From alan at redhat.com Thu Jan 1 01:25:11 2004 From: alan at redhat.com (Alan Cox) Date: Wed, 31 Dec 2003 20:25:11 -0500 Subject: Proposal: Discourage rpmbuild --sign In-Reply-To: <3FF34741.2010801@togami.com> References: <3FF2C434.50609@togami.com> <20031231164356.40165dbb.ms-nospam-0306@arcor.de> <1072891463.3232.10.camel@roque> <20031231190248.GA4339@linnie.riede.org> <1072898358.13206.5.camel@roque> <20031231203036.GC4339@linnie.riede.org> <3FF34741.2010801@togami.com> Message-ID: <20040101012511.GA21740@devserv.devel.redhat.com> On Wed, Dec 31, 2003 at 12:01:37PM -1000, Warren Togami wrote: > Rather than disable rpmbuild as root or rpmbuild --sign, it should > 1) Big warning message with URL to learn more. > 2) Delay for 30 seconds. > 3) Perhaps have a hidden config option to disable the warning & delay > for users who want to hang themselves. This option could be > '%stupidbehavior yes'. For FC2 the whole "root" thing is irrelevant. Something like a default configuration to not build as root might be a good idea for FC1 but thats the past (and I'd do it that way - a default config which told you what option to override it). Once SELinux is in the picture the rules change. You can set up the buildroot for example with rules of the form Nothing but a trusted copy of rpm may alter the buildroot proper The building task in the buildroot may not alter anything outside its build tree The building task may not talk to the network The building task may not run the trusted copy of rpm The building task many not read anything outside the buildroot etc Its a whole new ball game. "root" is just a status symbol 8) From ms-nospam-0306 at arcor.de Thu Jan 1 07:43:47 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Thu, 1 Jan 2004 08:43:47 +0100 Subject: Proposal: Discourage rpmbuild --sign In-Reply-To: <1072891463.3232.10.camel@roque> References: <3FF2C434.50609@togami.com> <20031231164356.40165dbb.ms-nospam-0306@arcor.de> <1072891463.3232.10.camel@roque> Message-ID: <20040101084347.205ee58e.ms-nospam-0306@arcor.de> On Wed, 31 Dec 2003 17:24:23 +0000, Rui Miguel Seabra wrote: > On Wed, 2003-12-31 at 15:43, Michael Schwendt wrote: > > On Wed, 31 Dec 2003 02:42:28 -1000, Warren Togami wrote: > > > Proposal > > > ======== > > > rpm-4.2.2 in rawhide and all future versions should discourage the use > > > of rpmbuild --sign. Perhaps this can be done effectively by adding a > > > large and annoying warning message and 15 second delay. Or disable it > > > completely. I don't care how, just discouragement should be done. > > > > This is an over-ambitious proposal. How do you want to prevent users from > > test-driving a built binary rpm with their normal user account where the > > malicious software has access to many other security relevant data? > > > People don't build src.rpms for fun. They build them to install the built > > packages as root (!) and then to use them from within their normal user > > account. > > He's talking about 'rpmbuild --sign zbr' and not 'rpmbuild zbr' I'm perfectly aware of that. But it doesn't make a difference. > The problem is well explained, and only who doesn't believe a trojan > could be inject in apparently good source code (ie, downloaded from > sf.net, for instance -- ever heard of dns spoofs?) doesn't understand. > > When I build RPMS for AbiWord, I build the RPMS with a specific user for > rpmbuilding, and sign the rpms afterward with my key, on my account. The problem continues when you install the built package as "root" and when you use your normal user account to execute the software. Separating an rpmbuild account from one that has access to your secret key ring is good, but not bullet-proof. Also think about developers who build rpms of their own software. They wouldn't like an "annoying warning message and a 15 second delay". -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From kms at passback.co.uk Thu Jan 1 10:29:16 2004 From: kms at passback.co.uk (Keith Sharp) Date: Thu, 01 Jan 2004 10:29:16 +0000 Subject: Path for upgrading from Red Hat Linux 9 to Fedora Core 2? Message-ID: <1072952955.19941.52.camel@animal> Hello, Given that the dates for the FC 2 release and the EOL of RHL 9 are quite close to each other, is the plan to allow the upgrade of RHL 9 systems directly to FC 2? Or will the recommended path be: RHL 9 -> FC 1 -> FC 2? Thanks, Keith. From warren at togami.com Thu Jan 1 10:41:34 2004 From: warren at togami.com (Warren Togami) Date: Thu, 01 Jan 2004 00:41:34 -1000 Subject: Path for upgrading from Red Hat Linux 9 to Fedora Core 2? In-Reply-To: <1072952955.19941.52.camel@animal> References: <1072952955.19941.52.camel@animal> Message-ID: <3FF3F95E.6030503@togami.com> Keith Sharp wrote: > Hello, > > Given that the dates for the FC 2 release and the EOL of RHL 9 are quite > close to each other, is the plan to allow the upgrade of RHL 9 systems > directly to FC 2? > > Or will the recommended path be: RHL 9 -> FC 1 -> FC 2? > > Thanks, > > Keith. Anaconda upgrade I'm guessing will be supported from both RH9 and FC1 to FC2. You may be able to do it using apt or yum too, but I'm guessing that wont properly setup all of the new 2.6 kernel + selinux default policies. Anything else apt/yum upgrade to FC2 wont do that Anaconda would? Warren From barryn at pobox.com Thu Jan 1 12:46:58 2004 From: barryn at pobox.com (Barry K. Nathan) Date: Thu, 1 Jan 2004 04:46:58 -0800 Subject: Anaconda upgrade stuff (was Re: Path for upgrading...) In-Reply-To: <3FF3F95E.6030503@togami.com> References: <1072952955.19941.52.camel@animal> <3FF3F95E.6030503@togami.com> Message-ID: <20040101124658.GA10079@ip68-4-255-84.oc.oc.cox.net> On Thu, Jan 01, 2004 at 12:41:34AM -1000, Warren Togami wrote: > Anaconda upgrade I'm guessing will be supported from both RH9 and FC1 to > FC2. You may be able to do it using apt or yum too, but I'm guessing > that wont properly setup all of the new 2.6 kernel + selinux default > policies. > > Anything else apt/yum upgrade to FC2 wont do that Anaconda would? (Now that I've finished writing this message, I realize that most of this probably doesn't affect a yum/apt/up2date upgrade from RH9 or FC1, or from RH 8.0 for that matter. It's important stuff to pay attention to when upgrading from RH 7.3 or earlier, however, particularly the stuff that anaconda pulls in when it sees gnome-core.) Let's see... (Some of these may be handled automatically by yum or apt, or up2date for that matter if you use it rather than yum or apt, but I'll mention them anyway.) If you have any linuxconf packages installed, it removes those. (Specifically, it removes linuxconf, linuxconf-devel, and gnome-linuxconf.) If you have XFree86 on the system, it makes sure to install xterm (since xterm was split into a package of its own at some point). If up2date-gnome is installed, it installs rhn-applet as well. (According to a comment in upgrade.py: "if they have up2date-gnome, they probably want the applet now too since it works in both gnome and kde") If gnome-core is installed, anaconda makes sure that these other packages also get installed (this is needed for a complete GNOME 1.x to GNOME 2.x upgrade): gnome-terminal gnome-desktop gnome-session gnome-panel metacity file-roller yelp nautilus (This last one is *definitely* not done automatically by up2date. I don't know about yum or apt.) Oh, yeah, anaconda also warns you if you're upgrading from anything earlier than Red Hat 6.2, or if you're upgrading from a system that has Helix/Ximian GNOME installed. This is all the stuff that popped out at me when I looked at the (rawhide) anaconda source code. (I think anaconda from FC 1 was no different in this regard, though.) There could be other stuff that I missed, nonetheless... -Barry K. Nathan From kdebisschop at alert.infoplease.com Thu Jan 1 14:00:09 2004 From: kdebisschop at alert.infoplease.com (Karl DeBisschop) Date: Thu, 01 Jan 2004 09:00:09 -0500 Subject: Proposal: Discourage rpmbuild --sign In-Reply-To: <20040101084347.205ee58e.ms-nospam-0306@arcor.de> References: <3FF2C434.50609@togami.com> <20031231164356.40165dbb.ms-nospam-0306@arcor.de> <1072891463.3232.10.camel@roque> <20040101084347.205ee58e.ms-nospam-0306@arcor.de> Message-ID: <1072965609.24647.17.camel@miles.debisschop.net> On Thu, 2004-01-01 at 02:43, Michael Schwendt wrote: > On Wed, 31 Dec 2003 17:24:23 +0000, Rui Miguel Seabra wrote: > > > > On Wed, 31 Dec 2003 02:42:28 -1000, Warren Togami wrote: > > > > Proposal > > > > ======== > > > > rpm-4.2.2 in rawhide and all future versions should discourage the use > > > > of rpmbuild --sign. Perhaps this can be done effectively by adding a > > > > large and annoying warning message and 15 second delay. Or disable it > > > > completely. I don't care how, just discouragement should be done. > > Also think about developers who build rpms of their own software. They > wouldn't like an "annoying warning message and a 15 second delay". You might get nearly the same effectiveness over the long-term if you just put the message as the first and last thing output by rpmbuild, that way people building interactively will see the note and URL when the build finishes, and people running automated builds will see the same in their log file when they first bring it up in less or view or whatever. In the long run, I think you can count on most developers to try to do the right thing if they are told what it is, and to read their build logs. Maybe not immediately, but why be annoying about it right from the start? -- Karl DeBisschop From tony at tgds.net Thu Jan 1 17:30:49 2004 From: tony at tgds.net (Tony Grant) Date: Thu, 01 Jan 2004 18:30:49 +0100 Subject: VIA EPIA-M + 2.6.0 + Fedora Core 1 In-Reply-To: <1072870496.4442.3.camel@localhost.localdomain> References: <20031229003027.GA4689@devserv.devel.redhat.com> <1072723814.4994.7.camel@localhost.localdomain> <20031229185454.GA14234@devserv.devel.redhat.com> <20031230044645.GA10472@devserv.devel.redhat.com> <1072772027.4532.14.camel@localhost.localdomain> <20031230115455.GB18807@devserv.devel.redhat.com> <1072870496.4442.3.camel@localhost.localdomain> Message-ID: <1072978249.2128.13.camel@localhost.localdomain> Hello and happy New Year Fedora developpers! I spent the first day of the year installing a hand compiled 2.6.0 kernel on my VIA EPIA-M10000 based hush. I rolled my own because I wanted some VIA specific features. 1. I was burned by module loading. How do I get modules to load? By modifying /etc/rc.sysinit? At the moment I am loading sound and usb by hand... The system is still trying to load HID at boot - where is it reading that from? I have all the new module tools and converted etc. etc. Modules are a mess and the man pages are of no help until they are updated. 2. Alan, your via_drv.o is working just fine but of course I no longer have DRI because the via.o kernel module is no more. Xine runs - plays sound but no image of course until I get via + v4l sorted, it does not crash on exit which is nice. Speed of this kernel on a desktop is as advertised! Learning my way around. cheers Tony Grant -- www.tgds.net Library management software toolkit From alan at redhat.com Thu Jan 1 17:53:31 2004 From: alan at redhat.com (Alan Cox) Date: Thu, 1 Jan 2004 12:53:31 -0500 Subject: VIA EPIA-M + 2.6.0 + Fedora Core 1 In-Reply-To: <1072978249.2128.13.camel@localhost.localdomain> References: <20031229003027.GA4689@devserv.devel.redhat.com> <1072723814.4994.7.camel@localhost.localdomain> <20031229185454.GA14234@devserv.devel.redhat.com> <20031230044645.GA10472@devserv.devel.redhat.com> <1072772027.4532.14.camel@localhost.localdomain> <20031230115455.GB18807@devserv.devel.redhat.com> <1072870496.4442.3.camel@localhost.localdomain> <1072978249.2128.13.camel@localhost.localdomain> Message-ID: <20040101175331.GA22960@devserv.devel.redhat.com> On Thu, Jan 01, 2004 at 06:30:49PM +0100, Tony Grant wrote: > 1. I was burned by module loading. How do I get modules to load? By > modifying /etc/rc.sysinit? At the moment I am loading sound and usb by > hand... The system is still trying to load HID at boot - where is it > reading that from? I have all the new module tools and converted etc. > etc. Modules are a mess and the man pages are of no help until they are > updated. You need the new module utils. Those include a conversion script. > 2. Alan, your via_drv.o is working just fine but of course I no longer > have DRI because the via.o kernel module is no more. Xine runs - plays > sound but no image of course until I get via + v4l sorted, it does not > crash on exit which is nice. 2.6.0 + the open source dri/via/* bits from the 2.4.22-ac tree should run with the VIA libGL/via_dri.so. Ivor Hewitt (www.ivor.it) has patches for the v4l module the old via stuff uses to replace their binary only bits too, although again I don't think its been 2.6 ported just yet. For the pure open source setup the bits of note missing are the mpeg support (it has Xv but not the slice engine for the VIAxine) and the DRI. I have 3D beginning to work now but some real problems left with fallbacks and locking to debug yet Alan From buildsys at redhat.com Thu Jan 1 18:18:15 2004 From: buildsys at redhat.com (Build System) Date: Thu, 1 Jan 2004 13:18:15 -0500 Subject: rawhide report: 20040101 changes Message-ID: <200401011818.i01IIFQ11526@porkchop.devel.redhat.com> Updated Packages: rpmdb-fedora-1.90-0.20040101 ---------------------------- From tony at tgds.net Thu Jan 1 18:33:48 2004 From: tony at tgds.net (Tony Grant) Date: Thu, 01 Jan 2004 19:33:48 +0100 Subject: VIA EPIA-M + 2.6.0 + Fedora Core 1 In-Reply-To: <20040101175331.GA22960@devserv.devel.redhat.com> References: <20031229003027.GA4689@devserv.devel.redhat.com> <1072723814.4994.7.camel@localhost.localdomain> <20031229185454.GA14234@devserv.devel.redhat.com> <20031230044645.GA10472@devserv.devel.redhat.com> <1072772027.4532.14.camel@localhost.localdomain> <20031230115455.GB18807@devserv.devel.redhat.com> <1072870496.4442.3.camel@localhost.localdomain> <1072978249.2128.13.camel@localhost.localdomain> <20040101175331.GA22960@devserv.devel.redhat.com> Message-ID: <1072982027.1793.7.camel@localhost.localdomain> Le jeu 01/01/2004 ? 18:53, Alan Cox a ?crit : > On Thu, Jan 01, 2004 at 06:30:49PM +0100, Tony Grant wrote: > > 1. I was burned by module loading. How do I get modules to load? By > > modifying /etc/rc.sysinit? At the moment I am loading sound and usb by > > hand... The system is still trying to load HID at boot - where is it > > reading that from? I have all the new module tools and converted etc. > > etc. Modules are a mess and the man pages are of no help until they are > > updated. > > You need the new module utils. Those include a conversion script. Like the module-init-tools-3.0-pre3 I have installed? =;-p The conversion isn't plug'n play and isn't very well documented for Fedora and we lower beings Sir! At boot Fedora tries to load viaudiocombo which is long gone an replaced by alsa. Methinks it is reading the wrong file someplace... Cheers Tony Grant -- www.tgds.net Library management software toolkit From hp at redhat.com Thu Jan 1 20:06:34 2004 From: hp at redhat.com (Havoc Pennington) Date: Thu, 01 Jan 2004 15:06:34 -0500 Subject: Cleaning up "Preferred Applications" & Desktop Consistency In-Reply-To: References: <3FE984B0.6050906@togami.com> <1072366696.16424.20.camel@localhost.localdomain> Message-ID: <1072987594.6223.9.camel@localhost.localdomain> On Wed, 2003-12-31 at 02:01, Jonathan Blandford wrote: > We've gone back and forth on this on the GNOME/freedesktop lists, and > the consensus is that things like preferred applications really isn't > part of the MIME system. In deciding that, did you come to some decision on how preferred applications should be done? If you have an HTML file, do you use the text/html association or the preferred web browser? If changing my preferred web browser, does the text/html association also get updated? Havoc From k_wayne at linuxpower.org Thu Jan 1 23:45:45 2004 From: k_wayne at linuxpower.org (Wayne Schuller) Date: Fri, 02 Jan 2004 10:45:45 +1100 Subject: some suggestions for xmms plugins Message-ID: <1073000744.2683.5.camel@toottoot> hi, There are a number of good xmms input plugins which I would like to suggest for FC2. They are xmms-flac (available at freshrpms) and xmms-speex (http://jzb.rapanden.dk/projects/speex-xmms) These would allows FC users to use good patent-happy compression techniques out of the box. flac is an excellent lossless compression. speex is an excellent speech compression. It is useful to have the xmms plugin for conferences that store their talks in this format. both plugins (and their source libraries) are available as free software. I have been using both and they are very stable. thanks, wayne -- Wayne Schuller From warren at togami.com Fri Jan 2 00:37:30 2004 From: warren at togami.com (Warren Togami) Date: Thu, 01 Jan 2004 14:37:30 -1000 Subject: some suggestions for xmms plugins In-Reply-To: <1073000744.2683.5.camel@toottoot> References: <1073000744.2683.5.camel@toottoot> Message-ID: <3FF4BD4A.30402@togami.com> Wayne Schuller wrote: > hi, > > There are a number of good xmms input plugins which I would like to > suggest for FC2. > > They are xmms-flac (available at freshrpms) and > xmms-speex (http://jzb.rapanden.dk/projects/speex-xmms) > > These would allows FC users to use good patent-happy compression > techniques out of the box. > > flac is an excellent lossless compression. > speex is an excellent speech compression. It is useful to have the xmms > plugin for conferences that store their talks in this format. > > both plugins (and their source libraries) are available as free > software. I have been using both and they are very stable. > > thanks, > wayne xmms-flac and flac are already at fedora.us. speex is at fedora.us, but I'm not sure about xmms-speex. fedora.us is the staging area for the official Fedora Extras. Warren From de_lupus at pandora.be Fri Jan 2 01:17:52 2004 From: de_lupus at pandora.be (Kristof vansant) Date: Fri, 02 Jan 2004 02:17:52 +0100 Subject: some suggestions for xmms plugins In-Reply-To: <1073000744.2683.5.camel@toottoot> References: <1073000744.2683.5.camel@toottoot> Message-ID: <1073006272.4749.0.camel@D5E03D68.kabel.telenet.be> I would like to see xmms use gstreamer. Op vr 02-01-2004, om 00:45 schreef Wayne Schuller: > hi, > > There are a number of good xmms input plugins which I would like to > suggest for FC2. > > They are xmms-flac (available at freshrpms) and > xmms-speex (http://jzb.rapanden.dk/projects/speex-xmms) > > These would allows FC users to use good patent-happy compression > techniques out of the box. > > flac is an excellent lossless compression. > speex is an excellent speech compression. It is useful to have the xmms > plugin for conferences that store their talks in this format. > > both plugins (and their source libraries) are available as free > software. I have been using both and they are very stable. > > thanks, > wayne From toshio at tiki-lounge.com Fri Jan 2 01:47:08 2004 From: toshio at tiki-lounge.com (Toshio) Date: Thu, 01 Jan 2004 20:47:08 -0500 Subject: Proposal: Discourage rpmbuild --sign In-Reply-To: <20040101012511.GA21740@devserv.devel.redhat.com> References: <3FF2C434.50609@togami.com> <20031231164356.40165dbb.ms-nospam-0306@arcor.de> <1072891463.3232.10.camel@roque> <20031231190248.GA4339@linnie.riede.org> <1072898358.13206.5.camel@roque> <20031231203036.GC4339@linnie.riede.org> <3FF34741.2010801@togami.com> <20040101012511.GA21740@devserv.devel.redhat.com> Message-ID: <1073008026.19115.7.camel@Madison.badger.com> On Wed, 2003-12-31 at 20:25, Alan Cox wrote: > For FC2 the whole "root" thing is irrelevant. Something like a default configuration > to not build as root might be a good idea for FC1 but thats the past (and I'd do it > that way - a default config which told you what option to override it). > Does anyone have some links or thoughts on what user visible changes will occur under Fedora-SELinux for the following classes of people: 1) End Users 2) Packagers 3) System Administrators 4) Single user system admins/users (maybe kinda rolled in with 1 & 3) I've scanned a few FAQs and NSA papers now, but I get the impression that SELinux does not define policy, its a framework that allows the distributor/sys admin to define policy. What will our policies be? How will they affect our day to day operations? -Toshio -- Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From sheep at graze.net Fri Jan 2 02:12:48 2004 From: sheep at graze.net (Brian C. Huffman) Date: Thu, 01 Jan 2004 21:12:48 -0500 Subject: 2.6 rawhide vs. arjanv Message-ID: <1073009568.4942.2.camel@oveja.graze.net> All, I'm almost positive that I've seen this posted...but I just spent about an hour trying to search the archives and can't seem to find the answer. What is the difference between the 2.6 kernel in rawhide and the kernel that arjanv keeps in http://people.redhat.com/arjanv? Thanks in advance! Brian From martin at lnuxpwrd.net Fri Jan 2 02:38:42 2004 From: martin at lnuxpwrd.net (Martin) Date: Thu, 01 Jan 2004 20:38:42 -0600 Subject: boot.iso not booting Message-ID: <1073011122.2212.11.camel@desktop> I'm trying to use the latest boot.iso in the Fedora Core development tree, and it's not getting very far in boot. I've tired it on 3 systems, 2 of which fail early in boot, though with a bit different messages. the Sony Vaio Z1RA dies very shortly after uncompressing the kernel with this call trace: inode_alloc_security alloc_inode init_file __pnp_bios_get_dev_node pnp_bios_get_dev_node build_devlist pnpbios_init do_initcalls init_workqueues init init kernel_thread_helper Code: Bad EIP value any ideas? martin From behdad at cs.toronto.edu Fri Jan 2 03:00:29 2004 From: behdad at cs.toronto.edu (Behdad Esfahbod) Date: Thu, 1 Jan 2004 22:00:29 -0500 Subject: boot.iso not booting In-Reply-To: <1073011122.2212.11.camel@desktop> References: <1073011122.2212.11.camel@desktop> Message-ID: On Thu, 1 Jan 2004, Martin wrote: > I'm trying to use the latest boot.iso in the Fedora Core development > tree, and it's not getting very far in boot. I've tired it on 3 > systems, 2 of which fail early in boot, though with a bit different > messages. the Sony Vaio Z1RA dies very shortly after uncompressing > the kernel with this call trace: > > inode_alloc_security > alloc_inode > init_file > __pnp_bios_get_dev_node > pnp_bios_get_dev_node > build_devlist > pnpbios_init > do_initcalls > init_workqueues > init > init > kernel_thread_helper > > Code: Bad EIP value I get the exactly same error since a couple of weeks ago with 2.6 kernels from rawhide. It was all fine before that. behdad > any ideas? > > martin From scribusdocs at atlantictechsolutions.com Fri Jan 2 07:17:48 2004 From: scribusdocs at atlantictechsolutions.com (Peter Linnell) Date: Fri, 02 Jan 2004 02:17:48 -0500 Subject: Preliminary Introduction Message-ID: <1073027866.23903.142.camel@localhost.localdomain> Warren, >From our IRC chat... Full legal name: Peter Thomas Linnell 2. Country, City Harwich Port, MA 02646 3. Profession: Principal 4. Company - Atlantic Tech Solutions www.atlantictechsolutions.com 5. Your goals in the Fedora Project * Which packages do you want to see published? - Scribus and third party plug-ins which are in development, any relevant DTP packages which support Scribus i.e. lcms, GsView, pstoedit * Do you want to do QA? - Yes, can do. Have RH9 and Fedora-1 workstations. Familiar with fedora.us packages and use several of them regularly. Can't promise tons of time for QA, but will QA some packages I am familiar with. GIMP, Sodipodi, Inkscape * Anything else special? 6. Historical qualifications * What other projects have you worked on in the past? Scribus since April 2001. Note, I have met Scribus developer, Franz Schmid personally this summer. Source tarballs are created from private cvs, which is accessible only to 4 scribus developers. * Started OpenICC list on freedesktop.org for color management issues. * What computer languages and other skills do you know? intermediate skill with rpm, can build my own packages and spec files, professional DTP IT consultant * Why should we trust you? <-- too blunt? * Publicly Published in Linux Journal * http://linuxjournal.com/article.php?sid=7261 * http://linuxjournal.com/article.php?sid=7054 * Will make presentation at USENIX 2004 7. GPG KEYID and fingerprint * Be sure that your GPG key is uploaded to pgp.mit.edu. Use "gpg --keyserver pgp.mit.edu --send-key KEYID". - done * I revoked the earlier gpg key and created a new one with a good pass phrase I'll remember and upload it to pgp.mit.edu gpg --fingerprint /home/peter/.gnupg/pubring.gpg ------------------------------ pub 1024D/CC416E45 2003-11-05 P Linnell Key fingerprint = 6481 0EE5 720F C7F2 0E00 A308 9A7E 436F CC41 6E45 sub 1024g/745B2E0B 2003-11-05 pub 1024D/F60166DA 2004-01-02 Peter Linnell Key fingerprint = 5086 B8D6 8E70 FDDF 4C40 045A EF7B 95E7 F601 66DA sub 1024g/3AC2B09C 2004-01-02 [expires: 2005-01-01] [peter at localhost peter]$ Regards, Peter Linnell -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From tony at tgds.net Fri Jan 2 10:46:42 2004 From: tony at tgds.net (Tony Grant) Date: Fri, 02 Jan 2004 11:46:42 +0100 Subject: VIA EPIA-M + 2.6.0 + Fedora Core 1 In-Reply-To: <20040101175331.GA22960@devserv.devel.redhat.com> References: <20031229003027.GA4689@devserv.devel.redhat.com> <1072723814.4994.7.camel@localhost.localdomain> <20031229185454.GA14234@devserv.devel.redhat.com> <20031230044645.GA10472@devserv.devel.redhat.com> <1072772027.4532.14.camel@localhost.localdomain> <20031230115455.GB18807@devserv.devel.redhat.com> <1072870496.4442.3.camel@localhost.localdomain> <1072978249.2128.13.camel@localhost.localdomain> <20040101175331.GA22960@devserv.devel.redhat.com> Message-ID: <1073040401.1865.15.camel@localhost.localdomain> Le jeu 01/01/2004 ? 18:53, Alan Cox a ?crit : > On Thu, Jan 01, 2004 at 06:30:49PM +0100, Tony Grant wrote: > > 1. I was burned by module loading. How do I get modules to load? By > > modifying /etc/rc.sysinit? At the moment I am loading sound and usb by > > hand... The system is still trying to load HID at boot - where is it > > reading that from? I have all the new module tools and converted etc. > > etc. Modules are a mess and the man pages are of no help until they are > > updated. > > You need the new module utils. Those include a conversion script. I finally managed to get USB loading at boot on my hush Epia-M system. http://thomer.com/linux/migrate-to-2.6.html got me started but I had to change /proc/devices to /sys/devices in rc.sysinit. Don't ask me why... but USB is loading at boot now. Will now move on to getting Andrew Howlett and Ivor Hewitt stuff running. Cheers Tony Grant -- www.tgds.net Library management software toolkit From tony at tgds.net Fri Jan 2 11:05:06 2004 From: tony at tgds.net (Tony Grant) Date: Fri, 02 Jan 2004 12:05:06 +0100 Subject: VIA EPIA-M/KM-400 X driver In-Reply-To: <1072870496.4442.3.camel@localhost.localdomain> References: <20031229003027.GA4689@devserv.devel.redhat.com> <1072723814.4994.7.camel@localhost.localdomain> <20031229185454.GA14234@devserv.devel.redhat.com> <20031230044645.GA10472@devserv.devel.redhat.com> <1072772027.4532.14.camel@localhost.localdomain> <20031230115455.GB18807@devserv.devel.redhat.com> <1072870496.4442.3.camel@localhost.localdomain> Message-ID: <1073041506.1865.20.camel@localhost.localdomain> Update: Xine is now running with blue and red no green. So the image is a bit dark =:-D but xine is very well behaved. Tony Grant -- www.tgds.net Library management software toolkit From warren at togami.com Fri Jan 2 12:09:08 2004 From: warren at togami.com (Warren Togami) Date: Fri, 02 Jan 2004 02:09:08 -1000 Subject: fedora.us downtime preparation details In-Reply-To: <3FF52097.6070705@togami.com> References: <3FF52097.6070705@togami.com> Message-ID: <3FF55F64.6030103@togami.com> This post is a followup to this previous announcement: http://www.redhat.com/archives/fedora-list/2004-January/msg00160.html I have changed download.fedora.us to point to my colo server at togami.com. The repository is not anywhere done syncing now. Use a different mirror if you want uninterrupted service. http://www.fedora.us/wiki/FedoraMirrorList Complete mirror list http://mirrors.kernel.org/fedora.us/ Here is a really good mirror. I am attempting to have most of http://www.fedora.us and http://bugzilla.fedora.us moved too before the power goes out on Friday, but I may be unsuccessful. fedora.us mailing lists WILL BE DOWN until the power comes back, so fedora.us team please communicate on fedora-devel-list at redhat.com. fedora-legacy-list at redhat.com needs your help too. Now I sleep... Warren From buildsys at redhat.com Fri Jan 2 12:44:31 2004 From: buildsys at redhat.com (Build System) Date: Fri, 2 Jan 2004 07:44:31 -0500 Subject: rawhide report: 20040102 changes Message-ID: <200401021244.i02CiVP12164@porkchop.devel.redhat.com> Updated Packages: kernel-2.6.0-1.23 ----------------- * Thu Jan 01 2004 Dave Jones - Update to 2.6.1rc1 - AMD64 update. rpmdb-fedora-1.90-0.20040102 ---------------------------- From pmatilai at welho.com Fri Jan 2 13:00:55 2004 From: pmatilai at welho.com (Panu Matilainen) Date: Fri, 2 Jan 2004 15:00:55 +0200 (EET) Subject: Proposal: rpm-4.2.2 should refuse to build as root In-Reply-To: <20031231151427.GA21645@devserv.devel.redhat.com> References: <3FF2C418.4070705@togami.com> <20031231151427.GA21645@devserv.devel.redhat.com> Message-ID: On Wed, 31 Dec 2003, Alan Cox wrote: > On Wed, Dec 31, 2003 at 05:09:39PM +0200, Panu Matilainen wrote: > > Building rpm's as root IS incredibly bad idea which should be discouraged. > > Even worse when no buildroot is used - once you've seen a package > > which (re)moves stuff in /usr/lib during build... > > And you think that building it non root then running it as root is any safer ? Of course not. But the way rpmbuild environment is set to /usr/src/redhat does very little to discourage users from building as root when there's no reason to do so. > > Also please remember FC2 goals include SELINUX so package building becomes > a role if anything You can make it into a role but I don't see much reason to do so: package building doesn't require any special privileges (Makefiles creating /dev entries etc not counting, those can be arranged by other means) - Panu - From k1n6w4r3z at softhome.net Fri Jan 2 13:48:54 2004 From: k1n6w4r3z at softhome.net (k1n6w4r3z) Date: Fri, 2 Jan 2004 14:48:54 +0100 Subject: install fedora on a powerbook g4 667 In-Reply-To: References: Message-ID: <20040102134854.4563@mail.bluewin.ch> Hi all I'm Francesco a new user of this list i'm an italian guy so i just say sorry for my terrible english I have a question... I want to install Fedora on my powerbook 667 16MB VRam, i searched around the internet but i found just the rpms but i couldn't find a bootable image to burn and to use to start my powerbook, the only think that i found is here: but i couldn't undestand how to use it. I'd like to have a bootable cd and use it to format my disk and then to install fedora! Can u help me??? TKS Fra From mike at flyn.org Fri Jan 2 17:06:04 2004 From: mike at flyn.org (W. Michael Petullo) Date: Fri, 2 Jan 2004 11:06:04 -0600 Subject: install fedora on a powerbook g4 667 In-Reply-To: <20040102134854.4563@mail.bluewin.ch> References: <20040102134854.4563@mail.bluewin.ch> Message-ID: <20040102170604.GB2826@imp.flyn.org> On Fri, Jan 02, 2004 at 02:48:54PM +0100, k1n6w4r3z wrote: > Hi all > I'm Francesco a new user of this list > i'm an italian guy so i just say sorry for my terrible english > I have a question... > I want to install Fedora on my powerbook 667 16MB VRam, i searched around > the internet but i found just the rpms but i couldn't find a bootable > image to burn and to use to start my powerbook, the only think that i > found is here: October/msg01034.html> > but i couldn't undestand how to use it. > I'd like to have a bootable cd and use it to format my disk and then to > install fedora! > Can u help me??? > TKS You will probably have to install something like YellowDog (which is also RPM-based) and then start replacing packages with those from the Fedora project. There are a few key packages missing from the PowerPC Fedora build which currently makes installing Fedora directly impossible. I bought YellowDog 3.1 and then installed Fedora development on top of it. This works nicely. -- Mike :wq From piller at visi.net Fri Jan 2 18:10:21 2004 From: piller at visi.net (Maurice F. Piller) Date: Fri, 02 Jan 2004 13:10:21 -0500 Subject: Fedora Core 2 Distribution Size Message-ID: Hi All, Fedora Core 1 came out with 3 iso installation images. Has the size of the Fedora Core 2 release been determined yet? I would like to see more of an emphasis on the "Core" part of the project, it would be nice if Fedora Core 2 could be released with just 1 or 2 installation CD images. The idea being to put most of the development effort into producing a robust "Core" and moving the extra stuff elsewhere (Extras CD, fedora.us, etc). Any interest in producing a live CD version a la Knoppix? Regards, Maurice Piller From k1n6w4r3z at softhome.net Fri Jan 2 18:20:21 2004 From: k1n6w4r3z at softhome.net (k1n6w4r3z) Date: Fri, 2 Jan 2004 19:20:21 +0100 Subject: install fedora on a powerbook g4 667 In-Reply-To: <20040102170604.GB2826@imp.flyn.org> References: <20040102170604.GB2826@imp.flyn.org> Message-ID: <20040102182021.23576@smtp.fastwebnet.it> >You will probably have to install something like YellowDog (which is >also RPM-based) and then start replacing packages with those from the >Fedora project. There are a few key packages missing from the PowerPC >Fedora build which currently makes installing Fedora directly impossible. > >I bought YellowDog 3.1 and then installed Fedora development on top of it. >This works nicely. Do you mean that i have to do a minimal installation of yellowdog then get all the rpms an do rpm -ivh --force --nodeps * in the folder that contains the fedora rpms? P.s. do u think that i can try to copy the first cd of yellowdog on my disk, replace yellowdog' s rpms with fedora' s one and then burn it back on a ccd or a dvd? Tks Fra From stevelist at silverorange.com Fri Jan 2 18:21:32 2004 From: stevelist at silverorange.com (Steven Garrity) Date: Fri, 02 Jan 2004 14:21:32 -0400 Subject: Fedora Core 2 Distribution Size In-Reply-To: References: Message-ID: <3FF5B6AC.2090004@silverorange.com> Maurice F. Piller wrote: >Hi All, >Fedora Core 1 came out with 3 iso installation images. Has the size of the >Fedora Core 2 release been determined yet? >I would like to see more of an emphasis on the "Core" part of the project, it >would be nice if Fedora Core 2 could be released with just 1 or 2 installation >CD images. There was talking of trimming the fat a while back. I'm not sure how feasible it would be, but consider this another voice asking to minimize the size. Two CDs instead of three would be a big improvement in convenience. Steven Garrity From katzj at redhat.com Fri Jan 2 18:50:17 2004 From: katzj at redhat.com (Jeremy Katz) Date: Fri, 02 Jan 2004 13:50:17 -0500 Subject: boot.iso not booting In-Reply-To: <1073011122.2212.11.camel@desktop> References: <1073011122.2212.11.camel@desktop> Message-ID: <1073069417.5688.98.camel@edoras.local.net> On Thu, 2004-01-01 at 21:38, Martin wrote: > I'm trying to use the latest boot.iso in the Fedora Core development > tree, and it's not getting very far in boot. I've tired it on 3 > systems, 2 of which fail early in boot, though with a bit different > messages. the Sony Vaio Z1RA dies very shortly after uncompressing > the kernel with this call trace: Does booting with 'linux pnpbios=off' help? If so, you can add dmidecode information to https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=112326 Cheers, Jeremy From jspaleta at princeton.edu Fri Jan 2 18:48:48 2004 From: jspaleta at princeton.edu (Jef Spaleta) Date: Fri, 02 Jan 2004 13:48:48 -0500 Subject: Fedora Core 2 Distribution Size Message-ID: <1073069328.4002.21.camel@goober.localdomain> Maurice F. Piller wrote: > I would like to see more of an emphasis on the "Core" part of the > project, it would be nice if Fedora Core 2 could be released with just > 1 or 2 installation CD images. I seriously doubt you could drop 650 Megs worth of packages out of Core without seriously pissing off a sizable part of the current userbase. I'm sure you could probably find some reasonable agreement about specific crufty redundant packages that 90%+ of the userbase don't care about...but thats not going to add up to a cd's worth of data. And frankly... until there is an official Fedora Extras/Alternatives up and running ANY disccussion about wholesale redistribution of the distribution is a bit premature. Want to work towards a more realistic goal? How about you gather up all the people who keep trying to stitch together the idea of making the concept of refining a 'minimal' install via a better organization of the comps file. That thread comes up again and again...and seems to go nowhere. I've still not seem a community submitted comps file show up on this list that I can test by rerolling iso images. > Any interest in producing a live CD version a la Knoppix? Yes there is interest....but the question of the usefulness of an official Fedora live cd is a question. An official fedora livecd MUST be made up of only official bits and pieces. No ntfs support for example. In fact, Dirk Westfal is already working on an un-official derivative livecd based on fedora: http://www.redhat.com/archives/fedora-devel-list/2003-December/msg00002.html Ive said this before...I'd personally rather see work on in-distro tools to help people create their own live cds based on fedora, then an official fedora livecd. I'm sure an official fedora livecd could be built, but frankly I really don't know what people would use it for, instead of using knoppix/gnoppix or Dirk's livecd. Considering the non-technical constraints fedora has to live under, an official fedora livecd couldn't have the same level of functionality out of the box that other livecds have (multimedia support and ntfs being the primary usage issues.) I'd rather see work on an easy to use tool, for people to create their own customized livecds from a master fedora install...that seems to me to be the best way to encourage usage and experimentation. -jef -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From katzj at redhat.com Fri Jan 2 18:50:56 2004 From: katzj at redhat.com (Jeremy Katz) Date: Fri, 02 Jan 2004 13:50:56 -0500 Subject: 2.6 rawhide vs. arjanv In-Reply-To: <1073009568.4942.2.camel@oveja.graze.net> References: <1073009568.4942.2.camel@oveja.graze.net> Message-ID: <1073069456.5688.100.camel@edoras.local.net> On Thu, 2004-01-01 at 21:12, Brian C. Huffman wrote: > I'm almost positive that I've seen this posted...but I just spent about > an hour trying to search the archives and can't seem to find the > answer. What is the difference between the 2.6 kernel in rawhide and > the kernel that arjanv keeps in http://people.redhat.com/arjanv? The main difference right now is that Arjan's kernel contains the 4G/4G patch while Dave's (the one in rawhide) does not. There are also some other configuration and related differences. Cheers, Jeremy From katzj at redhat.com Fri Jan 2 18:51:57 2004 From: katzj at redhat.com (Jeremy Katz) Date: Fri, 02 Jan 2004 13:51:57 -0500 Subject: LVM causes kernel 2.6.0 panic In-Reply-To: <200312311740.23067.thunderbirds@pandora.be> References: <200312311740.23067.thunderbirds@pandora.be> Message-ID: <1073069517.5688.103.camel@edoras.local.net> On Wed, 2003-12-31 at 11:40, Gregory Petit wrote: [snip] > I haven't posted it yet on bugzilla, because I'm not sure if I did it the good > way. I configured my hd with LVM, installed the Severn beta (so not core 1!) > and then I downloaded and installed that kernel rpm. > Was this the good way (if so, then I'll submit a bugreport), or did I also had > to install some other components that should let LVM works? You'll need newer mkinitrd, lvm2 tools and some other things to get LVM working with 2.6. And at present, the migration on a running system isn't handled cleanly. I should try to finish up my patch for that which I started a while ago. Cheers, Jeremy From laroche at redhat.com Fri Jan 2 18:55:40 2004 From: laroche at redhat.com (Florian La Roche) Date: Fri, 2 Jan 2004 19:55:40 +0100 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073069328.4002.21.camel@goober.localdomain> References: <1073069328.4002.21.camel@goober.localdomain> Message-ID: <20040102185540.GA12632@dudweiler.stuttgart.redhat.com> > http://www.redhat.com/archives/fedora-devel-list/2003-December/msg00002.html > > Ive said this before...I'd personally rather see work on in-distro tools > to help people create their own live cds based on fedora, then an > official fedora livecd. I'm sure an official fedora livecd could be > built, but frankly I really don't know what people would use it for, > instead of using knoppix/gnoppix or Dirk's livecd. Considering the > non-technical constraints fedora has to live under, an official fedora > livecd couldn't have the same level of functionality out of the box that > other livecds have (multimedia support and ntfs being the primary usage > issues.) I'd rather see work on an easy to use tool, for people to > create their own customized livecds from a master fedora install...that > seems to me to be the best way to encourage usage and experimentation. I would find such a live-cd very useful for many things. From hardware testing, beta testing new apps, etc. (And I don't see why this would be again a discussion point to add things Red Hat cannot put up for redistribution.) greetings, Florian La Roche From jonathana at cleanstick.org Fri Jan 2 18:56:40 2004 From: jonathana at cleanstick.org (Jon Atkinson) Date: Fri, 02 Jan 2004 18:56:40 +0000 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF5B6AC.2090004@silverorange.com> References: <3FF5B6AC.2090004@silverorange.com> Message-ID: <3FF5BEE8.6050704@cleanstick.org> I think that it's not so much the size of the distribution (the more software that is 'distribution certified' [included] the better, right?), but the way that software is arranged on the disc images. It would be nice to see the base system, kernel, X and gnome on the first disc, with KDE, OpenOffice etc on disc 2, other software on disc 3. This would eliminate a common problem I've had where I select my install options, and I have to download and burn the whole third disc ISO just so anaconda can fetch a single RPM from that disc. Very annoying, and a waste of bandwidth :-/ It would be nice, when Fedora has matured a little (FC3/4?) to see a higher level of support and promotion of the FTP install feature. I know anaconda does support FTP installs, but there is very little in the way of (obvious) documentation of this feature, and from what I've heard and personal experience it is a little flaky. I am an ex-Debian user and I liked the way I could burn a 50mb ISO and run the installer then fetch packages from a local mirror. I know not everyone has DSL access, but a large and growing number of people do, and I think it may soon be time to rethink the ISO distribution model. I'd really like to hear what everyone thinks about this, it's been bugging me for a while now :-) --Jon Atkinson Steven Garrity wrote: > Maurice F. Piller wrote: > >Hi All, > >Fedora Core 1 came out with 3 iso installation images. Has the size > of the > >Fedora Core 2 release been determined yet? > >I would like to see more of an emphasis on the "Core" part of the > project, it > >would be nice if Fedora Core 2 could be released with just 1 or 2 > installation > >CD images. > > There was talking of trimming the fat a while back. I'm not sure how > feasible it would be, but consider this another voice asking to minimize > the size. Two CDs instead of three would be a big improvement in > convenience. > > Steven Garrity > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list From jos at xos.nl Fri Jan 2 19:01:51 2004 From: jos at xos.nl (Jos Vos) Date: Fri, 2 Jan 2004 20:01:51 +0100 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF5BEE8.6050704@cleanstick.org>; from jonathana@cleanstick.org on Fri, Jan 02, 2004 at 06:56:40PM +0000 References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> Message-ID: <20040102200151.A20952@xos037.xos.nl> On Fri, Jan 02, 2004 at 06:56:40PM +0000, Jon Atkinson wrote: > I think that it's not so much the size of the distribution (the more > software that is 'distribution certified' [included] the better, > right?), but the way that software is arranged on the disc images. It > would be nice to see the base system, kernel, X and gnome on the first > disc, with KDE, OpenOffice etc on disc 2, other software on disc 3. The way the software is distributed among the CD images is directly related to rpm dependencies and the calculated package install order, so that can't be easily changed in the way you suggest, without major impact on installer etc. -- -- Jos Vos -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204 From jspaleta at princeton.edu Fri Jan 2 19:15:03 2004 From: jspaleta at princeton.edu (Jef Spaleta) Date: Fri, 02 Jan 2004 14:15:03 -0500 Subject: Fedora Core 2 Distribution Size Message-ID: <1073070902.4002.39.camel@goober.localdomain> Florian La Roche wrote: > I would find such a live-cd very useful for many things. From hardware > testing, beta testing new apps, etc. > (And I don't see why this would be again a discussion point to add things > Red Hat cannot put up for redistribution.) I cringe at the thought...of an official live cd meant for beta testing of specific applications. Dear god, fedora would have to re-roll a new livecd image EVERY DAY during the beta testing phase...so you could download a new livecd image EVERY DAY to incoporate the new package updates that come out EVERY DAY. Dear god! that would complicate the beta testing matrix a great deal. Are you seriously saying that you'd burn a new livecd image EVERY day, in order to beta test applications? What a horrible horrible idea. It might SEEM like it would make testing easier for the tester...but I can't see it doing anything but complicating the process of actually dealing with bug reports. A livecd SOLELY for the purpose of testing...seems ill-fated a reason to have a livecd. considering the fact that a livecd image is bound to have its own bugs and errors that might not be in a normal install...seems a bit circular to say the purpose of the official livecd is to test the livecd. -jef -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jspaleta at princeton.edu Fri Jan 2 19:29:27 2004 From: jspaleta at princeton.edu (Jef Spaleta) Date: Fri, 02 Jan 2004 14:29:27 -0500 Subject: Fedora Core 2 Distribution Size Message-ID: <1073071767.4002.54.camel@goober.localdomain> Jon Atkinson wrote: > It would be nice, when Fedora has matured a little (FC3/4?) to see a > higher level of support and promotion of the FTP install feature. I > know anaconda does support FTP installs, but there is very little in > the way of (obvious) documentation of this feature, and from what I've > heard and personal experience it is a