If you have problems (i.e. blank or green screen or the error “main decoder error: no suitable decoder module for fourcc `XVID’” in vlc) viewing XviD videos in Debian Lenny and you are using debian-multimedia repository then here is how to solve temporarily the problem.

What we are going to do now is to downgrade the minimum set of libraries for restoring vlc/totem capability to play videos. In addition we will tell apt-get not to upgrade those libraries next time we run apt-get upgrade. The latter is just temporary, as hopefully the problem will be solved in a few days weeks (months?).

Here is the two simple commands:

FYI, if you're not using xdm/kdm/gdm but are instead starting the X11 server manually with startx (which is what I usually do) you might have experienced brokenness in Debian unstable recently:

Fatal server error:
Unrecognized option: /etc/X11/xinit/xserverrc

This is already reported as bug #482425 and #482527 and should hopefully be fixed soon, but in the meantime this patch against /usr/bin/startx should work around the issue:

Following the security problem on openssl/openssh specific to Debian (apparently, a lack of randomness in the generation of the keys for the whole OpenSSL library), it is time to renew your SSL certificates and SSH keys (a bit of cleaning). Why not turn it into the occasion to test a new certificate with the capability of answering to different names (with only one certificate and IP), as explained here?

For a number of years, I have been regularly updating kernels for about 80 machines. Among these (mostly Dell-branded machines), some have NVidia graphic cards and I chose to install the NVidia drivers. Since I have to update many machines, I install these drivers through the Debian packaging system.

I had to automate the task. Some will tell me that "there is module-assistant". True enough, but module-assistant does not automatically build for several kernel flavours. Moreover, there is sometimes a need to patch the sources, or even to patch the binaries, like since the mess of kernel 2.6.18-4 (and the paravirt_ops export problems of GPL/non-GPL symbols).

Seahorse est un programme qui remplit trois rôles :

• Gestionnaire de clés (à la fois clés ssh et clés de chiffrement GPG) 
• Agent de cache pour les clés ssh ;
• Agent de cache pour les clés gnupg-agent.

Si l’utilisation de Seahorse dans les deux premiers rôles ne pose aucun problème avec la distribution Debian (sid du 22 mai 2007), il faut faire un peu d’efforts pour la 3e utilisation.

I currently have to maintain an out-of-tree patch for openssh (in Debian, and probably elsewhere).

The rationale for this patch are the two merged bugs (#313317 and #408029) in Debian:
the environment variables sent by AcceptEnv/SendEnv functionalities
should take precedence over PAM variable settings, especially for
locale and terminal related settings (or commands that are
locale-sensitive or terminal sensitive might give incomprehensible
gibberish as output to the user). TERM is already managed in a special
way, but not LANG or LC_* variables.

• I have started looking into SELinux on Debian recently. SELinux provides mandatory access control for Linux, which gives you great control over which process may do what with which files, other processes, network connections etc. I've still got a lot to learn and read (more posts will probably follow), but if you're inclined to try it yourself here are a few tips:
  • First, read the SELinux and especially the SELinuxSetup pages in the Debian wiki.
    
    Average: Select ratingPoorOkayGoodGreatAwesome