W2k3 Auth failed with KRB5KDC_ERR_ETYPE_NOSUPP when using DES

Similar Messages

• Jvm startup fails with error when using large -Xmx value

  I'm running JDK 1.6.0_02-b05 on RHEL5 server. I'm getting error when starting the JVM with large -Xmx value. The host has ample memory to succeed yet it fails. I see this error when I'm starting tomcat with a bunch of options but found that it can be easily reproduced by starting the JVM with -Xmx2048M and -version. So it's this boiled down test case that I've been examining more closely.
  host% free -mt
  total used free shared buffers cached
  Mem: 6084 3084 3000 0 184 1531
  -/+ buffers/cache: 1368 4716
  Swap: 6143 0 6143
  Total: 12228 3084 9144
  Free reveals the host has 6 GB of RAM, approximately half is available. Swap is totally free meaning I should have access to about 9 GB of memory at this point.
  host% java -version
  java version "1.6.0_02"
  Java(TM) SE Runtime Environment (build 1.6.0_02-b05)
  Java HotSpot(TM) Server VM (build 1.6.0_02-b05, mixed mode)
  java -version succeeds
  host% java -Xmx2048M -version
  Error occurred during initialization of VM
  Could not reserve enough space for object heap
  Could not create the Java virtual machine.
  java -Xmx2048M -version fails. Trace of this reveals mmap call fails.
  mmap2(NULL, 2214592512, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = -1 ENOMEM (Cannot allocate memory)
  Any ideas?

  These are the relevant java options we are using:
  -server -XX:-OmitStackTraceInFastThrow -XX:+PrintClassHistogram -XX:+UseLargePages -Xms6g -Xmx6g -XX:NewSize=256m -XX:MaxNewSize=256m -XX:PermSize=128m -XX:MaxPermSize=192m -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled -XX:+CMSPermGenSweepingEnabled -XX:+ExplicitGCInvokesConcurrent -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.awt.headless=true
  This is a web application that is very dynamic and uses lots of database calls to build pages. We use a large clustered cache to reduce trips to the database. So being able to acces lots of memory is important to our application.
  I'll explain some of the more uncommon options:
  We use the Concurrent Garbage collector to reduce stop the world GC's. Here are the CMS options:
  -XX:+UseConcMarkSweepGC
  -XX:+CMSClassUnloadingEnabled
  -XX:+CMSPermGenSweepingEnabled An explicit coded GC invokes the Concurrent GC instead of the stop the world GC.
  -XX:+ExplicitGCInvokesConcurrentThe default PermSizes where not large enough for our application. So we increased them.
  -XX:PermSize=128m
  -XX:MaxPermSize=192mWe had some exceptions that were omitting their stack traces. This options fixes that problem:
  -XX:-OmitStackTraceInFastThrowWe approximate between 10% to 20% performance improvement with Large Page support. This is an advance feature.
  -XX:+UseLargePagesUseLargePages requires OS level configuration as well. In SUSE10 we configured the OS's hugepages by executing
  echo "vm.nr_hugepages = 3172" >> /etc/sysctl.confand then rebooting. kernel.shmmax may also need to be modified. If you use Large Page be sure to google for complete instructions.
  When we transitioned to 64bit we transitioned from much slower systems having 4GB of ram to much faster machines with 8GB of ram, so I can't answer the question of degraded performance, however with our application, the bigger our cache the better our performance, so if 64bit is slower we more than make up for it being able to access more memory. I bet the performance difference depends on the applications. You should do your own profiling.
  You can run both the 32bit version and the 64bit version on most 64bit OSes. So if there is a significant difference run the version you need for the application. For example if you need the memory use the 64bit version if you don't then use the 32bit version.

• When attempting to use Lightroom external editor program to edit a photo in Photoshop Elements 10, the photo does not open / appear on photoshop elements screen.  I don't have any problem with this when using Photoshop Elements 6 or Photoshop CS.  I'm usi

  When attempting to use Lightroom external editor program to edit a photo in Photoshop Elements 10, the photo does not open / appear on photoshop elements screen.  I don't have any problem with this when using Photoshop Elements 6 or Photoshop CS.  I'm using a Mac with Mountain Lion OS.  Any solutions?

  Adobe now hides the editor - what looks like it is not - you want the editor hidden in the support folder - see http://forums.adobe.com/message/3955558#3955558 for details
  LN

• Problem with SDO_relate when using polygons with holes.