little flaky. I am an ex-Debian > user and I liked the way I could burn a 50mb ISO and run the > installer then fetch packages from a local mirror. boot.iso image exists. Anaconda supports ftp, http, nfs installs...and as for obvious documentation....fedora core still doesn't have an install guide at all...so there is no 'obvious' documentation on a number of significant install issues. Though the rhl9 install guide covers most of them adequately. Feel free to get involved in the Fedora Documentation Project. http://fedora.redhat.com/projects/docs/ Other than having an install guide for people to ignore...im not sure what else you have in mind in terms of 'obvius' documentation. Personal experience...and things you have heard...are anecdotal. My ftp and http installs work..swimmingly. Shall I assume it works perfectly for everyone else...nope. But saying your problems and the problems you heard about are specifically issues with anaconda is a bit naive. Pointing out bugreports in bugzilla on the issue, is marginally less naive. -jef"off to do an ftp install using boot.iso right now"spaleta -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From skvidal at phy.duke.edu Fri Jan 2 19:37:20 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 02 Jan 2004 14:37:20 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073071767.4002.54.camel@goober.localdomain> References: <1073071767.4002.54.camel@goober.localdomain> Message-ID: <1073072239.23177.9.camel@opus> > Personal experience...and things you have heard...are anecdotal. My ftp > and http installs work..swimmingly. Shall I assume it works perfectly > for everyone else...nope. But saying your problems and the problems you > heard about are specifically issues with anaconda is a bit naive. > Pointing out bugreports in bugzilla on the issue, is marginally less > naive. > > -jef"off to do an ftp install using boot.iso right now"spaleta I'd like to encourage everyone to NOT use ftp. Use http. It's better for servers, it tends to be more performant, it tunnels more nicely and historically has been less of a security wreck than ftp. Seriously, you should actually get better performance out of MANY of the good http servers. ftp is heavier, it eats up more processes and responds less well, frequently. -sv From alan at redhat.com Fri Jan 2 19:38:20 2004 From: alan at redhat.com (Alan Cox) Date: Fri, 2 Jan 2004 14:38:20 -0500 Subject: boot.iso not booting In-Reply-To: <1073069417.5688.98.camel@edoras.local.net> References: <1073011122.2212.11.camel@desktop> <1073069417.5688.98.camel@edoras.local.net> Message-ID: <20040102193820.GA954@devserv.devel.redhat.com> On Fri, Jan 02, 2004 at 01:50:17PM -0500, Jeremy Katz wrote: > On Thu, 2004-01-01 at 21:38, Martin wrote: > > I'm trying to use the latest boot.iso in the Fedora Core development > > tree, and it's not getting very far in boot. I've tired it on 3 > > systems, 2 of which fail early in boot, though with a bit different > > messages. the Sony Vaio Z1RA dies very shortly after uncompressing > > the kernel with this call trace: > > Does booting with 'linux pnpbios=off' help? If so, you can add > dmidecode information to > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=112326 There's a fix in the kernel bugzilla for a load of 2.6 pnpbios explosions btw From arvindn at meenakshi.cs.iitm.ernet.in Fri Jan 2 19:16:35 2004 From: arvindn at meenakshi.cs.iitm.ernet.in (Arvind Narayanan) Date: Sat, 3 Jan 2004 00:46:35 +0530 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF5BEE8.6050704@cleanstick.org>; from jonathana@cleanstick.org on Fri, Jan 02, 2004 at 06:56:40PM +0000 References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> Message-ID: <20040103004635.A19719@meenakshi.cs.iitm.ernet.in> On Fri, Jan 02, 2004 at 06:56:40PM +0000, Jon Atkinson wrote: > I think that it's not so much the size of the distribution (the more > software that is 'distribution certified' [included] the better, > right?), but the way that software is arranged on the disc images. It > would be nice to see the base system, kernel, X and gnome on the first > disc, with KDE, OpenOffice etc on disc 2, other software on disc 3. This would be a good idea. > [snip] > It would be nice, when Fedora has matured a little (FC3/4?) to see a > higher level of support and promotion of the FTP install feature. I know > anaconda does support FTP installs, but there is very little in the way > of (obvious) documentation of this feature, and from what I've heard and > personal experience it is a little flaky. I am an ex-Debian user and I > liked the way I could burn a 50mb ISO and run the installer then fetch > packages from a local mirror. I know not everyone has DSL access, but a > large and growing number of people do, and I think it may soon be time > to rethink the ISO distribution model. > > I'd really like to hear what everyone thinks about this, it's been > bugging me for a while now :-) FWIW: I've found no inconvenience with the current installation procedure. I just finished upgrading a lab of about 10 machines to FC1; I installed from images on disk. It wasn't messy like a CD installation. Very fast, smooth and painless. I like the fact that I don't need to make any choices. I would prefer to download the whole thing at once rather than having a 2 stage bootstrapping procedure. Cheers, Arvind -- Its all GNU to me From katzj at redhat.com Fri Jan 2 19:42:35 2004 From: katzj at redhat.com (Jeremy Katz) Date: Fri, 02 Jan 2004 14:42:35 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF5BEE8.6050704@cleanstick.org> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> Message-ID: <1073072555.5688.110.camel@edoras.local.net> On Fri, 2004-01-02 at 13:56, Jon Atkinson wrote: > It would be nice, when Fedora has matured a little (FC3/4?) to see a > higher level of support and promotion of the FTP install feature. I know > anaconda does support FTP installs, but there is very little in the way > of (obvious) documentation of this feature, and from what I've heard and > personal experience it is a little flaky. I am an ex-Debian user and I > liked the way I could burn a 50mb ISO and run the installer then fetch > packages from a local mirror. I know not everyone has DSL access, but a > large and growing number of people do, and I think it may soon be time > to rethink the ISO distribution model. As of Fedora Core 1, the FTP install should be just as nice as every other install method as you can do graphical FTP installs (assuming a certain minimal amount of RAM so that we can pull the entire second stage down or using the rescue cd image to start your install). As Jef said, there's not much in the way of docs of anything, but I don't see how you can get more prominent mention than having it listed on the install type screen with everything else :) If you've had specific problems, *please* report them in bugzilla. I am not at all a mind reader and I can't fix things unless they're reported. As far as future stuff, I think that HTTP is actually far more relevant than HTTP, but since the installer code is virtually identical for the two, that's irrelevant. I'd like to get to where we can have a simple mirror list available and you can get sort of a "choose your mirror" sort of things for where to do your install from, but I'm not sure that's going to happen in the timeframe for FC2. Especially as the time is dwindling for making large installer changes (I tend to try to stop those by the first test release so that sane testing can be achieved) Cheers, Jeremy From skvidal at phy.duke.edu Fri Jan 2 19:43:09 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 02 Jan 2004 14:43:09 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073072555.5688.110.camel@edoras.local.net> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> Message-ID: <1073072589.23177.11.camel@opus> > As far as future stuff, I think that HTTP is actually far more relevant > than HTTP, but since the installer code is virtually identical for the > two, that's irrelevant. I think what jeremy meant was: "I think that HTTP is actually far more relevant than FTP, but since the installer code is virtually identical for the two, that's irrelevant" -sv From notting at redhat.com Fri Jan 2 19:50:44 2004 From: notting at redhat.com (Bill Nottingham) Date: Fri, 2 Jan 2004 14:50:44 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: References: Message-ID: <20040102195044.GA30608@devserv.devel.redhat.com> Maurice F. Piller (piller at visi.net) said: > Fedora Core 1 came out with 3 iso installation images. Has the size of the > Fedora Core 2 release been determined yet? No, but it's presumably similar. > I would like to see more of an emphasis on the "Core" part of the project, it > would be nice if Fedora Core 2 could be released with just 1 or 2 installation > CD images. Until Fedora Extras really gets going, there's not really *that* much stuff that can be moved out. It's certainly possible to do a 2-CD binary distribution (I've done it), but you're trimming more than just fat. Basically, all the really crufty stuff is also the small stuff. The easiest way to trim the most space is to remove a desktop, by far. But I don't think that's very practical for Core right now. More people want more desktops rather than less. :) Bill From Nigel.Metheringham at dev.intechnology.co.uk Fri Jan 2 20:19:21 2004 From: Nigel.Metheringham at dev.intechnology.co.uk (Nigel Metheringham) Date: Fri, 02 Jan 2004 20:19:21 +0000 Subject: Proposal: rpm-4.2.2 should refuse to build as root In-Reply-To: <20031231153629.GU1277@linnie.riede.org> References: <3FF2C418.4070705@togami.com> <20031231153629.GU1277@linnie.riede.org> Message-ID: <1073074760.10378.2.camel@carrot.localnet> On Wed, 2003-12-31 at 15:36, Willem Riede wrote: > On 2003.12.31 10:09, Panu Matilainen wrote: > > Building rpm's as root IS incredibly bad idea which should be discouraged. > > Even worse when no buildroot is used - once you've seen a package > > which (re)moves stuff in /usr/lib during build... > > True. But, the spirit of *nix is "Here's a rope. Now, you can do useful things > with it, or you can hang yourself with it. Up to you." So make it by default refuse to build (or otherwise deal with SRPMS) as root, but have an override option or macro to allow it. I assume that the dev (as in /dev) packages etc build as non-root - long ago (I'm probably talking RH6.x or previous) you needed root to build these. Nigel. -- Nigel Metheringham From laroche at redhat.com Fri Jan 2 20:57:23 2004 From: laroche at redhat.com (Florian La Roche) Date: Fri, 2 Jan 2004 21:57:23 +0100 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073070902.4002.39.camel@goober.localdomain> References: <1073070902.4002.39.camel@goober.localdomain> Message-ID: <20040102205723.GA13692@dudweiler.stuttgart.redhat.com> > I cringe at the thought...of an official live cd meant for beta testing > of specific applications. Dear god, fedora would have to re-roll a new > livecd image EVERY DAY during the beta testing phase...so you could > download a new livecd image EVERY DAY to incoporate the new package > updates that come out EVERY DAY. Dear god! that would complicate the Kernel tests run out of a live-cd might be good to test machines that don't even have the beta installed. greetings, Florian La Roche From cornette at insight.rr.com Fri Jan 2 23:41:15 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Fri, 02 Jan 2004 18:41:15 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073072555.5688.110.camel@edoras.local.net> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> Message-ID: <3FF6019B.9000000@insight.rr.com> Jeremy Katz wrote: >On Fri, 2004-01-02 at 13:56, Jon Atkinson wrote: > > >>It would be nice, when Fedora has matured a little (FC3/4?) to see a >>higher level of support and promotion of the FTP install feature. I know >>anaconda does support FTP installs, but there is very little in the way >>of (obvious) documentation of this feature, and from what I've heard and >>personal experience it is a little flaky. I am an ex-Debian user and I >>liked the way I could burn a 50mb ISO and run the installer then fetch >>packages from a local mirror. I know not everyone has DSL access, but a >>large and growing number of people do, and I think it may soon be time >>to rethink the ISO distribution model. >> >> > > > I've done the floppy install (series of 4 floppies) of Debian before. I liked the network install, though Debian didn't meet my particular needs. I also downloaded and burned a whole series of CDROMs and it only used the first CD. (A big waste, but a learning experience). I think that their other concept of selecting desired programs that then create your customized installations is a good approach, if dependencies could be met through the selector. It might serve Fedora to have such a capability, though it sounds like it would be a nightmare to implement successfully. As far as Fedora's maturity level. I used RH since verson 5.2 (4.2 for some unix learning, but 5.2 for regular usage). I think that Fedora is the best level that I've ever seen it reach. It'll never mature, it is always growing, thus the 3 CDs needed for the later installations. >As of Fedora Core 1, the FTP install should be just as nice as every >other install method as you can do graphical FTP installs (assuming a >certain minimal amount of RAM so that we can pull the entire second >stage down or using the rescue cd image to start your install). As Jef >said, there's not much in the way of docs of anything, but I don't see >how you can get more prominent mention than having it listed on the >install type screen with everything else :) > > > Instead of the installation option being kind of hidden, it would be nice to see it available as a choice when the first disc booted up. Alternatively, a credit card model with just ftp / http installation starting might be a good idea. I heard mention of a boot.iso, so it must already exist and is or can be offered within the regular directory that contains the usual 6 discs. ( rpms, srpms) >If you've had specific problems, *please* report them in bugzilla. I am >not at all a mind reader and I can't fix things unless they're >reported. > >As far as future stuff, I think that HTTP is actually far more relevant >than HTTP, but since the installer code is virtually identical for the >two, that's irrelevant. I'd like to get to where we can have a simple >mirror list available and you can get sort of a "choose your mirror" >sort of things for where to do your install from, but I'm not sure >that's going to happen in the timeframe for FC2. Especially as the time >is dwindling for making large installer changes (I tend to try to stop >those by the first test release so that sane testing can be achieved) > > This sounds like a worthwhile enhancement. I'd most likely use these planned enhancements. As far as the distribution size. I was looking forward to a 4 gig DVD offering. I like the smaller sized programs and find them useful. I also like the more megabyte hungry programs that are currently offered. Thanks for the hard work set forth so far. I get bored with trying to learn how to program apps, but hope to eventually buckle down and start contributing fixes and such later. >Cheers, > >Jeremy > > Jim -- You will attract cultured and artistic people to your home. From mike at netlyncs.com Fri Jan 2 23:49:19 2004 From: mike at netlyncs.com (Mike Chambers) Date: Fri, 02 Jan 2004 17:49:19 -0600 Subject: Evolution 1.5 Message-ID: <1073087359.2097.7.camel@bart.netlyncs.com> Has Jeremy or anyone compiled/made an RPM for this version yet or is it still way buggy (I guess this is beta for 1.6?)? -- Mike Chambers Madisonville, KY "It's funny until someone gets hurt...then it's hilarious!" From heinlein at madboa.com Fri Jan 2 23:56:55 2004 From: heinlein at madboa.com (Paul Heinlein) Date: Fri, 2 Jan 2004 15:56:55 -0800 (PST) Subject: Evolution 1.5 In-Reply-To: <1073087359.2097.7.camel@bart.netlyncs.com> References: <1073087359.2097.7.camel@bart.netlyncs.com> Message-ID: On Fri, 2 Jan 2004, Mike Chambers wrote: > Has Jeremy or anyone compiled/made an RPM for this version yet or is > it still way buggy (I guess this is beta for 1.6?)? You'll find an rpm for 1.5.4 in the Fedora tree. At least, I found one there. -- Paul Heinlein From mike at netlyncs.com Sat Jan 3 00:01:47 2004 From: mike at netlyncs.com (Mike Chambers) Date: Fri, 02 Jan 2004 18:01:47 -0600 Subject: Evolution 1.5 In-Reply-To: References: <1073087359.2097.7.camel@bart.netlyncs.com> Message-ID: <1073088106.2097.9.camel@bart.netlyncs.com> On Fri, 2004-01-02 at 17:56, Paul Heinlein wrote: > You'll find an rpm for 1.5.4 in the Fedora tree. At least, I found one > there. What URL/directory is that and how is it holding up if you did install/upgrade to it? -- Mike Chambers Madisonville, KY "It's funny until someone gets hurt...then it's hilarious!" From heinlein at madboa.com Sat Jan 3 00:05:45 2004 From: heinlein at madboa.com (Paul Heinlein) Date: Fri, 2 Jan 2004 16:05:45 -0800 (PST) Subject: Evolution 1.5 In-Reply-To: <1073088106.2097.9.camel@bart.netlyncs.com> References: <1073087359.2097.7.camel@bart.netlyncs.com> <1073088106.2097.9.camel@bart.netlyncs.com> Message-ID: On Fri, 2 Jan 2004, Mike Chambers wrote: > On Fri, 2004-01-02 at 17:56, Paul Heinlein wrote: > > > You'll find an rpm for 1.5.4 in the Fedora tree. At least, I found one > > there. > > What URL/directory is that and how is it holding up if you did > install/upgrade to it? Oops. I apologize, Mike. I went all dyslexic on you. The rpm is for 1.4.5, not 1.5.4. My bad. -- Paul Heinlein From nutello at sweetness.com Sat Jan 3 00:12:52 2004 From: nutello at sweetness.com (Rudi Chiarito) Date: Sat, 3 Jan 2004 01:12:52 +0100 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073072239.23177.9.camel@opus> References: <1073071767.4002.54.camel@goober.localdomain> <1073072239.23177.9.camel@opus> Message-ID: <20040103001252.GD19580@server4.8080.it> On Fri, Jan 02, 2004 at 02:37:20PM -0500, seth vidal wrote: > I'd like to encourage everyone to NOT use ftp. Use http. It's better for > servers, it tends to be more performant, it tunnels more nicely and > historically has been less of a security wreck than ftp. I second the idea, HTTP works quite nicely. Are HTTP 1.1 pipelining or connection recycling two options worth considering? From what I recall, not only they weren't supported in RH9/FC1, Anaconda also performed a DNS lookup before attempting each and every package download - at least with kickstart installations. That might be addressed either by caching the IP manually in Anaconda or having nscd running during installation (overkill?). Reducing the number of connections to the web server can only make HTTP an even more palatable choice. Rudi From de_lupus at pandora.be Sat Jan 3 01:19:21 2004 From: de_lupus at pandora.be (Kristof vansant) Date: Sat, 03 Jan 2004 02:19:21 +0100 Subject: Patch for rc.sysinit to make usb keyb/mouse work on kernel 2.6 and 2.4 Message-ID: <1073092761.4167.2.camel@D5E03D2E.kabel.telenet.be> The patch should make it able to use usb mouse/keyb with kernel 2.4 and 2.6. You can find the patch here: http://freax.be/wiki/index.php/Fedora%20core%201%20with%20kernel%202.6-test Can someone test it plz PS: also added to patch that /proc/kallsyms is put in /var/log/ksyms Lupus (Kristof Vansant) From peterr at opensystems.net.au Sat Jan 3 01:53:46 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Sat, 3 Jan 2004 09:53:46 +0800 (WST) Subject: Fedora Core 2 Distribution Size In-Reply-To: <20040102195044.GA30608@devserv.devel.redhat.com> References: <20040102195044.GA30608@devserv.devel.redhat.com> Message-ID: <35216.203.161.104.72.1073094826.squirrel@www.opensystems.net.au> >> I would like to see more of an emphasis on the "Core" part of the project, it >> would be nice if Fedora Core 2 could be released with just 1 or 2 installation >> CD images. > > Until Fedora Extras really gets going, there's not really *that* much > stuff that can be moved out. It's certainly possible to do a 2-CD binary > distribution (I've done it), but you're trimming more than just fat. > Basically, all the really crufty stuff is also the small stuff. > > The easiest way to trim the most space is to remove a desktop, by > far. But I don't think that's very practical for Core right now. More > people want more desktops rather than less. :) Is it possible to put all the gnome stuff on 1 cd and all the kde stuff on another and say if you want a gnome only install download cd 1 and cd 2 if you want a kde only install download cd 1 and 3 if you want to mix and match download all three? I'm not sure what the package size split between the two desktops and other generic stuff. Or alternatively have it so a standard install (no selection of packages other than default) or maybe a desktop/woorkstation install only uses the first two disks so that people have the option of a third disk that has all the not so used packages on it such as possibly all the language packs, not used often services such a nis/news/etc I'm not sure how this would work with such things a dependancies etc for things like dicitionaries etc. It would also be nice to have an option in the installer for languages you want supported on a particular system. Sort of like these are the languages we support which do you want allowing easy removal during the install of things like Canna/FreeWnn/various language dictionaries etc. So you can do a full install just for English/Spanish/Whatever without getting the language stuff for other languages. Just my thoughts Peter Peter From tech at liderbug.com Sat Jan 3 04:42:41 2004 From: tech at liderbug.com (Cal) Date: Fri, 02 Jan 2004 21:42:41 -0700 Subject: Grub size problem Message-ID: <3FF64841.3060409@liderbug.com> I'm trying to create a boot floppy to switch between hda and sda. But it won't fit on a floppy and it seems to be the same problem when I try to put the boot loader on the HD also because when I reboot I get: GRUB GRUB GRUB (and it hangs). Advice pls...... Tks Chuck From peterr at opensystems.net.au Sat Jan 3 05:35:09 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Sat, 3 Jan 2004 13:35:09 +0800 (WST) Subject: 2.6 kernel on devel Message-ID: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> Hi All, I've been playing around with the current devel/rawhide on a spare build box I have lying around and have a few queries. In general quiet impressesed with it especially for an alpha stage distro. The box I have is a pretty generic PIII 800 coppermine with a aic7xxx SCSI card and disk, intel pro 100 nic and a radeon 7200 AGP video card. All work nicely. The couple of problems I've run into is support for a Stallion Multiport serial card. Are there any plans to compile the drivers for the not so standard multiport boards into the FC2 kernel? We have a large number of customers that still use systems with either stallion or specialix boards with terminals printers or modems attached for things ranging from faxing to dialup to pos systems that are either running on RHL or that other x86 unix that we're planning on moving to RHEL or Fedora (most cases will probably be fedora) that will needing these drivers and I'd prefer not to have to compile custom kernels. The other problem I seem to be having with this machine with the FC2 devel is that when I walk away from it for extended periods (over night) it suspends and doesn't seem to recover. The monitor has suspend on the LCD and I can't seem to wake it up. Its a reasonably oldish board and hence on boot the kernel states that due to bios age that ACPI is disabled. I'm not really sure how to go about testing this. Peter From notting at redhat.com Sat Jan 3 06:10:10 2004 From: notting at redhat.com (Bill Nottingham) Date: Sat, 3 Jan 2004 01:10:10 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <35216.203.161.104.72.1073094826.squirrel@www.opensystems.net.au> References: <20040102195044.GA30608@devserv.devel.redhat.com> <35216.203.161.104.72.1073094826.squirrel@www.opensystems.net.au> Message-ID: <20040103061009.GA25110@devserv.devel.redhat.com> Peter Robinson (peterr at opensystems.net.au) said: > Is it possible to put all the gnome stuff on 1 cd and all the kde stuff > on another No. What packages are on what CDs is done via dependency ordering. Bill From skvidal at phy.duke.edu Sat Jan 3 06:07:29 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Sat, 03 Jan 2004 01:07:29 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <20040103001252.GD19580@server4.8080.it> References: <1073071767.4002.54.camel@goober.localdomain> <1073072239.23177.9.camel@opus> <20040103001252.GD19580@server4.8080.it> Message-ID: <1073110049.25981.89.camel@binkley> > Are HTTP 1.1 pipelining or connection recycling two options worth > considering? From what I recall, not only they weren't supported in > RH9/FC1, Anaconda also performed a DNS lookup before attempting each and > every package download - at least with kickstart installations. That > might be addressed either by caching the IP manually in Anaconda or > having nscd running during installation (overkill?). I think it'd be cool if a lot of the installations tools could eventually use something like urlgrabber for getting pkgs, etc. http://linux.duke.edu/projects/mini/urlgrabber/ yum uses it now and some enhancements have been going on to it to make it prettier than it is now. It supports keepalives now and should be able to support byte-ranges and therefore regets which could be fairly handy. -sv From mikepery at fscked.org Sat Jan 3 07:36:23 2004 From: mikepery at fscked.org (Mike Perry) Date: Sat, 3 Jan 2004 01:36:23 -0600 Subject: dlopen fails for libpthread Message-ID: <20040103073623.GA23937@fscked.org> It seems as if I am unable to dlopen libpthread.so.0.. I'm running Fedora Core 1 with glibc-2.3.2-101.1 and gcc-3.3.2-1. Is this something I'm doing wrong? or is this a real bug? --- PASTE INTO SHELL --- cat > tmp.c << EOF #include #include int main() { void* handle = NULL; if ((handle = dlopen("/lib/libpthread.so.0", RTLD_LAZY)) == NULL) printf("Dlerror: %s\n", dlerror()); return 0; } EOF gcc tmp.c -o tmp -ldl ./tmp ------------ Output is: Dlerror: /lib/libpthread.so.0: symbol _errno, version GLIBC_2.0 not defined in file libc.so.6 with link time reference -- Mike Perry Mad Computer Scientist fscked.org evil labs From tony at tgds.net Sat Jan 3 08:28:25 2004 From: tony at tgds.net (Tony Grant) Date: Sat, 03 Jan 2004 09:28:25 +0100 Subject: Fedora Core 2 Distribution Size In-Reply-To: <20040103004635.A19719@meenakshi.cs.iitm.ernet.in> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <20040103004635.A19719@meenakshi.cs.iitm.ernet.in> Message-ID: <1073118504.1865.38.camel@localhost.localdomain> On Fri, Jan 02, 2004 at 06:56:40PM +0000, Jon Atkinson wrote: > > It would be nice, when Fedora has matured a little (FC3/4?) to see a > > higher level of support and promotion of the FTP install feature. I know > > anaconda does support FTP installs, but there is very little in the way > > of (obvious) documentation of this feature, and from what I've heard and > > personal experience it is a little flaky. I am an ex-Debian user and I > > liked the way I could burn a 50mb ISO and run the installer then fetch > > packages from a local mirror. I know not everyone has DSL access, but a > > large and growing number of people do, and I think it may soon be time > > to rethink the ISO distribution model. I started using FTP install about 4 years ago for the simple reason that I had a floppy drive and no CD on my Sony Vaio C1XD. I would download the Redhat ISOs to another machine on the network, mount the images and extract everything then do my FTP install from that machine. I discovered yum with Fedora and my current box was updated from Redhat 9 (FTP install from the Vaio BTW) via "yum upgrade". With 512/128 aDSL the install took about an hour and a half -> two hours. From memory FTP on the LAN takes about 45 minutes or about the same time as from CD-ROM. My objective is to upgrade several servers I run currently to Fedora Core, and I will probably use yum. Several machines I administer don't have a CD drive, they were installed over the LAN and I haven't had the need for one. I would rather see a base system and yum on a USB key rather than an ISO. My 0.02? Tony Grant -- www.tgds.net Library management software toolkit From tony at tgds.net Sat Jan 3 08:40:25 2004 From: tony at tgds.net (Tony Grant) Date: Sat, 03 Jan 2004 09:40:25 +0100 Subject: Patch for rc.sysinit to make usb keyb/mouse work on kernel 2.6 and 2.4 In-Reply-To: <1073092761.4167.2.camel@D5E03D2E.kabel.telenet.be> References: <1073092761.4167.2.camel@D5E03D2E.kabel.telenet.be> Message-ID: <1073119225.1865.45.camel@localhost.localdomain> Le sam 03/01/2004 ? 02:19, Kristof vansant a ?crit : > The patch should make it able to use usb mouse/keyb with kernel 2.4 and > 2.6. > > You can find the patch here: > > http://freax.be/wiki/index.php/Fedora%20core%201%20with%20kernel%202.6-test > > Can someone test it plz I have already done the mods by hand. I also had to change /proc/devices to /sys/devices. The good news is that with the 2.6.0 kernel USB keyboard works on boot so BIOS config is once again possible without USB -> PS/2 adaptor! Cheers Tony Grant -- www.tgds.net Library management software toolkit From alex.kiernan at thus.net Sat Jan 3 13:01:18 2004 From: alex.kiernan at thus.net (Alex Kiernan) Date: 03 Jan 2004 13:01:18 +0000 Subject: install fedora on a powerbook g4 667 In-Reply-To: <20040102182021.23576@smtp.fastwebnet.it> References: <20040102170604.GB2826@imp.flyn.org> <20040102182021.23576@smtp.fastwebnet.it> Message-ID: <81brplw5i9.fsf@alexk-laptop.eng.demon.net> k1n6w4r3z writes: > >You will probably have to install something like YellowDog (which is > >also RPM-based) and then start replacing packages with those from the > >Fedora project. There are a few key packages missing from the PowerPC > >Fedora build which currently makes installing Fedora directly impossible. > > > >I bought YellowDog 3.1 and then installed Fedora development on top of it. > >This works nicely. > > Do you mean that i have to do a minimal installation of yellowdog then > get all the rpms an do rpm -ivh --force --nodeps * in the folder that > contains the fedora rpms? My approach was YellowDog minimal install, then yum update (avoiding initscripts), then yum installing things as I needed them. I also used the yum and fedora-release from http://people.redhat.com/streeter/ to get me started. The only stuff I've had "out of the box" problems with are: * initscripts (which I think is because I hadn't kept my sysctl.conf, but I'm not about to try rebooting my box 'til I'm back in the office after Christmas/New Year!) * mozilla (core's on startup unless you apply the patch which marks things __may_alias__) - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111662 * binutils (which won't compile a 2.6 kernel) - I used the patch from http://sources.redhat.com/ml/binutils/2003-09/msg00381.html (though modified so it applied cleanly) * hfsutils and hfsplusutils (which are both missing from Fedora and won't compile out of the box on it) * mkinitrd (which needs ppc64-utils, which isn't in Fedora) - I just installed with --nodeps (until I get around to making ppc64-utils build me a replacement pmac-utils). I'm happy to put these patches up somewhere (or report them as bugs?). -- Alex Kiernan, Principal Engineer, Development, THUS plc From speedy at eu11.ziew.org Sat Jan 3 13:18:36 2004 From: speedy at eu11.ziew.org (robert j. wozny) Date: Sat, 03 Jan 2004 14:18:36 +0100 Subject: install fedora on a powerbook g4 667 In-Reply-To: <81brplw5i9.fsf@alexk-laptop.eng.demon.net> (Alex Kiernan's message of "03 Jan 2004 13:01:18 +0000") References: <20040102170604.GB2826@imp.flyn.org> <20040102182021.23576@smtp.fastwebnet.it> <81brplw5i9.fsf@alexk-laptop.eng.demon.net> Message-ID: Quoting Alex Kiernan : > * mozilla (core's on startup unless you apply the patch which marks > things __may_alias__) - > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111662 it also true on my sparc workstation, and maybe even on all !x86 -- r. From lowen at pari.edu Sat Jan 3 13:43:51 2004 From: lowen at pari.edu (Lamar Owen) Date: Sat, 3 Jan 2004 08:43:51 -0500 Subject: SELinux configuration (was:Re: Proposal: Discourage rpmbuild --sign) In-Reply-To: <20040101012511.GA21740@devserv.devel.redhat.com> References: <3FF2C434.50609@togami.com> <3FF34741.2010801@togami.com> <20040101012511.GA21740@devserv.devel.redhat.com> Message-ID: <200401030843.51351.lowen@pari.edu> On Wednesday 31 December 2003 08:25 pm, Alan Cox wrote: > Once SELinux is in the picture the rules change. You can set up the > buildroot for example with rules of the form > > Nothing but a trusted copy of rpm may alter the buildroot proper > The building task in the buildroot may not alter anything outside its > build tree The building task may not talk to the network > The building task may not run the trusted copy of rpm > The building task many not read anything outside the buildroot Since this topic has been breached, I'm kindof interested in what sort of configuration tools are going to be packaged to manage the SELinux stuff. This whole thing sounds very powerful, very flexible, and very complicated, from the learning curve point of view. This whole thing reminds me somewhat of a ZoneAlarm on steroids: being able to restrict network access on a per-task basis, while being a very small part of SELinux, reminds me of ZA's capability to restrict programmatic network access. That capability sounds very good and would be one I would use. But to make it work well good tools for manipulating this stuff, without making it too complicated (yet showing the power of the tool), will have to be written. A tool that quickly conveys the full power of SELinux, but yet is intuitive to use. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu From peterr at opensystems.net.au Sat Jan 3 14:33:12 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Sat, 3 Jan 2004 22:33:12 +0800 (WST) Subject: install fedora on a powerbook g4 667 In-Reply-To: References: <20040102170604.GB2826@imp.flyn.org><20040102182021.23576@smtp.fastweb net.it><81brplw5i9.fsf@alexk-laptop.eng.demon.net> Message-ID: <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> > Quoting Alex Kiernan : > >> * mozilla (core's on startup unless you apply the patch which marks >> things __may_alias__) - >> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111662 > > it also true on my sparc workstation, and maybe even on all !x86 What about the SRPM from RHEL3. RHEL3 supports the ppc/ppc64 arch and others so the srpm for mozilla and other packages for that matter should be available/buildable for ppc and other platforms as srpms from ftp.redhat.com Peter From alan at redhat.com Sat Jan 3 14:45:33 2004 From: alan at redhat.com (Alan Cox) Date: Sat, 3 Jan 2004 09:45:33 -0500 Subject: 2.6 kernel on devel In-Reply-To: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> Message-ID: <20040103144533.GA32221@devserv.devel.redhat.com> On Sat, Jan 03, 2004 at 01:35:09PM +0800, Peter Robinson wrote: > The couple of problems I've run into is support for a Stallion Multiport serial card. > Are there any plans to compile the drivers for the not so standard multiport boards > into the FC2 kernel? We have a large number of customers that still use systems with Most of the old old multiport card drivers have yet to be ported to 2.6 > seem to recover. The monitor has suspend on the LCD and I can't seem to wake it up. > Its a reasonably oldish board and hence on boot the kernel states that due to bios > age that ACPI is disabled. I'm not really sure how to go about testing this. Can you disable apm as well out of curiosity From alan at redhat.com Sat Jan 3 14:48:07 2004 From: alan at redhat.com (Alan Cox) Date: Sat, 3 Jan 2004 09:48:07 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <20040103061009.GA25110@devserv.devel.redhat.com> References: <20040102195044.GA30608@devserv.devel.redhat.com> <35216.203.161.104.72.1073094826.squirrel@www.opensystems.net.au> <20040103061009.GA25110@devserv.devel.redhat.com> Message-ID: <20040103144807.GB32221@devserv.devel.redhat.com> On Sat, Jan 03, 2004 at 01:10:10AM -0500, Bill Nottingham wrote: > > Is it possible to put all the gnome stuff on 1 cd and all the kde stuff > > on another > > No. What packages are on what CDs is done via dependency ordering. What happens if the package orderer attempts to put kde/koffice onto CD3 except where other rules require. Would that be sufficient to get the generic non kde "desktop" installs working on 2 CD images ? From erc.caldera at gmx.net Sat Jan 3 15:19:40 2004 From: erc.caldera at gmx.net (=?ISO-8859-9?Q?Er=E7in?= EKER) Date: Sat, 3 Jan 2004 17:19:40 +0200 Subject: Fedora Core 2 Distribution Size In-Reply-To: <20040103144807.GB32221@devserv.devel.redhat.com> References: <20040102195044.GA30608@devserv.devel.redhat.com> <35216.203.161.104.72.1073094826.squirrel@www.opensystems.net.au> <20040103061009.GA25110@devserv.devel.redhat.com> <20040103144807.GB32221@devserv.devel.redhat.com> Message-ID: <20040103171940.7e421d13.erc.caldera@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sat, 3 Jan 2004 09:48:07 -0500 tarihinde Alan Cox 'nin yazd?klar?: > What happens if the package orderer attempts to put kde/koffice onto > CD3 except where other rules require. Would that be sufficient to get > the generic non kde "desktop" installs working on 2 CD images ? i think place gnome and kde to the 3.cd will be better, so some one like me not wants heavy dekstops on their old boxes will be happy not to download/purchase all 3 cds :) - -- Er?in EKER UIN: 8216618 Jabber: ercineker at jabber.org Eh, that's it, I guess. No 300 million dollar unveiling event for this kernel, I'm afraid, but you're still supposed to think of this as the "happening of the century" (at least until the next kernel comes along). Oh, and this is another kernel in that great and venerable "BugFree(tm)" series of kernels. So be not afraid of bugs, but go out in the streets and deliver this message of joy to the masses. -- Linus Torvalds, on releasing 1.3.27 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQE/9t2M8+WsZkHV+24RAqdgAKCgA8P9lvqRMkZh1sQ/SpeSCgAPwACgoip6 NlgsWGOYzimy12jaZUmjxb0= =6ssw -----END PGP SIGNATURE----- From alex.kiernan at thus.net Sat Jan 3 15:37:46 2004 From: alex.kiernan at thus.net (Alex Kiernan) Date: 03 Jan 2004 15:37:46 +0000 Subject: install fedora on a powerbook g4 667 In-Reply-To: <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> References: <20040102170604.GB2826@imp.flyn.org> <20040102182021.23576@smtp.fastweb net.it> <81brplw5i9.fsf@alexk-laptop.eng.demon.net> <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> Message-ID: <813caxvy9h.fsf@alexk-laptop.eng.demon.net> "Peter Robinson" writes: > > Quoting Alex Kiernan : > > > >> * mozilla (core's on startup unless you apply the patch which marks > >>things __may_alias__) - > >>https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111662 > > it also true on my sparc workstation, and maybe even on all !x86 > > What about the SRPM from RHEL3. RHEL3 supports the ppc/ppc64 arch and > others so the srpm for mozilla and other packages for that matter > should be available/buildable for ppc and other platforms as srpms > from ftp.redhat.com > It'll likely do the same - its a bug in mozilla 1.4 which is shown up by gcc 3.3; RHEL3 uses gcc 3.2.3 so the problem won't show there. The details are in these two tickets: http://bugzilla.mozilla.org/show_bug.cgi?id=212082 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11376 -- Alex Kiernan, Principal Engineer, Development, THUS plc From czar at czarc.net Sat Jan 3 16:20:31 2004 From: czar at czarc.net (Gene C.) Date: Sat, 3 Jan 2004 11:20:31 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073072239.23177.9.camel@opus> References: <1073071767.4002.54.camel@goober.localdomain> <1073072239.23177.9.camel@opus> Message-ID: <200401031120.31079.czar@czarc.net> On Friday 02 January 2004 14:37, seth vidal wrote: > > Personal experience...and things you have heard...are anecdotal. My ftp > > and http installs work..swimmingly. Shall I assume it works perfectly > > for everyone else...nope. But saying your problems and the problems you > > heard about are specifically issues with anaconda is a bit naive. > > Pointing out bugreports in bugzilla on the issue, is marginally less > > naive. > > > > -jef"off to do an ftp install using boot.iso right now"spaleta > > I'd like to encourage everyone to NOT use ftp. Use http. It's better for > servers, it tends to be more performant, it tunnels more nicely and > historically has been less of a security wreck than ftp. > > Seriously, you should actually get better performance out of MANY of the > good http servers. > > ftp is heavier, it eats up more processes and responds less well, > frequently. In general, http is "encouraged" for downloading of updates and individual packages for FC (up2date also uses it). To me this makes lots of sense since the various proxy servers in the network can do a much better job of load balancing than running multiple ftp servers with rotating access via dns. However, I noticed that when the ISOs are downloaded, ftp is forced. Is there some reason for this. I would think that the same load balancing logic that applied for packages would also ally to the ISO images. -- Gene From skvidal at phy.duke.edu Sat Jan 3 16:20:06 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Sat, 03 Jan 2004 11:20:06 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <200401031120.31079.czar@czarc.net> References: <1073071767.4002.54.camel@goober.localdomain> <1073072239.23177.9.camel@opus> <200401031120.31079.czar@czarc.net> Message-ID: <1073146806.25981.95.camel@binkley> > In general, http is "encouraged" for downloading of updates and individual > packages for FC (up2date also uses it). To me this makes lots of sense since > the various proxy servers in the network can do a much better job of load > balancing than running multiple ftp servers with rotating access via dns. > > However, I noticed that when the ISOs are downloaded, ftp is forced. Is there > some reason for this. I would think that the same load balancing logic that > applied for packages would also ally to the ISO images. ftp is forced? forced from where? You can download the iso images from the duke mirror, for example, via http. -sv From hvdkooij at vanderkooij.org Sat Jan 3 16:28:57 2004 From: hvdkooij at vanderkooij.org (Hugo van der Kooij) Date: Sat, 3 Jan 2004 17:28:57 +0100 (CET) Subject: Ouch: Fedora Core 1 bug in anaconda Message-ID: Hi, I had some trouble with installing Fedora Core 1 on a machine. I just finished upgrading some others and went through partitioning and package selection the manual way (as usual). It then did bug me with python errors and aborted installation. I saved it to disk and it reads like: Traceback (most recent call last): File "/usr/lib/anaconda/gui.py", line 1047, in handleRenderCallback self.currentWindow.renderCallback() File "/usr/lib/anaconda/iw/progress_gui.py", line 242, in renderCallback self.intf.icw.nextClicked() File "/usr/lib/anaconda/gui.py", line 766, in nextClicked self.dispatch.gotoNext() File "/usr/lib/anaconda/dispatch.py", line 168, in gotoNext self.moveStep() File "/usr/lib/anaconda/dispatch.py", line 236, in moveStep rc = apply(func, self.bindArgs(args)) File "/usr/lib/anaconda/packages.py", line 656, in doPreInstall method.mergeFullHeaders(id.grpset.hdrlist) File "/usr/lib/anaconda/image.py", line 102, in mergeFullHeaders hdlist.mergeFullHeaders("%s/%s/base/hdlist2" % (self.tree, productPath)) File "/usr/lib/anaconda/hdrlist.py", line 333, in mergeFullHeaders rpm.mergeHeaderListFromFD(self.hdlist, fd, 1000004) IndexError: list index out of range If anyone wants a full copy of the fileanacdump.txt please let me know. Hugo. -- All email sent to me is bound to the rules described on my homepage. hvdkooij at vanderkooij.org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. From buildsys at redhat.com Sat Jan 3 17:22:06 2004 From: buildsys at redhat.com (Build System) Date: Sat, 3 Jan 2004 12:22:06 -0500 Subject: rawhide report: 20040103 changes Message-ID: <200401031722.i03HM6X03867@porkchop.devel.redhat.com> Updated Packages: httpd-2.0.48-4 -------------- * Thu Dec 18 2003 Joe Orton 2.0.48-4 - rebuild rpmdb-fedora-1.90-0.20040103 ---------------------------- system-config-printer-0.6.90-1 ------------------------------ * Fri Jan 02 2004 Tim Waugh 0.6.90-1 - Requires foomatic >= 3.0.0-1, for foomatic-ppdfile. - 0.6.90: - Use foomatic-ppdfile instead of foomatic-datafile, to avoid getting errors when using '-t ppd' (bug #112696). From katzj at redhat.com Sat Jan 3 17:30:25 2004 From: katzj at redhat.com (Jeremy Katz) Date: Sat, 03 Jan 2004 12:30:25 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF6019B.9000000@insight.rr.com> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> <3FF6019B.9000000@insight.rr.com> Message-ID: <1073151025.5688.119.camel@edoras.local.net> On Fri, 2004-01-02 at 18:41, Jim Cornette wrote: > Jeremy Katz wrote: > I've done the floppy install (series of 4 floppies) of Debian before. I > liked the network install, though Debian didn't meet my particular > needs. I also downloaded and burned a whole series of CDROMs and it only > used the first CD. (A big waste, but a learning experience). I think > that their other concept of selecting desired programs that then create > your customized installations is a good approach, if dependencies could > be met through the selector. > > It might serve Fedora to have such a capability, though it sounds like > it would be a nightmare to implement successfully. It's there. If you boot with the floppy image (boot.img + drvnet.img from the images/ directory), then you can do an ftp install with just 2 floppies instead of four :) > Instead of the installation option being kind of hidden, it would be > nice to see it available as a choice when the first disc booted up. > Alternatively, a credit card model with just ftp / http installation > starting might be a good idea. I heard mention of a boot.iso, so it must > already exist and is or can be offered within the regular directory that > contains the usual 6 discs. ( rpms, srpms) I don't see how this is hidden... If you boot with regular CDs, then the right thing to do is go ahead and use them because that's what the 99% case is going to want. You can bypass the autocd detection (boot with 'linux askmethod') -- all of this is in the syslinux help screens :/ boot.iso is located in the images/ directory and is an approximately 4 meg image that you can burn to CD and start an install with. Maybe putting it in the isos directory instead of just the tree would help raise the visibility here. Cheers, Jeremy From katzj at redhat.com Sat Jan 3 17:35:07 2004 From: katzj at redhat.com (Jeremy Katz) Date: Sat, 03 Jan 2004 12:35:07 -0500 Subject: Evolution 1.5 In-Reply-To: <1073087359.2097.7.camel@bart.netlyncs.com> References: <1073087359.2097.7.camel@bart.netlyncs.com> Message-ID: <1073151307.5688.123.camel@edoras.local.net> On Fri, 2004-01-02 at 18:49, Mike Chambers wrote: > Has Jeremy or anyone compiled/made an RPM for this version yet or is it > still way buggy (I guess this is beta for 1.6?)