Bootstrapping on Solaris 64-bits, binutils breakage

10-13-2010, 09:27 AM

On 13-10-2010 11:21:08 +0200, Al wrote:
> > I just noticed that bootstrapping on Solaris 64-bits breaks with
> > binutils, because it happens to find libiberty.a from /usr/sfw/64
> > instead of its own internal built in copy.
> >
> > I'm not yet sure how to fix it properly, but for now, I applied this
> > hack/workaround in step 1.7:
> >
> > env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib" emerge --oneshot --nodeps binutils
> >
> > this worked for me to get binutils built. *gcc seems to the next to
> > break for the same reasons. *So you'll also need
> >
> > env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib" emerge --oneshot --nodeps "=gcc-4.2*"
>
> Hm, strange.
>
> 1.) IMHO bootstrap-prefix.sh writes the same LDFLAGS to make.defaults.
> Why don't they take effect?

For Solaris, x64 bits it writes many more flags. But I already found my
previous solution wasn't the right one. Follow up mail coming.

> 2.) Why does this issue only occur for two programs? It's always the
> same linker, isn't it?

Because only binutils provides libiberty, and hence gets this conflict
with finding the wrong libiberty on the host system.

I think gcc doesn't need any workarounds, I'm testing that now.

--
Fabian Groffen
Gentoo on a different level

10-13-2010, 09:43 AM

On 13-10-2010 11:05:05 +0200, Fabian Groffen wrote:
> All,
>
> I just noticed that bootstrapping on Solaris 64-bits breaks with
> binutils, because it happens to find libiberty.a from /usr/sfw/64
> instead of its own internal built in copy.
>
> I'm not yet sure how to fix it properly, but for now, I applied this
> hack/workaround in step 1.7:
>
> env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib" emerge --oneshot --nodeps binutils

ok, this actually needs to be (bizarre hack!):

env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib -R/usr/sfw/lib/64" emerge --oneshot --nodeps binutils

then GCC needs no hack any more, as it was failing because binutils was
barfing at runtime, due to a library mismatch.

--
Fabian Groffen
Gentoo on a different level

Wed Oct 13 12:30:02 2010
Return-path: <centos-bounces@centos.org>
Envelope-to: tom@linux-archive.org
Delivery-date: Wed, 13 Oct 2010 11:51:03 +0300
Received: from mail.centos.org ([72.26.200.202]:54667)
by s2.java-tips.org with esmtp (Exim 4.69)
(envelope-from <centos-bounces@centos.org>)
id 1P5x39-0007bG-KV
for tom@linux-archive.org; Wed, 13 Oct 2010 11:51:03 +0300
Received: from lander.activeaudience.com (voxeldev.centos.org [127.0.0.1])
by mail.centos.org (Postfix) with ESMTP id 3E0A26F706;
Wed, 13 Oct 2010 05:45:22 -0400 (EDT)
X-Original-To: centos@centos.org
Delivered-To: centos@centos.org
Received: from homiemail-a18.g.dreamhost.com (caiajhbdcaib.dreamhost.com
[208.97.132.81])
by mail.centos.org (Postfix) with ESMTP id 859506F680
for <centos@centos.org>; Wed, 13 Oct 2010 05:45:20 -0400 (EDT)
Received: from homiemail-a18.g.dreamhost.com (localhost [127.0.0.1])
by homiemail-a18.g.dreamhost.com (Postfix) with ESMTP id DE70325006C
for <centos@centos.org>; Wed, 13 Oct 2010 02:45:19 -0700 (PDT)
Received: from www.palm.com (unknown [80.27.103.57])
(Authenticated sender: admin@tssystems.net)
by homiemail-a18.g.dreamhost.com (Postfix) with ESMTPA id BCA6C25006B
for <centos@centos.org>; Wed, 13 Oct 2010 02:45:14 -0700 (PDT)
Date: Wed, 13 Oct 2010 11:45:38 +0200
From: "=?UTF-8?B?Sm9zw6kgTWFyw61hIFRlcnJ5ICBKaW3DqW5leg==?="
<jtj@tssystems.net>
To: "CentOS mailing list" <centos@centos.org>
In-Reply-To: <201008160049276161391@gmail.com>
X-Mailer: Palm webOS v1.0.1
MIME-Version: 1.0
Message-Id: <20101013094514.BCA6C25006B@homiemail-a18.g.dreamhost.com>
Subject: Re: [CentOS] FreeNx doesn't work?
X-BeenThere: centos@centos.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: CentOS mailing list <centos@centos.org>
List-Id: CentOS mailing list <centos.centos.org>
List-Unsubscribe: <http://lists.centos.org/mailman/listinfo/centos>,
<mailto:centos-request@centos.org?subject=unsubscribe>
List-Archive: <http://lists.centos.org/pipermail/centos>
List-Post: <mailto:centos@centos.org>
List-Help: <mailto:centos-request@centos.org?subject=help>
List-Subscribe: <http://lists.centos.org/mailman/listinfo/centos>,
<mailto:centos-request@centos.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1139567494=="
Sender: centos-bounces@centos.org
Errors-To: centos-bounces@centos.org

