November 2016 - openSUSE Users - openSUSE Mailing Lists

[opensuse] Re: Thunderbird : showing Dates for locale Ethiopian AFAR : Solved
by ellanios82 03 Nov '16

03 Nov '16

On 10/28/2016 06:04 PM, ellanios82 wrote: > > using XFCE & Orage the Clock on bottom Panel is also > > using Ethiopian locale aa_DJ : Afar language > > - but Where it is getting this instruction , while ignoring the > settings in Yast , i cannot guess or imagine > > > thanks > > - at the Window Manager Log-In Screen : top Right , there is a tiny button allowing choice of WManager [ say ICE or XFCE ] and on Left of that button is another for choice of Language : that Language Button had been switched to the first of the language list : "Afar" language ......... cheers -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

1 0

[opensuse] Bluetoothproblem on Tumbleweed. Softlocked device on a Wind U100 (32 bit) would not open?
by stakanov＠freenet.de 03 Nov '16

03 Nov '16

I installed TW on a Wind U100 with a BT/WLAN combicard that worked well with opensuse 13.2. I had BT deactivated (hardwarewise) without noticing it. I then tried to activate it after install. Listing shows that now hardware block is off. But softwareblock is on. Now I tried to find where. I tried with bluez and to activate the device there. But no reaction. It seems powered off (not true because visible in console) I tried to change the value in bluedevilglobalrc to [Global] bluetoothBlocked=false That stays but the device remains "softblocked". Where can the glitch be?? Is there a possibility that for some reasons another programme (or systemd) governs this? I am not aware of a layer between CLI showing the device and KDE. So KDE should be the only instance governing it software wise, isn't it? --- Die Bundesliga hat begonnen! Alle Tore, alle Ergebnisse, alle News: Pocket Liga jetzt im https://app.adjust.com/dpynzd oder https://app.adjust.com/dpynzd herunterladen - kostenlos! -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

1 0

[opensuse] Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2
by Marcus Meissner 02 Nov '16

02 Nov '16

Hi, It is here: https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html (But you need the follow up kernel, as this introduced a regression in POSIX ACLs. https://lists.opensuse.org/opensuse-updates/2016-10/msg00106.html ) Ciao, Marcus On Wed, Nov 02, 2016 at 02:19:05PM +0000, Robert Sichler wrote: > I've been checking the opensuse-security-announce archive and didn't think anything was relevant to OpenSuSE 13.2. I saw patches for other versions but I'm not sure if any of them are compatible. > > -----Original Message----- > From: Marcus Meissner [mailto:meissner@suse.de] > Sent: Wednesday, November 02, 2016 4:56 AM > To: Robert Sichler > Cc: opensuse(a)opensuse.org; opensuse-security(a)opensuse.org > Subject: Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2 > > On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote: > > Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)? > > Or is there another direction I should turn? > > Best regards, > > -Bob > > What makes you think it is not available? > > Ciao, Marcus > > > ________________________________ > > Notice: This communication, including attachments, may contain confidential or proprietary information to be conveyed solely for the intended recipient(s). If you are not the intended recipient, or if you otherwise received this message in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments, without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful. > -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <meissner(a)suse.de> -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

1 0

[opensuse] Re: [opensuse-security] Linux Kernel Vulnerabliltiy and OpenSuSE 13.2
by Marcus Meissner 02 Nov '16

02 Nov '16

On Thu, Oct 27, 2016 at 02:31:20PM +0000, Robert Sichler wrote: > Should I expect a patch for OpenSUSE 13.2 (x86_64) to address the Linux kernel vulnerability known as Dirty COW (CVE-2016-5195)? > Or is there another direction I should turn? > Best regards, > -Bob What makes you think it is not available? Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

1 0

[opensuse] Re: [opensuse-factory] suse 13.2: uncredited source used in shadowutils: where from?
by Marcus Meissner 02 Nov '16

02 Nov '16

On Wed, Nov 02, 2016 at 08:22:37AM +0100, Axel Braun wrote: > Am Dienstag, 1. November 2016, 18:26:50 schrieb L. A. Walsh: > > I was trying to figure out a behavior/feature in shadowutils and > > whether it came from the package maintainers, or was an > > OpenSuse addition as wanted to know where the scripts: > > > > "useradd.local" and "groupadd.local" > > > > came from. > > > > I wanted to report one or more problems affecting both > > scripts and didn't know if it should be reported to the package > > "owners"[?] or opensuse. > > > > I installed the source rpm for "shadowutils-4.1.5" and then > > thought it might be as fast or faster to look at the sources > > from the package URL citing http://pkg-shadow.alioth.debian.org/ . > > > > On the site, I see the latest tars being 4.1.4, 4.2, and 4.2.1. > > > > I see no listing for the tarball used by OpenSUSE, neither 4.1.5.1 > > nor 4.1.5. > > I did not find a package called shadowutils on OBS, so I doubt it is openSUSE > Standard - where did you get it from The package is called "shadow". The sources were downloaded at one point in time from above site. I am now adding GPG key verification to the package too. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

1 0

[opensuse] suse 13.2: uncredited source used in shadowutils: where from?
by L. A. Walsh 02 Nov '16

02 Nov '16

I was trying to figure out a behavior/feature in shadowutils and whether it came from the package maintainers, or was an OpenSuse addition as wanted to know where the scripts: "useradd.local" and "groupadd.local" came from. I wanted to report one or more problems affecting both scripts and didn't know if it should be reported to the package "owners"[?] or opensuse. I installed the source rpm for "shadowutils-4.1.5" and then thought it might be as fast or faster to look at the sources from the package URL citing http://pkg-shadow.alioth.debian.org/ . On the site, I see the latest tars being 4.1.4, 4.2, and 4.2.1. I see no listing for the tarball used by OpenSUSE, neither 4.1.5.1 nor 4.1.5. I'm wondering where these packages came from (as well as wondering how 4.1.5 was "listed as being from the "alioth" source server when the source server has no such tar. It may be no big deal, but usually when I see a URL where the source tar is supposed to be from, it's usually verifiable as being there and, for the times I've checked, is usually the same tarball. In this case, taking a security-minded stance, I can't check any signature or checksum to verify that the tarball used to create opensuse binaries was from the attributed website. I'm sure there's some good explanation, but isn't this something that shouldn't happen for released software? Where *DID*, 4.1.5 (and 4.1.5.1) come from -- are they opensuse created versions? Should opensuse be creating versions of packages that are easily confused with the version numbers used on the original site? I.e. normally, I see something like 4.1.4_2.37, where the part after the "_" is some suse-specific/internal version. If the package owners didn't created the source for suse's package, who did? While I might have some belief in the security of the package on the package's source site, what is known about the 4.1.5.1 or 4.1.5 packages? Could they have a malware or a rootkit embedded -- since they aren't easily verified for content as they didn't come from the official source for this package... ??? Thanks... -l -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

2 1

[opensuse] Why is DISPLAYMANAGER_SHUTDOWN="root" ignored?
by Josef Wolf 01 Nov '16

01 Nov '16

Hello, I have DISPLAYMANAGER_SHUTDOWN="root" set in /etc/sysconfig/displaymanager But this setting seems to be ignored. Non-privileged users can still shutdown by choosing "shutdown" from their KDE menu. Why is this? BTW: this is opensuse Leap 42.1 -- Josef Wolf jw(a)raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse+owner(a)opensuse.org

5 8