Re: usb => serial port converter

[Max Nikulin]

On 08/07/2024 22:46, Lee wrote:

On Sun, Jul 7, 2024 at 8:51 PM Andy Smith wrote:

In my experience USB serial gadgets on Linux tend to just work or
will never work.


It worked this time!
Other than plugging it into a windows machine that had the proper
drivers first, I don't know what changed.


Some devices may advertise them as mass storage drives at first to 
autorun windows drivers installer. I would not expect it from a cheap 
serial port adapter though. See the usb-modeswitch package to change 
exposed USB interface from command line.



Great!  I had to add myself to the dialout group to be able to talk to
the device, but
screen /dev/ttyUSB0 38400
works.


systemd-logind may grant access to the currently active user. Search for 
"uaccess" in /usr/lib/udev/rules.d/



"Document the uaccess mechanism / dynamic device permissions"


Tomasz Torcz. Linux automatic user ACL management

Email Still Active ???

[Farhan Faruqui]

Is your number still the same?

Re: General questions

[gene heskett]

On 7/8/24 19:02, Andrew M.A. Cater wrote:

On Mon, Jul 08, 2024 at 06:08:49PM -0400, gene heskett wrote:

On 7/8/24 17:20, Andy Smith wrote:

Hi,

On Tue, Jul 09, 2024 at 12:15:00AM +0500, 타토카 wrote:

I mean subscriptions like this "debian-user"


The only cost associated with this mailing list is your sanity.


+1, Andy. Some of us get downright upset with the Karens that think they run
this all volunteer show. I've unfortunately come to the conclusion they are
best ignored. Generally, they don't seem to be members of a civil society,
or to be able to learn how to treat their fellow man. Your monitoring, and
howto corrections are much appreciated, thank you.


Thanks,
Andy





All contributions by any Andy gratefully received on this list. There
are also all sorts of people contributing to - and reading - this list.
Sometimes, even the worst of the passers by and trolls improve.

Please don't stoop to characterising others too readily as you might
dissuade somebody from contributing who could be really valuable.


All quite true Andy. But you may have noted that I only speak up from 
personal experience from having done it myself, not always in the 
approved way.



All the very best, as ever,

Andy
(amaca...@debian.org)


Take care & stay well, Andy.



Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
  soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
  - Louis D. Brandeis



.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: General questions

[Andrew M.A. Cater]

On Mon, Jul 08, 2024 at 06:08:49PM -0400, gene heskett wrote:
> On 7/8/24 17:20, Andy Smith wrote:
> > Hi,
> > 
> > On Tue, Jul 09, 2024 at 12:15:00AM +0500, 타토카 wrote:
> > > I mean subscriptions like this "debian-user"
> > 
> > The only cost associated with this mailing list is your sanity.
> > 
> +1, Andy. Some of us get downright upset with the Karens that think they run
> this all volunteer show. I've unfortunately come to the conclusion they are
> best ignored. Generally, they don't seem to be members of a civil society,
> or to be able to learn how to treat their fellow man. Your monitoring, and
> howto corrections are much appreciated, thank you.
> 
> > Thanks,
> > Andy
> > 
> 

All contributions by any Andy gratefully received on this list. There
are also all sorts of people contributing to - and reading - this list.
Sometimes, even the worst of the passers by and trolls improve.

Please don't stoop to characterising others too readily as you might 
dissuade somebody from contributing who could be really valuable.

All the very best, as ever,

Andy
(amaca...@debian.org)

> Cheers, Gene Heskett, CET.
> -- 
> "There are four boxes to be used in defense of liberty:
>  soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>  - Louis D. Brandeis
> 

Re: General questions

[gene heskett]

On 7/8/24 17:20, Andy Smith wrote:

Hi,

On Tue, Jul 09, 2024 at 12:15:00AM +0500, 타토카 wrote:

I mean subscriptions like this "debian-user"


The only cost associated with this mailing list is your sanity.

+1, Andy. Some of us get downright upset with the Karens that think they 
run this all volunteer show. I've unfortunately come to the conclusion 
they are best ignored. Generally, they don't seem to be members of a 
civil society, or to be able to learn how to treat their fellow man. 
Your monitoring, and howto corrections are much appreciated, thank you.



Thanks,
Andy



Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Creating PDF/A from LaTeX source and from existing PDF

[Jeffrey Walton]

On Mon, Jul 8, 2024 at 5:56 PM Ceppo  wrote:
>
> On Wed, Jul 03, 2024 at 06:38:51PM GMT, Richard wrote:
> > From LaTeX, this is quite simple, there's a package for that - as for pretty
> > much everything in the LaTeX world. Googling for just like 10 sec could have
> > given you this great guide: https://webpages.tuni.fi/latex/pdfa-guide.pdf
>
> I did my research and found the document you linked. In fact it's what pointed
> me to the pdfx LaTeX package, but I couldn't make it work. I acknowledge I
> missed its reference to veraPDF, though.
>
> > gs -dQUIET -dUseCIEColor -sProcessColorModel=DeviceCMYK -sDEVICE=pdfwrite
> > -dPDFACompatibilityPolicy=1 -dCompressFonts=true -dSubsetFonts=true
> > -sFONTPATH=/usr/share/fonts/ -o  
>
> The output isn't accepted by veraPDF, either. I will try to understand
> something more about ghostscript.

