From webmaster at mn-linux.org Mon Feb 4 15:24:37 2008 From: webmaster at mn-linux.org (TCLUG Classifieds) Date: Mon, 4 Feb 2008 15:24:37 -0600 Subject: [tclug-list] New TCLUG Classified Ad Message-ID: <200802042124.m14LObM15962@crusader.real-time.com> New TCLUG Classified Ad Category: Computer Type of Ad: For Sale Subject: Panasas ActiveStor 3100 Panasas ACTIVESTOR 3100 High-Performance Parallel Storage for Linux Clusters Each unit is configured as follows: Panasas Storage Cluster with 10x500GB Storage Disk Blade Array Director Blade with 4GB RAM Dual Power Supplies Battery Backup Module 4xGIG E Connections Each unit has 5TB Raw storage and we have 10-pcs available @ $3995ea Sincerely, Casey M. DuBois N-VINT, Inc. 3240 Hanna Lake Industrial Park Dr. SE, Caledonia, MI 49316 616-656-5500 x20 Office 866-337-2686 Direct AOL IM: CaseyNVINT cdubois at n-vint.com ?To err is human, but to really foul things up you need a computer.? Seller Email address: cdubois at n-vint dot com http://www.mn-linux.org/cgi-bin/classifieds/index.cgi From samir.nassar+tclug at steamedpenguin.com Mon Feb 4 19:03:59 2008 From: samir.nassar+tclug at steamedpenguin.com (Samir M. Nassar) Date: Mon, 4 Feb 2008 19:03:59 -0600 Subject: [tclug-list] [OT] Meetup with Dries Buytert and the Drupal "Usability Team" Message-ID: <200802041904.00288.samir.nassar+tclug@steamedpenguin.com> When: Monday, Febrary 25, 2008 at around 18:00 Where: To be determined (around the University of Minnesota) http://groups.drupal.org/node/8648 Who this might interest: System Administrators, Web Developers, Content Managers, Public Relations professionals, journalists, and last but not least, linux users. -- Samir M. Nassar samir.nassar at steamedpenguin.com From erikerik at gmail.com Mon Feb 4 22:18:51 2008 From: erikerik at gmail.com (Erik Anderson) Date: Mon, 4 Feb 2008 22:18:51 -0600 Subject: [tclug-list] [OT] Meetup with Dries Buytert and the Drupal "Usability Team" In-Reply-To: <200802041904.00288.samir.nassar+tclug@steamedpenguin.com> References: <200802041904.00288.samir.nassar+tclug@steamedpenguin.com> Message-ID: On Feb 4, 2008 7:03 PM, Samir M. Nassar wrote: > When: Monday, Febrary 25, 2008 at around 18:00 > Where: To be determined (around the University of Minnesota) > > http://groups.drupal.org/node/8648 Very cool - thanks for the heads up. I'm going to try to be there! From dedrizen at yahoo.com Tue Feb 5 10:11:56 2008 From: dedrizen at yahoo.com (Daniel Burke) Date: Tue, 5 Feb 2008 08:11:56 -0800 (PST) Subject: [tclug-list] New to Linux Message-ID: <614465.45276.qm@web50301.mail.re2.yahoo.com> I am new to Linux, though not new to custom built PCs. My wife has given me the okay to spend some of our tax return to put together a new PC. I am hoping to learn some Linux as well as not compete over our one PC connected to the internet. My plan was to go with an ASUS motherboard, video card, 2GB RAM, DVD burner, 250GB hard drive (was thinking of doing a dual-boot with Windows XP on another partition), memory card reader, one of those 85% efficient power supply, and a 45W AMD dual-core processor. To connect to our wireless network I was considering a USB connected external device. The budget for this, plus monitor and case, is projected to be about $1,200.00 in tax refund. My initial list of questions/concerns are: I found that ASUS listed some driver download for Linux. In Windows I would know what to do with it. In Linux I do not. So what do I do? What do I look for to make sure the hardware I choose is compatible with Linux? To keep things simple for my wife, I was thinking of going with KDE. Is this a good choice? Our children are still very young but it won't be long before they will want to play on the computer. Any advice on setup that might make my life easier with the kids accessing the PC over the next decade? And thinking of children, is there any quick options to "lock" a Linux PC? In Windows XP, I just have to press the Window+L on the keyboard when our little two year old boy comes near to prevent him from using my account with my access to do anything (logging off and shutting down in Windows takes too long as little boys can be very quick). So far I am looking at: motherboard: ASUS M2N-SLI Deluxe processor: AMD Athlon X2 2.1GHz 45W Dual-Core I know that eats up a bit of the initial budget. I was hoping that a good backbone would give me future flexibility. Any suggestions or help with the setup of my first Linux machine would be greatly appreciated. --------------------------------- Looking for last minute shopping deals? Find them fast with Yahoo! Search. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/43f6eebf/attachment.htm From auditodd at comcast.net Tue Feb 5 10:33:56 2008 From: auditodd at comcast.net (auditodd at comcast.net) Date: Tue, 05 Feb 2008 16:33:56 +0000 Subject: [tclug-list] New to Linux Message-ID: <020520081633.19338.47A88FF40002E90900004B8A22007343640B0B019B070B9A0E@comcast.net> Daniel, It is really surprising how little you need to depend upon vendor Linux drivers for things to "just work". I bought a FOXCONN motherboard with onboard nVidia video and a 64bit AMD processor. It "just worked" with Kubuntu, no muss, no fuss. Video, sound, keyboard, mouse, LAN, etc. Wireless is another matter. Make sure your wireless choice is supported by Linux. KDE... I've set up Kubuntu v7.10 on an old HP as a spare for my Dad in case is Dell crashes, and he can barely tell the difference between his WindowsXP and the Kubuntu. -- ========== Todd Young -------------- Original message ---------------------- From: Daniel Burke > What do I look for to make sure the hardware I choose is compatible with > Linux? > > To keep things simple for my wife, I was thinking of going with KDE. Is this a > good choice? -------------- next part -------------- An embedded message was scrubbed... From: Daniel Burke Subject: [tclug-list] New to Linux Date: Tue, 5 Feb 2008 16:17:23 +0000 Size: 5791 Url: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/334dbc8d/attachment.eml From teeahr1 at gmail.com Tue Feb 5 11:07:33 2008 From: teeahr1 at gmail.com (p.daniels) Date: Tue, 05 Feb 2008 11:07:33 -0600 Subject: [tclug-list] put grub on the mbr after the fact? Message-ID: <47A897D5.5050206@gmail.com> I just installed the alpha of Kubuntu Hardy. Nice looking, feels quicker than Gutsy (but still one of the slowest KDE distros I've ever seen, WTF people?) Anyway, somehow grub did not get installed to the master boot record. Going in with the Super Grub live CD will boot it without issue. Is there a way to put grub onto the mbr after the fact? This is unfamiliar territory for me, so if the answer is RTFM, please be gentle and just point me to it. Pete can read good :) -pd- From florin at iucha.net Tue Feb 5 11:17:16 2008 From: florin at iucha.net (Florin Iucha) Date: Tue, 5 Feb 2008 11:17:16 -0600 Subject: [tclug-list] put grub on the mbr after the fact? In-Reply-To: <47A897D5.5050206@gmail.com> References: <47A897D5.5050206@gmail.com> Message-ID: <20080205171716.GY15915@iris.iucha.org> On Tue, Feb 05, 2008 at 11:07:33AM -0600, p.daniels wrote: > I just installed the alpha of Kubuntu Hardy. Nice looking, feels quicker > than Gutsy (but still one of the slowest KDE distros I've ever seen, WTF > people?) Anyway, somehow grub did not get installed to the master boot > record. Going in with the Super Grub live CD will boot it without issue. > Is there a way to put grub onto the mbr after the fact? This is > unfamiliar territory for me, so if the answer is RTFM, please be gentle > and just point me to it. Pete can read good :) Yes, it can. Search the archives, I have answered this in detail sometime last year. florin -- Bruce Schneier expects the Spanish Inquisition. http://geekz.co.uk/schneierfacts/fact/163 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/1f439e0a/attachment.pgp From teeahr1 at gmail.com Tue Feb 5 11:13:04 2008 From: teeahr1 at gmail.com (p.daniels) Date: Tue, 05 Feb 2008 11:13:04 -0600 Subject: [tclug-list] New to Linux In-Reply-To: <614465.45276.qm@web50301.mail.re2.yahoo.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> Message-ID: <47A89920.20104@gmail.com> Daniel Burke wrote: > I found that ASUS listed some driver download for Linux. In Windows I > would know what to do with it. In Linux I do not. So what do I do? What Todd said. With very few exceptions (wireless being at the top of the list), you'll never really need to worry about drivers with any modern Linux distro. Check to make sure your wireless dongle is compatible (I've had good luck with Netgear) before you buy it. Here's a good link for that: http://www.fsf.org/resources/hw/net/wireless/cards.html Also on the subject of drivers, may I suggest Intel onboard video as opposed to buying a card from Nvidia or ATI. The Intel drivers are open source which the big names are not. Practically speaking, this means you'll never need to worry about your video driver. I bought Nvidia cards for years before getting a new tower with intel onboard, and I've never looked back. > To keep things simple for my wife, I was thinking of going with KDE. Is > this a good choice? Live CDs are your friend. Burn one of a Gnome distro, one for KDE, and one for XFCE, and take your pick. I deal with lots of noobs, and I do push Ubuntu (Gnome), even though I personally use KDE. > Our children are still very young but it won't be long before they will > want to play on the computer. Any advice on setup that might make my > life easier with the kids accessing the PC over the next decade? Ubuntu (or any distro that uses the sudo model) makes this very easy. There is no root account by default, and the "do this as root" password is the password of the original user (you). When you make new users, they don't have root access unless you give it to them. I know on Ubuntu when you make a new user, the menu items that require root access don't even appear in their menus. > And thinking of children, is there any quick options to "lock" a Linux > PC? In Windows XP, I just have to press the Window+L on the keyboard > when our little two year old boy comes near to prevent him from using my > account with my access to do anything (logging off and shutting down in > Windows takes too long as little boys can be very quick). Ubuntu (I know, Ubuntu Ubuntu Ubuntu) has a "lock screen" option in the shutdown menu. Other distros may do it differently. Anyway, welcome to TCLUG! From ryan.langseth at gmail.com Tue Feb 5 11:29:37 2008 From: ryan.langseth at gmail.com (Ryan Langseth) Date: Tue, 5 Feb 2008 11:29:37 -0600 Subject: [tclug-list] put grub on the mbr after the fact? In-Reply-To: <20080205171716.GY15915@iris.iucha.org> References: <47A897D5.5050206@gmail.com> <20080205171716.GY15915@iris.iucha.org> Message-ID: The command is grub-install [device_name] . I had to do that on my SuSE box last night for that system it was "grub-install /dev/sda" your device name will probably be different. Ryan On Feb 5, 2008 11:17 AM, Florin Iucha wrote: > On Tue, Feb 05, 2008 at 11:07:33AM -0600, p.daniels wrote: > > I just installed the alpha of Kubuntu Hardy. Nice looking, feels quicker > > than Gutsy (but still one of the slowest KDE distros I've ever seen, WTF > > people?) Anyway, somehow grub did not get installed to the master boot > > record. Going in with the Super Grub live CD will boot it without issue. > > Is there a way to put grub onto the mbr after the fact? This is > > unfamiliar territory for me, so if the answer is RTFM, please be gentle > > and just point me to it. Pete can read good :) > > Yes, it can. > > Search the archives, I have answered this in detail sometime last year. > > florin > > -- > Bruce Schneier expects the Spanish Inquisition. > http://geekz.co.uk/schneierfacts/fact/163 > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > From cschumann at twp-llc.com Tue Feb 5 12:12:25 2008 From: cschumann at twp-llc.com (Chris Schumann) Date: Tue, 5 Feb 2008 12:12:25 -0600 (CST) Subject: [tclug-list] New to Linux In-Reply-To: References: Message-ID: <23170.192.28.2.17.1202235145.squirrel@alpha.twp-llc.com> > Date: Tue, 5 Feb 2008 08:11:56 -0800 (PST) > From: Daniel Burke > I found that ASUS listed some driver download for Linux. In Windows I > would know what to do with it. In Linux I do not. So what do I do? Start by using the Google. Things like the motherboard model and linux will be a good start. You may not have to do anything. Since Asus now ships a Linux machine (EEE PC), they are aware of Linux and might try to make it handy to use on their products. > To keep things simple for my wife, I was thinking of going with KDE. > Is this a good choice? KDE is more configurable than Gnome, so it has more options, which can be a little more confusing. Paradox of choice and all that. There are also Linux distributions that purposely try to look like Windows to reduce the trauma for new users. I like Gnome. > Our children are still very young but it won't be long before they > will want to play on the computer. Any advice on setup that might make > my life easier with the kids accessing the PC over the next decade? Things change quickly. It's not a problem until it's a problem. Come back when you have actual issues. You might be an expert by then. > And thinking of children, is there any quick options to "lock" a Linux > PC? I know Gnome has a task bar thing that you can click to do that. I'm sure there are other options. Google is your friend if no one else chimes in. On video cards, Intel drivers are more open, but ATI is getting there. AMD bought them and are releasing documentation... slowly. Nvidia drivers and ATI's closed drivers are good and getting better too. Personally, I'm a fan of Fedora, but Ubuntu has a larger support community. If you want latest and greatest, Fedora and Ubuntu are good choices. If you want stable and secure, CentOS and Ubuntu LTS are better. From mbmiller at taxa.epi.umn.edu Tue Feb 5 12:16:43 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 12:16:43 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <47A89920.20104@gmail.