  I'm having a problem with sdo_relate. I'm trying to extract all elements from a point table (bdtq_batim_p) that are inside a specific polygon from another table (SDA_MUNIC_SS). The spatial index for both table have been rebuilt and the data from both table is valid.
  When I do a count on the query, I know the answer should be 1422 elements (Counted in ArcGIS). However, sdo_relate gives a smaller number of elements in the result set.
  The query :
  SELECT count(distinct t.identifiant) FROM bdtq_batim_p t, SDA_MUNIC_SS s WHERE s.mus_co_geo = '48015' and sdo_relate( t.SHAPE,s.SHAPE,'mask=anyinteract querytype=window') = 'TRUE'
  returns 282 elements. The query with mask=inside, SDO_Anyinteract() and SDO_inside() all give the same result.
  I did a test with the following query and the result is 1422 (which is the good result).
  SELECT count(distinct t.identifiant) FROM bdtq_batim_p t, SDA_MUNIC_SS s WHERE s.mus_co_geo = '48015' and SDO_WITHIN_DISTANCE( t.SHAPE,s.SHAPE,'distance=0') = 'TRUE';
  It's important to note that the polygone (from SDA_MUNIC_SS) that is used for this query have holes in it. I have the same problem with all the polygons from the SDA_MUNIC_SS table that have holes in it. For the polygon without holes, the results are the same for the 2 queries.
  My question are :
  Why are the result from the two queries different? A query with a buffer of 0 should always return the same result as a query with Anyinteract.
  Is there a known problem with SDO_RELATE when using a polygon with holes in it?
  Do you have any idea how to solve my problem.

  Since i don't have much control on the version of Oracle and Patches that we use in the system, we used a workaround that detects the polygons with holes and uses the SDO_WITHIN_DISTANCE( t.SHAPE,s.SHAPE,'distance=0') = 'TRUE' operator in those case. We saw a slight decline in performance but it now returns the right results. When the system will be patched, we'll come back to the original version and see if the problem is solved.

• CS 4 Dynamic Link to Encore doesn't work most of the time.  Encore stops operating after opening and periodically Premier Pro stops working.  I'm told that there has been a problem with CS4 when using Dynamic Link to go to Encore and build CD's.  Is there

  CS 4 Dynamic Link to Encore doesn't work most of the time.  Encore stops operating after opening and periodically Premier Pro stops working.  I'm told that there has been a problem with CS4 when using Dynamic Link to go to Encore and build CD's.  Is there a way around this?  Is there a patch to correct it?

  To build CD's???
  What problem does Encore have with DL?
  If DL is not working properly for you the way around this is to export from Premiere to either mpeg2-dvd for DVD or BluRay H.264 for BD-disks and import the files in Encore.

• E5-00 fails to deblock when used with paired bluet...

  When using the E5 with the Toyota bluetooth carkit, it fails to deblock itself. Answering calls is not a problem as the E5 auto-deblocks upon receiving a call, but dailing via the carkit does not lift the block. As a result, I must first deblock it manually by entering the deblocking code which only solves the problem for a few minutes. Disabling auto-deblocking is not an option, as it would make the data on the phone vulnerable in case the phone would be lost/stolen. (This is about the code-block and not about the unprotected keypad block.) I have succesfully used HTC's and older Nokia's on the same carkit without this problem arising and my E5 software is up to date. Does anyone know how to arrange an auto-deblock when a bluetooth-paired device is being used like a carkit? Thanks!  

  Maybe a silly question, but is the Toyota car kit set as authorised ?
  If I have helped at all, a click on the White Star is always appreciated :
  you can also help others by marking 'accept as solution' 

• Crystal 2011 getting Logon failed IM004 error when using ODBC (RDO)

  I just installed Crystal Reports 2011 on Windows 7 Ultimate SP1.  Sporadically, but way too often (I would estimate about 60% of the time), when I go to set up an ODBC (RDO) connection or refresh an existing report and enter the password, I get the following error:
  Logon failed.
  Details: IM004:[Microsoft][ODBC Driver Manager] Driver's SQLAllocHandle on SQL_Handle_ENV failed
  Other times, it just works, with no changed made.  It seems to work slightly more often when using the SQL Server driver (the one for SQL 2000) as opposed to the SQL Native Client or SQL Server Native Client 10.0 drivers.  But not often enough for that to be the solution.
  I have tested this with a locally installed SQL Server (on the same machine as Crystal Reports) and remote SQL Servers, with SQL 2000, 2005 and 2008.  Same results.
  I have Crystal Reports 2008 installed on the same machine and have not once had this problem.  I have tried using the same ODBC connections I already had from Crystal 2008 with Crystal 2011 and also to create new ones, same results either way.
  Is this a known issue, or is there a switch/setting I need to change to make this work consistently?  I am especially puzzled by the fact that it seems random, I have not been able to find any pattern at all.

