Send tech-support questions, Tips, answers and article ideas to The Answer Gang <firstname.lastname@example.org>. Other mail (including questions or comments about the Gazette itself) should go to <email@example.com>. All material sent to either of these addresses will be considered for publication in the next issue. Please send answers to the original querent too, so that s/he can get the answer without waiting for the next issue.
Unanswered questions might appear here. Questions with answers--or answers only--appear in The Answer Gang, 2-Cent Tips, or here, depending on their content. There is no guarantee that questions will ever be answered, especially if not related to Linux.
Before asking a question, please check the Linux Gazette FAQ (for questions about the Gazette) or The Answer Gang Knowledge Base (for questions about Linux) to see if it has been answered there.
I would like to know how to set up my email on my home network with win98 outlook express and Linux.
I would like to set it up so that I can email anybody else in the house on the network and email via the internet when needed.
First, some recommendations for a video card (other than Nvidia) that works very well with Mesa and other standard OpenGL apps. I'm considering Ati Radeon, but would like to hear input from others.
Second, I have a TNT2 and run the Nvidia drivers and Nvidia GLX. I have had random success compiling OpenGL based programs in the past. Today, I learned that Nvidia's headers are not placed in /usr/include/GL so as not to override the defaults that are installed with your system. I'm not sure whether this was a recent addition to the Nvidia readme, or I just missed it all those times in the past. I run slack 8.0 and often create packages from the sources I compile to be used on other systems. If I switch to using the nvidia OpenGL headers will this cause problems with systems not running Nvidia GL?
Thanks for considering my issues.
Multiple translators offered one; I have selected Felipe's as being the most faithful to the original text.
Anyone who feels inclined to answer this, it's okay to answer in English, just copy our translator so the querent can get a copy in Spanish, and the Gazette so I can post the follow-up in a later issue.
Alternatively, FreeS/WAN has been growing in popularity, and anybody who has an interest in writing a "setting the FreeS/WAN VPN up from scratch" article, possibly even comparing the effort against other tries for your own VPN (virtual private network) setup. would surely earn a great many virtual beers.
Normally the gang razzes people who want us to do their homework for them. But the truth is that the most useful thing the Gazette has to say for this subject is that you can buy one from SuSE (News Bytes, issue 74). See our author guidelines if interested: http://www.linuxgazette.com/faq/author.html
les agradeceria mucho que la información fuera en español
Hola quiero realizar una trbajo para la materia de redes me pueden ayudar gracias como creo una vpn con dos pcs con suse linux 7.0 y freeswan 1.4 como configuro los archivos ipsec.conf e ipsec.secrets, ademas quiero ver si funciona la conexión haciendo ping y telnet con y sin cifrado de una pc ala otra y usando ehterreal como se si ese paquete esta cifrado o no
quiero hacerlo usando primero direccion fija y luego direccion dinamica
primero con direccion fija
la pc1 tiene la ip 188.8.131.52 y la pc2 la ip 184.108.40.206 y el gateway la ip 220.127.116.11 como configuro esto con freeswan.
segundo con direccion ip fija en la pc1 y dinamica en la pc2
la pc1 tiene la ip 18.104.22.168 y la pc2 la ip x.x.x.x y el gateway de la pc1 con la ip 22.214.171.124 como configuro esto con freeswan.
ESQUEMA DEL LABORATORIO A REALIZAR
COMO HAGO PARA CONFIGURAR ESTOS ESQUEMAS CON FREESWAN
ESQUEMA PARA LAS DIRECCIONES IP FIJAS
__________ |INTERNET| ---------- | | _______ |modem| ------- | | ______ |router| ip=126.96.36.199 ------ | | ________ | switch | ---------- / \ / \ pc1 pc2 ip=188.8.131.52 ip=184.108.40.206
ESQUEMA PARA LA DIRECCION IP FIJA DE LA PC1 Y DINAMICA PARA LA PC2
__________ |INTERNET| ---------- | \ | \ _______ PC2 |modem| IP=X.X.X.X ------- | | ______ |router| ip=220.127.116.11 ------ | | ________ | switch | ---------- / / pc1 ip=18.104.22.168
I am doing my homework for the "Networking" class, if you can help me I'd appreciate it.
How do I create a VPN with two PC's using Linux 7.0 and Freeswan 1.4 ?
