From geek at uniserve.com Wed Sep 6 23:46:18 2006 From: geek at uniserve.com (Dave Stevens) Date: Wed, 6 Sep 2006 16:46:18 -0700 Subject: apache 2.2.3 on FC3 - repo? Message-ID: <200609061646.18317.geek@uniserve.com> I'd like to update my apache httpd version from the current 2.0.53 to the most recent 2.2.3. I assume it is available in some repo but I don't know where. Ideas? Dave -- I found one day in school a boy of medium size ill-treating a smaller boy. I expostulated, but he replied: 'The bigs hit me, so I hit the babies; that's fair.' In these words he epitomized the history of the human race. -Bertrand Russell in Education and the Social Order From nils at lemonbit.nl Thu Sep 7 00:11:54 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 7 Sep 2006 02:11:54 +0200 Subject: apache 2.2.3 on FC3 - repo? In-Reply-To: <200609061646.18317.geek@uniserve.com> References: <200609061646.18317.geek@uniserve.com> Message-ID: Dave Stevens wrote: > I'd like to update my apache httpd version from the current 2.0.53 > to the most > recent 2.2.3. I assume it is available in some repo but I don't > know where. > Ideas? The major repo's don't have it, as far as I know. Do you need 2.2 features? I guess you best upgrade to FC5 then or compile it yourself. Nils Breunese. From nils at lemonbit.nl Thu Sep 7 00:17:31 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 7 Sep 2006 02:17:31 +0200 Subject: apache 2.2.3 on FC3 - repo? In-Reply-To: References: <200609061646.18317.geek@uniserve.com> Message-ID: <6B95759E-661C-4A42-B75D-6C4E0269ABF4@lemonbit.nl> I wrote: > Dave Stevens wrote: > >> I'd like to update my apache httpd version from the current 2.0.53 >> to the most >> recent 2.2.3. I assume it is available in some repo but I don't >> know where. >> Ideas? > > The major repo's don't have it, as far as I know. Do you need 2.2 > features? I guess you best upgrade to FC5 then or compile it yourself. By the way, not even FC5 is on apache 2.2.3 yet: httpd-2.2.2-1.2 is currently the latest version in the updates channel. Nils Breunese. From andres.hans at gmail.com Fri Sep 8 18:49:16 2006 From: andres.hans at gmail.com (hans) Date: Fri, 8 Sep 2006 15:49:16 -0300 Subject: apache 2.2.3 on FC3 - repo? In-Reply-To: <6B95759E-661C-4A42-B75D-6C4E0269ABF4@lemonbit.nl> References: <200609061646.18317.geek@uniserve.com> <6B95759E-661C-4A42-B75D-6C4E0269ABF4@lemonbit.nl> Message-ID: <8603c6140609081149v11bc24cax609f0d0fe3ce5f0e@mail.gmail.com> On 9/6/06, Nils Breunese (Lemonbit Internet) wrote: > I wrote: > > > Dave Stevens wrote: > > > >> I'd like to update my apache httpd version from the current 2.0.53 > >> to the most > >> recent 2.2.3. I assume it is available in some repo but I don't > >> know where. > >> Ideas? > > > > The major repo's don't have it, as far as I know. Do you need 2.2 > > features? I guess you best upgrade to FC5 then or compile it yourself. > > By the way, not even FC5 is on apache 2.2.3 yet: httpd-2.2.2-1.2 is > currently the latest version in the updates channel. > > Nils Breunese. > > -- > fedora-legacy-list mailing list > fedora-legacy-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-legacy-list > Do you really need apache 2.2.3? if u really need it, compile it. Dont be so lazy! -- ------------------------------------------------------------------------------------------------------------- /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . Windows: "Where do you want to go today?" X - NO HTML/RTF in e-mail . Linux: "Where do you want to go tomorrow?" / \ - NO Word docs in e-mail . BSD: "Are you guys coming or what?" ------------------------------------------------------------------------------------------------------------- From nils at lemonbit.nl Tue Sep 12 07:54:02 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Tue, 12 Sep 2006 09:54:02 +0200 Subject: yum.log and logwatch Message-ID: Hi all, I was looking through a logwatch e-mail from one of my FC3 servers and noticed the yum section said it updated e2fsprogs and tzdata yesterday. I was certain I didn't run yum yesterday and this server is not updated automatically. I grepped /var/log/yum.log for these packages and sure enough I found entries for these packages, but not at the bottom of the file. Apparently the entries in yum.log do not contain years in their dates, so logwatch doesn't know these updates were installed a year ago instead of now. Is this something I should report or has this been fixed in more recent yum versions? I realize FC3 is only getting security updates these days and I guess this is not really a security issue (although for a short moment I thought someone must have had unauthorized access to my box). Nils Breunese. From geek at uniserve.com Thu Sep 14 00:26:33 2006 From: geek at uniserve.com (Dave Stevens) Date: Wed, 13 Sep 2006 17:26:33 -0700 Subject: location for nvidia driver? Message-ID: <1158193593.4508a1b96bc9f@members.uniserve.com> Hi, I have an ASUS A8N-VM motherboard with on-board Nvidia graphics and FC3 legacy up to date. The video driver defaulted to VESA. I want to try the native Nvidia driver to see if I get better graphics for some apps where it makes a difference. I have installed the nvidia software supplied with the mobo, for FC3, and now have an nvidia.ko file. At startup time, though I get a message saying: "nvidia.ko module for 2.6.12-2.3.lovacy_FC3 kernel not found" I can locate the file so I know it exists but X won't start, the log file says, "(EE) No devices detected." I can edit the xorg.conf back to vesa and get a working system but I don't know where the nvidia.ko module should be. Can I just copy it to the right directory so the startup routine will find it? And if so where does it go? Thanks, Dave -- In the world?s anti-Bush zones it is fashionable to regard him as an imperialist redneck of limited intellectual capacities. -- George Ross in Le Monde Diplomatique From gene.heskett at verizon.net Thu Sep 14 03:21:51 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Wed, 13 Sep 2006 23:21:51 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? Message-ID: <200609132321.51718.gene.heskett@verizon.net> Greetings all; Plz see subject. I'd like to clean up my yum repo list as it appears some of the repos have disappeared. Are there any new ones for truely legacy stuff? A sample list would be nice. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From nils at lemonbit.nl Thu Sep 14 10:23:03 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 14 Sep 2006 12:23:03 +0200 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <200609132321.51718.gene.heskett@verizon.net> References: <200609132321.51718.gene.heskett@verizon.net> Message-ID: Gene Heskett wrote: > Plz see subject. I'd like to clean up my yum repo list as it > appears some > of the repos have disappeared. Are there any new ones for truely > legacy > stuff? I don't believe so. Fedora Core 2 is dead, you'll have to upgrade to a newer Fedora Core version (or migrate to something like CentOS if need a longer life cycle than Fedora's). Nils Breunese. From gene.heskett at verizon.net Thu Sep 14 10:55:54 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Thu, 14 Sep 2006 06:55:54 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: References: <200609132321.51718.gene.heskett@verizon.net> Message-ID: <200609140655.55045.gene.heskett@verizon.net> On Thursday 14 September 2006 06:23, Nils Breunese (Lemonbit Internet) wrote: >Gene Heskett wrote: >> Plz see subject. I'd like to clean up my yum repo list as it >> appears some >> of the repos have disappeared. Are there any new ones for truely >> legacy >> stuff? > >I don't believe so. Fedora Core 2 is dead, you'll have to upgrade to >a newer Fedora Core version (or migrate to something like CentOS if >need a longer life cycle than Fedora's). > I was afraid of that, but the last