users July 2015

users@lists.fedoraproject.org

158 participants
185 discussions

F21: infection reported by "chkrootkit".

by William Mattison

Hi all, While doing my routine patches and scans, "chkrootkit reported the following: (*** snip ***) Checking `asp'... not infected Checking `bindshell'... warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. warning, got bogus l2cap line. INFECTED (PORTS: 3133) Checking `lkm'... chkproc: nothing detected (*** snip ***) I ran "rkhunter" immediately after the "chkrootkit" run finished, and it reported no problems. How do I determine if this is a false alarm or a real problem? If this is a real problem, what should I do about it? Also, as I'm neither a security expert nor a sysadmin, what is port 3133 used for? thanks, Bill.

8 years, 9 months

6
17
0 / 0

fragile Live Fedora ? Device-mapper Snapshot vs. Layered Fs solution (AUFS or Overlayfs)

by derek

users(a)lists.fedoraproject.org I tend to run Live Linux on laptop for months without a shutdown (suspend / resume only). Ubuntu and Mint work in this mode well, until recently I want to give Fedora a chance, but it failed with IO Errors like this, when I did sudo yum install something (or dnf install something), this is always reproducible kernel panic whenever I run it on laptop physical hardware, or in kvm, with the current Fedora 22 Workstation image, I tested a few other spins as well, failed the same https://getfedora.org/en/workstation/download/ https://labs.fedoraproject.org/security/download/index.html I wonder is this a well known issue ? on Fedora Bugzilla database ? If under Live OS mode, the / doesn't support writing how can it be called Live ? I researched a little more and figured out because Fedora Live mode runs on top of dev-mapper snapshot driver while Ubuntu runs on Overlayfs that looks more stable; wonder are there some technical reasons why Fedora use dev-mapper snapshot such immature driver ? [ 373.306048] device-mapper: snapshots: Invalidating snapshot: Unable to allocate exception. [ 373.310022] Buffer I/O error on device dm-0, logical block 1609980 [ 373.311236] Buffer I/O error on device dm-0, logical block 1609981 [ 373.313031] Buffer I/O error on device dm-0, logical block 1609982 [ 373.316023] Buffer I/O error on device dm-0, logical block 1609983 [ 373.319126] Buffer I/O error on device dm-0, logical block 1609984 [ 373.322136] EXT4-fs error (device dm-0): ext4_find_entry:1289: inode #45749: comm kworker/u2:2: reading directory lblock 0 [ 373.324414] Buffer I/O error on device dm-0, logical block 1609985 [ 373.328306] Buffer I/O error on device dm-0, logical block 1609986 [ 373.329445] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 373.331205] Buffer I/O error on device dm-0, logical block 1609987 [ 373.332667] Buffer I/O error on device dm-0, logical block 1609988 [ 373.337317] Buffer I/O error on device dm-0, logical block 1609989 [ 373.338726] EXT4-fs error (device dm-0) in ext4_ext_truncate:4669: IO failure [ 373.339935] EXT4-fs (dm-0): previous I/O error to superblock detected [ 373.341146] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 373.342554] EXT4-fs error (device dm-0) in ext4_ext_truncate:4669: IO failure [ 373.343961] EXT4-fs (dm-0): previous I/O error to superblock detected [ 373.352119] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 373.359310] audit: *NO* daemon at audit_pid=789 [ 373.360056] audit: auditd disappeared [ 373.858134] Aborting journal on device dm-0-8. [ 373.858877] Buffer I/O error on dev dm-0, logical block 12679, lost sync page write [ 373.860548] JBD2: Error -5 detected when updating journal superblock for dm-0-8. [ 373.862332] EXT4-fs (dm-0): previous I/O error to superblock detected [ 373.863432] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 373.865080] EXT4-fs error (device dm-0): ext4_journal_check_start:56: Detected aborted journal [ 373.866572] EXT4-fs (dm-0): Remounting filesystem read-only [ 373.867539] EXT4-fs (dm-0): previous I/O error to superblock detected [ 373.869236] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 373.939115] EXT4-fs error (device dm-0): ext4_find_entry:1289: inode #145895: comm gmain: reading directory lblock 0 [ 373.939854] EXT4-fs (dm-0): previous I/O error to superblock detected [ 373.940415] Buffer I/O error on dev dm-0, logical block 0, lost sync page write [ 374.132832] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 374.132832] [ 374.133007] CPU: 0 PID: 1 Comm: systemd Not tainted 4.0.4-301.fc22.x86_64 #1 [ 374.133007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.8.1-20150604_211837-tipua 04/01/2014 [ 374.133007] 0000000000000000 00000000a3109a5c ffff880052487c68 ffffffff81782644 [ 374.133007] 0000000000000000 ffffffff81a4c850 ffff880052487ce8 ffffffff817813b4 [ 374.133007] ffffffff00000010 ffff880052487cf8 ffff880052487c98 00000000a3109a5c [ 374.133007] Call Trace: [ 374.133007] [<ffffffff81782644>] dump_stack+0x45/0x57 [ 374.133007] [<ffffffff817813b4>] panic+0xd0/0x203 [ 374.133007] [<ffffffff8109f69d>] do_exit+0xb3d/0xb40 [ 374.133007] [<ffffffff8109f737>] do_group_exit+0x47/0xb0 [ 374.133007] [<ffffffff810ab5dc>] get_signal+0x27c/0x610 [ 374.133007] [<ffffffff81013547>] do_signal+0x37/0x760 [ 374.133007] [<ffffffff81013cef>] do_notify_resume+0x7f/0xa0 [ 374.133007] [<ffffffff81789952>] retint_signal+0x48/0x86 [ 374.133007] Kernel Offset: 0x0 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffff9fffffff) [ 374.133007] drm_kms_helper: panic occurred, switching back to text console [ 374.133007] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 374.133007] [liveuser@localhost ~]$ df -Th Filesystem Type Size Used Avail Use% Mounted on devtmpfs devtmpfs 662M 0 662M 0% /dev tmpfs tmpfs 682M 72K 682M 1% /dev/shm tmpfs tmpfs 682M 840K 681M 1% /run tmpfs tmpfs 682M 0 682M 0% /sys/fs/cgroup /dev/vda1 iso9660 889M 889M 0 100% /run/initramfs/live /dev/mapper/live-rw ext4 9.8G 2.7G 7.0G 28% / tmpfs tmpfs 682M 12K 682M 1% /tmp vartmp tmpfs 682M 0 682M 0% /var/tmp varcacheyum tmpfs 682M 0 682M 0% /var/cache/yum tmpfs tmpfs 137M 8.0K 137M 1% /run/user/1000 [liveuser@localhost ~]$ df -Th -x tmpfs Filesystem Type Size Used Avail Use% Mounted on devtmpfs devtmpfs 662M 0 662M 0% /dev /dev/vda1 iso9660 889M 889M 0 100% /run/initramfs/live /dev/mapper/live-rw ext4 9.8G 2.7G 7.0G 28% / [liveuser@localhost ~]$ [liveuser@localhost ~]$ sudo losetup -a /dev/loop0: [0019]:11530 (/run/initramfs/osmin.img) /dev/loop1: [1792]:1 (/osmin) /dev/loop2: [64513]:1998 (/run/initramfs/live/LiveOS/squashfs.img) /dev/loop3: [1794]:2 (/LiveOS/ext3fs.img) /dev/loop4: [0001]:11627 (/overlay (deleted)) [liveuser@localhost ~]$ sudo dmsetup table live-base: 0 20971520 linear 7:3 0 live-osimg-min: 0 20971520 snapshot 7:3 7:1 P 8 live-rw: 0 20971520 snapshot 7:3 7:4 P 8 [liveuser@localhost ~]$ Thanks,

