Jump to content

theYinYeti

Members
  • Posts

    2151
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by theYinYeti

  1. Side-note: In case you eventually decide to open SSH access from Internet, you _do need_ to protect it, because it is attacked a lot! But don’t use DenyHosts; see here for details:

    Migrate from DenyHosts to Fail2ban

    (there is another article, about securing the web server with the help of StartSSL, by the way)

     

    Also, only allow login to SSH to an explicit list of allowed users (but not root).

  2. Hello Arch- and former-Arch-fellows,

     

    Having installed Arch twice in the last couple of months, I’m rather satisfied with both how it works and how it makes you learn some basic configuration methods right from the start. I’m mostly satisfied with Arch, really.

    However, I completely agree with both statements that Arch is now “vanilla†rather than “simpleâ€, and that its IRC channel is full of jerks. Too bad :-(

    Still, I’ll keep using Arch because “vanilla†is not that bad, and its software repository (AUR included) is awesome.

     

    Yves.

  3. Hi! It’s been a long time… I’m glad to see that ianw1974, spinynorman, AussieJohn, arctic, paul, tyme, etc. are still around :-)

     

    I’ve just finished migrating my sister-in-law’s PC from Mageia 2 to Mageia 4(.1 I guess…), and I wanted to revert her full-gnome3 UI to something lighter on resources because she has a low-spec Zotac miniPC, and all was very slow, with occasional freezes.

     

    I decided to switch her to Mate, or Xfce if there is a problem with the former. For the DM, I installed lightdm-gtk-greeter (which pulled lightdm itself). Considering Mageia’s roots in the automagic Mandrake/iva, I expected lightdm to just work after I switched to it from GDM in the Control Center. But it did not, and I’m hard-pressed to find out exactly why :-/

     

    So, does anyone know what I could have overlooked, having been an Arch user for the last 7 years or so? Or, knowing Mageia better than I do, would you recommend another lightweight DM?

    Note that my sister-in-law is a very basic user, who would not even know how to launch a program that she has never used before. So the DM must be user-friendly and stable, not experimental, and once configured, it should keep working after upgrades (so again, not beta software).

     

    Thanks!

     

    [offtopic]How has it been here these last few years?[/offtopic]

  4. Vriendje, there is no DO command :-) I wrote D0 (dee zero, which stood for Destination at time T0), which is a variable, inside of which is stored (“=â€) a value which is the result of a command (“$(…)†notation is equivalent to the “`…`†notation but can be nested).

     

    To do what you asked, you would write your script like this:

    for d in WRKST SHARED WEB PIC MOVIES; do
       eval D0_$d=$(find "$DEST_${d}_F" -type f -printf . | wc -L)
    done
    
    … do the backup …
    
    printf '\tBackup files\tSource files\tFiles after backup\n' >>"$LOG"
    for d in WRKST SHARED WEB PIC MOVIES; do
       eval printf '%s\t%d\t%d\t%d\n' \
           \$D0_$d \
           $(find "$SOURCE_${d}_F" -type f -printf . | wc -L) \
           $(find "$DEST_${d}_F" -type f -printf . | wc -L) >>"$LOG"
    done

    Yves.

  5. Hello

     

    No, don’t use the driver direct from ATI website: there is an easier way.

     

    In Mandriva Control Center, ensure you have installed the full set of sofware sources, which includes “non-freeâ€. Then configure the graphics card again; the model should be auto-detected. You should be told that a proprietary driver exists, do you want to use it. Answer yes. Then fglrx will be used.

     

    In case it somehow fails, you can try the free driver, called simply “atiâ€.

     

    Yves.

  6. I had a look at TuxGuardian. It seems to be a nice program, and it should be feasible to install it. So… as daniewicz said, “I could try to walk you through option #1. Give me some specific questions.†;-)

  7. I’m not sure I understand. Given the knowledge you seem to have with scripting, what I’m going to write somehow seems too simple…

    So you have a script that is responsible for the backup, and you execute the same command at the start and at the end of the backup. The first occurrence gives “S0/D0â€, and the second gives “S1/D1â€, and you’d prefer instead “D0 S1 D1†on one line at the end. The logical way, in my opinion, would be to store D0 in a variable and then print everything at the end, like this (I assume bash as the shell):

    D0=$(find "$DEST_WEB_F" -type f -print | wc -l)
    … do the backup …
    printf 'Backup files - Source files - Files after backup\nweb %d - %d - %d\n' \
     $D0 \
     $(find "$SOURCE_WEB_F" -type f -print | wc -l) \
     $(find "$DEST_WEB_F" -type f -print | wc -l) >>"$LOG"

    Yves.