Have a look at . It discusses
some of the finer points of PDF/A conversion in the comments, like
color spaces.

Jeff

Re: Creating PDF/A from LaTeX source and from existing PDF

[Jeffrey Walton]

On Wed, Jul 3, 2024 at 12:13 PM Ceppo  wrote:
>
> I wrote a report with LaTeX, and afterwards discovered it must be
> PDF/A-compliant - which wasn't. I found the pdfx LaTeX package and followed 
> its
> instructions, thus obtaining a file that should be PDF/A and pdfinfo 
> identifies
> as such, but my employer's upload form thinks isn't. Is pdfinfo reliable 
> enough
> that I can tell my employer his form is broken? If not, how can I make sure
> that pdflatex's output is actually PDF/A-compliant?

The pdf-linter I use to verify a pdf document is qpdf,
. It is available on most distributions,
including Debian, Fedora and Red Hat.

The command to check the document is `qpdf --check `.

> I will also probably have to upload under the same requirement some 
> third-party
> PDF, which is not PDF/A, without access to an editable version. Is there a way
> to convert them to PDF/A? I know that converting from an editable version 
> would
> be the correct way for this, but I have no real way to get it.

qpdf may provide this functionality, but I have never used it. From
the project's description: "qpdf is a command-line tool and C++
library that performs content-preserving transformations on PDF files.
It supports linearization, encryption, and numerous other features. It
can also be used for splitting and merging files, creating PDF files
(but you have to supply all the content yourself), and inspecting
files for study or analysis."

Another tool I would look at is GhostScript. It looks like it can
convert to PDF/A: .

> A requirement of any solution is that it doesn't rely on non-DFSG-compliant
> software, including online conversion tools.

Jeff

Re: General questions

[Andy Smith]

Hi,

On Tue, Jul 09, 2024 at 12:15:00AM +0500, 타토카 wrote:
> I mean subscriptions like this "debian-user"

The only cost associated with this mailing list is your sanity.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

[Back In Time] Request to update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer Dutch 
translations or review them [2] (currently at 69%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: General questions

[Thomas Schmitt]

Hi,

cybertat...@gmail.com wrote:
>     2.2. I have done then: gpg --keyserver keyring.debian.org --verify 
> SHA512SUMS.sign SHA512SUMS
>     2.3. Then I have got next info: Signed was made in 30 june 2024
>    And RSA key: DF9B9C49EAA9298432589D76DA87E80D6294BE9B
> I have compared 2011 's key and mine and they are the same.

The key string looks good, indeed.


> But is it a good idea to do that? Or do I need to download the open key and
> then compare them?

It would suffice for me. If you know more ways to verify that the
signature belongs to Debian, then apply them. Just to be sure.


> And is verification with SHA512SUMS.sign and SHA512SUMS enough? Should I do
> the same actions with SHA216SUMS.sign and SHA216SUMS?

It is general belief that faking a SHA-512 checksum is not feasible,
currently. Faking both, SHA-512 and SHA-256 would be even more difficult.
So check both and raise loud alarm if one matches and the other does not.


Have a nice day :)

Thomas

[Back In Time] Request to update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer Danish 
translations or review them [2] (currently at 57%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: General questions

[Greg Wooledge]

On Tue, Jul 09, 2024 at 00:15:00 +0500, 타토카 wrote:
> Thank you all for your answers.
> 1. But I mean subscriptions like this "debian-user":) But I really like
> your answers about Debian's freedom. I think it is useful information.
> Thanks.

The debian-user mailing list is open to all who wish to contribute to it,
as long as they abide by the list's code of conduct.  There is no fee
involved.  On the other hand, any answers you get here are "use at your
own risk", as they are coming from random people on the Internet.

Re: General questions

[타토카]

Thank you all for your answers.
1. But I mean subscriptions like this "debian-user":) But I really like
your answers about Debian's freedom. I think it is useful information.
Thanks.
2. I just have verified GPG's keys manually: https://keyring.debian.org/
2.1. I have downloaded SHA512 SUMS.sign SHA512SUMS from
https://cdimage.debian.org/debian-cd/current/amd64/bt-cd/
2.2. I have done then: gpg --keyserver keyring.debian.org --verify
SHA512SUMS.sign SHA512SUMS
2.3. Then I have got next info: Signed was made in 30 june 2024
And RSA key: DF9B9C49EAA9298432589D76DA87E80D6294BE9B
I have compared 2011 's key and mine and they are the same.
But is it a good idea to do that? Or do I need to download the open key and
then compare them?
And is verification with SHA512SUMS.sign and SHA512SUMS enough? Should I do
the same actions with SHA216SUMS.sign and SHA216SUMS?