? I started running 1.5 CVS at work a few weeks ago... 1.5.0 was definitely not in a state that I really wanted to inflict on rawhide. 1.5.1 should be better, I'm just trying to find the time to sit down and start packaging it and testing it before throwing it at the world. Also, the schedule being up in the air until recently made me hold back a little as well. Putting in evolution 1.5 and then having the schedule be such that 2.0 had not chance of making it wasn't very appealing to me :) Cheers, Jeremy From dax at gurulabs.com Sat Jan 3 18:03:21 2004 From: dax at gurulabs.com (Dax Kelson) Date: Sat, 03 Jan 2004 11:03:21 -0700 Subject: [Fwd: [Openswan dev] ANNOUNCE: Openswan 1.0.0 Released] Message-ID: <1073153001.10221.50.camel@mentor.gurulabs.com> The Super FreeSWAN patch has morphed into a full blown project of it's own complete with road maps, mailing lists, CVS, and an IRC channel. It would be very nice to get Openswan v2.10 included with FC2. -----Forwarded Message----- > From: Ken Bantoft > To: users at lists.openswan.org, > Subject: [Openswan dev] ANNOUNCE: Openswan 1.0.0 Released > Date: Fri, 02 Jan 2004 20:00:44 -0500 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > We are pleased to announce the 1st release of Openswan, a formal fork of > the FreeS/WAN codebase, available through http://www.openswan.org > > Openswan 1.0.0 is based off the last beta of Super FreeS/WAN, and as such > includes features like X.509 Digital Certificate support, AES and other > ciphers, NAT Traversal, Dead Peer Detection (DPD), and adds XAUTH Server > support. > > The Short Frequently Asked Questions (FAQ): > > 1. Is it interoperable with FreeS/WAN & Super FreeS/WAN? > > Openswan is 100% interoperable with FreeS/WAN, SuperFreeS/WAN, and dozens > of other vendor implementations of the IPsec standards. > > 2. Does it work on Linux Kernel 2.6? > > The Openswan 1.x.x releases will runn on 2.0.x, 2.2.x and 2.4.x series > only. Our 2.x.x tree is in active development, and support the 2.6 > kernels. > > 3. What's happening to the future of Super FreeS/WAN? > > There will be no future development on Super FreeS/WAN - the lastest tree > was used to start Openswan 1.0.0 from. > > 4. Do my configs/scripts/tools need to be updated if I change to Openswan? > > Configuration + management are no different that FreeS/WAN, so config > files do not need to be updated to upgrade to Openswan. > > 5. Where do I get support? > > Available via IRC, Mailing lists, or commercially through Xelerance > Corporation. See http://www.openswan.org/support/ for links. > > 6. What's changed (Since the last release of Super FreeS/WAN)? > > Dead Peer Detection (DPD) fixes > X.509 v0.9.37 merge > 64bit cleanups for the port to ia64 (Thanks to HP for hardware) > CryptoAPI for kernel 2.4.23 fixes (JuanJo) > XAUTH Server Support (Thanks to Astaro for sponsoring this work. See > README.XAUTH for details. Disabled in default build.) > > > - -- > Ken Bantoft VP Business Development > ken at xelerance.com Xelerance Corporation > sip://toronto.xelerance.com http://www.xelerance.com > > The future is here. It's just not evenly distributed yet. > -- William Gibson > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE/9hQ/PiOgilmwgkgRApswAJwK+lZtgdlRUOxy6dL1AVdWL5TA9gCgqoHW > R8FCGX5j4esW5ZURYEq1ah4= > =Y9/S > -----END PGP SIGNATURE----- > > _______________________________________________ > Dev mailing list > Dev at lists.openswan.org > http://lists.openswan.org/mailman/listinfo/dev From czar at czarc.net Sat Jan 3 18:32:10 2004 From: czar at czarc.net (Gene C.) Date: Sat, 3 Jan 2004 13:32:10 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073146806.25981.95.camel@binkley> References: <1073071767.4002.54.camel@goober.localdomain> <200401031120.31079.czar@czarc.net> <1073146806.25981.95.camel@binkley> Message-ID: <200401031332.10027.czar@czarc.net> On Saturday 03 January 2004 11:20, seth vidal wrote: > > In general, http is "encouraged" for downloading of updates and > > individual packages for FC (up2date also uses it). To me this makes lots > > of sense since the various proxy servers in the network can do a much > > better job of load balancing than running multiple ftp servers with > > rotating access via dns. > > > > However, I noticed that when the ISOs are downloaded, ftp is forced. Is > > there some reason for this. I would think that the same load balancing > > logic that applied for packages would also ally to the ISO images. > > ftp is forced? forced from where? You can download the iso images from > the duke mirror, for example, via http. for http://download.fedora.redhat.com ISO image downloads are forced ... This was mentioned on one of these mailing lists by one of the folks from Red Hat. So I checked, and sure enough, http was used until I tried downloading the ISO images ... I forget if I just used lftp and noticed the switch there of if I needed to run tcpdump ... regardless, it does switch ... I assume that the httpd conf has aliases st up to force ftp for the images. This may or may not be true for any of the mirror sites. My question is ... why did Red Hat force ftp? ... it certainly seems intentional ... what don't I understand about HTTP, proxy servers, and lare files? -- Gene From tcallawa at redhat.com Sat Jan 3 18:42:12 2004 From: tcallawa at redhat.com (Tom 'spot' Callaway) Date: Sat, 03 Jan 2004 12:42:12 -0600 Subject: [Fwd: [Openswan dev] ANNOUNCE: Openswan 1.0.0 Released] In-Reply-To: <1073153001.10221.50.camel@mentor.gurulabs.com> References: <1073153001.10221.50.camel@mentor.gurulabs.com> Message-ID: <1073155332.4474.121.camel@zorak> On Sat, 2004-01-03 at 12:03, Dax Kelson wrote: > The Super FreeSWAN patch has morphed into a full blown project of it's > own complete with road maps, mailing lists, CVS, and an IRC channel. > > It would be very nice to get Openswan v2.10 included with FC2. > > 2. Does it work on Linux Kernel 2.6? > > > > The Openswan 1.x.x releases will runn on 2.0.x, 2.2.x and 2.4.x series > > only. Our 2.x.x tree is in active development, and support the 2.6 > > kernels. I have no idea what their timetable is for their 2.x.x tree, but I would suspect that it would need to be in a stable state before we consider adding it to FC2. It could be stable now, I just suspect that the smart people on the kernel team will hold off on adding third party kernel code that wasn't absolutely rock solid, and the announcement seems to imply that the 2.6 branch isn't there yet. This is especially key since FC2 has an agressive time table... ~spot --- Tom "spot" Callaway LCA, RHCE Red Hat Sales Engineer || Aurora SPARC Linux Project Leader "The author's mathematical treatment of the conception of purpose is novel and highly ingenious, but heretical and, so far as the present social order is concerned, dangerous and potentially subversive. Not to be published." -- Aldous Huxley's "Brave New World" From skvidal at phy.duke.edu Sat Jan 3 18:46:51 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Sat, 03 Jan 2004 13:46:51 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <200401031332.10027.czar@czarc.net> References: <1073071767.4002.54.camel@goober.localdomain> <200401031120.31079.czar@czarc.net> <1073146806.25981.95.camel@binkley> <200401031332.10027.czar@czarc.net> Message-ID: <1073155610.25981.98.camel@binkley> > My question is ... why did Red Hat force ftp? ... it certainly seems > intentional ... what don't I understand about HTTP, proxy servers, and lare > files? odd. I don't have the foggiest idea why that is that way. Maybe they didn't have a better webserver setup and didn't want to serve isos off of apache (which is not unreasonable given that apache is not the best choice for large-static-file distribution) dunno. Anyone from fedora/rh IS know what the story is here? -sv From matthew at zeut.net Sat Jan 3 19:02:59 2004 From: matthew at zeut.net (Matthew T. O'Connor) Date: Sat, 03 Jan 2004 14:02:59 -0500 Subject: rawhide questions In-Reply-To: <1071462574.1633.1.camel@edoras.local.net> References: <1071456909.21946.17.camel@zeuthide.zeut.net> <1071462574.1633.1.camel@edoras.local.net> Message-ID: <1073156578.3264.120.camel@zeuthide.zeut.net> Sorry it has taken me so long to get back on this, but life interviened. On Sun, 2003-12-14 at 23:29, Jeremy Katz wrote: > Building a fixed libuser for this now. Ok, I have updated my fedora-devel box as of Jan 2, 2004. I can run system-config-users, but it crashes when I try to add a new user. The new user window comes up, I fill out all the fields, and click ok, and I got this: [root at zeuthide root]# system-config-users /usr/share/system-config-users/userWindow.py:227: RuntimeWarning: tp_compare didn't return -1 or -2 for exception if self.homeDirCheck.get_active() == gtk.TRUE: Traceback (most recent call last): File "/usr/share/system-config-users/userWindow.py", line 227, in on_userWin_ok_button_clicked if self.homeDirCheck.get_active() == gtk.TRUE: TypeError: argument 2 must be list, not str The window froze grayed out. > > xmms crashes - I just get a message that there was a Segmentation fault. > > Can you run it under gdb and get a backtrace? I can't get a core file. As a regular user when I ulimit -c unlimited, I get "bash: ulimit: core file size: cannot modify limit: Operation not permitted". When I do it as root it, the ulimit command completes ok, but I still don't get a core file when I run xmms. Any idea why? From lowen at pari.edu Sat Jan 3 19:14:48 2004 From: lowen at pari.edu (Lamar Owen) Date: Sat, 3 Jan 2004 14:14:48 -0500 Subject: [Fwd: [Openswan dev] ANNOUNCE: Openswan 1.0.0 Released] In-Reply-To: <1073153001.10221.50.camel@mentor.gurulabs.com> References: <1073153001.10221.50.camel@mentor.gurulabs.com> Message-ID: <200401031414.48038.lowen@pari.edu> On Saturday 03 January 2004 01:03 pm, Dax Kelson wrote: > The Super FreeSWAN patch has morphed into a full blown project of it's > own complete with road maps, mailing lists, CVS, and an IRC channel. > It would be very nice to get Openswan v2.10 included with FC2. v2.10? They just released 1.0.0, with 2.0.0 in development. Why do we need this when the KAME stuff is working and works with 2.6? KAME being what RHEL is using, why would OpenSWAN be needed in Core (maybe in Alternatives, since it _is_ and alternative IPsec implementation). If you need DPD and NAT-T, I guess you would want this. For straight IPsec, or PPP over L2TP over IPsec w/X.509, KAME plus the RHEL 2.4 kernel or the 2.6 kernel seems to get the job done. Just curious as to the reason why; I looked at Super FreeS/WAN before getting White Box loaded here (which has the same patches and ipsec-tools as RHEL3). The KAME config is vastly different than the SFSWAN config. So, tell me why I should completely redo everything: if it has a Can't-Live-Without feature, then, tell us. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu From jonathana at cleanstick.org Sat Jan 3 19:24:47 2004 From: jonathana at cleanstick.org (Jon Atkinson) Date: Sat, 03 Jan 2004 19:24:47 +0000 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073151025.5688.119.camel@edoras.local.net> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> <3FF6019B.9000000@insight.rr.com> <1073151025.5688.119.camel@edoras.local.net> Message-ID: <3FF716FF.4050200@cleanstick.org> I think therefore it might be a good idea to make this more prominent then. On the download page (http://fedora.redhat.com/download/#boot) the diskette images are mentioned, but maybe a few small changes should be made, to explain to users the _advantages_ of using diskette images. I think the fact this feature and installation method exists should be trumpeted to users as loudly as possible; surely the bandwidth savings (for both redhat.com and its mirrors) would be fairly large. I don't see any disadvantages to this, unless I'm missing something obvious in which case I await correction ;-) As an aside, does anyone have access to the download statistics for the images? I'd be interested to see a few figures :-) --Jon Atkinson Jeremy Katz wrote: > On Fri, 2004-01-02 at 18:41, Jim Cornette wrote: > >>Jeremy Katz wrote: >>I've done the floppy install (series of 4 floppies) of Debian before. I >>liked the network install, though Debian didn't meet my particular >>needs. I also downloaded and burned a whole series of CDROMs and it only >>used the first CD. (A big waste, but a learning experience). I think >>that their other concept of selecting desired programs that then create >>your customized installations is a good approach, if dependencies could >>be met through the selector. >> >>It might serve Fedora to have such a capability, though it sounds like >>it would be a nightmare to implement successfully. > > > It's there. If you boot with the floppy image (boot.img + drvnet.img > from the images/ directory), then you can do an ftp install with just 2 > floppies instead of four :) > > >>Instead of the installation option being kind of hidden, it would be >>nice to see it available as a choice when the first disc booted up. >>Alternatively, a credit card model with just ftp / http installation >>starting might be a good idea. I heard mention of a boot.iso, so it must >>already exist and is or can be offered within the regular directory that >>contains the usual 6 discs. ( rpms, srpms) > > > I don't see how this is hidden... If you boot with regular CDs, then > the right thing to do is go ahead and use them because that's what the > 99% case is going to want. You can bypass the autocd detection (boot > with 'linux askmethod') -- all of this is in the syslinux help screens > :/ > > boot.iso is located in the images/ directory and is an approximately 4 > meg image that you can burn to CD and start an install with. Maybe > putting it in the isos directory instead of just the tree would help > raise the visibility here. > > Cheers, > > Jeremy > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list From mike at flyn.org Sat Jan 3 19:35:14 2004 From: mike at flyn.org (W. Michael Petullo) Date: Sat, 3 Jan 2004 13:35:14 -0600 Subject: install fedora on a powerbook g4 667 In-Reply-To: <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> References: <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> Message-ID: <20040103193514.GA2881@imp.flyn.org> >>> * mozilla (core's on startup unless you apply the patch which marks >>> things __may_alias__) - >>> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111662 >> it also true on my sparc workstation, and maybe even on all !x86 > What about the SRPM from RHEL3. RHEL3 supports the ppc/ppc64 arch > and others so the srpm for mozilla and other packages for that matter > should be available/buildable for ppc and other platforms as srpms from > ftp.redhat.com Dan Burcaw (of Yellow Dog)'s mozilla 1.4.1 build works great on my iBook. See http://cvs.terraplex.com/yum/. -- Mike :wq From drepper at redhat.com Sat Jan 3 19:42:22 2004 From: drepper at redhat.com (Ulrich Drepper) Date: Sat, 03 Jan 2004 11:42:22 -0800 Subject: dlopen fails for libpthread In-Reply-To: <20040103073623.GA23937@fscked.org> References: <20040103073623.GA23937@fscked.org> Message-ID: <3FF71B1E.4040007@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mike Perry wrote: > if ((handle = dlopen("/lib/libpthread.so.0", RTLD_LAZY)) == NULL) > printf("Dlerror: %s\n", dlerror()); #include and replace the file name with LIBPTHREAD_SO. - -- ? Ulrich Drepper ? Red Hat, Inc. ? 444 Castro St ? Mountain View, CA ? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/9xsf2ijCOnn/RHQRAuecAKCxk2qjXcbU+5Tlk1Tc8VpPkkC7qgCgsg1s JaBLtgm+va0/Q8GjsnD6eKs= =KGn+ -----END PGP SIGNATURE----- From speedy at eu11.ziew.org Sat Jan 3 19:56:50 2004 From: speedy at eu11.ziew.org (robert j. wozny) Date: Sat, 03 Jan 2004 20:56:50 +0100 Subject: install fedora on a powerbook g4 667 In-Reply-To: <20040103193514.GA2881@imp.flyn.org> (W. Michael Petullo's message of "Sat, 3 Jan 2004 13:35:14 -0600") References: <36062.203.161.104.72.1073140392.squirrel@www.opensystems.net.au> <20040103193514.GA2881@imp.flyn.org> Message-ID: Quoting "W. Michael Petullo" : >>> it also true on my sparc workstation, and maybe even on all !x86 >> What about the SRPM from RHEL3. RHEL3 supports the ppc/ppc64 arch >> and others so the srpm for mozilla and other packages for that matter >> should be available/buildable for ppc and other platforms as srpms from >> ftp.redhat.com > Dan Burcaw (of Yellow Dog)'s mozilla 1.4.1 build works great on my iBook. > See http://cvs.terraplex.com/yum/. or you can apply this patch: http://ziew.org/ppc/mozilla-xpcom-aliasing.patch tested on mozilla 1.5, probably you can use it to make running mozilla 1.4.1. -- r. From greg at kroah.com Sat Jan 3 22:56:14 2004 From: greg at kroah.com (Greg KH) Date: Sat, 3 Jan 2004 14:56:14 -0800 Subject: 2.6 kernel on devel In-Reply-To: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> Message-ID: <20040103225614.GL11061@kroah.com> On Sat, Jan 03, 2004 at 01:35:09PM +0800, Peter Robinson wrote: > > The couple of problems I've run into is support for a Stallion > Multiport serial card. There was some old patches to update this driver to 2.6 floating around on linux-kernel. It seems that the authors of them never followed through for some reason :( Sorry, greg k-h From warren at togami.com Sat Jan 3 23:45:19 2004 From: warren at togami.com (Warren Togami) Date: Sat, 03 Jan 2004 13:45:19 -1000 Subject: fedora.us false alarm Message-ID: <3FF7540F.8000401@togami.com> The servers did not go down. I learned this morning that there was a bit of misunderstanding in communication, and it is the air conditioning and not power that would be down. All fedora.us services should be back up now. I moved the DNS for www.fedora.us and download.fedora.us back to 128.171.104.133, but that will take a while to take effect. Warren From peterr at opensystems.net.au Sun Jan 4 00:54:07 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Sun, 4 Jan 2004 08:54:07 +0800 (WST) Subject: 2.6 kernel on devel In-Reply-To: <20040103225614.GL11061@kroah.com> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> Message-ID: <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> > On Sat, Jan 03, 2004 at 01:35:09PM +0800, Peter Robinson wrote: >> >> The couple of problems I've run into is support for a Stallion >> Multiport serial card. > > There was some old patches to update this driver to 2.6 floating around > on linux-kernel. It seems that the authors of them never followed > through for some reason :( Oh well. Do you think there's a possibility that the patches may be merged at some time now that 2.6.0 is out and Linus/Andrew are accepting patches again or is it dependant on the maintainer? Also upgraded to the latest 2.6.0-1.23 but I've got problems with a kernel panic when trying to mount the root fs with a "VFS cannot open root dev "LABEL=/" or unknown-block(0,0)" error. Its a 9G SCSI disk on a AIC7xxx controller. Peter -------------------------------------------------------------- Peter Robinson Senior Consultant Open Systems Support peterr at opensystems.net.au 97 Broadway, Nedlands WA 6009 Ph (08) 92848777 Fax (08) 93869833 From seanlkml at rogers.com Sun Jan 4 01:01:55 2004 From: seanlkml at rogers.com (Sean Estabrooks) Date: Sat, 3 Jan 2004 20:01:55 -0500 Subject: 2.6 kernel on devel In-Reply-To: <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> Message-ID: <20040103200155.707ba1ab.seanlkml@rogers.com> On Sun, 4 Jan 2004 08:54:07 +0800 (WST) "Peter Robinson" wrote: > Also upgraded to the latest 2.6.0-1.23 but I've got problems with a > kernel panic when trying to mount the root fs with a "VFS cannot open > root dev"LABEL=/" or unknown-block(0,0)" error. Its a 9G SCSI disk on a > AIC7xxx controller. Peter, You have to supply a proper initrd that handles resolving the label for you. Reportedly there is a bug in a recent mkinitrd rpm so you may need to downgrade before creating an initrd image, check out this bugzilla entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=112623 Of course you'll have to make sure your grub or lilo entry properly references this initrd as well. Cheers, Sean From mike at netlyncs.com Sun Jan 4 01:06:47 2004 From: mike at netlyncs.com (Mike Chambers) Date: Sat, 03 Jan 2004 19:06:47 -0600 Subject: 2.6 kernel on devel In-Reply-To: <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> Message-ID: <1073178407.2049.16.camel@bart.netlyncs.com> On Sat, 2004-01-03 at 18:54, Peter Robinson wrote: > Also upgraded to the latest 2.6.0-1.23 but I've got problems with a kernel panic > when trying to mount the root fs with a "VFS cannot open root dev "LABEL=/" or > unknown-block(0,0)" error. Its a 9G SCSI disk on a AIC7xxx controller. What version of mkinitrd are you using? I had the same problem and had to downgrade to mkinitrd that came with FC1 and reinstall the kernel again and that should fix it. -- Mike Chambers Madisonville, KY "It's funny until someone gets hurt...then it's hilarious!" From matthew at zeut.net Sun Jan 4 01:29:46 2004 From: matthew at zeut.net (Matthew T. O'Connor) Date: Sat, 03 Jan 2004 20:29:46 -0500 Subject: rdesktop 1.3 Message-ID: <1073179786.4819.9.camel@zeuthide.zeut.net> Is there any reason that FC2 devel still has rdesktop 1.2 when 1.3 was release a few months ago. In my testing, it seems to work fine, and has some much needed features most importantly high color support. Matthew T. O'Connor From peterr at opensystems.net.au Sun Jan 4 02:44:40 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Sun, 4 Jan 2004 10:44:40 +0800 (WST) Subject: 2.6 kernel on devel In-Reply-To: <1073178407.2049.16.camel@bart.netlyncs.com> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> <1073178407.2049.16.camel@bart.netlyncs.com> Message-ID: <36996.203.161.104.72.1073184280.squirrel@www.opensystems.net.au> > On Sat, 2004-01-03 at 18:54, Peter Robinson wrote: > >> Also upgraded to the latest 2.6.0-1.23 but I've got problems with a kernel panic >> when trying to mount the root fs with a "VFS cannot open root dev "LABEL=/" or >> unknown-block(0,0)" error. Its a 9G SCSI disk on a AIC7xxx controller. > > What version of mkinitrd are you using? I had the same problem and had > to downgrade to mkinitrd that came with FC1 and reinstall the kernel > again and that should fix it. Thanks Mike and all, It fixed my kernel boot nicely :-) Peter From cornette at insight.rr.com Sun Jan 4 02:48:10 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sat, 03 Jan 2004 21:48:10 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073151025.5688.119.camel@edoras.local.net> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> <3FF6019B.9000000@insight.rr.com> <1073151025.5688.119.camel@edoras.local.net> Message-ID: <3FF77EEA.2050609@insight.rr.com> Jeremy Katz wrote: >On Fri, 2004-01-02 at 18:41, Jim Cornette wrote: > > >>Jeremy Katz wrote: >>I've done the floppy install (series of 4 floppies) of Debian before. I >>liked the network install, though Debian didn't meet my particular >>needs. I also downloaded and burned a whole series of CDROMs and it only >>used the first CD. (A big waste, but a learning experience). I think >>that their other concept of selecting desired programs that then create >>your customized installations is a good approach, if dependencies could >>be met through the selector. >> >>It might serve Fedora to have such a capability, though it sounds like >>it would be a nightmare to implement successfully. >> >> > >It's there. If you boot with the floppy image (boot.img + drvnet.img >from the images/ directory), then you can do an ftp install with just 2 >floppies instead of four :) > > I'll have to try the two floppy and ftp: or http: installation method. Two floppies vs. three ISO images seems minimal install medium to me. Also, I was wondering about the pick your installation choices before you download the installation pieces. Then grab the needed package groups (modular elements, such as KDE, gnome, sysadmin, games, etc:) and then generating the final ISO images before download. I'm not sure if this concept could be automated from the server side or could be assembled on the client side from some sort of a retriever program. >>Instead of the installation option being kind of hidden, it would be >>nice to see it available as a choice when the first disc booted up. >>Alternatively, a credit card model with just ftp / http installation >>starting might be a good idea. I heard mention of a boot.iso, so it must >>already exist and is or can be offered within the regular directory that >>contains the usual 6 discs. ( rpms, srpms) >> >> > >I don't see how this is hidden... If you boot with regular CDs, then >the right thing to do is go ahead and use them because that's what the >99% case is going to want. You can bypass the autocd detection (boot >with 'linux askmethod') -- all of this is in the syslinux help screens >:/ , > > > This makes sense to me now, since the CDROMs are at hand. It would be nice though if after the installer found a working hi-speed connection, if it would present a choice for doing a network install or check for errata, which might improve the installation. (Out of disk space, firewire, default up2date retrieval information, etc). >boot.iso is located in the images/ directory and is an approximately 4 >meg image that you can burn to CD and start an install with. Maybe >putting it in the isos directory instead of just the tree would help >raise the visibility here > > I downloaded and tried the boot.iso from the rawhide image directory. It detected a NIC presence on both machines that I tried it on. On the machine with dual 3com ethernet cards, it asked which ethernet card that I wanted to use. Neither came with an identity. Is kudzu and hwdata part of the boot.iso? The other computer that I tried the boot.iso gave me an error code -16. The dual 3com NIC computer gave me the same error -16 also. Both NICs were tried, both gave the same errors. I would have found the boot.iso faster, with it being located alongside the installation ISOs. I still assumed the images directory was for floppy images , not CDROM images. Live and learn! Thanks! Jim > >Cheers, > >Jeremy > > > From steve at rueb.com Sun Jan 4 02:55:47 2004 From: steve at rueb.com (Steve Bergman) Date: Sat, 03 Jan 2004 20:55:47 -0600 Subject: 2.6 kernel on devel In-Reply-To: <36996.203.161.104.72.1073184280.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> <1073178407.2049.16.camel@bart.netlyncs.com> <36996.203.161.104.72.1073184280.squirrel@www.opensystems.net.au> Message-ID: <1073184947.7976.78.camel@localhost.localdomain> On Sat, 2004-01-03 at 20:44, Peter Robinson wrote: > > Thanks Mike and all, > > It fixed my kernel boot nicely :-) > > Peter > Another "solution" is to use /dev/sda? instead of label="/" in grub.conf. It's the label that causes the problem. From dax at gurulabs.com Sun Jan 4 02:58:03 2004 From: dax at gurulabs.com (Dax Kelson) Date: Sat, 03 Jan 2004 19:58:03 -0700 Subject: Why KAME/racoon sucks (was: OpenSWAN ANNOUCEMENT) In-Reply-To: <200401031414.48038.lowen@pari.edu> References: <1073153001.10221.50.camel@mentor.gurulabs.com> <200401031414.48038.lowen@pari.edu> Message-ID: <1073185082.10221.675.camel@mentor.gurulabs.com> On Sat, 2004-01-03 at 12:14, Lamar Owen wrote: > v2.10? They just released 1.0.0, with 2.0.0 in development. Why do we need > this when the KAME stuff is working and works with 2.6? KAME being what RHEL > is using, why would OpenSWAN be needed in Core (maybe in Alternatives, since > it _is_ and alternative IPsec implementation). If you need DPD and NAT-T, I > guess you would want this. For straight IPsec, or PPP over L2TP over IPsec > w/X.509, KAME plus the RHEL 2.4 kernel or the 2.6 kernel seems to get the job > done. > > Just curious as to the reason why; I looked at Super FreeS/WAN before getting > White Box loaded here (which has the same patches and ipsec-tools as RHEL3). > The KAME config is vastly different than the SFSWAN config. So, tell me why > I should completely redo everything: if it has a Can't-Live-Without feature, > then, tell us. Sure, I tell you yet again...(already posted to this list on Dec 8th): As a user and an administrator of variety of production systems IKE daemons ranging from KAME/racoon, isakmpd, Solaris 8/9 IKE, FreeSWAN, and SuperFreeSWAN, I can comment that I've found all but SuperFreeSWAN sorely lacking. Note that Openswan is the successor to Super FreeSWAN. The critical features an IKE daemon are: a) Ability to be configured as VPN concentrator supporting both road warriors and remote LANs all at the same time. b) X.509 certificate support c) Virtual-IP support for persistent inner IP address in ESP packets. This allows no-headache IPsec through non-brain dead NATing routers/firewalls without resorting to the following. d) NAT-T (ala ESP-over-UDP) for IPsec through brain dead NATing routers/firewalls. The other nice features are: e) AES support f) Notify/Delete SA (for Cisco interop) g) XAUTH support (authenticate VPN users/tunnels via PAM) h) DHCP over IPSec i) Transport mode All these features are supported by SuperFreeSWAN/Openswan and racoon and isakmpd only support b, i and maybe "e". IPsec deployment covers two areas 1) Secure LAN-to-LAN communication 2) Secure road warrior to HQ communication I would say IPsec deployment for "2" clearly, clearly outweighs "1". Basically, supporting road warriors is impossible with racoon or isakmp. Dax Kelson Guru Labs From katzj at redhat.com Sun Jan 4 03:19:24 2004 From: katzj at redhat.com (Jeremy Katz) Date: Sat, 03 Jan 2004 22:19:24 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF77EEA.2050609@insight.rr.com> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> <3FF6019B.9000000@insight.rr.com> <1073151025.5688.119.camel@edoras.local.net> <3FF77EEA.2050609@insight.rr.com> Message-ID: <1073186364.1749.25.camel@edoras.local.net> On Sat, 2004-01-03 at 21:48, Jim Cornette wrote: > Also, I was wondering about the pick your installation choices before > you download the installation pieces. Then grab the needed package > groups (modular elements, such as KDE, gnome, sysadmin, games, etc:) and > then generating the final ISO images before download. I'm not sure if > this concept could be automated from the server side or could be > assembled on the client side from some sort of a retriever program. There's really not a good, sane way to do this unfortunately. [snip] > This makes sense to me now, since the CDROMs are at hand. It would be > nice though if after the installer found a working hi-speed connection, > if it would present a choice for doing a network install or check for > errata, which might improve the installation. (Out of disk space, > firewire, default up2date retrieval information, etc). Checking things like this tends to ... annoy people. They think that you're calling home or something :) Also, "high-speed" is a very vague term and hard to determine. Plus, as soon as that's done, people start wanting ISDN and everything else support on boot disks which starts to get out of hand pretty quick for boot disks. As far as updates, they're handled in the firstboot process. > >boot.iso is located in the images/ directory and is an approximately 4 > >meg image that you can burn to CD and start an install with. Maybe > >putting it in the isos directory instead of just the tree would help > >raise the visibility here > > > I downloaded and tried the boot.iso from the rawhide image directory. It > detected a NIC presence on both machines that I tried it on. On the > machine with dual 3com ethernet cards, it asked which ethernet card that > I wanted to use. Neither came with an identity. Is kudzu and hwdata part > of the boot.iso? rawhide is a little busted right now. Now that the holidays are over, I'll get back to tracking down why :) > I would have found the boot.iso faster, with it being located alongside > the installation ISOs. I still assumed the images directory was for > floppy images , not CDROM images. Live and learn! Hmm, okay. It's definitely something to consider. The extra 5 megs wouldn't really be a huge concern for mirroring, IMHO, and if it makes things more obvious then it may well be worth it. Cheers, Jeremy From greg at kroah.com Sun Jan 4 03:30:56 2004 From: greg at kroah.com (Greg KH) Date: Sat, 3 Jan 2004 19:30:56 -0800 Subject: 2.6 kernel on devel In-Reply-To: <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> Message-ID: <20040104033056.GA19542@kroah.com> On Sun, Jan 04, 2004 at 08:54:07AM +0800, Peter Robinson wrote: > > > On Sat, Jan 03, 2004 at 01:35:09PM +0800, Peter Robinson wrote: > >> > >> The couple of problems I've run into is support for a Stallion > >> Multiport serial card. > > > > There was some old patches to update this driver to 2.6 floating around > > on linux-kernel. It seems that the authors of them never followed > > through for some reason :( > > Oh well. Do you think there's a possibility that the patches may be merged at some > time now that 2.6.0 is out and Linus/Andrew are accepting patches again or is it > dependant on the maintainer? They will be merged, if they ever are submitted again, and the problems with the last round are taken care of. thanks, greg k-h From notting at redhat.com Sun Jan 4 05:20:50 2004 From: notting at redhat.com (Bill Nottingham) Date: Sun, 4 Jan 2004 00:20:50 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073118504.1865.38.camel@localhost.localdomain> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <20040103004635.A19719@meenakshi.cs.iitm.ernet.in> <1073118504.1865.38.camel@localhost.localdomain> Message-ID: <20040104052049.GB1715@devserv.devel.redhat.com> Tony Grant (tony at tgds.net) said: > I would rather see a base system and yum on a USB key rather than an > ISO. To boot off of usb key: - cp isolinux/* to the device - rename isolinux.cfg to syslinux.cfg - run syslinux on the device That should be it. Bill From notting at redhat.com Sun Jan 4 05:25:27 2004 From: notting at redhat.com (Bill Nottingham) Date: Sun, 4 Jan 2004 00:25:27 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <200401031332.10027.czar@czarc.net> References: <1073071767.4002.54.camel@goober.localdomain> <200401031120.31079.czar@czarc.net> <1073146806.25981.95.camel@binkley> <200401031332.10027.czar@czarc.net> Message-ID: <20040104052527.GC1715@devserv.devel.redhat.com> Gene C. (czar at czarc.net) said: > My question is ... why did Red Hat force ftp? ... it certainly seems > intentional ... what don't I understand about HTTP, proxy servers, and lare > files? Basically, we've discovered that various 'download accelerator' programs (that open up 10+ connections with byte ranges) tend to drown out useful traffic in such a situation. If you try to firewall on multiple connects, you run into other issues, such as blocking out multiple yum users behind some sort of NAT firewall. Bill From pekkas at netcore.fi Sun Jan 4 07:36:45 2004 From: pekkas at netcore.fi (Pekka Savola) Date: Sun, 4 Jan 2004 09:36:45 +0200 (EET) Subject: Why KAME/racoon sucks (was: OpenSWAN ANNOUCEMENT) In-Reply-To: <1073185082.10221.675.camel@mentor.gurulabs.com> Message-ID: On Sat, 3 Jan 2004, Dax Kelson wrote: > As a user and an administrator of variety of production systems IKE > daemons ranging from KAME/racoon, isakmpd, Solaris 8/9 IKE, FreeSWAN, > and SuperFreeSWAN, I can comment that I've found all but SuperFreeSWAN > sorely lacking. There are more dimensions to this debate than just the number of features. > c) Virtual-IP support for persistent inner IP address in ESP packets. > This allows no-headache IPsec through non-brain dead NATing > routers/firewalls without resorting to the following. > > d) NAT-T (ala ESP-over-UDP) for IPsec through brain dead NATing > routers/firewalls. Are you aware that these are covered by multiple IPR claims? > g) XAUTH support (authenticate VPN users/tunnels via PAM) This is dangerous, and has been rejected in the IETF for standardization. Why again should this be done then? If you want to authenticate users/tunnels via PAM, can't this be done by creating a PAM module interfacing IKE? Also look at Bugtraq thread: http://marc.theaimsgroup.com/?l=bugtraq&m=107124772803447&w=2 > h) DHCP over IPSec That's already supported, I guess. What you're saying is maybe "DHCP-over-IKE"? I believe that has also been rejected at the IETF, but not sure. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings From hariprasad at multitech.co.in Sun Jan 4 09:14:45 2004 From: hariprasad at multitech.co.in (Hariprasad B) Date: Sun, 04 Jan 2004 14:44:45 +0530 Subject: Problem Upgrading from Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1 Message-ID: <3FF7D985.30609@multitech.co.in> Hi All I wanted to upgrade my Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1, to capture scsii related packets. I tried out two options 1) rpm -Uvh ethereal-0.10.0a-0.1.i386.rpm It gives the following error error: Failed dependencies: ethereal = 0.9.13-4.1 is needed by (installed) ethereal-gnome-0.9.13-4.1 2) So after this I did the following step removed both ethere.. gnome and ethereal0.9.... rpm -e ethereal-gnome-0.9.13-4.1 rpm -e ethreal And now tried to Install ethereal-0.10.0a-0.1.i386.rpm rpm -ivh ethereal-0.10.0a-0.1.i386.rpm But now it says error : failed dependencies libc.so.6(GLIBC_2.3) is needed by ethereal-0.10.0a libcrypto.so.4 is needed by ethereal-0.10.0a-0.1 libelf.so.1 is needed by ethereal-0.10.0a-0.1 libnetsnmp.so.5 is needed by ethereal-0.10.0a-0.1 net-snmp >= 5.0 is neeed by ethereal-0.10.0a-0.1 When in checked for this files in the system is was present in either /usr/lib and /lib dirs So even though the files are present why is it giving so. Could any one help me out to overcome this hurdles Thanks Regards Hari From buildsys at redhat.com Sun Jan 4 11:42:29 2004 From: buildsys at redhat.com (Build System) Date: Sun, 4 Jan 2004 06:42:29 -0500 Subject: rawhide report: 20040104 changes Message-ID: <200401041142.i04BgT212829@porkchop.devel.redhat.com> Updated Packages: bind-9.2.3-5 ------------ * Tue Dec 30 2003 Daniel Walsh 9.2.3-5 - Add defattr to libs * Mon Dec 29 2003 Daniel Walsh 9.2.3-4 - Break out library package * Mon Dec 22 2003 Daniel Walsh 9.2.3-3 - Fix condrestart grub-0.93-8 ----------- * Sat Jan 03 2004 Jeremy Katz 0.93-8 - new bootonce patch from Padraig Brady so that you don't lose the old default (#112775) * Mon Nov 24 2003 Jeremy Katz - add ncurses-devel as a buildrequires (#110732) indent-2.2.9-4 -------------- * Sat Jan 03 2004 Florian La Roche - add a bugfix (copied from debian) mingetty-1.07-1 --------------- * Sat Jan 03 2004 Florian La Roche - 1.07 rpmdb-fedora-1.90-0.20040104 ---------------------------- setools-1.1-2 ------------- * Tue Dec 30 2003 Dan Walsh 1.1-2 - Add Defattr to devel - move libs to base kit sudo-1.6.7p5-11 --------------- * Fri Jan 02 2004 Dan Walsh 1.6.7p5-11 - Fix usage message From nhruby at uga.edu Sun Jan 4 15:47:46 2004 From: nhruby at uga.edu (nathan r. hruby) Date: Sun, 4 Jan 2004 10:47:46 -0500 (EST) Subject: 2.6 kernel on devel In-Reply-To: <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> Message-ID: On Sun, 4 Jan 2004, Peter Robinson wrote: > Also upgraded to the latest 2.6.0-1.23 but I've got problems with a > kernel panic when trying to mount the root fs with a "VFS cannot open > root dev "LABEL=/" or unknown-block(0,0)" error. Its a 9G SCSI disk on a > AIC7xxx controller. > I have a similar setup (boot device on aic7xxx) with rh9 and am using arjan's kernels and get the same deal. Haven't even bothered to look into yet. Did you try to rebuild the initrd? -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From balister at vt.edu Sun Jan 4 15:54:36 2004 From: balister at vt.edu (Philip Balister) Date: Sun, 4 Jan 2004 10:54:36 -0500 Subject: Errors building ndiswrapper under 2.6 kernel Message-ID: <20040104155436.GC28703@nemesis.maddog.net> I am using the ndiswrapper kernel module to load the windoze driver for the intel 2100 wireless ethernet card in my Dell 600m. With the 2.4 kernel and kernel-source packages everything is fine, I can build the kernel module with my user account and it loads and everything is fine. When I try building it with the latest 2.6 kernel and kernel-source rpm's I have the following problems: If I build with my user account there is a problem with the version.h file. Some kind of permission denied problem. If I build as root there is a syntax error before "__atribute__" in desc.h. The ndiswrapper makefile seems to use the /lib/modules/KVER/build/Makefile to do the real work. I haven't quite figured out what is really going on here. I can get the reall error messages if required. But I am hoping someone already has figured out the problem build modules with 2.6 kernel rpm's :) Thanks, Philip From tony at tgds.net Sun Jan 4 16:09:59 2004 From: tony at tgds.net (Tony Grant) Date: Sun, 04 Jan 2004 17:09:59 +0100 Subject: 2.6 kernel on devel In-Reply-To: References: <35428.203.161.104.72.1073108109.squirrel@www.opensystems.net.au> <20040103225614.GL11061@kroah.com> <36699.203.161.104.72.1073177647.squirrel@www.opensystems.net.au> Message-ID: <1073232598.30964.30.camel@localhost.localdomain> Le dim 04/01/2004 ? 16:47, nathan r. hruby a ?crit : > > Also upgraded to the latest 2.6.0-1.23 but I've got problems with a > > kernel panic when trying to mount the root fs with a "VFS cannot open > > root dev "LABEL=/" or unknown-block(0,0)" error. Its a 9G SCSI disk on a > > AIC7xxx controller. > > > > I have a similar setup (boot device on aic7xxx) with rh9 and am using > arjan's kernels and get the same deal. Haven't even bothered to look into > yet. Did you try to rebuild the initrd? I was messing around with building 2.6.0 kernels from source and eventually my machine stopped booting with these errors too. I pinned the problem down to ext3 and ext3 partition type conflicts. I installed the rpm kernel and it asked me to downgrade mkinitrd which I did and voila the machine boots again. I compared the two initrd images and they have identical contents! Since about kernel 5.2 I have been asking how come module insertion is automatic when you use Redhat kernels and not when you build your own? Come on guys where is the guru voodoo magic that makes it work for you? I've read the kernel README and all the other howtos and I just can't make it work for me. One interesting thing that I did find is that my VIA kernel will not run VMware where the i686 one will. Yes I know that the VIA CPU is unsupported by VMware 4, that is why I am staying with 3.2.1. I am now reading the 2.6.0.x source rpm spec file and other files (my other half isn't enjoying it believe me...) I swear I'll build a VIA specific kernel that loads modules by years end! =:-D Cheers Tony Grant -- www.tgds.net Library management software toolkit From mail.sw.rh.rhl.devel at spam.fi.basen.net Sun Jan 4 16:04:51 2004 From: mail.sw.rh.rhl.devel at spam.fi.basen.net (Kaj J. Niemi) Date: Sun, 4 Jan 2004 18:04:51 +0200 Subject: Errors building ndiswrapper under 2.6 kernel References: <20040104155436.GC28703@nemesis.maddog.net> Message-ID: <200401041604.i04G4pTP007614@aurora.a51.org> > If I build with my user account there is a problem with the version.h > file. Some kind of permission denied problem. If I build as root there > is a syntax error before "__atribute__" in desc.h. You need to take a closer look at the ndiswrapper-general archives. :) The first issue is easiest fixed by copying (rsyncing for example) /lib/modules/`uname -r`/build to another location. Next you need to change the line starting "KSRC = ..." in ndiswrapper/driver/Makefile to point to the location you copied the build directory structure to. Your second problem is fixed by moving #include "ndis.h" _below_ the include for #include in driver/loader.c. ndis.h redefines __attribute__ to something which asm/pgalloc.h isn't expecting. // kaj From eldergabriel at charter.net Sun Jan 4 16:55:30 2004 From: eldergabriel at charter.net (Gabriel M. Elder) Date: 04 Jan 2004 10:55:30 -0600 Subject: initscripts: Can it restart a service automatically if onecrashes? In-Reply-To: <20031230001659.DTIN8785.mtai03.charter.net@mxsf09.cluster1.charter.net> References: <3FEFE979.5060403@asiayeah.com> <87ekunzavt.fsf@kosh.ultra.csn.tu-chemnitz.de> <20031230001659.DTIN8785.mtai03.charter.net@mxsf09.cluster1.charter.net> Message-ID: <1073235329.2820.32.camel@serverx.y.z> Sorry, I don't know about the, er, availability of the High Availability infrastructure, or where one would go to find such things. However, a few things worth pointing out: It might not be the most elegant of solutions, but couldn't one periodically run a shell script as a cron job that would test for the running process, and then restart it if it's not running? Maybe something like if [ ! $(ps -ef | grep -i processname) ]; then /usr/local/3rd_party_app_dir/processname fi (you get the general idea...). Depending on uptime/availability requirements, and overhead tolerance, have it set to run every 1-10 minutes or so. Another possible scripting solution in your custom init script itself would be to 'exec' the application from a near-infinite do-while construct, with a failure exit status as a test. So as long as the application should be running, and it has failed, execution will return to the calling script. Increment a variable each time it starts the application, and include that in your test to set your crash limit? "Don't bash the script; script the bash!" :p On Mon, 2003-12-29 at 18:10, Peter Robinson wrote: > > dragonman at asiayeah.com (Tony Yat-Tung Cheung) writes: > > > >> I am going to write an init script for a 3rd party application. I > >> would like the application to restart itself automatically if it > >> crashes or core dumps (up to a predefined limit). Does the current > >> initscripts provide similar functionality? > >> ... > >> Thank you. Any idea? > > > > The (very limited) LSB initconcept does not support this and you will have > > to use more advantageous methods like minit[1] or runit[2]. 