--===============1139567494==
Content-Type: multipart/alternative;
boundary=Alternative__boundary__1286963145222

--Alternative__boundary__1286963145222
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hello

To ease remove the centos packages and install the RPMs from nomachine=
=2Ecom 

Best

El 15/08/2010 18:49, gaohu <tigerheight@gmail.com> escribi=C3=B3:=20

@import url( C

ocuments and SettingsgaohuLocal SettingsTemporary Inter=
net Filesscrollbar.css );

@font-face {
font-family: 宋
}
@font-face {
font-family: Verdana;
}
@font-face {
font-family: @宋
}
@page Section1 {size: 595.3pt 841.9pt; margin: 72.0pt 90.0pt 72.0pt 90.0pt;=
layout-grid: 15.6pt; }
P.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
LI.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
DIV.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
FONT-STYLE: normal; FONT-FAMILY: Verdana; COLOR: windowtext; FONT-WEIGHT:=
normal; TEXT-DECORATION: none; mso-style-type: personal-compose
}
DIV.Section1 {
page: Section1
}
UNKNOWN {
FONT-SIZE: 10pt
}
BLOCKQUOTE {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; MARGIN-LEFT: 2em
}
OL {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}
UL {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}

@font-face {
font-family: 宋体;
}
@font-face {
font-family: Verdana;
}
@font-face {
font-family: @宋体;
}
@page Section1 {size: 595.3pt 841.9pt; margin: 72.0pt 90.0pt 72.0pt 90.0pt;=
layout-grid: 15.6pt; }
P.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
LI.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
DIV.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
FONT-STYLE: normal; FONT-FAMILY: Verdana; COLOR: windowtext; FONT-WEIGHT:=
normal; TEXT-DECORATION: none; mso-style-type: personal-compose
}
DIV.Section1 {
page: Section1
}
UNKNOWN {
FONT-SIZE: 10pt
}

On Sun, Aug 15, 2010 at&n bsp;11:17 AM, g=
aohu <tigerheight@gmail.com> wrote :

> I have installed freenx&n bsp;with this a=
rticle
>
> http://wiki.centos.org/HowTos/FreeNX
>
> but when I use freen x-client on win=
dows to connect to server,
> I always get an "fre enx Authentication&n=
bsp;failed."

You appear to have missed&nbsp ;a step or&nbsp=
;configured the auth bits
incorrectly. The NX user is&nb sp;the user who=
 authenticates via ssh, and
you authenticate via nx to&nbs p;the proper se=
ssion. Go through the steps&nb sp;in
the wiki again carefully and&n bsp;double check&nbs=
p;the logs to see who you 're
attempting to authenticate as.&nbsp ;I'd bet you're=
 trying to auth as you r
user instead of as the nx  user and =
since the wiki states that&nbs p;only the
nx user is authorized (via&nbs p;the AllowUsers&nbs=
p;nx statement) auth is
failing for that reason.

-- 
During times of universal dece it, telling the=
 truth becomes a revolutionary  act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D
My config as follows:
1. config sshd config, I=20
add
PasswordAuthentication no
AllowUsers nx ---> nx is not an actual user in my sys=
tem.
2. add user, I config
 nxserver --add user gaohu  <--- gaohu is a=20
common user on my system, and can connect via ssh with isa=20
key
        &n bsp;   &nb=
sp;       &nbsp ;    =
     =20
, (and password also works before I use ssh key to audit.)
 
