Rebuilding RPM packages, made easy

This tool sounds really handy for clever tricks (and horrid hacks)

http://www.redhatmagazine.com/2007/12/04/hacking-rpms-with-rpmrebuild/

Basically you can modify the spec file inside an rpm on the fly, or rebuild a package from the existing files on your system (with your customized settings files, for example).

Nice.

Why no ssh-vulnkey for non-ubuntu systems?

I mean, it’s not like the problem is only on ubuntu/debian machines. I’d like to be able to check if the keys installed on my (non-debian and non-ubuntu… some even non-linux) servers are vulnerable.

What’s really nasty of this debian ssh mess is that the vulnerability was born on the debian clients, and spreads making all the (non necessarily debian) servers where they are installed to.

So, do I have to dl ubuntu’s openssh .debs and extract ssh-vunlkey from there? That’s not really nice 🙂

–UPDATE–

Apparently there’s some huge perl script here

http://ubuntu-tutorials.com/category/security/

that should do the job… checking…

Checkinstall for gnome packets

Checkinstall is a very useful package for linux distros that track their packages with databases (that is, with rpm or deb packages) when compiling from source, and can save you a lot of headaches when uninstalling or upgrading a package.

But I’ve found a nasty twist (not exactly checkinstall’s fault, actually) that should be kept in mind: there are some files that should NOT belong in your package. And not only for tidyness reasons, but to avoid completely screwing up your Gnome installation.

Read on…

Continue reading “Checkinstall for gnome packets”

Weird fedora dbus bug

A couple of days ago I got bit by a nasty and pretty dumb bug in dbus on Fedora Core 6: the service would just hang forever on startup.

To make a long story short, it all goes down to some interaction (I have no idea about) between dbus and ldap (of all things): if the ldap server is not available the servie just hangs.

To make the bug go away simply disable the use of ldap for “User Information” in system-config-authentication. It looks like you can continue to use it for authentication, fortunately.