Need help with k3b
by Eric Tanguy
when i try to use k3b as user i have an error (255) and the process stpos
whereas when i try the same thing as root all is fine. in the help menu,
the system verification say that cdrecord and cdrdao have to run as root
to work properly. It seems that i have to use the k3b setup program which
disappear from fc2 because we don't need it. How can i do to have my
burner working fine with k3b as user ???
Thanxes.
Eric
19 years, 10 months
Openldap-servers RPM, Samba RPM and perl-LDAP RPM
by Gavin Henry
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear all,
I think the replies to my comments below are very valid and should be taken
into account for the RPMs in subject.
Could we change these or is there a reason for outdated tools?
Comments?
Thanks,
Gavin.
- ---------- Forwarded Message ----------
Subject: Re: [K12OSN] Samba/LDAP how-to in OO format
Date: Wednesday 16 Jun 2004 21:22
From: "Christopher K. Johnson" <ckjohnson(a)gwi.net>
To: "Support list for opensource software in schools." <k12osn(a)redhat.com>
Gavin Henry wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On Wednesday 16 Jun 2004 03:28, David Trask wrote:
>>http://web.vcs.u52.k12.me.us/linux/Samba-LDAP.sxw
>>
>>here's the Samba LDAP how-to in OO format
>
>I have 3 points and one request:
>
>1. The backend ldap should be bdb not ldbm (discussed very indepth on the
>OpenLDAP lists).
>
>2. You should really have access controls on the LDAP database, as anyone
> can hen read your hashed password over the wire, unless, which I didn't
> notice, you only have the LDAP server listening on localhost?
>
>3. You should be using TLS.
>
>4. Could you do a wee conclusion, rounding everything off.
>
>
>Would you mind if some of us add the 3 points above in?
>
>Lastly, this is great document and must of taken you ages. ALl it needs is
>someone to start this of, then others can help.
>
>Due you mind if I forward this to the fedora-docs list as they can do all
> this for us?
All good suggestions, some of which David and I have already discussed.
He expressed to me that he wanted to first get it working, and then go
back and work to incorporate better security such as you have
indicated. Thanks for working to move this along with other doc folks
in implementing them.
Comments:
Re 1. In that case why is bdb not the default in slapd.conf as provided
by the FC2 openldap-servers rpm? I suspect that David simply used what
was there, not changing the backend. I'm not trying to disagree - just
to point out that if this is now the standing recommendation then in
addition to changing the how-to it should be changed in the slapd.conf
provided by the rpm.
Re 2. Definitely, although the issue is actually whether ldap directory
users have query or update access to other users' hashed passwords. The
over the wire comment relates to the TLS recommendation.
Re 3. Definitely.
Other points:
5. The smbldap-tools provided by the FC2 samba rpm under
/usr/share/samba-n.n.n/LDAP/smbldap-tools are out of date. They should
either be brought current, or removed and placed in a separate
smbldap-tools rpm _included_ in FC2 distro with a pre-requisite of the
perl-LDAP rpm, which in turn requires other perl- rpms. I believe this
change would avoid the need for any of the CPAN steps, and allow
installing the smbldap-tools from the FC2 distro.
6. The how-to should include using slappasswd to create a good password
hash for inclusion within slapd.conf in lieu of the default password.
7. Yum would work just as well as apt. Perhaps alternative commands for
updating and installing rpms either way would make the how-to equally as
friendly to people who prefer yum.
I hope the community does remedy all those points to give this very
useful document a more robust treatment of security, and make FC2 a
little less complex to implement samba/ldap on.
Chris
- --
- -----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
_______________________________________________
K12OSN mailing list
K12OSN(a)redhat.com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>
- -------------------------------------------------------
- --
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 587369
M +44 (0) 7930 323266
F +44 (0) 1224 742001
E ghenry(a)suretecsystems.com
Open Source. Open Solutions.
http://www.suretecsystems.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA0Lg/eWseh9tzvqgRAp4mAJ99PTa47HiQJfI+wUy7XN5K23uJdwCgpXqE
o0rexzWkM+aB3sA7xTTKhLE=
=nqE/
-----END PGP SIGNATURE-----
19 years, 10 months
Re: kernel-source vs. kernel-sourcecode (please revert)
by Pete Zaitcev
On Tue, 15 Jun 2004 14:18:22 -0400
Aaron Bennett <aaron.bennett(a)olin.edu> wrote:
> Arjan van de Ven wrote:
>
> >The kernel-doc documentation explains it for 2.6,
> >if your module is called foo.c you make a Makefile with
> >obj-m := foo.o
> >in it, and do
> >make -C /lib/modules/`uname -r`/build SUBDIRS=$PWD modules
> >to build your module.
> Where is that?
> [root@burton kernel-doc-2.6.6]#
> [root@burton kernel-doc-2.6.6]# fgrep -li "make -C /lib/modules/`uname -r`/build" *
Aaron is right. What the kbuild/modules.txt actually documents is:
Often modules are developed outside the official kernel. To keep up
with changes in the build system the most portable way to compile a
module outside the kernel is to use the kernel build system,
kbuild. Use the following command-line:
make -C path/to/kernel/src SUBDIRS=$PWD modules
It does NOT document /lib/modules/`uname -r`, because it is a
distribution specific convention. Expirienced developers "know"
how to figure the rest, but as Axel's googling aptly demonstrated,
Internet is full of idiots, and the "right" knowledge just drowns
in the noise.
I always send vendors to
http://people.redhat.com/zaitcev/notes/Makefile.arjanv
Which is not an optimal way to document. It is essentially a tribal
knowledge enshrined.
Mind if I file a bug against kernel-doc "Document path to correct
correct module headers"?
