On Tuesday 28 November 2006 07:31, Craig White wrote: >On Tue, 2006-11-28 at 01:11 -0500, Gene Heskett wrote: >> On Monday 27 November 2006 23:36, Mikkel L. Ellertson wrote: >> >> The >> >> xhost +192.168.71.2 >> >> thing. >> > >> >This is not going to work from rc.local. >> >> It made X11Forwarding work 100% when I was running FC2, with a >> hand-built xorg-6.8-901 installed. I didn't have to pay attention to >> using ssh -X al the time, nor did I have to ssh -X gene@shop like I >> have to now. The actual difference? Damndifiknow. > >---- >I believe that the gap between what you believe made it work and what >actually made things work is large - somewhat confirmed by your last >word >---- > >> >You have to run xhost on the local machine in X. You are changing >> >permissions on who can connect to the local X server. >> >> You are saying that this command is invalid unless X is already >> running? >> >> FWIW, I never saw that line spit out an error until I'd installed FC6. >> Maybe its the result of plugging a hole, I don't know, and frankly >> didn't care as long as it worked. Pi$$y attitude I guess, but yum >> updated a bunch of selinux stuff yesterday and broke enough of my >> system that its now disabled just so I can make a backup, and with my >> configuration here at the old farts home being pretty secure against >> anything from the outside, and of course totally at my mercy if its >> disabled, I'm tempted to rip it out entirely. I've relabeled the >> system 7 or 8 times now, and everytime it breaks something new, >> usually without fixing the old problem. To me, this whole darned >> selinux thingy is a solution looking for a random place to create a >> problem. And lifes waayyy too short to screw with it at my age. I >> want to *use* this machine to do usefull things for me, not spend 3 >> weeks a month fixing things that an update broke. Back on the farm in >> Iowa 65-70 years ago we called that stuff fertilizer in mixed company. > >---- >The update wasn't the issue...you installed another snapshot of amanda - >all files without contexts for SELinux I would bet. > Of course its from the tarball, built right here, I'm a tester. Whats wrong with that? >One of the issues you are going to have with installing stuff from >source is that none of those files will have the proper contexts for >SELinux and you are either going to have to actually learn how to live >with SELinux or just shut if off. > >Blaming errors on the packages when you don't understand what you are >doing makes you look rather foolish. I'm not blaming the errors on the amanda packaging Craig as I haven't used a packaged amanda in at least 5 years. But I damned sure do object to building it right here on this box where its going to run, using the tools supplied with the distribution, only to have selinux decide its not safe to run it even if its (theoreticly) set to permissive. That to me is a tool error and goes back to both selinux and the compiler suite. And maybe should be bugzilla'd. OTOH, I've been a fool before, one who believes that this crap should Just Work(TM). Does this mean I have to reboot and relabel the system everytime I install a new version of amanda to test it? If so, that does rather label linux's extended uptime claims as a lie from the gitgo now doesn't it? Now lets see if the problem can be fixed within the framework of this PITA called selinux. Is there a method that I can use to relabel a freshly built snapshots whole src+object tree before I become root to do the make install? If there is, then I'll just incorporate it right into the build script I've been using for years. That would be the ideal situation IMO. What I'm saying, nay demanding, is that selinux isn't to be sensitive to this. We can fix the build system, or we can fix selinux by disabling it, which is the current situation. Just to keep peace in the camp, I'd much druther fix the build system if its possible. And the fixes will be published on the amanda-user and amanda-hackers lists if they can be made to work. No one should be forced to endure this constant harrassment by a tool that lies outright to the end user. Because thats exactly what its doing when it blames it on pam. >Craig -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