  Hi Victoria,
  MS SQL Server 2008 has a client install now, the MDAC/WDAC doesn't install it as MS used to do with all of their OS's. CR also had to update the use of SQL Server 2008 to include the SQLNCLI10 client engine.
  I suggest, if you have not already, install the Native 10 client from either the SQL Server CD or you can download the MSI from MS's site and only use the Native 10 driver.
  MS kind of dropped ODBC and moved to OLE DB. The native client actually uses the OLE DB driver so using ODBC just puts another layer on top of OLE DB anyways. It's more convenient to use ODBC for deploying applications but it can affect performance.
  Anyways, as noted, CR 2011 is still in Ramp up mode so this issue may have been tracked. If not though you can purchase a support case, if it's a bug then you'll get a refund, if it's a limitation in MS then no refund.
  There is [SP 1 for CR 2011|https://smpdl.sap-ag.de/~sapidp/012002523100007683092011E/cr2011sp1.exe] - http://service.sap.com/sap/bc/bsp/spn/bobj_download/main.htm
  Seems to be a problem with that page right now so try again later... and apply SP 1 or wait until it goes GA and test again. If it's still an issue then you can log a case.
  Firefox just got updated and it's failing, IE works though...
  Thanks again
  Don
  Edited by: Don Williams on Jun 22, 2011 8:51 AM

• Preparation failed in trex when using standard Who's who iview

  Hi,
  I have encountered a problem with the standard Who's who iview, which makes a simple search in the ume impossible.
  All users "preparation fails" with the following error from Trex monitor > Display queue entries:
  Document ID: /ume/users/USER.PRIVATE_DATASOURCE.un%3Ar5mas.usr, Return Code: 16040, Return Message: SSL: rc=-40 pse_error, Document Status: Prepration failed, Action: Index, Retry Count: 3.
  I'm working on Netweaver '04, stack 9, installed from rapid installer.
  Any help is greatly appreciated.
  Regards,
  Martin
  Message was edited by: Martin Søgaard

  Just in case anyone happens to stumble across this thread via search, the error 16040 means that your user doesn't have permission to read the PSE it's trying to open. You'll get errors like this in one of your trace files:
  [Thr 1224] =================================================
  [Thr 1224] = SSL Initialization  on  PC with Windows NT
  [Thr 1224] =   (710_REL,Jul 15 2010,mt,ascii,SAP_UC/size_t/void* = 8/64/64)
  [Thr 1224] =   found SAPCRYPTOLIB  5.5.5C pl36  (Jul  3 2013) MT,[aesni],NB
  [Thr 1224] =   current UserID: SAPDOMAIN\SAPServiceSID
  [Thr 1224] =   found SECUDIR environment variable
  [Thr 1224] =   using SECUDIR=E:\usr\sap\SID\TRX00\sec
  [Thr 1224] *** ERROR =>   secudessl_Create_SSL_CTX():  PSE "SAPSSLS.pse" not found! [ssslsecu.c   1354]
  [Thr 1224] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
  [Thr 1224]   secude_error 1281 (0x00000501) = "open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned"
  [Thr 1224] >> ---------- Begin of Secude-SSL Errorstack ---------- >>
  [Thr 1224] ERROR in SSL_CTX_set_default_pse_by_name: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in ssl_set_pse: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in af_open: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in secsw_open: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in secsw_open_pse_or_extension: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in sec_get_PSEtype: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in aux_read_PSEFile: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] ERROR in aux_file2OctetString: (1281/0x0501) open("E:\usr\sap\SID\TRX00\sec\SAPSSLS.pse") returned : "Permission denied"
  [Thr 1224] << ---------- End of Secude-SSL Errorstack ----------
  [Thr 1224] *** ERROR => SapISSLAddCredential(): Error SSSLERR_PSE_ERROR trying to create SERVER Credential
          for "SAPSSLS.pse" [ssslxxi.c    2278]
  [Thr 1224] *** ERROR => Initialization of SSL library failed -- NO SSL available!
  [Thr 1224] =================================================

• Problems with keywords when using 2 directories.