-- Pete
19 years, 10 months
Re: documentation "out there" (was Re: kernel-source vs. kernel-sourcecode (please revert))
by Pete Zaitcev
On Tue, 15 Jun 2004 14:47:49 -0700
Joe Christy <joe(a)eshu.net> wrote:
> Vis-a-vis Arjen's note of 06/15/2004 02:35 PM:
> > On Tue, Jun 15, 2004 at 02:33:57PM -0700, Joe Christy wrote:
> > make -C /lib/modules/`uname -r`/build SUBDIRS=$PWD modules_install
> > afaik....
> Being a conservative soul, I tried that, passing the -n flag to make:
>
> [root@woof ltmodem-2.6-alk-4]# make -n -C /lib/modules/`uname
> -r`/build SUBDIRS=$(PWD) modules_install
> -bash: PWD: command not found
You are trying to use make(1) syntax in the shell. If you insist on
braces, use curly braces, like ${PWD}.
Also, NEVER BUILD AS root.
-- Pete
19 years, 10 months
Re: Generating rpm spec from autoconf/automake packages for Fedora
by "Nils O. Selåsdal"
On Wed, 2004-06-16 at 09:00, Didier Casse wrote:
> Dear All,
> I am trying to convert some autonconf/automake packages or
> libraries to rpms. Well to generate the spec, fitting
> the
>
> -------------
> ./configure
> make
> make install
> -------------
Take a look at the fedora .spec template at
http://www.fedora.us/docs/spec.html
Now, remember that one doesn't use ./configure in a .spec usually,
but rather %configure , that will try to make the make install
install it temporary while packaging in non default location, such as
/var/tmp/foo-2.4.3-root/ , now when you do an rpmbuild , and if it
fails, you can just go to /var/tmp/foo-2.4.3-root/ an look at which
files it installed.
> is straightforward! But the autoconf packages install lots of files around
> the system.
>
> So the problem lies in dealing with the part:
>
> %files
> %defattr(-,root,root)
> %{_bindir}/
Never do the above , it will make the package own the bindir
(usr/bin), you don't want that. use %{_bindir}/*
> %{_libdir}/lib*
> %doc AUTHORS
> %doc COPYING
> %doc README
>
>
> where we have to specify all the files that have been installed. Since the
> autoconf/automake packages have not been made by me, I do not know which
> files are being installed and I have to do everytime a "make install" to
> watch which files are being installed!
A good packager must know every file of a package !
> Now is there a way to convert all these autoconf/automake packages
> directly to rpms or is there a systematic/automated system to know which
> files are being installed and fit directly in the specs?
See above.
> Now bear in mind that there are several of these packages and it would be
> tedious compiling and looking at one by one to know which files is being
> installed and the name of the files and location can change anytime. These
> packages weren't created by me so I have no control over them! Thanks for
> any kind help.
You really only need to know each directory it places files in, and
which directories the package should own.
>
19 years, 10 months
Re: patch for dhclient-script
by Pete Zaitcev
On Sun, 13 Jun 2004 12:36:27 -0500 (CDT)
"Brian Millett" <bpm(a)ec-group.com> wrote:
> For what its worth, I noticed that with the rawhide update on Sat, June
> 12, the dchp client no longer routed. I determined that before
> dhclient-script finished, there were two entries for default:
>
> default * 0.0.0.0 U 0 0 0 eth1
> default 192.168.0.1 0.0.0.0 UG 0 0 0 eth1
I'm wondering where does the first entry originate?
> But then when dhclient-script would finish, the default gw for 192.168.0.1
> world be deleted leaving only the * default gateway. The following patch
> resolves this, but I do not know it it messes other things.
> diff -wruN /tmp/sbin/dhclient-script dhclient-script
> --- /tmp/sbin/dhclient-script 2004-06-12 16:31:29.000000000 -0500
> +++ dhclient-script 2004-06-13 12:11:56.000000000 -0500
> @@ -128,12 +128,14 @@
> elif [ $relmajor -lt 2 ] || ( [ $relmajor -eq 2 ] && [ $relminor -eq 0
> ] ) then
> ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \
> broadcast 255.255.255.255 up
> + #Add route to make broadcast work. Do not omit netmask.
> + route add default dev $interface netmask 0.0.0.0
> else
> ifconfig $interface 0 up
> fi
>
> # Add route to make broadcast work. Do not omit netmask.
> - route add default dev $interface netmask 0.0.0.0
> + #route add default dev $interface netmask 0.0.0.0
>
> # We need to give the kernel some time to get the interface up.
> sleep 1
The patch essentially backs out the change and returns to what fc2 ships.
I'm cc-ing this to Daniel in case he hasn't seen this.
-- Pete
19 years, 10 months
CryptoLoop question
by StoneBeat
Hi, i have some partitions encrypted with cryptoloop compiled in kernel 2.6.3
Searching in google i have read about cryptoloop broken compatibility
between > kernel 2.6.3 and < kernel 2.6.3.
I want to upgrade my kernel but if i must remake my partitions i want to know
before.
thanks
19 years, 10 months
rawhide report: 20040616 changes
by Build System
Updated Packages:
abiword-2.0.7-1
---------------
* Thu May 20 2004 Caolan McNamara <caolanm(a)redhat.com> 1:2.0.6-1
- 2.0.7, new version + gcc34 fixes
rpmdb-fedora-2-0.20040616
-------------------------
system-config-bind-2.0.2-8
--------------------------
* Tue Jun 15 2004 Dan Walsh <dwalsh(a)redhat.com> 2.0.1-8
- Fix Zone handling of SOA Records
19 years, 10 months