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: On Tue, 5 Feb 2008, p.daniels wrote: > Ubuntu (or any distro that uses the sudo model) makes this very easy. > There is no root account by default, and the "do this as root" password > is the password of the original user (you). When you make new users, > they don't have root access unless you give it to them. I know on Ubuntu > when you make a new user, the menu items that require root access don't > even appear in their menus. The note above is mostly answering a question I was going to ask here. Isn't that system weakening security a little bit by essentially making the root password the same as one of the user passwords? If someone gets the user password, he also gets root permissions and can do what he pleases. Is there really no root account? On our Ubuntu system there is one: $ grep ^root /etc/passwd root:x:0:0:root:/root:/bin/bash Doesn't there have to be a root account if files are to be owned by root? What is the advantage of sudo over su? Does it log activity better? Mike From brian at ropers-huilman.net Tue Feb 5 12:35:09 2008 From: brian at ropers-huilman.net (Brian D. Ropers-Huilman) Date: Tue, 5 Feb 2008 12:35:09 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: On Feb 5, 2008 12:31 PM, Brian D. Ropers-Huilman wrote: > On a Macintosh or in the *buntu model, the first user created > typically has "full" sudo rights and can do anything on the machine. > This is _still_ a better security model than allowing root to login to > the box (locally or remotely) and having a root password set. I accidentally sent that before completing it. By limiting root access to sudo commands, you force the user into a mode of consciously making the decision to take administrative actions. Back in the day, it was not at all uncommon for an administrator (or user with such priveleges) to login as root and operate that way on the machine, all day long. This is a huge security exposure. Not having a root password, preventing remote and local root logins, and explicitly controlling access to root-level administrative commands is definitely a better way to fly. -- Brian D. Ropers-Huilman, Director Systems Administration and Technical Operations Minnesota Supercomputing Institute 599 Walter Library +1 612-626-5948 (V) 117 Pleasant Street S.E. +1 612-624-8861 (F) University of Minnesota Twin Cities Campus Minneapolis, MN 55455-0255 http://www.msi.umn.edu/ From brockn at gmail.com Tue Feb 5 12:36:46 2008 From: brockn at gmail.com (Brock Noland) Date: Tue, 5 Feb 2008 12:36:46 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: <741dcbb80802051036o400f27d6le09f981590cbc3df@mail.gmail.com> With sudo, you do everything that does not require root privileges as a normal user. Then only when you need root privileges do you execute a command as root. Except for the desktop distros, you set a separate root password. Thus users, even with root privileges via sudo, don't know the root password. sudo asks for the users password, not the root password. Unless setup as below, nothing is stopping you from running sudo su - root You can allow specific commands to be run as root. So user x (or group) can only run kill, service, apt-get, etc as root. Every sudo command is logged. On Feb 5, 2008 12:16 PM, Mike Miller wrote: > On Tue, 5 Feb 2008, p.daniels wrote: > > > Ubuntu (or any distro that uses the sudo model) makes this very easy. > > There is no root account by default, and the "do this as root" password > > is the password of the original user (you). When you make new users, > > they don't have root access unless you give it to them. I know on Ubuntu > > when you make a new user, the menu items that require root access don't > > even appear in their menus. > > The note above is mostly answering a question I was going to ask here. > Isn't that system weakening security a little bit by essentially making > the root password the same as one of the user passwords? If someone gets > the user password, he also gets root permissions and can do what he > pleases. > > Is there really no root account? On our Ubuntu system there is one: > > $ grep ^root /etc/passwd > > root:x:0:0:root:/root:/bin/bash > > Doesn't there have to be a root account if files are to be owned by root? > > What is the advantage of sudo over su? Does it log activity better? > > Mike > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From erikerik at gmail.com Tue Feb 5 12:37:23 2008 From: erikerik at gmail.com (Erik Anderson) Date: Tue, 5 Feb 2008 12:37:23 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: On Feb 5, 2008 12:16 PM, Mike Miller wrote: > > Is there really no root account? On our Ubuntu system there is one: Yes, there is a root account. It just doesn't have a password by default. It's quite easy to set the root password if you want to - just run: $ sudo passwd root > What is the advantage of sudo over su? Does it log activity better? Yes, sudo logs all commands that are run through it. su doesn't. -erik From florin at iucha.net Tue Feb 5 12:50:31 2008 From: florin at iucha.net (Florin Iucha) Date: Tue, 5 Feb 2008 12:50:31 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: <20080205185031.GZ15915@iris.iucha.org> On Tue, Feb 05, 2008 at 12:37:23PM -0600, Erik Anderson wrote: > On Feb 5, 2008 12:16 PM, Mike Miller wrote: > > > > Is there really no root account? On our Ubuntu system there is one: > > Yes, there is a root account. It just doesn't have a password by > default. That would be terrible. In fact, it does have a password, but it is a random string. Cheers, florin -- Bruce Schneier expects the Spanish Inquisition. http://geekz.co.uk/schneierfacts/fact/163 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/5ae65852/attachment.pgp From ecrist at secure-computing.net Tue Feb 5 12:53:24 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Tue, 5 Feb 2008 12:53:24 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> On Feb 5, 2008, at 12:37 PM, Erik Anderson wrote: > On Feb 5, 2008 12:16 PM, Mike Miller > wrote: >> >> Is there really no root account? On our Ubuntu system there is one: > > Yes, there is a root account. It just doesn't have a password by > default. It's quite easy to set the root password if you want to - > just run: > > $ sudo passwd root > >> What is the advantage of sudo over su? Does it log activity better? > > Yes, sudo logs all commands that are run through it. su doesn't. This is slightly misguided. Even with sudo, you can sudo su and where the su to will be logged, anything done while su'd is not logged. Only commands invoked directly with sudo are logged. In this case, logging is no better than it is with su. ----- Eric F Crist Secure Computing Networks From clay at fandre.com Tue Feb 5 12:47:09 2008 From: clay at fandre.com (Clay Fandre) Date: Tue, 5 Feb 2008 12:47:09 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: Yes, there is a root account but by default the password isn't set. You can sudo to root and set it and use it like normal if you'd like. (but I would advise against that) sudo is said to be more secure for a number of reasons. First of all, you should run all admin commands prefixed with sudo (as opposed to running 'sudo su -' first) Also, it does additional logging which makes it easy to track down 'who dun-it'. It also lets you grant only certain commands to users rather than 'ALL' access. So if you need someone to be able to restart apache from time-to-time, you can give them rights to just restart apache. The problem with sudo is there are many ways to get around it, and it's not very easy to get specific. Luckily the next version of Ubuntu will incorporate PolicyKit which should allow for finer controls over things. Haven't used it yet, but it looks promising. https://wiki.ubuntu.com/HardyHeron/Alpha4 On Feb 5, 2008 12:16 PM, Mike Miller wrote: > On Tue, 5 Feb 2008, p.daniels wrote: > > > Ubuntu (or any distro that uses the sudo model) makes this very easy. > > There is no root account by default, and the "do this as root" password > > is the password of the original user (you). When you make new users, > > they don't have root access unless you give it to them. I know on Ubuntu > > when you make a new user, the menu items that require root access don't > > even appear in their menus. > > The note above is mostly answering a question I was going to ask here. > Isn't that system weakening security a little bit by essentially making > the root password the same as one of the user passwords? If someone gets > the user password, he also gets root permissions and can do what he > pleases. > > Is there really no root account? On our Ubuntu system there is one: > > $ grep ^root /etc/passwd > > root:x:0:0:root:/root:/bin/bash > > Doesn't there have to be a root account if files are to be owned by root? > > What is the advantage of sudo over su? Does it log activity better? > > Mike > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From clay at fandre.com Tue Feb 5 13:12:04 2008 From: clay at fandre.com (Clay Fandre) Date: Tue, 5 Feb 2008 13:12:04 -0600 Subject: [tclug-list] sudo In-Reply-To: <20080205185031.GZ15915@iris.iucha.org> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> Message-ID: s/doesn't have a password/doesn't have a password that you know/ On Feb 5, 2008 12:50 PM, Florin Iucha wrote: > On Tue, Feb 05, 2008 at 12:37:23PM -0600, Erik Anderson wrote: > > On Feb 5, 2008 12:16 PM, Mike Miller wrote: > > > > > > Is there really no root account? On our Ubuntu system there is one: > > > > Yes, there is a root account. It just doesn't have a password by > > default. > > That would be terrible. In fact, it does have a password, but it is a > random string. > > Cheers, > florin > > -- > Bruce Schneier expects the Spanish Inquisition. > http://geekz.co.uk/schneierfacts/fact/163 > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > From brian at ropers-huilman.net Tue Feb 5 11:48:05 2008 From: brian at ropers-huilman.net (Brian D. Ropers-Huilman) Date: Tue, 5 Feb 2008 11:48:05 -0600 Subject: [tclug-list] New to Linux In-Reply-To: <614465.45276.qm@web50301.mail.re2.yahoo.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> Message-ID: On Feb 5, 2008 10:11 AM, Daniel Burke wrote: > I am new to Linux Welcome! > I am hoping to learn some Linux as well I will second the mention of the various LiveCDs already mentioned. They are an excellent way to both test out your hardware and also experiment with different flavors of Linux so you can find what you like. > The budget for this, ..., is projected to be about $1,200.00 I know you know PCs, but have you considered getting a Dell? If you do, that opens to door to receiving a system pre-installed where you'll know everything works out of the gate. You can still experiment and learn, but you'll start with a known-good system. > What do I look for to make sure the hardware I choose is compatible with > Linux? As has already been mentioned, hardware support in Linux has come a long way (I've used Linux on servers for over 13 years now and on my desktop {exclusively, I'd add) for 10) and things have dramatically changed. Most stuff "just works." If it doesn't Google Is Your Friend and the forums of the various distributions typically offer a quick resolution. > To keep things simple for my wife, I was thinking of going with KDE. Is this > a good choice? Over my long history with Linux, I've used fvwm, fluxbox, GNOME, E17, KDE, xfce, ... For what you're talking about, I happen to think that KDE will be the most "compatible" for you and your spouse. Since you're getting new hardware, there's really no reason to go minimalist (bye bye fvwm, fluxbox, xfce and E17). If you and your spouse have previously used and like Macintoshes, I'd go with GNOME. If you're long time Windows users, go with KDE. With that said, I would also voice support for Kubuntu, the KDE version of Ubuntu. It's a nice, fully functional KDE. > Our children are still very young but it won't be long before they will want > to play on the computer. Any advice on setup that might make my life easier > with the kids accessing the PC over the next decade? I also have two young children, seven and three, and both of them are able to use my home system. The seven year old will go login to his desktop (Switching Users if Mom or Dad have stayed logged in) and bring up Firefox to check his Google Mail. He's also quite adept at playing the plethora of games available (and installed by me) on the system. The three year old is still getting his mouse skills down, but there are enough options for his little mind to engage with as well. > And thinking of children, is there any quick options to "lock" a Linux PC? > In Windows XP, I just have to press the Window+L on the keyboard when our > little two year old boy comes near to prevent him from using my account with > my access to do anything (logging off and shutting down in Windows takes too > long as little boys can be very quick). I very much empathize with this! Yes, there certainly is a way. Exactly how you do it will depend on which desktop environment you choose (KDE, GNOME, etc.). I have my system mapped so does the instant locking. -- Brian D. Ropers-Huilman, , Director Systems Administration and Technical Operations Minnesota Supercomputing Institute 599 Walter Library +1 612-626-5948 (V) 117 Pleasant Street S.E. +1 612-624-8861 (F) University of Minnesota Twin Cities Campus Minneapolis, MN 55455-0255 http://www.msi.umn.edu/ From brian at ropers-huilman.net Tue Feb 5 12:31:09 2008 From: brian at ropers-huilman.net (Brian D. Ropers-Huilman) Date: Tue, 5 Feb 2008 12:31:09 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> Message-ID: On Feb 5, 2008 12:16 PM, Mike Miller wrote: > On Tue, 