'supervise' from > > djb's daemontools[3] might be an interim solution but it has a non-free > > license and can not be distributed therefore. I do not know if there exists > > a free implementation of it. > > What about some of the High Availability stuff. I seem to remember there was some HA > stuff that could monitor ports or processes and restart them if required. > > Peter > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list From cornette at insight.rr.com Sun Jan 4 17:28:01 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sun, 04 Jan 2004 12:28:01 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073186364.1749.25.camel@edoras.local.net> References: <3FF5B6AC.2090004@silverorange.com> <3FF5BEE8.6050704@cleanstick.org> <1073072555.5688.110.camel@edoras.local.net> <3FF6019B.9000000@insight.rr.com> <1073151025.5688.119.camel@edoras.local.net> <3FF77EEA.2050609@insight.rr.com> <1073186364.1749.25.camel@edoras.local.net> Message-ID: <3FF84D21.6080201@insight.rr.com> Jeremy Katz wrote: >On Sat, 2004-01-03 at 21:48, Jim Cornette wrote: > > >>Also, I was wondering about the pick your installation choices before >>you download the installation pieces. Then grab the needed package >>groups (modular elements, such as KDE, gnome, sysadmin, games, etc:) and >>then generating the final ISO images before download. I'm not sure if >>this concept could be automated from the server side or could be >>assembled on the client side from some sort of a retriever program. >> >> > >There's really not a good, sane way to do this unfortunately. > It sounded like something that would be very hard to implement. It would be great for customizing your installation set though. > >[snip] > > >>This makes sense to me now, since the CDROMs are at hand. It would be >>nice though if after the installer found a working hi-speed connection, >>if it would present a choice for doing a network install or check for >>errata, which might improve the installation. (Out of disk space, >>firewire, default up2date retrieval information, etc). >> >> > >Checking things like this tends to ... annoy people. They think that >you're calling home or something :) Also, "high-speed" is a very vague >term and hard to determine. Plus, as soon as that's done, people start >wanting ISDN and everything else support on boot disks which starts to >get out of hand pretty quick for boot disks. As far as updates, they're >handled in the firstboot process. > With all of the different possible machine configurations and post-release problems discovered, it would be nice to get some sort of option to remedy particular problems before installation continues. I do understand that people keep wanting more enhancements and the installer becomes all too complicated to create. > > > >>>boot.iso is located in the images/ directory and is an approximately 4 >>>meg image that you can burn to CD and start an install with. Maybe >>>putting it in the isos directory instead of just the tree would help >>>raise the visibility here >>> >>> >>> >>I downloaded and tried the boot.iso from the rawhide image directory. It >>detected a NIC presence on both machines that I tried it on. On the >>machine with dual 3com ethernet cards, it asked which ethernet card that >>I wanted to use. Neither came with an identity. Is kudzu and hwdata part >>of the boot.iso? >> >> > >rawhide is a little busted right now. Now that the holidays are over, >I'll get back to tracking down why :) > I just did an ftp install of Rawhide on this machine. I think that mkinitrd is one of the items that need to be corrected. The ftp install of devevelopment went through in about 4 hours time from the download.fedora.redhat.com site and using the /pub/fedora/linux/core/development/i386 directory to retrieve the information. This was a server installation and was a clean install. I haven't booted into it yet to see what it will do. The initrd error caused me a few detours. I installed lilo because I wrecked grub when trying to reinstall it on my drive. I have to configure lilo to boot the newly installed ftp retrieved installation. On a detour, I installed the rawhide rpms on two different machines as an upgrade. I have found problems with kudzu, python related programs up2date and one or two documentation rpms. The program conflict count is only about 30 programs. Most of the other programs seem to work fine on both machines. If I get the ftp installation booting, I'll see the errors with that machine. Some excerpts from the install log are included below: Installing 769 packages Installing kernel-2.6.0-1.23.i686. WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __floatsidf WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __fixunsdfsi WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __adddf3 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __divdf3 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __floatsidf WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __ltdf2 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __adddf3 > > > >>I would have found the boot.iso faster, with it being located alongside >>the installation ISOs. I still assumed the images directory was for >>floppy images , not CDROM images. Live and learn! >> >> > >Hmm, okay. It's definitely something to consider. The extra 5 megs >wouldn't really be a huge concern for mirroring, IMHO, and if it makes >things more obvious then it may well be worth it. > > Thanks, Jim >Cheers, > >Jeremy > > > From stan at ccs.neu.edu Sun Jan 4 18:12:00 2004 From: stan at ccs.neu.edu (Stan Bubrouski) Date: Sun, 04 Jan 2004 13:12:00 -0500 Subject: Evolution 1.5 In-Reply-To: <1073151307.5688.123.camel@edoras.local.net> References: <1073087359.2097.7.camel@bart.netlyncs.com> <1073151307.5688.123.camel@edoras.local.net> Message-ID: <1073239919.2706.3.camel@duergar> Hey, If 1.5 fixes 1.4.5's problems then I say put it in. The fact that searching messages for my needs is nearly impossible without grep is a HUGE problem. For instance I can't make it correctly search headers, it will not find things in HTML etc...things other mail clients easily do makes 1.4.5 a bit useless. For instance, say I want to search for tvoffers.biz in html e-mails (SPAM). Even though the site is clearly in an HREF in the body of the message (not even an attachment) it will not find it. It won't even read charset info etc... Very disappointing... -sb On Sat, 2004-01-03 at 12:35, Jeremy Katz wrote: > On Fri, 2004-01-02 at 18:49, Mike Chambers wrote: > > Has Jeremy or anyone compiled/made an RPM for this version yet or is it > > still way buggy (I guess this is beta for 1.6?)? > > I started running 1.5 CVS at work a few weeks ago... 1.5.0 was > definitely not in a state that I really wanted to inflict on rawhide. > 1.5.1 should be better, I'm just trying to find the time to sit down and > start packaging it and testing it before throwing it at the world. > > Also, the schedule being up in the air until recently made me hold back > a little as well. Putting in evolution 1.5 and then having the schedule > be such that 2.0 had not chance of making it wasn't very appealing to me > :) > > Cheers, > > Jeremy > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list > From linux at sohosolutions.org Sun Jan 4 18:14:46 2004 From: linux at sohosolutions.org (linux at sohosolutions.org) Date: Sun, 4 Jan 2004 12:14:46 -0600 (CST) Subject: cd-rom not mounting Message-ID: <2097.24.1.92.140.1073240086.squirrel@ns1.tziyon.com> I was testing different installs for Fedora and when I needed to use the 2nd or 3rd cd - it keeps coming back telling me that it cannot mount the cd-rom. At first I thought it might be hardware but another drive has done the same thing. I have craeted more than one set of the cd's and did check the md5sum everytime. Just wondering if anyone else has encountered this and if they were able to get around it? Thanks Matt From stan at ccs.neu.edu Sun Jan 4 18:23:30 2004 From: stan at ccs.neu.edu (Stan Bubrouski) Date: Sun, 04 Jan 2004 13:23:30 -0500 Subject: Problem Upgrading from Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1 In-Reply-To: <3FF7D985.30609@multitech.co.in> References: <3FF7D985.30609@multitech.co.in> Message-ID: <1073240609.2706.6.camel@duergar> On Sun, 2004-01-04 at 04:14, Hariprasad B wrote: > Hi All > > But now it says > error : failed dependencies > libc.so.6(GLIBC_2.3) is needed by ethereal-0.10.0a > libcrypto.so.4 is needed by ethereal-0.10.0a-0.1 > libelf.so.1 is needed by ethereal-0.10.0a-0.1 > libnetsnmp.so.5 is needed by ethereal-0.10.0a-0.1 > net-snmp >= 5.0 is neeed by ethereal-0.10.0a-0.1 > > When in checked for this files in the system is was present in either > /usr/lib and /lib dirs > > So even though the files are present why is it giving so. > First have you tried rpm --rebuilddb ? Or your version of RPM could be broken if its not the db... -sb > Could any one help me out to overcome this hurdles > > Thanks > > Regards > > Hari From hallvor at engen.priv.no Sun Jan 4 19:04:15 2004 From: hallvor at engen.priv.no (hallvor at engen.priv.no) Date: Sun, 4 Jan 2004 20:04:15 +0100 Subject: libtiff Message-ID: <20040104190415.GA19655@engen.priv.no> Libtiff version 3.6 is out. Can we get that in FC2? Newer versions of libgeotiff depends on it. Hallvor Engen From cornette at insight.rr.com Sun Jan 4 19:35:36 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sun, 04 Jan 2004 14:35:36 -0500 Subject: FTP install of Development distribution working Message-ID: <3FF86B08.6010307@insight.rr.com> I finally fixed the ftp installation for complete development rpms. It seems that everything is working past the intird and LABEL issue. The list of recently announced updates showed up in up2date and installed without any issues. This post was in reference to the previous distribution size issue. excerpt below: I just did an ftp install of Rawhide on this machine. I think that mkinitrd is one of the items that need to be corrected. The ftp install of devevelopment went through in about 4 hours time from the download.fedora.redhat.com site and using the /pub/fedora/linux/core/development/i386 directory to retrieve the information. This was a server installation and was a clean install. I haven't booted into it yet to see what it will do. The initrd error caused me a few detours. I installed lilo because I wrecked grub when trying to reinstall it on my drive. I have to configure lilo to boot the newly installed ftp retrieved installation. On a detour, I installed the rawhide rpms on two different machines as an upgrade. I have found problems with kudzu, python related programs up2date and one or two documentation rpms. The program conflict count is only about 30 programs. Most of the other programs seem to work fine on both machines. If I get the ftp installation booting, I'll see the errors with that machine. Some excerpts from the install log are included below: Installing 769 packages Installing kernel-2.6.0-1.23.i686. WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __floatsidf WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __fixunsdfsi WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __adddf3 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/video/sis/sisfb.ko needs unknown symbol __divdf3 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __floatsidf WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __ltdf2 WARNING: /lib/modules/2.6.0-1.23/unsupported/drivers/media/dvb/ttpci/dvb-ttpci.ko needs unknown symbol __adddf3 Happy to have a mostly working rawhide distro. Jim [jim at cornette-development jim]$ uname -a Linux cornette-development 2.6.0-1.23 #1 Thu Jan 1 12:13:45 EST 2004 i686 i686 i386 GNU/Linux From cra at WPI.EDU Sun Jan 4 19:47:58 2004 From: cra at WPI.EDU (Charles R. Anderson) Date: Sun, 4 Jan 2004 14:47:58 -0500 Subject: FTP install of Development distribution working In-Reply-To: <3FF86B08.6010307@insight.rr.com> References: <3FF86B08.6010307@insight.rr.com> Message-ID: <20040104194758.GB16951@angus.ind.WPI.EDU> On Sun, Jan 04, 2004 at 02:35:36PM -0500, Jim Cornette wrote: > I finally fixed the ftp installation for complete development rpms. It > seems that everything is working past the intird and LABEL issue. What boot.iso did you use? I just tried the one from yesterday (Jan 3) and it won't load my network driver module properly. I was told this is due to dietlibc problems with the current rawhide boot image. From arekm at pld-linux.org Sun Jan 4 20:05:52 2004 From: arekm at pld-linux.org (Arkadiusz Miskiewicz) Date: Sun, 4 Jan 2004 21:05:52 +0100 Subject: initscripts: Can it restart a service automatically if onecrashes? In-Reply-To: <1073235329.2820.32.camel@serverx.y.z> References: <3FEFE979.5060403@asiayeah.com> <20031230001659.DTIN8785.mtai03.charter.net@mxsf09.cluster1.charter.net> <1073235329.2820.32.camel@serverx.y.z> Message-ID: <200401042105.52887.arekm@pld-linux.org> On Sunday 04 of January 2004 17:55, Gabriel M. Elder wrote: > > > The (very limited) LSB initconcept does not support this and you will > > > have to use more advantageous methods like minit[1] or runit[2]. > > > 'supervise' from djb's daemontools[3] might be an interim solution but > > > it has a non-free license and can not be distributed therefore. I do > > > not know if there exists a free implementation of it. http://offog.org/code/freedt.html -- Arkadiusz Mi?kiewicz CS at FoE, Wroclaw University of Technology arekm.pld-linux.org AM2-6BONE, 1024/3DB19BBD, arekm(at)ircnet, PLD/Linux From peter.backlund at home.se Sun Jan 4 21:08:49 2004 From: peter.backlund at home.se (Peter Backlund) Date: Sun, 04 Jan 2004 22:08:49 +0100 Subject: Problem Upgrading from Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1 In-Reply-To: <3FF7D985.30609@multitech.co.in> References: <3FF7D985.30609@multitech.co.in> Message-ID: <3FF880E1.2020006@home.se> > And now tried to Install ethereal-0.10.0a-0.1.i386.rpm > rpm -ivh ethereal-0.10.0a-0.1.i386.rpm > > But now it says > error : failed dependencies > libc.so.6(GLIBC_2.3) is needed by ethereal-0.10.0a > libcrypto.so.4 is needed by ethereal-0.10.0a-0.1 > libelf.so.1 is needed by ethereal-0.10.0a-0.1 > libnetsnmp.so.5 is needed by ethereal-0.10.0a-0.1 > net-snmp >= 5.0 is neeed by ethereal-0.10.0a-0.1 Where did you get this rpm, and are you trying to install it on FC1? /Peter From cornette at insight.rr.com Sun Jan 4 21:23:12 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sun, 04 Jan 2004 16:23:12 -0500 Subject: FTP install of Development distribution working In-Reply-To: <20040104194758.GB16951@angus.ind.WPI.EDU> References: <3FF86B08.6010307@insight.rr.com> <20040104194758.GB16951@angus.ind.WPI.EDU> Message-ID: <3FF88440.1020708@insight.rr.com> Charles R. Anderson wrote: > On Sun, Jan 04, 2004 at 02:35:36PM -0500, Jim Cornette wrote: > >>I finally fixed the ftp installation for complete development rpms. It >>seems that everything is working past the intird and LABEL issue. > > > What boot.iso did you use? I just tried the one from yesterday (Jan > 3) and it won't load my network driver module properly. I was told > this is due to dietlibc problems with the current rawhide boot image. > > I ended up skipping the boot.iso approach and instead used the first fedora core CD with askmethod. I got my ethernet cards recognized, added the site to download and the path to the development directory. Then off it went with the installation! With the boot.iso, I got no identity from either NIC on the machine. Both NICs were found. I gave up until the boot iso is refined more. Jim From katzj at redhat.com Sun Jan 4 21:30:16 2004 From: katzj at redhat.com (Jeremy Katz) Date: Sun, 04 Jan 2004 16:30:16 -0500 Subject: FTP install of Development distribution working In-Reply-To: <20040104194758.GB16951@angus.ind.WPI.EDU> References: <3FF86B08.6010307@insight.rr.com> <20040104194758.GB16951@angus.ind.WPI.EDU> Message-ID: <1073251816.13513.0.camel@mirkwood.devel.redhat.com> On Sun, 2004-01-04 at 14:47, Charles R. Anderson wrote: > On Sun, Jan 04, 2004 at 02:35:36PM -0500, Jim Cornette wrote: > > I finally fixed the ftp installation for complete development rpms. It > > seems that everything is working past the intird and LABEL issue. > > What boot.iso did you use? I just tried the one from yesterday (Jan > 3) and it won't load my network driver module properly. I was told > this is due to dietlibc problems with the current rawhide boot image. This should be fixed as of tomorrow's tree. Jeremy From thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net Sun Jan 4 19:32:28 2004 From: thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net (Matthias Saou) Date: Sun, 4 Jan 2004 20:32:28 +0100 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <3FEDE78A.3010703@togami.com> References: <1072537470.17083.11.camel@Madison.badger.com> <1072542703.7998.35.camel@dhollis-lnx.kpmg.com> <3FEDE78A.3010703@togami.com> Message-ID: <20040104203228.22f0a239.thias@spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net> Warren Togami wrote : > If you require a specific version of any package, then you MUST include > an Epoch in that dependency. If the Epoch is blank, then make it "0". Why? Can you give a good reason to introduce "0" in every versionned dependency? I can only think of reasons _not_ to : - Keep things shorter, clearer thus easier to understand - Not confuse the user with the arbitrary number that the epoch is when he gets a message like "Failed dependencies, requires foo >= 1.20" Epochs are only used in corner-cases, why make them appear in the general case at all? I still don't think introducing a zero epoch everywhere is sensible nor useful. Matthias -- Clean custom Red Hat Linux rpm packages : http://freshrpms.net/ Fedora Core release 1 (Yarrow) - Linux kernel 2.4.22-1.2115.nptl Load : 0.16 0.07 0.07 From cornette at insight.rr.com Sun Jan 4 21:52:01 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sun, 04 Jan 2004 16:52:01 -0500 Subject: FTP install of Development distribution working In-Reply-To: <1073251816.13513.0.camel@mirkwood.devel.redhat.com> References: <3FF86B08.6010307@insight.rr.com> <20040104194758.GB16951@angus.ind.WPI.EDU> <1073251816.13513.0.camel@mirkwood.devel.redhat.com> Message-ID: <3FF88B01.90405@insight.rr.com> Jeremy Katz wrote: > On Sun, 2004-01-04 at 14:47, Charles R. Anderson wrote: > >>On Sun, Jan 04, 2004 at 02:35:36PM -0500, Jim Cornette wrote: >> >>>I finally fixed the ftp installation for complete development rpms. It >>>seems that everything is working past the intird and LABEL issue. >> >>What boot.iso did you use? I just tried the one from yesterday (Jan >>3) and it won't load my network driver module properly. I was told >>this is due to dietlibc problems with the current rawhide boot image. > > > This should be fixed as of tomorrow's tree. > > Jeremy > I'll give the new boot.iso a try. The NIC and go concept is pretty interesting for installations. Jim From al305472 at hotmail.co.il Sun Jan 4 22:08:31 2004 From: al305472 at hotmail.co.il (Alexey Eremenko) Date: Mon, 5 Jan 2004 00:08:31 +0200 Subject: Fedora Core 2 Distribution Size - The separated OS Message-ID: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> well... somebody said, that it can't be devided.... But - FC1 have a lot of development tools right on the CD, which I believe is wrong. My suggestion - is have have product division like in Microsoft - or Lindows.com They have - 1) OS (kernel, GUI, all the basic things, basic text and image editors) - this everyone needs 2) Office (OpenOffice can be separated, but because it's small enough - it won't be good) MS Office and Lindows Office is separated - because about HALF of the home users doesn't use Office at all... 3) MS Visual Studio for Developers (And this part in FC1 take a LOT of space...) - This must include KDevelop, other IDEs, some source code, tutorials, compilers, programming documentation, ... Lindows doesn't have an analogue for that (as I know) 4) Plus+! (multimedia enchacements, and eye-candy's for their OSes - something FC1 lacks totally with few exceptions, like the Marble Desktop Theme in KDE, and a few plug-ins for XMMS) In Windows XP the Plus! gives me: many desktop backgrounds, MP3 to WMA audio converter, Windows Media Player skins, and visualizations, 3 games (2 of which are 3D), 8 beautyful Direct3D screensavers, and 4 Desktop themes. ========================================================= I would be VERY happy if such Plus! project would exist for FC Linux as well... - because it will REALLY enchance FC Linux in home user's eyes... Really slick OpenGL Open-Source screen-savers can be put there: http://theopencd.sunsite.dk/mirrors.php the Marble KDE Desktop theme to be moved there, some 3D games like TuxRacer should move from the OS to FC Plus!, and maybe well also add a few ogg-vorbis compression utilities that way. Actually a lot of multimedia stuff can migrate to FC Plus!, AND many new stuuf must be added. Note: that it sometimes better to leave a lot of space free on the Plus CD, than put low-quality stuff there. =========================================================== So that way the OS will take only 2 CDs, and the developers will only need the FC and FedoraDevbeloper CDs, while home user will need only FC, and FedoraPlus! CDs. This style is very benefical. ____________________________________________________________ Hotmail.co.il - Powered by IBM eServer -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 4755 bytes Desc: not available URL: From mhoneyfield at xtra.co.nz Sun Jan 4 22:30:47 2004 From: mhoneyfield at xtra.co.nz (Michael Honeyfield) Date: Mon, 5 Jan 2004 11:30:47 +1300 Subject: Should there be BuildRequires for perl/libtool/auto*? Message-ID: <20040104223047.GDED12184.web3-rme.xtra.co.nz@[127.0.0.1]> > > If you require a specific version of any package, then you MUST include > > an Epoch in that dependency. If the Epoch is blank, then make it "0". > > Why? Can you give a good reason to introduce "0" in every versionned > dependency? I can only think of reasons _not_ to : > - Keep things shorter, clearer thus easier to understand > - Not confuse the user with the arbitrary number that the epoch is when he > gets a message like "Failed dependencies, requires foo >= 1.20" > > Epochs are only used in corner-cases, why make them appear in the general > case at all? > > I still don't think introducing a zero epoch everywhere is sensible nor > useful. > > Matthias Does RPM not handle epoch value as 0? or am I mistaken? I am of the opinion and understanding that epoch should be avoided at all costs where possible. So not defining it would make more sense than defining it for the sake of doing so, since RPM (still not sure) assumes a 0 value for undefined epoch values. Mike From warren at togami.com Sun Jan 4 22:44:41 2004 From: warren at togami.com (Warren Togami) Date: Sun, 04 Jan 2004 12:44:41 -1000 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <20040104223047.GDED12184.web3-rme.xtra.co.nz@[127.0.0.1]> References: <20040104223047.GDED12184.web3-rme.xtra.co.nz@[127.0.0.1]> Message-ID: <3FF89759.60408@togami.com> Michael Honeyfield wrote: >>>If you require a specific version of any package, then you MUST include >>>an Epoch in that dependency. If the Epoch is blank, then make it "0". >> >>Why? Can you give a good reason to introduce "0" in every versionned >>dependency? I can only think of reasons _not_ to : >>- Keep things shorter, clearer thus easier to understand >>- Not confuse the user with the arbitrary number that the epoch is when he >> gets a message like "Failed dependencies, requires foo >= 1.20" >> >>Epochs are only used in corner-cases, why make them appear in the general >>case at all? >> >>I still don't think introducing a zero epoch everywhere is sensible nor >>useful. >> >>Matthias > > > Does RPM not handle epoch value as 0? or am I mistaken? I am of the opinion and understanding that epoch should be avoided at all costs where possible. So not defining it would make more sense than defining it for the sake of doing so, since RPM (still not sure) assumes a 0 value for undefined epoch values. > > Mike We've gone through this a million times, and some people just do not understand. I do not use FreshRPMS so I no longer care that all of those packages are potentially broken when it comes to epoch promotion. fedora.us had this policy for the last 9 months for a good reason. Just do it, or your package will not be accepted into Fedora Extras. Warren From balister at vt.edu Sun Jan 4 22:56:28 2004 From: balister at vt.edu (Philip Balister) Date: Sun, 4 Jan 2004 17:56:28 -0500 Subject: cpuspeed and 2.6 kernel Message-ID: <20040104225628.GA4035@nemesis.maddog.net> I have installed the 2.6 kernel from rawhide on my FC1 system. (Dell 600m laptop). I have been using the cpuspeed program to adjust the cpu speed. It worked fine under 2.4. Under 2.6 I get an error the file /sys/devices/system/cpu/cpu0/cpufreq/scaling_setspeed is missing. The /sys filesystem is mounted and the file is not in the directory. There are some other files in the directory. Any clues? Thanks, Philip From ms-nospam-0306 at arcor.de Sun Jan 4 23:12:55 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Mon, 5 Jan 2004 00:12:55 +0100 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <20040104203228.22f0a239.thias@spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net> References: <1072537470.17083.11.camel@Madison.badger.com> <1072542703.7998.35.camel@dhollis-lnx.kpmg.com> <3FEDE78A.3010703@togami.com> <20040104203228.22f0a239.thias@spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net> Message-ID: <20040105001255.3681a521.ms-nospam-0306@arcor.de> On Sun, 4 Jan 2004 20:32:28 +0100, Matthias Saou wrote: > Warren Togami wrote : > > > If you require a specific version of any package, then you MUST include > > an Epoch in that dependency. If the Epoch is blank, then make it "0". > > Why? Can you give a good reason to introduce "0" in every versionned > dependency? I can only think of reasons _not_ to : > - Keep things shorter, clearer thus easier to understand > - Not confuse the user with the arbitrary number that the epoch is when he > gets a message like "Failed dependencies, requires foo >= 1.20" > > Epochs are only used in corner-cases, why make them appear in the general > case at all? > > I still don't think introducing a zero epoch everywhere is sensible nor > useful. With chosing the term "corner-cases" you remove every base for discussion. You acknowledge that an explicit zero epoch can be useful, but at the same time you pin it down to corner-cases which you don't specify. Suppose someone wants to avoid problems with any such corner-cases. I'm not an RPM expert, but I'm aware of problems like this: # cat /etc/redhat-release Red Hat Linux release 8.0 (Psyche) Suppose we've got a library sub-package "libfoo" which is created as part of a "foo" src.rpm: # rpm -qp --qf "%{epoch}:%{version}\n" libfoo-2.0-0.i386.rpm (none):2.0 In a new release, upstream decides to split off a library, starting with an unstable pre-1.0 release: # rpm -qp --qf "%{epoch}:%{version}\n" libfoo-0.8-0.i386.rpm 1:0.8 # rpm -ivh libfoo-2.0-0.i386.rpm Preparing... ########################################### [100%] 1:libfoo ########################################### [100%] # rpm -Uvh libfoo-0.8-0.i386.rpm Preparing... ########################################### [100%] 1:libfoo ########################################### [100%] # rpm -Uvh libfoo-2.0-0.1.i386.rpm Preparing... ########################################### [100%] 1:libfoo ########################################### [100%] [...] Explicit Epoch 0 makes a difference: # rpm -q --qf "%{epoch}:%{version}\n" libfoo 1:0.8 # rpm -qp --qf "%{epoch}:%{version}\n" libfoo-2.0-1.i386.rpm 0:2.0 # rpm -Uvh libfoo-2.0-1.i386.rpm Preparing... ########################################### [100%] package libfoo-0.8-0 (which is newer than libfoo-2.0-1) is already installed -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From k1n6w4r3z at softhome.net Sun Jan 4 23:24:26 2004 From: k1n6w4r3z at softhome.net (k1n6w4r3z) Date: Mon, 5 Jan 2004 00:24:26 +0100 Subject: use anaconda to make bootable on ppc In-Reply-To: <3FF89759.60408@togami.com> References: <3FF89759.60408@togami.com> Message-ID: <20040104232426.25587@mail.bluewin.ch> Hi! i found around on the internet that it's possible to create a bootable cd to install fedora on ppc througt anaconda... Can u help me? I have no idea on how to make it! Tks k1n6w4r3z From warren at togami.com Sun Jan 4 23:24:59 2004 From: warren at togami.com (Warren Togami) Date: Sun, 04 Jan 2004 13:24:59 -1000 Subject: cpuspeed and 2.6 kernel In-Reply-To: <20040104225628.GA4035@nemesis.maddog.net> References: <20040104225628.GA4035@nemesis.maddog.net> Message-ID: <3FF8A0CB.7070500@togami.com> Philip Balister wrote: > I have installed the 2.6 kernel from rawhide on my FC1 system. (Dell > 600m laptop). I have been using the cpuspeed program to adjust the > cpu speed. It worked fine under 2.4. Under 2.6 I get an error the file > /sys/devices/system/cpu/cpu0/cpufreq/scaling_setspeed is missing. The > /sys filesystem is mounted and the file is not in the directory. There > are some other files in the directory. Any clues? > > Thanks, > > Philip > https://bugzilla.fedora.us/show_bug.cgi?id=520 powernowd Try my powernowd package which solves this in a different way. Warren From stan at ccs.neu.edu Sun Jan 4 23:27:26 2004 From: stan at ccs.neu.edu (Stan Bubrouski) Date: Sun, 04 Jan 2004 18:27:26 -0500 Subject: up2date problem Message-ID: <1073258845.2706.9.camel@duergar> Using most devel rpms on top of FC1 I get this when trying to use up2date: [root at duergar null]# up2date Traceback (most recent call last): File "/usr/sbin/up2date", line 55, in ? from OpenSSL import SSL ImportError: No module named OpenSSL What am I missing? [root at duergar null]# rpm -qa | grep -i ssl perl-Net_SSLeay.pm-1.25-1 openssl096-0.9.6-24 openssl-perl-0.9.7a-26 pyOpenSSL-0.5.1-11 openssl-devel-0.9.7a-26 perl-Crypt-SSLeay-0.45-8 docbook-style-dsssl-1.78-2 openssl096b-0.9.6b-14 openssl-0.9.7a-26 [root at duergar null]# rpm -qa | grep python boost-python-1.30.2-2 gnome-python2-gnomeprint-2.0.0-3 python-devel-2.3.3-1 gnome-python2-gnomevfs-2.0.0-3 python-tools-2.3.3-1 gnome-python2-gconf-2.0.0-3 python-optik-1.4.1-4 gnome-python2-gtkhtml2-2.0.0-3 boost-python-devel-1.30.2-2 libxml2-python-2.6.4-1 gnome-python2-applet-2.0.0-3 gnome-python2-canvas-2.0.0-3 beecrypt-python-3.1.0-1 python-docs-2.3.3-1 rpm-python-4.2.2-0.7 gnome-python2-2.0.0-3 gnome-python2-nautilus-2.0.0-3 gnome-python2-bonobo-2.0.0-3 python-2.3.3-1 libxslt-python-1.1.2-1 -sb From cornette at insight.rr.com Mon Jan 5 00:38:55 2004 From: cornette at insight.rr.com (Jim Cornette) Date: Sun, 04 Jan 2004 19:38:55 -0500 Subject: up2date problem In-Reply-To: <1073258845.2706.9.camel@duergar> References: <1073258845.2706.9.camel@duergar> Message-ID: <3FF8B21F.6090301@insight.rr.com> Stan Bubrouski wrote: > Using most devel rpms on top of FC1 I get this when trying to use > up2date: > > [root at duergar null]# up2date > Traceback (most recent call last): > File "/usr/sbin/up2date", line 55, in ? > from OpenSSL import SSL > ImportError: No module named OpenSSL > > What am I missing? > > [root at duergar null]# rpm -qa | grep -i ssl > perl-Net_SSLeay.pm-1.25-1 > openssl096-0.9.6-24 > openssl-perl-0.9.7a-26 > pyOpenSSL-0.5.1-11 > openssl-devel-0.9.7a-26 > perl-Crypt-SSLeay-0.45-8 > docbook-style-dsssl-1.78-2 > openssl096b-0.9.6b-14 > openssl-0.9.7a-26 > [root at duergar null]# rpm -qa | grep python > boost-python-1.30.2-2 > gnome-python2-gnomeprint-2.0.0-3 > python-devel-2.3.3-1 > gnome-python2-gnomevfs-2.0.0-3 > python-tools-2.3.3-1 > gnome-python2-gconf-2.0.0-3 > python-optik-1.4.1-4 > gnome-python2-gtkhtml2-2.0.0-3 > boost-python-devel-1.30.2-2 > libxml2-python-2.6.4-1 > gnome-python2-applet-2.0.0-3 > gnome-python2-canvas-2.0.0-3 > beecrypt-python-3.1.0-1 > python-docs-2.3.3-1 > rpm-python-4.2.2-0.7 > gnome-python2-2.0.0-3 > gnome-python2-nautilus-2.0.0-3 > gnome-python2-bonobo-2.0.0-3 > python-2.3.3-1 > libxslt-python-1.1.2-1 > > > -sb > > I avoided using the newer python rpms because of killing up2date. Is yum giving you the same errors? Up2date works great with a new installation. I'm not sure to what is happening with an upgrade vs. a clean install, maybe a configuration file that does not get updated? Try install older rpms for some of the common python relevent to both ssl and up2date packages, to see if it starts working again. rpm -U packagename.rpm --oldpackage Jim From Chris at Funderburg.com Mon Jan 5 01:05:58 2004 From: Chris at Funderburg.com (Chris Funderburg (at Home)) Date: Mon, 05 Jan 2004 01:05:58 +0000 Subject: up2date problem In-Reply-To: <3FF8B21F.6090301@insight.rr.com> References: <1073258845.2706.9.camel@duergar> <3FF8B21F.6090301@insight.rr.com> Message-ID: <3FF8B876.1090409@Funderburg.com> Jim Cornette wrote: > Stan Bubrouski wrote: > >> Using most devel rpms on top of FC1 I get this when trying to use >> up2date: >> You didn't say which version of up2date you have installed, but the most likely answer is "rhnlib". If you're missing that (or it's old) then you may have other things missing, but it's a start. If that doesn't work just run "rpm -q up2date --requires" and see if anything obvious is missing. From peterr at opensystems.net.au Mon Jan 5 05:00:53 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Mon, 5 Jan 2004 13:00:53 +0800 Subject: up2date problem Message-ID: <001901c3d348$f7bb9e40$0701a8c0@pbr> > Using most devel rpms on top of FC1 I get this when trying to use > up2date: > > [root at duergar null]# up2date > Traceback (most recent call last): > File "/usr/sbin/up2date", line 55, in ? > from OpenSSL import SSL > ImportError: No module named OpenSSL Hi All, I'm glad I'm not the only one having problems with up2date! It's been driving me mad. When I decided to try out 2.6 and the various new features that will be in FC2 such as ipsec and xfs I decided to add the devel option into up2date and give it a go. Yuk. Up2date would keep dumping out during the download of the headers. I'd kill it off and start again. It would thankfully process the headers it already had. Eventually I got all the headers down and a list of packages to upgrade. I selected them all and I got no further. I think it was dieing just trying to work out all the dependencies (I think there was around 500 odd packages that wanted to be upgraded). So based on the headers list I downloaded and upgraded everything manually in the hope that once everything was up2date it would just start working... Once I'd downloaded and upgraded everything manually I got up2date to check everything was updated and it came back OK. Yippee! A day or two later I got back to it and there were 35 updates. Mostly fairly generic ones that should require too many dependencies. Glibc update, bind and a few others. So I selected them all and it died. So I selected just the bind updates. It actually got through the dependecy bit and started downloading the first package and died. I thought I'd try the command line option with some verbose debugs.... Nothing. Not even as far as downloading the headers. A couple of other things that I've noticed with up2date is that if the package isn't already installed it doesn't come up in the list (ie if its not an update you don't get the option of it), I only noticed this when I did the original upgrade that the xfsprogs and ipsec packages weren't in the options list. It would be nice to be able to have another screen that allows you to select packages which are available in a particular repository that aren't already installed on the system. An other example of this would be something like freshrpms.net. You could add that as a repo and then point and click to install mplayer (and all associated dependancies). Another feature that would be a nice enhancement along the lines about would be to be able to exclude certain repositories from making the applet change to an exclamation mark. One of the repositories I have setup on my FC1 workstation is the freshrpms.net repository to get things like mplayer and other media related bit. They also do things like rebuilds of nmap. I use the stanard FC version of nmap but because they rebuild (and hence increment the build number) I constantly have a flashing exclamation mark on my panel saying I have updates. So to be able specify for the applet to check that repo X (eg FC updates) has updates but not others would be nice. Anyway sorry about the length but I thought I'd bring it up seeing as it was being covered. Peter From peterr at opensystems.net.au Mon Jan 5 05:01:24 2004 From: peterr at opensystems.net.au (Peter Robinson) Date: Mon, 5 Jan 2004 13:01:24 +0800 Subject: up2date problem Message-ID: <001a01c3d348$fae58e00$0701a8c0@pbr> > Using most devel rpms on top of FC1 I get this when trying to use > up2date: > > [root at duergar null]# up2date > Traceback (most recent call last): > File "/usr/sbin/up2date", line 55, in ? > from OpenSSL import SSL > ImportError: No module named OpenSSL Hi All, I'm glad I'm not the only one having problems with up2date! It's been driving me mad. When I decided to try out 2.6 and the various new features that will be in FC2 such as ipsec and xfs I decided to add the devel option into up2date and give it a go. Yuk. Up2date would keep dumping out during the download of the headers. I'd kill it off and start again. It would thankfully process the headers it already had. Eventually I got all the headers down and a list of packages to upgrade. I selected them all and I got no further. I think it was dieing just trying to work out all the dependencies (I think there was around 500 odd packages that wanted to be upgraded). So based on the headers list I downloaded and upgraded everything manually in the hope that once everything was up2date it would just start working... Once I'd downloaded and upgraded everything manually I got up2date to check everything was updated and it came back OK. Yippee! A day or two later I got back to it and there were 35 updates. Mostly fairly generic ones that should require too many dependencies. Glibc update, bind and a few others. So I selected them all and it died. So I selected just the bind updates. It actually got through the dependecy bit and started downloading the first package and died. I thought I'd try the command line option with some verbose debugs.... Nothing. Not even as far as downloading the headers. A couple of other things that I've noticed with up2date is that if the package isn't already installed it doesn't come up in the list (ie if its not an update you don't get the option of it), I only noticed this when I did the original upgrade that the xfsprogs and ipsec packages weren't in the options list. It would be nice to be able to have another screen that allows you to select packages which are available in a particular repository that aren't already installed on the system. An other example of this would be something like freshrpms.net. You could add that as a repo and then point and click to install mplayer (and all associated dependancies). Another feature that would be a nice enhancement along the lines about would be to be able to exclude certain repositories from making the applet change to an exclamation mark. One of the repositories I have setup on my FC1 workstation is the freshrpms.net repository to get things like mplayer and other media related bit. They also do things like rebuilds of nmap. I use the stanard FC version of nmap but because they rebuild (and hence increment the build number) I constantly have a flashing exclamation mark on my panel saying I have updates. So to be able specify for the applet to check that repo X (eg FC updates) has updates but not others would be nice. Anyway sorry about the length but I thought I'd bring it up seeing as it was being covered. Peter From hariprasad at multitech.co.in Mon Jan 5 05:24:09 2004 From: hariprasad at multitech.co.in (Hariprasad B) Date: Mon, 05 Jan 2004 10:54:09 +0530 Subject: Problem Upgrading from Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1 In-Reply-To: <3FF880E1.2020006@home.se> References: <3FF7D985.30609@multitech.co.in> <3FF880E1.2020006@home.se> Message-ID: <3FF8F4F9.8050204@multitech.co.in> >> And now tried to Install ethereal-0.10.0a-0.1.i386.rpm >> rpm -ivh ethereal-0.10.0a-0.1.i386.rpm >> >> But now it says >> error : failed dependencies >> libc.so.6(GLIBC_2.3) is needed by ethereal-0.10.0a >> libcrypto.so.4 is needed by ethereal-0.10.0a-0.1 >> libelf.so.1 is needed by ethereal-0.10.0a-0.1 >> libnetsnmp.so.5 is needed by ethereal-0.10.0a-0.1 >> net-snmp >= 5.0 is neeed by ethereal-0.10.0a-0.1 >Where did you get this rpm, and are you trying to install it on FC1? >/Peter Hi Peter I got the rpm from http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386/, Actually I wanted to install it on RH 7.3. (2.4.18-3) But it gave the same result on FC 1 also. One thing to note is I could not find files libcrypto.so.4 libelf.so.1 libnetsnmp.so.5 net-snmp >= 5.0 in RH 7.3. So i copied this files from FC1 to the relevent dir in RH 7.3. Is there any proper checklist that is to be followed when upgrading ? Thanks ~Hari From alex.kiernan at thus.net Mon Jan 5 08:00:49 2004 From: alex.kiernan at thus.net (Alex Kiernan) Date: 05 Jan 2004 08:00:49 +0000 Subject: prelink breaks glibc-2.3.3-3.ppc.rpm (which breaks rpm) Message-ID: <813cault8u.fsf@alexk-laptop.eng.demon.net> I updated my box yesterday and rpm broke overnight (presumably when prelink ran from cron), it looks like something about the way libc.so.6 gets prelinked from glibc-2.3.3-3.ppc.rpm changed (I'm not entirely sure what version I had before). I'm getting: rpm: error while loading shared libraries: /usr/lib/librpmdb-4.2.so: R_PPC_REL24 relocation at 0x0fe750d8 for symbol `memset' out of range (along with anything else which uses librpmdb-4.2.so). Using nm on libc.so.6 with prelinking and after a prelink -u, I get: [alexk at alexk rpm]$ nm /lib/libc.so.6 |grep memset 0fef21a4 t __GI_memset 0fef7a58 t __GI_wmemset 0fef21a4 T memset 0fef7a58 T wmemset [alexk at alexk rpm]$ nm /lib/libc.so.6 |grep memset 000821a4 t __GI_memset 00087a58 t __GI_wmemset 000821a4 T memset 00087a58 T wmemset I'm not sure if this is really a glibc bug, a prelink bug, or if rpm should be built with -fPIC (which is what I'm just trying). -- Alex Kiernan, Principal Engineer, Development, THUS plc From jakub at redhat.com Mon Jan 5 08:05:08 2004 From: jakub at redhat.com (Jakub Jelinek) Date: Mon, 5 Jan 2004 03:05:08 -0500 Subject: prelink breaks glibc-2.3.3-3.ppc.rpm (which breaks rpm) In-Reply-To: <813cault8u.fsf@alexk-laptop.eng.demon.net> References: <813cault8u.fsf@alexk-laptop.eng.demon.net> Message-ID: <20040105080508.GC24876@devserv.devel.redhat.com> On Mon, Jan 05, 2004 at 08:00:49AM +0000, Alex Kiernan wrote: > I updated my box yesterday and rpm broke overnight (presumably when > prelink ran from cron), it looks like something about the way > libc.so.6 gets prelinked from glibc-2.3.3-3.ppc.rpm changed (I'm not > entirely sure what version I had before). > > I'm getting: > > rpm: error while loading shared libraries: /usr/lib/librpmdb-4.2.so: R_PPC_REL24 relocation at 0x0fe750d8 for symbol `memset' out of range > > (along with anything else which uses librpmdb-4.2.so). > > Using nm on libc.so.6 with prelinking and after a prelink -u, I get: > > [alexk at alexk rpm]$ nm /lib/libc.so.6 |grep memset > 0fef21a4 t __GI_memset > 0fef7a58 t __GI_wmemset > 0fef21a4 T memset > 0fef7a58 T wmemset > [alexk at alexk rpm]$ nm /lib/libc.so.6 |grep memset > 000821a4 t __GI_memset > 00087a58 t __GI_wmemset > 000821a4 T memset > 00087a58 T wmemset > > I'm not sure if this is really a glibc bug, a prelink bug, or if rpm > should be built with -fPIC (which is what I'm just trying). rpm bug. I believe Jeff already fixed it. Jakub From thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net Mon Jan 5 10:27:44 2004 From: thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net (Matthias Saou) Date: Mon, 5 Jan 2004 11:27:44 +0100 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <3FF89759.60408@togami.com> References: <20040104223047.GDED12184.web3-rme.xtra.co.nz@[127.0.0.1]> <3FF89759.60408@togami.com> Message-ID: <20040105112744.7f4d6c8b@python.freshrpms.net> Warren Togami wrote : > We've gone through this a million times, and some people just do not > understand. I do not use FreshRPMS so I no longer care that all of > those packages are potentially broken when it comes to epoch promotion. > > fedora.us had this policy for the last 9 months for a good reason. Just > do it, or your package will not be accepted into Fedora Extras. Why is that!? No official Red Hat packages have epoch set to 0 (see "rpm -qa --qf '%{epoch}\t%{name}\n'" output), and AFAIK, rpm >= 4.2 treats no epoch as 0. So, as Fedora Extras will probably only start with FC2, and should include guidelines and policies applicable to Fedora Core too, I really don't see the reason to systematically introduce a zero epoch into each and every possible package now. For rpm < 4.2, maybe, but again, it's a little far away now to be an important matter. Why would I say "Epochs are evil" but go and set them to zero everywhere when it can be sanely avoided now? I guess we're up to one million and one now. Matthias -- Clean custom Red Hat Linux rpm packages : http://freshrpms.net/ Fedora Core release 1 (Yarrow) - Linux kernel 2.4.22-1.2115.nptl Load : 0.59 0.27 0.22 From makgab at freemail.hu Mon Jan 5 11:18:36 2004 From: makgab at freemail.hu (Mako Gabor) Date: Mon, 05 Jan 2004 12:18:36 +0100 (CET) Subject: Openldap log & "parent does not exist" Message-ID: Hi! How can I set the openldap log file? Where does it log? What is the problem with this?: ldapadd -f /etc/openldap/ldap.txt -D "cn=root,o=domain,c=hu" -x -W Enter LDAP Password: adding new entry "ou=People,o=domain,c=hu" ldapadd: update failed: ou=People,o=domain,c=hu ldap_add: No such object (32) additional info: parent does not exist The ldap.txt file: dn: ou=People,o=domain,c=hu objectClass: top objectClass: organizationalUnit ou: People dn: ou=Group,o=domain,c=hu objectClass: top objectClass: organizationalUnit ou: Group dn: cn=root,ou=People,o=domain,c=hu objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount cn: root uid: root uidNumber: 1 gidNumber: 1 gecos: Root loginShell: /bin/bash homeDirectory: /root/ userPassword: secret dn: cn=root,ou=Group,o=domain,c=hu objectClass: top objectClass: posixGroup gidNumber: 1 cn: root memberUid: root The slapd.conf file: include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/redhat/autofs.schema allow bind_v2 pidfile /var/run/slapd.pid database ldbm suffix "o=sopron-ph,c=hu" rootdn "cn=root,o=sopron-ph,c=hu" rootpw secret directory /var/lib/ldap index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub loglevel 2048 Bye! Gabor From warren at togami.com Mon Jan 5 11:20:43 2004 From: warren at togami.com (Warren Togami) Date: Mon, 05 Jan 2004 01:20:43 -1000 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <20040105112744.7f4d6c8b@python.freshrpms.net> References: <20040104223047.GDED12184.web3-rme.xtra.co.nz@[127.0.0.1]> <3FF89759.60408@togami.com> <20040105112744.7f4d6c8b@python.freshrpms.net> Message-ID: <3FF9488B.4030301@togami.com> Matthias Saou wrote: > Warren Togami wrote : > > >>We've gone through this a million times, and some people just do not >>understand. I do not use FreshRPMS so I no longer care that all of >>those packages are potentially broken when it comes to epoch promotion. >> >>fedora.us had this policy for the last 9 months for a good reason. Just >>do it, or your package will not be accepted into Fedora Extras. > > > Why is that!? No official Red Hat packages have epoch set to 0 (see "rpm > -qa --qf '%{epoch}\t%{name}\n'" output), and AFAIK, rpm >= 4.2 treats no > epoch as 0. This point also has escaped you, that Epoch: 0 is NOT what we have made mandatory. We have made mandatory that you must NEVER leave epoch out of a versioned dependency. In cases like this: Requires: libfoo >= 1.0.1 Where libfoo's epoch is blank or zero, you must always instead use: Requires: libfoo >= 0:1.0.1 rpm has NO WAY of knowing what Epoch is implied during resolving dependencies during an upgrade when it is omitted, and as a result it needs to make an assumption based upon the already installed system. This assumption can be incorrect causing an upgrade failure or package clash. Even Red Hat themselves has grudgingly recognized the necessity of epochs in versioned dependencies. fedora.us highly recommends also including Epoch: 0 even though it makes no functional difference, mainly as an explicit reminder that zero must be included in the corresponding versioned dependency rather than omitted. > So, as Fedora Extras will probably only start with FC2, and should include > guidelines and policies applicable to Fedora Core too, I really don't see > the reason to systematically introduce a zero epoch into each and every > possible package now. For rpm < 4.2, maybe, but again, it's a little far > away now to be an important matter. > You publish a lot more than packages for rpm > 4.2, and to this day those packages still have not observed this necessity. This is not to say that it will cause problems, but it HAS caused problems in the past, and potentially still can. Why not avoid it entirely and observe this simple rule? Slowly phase out the old way as you update your packages. I have avoided mentioning this about FreshRPMS publically for many months because I felt it would be disrespectful of you and your work, but I cannot allow mistruths about the situation to be propogated. Again this is not a personal attack. This is the technical matters as I understand it. Unless it is proved that this is not the problem I must continue to insist this. But... what you do with your own repository is entirely your own decision. > Why would I say "Epochs are evil" but go and set them to zero everywhere > when it can be sanely avoided now? > Epoch: 0 is not mandatory as its behavior is exactly identical to no epoch, but unfortunately zero must be defined for versioned dependecies in order to completely avoid surprises. This has been demonstrated to not be only a theoretical problem. Refusing to acknowledge it is akin to putting your hands over your ears and not wanting to hear it. All of us early in our packaging careers learn that "Epochs are evil". It would be so much simpler if that is all we need to believe, but unfortunately it is nowhere near this simple. Epochs are a necessary evil. We have not designed a feasible way of avoiding Epochs, so we have to live with it the best we can. Fortunately we the fedora.us team seem to have found a codified way of avoiding all potential Epoch problems by following a set of simple rules. Do not mistake me or fedora.us to be Epoch cheerleaders. Our seemingly onerous and strict naming policies were carefully designed in order avoid the necessity of ever incrementing epoch again due improper package naming. This has happened far too often in the past (i.e. mozilla). fedora.us has designed a way, when followed, avoids Epoch incrementing entirely [1]. Modification of our existing naming guidelines to remove the leading "0.fdr.", using numerical disttags, and moving the optional repository tag to the end, is our recommendation to do the same for future fedora.redhat.com packages. The other policy regarding epoch-in-versioned-dependencies deals with the necessary evil of Epochs in a completely predictable manner. fedora.us hates Epoch, but we understand it and know how to avoid its evil grasp. Warren [1] Epoch incrementing still may happen in the event of needing to downgrade %{version}. But we're generally careful about not pushing a package too soon so we have avoided this thus far. From arvindn at meenakshi.cs.iitm.ernet.in Mon Jan 5 10:59:50 2004 From: arvindn at meenakshi.cs.iitm.ernet.in (Arvind Narayanan) Date: Mon, 5 Jan 2004 16:29:50 +0530 Subject: xmms-mp3 and lame Message-ID: <20040105162950.A26733@meenakshi.cs.iitm.ernet.in> Hi, Could someone tell me why xmms-mp3 is not included in FC1 but lame is? Surely the patent issue either applies to both or to neither? Thanks Arvind -- Its all GNU to me From warren at togami.com Mon Jan 5 11:31:08 2004 From: warren at togami.com (Warren Togami) Date: Mon, 05 Jan 2004 01:31:08 -1000 Subject: xmms-mp3 and lame In-Reply-To: <20040105162950.A26733@meenakshi.cs.iitm.ernet.in> References: <20040105162950.A26733@meenakshi.cs.iitm.ernet.in> Message-ID: <3FF94AFC.2070605@togami.com> Arvind Narayanan wrote: > Hi, > > Could someone tell me why xmms-mp3 is not included in FC1 > but lame is? Surely the patent issue either applies to both > or to neither? Thanks > > Arvind [rep at mirror i386]$ ls base RPMS.stable RPMS.updates SRPMS.os SRPMS.unstable yum RPMS.k12ltsp RPMS.testing RPMS.updates-testing SRPMS.stable SRPMS.updates RPMS.os RPMS.unstable SRPMS.k12ltsp SRPMS.testing SRPMS.updates-testing [rep at mirror i386]$ find -name lame* [rep at mirror i386]$ lame is included in neither Fedora Core nor fedora.us Extras. You must be mistaken? Warren From arvindn at meenakshi.cs.iitm.ernet.in Mon Jan 5 11:14:16 2004 From: arvindn at meenakshi.cs.iitm.ernet.in (Arvind Narayanan) Date: Mon, 5 Jan 2004 16:44:16 +0530 Subject: xmms-mp3 and lame In-Reply-To: <3FF94AFC.2070605@togami.com>; from warren@togami.com on Mon, Jan 05, 2004 at 01:31:08AM -1000 References: <20040105162950.A26733@meenakshi.cs.iitm.ernet.in> <3FF94AFC.2070605@togami.com> Message-ID: <20040105164416.A26955@meenakshi.cs.iitm.ernet.in> On Mon, Jan 05, 2004 at 01:31:08AM -1000, Warren Togami wrote: > [rep at mirror i386]$ ls > base RPMS.stable RPMS.updates SRPMS.os > SRPMS.unstable yum > RPMS.k12ltsp RPMS.testing RPMS.updates-testing SRPMS.stable > SRPMS.updates > RPMS.os RPMS.unstable SRPMS.k12ltsp SRPMS.testing > SRPMS.updates-testing > [rep at mirror i386]$ find -name lame* > [rep at mirror i386]$ > > lame is included in neither Fedora Core nor fedora.us Extras. You must > be mistaken? > Sorry my bad :( Arvind -- Its all GNU to me From buildsys at redhat.com Mon Jan 5 11:51:21 2004 From: buildsys at redhat.com (Build System) Date: Mon, 5 Jan 2004 06:51:21 -0500 Subject: rawhide report: 20040105 changes Message-ID: <200401051151.i05BpLj26203@porkchop.devel.redhat.com> Updated Packages: anaconda-9.3-0.20040104175056 ----------------------------- * Sun Jan 04 2004 Anaconda team - built new version from CVS * Thu Nov 06 2003 Jeremy Katz - require booty (#109272) * Tue Oct 08 2002 Jeremy Katz - back to mainstream rpm instead of rpm404 dietlibc-0.24-2 --------------- * Sun Jan 04 2004 Jeremy Katz 0.24-2 - snprintf fix from cvs mkinitrd-3.5.17-1 ----------------- * Sun Jan 04 2004 Jeremy Katz 3.5.17-1 - mkinitrd: handle multiple spaces in modules.conf (from Lubomir Bulej) - nash: rebuild against new dietlibc fixing problems with root=LABEL= (#112623) - mkinitrd: determine kernel version and adjust modulefile appropriately so that we look at /etc/modprobe.conf for 2.6 kernels - mkinitrd: first pass at getting lvm working on 2.4 -> 2.6 upgrade * Wed Dec 24 2003 Jeremy Katz - mkinitrd: quiet strip by default rpmdb-fedora-1.90-0.20040105 ---------------------------- From Frederic.Hornain at GB.BE Mon Jan 5 11:51:33 2004 From: Frederic.Hornain at GB.BE (=?iso-8859-1?Q?Hornain_Fr=E9d=E9ric?