  Pardon my french, I'm Norwegian...  ;-)
  I have LR3.6 and have a folder structure I'm pleased with, I also use keywords on the images.
  I want one directory with B/W and one in color, in order to work in a directory where only B/W images appear. I think it's easier to see the images that work in B/W this way...
  I have copied the LRCAT file into a new folder. When I open LR I choose the directory to be loaded, B/W or Color. This works OK. When importing new pictures I copy images into the desired directory (eg. Colors?) with the Default Develop settings. When I use the B/W directory I sync the Color directory with the B/W Default Develop settings.
  I've imported the same Keyword list in both directories, but the problem is that the keywords are not included on the pictures when I sync. The images have the same filename so it should be possible to retrieve / sync keywords as well?
  Is there anyone out there who can help me, either with another solution where I do not need 2 directories or how I can import keywords to the other directory?

  My Lords, Kings and Gurus!
  dj_paige and johnbeardy:  I'm impressed with your quick and accurate response and I'm grateful for all the help. I hope I have not offended anyone here. In our local photoclub we have one guy that is almost as good as you guys. I don't know him but I think his name is Scott Kel... or somthing like that....  
  Have a nice day!

• Problems with COLOUR when using "save as".

  Running on Mac, get dulled out and purple colour tone when using "Save As".  When using "Save for Web.." colours are OK.  Colour profiles and images coming into Raw are set as sRGB. Can anyone help??   I do have to convert to 8 bit to save as JPG.  Any help appreciated.

  The Print version is what a ProPhoto file looks like when viewed as if it was sRGB - i.e. in a non-color managed application. So there's still a ProPhoto profile here.
  Here you can see how the colors shift by going between sRGB and ProPhoto (using assign and/or convert). Your original is in the middle. You can see it's the very same color shift:
  If you convert to sRGB and you still get the same outcome, which you shouldn't, maybe the preferences are corrupt. Or maybe user error and you still have ProPhoto embedded.

• Reports6i reports fail to run when used with parameters

  Hi there,
  I have successfully got reports 6i integrated with Portal. I can expose a report into a content area and run it as type HTMLCSS etc.
  However, when I change the report component to use the parameters it all goes wrong. I have added the user parameters in my report in the portal report definition 'edit' settings and made them visible via the customize option. I have then edited the properties for the item in the content area and turned on the parameter form.
  When I click on the item to run the report the parameter screen is displayed (with unfriendly P_PARAM_1 style titles which I would also like to change) and I enter the values and run the report. It bombs out with:
  Oracle Reports Server CGI - Report Job has terminated with error.
  Reports Server Replies:
  REP-0248: Security check failed
  Error sequence number is: 17
  Error code30005 - Cannot access the output format:HTML
  In package:wwv_rw_usr function:security_check
  Command line is: server=Rep60_quay-street15 report=glf001aaaaa.rep destype=Cache desformat=HTML rundate="15-FEB-02 02:02:22" P_ACC_FROM="04202" P_ACC_TO="04202" P_COMPANY="Total" P_COST_CENTR="Total" P_EMPLOYEE="Total" P_END_ATTR_VAL="ZZ" P_PERIOD="DEC-01" P_PROGRAM="Total" P_REPORT_TYPE="Account Owner" P_SPARE="Total" P_START_ATTR_VAL="0" WEBDBVERSION="3" WWVRW_LOG_ID_="1" WWVRW_STIME_="-1701052885" SESSION_ID="993046001106" USERID="crystal@offm11"
  Executed on:02/15/02 02:02:22
  The parameter form in Reports works fine. Do I need to change anything for web based parameter forms?
  Any ideas?
  John

  Ok, got it working by ensuring that I have displayed the DESFORMAT to the parameter screen. Weird! Must you always display System Parameters?
  I would still like to change the parameter titles on the parameter screen. Can this be done?

• Cisco ACS 5.1 802.1x auth fails on LAN when WLAN connected

  I am running Cisco ACS 5.1 802.1x with certificate based authentication for Wired and Wireless connections. The issue that I am having is that when a user comes in from home with their laptop the wireless connection works, they pass the authentication and have network access fine. But when the plug the laptop into a docking station the LAN connection fails and gets put in the Auth Failure Vlan. 
  A reboot of the phone/ shut/no shut fixes this, but I really need to find a resolution
  This is an intermittent fault and only effects users with both LAN and WLAN enabled.
  Running ACS 5.1.0.44, all Cisco 3750s - c3750-ipservicesk9-mz.122-55.SE.
  Certificates are issues by group policy and only using computer authentication.
  any help would be greatly appreciated
  Thanks

  After a long TAC case with Cisco we discovered that the Mitel phone was not sending the EAPoL-Logoff packet so the switch still thought that the device off the back of the phone was connected.
  There are no EAPoL-Logoff messages seen on switch when laptop is disconnected/port is shut down.
  http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/TrustSec_1.99/Dot1X_Deployment/Dot1x_Dep_Guide.html#wp386903
  This feature is supported by most IP phones -  I do not know if Mitel phones support that but we cannot see this message in the debugs you sent.
  As a workaround we can configure inactivity timer (by default it is infinity):
  http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_55_se/commmand/reference/cli1.html#wp11888691
  This did resolve all our issues,
  Aaron

• WLC Web-auth fail with external RADIUS server

  I follow step by step the link bellow to configure web-auth with external RADIUS server but I receive a error on console debug of the WLC "Returning AAA Error No Server (-7) for mobile"
  My Radius Server is fine, because I can authenticate on WLC Web page with RADIUS user.
  WLC 4402 version 4.1.171.0
  http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a0080706f5f.html

  Hi,
  I am having some issues when I try to authenticate an AD account against a NAP Radius Server on Windows 2008.
  In fact, I own a WLC 2106 and I configured it to authenticate users againts a radius Server with Active Directory. I set the Web Radius Authentication to CHAP on the controller tab from the WLC 2106 and i am getting the error below  
  : Authentication failed for gcasanova. When I set the controller to  Web Radius Authentication to PAP, everything is working fine. I am able to connect to through the controller using an AD Account. But my purpose is not use PAP which is an unsecure protocol since password are sent as plaintext on the network.
  Can someone tell me what's wrong?
  *radiusTransportThread: Oct 26 11:02:13.975:    proxyState......................                                                                                                 .............00:24:D7:40:E5:00-00:00
  *radiusTransportThread: Oct 26 11:02:13.975:    Packet contains 0 AVPs:
  *emWeb: Oct 26 11:02:13.977: Authentication failed for gcasanova
  *aaaQueueReader: Oct 26 11:02:29.985: AuthenticationRequest: 0xb6564634
  *aaaQueueReader: Oct 26 11:02:29.985:   Callback.....................................0x8576720
  *aaaQueueReader: Oct 26 11:02:29.985:   protocolType.................................0x00000001
  *aaaQueueReader: Oct 26 11:02:29.985:   proxyState...................................00:24:D7:40:E5:00-00:00
  *aaaQueueReader: Oct 26 11:02:29.986:   Packet contains 11 AVPs (not shown)
  *aaaQueueReader: Oct 26 11:02:29.986: apfVapRadiusInfoGet: WLAN(4) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
  *aaaQueueReader: Oct 26 11:02:29.986: 00:24:d7:40:e5:00 Successful transmission of Authentication Packet (id 86) to 10.2.0.15:1812, proxy state 00:24:d7:40:e5:00-00:00
  *aaaQueueReader: Oct 26 11:02:29.987: 00000000: 01 56 00 9a 8e 48 e7 20  1d ef be 29 e6 3a 61 6d  .V...H.....).:am
  *aaaQueueReader: Oct 26 11:02:29.987: 00000010: 2b de 07 24 01 0b 67 63  61 73 61 6e 6f 76 61 3c  +..$..gcasanova<
  *aaaQueueReader: Oct 26 11:02:29.987: 00000020: 12 3c ce a0 87 ac df 7a  a5 35 af 7c ef 83 c7 58  .<.....z.5.|...X
  *aaaQueueReader: Oct 26 11:02:29.987: 00000030: ed 03 13 28 a7 5a 0d 26  6d ab 49 ea da 7c 5a 8e  ...(.Z.&m.I..|Z.
  *aaaQueueReader: Oct 26 11:02:29.987: 00000040: 1d 94 70 69 06 06 00 00  00 01 04 06 0a 02 00 06  ..pi............
  *aaaQueueReader: Oct 26 11:02:29.987: 00000050: 05 06 00 00 00 01 20 0a  50 41 52 2d 57 4c 43 31  ........PAR-WLC1
  *aaaQueueReader: Oct 26 11:02:29.987: 00000060: 3d 06 00 00 00 13 1a 0c  00 00 37 63 01 06 00 00  =.........7c....
  *aaaQueueReader: Oct 26 11:02:29.988: 00000070: 00 04 1f 0c 31 30 2e 32  2e 30 2e 31 35 36 1e 0a  ....10.2.0.156..
  *aaaQueueReader: Oct 26 11:02:29.988: 00000080: 31 30 2e 32 2e 30 2e 36  50 12 7f 86 5a c5 61 ad  10.2.0.6P...Z.a.
  *aaaQueueReader: Oct 26 11:02:29.988: 00000090: af 54 fa fa 42 e7 f6 16  9e 10                    .T..B.....
  *radiusTransportThread: Oct 26 11:02:29.988: 00000000: 03 56 00 14 a9 10 07 84  83 00 87 83 b9 10 64 e1  .V............d.
  *radiusTransportThread: Oct 26 11:02:29.988: 00000010: 66 b3 c5 5e                                       f..^
  *radiusTransportThread: Oct 26 11:02:29.988: ****Enter processIncomingMessages: response code=3
  *radiusTransportThread: Oct 26 11:02:29.988: ****Enter processRadiusResponse: response code=3
  *radiusTransportThread: Oct 26 11:02:29.988: 00:24:d7:40:e5:00 Access-Reject received from RADIUS server 10.2.0.15 for mobile 00:24:d7:40:e5:00 receiveId = 0
  *radiusTransportThread: Oct 26 11:02:29.989: 00:24:d7:40:e5:00 Returning AAA Error 'Authentication Failed' (-4) for mobile 00:24:d7:40:e5:00
  *radiusTransportThread: Oct 26 11:02:29.989: AuthorizationResponse: 0xb97fe774
  *radiusTransportThread: Oct 26 11:02:29.989:    structureSize................................32
  *radiusTransportThread: Oct 26 11:02:29.989:    resultCode...................................-4
  *radiusTransportThread: Oct 26 11:02:29.989:    protocolUsed.................................0xffffffff
  *radiusTransportThread: Oct 26 11:02:29.989:    proxyState...................................00:24:D7:40:E5:00-00:00
  *radiusTransportThread: Oct 26 11:02:29.989:    Packet contains 0 AVPs:

• Cannot connect to the Internet with browser when using VPN

  I am experiencing an odd network problem and am hoping that someone on this list has seen something similar and can help me isolate the cause.
  I have a Mac Pro running Mac OS X (10.5.8) and use Cisco's VPNClient to connect to my employer's network. Some time in the last year I started getting this odd behavior wherein that while connected via VPN, I cannot open external web pages in Safari (Version 5.0 (5533.16)). When this happens I get the following message:
  +Safari can't open the page "http://www.google.com/" because your computer isn't connected to the Internet.+
  Web pages on the company's internal network work fine. Firefox exhibits the same problem. However, the very odd thing (to me), is that I can get to the Internet using the browser in NetNewsWire. Other services (like twitter) also seem to work fine.
  The problem is intermittent and occurs between restarts. After some restarts the problem is not there. Also, connecting and re-connecting via VPNClient does not affect the behavior. If access to the Internet is working then it will continue working, at least until the next restart. If I restart for whatever reason (software update, etc.) the next time it may or may not work.
  This has been going on over several updates to Mac OS X and Safari.
  Another clue is that my MacBook, also running 10.5.8 works fine when connected from the same home network so I am pretty sure the problem is with my Mac Pro.
  Anyone out there have any idea what could be causing this and how to go about fixing the problem?
  Thanks in advance,
  KP

  Earthlink can be challenging. Have a look at this
  very helpful post from Eme.
  This may lead you in the right direction.
  World leaks relates to memory issues with Safari that
  are on-going and being addressed in the developer's
  community. More information can be found
  here.. To
  stop the warning message, go to your Debug menu and
  deselect "always check for world leaks".
  iMac G5 Rev C 20" 2.5gb RAM 250 gb
  HD/iBook G4 1.33 ghz 1.5gb RAM 40 gb HD Mac
  OS X (10.4.8) LaCie 160gb d2 HD Canon i960
  printer
  I couldn't fix it, and the Earthlink technician couldn't fix it...until she checked and found that the starting address: "www.my.earthlink.net" is down. In fact, it's still down, so I'll just continue using Foxfire for awhile. I can connect by typing "www.earthlink.net" in the addres bar, but it's so much easier to just click on Foxfire in my dock. This shows the value of having a spare browser.
  I'm going to mark it "solved. Thanks for your help, It was a bit technical for me, but I tried. I had to, having just sent an article about the value of persistence to a friend, how could I fail to persevere?

• Devtools update causes problems with sudo when used in a script?

  I'm a little confused by this one, but I'm not convinced that it's a bug.. yet.
  Long story short, I compile packages using the ABS via a script/wrapper which uses devtools. The script is available here: https://github.com/WorMzy/compilepackage
  Now, this script is far from perfect, but has worked perfectly well (in various states of completeness) for the past year or so. However, with the recent update of devtools (20120720-1 => 20121013-1), my script fails to execute correctly. After entering the password when prompted (by sudo, at this line: https://github.com/WorMzy/compilepackag … tions#L107), the script terminates unexpectedly.
  Downgrading devtools "fixes" this problem, but I'm not sure if this is a bug in devtools, sudo, zsh, my script, or something else.
  Here is the full output from the compilation of "arch-install-scripts":
  build@sakura[pts/10]:~/builds/devtools$ . ~/.scripts/compilepackage arch-install-scripts
  ==> Downloading sources
  ==> arch-install-scripts directory already exist. Replace ? [Y/n]
  ==> Download arch-install-scripts sources
  receiving file list ... done
  sent 28 bytes received 70 bytes 39.20 bytes/sec
  total size is 656 speedup is 6.69
  :: Synchronizing package databases...
  core is up to date
  extra is up to date
  community is up to date
  :: Starting full system upgrade...
  there is nothing to do
  ==> Building in chroot for [extra] (x86_64)...
  ==> Creating clean working copy...done
  ==> Making package: arch-install-scripts 8-1 (Fri Oct 19 23:45:52 BST 2012)
  ==> Checking runtime dependencies...
  ==> Checking buildtime dependencies...
  ==> Retrieving Sources...
  -> Found arch-install-scripts-8.tar.gz
  -> Found arch-install-scripts-8.tar.gz.sig
  ==> Validating source files with md5sums...
  arch-install-scripts-8.tar.gz ... Passed
  arch-install-scripts-8.tar.gz.sig ... Passed
  ==> Verifying source file signatures with gpg...
  arch-install-scripts-8.tar.gz ... FAILED (unknown public key 1EB2638FF56C0C53)
  ==> WARNING: Warnings have occurred while verifying the signatures.
  Please make sure you really trust them.
  ==> Extracting Sources...
  -> Extracting arch-install-scripts-8.tar.gz with bsdtar
  ==> Starting build()...
  make: Entering directory `/build/src/arch-install-scripts-8'
  GEN arch-chroot
  GEN genfstab
  GEN pacstrap
  make: Leaving directory `/build/src/arch-install-scripts-8'
  ==> Entering fakeroot environment...
  ==> Starting package()...
  make: Entering directory `/build/src/arch-install-scripts-8'
  install -dm755 /build/pkg/usr/bin
  install -m755 arch-chroot genfstab pacstrap /build/pkg/usr/bin
  install -Dm644 zsh-completion /build/pkg/usr/share/zsh/site-functions/_archinstallscripts
  make: Leaving directory `/build/src/arch-install-scripts-8'
  ==> Tidying install...
  -> Purging unwanted files...
  -> Compressing man and info pages...
  -> Stripping unneeded symbols from binaries and libraries...
  ==> Creating package...
  -> Generating .PKGINFO file...
  -> Compressing package...
  ==> Leaving fakeroot environment.
  ==> Finished making: arch-install-scripts 8-1 (Fri Oct 19 23:45:54 BST 2012)
  ==> Installing package arch-install-scripts with pacman -U...
  loading packages...
  resolving dependencies...
  looking for inter-conflicts...
  Targets (1): arch-install-scripts-8-1
  Total Installed Size: 0.03 MiB
  Proceed with installation? [Y/n]
  (1/1) checking package integrity [######################################################################] 100%
  (1/1) loading package files [######################################################################] 100%
  (1/1) checking for file conflicts [######################################################################] 100%
  (1/1) installing arch-install-scripts [######################################################################] 100%
  resolving dependencies...
  looking for inter-conflicts...
  Targets (5): elfutils-0.155-1 pyalpm-0.5.3-2 python-3.3.0-1 python-pyelftools-0.20-2 namcap-3.2.4-2
  Total Installed Size: 99.58 MiB
  Proceed with installation? [Y/n]
  (5/5) checking package integrity [######################################################################] 100%
  (5/5) loading package files [######################################################################] 100%
  (5/5) checking for file conflicts [######################################################################] 100%
  (1/5) installing python [######################################################################] 100%
  Optional dependencies for python
  tk: for tkinter
  sqlite
  (2/5) installing pyalpm [######################################################################] 100%
  (3/5) installing elfutils [######################################################################] 100%
  (4/5) installing python-pyelftools [######################################################################] 100%