CentOS I pulled, 4.1, was even older than much of this heavily tarball updated FC2. I hate going backwards & then reinventing all these wheels again. Thanks for the advisory. >Nils Breunese. > >-- >fedora-legacy-list mailing list >fedora-legacy-list at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From nils at lemonbit.nl Thu Sep 14 12:07:37 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 14 Sep 2006 14:07:37 +0200 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <200609140655.55045.gene.heskett@verizon.net> References: <200609132321.51718.gene.heskett@verizon.net> <200609140655.55045.gene.heskett@verizon.net> Message-ID: Gene Heskett wrote: > On Thursday 14 September 2006 06:23, Nils Breunese (Lemonbit Internet) > wrote: >> Gene Heskett wrote: >>> Plz see subject. I'd like to clean up my yum repo list as it >>> appears some >>> of the repos have disappeared. Are there any new ones for truely >>> legacy >>> stuff? >> >> I don't believe so. Fedora Core 2 is dead, you'll have to upgrade to >> a newer Fedora Core version (or migrate to something like CentOS if >> need a longer life cycle than Fedora's). >> > I was afraid of that, but the last CentOS I pulled, 4.1, was even > older > than much of this heavily tarball updated FC2. I hate going > backwards & > then reinventing all these wheels again. Is this a desktop workstation or a server? If this is a workstation or a non-production server, why not just go with the Fedora flow? I run Fedora Core 5 on my workstation and it's working just fine. If you really don't like upgrading your OS every couple of months I'd backup my data and do a fresh install of CentOS 4.4. However, CentOS 5 will be out in 6 months... :o) No immediate need to upgrade then though as CentOS 4.x will get full updates until Feb 29 2008 and maintenance updates until Feb 29 2012 (http://www.centos.org/modules/ smartfaq/faq.php?faqid=42). Nils Breunese. From agibson at ptm.com Thu Sep 14 14:54:53 2006 From: agibson at ptm.com (Adam Gibson) Date: Thu, 14 Sep 2006 10:54:53 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: References: <200609132321.51718.gene.heskett@verizon.net> <200609140655.55045.gene.heskett@verizon.net> Message-ID: <45096D3D.9010107@ptm.com> Nils Breunese (Lemonbit Internet) wrote: > If you really don't like upgrading your OS every couple of months I'd > backup my data and do a fresh install of CentOS 4.4. However, CentOS 5 > will be out in 6 months... :o) No immediate need to upgrade then > though as CentOS 4.x will get full updates until Feb 29 2008 and > maintenance updates until Feb 29 2012 > (http://www.centos.org/modules/smartfaq/faq.php?faqid=42). Good luck getting gnome 45.1 apps in 2012 working with the default gnome that comes with CentOs 4.x ;) From nils at lemonbit.nl Thu Sep 14 15:25:28 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 14 Sep 2006 17:25:28 +0200 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <45096D3D.9010107@ptm.com> References: <200609132321.51718.gene.heskett@verizon.net> <200609140655.55045.gene.heskett@verizon.net> <45096D3D.9010107@ptm.com> Message-ID: <352D8103-4A69-4DDB-B5E8-FB5E1D42E0C4@lemonbit.nl> Adam Gibson wrote: > Nils Breunese (Lemonbit Internet) wrote: >> If you really don't like upgrading your OS every couple of months >> I'd backup my data and do a fresh install of CentOS 4.4. However, >> CentOS 5 will be out in 6 months... :o) No immediate need to >> upgrade then though as CentOS 4.x will get full updates until Feb >> 29 2008 and maintenance updates until Feb 29 2012 (http:// >> www.centos.org/modules/smartfaq/faq.php?faqid=42). > Good luck getting gnome 45.1 apps in 2012 working with the default > gnome that comes with CentOs 4.x ;) Sure. :o) But it's nice to know that you can leave your system running until 2012 if you wanted too and still get security updates till then. Of course you can always do the CentOS 5 -> 6 -> 7 -> etc. upgrades. At least you won't have to upgrade every 1.5 years to keep receiving security updates. On my desktop I want the latest apps, I chose FC5. I don't like to upgrade my servers every 6 months, I chose CentOS 4. Nils Breunese. From gene.heskett at verizon.net Thu Sep 14 15:56:50 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Thu, 14 Sep 2006 11:56:50 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: References: <200609132321.51718.gene.heskett@verizon.net> <200609140655.55045.gene.heskett@verizon.net> Message-ID: <200609141156.50776.gene.heskett@verizon.net> On Thursday 14 September 2006 08:07, Nils Breunese wrote: >Gene Heskett wrote: >> On Thursday 14 September 2006 06:23, Nils Breunese (Lemonbit Internet) >> >> wrote: >>> Gene Heskett wrote: >>>> Plz see subject. I'd like to clean up my yum repo list as it >>>> appears some >>>> of the repos have disappeared. Are there any new ones for truely >>>> legacy >>>> stuff? >>> >>> I don't believe so. Fedora Core 2 is dead, you'll have to upgrade to >>> a newer Fedora Core version (or migrate to something like CentOS if >>> need a longer life cycle than Fedora's). >> >> I was afraid of that, but the last CentOS I pulled, 4.1, was even >> older >> than much of this heavily tarball updated FC2. I hate going >> backwards & >> then reinventing all these wheels again. > >Is this a desktop workstation or a server? If this is a workstation >or a non-production server, why not just go with the Fedora flow? I >run Fedora Core 5 on my workstation and it's working just fine. > >If you really don't like upgrading your OS every couple of months I'd >backup my data and do a fresh install of CentOS 4.4. The last centos I pulled was 4.3 just a month ago, the kernel was in the 2.6.9. Thats at least a year old, and ieee1394 support is broken, still is for that matter. Thats one thing I do keep up with, currently running 2.6.18-rc7. Is it new enough that I can then build a current kernel and install all of kino-0.8 and its utils, or am I headed (again) for dependency hell trying to edit a wedding from my firewire equipt movie camera and burn a vcd of it? That would be the target job for me at the moment, the rest is convienience stuff. This is the only box with a firewire card installed, and the rest are slower boxes. I didn't know centos-4.4 was out, I may fire up azureas and nuke the 4.3 dvd images I have now. >However, CentOS >5 will be out in 6 months... :o) No immediate need to upgrade then >though as CentOS 4.x will get full updates until Feb 29 2008 and >maintenance updates until Feb 29 2012 (http://www.centos.org/modules/ >smartfaq/faq.php?faqid=42). > >Nils Breunese. > >-- >fedora-legacy-list mailing list >fedora-legacy-list at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From nils at lemonbit.nl Thu Sep 14 16:09:54 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Thu, 14 Sep 2006 18:09:54 +0200 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <200609141156.50776.gene.heskett@verizon.net> References: <200609132321.51718.gene.heskett@verizon.net> <200609140655.55045.gene.heskett@verizon.net> <200609141156.50776.gene.heskett@verizon.net> Message-ID: <4DB8ED20-1CBA-48AF-9312-77225C28CC2A@lemonbit.nl> Gene Heskett wrote: >> Is this a desktop workstation or a server? If this is a workstation >> or a non-production server, why not just go with the Fedora flow? I >> run Fedora Core 5 on my workstation and it's working just fine. >> >> If you really don't like upgrading your OS every couple of months I'd >> backup my data and do a fresh install of CentOS 4.4. > > The last centos I pulled was 4.3 just a month ago, the kernel was > in the > 2.6.9. Thats at least a year old, and ieee1394 support is broken, > still > is for that matter. Thats one thing I do keep up with, currently > running > 2.6.18-rc7. It's an enterprise OS, so don't expect the latest versions of packages in the official repositories. There