 then re config sshd config file,=20
set
 AllowUsers nx=20
gaohu
 
 one thing I=20
can not understand is sshd default use /home/myuser/.ssh/authorized_keys,=
filebut nxserver generate the key at=20
 /home/myuser/.ssh/authorized_keys2 file, should I do other settingsin=
sshd config file to support this? 3.then I install the client and cop=
y /etc/nxserver/client.id_dsa.key file contentto the key window. That'=
s all. but when I run nxserver --test ? I just got permission denied=
? why? following is my sshd_config file, Could any one help? =3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D # $OpenBSD: sshd_config,v=
 1.73 2005/12/06 22:38:28 reyk Exp $# T h=
is is the sshd server sys tem-wide configurati=
on file.  See# sshd_config(5)& nbsp;for more i=
nformation.# This sshd was com piled with PATH=
=3D/usr/local/bin:/bin:/usr/bin# The strategy used for&=
nbsp;options in the default ss hd_config shipped&nb=
sp;with# OpenSSH is to specify  options with&n=
bsp;their default value where#&nbsp ;possible, but =
leave them commented.  Uncomme nted options ch=
ange a# default value.#Port 22 #Protocol 2,1Protoco=
l 2#AddressFamily any#ListenAddress&nbsp ;0.0.0.0#ListenAddress&nb=
sp;::# HostKey for protocol ve rsion 1#HostKey&nbsp=
;/etc/ssh/ssh_host_key# HostKeys for protocol  version&n=
bsp;2#HostKey /etc/ssh/ssh_host_rsa_key#HostKey /etc/ssh/ssh_host=
_dsa_key# Lifetime and size of  ephemeral vers=
ion 1 server key#KeyRegenerationInt erval 1h#ServerKeyBi=
ts 768# Logging# obsoletes Qui etMode and Fasc=
istLogging#SyslogFacility AUTHSyslogFacility& nbsp;AUTHPRIV#LogLevel&nb=
sp;INFO# Authentication:#LoginGraceTime  2m#PermitRootLogin y=
es#StrictModes yes#MaxAuthTries 6RSAAuth entication yesPubkey=
Authentication yesAuthorizedKeysFile .ssh/authorized_keys # =
For this to work you will  also need&nbsp=
;host keys in /etc/ssh/ssh_known_hosts#RhostsRSAAuthenticati=
on no# similar for protocol&nb sp;version 2#Hostbas=
edAuthentication no# Change to&nbsp ;yes if you&nbs=
p;don't trust ~/.ssh/known_hosts for# RhostsRSAAuthenti=
cation and HostbasedAuthentication#Ignor eUserKnownHosts no#&=
nbsp;Don't read the user's ~/.rhosts and ~/.s=
hosts files#IgnoreRhosts yes# To&nb sp;disable tunneled&=
nbsp;clear text passwords, change&n bsp;to no here!=
#PasswordAuthentication yes#PermitEmptyPasswo rds noPasswordAuthen=
tication no     &nbs p;  AllowUsers&=
nbsp;nx gaohu# Change to no&nb sp;to disable s=
/key passwords#ChallengeResponseAuthentication  yesChallengeRespon=
seAuthentication no# Kerberos optio ns#KerberosAuthentication=
 no#KerberosOrLocalPasswd yes#KerberosTi cketCleanup yes#Kerb=
erosGetAFSToken no# GSSAPI options# GSSAPIAuthentication&nbsp=
;noGSSAPIAuthentication yes#GSSAPICleanupCred entials yesGSSAPICle=
anupCredentials yes# Set this  to 'yes' to&nbs=
p;enable PAM authentication, accoun t processing, &=
lt;
/DIV># and session processing.&nb sp;If this is=
 enabled, PAM authentication w ill # be a=
llowed through the ChallengeRespons eAuthentication mech=
anism. # Depending on your&nbs p;PAM configuration,=
 this may bypass the sett ing of # P=
asswordAuthentication, PermitEmptyPasswords,& nbsp;and # "Per=
mitRootLogin without-password". If you just want&n=
bsp;the PAM account and #&nbsp ;session checks&nbsp=
;to run without PAM authentica tion, then enab=
le this but set # Challen geResponseAuthentication=
=3Dno#UsePAM noUsePAM yes# Accept&n bsp;locale-related e=
nvironment variablesAcceptEnv LANG&
nbsp;LC_CTYPE LC_NUMERIC LC_TIME LC _COLLATE LC_MONETAR=
Y LC_MESSAGES AcceptEnv LC_PAPER&nb sp;LC_NAME LC_ADDRES=
S LC_TELEPHONE LC_MEASUREMENT Accep tEnv LC_IDENTIFICATI=
ON LC_ALL#AllowTcpForwarding yes#Gateway Ports no#X11Forwardi=
ng noX11Forwarding yes#X11DisplayOffset& nbsp;10#X11UseLocalhost&n=
bsp;yes#PrintMotd yes#PrintLastLog yes#T CPKeepAlive yes#UseL=
ogin no#UsePrivilegeSeparation yes#Permi tUserEnvironment no#=
Compression delayed#ClientAliveInterval  0#ClientAliveCountMax&nbs=
p;3#ShowPatchLevel no#UseDNS yes#PidFile  /var/run/sshd.pid#M=
axStartups 10#PermitTunnel no#ChrootDire ctory n
one# no default banner path#Ba nner /some/path#&nb=
sp;override default of no subs ystemsSubsystem sftp /usr=
/libexec/openssh/sftp-server =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D 