How do I configure the files ipsec.conf and ipsec.secrets ? Besides, I want to find out if the connection works using ping and telnet with and without encryption from a PC to the other and, lastly; using Etherreal, how can I verify if a packet is or is not encrypted. ?
I want to do all this using first fixed IP addresses and later on dynamic IP addresses; let me show you the example with a fixed IP first:
PC1 has ip 22.214.171.124 and PC2 has ip 126.96.36.199, gateway has ip 188.8.131.52. How do I configure this with Freeswan ?
Second, with fixed IP on PC1 and PC2 has IP x.x.x.x, gateway remains the same with ip 184.108.40.206. How do I configure this with Freeswan ?
The LAB DIAGRAM to comply with is as follows: How do I make to configure all this with Freeswan ?:
DIAGRAM FOR FIZED IP ADDRESSES
[first diagram shown above]
DIAGRAM FOR FIZED IP ON PC1 and DYNAMIC IP ON PC2
[second diagram shown above]
In Issue76 [Heather] mused....
...a way to ask a program which libraries it is potential-linking as well as dynamic-linking to, ...
Paul Ahlquist answered with this basic Tip:
If your system lib's deity of choice is "ld", then "ldd" should answer the burning question.
Hmm, I guess I wasn't entirely clear what I was really asking:
dynamic-linking: as in not static, see 'ldd'. Binaries which are dynamically linked will fail if the library is not present. This is what almost every program on the planet does, because nobody wants to waste the memory space for extra copies of glibc, at least without a good reason.
potential-linking: as in "if this library is not present I won't shed a tear, but if it is I'd like to use GTK please", see ... ?
Such a binary would have to somehow check that the library was somewhere it had access to, then use dlopen() to request loading the one it found. 'strings' might reveal it, but I'm not sure how reliable it is for this, thus the question.
I suppose not very many people code potential-linking into their programs, so it's not the first thing that leaps to mind; still... since I mention "dynamic linking" in the same sentence as this other sort, one would have thought I meant something different?
Anybody know a reliable way to ask a program about the library-load requests it hopes to make? (as opposed to has to make)
But while I'm at it, another question: if anyone knows a reliable way to ask a binary which libraries it has been statically-linked to, that'd be nice too. 'strings' usually does reveal this, but... anyone know how reliable or complete it is?
Hi, dear Heather,
This is Clement from University of Virginia. I am working on a project involving serial port programming under linux. I am new in the linux world and don't quite know where to start.
I have read most of the Serial-HOWTO online but none gave me the information that I needed.
I came across the linuxgazette.com and saw your discussion on serial programming. I am wondering if you can give me some pointers here. Any help will be greatly appreciated.
Things that I am trying to do: I want to connect the 9DB RS232 on my linux box to a Ericsson Bluetooth module. At the same time, I want to use one of unused pins, RI or CD pin for instance, to serve as a trigger to another circuit. Therefore, I need to be able to turn that specific pin to high and low at desired time.
My questions are:
Thank you very much. I am looking forward to hearing from you.
Two questions - one hardware matter, probably not linux. The other, a good question, especially in the general form, and would make an excellent article.
I have an V90/K56flex external modem that I use to connect with my ISP via a dial-up line. The modem obeys the Hayes command set. Now the point to note is that I have make a long distance call or STD call as we call it here in India, to establish a connection. This might seem a very expensive thing to do but I have no other option. Now each time I establish a connection using kppp the modem waits for almost 40secs inbetween transmission of packets whose duration is approximately 5secs. Thus after establishing a connection the modem activity is as follows:
40secs-no TD/RD, 5secs-TD/RD, 40secs-no TD/RD, 5secs-TD/RD, ........
Is this normal or is something wrong? Do you think there is something wrong with some configuration somewhere?
I suspect that there is something wrong... but it's most likely not configuration, at least not software-wise; it's either your modem, or your ISP.
The same thing happens in Windows too.
So... it's got nothing to do with Linux, then.
Try using another modem, preferably with a different computer, from your location. If the problem persists, it's your ISP. If it goes away, it's your computer and/or modem.
Thanks for your prompt reply. I have been trying out your suggestions. Unfortunately there aren't any Linux boxes in my locality. Changing the computer does not seem to improve the performance of the modem. As for trying out another ISP, I don't have any options.
Are there any parameters in the Hayes set that could affect the TD/RD rate of the modem?
Finally may I add another question? Could someone point me to an article or HOWTO about setting up qmail in a stand-alone home computer for transfering mail to an ISP mail server over a dial-up line. The documentation with the package isn't of much help.