are extra repositories that do provide newer packages (centos-plus et al). And you can always roll your own kernel if you need too. I'd just get a base system that fits most of your needs. > Is it new enough that I can then build a current kernel and install > all of > kino-0.8 and its utils, or am I headed (again) for dependency hell > trying > to edit a wedding from my firewire equipt movie camera and burn a > vcd of > it? That would be the target job for me at the moment, the rest is > convienience stuff. This is the only box with a firewire card > installed, > and the rest are slower boxes. I just use CentOS for servers, so I wouldn't know how kino is doing on CentOS, but the things you want to do (multimedia, firewire, movies) sound like you'd be better off with a Fedora upgrade. Is something keeping you from upgrading your FC2 install to a newer Fedora release? FC5 has a 2.6.17 kernel and probably the latest versions of packages, unless you compile everything yourself anyway. > I didn't know centos-4.4 was out, I may fire up azureas and nuke > the 4.3 > dvd images I have now. Looking at the number of packages at http://mirror.centos.org/ centos-4/4.4/updates/i386/RPMS/ I wouldn't bother. Just install 4.3 and run a quick yum update to get to 4.4. Nils Breunese. From gene.heskett at verizon.net Thu Sep 14 16:10:52 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Thu, 14 Sep 2006 12:10:52 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <45096D3D.9010107@ptm.com> References: <200609132321.51718.gene.heskett@verizon.net> <45096D3D.9010107@ptm.com> Message-ID: <200609141210.53030.gene.heskett@verizon.net> On Thursday 14 September 2006 10:54, Adam Gibson wrote: >Nils Breunese (Lemonbit Internet) wrote: >> If you really don't like upgrading your OS every couple of months I'd >> backup my data and do a fresh install of CentOS 4.4. However, CentOS 5 >> will be out in 6 months... :o) No immediate need to upgrade then >> though as CentOS 4.x will get full updates until Feb 29 2008 and >> maintenance updates until Feb 29 2012 >> (http://www.centos.org/modules/smartfaq/faq.php?faqid=42). > >Good luck getting gnome 45.1 apps in 2012 working with the default gnome >that comes with CentOs 4.x ;) > Yup, I think thats unrealistic. I have 4.4 coming in now, so we'll see. And I have amanda backups, safe on another drive, so I can get most of my data back. >-- >fedora-legacy-list mailing list >fedora-legacy-list at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From gene.heskett at verizon.net Thu Sep 14 16:27:45 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Thu, 14 Sep 2006 12:27:45 -0400 Subject: Now that fc2 is retired, is there any valid yum repos? In-Reply-To: <4DB8ED20-1CBA-48AF-9312-77225C28CC2A@lemonbit.nl> References: <200609132321.51718.gene.heskett@verizon.net> <200609141156.50776.gene.heskett@verizon.net> <4DB8ED20-1CBA-48AF-9312-77225C28CC2A@lemonbit.nl> Message-ID: <200609141227.45302.gene.heskett@verizon.net> On Thursday 14 September 2006 12:09, Nils Breunese (Lemonbit Internet) wrote: >Gene Heskett wrote: >>> Is this a desktop workstation or a server? If this is a workstation >>> or a non-production server, why not just go with the Fedora flow? I >>> run Fedora Core 5 on my workstation and it's working just fine. >>> >>> If you really don't like upgrading your OS every couple of months I'd >>> backup my data and do a fresh install of CentOS 4.4. >> >> The last centos I pulled was 4.3 just a month ago, the kernel was >> in the >> 2.6.9. Thats at least a year old, and ieee1394 support is broken, >> still >> is for that matter. Thats one thing I do keep up with, currently >> running >> 2.6.18-rc7. > >It's an enterprise OS, so don't expect the latest versions of >packages in the official repositories. There are extra repositories >that do provide newer packages (centos-plus et al). And you can >always roll your own kernel if you need too. I'd just get a base >system that fits most of your needs. > >> Is it new enough that I can then build a current kernel and install >> all of >> kino-0.8 and its utils, or am I headed (again) for dependency hell >> trying >> to edit a wedding from my firewire equipt movie camera and burn a >> vcd of >> it? That would be the target job for me at the moment, the rest is >> convienience stuff. This is the only box with a firewire card >> installed, >> and the rest are slower boxes. > >I just use CentOS for servers, so I wouldn't know how kino is doing >on CentOS, but the things you want to do (multimedia, firewire, >movies) sound like you'd be better off with a Fedora upgrade. Is >something keeping you from upgrading your FC2 install to a newer >Fedora release? FC5 has a 2.6.17 kernel and probably the latest >versions of packages, unless you compile everything yourself anyway. I've built a considerable amount of this system now, so I'm not allergic to the idea as long as the ./configure scripts can sort the dependencies. >> I didn't know centos-4.4 was out, I may fire up azureas and nuke >> the 4.3 >> dvd images I have now. > >Looking at the number of packages at http://mirror.centos.org/ >centos-4/4.4/updates/i386/RPMS/ I wouldn't bother. Just install 4.3 >and run a quick yum update to get to 4.4. Yeah, I saw that, after I'd nuked the other 2 images and gotten the torrent started. Duh, hindsight is always 20-05 you know. :( >Nils Breunese. > >-- >fedora-legacy-list mailing list >fedora-legacy-list at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From mattdm at mattdm.org Thu Sep 14 17:03:17 2006 From: mattdm at mattdm.org (Matthew Miller) Date: Thu, 14 Sep 2006 13:03:17 -0400 Subject: yum.log and logwatch In-Reply-To: References: Message-ID: <20060914170317.GA1084@jadzia.bu.edu> On Tue, Sep 12, 2006 at 09:54:02AM +0200, Nils Breunese (Lemonbit Internet) wrote: > at the bottom of the file. Apparently the entries in yum.log do not > contain years in their dates, so logwatch doesn't know these updates > were installed a year ago instead of now. Is this something I should > report or has this been fixed in more recent yum versions? I realize > FC3 is only getting security updates these days and I guess this is > not really a security issue (although for a short moment I thought > someone must have had unauthorized access to my box). It's definitely an annoying problem. Newer yum can log to syslog, which will solve this. -- Matthew Miller mattdm at mattdm.org Boston University Linux ------> From danno at internet2.edu Thu Sep 14 19:18:47 2006 From: danno at internet2.edu (Dan Pritts) Date: Thu, 14 Sep 2006 15:18:47 -0400 Subject: openssl update for 7.3 forthcoming? Message-ID: <20060914191847.GB5511@internet2.edu> Is someone working on an update for openssl for i386? I don't see it in testing. http://www.openssl.org/news/secadv_20060905.txt There's a pretty simple looking patch: http://www.openssl.org/news/patch-CVE-2006-4339.txt danno -- Dan Pritts, System Administrator Internet2 office: +1-734-352-4953 | mobile: +1-734-834-7224 From hjp+fedora-legacy at wsr.ac.at Fri Sep 15 08:11:46 2006 From: hjp+fedora-legacy at wsr.ac.at (Peter J. Holzer) Date: Fri, 15 Sep 2006 10:11:46 +0200 Subject: yum.log and logwatch In-Reply-To: <20060914170317.GA1084@jadzia.bu.edu> References: <20060914170317.GA1084@jadzia.bu.edu> Message-ID: <20060915081146.GC27920@wsr.ac.at> On 2006-09-14 13:03:17 -0400, Matthew Miller wrote: > On Tue, Sep 12, 2006 at 09:54:02AM +0200, Nils Breunese (Lemonbit Internet) wrote: > > at the bottom of the file. Apparently the entries in yum.log do not > > contain years in their dates, so logwatch doesn't know these updates > > were installed a year ago instead of now. > > It's definitely an annoying problem. Newer yum can log to syslog, which will > solve this. Syslog doesn't contain a year either. But on most machines the syslog files are