F9: Various /var/log/messages errors....
Todd Denniston
Todd.Denniston at ssa.crane.navy.mil
Fri Jul 11 13:35:16 UTC 2008
Dan Thurman wrote, On 07/10/2008 07:51 PM:
> Todd Denniston wrote:
>>
>> Dan Thurman wrote, On 07/10/2008 10:45 AM
>> > Ha. No, no, not a knacker HD. It's a brand new SATA 750GB HD. I am
>> > installing
>> > "everything" for fun and then backtracking out any conflicts. What I
>> > found is very
>> > interesting - LOTS of pitfalls and traps. Sorta like wading into a
>> > dungeon and dragons
>> > game. (Remember that old text-based-only game?)
>> >
>>
>> Have you picked _one_ of rsyslog|ntsyslog and `rpm -e theOtherOne`?
>> several daemons did not seem to work right at all until we did.
>>
> I picked rsyslog. You mean syslog-ng? I ran into that trap
> a long time ago. That's one of `em!
>>
>> and as for the ifd handlers for pcsc, you only want to have ccid and
>> the one
>> that someone put as a dependency of pcscd. cyberjack seems to hyjack
>> the ifd
>> connections until pcscd has no chance of working.
>>
> Hm. I have all of pcsc selected and I also have ccid selected.
> Can you explain what I need to disable/choose between the
> two? I attempted to remove all `smart card' programs until
> I realized how entrenched it seems - yum wants to remove
> alot of files I did not want removed so I left it alone. There
> is one related to ifd and that is ifd-egate and I do not have
> that selected.
>>
for some reason they made the pcsc rpm depend on ifd-egate even though it is
for ONE type of reader only, CCID controls a lot of readers and I dare say
MOST recent readers. All the other ifd packages (other than egate and CCID)
should be removed (not installed) if you don't know you need them, I have seen
instances of pcscd taking 100% cpu with some of the others [cyberjack]
installed but unused.
as far as why smart card is entrenched... well certain organizations and
companies are REQUIRING PKI keys on self destroying/locking media for security
reasons, because having only one thing that a user knows (password) between
the bad guys and your data just is NOT good enough any more.
<SNIP>
>>
>> an `rpm -verify` on the package system-config-services comes in and
>> any it
>> depends on may be in order.
>>
> ok, tried it and rpm returns nothing. Must be ok.
>
Most likely, but sanity checks are most times a good thing to do when you know
you are operating in the box wall or on the other side of it, and things seem
a bit strange. :)
--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter
More information about the users
mailing list