On Mon, Jul 8, 2024 at 11:00 PM Thomas Schmitt  wrote:

> Hi,
>
> cybertat...@gmail.com wrote:
> > 2. How to check Debian Image Authentication?
> > Is checksum verification (sha216sum, sha512sum) enough?
>
> Only if you are trusting the site from where you downloaded the ISO.
> In that case you'd use the checksums in the files SHA256SUMS and
> SHA512SUMS as mere control whether the download delivered what the server
> operators intended.
>
>
> > Should I verify with GPG?
>
> The signatures in the files SHA256SUMS.sign and SHA512SUMS.sign verify that
> the checksums in SHA256SUMS and SHA512SUMS are authorized by the Debian
> developers who are in charge of image production.
>
> Verify them by e.g.
>
>   gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS
>
> and look out for the text,
>
>   gpg: Good signature from "Debian CD signing key <
> debian...@lists.debian.org>"
>   ...
>   Primary key fingerprint: DF9B 9C49 EAA9 2984 3258  9D76 DA87 E80D 6294
> BE9B
>
> First occuruence of this fingerprint in my mailbox is Oct 10 2015.
>
> On
>   https://www.debian.org/CD/verify
> there are two more valid keys published which would yield:
>
>   gpg: Good signature from "Debian CD signing key <
> debian...@lists.debian.org>"
>   Primary key fingerprint:  1046 0DAD 7616 5AD8 1FBC  0CE9 9880 21A9 64E6
> EA7D
>
>   gpg: Good signature from "Debian Testing CDs Automatic Signing Key <
> debian...@lists.debian.org>"
>   Primary key fingerprint: F41D 3034 2F35 4669 5F65  C669 4246 8F40 09EA
> 8AC3
>
> Both have their first occurence in my mailbox at Feb 16 2020.
>
> If you see one of these texts, then you may assume the checksum files to
> be valid (or the fingerprints to be undetected falsifications since years).
> But if you see deviations in the fingerprint lines then this would be very
> suspicious.
>
>
> Have a nice day :)
>
> Thomas
>
>

Re: Kernel panic....

[Van Snyder]

On Mon, 2024-07-08 at 17:46 +, Andrew M.A. Cater wrote:
> On Sun, Jul 07, 2024 at 07:07:26PM -0700, Van Snyder wrote:
> > I recently installed Debian 12.5 with kernel 6.5.0.0 on an antique
> > Dell
> > Vostro 1700. Occasionally it crashes with
> > 
> > "Kernel Panic - not syncing: Can not allocate SWIOTLB buffer
> > earlier
> > and can't now provide you with the DMA bounce buffer"
> > 
> 
> Hi,
> 
> As suggested, use the Debian 6.1 kernel.
> 
> This is a laptop from around 2008 if I'm reading the spec. correctly.
> This is a laptop with an older Nvidia card. How did you install it?
> Did you try to install the Nvidia drivers at any point? I can't 
> find out whether this is one of the machines that has dual chipsets
> (one Intel / one Nvidia). If so, have you used the instructions
> for bumblebee/primus or whatever the appropriate magic now is?

I tried unsuccessfully to install the NVidia 340 driver from the NVidia
drivers page. I found a SourceForge/GitHub page by MeowIce that had the
patched driver, but not for kernel 6.1, so I installed 6.5.0.0 from
backports-bookworm and the patched NVidia 340 driver. That also didn't
work, so I reinstalled bog-standard Debian 12.5 with the 6.1 kernel
using the net-install ISO from the Debian site. It doesn't have dual
graphic chipsets. The video driver is nouveau.

> 
> > I saw some remarks about this from 2013 in the context of release
> > 3.5.
> > 
> > Is this a problem in the kernel, or is the computer broken?
> > 
> > Should I revert to an earlier release?
> > 
> > 
> 
> Ideally, if you're running Debian stable, don't revert to prior
> versions.
> 
> Apt-get update to ensure that you're running the latest point
> release.
> 
> All the very best, as ever,
> 
> Andy
> (amaca...@debian.org) 
> 

Re: General questions

[Michael Kjörling]

On 8 Jul 2024 22:24 +0500, from cybertat...@gmail.com (타토카):
> 1. Are all subscriptions to Debian free?

Others have already pointed out that Debian is free, but I want to
note that this question seems to be based on a misunderstanding.

The fact is that there are no "subscriptions" to Debian, in the
typical sense.

Some people voluntarily _donate_ to the Debian project to help cover
costs, provide hardware, etc., and the Debian project solicits such
donations in various ways. Some are members for example of this
mailing list and give back to the community by answering other
peoples' questions. Some contribute bug reports, code or documentation
changes either to correct errors or to improve clarity. Some introduce
their friends, family and relatives to free software and offer
hands-on help. Some companies provide services at a lower price to
people who are active in the Debian project, or to the Debian project
itself.

But there is absolutely no requirement to do any of this.

Some companies do offer _support contracts_ that cover Debian, and
particularly other companies tend to like this because it gives them
somewhere to call if they have a problem. But you don't need to have
anything like that to use Debian, or contribute in various ways.

You can just download, install and use it. :-)

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

[Back In Time] Update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer Catalan 
translations or review them [2] (currently at 73%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: usb => serial port converter

[Paul Duncan]

Hi Lee,

Its very much "horses for courses".