rotated more than once per year ;-) hp -- _ | Peter J. Holzer | If I wanted to be "academically correct", |_|_) | Sysadmin WSR | I'd be programming in Java. | | | hjp at wsr.ac.at | I don't, and I'm not. __/ | http://www.hjp.at/ | -- Jesse Erlbaum on dbi-users -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 388 bytes Desc: not available URL: From michal at harddata.com Sat Sep 16 19:34:52 2006 From: michal at harddata.com (Michal Jaegermann) Date: Sat, 16 Sep 2006 13:34:52 -0600 Subject: updated srpms for firefox and seamonkey (mozilla) Message-ID: <20060916193452.GA30034@mail.harddata.com> With the current updates I replaced older packages with ftp://ftp.harddata.com/pub/Legacy_srpms/seamonkey-1.0.5-0.4.fc4.0.mj.src.rpm ftp://ftp.harddata.com/pub/Legacy_srpms/firefox-1.5.0.7-1.fc4.0.mj.src.rpm which I used to recompile browser for FC4 systems. These packages likely fit older installations too but I did not try. Have a shot at the above if you would rather run something with recent security patches against remote attacks than "official". Once again - the seamonkey package above is configured to _replace_ old mozilla and not to be installed side-by-side (like what you can find in "extras"). This means that all packages which depend on 'mozilla' or its subpackages, starting with yelp, need to be recompiled too as some library locations change. This is purely "mechanical" and does not need any configuration modifications; required /usr/lib/pkgconfig/mozilla*.pc files are supplied by 'seamonkey-devel' and there are corresponding 'mozilla' provides. The same way like in similar packages from RHEL. The easiest way to check what on your system needs new binaries is, after seamonkey packages were installed, to type: yum remove 'semonkey*' respond "no" and see what were other candidates for a removal. If the above srpms were used as starting points for Legacy releases I would be only happy. Michal From gene.heskett at verizon.net Fri Sep 1 04:39:26 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Fri, 01 Sep 2006 04:39:26 -0000 Subject: Odd problem with sha1sums Message-ID: <200609010038.58516.gene.heskett@verizon.net> I have now burnt 2 copies of the FC-6T2-live-dvd.iso, one on a +dvd and one on a -dvd disk. Both of these freshly written dvd's check with an identical sha1sum when doing a 'sha1sum -b /dev/cdrom'. But it doesn't match the sha1sum of the iso I started with! Is this a known problem? Fixable by turning off the dma on /dev/hdc maybe? System is an FC2 box, with a newer kde-3.3.0, so k3b is still using md5sums which of course fail to check too. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From Nicholas at apiit.edu.my Fri Sep 8 08:03:07 2006 From: Nicholas at apiit.edu.my (Nicholas Adrian Suppiah) Date: Fri, 8 Sep 2006 16:03:07 +0800 Subject: Kernel panic - installing on HP DC7100 Message-ID: Hi All, I am trying to install FC5 on a HP DC7100 but it fails to even load the installation kernel. The same goes for SuSE10.1. It just displays a kernel Panic message after detecting the mouse and keyboard. Can anyone advice? It may be a BIOS problem but I have yet to find a solution. Regards Nicholas From deisenst at gtw.net Sun Sep 17 07:16:07 2006 From: deisenst at gtw.net (David Eisenstein) Date: Sun, 17 Sep 2006 02:16:07 -0500 Subject: Fedora Legacy Project vitality. Anybody here? Message-ID: <450CF637.6080403@gtw.net> Hi Folks, (The below is something I wrote back in June, contemplating it. I still feel this way, but I've not been as active in the project as I was then.) The Fedora Legacy Project seems to me just barely alive. Sometimes I think about it and wonder why it seems that way. Is it just me who feels that way? Here are some concerns for the continued vitality of the Fedora Legacy project: * Participatory structure I: One of the reasons I joined the legacy project in the first place is because I had the impression back in fall 2004 that we were a vital community with a number of players who each took turns doing different roles in the process of doing the work of Legacy. The fact of the matter is that for quite awhile, only 3-4 people seem to have been doing the bulk of the work described on our "par- ticipate" page, of vulnerability tracker, Vulnerability Analyst and Patch Creator, Test RPM Packager, QA Tester, Publisher (Release Manager), and nevermind the other roles listed. On some occasions, a single person does all the steps (except source QA and binary QA testing -- *if* binary QA even gets done at all). Working with others is fun. Knowing that people are around who care and who will be there to do stuff and consult with is part of the fun of doing community work. But it is only fun if there is a community to work with. I know there are folks like you out there that read with interest every post that is made to the fedora-legacy-list, who are willing to jump in and answer questions and concerns of others having problems with the legacy software that we maintain. But I miss collaboration here, for the most part. I guess what I miss is the sense of vitality when collaborators are close at hand. Like, when folks visit on IRC and chit-chat with one another while doing work on various projects... Very few of us seem to do IRC... Or make known specific times when we will be available on the #Fedora-Legacy channel that we operate on irc.freenode.net. * Participatory Structure II: Guidance, deliverables, goals, and governance. Sometimes in participating with Fedora Legacy it feels like Legacy is a ship without a rudder. We have our goals generically set out on the websites that we operate, namely - Main site: - Wiki: and we do get stuff done. Not necessarily very fast, but it gets done. But where is the governance? Where are the week-to-week or month-to- month goals? Where are the meetings that projects of our scope ought to be having, at least monthly, to assess how we are doing our job and where we are going, how we are succeeding and where we need to grow, and to give people ownership, responsibility, accountability, and expectations as to what they can do (or are needed to do) to keep our project vital and have fun while doing it? Sometimes I feel like I have some ownership in this project -- I am on the build team after all and have access to our build server and can find new vulnerabilities, enter new bugzilla reports, propose patches, propose updated .src.rpm packages, build new binary .rpm packages to be pushed to updates-testing or updates. But other times it's like -- okay. I'm lost. Where are we? A. Do we have all the volunteers we need to take care of all the various and sundry aspects of running a successful project? Are all our roles filled and being operated? Do we have leaders in charge of the various areas to help get new people acclimated to what these roles do to get fresh blood contributing? Do we have ways to make it easy for people to get started contributing? Some roles: (see http://fedoralegacy.org/participate/) B. Are we keeping up with vulnerabilities? Or are we just taking care of the "low-hanging-fruit" kind of vulnerabilities that are critical? C. Now that we have some official Fedora infrastucture (like CVS), do any of our maintainers know how to work it or what to do with it? (Am afraid I don't.) Do we need to get people involved with its use? I like the fun of doing the good work of Fedora Legacy, helping people out who want to or have to run older Fedora or Red Hat distributions of Linux. It feels good to get this work done, and know that some folks are getting some good out of what we do here. But we need people to play with and help us get work done. It gets a bit lonely (and overwhelming!) when only 3 to 6 people regularly contribute to the basic work of maintaining security fixes for our Fedora (and RedHat) releases. Anyone wanna come talk on IRC