  (5/5) installing namcap [######################################################################] 100%
  Checking PKGBUILD
  Checking arch-install-scripts-8-1-any.pkg.tar.xz
  arch-install-scripts W: Dependency bash included but already satisfied
  arch-install-scripts W: Dependency included and not needed ('coreutils')
  arch-install-scripts W: Dependency included and not needed ('pacman')
  arch-install-scripts W: Dependency included and not needed ('util-linux')
  ==> Compilation complete, installing...
  Password:
  loading packages...
  warning: arch-install-scripts-8-1 is up to date -- reinstalling
  resolving dependencies...
  looking for inter-conflicts...
  Targets (1): arch-install-scripts-8-1
  Total Installed Size: 0.03 MiB
  Net Upgrade Size: 0.00 MiB
  Proceed with installation? [Y/n] % build@sakura[pts/10]:~/builds/arch-install-scripts$
  That "%" is inverted, just like what you get when you run
  echo -n "text"
  in zsh. Incidentally, here is my .zshrc: https://github.com/WorMzy/Config-files/ … ter/.zshrc, however, the problem persists with a new user with an unconfigured zsh.
  Here is my sudoers too:
  ## sudoers file.
  ## This file MUST be edited with the 'visudo' command as root.
  ## Failure to use 'visudo' may result in syntax or file permission errors
  ## that prevent sudo from running.
  ## See the sudoers man page for the details on how to write a sudoers file.
  ## Host alias specification
  ## Groups of machines. These may include host names (optionally with wildcards),
  ## IP addresses, network numbers or netgroups.
  # Host_Alias WEBSERVERS = www1, www2, www3
  ## User alias specification
  ## Groups of users. These may consist of user names, uids, Unix groups,
  ## or netgroups.
  # User_Alias ADMINS = millert, dowdy, mikef
  ## Cmnd alias specification
  ## Groups of commands. Often used to group related commands together.
  # Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
  # /usr/bin/pkill, /usr/bin/top
  ## Defaults specification
  ## You may wish to keep some of the following environment variables
  ## when running commands via sudo.
  ## Locale settings
  # Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
  ## Run X applications through sudo; HOME is used to find the
  ## .Xauthority file. Note that other programs use HOME to find
  ## configuration files and this may lead to privilege escalation!
  # Defaults env_keep += "HOME"
  ## X11 resource path settings
  # Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
  ## Desktop path settings
  # Defaults env_keep += "QTDIR KDEDIR"
  ## Allow sudo-run commands to inherit the callers' ConsoleKit session
  # Defaults env_keep += "XDG_SESSION_COOKIE"
  ## Uncomment to enable special input methods. Care should be taken as
  ## this may allow users to subvert the command being run via sudo.
  # Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
  ## Uncomment to enable logging of a command's output, except for
  ## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
  # Defaults log_output
  # Defaults!/usr/bin/sudoreplay !log_output
  # Defaults!/usr/local/bin/sudoreplay !log_output
  # Defaults!/sbin/reboot !log_output
  Defaults timestamp_timeout=0,passwd_timeout=0,passprompt="Password:",badpass_message="Incorrect password",editor=/usr/bin/vim:/usr/bin/vi,targetpw
  ## Runas alias specification
  ## User privilege specification
  root ALL=(ALL) ALL
  build sakura=/usr/bin/pacman-color -U *,/usr/bin/pacman-color -Sy,/usr/bin/pacman-color -Syy
  build sakura=/usr/bin/pacman -U *
  build sakura=NOPASSWD: /usr/bin/extra-x86_64-build,/usr/bin/multilib-build,/usr/sbin/makechrootpkg
  ## Uncomment to allow members of group wheel to execute any command
  %wheel sakura=(ALL) ALL
  ## Same thing without a password
  #%wheel ALL=(ALL) NOPASSWD: /sbin/sdshutdown, /sbin/sdreboot
  ## Uncomment to allow members of group sudo to execute any command
  # %sudo ALL=(ALL) ALL
  ## Uncomment to allow any user to run sudo if they know the password
  ## of the user they are running the command as (root by default).
  # Defaults targetpw # Ask for the password of the target user
  # ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
  ## Read drop-in files from /etc/sudoers.d
  ## (the '#' here does not indicate a comment)
  #includedir /etc/sudoers.d
  Further information will be provided on request. Suggestions for improving the script will also be appreciated.
  Thanks.

  Update: It appears that the cause is systemd's nspawn. Disabling it in mkarchroot (have_nspawn=0) resolves the problem.
  However, I don't understand why it's causing this behaviour. User input works fine for the sudo password prompt, but then fails for the pacman user prompt? Do they use different input buffers or something? Does that question even make sense?
  Anyway, I'll open a bug report on flyspray and upstream about this when I get the chance.