--Alternative__boundary__1286963145222
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hello<br><br>To ease remove the centos packages and install the RPMs from&n=
bsp;<a href=3D"http://nomachine.com" type=3D"url">nomachine.com</a> <b=
r><br><span style=3D"font-family:Prelude, Verdana, san-serif;">Best<br><br>=
</span><span id=3D"signature"><div id=3D"no_signature" style=3D"overflow:hi=
dden;"></div></span><span style=3D"color:navy; font-family:Prelude, Verdana=
, san-serif; "><hr align=3D"left" style=3D"width:75%">El 15/08/2010 18:49,=
gaohu <tigerheight@gmail.com> escribi=C3=B3: <br><br>

<style type=3D"text/css">@import url( C

ocuments and SettingsgaohuLocal=
SettingsTemporary Internet Filesscrollbar.css );
</style>

<style>@font-face {
font-family: 宋
}
@font-face {
font-family: Verdana;
}
@font-face {
font-family: @宋
}
@page Section1 {size: 595.3pt 841.9pt; margin: 72.0pt 90.0pt 72.0pt 90.0pt;=
layout-grid: 15.6pt; }
P.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
LI.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
DIV.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
FONT-STYLE: normal; FONT-FAMILY: Verdana; COLOR: windowtext; FONT-WEIGHT:=
normal; TEXT-DECORATION: none; mso-style-type: personal-compose
}
DIV.Section1 {
page: Section1
}
UNKNOWN {
FONT-SIZE: 10pt
}
BLOCKQUOTE {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; MARGIN-LEFT: 2em
}
OL {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}
UL {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}
</style>

<style>@font-face {
font-family: 宋体;
}
@font-face {
font-family: Verdana;
}
@font-face {
font-family: @宋体;
}
@page Section1 {size: 595.3pt 841.9pt; margin: 72.0pt 90.0pt 72.0pt 90.0pt;=
layout-grid: 15.6pt; }
P.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
LI.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
DIV.MsoNormal {
TEXT-JUSTIFY: inter-ideograph; TEXT-ALIGN: justify; MARGIN: 0cm 0cm 0pt;=
FONT-FAMILY: "Times New Roman"; FONT-SIZE: 10.5pt
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
FONT-STYLE: normal; FONT-FAMILY: Verdana; COLOR: windowtext; FONT-WEIGHT:=
normal; TEXT-DECORATION: none; mso-style-type: personal-compose
}
DIV.Section1 {
page: Section1
}
UNKNOWN {
FONT-SIZE: 10pt
}
</style>