sometime? Have a visit? Help set up short-term goals, long-term goals for our project? Grab a bug and start finding patches? (...with many thanks to Michal Jaegermann for sharing some packages he has made for Seamonkey and Firefox that we need to get up off our collective duff and use and make official!) Have any ideas to attract more folks to participate in what we do? Thanks for your time. Warm regards, David Eisenstein From nils at lemonbit.nl Sun Sep 17 08:39:28 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Sun, 17 Sep 2006 10:39:28 +0200 Subject: Odd problem with sha1sums In-Reply-To: <200609010038.58516.gene.heskett@verizon.net> References: <200609010038.58516.gene.heskett@verizon.net> Message-ID: Gene Heskett wrote: > I have now burnt 2 copies of the FC-6T2-live-dvd.iso, one on a +dvd > and one > on a -dvd disk. > > Both of these freshly written dvd's check with an identical sha1sum > when > doing a 'sha1sum -b /dev/cdrom'. > > But it doesn't match the sha1sum of the iso I started with! > > Is this a known problem? Fixable by turning off the dma on /dev/ > hdc maybe? > > System is an FC2 box, with a newer kde-3.3.0, so k3b is still using > md5sums > which of course fail to check too. Actually I'm not really sure running sha1sum on the device should give the same sum as running it on the iso file. I believe the standard procedure is to run sha1sum on the iso after you've downloaded it and then check the outcome. Did you do that? Burning software should take of making sure it's properly burning the iso after that. Also, did you run the built-in media check when you start the installer and did that give you OK? Nils Breunese. From gene.heskett at verizon.net Sun Sep 17 12:19:21 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Sun, 17 Sep 2006 08:19:21 -0400 Subject: Odd problem with sha1sums In-Reply-To: References: <200609010038.58516.gene.heskett@verizon.net> Message-ID: <200609170819.21218.gene.heskett@verizon.net> On Sunday 17 September 2006 04:39, Nils Breunese (Lemonbit Internet) wrote: >Gene Heskett wrote: >> I have now burnt 2 copies of the FC-6T2-live-dvd.iso, one on a +dvd >> and one >> on a -dvd disk. >> >> Both of these freshly written dvd's check with an identical sha1sum >> when >> doing a 'sha1sum -b /dev/cdrom'. >> >> But it doesn't match the sha1sum of the iso I started with! >> >> Is this a known problem? Fixable by turning off the dma on /dev/ >> hdc maybe? >> >> System is an FC2 box, with a newer kde-3.3.0, so k3b is still using >> md5sums >> which of course fail to check too. > >Actually I'm not really sure running sha1sum on the device should >give the same sum as running it on the iso file. I believe the >standard procedure is to run sha1sum on the iso after you've >downloaded it and then check the outcome. Did you do that? Yes. >Burning >software should take of making sure it's properly burning the iso >after that. Also, did you run the built-in media check when you start >the installer and did that give you OK? Well, my copy of k3b is a bit old & uses md5sums yet. However, I'd since made the discovery that if I do it by hand, by first dividing the size of the iso by 2048, then doing this: dd if=/dev/cdrom bs=2048 count=(result of the above division) | md5sum or sha1sum then the *sums are correct. So its probably a case of the filesystem, using dma, and its not knowing when to quit reading the dma buffer problem, and thats been mentioned before. However, the mediacheck has been known to fail while the disk reads fine, or the mediacheck was ok, and the disk failed to find a file 20 minutes later during the install, so thats not been a 100% bulletproof check in my experience here. Sometimes I don't fully apply the brain before posting, but if my experiences and frustrations help someone else, its all for a good cause I think. Thanks Nils. >Nils Breunese. > > >-- >fedora-legacy-list mailing list >fedora-legacy-list at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From nils at lemonbit.nl Sun Sep 17 17:17:55 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Sun, 17 Sep 2006 19:17:55 +0200 Subject: Kernel panic - installing on HP DC7100 In-Reply-To: References: Message-ID: Nicholas Adrian Suppiah wrote: > I am trying to install FC5 on a HP DC7100 but it fails to even load > the > installation kernel. The same goes for SuSE10.1. > > It just displays a kernel Panic message after detecting the mouse and > keyboard. > > Can anyone advice? It may be a BIOS problem but I have yet to find a > solution. This is the Fedora Legacy list, for the Fedora Legacy project. Currently FC3 and FC4 are maintained by the Fedora Legacy Project (http://www.fedoralegacy.org/). FC5 is currently still 'normally' maintained. See http://fedora.redhat.com/participate/communicate/ for an overview of the Fedora mailinglists. Questions regarding FC5 should be directed to fedora-list (http://www.redhat.com/mailman/ listinfo/fedora-list) or you might want to check out http:// www.fedoraforum.org/. Having said that, you might want to take a look at http://www.fedorafaq.org/#otherinstall. Nils Breunese. From nils at lemonbit.nl Sun Sep 17 17:25:06 2006 From: nils at lemonbit.nl (Nils Breunese (Lemonbit Internet)) Date: Sun, 17 Sep 2006 19:25:06 +0200 Subject: Odd problem with sha1sums In-Reply-To: <200609170819.21218.gene.heskett@verizon.net> References: <200609010038.58516.gene.heskett@verizon.net> <200609170819.21218.gene.heskett@verizon.net> Message-ID: Gene Heskett wrote: >> Actually I'm not really sure running sha1sum on the device should >> give the same sum as running it on the iso file. I believe the >> standard procedure is to run sha1sum on the iso after you've >> downloaded it and then check the outcome. Did you do that? > > Yes. And did the sha1sum of your download match the sha1sum published? Nils Breunese. From rostetter at mail.utexas.edu Sun Sep 17 18:46:28 2006 From: rostetter at mail.utexas.edu (Eric Rostetter) Date: Sun, 17 Sep 2006 13:46:28 -0500 Subject: Fedora Legacy Project vitality. Anybody here? In-Reply-To: <450CF637.6080403@gtw.net> References: <450CF637.6080403@gtw.net> Message-ID: <20060917134628.j8uuzwbmceockso8@mail.ph.utexas.edu> Quoting David Eisenstein : > The Fedora Legacy Project seems to me just barely alive. Yes, I agree. Maybe not yet to the point of life support, but at least in the "living but not enjoying life" stage. > Sometimes I think about it and wonder why it seems that way. Is it just > me who feels that way? No, others feel this way. > * Participatory structure I: One of the reasons I joined the legacy > project in the first place is because I had the impression back in > fall 2004 that we were a vital community with a number of players > who each took turns doing different roles in the process of doing > the work of Legacy. I think what we were missing from the start was a spirit of "mentoring" in the project. Lots of people like myself wanted to join because we _needed_ RHL support extended. But, we were not "opensource" people, and we didn't know/use things like gpg, irc, yum/apt, etc. We met a very high learning curve with no one willing to help much... People with the knowledge and desire to use these channels didn't want to help "mentor" the new folks who didn't know anything about this, and didn't want to use other methods... Lots of requests to make things easier have been met with "why do we need to do that?" responses. Lots of requests for help have been met with "figure it out for yourself using a search engine" type responses. So what we ended up with was a lot of people who came in with the desire to help becoming "lurkers" instead. > The fact of the matter is that for quite awhile, only 3-4 people > seem to have been doing the bulk of the work described on our "par- > ticipate" page, of vulnerability tracker, Vulnerability Analyst