=) Date: Mon, 5 Jan 2004 12:51:33 +0100 Subject: Problems on Fedora core 1 Message-ID: Hi, Well, I have installed for test purpose fedora core 1 on two differents machines and it I have the same annoyances. The first one : When I use the redhat-config-packages - Add / Remove Application - and I choose something to add I have got this following error message : Error Installing packages. There was an error installing packages. Exiting. I know it is obvious but that only error message that I have; The second one : I have often difficulties to log out from X session. Indeed the screen stay frozen like a screen shot. So I always have to ue the short key in order to kill it and by this fact to be logged out. Hoping that could help to debug some functionnalities. Sorry if these problem have been already mentionned. Best Regards Fred -------------- next part -------------- An HTML attachment was scrubbed... URL: From nos at utel.no Mon Jan 5 11:59:42 2004 From: nos at utel.no (=?ISO-8859-1?Q? Nils O. Sel=E5sdal?=) Date: Mon, 05 Jan 2004 12:59:42 +0100 Subject: Openldap log & "parent does not exist" In-Reply-To: <1678445901039e07d4@[192.168.170.10]> References: <1678445901039e07d4@[192.168.170.10]> Message-ID: <16a29f7a0103b207d4@[192.168.170.10]> On Mon, 2004-01-05 at 12:18, Mako Gabor wrote: > Hi! > > How can I set the openldap log file? Where does it log? > > What is the problem with this?: > ldapadd -f /etc/openldap/ldap.txt -D "cn=root,o=domain,c=hu" -x -W > Enter LDAP Password: > adding new entry "ou=People,o=domain,c=hu" > ldapadd: update failed: ou=People,o=domain,c=hu > ldap_add: No such object (32) > additional info: parent does not exist > > The ldap.txt file: > dn: ou=People,o=domain,c=hu > objectClass: top > objectClass: organizationalUnit > ou: People > > dn: ou=Group,o=domain,c=hu > objectClass: top > objectClass: organizationalUnit > ou: Group > > dn: cn=root,ou=People,o=domain,c=hu > objectClass: top > objectClass: account > objectClass: posixAccount > objectClass: shadowAccount > cn: root > uid: root > uidNumber: 1 > gidNumber: 1 > gecos: Root > loginShell: /bin/bash > homeDirectory: /root/ > userPassword: secret > > dn: cn=root,ou=Group,o=domain,c=hu > objectClass: top > objectClass: posixGroup > gidNumber: 1 > cn: root > memberUid: root You have to define the o=domain,c=hu also. -- Vennlig hilsen/Best Regards Nils Olav Sel?sdal System Engineer UtelSystems a/s Tlf: 370 45 431 Mob: 943 01 380 w w w . u t e l s y s t e m s . c o m From peter.backlund at home.se Mon Jan 5 12:25:39 2004 From: peter.backlund at home.se (Peter Backlund) Date: Mon, 05 Jan 2004 13:25:39 +0100 Subject: Problem Upgrading from Ethereal 0.9.13-4.1 to Ethereal 0.10.0a-0.1 In-Reply-To: <3FF8F4F9.8050204@multitech.co.in> References: <3FF7D985.30609@multitech.co.in> <3FF880E1.2020006@home.se> <3FF8F4F9.8050204@multitech.co.in> Message-ID: <3FF957C3.7050008@home.se> > I got the rpm from > http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386/, > > Actually I wanted to install it on RH 7.3. (2.4.18-3) You can't install rpms built for FC1 on RH7.3. > But it gave the same result on FC 1 also. The exact same result? libc.so.6(GLIBC_2.3) missing? > One thing to note is I could > not find files > > libcrypto.so.4 > libelf.so.1 > libnetsnmp.so.5 > net-snmp >= 5.0 > > in RH 7.3. So i copied this files from FC1 to the relevent dir in RH 7.3. That won't work. You need to get an rpm built for RH7.3. > Is there any proper checklist that is to be followed when upgrading ? Rule of thumb is that rpms built for a newer version of RH/FC will not work on older versions. Sometimes, it's possible to rebuild the .src.rpm on the older operating system. /Peter From tmus at get2net.dk Mon Jan 5 12:43:34 2004 From: tmus at get2net.dk (Thomas Munck Steenholdt) Date: Mon, 5 Jan 2004 13:43:34 +0100 (CET) Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> Message-ID: <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> > well... somebody said, that it can't be devided.... > > But - FC1 have a lot of development tools right on the CD, which I believe > is wrong. > > My suggestion - is have have product division like in Microsoft - or > Lindows.com > > They have - > > 1) OS (kernel, GUI, all the basic things, basic text and image editors) - > this everyone needs > > 2) Office (OpenOffice can be separated, but because it's small enough - it > won't be good) > > MS Office and Lindows Office is separated - because about HALF of the home > users doesn't use Office at all... > > 3) MS Visual Studio for Developers (And this part in FC1 take a LOT of > space...) - This must include KDevelop, other IDEs, some source code, > tutorials, compilers, programming documentation, ... > > Lindows doesn't have an analogue for that (as I know) > > 4) Plus+! (multimedia enchacements, and eye-candy's for their OSes - > something FC1 lacks totally with few exceptions, like the Marble Desktop > Theme in KDE, and a few plug-ins for XMMS) > > In Windows XP the Plus! gives me: many desktop backgrounds, MP3 to WMA > audio converter, > > Windows Media Player skins, and visualizations, 3 games (2 of which are > 3D), 8 beautyful Direct3D screensavers, and 4 Desktop themes. > > =======================================================I would be VERY > happy if such Plus! project would exist for FC Linux as well... - because > it will REALLY enchance FC Linux in home user's eyes... > > Really slick OpenGL Open-Source screen-savers can be put there: > http://theopencd.sunsite.dk/mirrors.php > > the Marble KDE Desktop theme to be moved there, some 3D games like > TuxRacer should move from the OS to FC Plus!, and maybe well also add a > few ogg-vorbis compression utilities that way. Actually a lot of > multimedia stuff can migrate to FC Plus!, AND many new stuuf must be > added. Note: that it sometimes better to leave a lot of space free on the > Plus CD, than put low-quality stuff there. > > =========================================================So that way the > OS will take only 2 CDs, and the developers will only need the FC and > FedoraDevbeloper CDs, while home user will need only FC, and FedoraPlus! > CDs. This style is very benefical. > Just a few points of my own... I don't know about Lindows.com, but the only reason that MS has divided their products is in order to make more $$$ people want seperate media/docs when they buy several products. I'm quite happy with the way FC1 (and all of the Red Hat distros for that matter) is today... You can't say that installation makes it more difficult for end users, because the develompent stuff is left out of the installation by default. The only point, as I see it, is the matter of media, which IMHO should be solved by providing a DVD .iso file in addition to the CD .isos... One disc for everything!!! Thomas From alan at redhat.com Mon Jan 5 12:50:11 2004 From: alan at redhat.com (Alan Cox) Date: Mon, 5 Jan 2004 07:50:11 -0500 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> Message-ID: <20040105125011.GB20067@devserv.devel.redhat.com> On Mon, Jan 05, 2004 at 01:43:34PM +0100, Thomas Munck Steenholdt wrote: > The only point, as I see it, is the matter of media, which IMHO should be > solved by providing a DVD .iso file in addition to the CD .isos... One disc > for everything!!! Someone posted a script to generate a DVD iso from the others I believe. There are good reasons for trying to get a base setup down to 1 or 2 CD's (and for workstation with basic languages it is btw in FC1). Firstly if you have a really dodgy CD drive then doing a minimal install of CD then using yum to pull the rest off another box is a lifesaver. Secondly for plenty of people 3 CD's is a lot of date, and a great way to exceed broadband limits in many places if they have broadband. Alan From tmus at get2net.dk Mon Jan 5 13:01:24 2004 From: tmus at get2net.dk (Thomas Munck Steenholdt) Date: Mon, 5 Jan 2004 14:01:24 +0100 (CET) Subject: include much needed antivirus products in FC2 Message-ID: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> Hi... Does anyone have an oppinion in relation to adding some antivirus features into FC2??? I think we are badly in need of a generel purpose virus scanner that will allow scheduled scans (possible on-access) and fast e-mail content scanning. What I have in mind personally would be something like : - ClamAV (which looks very promising) - amavisd-new (or similar that would allow checking of mail going through sendmail and postfix) The products should probably be suitable to work with either of out current MTA implementations available (sendmail/postfix). There is already a bug reported on this (#82017) but it doesn't seem very active. Check it out! Please share your experiences and ideas! Thomas From tmus at get2net.dk Mon Jan 5 13:19:08 2004 From: tmus at get2net.dk (Thomas Munck Steenholdt) Date: Mon, 5 Jan 2004 14:19:08 +0100 (CET) Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <20040105125011.GB20067@devserv.devel.redhat.com> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> Message-ID: <34622.212.93.39.38.1073308748.squirrel@www.tmus.dk> > On Mon, Jan 05, 2004 at 01:43:34PM +0100, Thomas Munck Steenholdt wrote: >> The only point, as I see it, is the matter of media, which IMHO should >> be >> solved by providing a DVD .iso file in addition to the CD .isos... One >> disc >> for everything!!! > > Someone posted a script to generate a DVD iso from the others I believe. > > There are good reasons for trying to get a base setup down to 1 or 2 CD's > (and for > workstation with basic languages it is btw in FC1). Firstly if you have a > really dodgy > CD drive then doing a minimal install of CD then using yum to pull the > rest off another > box is a lifesaver. Secondly for plenty of people 3 CD's is a lot of date, > and a great > way to exceed broadband limits in many places if they have broadband. > > > Alan > You're right... But I would personally prefer if packages were rearranged on the CD's rather than making different "products" out of them. Mayby thats all a matter of definition of "product", but i really like to have it all in one big package. Perhaps packages could be rearranged so that a personal system could be installed off CD 1 - no need for the other CDs... Making CD2 bootable too, could allow a server installation to be carried out from that with no need for other CDs. etc etc etc... The entire installation would then be exactly as it is today, only you could bo with only a subset of the discs! And if anyone's interested, the DVD build script, that Chris Kloiber made is available here: ftp://people.redhat.com/ckloiber/mkdvdiso.sh Thomas From stuart at terminus.co.uk Mon Jan 5 13:52:52 2004 From: stuart at terminus.co.uk (Stuart Children) Date: Mon, 05 Jan 2004 13:52:52 +0000 Subject: Fedora Core 2 Distribution Size In-Reply-To: References: Message-ID: <3FF96C34.7090604@terminus.co.uk> Maurice F. Piller wrote: > Fedora Core 1 came out with 3 iso installation images. Has the size of the > Fedora Core 2 release been determined yet? [snip] A few comments for the discussion: - As has already been mentioned, enough people want different sets of packages to make it impossible to place packages such that the majority only needs 2 CDs. - There is the issue with package ordering. - Something that hasn't been mentioned: When fedora extras really gets going we're going to have an even bigger problem when it comes to upgrades. Imagine I'm upgrading from Fedora 2 to Fedora 3 and I have many extras packages installed. I download the 2/3 CDs for Fedora *Core*. I start an upgrade... anaconda finds some extras installed that depend on an old version of a package in core which it is about to upgrade. So it removes that extra package. If this happens for many packages it's not good news! Perhaps someone can comment on how likely this scenario is (one would hope that newer packages maintain backwards compatibility, or compat packages are provided... but this is not always the case). - Obviously for an initial install you can just ignore extras and add them later. But as soon as you add them you hit the upgrade problem above. A solution is are mentioned below, but this does not really help users without sufficient internet access speed or capacity. What do we do for these users? Will we need to provide CDs of extras? Some thoughts on solutions: - Increased prominence of network based installs/upgrades. This has been mentioned already. This means people don't need to download 2 CDs worth of data to then only use 300Mb from each. - Network installs can also pick up extras repositories (either automatically or allow the user to specify - I would suggest the former). This solves the upgrade problem above. - Change how anaconda works (DANGER WILL ROBINSON ;]) so that there is a base set of packages that gives you a barebones system (there has already been discussion about this), and each CD is more like a repository - ala Debian. Users on poor internet connections can get CDs (off friends/whatever) that contain the majority of packages they use, and use network means to fetch any odd ones from CDs they don't have. So if I have lots of packages from CDs "FC1" and "FC2" and "FE1" (Fedora Extras), but only 10 packages off "FC3" and "FE2" I can have the benefits of CDs for most of what I need, but without having to get a full set of them. I am not proposing most of this for FC2 (certainly as it seems extras will not be there). However, it is obviously going to need some thinking about. There is a lot more to think about than the above - I only seek to raise awareness that intrusive changes may need to be made, so the sooner it's discussed the better. If these issues have already been discussed and either dismissed or solutions found, I would be interested to know what's planned! Cheers -- Stuart From tdiehl at rogueind.com Mon Jan 5 14:14:31 2004 From: tdiehl at rogueind.com (Tom Diehl) Date: Mon, 5 Jan 2004 09:14:31 -0500 (EST) Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <34622.212.93.39.38.1073308748.squirrel@www.tmus.dk> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> <34622.212.93.39.38.1073308748.squirrel@www.tmus.dk> Message-ID: On Mon, 5 Jan 2004, Thomas Munck Steenholdt wrote: > > On Mon, Jan 05, 2004 at 01:43:34PM +0100, Thomas Munck Steenholdt wrote: > >> The only point, as I see it, is the matter of media, which IMHO should > >> be > >> solved by providing a DVD .iso file in addition to the CD .isos... One > >> disc > >> for everything!!! > > > > Someone posted a script to generate a DVD iso from the others I believe. > > > > There are good reasons for trying to get a base setup down to 1 or 2 CD's > > (and for > > workstation with basic languages it is btw in FC1). Firstly if you have a > > really dodgy > > CD drive then doing a minimal install of CD then using yum to pull the > > rest off another > > box is a lifesaver. Secondly for plenty of people 3 CD's is a lot of date, > > and a great > > way to exceed broadband limits in many places if they have broadband. > > > > > > Alan > > > > You're right... But I would personally prefer if packages were rearranged > on the CD's rather than making different "products" out of them. > Mayby thats all a matter of definition of "product", but i really like to > have it all in one big package. > Perhaps packages could be rearranged so that a personal system could be > installed off CD 1 - no need for the other CDs... Making CD2 bootable too, > could allow a server installation to be carried out from that with no need > for other CDs. etc etc etc... > The entire installation would then be exactly as it is today, only you > could bo with only a subset of the discs! FWIW when I was in barnes & nobel the other day I saw a book called "Fedora Companion" It is by Red Hat Press and contained a 2 CD set of FC1 or so the label says. I did not buy it but for those of you wanting a stripped down version to install it appears that it is already available. You just have to buy the book. :-) ......Tom From skvidal at phy.duke.edu Mon Jan 5 14:28:20 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 09:28:20 -0500 Subject: FC2 initial schedule posted In-Reply-To: <200312152146.hBFLknG5027946@devserv.devel.redhat.com> References: <20031215184549.GA28655@devserv.devel.redhat.com> <200312152146.hBFLknG5027946@devserv.devel.redhat.com> Message-ID: <1073312900.6652.6.camel@opus> On Mon, 2003-12-15 at 16:46, Pete Zaitcev wrote: > >>Finalizing the new set of leaders was taking longer than I had hoped, > >>so we just picked an ad-hoc committee of Red Hat and external people > >>and hammered out a schedule last week, and then refined it a bit > >>afterward. Here it is: > >> > >>http://fedora.redhat.com/participate/schedule/ > >> > > I noticed the beautiful word *SPARC* in there. > > Tangentially, what about ia64? I am asking because due to > curcomstances outside of my control I am about to receive > an Itanium workstation which will be my primary development box. > > I saw in list archives that MKJ dismissed s390 already, > so that's a relief... I'm betting it's just like the x86_64 build, get a kernel that works and it should be possible. I think marking it as a 2nd tier arch would be wise, though. If you need a place to put a unofficial test-tree let me know. I've provided space at fedora.linux.duke.edu for x86_64 and the semi-tree for ppc. I'll be glad to do that for ia64. -sv From manik.surtani at conchango.com Mon Jan 5 14:37:20 2004 From: manik.surtani at conchango.com (Manik Surtani) Date: Mon, 05 Jan 2004 14:37:20 +0000 Subject: Fedora Core 2 Distribution Size In-Reply-To: <3FF96C34.7090604@terminus.co.uk> References: <3FF96C34.7090604@terminus.co.uk> Message-ID: <1073313439.1699.52.camel@localhost> Hello all. I downloaded FC1 ISOs via bit torrent. Something that took me 3 hours on my ADSL line rather than the 20 or so hours it would have taken me to download the ISOs off a local mirror. Essentially, using a network install (as mentioned here) would be just as slow as downloading the ISOs from a mirror? Not a pleasant option, even with broadband. The last time I did a network install was with RH5.2 way back when, on my then cable modem. Not fun - a basic install took all night to run, and I've never touched network installs since (off the Internet. I do network installs off a LAN frequently). I hardly know anything of the internal workings of Anaconda, but perhaps there is a way to do network installs of bittorrent shares? Now THAT would be interesting! Cheers, Manik On Mon, 2004-01-05 at 13:52, Stuart Children wrote: > Maurice F. Piller wrote: > > Fedora Core 1 came out with 3 iso installation images. Has the size of the > > Fedora Core 2 release been determined yet? > [snip] > > A few comments for the discussion: > > - As has already been mentioned, enough people want different sets of > packages to make it impossible to place packages such that the majority > only needs 2 CDs. > - There is the issue with package ordering. > - Something that hasn't been mentioned: When fedora extras really gets > going we're going to have an even bigger problem when it comes to > upgrades. Imagine I'm upgrading from Fedora 2 to Fedora 3 and I have > many extras packages installed. I download the 2/3 CDs for Fedora > *Core*. I start an upgrade... anaconda finds some extras installed that > depend on an old version of a package in core which it is about to > upgrade. So it removes that extra package. If this happens for many > packages it's not good news! Perhaps someone can comment on how likely > this scenario is (one would hope that newer packages maintain backwards > compatibility, or compat packages are provided... but this is not always > the case). > - Obviously for an initial install you can just ignore extras and add > them later. But as soon as you add them you hit the upgrade problem > above. A solution is are mentioned below, but this does not really help > users without sufficient internet access speed or capacity. What do we > do for these users? Will we need to provide CDs of extras? > > Some thoughts on solutions: > > - Increased prominence of network based installs/upgrades. This has been > mentioned already. This means people don't need to download 2 CDs worth > of data to then only use 300Mb from each. > - Network installs can also pick up extras repositories (either > automatically or allow the user to specify - I would suggest the > former). This solves the upgrade problem above. > - Change how anaconda works (DANGER WILL ROBINSON ;]) so that there is a > base set of packages that gives you a barebones system (there has > already been discussion about this), and each CD is more like a > repository - ala Debian. Users on poor internet connections can get CDs > (off friends/whatever) that contain the majority of packages they use, > and use network means to fetch any odd ones from CDs they don't have. So > if I have lots of packages from CDs "FC1" and "FC2" and "FE1" (Fedora > Extras), but only 10 packages off "FC3" and "FE2" I can have the > benefits of CDs for most of what I need, but without having to get a > full set of them. > > I am not proposing most of this for FC2 (certainly as it seems extras > will not be there). However, it is obviously going to need some thinking > about. There is a lot more to think about than the above - I only seek > to raise awareness that intrusive changes may need to be made, so the > sooner it's discussed the better. > > If these issues have already been discussed and either dismissed or > solutions found, I would be interested to know what's planned! > > Cheers -- Manik Surtani Conchango 'Innovative Change in Business' T 44 (0) 1784 222 222 D 44 (0) 1784 221 829 M 44 (0) 7786 702 706 E manik.surtani at conchango.com http://www.conchango.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From skvidal at phy.duke.edu Mon Jan 5 14:47:40 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 09:47:40 -0500 Subject: Fedora Core 2 Distribution Size In-Reply-To: <1073313439.1699.52.camel@localhost> References: <3FF96C34.7090604@terminus.co.uk> <1073313439.1699.52.camel@localhost> Message-ID: <1073314059.6652.12.camel@opus> > > Essentially, using a network install (as mentioned here) would be just > as slow as downloading the ISOs from a mirror? Not a pleasant option, > even with broadband. Not really. You wouldn't download ALL of the packages if you were doing a network install. You'd only install the ones you selected. it is rare that someone installs EVERY SINGLE PACKAGE. > The last time I did a network install was with RH5.2 way back when, on > my then cable modem. Not fun - a basic install took all night to run, > and I've never touched network installs since (off the Internet. I do > network installs off a LAN frequently). You need to look up better mirrors. > I hardly know anything of the internal workings of Anaconda, but > perhaps there is a way to do network installs of bittorrent shares? > Now THAT would be interesting! Extremely hard, in fact. Bittorrent normally hosts only the isos, not each package. -sv From davej at redhat.com Mon Jan 5 14:52:37 2004 From: davej at redhat.com (Dave Jones) Date: Mon, 05 Jan 2004 14:52:37 +0000 Subject: FC2 initial schedule posted In-Reply-To: <1073312900.6652.6.camel@opus> References: <20031215184549.GA28655@devserv.devel.redhat.com> <200312152146.hBFLknG5027946@devserv.devel.redhat.com> <1073312900.6652.6.camel@opus> Message-ID: <1073314357.9215.3.camel@delerium.codemonkey.org.uk> On Mon, 2004-01-05 at 14:28, seth vidal wrote: > I'm betting it's just like the x86_64 build, get a kernel that works and > it should be possible. I think marking it as a 2nd tier arch would be > wise, though. If you need a place to put a unofficial test-tree let me > know. I've provided space at fedora.linux.duke.edu for x86_64 and the > semi-tree for ppc. I'll be glad to do that for ia64. For FC2, one advantage of staying closer to mainline is going to be that arch support should for the most part be at least as good as mainline. Getting FC1 up to scratch on a new arch requires much futzing with nptl and a bunch of other patches. For FC2, the biggest thing to contend with is exec-shield, so even if patches from the ppc/ia64/amd64/whatever tree are needed, it's a lot less work to fix up. Dave From jspaleta at princeton.edu Mon Jan 5 14:54:09 2004 From: jspaleta at princeton.edu (Jef Spaleta) Date: Mon, 05 Jan 2004 09:54:09 -0500 Subject: "Official" Companion (was Fedora Core 2 Distribution Size - The separated OS) Message-ID: <1073314449.13655.35.camel@spatula.pppl.gov> Tom Diehl wrote: > FWIW when I was in barnes & nobel the other day I saw a book called > "Fedora Companion" It is by Red Hat Press and contained a 2 CD set of FC1 or > so the label says. I did not buy it but for those of you wanting a stripped > down version to install it appears that it is already available. You just > have to buy the book. :-) it's actually called "Official Fedora Companion". And that makes me wonder.... what is the status of the documentation subproject? I can't help be feel a little miffed that that a for cost book...an "Official" book...covering things like installing fedora is coming out before we have a rework of at least the Red Hat linux install guide...into the Fedora install guide. I'd personally like to see "Official" status to these sort of for cost reference resources be withheld until after the documentation subproject has a chunk of documentation available...in an effort to encourage writers and editors to contribute to the documentation subproject as a priority..over individual efforts. Of course, it would do my mind some good to know that the author of that "Official" companion book is active in the official documentation subproject as well. But even then, I'm still not sure I like the idea of deeming for cost resources "Official" before the official documentation project has at least an install guide...as a matter of policy to encourage people to work on the "official" fedora documents. This isn't exactly a complaint, since i'm not as in the loop on the doc project as i could be..so my initial negative reaction could easily be based on ignorance of where things stand. But it did make me raise an eyebrow, because I want to see documentation coming out of the documentation subproject be THE priority documentation. If the people behind the documentation efforts like the "Official Fedora Companion" book and the tutorials at fedoranews.org aren't contributing directly to the official fedora doc subproject, that is a problem. -jef"and wtf? 2 CD install media....thats inconceivable!!!!!!!"spaleta From Axel.Thimm at physik.fu-berlin.de Mon Jan 5 15:08:33 2004 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Mon, 5 Jan 2004 16:08:33 +0100 Subject: mremap() security fix and FC1 2135 kernel? Message-ID: <20040105150833.GA26454@neu.nirvana> Are the FC1 kernels (or updates, especially thinking about 2135) safe against the recent security announcement on mremap()? -- Axel.Thimm at physik.fu-berlin.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ms-nospam-0306 at arcor.de Mon Jan 5 15:11:05 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Mon, 5 Jan 2004 16:11:05 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> Message-ID: <20040105161105.1428506b.ms-nospam-0306@arcor.de> On Mon, 5 Jan 2004 14:01:24 +0100 (CET), Thomas Munck Steenholdt wrote: > Does anyone have an oppinion in relation to adding some antivirus features > into FC2??? > > I think we are badly in need of a generel purpose virus scanner that will > allow scheduled scans (possible on-access) and fast e-mail content scanning. > > What I have in mind personally would be something like : > > - ClamAV (which looks very promising) What's wrong about providing such tools in Fedora Extras? There are packages available at http://fedora.us -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From pauln at truemesh.com Mon Jan 5 15:10:54 2004 From: pauln at truemesh.com (Paul Nasrat) Date: Mon, 5 Jan 2004 15:10:54 +0000 Subject: mremap() security fix and FC1 2135 kernel? In-Reply-To: <20040105150833.GA26454@neu.nirvana> References: <20040105150833.GA26454@neu.nirvana> Message-ID: <20040105151053.GM20129@ensim.rackshack.net> On Mon, Jan 05, 2004 at 04:08:33PM +0100, Axel Thimm wrote: > Are the FC1 kernels (or updates, especially thinking about 2135) safe > against the recent security announcement on mremap()? I browsed through the patches of the src.rpm through filterdiff and couldn't see what resembled the patch that got in to 2.4. Paul From toshio at tiki-lounge.com Mon Jan 5 15:28:16 2004 From: toshio at tiki-lounge.com (Toshio) Date: Mon, 05 Jan 2004 10:28:16 -0500 Subject: Ximian rug/red-carpet vs up2date Message-ID: <1073316490.26467.190.camel@Madison.badger.com> After using Ximian's rug/red-carpet programs, I've become frustrated with up2date's lack of certain features. Available in rug: * Works with all packages available in remote repositories, not just installed ones. * Daemon process (rcd) which does the work -- rug/red-carpet are text and graphical front ends. This allows: - Periodic caching of repository header information w/out user interaction. - Package installation as trusted, non-root users. - Over the network upgrades * Ability to browse by repository. This allows: select channel unstable. Upgrade one package. Deselect channel unstable. Do an upgrade-all to update the rest of your packages from the stable repository. * Ability to run informational queries concurrently with install operations. Rug/red-carpet also seems subjectively faster than yum/up2date to me. A little of this comes from the daemon caching headers but there's also a big difference in dependency calculation/install speed. I haven't peeked under the hood of yum and rcd yet so I can't say why that is. Maybe a port of rcd to use yum on the server side would be possible? (Would it be worth the effort?) -- Toshio From makgab at freemail.hu Mon Jan 5 15:32:14 2004 From: makgab at freemail.hu (Mako Gabor) Date: Mon, 05 Jan 2004 16:32:14 +0100 (CET) Subject: Openldap log & "parent does not exist" In-Reply-To: <20040105142115.18484.47466.Mailman@listman.back-rdu.redhat.com> Message-ID: 05-Jan-2004 fedora-devel-list-request at redhat.com: > nos at utel.no: > > You have to define the o=domain,c=hu also. > Hi! Where do I have to define it? Begin of "ldap.txt" file? How can I do it? Bye! Gabor From skvidal at phy.duke.edu Mon Jan 5 15:31:45 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 10:31:45 -0500 Subject: Ximian rug/red-carpet vs up2date In-Reply-To: <1073316490.26467.190.camel@Madison.badger.com> References: <1073316490.26467.190.camel@Madison.badger.com> Message-ID: <1073316705.6652.15.camel@opus> > Maybe a port of rcd to use yum on the server side would be possible? > (Would it be worth the effort?) not worth the effort. I hope the common metadata format for repositories will make the above request moot. If the rcd/rug developers are going to spend time on parsing other formats, then spend time on the common format being worked on. I think that's the best goal atm. -sv From toshio at tiki-lounge.com Mon Jan 5 15:48:44 2004 From: toshio at tiki-lounge.com (Toshio) Date: Mon, 05 Jan 2004 10:48:44 -0500 Subject: Ximian rug/red-carpet vs up2date In-Reply-To: <1073316705.6652.15.camel@opus> References: <1073316490.26467.190.camel@Madison.badger.com> <1073316705.6652.15.camel@opus> Message-ID: <1073317722.26467.193.camel@Madison.badger.com> On Mon, 2004-01-05 at 10:31, seth vidal wrote: > not worth the effort. I hope the common metadata format for repositories > will make the above request moot. > Where's the common metadata format being discussed/worked on? Thanks, Toshio -- Toshio From piller at sns.gov Mon Jan 5 15:49:21 2004 From: piller at sns.gov (Chip Piller) Date: Mon, 05 Jan 2004 10:49:21 -0500 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <20040105125011.GB20067@devserv.devel.redhat.com> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> Message-ID: <3FF98781.1060300@sns.gov> Alan Cox wrote: > There are good reasons for trying to get a base setup down to 1 or 2 > CD's (and for > workstation with basic languages it is btw in FC1). Firstly if you have > a really dodgy > CD drive then doing a minimal install of CD then using yum to pull the > rest off another > box is a lifesaver. Secondly for plenty of people 3 CD's is a lot of > date, and a great > way to exceed broadband limits in many places if they have broadband. There seems to be interest in a 1 or 2 CD Fedora Core Distribution size, for various good reasons. In the previous thread on Fedora Core 2 Distribution Size it was mentioned that a single desktop environment would go a long way towards achieving this goal. I have not seen this discussed here but why not just go ahead and decide to make GNOME the Fedora Core desktop? Does it make sense to continue with multiple desktop environments? Reasons for making GNOME the Fedora Core desktop include: 1) Fedora, installer, config tools require python, GTK, Gnome 2) GNOME is supported by RedHat, Ximian, Sun, etc. 3) Userlinux.com (Bruce Perens) has decided to go with a single desktop and chose to go with GNOME instead of KDE primarily because of the license 4) Keep it simple, make it "just work" philosophy Maurice Piller From hvdkooij at vanderkooij.org Mon Jan 5 15:59:14 2004 From: hvdkooij at vanderkooij.org (Hugo van der Kooij) Date: Mon, 5 Jan 2004 16:59:14 +0100 (CET) Subject: Openldap log & "parent does not exist" In-Reply-To: References: Message-ID: On Mon, 5 Jan 2004, Mako Gabor wrote: > 05-Jan-2004 fedora-devel-list-request at redhat.com: > > nos at utel.no: > > > > You have to define the o=domain,c=hu also. > > Where do I have to define it? Begin of "ldap.txt" file? > How can I do it? Ages ago I wrote a document on netscape & openldap: http://hvdkooij.xs4all.nl/docs/Netscape_and_OpenLDAP_v2/database.html Hugo. -- All email sent to me is bound to the rules described on my homepage. hvdkooij at vanderkooij.org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. From jos at xos.nl Mon Jan 5 15:59:51 2004 From: jos at xos.nl (Jos Vos) Date: Mon, 5 Jan 2004 16:59:51 +0100 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <3FF98781.1060300@sns.gov>; from piller@sns.gov on Mon, Jan 05, 2004 at 10:49:21AM -0500 References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> <3FF98781.1060300@sns.gov> Message-ID: <20040105165951.A10436@xos037.xos.nl> On Mon, Jan 05, 2004 at 10:49:21AM -0500, Chip Piller wrote: > I have not seen this discussed here but why not just go ahead and decide > to make GNOME the Fedora Core desktop? Does it make sense to continue > with multiple desktop environments? Yes it does, IMHO. It's all about freedom of choice (I personally prefer GNOME i.s.o. KDE, b.t.w., but I use my desktop mostly for managing my gnometerm's ;-)). KDE is still a major player in the desktop market and also for reasons of "competition" between distros FC should have both, IMHO, like most other distros. There could be more CD images, maybe, each having some subset, although that would be a real horror story for mirror sites. -- -- Jos Vos -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204 From davej at redhat.com Mon Jan 5 16:03:36 2004 From: davej at redhat.com (Dave Jones) Date: Mon, 05 Jan 2004 16:03:36 +0000 Subject: mremap() security fix and FC1 2135 kernel? In-Reply-To: <20040105150833.GA26454@neu.nirvana> References: <20040105150833.GA26454@neu.nirvana> Message-ID: <1073318616.25398.0.camel@delerium.codemonkey.org.uk> On Mon, 2004-01-05 at 15:08, Axel Thimm wrote: > Are the FC1 kernels (or updates, especially thinking about 2135) safe > against the recent security announcement on mremap()? Errata will be out today for FC1. (Also an update to the FC2 2.6 kernel in rawhide) Dave From mark at mark.mielke.cc Mon Jan 5 16:39:09 2004 From: mark at mark.mielke.cc (Mark Mielke) Date: Mon, 5 Jan 2004 11:39:09 -0500 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <20040105165951.A10436@xos037.xos.nl> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> <3FF98781.1060300@sns.gov> <20040105165951.A10436@xos037.xos.nl> Message-ID: <20040105163909.GA32416@mark.mielke.cc> On Mon, Jan 05, 2004 at 04:59:51PM +0100, Jos Vos wrote: > On Mon, Jan 05, 2004 at 10:49:21AM -0500, Chip Piller wrote: > > I have not seen this discussed here but why not just go ahead and decide > > to make GNOME the Fedora Core desktop? Does it make sense to continue > > with multiple desktop environments? > Yes it does, IMHO. It's all about freedom of choice (I personally > prefer GNOME i.s.o. KDE, b.t.w., but I use my desktop mostly for > managing my gnometerm's ;-)). KDE is still a major player in the > desktop market and also for reasons of "competition" between distros > FC should have both, IMHO, like most other distros. > There could be more CD images, maybe, each having some subset, > although that would be a real horror story for mirror sites. Although, it could be a net gain (bad pun, eh?) in that most people may transfer fewer bytes. mark -- mark at mielke.cc/markm at ncf.ca/markm at nortelnetworks.com __________________________ . . _ ._ . . .__ . . ._. .__ . . . .__ | Neighbourhood Coder |\/| |_| |_| |/ |_ |\/| | |_ | |/ |_ | | | | | | \ | \ |__ . | | .