<font color=3D"#000000" size=3D"2" face=3D"Verdana">
<div>
<div><font size=3D"2" face=3D"Verdana"></font></div></div>
<div><font size=3D"2" face=3D"Verdana">
<div><font face=3D"Verdana"></font></div>
<div><font size=3D"3" face=3D"Times New Roman">
<div><font size=3D"2" face=3D"Verdana">On Sun, Aug 15,&nb sp;=
2010 at 11:17 AM, gaohu & lt;tigerheight@gmail.com&=
gt; wrote:</font></div>
<div>
<div><font size=3D"2" face=3D"Verdana">> I have instal led=
 freenx with this article</font></div>
<div><font size=3D"2" face=3D"Verdana">></font></div>
<div><font size=3D"2" face=3D"Verdana">> http://wiki.centos.org/How=
Tos/FreeNX</font></div>
<div><font size=3D"2" face=3D"Verdana">></font></div>
<div><font size=3D"2" face=3D"Verdana">> but when I&nb sp;=
use freenx-client on windows to connect&n bsp;to&nb=
sp;server,</font></div>
<div><font size=3D"2" face=3D"Verdana">> I always get& nbs=
p;an "freenx Authentication failed. "</font></div>
<div><font size=3D"2" face=3D"Verdana"></font></div>
<div><font size=3D"2" face=3D"Verdana">You appear to have &nb=
sp;missed a step or configured  the auth =
bits</font></div>
<div><font size=3D"2" face=3D"Verdana">incorrectly. The NX&nbs p;u=
ser is the user who authe nticates via ss=
h, and</font></div>
<div><font size=3D"2" face=3D"Verdana">you authenticate via&nb sp;=
nx to the proper session.&nbsp ;Go through the=
 steps in</font></div>
<div><font size=3D"2" face=3D"Verdana">the wiki again car efu=
lly and double check the  logs to see&nbs=
p;who you're</font></div>
<div><font size=3D"2" face=3D"Verdana">attempting to authentic ate=
 as. I'd bet you're tryin g to auth =
as your</font></div>
<div><font size=3D"2" face=3D"Verdana">user instead of as &nb=
sp;the nx user and since  the wiki states=
 that only the</font></div>
<div><font size=3D"2" face=3D"Verdana">nx user is authori zed=
 (via the AllowUsers nx s tatement) auth =
is</font></div>
<div><font size=3D"2" face=3D"Verdana">failing for that r eas=
on.</font></div>
<div><font size=3D"2" face=3D"Verdana"></font></div>
<div><font size=3D"2" face=3D"Verdana"></font></div>
<div><font size=3D"2" face=3D"Verdana">-- </font></div>
<div><font size=3D"2" face=3D"Verdana">During times of un ive=
rsal deceit, telling the truth  becomes a&nbsp=
;revolutionary act.</font></div>
<div><font size=3D"2" face=3D"Verdana">George Orwell</font></div>
<div><font size=3D"2" face=3D"Verdana">_________________________________ ___=
___________</font></div>
<div><font size=3D"2" face=3D"Verdana">CentOS mailing list</font>=
</div>
<div><font size=3D"2" face=3D"Verdana">CentOS@centos.org</font></div>
<div><font size=3D"2" face=3D"Verdana">http://lists.centos.org/mailman/list=
info/centos</font></div></div></font></div>
<div><font size=3D"3" face=3D"Times New Roman"></font> </div>
<div><font size=3D"3" face=3D"Times New Roman">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</font></div>
<div><font size=3D"3" face=3D"Times New Roman">My config as follows:</font>=
</div>
<div><font size=3D"3" face=3D"Times New Roman">1. config sshd config, I=20
add</font></div>
<div><pre><font face=3D"Times New Roman"><font size=3D"3">PasswordAuthentic=
ation no
<span id=3D"line-46" class=3D"anchor"></span> <font color=3D"#ff0000"> =
AllowUsers nx ---> nx is not an actual user in my system.=
</font></font></font></pre></div>
<div><font size=3D"3" face=3D"Times New Roman">2. add user, I config</=
font></div>
<div><font face=3D"Times New Roman"><font size=3D"3"> <font color=3D"#=
ff0000">nxserver --add user gaohu  <--- gaohu is a=20
common user on my system, and can connect via ssh with isa=20
key</font></font></font></div>
<div><font color=3D"#ff0000" size=3D"3" face=3D"Times New Roman"> &nbs=
p;             &=
nbsp;       &nb sp;   &nbs=
p;   =20
, (and password also works before I use ssh key to audit.)</font></div>
<div><font size=3D"3" face=3D"Times New Roman"></font> </div>
<div><font size=3D"3" face=3D"Times New Roman"> then re config sshd co=
nfig file,=20
set</font></div>
<div><font face=3D"Times New Roman"><font size=3D"3"> <em>AllowUsers=
nx=20
gaohu</em></font></font></div>
<div><em><font size=3D"3" face=3D"Times New Roman"></font></em> </div>
<div><font face=3D"Verdana"><font size=3D"3" face=3D"Times New Roman">&nbsp=
;one thing I=20
can not understand is sshd default use </font><pre><font size=3D"3" face=3D=
"Times New Roman">/home/myuser/.ssh/authorized_keys, file</font></pre><pre>=
<font size=3D"3" face=3D"Times New Roman">but nxserver generate the key at=