and > Patch Creator, Test RPM Packager, QA Tester, Publisher (Release > Manager), and nevermind the other roles listed. On some occasions, > a single person does all the steps (except source QA and binary QA > testing -- *if* binary QA even gets done at all). > Can't deny that... > Working with others is fun. Knowing that people are around who care and > who will be there to do stuff and consult with is part of the fun of doing > community work. But it is only fun if there is a community to work with. This is where I think the "mentoring" would have helped... I've joined other projects where I didn't really know what I was doing, but the leads in those projects took the time to get me up to speed, and I was really able to contribute to the projects. With FL, people didn't want to take the time to get me up to speed, and didn't want to accept that I simply don't use IRC and that other communication methods (email) might be equally useful. > I know there are folks like you out there that read with interest every > post that is made to the fedora-legacy-list, who are willing to jump in > and answer questions and concerns of others having problems with the > legacy software that we maintain. I try, though lately even I've lost interest in the project to tell the truth. I'd say come 2007 I'll probably have no interest in FL at all, since I really only cared about RHL anyway and not Fedora Core. Had I made friends, or other strong relationships, within FL that would be different. But other than Jesse, I can't say I even remotely "know" or have a relationship with anyone in FL. On other projects I work on, I feel a connction to at least a half dozen people in the project. That just never happened in FL. > But I miss collaboration here, for the most part. I guess what I miss is > the sense of vitality when collaborators are close at hand. Like, when > folks visit on IRC and chit-chat with one another while doing work on > various projects... Very few of us seem to do IRC... Or make known > specific times when we will be available on the #Fedora-Legacy channel > that we operate on irc.freenode.net. I don't do IRC. I just don't. If that is a requirment for FL, then I'm out... I prefere e-mail, and I like the idea that it is archived and searchable, and I require the fact that it is asynchronous... But, I also miss the collaboration here in FL. And I don't see many requests for it, or any hint of mentoring... So it seems we have none, and no one is trying to create it either. > Sometimes in participating with Fedora Legacy it feels like Legacy is a > ship without a rudder. We have our goals generically set out on the > websites that we operate, namely We've got a problem that when changes are proposed, they languish in debate. See my post about consensus versus consent. I think had we switched to consent we would have been much better off. But we never got consensus on switching to consent... ;) Why, well, lack of leadership, or lack of interest, or no ruder, I don't know... > and we do get stuff done. Not necessarily very fast, but it gets done. We get patches out. Not much else. The community would consist of more than just getting out some patches and a few docs. > But where is the governance? Jesse. ;) > Where are the week-to-week or month-to- > month goals? Where are the meetings that projects of our scope ought to > be having, at least monthly, to assess how we are doing our job and where > we are going, how we are succeeding and where we need to grow, and to give > people ownership, responsibility, accountability, and expectations as to > what they can do (or are needed to do) to keep our project vital and have > fun while doing it? Those are all missing from this project (but I see such things in other projects like the Fedora Documentation Project). Not that all projects with those things do better than projects without them, but they would certainly help in the case of FL, IMHO. > Sometimes I feel like I have some ownership in this project -- I am on the > build team after all and have access to our build server and can find new > vulnerabilities, enter new bugzilla reports, propose patches, propose > updated .src.rpm packages, build new binary .rpm packages to be pushed to > updates-testing or updates. I have no ownership. I can't do any of the above... I created a web page, but it has been "replaced" by a wiki in theory but not reality... So even my contributions (web site) seem to be un-appreciated anymore. > But other times it's like -- okay. I'm lost. Where are we? Well, our overview has had several updates proposed, but never been updated as no "consensus" was reached. So, we don't even have a current overview or road path to go with. This is a shame. > A. Do we have all the volunteers we need to take care of all the > various and sundry aspects of running a successful project? Only if we take care to mentor and encourage them, rather than discourage them and push them into "lurker" roles. > Are > all our roles filled and being operated? Do we have leaders in > charge of the various areas to help get new people acclimated to what > these roles do to get fresh blood contributing? No. This is IMHO the biggest problem, even bigger than the consent/consensus problem. > Do we have ways to > make it easy for people to get started contributing? > Some roles: (see http://fedoralegacy.org/participate/) We have the docs, but not the moral support to help people. We can't come to a consensus on what should be done to help new participants, so nothing gets done. > B. Are we keeping up with vulnerabilities? Or are we just taking care > of the "low-hanging-fruit" kind of vulnerabilities that are critical? No idea actually. > C. Now that we have some official Fedora infrastucture (like CVS), do any > of our maintainers know how to work it or what to do with it? (Am > afraid I don't.) Do we need to get people involved with its use? I don't. But, I've pretty much dropped out of the project due to it being too hard to pariticipate and lack of time on my part. > I like the fun of doing the good work of Fedora Legacy, helping people out > who want to or have to run older Fedora or Red Hat distributions of Linux. > It feels good to get this work done, and know that some folks are getting > some good out of what we do here. I agree completely. But there have been too many road blocks in place to make my help rewarding. In summary, I have to put in too much work for what I get back out of that work, so I simply start slacking and using the rewards of other people's work instead. > But we need people to play with and help us get work done. It gets a bit > lonely (and overwhelming!) when only 3 to 6 people regularly contribute to > the basic work of maintaining security fixes for our Fedora (and RedHat) > releases. Agreed. > Anyone wanna come talk on IRC sometime? I do not use IRC. I will only use IRC if it is being used for some purpose such as weekly/monthly meetings. That I can do. But I don't spend all day on IRC/IM/etc. It is too distracting. I respond to email when time allows, but don't have a schedule for real-time interaction like IRC/IM. > Have a visit? Help set up > short-term goals, long-term goals for our project? Grab a bug and start I'd love to. But I think until/unless we switch from consensus to consent (which Jesse sometimes does, but the rest of us can't, as we're not project leaders) this won't happen. Jesse is great, but he is only one person, and one person can't do everything. > finding patches? (...with many thanks to Michal Jaegermann for sharing > some packages he has made for Seamonkey and Firefox that we need to get up > off our collective duff and use and make official!) Have any ideas to > attract more folks to participate in what we do? Make it easier. Start a mentoring program. Switch from