users March 2019

users@lists.fedoraproject.org

76 participants
71 discussions

OpenVPN + F28 =-> w/o [ IP | DNS ] leaks?

by Jack Craig

hi folks, i have a static ip from att & am looking to make internet access safer. i have been working to be able to ask questions that arent too stupid. i wonder if anyone out there that has this working would be willing to chat? how about DNSSEC ? tia, jackc...

5 years, 1 month

2
3
0 / 0

Pulseaudio system wide daemon / allow user to use yours

by lejeczek

hi everybody I'm hoping it is possible to have audio in apps when you run them like: $ sudo -u aUser yourApp $ xhost +; sudo su aUser And I've followed this: https://fhackts.wordpress.com/2017/07/01/running-pulseaudio-system-wide-w... but failed to have that Firefox, etc with audio/sound. Any of you guys knows whether it's possible to make it work? Maybe if not as system-wide daemon then by allowing other user to access your user pulseaudio session? many thanks, L.

5 years, 1 month

1
0
0 / 0

Re: Scanning Problem HP4620

by R. G. Newbury

>Ed Greshko <ed.greshko(a)greshko.com> wrote: >Well, it is possible that the printers are defined such that cups can >access them but not >in such a way that hplip recognizes them. The scanner portion of the All-In-One machines is not handled by cups. If the OP runs hp-setup, selects 'Network' then 'Advanced' and 'Manual Discovery' and enters the IP address of the printer, it will be discovered, and the URI will be shown, something like: Model Host Name Device URI HP Laserjet 3055 192.168.1.12 hp:/net/HP_Laserjet_3055?ip=192.168.1.12 Write down the URI. You can continue to set up the printer and fax as you wish. Your system now knows where the scanner 'is' and hp-scan should work without specifying the --device=<name> parameter. HP-scan appears to only do one page at a time. You cannot use the adf feature and get tiff/png outputs. The hp scanning structure (and Hp-scan) is SANE based so scanimage is instakked and works. It is easy to use in a script so you don't have to remember the settings! Batch settings allow you to set the page start, page count and count direction: +2 for the front of double sided pages and -2 for the stack flipped over. These are not available with hp-scan. Note that the command api is NOT the same with hp-scan, nor as featured. My record is something above 300 pages in one pass with scanimage. gscan2pdf is used to create the pdf file later, maybe after a pass using unpaper to straighten the images, adjust contrast or whatever. ################## ##!/bin/bash # script 'scanner' export hp="hp:/net/HP_LaserJet_3055?ip=192.168.1.12" # takes 5 parameters cd $1 echo -e " Please wait while scanning commences.......\n" # letter is -y 280, legal is -y 355 scanimage --device-name=$hp --source auto --resolution 150 --format tiff --mode Color --contrast 125 -x 220 -y 290 --batch=$2%d.tiff --batch-start=$3 --batch-count=$4 --batch-increment=$5 ############### Geoff

5 years, 1 month

2
1
0 / 0

Re: [HEADS UP] Minetest 5.0.0

by Samuel Sieb

On 3/5/19 8:28 AM, Igor Gnatenko wrote: > I've prepared PR for new version of minetest: > https://src.fedoraproject.org/rpms/minetest/pull-request/3 Thank you. > I'll merge it later this week and build for F30 and F31. It also > involves License change but it was just incorrect even before. > > I'll also probably make a module out of it so it would be available in > F28/F29 too. > > See changelog here: > https://dev.minetest.net/Changelog#0.4.16_.E2.86.92_5.0.0 One important point is that they changed major versions because there are some not backwards-compatible changes. You can't connect to a version 5 server with an older client. (Copied to users list as well.)

5 years, 1 month

1
0
0 / 0

Fedora 29 - Interaction with TLSv1/SSLv3 completely broken

by Charles Kozler

I am hoping I am missing something fairly obvious but it would appear any interaction via command line (or if overridden by another application policy) with a site presenting TLSv1/SSLv3 initially is completely broken in F29 Since I upgraded to F29, any site I come across via SSL functionality (ex: github) that initially presents TLSv1/SSLv3, my commands will forcefully exit with a generic error message > curl https://github.com curl: (35) error:1425F175:SSL routines:ssl_choose_client_version:inappropriate fallback > openssl s_client -connect github.com:443 CONNECTED(00000004) 139888006719296:error:1425F175:SSL routines:ssl_choose_client_version:inappropriate fallback:ssl/statem/statem_lib.c:1929: So I dug around a little bit and noticed it was because, in this example, github was first offering TLSv1/SSLv3 --- SSL handshake has read 3582 bytes and written 415 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 However, because there is a StrongCryptoSettings set to disallow < TLS 1.2, it completely bombs out of the low level C functions with this obscure message. When I forcefully disable access to TLSv1 or 1.1 I can see that support for renegotiation is off but I can now communicate securely with github > openssl s_client -connect github.com:443 -no_tls1 -no_tls1_1 -no_tls1 {....} --- SSL handshake has read 3621 bytes and written 382 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_128_GCM_SHA256 My thought is that a better implementation would be to yes, continue to NOT support TLSv1/SSLv3 but do support renegotiating to > 1.2 rather than obscurely bombing out entirely... So can anyone point me in the right direction to get this working again? I've reached out to github about the TLSv1/SSLv3 thing but I need a stopgap anyway. I cant seem to find a way to make git commands use something other than what openssl negotiates but if openssl libraries are bombing out before renegotiation then there seems to be very little I can do and I cant locate this policy that is referenced here https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

