the ham (from mailing lists) as spam, and left all the spam (mostly yahoo advertising crap in the inbox. Consider the source of your troubles. ;-) -- Grant. . . . unix || die

Re: [gentoo-user] Re: Best *SIMPLE* firewall?

2018-02-28 Thread Grant Taylor
On 02/28/2018 04:47 PM, Grant Taylor wrote: I know that iptables can filter based on a process owner and cgroup. So, depending on how the applications are running, you might be able to come close to what you're after. You might be able to punt (metadata about) packets into a user space

Re: [gentoo-user] Re: Best *SIMPLE* firewall?

2018-02-28 Thread Grant Taylor
On 02/28/2018 04:22 PM, taii...@gmx.com wrote: Is there a windows style application layer firewall? I'm not aware of one. I know that iptables can filter based on a process owner and cgroup. So, depending on how the applications are running, you might be able to come close to what you're

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

2018-02-28 Thread Grant Taylor
On 02/28/2018 02:15 PM, Walter Dnes wrote: Is there something besides iptables? nftables I think BPF may come into context here, but I've mostly ignored it, so I'm not sure. It seems to be like systemd/perl/python, continuously expanding its scope. What do you mean? I've seen newer

Re: [gentoo-user] OT: aggregating filesystem

2018-02-22 Thread Grant Taylor
On 02/22/2018 07:43 PM, Bill Kenworthy wrote: Is there such a thing as a linux network filesystem that aggregates storage across a few machines? I am not talking about dedicated chunk servers and the like, but something that can make available a the unused space on a number of machines

Re: [gentoo-user] /var/tmp on tmpfs

2018-02-09 Thread Grant Taylor
On 02/09/2018 03:30 AM, gevisz wrote: May be, it is not a good idea to put /mnt on tmpfs at the time of Spector and Meltdown? I wouldn't put /mnt on tmpfs as I routinely create mount points there in. As such they would be lost on reboot. What difference does Spector or Meltdown (or the

Re: [gentoo-user] Re: /var/tmp on tmpfs

2018-02-08 Thread Grant Taylor
On 02/08/2018 03:32 PM, gevisz wrote: In this case it would be nice to hear a reason. I think the reason probably goes back a number of years. When /tmp was made volatile (ram / swap backed) there was a need for non-volatile temp space. Thus, /var/tmp was created as non-volatile

Re: [gentoo-user] /var/tmp on tmpfs

2018-02-08 Thread Grant Taylor
On 02/08/2018 04:18 PM, Wol's lists wrote: EMPHATICALLY YES. ;-) /tmp is defined as being volatile - stuff can disappear at any time. I don't know that I've ever had things in /tmp disappear "at any time" as in randomly and without external influence. Usually it's a reboot or nightly

Re: [gentoo-user] /var/tmp on tmpfs

2018-02-08 Thread Grant Taylor
On 02/08/2018 10:11 AM, gevisz wrote: And I am going to set the whole /var/tmp on tpmfs instead of just /var/tmp/portage Is it ok? I don't know about the context of emerging, but I do know about the context of /var/tmp being volatile. More specifically, /var/tmp is traditionally supposed

Re: [gentoo-user] [OT] A little help for non-native English speakers

2018-02-02 Thread Grant Taylor
On 02/02/2018 01:03 AM, Neil Bothwick wrote: https://en.wikipedia.org/wiki/English_relative_clauses#That_or_which_for_non-human_antecedents This mentions Fowlers, the reference that Peter said to read. Thank you. Unfortunately, the distinction, and so the subtleties of meaning, is falling

Re: [gentoo-user] [OT] A little help for non-native English speakers

2018-02-02 Thread Grant Taylor
On 02/02/2018 01:10 AM, Neil Bothwick wrote: We could use Perl. I see your Perl and raise you Lisp. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature

Re: [gentoo-user] [OT] A little help for non-native English speakers

2018-02-01 Thread Grant Taylor
On 02/01/2018 11:55 AM, Neil Bothwick wrote: MUPHRY'S LAW: The principle that any criticism of the writing of others will itself contain at least one grammatical error. And don't get me started on people using "which" when they should be using "that". (In this case, which is correct but it