consensus to consent. > Thanks for your time. Thanks for pushing the issue and not just giving up (like I did). > Warm regards, > David Eisenstein -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns! From mattdm at mattdm.org Mon Sep 18 02:40:53 2006 From: mattdm at mattdm.org (Matthew Miller) Date: Sun, 17 Sep 2006 22:40:53 -0400 Subject: Fedora Legacy Project vitality. Anybody here? In-Reply-To: <20060917134628.j8uuzwbmceockso8@mail.ph.utexas.edu> References: <450CF637.6080403@gtw.net> <20060917134628.j8uuzwbmceockso8@mail.ph.utexas.edu> Message-ID: <20060918024053.GA1026@jadzia.bu.edu> On Sun, Sep 17, 2006 at 01:46:28PM -0500, Eric Rostetter wrote: > >But where is the governance? > Jesse. ;) And he's done a great job -- but now has high-pressure duties at Red Hat which clearly are taking priority. And taking priority over that: Which is awesome for Jesse (congratulations) but bad news for Fedora Legacy. -- Matthew Miller mattdm at mattdm.org Boston University Linux ------> From mattdm at mattdm.org Mon Sep 18 16:20:25 2006 From: mattdm at mattdm.org (Matthew Miller) Date: Mon, 18 Sep 2006 12:20:25 -0400 Subject: updated srpms for firefox and seamonkey (mozilla) In-Reply-To: <20060916193452.GA30034@mail.harddata.com> References: <20060916193452.GA30034@mail.harddata.com> Message-ID: <20060918162025.GA31713@jadzia.bu.edu> On Sat, Sep 16, 2006 at 01:34:52PM -0600, Michal Jaegermann wrote: > With the current updates I replaced older packages with > ftp://ftp.harddata.com/pub/Legacy_srpms/seamonkey-1.0.5-0.4.fc4.0.mj.src.rpm > ftp://ftp.harddata.com/pub/Legacy_srpms/firefox-1.5.0.7-1.fc4.0.mj.src.rpm > which I used to recompile browser for FC4 systems. These packages Thanks Michal. This is very useful. > If the above srpms were used as starting points for Legacy releases > I would be only happy. Sounds good to me. -- Matthew Miller mattdm at mattdm.org Boston University Linux ------> From gene.heskett at verizon.net Tue Sep 19 00:48:31 2006 From: gene.heskett at verizon.net (Gene Heskett) Date: Mon, 18 Sep 2006 20:48:31 -0400 Subject: Odd problem with sha1sums In-Reply-To: References: <200609010038.58516.gene.heskett@verizon.net> <200609170819.21218.gene.heskett@verizon.net> Message-ID: <200609182048.31535.gene.heskett@verizon.net> On Sunday 17 September 2006 13:25, Nils Breunese (Lemonbit Internet) wrote: >Gene Heskett wrote: >>> Actually I'm not really sure running sha1sum on the device should >>> give the same sum as running it on the iso file. I believe the >>> standard procedure is to run sha1sum on the iso after you've >>> downloaded it and then check the outcome. Did you do that? >> >> Yes. > >And did the sha1sum of your download match the sha1sum published? > Sure did Nils, I thought I had indicated that. And, by using my method of finding out how many 2048 byte blocks there are in the file, and then asking dd to fetch that many from the disk & pipe it to sha1sum, and those results also match. I believe the real problem of the erronious failure occurs because 1) dma is in use, and 2) with dma in use, file length accuracy gets lost in the dma buffering. This is alleviated if you just ask the disk for exactly that many bytes, and then the sha1sum is ok. Is this clear now? >Nils Breunese. -- Cheers Nils, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. From trust_finnley at yahoo.com Fri Sep 22 13:50:46 2006 From: trust_finnley at yahoo.com (evan magers) Date: Fri, 22 Sep 2006 06:50:46 -0700 (PDT) Subject: pcmcia error prevents boot rh9 on dell csx Message-ID: <20060922135046.73891.qmail@web36903.mail.mud.yahoo.com> RH 2.4.20-46.9.legacy on a Dell Latitude CSx, single-boot. Boot hangs with Socket Status: 300000006 but I can start fine going into Interactive mode and typing N at the Start service pcmcia prompt. The boot log stops at pcmcia: Starting PCMCIA services: with no error details when this freeze happens. When I try to start pcmcia services through the x-windows Services utility, the application freezes there also. Any idea where I should be looking? BTW, I have used a 2Wire wireless card with the orinoco driver, alternating with a Xircom LAN card, both just fine, before this problem came up. Also, the laptop went through airport carry-on security right before this all started. thanks This problem seems very similar to one archived on the fedora list, one which unfortunately had no resolution, but it was also a Latitude: http://www.redhat.com/archives/fedora-list/2005-January/msg02116.html __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From nhruby at uga.edu Mon Sep 25 16:39:45 2006 From: nhruby at uga.edu (nathan r. hruby) Date: Mon, 25 Sep 2006 16:39:45 -0000 Subject: default yum configuration for Legacy In-Reply-To: <20040106010618.GH6778@angus.ind.WPI.EDU> References: <20040106010618.GH6778@angus.ind.WPI.EDU> Message-ID: On Mon, 5 Jan 2004, Charles R. Anderson wrote: > Should the yum service default to on or off? > Should the yum.conf exclude kernels by default? > > I think auto updates should be off by default, and kernels should be > excluded by default, just as it is in up2date. > > What are people's opinions on this? > What I do is leave the service on and change the cron job to do a yum list to inform people of updates so they are aware of them being there. I also leave a exclude line for kernels commented out in the yum.conf that I ship for campus. Yes, seth will say this doesn't scale and he's right, luckily I don't get root's mail for all of the linux boxes on campus :) -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- -- fedora-devel-list mailing list fedora-devel-list at redhat.com http://www.redhat.com/mailman/listinfo/fedora-devel-list From cra at WPI.EDU Tue Sep 26 08:17:25 2006 From: cra at WPI.EDU (Charles R. Anderson) Date: Tue, 26 Sep 2006 08:17:25 -0000 Subject: Self-Introduction: Charles R. Anderson Message-ID: <20040105231923.GG6778@angus.ind.WPI.EDU> 1. Charles R. Anderson 2. USA, Worcester, MA 3. Network Engineer 4. WPI 5. Your goals in the Fedora Project * Which packages do you want to see published? . updated net-snmp w/perl support . updated dhcp packages suitable for failover support . nagios, CMU NetReg, rrdtool, cricket, mrtg . IPv6 support in more apps . network-related work with e.g. link detection, IPsec... . alsa, more multimedia apps (with IP multicast support) . kegs (Kent's Emulated GS) and other emulator tools . koules and xboing (anyone up for network koules? :) * Do you want to do QA? Yes. * Anything else special? My main interests are in packaging, QA, testing, tools/infrastructure/admin, rather than coding/debugging. However, I'd feel at home coding in Perl. I'm interested in Legacy only to support my couple of remaining 7.3 boxes for as long as they stay that way, and possibly 7.2/Alpha and Aurora SPARC as time permits. 6. Historical qualifications * What other projects have you worked on in the past? . Aurora SPARC Linux . I've been packaging ISC dhcp RPM's for three years: http://www.isc.org/products/DHCP/ . CMU NetReg: http://www.net.cmu.edu/netreg/ . LANdb: http://landb.sourceforge.net/ . Autostatus: http://www.angio.net/consult/autostatus/ * What computer languages and other skills do you know? . C, C++, Assembly, Scheme . Perl, Awk, Sed, C Shell, Bourne Shell, Expect . Networking and systems administration * Why should we trust you? <--- too blunt? That's for the community to decide... I've been a RHL user since 1996/RHL 4.0 or so. I've done a lot of RPM packaging, informally published on ftp://angus.ind.wpi.edu/pub/cra-contrib. I've participated in RHL betas and the mirror process. 