     

    By the way, if you have a lot of files, “find … -printf . | wc -L†is slightly more efficient than “find … -print | wc -lâ€

  8. Hey daniewicz, AussiJohn! Long time no see (my fault) :)

     

    As I said, I *did* install Mandriva 2011 on a few PCs at work. KDE really doesn’t fit our needs (eg: many glitches with our low-quality integrated graphics cards), so I used XFCE on one PC, Gnome 2 on two others. All in all, it’s stable enough and working well, and I do appreciate that so many things are well integrated (really!) and easy to configure; but it feels a bit slow, and as if nothing had changed in the Linux land in the past couple of years… (except systemd)

     

    I’m glad to read that Mageia is a valuable alternative. It would have been a shame if all this ease-of-use and cross-desktop integration had been lost on us. I’d still choose either Mageia or Mandriva over any Ubuntu derivative (I did use it).

     

    That being said, I’m much happier now with Arch (although I’d sometimes like if things were /a bit/ more automatic :D )

     

    Well… see you!

    Yves.

  9. Good evening!

     

    Actually, I find that Mandriva’s decisions are rather sensible. They can’t afford to do everything in their financial situation, so they only do what they do best. Nice. But not to my own taste…

     

    I tried Arch Linux today. I had a bit of a rough start due to my ATI card (and me not knowing pacman at all), but once I got that working, I rather liked what I saw:

    — Arch Linux is actually great! Simple and well-documented, up-to-date, with a broad choice of software. You have to know your way with Linux and the command line, though, which is my case ;-)

    — I liked Gnome 3 a lot! I cannot wait to overwrite my current Mandriva with a fresh Arch Linux install.

     

    I also liked the way the system is overall fast to boot and fast to shutdown. That’s a reason why I didn’t want to use Fedora, which runs on pretty much the same technical basis than Mandriva.

     

    Thank you anyway for your answers. The switch is not done yet, so if you have a better alternative to propose, I’m still interested.

     

    Yves.

  10. Hi all! It’s been a while :)

     

    I have been using Mandriva for 12 years now. But it seems this time has come to an end, although latest (2011) is good (I installed it on 3 coworkers’ PCs :) already).

     

    Now, I want to use Gnome 3, and it is not part of the new Mandriva… So what would you recommend?

    I want:

    — repositories with dependency management (like urpmi) and broad choice;

    — a good balance of stability and recent software, among which must be Gnome 3;

    — multi-users (most distro are);

    — a possibility to setup a newbie-friendly desktop session for some users;

    — adequate performance.

     

    I tried tinycore but there is no Gnome 3, and setting things up is a pain (for example: by default, pavucontrol does not find the PA daemon, although both pulseaudio and dbus are installed “on-bootâ€).

     

    I’m thinking about trying Arch Linux. Is it a good choice?

     

    Yves.

  11. I don't know it this will help, but I had a lot of failures with my DVD drive all along while using 2010.0; I could use at most one disk per boot, in lucky days…

    Since I changed to 2010.1, this is solved. I don't know however why it behaved this way, and what solved the issue.

     

    Yves.

  12. You may try your luck with Testdisk and Photorec, both of which are on SystemRescueCd, among other places.

    If you have spare room, it may be better to first image the partition, and either work on the image only, or work on the real thing and keep the image as a backup.

     

    I am aware this answer contains technical vocabulary… You see, I don't know your background.

    I don't have first-hand experience with these tools, but I still may be able to answer questions if you have some.

     

    Yves.

  13. My Linux usage has many different facets, leading to many small tools:

     

    I use Zenity a lot in scripts. In particular, URL/LNK handlers to work in a Windows network.

    I use dot (from graphviz) in scripts to create graphs from various input data (eg: MPD files).

    Mathopd is a helpful, very configurable, light-weight web server; I prefer it over lighttpd.

    Retroshare is a great tool for easily setting up a server-less messenger among your team.

    screen and tilda are must-have for terminal addicts like myself :)

    Unison is not known a lot, yet very powerfull: it's a two-way, GUI/CLI, rsync.

    Rox is much lighter and faster than Nautilus, and very configurable.

    bc as a calculator (bc -lq) is great: why point and click on-screen digit buttons, when you can have history and variables, and your keybord already has digit keys anyway?

    Geany is a nice, modern, small, little-known editor in the vein of nedit.

    Nedit and links-hacked are invaluable for remote editing/browsing, when you have little RAM/CPU/bandwidth.

    For language learning, my favourite tool is Mnemosyne.

    For quick but not so dirty scripting, wxGlade is a world better than plain bash+zenity.

    Ajaxterm and sslh are nice additions to your own server if you have one.

     

    Yves.

