Ask Klaus
Ask Klaus

Klaus Knopper answers your Linux questions.
DNS Security Bug
What's the easiest way to get rid of the dangerous "DNS resolver" security bug that was recently detected (CVE-2015-7547)? Security lists tell me that all programs that resolve Internet names to IP addresses are affected, such as Firefox, LibreOffice, and various KDE and Gnome programs. Do I have to upgrade all of them?
It is the GLIBC implementation of the C libraries getaddrinfo()
function that causes a stack overflow in case of specially crafted answers from a direct name server query. Programs can crash or execute arbitrary code due to this bug, but in order to exploit it, the attacker must first manipulate a DNS server that's queried by your client system. If your Linux system is behind an access point or router that acts as a DNS proxy, chances are that you are safe, because the DNS proxy may already replace bad replies by an "address not available" response. However, you should upgrade as soon as possible anyway – not the entire system, but definitely the glibc libraries that contain the vulnerability.
For Debian-based systems, updating the libc6 package is sufficient to fix all programs dynamically linked with libc6; these are the commands for Knoppix/Debian:
sudo apt-get update sudo apt-get install -t unstable libc6
I use the "unstable" branch here just because it contains the newest version of libc6. With regular updates of Ubuntu and others, the libc version may get updated automatically from the "security" branches of the distribution.
Printer Problem
Klaus: I am having a printer issue. I have a desktop with a fresh install using Intel Core i5 CPU running OS Linux Peppermint 5, 64-bit version. I formatted the hard drive, thereby wiping out all underlying information. I have two HP OfficeJet P3015 laser printers connected via Ethernet on the LAN as follows:
192.168.0.10, HP-OfficeJet-P3015a 192.168.0.11, HP-OfficeJet-P3015b.
I configured these printers using the web browser interface supplied by Hewlett-Packard.
On my computer, I configured only the first printer (P3015a) using the GUI printer application: Start Menu | System Tools | Printers in the Printers – localhost dialog box (system-config-printer). I never added the second printer (P3015b).
If I launch LibreOffice and print a document, I can only see the first printer (P3015a). If I launch Firefox and print a document, I can see both printers: (P3015a and P3015b). Why is this? Do the separate applications use different mechanisms to print to the printer?
You may ask why I did not configuration both printers using the GUI on Peppermint from the outset. I did this once before; however, I was getting a conflict. Whenever I would try to print from my machine, say at IP 192.168.0.34, I could see both printers from LibreOffice, but when I did the same from Firefox, I could also see both printers, but the second one (P3015b) had a grayed out Print button. This was my only solution.
--Kevin
Indeed, just as you suspected, each program can use a different mechanism to acquire the list of available printers! Although most Linux distros use the CUPS printing system as back end to printer filters and printer features nowadays, the front ends may differ between native CUPS protocol printing (maybe using the http interface on port 631 directly), or the Berkeley-style front ends lpq
or "lpr" or the SystemV syntax with lpstat
and lp
.
Your second printer may have been autodetected because you already configured the first one and installed the driver module, probably using CUPS and hplip, which is HP's suite of printer drivers for many multifunction, Inkjet, and Laserjet printers.
Usually, when configuring several printers with the same driver in CUPS, you don't get any conflicts that would keep programs from accessing any of the printers. However, depending on the printer front end, your printers may have to be given dedicated internal names. So, for example, the lpr -P printername
front end knows which printer you want to print on. And, this may have been the problem: Two identical printers with identical names (or no explicit name set) may be a problem for some programs.
The obvious solution is, entering the printer config, and assigning unique names to each printer, following the Unix scheme: Just use lower+uppercase letters and numbers, but no spaces or other special symbols for the "nickname" of the printer. You can use anything you like in the printer's description, though.
Figure 1 shows the setting of a HPLIP printer in the CUPS web GUI, which is an alternative to the "printer configuration" in your system menu. Here, I set the name of the printer to printer1
, and you could set the second printers name to printer2
, so it's easy for programs to distinguish between those two, regardless of using the same driver and settings for both. With two different names, they should both be accessible from any program.