|. |__ |__ | \ |__ | Ottawa, Ontario, Canada One ring to rule them all, one ring to find them, one ring to bring them all and in the darkness bind them... http://mark.mielke.cc/ From dhollis at davehollis.com Mon Jan 5 16:57:56 2004 From: dhollis at davehollis.com (David T Hollis) Date: Mon, 05 Jan 2004 11:57:56 -0500 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <3FF98781.1060300@sns.gov> References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> <3FF98781.1060300@sns.gov> Message-ID: <1073321876.5485.6.camel@dhollis-lnx.kpmg.com> On Mon, 2004-01-05 at 10:49, Chip Piller wrote: > Alan Cox wrote: > > There are good reasons for trying to get a base setup down to 1 or 2 > > CD's (and for > > workstation with basic languages it is btw in FC1). Firstly if you have > > a really dodgy > > CD drive then doing a minimal install of CD then using yum to pull the > > rest off another > > box is a lifesaver. Secondly for plenty of people 3 CD's is a lot of > > date, and a great > > way to exceed broadband limits in many places if they have broadband. > > Reasons for making GNOME the Fedora Core desktop include: > 1) Fedora, installer, config tools require python, GTK, Gnome > 2) GNOME is supported by RedHat, Ximian, Sun, etc. > 3) Userlinux.com (Bruce Perens) has decided to go with a single desktop > and chose to go with GNOME instead of KDE primarily because of the license > 4) Keep it simple, make it "just work" philosophy > > Maurice Piller IMHO, a lot of points are being raised about slimming down the distro, though they all seem to be corner cases and really don't state a valid problem across the board. Dropping KDE would slim down the distro by a significant amount, but at the cost of loosing a useful desktop AND all of the apps. A lot of folks may use Gnome as their desktop of choice (myself included) but use some KDE apps because they are the best for the purpose/only ones available/whatever other option. I think one of the greatest benefits of the Linux/"billions and billions" of distro's phenomenon is that there doesn't have to be a one-size-fits-all approach. If you want a super-tiny install, find the distro that fits that purpose. If you want a general purpose desktop distro, Fedora is good choice. Trying to mold Fedora into a distro that can suit every purpose on the planet would force it to always work at the least common denominator which would be a net loss for everybody. From jos at xos.nl Mon Jan 5 17:07:21 2004 From: jos at xos.nl (Jos Vos) Date: Mon, 5 Jan 2004 18:07:21 +0100 Subject: Fedora Core 2 Distribution Size - The separated OS In-Reply-To: <20040105163909.GA32416@mark.mielke.cc>; from mark@mark.mielke.cc on Mon, Jan 05, 2004 at 11:39:09AM -0500 References: <62DDF15AA353904E8E78CFB0BFA3031D01361AEB@HOTEXV01.he.hotmail.co.il> <45485.212.93.39.38.1073306614.squirrel@www.tmus.dk> <20040105125011.GB20067@devserv.devel.redhat.com> <3FF98781.1060300@sns.gov> <20040105165951.A10436@xos037.xos.nl> <20040105163909.GA32416@mark.mielke.cc> Message-ID: <20040105180721.A10697@xos037.xos.nl> On Mon, Jan 05, 2004 at 11:39:09AM -0500, Mark Mielke wrote: > Although, it could be a net gain (bad pun, eh?) in that most people > may transfer fewer bytes. Not really... for lots of academic (or related) mirrors the cost of bandwidth doesn't really count, but hardware costs (larger machines, disc cabinets, discs) *do* count. Hardware may be cheap (although even this does not apply to high-end hardware -- systems with multple TB's are expensive), but bandwidth is cheaper. -- -- Jos Vos -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204 From tmus at get2net.dk Mon Jan 5 17:13:31 2004 From: tmus at get2net.dk (Thomas M Steenholdt) Date: Mon, 05 Jan 2004 18:13:31 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040105161105.1428506b.ms-nospam-0306@arcor.de> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> Message-ID: <3FF99B3B.6060300@get2net.dk> Michael Schwendt wrote: >On Mon, 5 Jan 2004 14:01:24 +0100 (CET), Thomas Munck Steenholdt wrote: > > > >>Does anyone have an oppinion in relation to adding some antivirus features >>into FC2??? >> >>I think we are badly in need of a generel purpose virus scanner that will >>allow scheduled scans (possible on-access) and fast e-mail content scanning. >> >>What I have in mind personally would be something like : >> >>- ClamAV (which looks very promising) >> >> > >What's wrong about providing such tools in Fedora Extras? >There are packages available at http://fedora.us > > > Essentially - Core components should be contained in the core distribution and I think that, antivirus should be considered a core component, as you really need some kind of virus defence on any server, that serves either mail or file services to clients... Just like spamassassin is included in the core! Also, until the "extras" goes "live" for real, I (perhaps out of ignorance) don't feel that confident (please comment on this) with the fedora.us packages as the download.fedora.com ones?!? Thomas From blizzard at redhat.com Mon Jan 5 17:26:10 2004 From: blizzard at redhat.com (Christopher Blizzard) Date: Mon, 05 Jan 2004 12:26:10 -0500 Subject: Why still using Mozilla 1.4 and not 1.5 In-Reply-To: <1072729105.12203.19.camel@duergar> References: <1072729105.12203.19.camel@duergar> Message-ID: <3FF99E32.6000005@redhat.com> Stan Bubrouski wrote: >The subject speaks for itself. Mozilla 1.5 has been stable for a while >now yet 1.4 is still what's in the devel tree. What gives? > > > I was waiting for 1.6 to put something new in the devel tree. It shouldn't be too long before it is released. --Chris -- ------------ Christopher Blizzard http://people.redhat.com/blizzard/ ------------ From blizzard at redhat.com Mon Jan 5 17:27:52 2004 From: blizzard at redhat.com (Christopher Blizzard) Date: Mon, 05 Jan 2004 12:27:52 -0500 Subject: Why still using Mozilla 1.4 and not 1.5 In-Reply-To: <3FF08DF5.1080001@cleanstick.org> References: <1072729105.12203.19.camel@duergar> <3FF08DF5.1080001@cleanstick.org> Message-ID: <3FF99E98.3090604@redhat.com> Jon Atkinson wrote: > In the same vein, are there any plans for migration to > Firebird/Thunderbird? Or do the Mozilla packages need to be kept in > for Nautilus support? 1. Firebird/Thunderbird aren't 1.0 products yet. They aren't cooked enough. 2. They don't include any migration tools for old profiles. > > I imagine the best solution would be to have a gecko renderer package, > and seperate 'frontends' (Firebird, Epiphany, Mozilla-proper, Nautilus > etc) would depend on it. Yeah, it would be nice to have that. People are working on it. (It needs to be the full XRE, not just the GRE as mentioned elsewhere in this thread.) --Chris > > Is any work being done in this area? > > --Jon Atkinson > > Stan Bubrouski wrote: > >> The subject speaks for itself. Mozilla 1.5 has been stable for a while >> now yet 1.4 is still what's in the devel tree. What gives? >> >> -sb >> >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list at redhat.com >> http://www.redhat.com/mailman/listinfo/fedora-devel-list > > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list -- ------------ Christopher Blizzard http://people.redhat.com/blizzard/ ------------ From skvidal at phy.duke.edu Mon Jan 5 17:37:36 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 12:37:36 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF99B3B.6060300@get2net.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> Message-ID: <1073324256.6652.45.camel@opus> > > > Essentially - Core components should be contained in the core > distribution and I think that, antivirus > should be considered a core component, as you really need some kind of > virus defence on any server, > that serves either mail or file services to clients... Just like > spamassassin is included in the core! Umm, unless I'm mistaken none of those virii affect linux machines. Why should antivirus for some other operating systems be considered CORE for a linux distribution? -sv From rhl at reachone.com Mon Jan 5 17:44:01 2004 From: rhl at reachone.com (Adam Debus) Date: Mon, 5 Jan 2004 09:44:01 -0800 Subject: include much needed antivirus products in FC2 References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> Message-ID: <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> Because many linux machines are used as mail servers, and if you can stop the virus/worm before it gets to a windows box... Thanks, Adam Debus Network Engineer, ReachONE Internet adam at reachone.com ----- Original Message ----- From: "seth vidal" To: Sent: Monday, January 05, 2004 9:37 AM Subject: Re: include much needed antivirus products in FC2 > > > > > Essentially - Core components should be contained in the core > > distribution and I think that, antivirus > > should be considered a core component, as you really need some kind of > > virus defence on any server, > > that serves either mail or file services to clients... Just like > > spamassassin is included in the core! > > Umm, unless I'm mistaken none of those virii affect linux machines. Why > should antivirus for some other operating systems be considered CORE for > a linux distribution? > > -sv > > > > -- > fedora-devel-list mailing list > fedora-devel-list at redhat.com > http://www.redhat.com/mailman/listinfo/fedora-devel-list > From skvidal at phy.duke.edu Mon Jan 5 17:46:03 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 12:46:03 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> Message-ID: <1073324763.6652.51.camel@opus> On Mon, 2004-01-05 at 12:44, Adam Debus wrote: > Because many linux machines are used as mail servers, and if you can stop > the virus/worm before it gets to a windows box... > Then you're inappropriately increasing the load on a central machine rather than decentralizing scanning to the desktop windows machine, where it belongs. -sv From marguz at ameritech.net Mon Jan 5 17:51:18 2004 From: marguz at ameritech.net (Mark Guzzo) Date: Mon, 05 Jan 2004 11:51:18 -0600 Subject: rawhide Message-ID: <1073325078.3690.3.camel@LORDLINUX.global.shsystem.org> Please don't hurt me for such a dumb question. But can someone please tell me what I need in the yum.conf file to get at RAWHIDE. I've been looking all over and I can't seem to find any info. Mark From tdiehl at rogueind.com Mon Jan 5 17:52:51 2004 From: tdiehl at rogueind.com (Tom Diehl) Date: Mon, 5 Jan 2004 12:52:51 -0500 (EST) Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF99B3B.6060300@get2net.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> Message-ID: On Mon, 5 Jan 2004, Thomas M Steenholdt wrote: > Essentially - Core components should be contained in the core > distribution and I think that, antivirus > should be considered a core component, as you really need some kind of > virus defence on any server, > that serves either mail or file services to clients... Just like > spamassassin is included in the core! But why?? Linux does not need it. Windoze does but FC != windoze. IMO an antivirus on linux is an extras thing. In addition I am not convinced that an open src antivirus is the best defense against M$ viruses but maybe that is just me. Just where do you draw the line?? Not everyone is going to be happy with the packages contained in FC. That is after all the way things like this work. :-) ..........Tom From dcbw at redhat.com Mon Jan 5 17:56:23 2004 From: dcbw at redhat.com (Dan Williams) Date: Mon, 05 Jan 2004 12:56:23 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073324763.6652.51.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> Message-ID: <1073325383.4746.15.camel@dcbw.boston.redhat.com> But that's a decision by the admin to make on a site-by-site basis, not one to be made by one person for everyone. That said, I do not think its a core package. Dan On Mon, 2004-01-05 at 12:46, seth vidal wrote: > Then you're inappropriately increasing the load on a central machine > rather than decentralizing scanning to the desktop windows machine, > where it belongs. > > > -sv > > From alexander.dalloz at uni-bielefeld.de Mon Jan 5 17:56:30 2004 From: alexander.dalloz at uni-bielefeld.de (Alexander Dalloz) Date: Mon, 05 Jan 2004 18:56:30 +0100 Subject: Problems on Fedora core 1 In-Reply-To: References: Message-ID: <1073325390.19260.165.camel@sirendipity.dogma.lan> Am Mo, den 05.01.2004 schrieb Hornain Fr?d?ric um 12:51: > Hi, > > Well, I have installed for test purpose fedora core 1 on two differents > machines and it I have the same annoyances. > The first one : > When I use the redhat-config-packages - Add / Remove Application - and I > choose something to add I have got this following error message : Error > Installing packages. There was an error installing packages. Exiting. > I know it is obvious but that only error message that I have; > > The second one : > I have often difficulties to log out from X session. Indeed the screen stay > frozen like a screen shot. > So I always have to ue the short key in order to kill it and by this fact to > be logged out. > > Hoping that could help to debug some functionnalities. > Sorry if these problem have been already mentionned. > > Best Regards > Fred This is the wrong mailinglist for your problems. Please better report your difficulties on the fedora-list which is for enduser discussions. Alexander -- Alexander Dalloz | Enger, Germany PGP key valid: made 13.07.1999 PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653 From rhl at reachone.com Mon Jan 5 17:55:15 2004 From: rhl at reachone.com (Adam Debus) Date: Mon, 5 Jan 2004 09:55:15 -0800 Subject: include much needed antivirus products in FC2 References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> Message-ID: <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> > Then you're inappropriately increasing the load on a central machine > rather than decentralizing scanning to the desktop windows machine, > where it belongs. > Perhaps...but in 4 years of working at an ISP, I've discovered that most users do not install it no matter how many times you tell them that it's a good idea. I've got users I end up disconnecting and blocking from the 'net about once a week. Corporate LAN support wasn't much better. It doesn't add that much more load, and the benifits of having the mail scanned before it hits an end users machine greatly outweighs the cost of purchasing an additional processor, or a faster processor. That is, of course, assuming you're using the mail server for more then 10 people. If you're not, or you just don't want it, don't use the AV software. Thanks, Adam Debus Network Engineer, ReachONE Internet adam at reachone.com From skvidal at phy.duke.edu Mon Jan 5 18:07:04 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 13:07:04 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073325383.4746.15.camel@dcbw.boston.redhat.com> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <1073325383.4746.15.camel@dcbw.boston.redhat.com> Message-ID: <1073326024.6652.53.camel@opus> On Mon, 2004-01-05 at 12:56, Dan Williams wrote: > But that's a decision by the admin to make on a site-by-site basis, not > one to be made by one person for everyone. That said, I do not think > its a core package. A lot of decisions are made by the distro that are ultimately admin decisions. why is this one different? -sv From skvidal at phy.duke.edu Mon Jan 5 18:10:38 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 13:10:38 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> Message-ID: <1073326238.6652.55.camel@opus> On Mon, 2004-01-05 at 12:55, Adam Debus wrote: > > Then you're inappropriately increasing the load on a central machine > > rather than decentralizing scanning to the desktop windows machine, > > where it belongs. > > > > Perhaps...but in 4 years of working at an ISP, I've discovered that most > users do not install it no matter how many times you tell them that it's a > good idea. I've got users I end up disconnecting and blocking from the 'net > about once a week. Corporate LAN support wasn't much better. > > It doesn't add that much more load, and the benifits of having the mail > scanned before it hits an end users machine greatly outweighs the cost of > purchasing an additional processor, or a faster processor. That is, of > course, assuming you're using the mail server for more then 10 people. If > you're not, or you just don't want it, don't use the AV software. Try this sometime - process 100000+ pieces of mail a day and see if AV scanning doesn't add much load? AV scanning centrally does NOT scale. Moreover - if you are always protecting your users then they will never learn. -sv From rhl at reachone.com Mon Jan 5 18:41:11 2004 From: rhl at reachone.com (Adam Debus) Date: Mon, 5 Jan 2004 10:41:11 -0800 Subject: include much needed antivirus products in FC2 References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: <01cd01c3d3bb$7db93260$e2e8b1d8@adam12> > > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. > > Moreover - if you are always protecting your users then they will never > learn. > Yeah, we tried that, in the end we discovered that it cost us much less to add another box to the mail cluster and scan the half a million mail messages a day instead of dealing with the support costs every time the latest mail worm came out, and everyone still hadn't patched their outlook express from the last worm. (which we ended up oursourcing, but that was for political reasons). In my experience, unless you have 100% control over the user computer, where the user has no permissions to do anything other then run word and other selected applications, they will find a way to break, mangle, infect, and/or completely destroy the install they are working on at some point or another, no matter how many times you tell them that they can't/shouldn't do something. That's both from my time working on a college campus and here at my current position. I think it's great that you work at a place where that isn't the case, and perhaps my experiences all come from the fact that I've always worked on "open" networks. All that being said, I don't think that it should be installed by default, I think it should be left up to the user. But I do think that it certianly fits within the realms of the current way of designing the distro so that the distro can fill multiple roles easily. Thanks, Adam Debus From rpn at netmonks.org Mon Jan 5 18:55:55 2004 From: rpn at netmonks.org (Rodrigo Parra Novo) Date: Mon, 05 Jan 2004 16:55:55 -0200 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073326238.6652.55.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: <1073328955.3814.5.camel@wakko.freesoftware> Em Seg, 2004-01-05 ?s 16:10, seth vidal escreveu: > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. Until past april, I worked for an ISP which dealt (at that time) 420k emails per day. Virus scanning is an optional feature, used by about 20% of our customer base. So we *did* (and they still do) have 100k mails scanned, every day. Of course, you can't just start a new scanner process for every mail which arrives - and obviously, there are dozens of other optimizations which must be used too. > Moreover - if you are always protecting your users then they will never > learn. When your business is to take care of your customer, it is a *mission* to protect them. Rodrigo From steve at silug.org Mon Jan 5 19:06:47 2004 From: steve at silug.org (Steven Pritchard) Date: Mon, 5 Jan 2004 13:06:47 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF99B3B.6060300@get2net.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> Message-ID: <20040105190647.GA21902@osiris.silug.org> On Mon, Jan 05, 2004 at 06:13:31PM +0100, Thomas M Steenholdt wrote: > Also, until the "extras" goes "live" for real, I (perhaps out of > ignorance) don't feel that confident (please comment on this) with the > fedora.us packages as the download.fedora.com ones?!? Given how much of a pain in the ass it is to get a package accepted into the fedora.us repository, I think you can safely assume that the packages that are there are good. (Or at least have been beaten to death by an appropriate number of knowledgeable people. ;) Steve -- Steven Pritchard - K&S Pritchard Enterprises, Inc. Email: steve at kspei.com http://www.kspei.com/ Phone: (618)398-7360 Mobile: (618)567-7320 From greg at kroah.com Mon Jan 5 18:50:41 2004 From: greg at kroah.com (Greg KH) Date: Mon, 5 Jan 2004 10:50:41 -0800 Subject: FC1 USB printer (110307) In-Reply-To: <20031216214059.GA696@devserv.devel.redhat.com> References: <20031216214059.GA696@devserv.devel.redhat.com> Message-ID: <20040105185041.GF22177@kroah.com> On Tue, Dec 16, 2003 at 04:40:59PM -0500, Pete Zaitcev wrote: > This is taken by Greg and is "obviously correct", and it was on > my 2.4 TODO list forever, but the bug requestor is not helping > too much... Your call. Please let me know if you accept or reject > so that I can advance the bug state into MODIFIED or WONTFIX. I second this, if that matters... greg k-h From greg at kroah.com Mon Jan 5 18:49:49 2004 From: greg at kroah.com (Greg KH) Date: Mon, 5 Jan 2004 10:49:49 -0800 Subject: FC1 USB serial visors (107929) In-Reply-To: <20031216215329.GC696@devserv.devel.redhat.com> References: <20031216215329.GC696@devserv.devel.redhat.com> Message-ID: <20040105184949.GD22177@kroah.com> On Tue, Dec 16, 2003 at 04:53:29PM -0500, Pete Zaitcev wrote: > This is a straightforward backport from 2.4.23. Seems like something > we better have. I second this patch, if that counts for anything... greg k-h From greg at kroah.com Mon Jan 5 18:50:16 2004 From: greg at kroah.com (Greg KH) Date: Mon, 5 Jan 2004 10:50:16 -0800 Subject: RHL9/FC1 USB serial helper (90442 et. al.) In-Reply-To: <20031216215003.GB696@devserv.devel.redhat.com> References: <20031216215003.GB696@devserv.devel.redhat.com> Message-ID: <20040105185016.GE22177@kroah.com> On Tue, Dec 16, 2003 at 04:50:03PM -0500, Pete Zaitcev wrote: > This comes from RHL9, but is applicable to Fedora. > The patch is extensive and solves actual oopses, expirienced > by many users (look at the list of dups for 90442). It did not > come out as I would envision it, but overhauling whole usbserial > with all component drivers is just no feasible at this time. > It pains to ask, but I would like you to take it. I agree, it should be in there (the 2.4 kernel). thanks, greg k-h From steve at silug.org Mon Jan 5 19:16:15 2004 From: steve at silug.org (Steven Pritchard) Date: Mon, 5 Jan 2004 13:16:15 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073326238.6652.55.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: <20040105191615.GB21902@osiris.silug.org> On Mon, Jan 05, 2004 at 01:10:38PM -0500, seth vidal wrote: > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. I can't quite hit the 100k mark, but... 13:07:25 up 7 days, 3:42, 2 users, load average: 0.12, 0.11, 0.09 That box is processing around 15k mails per day. Granted it is a beefy box, but with the right configuration of postfix, clamav, and amavis-ng (in this case, although I plan to switch to amavisd-new), it isn't a ridiculous load. > Moreover - if you are always protecting your users then they will never > learn. That box handles mail for a small university. There is *no* way they will ever be able to control the desktops of thousands of students and faculty. In any case, going back to the original subject, this is definitely a project better left for Extras. In all honesty, spamassassin should probably be moved out of Core (and be updated a lot more often). Hopefully next month I'll have time to attack my pile of rpms again, so if somebody doesn't beat me to it, I will have amavisd-new and its many, many dependencies packaged for fedora.us soon. Steve -- Steven Pritchard - K&S Pritchard Enterprises, Inc. Email: steve at kspei.com http://www.kspei.com/ Phone: (618)398-7360 Mobile: (618)567-7320 From jspaleta at princeton.edu Mon Jan 5 19:30:31 2004 From: jspaleta at princeton.edu (Jef Spaleta) Date: Mon, 05 Jan 2004 14:30:31 -0500 Subject: determining whether a packages should be in Extras ( was include much needed antivirus products in FC2) Message-ID: <1073331031.13655.47.camel@spatula.pppl.gov> Steven Pritchard wrote: > In any case, going back to the original subject, this is > definitely a project better left for Extras. In all honesty, > spamassassin should probably be moved out of Core (and be updated > a lot more often). Now there's a thought of general interest.... what are some really good general litmus tests to determine if a package is suitable for Core or suitable for Extras. I personally like the idea that packages that people feel need to be updated more regularly than the Fedora Core release schedule of 4-6 months between Core releases..should be maintained in extras. And I'm not talking about bug/security fix updates. But for something like an antivirus package where the virus definition scanning 'feature' should be updated as often as possible to ensure continued effectiveness. Of course one could also argue that if the package needs to be updated every week to be effective...maybe the list or config that needs weekly updates should be updated via a separate mechansim than the package update mechanism. -jef From linuxproject at aws-sj.com Mon Jan 5 19:49:22 2004 From: linuxproject at aws-sj.com (Casey Price) Date: Mon, 5 Jan 2004 11:49:22 -0800 (PST) Subject: Kernel RPM questions Message-ID: <32907.192.168.1.11.1073332162.squirrel@www.aws-sj.com> Hi Everyone, I just got my new 2.6.0 kernel config up and tested it out and it seems to run great. I was wondering a little bit about creating a binary rpm for my kernel. I know about the make rpm command, so I'm thinking I could use make oldconfig/menuconfig/textconfig/xconfig/whatever to get my .config, then I run make rpm, which I have tried and it generates a debug rpm, source rpm and binary rpm. I'm just curious if I'm doing this right and if there is something I'm skipping. I tried installing the binary rpm, and it looked it did everything right, except I noticed that in /boot it didn't generate the initrd image, is there something special you need to do to do that and BTW, what exactly does the initrd image do, tell the kernel what to initialize on startup? I also noticed that the development rpm of the fews kernels: kernel-2.6.0-1.23.i686.rpm and the i586 version are both about 15MB in size, whereas my kernel was only about 4MB, any ideas? I also have been working on creating a machine from source, so while in Fedora I have created a separate partition and got most of the neccessary stuff on that, however when I boot up using the lilo config: boot=/dev/hda map=/boot/map vga=normal default="Windows" keytable=/boot/us.klt prompt nowarn timeout=100 message=/boot/message menu-scheme=wb:bw:wb:bw image=/boot/vmlinuz label="Mandrake" root=/dev/hda7 initrd=/boot/initrd.img append="devfs=mount acpi=ht resume=/dev/hda3 splash=silent" vga=788 read-only other=/dev/hda1 label="Windows" table=/dev/hda image=/boot/vmlinuz-2.6.0 label="Fedora-2.6.0" root=/dev/hda2 initrd=/boot/initrd-2.6.0.img append="rhgb" image=/boot/vmlinuz-2.4.22-1.2135.nptl label="Fedora" root=/dev/hda2 initrd=/boot/initrd-2.4.22-1.2135.nptl.img append="rhgb" image=/boot/vmlinuz-2.6.0-1apx label="Apex" root=/dev/hda5 The kernel files reside on the mandrake /boot partition, since that is the OS I installed last, and that is where lilo is looking for the images. So that all works fine and dandy, but when I boot up the one named Apex it goes through the kernel start up and then gives me: Warning: Unable to open an inital console Kernel panic: no init found. Try passing init= to the kernel. Except on /hda5 partition, I do have a /sbin/init, could the problem be that when I built it I told it to install the sysVinit to /mnt/apex/ as a prefix...since I was using Fedora at the time I was compiling the utilities? Thanks, -- Casey Price From linuxproject at aws-sj.com Mon Jan 5 19:51:46 2004 From: linuxproject at aws-sj.com (Casey Price) Date: Mon, 5 Jan 2004 11:51:46 -0800 (PST) Subject: An error on my part Message-ID: <32908.192.168.1.11.1073332306.squirrel@www.aws-sj.com> If you have received multiple of the same messages from me, I would like to appologize. I had a typo in my return address, so I didn't receive anything and sent a few extra of the same posts. Sorry about that, -- Casey Price From mesrik at cc.jyu.fi Sun Jan 4 22:59:21 2004 From: mesrik at cc.jyu.fi (Riku Meskanen) Date: Mon, 5 Jan 2004 00:59:21 +0200 (EET) Subject: Self-Introduction: Riku Meskanen Message-ID: 1. Full legal name: Riku Herman Meskanen 2. Country, City: Finland, Jyvaskyla 3. Profession: Systems Design Analyst 4. School: University of Jyvaskyla / Computing Center 5. Your goals in the Fedora Project - It's hard give any list of packages, but I'm mostly interested about features that improves system security, streamline the server setup and administration among others and making the system rock solid. I prefer systems that have fairly small base set and good tools to add/remove/upgrade well thought package sets or individual packages. I'm big fan of LVM (both HP-UX & Linux) mirroring, easy recovery tehniques (Mondo rescue is quite good), clustering, failover and load balancing features etc. and I think these features should be relatively easy to set up ... and I don't mean we need always a fancy GUI or Web-front setting it all up. A reasonable text based UI and editor are just fine when setting up server features. If GUI is needed by some and provided it should be optional. - QA?: I don't have much free time, but sure at least the packages I've been occationally contributing earlier, proposing new packages/features etc. - Anything else special? Nope, or wait, don't take my long posts (rants) too seriously if I happen to enter that mode! There is often a good point too, try to see the forest out of trees if that happens :) 6. Historical qualifications o What other project have you worked on in the past? - I've contributed some tiny fixes and added features mostly contributing directly to so developers past 15 years and built initial or improved some RPM packagaging since -96. Just to mention few packages lets say ethereal, nmap and scanssh, code submission I haven't much done last years, but there is still some code I wrote in SysVinit (see killall5.c), some of the hacks, proposals etc. I've done can be found from http://people.jyu.fi/~mesrik/rpms/ (The /~mesrik/ level doesn't seem to currently work, there is agan some strange problem with suexec and LDAP home directories ... you can see same page from http://www.cc.jyu.fi/~mesrik/ if there is a need) o What computer languages and other skills do you know? - I'm not really a programmer. I'm more data network & unix sysadmin. But I know fairly well all std Unix tools & programs and have 15+ years experience setting up and administering fairly big systems too. When I program nowadays it's mostly perl and some C (long time ago I've earned 7.5 years my living with coding C) but I don't do that as much these days. When contributing misellaneous bits and bobs some existing software usually the developer(s) has already chosen tools and languages & writing style which I need to adapt thus I've learned usually figure out my way to write other languages too :) BTW, more Python developed systems I've seen more interested I've become of it, but I can't really say I know it yet. o Why should we trust you? <--- too blunt? - Not too blunt at all, but I don't see a problem here. And if you don't you propably need to start removing few Linux/Unix packages ... been there done that already ;) 7. GPG KEYID and fingerprint pub 1024D/35B3B739 2002-06-09 Riku Meskanen Key fingerprint = B8D6 3817 3F8D 544F CEAC 6345 131B 734E 35B3 B739 sub 2048g/903B9B45 2002-06-09 Anything else just ask me, please. :-) riku ps. mesrik[AT]iki.fi is the same person ie. me. It's my private address if it's a interest of anyone. I used it once building a package while leave of absense. -- Riku Meskanen Systems Design Analyst Voice: +358 14 260 3580 University of Jyvaskyla / Computing Center Fax: +358 14 260 3611 P.O. Box 35 (MaD), FIN-40014 JYVASKYLAN YLIOPISTO, Finland From ms-nospam-0306 at arcor.de Mon Jan 5 19:51:42 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Mon, 5 Jan 2004 20:51:42 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF99B3B.6060300@get2net.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> Message-ID: <20040105205142.31c024fd.ms-nospam-0306@arcor.de> On Mon, 05 Jan 2004 18:13:31 +0100, Thomas M Steenholdt wrote: > Essentially - Core components should be contained in the core > distribution and I think that, antivirus > should be considered a core component, as you really need some kind of > virus defence on any server, That doesn't persuade me why a virus scanner (it's not an anti-virus!) should be a core component and not an optional add-on. Where Clamav is installed on a server to shield client systems which run that "other OS" from receiving virus-infected messages, this sounds as if it has a special target group, and hence an add-on is the right solution. > that serves either mail or file services to clients... Just like > spamassassin is included in the core! Well, SPAM is a platform independent problem. It makes sense to protect client/desktop end-user systems as well as servers from SPAM. > Also, until the "extras" goes "live" for real, I (perhaps out of > ignorance) don't feel that confident (please > comment on this) with the fedora.us packages as the download.fedora.com > ones?!? I can't comment on such a point of view because I don't understand it. Maybe you can explain a bit more what doesn't make you feel "confident". Maybe you have false expectations with regard to what a fully official Fedora Extras will offer. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From mesrik at cc.jyu.fi Mon Jan 5 20:01:53 2004 From: mesrik at cc.jyu.fi (Riku Meskanen) Date: Mon, 5 Jan 2004 22:01:53 +0200 (EET) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073326238.6652.55.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: On Mon, 5 Jan 2004, seth vidal wrote: > > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. > I don't think so. We have ~2M incoming mails a day on our currently 6 external mail-gw's and virus scanning (uvscan) is not that big problem, it does cause some load yes, but lot less than running spamassasin which is a hog :( > Moreover - if you are always protecting your users then they will never > learn. > I'm not that interested arguing about whether AV should be core package or not, but just a comment that today not having AV in servers isn't always any more *your* choice even if it earlier was. It depends the legistation and other istitution in place, you may well have to prove authorities that you have implemented adequate measures protecting customers and you peers from abuse that might take place from your site. If you don't and let's say a email spewing worm gets loose in your network (like Sven did on some ISP's) you may find yourself being ordered staying offline until you cleared the problem and giving compensation to (innocent) customers suffering being disconnected or denied SMTP service for some time. The Sonera, largest commerial ISP in Finland was last fall hit by this kind of issue. IMHO, you shouldn't rely single layer protection any more when it's a matter of security, AV or FW etc. Get some depth in your defence. It's better use both perimeter and host based measures to protect your services and users. If you have just either of these and that leaks wrong time for a reason or another, you're in deep *hit. Depending your position and where you work, relying on single layer and failing not to implement sane safety measures against SPoF (Single Point of Failures) can even cost you your job. So, given the current situation what it is. Majority of network users have a known sieve a.k.a windows? and once you have enough users the propability get higher someone failing to keep system patched and AV always up to date. If you don't like playing russian roulette -- you should use perimeter AV measures too. ?) Often and in practise it doesn't matter whose fault it is that windows is a sieve and what's the root cause of the problem. When *hit happens and user gets hit by a virus they will blame you that it came via your service and if you did nothing to stop it even you could have, it's not exactly good PR for your business. HTH, :-) riku -- [ This .signature intentionally left blank ] From davej at redhat.com Mon Jan 5 20:13:32 2004 From: davej at redhat.com (Dave Jones) Date: Mon, 5 Jan 2004 20:13:32 +0000 Subject: FC1 USB printer (110307) In-Reply-To: <20040105185041.GF22177@kroah.com> References: <20031216214059.GA696@devserv.devel.redhat.com> <20040105185041.GF22177@kroah.com> Message-ID: <20040105201332.GC21775@redhat.com> On Mon, Jan 05, 2004 at 10:50:41AM -0800, Greg KH wrote: > On Tue, Dec 16, 2003 at 04:40:59PM -0500, Pete Zaitcev wrote: > > This is taken by Greg and is "obviously correct", and it was on > > my 2.4 TODO list forever, but the bug requestor is not helping > > too much... Your call. Please let me know if you accept or reject > > so that I can advance the bug state into MODIFIED or WONTFIX. > > I second this, if that matters... This and the other USB patches will be in the errata going out today. Dave From warren at togami.com Mon Jan 5 20:14:55 2004 From: warren at togami.com (Warren Togami) Date: Mon, 05 Jan 2004 10:14:55 -1000 Subject: include much needed antivirus products in FC2 In-Reply-To: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> Message-ID: <3FF9C5BF.8060907@togami.com> Please try the clamav* packages in fedora.us and let us know how they work for you. Warren From warren at togami.com Mon Jan 5 20:17:31 2004 From: warren at togami.com (Warren Togami) Date: Mon, 05 Jan 2004 10:17:31 -1000 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF99B3B.6060300@get2net.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> Message-ID: <3FF9C65B.5040908@togami.com> Thomas M Steenholdt wrote: > Essentially - Core components should be contained in the core > distribution and I think that, antivirus > should be considered a core component, as you really need some kind of > virus defence on any server, > that serves either mail or file services to clients... Just like > spamassassin is included in the core! Generally antivirus is only a concern for protecting non-Linux hosts. For that reason most Linux users have little need for it, and I really don't feel it should go in the core. You really want Core to become 4 or 5 CD's? Instead Fedora server documentation can say "install clamav-this and clamav-that from Extras". > > Also, until the "extras" goes "live" for real, I (perhaps out of > ignorance) don't feel that confident (please > comment on this) with the fedora.us packages as the download.fedora.com > ones?!? > I can say with confidence that fedora.us Extras generally has very high package quality. Warren From warren at togami.com Mon Jan 5 20:22:36 2004 From: warren at togami.com (Warren Togami) Date: Mon, 05 Jan 2004 10:22:36 -1000 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040105190647.GA21902@osiris.silug.org> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <20040105190647.GA21902@osiris.silug.org> Message-ID: <3FF9C78C.3090706@togami.com> Steven Pritchard wrote: > On Mon, Jan 05, 2004 at 06:13:31PM +0100, Thomas M Steenholdt wrote: > >>Also, until the "extras" goes "live" for real, I (perhaps out of >>ignorance) don't feel that confident (please comment on this) with the >>fedora.us packages as the download.fedora.com ones?!? > > > Given how much of a pain in the ass it is to get a package accepted > into the fedora.us repository, I think you can safely assume that the > packages that are there are good. (Or at least have been beaten to > death by an appropriate number of knowledgeable people. ;) > > Steve I especially like the "beaten to death" part. =) Warren From tmus at get2net.dk Mon Jan 5 21:01:16 2004 From: tmus at get2net.dk (Thomas M Steenholdt) Date: Mon, 05 Jan 2004 22:01:16 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FF9C78C.3090706@togami.com> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <20040105190647.GA21902@osiris.silug.org> <3FF9C78C.3090706@togami.com> Message-ID: <3FF9D09C.9070003@get2net.dk> Warren Togami wrote: > Steven Pritchard wrote: > >> Given how much of a pain in the ass it is to get a package accepted >> into the fedora.us repository, I think you can safely assume that the >> packages that are there are good. (Or at least have been beaten to >> death by an appropriate number of knowledgeable people. ;) >> >> Steve > > > I especially like the "beaten to death" part. =) > > Warren > I guess it really doesn't matter where the different kinds of packages is placed. As long as the packages are high quality and maintained in a fashion so that you can rely on security bugs to be fixed and new versions of the various packages to be made available quickly after such a fix. I'm glad to hear that so many are feeling highly of the fedora.us packages and I'll be off to try them out for myself right now. Also a thing to try to follow through, would be, as stated somewhere, to invent some sort of mechanism to determine if as package should be in core or extras and then make sure all packages are moved around. Perhaps that would save space on the core distro, perhaps it won't, but it should at least provide a consistent fell across the entire fedora platform Thomas From lowen at pari.edu Mon Jan 5 21:39:29 2004 From: lowen at pari.edu (Lamar Owen) Date: Mon, 5 Jan 2004 16:39:29 -0500 Subject: Why KAME/racoon sucks (was: OpenSWAN ANNOUCEMENT) In-Reply-To: <1073185082.10221.675.camel@mentor.gurulabs.com> References: <1073153001.10221.50.camel@mentor.gurulabs.com> <200401031414.48038.lowen@pari.edu> <1073185082.10221.675.camel@mentor.gurulabs.com> Message-ID: <200401051639.29086.lowen@pari.edu> On Saturday 03 January 2004 09:58 pm, Dax Kelson wrote: > On Sat, 2004-01-03 at 12:14, Lamar Owen wrote: > > need this when the KAME stuff is working and works with 2.6? KAME being > > what RHEL is using, why would OpenSWAN be needed in Core (maybe in > Note that Openswan is the successor to Super FreeSWAN. I had already gathered that. > 2) Secure road warrior to HQ communication > I would say IPsec deployment for "2" clearly, clearly outweighs "1". > Basically, supporting road warriors is impossible with racoon or isakmp. I'm not necessarily interested in the Linux road warrior. I am, however, interested in smooth interoperability with Windows XP clients. So doing the DHCP over IKE is not needed, since the WinXP stuff uses PPP/L2TP to get the IP address, and PPP can use DHCP (with the ppp-dhcp plugin). Yes, I know the WinXP implementation is ugly. But when you are doing remote astronomy where the Windows software is king, you interoperate or you don't operate. Racoon seems to be significatly easier to configure, however. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu From lees_lists at hotmail.com Mon Jan 5 21:44:51 2004 From: lees_lists at hotmail.com (lee connell) Date: Mon, 05 Jan 2004 16:44:51 -0500 Subject: GNOME - Adding items to menus Message-ID: I am using GNOME 2.4 on RedHat9 and Fedora Core. I cannot edit menu items, like changing path's or icons because i get an error saying read-only file-system. I also cannot add menu items because it says unsupported request. This is from a clean install on both distros. Any ideas? Thanks _________________________________________________________________ Working moms: Find helpful tips here on managing kids, home, work ? and yourself. http://special.msn.com/msnbc/workingmom.armx From nhruby at uga.edu Mon Jan 5 21:50:25 2004 From: nhruby at uga.edu (nathan r. hruby) Date: Mon, 5 Jan 2004 16:50:25 -0500 (EST) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073326238.6652.55.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: On Mon, 5 Jan 2004, seth vidal wrote: > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. > I do that. Works fine for me :) Granted, when there's a virus attack and we get 4000 viri an hour, that tends to make some load and that scanning doesn't happen on the same machine where mail eventually lives so there's less user visible performance impact. > Moreover - if you are always protecting your users then they will never > learn. There's a diff between learning and having common sense. Users may learn to install av, and in fact may even remember to update it once in a while. But email to them is higher priority then AV so they'll tend to connect and read email before doing updates which means they get the newest viri before the newest updates (this is the downside of auto-updating.. people tend to forget about it and assume that they're always covered not thinking about what the update schedule is). -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From smoogen at lanl.gov Mon Jan 5 22:29:37 2004 From: smoogen at lanl.gov (Stephen Smoogen) Date: Mon, 5 Jan 2004 15:29:37 -0700 (MST) Subject: include much needed antivirus products in FC2 In-Reply-To: <01cd01c3d3bb$7db93260$e2e8b1d8@adam12> Message-ID: On Mon, 5 Jan 2004, Adam Debus wrote: >> >> Try this sometime - process 100000+ pieces of mail a day and see if AV >> scanning doesn't add much load? AV scanning centrally does NOT scale. >> >> Moreover - if you are always protecting your users then they will never >> learn. >> > > Yeah, we tried that, in the end we discovered that it cost us much less >to add another box to the mail cluster and scan the half a million mail >messages a day instead of dealing with the support costs every time the >latest mail worm came out, and everyone still hadn't patched their outlook >express from the last worm. (which we ended up oursourcing, but that was for >political reasons). Same thing I have found in any large setting. THe costs of putting anti-virus software on over 100 desktops in time, effort, extra sysadmins, and a dozen other things... makes centralizing it better. -- Stephen John Smoogen smoogen at lanl.gov Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- From skvidal at phy.duke.edu Mon Jan 5 22:36:34 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 17:36:34 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: References: Message-ID: <1073342193.8527.23.camel@opus> > Same thing I have found in any large setting. THe costs of putting > anti-virus software on over 100 desktops in time, effort, extra > sysadmins, and a dozen other things... makes centralizing it better. You have to have AV on the clients ANYWAY b/c email is not the only vector for viruses. So you're not benefited by centralizing, you're just taking care of it in two places. -sv From Nicolas.Mailhot at laPoste.net Mon Jan 5 22:40:45 2004 From: Nicolas.Mailhot at laPoste.net (Nicolas Mailhot) Date: Mon, 05 Jan 2004 23:40:45 +0100 Subject: rawhide In-Reply-To: <1073325078.3690.3.camel@LORDLINUX.global.shsystem.org> References: <1073325078.3690.3.camel@LORDLINUX.global.shsystem.org> Message-ID: <1073342445.5091.2.camel@m222.net81-64-248.noos.fr> Le lun 05/01/2004 ? 