  14. I've thought about this a bit more, and it actually makes sense:

    — When configured for proxy access, the browser doesn't expect the standard web protocols to be available. Thus, whether the URL is given by name or by IP, it always gives the query to the proxy, expecting it to return the query result. The proxy is expected to deal with DNS.

    — With direct access, the browser is directly using the Internet protocols, hence in case of a URL with a name, it first tries to find out the IP for this name (DNS), and then tries to contact the web server at this IP; that's normal proceeding.

     

    If my understanding is correct, there's no way a simple HTTP proxy can be configured to be a DNS proxy as well: ports are not the same. I have to configure both separately. As a matter of fact, my transparent proxy is working, as showed by the success I had when using IP-based URLs.

    You're right Ian, in theory, for a full transparent proxy, there are missing iptables rules, but in my case, this one is enough because I'm the only user of this proxy. It's a selfish use :)

     

    As far as I know, in Linux, Name Service is configured by /etc/nsswitch.conf, “hosts†line. On my home PC, here's what this line is like:

    hosts:           mdns4 files nis dns   wins

    On my work PC, only “files†and “dns†are relevant (I have no Zeroconf, no Nis, no Wins), but “files†would mean to reference each and every web server in my /etc/hosts file…

     

    So there are only two ways I can solve my problem:

    — add another plugin to nsswitch (like nss_tcb, nss_mdns, nss_wins), which would somehow be aware of the transparent proxy,

    — or have my own DNS server.

     

    Since I don't know of any nsswitch plugin for this purpose, I took the second route.

    A bit more search pointed me at dnsmasq as a basis for this DNS server. Now I have a responding DNS server at 127.0.0.1:53 configured with 127.0.0.1:1053 as an upstream DNS server, and a pre-configured tunnel through “cntlmd†from 127.0.0.1:1053 to 208.67.222.222:53 (OpenDNS).

     

    Here comes my next problem! the cntlmd tunnel is listening on TCP/1053, but dnsmasq queries UDP/1053…

    How can I close the circuit?

     

    I already tried inserting ttdns (listening on UDP/1053, with OpenDNS for upstream) between dnsmasq and cntlmd (acting as a SOCKS server on TCP/9050 instead of providing a tunnel). But this failed: “ttdnsd†complains with “connection failedâ€, “Is Tor running?†And indeed Tor is not running…

     

    What else could I try?

     

    Yves.

  15. Hello,

     

    I have a problem in Eclipse for accessing update sites (for plugins). I am behind a NTLM proxy.

    Strangely, this proxy asks for a password while in Linux but not when in Windows…

    To get around this annoying password issue, I already setup a working cntlmd proxy. I can use this proxy for mounting a remote DavFS2 share, for example.

     

    But the issue I have with Eclipse seems to involve proxy configuration. So I decided a transparent proxy could solve this issue. I installed tinyproxy on top of cntlmd, and added the following rule to the firewall:

    iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to 8888

     

    Now, I can configure Firefox for direct access to the Internet, and display a web site only if I give this web site's IP instead of its name! I surmise that it's because when configured for direct access, Firefox performs DNS lookups using the local (intranet) DNS, instead of squeezing its lookups through the proxy and accessing a broader DNS (I wonder which…).

     

    So my question is: How can I make all DNS lookups go transparently through the transparent proxy?

    With a bonus issue: Will it then be possible not to go through the proxy for a local domain?

     

    Yves.

  16. In French, we have a saying: “jeter le bébé avec l’eau du bainâ€, which translates to “to throw out the baby along with the bath's waterâ€.

    It means: In your hurry to dispose of what you don't want to keep, you carelessly loose something you had better kept.

     

    I think that is what happens with PulseAudio detractors. They stumbled on problems with their setup and decided PulseAudio is bad.

    — So, PulseAudio doesn't let the user configure individually the 20 different Alsa sliders? That's by design for “normal users†(not us).

    — PulseAudio doesn't let you use the whole amplitude of your hardware sound volume range? That's caused by inaccuracy in Alsa drivers. Removing PulseAudio won't rectify the faulty drivers.

     

    I could probably go on like that, if I knew PulseAudio and its issues better. Why should it suffer from the faults of the APIs (notably ALSA) it is based upon? Isn't it better to correct the underlying APIs?

    Of course, PulseAudio has its own bugs, certainly, but then, see the French saying above…

     

    As simple users of our computers (we're not into A/V programming), my wife (newbie) and I both appreciate Pulse audio simplicity along with neat abilities:

    — choose where we hear sound depending on the application (film -> TV, game -> comp. screen),

    — move sound from one speaker set to another,

    — occasionally move sound from one machine to another (eg: from laptop to desktop -> HiFi)

    — record from the monitor of a soundcard (loopback recording).

     

    Yves.

×
×
  • Create New...