Re: [gentoo-user] Re: [OT] A little help for non-native English speakers

2018-02-01 Thread Grant Taylor
On 02/01/2018 11:50 AM, Neil Bothwick wrote: etc is from the Latin et cetera, meaning "I couldn't be bothered thinking of any more". ~chuckle~ IMHO that makes the name of the "/etc" directory all that much more entertaining. As in Dennis R. and Ken T. couldn't be bothered to come up with

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 05:30 PM, Grant Taylor wrote: I'm trying to juggle the various pieces as I understand them to see if everything can work together. I have a fleeting thought that /might/ work. I want to write it down before I loose it. 1) Configure Sendmail's MTA to not have any listening

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 04:58 PM, Grant Edwards wrote: That would require seperate outbound transports that are selected based on how the mail was read: smtp vs. /usr/bin/sendmail (the real one). Okay I get the impression from exim and postfix docs that outbound routing based on input method

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 04:04 PM, Grant Edwards wrote: One of the hassles with those is that portage won't allow me to install any of them because they conflict with msmtp, which is what I use for sending normal e-mail. I would expect that you can use any of those in place of msmtp to send email too.

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 03:24 PM, Ian Zimmerman wrote: But if I understand the problem now (a well sized if, LOL) that doesn't by itself help you because the existing script is broken; replacing the script is the main part of the problem. Right? Grant E.'s existing script purportedly functions just

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 01:29 PM, Grant Edwards wrote: Aargh. smtpd. Typos like that certinaly don't help the confusion. *chuckle* - Mistakes happen. - Context answered the question more than 90%. I'm going to try stunnel in front of the existing solution first. If that doesn't work, I'll try

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 12:48 PM, Grant Edwards wrote: Yep, and it looks like the Postfix equivalent is a custom pipe transport. Once you know what phrases to google for, it's a lot easier. *nod* I figured that you would be able to find something. Hence why I mentioned the terms. ;-) I could live

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 12:48 PM, Alan McKinnon wrote: I'm also wondering why you need 2 bits. Earlier in the thread you mentioned that you send perhaps a few messages a week and never more than one connection at a time. Grant E. has indicated elsewhere in the thread that his /usr/bin/sendmail script

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 11:59 AM, Grant Edwards wrote: I meant the sematics and sytax of the command line options and the data accepted on stdin and produced on stdout. I probably should have said "usage" rather than API. Since I always use that utility from a Python or Bash program, in my head that's

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 11:38 AM, Grant Edwards wrote: I have a /usr/bin/sendmail emulator that transfers mail to an MTA that will then worry about delivery. I need an SMTP server that will relay incoming mail by using that existing command-line utility. … I need something that accepts mail via SMTP

Re: [gentoo-user] Re: Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 11:31 AM, Grant Edwards wrote: I want to accept incoming email via SMTP (my computer is an SMTP server). Okay. So you don't need to accept mail via /usr/sbin/sendmail (et al). Or rather, that's what you want email to leave the relay through. I want to relay each of those

Re: [gentoo-user] Simple SMTP to cmd-line MTA relay?

2018-01-19 Thread Grant Taylor
On 01/19/2018 11:03 AM, Grant Edwards wrote: I need to setup an SMTP relay server. Okay. It needs to accept messages as an SMTP server (using SSL and AUTH on a non-standard port) from a single user and single source and then relay them by passing them to a command-line MTA (e.g.

Re: [gentoo-user] How do I customize x11-terms/xterm?

2018-01-14 Thread Grant Taylor
On 01/09/2018 01:52 AM, Neil Bothwick wrote: You can usually add extra configure items by creating, in your case /etc/portage/env/x11-terms/xterm containing EXTRA_ECONF="--enable-blah..." I created the /etc/portage/env/x11-terms directory and added the xterm file with the following

Re: [gentoo-user] How do I customize x11-terms/xterm?

2018-01-09 Thread Grant Taylor
On 01/09/2018 01:52 AM, Neil Bothwick wrote: You can usually add extra configure items by creating, in your case /etc/portage/env/x11-terms/xterm containing EXTRA_ECONF="--enable-blah..." That seems simple enough. Putting the patch in /etc/portage/patches/x11-xterms/xterm should do it.

[gentoo-user] How do I customize x11-terms/xterm?

2018-01-08 Thread Grant Taylor
How do I customize the features that are compiled into x11-terms/xterm? I have been playing with a customized version of Xterm outside of portage and I'd like to migrate my customizations to the copy of Xterm that is emerged as part of the system. So far my customizations consist of a

  1   2   >