7. GPG KEYID and fingerprint pub 1024D/49BB5886 2001-04-11 Charles R. Anderson Key fingerprint = EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886 sub 2048g/B0817A13 2001-04-11 -- fedora-devel-list mailing list fedora-devel-list at redhat.com http://www.redhat.com/mailman/listinfo/fedora-devel-list From cra at WPI.EDU Tue Sep 26 08:26:31 2006 From: cra at WPI.EDU (Charles R. Anderson) Date: Tue, 26 Sep 2006 08:26:31 -0000 Subject: default yum configuration for Legacy Message-ID: <20040106010618.GH6778@angus.ind.WPI.EDU> Should the yum service default to on or off? Should the yum.conf exclude kernels by default? I think auto updates should be off by default, and kernels should be excluded by default, just as it is in up2date. What are people's opinions on this? -- fedora-devel-list mailing list fedora-devel-list at redhat.com http://www.redhat.com/mailman/listinfo/fedora-devel-list From mattdm at mattdm.org Fri Sep 29 19:08:33 2006 From: mattdm at mattdm.org (Matthew Miller) Date: Fri, 29 Sep 2006 15:08:33 -0400 Subject: openssl updates Message-ID: <20060929190833.GA4850@jadzia.bu.edu> Anything? -- Matthew Miller mattdm at mattdm.org Boston University Linux ------> From michal at harddata.com Fri Sep 29 20:46:59 2006 From: michal at harddata.com (Michal Jaegermann) Date: Fri, 29 Sep 2006 14:46:59 -0600 Subject: openssl updates In-Reply-To: <20060929190833.GA4850@jadzia.bu.edu> References: <20060929190833.GA4850@jadzia.bu.edu> Message-ID: <20060929204659.GA2458@mail.harddata.com> On Fri, Sep 29, 2006 at 03:08:33PM -0400, Matthew Miller wrote: > Anything? Well, you can retrieve a today updated source rpm for FC4 from ftp://ftp.harddata.com/pub/Legacy_srpms/ and recompile it. Michal From pekkas at netcore.fi Fri Sep 29 21:11:58 2006 From: pekkas at netcore.fi (Pekka Savola) Date: Sat, 30 Sep 2006 00:11:58 +0300 (EEST) Subject: openssl updates In-Reply-To: <20060929190833.GA4850@jadzia.bu.edu> References: <20060929190833.GA4850@jadzia.bu.edu> Message-ID: On Fri, 29 Sep 2006, Matthew Miller wrote: > Anything? I've created RHL73 RPMs for gnupg, openssl, and php (those updates that I'd backport myself as FL isn't useful for me anymore). Get them from http://staff.csc.fi/psavola/fl/ if interested. d446c94ebe14a471f10452f26182ecf17a5f770c gnupg-1.0.7-13.4.legacy.i386.rpm 028f3ac78dfaaee0a156697720d879f8e37d45ae gnupg-1.0.7-13.4.legacy.src.rpm 802cd5e83ff884e7a5cc17083e23818c3f8d1aa3 openssl-0.9.6b-39.11.legacy.i386.rpm 592bb8beec21af07ddac5e5dfebecba731246c18 openssl-0.9.6b-39.11.legacy.src.rpm c5c747edb36978f203b18e29e316190ae8d6b980 openssl-devel-0.9.6b-39.11.legacy.i386.rpm 02f4b171210ce5ecf6e85e6796ca62a7a5abe3e5 openssl-perl-0.9.6b-39.11.legacy.i386.rpm 258ada11b889cfc2777e66ebee2c389404b52c86 php-4.1.2-7.3.21.legacy.i386.rpm 81a02d3442c8454837b2eb70d987802a08619333 php-4.1.2-7.3.21.legacy.src.rpm 997c233ddc081916922280c686d37f36ebd818bf php-devel-4.1.2-7.3.21.legacy.i386.rpm 47c84d76c478dcf8d916a62b89b655295ac98e6a php-imap-4.1.2-7.3.21.legacy.i386.rpm ab20d09c5fd2d12f6c67d6004b309046a715a130 php-ldap-4.1.2-7.3.21.legacy.i386.rpm afc7fbbf488dec82f16bbca0036fdd5c1f1a0e42 php-manual-4.1.2-7.3.21.legacy.i386.rpm fb2f3bde5172c1d9d3616d9ef05aaa1663570ab6 php-mysql-4.1.2-7.3.21.legacy.i386.rpm 74a4f03f2030e3e2bc490c09385111f9b98b4895 php-odbc-4.1.2-7.3.21.legacy.i386.rpm 7a0cf808dcc689464c2f1a79b381742c882dd473 php-pgsql-4.1.2-7.3.21.legacy.i386.rpm 8ba7311e4b07e85dcce4b5d406124cdf6bff25ad php-snmp-4.1.2-7.3.21.legacy.i386.rpm -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings From mattdm at mattdm.org Sat Sep 30 02:48:04 2006 From: mattdm at mattdm.org (Matthew Miller) Date: Fri, 29 Sep 2006 22:48:04 -0400 Subject: openssl updates In-Reply-To: <20060929204659.GA2458@mail.harddata.com> References: <20060929190833.GA4850@jadzia.bu.edu> <20060929204659.GA2458@mail.harddata.com> Message-ID: <20060930024804.GA18204@jadzia.bu.edu> On Fri, Sep 29, 2006 at 02:46:59PM -0600, Michal Jaegermann wrote: > On Fri, Sep 29, 2006 at 03:08:33PM -0400, Matthew Miller wrote: > > Anything? > Well, you can retrieve a today updated source rpm for FC4 from > ftp://ftp.harddata.com/pub/Legacy_srpms/ > and recompile it. Thanks. I didn't see anything in bugzilla -- are these on track to become official? -- Matthew Miller mattdm at mattdm.org Boston University Linux ------> From florin at andrei.myip.org Sat Sep 30 17:47:34 2006 From: florin at andrei.myip.org (Florin Andrei) Date: Sat, 30 Sep 2006 10:47:34 -0700 Subject: openssl updates In-Reply-To: <20060929190833.GA4850@jadzia.bu.edu> References: <20060929190833.GA4850@jadzia.bu.edu> Message-ID: <1159638454.2673.1.camel@rivendell.home.local> On Fri, 2006-09-29 at 15:08 -0400, Matthew Miller wrote: > Anything? >From Thomas Mraz (quoted without asking for permission but hopefully that's ok): > I'd like to generate updated OpenSSL RPM packages for Fedora 4 and > hopefully post it to Fedora Legacy but the problem is - I'm looking at > the most recent OpenSSL src.rpm for FC4 and there's a ton of Source* and > Patch* stuff that doesn't make a lot of sense. > > Could you at least give me a quick rundown of what each Source and Patch > bit is supposed to do? That would take some time to make this rundown. The correct way to patch the recent openssl CVEs is to add the patches from RHEL4 srpm (however the current CVE-2006-2940 patch is broken because the 'goto err;' in dh_key patch must be replaced with 'return -1;'). I didn't try to apply the RHEL4 patches to FC4 openssl version so maybe a small adjustments may be necessary. > Of course, I could always just generate a package from a plain vanilla > openssl-0.9.7l.tar.gz but perhaps that will break a few things that the > original Fedora package is doing. That wouldn't work at all. -- Florin Andrei http://florin.myip.org/ From michal at harddata.com Sat Sep 30 19:13:41 2006 From: michal at harddata.com (Michal Jaegermann) Date: Sat, 30 Sep 2006 13:13:41 -0600 Subject: openssl updates In-Reply-To: <1159638454.2673.1.camel@rivendell.home.local> References: <20060929190833.GA4850@jadzia.bu.edu> <1159638454.2673.1.camel@rivendell.home.local> Message-ID: <20060930191341.GA23297@mail.harddata.com> On Sat, Sep 30, 2006 at 10:47:34AM -0700, Florin Andrei wrote: > On Fri, 2006-09-29 at 15:08 -0400, Matthew Miller wrote: > > Anything? > > >From Thomas Mraz (quoted without asking for permission but hopefully > that's ok): > > > I'd like to generate updated OpenSSL RPM packages for Fedora 4 and > > hopefully post it to Fedora Legacy At least for openssl-0.9.7f this is already done and I posted where to find it (ftp://ftp.harddata.com/pub/Legacy_srpms/). > The correct way to patch > the recent openssl CVEs is to add the patches from RHEL4 srpm That source rpm available above was done by adding to openssl-0.9.7f-7.10.src.rpm later patches from RHEL4. FC4 also supplied openssl097a-0.9.7a-3.1.src.rpm, for back compatibility, but none of installations I have handy was using that so I did not bother. Likely the same work is needed for openssl097a too. It should be "automatic" or nearly so. > (however the current CVE-2006-2940 patch is broken because the > 'goto err;' in dh_key patch must be replaced with 'return -1;'). You mean on line 185 in a patched crypto/dh/dh_key.c? Looking at this code you are definitely right. The other way to fix it would be to explicitely initialize ctx to NULL due to a way in which BN_CTX_end() and BN_CTX_free() operate. But in such case probably all released updates for RHEL and FC5 and rawhide are affected too even if compiled binaries do pass through a series of checks. Is there any bugzilla report for that? In any case fixing that seems quite trivial. Michal From cjc at cjc.org Fri Sep 29 02:52:55 2006 From: cjc at cjc.org (Cheng-Jih Chen) Date: Thu, 28 Sep 2006 22:52:55 -0400 Subject: Fedora Core 4 Legacy security updates? Message-ID: <451C8A87.3050409@cjc.org> Any word on when this will start? I'm seeing a number of FC5 updates going by, but there appears to be no corresponding work on FC4 Legacy, for, say, the openssl security issue and so on. Thanks.