Search Results: "Matthias Urlichs"

22 July 2020

Enrico Zini: nc sudo

Question: what does this command do? 
# Don't do this
nc localhost 12345   sudo tar xf -
Answer: it sends the password typed into sudo to the other endpoint of netcat. I can reproduce this with both nc.traditional and nc.openbsd. One might be tempted to just put sudo in front of everything, but it'll mean that only nc will run as root: 
# This is probably not what you want
sudo nc localhost 12345   tar xf -
The fix that I will never remember, thanks to twb on IRC, is to close nc's stdin: 
<&- nc localhost 12345   sudo tar xf -
Or flip the table and just use sudo -s: 
$ sudo -s
# nc localhost 12345   tar xf -
Updates Harald Koenig suggested two alternative spellings that might be easier to remember: 
nc localhost 12345 < /dev/null   sudo tar xf -
< /dev/null nc localhost 12345   sudo tar xf -
And thinking along those lines, there could also be the disappointed face variant: 
:  nc localhost 12345   sudo tar xf -
Matthias Urlichs suggested the approach of precaching sudo's credentials, making the rest of the command lines more straightforward (and TIL: sudo id): 
sudo id
nc localhost 12345   sudo tar xf -
Or even better: 
sudo id && nc localhost 12345   sudo tar xf -
Shortcomings of nc tar Tomas Janousek commented:
There's one more problem with a plain tar nc tar without redirection or extra parameteres: it doesn't know when to stop. So the best way to use it, I believe, is: tar c nc -N nc -d tar x The -N option terminates the sending end of the connection, and the -d option tells the receiving netcat to never read any input. These two parameters, I hope, should also fix your sudo/password problem. Hope it helps!

26 June 2007

Matthias Urlichs: Be prepared!

>> Thank you for your message to the Adaptec Customer Service department.
>> Your case # is 000000000005432. (NB: not the real number.)

*ROTFL*  Exactly how many customer requests do they expect to handle?

If the answer is "about 100/day", which sounds somewhat high to me given the above number, then space will last roughly three times as long as the time until this nice planet will die a fiery death in its expanding sun's outer heliosphere.

Maybe somebody was afraid of the Year-100-Billion problem

21 May 2006

Andreas Metzler: kicking gnutls packaging

Over the last days I have taken a shot at getting the packaging of the gnutls dependency chain in shape. I have now got packages of gnutls13 1.4.0, libtasn1-3 0.3.4 and opencdk8 0.5.8 which at least when reading the debian diff seem to be ok. Once libtasn1-3 is in the archive gnutsl12 could be updated to 1.2.11 and we could try to get rid of libtasn1-2 and gnutls11. The packages currently in the archive have an unreadable diff, as they are not based on upstream's tarballs but on sources pulled from cvs. I hope the package maintainer Matthias Urlichs will reappear soon and can make use of my patches.