If all you want to do is talk to network switch console ports, there are
cheap cables from Amazon that will do that.

If you *only* want a general purpose RS-232 StarTech and TrendNet should
just work.

If you want to be able to do other things like RS-422 and RS-485, I would
recommend a Moxa uPort 1150. Be aware that you will have to install the
Moxa driver to use this - its not generally included with the kernel.

Cheers,

Paul.

On Sun, 7 Jul 2024 at 22:02, Lee  wrote:

> What's everybody using for a usb => serial port converter?
>
> I got a new network switch and .. OhNoes!! how to I talk to the darn
> thing???
>
> I went looking thru cabinets and came up with a keyspan usb -> serial
> dongle; a quick search found the site with driver downloads, but they
> all were for Windows or MacOS.  I tried plugging the dongle into my
> debian laptop but it didn't recognize it :(
>
> So... what are people using to talk to serial devices now that PCs
> don't come with serial ports anymore?
>
> And what program are you using to talk to something over the serial
> link?  pterm or something else?
>
> I still have a Windows machine, so install the drivers, configure
> putty to talk to COM4 & I'm good to go.  But I'm trying to get *away*
> from Windows.  How do I talk to my switch over the serial port?
>
> Thanks,
> Lee
>
>

-- 


*Paul Duncan*

Lead Marine Technician, RV Falkor(too)

SCHMIDT OCEAN INSTITUTE

mobile +1 650 387 4151

VOIP +1 954 672 4943

www.schmidtocean.org

Follow us on Twitter, Facebook and Google+

*This email message is for the sole use of the intended recipient(s) and
may contain confidential and privileged*

*information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you have received it in*

*error, please advise the sender by reply email and delete the message and
any attachments. Thank you.*

Re: Creating PDF/A from LaTeX source and from existing PDF

[Ceppo]

On Wed, Jul 03, 2024 at 11:15:51AM GMT, Henning Follmann wrote:
> On Wed, Jul 03, 2024 at 01:06:56PM +, Ceppo wrote:
> > A requirement of any solution is that it doesn't rely on non-DFSG-compliant
> > software, including online conversion tools.
>
> Please looks at this thread at StackExchange. I found that to be very
> helpful.
> https://tex.stackexchange.com/questions/130201/pdf-a-with-hyperref-on-tex-live-2013/136653#136653
>
> Please let me know how it works out for you.

Hello.
Thanks for pointing to the thread, but the solution isn't suitable for me. I
need a solution that does not rely on non-DFSG-compliant software, but the
first step requires to use a file from a zip archive [1] with a license that
explicitly forbids to modify and sell it.


[1]: http://www.eci.org/_media/downloads/icc_profiles_from_eci/ecirgbv20.zip


--
Ceppo


signature.asc
Description: PGP signature

Re: General questions

[Thomas Schmitt]

Hi,

cybertat...@gmail.com wrote:
> 2. How to check Debian Image Authentication?
> Is checksum verification (sha216sum, sha512sum) enough?

Only if you are trusting the site from where you downloaded the ISO.
In that case you'd use the checksums in the files SHA256SUMS and
SHA512SUMS as mere control whether the download delivered what the server
operators intended.


> Should I verify with GPG?

The signatures in the files SHA256SUMS.sign and SHA512SUMS.sign verify that
the checksums in SHA256SUMS and SHA512SUMS are authorized by the Debian
developers who are in charge of image production.

Verify them by e.g.

  gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS

and look out for the text,

  gpg: Good signature from "Debian CD signing key "
  ...
  Primary key fingerprint: DF9B 9C49 EAA9 2984 3258  9D76 DA87 E80D 6294 BE9B

First occuruence of this fingerprint in my mailbox is Oct 10 2015.

On
  https://www.debian.org/CD/verify
there are two more valid keys published which would yield:

  gpg: Good signature from "Debian CD signing key "
  Primary key fingerprint:  1046 0DAD 7616 5AD8 1FBC  0CE9 9880 21A9 64E6 EA7D

  gpg: Good signature from "Debian Testing CDs Automatic Signing Key 
"
  Primary key fingerprint: F41D 3034 2F35 4669 5F65  C669 4246 8F40 09EA 8AC3

Both have their first occurence in my mailbox at Feb 16 2020.

If you see one of these texts, then you may assume the checksum files to
be valid (or the fingerprints to be undetected falsifications since years).
But if you see deviations in the fingerprint lines then this would be very
suspicious.


Have a nice day :)

Thomas

Re: General questions

[Dan Ritter]

타토카 wrote: 
> Hello, dear Debian Community. I have several questions:
> 1. Are all subscriptions to Debian free?

Yes. There are non-Debian businesses which can sell you support,
if you like, but Debian software is all free.

> 2. How to check Debian Image Authentication? Is checksum verification
> (sha216sum, sha512sum) enough? Should I verify with GPG? If so, how can I
> do that? Or can you give me any additional advice to do right verification?

Verify a downloaded image with the checksum:

https://www.debian.org/CD/verify

After that, package updates from Debian HTTPS sources will be
good.

-dsr-

Re: Kernel panic....