18:51, Mark Guzzo a ?crit : > Please don't hurt me for such a dumb question. > But can someone please tell me what I need in the yum.conf file to get > at RAWHIDE. I've been looking all over and I can't seem to find any > info. For example: [fedora-core-devel] name=Fedora Core (development: Rawhide) baseurl=ftp://mirror.cs.princeton.edu/pub/mirrors/fedora/linux/core/development/i386 ftp://download.fedora.redhat.com/pub/fedora/linux/core/development/i386 ftp://ftp.dc.aleron.net/pub/linux/fedora/linux/core/development/i386 ftp://ftp.uninett.no/pub/linux/Fedora/core/development/i386 ftp://ftp.linux.ee/mount/noa-hdb/mirror/fedora/linux/core/development/i386 ftp://ftp.heanet.ie/mirrors/download.fedora.redhat.com/pub/fedora/linux/core/development/i386 gpgcheck=0 failovermethod=priority Cheers, -- Nicolas Mailhot -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Ceci est une partie de message num?riquement sign?e. URL: From smoogen at lanl.gov Mon Jan 5 22:43:54 2004 From: smoogen at lanl.gov (Stephen Smoogen) Date: Mon, 5 Jan 2004 15:43:54 -0700 (MST) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073324763.6652.51.camel@opus> Message-ID: On 5 Jan 2004, seth vidal wrote: >On Mon, 2004-01-05 at 12:44, Adam Debus wrote: >> Because many linux machines are used as mail servers, and if you can stop >> the virus/worm before it gets to a windows box... >> > >Then you're inappropriately increasing the load on a central machine >rather than decentralizing scanning to the desktop windows machine, >where it belongs. >From what I can tell with our anti-virus scanning programs.. we have a much higher load with SPAM checkin stuff than we do with finding viruses. The 3 virus checking software deal with several million emails a day. Turning off the virus checking did not lower the load average any noticeble amount as more was taken up with IO than CPU computation. -- Stephen John Smoogen smoogen at lanl.gov Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- From rhl at reachone.com Mon Jan 5 22:46:44 2004 From: rhl at reachone.com (Adam Debus) Date: Mon, 5 Jan 2004 14:46:44 -0800 Subject: include much needed antivirus products in FC2 References: <1073342193.8527.23.camel@opus> Message-ID: <046001c3d3dd$cb3335f0$e2e8b1d8@adam12> > > > Same thing I have found in any large setting. THe costs of putting > > anti-virus software on over 100 desktops in time, effort, extra > > sysadmins, and a dozen other things... makes centralizing it better. > > You have to have AV on the clients ANYWAY b/c email is not the only > vector for viruses. > > So you're not benefited by centralizing, you're just taking care of it > in two places. Sure, but at least then I know that at least part of my bases are covered. From the standpoint of an ISP, I don't care what virii my customers get as long as it doesn't impact other customers. So, if they get a virus from downloading something off download.com, odds are all it's going to do is corrupt a few files, perhaps the MBR, generally those aren't self-propigating. It's the e-mail and windows RPC worms that I'm concerned about - and I can take care of the most of that by having AV on my e-mail server, and port blocks on my routers (and just for the record, we've had blocks on 137 etc, for months, and while we get no complaints about it being there, we still get hit - internally and externally - hundreds of thousands of times a day - and that's after e-mails and calls to customers trying to get them to patch up.) Thanks, Adam Debus Network Engineer, ReachONE Internet adam at reachone.com From smoogen at lanl.gov Mon Jan 5 22:50:09 2004 From: smoogen at lanl.gov (Stephen Smoogen) Date: Mon, 5 Jan 2004 15:50:09 -0700 (MST) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073342193.8527.23.camel@opus> Message-ID: On 5 Jan 2004, seth vidal wrote: > >> Same thing I have found in any large setting. THe costs of putting >> anti-virus software on over 100 desktops in time, effort, extra >> sysadmins, and a dozen other things... makes centralizing it better. > >You have to have AV on the clients ANYWAY b/c email is not the only >vector for viruses. > >So you're not benefited by centralizing, you're just taking care of it >in two places. > And defense in depth is a bad thing? For the last couple of years, the primary vector for virus's has been via email. By having the virus scanning on the incoming servers, we have reduced the need to update 10,000 desktops in 1-2 hours to 24-48 hours when a new virus definition comes out. That was all the difference between low problem to no-sleep for a week on the various worms that came out this year. In the end, this argument is more about how to pronounce tomato, but seems to be like we are questioning each others religous choices. Some of us kneel, some of us dont, and some say its somebody elses problem :). -- Stephen John Smoogen smoogen at lanl.gov Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- From skvidal at phy.duke.edu Mon Jan 5 22:54:33 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 17:54:33 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: References: Message-ID: <1073343273.8527.31.camel@opus> > And defense in depth is a bad thing? When the cost is high defense in depth is just duplication of effort. If you're hosts are nicely firewalled is there a real point to site-wide firewalling? Same thing really. It's about distributed computing versus centralized. and it's about scalable systems mgmt. If you can't control the client workstation then you're right, you have to centralize. But if you can control the clients then there shouldn't be a problem distributing the scanning load to them. my take. -sv From smoogen at lanl.gov Mon Jan 5 23:03:16 2004 From: smoogen at lanl.gov (Stephen Smoogen) Date: Mon, 5 Jan 2004 16:03:16 -0700 (MST) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073343273.8527.31.camel@opus> Message-ID: On 5 Jan 2004, seth vidal wrote: > >> And defense in depth is a bad thing? > >When the cost is high defense in depth is just duplication of effort. >If you're hosts are nicely firewalled is there a real point to site-wide >firewalling? Same thing really. It's about distributed computing versus >centralized. and it's about scalable systems mgmt. If you can't control >the client workstation then you're right, you have to centralize. But if >you can control the clients then there shouldn't be a problem >distributing the scanning load to them. >my take. > Well for a small environment I would agree. However, anytime you get over 100 hosts.. I have found that someone is going to break out of the little shell you placed in them because they know better... and sadly you cant bury the miscreants bodies fast enough when the number of hosts gets above 1000. [Yes I am going to have to give up my founding BOFH badge for saying that...] Either way.. this is a problem of Enterprise versus small environments. An enterprise environment cant trust the users because they are always too many of them and not enough sticks. A smaller environment.. the fear of the electric cattleprod is always there to keep people in line (ha). Since Fedora isnt aimed at the enterprise market... I would say that the anti-virus is probably something to be aimed at for extras. [So I agree with Seth in some ways.. just not all.] -- Stephen John Smoogen smoogen at lanl.gov Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- From Nicolas.Mailhot at laPoste.net Mon Jan 5 23:10:19 2004 From: Nicolas.Mailhot at laPoste.net (Nicolas Mailhot) Date: Tue, 06 Jan 2004 00:10:19 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073343273.8527.31.camel@opus> References: <1073343273.8527.31.camel@opus> Message-ID: <1073344219.7084.5.camel@m222.net81-64-248.noos.fr> Le lun 05/01/2004 ? 23:54, seth vidal a ?crit : > > And defense in depth is a bad thing? > > When the cost is high defense in depth is just duplication of effort. > If you're hosts are nicely firewalled is there a real point to site-wide > firewalling? Because local firewalls are taken down sometimes. Which opens exploit windows. Extreme redundancy is bad and wasteful. Minimal redundancy OTOH is just another way to recognise s* happens, so you're better of planning for it. Cheers, -- Nicolas Mailhot -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Ceci est une partie de message num?riquement sign?e. URL: From skvidal at phy.duke.edu Mon Jan 5 23:12:19 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 05 Jan 2004 18:12:19 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073344219.7084.5.camel@m222.net81-64-248.noos.fr> References: <1073343273.8527.31.camel@opus> <1073344219.7084.5.camel@m222.net81-64-248.noos.fr> Message-ID: <1073344338.8527.35.camel@opus> On Mon, 2004-01-05 at 18:10, Nicolas Mailhot wrote: > Le lun 05/01/2004 ?? 23:54, seth vidal a ??crit : > > > And defense in depth is a bad thing? > > > > When the cost is high defense in depth is just duplication of effort. > > If you're hosts are nicely firewalled is there a real point to site-wide > > firewalling? > > Because local firewalls are taken down sometimes. Which opens exploit > windows. Extreme redundancy is bad and wasteful. Minimal redundancy OTOH > is just another way to recognise s* happens, so you're better of > planning for it. > As I said in my initial claim - if you have control over the clients, then that's not a problem, really. You can't always have belts and suspenders. -sv From alan at redhat.com Mon Jan 5 23:19:02 2004 From: alan at redhat.com (Alan Cox) Date: Mon, 5 Jan 2004 18:19:02 -0500 Subject: RHL9/FC1 USB storage 3 (110872) In-Reply-To: <20031216220806.GD696@devserv.devel.redhat.com> References: <20031216220806.GD696@devserv.devel.redhat.com> Message-ID: <20040105231902.GA10805@devserv.devel.redhat.com> On Tue, Dec 16, 2003 at 05:08:06PM -0500, Pete Zaitcev wrote: > It is not in upstream, although it seems clear like day to me. > In fact, I ask you to take it regardless of Matt Dharm's approval. Are there any patches worth trying for the uniprocessor USB storage write hangs btw ? From cra at WPI.EDU Mon Jan 5 23:19:23 2004 From: cra at WPI.EDU (Charles R. Anderson) Date: Mon, 5 Jan 2004 18:19:23 -0500 Subject: Self-Introduction: Charles R. Anderson Message-ID: <20040105231923.GG6778@angus.ind.WPI.EDU> 1. Charles R. Anderson 2. USA, Worcester, MA 3. Network Engineer 4. WPI 5. Your goals in the Fedora Project * Which packages do you want to see published? . updated net-snmp w/perl support . updated dhcp packages suitable for failover support . nagios, CMU NetReg, rrdtool, cricket, mrtg . IPv6 support in more apps . network-related work with e.g. link detection, IPsec... . alsa, more multimedia apps (with IP multicast support) . kegs (Kent's Emulated GS) and other emulator tools . koules and xboing (anyone up for network koules? :) * Do you want to do QA? Yes. * Anything else special? My main interests are in packaging, QA, testing, tools/infrastructure/admin, rather than coding/debugging. However, I'd feel at home coding in Perl. I'm interested in Legacy only to support my couple of remaining 7.3 boxes for as long as they stay that way, and possibly 7.2/Alpha and Aurora SPARC as time permits. 6. Historical qualifications * What other projects have you worked on in the past? . Aurora SPARC Linux . I've been packaging ISC dhcp RPM's for three years: http://www.isc.org/products/DHCP/ . CMU NetReg: http://www.net.cmu.edu/netreg/ . LANdb: http://landb.sourceforge.net/ . Autostatus: http://www.angio.net/consult/autostatus/ * What computer languages and other skills do you know? . C, C++, Assembly, Scheme . Perl, Awk, Sed, C Shell, Bourne Shell, Expect . Networking and systems administration * Why should we trust you? <--- too blunt? That's for the community to decide... I've been a RHL user since 1996/RHL 4.0 or so. I've done a lot of RPM packaging, informally published on ftp://angus.ind.wpi.edu/pub/cra-contrib. I've participated in RHL betas and the mirror process. 7. GPG KEYID and fingerprint pub 1024D/49BB5886 2001-04-11 Charles R. Anderson Key fingerprint = EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886 sub 2048g/B0817A13 2001-04-11 From alan at redhat.com Mon Jan 5 23:31:15 2004 From: alan at redhat.com (Alan Cox) Date: Mon, 5 Jan 2004 18:31:15 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073324763.6652.51.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> Message-ID: <20040105233115.GD10805@devserv.devel.redhat.com> On Mon, Jan 05, 2004 at 12:46:03PM -0500, seth vidal wrote: > On Mon, 2004-01-05 at 12:44, Adam Debus wrote: > > Because many linux machines are used as mail servers, and if you can stop > > the virus/worm before it gets to a windows box... > > > > Then you're inappropriately increasing the load on a central machine > rather than decentralizing scanning to the desktop windows machine, > where it belongs. You are making all sorts of dubious assumptions about the ability to manage the decentralised boxes, that two layers of security is not good value, that you don't want a central monitor of attack activity and so on. From alan at redhat.com Mon Jan 5 23:34:32 2004 From: alan at redhat.com (Alan Cox) Date: Mon, 5 Jan 2004 18:34:32 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073326238.6652.55.camel@opus> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> Message-ID: <20040105233432.GE10805@devserv.devel.redhat.com> On Mon, Jan 05, 2004 at 01:10:38PM -0500, seth vidal wrote: > Try this sometime - process 100000+ pieces of mail a day and see if AV > scanning doesn't add much load? AV scanning centrally does NOT scale. AV scanning is an embarrasingly parallel problem, of course it scales. You might need a few more el cheapo pc engines thats all. > Moreover - if you are always protecting your users then they will never > learn. I'll quote a former manager who shall remain nameless for his own safety, when we had similar arguments long ago... "They aren't paid to learn, they are paid to answer the phone" Think about it with a business hat on 8) Alan From lowen at pari.edu Tue Jan 6 00:01:15 2004 From: lowen at pari.edu (Lamar Owen) Date: Mon, 5 Jan 2004 19:01:15 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073342193.8527.23.camel@opus> References: <1073342193.8527.23.camel@opus> Message-ID: <200401051901.15502.lowen@pari.edu> On Monday 05 January 2004 05:36 pm, seth vidal wrote: > > Same thing I have found in any large setting. THe costs of putting > > anti-virus software on over 100 desktops in time, effort, extra > > sysadmins, and a dozen other things... makes centralizing it better. > You have to have AV on the clients ANYWAY b/c email is not the only > vector for viruses. > So you're not benefited by centralizing, you're just taking care of it > in two places. Ah, but you are so wrong. If I scan at the e-mail gateways, I accomplish at least these seven things: 1.) I protect outgoing mail for outside people, thus limiting the spread of worms if and when the desktop does get compromised; 2.) Because of 1, I limit my liability exposure if one of my users infects someone outside with a bad worm; 3.) Well over 99.99% of viruses come in via e-mail; 4.) Scanning and stripping the executable reduces my users' POP/IMAP bandwidths; some of these guys are using IPsec over dialup, where every 150K windows worm eats time (and those 150K worms add up fast, when over a thousand per hour are traversing the incoming e-mail gateway! (which has happened a couple of times here)) : the desktop-based scanner still has to download the e-mail; 5.) Stripping ALL executable attachements (using MIMEDefang, MailScanner, Sophos MailMonitor (which can just simply delete executable attachments out of hand as well as scanning them), or other tool of choice) protects against many unknown viruses and Trojans; 6.) Installing an e-mail gateway scanner is very little effort and very little cost; 7.) E-mail scanning has massive bang-for-the-buck: what viruses are left that come in other ways probably (not always) will be isolated incidents; an e-mail worm can propagate like wildfire (not always true, but almost always true) and quickly swamp response teams, because e-mail worms never come in one at a time.... Further, with Sophos Enterprise Manager you can have centralized desktop scanner updates and management (as I'm sure NAV Enterprise also allows), which gives you the best of both worlds. Belt and suspenders aren't necessarily expensive. Lack of either can produce embarassment and extreme effort to correct exposure. But if I had to choose between the two, I'd choose to use e-mail scanning and then take draconian security policies at the desktop level. A good NIDS can be trained to recognize network viruse propagation, and simple file integrity tools can help with the desktop situation. Eliminating floppies, disallowing users from installing software, etc, all help control the very few non-e-mail viruses in the wild. But it's best to have both. Likewise, I have multiple layers of firewalling; ATM enforced ELAN segregation, IP rules, and something like ZoneAlarm on each desktop are what I use, in addition to the border gateway. While I won't say it's perfect, it is useful. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu From zaitcev at redhat.com Tue Jan 6 00:27:08 2004 From: zaitcev at redhat.com (Pete Zaitcev) Date: Mon, 5 Jan 2004 19:27:08 -0500 Subject: RHL9/FC1 USB storage 3 (110872) In-Reply-To: <20040105231902.GA10805@devserv.devel.redhat.com> References: <20031216220806.GD696@devserv.devel.redhat.com> <20040105231902.GA10805@devserv.devel.redhat.com> Message-ID: <20040106002708.GA4583@devserv.devel.redhat.com> On Mon, Jan 05, 2004 at 06:19:02PM -0500, Alan Cox wrote: > On Tue, Dec 16, 2003 at 05:08:06PM -0500, Pete Zaitcev wrote: > > It is not in upstream, although it seems clear like day to me. > > In fact, I ask you to take it regardless of Matt Dharm's approval. > > Are there any patches worth trying for the uniprocessor USB storage write hangs > btw ? Assuming 2.4, I do not know of any. Everything I fixed was a disconnect racing. OTOH if your write causes a disconnect, that may at least fix the hang (won't fix the failed write). It can be checked by running with 'echo 8 >/proc/sys/kernel/printk' and on text VT. If there's a disconnect message, try the today's update DaveJ mentioned. Otherwise, send me symptoms off-list. I'll see what I can do about it. SCT reported hard hangs when a camera lost power, I thought these patches might help. I didn't hear from him in a while though. -- Pete From skvidal at phy.duke.edu Tue Jan 6 00:46:27 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 19:46:27 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040105233115.GD10805@devserv.devel.redhat.com> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> Message-ID: <1073349986.11668.2.camel@binkley> > You are making all sorts of dubious assumptions about the ability to manage the > decentralised boxes, that two layers of security is not good value, that you don't > want a central monitor of attack activity and so on. Actually, the crux of this argument was whether AV software should be in Fedora Core. Additionally I think scanning all mail for something which only affects some of the systems is: 1. enabling users to use unsafe programs 2. encouraging continued questionable practices 3. increasing the workload by duplicating effort. - spend more time making your client control efforts work and less time upgrading the virus definitions on your mail server -sv From cbhoh at mimos.my Tue Jan 6 00:46:42 2004 From: cbhoh at mimos.my (Chee Bin HOH) Date: 06 Jan 2004 08:46:42 +0800 Subject: GNOME - Adding items to menus In-Reply-To: References: Message-ID: <1073350002.29202.267.camel@ivest48.nat.mimos.my> For RD9, you can still add menu items to existing menu folder, but you can not add new menu (folder). You can edit /etc/gnome-vfs-2.0/modules/default-modules.conf to make it editable. If you look at /etc/gnome-vfs-2.0/modules/default-modules.conf, you will see that a few vfolder destkop method (applications:, all-applications, etc) are using libvfolder-desktop-old.so, which makes adding new menu fail. You will find /etc/gnome-vfs-2.0/modules/default-modules.conf.with-menu-editing in the same directory, just make a backup copy of /etc/gnome-vfs-2.0/modules/default-modules.conf, then rename default-modules.conf.with-menu-editing to default-modules.conf. the library libvfolder-destkop.so uses in `default-modules.conf.with-menu-editing` is the correct one to make adding menu possible. regards, HOH On Tue, 2004-01-06 at 05:44, lee connell wrote: > I am using GNOME 2.4 on RedHat9 and Fedora Core. I cannot edit menu items, > like changing path's or icons because i get an error saying read-only > file-system. I also cannot add menu items because it says unsupported > request. This is from a clean install on both distros. Any ideas? > > Thanks > > _________________________________________________________________ > Working moms: Find helpful tips here on managing kids, home, work and > yourself. http://special.msn.com/msnbc/workingmom.armx > From skvidal at phy.duke.edu Tue Jan 6 00:49:13 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 19:49:13 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040105233432.GE10805@devserv.devel.redhat.com> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> <20040105233432.GE10805@devserv.devel.redhat.com> Message-ID: <1073350153.11668.6.camel@binkley> > AV scanning is an embarrasingly parallel problem, of course it scales. You might > need a few more el cheapo pc engines thats all. It's curious - but farming it out and still keeping mail delivery to a reasonable time has not shown to have much success. > I'll quote a former manager who shall remain nameless for his own safety, > when we had similar arguments long ago... > > "They aren't paid to learn, they are paid to answer the phone" > > Think about it with a business hat on 8) I think about it with a sysadmin hat on. And I work in academia. There are those of us who give a crap about educating and making better users out of what we have. I make a point to not enable-users to pick up bad habits. Viewing the world of the internet as something that someone else will protect you from is one of those bad habits. To quote a fictional character of the magical persuasion: CONSTANT VIGILANCE! :) -sv From skvidal at phy.duke.edu Tue Jan 6 00:55:48 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 19:55:48 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <200401051901.15502.lowen@pari.edu> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> Message-ID: <1073350547.11668.13.camel@binkley> > Ah, but you are so wrong. And yet I don't think I am, how funny. :) > If I scan at the e-mail gateways, I accomplish at least these seven things: > 1.) I protect outgoing mail for outside people, thus limiting the spread of > worms if and when the desktop does get compromised; If your workstations are patched and kept patched in an automated way aren't you doing this as well? Is it likely your server will be patched before the workstation? If so. why? Why not have the same infrastructure for supplying updates to both? And if you have it for both, why not just leave it on the place where the infection occurs? > 2.) Because of 1, I limit my liability exposure if one of my users infects > someone outside with a bad worm; liability to what? I've forgotten when was the last lawsuit for 'internet worm ravages the world"? > 3.) Well over 99.99% of viruses come in via e-mail; Wow is that a real statistic or did you pick it fresh out of the air? > 4.) Scanning and stripping the executable reduces my users' POP/IMAP > bandwidths; some of these guys are using IPsec over dialup, where every 150K > windows worm eats time (and those 150K worms add up fast, when over a > thousand per hour are traversing the incoming e-mail gateway! (which has > happened a couple of times here)) : the desktop-based scanner still has to > download the e-mail; This is an argument I can understand. But I don't have any of those users and I hope that dial up users are slowly slowly slowly diminishing from existence. I know they're not but I like to pretend :) > 5.) Stripping ALL executable attachements (using MIMEDefang, MailScanner, > Sophos MailMonitor (which can just simply delete executable attachments out > of hand as well as scanning them), or other tool of choice) protects against > many unknown viruses and Trojans; And gets a fair number of false positives but... > 6.) Installing an e-mail gateway scanner is very little effort and very little > cost; Depending on your mail volume. > 7.) E-mail scanning has massive bang-for-the-buck: what viruses are left that > come in other ways probably (not always) will be isolated incidents; an > e-mail worm can propagate like wildfire (not always true, but almost always > true) and quickly swamp response teams, because e-mail worms never come in > one at a time.... Again, depending on your volume. > Further, with Sophos Enterprise Manager you can have centralized desktop > scanner updates and management (as I'm sure NAV Enterprise also allows), > which gives you the best of both worlds. And it only costs $8trillion. Seriously sophos is prohibitively expensive and closed source, and provides their own perl and, and, and, and.... it's not something I'll be using anytime soon. -sv From cra at WPI.EDU Tue Jan 6 01:06:18 2004 From: cra at WPI.EDU (Charles R. Anderson) Date: Mon, 5 Jan 2004 20:06:18 -0500 Subject: default yum configuration for Legacy Message-ID: <20040106010618.GH6778@angus.ind.WPI.EDU> Should the yum service default to on or off? Should the yum.conf exclude kernels by default? I think auto updates should be off by default, and kernels should be excluded by default, just as it is in up2date. What are people's opinions on this? From mike.dickson at earthlink.net Tue Jan 6 01:10:11 2004 From: mike.dickson at earthlink.net (Michael Dickson) Date: Mon, 05 Jan 2004 20:10:11 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073350547.11668.13.camel@binkley> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> Message-ID: <1073351410.12447.1.camel@localhost.lexinomics.com> While I've found this interesting reading it seems the points have been made (multiple times). Any chance this could be taken off list? Mike On Mon, 2004-01-05 at 19:55, seth vidal wrote: > > Ah, but you are so wrong. > And yet I don't think I am, how funny. > :) From skvidal at phy.duke.edu Tue Jan 6 01:12:42 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 20:12:42 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073351410.12447.1.camel@localhost.lexinomics.com> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> <1073351410.12447.1.camel@localhost.lexinomics.com> Message-ID: <1073351562.11668.19.camel@binkley> On Mon, 2004-01-05 at 20:10, Michael Dickson wrote: > While I've found this interesting reading it seems the points have been > made (multiple times). Any chance this could be taken off list? > I've got no problem with that :) sorry for the redundancy. -sv From Axel.Thimm at physik.fu-berlin.de Tue Jan 6 01:20:35 2004 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue, 6 Jan 2004 02:20:35 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073349986.11668.2.camel@binkley> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> <1073349986.11668.2.camel@binkley> Message-ID: <20040106012035.GC5267@neu.nirvana> On Mon, Jan 05, 2004 at 07:46:27PM -0500, seth vidal wrote: > > > You are making all sorts of dubious assumptions about the ability to manage the > > decentralised boxes, that two layers of security is not good value, that you don't > > want a central monitor of attack activity and so on. > > Actually, the crux of this argument was whether AV software should be in > Fedora Core. > > Additionally I think scanning all mail for something which only affects > some of the systems is: > 1. enabling users to use unsafe programs > 2. encouraging continued questionable practices > 3. increasing the workload by duplicating effort. > - spend more time making your client control efforts work and less > time upgrading the virus definitions on your mail server That argument seems to be inversed. Unless you have a very small amount of clients, you are always better off doing it serverside. Or do you really chase your Laptop users to upgrade their systems? -- Axel.Thimm at physik.fu-berlin.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From skvidal at phy.duke.edu Tue Jan 6 01:21:46 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 20:21:46 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040106012035.GC5267@neu.nirvana> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> <1073349986.11668.2.camel@binkley> <20040106012035.GC5267@neu.nirvana> Message-ID: <1073352105.11668.22.camel@binkley> > That argument seems to be inversed. Unless you have a very small > amount of clients, you are always better off doing it serverside. > or unless you have very good virus signature updating systems or very good control. > Or do you really chase your Laptop users to upgrade their systems? The laptops I support run Linux. Not windows so it's not an issue. But moreover you still haven't solved the virus problem by blocking ONLY at the mail server. Remember all the ms messenger worm propagation? So it sounds like you're still chasing down your windows workstations and laptops... -sv From Axel.Thimm at physik.fu-berlin.de Tue Jan 6 01:29:33 2004 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue, 6 Jan 2004 02:29:33 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073350153.11668.6.camel@binkley> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <016801c3d3b5$49c8bee0$e2e8b1d8@adam12> <1073326238.6652.55.camel@opus> <20040105233432.GE10805@devserv.devel.redhat.com> <1073350153.11668.6.camel@binkley> Message-ID: <20040106012933.GD5267@neu.nirvana> On Mon, Jan 05, 2004 at 07:49:13PM -0500, seth vidal wrote: > > AV scanning is an embarrasingly parallel problem, of course it > > scales. You might need a few more el cheapo pc engines thats all. > > It's curious - but farming it out and still keeping mail delivery to > a reasonable time has not shown to have much success. You must be doing something wrong, it is one of the best scaling problems, both in theory and practice. > > I'll quote a former manager who shall remain nameless for his own > > safety, when we had similar arguments long ago... > > > > "They aren't paid to learn, they are paid to answer the phone" > > > > Think about it with a business hat on 8) > > I think about it with a sysadmin hat on. And I work in > academia. There are those of us who give a crap about educating and > making better users out of what we have. > > I make a point to not enable-users to pick up bad habits. > > Viewing the world of the internet as something that someone else will > protect you from is one of those bad habits. > > To quote a fictional character of the magical persuasion: CONSTANT > VIGILANCE! > :) Please let the poor physicians and other acedemic staff do their job instead of updating their workstations. You have been hired as a sysadmin to make their life easier and protect them from the evil. While I'm not fond of a policy state, I'd prefer the police watching over the villains than teaching me kung fu ;) (or having me buy a gun, which is the sad analogon ...) -- Axel.Thimm at physik.fu-berlin.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From steve at rueb.com Tue Jan 6 01:33:24 2004 From: steve at rueb.com (Steve Bergman) Date: Mon, 05 Jan 2004 19:33:24 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073351410.12447.1.camel@localhost.lexinomics.com> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> <1073351410.12447.1.camel@localhost.lexinomics.com> Message-ID: <1073352803.32441.24.camel@localhost.localdomain> On Mon, 2004-01-05 at 19:10, Michael Dickson wrote: > While I've found this interesting reading it seems the points have been > made (multiple times). Not all of the points have been made. For example, not once during the thread did anyone address the question of whether the *users*, as opposed to *developers*, of Fedora would want AV included. As a user, I find that a bit disappointing. And by the way, as a user, I *would* like to have AV available to me in FC2 for my mail servers. From skvidal at phy.duke.edu Tue Jan 6 01:38:30 2004 From: skvidal at phy.duke.edu (seth vidal) Date: Mon, 05 Jan 2004 20:38:30 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073352803.32441.24.camel@localhost.localdomain> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> <1073351410.12447.1.camel@localhost.lexinomics.com> <1073352803.32441.24.camel@localhost.localdomain> Message-ID: <1073353109.11668.33.camel@binkley> On Mon, 2004-01-05 at 20:33, Steve Bergman wrote: > On Mon, 2004-01-05 at 19:10, Michael Dickson wrote: > > While I've found this interesting reading it seems the points have been > > made (multiple times). > > Not all of the points have been made. For example, not once during the > thread did anyone address the question of whether the *users*, as > opposed to *developers*, of Fedora would want AV included. > > As a user, I find that a bit disappointing. > > And by the way, as a user, I *would* like to have AV available to me in > FC2 for my mail servers. Available is not the same as IN core. clamav is at fedora.us now. I'm sure amavisd-ng could be made available there too. but I don't see a reason for it to be in core. it's available. -sv From steve at rueb.com Tue Jan 6 02:10:25 2004 From: steve at rueb.com (Steve Bergman) Date: Mon, 05 Jan 2004 20:10:25 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073353109.11668.33.camel@binkley> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> <1073351410.12447.1.camel@localhost.lexinomics.com> <1073352803.32441.24.camel@localhost.localdomain> <1073353109.11668.33.camel@binkley> Message-ID: <1073355025.32441.41.camel@localhost.localdomain> On Mon, 2004-01-05 at 19:38, seth vidal wrote: > > Available is not the same as IN core. > That's why I said 'in' FC2. FC1 contains at least 3 graphical web browsers, at least 5 or 6 text editors, 2 ENTIRE desktop environments, graphical toolkits out the wazoo, multiple mail clients, a couple of sound daemons, at least a couple of CD rippers, at least 2 pdf viewers, a couple of postscript viewers, 2 office suites with assorted stems and pieces, and NO email virus scanning solution. I'm all for slimming down by cutting out the needless duplication. But rejecting packages to the point of missing *functionality* is a different matter. From linuxproject at aws-sj.com Tue Jan 6 02:50:48 2004 From: linuxproject at aws-sj.com (Casey Price) Date: Mon, 5 Jan 2004 18:50:48 -0800 (PST) Subject: Essential Packages Message-ID: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> I think it would be nice if the Core could be slimmed down to 2 cds opposed to 3, just for convenience sake. It seems the main discussion here has been about the Core size and whether or not anti-virus should be included in the Core. I think that it would be nice to have the "core" of the Core composed of the necessities required for the average user on the first 2 cds, and on a 3 or 4 you could call that the "Core Extras Disk". This disk would contain other handy utilities and packages that aren't essential, but that would be nice such as anti-virus. I think what sv has been trying to say is that this distro is not just a server os, its going to be used on laptops, workstations, etc...and that AV isn't necessarily a core component of an operating system. In reality, most os' don't ship with any AV, thats the reason the AV companies make their money. It would be very easy for Fedora Core to turn into a huge bloated distribution, not that would be that bad...it would just be a pain maintaining it and downloading everything needed to get up and running, and would come with much more than someone needs. The user doesn't need more options than they know what to do with. They need a functioning distro that contains what they need and not a ton of extra things that they will likely use. So in the big picture I think that a cd filled with extra components would be the best option for everyone. -- Casey Price From tcallawa at redhat.com Tue Jan 6 02:56:34 2004 From: tcallawa at redhat.com (Tom 'spot' Callaway) Date: Mon, 05 Jan 2004 20:56:34 -0600 Subject: Essential Packages In-Reply-To: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> References: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> Message-ID: <1073357794.22653.344.camel@zorak> On Mon, 2004-01-05 at 20:50, Casey Price wrote: > In reality, most os' don't ship > with any AV, thats the reason the AV companies make their money. Arguably, its because OS vendors don't want to be in the AV business. Designing intelligent virus detection routines is a non-trivial task that never really ends. An AV suite is only as good as the viruses it detects, and keeping virus definition files current is vital. These reasons are why the major players in the AV space have almost exactly remained the same for the last 10 years (maybe longer?). I think counting installation CDs is pointless. Media is cheap, disk is cheap, bandwidth is cheap, and they're only getting cheaper. We shouldn't use that as an excuse to bloat the distribution, but its not the right approach to come at it. I think the Core should be a framework, containing the basic tools and technologies to cover the majority of general purpose uses. I think the Core is more than Base (bash, kernel, glibc, etc), but not much more than is needed for the user to use yum or up2date to customize it to their liking. Users want package availability with the click of a mouse, which is why Debian and Gentoo are so popular. We can spend the next 12 years trying to get consensus about where to draw the line, but I would rather just draw it and get down to building packages to populate Fedora Extras, so that someone can type "up2date clamav" and pull it out of a repository immediately after install. Today its AV, tomorrow it will be foo, the day after that bar... lets just take what we've got, intelligently trim it down, and call it Core. Everything else is Extras. ~spot --- Tom "spot" Callaway LCA, RHCE Red Hat Sales Engineer || Aurora SPARC Linux Project Leader "The author's mathematical treatment of the conception of purpose is novel and highly ingenious, but heretical and, so far as the present social order is concerned, dangerous and potentially subversive. Not to be published." -- Aldous Huxley's "Brave New World" From marguz at ameritech.net Tue Jan 6 03:03:35 2004 From: marguz at ameritech.net (Mark Guzzo) Date: Mon, 05 Jan 2004 21:03:35 -0600 Subject: rawhide In-Reply-To: <1073342445.5091.2.camel@m222.net81-64-248.noos.fr> References: <1073325078.3690.3.camel@LORDLINUX.global.shsystem.org> <1073342445.5091.2.camel@m222.net81-64-248.noos.fr> Message-ID: <1073358214.22767.0.camel@PURPLE.mbhome.cxm> > name=Fedora Core (development: Rawhide) > baseurl=ftp://mirror.cs.princeton.edu/pub/mirrors/fedora/linux/core/development/i386 > ftp://download.fedora.redhat.com/pub/fedora/linux/core/development/i386 > ftp://ftp.dc.aleron.net/pub/linux/fedora/linux/core/development/i386 > ftp://ftp.uninett.no/pub/linux/Fedora/core/development/i386 > ftp://ftp.linux.ee/mount/noa-hdb/mirror/fedora/linux/core/development/i386 > ftp://ftp.heanet.ie/mirrors/download.fedora.redhat.com/pub/fedora/linux/core/development/i386 > gpgcheck=0 > failovermethod=priority > > Cheers, Thanks ;-) From lees_lists at hotmail.com Tue Jan 6 03:26:05 2004 From: lees_lists at hotmail.com (lee connell) Date: Mon, 05 Jan 2004 22:26:05 -0500 Subject: GNOME - Adding items to menus Message-ID: Thank you so much for your help. How come they don't ship with these settings as default? --__--__-- Message: 25 Subject: Re: GNOME - Adding items to menus From: Chee Bin HOH To: fedora-devel-list at redhat.com Organization: MIMOS Berhad Date: 06 Jan 2004 08:46:42 +0800 Reply-To: fedora-devel-list at redhat.com For RD9, you can still add menu items to existing menu folder, but you can not add new menu (folder). You can edit /etc/gnome-vfs-2.0/modules/default-modules.conf to make it editable. If you look at /etc/gnome-vfs-2.0/modules/default-modules.conf, you will see that a few vfolder destkop method (applications:, all-applications, etc) are using libvfolder-desktop-old.so, which makes adding new menu fail. You will find /etc/gnome-vfs-2.0/modules/default-modules.conf.with-menu-editing in the same directory, just make a backup copy of /etc/gnome-vfs-2.0/modules/default-modules.conf, then rename default-modules.conf.with-menu-editing to default-modules.conf. the library libvfolder-destkop.so uses in `default-modules.conf.with-menu-editing` is the correct one to make adding menu possible. regards, HOH _________________________________________________________________ Check your PC for viruses with the FREE McAfee online computer scan. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From hp at redhat.com Tue Jan 6 03:42:02 2004 From: hp at redhat.com (Havoc Pennington) Date: Mon, 05 Jan 2004 22:42:02 -0500 Subject: GNOME - Adding items to menus In-Reply-To: References: Message-ID: <1073360522.14306.3.camel@localhost.localdomain> On Mon, 2004-01-05 at 22:26, lee connell wrote: > Thank you so much for your help. How come they don't ship with these > settings as default? Because it's buggy and doesn't really work very well. Havoc From linuxproject at aws-sj.com Tue Jan 6 04:07:15 2004 From: linuxproject at aws-sj.com (Casey Price) Date: Mon, 5 Jan 2004 20:07:15 -0800 (PST) Subject: lilo -R equivalent in grub? In-Reply-To: <3FF28183.4030107@togami.com> References: <3FF28183.4030107@togami.com> Message-ID: <33562.192.168.1.11.1073362035.squirrel@www.aws-sj.com> > Does GRUB have anything similar to lilo's -R? This is a totally useful > function and I would really like to avoid using lilo. I know at the GRUB bootscreen, you can press 'e' and modify the parameters for a one time only type of thing if thats what you mean. Then you just press 'b' to boot using those settings -- Casey Price From steve at silug.org Tue Jan 6 06:25:39 2004 From: steve at silug.org (Steven Pritchard) Date: Tue, 6 Jan 2004 00:25:39 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073352803.32441.24.camel@localhost.localdomain> References: <1073342193.8527.23.camel@opus> <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> <1073351410.12447.1.camel@localhost.lexinomics.com> <1073352803.32441.24.camel@localhost.localdomain> Message-ID: <20040106062539.GA25309@osiris.silug.org> Pardon me in advance for contributing to this endless thread. On Mon, Jan 05, 2004 at 07:33:24PM -0600, Steve Bergman wrote: > Not all of the points have been made. For example, not once during the > thread did anyone address the question of whether the *users*, as > opposed to *developers*, of Fedora would want AV included. I'm pretty sure I addressed that point, or at least tried to. As a user, you really want a package like clamav (or spamassassin, for that matter) to be as up-to-date as possible. Assuming updates for Core packages are handled the same way updates for RHL has always been handled, new versions of packages are only introduced when there's a clear need, such as a security patch that either can't be backported or isn't worth the effort (because the new version is *only* that security fix). I'm going on the assumption that Extras will be more fluid, updated whenever it makes sense. Maybe I'm wrong. > And by the way, as a user, I *would* like to have AV available to me in > FC2 for my mail servers. You can have it now, at least to some degree. There's a clamav package in the fedora.us repository. So far there's no amavis/mailscanner/whatever-you-might-like, but that's just a matter of the right person finding time to work on it. So assuming there's an official Extras tree, or FC2 includes the appropriate configuration to pull from fedora.us out of the box, you should be able to get everything working on your shiny new FC2 mail server with "apt-get install amavisd-new" or whatever. Oh, and somebody else said something about spam being a universal problem, but AV isn't. Well, I disagree. Some (maybe most) days I get more virus spam than enlarge-various-body-parts spam, so filtering that crap out is important. Fortunately, just blocking all attachments that a certain inferior (but pervasive) OS considers "executable" kills 98.6% of the "infected" mail (according to the last month's logs from the box I mentioned earlier). (Oh, and it is just disturbing how easy it is to do this with postfix. That and built-in maildir support are what finally made me give up and switch from sendmail. Email me off-list if you want details and are too lazy to google. ;) Steve -- Steven Pritchard - K&S Pritchard Enterprises, Inc. Email: steve at kspei.com http://www.kspei.com/ Phone: (618)398-7360 Mobile: (618)567-7320 From hvdkooij at vanderkooij.org Tue Jan 6 07:30:03 2004 From: hvdkooij at vanderkooij.org (Hugo van der Kooij) Date: Tue, 6 Jan 2004 08:30:03 +0100 (CET) Subject: whois buglet in FC1 Message-ID: Hi, There are some typos in /etc/jwhois.conf where whois is spelled as whios instead. $ whois 210.139.254.162 [Querying whios.nic.ad.jp] [whios.nic.ad.jp: Name or service not known] Hugo. -- All email sent to me is bound to the rules described on my homepage. hvdkooij at vanderkooij.org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. From salimma1 at yahoo.co.uk Tue Jan 6 10:02:59 2004 From: salimma1 at yahoo.co.uk (Michel Alexandre Salim) Date: Tue, 06 Jan 2004 17:02:59 +0700 Subject: Installation and removal of GConf schemas via RPM Message-ID: <1073383378.1926.17.camel@localhost.localdomain> Abstract -------- Controlling installation and removal of GConf schemas from RPM spec files Introduction ------------ GConf-enabled applications present a unique challenge to packagers, having to do with the nature of GConf itself. The most appropriate comparison is with Windows' registry, with applications shipping with a .schemas file (equivalent to .reg) listing GConf keypairs that have to be installed into the system's GConf tree when the package is installed, and uninstalled when the package is removed. Current situation ----------------- Vendor-supplied Makefiles call gconf-install-tool as part of the 'install' target, and the following line, put under the %install section of the .spec file before 'make install' prevents this as schemas should not be installed at this time: export GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 With some Makefiles GConf schema installation has to be disabled before %build's make as well; YMMV. Schemas are installed during %post, with a typical procedure as follows: %post export GCONF_CONFIG_SOURCE=`gconftool-2 --get-default-source` gconftool-2 --makefile-install-rule \ %{_sysconfdir}/gconf/schemas/straw.schemas >/dev/null Problem ------- So far so good. It is uninstalling that packagers have, unfortunately, tended to ignore, as I discovered when packaging my first GConf-enabled app. Leaving GConf keys behind is messy and could pose potential compatibility problems when newer versions of applications are installed, and should be discouraged. The uninstall process itself is happily quite easy to perform: %preun export GCONF_CONFIG_SOURCE=`gconftool-2 --get-default-source` gconftool-2 --makefile-uninstall-rule \ %{_sysconfdir}/gconf/schemas/straw.schemas >/dev/null This has to be done in %preun instead of %postun since at the latter stage, the .schemas file would have been already erased. Recommendations --------------- 1. Add GConf install/uninstall examples to Fedora's spectemplate.spec https://bugzilla.fedora.us/show_bug.cgi?id=1178 2. Bugzilla the necessary packages One could get the list of packages by rpm -qf'ing the .schemas files in /etc/gconf/schemas/ Hopefully this could be sorted by the time FC2 ships. Regards, Michel From tony at lava.net Tue Jan 6 10:45:55 2004 From: tony at lava.net (Antonio Querubin) Date: Tue, 6 Jan 2004 00:45:55 -1000 (HST) Subject: pine RPM and IPv6 for imapd Message-ID: I noticed that although there's a UW imapd/ipopd RPM, there is no RPM for just pine or pico. Is anybody working on one? If so, I've got a patch to enable IPv6 client connections in pine which I've gotten to work on both Fedora and RH 9. Otherwise I suppose I could produce an RPM. And for whoever is maintaining the imapd RPM, this same patch (applied to the c-client) will also enable better IPv6 logging for the imapd and ipopd servers, and fix an SSL/IPv6 compatibility problem. From ms-nospam-0306 at arcor.de Tue Jan 6 11:08:38 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Tue, 6 Jan 2004 12:08:38 +0100 Subject: Installation and removal of GConf schemas via RPM In-Reply-To: <1073383378.1926.17.camel@localhost.localdomain> References: <1073383378.1926.17.camel@localhost.localdomain> Message-ID: <20040106120838.79fadbce.ms-nospam-0306@arcor.de> On Tue, 06 Jan 2004 17:02:59 +0700, Michel Alexandre Salim wrote: > Problem > ------- > > So far so good. It is uninstalling that packagers have, unfortunately, > tended to ignore, as I discovered when packaging my first GConf-enabled > app. Rather "ignored deliberately", because e.g. on Red Hat Linux <= 9 the --makefile-uninstall-rule option does not exist. One reason why I feel good when a packager decides to issue package updates only for FC1. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ms-nospam-0306 at arcor.de Tue Jan 6 11:51:30 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Tue, 6 Jan 2004 12:51:30 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <20040105190647.GA21902@osiris.silug.org> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <20040105190647.GA21902@osiris.silug.org> Message-ID: <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> On Mon, 5 Jan 2004 13:06:47 -0600, Steven Pritchard wrote: > On Mon, Jan 05, 2004 at 06:13:31PM +0100, Thomas M Steenholdt wrote: > > Also, until the "extras" goes "live" for real, I (perhaps out of > > ignorance) don't feel that confident (please comment on this) with the > > fedora.us packages as the download.fedora.com ones?!? > > Given how much of a pain in the ass it is to get a package accepted > into the fedora.us repository, [...] Is it considered a "pain"? I mean, some submitted packages don't even build at all, or they fail to install in the %install section. After a few comments or questions from a reviewer, sometimes it takes several weeks before the packager submits a heavily revised package where not even a single line in the spec file has not been touched and where many changes are not documented in the changelog. It's a pain for a reviewer to stay up-to-date with such package development. Heavy changes in indendation on a minor upgrade decrease the readability of package diffs. Or a submitted spec file is bloated with conditional instructions or commented parts to make it work on distributions other than Red Hat Linux or Fedora Core. What some people fail to realize is that an open package submission and approval process [such as the one at fedora.us] is an interactive process and requires a good bit of communication. Unless a submitted package is completely free of flaws. And some packagers -- also new ones -- demonstrate that a package can pass the QA system quickly. QA resources (more common "package reviewers") add comments and make suggestions which can be discussed. Reviewers should not be seen as pedantic people who block a package from being published, but who help trying to bring a package into shape so that [currently] the build team doesn't waste any time on failed build attempts and that package upgrade approvals will be easier and faster. > [...] I think you can safely assume that the > packages that are there are good. "Good" is rather vague. An approved and published package which works for the packager and at least one reviewer may have issues for someone who installs a package and expects a completely preconfigured ready-to-run piece of software which doesn't need any manual configuration steps. > (Or at least have been beaten to > death by an appropriate number of knowledgeable people. ;) Or the opposite, not enough knowledgeable people, and as a result, a package request stays in the queue for a very long time. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From tdiehl at rogueind.com Tue Jan 6 12:02:23 2004 From: tdiehl at rogueind.com (Tom Diehl) Date: Tue, 6 Jan 2004 07:02:23 -0500 (EST) Subject: pine RPM and IPv6 for imapd In-Reply-To: References: Message-ID: On Tue, 6 Jan 2004, Antonio Querubin wrote: > I noticed that although there's a UW imapd/ipopd RPM, there is no RPM for > just pine or pico. Is anybody working on one? If so, I've got a patch to > enable IPv6 client connections in pine which I've gotten to work on both > Fedora and RH 9. Otherwise I suppose I could produce an RPM. You should read the FC release notes. Pine has been rm'd due to licensing issues. Having said that Mike Harris has a set of pine rpms that will work with Fedora. As I understand things though, the license that the UW programs are released under does not allow you to modify the programs and redistribute them. > And for whoever is maintaining the imapd RPM, this same patch (applied to > the c-client) will also enable better IPv6 logging for the imapd and ipopd > servers, and fix an SSL/IPv6 compatibility problem. IIRC uw-imapd is also depreciated and likely to be dropped in a future release due to the same licensing issues. HTH, Tom From salimma1 at yahoo.co.uk Tue Jan 6 12:18:06 2004 From: salimma1 at yahoo.co.uk (Michel Alexandre Salim) Date: Tue, 06 Jan 2004 19:18:06 +0700 Subject: Installation and removal of GConf schemas via RPM In-Reply-To: <20040106120838.79fadbce.ms-nospam-0306@arcor.de> References: <1073383378.1926.17.camel@localhost.localdomain> <20040106120838.79fadbce.ms-nospam-0306@arcor.de> Message-ID: <1073391486.1926.21.camel@localhost.localdomain> On Tue, 2004-01-06 at 18:08, Michael Schwendt wrote: > On Tue, 06 Jan 2004 17:02:59 +0700, Michel Alexandre Salim wrote: > > > Problem > > ------- > > > > So far so good. It is uninstalling that packagers have, unfortunately, > > tended to ignore, as I discovered when packaging my first GConf-enabled > > app. > > Rather "ignored deliberately", because e.g. on Red Hat Linux <= 9 > the --makefile-uninstall-rule option does not exist. One reason > why I feel good when a packager decides to issue package updates > only for FC1. Ah! Did not realize that. Will make it a point to do a fresh install when I upgrade my last (and only) RH9 server then. - Michel From buildsys at redhat.com Tue Jan 6 13:04:53 2004 From: buildsys at redhat.com (Build System) Date: Tue, 6 Jan 2004 08:04:53 -0500 Subject: rawhide report: 20040106 changes Message-ID: <200401061304.i06D4rF09827@porkchop.devel.redhat.com> New package libxfce4mcs multi-channel settings management support for xfce New package libxfcegui4 gtk widgets for xfce Updated Packages: alchemist-1.0.29-1 ------------------ * Mon Jan 05 2004 Tim Waugh 1.0.29-1 - Own %{_sysconfdir}/alchemist (bug #74024, bug #112842). - Build requires glib2-devel (bug #110780). bash-2.05b-35 ------------- * Mon Jan 05 2004 Tim Waugh 2.05b-35 - Fix parameter expansion in multibyte locales (bug #112657). - Run 'make check'. * Tue Dec 09 2003 Tim Waugh 2.05b-34 - Build requires texinfo (bug #111171). dhcp-3.0pl2-6.19 ---------------- * Mon Jan 05 2004 Dan Walsh 1:3.0pl2-6.18 - Close leaseFile before exec, to fix selinux error message grep-2.5.1-24 ------------- * Mon Jan 05 2004 Tim Waugh 2.5.1-24 - Work around glibc bug #112869 (segfault in re_compile_pattern). - Avoid patching Makefile.am, to avoid automake/autoconf weirdness. kernel-2.6.0-1.24 ----------------- * Mon Jan 05 2004 Dave Jones - Disable PNPBIOS - Fix mremap security hole. lapack-3.0-23 ------------- * Wed Dec 31 2003 Jeff Johnson 3.0-23 - link -lg2c explicitly into liblapack and libblas (#109079). nss_db-2.2-24 ------------- * Mon Jan 05 2004 Nalin Dahyabhai 2.2-24 - disable use of RPM's internal dependency generator, which was preventing the filtering out of glibc private dependencies (#112849) policy-1.4.4-1 -------------- * Mon Jan 05 2004 Dan Walsh 1.4.4-1 - Many changes added, access to random device - add directories ownership * Tue Dec 23 2003 Dan Walsh 1.4.2-2 - Fix bluetooth * Tue Dec 23 2003 Dan Walsh 1.4.2-1 - Latest policy with Russel and My changes. - Add Bluetooth and pam rpmdb-fedora-1.90-0.20040106 ---------------------------- rsync-2.6.0-0 ------------- * Mon Jan 05 2004 Jay Fenlason 2.6.0-0 - New upstream version, obsoletes the rsync-2.5.6-signal.patch system-config-bind-2.0.2-2 -------------------------- * Mon Jan 05 2004 Dan Walsh 2.0.1-2 - Default new slave zones to slave directory From toshio at tiki-lounge.com Tue Jan 6 13:15:23 2004 From: toshio at tiki-lounge.com (Toshio) Date: Tue, 06 Jan 2004 08:15:23 -0500 Subject: Essential Packages In-Reply-To: <1073357794.22653.344.camel@zorak> References: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> <1073357794.22653.344.camel@zorak> Message-ID: <1073394919.15808.697.camel@Madison.badger.com> On Mon, 2004-01-05 at 21:56, Tom 'spot' Callaway wrote: > I think the Core should be a framework, containing the basic tools and > technologies to cover the majority of general purpose uses. I think the > Core is more than Base (bash, kernel, glibc, etc), but not much more > than is needed for the user to use yum or up2date to customize it to > their liking. Users want package availability with the click of a mouse, While I agree that "click of a mouse" access is great, I also think that CDs fill an important role. Third parties are likely to sell CD's if you want to buy. You can carry them over to friends' houses. Have them when you've taken your laptop on the road. Have them when you move into a new house without DSL. Distributers are likely to BitTorrent them as opposed to individual packages. If the core OS is slimmed down, I'd like to see add-on isos drawn from Extras released near the same time as Core. Maybe they could be organized along the lines of "Server Software", "Desktop Enhancements", "Toys", etc. As long as dependencies could be worked out, they could even be yum repositories on a disk. -- Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From heinlein at madboa.com Tue Jan 6 14:04:14 2004 From: heinlein at madboa.com (Paul Heinlein) Date: Tue, 6 Jan 2004 06:04:14 -0800 (PST) Subject: Essential Packages In-Reply-To: <1073357794.22653.344.camel@zorak> References: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> <1073357794.22653.344.camel@zorak> Message-ID: On Mon, 5 Jan 2004, Tom 'spot' Callaway wrote: > Today its AV, tomorrow it will be foo, the day after that bar... > lets just take what we've got, intelligently trim it down, and call > it Core. Everything else is Extras. SHREK: Example? Okay, um, distros like onions. DONKEY: They stink? SHREK: Yes. No! DONKEY: They make you cry? SHREK: No! DONKEY: You leave them out in the sun, they get all brown, start sprouting' little white hairs. SHREK: No! Layers! Onions have layers! Distros have layers! Onions have layers. You get it? They both have layers. [Sighs] :-) -- Paul Heinlein From lowen at pari.edu Tue Jan 6 14:47:05 2004 From: lowen at pari.edu (Lamar Owen) Date: Tue, 6 Jan 2004 09:47:05 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <1073350547.11668.13.camel@binkley> References: <200401051901.15502.lowen@pari.edu> <1073350547.11668.13.camel@binkley> Message-ID: <200401060947.05942.lowen@pari.edu> [not off-list. While one list reader expressed a desire for it do be so, another expressed a desire for it not to be so. There are still points to consider, particularly the user aspect.] On Monday 05 January 2004 07:55 pm, seth vidal wrote: > > If I scan at the e-mail gateways, I accomplish at least these seven > > things: 1.) I protect outgoing mail for outside people, thus limiting the > > spread of worms if and when the desktop does get compromised; > If your workstations are patched and kept patched in an automated way > aren't you doing this as well? See, I'm not just scanning outgoing. I'm stripping all outgoing executables. Executable attachments are unsafe; here it is policy that executable attachments are verboten. Thus: > Is it likely your server will be patched before the workstation? I'm stripping _Windows_ executables for and from my _Windows_ workstations using a Linux server. If I'm stripping for Windows vulnerabilities (which I might not be able to patch, depending upon the workstation: I have one workstation that is still, due to a very expensive piece of software, limited to no greater than Windows NT 4.0 SP3), then why do the patches installed on the Linux server even matter? But to directly answer your question, yes, it is more likely that the server will be patched first. Servers are more important, since more than one user depends upon them. Just like when large power outages occur, the power company brings up the transmission lines first. Then they worry about substations, then primary, and then finally secondary. > Why not have the same infrastructure for supplying updates to both? For Linux servers and Windows workstations? > > 2.) Because of 1, I limit my liability exposure if one of my users > > infects someone outside with a bad worm; > liability to what? I've forgotten when was the last lawsuit for > 'internet worm ravages the world"? Which is no guarantee that it won't happen. But, with the current Homeland Security aspects in the US, one might be open to criminal prosection for gross negligence in not scanning all outgoing e-mail. Maybe not today; but my job is to think about tomorrow. > > 3.) Well over 99.99% of viruses come in via e-mail; > Wow is that a real statistic or did you pick it fresh out of the air? Anecdotal, plus given the fact that the only virus infection I have ever had in ten years that was not borne by e-mail was a single case of Stoned. I have, OTOH, had well over ten thousand e-mail viruses sent to my various addresses of all my users. Thus, I can state that, in my case, it is 99.99% e-mail viruses or better. I have received five thousand copies of Swen by itself (yes, I know Swen is a Trojan and not a virus; AV tools still catch it). And that is just my own address, not counting the other users at my sites. I've lost count of the number of Klez variants that the e-mail gateway has caught. You might say that it's not fair to count each and every copy. I disagree; I would count every single copy of Stoned, to use an ancient example, that I found on floppies. Each infection source is to me an independent incident. And each malware e-mail that comes in must be considered a separate infection attempt, and thus a separate incident. > This is an argument I can understand. But I don't have any of those > users and I hope that dial up users are slowly slowly slowly diminishing > from existence. I know they're not but I like to pretend :) Pretend all you want. Even over ADSL Swen adds up in a hurry. Not to mention the disk space in the users' mail spools that is wasted. While disk may be cheap, upgrading disks is not (counting labor, downtime, etc). And, contrary to spot's opinion, bandwidth is not so cheap that conserving bandwidth should not be a goal. Bandwidth in some areas is $600 or more per month per megabit (for lashed-up commercial circuits; ADSL might be cheap, but the OC's that carry that traffic are not). I know; I've had a full-up OC-3 quoted from an ISP at $98K per month. If anything the number of dialup users is increasing. The percentage of dialup users in the pool of total users may be decreasing, though. > And gets a fair number of false positives but... There are no false positives for executable attachments per our policy. So that's not an issue for me, at least. My users have gotten accustomed to that; we have special procedures for sending and receiving executables in a secure manner on the rare chance that executables really need to be exchanged (for the curious: PGP/GPG encryption). They much prefer that small inconvenience to getting masses of executables, and they even like the fact that Norton AV comes up far less often to interrupt their e-mail reading. I guess that would be number eight: 8.) Each e-mail caught is one less time of clicking OK for the user. Clicking OK a thousand times a day or week leaves a sour taste in the user's e-mouth. Users like it when they don't have to think about their IT; and it is my job to make IT as transparently useful as possible. E-mail AV scanning helps IT's job; plus, you then have centralized statistics in how much work you just saved the users. :-) > Again, depending on your volume. No, I don't believe so. You have to deal with the volume anyway; if you have a simple 'kill all executable attachments' policy, and enough server capacity to handle massive e-mail volumes, then the small percentage of non-executable viruses/worms/trojans shouldn't put the server over the hill, load-wise. > > Further, with Sophos Enterprise Manager you can have centralized desktop > > scanner updates and management (as I'm sure NAV Enterprise also allows), > > which gives you the best of both worlds. > And it only costs $8trillion. Seriously sophos is prohibitively > expensive and closed source, and provides their own perl and, and, and, > and.... it's not something I'll be using anytime soon. I just happen to have experience with Sophos, so I could realistically use it as an example. For non-profits it's not too bad, campared to the labor cost of keeping thousands of machines updated by hand. The desktop manager is Windows, so being closed-source is not an issue for that piece. But. again, I have to think of my users. I do astronomy here; astronomical events tend to be once-in-a-lifetime things; if an astronomer misses an observation, that observation cannot be redone. The small pain of setting up dual AV scans is much less than the pain of having the telescope control computer down for reinstallation during, say, a solar eclipse or a GRB (gamma-ray burst). So, this decision can't be made just from the admin's convenience; one must, as with all IT decisions, take into consideration the user's pain if the system fails. How failure tolerant must the system be? That is the question. Dual scanning increases the failure tolerance, particularly when the two pieces of the system are diverse. So, I would love it if FC2 included an AV scanner that could do both file scanning for the desktop users as well as e-mail scanning for the server user. A server doing backups can also scan for viruses during the backup, which could put even more layers on, if you need that kind of fault tolerance. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu From tmus at get2net.dk Tue Jan 6 14:48:08 2004 From: tmus at get2net.dk (Thomas Munck Steenholdt) Date: Tue, 6 Jan 2004 15:48:08 +0100 (CET) Subject: include much needed antivirus products in FC2 In-Reply-To: <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk><20040105161105.1428506b.ms-nospam-0306@arcor.de><3FF99B3B.6060300@get2net.dk><20040105190647.GA21902@osiris.silug.org> <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> Message-ID: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> > On Mon, 5 Jan 2004 13:06:47 -0600, Steven Pritchard wrote: > >> [...] I think you can safely assume that the >> packages that are there are good. > > "Good" is rather vague. An approved and published package which works for > the packager and at least one reviewer may have issues for someone who > installs a package and expects a completely preconfigured ready-to-run > piece of software which doesn't need any manual configuration steps. I have to agree completely with Steven on this one... Now that I have heard som much good about the quality about the packages at fedora.us, i decided to try to yum the packages for clamav onto my test system... Let me just say that those packages are certainly not of a quality that can even begin to compare against what we're used to from the core packages... A core package can safely be assumed to install cleanly. It will have it's init scripts added to the chkconfig setup, provide a decent default configuration file that can be modified slightly to fit the users needs and if the package includes a daemon it can then be started with a "service foo_service start" command. Neither is the case with the clamav packages from fedora.us. First of all a number of manual customizations has to be made in order to start the daemon... including installing the default conf file, adding init scripts and a lot of other things... This is not how things should work, and that was the feeling I had of the non-core distros, when I suggested to include an antivirus package in the core distribution. I'm not afraid to do stuff on my own, but having to do so post-install customization just to get stuff started really kinda defeat the purpose of rpm and all our repository tools like yum and apt. It's nice that we can quickly install a needed package - but if we need to spend half an hour configuring the blasted thing before it will even start, we might just as well have downloaded the tarball and compiled the stuff from scratch. for a comparison (for those of you trying to install clamav from fedora.us) check out the package made by Petr Kristof http://crash.fce.vutbr.cz/crash-hat/1/clamav/ those are packages so much nicer that the fedora.us ones. If package-quality is going to be like this for the extras, I don't think that extras will be very successful or even useful. As a note, please notice that the clamav packages are te only ones I've tried from fedora.us, and I'm in no way trying to insult the many skilled developers maintaining packages on fedora.us. Something has to be done to improve the quality of those packages for "extras" Thomas > >> (Or at least have been beaten to >> death by an appropriate number of knowledgeable people. ;) > > Or the opposite, not enough knowledgeable people, and as a result, > a package request stays in the queue for a very long time. > > -- > From tmus at get2net.dk Tue Jan 6 15:04:39 2004 From: tmus at get2net.dk (Thomas Munck Steenholdt) Date: Tue, 6 Jan 2004 16:04:39 +0100 (CET) Subject: include much needed antivirus products in FC2 In-Reply-To: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk><20040105161105.1428506b.ms-nospam-0306@arcor.de><3FF99B3B.6060300@get2net.dk><20040105190647.GA21902@osiris.silug.org> <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> Message-ID: <20058.212.93.39.37.1073401479.squirrel@www.tmus.dk> >> "Good" is rather vague. An approved and published package which works >> for >> the packager and at least one reviewer may have issues for someone who >> installs a package and expects a completely preconfigured ready-to-run >> piece of software which doesn't need any manual configuration steps. > > I have to agree completely with Steven on this one... > Sorry! I think, who I was actually agreeing with in this case was Michael Schwendt... Thomas From Axel.Thimm at physik.fu-berlin.de Tue Jan 6 15:28:16 2004 From: Axel.Thimm at physik.fu-berlin.de (Axel Thimm) Date: Tue, 6 Jan 2004 16:28:16 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> References: <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> Message-ID: <20040106152816.GB16848@neu.nirvana> On Tue, Jan 06, 2004 at 03:48:08PM +0100, Thomas Munck Steenholdt wrote: > > On Mon, 5 Jan 2004 13:06:47 -0600, Steven Pritchard wrote: > > > >> [...] I think you can safely assume that the packages that are > >> there are good. > > > > "Good" is rather vague. An approved and published package which works for > > the packager and at least one reviewer may have issues for someone who > > installs a package and expects a completely preconfigured ready-to-run > > piece of software which doesn't need any manual configuration steps. > > I have to agree completely with Steven on this one... > > Now that I have heard som much good about the quality about the > packages at fedora.us, i decided to try to yum the packages for > clamav onto my test system... Let me just say that those packages > are certainly not of a quality that can even begin to compare > against what we're used to from the core packages... A core package > can safely be assumed to install cleanly. It will have it's init > scripts added to the chkconfig setup, provide a decent default > configuration file that can be modified slightly to fit the users > needs and if the package includes a daemon it can then be started > with a "service foo_service start" command. > > Neither is the case with the clamav packages from fedora.us. First > of all a number of manual customizations has to be made in order to > start the daemon... including installing the default conf file, > adding init scripts and a lot of other things... > > This is not how things should work, and that was the feeling I had > of the non-core distros, when I suggested to include an antivirus > package in the core distribution. Have you tried the clamav packages from newprms? http://newrpms.sunsite.dk/apt/redhat/en/i386/fc1/RPMS.newrpms/ While everybody talks of newrpms as if it were a recreational repo it has quite a lot of non-game pearls, too. -- Axel.Thimm at physik.fu-berlin.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From nhruby at uga.edu Tue Jan 6 15:40:03 2004 From: nhruby at uga.edu (nathan r. hruby) Date: Tue, 6 Jan 2004 10:40:03 -0500 (EST) Subject: include much needed antivirus products in FC2 In-Reply-To: <1073352105.11668.22.camel@binkley> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> <1073349986.11668.2.camel@binkley> <20040106012035.GC5267@neu.nirvana> <1073352105.11668.22.camel@binkley> Message-ID: On Mon, 5 Jan 2004, seth vidal wrote: > > That argument seems to be inversed. Unless you have a very small > > amount of clients, you are always better off doing it serverside. > > > > or unless you have very good virus signature updating systems or very > good control. > We have the former and still see a lot of gain with email scanning at the perimeter. SoBig would have crippled us were it not for email based scanning. > > Or do you really chase your Laptop users to upgrade their systems? > > The laptops I support run Linux. Not windows so it's not an issue. But > moreover you still haven't solved the virus problem by blocking ONLY at > the mail server. Remember all the ms messenger worm propagation? So it > sounds like you're still chasing down your windows workstations and > laptops... > No, but to get back on track, linux (and MacOSX and Solaris, etc..) can be placed into a Typhiod Mary situation on a local network, distributing viri laden files either over samba, ftp, http, nntp, etc.. whatever they're serving. Since one of the things that people want to do with linux is make it work with other OS'es I think having some form of AV product in Core (and alternatives in Extras) makes sense. People will want and/or need it and since it's useful for servers and well as desktops that might be running samba to a co-workers computer, Core sounds like a good place for it to be. -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From nhruby at uga.edu Tue Jan 6 15:43:04 2004 From: nhruby at uga.edu (nathan r. hruby) Date: Tue, 6 Jan 2004 10:43:04 -0500 (EST) Subject: default yum configuration for Legacy In-Reply-To: <20040106010618.GH6778@angus.ind.WPI.EDU> References: <20040106010618.GH6778@angus.ind.WPI.EDU> Message-ID: On Mon, 5 Jan 2004, Charles R. Anderson wrote: > Should the yum service default to on or off? > Should the yum.conf exclude kernels by default? > > I think auto updates should be off by default, and kernels should be > excluded by default, just as it is in up2date. > > What are people's opinions on this? > What I do is leave the service on and change the cron job to do a yum list to inform people of updates so they are aware of them being there. I also leave a exclude line for kernels commented out in the yum.conf that I ship for campus. Yes, seth will say this doesn't scale and he's right, luckily I don't get root's mail for all of the linux boxes on campus :) -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From efeldhusen at chartermi.net Tue Jan 6 16:15:55 2004 From: efeldhusen at chartermi.net (Eric Feldhusen) Date: Tue, 06 Jan 2004 11:15:55 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> <1073349986.11668.2.camel@binkley> <20040106012035.GC5267@neu.nirvana> <1073352105.11668.22.camel@binkley> Message-ID: <3FFADF3B.80708@chartermi.net> nathan r. hruby wrote: > On Mon, 5 Jan 2004, seth vidal wrote: > No, but to get back on track, linux (and MacOSX and Solaris, etc..) can be > placed into a Typhiod Mary situation on a local network, distributing viri > laden files either over samba, ftp, http, nntp, etc.. whatever they're > serving. Since one of the things that people want to do with linux is > make it work with other OS'es I think having some form of AV product in > Core (and alternatives in Extras) makes sense. I agree with this. All of my RH8/9/FC1 servers are deployed in school districts where they're doing the beard and butter Samba/Netatalk for all the windows and macs. With teachers bringing in floppies *yeah, it's old school, but change is difficult* and cd's, I've had problems with virii getting back on the network. We've finally got anti-virus on all desktops now, so virii in the home directories "should" be going away/gone, BUT, if I can check all home directories with a quick piece-of-mind scan on my servers, that's something I want to do. Eric Feldhusen From skvidal at phy.duke.edu Tue Jan 6 16:19:36 2004 From: skvidal at phy.duke.edu (seth vidal) Date: 06 Jan 2004 11:19:36 -0500 Subject: include much needed antivirus products in FC2 In-Reply-To: <3FFADF3B.80708@chartermi.net> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <1073324256.6652.45.camel@opus> <015a01c3d3b3$815f77b0$e2e8b1d8@adam12> <1073324763.6652.51.camel@opus> <20040105233115.GD10805@devserv.devel.redhat.com> <1073349986.11668.2.camel@binkley> <20040106012035.GC5267@neu.nirvana> <1073352105.11668.22.camel@binkley> <3FFADF3B.80708@chartermi.net> Message-ID: <1073405975.10348.15.camel@opus> On Tue, 2004-01-06 at 11:15, Eric Feldhusen wrote: > nathan r. hruby wrote: > > > On Mon, 5 Jan 2004, seth vidal wrote: > > No, but to get back on track, linux (and MacOSX and Solaris, etc..) can be > > placed into a Typhiod Mary situation on a local network, distributing viri > > laden files either over samba, ftp, http, nntp, etc.. whatever they're > > serving. Since one of the things that people want to do with linux is > > make it work with other OS'es I think having some form of AV product in > > Core (and alternatives in Extras) makes sense. > > I agree with this. All of my RH8/9/FC1 servers are deployed in school > districts where they're doing the beard and butter Samba/Netatalk for > all the windows and macs. With teachers bringing in floppies *yeah, > it's old school, but change is difficult* and cd's, I've had problems > with virii getting back on the network. We've finally got anti-virus on > all desktops now, so virii in the home directories "should" be going > away/gone, BUT, if I can check all home directories with a quick > piece-of-mind scan on my servers, that's something I want to do. > No one is saying you can't do this! The only thing I've been saying is that Antivirus for OTHER OPERATING SYSTEMS does NOT belong in Core. It should be in extras, certainly but not in core. -sv From johnsonm at redhat.com Tue Jan 6 16:23:59 2004 From: johnsonm at redhat.com (Michael K. Johnson) Date: Tue, 6 Jan 2004 11:23:59 -0500 Subject: Should there be BuildRequires for perl/libtool/auto*? In-Reply-To: <3FEDE78A.3010703@togami.com> References: <1072537470.17083.11.camel@Madison.badger.com> <1072542703.7998.35.camel@dhollis-lnx.kpmg.com> <3FEDE78A.3010703@togami.com> Message-ID: <20040106162359.GA23923@devserv.devel.redhat.com> On Sat, Dec 27, 2003 at 10:11:54AM -1000, Warren Togami wrote: > If you require a specific version of any package, then you MUST include > an Epoch in that dependency. If the Epoch is blank, then make it "0". Huh? michaelkjohnson "He that composes himself is wiser than he that composes a book." Linux Application Development -- Ben Franklin http://people.redhat.com/johnsonm/lad/ From johnsonm at redhat.com Tue Jan 6 16:31:09 2004 From: johnsonm at redhat.com (Michael K. Johnson) Date: Tue, 6 Jan 2004 11:31:09 -0500 Subject: Clarification on kernel builds In-Reply-To: <1072804628.1760.11.camel@duergar> References: <1072804628.1760.11.camel@duergar> Message-ID: <20040106163109.GB23923@devserv.devel.redhat.com> On Tue, Dec 30, 2003 at 12:17:09PM -0500, Stan Bubrouski wrote: > Quick question: Are the kernels that end up in the development tree the > same as the ones on arjan's pages? (I know arjan's are updated more > frequently, but I was wondering before I jump around between them). Similar, but not built from the same tree. michaelkjohnson "He that composes himself is wiser than he that composes a book." Linux Application Development -- Ben Franklin http://people.redhat.com/johnsonm/lad/ From johnsonm at redhat.com Tue Jan 6 16:43:35 2004 From: johnsonm at redhat.com (Michael K. Johnson) Date: Tue, 6 Jan 2004 11:43:35 -0500 Subject: Proposal: rpm-4.2.2 should refuse to build as root In-Reply-To: <3FF2C418.4070705@togami.com> References: <3FF2C418.4070705@togami.com> Message-ID: <20040106164335.GC23923@devserv.devel.redhat.com> On Wed, Dec 31, 2003 at 02:42:00AM -1000, Warren Togami wrote: > [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT > This would also completely solve this silly urban legend surrounding > this ugly construct found within many spec files. If users cannot build > as root, then BuildRoot being equal to "/" (which is incredibly unlikely > to begin with) cannot destroy their system. Uh, it can still remove *their* files, which would still be pretty destructive. I'd say that piece should stay regardless. michaelkjohnson "He that composes himself is wiser than he that composes a book." Linux Application Development -- Ben Franklin http://people.redhat.com/johnsonm/lad/ From hp at redhat.com Tue Jan 6 16:58:32 2004 From: hp at redhat.com (Havoc Pennington) Date: Tue, 06 Jan 2004 11:58:32 -0500 Subject: Installation and removal of GConf schemas via RPM In-Reply-To: <1073383378.1926.17.camel@localhost.localdomain> References: <1073383378.1926.17.camel@localhost.localdomain> Message-ID: <1073408312.16171.34.camel@localhost.localdomain> On Tue, 2004-01-06 at 05:02, Michel Alexandre Salim wrote: > Recommendations > --------------- > > 1. Add GConf install/uninstall examples to Fedora's spectemplate.spec > https://bugzilla.fedora.us/show_bug.cgi?id=1178 > > 2. Bugzilla the necessary packages > One could get the list of packages by rpm -qf'ing the .schemas files in > /etc/gconf/schemas/ > Yes, agreed, this is worthwhile. Havoc From johnsonm at redhat.com Tue Jan 6 17:07:34 2004 From: johnsonm at redhat.com (Michael K. Johnson) Date: Tue, 6 Jan 2004 12:07:34 -0500 Subject: Path for upgrading from Red Hat Linux 9 to Fedora Core 2? In-Reply-To: <1072952955.19941.52.camel@animal> References: <1072952955.19941.52.camel@animal> Message-ID: <20040106170734.GD23923@devserv.devel.redhat.com> On Thu, Jan 01, 2004 at 10:29:16AM +0000, Keith Sharp wrote: > Given that the dates for the FC 2 release and the EOL of RHL 9 are quite > close to each other, is the plan to allow the upgrade of RHL 9 systems > directly to FC 2? > > Or will the recommended path be: RHL 9 -> FC 1 -> FC 2? Well, in practice it will mostly depend on what gets tested. The software will certainly not refuse the attempt to do RHL9 -> FC2. michaelkjohnson "He that composes himself is wiser than he that composes a book." Linux Application Development -- Ben Franklin http://people.redhat.com/johnsonm/lad/ From steve at silug.org Tue Jan 6 17:14:34 2004 From: steve at silug.org (Steven Pritchard) Date: Tue, 6 Jan 2004 11:14:34 -0600 Subject: include much needed antivirus products in FC2 In-Reply-To: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> References: <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> Message-ID: <20040106171434.GA27563@osiris.silug.org> On Tue, Jan 06, 2004 at 03:48:08PM +0100, Thomas Munck Steenholdt wrote: > Now that I have heard som much good about the quality about the packages > at fedora.us, i decided to try to yum the packages for clamav onto my > test system... Let me just say that those packages are certainly not of > a quality that can even begin to compare against what we're used to from > the core packages... A core package can safely be assumed to install > cleanly. It will have it's init scripts added to the chkconfig setup, > provide a decent default configuration file that can be modified slightly > to fit the users needs and if the package includes a daemon it can then > be started with a "service foo_service start" command. Actually, in my really, really, really light testing of the clamav package, I wasn't impressed either. I still prefer my package. But I never had time to QA the clamav package, so I'm not sure I have the right to complain. Note to Warren: You might want to move that clamav package back out into testing. The basic problem here is that some packages just don't have much of a user base. (Until amavis or something is included in fedora.us, there probably won't be that many users of clamav.) It's still hard to find enough users who know the software and care enough to get packages through fedora.us's QA, but I have to assume that will get better. Steve -- Steven Pritchard - K&S Pritchard Enterprises, Inc. Email: steve at kspei.com http://www.kspei.com/ Phone: (618)398-7360 Mobile: (618)567-7320 From smoogen at lanl.gov Tue Jan 6 17:53:37 2004 From: smoogen at lanl.gov (Stephen Smoogen) Date: Tue, 06 Jan 2004 10:53:37 -0700 Subject: Essential Packages In-Reply-To: <1073357794.22653.344.camel@zorak> References: <1412.192.168.1.16.1073357448.squirrel@www.aws-sj.com> <1073357794.22653.344.camel@zorak> Message-ID: <1073411617.5114.2.camel@smoogen1.lanl.gov> On Mon, 2004-01-05 at 19:56, Tom 'spot' Callaway wrote: > On Mon, 2004-01-05 at 20:50, Casey Price wrote: > > In reality, most os' don't ship > > with any AV, thats the reason the AV companies make their money. > > Arguably, its because OS vendors don't want to be in the AV business. Politically it all depends on how badly the next power outage in the US is related to a worm/virus attack. There is a reason that Microsoft bought RAV lately and is working on integrating it into Windows 2005 or something... the lawyers smell blood in the water. -- Stephen John Smoogen smoogen at lanl.gov Los Alamos National Lab CCN-5 Sched 5/40 PH: 4-0645 Ta-03 SM-1498 MailStop B255 DP 10S Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- From ms-nospam-0306 at arcor.de Tue Jan 6 17:58:38 2004 From: ms-nospam-0306 at arcor.de (Michael Schwendt) Date: Tue, 6 Jan 2004 18:58:38 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <20040105190647.GA21902@osiris.silug.org> <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> Message-ID: <20040106185838.1c870b34.ms-nospam-0306@arcor.de> On Tue, 6 Jan 2004 15:48:08 +0100 (CET), Thomas Munck Steenholdt wrote: > Now that I have heard som much good about the quality about the packages > at fedora.us, i decided to try to yum the packages for clamav onto my > test system... Let me just say that those packages are certainly not of > a quality that can even begin to compare against what we're used to from > the core packages... A core package can safely be assumed to install > cleanly. The clamav packages do install cleanly. > It will have it's init scripts added to the chkconfig setup, > provide a decent default configuration file that can be modified slightly > to fit the users needs and if the package includes a daemon it can then > be started with a "service foo_service start" command. > > Neither is the case with the clamav packages from fedora.us. First of all > a number of manual customizations has to be made in order to start the > daemon... including installing the default conf file, adding init scripts > and a lot of other things... You have misunderstood the necessary set-up procedure completely. Included is a README with the necessary steps plus a couple of config file templates which are pre-configured except for a few lines which you must uncomment/modify yourself according to the instructions. Please read some of the explanations in the package request ticket here: https://bugzilla.fedora.us/show_bug.cgi?id=268 > This is not how things should work, and that was the feeling I had of the > non-core distros, when I suggested to include an antivirus package in the > core distribution. > > I'm not afraid to do stuff on my own, but having to do so post-install > customization just to get stuff started really kinda defeat the purpose of > rpm and all our repository tools like yum and apt. It's nice that we can > quickly install a needed package - but if we need to spend half an hour > configuring the blasted thing before it will even start, It certainly doesn't take half an hour. > we might just > as well have downloaded the tarball and compiled the stuff from scratch. > for a comparison (for those of you trying to install clamav from fedora.us) > check out the package made by Petr Kristof > http://crash.fce.vutbr.cz/crash-hat/1/clamav/ those are packages so much > nicer that the fedora.us ones. I'm not the packager of the clamav packages, but I have participated in the reviews. That someone else's package can be started right after installation -- even as a single daemon -- does not mean that it is "better" or "nicer" or more flexible or anything like that. It just suits your requirements more because you refuse to adjust configuration files. > If package-quality is going to be like this for the extras, I don't think > that extras will be very successful or even useful. See below. > As a note, please notice that the clamav packages are te only ones I've > tried from fedora.us, and I'm in no way trying to insult the many skilled > developers maintaining packages on fedora.us. With the previous paragraph you did exactly that. Please pick some other packages -- maybe a normal application or a game. These don't require security relevant adjustments or editing config files. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From davej at redhat.com Tue Jan 6 17:58:51 2004 From: davej at redhat.com (Dave Jones) Date: Tue, 06 Jan 2004 17:58:51 +0000 Subject: Clarification on kernel builds In-Reply-To: <20040106163109.GB23923@devserv.devel.redhat.com> References: <1072804628.1760.11.camel@duergar> <20040106163109.GB23923@devserv.devel.redhat.com> Message-ID: <1073411931.31850.0.camel@delerium.codemonkey.org.uk> On Tue, 2004-01-06 at 16:31, Michael K. Johnson wrote: > On Tue, Dec 30, 2003 at 12:17:09PM -0500, Stan Bubrouski wrote: > > Quick question: Are the kernels that end up in the development tree the > > same as the ones on arjan's pages? (I know arjan's are updated more > > frequently, but I was wondering before I jump around between them). > > Similar, but not built from the same tree. Last question.. http://www.linux.org.uk/davej/docs/fedora-kernel-faq.txt Dave From xose at wanadoo.es Tue Jan 6 18:04:29 2004 From: xose at wanadoo.es (Xose Vazquez Perez) Date: Tue, 06 Jan 2004 19:04:29 +0100 Subject: Clarification on kernel builds References: <1072804628.1760.11.camel@duergar> <20040106163109.GB23923@devserv.devel.redhat.com> <1073411931.31850.0.camel@delerium.codemonkey.org.uk> Message-ID: <3FFAF8AD.9000101@wanadoo.es> Dave Jones wrote: >>Similar, but not built from the same tree. > > > Last question.. > http://www.linux.org.uk/davej/docs/fedora-kernel-faq.txt ^ this is the good one: http://www.linux.org.uk/~davej/docs/fedora-kernel-faq.txt From enrico.scholz at informatik.tu-chemnitz.de Tue Jan 6 18:10:43 2004 From: enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) Date: Tue, 06 Jan 2004 19:10:43 +0100 Subject: include much needed antivirus products in FC2 In-Reply-To: <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> (Thomas Munck Steenholdt's message of "Tue, 6 Jan 2004 15:48:08 +0100 (CET)") References: <9811.212.93.39.38.1073307684.squirrel@www.tmus.dk> <20040105161105.1428506b.ms-nospam-0306@arcor.de> <3FF99B3B.6060300@get2net.dk> <20040105190647.GA21902@osiris.silug.org> <20040106125130.06b5dc9f.ms-nospam-0306@arcor.de> <56458.212.93.39.37.1073400488.squirrel@www.tmus.dk> Message-ID: <874qv9dk2k.fsf@kosh.ultra.csn.tu-chemnitz.de> [ Since I am the author of the clamav package at fedora.us I am little bit biased ] tmus at get2net.dk ("Thomas Munck Steenholdt") writes: > Neither is the case with the clamav packages from fedora.us. First of all > a number of manual customizations has to be made in order to start the > daemon... including installing the default conf file, adding init scripts > and a lot of other things... > > This is not how things should work, No, this is exactly how things should work. Default clamav configuration is broken: * daemon runs as root by default -> bad flaw since it works as non-root also. Please do not begin with SELinux; it's not the solution for all security problems and not available in FC1 or below. * default logging and sockets are suggested to be under /tmp -> man symlink-attack, man tmpwatch * no crontab entries for database update and logrotating It is ok when the package itself has these flaws, but some tasks of package-management is the providing of a secure and preconfigured setup. I do not want a package which just puts the results of 'make install' in the filesystem and where I have to spent hours to create new users, fix broken default configurations or to write initscripts. QA trail at https://bugzilla.fedora.us/show_bug.cgi?id=268 should explain some parts of the clamav package. Enrico From de_lupus at pandora.be Tue Jan 6 18:21:01 2004 From: de_lupus at pandora.be (Kristof vansant) Date: Tue, 06 Jan 2004 19:21:01 +0100 Subject: rebuild of redhat-artwork will fail because of the makefile of gdm doesn't want utf in combination with intltool Message-ID: <1073413260.2650.19.camel@d51528079.kabel.telenet.be> I was wondering if it still is necessary with the latest intltool to set LANG=en_US when building redhat-artwork my lang: LANG=nl_NL.UTF-8 I know there is a simple workaround :p but I was just wondering if the protection in the make script was still necessary. I noticed that only the gdm dir has this protection. [root at d51528079 redhat-artwork-0.88]# grep -R en_US * art/gdm/Bluecurve/Makefile.in: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi art/gdm/Bluecurve/Makefile.in: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi art/gdm/Bluecurve/Makefile.am: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi art/gdm/Bluecurve/Makefile.am: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi art/gdm/Bluecurve/Makefile: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi art/gdm/Bluecurve/Makefile: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi error: if locale | grep -q UTF; then echo "intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US"; /bin/rm -f Bluecurve.xml GdmGreeterTheme.desktop; exit 1; fi intltool doesn't like UTF-8 locales. Try rerunning with eg: LANG=en_US make[5]: *** [all-local] Fout 1 make[5]: Weggaan uit map `/home/lupus/garnome-0.29.1/geektoys/redhat-artwork/work/main.d/redhat-artwork-0.88/art/gdm/Bluecurve' make[4]: *** [all-recursive] Fout 1 make[4]: Weggaan uit map `/home/lupus/garnome-0.29.1/geektoys/redhat-artwork/work/main.d/redhat-artwork-0.88/art/gdm' make[3]: *** [all-recursive] Fout 1 make[3]: Weggaan uit map `/home/lupus/garnome-0.29.1/geektoys/redhat-artwork/work/main.d/redhat-artwork-0.88/art' make[2]: *** [all-recursive] Fout 1 make[2]: Weggaan uit map `/home/lupus/garnome-0.29.1/geektoys/redhat-artwork/work/main.d/redhat-artwork-0.88' make[1]: *** [all-recursive-am] Fout 2 make[1]: Weggaan uit map `/home/lupus/garnome-0.29.1/geektoys/redhat-artwork/work/main.d/redhat-artwork-0.88' make: *** [build-work/main.d/redhat-artwork-0.88/Makefile] Fout 2 [root at d51528079 redhat-artwork]# cd .. From ted at cypress.com Tue Jan 6 18:48:36 2004 From: ted at cypress.com (Thomas Dodd) Date: Tue, 06 Jan 2004 12:48:36 -0600 Subject: lilo -R equivalent in grub? In-Reply-To: <33562.192.168.1.11.1073362035.squirrel@www.aws-sj.com> References: <3FF28183.4030107@togami.com> <33562.192.168.1.11.1073362035.squirrel@www.aws-sj.com> Message-ID: <3FFB0304.1060407@cypress.com> Casey Price wrote: >>Does GRUB have anything similar to lilo's -R? This is a totally useful >>function and I would really like to avoid using lilo. > > > I know at the GRUB bootscreen, you can press 'e' and modify the parameters > for a one time only type of thing if thats what you mean. Then you just > press 'b' to boot using those settings That requires intervention in the boot process. 'lilo -R' sets a one time default before you shutdown. That allows remote testing where you don't have access to the console at boot. If the kernel fails it can be rebooted automatically (or any lunk can hit reset) and it gets the old default next boot. The --once option is a start, but now where near as easy to use yet. A wrapper or something else is needed. perhaps integrating it into reboot (instead of it being a symlink to halt) would work? So 'reboot -d