8 years, 9 months

6
9
0 / 0

Dell WMI

by JD

/var/log/messages has many messages like these Jul 27 15:39:47 localhost kernel: [18095.720272] dell_wmi: Received unknown WMI event (0x11) Jul 27 15:39:48 localhost kernel: [18097.999973] dell_wmi: Received unknown WMI event (0x11) Jul 27 15:40:38 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 27 15:40:41 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 09:28:16 localhost kernel: [ 17.818200] wmi: Mapper loaded Jul 28 09:28:16 localhost kernel: [ 18.128714] input: Dell WMI hotkeys as /devices/virtual/input/input11 Jul 27 21:13:10 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 27 21:13:12 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 09:28:10 localhost kernel: wmi: Mapper loaded Jul 28 09:28:10 localhost kernel: input: Dell WMI hotkeys as /devices/virtual/input/input11 Jul 28 14:33:20 localhost kernel: [ 10.917483] wmi: Mapper loaded Jul 28 14:33:20 localhost kernel: [ 11.184338] input: Dell WMI hotkeys as /devices/virtual/input/input8 Jul 28 11:34:28 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 11:34:28 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 14:33:15 localhost kernel: wmi: Mapper loaded Jul 28 14:33:15 localhost kernel: input: Dell WMI hotkeys as /devices/virtual/input/input8 Jul 28 21:04:06 localhost kernel: [ 11.269317] wmi: Mapper loaded Jul 28 21:04:06 localhost kernel: [ 11.382839] input: Dell WMI hotkeys as /devices/virtual/input/input12 Jul 28 18:39:48 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 18:39:49 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 21:04:02 localhost kernel: wmi: Mapper loaded Jul 28 21:04:02 localhost kernel: input: Dell WMI hotkeys as /devices/virtual/input/input12 Jul 29 16:30:12 localhost kernel: [ 18.138436] wmi: Mapper loaded Jul 29 16:30:12 localhost kernel: [ 18.354453] input: Dell WMI hotkeys as /devices/virtual/input/input11 Jul 28 22:15:25 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 28 22:15:27 localhost kernel: dell_wmi: Received unknown WMI event (0x11) Jul 29 16:30:08 localhost kernel: wmi: Mapper loaded Jul 29 16:30:08 localhost kernel: input: Dell WMI hotkeys as /devices/virtual/input/input11 So, is fedora going to provide a good interrupt handler to deal with these interrupts and service them correctly the way Dell intended them to be serviced? I wonder how windows handles these.