5 Feb 2008, p.daniels wrote: > > Ubuntu (or any distro that uses the sudo model) makes this very easy. > > There is no root account by default, and the "do this as root" password > > is the password of the original user (you). When you make new users, > > they don't have root access unless you give it to them. I know on Ubuntu > > when you make a new user, the menu items that require root access don't > > even appear in their menus. > > The note above is mostly answering a question I was going to ask here. > Isn't that system weakening security a little bit by essentially making > the root password the same as one of the user passwords? If someone gets > the user password, he also gets root permissions and can do what he > pleases. > > Is there really no root account? On our Ubuntu system there is one: > > $ grep ^root /etc/passwd > > root:x:0:0:root:/root:/bin/bash > > Doesn't there have to be a root account if files are to be owned by root? > > What is the advantage of sudo over su? Does it log activity better? > > Mike There's some misinformation above. Start by looking at a man page for sudo [ http://www.gratisoft.us/sudo/man/sudo.html ] and then maybe hit Wikipedia [ http://en.wikipedia.org/wiki/Sudo ]. Yes, there is a root account. sudo is a better way to facilitate using su, providing a granular, limiting access that is also auditable (logging). Because of this, sudo is typically setup to allow limited administrative operations. As such, a compromised account will still be limited to what the systems administrator allowed that account to do in the first place, which is typically not much. On a Macintosh or in the *buntu model, the first user created typically has "full" sudo rights and can do anything on the machine. This is _still_ a better security model than allowing root to login to the box (locally or remotely) and having a root password set. -- Brian D. Ropers-Huilman, Director Systems Administration and Technical Operations Minnesota Supercomputing Institute 599 Walter Library +1 612-626-5948 (V) 117 Pleasant Street S.E. +1 612-624-8861 (F) University of Minnesota Twin Cities Campus Minneapolis, MN 55455-0255 http://www.msi.umn.edu/ From mbmiller at taxa.epi.umn.edu Tue Feb 5 13:46:15 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 13:46:15 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> Message-ID: On Tue, 5 Feb 2008, Clay Fandre wrote: > s/doesn't have a password/doesn't have a password that you know/ I can believe that because (A) it makes sense [as Florin suggested -- a random string would be optimal] and (B) several people have said it. One respondent suggested that this command will allow the user to change the root password: $ sudo passwd root But usually the first step in running the passwd command is to enter the existing password, which you don't know (doesn't it work that way for root passwords). This may not be an important issue, but it is still possible to change the root password by editing the /etc/shadow file -- you just have to know the encrypted form of your password. This can be obtained as follows: perl -le 'print crypt("password", "salt");' ...where 'password' is the unencrypted password and 'salt' is the salt string (only the first two characters are used) for the crypt command. The first two characters of the output are the salt. If you have root permissions on a UNIX/Linux machine, you can check that this works by reading /etc/shadow, entering your password and the first two characters of your encrypted password as your salt. This is your salt: sudo egrep '^username:' /etc/shadow | gawk -F':' '{print $2}' | cut -c -2 ...where 'username' is your user name. I tried it and it worked perfectly. (It is not a great idea to run the perl command from the command line because it will leave your password in your command history, so it would be safer to write the perl command into a one-line script, execute it, and delete it.) Mike From mbmiller at taxa.epi.umn.edu Tue Feb 5 13:51:42 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 13:51:42 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> Message-ID: Thanks for all of the useful information about sudo. It works pretty much like I hoped. I'll have to spend a little time studying it and then configuring it so that various users can do various tasks. The example of restarting apache was excellent and it got me thinking about how nice it would be to have a group of users with permission to do that kind of thing. You can really improve service uptime that way, but you have to be able to trust the users not to do bad things. Mike From ecrist at secure-computing.net Tue Feb 5 13:55:49 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Tue, 5 Feb 2008 13:55:49 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> Message-ID: <5AFDA5A8-043D-47EB-B775-0CA5268E57B3@secure-computing.net> On Feb 5, 2008, at 1:46 PM, Mike Miller wrote: > On Tue, 5 Feb 2008, Clay Fandre wrote: > >> s/doesn't have a password/doesn't have a password that you know/ > > I can believe that because (A) it makes sense [as Florin suggested > -- a > random string would be optimal] and (B) several people have said it. > > One respondent suggested that this command will allow the user to > change > the root password: > > $ sudo passwd root > > But usually the first step in running the passwd command is to enter > the > existing password, which you don't know (doesn't it work that way > for root > passwords). Mike, you're wrong here. On every *nix system I've been on, the root user doesn't have to enter the old password in order to change the password for a given user. The command above would work, while it would only ask the user issuing the command for their current password, and the new password (twice) for the given user. Alternatively, you change the second delimited field in /etc/ shadow.passwd to be blank, thus clearing out the password for root. ----- Eric F Crist Secure Computing Networks From mbmiller at taxa.epi.umn.edu Tue Feb 5 14:07:42 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 14:07:42 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <5AFDA5A8-043D-47EB-B775-0CA5268E57B3@secure-computing.net> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> <5AFDA5A8-043D-47EB-B775-0CA5268E57B3@secure-computing.net> Message-ID: On Tue, 5 Feb 2008, Eric F Crist wrote: >> But usually the first step in running the passwd command is to enter >> the existing password, which you don't know (doesn't it work that way >> for root passwords). > > Mike, you're wrong here. Well, I forgot the question mark before the close paren. > On every *nix system I've been on, the root user doesn't have to enter > the old password in order to change the password for a given user. The > command above would work, while it would only ask the user issuing the > command for their current password, and the new password (twice) for the > given user. Yep, you are right. That command was: sudo passwd root Thanks for the tip! Mike From josh at joshwelch.com Tue Feb 5 14:04:29 2008 From: josh at joshwelch.com (Josh Welch) Date: Tue, 05 Feb 2008 20:04:29 +0000 Subject: [tclug-list] sudo In-Reply-To: <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> Message-ID: <20080205200429.m58akd4jcowgc0w4@joshwelch.com> Quoting Eric F Crist : >> >> Yes, sudo logs all commands that are run through it. su doesn't. > > > This is slightly misguided. Even with sudo, you can sudo su > and where the su to will be logged, anything done while su'd is > not logged. Only commands invoked directly with sudo are logged. In > this case, logging is no better than it is with su. > Note that the proper approach here would be to simply disallow doing a sudo to su if you're on a multi-user system where such things matter. One of the nice things about sudo is that you can specify with a fair degree of granularity what users are allowed to issue what commands as the superuser. Josh From crumley at belka.space.umn.edu Tue Feb 5 14:39:48 2008 From: crumley at belka.space.umn.edu (Jim Crumley) Date: Tue, 5 Feb 2008 14:39:48 -0600 Subject: [tclug-list] sudo In-Reply-To: <20080205200429.m58akd4jcowgc0w4@joshwelch.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> Message-ID: <20080205143948.A1204@pchelka.space.umn.edu> On Tue, Feb 05, 2008 at 08:04:29PM +0000, Josh Welch wrote: > Note that the proper approach here would be to simply disallow doing a > sudo to su if you're on a multi-user system where such things matter. > One of the nice things about sudo is that you can specify with a fair > degree of granularity what users are allowed to issue what commands as > the superuser. The problem with the blacklist route of dealing with sudo, is that there are often holes. Many programs allow you to run shell commands (vi, emacs, etc.), so you really need to restrict their usage as well, if you are going to go this route. -- Jim Crumley |Twin Cities Linux Users Group Mailing List (TCLUG) Ruthless Debian Zealot |http://www.mn-linux.org/ Never laugh at live dragons | From ecrist at secure-computing.net Tue Feb 5 14:43:32 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Tue, 5 Feb 2008 14:43:32 -0600 Subject: [tclug-list] sudo In-Reply-To: <20080205200429.m58akd4jcowgc0w4@joshwelch.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> Message-ID: <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> On Feb 5, 2008, at 2:04 PM, Josh Welch wrote: > Quoting Eric F Crist : > >>> >>> Yes, sudo logs all commands that are run through it. su doesn't. >> >> >> This is slightly misguided. Even with sudo, you can sudo su >> and where the su to will be logged, anything done while su'd >> is >> not logged. Only commands invoked directly with sudo are logged. In >> this case, logging is no better than it is with su. >> > > Note that the proper approach here would be to simply disallow doing a > sudo to su if you're on a multi-user system where such things matter. > One of the nice things about sudo is that you can specify with a fair > degree of granularity what users are allowed to issue what commands as > the superuser. Hardly a work-around as I could execute sudo . It really boils down to a couple of options: 1) You trust your users, give them sudo access. 2) You don't trust your users, don't give them sudo access. 3) You don't trust your users, give them a limited set of commands. * With this, I would recommend a 'take it all away' and give them what they need approach. HTH ----- Eric F Crist Secure Computing Networks From josh at joshwelch.com Tue Feb 5 15:01:40 2008 From: josh at joshwelch.com (Josh Welch) Date: Tue, 05 Feb 2008 21:01:40 +0000 Subject: [tclug-list] sudo In-Reply-To: <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> Message-ID: <20080205210140.8cokmg7ascc8ggk8@joshwelch.com> Quoting Eric F Crist : > On Feb 5, 2008, at 2:04 PM, Josh Welch wrote: > >> Quoting Eric F Crist : >> >>>> >>>> Yes, sudo logs all commands that are run through it. su doesn't. >>> >>> >>> This is slightly misguided. Even with sudo, you can sudo su >>> and where the su to will be logged, anything done while su'd is >>> not logged. Only commands invoked directly with sudo are logged. In >>> this case, logging is no better than it is with su. >>> >> >> Note that the proper approach here would be to simply disallow doing a >> sudo to su if you're on a multi-user system where such things matter. >> One of the nice things about sudo is that you can specify with a fair >> degree of granularity what users are allowed to issue what commands as >> the superuser. > > > Hardly a work-around as I could execute sudo . Ummm, what makes you think I gave you the access to `sudo bash` if I didn't give the access to `sudo su`? ;) > It really boils down to a couple of options: > > 1) You trust your users, give them sudo access. > 2) You don't trust your users, don't give them sudo access. > 3) You don't trust your users, give them a limited set of commands. > * With this, I would recommend a 'take it all away' and give them what > they need approach. This is the way I've always given sudo access, users get only the commands they need. Of course I've never met a user I trust :) Josh From josh at joshwelch.com Tue Feb 5 15:06:51 2008 From: josh at joshwelch.com (Josh Welch) Date: Tue, 05 Feb 2008 21:06:51 +0000 Subject: [tclug-list] sudo In-Reply-To: <20080205143948.A1204@pchelka.space.umn.edu> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> <20080205143948.A1204@pchelka.space.umn.edu> Message-ID: <20080205210651.qnroglk2swocokoc@joshwelch.com> Quoting Jim Crumley : > On Tue, Feb 05, 2008 at 08:04:29PM +0000, Josh Welch wrote: >> Note that the proper approach here would be to simply disallow doing a >> sudo to su if you're on a multi-user system where such things matter. >> One of the nice things about sudo is that you can specify with a fair >> degree of granularity what users are allowed to issue what commands as >> the superuser. > > The problem with the blacklist route of dealing with sudo, is > that there are often holes. Many programs allow you to run shell > commands (vi, emacs, etc.), so you really need to restrict their > usage as well, if you are going to go this route. > I misspoke. As I noted to someone else, possibly in private mail, he proper way to give sudo access is to give only specific access, which would in effect disallow `sudo su` as well as everything else not explicitly allowed. Can't get anything by you people. ;) Josh W From ecrist at secure-computing.net Tue Feb 5 15:51:33 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Tue, 5 Feb 2008 15:51:33 -0600 Subject: [tclug-list] sudo In-Reply-To: <20080205210140.8cokmg7ascc8ggk8@joshwelch.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> <20080205210140.8cokmg7ascc8ggk8@joshwelch.com> Message-ID: <3C63CDD5-0364-4525-8392-D062168EA1F3@secure-computing.net> On Feb 5, 2008, at 3:01 PM, Josh Welch wrote: > Quoting Eric F Crist : > >> On Feb 5, 2008, at 2:04 PM, Josh Welch wrote: >>> >>> Note that the proper approach here would be to simply disallow >>> doing a >>> sudo to su if you're on a multi-user system where such things >>> matter. >>> One of the nice things about sudo is that you can specify with a >>> fair >>> degree of granularity what users are allowed to issue what >>> commands as >>> the superuser. >> >> >> Hardly a work-around as I could execute sudo . > > Ummm, what makes you think I gave you the access to `sudo bash` if I > didn't give the access to `sudo su`? ;) You said you would disallow doing a sudo to su. You said nothing about disallowing other commands. My point is that there are other ways to obtain a root shell without going the su route. As someone else mentioned, vim, emacs, poorly written shell scripts dumped into $PATH, etc. The more secure, or safer, method may be to white-list rather than black-list. At least, that's been my experience. ----- Eric F Crist Secure Computing Networks From mbmiller at taxa.epi.umn.edu Tue Feb 5 16:08:15 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 16:08:15 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <3C63CDD5-0364-4525-8392-D062168EA1F3@secure-computing.net> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> <20080205210140.8cokmg7ascc8ggk8@joshwelch.com> <3C63CDD5-0364-4525-8392-D062168EA1F3@secure-computing.net> Message-ID: On Tue, 5 Feb 2008, Eric F Crist wrote: > You said you would disallow doing a sudo to su. You said nothing about > disallowing other commands. My point is that there are other ways to > obtain a root shell without going the su route. As someone else > mentioned, vim, emacs, poorly written shell scripts dumped into $PATH, > etc. The more secure, or safer, method may be to white-list rather than > black-list. At least, that's been my experience. I think you have to use an disallow-all, allow-specifics kind of approach. What about this? sudo cp -p /usr/bash /usr/bash2 sudo bash2 -l If bash had been disallowed, but bash2 hadn't been disallowed, then you're screwed. I think you have to allow a very limited set of commands, very cautiously. It's probably best to create a special user, not called root, in a special group who has certain special permissions -- can't that be done? Mike From dave at sherohman.org Tue Feb 5 16:31:21 2008 From: dave at sherohman.org (Dave Sherohman) Date: Tue, 5 Feb 2008 16:31:21 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> Message-ID: <20080205223121.GD3431@sherohman.org> On Tue, Feb 05, 2008 at 01:46:15PM -0600, Mike Miller wrote: > On Tue, 5 Feb 2008, Clay Fandre wrote: > > s/doesn't have a password/doesn't have a password that you know/ > > I can believe that because (A) it makes sense [as Florin suggested -- a > random string would be optimal] and (B) several people have said it. Well, actually, no... A random string would *not* be optimal, as there would still be the (admittedly very small) chance that a brute-force attack could guess it. Having no password (which is distinct from having an empty password) is indeed the optimal solution if you wish to disable login on an account, root or otherwise. On some systems, this can be accomplished by emptying the user's password hash value in /etc/shadow (or /etc/passwd, but why would you not be using shadow if you care at all about security?), but other systems will treat that as an empty password, so bad solution. The proper way to ensure that an account has no valid password is to insert characters into the user's hashed password which ensure that the hashing algorithm can never produce a matching hash. Altering the length of the hash can accomplish this for fixed-length hashes (such as MD5) or a character which isn't a part of the set used to encode the hash's output can work for others (e.g., inserting a G into a hexadecimal hash). If you take a look at your /etc/shadow, you'll most likely see several accounts with a password hash of simply "*" or "!", which fits both methods - no respectable cryptographic hash will produce a single-character result and few will use the characters ! or * in their output. But, then, I'm sure Clay and Florin already know this and it's just the ambiguity of the phrase "doesn't have a password" causing confusion... (Does it mean you can access the account without entering a password, that the password is an empty string (nothing), or that there is the absence of any valid password (known or unknown)?) -- News aggregation meets world domination. Can you see the fnews? http://seethefnews.com/ From johntrammell at gmail.com Tue Feb 5 16:38:09 2008 From: johntrammell at gmail.com (John J. Trammell) Date: Tue, 5 Feb 2008 16:38:09 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <7566207B-0441-4872-A974-35683383F8B8@secure-computing.net> <20080205200429.m58akd4jcowgc0w4@joshwelch.com> <7B8F527A-FD55-4A71-B209-4744707EA4AE@secure-computing.net> <20080205210140.8cokmg7ascc8ggk8@joshwelch.com> <3C63CDD5-0364-4525-8392-D062168EA1F3@secure-computing.net> Message-ID: <68dbb6fe0802051438o20f5e93bs3a48b1d14aafe164@mail.gmail.com> Obligatory XKCD reference: http://xkcd.com/149/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/5bea651e/attachment.htm From mbmiller at taxa.epi.umn.edu Tue Feb 5 17:11:47 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Tue, 5 Feb 2008 17:11:47 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <20080205223121.GD3431@sherohman.org> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> <20080205223121.GD3431@sherohman.org> Message-ID: Thanks, Dave. Very interesting. How about: A random string is the hardest password to guess. In that sense a random string is optimal. But use of * or ! in the shadow file does not provide a password so that is optimal when you don't need a password. I had seen those asterisks and double-bangs !! in the shadow file for years and never knew what that was about. Before that they used to be in /etc/password. Remember that? There wasn't always a shadow file and the encrypted passwords used to be readable by all! Mike From pcrequest at gmail.com Tue Feb 5 18:06:56 2008 From: pcrequest at gmail.com (Aaron Lewis) Date: Tue, 5 Feb 2008 18:06:56 -0600 Subject: [tclug-list] Linux+ certification Message-ID: <8cb4302d0802051606l7d4e4f4dr1122898d1b24506c@mail.gmail.com> I'm wondering if there's anyone interested in taking a Linux+ certification class. I've registered in the past with www.minneapolis.edu however they've never had enough persons register and the course was cancelled. If I can find 2 or 3 more people for evening classes sometime in the last half of 2008 that will be enough. Or perhaps someone knows where a class is offered already... Or if you know of a good self study book. Thanks. From tonyyarusso at gmail.com Tue Feb 5 22:55:16 2008 From: tonyyarusso at gmail.com (Tony Yarusso) Date: Tue, 5 Feb 2008 22:55:16 -0600 Subject: [tclug-list] Linux+ certification In-Reply-To: <8cb4302d0802051606l7d4e4f4dr1122898d1b24506c@mail.gmail.com> References: <8cb4302d0802051606l7d4e4f4dr1122898d1b24506c@mail.gmail.com> Message-ID: <254fef0f0802052055j51f58317t71b9a5ae470d06d6@mail.gmail.com> On Feb 5, 2008 6:06 PM, Aaron Lewis wrote: > I'm wondering if there's anyone interested in taking a Linux+ > certification class. I've registered in the past with > www.minneapolis.edu however they've never had enough persons register > and the course was cancelled. If I can find 2 or 3 more people for > evening classes sometime in the last half of 2008 that will be enough. > Or perhaps someone knows where a class is offered already... Or if > you know of a good self study book. Thanks. > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > Saint Paul College (http://www.saintpaul.edu/) offers a number of classes geared toward certifications, include Linux ones. -- Tony Yarusso http://tonyyarusso.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080205/0b31b370/attachment.htm From tonyyarusso at gmail.com Wed Feb 6 00:26:58 2008 From: tonyyarusso at gmail.com (Tony Yarusso) Date: Wed, 6 Feb 2008 00:26:58 -0600 Subject: [tclug-list] Open standards for government documents Message-ID: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> As noted on my blog, I attended my caucus tonight, and decided to present a resolution for mandating the use of ISO-approved open standards for all new government documents and all being newly converted to electronic form, mentioning ODF as the current best option but leaving room to consider others as appropriate in the future. My precinct easily passed the resolution, although for many of them it was the first they had heard of the issue. I was wondering if anyone else had similar resolutions brought up in their precinct, and if so, what was the result? The only concern raised against mine was wondering what the potential cost would be, although I think we have a solid argument there in that it would cost essentially nothing to implement open formats in a forward-only manner, and the real cost only comes in with retroactively converting existing documents (and the prioritization of my resolution was worded accordingly), and regardless would be far less than the cost of trying to recover data after a vendor went bankrupt, changed its terms, or any other similar drastic blocking event to current documents. Given that open document standards have been proposed twice already in the Minnesota Legislature (but been ignored as a low priority), and enjoyed increasing success in being passed into law in other states and countries, I think we have an opportunity to make a significant push for this in Minnesota in the coming year. Additionally, the benefits of open formats provide a great starting point for selling the benefits of open source software in government usage as well (state agencies, legislators, ***public schools!***, etc.), which is another thing that I would very much like to see us get involved in in the coming months and years. So, I wanted to take the opportunity of this local caucus night to see where other people around the state were at with respect to standardized, free, open, non-proprietary formats in government office documents, and start getting people talking about how we might go about making a significant publicity push on the issue with the common population as well as gathering support from local and state representatives. Let the ideas flow! -- Tony Yarusso http://tonyyarusso.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/d4ef319a/attachment.htm From pcrequest at gmail.com Wed Feb 6 00:43:40 2008 From: pcrequest at gmail.com (Aaron Lewis) Date: Wed, 6 Feb 2008 00:43:40 -0600 Subject: [tclug-list] Linux+ certification In-Reply-To: <000001c86867$e9548610$040a0a0a@W4NM4N02> References: <8cb4302d0802051606l7d4e4f4dr1122898d1b24506c@mail.gmail.com> <000001c86867$e9548610$040a0a0a@W4NM4N02> Message-ID: <8cb4302d0802052243u208a80benec0eb4c1a2b133b9@mail.gmail.com> I'm glad to see some interest. General info: http://www.minneapolis.edu/continuinged/certificatesandprograms/informationtechnology/comptia.cfm Use the contact link to express your interest. This is key! I've been told they need at least a few registered to get a class going. Cost: Linux+ is not on the schedule, but have a look at the other courses to get a general idea: https://webproc.mnscu.edu/registration/search/results.html;jsessionid=ED6E4A9310F38F053D606FD8ACF5E991?campusid=305&searchcampusid=305&yrtr=20085&category=IT&subcategory=CERT&openonly=false See if your employer can help with the cost, or if you can get a lifetime learner tax deduction or credit http://www.irs.gov/publications/p970/ or perhaps it can qualify as a business expense. Unemployment benefits will sometimes help you retrain in a new field too. Location: My IT classes have been at either Minneapolis or Egan MN. Ask the school if they could consider a remote option if you're not in the vicinity. On Feb 5, 2008 8:28 PM, Andrew von Nagy wrote: > How much does the course cost? I may be interested. From brian at ropers-huilman.net Wed Feb 6 06:52:58 2008 From: brian at ropers-huilman.net (Brian D. Ropers-Huilman) Date: Wed, 6 Feb 2008 06:52:58 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> Message-ID: On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: > As noted on my blog, I attended my caucus tonight, and decided to present a > resolution for mandating the use of ISO-approved open standards for all new > government documents and all being newly converted to electronic form, > > I was wondering if anyone else had similar resolutions brought up in their > precinct, and if so, what was the result? The only concern raised against > mine was wondering what the potential cost would be, although I think we > have a solid argument there in that it would cost essentially nothing to > implement open formats in a forward-only manner, and the real cost only > comes in with retroactively converting existing documents I am a strong proponent of open source and have even been accused of evangelicalizing at times. I pushed my extended family to move to OpenOffice years ago, as I did. Having said that, however, we need to be careful when we talk about costs. There certainly will be a cost involved in such a conversion, not in the cost of the format or of the software to produce documents in that format, but in terms of training. Like it or not, there are differences in the applications that support open formats and those that don't and those differences will have to be trained before users are fully accepting of the new applications and their new formats. I just needed to point that one out. We did not stay for our actual caucus last night as our kids would have melted. I'm not aware of any discussion in that regard either, but I applaud you for bringing it up and am excited that your resolution passed. -- Brian D. Ropers-Huilman From troythetechguy at gmail.com Wed Feb 