users June 2017

users@lists.stg.fedoraproject.org

104 participants
95 discussions

Fedora 25 dnf poops on glibc
by Bill Shirley 22 Jun '17

22 Jun '17

On 2017-06-20 I did a 'dnf update' on my server. The update threw some errors and when I did a 'reboot' with the new kernel (vmlinuz-4.11.5-200.fc25.x86_64) it failed without giving me a command prompt. So, I booted my previous kernel (4.10.17-200.fc25.x86_64). I got a login prompt and logged in. Most commands crashed and sent be back to the login prompt. I was able to look in /var/log/messages and find: Jun 20 09:16:10 yoda kernel: traps: cpp[2655] trap invalid opcode ip:7f08a64762a4 sp:7ffd14da8df0 error:0 Jun 20 09:16:10 yoda kernel: in libc-2.24.so[7f08a6443000+1bd000] and: Jun 20 09:16:28 yoda kernel: traps: groupadd[2707] trap invalid opcode ip:7fe7cf40b2a4 sp:7ffdca8072f0 error:0 Jun 20 09:16:28 yoda kernel: in libc-2.24.so[7fe7cf3d8000+1bd000] lots of the above errors. I couldn't even start the network. Here is what I did to fix it: # USB stick is Fedora 25 Server install # # unplug 2nd drive of mirror then boot usb stick # at first install screen, get to console command prompt: # (alt is the LEFT alt key) ctrl+alt+F2 <-- might be F3, don't remember # assemble raid with only one disk, this is / mdadm -A -R /dev/md2 /dev/sda2 mkdir /mnt/ROOT mount /dev/md2 /mnt/ROOT # symlink to repros directory ln -s /mnt/ROOT/etc/yum.repos.d /etc/yum.repos.d dnf --config=/mnt/ROOT/etc/dnf/dnf.conf --installroot=/mnt/ROOT reinstall glibc\* cpp\* #reboot without usb stick #if above reboot works, reboot with both raid drives and sync them: mdadm /dev/md2 --re-add /dev/sdb2 If you don't have RAID, skip those parts. You'll need to know which partition is your / I don't have a /boot partition so there was no need to mount that. I broke the raid mirror so that if this didn't work, I would have a known place to go back to and try something else. All is well now. I'm just putting this out there in hope that it will help someone. Bill PS. Note that the newest kernel (vmlinuz-4.11.5-200.fc25.x86_64) still does not boot to a login or command prompt.

1 0

Firefox launches at max constantly
by Lawrence E Graves 22 Jun '17

22 Jun '17

Is there anyone experiencing this problem. I am running Fedora 26 Beta and every time I launch firefox, it launches full screen. Is there a way to stop this or is this a new feature I have to live with. Please advise. -- All things are workable but don't all things work. Prov. 3:5 & 6

3 4

remote ssh awk!
by bruce 22 Jun '17

22 Jun '17

Hey... Curious as to how to get the following to work remotely over SSH. The cmd is used to remove redundant lines, while maintaining order in the output file. The following works if I insert it in the remote term. cat /dog/aaa.dat | awk '!a[$0]++' > /dog/aaa.dat_tmp However I'm unable to get the cmd to work via SSH from the local to the remote. I've tried the following... ssh crawl_user(a)67.205.11.111 cat /dog/aaa.dat | awk '!a[$0]++' > /dog/aaa.dat_tmp ssh crawl_user(a)67.205.11.111 ' cat /dog/aaa.dat | awk '!a[$0]++' > /dog/aaa.dat_tmp ' ssh crawl_user(a)67.205.11.111 " cat /dog/aaa.dat | awk '!a[$0]++' > /dog/aaa.dat_tmp " ssh crawl_user(a)67.205.11.111 ' cat /dog/aaa.dat | awk '\!a[$0]++' > /dog/aaa.dat_tmp ' ssh crawl_user(a)67.205.11.111 " cat /dog/aaa.dat | awk '\!a[$0]++' > /dog/aaa.dat_tmp " ssh crawl_user(a)67.205.11.111 ' cat /dog/aaa.dat | awk '"\!"a[$0]++' > /dog/aaa.dat_tmp ' ssh crawl_user(a)67.205.11.111 " cat /dog/aaa.dat | awk '"\!"a[$0]++' > /dog/aaa.dat_tmp " In some cases, the cmd returns -- bash: !a[$0]++: event not found In the case ssh crawl_user(a)67.205.11.111 " cat /dog/aaa.dat | awk '\!a[$0]++' > /dog/aaa.dat_tmp " the return is: awk: \!a[bash]++ awk: ^ backslash not last character on line The escapsed cmds seem to work, but in reality, only generates the 1st line in the file! ssh crawl_user(a)67.205.11.111 " cat /dog/aaa.dat | awk '"\!"a[$0]++' > /dog/aaa.dat_tmp " Thoughts/comments??? Thanks

5 4

gtk warning
by François Patte 21 Jun '17

21 Jun '17

Bonjour, Every time I launch evince, I get this gtk warning: (evince:3823): Gtk-WARNING **: Allocating size to EvSidebar 0x562ac0fa7520 without calling gtk_widget_get_preferred_width/height(). How does the code know the size to allocate? and for emacs, this one: (emacs:4011): Gtk-WARNING **: gtk_window_parse_geometry() called on a window with no visible children; the window should be set up before gtk_window_parse_geometry() is called. What do they mean and how to get rid of them? Thank you. -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)6 7892 5822 http://www.math-info.univ-paris5.fr/~patt

4 5

Fw: Stack clash and Fedora, new kernel vulnerability, from kernel list
by stan 21 Jun '17