-- amitava maity
I considered putting this in TAG - it's a mite large for Tips - but since I've given the nod to our readers rather eloquently, I put it here instead. Thanks to all our fans -- Heather
I was disturbed to read Heather's suggestion to put kernel modules on a /boot partition ("booting multiple linux distributions" TAG #5, Issue 76). My question is, why would you bother to do this? It seems error prone to me.
Because on triple boot systems where all three are Linux, it means they can all use the kernels. As soon as the symlinks are established it works marvelously - personal experience.
I didn't recommend it as the only thing one could do; just a possibility among many, and part of an answer to a question asking "which partitions can be shared?"
To summarize: /tmp, swap, and ... if you are careful ... /home and /boot. If "error prone" are the kind of words that scare you from even trying something, or learning what "careful" means for your context, you should share neither /home nor /boot.
Unlike the kernel itself(1), modules are read through the filesystem so their visibility does not depend on which partition they are on. In fact, putting them on /boot means they are not available until /boot is mounted, which is noticably after the kernel is loaded. This complicates the boot process by adding a dependency that /boot must be mounted before any modules are loaded. (Normally /boot doesn't need to be mounted at all unless building kernels or modifying lilo).
The kernel wouldn't load sanely if a module were needed to mount /boot successfully. In my philosophy /boot is always mounted read-only because I keep its symbol map there, and a copy oof the .config I used to make it.
But of course, I build kernels all the time, it's something I do for clients as well as myself.
Further, there is more chance of causing collisions between distros in the modules tree. Presumably multi-boot systems use a separate / partition for each distro. This means that each will have its own /lib/modules tree with subtrees for each kernel version. Moving each of these to /boot means that each distro shares modules with the others. I would guess that usually that won't be a problem, but if it is then it would probably be hard to debug.
kernels are not distro specific and anybody who tries to tell you so needs to be whapped a good one. The only thing about them that even approaches it is that some distros are kind enough to package kernel-and-module kits for you. For each distro:
ln -s /lib/modules /boot/modules
There, now they are all happy. "complicated" ? no. "error prone" ? only if you're foolish enough to trust a packging system to remove kernels for you. The only one I even let try is debian, and then only when I have known good kernels that LILO knows about already.
mounting /boot earlier in a startup sequence may be needed for some distros. If one such distro is among your dual-or-more Linux mix, then I heartily recommend initrd so you'll never need to worry about that.
But it works fine for mixing SuSE with RedHat, as of a few revisions ago on both of them.
The only advantage I can see to putting modules on /boot is being able to share disk space for them between distributions.
But the complication of having several distros mucking with each other's modules seems to outweigh that.
I don't let package managers "muck" with my kernels and you shouldn't either. As soon as you know enough about what you want in kernels to care this deeply then you should not be worrying about packaged kernels anymore - roll your own, make it match your real hardware, and use the same, well behaved kernel no matter which userland you select to run today.
I don't follow Heather's assertion that running a 2.4.x kernel package and a 2.5.x kernel built from source is simplier with this scheme - the modules are already kept separate in /lib/modules by separate version directories. Am I missing something more significant?
Ohhh, you had some sort of delusion that I was taking (for instance) 2.2.18 modules, 2.4.12 modules, 2.4.19-pre3 modules, and throwing them all in one directory together? That certainly wouldn't work.
Certainly this method can be made to work, but I would guess it is only for sophisticated users with specific circumstances. That's not typical of readers of The Answer Gang, is it?
There is no such thing as a "typical" reader of The Answer Gang. We get complex questions, simple questions, complex phrasings of simple questions (ugh), and simple phrasings of complex questions (yay!). We get discussions about the deep magic of programming and how to properly use the "date" program. And everything in between.
If you assume that by having a worldwide audience we are always going to play to the dumbest possible reader, sorry but that's not so. Every member of the Gang will answer any given question their own way; when all is said and done, I'm mostly just turning a conversation originally written "radio reciever" style (everybody gets their say in big paragraphs) into a more readable "group conversation" style.
In my case, by the time someone is considering triple booting anything, they are sophisticated enough to consider options such as these that I have used.
But a good point to bring up is: distros do change over time. Something that worked very nicely a year ago may be all wrong now, or very complicated now, or just have a much easier answer at hand now. As with maps, the picture and the advice are not the territory itself.
(1) Boot loaders like lilo need to load the kernel as disk blocks using bios calls. There was a period when disk sizes were large enough that the bios could not address the entire disk. On such a system, it is convenient to make a /boot partition at the beginning of the disk so lilo will be able to load the kernel. On smaller disks or with newer bios, this work around isn't necessary.
But may be handy if you have a disk disaster, to know that kernels were nearer to the front than the back of the drive.
Of course if you fear this, give up on LILO and switch to a boot loader which will seek out kernels wherever they happen to live on the disk. (Advice good for PC users only. Sparc's SILO already does that.)
P.S. /lib/MOVING can be deleted safely before rebooting. Although directory information will be removed immediately, open files will not have their inodes freed until they are closed. That's why /lib/modules can be replaced by a symlink while the system is running in the first place.
If one is going to be complicated, it pays to keep an eye on the details. In this case it cautions one, and may even comfort one, that you have not deleted the original directory until you actually make that choice, as a sysadmin, and after your new boot sequences are tested.
Tom's rootboot is good to have around too.
I don't let package managers "muck" with my kernels ... roll your own ... and use the same, well behaved kernel no matter which userland you select to run today.
Ahh, I see. I had assumed you had different kernels for different distros but of course the first time I found myself building the same kernel on two different distros I'd realize they should be shared. I guess I don't use enough different distros at the same time to run into that, which is why I asked about it.
Thanks for enlightening me.
...no such thing as a "typical" reader of The Answer Gang. ... more readable "group conversation" style.
Well, I appreciate that immensely. It's always nice to have something intriguing to think about even though the overall topic may be well known (if not to beginners). You do a great service to your readers when you throw in a little something over their heads. It gives them something further to explore rather than making them think everything has been said (never the case, of course).
Count me a fan!
We got a handful of a requests for job postings this month. Here's the policy.
LG doesn't publish job listings because they are temporary in nature.
LG is for more permanent material. Job openings change so frequently that by the time the next issue is published, the job could well be filled. And if we publish one job listing, we'd have to publish them all.
We do not currently have any other place to post job listings, so I suggest you try another site such as mojolin.com, dice.com, monster.com, etc.
-- Mike Orr
Sadly jobs.osdn.com closed down, but they recommend (in addition to some of the above) hotlinuxjobs.com, Brass Ring, and JobPenguin.
Attending any of the related user groups in the region to make your announcement may also be valuable. It may be useful to consider if you need someone who already has the skills, or if you'd gladly settle for someone talented enough that they can become the person you seek to hire.
SSC, our host, also hosts a "Groups of Linux Users Everywhere" resource
listing a lot of LUGS worth visiting:
Good luck in your quest.
...after some effort to get Mike his article submission...
PS: I'm trying a roundabout route to get this email to you; it seems
that your email server doesn't like my ISP's email server and has
rejected my last two attempts at emailing this to you. Since my ISP is a
large Canadian provider, it may take some time to persue and correct the
mutual email problems, and in the mean time, I'm trying this end-run to
get the article to you.
Our sysadmin Dan Wilder verified we're refusing mail connections from sympatico.ca because they're refusing mail connections from us. Or rather, the connection times out when we try to reach them. This causes a load on our mail server because the message sits on our outgoing queue for several days as it keeps trying to send it. Ask your ISP whether their mail server is blacklisting ssc.com. If not, we'll turn off the lock. But you may mention that we're still unhappy about the large amount of spam we receive from sympatico.ca.
Setting up a mail server in send-only mode is a common tactic by spammers. Not saying that sympatico is doing this, because they need to receive mail for their users. But that's why we block out any site that sends us mail but consistently refuses connections from us. They do it because those "1 million e-mail address" lists have a large number of obsolete addresses that cause bounces, and their mail server couldn't handle the bounce traffic. (Or maybe it could, but that would slow down their spam-sending. ) Which is exactly what's happening: sympatico users send spams to fifty or a hundred accounts here that have been deactivated or never existed, and our mail server bogs down trying to send back the bounce messages--which they refuse. But probably what sympatico has is a misconfigured mail server. Our error message tells who to call if their postmaster cares. From /etc/postfix/access:
sympatico.ca 550 You refuse our connections so we refuse yours: 1-206-782-8808 if you have corrected the problem.
I'm cc'ing your sympatico address with this letter to see if it gets through.
-- Mike Orr
Please see the Back Page for details.