6 07:46:51 2008 From: troythetechguy at gmail.com (Troy) Date: Wed, 6 Feb 2008 07:46:51 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> Message-ID: <34de7f3d0802060546p6dfb598fwf125281092955712@mail.gmail.com> Great idea Tony. I wish I would have thought of offering the open standard as a resolution as my caucus too. As Brian points out, there is the cost of training involved with any conversion. However, I think this touches on the fundamental issue of how we teach people to use software. This topic was mentioned in another list that I am a member, and the consensus was we teach kids to use MS Word, not word processing software. It would be nice if schools at least touched on alternatives to MS products. Troy On Feb 6, 2008 6:52 AM, Brian D. Ropers-Huilman wrote: > On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: > > As noted on my blog, I attended my caucus tonight, and decided to > present a > > resolution for mandating the use of ISO-approved open standards for all > new > > government documents and all being newly converted to electronic form, > > > > I was wondering if anyone else had similar resolutions brought up in > their > > precinct, and if so, what was the result? The only concern raised > against > > mine was wondering what the potential cost would be, although I think we > > have a solid argument there in that it would cost essentially nothing to > > implement open formats in a forward-only manner, and the real cost only > > comes in with retroactively converting existing documents > > I am a strong proponent of open source and have even been accused of > evangelicalizing at times. I pushed my extended family to move to > OpenOffice years ago, as I did. > > Having said that, however, we need to be careful when we talk about > costs. There certainly will be a cost involved in such a conversion, > not in the cost of the format or of the software to produce documents > in that format, but in terms of training. Like it or not, there are > differences in the applications that support open formats and those > that don't and those differences will have to be trained before users > are fully accepting of the new applications and their new formats. > > I just needed to point that one out. > > We did not stay for our actual caucus last night as our kids would > have melted. I'm not aware of any discussion in that regard either, > but I applaud you for bringing it up and am excited that your > resolution passed. > > -- > Brian D. Ropers-Huilman > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -- Website of the week: http://www.ubuntu.com/ The Free Alternative to M$ Office: http://www.openoffice.org My Blog: http://troythetechguy.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/de445f54/attachment.htm From mbmiller at taxa.epi.umn.edu Wed Feb 6 08:46:15 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Wed, 6 Feb 2008 08:46:15 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <7b7c42a30802060542h39bdb6ebifd6793b5e29edafd@mail.gmail.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <47A89920.20104@gmail.com> <20080205185031.GZ15915@iris.iucha.org> <20080205223121.GD3431@sherohman.org> <7b7c42a30802060542h39bdb6ebifd6793b5e29edafd@mail.gmail.com> Message-ID: On Wed, 6 Feb 2008, Andy Schmid wrote: > On Feb 5, 2008 5:11 PM, Mike Miller wrote: > >> Thanks, Dave. Very interesting. How about: A random string is the >> hardest password to guess. > > > I disagree. There is the chance (albeit very slim to none) that a > random string can produce a password such as '1234', which can be easily > cracked. I thought about that too, but the thing is, if the wouldbe cracker knows that it is a random string (and he would know if that was the design of the system), there will be no benefit to his guessing first things like "1234," but if he knows that you have disallowed things like "1234", then you have helped him by cutting back on the number of things he must guess. So when using random strings you would *not* want to have rules like "must include both upper case lower case letters, digits and non-alphanumeric characters," because that rule would help a brute-force attacker. Mike From andyschmid at gmail.com Wed Feb 6 08:58:20 2008 From: andyschmid at gmail.com (Andy Schmid) Date: Wed, 6 Feb 2008 08:58:20 -0600 Subject: [tclug-list] sudo In-Reply-To: References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <20080205185031.GZ15915@iris.iucha.org> <20080205223121.GD3431@sherohman.org> <7b7c42a30802060542h39bdb6ebifd6793b5e29edafd@mail.gmail.com> Message-ID: <7b7c42a30802060658k19c7d285ya357f7ffa4b5dd4b@mail.gmail.com> On Feb 6, 2008 8:46 AM, Mike Miller wrote: > On Wed, 6 Feb 2008, Andy Schmid wrote: > > > On Feb 5, 2008 5:11 PM, Mike Miller wrote: > > > >> Thanks, Dave. Very interesting. How about: A random string is the > >> hardest password to guess. > > > > > > I disagree. There is the chance (albeit very slim to none) that a > > random string can produce a password such as '1234', which can be easily > > cracked. > > I thought about that too, but the thing is, if the wouldbe cracker knows > that it is a random string (and he would know if that was the design of > the system), there will be no benefit to his guessing first things like > "1234," but if he knows that you have disallowed things like "1234", then > you have helped him by cutting back on the number of things he must guess. > > So when using random strings you would *not* want to have rules like "must > include both upper case lower case letters, digits and non-alphanumeric > characters," because that rule would help a brute-force attacker. > > Mike > This is a good point. But most brute force attacks are done using common passwords across many hosts (typically from worms). If you have constraints put in place that are wide enough, the number of password permutations is still astronomical, with the chance of weak passwords being produced eliminated. Though, its a good idea all around to disable login access for the root account, as well as any other accounts you do not want logging in. Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/9b7d48b7/attachment.htm From mbmiller at taxa.epi.umn.edu Wed Feb 6 10:32:50 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Wed, 6 Feb 2008 10:32:50 -0600 (CST) Subject: [tclug-list] sudo In-Reply-To: <7b7c42a30802060658k19c7d285ya357f7ffa4b5dd4b@mail.gmail.com> References: <614465.45276.qm@web50301.mail.re2.yahoo.com> <20080205185031.GZ15915@iris.iucha.org> <20080205223121.GD3431@sherohman.org> <7b7c42a30802060542h39bdb6ebifd6793b5e29edafd@mail.gmail.com> <7b7c42a30802060658k19c7d285ya357f7ffa4b5dd4b@mail.gmail.com> Message-ID: On Wed, 6 Feb 2008, Andy Schmid wrote: > Though, its a good idea all around to disable login access for the root > account, as well as any other accounts you do not want logging in. Yep. I understand that concept. I like to become root sometimes, but I like the idea of sudo logging, so maybe I'd try to do things that way. I'm still mostly on Solaris (sparc) right now but it is time for a change! Mike From strayf at freeshell.org Wed Feb 6 10:35:42 2008 From: strayf at freeshell.org (Steve Cayford) Date: Wed, 06 Feb 2008 10:35:42 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> Message-ID: <47A9E1DE.2020302@freeshell.org> Tony Yarusso wrote: > [...] > I was wondering if anyone else had similar resolutions brought up in > their precinct, and if so, what was the result? The only concern raised > against mine was wondering what the potential cost would be, although I > think we have a solid argument there in that it would cost essentially > nothing to implement open formats in a forward-only manner, and the real > cost only comes in with retroactively converting existing documents (and > the prioritization of my resolution was worded accordingly), and > regardless would be far less than the cost of trying to recover data > after a vendor went bankrupt, changed its terms, or any other similar > drastic blocking event to current documents. > [...] Our precinct did not have time to go through all the resolutions and they had to be passed along to the senate district conference en masse. So I don't know what all the resolutions contained. I should have included a resolution like that myself, but didn't think of it. As far as the cost... won't the older documents have to be converted to something else at some point anyway? It seems like converting to an open format could actually be cheaper than converting to Microsoft's next document format. -Steve From troy.johnson at health.state.mn.us Wed Feb 6 10:55:22 2008 From: troy.johnson at health.state.mn.us (Troy.A Johnson) Date: Wed, 06 Feb 2008 10:55:22 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> Message-ID: <47A99218.9048.009E.0@health.state.mn.us> >>> On 2/6/2008 at 6:52 AM, in message , "Brian D. Ropers-Huilman" wrote: > On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: >> As noted on my blog, I attended my caucus tonight, and decided to present a >> resolution for mandating the use of ISO-approved open standards for all new >> government documents and all being newly converted to electronic form, >> I was wondering if anyone else had similar resolutions brought up in their >> precinct, and if so, what was the result? The only concern raised against >> mine was wondering what the potential cost would be, although I think we >> have a solid argument there in that it would cost essentially nothing to >> implement open formats in a forward-only manner, and the real cost only >> comes in with retroactively converting existing documents ... > Having said that, however, we need to be careful when we talk about > costs. There certainly will be a cost involved in such a conversion, > not in the cost of the format or of the software to produce documents > in that format, but in terms of training. Like it or not, there are > differences in the applications that support open formats and those > that don't and those differences will have to be trained before users > are fully accepting of the new applications and their new formats. Keep in mind, however, that though some might not need training for new versions of Microsoft Office, many do. And that training costs are not limited to initial product roll out. There are many factors to be considered: - Initial and ongoing end user training - Upgrades and patching - Buying, managing, and tracking licenses - Researching, interpreting, and compensating for changing licensing terms - Negotiating pricing at time of purchase All of these take time and should be weighed on the cost side, and I think there may be more. There are some of the same costs for OpenOffice or similar products, but the purchasing and licensing issues go out the window. It gets even more expensive if you want to convert documents, for whatever reason. Unannounced, undercover document conversion projects occur with almost every new version of Microsoft Office. They show up in higher numbers of Microsoft Office related trouble tickets, if nowhere else. From brian at ropers-huilman.net Wed Feb 6 12:27:08 2008 From: brian at ropers-huilman.net (Brian D. Ropers-Huilman) Date: Wed, 6 Feb 2008 12:27:08 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: <34de7f3d0802060546p6dfb598fwf125281092955712@mail.gmail.com> References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> <34de7f3d0802060546p6dfb598fwf125281092955712@mail.gmail.com> Message-ID: On Feb 6, 2008 7:46 AM, Troy wrote: > As Brian points out, there is the cost of training involved with any > conversion. However, I think this touches on the fundamental issue of how > we teach people to use software. This topic was mentioned in another list > that I am a member, and the consensus was we teach kids to use MS Word, not > word processing software. It would be nice if schools at least touched on > alternatives to MS products. Very much agreed. I've had issues with this for many years. Quite frankly, I am of the belief that a "computer literate" person should be able to walk up to any modern desktop system (Linux, OS X, or Windows [pick your flavor]) and be productive. We need to teach philosophies, not applications. Whether it's Word Perfect, OpenOffice Writer, Abiword, Microsoft Word, or whatever, people should know what's capable. There will always be some specifics to learn, but we need to teach concepts and approaches, capabilities and philosophies, rather than specific applications. -- Brian D. Ropers-Huilman, Director Systems Administration and Technical Operations Minnesota Supercomputing Institute 599 Walter Library +1 612-626-5948 (V) 117 Pleasant Street S.E. +1 612-624-8861 (F) University of Minnesota Twin Cities Campus Minneapolis, MN 55455-0255 http://www.msi.umn.edu/ From mbmiller at taxa.epi.umn.edu Wed Feb 6 14:43:47 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Wed, 6 Feb 2008 14:43:47 -0600 (CST) Subject: [tclug-list] Open standards for government documents In-Reply-To: References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> <34de7f3d0802060546p6dfb598fwf125281092955712@mail.gmail.com> Message-ID: On Wed, 6 Feb 2008, Brian D. Ropers-Huilman wrote: > Very much agreed. I've had issues with this for many years. Quite > frankly, I am of the belief that a "computer literate" person should be > able to walk up to any modern desktop system (Linux, OS X, or Windows > [pick your flavor]) and be productive. We need to teach philosophies, > not applications. Whether it's Word Perfect, OpenOffice Writer, Abiword, > Microsoft Word, or whatever, people should know what's capable. There > will always be some specifics to learn, but we need to teach concepts > and approaches, capabilities and philosophies, rather than specific > applications. Good ideas, but when we first begin to teach about software, I think we should teach students how to use something, and that something should be an open-source program. We don't want to be a Microsoft training ground. Regarding the idea that more training is required for Word than for OO-Write: I'm sure that is true *now* but as Open Office becomes more widely used in coming years (because it is taught to every child in school?), the opposite will eventually become true and Word will be the program that requires extra training. I'm ccing this to the Ubuntu list because everyone else was doing that, but I'm not on the Ubuntu list -- do you have any info about that list? Maybe I'll want to sign up. Mike From Dean.Benjamin at mm.com Wed Feb 6 21:07:48 2008 From: Dean.Benjamin at mm.com (Dean.Benjamin at mm.com) Date: Wed, 06 Feb 2008 21:07:48 -0600 Subject: [tclug-list] Open standards for government documents In-Reply-To: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.co m> References: <254fef0f0802052226p6a3eaac6u8dbe001e941f53ac@mail.gmail.com> Message-ID: <6.1.2.0.2.20080206200833.02538598@pop.mm.com> An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/f8bddb5c/attachment.htm From bunjee at charter.net Thu Feb 7 06:43:21 2008 From: bunjee at charter.net (Danny) Date: Thu, 07 Feb 2008 06:43:21 -0600 Subject: [tclug-list] ATI Radeon video card in Ubuntu 7.10 In-Reply-To: References: Message-ID: <1202388201.10652.2.camel@patty> Can anyone out there tell me how to configure a Radeon 1950Pro video card to work with special effects? I would appreciate it. Danny On Wed, 2008-02-06 at 10:57 -0600, tclug-list-request at mn-linux.org wrote: > Send tclug-list mailing list submissions to > tclug-list at mn-linux.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > or, via email, send a message with subject or body 'help' to > tclug-list-request at mn-linux.org > > You can reach the person managing the list at > tclug-list-owner at mn-linux.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tclug-list digest..." > > > Today's Topics: > > 1. Re: Open standards for government documents > (Brian D. Ropers-Huilman) > 2. Re: Open standards for government documents (Troy) > 3. Re: sudo (Mike Miller) > 4. Re: sudo (Andy Schmid) > 5. Re: sudo (Mike Miller) > 6. Re: Open standards for government documents (Steve Cayford) > 7. Re: Open standards for government documents (Troy.A Johnson) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 6 Feb 2008 06:52:58 -0600 > From: "Brian D. Ropers-Huilman" > Subject: Re: [tclug-list] Open standards for government documents > To: "Tony Yarusso" > Cc: ubuntu-us-mn at lists.ubuntu.com, tclug-list at mn-linux.org > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: > > As noted on my blog, I attended my caucus tonight, and decided to present a > > resolution for mandating the use of ISO-approved open standards for all new > > government documents and all being newly converted to electronic form, > > > > I was wondering if anyone else had similar resolutions brought up in their > > precinct, and if so, what was the result? The only concern raised against > > mine was wondering what the potential cost would be, although I think we > > have a solid argument there in that it would cost essentially nothing to > > implement open formats in a forward-only manner, and the real cost only > > comes in with retroactively converting existing documents > > I am a strong proponent of open source and have even been accused of > evangelicalizing at times. I pushed my extended family to move to > OpenOffice years ago, as I did. > > Having said that, however, we need to be careful when we talk about > costs. There certainly will be a cost involved in such a conversion, > not in the cost of the format or of the software to produce documents > in that format, but in terms of training. Like it or not, there are > differences in the applications that support open formats and those > that don't and those differences will have to be trained before users > are fully accepting of the new applications and their new formats. > > I just needed to point that one out. > > We did not stay for our actual caucus last night as our kids would > have melted. I'm not aware of any discussion in that regard either, > but I applaud you for bringing it up and am excited that your > resolution passed. > > -- > Brian D. Ropers-Huilman > > > > ------------------------------ > > Message: 2 > Date: Wed, 6 Feb 2008 07:46:51 -0600 > From: Troy > Subject: Re: [tclug-list] Open standards for government documents > To: "Brian D. Ropers-Huilman" > Cc: ubuntu-us-mn at lists.ubuntu.com, tclug-list at mn-linux.org > Message-ID: > <34de7f3d0802060546p6dfb598fwf125281092955712 at mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > Great idea Tony. I wish I would have thought of offering the open standard > as a resolution as my caucus too. > > As Brian points out, there is the cost of training involved with any > conversion. However, I think this touches on the fundamental issue of how > we teach people to use software. This topic was mentioned in another list > that I am a member, and the consensus was we teach kids to use MS Word, not > word processing software. It would be nice if schools at least touched on > alternatives to MS products. > > Troy > > On Feb 6, 2008 6:52 AM, Brian D. Ropers-Huilman > wrote: > > > On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: > > > As noted on my blog, I attended my caucus tonight, and decided to > > present a > > > resolution for mandating the use of ISO-approved open standards for all > > new > > > government documents and all being newly converted to electronic form, > > > > > > I was wondering if anyone else had similar resolutions brought up in > > their > > > precinct, and if so, what was the result? The only concern raised > > against > > > mine was wondering what the potential cost would be, although I think we > > > have a solid argument there in that it would cost essentially nothing to > > > implement open formats in a forward-only manner, and the real cost only > > > comes in with retroactively converting existing documents > > > > I am a strong proponent of open source and have even been accused of > > evangelicalizing at times. I pushed my extended family to move to > > OpenOffice years ago, as I did. > > > > Having said that, however, we need to be careful when we talk about > > costs. There certainly will be a cost involved in such a conversion, > > not in the cost of the format or of the software to produce documents > > in that format, but in terms of training. Like it or not, there are > > differences in the applications that support open formats and those > > that don't and those differences will have to be trained before users > > are fully accepting of the new applications and their new formats. > > > > I just needed to point that one out. > > > > We did not stay for our actual caucus last night as our kids would > > have melted. I'm not aware of any discussion in that regard either, > > but I applaud you for bringing it up and am excited that your > > resolution passed. > > > > -- > > Brian D. Ropers-Huilman > > > > _______________________________________________ > > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > > tclug-list at mn-linux.org > > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > > > > > -- > Website of the week: > http://www.ubuntu.com/ > > The Free Alternative to M$ Office: > http://www.openoffice.org > > My Blog: > http://troythetechguy.blogspot.com > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/de445f54/attachment-0001.htm > > ------------------------------ > > Message: 3 > Date: Wed, 6 Feb 2008 08:46:15 -0600 (CST) > From: Mike Miller > Subject: Re: [tclug-list] sudo > To: Andy Schmid > Cc: tclug-list at mn-linux.org > Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > On Wed, 6 Feb 2008, Andy Schmid wrote: > > > On Feb 5, 2008 5:11 PM, Mike Miller wrote: > > > >> Thanks, Dave. Very interesting. How about: A random string is the > >> hardest password to guess. > > > > > > I disagree. There is the chance (albeit very slim to none) that a > > random string can produce a password such as '1234', which can be easily > > cracked. > > I thought about that too, but the thing is, if the wouldbe cracker knows > that it is a random string (and he would know if that was the design of > the system), there will be no benefit to his guessing first things like > "1234," but if he knows that you have disallowed things like "1234", then > you have helped him by cutting back on the number of things he must guess. > > So when using random strings you would *not* want to have rules like "must > include both upper case lower case letters, digits and non-alphanumeric > characters," because that rule would help a brute-force attacker. > > Mike > > > > ------------------------------ > > Message: 4 > Date: Wed, 6 Feb 2008 08:58:20 -0600 > From: "Andy Schmid" > Subject: Re: [tclug-list] sudo > To: "Mike Miller" > Cc: tclug-list at mn-linux.org > Message-ID: > <7b7c42a30802060658k19c7d285ya357f7ffa4b5dd4b at mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > On Feb 6, 2008 8:46 AM, Mike Miller wrote: > > > On Wed, 6 Feb 2008, Andy Schmid wrote: > > > > > On Feb 5, 2008 5:11 PM, Mike Miller wrote: > > > > > >> Thanks, Dave. Very interesting. How about: A random string is the > > >> hardest password to guess. > > > > > > > > > I disagree. There is the chance (albeit very slim to none) that a > > > random string can produce a password such as '1234', which can be easily > > > cracked. > > > > I thought about that too, but the thing is, if the wouldbe cracker knows > > that it is a random string (and he would know if that was the design of > > the system), there will be no benefit to his guessing first things like > > "1234," but if he knows that you have disallowed things like "1234", then > > you have helped him by cutting back on the number of things he must guess. > > > > So when using random strings you would *not* want to have rules like "must > > include both upper case lower case letters, digits and non-alphanumeric > > characters," because that rule would help a brute-force attacker. > > > > Mike > > > > This is a good point. But most brute force attacks are done using common > passwords across many hosts (typically from worms). If you have constraints > put in place that are wide enough, the number of password permutations is > still astronomical, with the chance of weak passwords being produced > eliminated. Though, its a good idea all around to disable login access for > the root account, as well as any other accounts you do not want logging in. > > Andy > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080206/9b7d48b7/attachment-0001.htm > > ------------------------------ > > Message: 5 > Date: Wed, 6 Feb 2008 10:32:50 -0600 (CST) > From: Mike Miller > Subject: Re: [tclug-list] sudo > To: TCLUG List > Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > On Wed, 6 Feb 2008, Andy Schmid wrote: > > > Though, its a good idea all around to disable login access for the root > > account, as well as any other accounts you do not want logging in. > > Yep. I understand that concept. I like to become root sometimes, but I > like the idea of sudo logging, so maybe I'd try to do things that way. > > I'm still mostly on Solaris (sparc) right now but it is time for a change! > > Mike > > > > ------------------------------ > > Message: 6 > Date: Wed, 06 Feb 2008 10:35:42 -0600 > From: Steve Cayford > Subject: Re: [tclug-list] Open standards for government documents > To: TCLUG > Message-ID: <47A9E1DE.2020302 at freeshell.org> > Content-Type: text/plain; charset=UTF-8; format=flowed > > Tony Yarusso wrote: > > [...] > > I was wondering if anyone else had similar resolutions brought up in > > their precinct, and if so, what was the result? The only concern raised > > against mine was wondering what the potential cost would be, although I > > think we have a solid argument there in that it would cost essentially > > nothing to implement open formats in a forward-only manner, and the real > > cost only comes in with retroactively converting existing documents (and > > the prioritization of my resolution was worded accordingly), and > > regardless would be far less than the cost of trying to recover data > > after a vendor went bankrupt, changed its terms, or any other similar > > drastic blocking event to current documents. > > [...] > > Our precinct did not have time to go through all the resolutions and they > had to be passed along to the senate district conference en masse. So I > don't know what all the resolutions contained. I should have included a > resolution like that myself, but didn't think of it. > > As far as the cost... won't the older documents have to be converted to > something else at some point anyway? It seems like converting to an open > format could actually be cheaper than converting to Microsoft's next > document format. > > -Steve > > > > ------------------------------ > > Message: 7 > Date: Wed, 06 Feb 2008 10:55:22 -0600 > From: "Troy.A Johnson" > Subject: Re: [tclug-list] Open standards for government documents > To: "Tony Yarusso" , "Brian D. Ropers-Huilman" > > Cc: ubuntu-us-mn at lists.ubuntu.com, tclug-list at mn-linux.org > Message-ID: <47A99218.9048.009E.0 at health.state.mn.us> > Content-Type: text/plain; charset=US-ASCII > > >>> On 2/6/2008 at 6:52 AM, in message > , "Brian D. > Ropers-Huilman" wrote: > > On Feb 6, 2008 12:26 AM, Tony Yarusso wrote: > >> As noted on my blog, I attended my caucus tonight, and decided to present a > >> resolution for mandating the use of ISO-approved open standards for all new > >> government documents and all being newly converted to electronic form, > >> I was wondering if anyone else had similar resolutions brought up in their > >> precinct, and if so, what was the result? The only concern raised against > >> mine was wondering what the potential cost would be, although I think we > >> have a solid