However, if one of the printers gets stuck with an error message, this can also lead to a grayed out Print button. I usually check abort-job (on error) instead of stop printer, so a defective print job just gets discarded and will not try to block the printer indefinitely (Figure 2).

dd Command
Dear Klaus, Just to let you know that I tried dd
again, but with the conv=sync,noerror
options. The second USB backup hard disk is booting fine now!
I assume that a small disk error on the primary USB hard disk could have caused the second USB hard disk copy to shift, perhaps rendering it unbootable.
Unfortunately, I haven't been able to rescue data from a persistent partition yet. An option in Knoppix to save user data could perhaps be helpful to users?
Best regards, Theo
I assume you did a
dd if=/dev/sdb1 of=/media/sdc1/sdb1-backup.img bs=1M conv=sync,noerror
to create a backup image of your USB disks first partition on a second drives first partition.
Note that on read errors, the dd
command may still behave erroneously, and noerror
alone will not replace read errors by zeroes but skip data on the input, shifting data backward on the output after the error, unless you also add the sync
option (which you did).
Still, I would prefer dd_rescue
for the task of reading from a partly defective hard disk, because it can approach to the location of a defective sector from both sides, which in some cases works better than linear reading.
In regard to your second question of rescuing data from the persistent Knoppix (/dev/sdb2
, as an example) partition: This partition is usually formatted with the ReiserFS filesystem, not ext2, 3, or 4, because from my experience, ReiserFS is easier to handle and auto-recovers after a crash simply by mounting.
If ReiserFS is not included in your kernel, you may have to force load the ReiserFS filesystem module by explicitly stating the filesystem for mounting the partition backup (sdb2-backup.img
in this example):
sudo mount -t reiserfs -o loop sdb2-backup.img /mnt
You should then be able to access the persistent partitions data at /mnt, create a tar archive from it by
cd /mnt; tar zcpPvf /media/sdc1/knoppix-data.tar.gz
Sorry, I have no shortcut for this in Knoppix yet.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
News
-
Fedora 39 Beta is Now Available for Testing
For fans and users of Fedora Linux, the first beta of release 39 is now available, which is a minor upgrade but does include GNOME 45.
-
Fedora Linux 40 to Drop X11 for KDE Plasma
When Fedora 40 arrives in 2024, there will be a few big changes coming, especially for the KDE Plasma option.
-
Real-Time Ubuntu Available in AWS Marketplace
Anyone looking for a Linux distribution for real-time processing could do a whole lot worse than Real-Time Ubuntu.
-
KSMBD Finally Reaches a Stable State
For those who've been looking forward to the first release of KSMBD, after two years it's no longer considered experimental.
-
Nitrux 3.0.0 Has Been Released
The latest version of Nitrux brings plenty of innovation and fresh apps to the table.
-
Linux From Scratch 12.0 Now Available
If you're looking to roll your own Linux distribution, the latest version of Linux From Scratch is now available with plenty of updates.
-
Linux Kernel 6.5 Has Been Released
The newest Linux kernel, version 6.5, now includes initial support for two very exciting features.
-
UbuntuDDE 23.04 Now Available
A new version of the UbuntuDDE remix has finally arrived with all the updates from the Deepin desktop and everything that comes with the Ubuntu 23.04 base.
-
Star Labs Reveals a New Surface-Like Linux Tablet
If you've ever wanted a tablet that rivals the MS Surface, you're in luck as Star Labs has created such a device.
-
SUSE Going Private (Again)
The company behind SUSE Linux Enterprise, Rancher, and NeuVector recently announced that Marcel LUX III SARL (Marcel), its majority shareholder, intends to delist it from the Frankfurt Stock Exchange by way of a merger.