[Andrew M.A. Cater]

On Sun, Jul 07, 2024 at 07:07:26PM -0700, Van Snyder wrote:
> I recently installed Debian 12.5 with kernel 6.5.0.0 on an antique Dell
> Vostro 1700. Occasionally it crashes with
> 
> "Kernel Panic - not syncing: Can not allocate SWIOTLB buffer earlier
> and can't now provide you with the DMA bounce buffer"
> 

Hi,

As suggested, use the Debian 6.1 kernel.

This is a laptop from around 2008 if I'm reading the spec. correctly.
This is a laptop with an older Nvidia card. How did you install it?
Did you try to install the Nvidia drivers at any point? I can't 
find out whether this is one of the machines that has dual chipsets
(one Intel / one Nvidia). If so, have you used the instructions
for bumblebee/primus or whatever the appropriate magic now is?

> I saw some remarks about this from 2013 in the context of release 3.5.
> 
> Is this a problem in the kernel, or is the computer broken?
> 
> Should I revert to an earlier release?
> 
>

Ideally, if you're running Debian stable, don't revert to prior versions.

Apt-get update to ensure that you're running the latest point release.

All the very best, as ever,

Andy
(amaca...@debian.org) 

Re: General questions

[tomas]

On Mon, Jul 08, 2024 at 10:24:13PM +0500, 타토카 wrote:
> Hello, dear Debian Community. I have several questions:
> 1. Are all subscriptions to Debian free?
> 2. How to check Debian Image Authentication? Is checksum verification
> (sha216sum, sha512sum) enough? Should I verify with GPG? If so, how can I
> do that? Or can you give me any additional advice to do right verification?

Most of your questions are addressed here:

  https://www.debian.org/

Yes, Debian is a free operating system, meaning that you are allowed
to use, modify and give the software to others, as long as you limit
yourself to the "free" repository. Other licenses may apply to the
"non-free" section.

Here's how you verify downloaded installation media:

  https://www.debian.org/CD/verify

Packaes are signed, the package manager takes care of verifying their
signatures before install:

  
https://www.debian.org/doc/manuals/securing-debian-manual/deb-pack-sign.en.html

Enjoy
-- 
tomás


signature.asc
Description: PGP signature

Re: General questions

[Greg Wooledge]

On Mon, Jul 08, 2024 at 22:24:13 +0500, 타토카 wrote:
> Hello, dear Debian Community. I have several questions:
> 1. Are all subscriptions to Debian free?

Debian is Free Software.  You are allowed to download it, in both binary
and source forms, without requiring a subscription, or a license, other
than the Free Software licenses that apply to each part of Debian.

There are a few different Free Software licenses, and mostly they just
reaffirm your rights to use and to distribute the software.  One of
them, the GNU General Public License, prevents you from placing any
additional restrictions on the software if you distribute it to other
people.  (If you aren't distributing the software to other people, then
none of this matters to you.)

If you want to pay for support, there are some companies who might provide
such a service, but those would be independent of Debian.

> 2. How to check Debian Image Authentication? Is checksum verification
> (sha216sum, sha512sum) enough? Should I verify with GPG? If so, how can I
> do that? Or can you give me any additional advice to do right verification?

https://www.debian.org/CD/verify

General questions

[타토카]

Hello, dear Debian Community. I have several questions:
1. Are all subscriptions to Debian free?
2. How to check Debian Image Authentication? Is checksum verification
(sha216sum, sha512sum) enough? Should I verify with GPG? If so, how can I
do that? Or can you give me any additional advice to do right verification?

Re: Creating PDF/A from LaTeX source and from existing PDF

[Ceppo]

On Wed, Jul 03, 2024 at 03:36:17PM GMT, to...@tuxteam.de wrote:
> On Wed, Jul 03, 2024 at 01:06:56PM +, Ceppo wrote:
> > I wrote a report with LaTeX, and afterwards discovered it must be
> > PDF/A-compliant - which wasn't. I found the pdfx LaTeX package and followed
> > its instructions, thus obtaining a file that should be PDF/A and pdfinfo
> > identifies as such, but my employer's upload form thinks isn't [...]
>
> Uh-oh. We set the standards, but won't tell you what they are.

Well, in fact they did tell - they just did *after* I produced my report. But
yes, the workflow is very broken...

> Not concrete help, but the Wikipedia [1] makes for an interesting
> read (including refs to bunches of test suites you can throw at your
> publisher's site to find out where their validator is failing).

I read about Isartor Test Suite, but [1] says it checks if the validator
accepts non-compliant files, not if it rejects compliant files.

> And there seems to be a kind of semi-official validaror, according
> to the above ref.

I guess you mean veraPDF?