argument there in that it would cost essentially nothing to > >> implement open formats in a forward-only manner, and the real cost only > >> comes in with retroactively converting existing documents > ... > > Having said that, however, we need to be careful when we talk about > > costs. There certainly will be a cost involved in such a conversion, > > not in the cost of the format or of the software to produce documents > > in that format, but in terms of training. Like it or not, there are > > differences in the applications that support open formats and those > > that don't and those differences will have to be trained before users > > are fully accepting of the new applications and their new formats. > > Keep in mind, however, that though some might not need training > for new versions of Microsoft Office, many do. And that training costs > are not limited to initial product roll out. There are many factors to be > considered: > > - Initial and ongoing end user training > - Upgrades and patching > - Buying, managing, and tracking licenses > - Researching, interpreting, and compensating for changing licensing terms > - Negotiating pricing at time of purchase > > All of these take time and should be weighed on the cost side, > and I think there may be more. There are some of the same costs > for OpenOffice or similar products, but the purchasing and licensing > issues go out the window. > > It gets even more expensive if you want to convert documents, > for whatever reason. Unannounced, undercover document > conversion projects occur with almost every new version of > Microsoft Office. They show up in higher numbers of Microsoft > Office related trouble tickets, if nowhere else. > > > > > > > > > ------------------------------ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > End of tclug-list Digest, Vol 38, Issue 6 > ***************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080207/b81b76c9/attachment-0001.htm From johntrammell at gmail.com Thu Feb 7 08:58:42 2008 From: johntrammell at gmail.com (John J. Trammell) Date: Thu, 7 Feb 2008 08:58:42 -0600 Subject: [tclug-list] ATI Radeon video card in Ubuntu 7.10 In-Reply-To: <1202388201.10652.2.camel@patty> References: <1202388201.10652.2.camel@patty> Message-ID: <68dbb6fe0802070658w2ccc5c64ufd7e5ee91bf6d5b3@mail.gmail.com> On Feb 7, 2008 6:43 AM, Danny wrote: > Can anyone out there tell me how to configure a Radeon 1950Pro video card > to work with special effects? > I would appreciate it. > First you must perform 4 hours of community service for not trimming your post. I mean, the *lights dimmed* when I got that email. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080207/0bc53fc5/attachment.htm From erikerik at gmail.com Thu Feb 7 10:19:53 2008 From: erikerik at gmail.com (Erik Anderson) Date: Thu, 7 Feb 2008 10:19:53 -0600 Subject: [tclug-list] ATI Radeon video card in Ubuntu 7.10 In-Reply-To: <68dbb6fe0802070658w2ccc5c64ufd7e5ee91bf6d5b3@mail.gmail.com> References: <1202388201.10652.2.camel@patty> <68dbb6fe0802070658w2ccc5c64ufd7e5ee91bf6d5b3@mail.gmail.com> Message-ID: On Feb 7, 2008 8:58 AM, John J. Trammell wrote: > > First you must perform 4 hours of community service for not trimming your > post. I mean, the lights dimmed when I got that email. So *that's* what that was! I was wondering... -- Erik Anderson http://andersonfam.org From bdunnette at gmail.com Thu Feb 7 12:25:39 2008 From: bdunnette at gmail.com (Brian Dunnette) Date: Thu, 7 Feb 2008 12:25:39 -0600 Subject: [tclug-list] ATI Radeon video card in Ubuntu 7.10 In-Reply-To: <1202388201.10652.2.camel@patty> References: <1202388201.10652.2.camel@patty> Message-ID: > > Can anyone out there tell me how to configure a Radeon 1950Pro video card > to work with special effects? > I would appreciate it. > Danny > > > Looks like the "Envy" app might be your best bet for finding & installing the appropriate drivers: http://albertomilone.com/nvidia_scripts1.html Again, both Google and the delete key (as John mentioned) are your friends -- let us know if you're still unable to get acceleration for the Radeon! -Brian D. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080207/d24977f5/attachment.htm From c.r.troyer at usfamily.net Thu Feb 7 21:49:00 2008 From: c.r.troyer at usfamily.net (Cyprian Troyer) Date: Thu, 07 Feb 2008 21:49:00 -0600 (CST) Subject: [tclug-list] Slackware 12.0 and wireless networking Message-ID: <47ABD112.6010102@usfamily.net> Anyone have any success yet with a Slackware 12.0 installation talking to a wireless card? I'm trying to get a Trendnet TEW-423PI with a Realtek 8185 chipset working. I downloaded the Linux drivers from Realtek's website, and they seem to be doing what they should. I have tried both the manual method described in Realtek's readme file, and the Slackware method - loading everything through the rc. scripts (took some editing to eliminate all the error messages). Either way I can use iwlist to scan the card, and the results look good - the ap adresses are correct, the ESSID comes back correct, the protocol is identified correctly... But the Quality and Signal level are always reported as zero. I know that the signal strength is better than that, because when I boot the Windoze side of the machine, it reports a signal strength of 85% and I can connect to the router without problem. (It's a Belkin 54 g WIFI router). Any guidance is appreciated. --- http://USFamily.Net/dialup.html - $8.25/mo! -- http://www.usfamily.net/dsl.html - $19.99/mo! --- From tclug at b-o-b.homelinux.com Thu Feb 7 22:34:50 2008 From: tclug at b-o-b.homelinux.com (Robert De Mars) Date: Thu, 07 Feb 2008 22:34:50 -0600 Subject: [tclug-list] Slackware 12.0 and wireless networking In-Reply-To: <47ABD112.6010102@usfamily.net> References: <47ABD112.6010102@usfamily.net> Message-ID: <47ABDBEA.4060802@b-o-b.homelinux.com> Cyprian Troyer wrote: > Anyone have any success yet with a Slackware 12.0 installation talking > to a wireless card? Yes > I'm trying to get a Trendnet TEW-423PI with a > Realtek 8185 chipset working. I downloaded the Linux drivers from > Realtek's website, and they seem to be doing what they should. I have > tried both the manual method described in Realtek's readme file, and the > Slackware method - loading everything through the rc. scripts (took some > editing to eliminate all the error messages). Either way I can use > iwlist to scan the card, and the results look good - the ap adresses > are correct, the ESSID comes back correct, the protocol is identified > correctly... But the Quality and Signal level are always reported as zero. > I know that the signal strength is better than that, because when I > boot the Windoze side of the machine, it reports a signal strength of > 85% and I can connect to the router without problem. (It's a Belkin 54 g > WIFI router). > Any guidance is appreciated. I had a similar problem. I ended up using ndiswrapper with the windows drivers that came with the card. I took notes on how I was able to get it working, but they are at home (where I am not at the moment). I ended up using ndiswrapper with the windows driver that came with my card. The setup was pretty easy as I remember. I then used iwconfig to config the interface. I then added a start up script to rc.local & a shutdown script to rc.local_shutdown. If this email dose not help lead you in the right direction, let me know. I will send you my notes when I get home. Good Luck! Bob De Mars > > > --- http://USFamily.Net/dialup.html - $8.25/mo! -- http://www.usfamily.net/dsl.html - $19.99/mo! --- > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list From chewie at wookimus.net Wed Feb 13 17:15:29 2008 From: chewie at wookimus.net (Chad Walstrom) Date: Wed, 13 Feb 2008 17:15:29 -0600 Subject: [tclug-list] Perl question: Signals and system calls Message-ID: <3641.1202944529@skuld.wookimus.net> O.K. I'm tired of writing BASH scripts. I've decided to jump wholesale into Perl as any good Systems Engineer should, right? I'm running into a bit of a problem: signal handling. Let's say I want to run system application SYSAPP_A once for each element in LIST_A, and if that were to fail, run SYSAPP_B for that element. If I don't trap for signals, and I try to interrupt the Perl script with CTRL-C (SIGINT), it kills either SYSAPP_A or SYSAPP_B and then continues on looping over LIST_A elements. What I want is for the Perl script to die unconditionally. So, I try this: $SIG{INT} = sub { die "Um, I'm outta here!\n"; }; This kind of works, but if I hit CTRL-C during SYSAPP_A's run, it fails and SYSAPP_B tries to execute. SYSAPP_A and SYSAPP_B are each called with the "system" built-in. What do I need to do to make sure the script dies unconditionally when any child also receives an interrupt? Chad From troy.johnson at health.state.mn.us Wed Feb 13 17:56:19 2008 From: troy.johnson at health.state.mn.us (Troy.A Johnson) Date: Wed, 13 Feb 2008 17:56:19 -0600 Subject: [tclug-list] Perl question: Signals and system calls In-Reply-To: <3641.1202944529@skuld.wookimus.net> References: <3641.1202944529@skuld.wookimus.net> Message-ID: <47B32F41.9048.009E.0@health.state.mn.us> >>> On 2/13/2008 at 5:15 PM, in message <3641.1202944529 at skuld.wookimus.net>, Chad Walstrom wrote: > O.K. I'm tired of writing BASH scripts. I've decided to jump wholesale > into Perl as any good Systems Engineer should, right? I'm running into > a bit of a problem: signal handling. > Let's say I want to run system application SYSAPP_A once for each > element in LIST_A, and if that were to fail, run SYSAPP_B for that > element. If I don't trap for signals, and I try to interrupt the Perl > script with CTRL-C (SIGINT), it kills either SYSAPP_A or SYSAPP_B and > then continues on looping over LIST_A elements. > What I want is for the Perl script to die unconditionally. So, I try this: > $SIG{INT} = sub { die "Um, I'm outta here!\n"; }; > This kind of works, but if I hit CTRL-C during SYSAPP_A's run, it fails > and SYSAPP_B tries to execute. SYSAPP_A and SYSAPP_B are each called > with the "system" built-in. > What do I need to do to make sure the script dies unconditionally when > any child also receives an interrupt? Chad, Check the return value of 'system' and 'die' if it is not zero, if that works. If that won't work for you, you could check the output of commands by using backticks ($value = `SYSAPP_A`;) instead of using 'system'. Maybe you can use $SIG{CHLD} for something? Use 'perldoc perlvar', 'perldoc perlipc', 'perldoc -f system', 'perldoc -f die', and especially 'perldoc perldoc' to your advantage. Best of luck, Troy From florin at iucha.net Wed Feb 13 18:02:06 2008 From: florin at iucha.net (Florin Iucha) Date: Wed, 13 Feb 2008 18:02:06 -0600 Subject: [tclug-list] Perl question: Signals and system calls In-Reply-To: <3641.1202944529@skuld.wookimus.net> References: <3641.1202944529@skuld.wookimus.net> Message-ID: <20080214000205.GA3247@iris.iucha.org> On Wed, Feb 13, 2008 at 05:15:29PM -0600, Chad Walstrom wrote: > O.K. I'm tired of writing BASH scripts. I've decided to jump wholesale > into Perl as any good Systems Engineer should, right? I'm running into > a bit of a problem: signal handling. > > Let's say I want to run system application SYSAPP_A once for each > element in LIST_A, and if that were to fail, run SYSAPP_B for that > element. If I don't trap for signals, and I try to interrupt the Perl > script with CTRL-C (SIGINT), it kills either SYSAPP_A or SYSAPP_B and > then continues on looping over LIST_A elements. > > What I want is for the Perl script to die unconditionally. So, I try this: > > $SIG{INT} = sub { die "Um, I'm outta here!\n"; }; > > This kind of works, but if I hit CTRL-C during SYSAPP_A's run, it fails > and SYSAPP_B tries to execute. SYSAPP_A and SYSAPP_B are each called > with the "system" built-in. > > What do I need to do to make sure the script dies unconditionally when > any child also receives an interrupt? I'm a bit rusty on the signals and I don't have the Stevens[1] handy but I think you want trap SIGCHLD in the main process and handle the expiration of the child in an appropriate manner. Here's what 10 secs of Googling brought up: http://www.unix.org.ua/orelly/perl/cookbook/ch16_20.htm Cheers, florin 1: http://www.kohala.com/start/apue.html -- Bruce Schneier expects the Spanish Inquisition. http://geekz.co.uk/schneierfacts/fact/163 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080213/9749238c/attachment.pgp From chewie at wookimus.net Thu Feb 14 10:00:56 2008 From: chewie at wookimus.net (Chad Walstrom) Date: Thu, 14 Feb 2008 10:00:56 -0600 Subject: [tclug-list] Perl question: Signals and system calls In-Reply-To: <20080214000205.GA3247@iris.iucha.org> References: <3641.1202944529@skuld.wookimus.net> <20080214000205.GA3247@iris.iucha.org> Message-ID: <7012.1203004856@skuld.wookimus.net> Thanks for the link, Florin. I notice that it's a Ukranian site where Coprights aren't really honored. ;-) I did have a copy lying around that I hadn't yet cracked open, but just found this gem[1]: The system function (but not backticks) ignores SIGINT and SIGQUIT while child processes are running. That way those signals will kill only the child process. If you want your main program to die as well, check the return value of system, or the value of the $? variable. if (($signo = system(@arglist)) &= 127) { die "program killed by signal $signo\n"; } To get the effect of a system that ignores SIGINT, install your own signal handler and then manually fork and exec: if ($pid = fork) { # parent catches INT and berates user local $SIG{INT} = sub { print "Tsk tsk, no process interruptus\n" }; waitpid($pid, 0); } else { die "cannot fork: $!" unless defined $pid; # child ignores INT and does its thing $SIG{INT} = "IGNORE"; exec("summarize", "/etc/logfiles") or die "Can't exec: $!