21 Jun '17

I haven't seen anyone else post about this, so this message is forwarded from the kernel list, about a new kernel vulnerability. The vulnerability is severe as it leads to root authority, but so far only local logins have been demonstrated to have the ability to exploit it. So, for most Fedora users, it means they aren't at risk. I'm running the kernel with the fix, and it is working fine so far. The link explains the risk, it has to do with the interaction between user stacks and kernel stacks, and one gaining access to the other with bad things happening thereafter. Begin forwarded message: Date: Mon, 19 Jun 2017 16:30:28 -0700 From: Laura Abbott <labbott(a)redhat.com> To: Kernel Fedora <kernel(a)lists.fedoraproject.org> Subject: Stack clash and Fedora Hi, If you haven't seen it, a new kernel vulnerability was announced https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Updates have been filed in bodhi with the fix https://bodhi.fedoraproject.org/updates/FEDORA-2017-1225995344 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b93e6de389 https://bodhi.fedoraproject.org/updates/FEDORA-2017-79f099cbba Please test and leave karma if this update works for you. This is especially important for F24 which has seen a falloff in karma recently. Thanks, Laura

4 13

cannot ssh to localhost: Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
by Frédéric Bron 20 Jun '17

20 Jun '17

I have installed the sshd service but cannot do ssh localhost because I get the following error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic). Same error from another computer targeting this one. The strange thing is that I have exactly the same sshd_config file and .ssh directory (with all file permissions 600, copied id_rsa.pub into authorized_keys...) on another machine with the same F25 and it works. sshd_config is: HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key SyslogFacility AUTHPRIV PermitRootLogin no PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials no UsePAM yes X11Forwarding yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS Subsystem sftp /usr/libexec/openssh/sftp-server I tried to compare the logs of ssh -vvv targetting the machine where it fails and targetting the machin where it works and here is where it becomes different on the machine where it fails: debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic). What was before is similar and can be found below. Frédéric ebug2: key: .ssh/id_rsa (0x55d3b2a1fa30), explicit, agent debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup gssapi-keyex debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-keyex debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug2: we did not send a packet, disable method debug3: authmethod_lookup gssapi-with-mic debug3: remaining preferred: publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-with-mic debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1000) debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1000) debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: KEYRING:persistent:1000) debug2: we did not send a packet, disable method debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: .ssh/id_rsa debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

6 16

Is default umask of 022 still reasonable for Fedora?
by stan 20 Jun '17

20 Jun '17

I recently became aware that the default umask for Fedora is 022 when it caused problems for me that I had a different umask. This seems like an anachronism, a relic of a kinder, gentler time, when the computing atmosphere was more collegiate. Is it really appropriate that new files be created for a user with permissions of rwxr-xr-x in today's security atmosphere? I set my umask to 077, so that no one can access anything. I'm interested in other people's opinions, especially those arguing in favor of continuing to have a umask of 022. Am I overlooking something?

7 14

Postfix bug ...
by Walter H. 19 Jun '17

19 Jun '17

Hello, Jun 19 20:18:01 fedorabox postfix/smtp[4723]: error: unsupported dictionary type: pcre what is this? header_checks tells this and I'm used to use pcre with postfix ... /etc/postfix/main.cf: smtp_header_checks = pcre:/etc/postfix/smtp_hdr_chks.pcre smtp_mime_header_checks = smtp_nested_header_checks = /etc/postfix/smtp_hdr_chks.pcre: # remove 'Precedence: bulk' /^precedence:[[:cntrl:][:space:]](.*)$/ IGNORE Thanks, Walter

2 1

Firefox
by Lawrence E Graves 19 Jun '17

19 Jun '17

Not able to control the maximize control on my firefox web browser. If I unmaximize the browser and close it out. When I log back on, it automatically goes to maximize. Can anybody help with this matter? Am I reporting to the list? -- All things are workable but don't all things work. Prov. 3:5 & 6

4 3

Video editing disaster
by Wade Hampton 19 Jun '17

19 Jun '17

I am trying out multiple video editors on Fedora, with very poor results and a ton of crashes. Anyone have recommendations on how to stablize one of these or can you recommend a video editor that just works (like kdenlive used to when I used it last a year ago)? I am having the same results on two Fedora 25, 64-bit systems, fully updated. The packages are from rpmfusion and on one of the two systems from unitedrpms. My main system is an older 6-core AMD with 8G of RAM so it should handle it. The files I am testing with are: JPG images from a DSLR Quicktime from my DSLR (MVI_xxx.MOV), Movie from my Android phone xxxxxxxxx.m2ts Movie from a DVD xxx.mpg Movie from a digital camcorder (Sony AVCHD): xxxx.MTS KDENLIVE: My goto editor was Kdenlive, but it won't open files. I keep getting "clip is invalid". The terminal outputs: mlt_repository_init: failed to dlopen /usr/lib64/mlt/libmltavformat.so (/lib64/libavdevice.so.57: symbol av_buffersink_get_sample_aspect_ratio, version LIBAVFILTER_6 not defined in file libavfilter.so.6 with link time reference) I think there is a lib miss-match. PITIVI: Pitivi is nice, but I can't keep it running. Multiple core dumps. OPENSHOT: I really love OpenShot. I tried the one from rpmfusion and it crashed all the time, for example when trying transitions. I also tried the latest version via AppImage: OpenShot-v2.3.3-x86_64.AppImage This seemed much more stable, but I could still crash it with transitions, adding an MP3 file for audio, etc. Anyone have a good, stable video editor or have suggestions on how to run one of these in a stable platform? Note, I am filing bug reports on many of these crashes.... Thanks, -- Wade Hampton

10 14

← Newer
1
2
3
4
5
6
7
8
9
10
Older →