[1]: https://pdfa.org/resource/isartor-test-suite/


--
Ceppo


signature.asc
Description: PGP signature

Re: usb => serial port converter

[Jeffrey Walton]

On Mon, Jul 8, 2024 at 11:56 AM Lee  wrote:
>
> On Sun, Jul 7, 2024 at 8:51 PM Andy Smith wrote:
> >
> > On Sun, Jul 07, 2024 at 06:02:18PM -0400, Lee wrote:
> > > I tried plugging the dongle into my debian laptop but it didn't
> > > recognize it :(
> >
> > In my experience USB serial gadgets on Linux tend to just work or
> > will never work.
>
> It worked this time!
> Other than plugging it into a windows machine that had the proper
> drivers first, I don't know what changed.
>
> > > And what program are you using to talk to something over the serial
> > > link?  pterm or something else?
> >
> > I use either minicom or GNU Screen. You'll need to know the baud
> > rate that the device expects, though you can just try a few common
> > ones and see what works. e.g.
> >
> > # screen /dev/ttyUSB0 115200
>
> Great!  I had to add myself to the dialout group to be able to talk to
> the device, but
> screen /dev/ttyUSB0 38400
> works.

You should also add TIOCEXCL on the file descriptor to ensure
exclusive access to the device. Otherwise, other programs will try to
open the modem and probe it by sending commands to it. It will screw
up your reads on the fd.

/* NetworkManager and ModemManager will try to open our device */
/* on occasion. Set TIOCEXCL to ensure we get exclusive access */
if (ioctl(fd, TIOCEXCL, NULL) == -1) {
log_warn("Failed to set TIOCEXCL on device: %s\n", strerror(errno));
}

Jeff

Re: Creating PDF/A from LaTeX source and from existing PDF

[Ceppo]

On Wed, Jul 03, 2024 at 06:38:51PM GMT, Richard wrote:
> From LaTeX, this is quite simple, there's a package for that - as for pretty
> much everything in the LaTeX world. Googling for just like 10 sec could have
> given you this great guide: https://webpages.tuni.fi/latex/pdfa-guide.pdf

I did my research and found the document you linked. In fact it's what pointed
me to the pdfx LaTeX package, but I couldn't make it work. I acknowledge I
missed its reference to veraPDF, though.

> gs -dQUIET -dUseCIEColor -sProcessColorModel=DeviceCMYK -sDEVICE=pdfwrite
> -dPDFACompatibilityPolicy=1 -dCompressFonts=true -dSubsetFonts=true
> -sFONTPATH=/usr/share/fonts/ -o  

The output isn't accepted by veraPDF, either. I will try to understand
something more about ghostscript.


--
Ceppo


signature.asc
Description: PGP signature

Re: Creating PDF/A from LaTeX source and from existing PDF

[Ceppo]

On Wed, Jul 03, 2024 at 10:52:06PM GMT, y...@vienna.at wrote:
> Well, that is my way:

Thanks for providing your script. I tried it with one tweak:

> latex  .../Nix.tex  .../Nix.dvi
> dvips -o Nix.ps  Nix.pdf
   ^^^
I guess here you meant Nix.dvi...

> ps2pdf ... Nix.ps ... Nix.pdf
> chmod 755 script
> All works since many many years absolutly perfect, nothing else ever was is
> needed

However, the resulting PDF is not recognized as PDF/A by veraPDF. Have you
tested it with something else?


--
Ceppo


signature.asc
Description: PGP signature

Re: Creating PDF/A from LaTeX source and from existing PDF

[Ceppo]

On Wed, Jul 03, 2024 at 10:18:01AM GMT, Sarunas Burdulis wrote:
> pdfinfo probably only reads metadata, but does not do any PDF/A compliance
> validation.
>
> VeraPDF seems to work for validation (https://verapdf.org/software/).

I don't know about pdfinfo, but it looks like veraPDF at least agrees with my
contractor's form. Thanks for pointing me to it, it looks like now I have a
tool to check if my document is compliant.


--
Ceppo


signature.asc
Description: PGP signature

Re: usb => serial port converter

[Lee]

On Sun, Jul 7, 2024 at 8:51 PM Andy Smith wrote:
>
> Hi,
>
> On Sun, Jul 07, 2024 at 06:02:18PM -0400, Lee wrote:
> > I tried plugging the dongle into my debian laptop but it didn't
> > recognize it :(
>
> In my experience USB serial gadgets on Linux tend to just work or
> will never work.

It worked this time!
Other than plugging it into a windows machine that had the proper
drivers first, I don't know what changed.

> > And what program are you using to talk to something over the serial
> > link?  pterm or something else?
>
> I use either minicom or GNU Screen. You'll need to know the baud
> rate that the device expects, though you can just try a few common
> ones and see what works. e.g.
>
> # screen /dev/ttyUSB0 115200

Great!  I had to add myself to the dialout group to be able to talk to
the device, but
screen /dev/ttyUSB0 38400
works.

Thanks
Lee

[Back In Time] Update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer French 
translations or review them [2] (currently at 94%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: GUI-Login on bookworm-VM in a cloud

[George at Clug]

Christoph,

I think this statement holds the answer:

https://opennebula.io/blog/announcements/new-maintenance-release-opennebula683/
New Features:
OpenNebula 6.8.3 introduces support for Debian 12 and removes support for 
Debian 10.

Thus my guess is that OpenNebula versions before 6.8.3 do not support Debian 12.

George

See below for further comments.