8 years, 9 months

2
2
0 / 0

Problem with running mcpdf on F22

by Paul Smith

Dear All, I am trying to run mcpdf (installed from https://copr.fedoraproject.org/coprs/thomasfedb/mcpdf/ ) on Fedora 22, but not being successful: $ mcpdf demo.pdf output example.pdf Error: A JNI error has occurred, please check your installation and try again Exception in thread "main" java.lang.NoClassDefFoundError: com/itextpdf/text/DocumentException at java.lang.Class.getDeclaredMethods0(Native Method) at java.lang.Class.privateGetDeclaredMethods(Class.java:2701) at java.lang.Class.privateGetMethodRecursive(Class.java:3048) at java.lang.Class.getMethod0(Class.java:3018) at java.lang.Class.getMethod(Class.java:1784) at sun.launcher.LauncherHelper.validateMainClass(LauncherHelper.java:544) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:526) Caused by: java.lang.ClassNotFoundException: com.itextpdf.text.DocumentException at java.net.URLClassLoader.findClass(URLClassLoader.java:381) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ... 7 more $ Any ideas? Thanks in advance, Paul

8 years, 9 months

1
0
0 / 0

installing Fedora 21 or 22 on a MacBook Air 7,1

by Frederic Muller

Hi! I have been struggling installing Fedora on a friend's MBA as the local SSD doesn't seem to be recognized. I found a few posts online with various degrees of luck, unfortunately they never mentioned with MBA is used and that didn't work for me. Does anyone has (positive?) experience on the topic? Thank you. Fred

8 years, 9 months

4
10
0 / 0

FAIL: Thunderbird: Replying to thread

by Rich Emberson

I use gmail. When I reply to a thread using Thunderbird, the response never shows up, but, if I include the email of the person who wrote the thread I am responding to, that person gets the email. On the other hand, if I log in to my gmail account, the I can post a response, that that response appears as a new, top-level discussion thread. How do I response to a message in a thread using Thunderbird and have the users(a)lists.fedoraproject.org accept it? Thanks Richard

8 years, 9 months

7
7
0 / 0

Suspend asks for authentication

by Geoffrey Leach

64-bit Fedora 21, up-to-date. In the last few days, suspend is asking for authentication. AFAIK, nothing has changed, other than updates. Any suggestions? Thanks.

8 years, 9 months

1
0
0 / 0

Update 20 -> 22, failure

by Patrick Dupre

Hello, After I upgraded from fedora 20 to 22, I cannot start the machine in graphics mode. in level 6, I get: A start job is running for sendmail Mail Transport Agent A start job is running for Plymouth Boot Screen to Quit or in level 3, after login, I run startx the machine is stocked. In any case, I have to restart the machine by unplugging. How do I troubleshoot ? Thank. =========================================================================== Patrick DUPRÉ | | email: pdupre(a)gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44 189A, avenue Maurice Schumann | | 59140 Dunkerque, France ===========================================================================

8 years, 9 months

4
36
0 / 0

Fedora 22 WS live i686 fails

by Patrick Dupre

Hello, I tried to start Fedora 22 WS live i686 (from a DVD that I burned) on 2 different machines and it failed with the message: Could not boot /dev/disk/by-label/Fedora-Live-WS-i686-22-3 does not exist /dev/mapper/live-rw does not exit I burned 2 DVDs with the same issue! Thank for your help. =========================================================================== Patrick DUPRÉ | | email: pdupre(a)gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44 189A, avenue Maurice Schumann | | 59140 Dunkerque, France ===========================================================================

8 years, 9 months

3
7
0 / 0

initial-setup-graphical.service

by Patrick Dupre

Hello, In the manual (Installation Guide for fedora 22, 6.1), it says: You can make it display again (after the next reboot, before a login prompt is displayed), by executing the following command as root systemctl enable initial-setup-graphical.service But the response is: Fails to execute the operation: No such file or directory How could I rerun the Initial Setup? Thank. =========================================================================== Patrick DUPRÉ | | email: pdupre(a)gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44 189A, avenue Maurice Schumann | | 59140 Dunkerque, France ===========================================================================

8 years, 9 months

2
1
0 / 0

← Newer
1
2
3
4
5
6
...
19
Older →

Jump to page: