F19: LiveUSB- creator doesn't install Sugar on a stick
by Antonio M
Using LiveUSB-creator
this is the output, I understand that all is ok but when I reboot (USB
is the first of booting devices) standard F19 from HD starts:
Downloading Fedora-16-i686-Live-SoaS.iso...
Download completo!
Verifica del filesystem in corso...
Setting /dev/sdb1 label to LIVE
Verifying ISO MD5 checksum
ISO MD5 checksum passed
Verifying SHA256 checksum of LiveCD image...
Estrazione dell'immagine nel dispositivo...
Setting up OLPC boot file...
Installing bootloader...
Marked /dev/sdb1 as bootable
Unmounting /media/0982e804-b7d2-4ab9-80c7-96002f68296d
Mount /media/0982e804-b7d2-4ab9-80c7-96002f68296d exists after unmounting
Complete! (0:01:16)
Same result from a local iso image.
What am I missing?? using a 2GB usb stick from TDK
--
Antonio M
Skype: amontag52
Linux Fedora F19(Schroedinger's cat) on Acer 5720
http://lugsaronno.altervista.org
http://www.campingmonterosa.com
10 years, 9 months
Yum tries to update to three nvidia drivers all at once
by Powell, Michael
I attempted to perform a `sudo yum update`, but yum produced an error
and exited because it was trying to update to nvidia drivers 319.32,
304xx, and 173 all at the same time.
I excluded the older drivers (304xx and 173) and proceeded with the
update, and Nvidia-settings shows that the version running is 319.32.
Why would it do such a thing? I previously had 310 installed, so it
should have chosen 319.32 and disregarded the others, correct?
10 years, 9 months
Re: "passwd" by root for user fails with sssd,pam, ldap [SOLVED]
by Augustin Wolf
On 23 July 2013 16:39, Stephen Gallagher <sgallagh(a)redhat.com> wrote:
>> That means that either you need the admin's DN and plain-text
>> password in a file (like the older PAM LDAP does) or you need the
>> user to enter their own password (like both sssd and PAM LDAP do).
So, unless using command "passwd", will prompt for LDAP admin DN, and
password, it won't be secure.
> The LDAP protocol requires that the bind username and password be sent
> in plaintext across the wire. (This is also why SSSD doesn't allow
> LDAP auth without an encrypted tunnel, because the protocol is unsafe
> otherwise). So you could store it in an obfuscated form on the disk,
> but it has to be a reversible encryption with the key readily
> available on the machine. This basically moves you from "plaintext
> password" to "hidden plaintext password easily readable by a
> script-kiddy". Not much improvement.
I agree. The only acceptable solution would be one way hash, but this
wouldn't be much help, unless OpenLdap supports it.
> Yes, this is setting up the bind account for SSSD itself to look up
> users, groups, etc. It doesn't perform ANY write operations back to
> LDAP at all. The only time SSSD ever modifies the LDAP server is
> during a password change operation, and then it's done only with the
> credentials of the user changing their password.
>
> When you're a user running 'passwd', your user is prompted for his or
> her current password and that is used to bind to LDAP. It does *not*
> use the ldap_default_bind_dn here. Your user traditionally has
> privilege to change their own password.
But it might be modified with LDAP ACL, though. I thought that sssd
does modify LDAP records. My mistake.
>>> There's option "ldap_sasl_authid",
>>> that from what It seems is using Kerberos keytab (which is
>>> encrypted)
>> I believe that's used for searches as well.
> Yeah, this is essentially the SASL variant of ldap_default_bind_dn and
> ldap_default_authtok. It has all of the same limitations on its
> privileges that they do.
>> By the way: Stephen Gallagher is one of the sssd developers, so
>> you should probably take his word when he tells you what sssd does
>> and doesn't do.
> I advise people never to take me without a grain of salt. Keeps me
> honest :)
I know. During long googling, before creating this thread I found
Stephen answers on serverfault.com and linuxquestions.org. I think
it's great that someone from redhat does participate in such sites and
help to solve some problems. Or simply to tell what was the motivation
for certain sssd solutions.
>
>>> One can change "rootpw" in /etc/openldap/slapd.conf
>>> (or olc* directory style config) and change users password using
>>> ldappasswd using admin DN and skipping ACL.
> Actually, you don't even need to set rootpw there, because the
> 'ldappasswd' command will always prompt you for the password for the
> rootdn when you're attempting to change a different user's password.
I was thinking about breaking in, when intruder doesn't know the LDAP
admin rootpw. On root account it can be easily changed.
> This is fine and acceptable, because you are being *challenged* and
> have to prove that you really are the LDAP admin user. The fact that
> you happen to be root on one machine connected to LDAP is *not*
> sufficient to prove that you have privilege to change other users'
> passwords. That would be a security hole, since anyone who gained root
> access to one of the machines would be able to change the password of
> any other user (possibly as part of a complex attack to gain access to
> a highly-privileged user).