On Monday, 08-07-2024 at 23:10 Christoph Pleger wrote:
> Hello,
> 
> > > The same result for me after directly installing bookworm with virt-
> > > manager. Obviously, there is a significant difference between a VM in
> > > OpenNebula and a VM with the same software in virt-manager ...
> > 
> > Are you able to try Virt-Manager with your original VM that you are having 
> > issues with? If your VM is a KVM VM, then you should not need to install 
> > anything on the VM.
> > 
> > I might give setting up OpenNebula to see if I can replicate the issue. A 
> > good excuse for me to try an installation.

Thanks to "https://github.com/OpenNebula/minione; I now have a full OpenNebula 
6.8.0 all in one installation running in a KVM VM.

I have been able to download a Debian 11 template from the OpenNebula 
Marketplace, then create a Debian 11 VM, and ssh into it.
https://marketplace.opennebula.io/appliance/8e015603-3dc2-4147-a25e-f58dced23e52

Next I want to learn how to create a Debian 11 VM with KDE installed.

I think I need to learn how to "the cloud administrator must prepare a set of 
Templates and Images to make them available to the cloud users".
https://docs.opennebula.io/6.8/management_and_operations/end-user_web_interfaces/cloud_view.html

Other pages that could help me.
https://docs.opennebula.io/6.8/management_and_operations/vm_management/vm_instances.html

I have much to learn.

> 
> The problem does not occur in virt-manager. I did not import an
> OpenNebula VM, but I can see that the problem occurs in a fresh
> bookworm VM in Opennebula, while it does not on a fresh bookworm VM in
> virt-manager (with the same VM software as in OpenNebula).

Thank you for testing the above. This indicates the issue you are having might 
not be directly a Debian Distribution issue. However more testing is required 
to find what is the issue.

What version of OpenNebula are you using?

My thoughts are that OpenNebula updates various settings in the VM as it 
creates/runs the VM, and since OpenNebula does not support Debian 12 as a OS 
for installing OpenNebula, maybe they have yet to design OpenNebula to 
create/manage Debian 12 instances? 

To backup this theory, it seems that Debian 12 support is introduced in version 
6.8.3.

https://opennebula.io/blog/announcements/new-maintenance-release-opennebula683/
New Features:
OpenNebula 6.8.3 introduces support for Debian 12 and removes support for 
Debian 10. 



Thank you for introducing me to OpenNebula. It looks quite impressive.



> 
> Regards
>   Christoph
> 

[Back In Time] Update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer Swedish 
translations or review them [2] (currently at 53%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: Browser traffic interception/inspection

[Lee]

Hi,

On Sun, Jul 7, 2024 at 10:31 PM Max Nikulin wrote:
>
> On 08/07/2024 04:42, Lee wrote:
> > On Mon, Jul 1, 2024 at 11:02 AM Max Nikulin wrote:
> >> On 01/07/2024 13:57, Lee wrote:
> >>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842292
> [...]
> >> Is libnss built with logging support ABI compatible with the variant in
> >> Debian repositories? (Or can it be patched to achieve ABI
> >> compatibility?) Instead of asking for changing compile flags for all
> >> users, from my point of view, it is better to suggest alternative
> >> packages with and without logging enabled.
> >>
> >> Browsers are rather sensitive applications, so I find it reasonable that
> >> dumping of encryption keys are not available by default.
> >
> > Maybe I don't know enough to know what's "reasonable" or not.. but I
> > don't see a problem with me being able to inspect the traffic between
> > me and some website.
>
> Is it OK for you that e.g. GnuPG agent disables tracing by default, so
> attaching a debugger or a tool like strace is not so easy? It makes
> harder to debug some issues.

I didn't realize that GnuPG disables tracing by default, so the idea
of it being OK or not has never come up for me.  But my first question
is does it actually improve security or is it more like security
theater?
I don't know how hard it would be to build your own version of GnuPG
that allows tracing, but if it's relatively easy it seems like
disabling tracing is just a minor stumbling block instead of an actual
security enhancement.

>  From my point of view, by default libnss3 should not allow logging of
> private keys. At the same time I do not mind that some users should be
> able to inspect TLS sessions. My idea is an *alternative* package that
> may be optionally installed instead of regular libnss3. Comments to the
> bug report request to enable debugging for *all* and I agree with the
> maintainers who have not do it. You may ask for providing an additional
> package for TLS debugging.
>
> > Anyone else wants to intercept my traffic and they'll have to set an
> > environment variable - which root can do, but who else?
>
> IAny regular user may start browser with this variable set.

Right, but presumably they intended that the variable be set.
I'm asking about malicious use of that variable.  Root can do pretty
much whatever they want to, but how does a non-root attacker set that
variable?

> Some
> unintentionally executed code in a user session may restart browser with
> enabled logging. I would not argue that it is a great trouble if an
> exploit is executed. However some measures may be taken to increase
> attack complexity and disabling TLS logging is a small step in this
> direction.

Well, debian has taken that small step.  It's no big deal for me to
download firefox from mozilla, so I've got my work-around.
And this is on my laptop, so the minor lack of security is only going
to impact me -- nobody else uses this laptop :)

> >> 
> >
> > but I don't know how to evaluate the security
> > implications of modifying apt-get files.  So I just downloaded the
> > binary from mozilla
>
> So you trust mozilla anyway.