</font><pre> </pre><pre><font size=3D"3" face=3D"Times New Roman">/hom=
e/myuser/.ssh/authorized_keys2 file, should I do other settings</font></pre=
><pre><font size=3D"3" face=3D"Times New Roman">in sshd config file to supp=
ort this?</font></pre><pre><font size=3D"3" face=3D"Times New Roman"></font=
> </pre><pre><font size=3D"3" face=3D"Times New Roman">3.then I instal=
l the client and copy <strong>/</strong>etc/nxserver/client.id_dsa.key file=
content</font></pre><pre><font size=3D"3" face=3D"Times New Roman">to the=
key window.</font></pre><pre><font size=3D"3" face=3D"Times New Roman"></f=
ont> </pre><pre><font size=3D"3" face=3D"Times New Roman">That's all.<=
/font></pre><pre><font size=3D"3" face=3D"Times New Roman"></font> </p=
re><pre><font color=3D"#ff0000" size=3D"3" face=3D"Times New Roman">but whe=
n I run nxserver --test ? I just got permission denied ? why?</font></pre><=
pre> </pre><pre><font color=3D"#ff0000">following is my sshd_config fi=
le, Could any one help?</font></pre><pre> </pre><pre>=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</pre><pre> </pre><pre><div>#=
$OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 =
reyk Exp $</div><div></div><div># This is the&nbsp=
;sshd server system-wide configuration file. &nbsp=
;See</div><div># sshd_config(5) for more& nbsp;information.</=
div><div></div><div># This sshd was compi led with&=
nbsp;PATH=3D/usr/local/bin:/bin:/usr/bin</div><div></div><div># The&nb=
sp;strategy used for options i n the default&n=
bsp;sshd_config shipped with</div><div># OpenSSH is&nbs=
p;to specify options with thei r default value=
 where</div><div># possible, but leave&nbsp ;them c=
ommented.  Uncommented options&nbsp ;change a</div><div>=
# default value.</div><div></div><div>#Port 22</div><div>#Pr=
otocol 2,1</div><div>Protocol 2</div><div>#AddressFamily any=
</div><div>#ListenAddress 0.0.0.0</div><div>#ListenAddress ::</di=
v><div></div><div># HostKey for protocol&nbs p;version 1=
</div><div>#HostKey /etc/ssh/ssh_host_key</div><div># HostKeys&nb=
sp;for protocol version 2</div><div>#HostKey /etc/ssh/s=
sh_host_rsa_key</div><div>#HostKey /etc/ssh/ssh_host_dsa_key</div><div=
></div><div># Lifetime and size o f ephemeral =
version 1 server key</div><div>#KeyRegenerationInterval&nbsp=
;1h</div><div>#ServerKeyBits 768</div><div></div><div># Logging</=
div><div># obsoletes QuietMode and& nbsp;FascistLogging</div>=
<div>#SyslogFacility AUTH</div><div>SyslogFacility AUTHPRIV</div>=
<div>#LogLevel INFO</div><div></div><div># Authentication:</div><=
div></div><div>#LoginGraceTime 2m</div><div>#PermitRootLogin yes<=
/div><div>#StrictModes yes<div>#MaxAuthTries&n bsp;6</div><div></div><d=
iv>RSAAuthentication yes</div><div>PubkeyAuthentication yes</div>=
<div>AuthorizedKeysFile .ssh/authorized_keys </div><div></div><div>#&n=
bsp;For this to work you  will also need&=
nbsp;host keys in /etc/ssh/ssh_known_hosts</div><div>#Rhosts=
RSAAuthentication no</div><div># similar for protocol&n=
bsp;version 2</div><div>#HostbasedAuthentication no</div><div>#&n=
bsp;Change to yes if you  don't trust ~/.=
ssh/known_hosts for</div><div># RhostsRSAAuthentication and&=
nbsp;HostbasedAuthentication</div><div>#IgnoreUserKnownHosts no</div><=
div># Don't read the user's&nb sp;~/.rhosts and&nbs=
p;~/.shosts files</div><div>#IgnoreRhosts yes</div><div></div><di=
v># To disable tunneled clear& nbsp;text passwords,=
 change to no here!<div>#Passw ordAuthentication ye=
s</div><div>#PermitEmptyPasswords no</div><div>PasswordAuthentication&=
nbsp;no</div><div>      &nbsp ; AllowUser=
s nx gaohu</div><div></div><div># Change to no&nbs=