6 February 2006

Enrico Zini: Italian screen reading

So far, it has been a fairly happy hacking day. I wanted to see how far I could go to make a Linux desktop accessible for the blind. Platform of choice is Breezy because:
  • it uses gnome, which is the most accessible stuff at the moment;
  • it's the distribution with the least amount of raw edges at the moment;
  • its gnome accessibility stuff is more up to date than the stuff in sid (I got in touch with Mario Lang and I'll see if I can help)
Step number 1: installing a fully working Breezy chroot inside my sid
  1. lvcreate -L2G -n breezy vg
  2. mkfs.jfs /dev/vg/breezy
  3. mount /dev/vg/breezy /chroot/breezy
  4. debootstrap --arch i386 breezy /chroot/breezy http://archive.ubuntu.com/ubuntu/
  5. chroot /chroot/breezy
  6. dpkg-reconfigure locales
  7. tzconfig
  8. base-config new
  9. fixed gdm configuration to work along with the sid X server
  10. fixed /etc/fstab, resolv.conf and /etc/hosts
  11. reduced the lart-delay of /etc/rcS.d/S04udev from 60 to 5 seconds
  12. "booted" the Breezy system running /etc/rcS and /etc/rc 2
Believe it or not, it works. I have another gdm login screen, I login and I hear the Ubuntu startup music. A couple of warnings about ACPI and HAL not working... well, I can imagine why. gnome-panel would refuse to show the menus. It turned out to be connected to Gnome bug #323064 (debian bug #338438) and I found out that Alt+F2 (run) and then killall gam_server would be enough to stay displayed.
Step number 2: getting the screen reader to work Note: the menu names might be incorrect as my system is localised in Italian and I'm now translating back to English.
  1. Install gnopernicus
  2. Go into Desktop/Preferences/Audio and disable the sound server
  3. Go into Desktop/Preferences/Assistive technology, enable assistive technology and screen reader
  4. Logout and in again
Now, coolness ubercoolness, the desktop starts to speak with the voice of a depressed 40 years old dude from the USA. Thanks to Luke Yelavich of ubuntu-accessibility for supporting me and for explaining me that if esd is running then the voice tends to disappear because esd steals the sound device to festival. He also explained me that if one tries to run festival through esd then it works, but since esd is a mixer then one starts hearing various voices for different events all mixed together. Now, the English speech engine often mentions the "barra dei sacramenti". In local Italian it means "toolbar for blaspheme curses". Time to move on to step 3.
Step number 3: getting the screen reader to work in Italian I'm very proud of the Italian speech engine that recently entered Debian thanks to Riccardo Vestrini and the Debian Italian Maintainers Task Force, I've already put it to good use in the past and have great plans about it for the future. It's now a good moment to turn the knowledge previously acquired with creative timewasting into something serious. So, on to work:
  1. get the italian festival voice packages from sid (the packages are festlex-ifd, festvox-itapc16k and festvox-italp16k)
  2. install them all in Breezy
  3. sudo patch /usr/share/festival/languages.scm /usr/share/doc/festlex-ifd/languages.scm.patch (and ping again Matthias Urlichs for a fix for bug#335845)
  4. log out
  5. kill all the festival servers, drivers and whatnot (need to do it when logged out, but one can just install the voices before starting gnopernicus for the first time)
  6. log in again
  7. go into gnopernicus configuration and select the new voices.
It SO WORKS! I configured some voices a bit at random, so now according to what I do the desktop speaks like the depressed dude, Adriano Celentano or the Italian dubbing of the Enterprise computer (without reverb effect). An extra cool unexpected side effect of this chroot setup is that now I can go back to my Sid X session and the Breezy X session will keep talking in the background, so I can even keep an ear on what happens in the other Virtual Console. Now, on to the applications. The menus, work. Abiword works, but I couldn't find out how to read the things I type on the editing area (not so useful until that one is solved). OpenOffice2 does not work. Firefox 1.5 works. gnome-terminal works. gedit works. It could be better, but I was fearing much worse. Now, gnopernicus has various powerful features accessible using the numeric keypad, but I haven't found a way to activate them in my laptop. It may be that with the keypad functions abiword becomes readable. I'm quite satisfied today.

20 January 2006

Matthias Urlichs: Yes I know

Sorry about the LiveJournal spam. Apparently they messed up.

I'll move to my own system. Real Soon Now.

4 December 2005

Matthias Urlichs: No, I will NOT support M$ users any more.

Yet another item on the already-too-long list of blatantly unethical behavior by Micro$oft.

This says everything, and should surprise nobody.

3 December 2005

Matthias Urlichs: Web servers are annoying

So I'm setting up a new web server. It need to be secure (no user A spying in user B's files). It needs to run PHP. Yes, you may run away now. Oh yes, it also needs to be fast...

So how to do that? I'm not going to run Apache+mod_php on the thing. :-/

I've started with Apache2, FastCGI, PHP via FCGI, installed eaccelerator for 60% speed-up.

All of this works reasonably well, except for PHP scripts that want PATH_INFO (like http://.../blog.php/2005/12/03/some_random_gunk). mod_fcgi passes the whole thing's pseudo file system path in PATH_TRANSLATED. The PHP FCGI process checks that path, sees that it doesn't exist (blog.php is a file after all), and immediately returns an unhelpful error.

I've worked around that thing with an ugly hack, but I suspect that the real fix would be to add this same hack to PHP instead.

Opinions, anybody?

NB: Oh, and if somebody could tell me why my mysql server's kernel randomly ignores incoming TCP connections for a few seconds every minute (and yes, it's the kernel), I'd be grateful. I suspect that the solution is going to be "upgrade to something newer than 2.6.12-9-686-smp (Ubuntu Breezy's kernel)"... :-/

NB2: There's also a mod_fcgid for Apache2. Hint: It's crap -- if all FCGI processes happen to be busy, I want new requests to be delayed. I do not want them to be rejected with a terse, hard-coded error message.

18 November 2005

Matthias Urlichs: Interactive fiction is good for you ... NOT

Do not read further. If you couldn't control yourself, do not go here. If you did, run sudo apt-get remove frotz. Immediately. If by any chance you didn't, under no circumstances should you open a terminal and type frotz bookvol.z5. You did? Oh dear. Try not to ... spend ... the rest ... of your ... week ... aarrrggghhh .. too late... See you sometime later. Much later.