5 years, 1 month

5
10
0 / 0

f29 opencl can't be activated file missing

by François Patte

Bonjour, On fedora 29 a file is missing to activate opencl with nvidia cards: /etc/OpenCL/vendors/nvidia.icd Without this file (inside, one line: libnvidia-opencl.so.1) darktable, for instance, is unable to activate opencl. Once upon a time this file used to exist on fedora (26? 27?) I don't remember. Could this be corrected? Thank you. PS I know, this mail should have been posted on rpmfusion forum, but I can't post anything on this forum: mailman is not activated.... I don't know why. -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)6 7892 5822 http://www.math-info.univ-paris5.fr/~patte

5 years, 1 month

3
5
0 / 0

Fedora Install

by Thomas Dineen

Gentle People: Today March third was a total waste of my time!!! I attempted to down load and install your Fedora 28 release. Over the course of the day I was able to install the build, add the packages that i needed and update the software. After spending the day installing and configuring the software I attempted a reboot. Result the system booted up to a blank grey screen! No error messages no nothing. Lets face the facts YOU HAVE A QUALITY PROBLEM!!! Fix it! I have been able to successfully load and make use of CentOS, Debian, and Ubantu releases over the past 20 years with no problems! But I have had only intermittent success with Fedora versions after 14. You have a severe quality problem fix it. A dedicated CentOS user.

5 years, 1 month

5
5
0 / 0

Re: Stuck Kernel Version.....

by Eddie G. O'Connor Jr.

Well, seems I don't have to sweat this anymore, as my 1 yr old niece through her "overly active" curiosity, ensured that I will be needing to buy a new SSD and having the insides of my T-420 "blow dried"! LoL!......Thanks to all for the advice. And thank goodness for 2TB USB drives and my rigorous backups schedule! (although I think I'm just gong to nix all the customizations I had on there and will go with a plain vanilla install and keep it that way!...I mean don't get me wrong the Gnome extensions are awesome and all that ,but I have a feeling SOMETHING caused my kernel to get stuck to begin with!) Plus I get to install a fresh copy of F29 on my system!....so no more seeing the fc27_x86-64 kernel in my boot up screens! Cheers! EGO II

5 years, 1 month

1
0
0 / 0

firefox 65 and tab bar

by François Patte

Bonjour, I just updated firefox on fedora 29 and 65 version is installed. I had a config in order to put the tab bar below other bars just above the tabs.... I have a userChrome.css file in .mozilla/firefox/ks.....default/chrome directory, with these lines which used to make the job: /* Tab bar below Navigation & Bookmarks Toolbars */ #nav-bar { /* main toolbar */ -moz-box-ordinal-group: 1 !important; box-shadow: none !important; } #PersonalToolbar { /* bookmarks toolbar */ -moz-box-ordinal-group: 2 !important; } #TabsToolbar { /* tab bar */ -moz-box-ordinal-group: 3 !important; padding-top: 0 !important; } This no longer works... What is the new syntax to correct this stupidity? Thank you. -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)6 7892 5822 http://www.math-info.univ-paris5.fr/~patte

5 years, 1 month

1
1
0 / 0

dnf didn't exclude and clobbered the package I wanted to keep - what went wrong...?

by Morgan Read

OMG - GONE! WHAT THE F!!! READ ON... OR, TO CUT A LONG(ISH) STORY SHORT(ER), JUMP STRAIGHT TO THE BOTTOM... I wanted to install master-pdf-editor-5.3.16-1.x86_64 Alongside master-pdf-editor-4.3.89-1.x86_64 Looking at the install of master-pdf-editor-4.3.89-1.x86_64 it all seemed fairly self contained in /opt/masterpdfeditor4 and what was under /usr all seemed to be suffixed by a '4'. But, I knew that master-pdf-editor-5.3.16-1.x86_64 was likely to remove master-pdf-editor-4.3.89-1.x86_64 (past experience). So, I investigated the respective RPMs - no, scripts included that looked like they'd remove earlier versions... So, I ran: $ rpm -qp --scripts master-pdf-editor-5.3.16_qt5.x86_64.rpm postinstall scriptlet (using /bin/sh): #!/bin/sh set -e # Automatically added by dh_installmenu if [ -x "`which update-menus 2>/dev/null`" ]; then update-menus ; fi # Automatically added by dh_installmime if [ -x "`which update-mime-database 2>/dev/null`" ]; then update-mime-database /usr/share/mime fi ln -s /opt/master-pdf-editor-5/masterpdfeditor5 /usr/bin/masterpdfeditor5 postuninstall scriptlet (using /bin/sh): #!/bin/sh set -e # Automatically added by dh_installmenu if [ "$1" = "configure" ] && [ -x "`which update-menus 2>/dev/null`" ]; then update-menus fi # End automatically added section rm -f /usr/bin/masterpdfeditor5 $ Which didn't seem to indicate the removal of master-pdf-editor-4.3.89-1.x86_64. However, I'm very suspicious... So, I investigated here: https://www.systutorials.com/1661/making-dnf-yum-not-update-certain-packa... And here: https://dnf.readthedocs.io/en/latest/conf_ref.html https://dnf.readthedocs.io/en/latest/command_ref.html# Under 'excludepkgs' And the man page, under 'excludepkgs'. And so, wrote: exclude=master-pdf-editor-4.3.89-1* excludepkgs=master-pdf-editor-4.3.89-1* To /etc/dnf/dnf.conf And then ran 'dnf install ./master-pdf-editor-5.3.16_qt5.x86_64.rpm' AND WHAT THE FRIGGING HELL HAPPENED??!!! YUP, YOU GUEST IT master-pdf-editor-4.3.89-1.x86_64 GOT CLOBBERED!!! So, what the f' do I have to do to prevent master-pdf-editor-4.3.89-1.x86_64 from getting clobbered when installing master-pdf-editor-5.3.16_qt5.x86_64.rpm Thanks all M

5 years, 1 month

3
3
0 / 0

← Newer
1
2
3
4
5
6
7
8
Older →