p;to disable s/key passwords</div><div>#ChallengeResponseAut=
hentication yes</div><div>ChallengeResponseAuthentication no</div=
><div></div><div># Kerberos options</div><div>#KerberosAuthentica=
tion no</div><div>#KerberosOrLocalPasswd yes</div><div>#KerberosT=
icketCleanup yes</div><div>#KerberosGetAFSToken no</div><div></di=
v><div># GSSAPI options</div><div>#GSSAPIAuthentication no</=
div><div>GSSAPIAuthentication yes</div><div>#GSSAPICleanupCredentials&=
nbsp;yes</div><div>GSSAPICleanupCredentials yes</div><div></div><div>#=
 Set this to 'yes' to&nbs p;enable PAM au=
thentication, account processing, & lt;
/DIV><div># and session processin g. If this&nb=
sp;is enabled, PAM authentication&n bsp;will </div><div>=
# be allowed through the  ChallengeResponseAuthenti=
cation mechanism. </div><div># Depending on your&n=
bsp;PAM configuration, this may&nbs p;bypass the se=
tting of </div><div># PasswordAuthentication, Permi tEmp=
tyPasswords, and </div><div># "PermitRootLogin without-=
password". If you just want&nb sp;the PAM acco=
unt and </div><div># session checks to r un&nb=
sp;without PAM authentication, then  enable this&nb=
sp;but set </div><div># ChallengeResponseAuthentication=3D no=
</div><div>#UsePAM no</div><div>UsePAM yes</div><div></div><div>#=
 Accept locale-related environment variables</div><div>=
AcceptEnv LANG&
nbsp;LC_CTYPE LC_NUMERIC LC_TIME LC _COLLATE LC_MONETAR=
Y LC_MESSAGES </div><div>AcceptEnv LC_PAPER LC_NAME&nbs=
p;LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT  </div><div>AcceptEn=
v LC_IDENTIFICATION LC_ALL</div><div>#AllowTcpForwarding yes=
</div><div>#GatewayPorts no</div><div>#X11Forwarding no</div><div=
>X11Forwarding yes</div><div>#X11DisplayOffset 10</div><div>#X11U=
seLocalhost yes</div><div>#PrintMotd yes</div><div>#PrintLastLog&=
nbsp;yes</div><div>#TCPKeepAlive yes</div><div>#UseLogin no</div>=
<div>#UsePrivilegeSeparation yes</div><div>#PermitUserEnvironment&nbsp=
;no</div><div>#Compression delayed</div><div>#ClientAliveInterval&nbsp=
;0</div><div>#ClientAliveCountMax 3</div><div>#ShowPatchLevel no<=
/div><div>#UseDNS yes</div><div>#PidFile /var/run/sshd.pid</div><=
div>#MaxStartups 10</div><div>#PermitTunnel no</div><div>#ChrootD=
irectory n
one</div><div></div><div># no default banner p ath</div=
><div>#Banner /some/path</div><div></div><div># override def=
ault of no subsystems</div><div>Subsystem sftp /usr/libexec/=
openssh/sftp-server</div></div></div></div></pre><pre> </pre><pre>=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D</pre><pre> </pre></pre></font></div></font></div=
></font>
</span>

--Alternative__boundary__1286963145222--

--===============1139567494==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

--===============1139567494==--

10-13-2010, 09:55 AM

> ok, this actually needs to be (bizarre hack!):
>
> env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib -R/usr/sfw/lib/64" emerge --oneshot --nodeps binutils

It makes sense, but couldn't you simply write this order of LDFLAGS to
make.defaults?

Al

--
Caution crosser: *Runnig Gentoo/Prefix on Cygwin/Vista.
All stupid questions are related to that context.

10-13-2010, 10:40 AM

On 13-10-2010 11:55:00 +0200, Al wrote:
> > ok, this actually needs to be (bizarre hack!):
> >
> > env LDFLAGS="-L$EPREFIX/usr/lib -R$EPREFIX/usr/lib -L$EPREFIX/lib -R$EPREFIX/lib -R/usr/sfw/lib/64" emerge --oneshot --nodeps binutils
>
> It makes sense, but couldn't you simply write this order of LDFLAGS to
> make.defaults?

then the rest fails to compile

--
Fabian Groffen
Gentoo on a different level