>
> So this is why I recommend the user of ldappasswd if you want to reset
> another user's password (side note: you don't even need to be root for
> this; you can just present the admin credentials to ldappasswd as a
> standard user). It's also why we don't (and won't) support this
> misfeature in SSSD.
>
>>> Wouldn't be possible ask root for administrative
>>> password before changing user password, and don't store it
>>> anywhere ?
>> With ldappasswd, yes.
>>
>
> If you want, you're welcome to file an RFE at
> https://fedorahosted.org/sssd (FAS login) if you would like to see us
> add functionality to pam_sss.so to challenge you for an LDAP admin
> username and password if you try to do 'passwd otheruser' on the
> command-line, but I'll tell you right now that the SSSD team will
> almost certainly put it on the back-burner because other tools
> (ldappasswd, kpasswd) already do an excellent job of it.
As much as this would be comfortable it can be easily replaced by
simple bash script, that will execute both ldappasswd and kpasswd for
given LDAP admin DN, password and user
Thanks for answer.
10 years, 9 months
unstable libreoffice
by Martin S
Is anyone else seeing a horribly unstable Libreoffice in Fedora 19?
Just keeping the Open File dialog open for a bit longer than usually is
needed to open a file, makes in crash.
It doesn't happen all the time, but at frustratingly bad times (like when
saving a doc for the first time).
/Martin S
10 years, 9 months
Re: please discontinue to moderate Haralds posts
by Darryl L. Pierce
On Tue, Jul 23, 2013 at 11:07:20PM +0200, Reindl Harald wrote:
>
>
> Am 23.07.2013 23:02, schrieb Darryl L. Pierce:
> > I'm sorry, the quoting format is the default for Mutt and has been
> > around for a long time. Surely you've seen it for literally YEARS
> > online.
>
> with rotten style i meant strip quotes completly out of context
Nothing was "stripped out of context". They were left in their original
context.
> > What I quoted in my previous message was the text to which I'm referring
> > when I said your response can be insulting. What _it_ referred to is
> > kind of irrelevant to my point
>
> quote without context and say "look here you se insulting words"
> is pure laughable - jesus even Richard did not make clear *what*
> he is speaking about, so i searched in my mail-archive, found the
> one and only reply to him in this year and thought "WTF is this
> guy speaking about"
>
> do you really need a more perfect example *why* the context
> is very important in *any* communication?
The only "perfect example" I see is of what the original complaint said
about your interactions on this list. I was trying to _help you_ see how
you're coming across. And I had hoped that, as someone who's not needed
to interact with you in past, you could see what I was saying with the
emotional baggage you're carrying regarding others on the list.
But I sadly see that you have gone from 0 to rant towards me over one
email. So sorry you're that affected here. So I'm out.
--
Darryl L. Pierce <mcpierce(a)gmail.com>
http://mcpierce.multiply.com/
"What do you care what people think, Mr. Feynman?"
10 years, 9 months
OpenVPN disapeared
by Diego Vargas
Hello All,
Today I wanted to connect to a VPN with OpenVPN but the openvpn option has
disappeared. I have a ovpn file, and if I do the import from file it says
that doesn't recognize the VPN connection information.
The exact message:
The file 'vpn-connection.ovpn' could not be read or does not contain
recognized VPN connection information.
Error: Key file contains line 'client' which is not a key-value pair,
group, or comment.
Now I only have four options:
The Cisco Any Connect Compatible VPN
Cisco Compatible VPN
Layer 2 tunneling protocal
Import from file
As I said, the openvpn option dissapeared.
Any help will be appreciated.
Thanks
10 years, 9 months
Re: [Fedora-users-br] Fedora 18: Nova versão, velhos problemas, velhas soluções não funcionam
by Fernando Lozano
Gabriel,
> lspci |grep -i vga
> 00:02.0 VGA compatible controller: Intel Corporation 2nd Generation
> Core Processor Family Integrated Graphics Controller (rev 09)
> 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc.
> [AMD/ATI] Whistler [Radeon HD 6630M/6650M/6750M/7670M/7690M] (rev ff)
Parece ser igual à minha, vou conferir.
> sobre o driver open source ele tem um problema chato que ele ativa as
> duas placas detonando a bateria e aumentando muito a temperatura do
> notebook.
Acho que ocorre o mesmo com o meu, mas nunca me incomodou. Eu reparei
que o aquecimento diminuiu com o F19, mas não conferi se agora ele liga
e desliga as placas conforme a demanda.
> A solução que encontrei foi criar um script na inicialização do
> sistema usando o vgaswitchero e desativando a placa ati deixando
> apenas a intel funcionando com o driver open source.
Porque não fazer o contrário (para os jogos)?
[]s, Fernando Lozano
10 years, 9 months
rpmbuild
by Patrick Dupre
Hello,
After a cpanspec PDL-LAPACK-0.12-1.tgz
I did:
rpmbuild -bb perl-PDL-LAPACK-0.12.spec
--------------------Spec file----------------------
Name: perl-PDL-LAPACK-0.12
Version: 1
Release: 1%{?dist}
Summary: PDL::LAPACK::0.12 Perl module
License: CHECK(GPL+ or Artistic)
Group: Development/Libraries
URL: http://search.cpan.org/dist/PDL-LAPACK-0.12/
Source0: http://www.cpan.org/modules/by-module/PDL/PDL-LAPACK-0.%{version}2-1.tgz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
BuildRequires: perl(ExtUtils::MakeMaker)
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
%description
PDL::LAPACK
-----------
This package is an additional perl PDL module for access to fast linear
algebra functions from the popular LAPACK math package.
%prep
%setup -q -n PDL-LAPACK-0.%{version}2-1
%build
%{__perl} Makefile.PL INSTALLDIRS=vendor
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT
find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \;
find $RPM_BUILD_ROOT -depth -type d -exec rmdir {} 2>/dev/null \;
%{_fixperms} $RPM_BUILD_ROOT/*
%check
make test
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%doc Changes lapack.pd README
%{perl_vendorlib}/*
%{_mandir}/man3/*
%changelog
* Sun Jul 21 2013 Patrick Dupre 1-1
- Specfile autogenerated by cpanspec 1.78.
-----------------------------------------------------------
I get:
Blablabla
Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.J8OolC
+ umask 022
+ cd /home/pdupre/rpm/BUILD
+ cd PDL-LAPACK-0.12-1
+ make test
PERL_DL_NONLAZY=1 /usr/bin/perl "-Iblib/lib" "-Iblib/arch" test.pl
1..2
# Running under perl version 5.016003 for linux
# Current time local: Wed Jul 24 01:08:26 2013
# Current time GMT: Tue Jul 23 23:08:26 2013
# Using Test.pm version 1.25_02
ok 1
ok 2
+ exit 0
Processing files: perl-PDL-LAPACK-0.12-1-1.fc19.noarch
error: File not found by glob: /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/perl5/vendor_perl/*
Executing(%doc): /bin/sh -e /var/tmp/rpm-tmp.WCZTZl
+ umask 022
+ cd /home/pdupre/rpm/BUILD
+ cd PDL-LAPACK-0.12-1
+ DOCDIR=/home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/doc/perl-PDL-LAPACK-0.12-1
+ export DOCDIR
+ /usr/bin/mkdir -p /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/doc/perl-PDL-LAPACK-0.12-1
+ cp -pr Changes /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/doc/perl-PDL-LAPACK-0.12-1
+ cp -pr lapack.pd /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/doc/perl-PDL-LAPACK-0.12-1
+ cp -pr README /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/doc/perl-PDL-LAPACK-0.12-1
+ exit 0
RPM build errors:
File not found by glob: /home/pdupre/rpm/BUILDROOT/perl-PDL-LAPACK-0.12-1-1.fc19.i386/usr/share/perl5/vendor_perl/*
How to solve this glitch ?
Thank.
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 9 months
Re: please discontinue to moderate Haralds posts
by Rahul Sundaram
On Tue, Jul 23, 2013 at 5:32 PM, Reindl Harald <wrote:
>
>
> and how does this match "You can ignore threads in any mailing list"?
>
Read the context. If you don't follow list guidelines, moderators can step
in but if you merely are not interested in any topic, you can ignore the
threads related to that.
> i do not play the victim- i find it simply inappropriate that often
> enough the nitpickers had much worse words than i ever used without
> get judged the same way
>
You want to assert that you have been unfairly targeted and a victim of
moderation. I trust the judgement of moderators better.
Rahul
10 years, 9 months
Re: [Fedora-users-br] Fedora 18: Nova versão, velhos problemas, velhas soluções não funcionam
by Fernando Lozano
Gabriel,
> Vou Ficar no aguardo Fernando,
> Tentei instalar o driver por varias vezes e simplesmente não consigo
> usar simplesmente não sobe mais o X.
> tbm não sei se e devido a placa grafica hibrida que tenho.
Então não levanta o X com o driver proptietário? E com o driver open
source funciona?
Qual é exatamente o modelo da sua ATI e da Intel que está junto (já que
é vídeo híbrido)? Em caso de dúvida, faz um "lspci | grep -i vga"
Eu tenho um note sony vaio com placa híbrida e funciona ok
[]s, Fernando Lozano
10 years, 9 months