\n"; } 1. Christiansen, T. and Torkington, N., ``Perl Cookbook'', 1999. O'Reilly & Associates, Inc. http://safari.oreilly.com/1565922433 From admin at lctn.org Thu Feb 14 13:51:29 2008 From: admin at lctn.org (Raymond Norton) Date: Thu, 14 Feb 2008 13:51:29 -0600 Subject: [tclug-list] keyspan usb serial converter Message-ID: <47B49BC1.4030205@lctn.org> Does anyone know if it is still required to rebuild the kernel in Ubuntu 1.7.10, in order to utilize a Keyspan usa-19qw adapter? I can see it using lsusb: Bus 001 Device 005: ID 06cd:0118 Keyspan USA-19QW PDA Bus 001 Device 001: ID 0000:0000 Bus 002 Device 001: ID 0000:0000 From erikerik at gmail.com Thu Feb 14 14:05:07 2008 From: erikerik at gmail.com (Erik Anderson) Date: Thu, 14 Feb 2008 14:05:07 -0600 Subject: [tclug-list] keyspan usb serial converter In-Reply-To: <47B49BC1.4030205@lctn.org> References: <47B49BC1.4030205@lctn.org> Message-ID: On Thu, Feb 14, 2008 at 1:51 PM, Raymond Norton wrote: > Does anyone know if it is still required to rebuild the kernel in Ubuntu > 1.7.10, in order to utilize a Keyspan usa-19qw adapter? I can see it > using lsusb: What does dmesg show after plugging in the device? I'd guess that Ubuntu already has the needed module(s) for this. From admin at lctn.org Thu Feb 14 14:22:38 2008 From: admin at lctn.org (admin at lctn.org) Date: Thu, 14 Feb 2008 14:22:38 -0600 (CST) Subject: [tclug-list] keyspan usb serial converter In-Reply-To: References: <47B49BC1.4030205@lctn.org> Message-ID: <49688.10.10.1.1.1203020558.squirrel@lctn.org> > What does dmesg show after plugging in the device? I'd guess that > Ubuntu already has the needed module(s) for this. > It shows the following: [10271.604000] usb 1-1: new full speed USB device using uhci_hcd and address 6 [10271.752000] usb 1-1: configuration #1 chosen from 1 choice It does not light up though, so I checked the keyspan site, and they had documentation that indicated Ubuntu/Debian did not incorporate the driver in the kernel. I wasn't sure if it was up to date info. From tonyyarusso at gmail.com Thu Feb 14 19:59:19 2008 From: tonyyarusso at gmail.com (Tony Yarusso) Date: Thu, 14 Feb 2008 19:59:19 -0600 Subject: [tclug-list] keyspan usb serial converter In-Reply-To: <49688.10.10.1.1.1203020558.squirrel@lctn.org> References: <47B49BC1.4030205@lctn.org> <49688.10.10.1.1.1203020558.squirrel@lctn.org> Message-ID: <254fef0f0802141759g1059deb5rbdd7635e54c0d626@mail.gmail.com> On Thu, Feb 14, 2008 at 2:22 PM, wrote: > > > What does dmesg show after plugging in the device? I'd guess that > > Ubuntu already has the needed module(s) for this. > > > > > It shows the following: > > [10271.604000] usb 1-1: new full speed USB device using uhci_hcd and > address 6 > [10271.752000] usb 1-1: configuration #1 chosen from 1 choice > > > It does not light up though, so I checked the keyspan site, and they had > documentation that indicated Ubuntu/Debian did not incorporate the driver > in the kernel. I wasn't sure if it was up to date info. > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > I have a Keyspan USA-19HS, and its drivers are included. They were not in 7.04, but I talked to some of the kernel guys and I think after reviewing some licensing stuff they were able to put them in the restricted modules bit, and it is now working in 7.10. -- Tony Yarusso http://tonyyarusso.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080214/25b69b7a/attachment.htm From josh at radkeland.org Fri Feb 15 14:11:27 2008 From: josh at radkeland.org (Joshua Radke) Date: Fri, 15 Feb 2008 14:11:27 -0600 Subject: [tclug-list] USB Bus Resets Message-ID: <47B5F1EF.3050407@radkeland.org> Ok, this one has really gotten me, and google hasn't bailed me out yet, so I was hoping someone on the list could. Some relevant system Info are an Athlon XP 1800+, nForce2 chipset motherboard, RT2561(?) wireless card, 40 GB internal (IDE) disk, and 500GB External Western Digital MyBook USB drive, running MythBuntu 7.10. The kernel is 2.6.22-14-generic #1 SMP Tue Dec 18 08:02:57 UTC 2007 i686 GNU/Linux. Note that I (until recently) had the same setup/problems with a Fedora 7/MythTV setup (on the same computer). Relevant portion of /var/log/messages: Feb 15 12:23:21 venus kernel: [23306.544344] usb 3-6: USB disconnect, address 3 Feb 15 12:23:25 venus kernel: [23310.022118] lost page write due to I/O error on dm-0 Feb 15 12:23:33 venus kernel: [23318.120350] usb 3-6: new high speed USB device using ehci_hcd and address 4 Feb 15 12:23:33 venus kernel: [23318.254619] usb 3-6: configuration #1 chosen from 1 choice Feb 15 12:23:33 venus kernel: [23318.255811] scsi1 : SCSI emulation for USB Mass Storage devices Feb 15 12:23:36 venus kernel: [23321.068823] printk: 475 messages suppressed. Feb 15 12:23:36 venus kernel: [23321.068831] lost page write due to I/O error on dm-0 Feb 15 12:23:36 venus kernel: [23321.068842] lost page write due to I/O error on dm-0 Feb 15 12:23:38 venus kernel: [23323.251000] scsi 1:0:0:0: Direct-Access WD 5000AAK External 1.06 PQ: 0 ANSI: 0 Feb 15 12:23:38 venus kernel: [23323.253219] sd 1:0:0:0: [sdb] 976773168 512-byte hardware sectors (500108 MB) Feb 15 12:23:38 venus kernel: [23323.253842] sd 1:0:0:0: [sdb] Write Protect is off Feb 15 12:23:38 venus kernel: [23323.256121] sd 1:0:0:0: [sdb] 976773168 512-byte hardware sectors (500108 MB) Feb 15 12:23:38 venus kernel: [23323.256836] sd 1:0:0:0: [sdb] Write Protect is off Feb 15 12:23:38 venus kernel: [23323.256849] sdb: sdb1 Feb 15 12:23:38 venus kernel: [23323.258946] sd 1:0:0:0: [sdb] Attached SCSI disk Feb 15 12:23:38 venus kernel: [23323.259003] sd 1:0:0:0: Attached scsi generic sg0 type 0 ... and a few minutes later the wife (at home) patiently reboots the computer, and wonders why I got her hooked on this silly machine. This issue is that the USB bus resets, and when the external disk is on an LVM2 volume, the dm entry is not removed. When the USB disk comes back online, it gets another /dev/sd? entry, and cannot be accessed until we've done some cleanup, as in (as root, of course): /etc/init.d/myth-backend stop umount /storage dmsetup delete vgscan lvscan vgchange -ay mount /storage /etc/init.d/myth-backend start Phew! Now ... I've considered adding this as a script to a /etc/udev/rules.d/10-local.rules file (to match the serial number of the disk, for example), but this is not a solution, only a way to let my wife only notice the issues minimally (though it would have the side effect of chopping up recordings into pieces with the backend restarts).. Note that the previous Fedora setup had the storage partition on a primary partition (not LVM), so the USB drive would (upon reconnect) end up with the same letter, and reading/writing from myth-backend would simply resume after a pause. Some other things I've tried: boot the kernel with acpi=off (no noticable difference) Add the following to /etc/udev/rules.d/10-local.rules SYSFS{serial}=="574341533830343230313137",RUN+="/bin/sh -c '/bin/echo 64 > /sys/block/%k/device/max_sectors'" Some of these were suggested in (https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.20/+bug/61235) Picking through sdparm -al /dev/sda shows '0' for IDLE and STANDBY entries. Note that the problem appeared to be much more pronounced (resetting every 10's of minutes instead of one to three times per day) when I had the PCI bus underclocked in the BIOS ... I have since gotten a better cooling solution, and no longer need to do that for stability. Finally, downgrading the usb to 1.1 (modprobe -r ehci_hcd) appeared to solve the USB resets, but there was not quite enough bandwidth left to both play and record to the disk. (Playback would skip every couple of seconds ... the kids didn't care, but it'd drive my wife and I nuts!). Any hints? Thanks, Josh From jpschewe at mtu.net Sun Feb 17 11:25:53 2008 From: jpschewe at mtu.net (Jon Schewe) Date: Sun, 17 Feb 2008 11:25:53 -0600 Subject: [tclug-list] Wireless problem Message-ID: <47B86E21.9050905@mtu.net> I've got an Intel 3645 A/B/G card in my laptop and it works fine in Windows, however not so good in Linux. I can connect to a network and send packets, but I don't receive any packets. If I watch the output of ifconfig I can see the RX packets dropped count increasing. I have a sniffer on my wireless access point (OpenBSD) and don't see the packets getting through either. Does anyone have any ideas on this? I'm running openSUSE 10.3 and using the stock drivers that ship with it. -- Jon Schewe | http://mtu.net/~jpschewe If you see an attachment named signature.asc, this is my digital signature. See http://www.gnupg.org for more information. For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39 From jack at jacku.com Sun Feb 17 22:39:46 2008 From: jack at jacku.com (Jack Ungerleider) Date: Sun, 17 Feb 2008 22:39:46 -0600 Subject: [tclug-list] Wireless problem In-Reply-To: <47B86E21.9050905@mtu.net> References: <47B86E21.9050905@mtu.net> Message-ID: <200802172239.46831.jack@jacku.com> On Sunday 17 February 2008 11:25 am, Jon Schewe wrote: > I've got an Intel 3645 A/B/G card in my laptop and it works fine in > Windows, however not so good in Linux. I can connect to a network and > send packets, but I don't receive any packets. If I watch the output of > ifconfig I can see the RX packets dropped count increasing. I have a > sniffer on my wireless access point (OpenBSD) and don't see the packets > getting through either. Does anyone have any ideas on this? > > I'm running openSUSE 10.3 and using the stock drivers that ship with it. There's a firmware shim package that might not get load by default. If its not there then the wireless won't connect correctly. -- Jack Ungerleider jack at jacku.com http://www.jacku.com From goeko at Goecke-Dolan.com Mon Feb 18 01:06:45 2008 From: goeko at Goecke-Dolan.com (Brian Dolan-Goecke) Date: Mon, 18 Feb 2008 01:06:45 -0600 Subject: [tclug-list] Audacity on Linux - Topic @PenguinsUnbound Linux Meeting Feb 23, 2008 Message-ID: <47B92E85.3060103@Goecke-Dolan.com> This months PenguinsUnbound.net meeting will be Saturday February 23, 2008 at TIES, 1667 Snelling Ave. N., St. Paul, MN 55108 from 10:00 to 12:00. (See the web site http://www.penguinsunbound.com/Location_for_Meetings for directions and more info.) We will be looking at and working with Audacity. My brief outline for the meeting, Getting Started Installing Audacity Starting Audacity Opening a file New projects Working with file Cutting file up Converting formats Creating a Ring Tone Please come and share your knowledge of Audacity! http://www.penguinsunbound.com/Future_Meetings/20080223_-_Audacity Thanks, hope to see you there. ==>brian. From daniel.armbrust.list at gmail.com Tue Feb 19 09:52:53 2008 From: daniel.armbrust.list at gmail.com (Dan Armbrust) Date: Tue, 19 Feb 2008 09:52:53 -0600 Subject: [tclug-list] How to find the width of a console? Message-ID: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> I have a program that is writing info out to the console - and I need to know where to wrap the lines. How does one go about finding the width of a console on linux? Or (shudder) on windows? I've discovered that on linux, at the command prompt, I can do "echo $COLUMNS", and it gives me the number that I want, but this variable doesn't seem to be exported. It doesn't appear in my env - and consequently, I haven't figured out a way to get at it from a program that I launch on the console. And I haven't yet found anything on windows that would tell me the current console width. Does anyone know offhand? I'm having a lot of difficulty crafting a useful google query for this one. Thanks, Dan From florin at iucha.net Tue Feb 19 11:03:52 2008 From: florin at iucha.net (Florin Iucha) Date: Tue, 19 Feb 2008 11:03:52 -0600 Subject: [tclug-list] How to find the width of a console? In-Reply-To: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> References: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> Message-ID: <20080219170352.GO3247@iris.iucha.org> On Tue, Feb 19, 2008 at 09:52:53AM -0600, Dan Armbrust wrote: > I have a program that is writing info out to the console - and I need > to know where to wrap the lines. > > How does one go about finding the width of a console on linux? Or > (shudder) on windows? //--- cut here --- cut here --- cut here --- cut here --- cut here --- /* * Compile me like this: * "cc -lncurses screen_size.c" */ #include int main(void) { int bx, by, mx, my; initscr(); getbegyx(stdscr, by, bx); getmaxyx(stdscr, my, mx); endwin(); printf("%d rows and %d columns\n", mx - bx, my - by); return 0; } //--- cut here --- cut here --- cut here --- cut here --- cut here --- There is curses for windows, too. Cheers, florin -- Bruce Schneier expects the Spanish Inquisition. http://geekz.co.uk/schneierfacts/fact/163 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080219/025b533b/attachment.pgp From jima at beer.tclug.org Tue Feb 19 11:18:05 2008 From: jima at beer.tclug.org (Jima) Date: Tue, 19 Feb 2008 11:18:05 -0600 (CST) Subject: [tclug-list] How to find the width of a console? In-Reply-To: <20080219170352.GO3247@iris.iucha.org> References: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> <20080219170352.GO3247@iris.iucha.org> Message-ID: On Tue, 19 Feb 2008, Florin Iucha wrote: > There is curses for windows, too. There are lots of curses for Windows. Some might even call Windows a curse, itself. Jima From klieber at gentoo.org Tue Feb 19 10:36:59 2008 From: klieber at gentoo.org (Kurt Lieber) Date: Tue, 19 Feb 2008 10:36:59 -0600 Subject: [tclug-list] How to find the width of a console? In-Reply-To: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> References: <82f04dc40802190752k17ab4bc0m3e04a9e72d91f035@mail.gmail.com> Message-ID: <82d43d110802190836g59560520xbb7b7432a16c8caa@mail.gmail.com> On 2/19/08, Dan Armbrust wrote: > > How does one go about finding the width of a console on linux? Or > (shudder) on windows? Here's a python snippet that might help for windows, plus some code in the comments that might apply