Yes, I trust them enough to run their binary.
I lack the knowledge to evaluate the security implications of
following their instructions to add their repository to .. whatever it
is on my machine (I don't even know what it's called.)

"When in doubt, leave it out."  seems applicable here.

> Notice the "Signed-By" key in repository
> configuration: sources.list(5),
> 
> 
> apt-secure(8), 
>
> > tar -xvf firefox-115.12.0esr.tar.bz2
> > sudo mv firefox /opt/firefox-115.12.0esr/
> > sudo ln -s /opt/firefox-115.12.0esr/firefox /usr/local/bin/firefox
>
> I suspect that a regular user owns /opt/firefox-115.12.0esr/ and may
> modify files.

You're right :)  Everything in /opt/firefox-115.12.0esr/ is owned by me.
But again, this in on a laptop that nobody else is going to use so ...
I dunno.. maybe I'll chown everything to root so it can't be
accidentally updated.

> It should allow autoupdates, but I believe, it is an
> administrator task to update browser.

I agree.  I've got it set up that way on my windows machine.  I should
probably fix it so I have to become root to update firefox.

Regards,
Lee

Re: GUI-Login on bookworm-VM in a cloud

[Christoph Pleger]

Hello,

> > The same result for me after directly installing bookworm with virt-
> > manager. Obviously, there is a significant difference between a VM in
> > OpenNebula and a VM with the same software in virt-manager ...
> 
> Are you able to try Virt-Manager with your original VM that you are having 
> issues with? If your VM is a KVM VM, then you should not need to install 
> anything on the VM.
> 
> I might give setting up OpenNebula to see if I can replicate the issue. A 
> good excuse for me to try an installation.

The problem does not occur in virt-manager. I did not import an
OpenNebula VM, but I can see that the problem occurs in a fresh
bookworm VM in Opennebula, while it does not on a fresh bookworm VM in
virt-manager (with the same VM software as in OpenNebula).

Regards
  Christoph


signature.asc
Description: This is a digitally signed message part

Re: Kernel panic....

[Henning Follmann]

On Sun, Jul 07, 2024 at 07:07:26PM -0700, Van Snyder wrote:
> I recently installed Debian 12.5 with kernel 6.5.0.0 on an antique Dell
> Vostro 1700. Occasionally it crashes with
>

So you installed this kernel from where?

Stable (Debian 12/ bookworm) uses linux kernal 6.1.XXX

> "Kernel Panic - not syncing: Can not allocate SWIOTLB buffer earlier
> and can't now provide you with the DMA bounce buffer"
> 
> I saw some remarks about this from 2013 in the context of release 3.5.
> 
> Is this a problem in the kernel, or is the computer broken?
> 
> Should I revert to an earlier release?

Maybe try the official kernel?


-H 

-- 
Henning Follmann   | hfollm...@itcfollmann.com

[Back In Time] Update translations before upcoming release

[c . buhtz]

Hello together,

I'm member of the maintenance team of Back In Time [1] a rsync-based 
backup software.


We are in the middle of preparing the next release to hit the upcoming 
Ubuntu release in time.
It would be great if you could help that project and offer French 
translations or review them [2] (currently at 83%).


In the project, no one gets payed. No company behind hit. Even the 
maintainers and developers are volunteers.


Please let me know if and how you want to be mentioned in the credits as 
a translator.
It is up to you if you want to use your real name, your email or 
something else.
We do have a file [3] listing translators contribution. That names will 
be used in the about dialog for example.


Thanks in advance and best wishes,
Christian Buhtz

[1] -- 
[2] -- 
[3] -- 

Re: Great system

[Jeff Pang]

On 2024-07-08 10:05, George at Clug wrote:

On Monday, 08-07-2024 at 11:19 Richard Bostrom wrote:

Debian is such a great system. But now copying and rsync does not work


Richard,

Please elaborate on what you mean by "copying and rsync does not work"?

I often use Thunar, cp, and rsync to copy files, and have not issues so 
far. Is there an issue I have not yet experienced?




or rclone, the best option I like. :)

Re: NetworkManager with dnsmasq caching NXDOMAIN response of router

[Thomas Schmitt]

Hi,

David Ayers wrote:
> PS: it seems I'm not receiving mails via the list subscription so
> please keep my CC:ed if you will.  Thank you!

The "X-Spam-Status:" header of your mail does not show "LDOSUBSCRIBER".
So i assume that ay...@fsfe.org is not known to the list server as a
subscribed e-mail address.

It would be interesting to see what happens if you try to unsubscribe
and after getting e-mail feedback and confirmation subscribe again.
>From your mail's headers:
  List-Subscribe:

  List-Unsubscribe:




Have a nice day :)

Thomas

Re: NetworkManager with dnsmasq caching NXDOMAIN response of router

[David Ayers]

> Note that .home is somewhat of a special snowflake with regards to
> TLDs. It was suggested as the default for HNCP in 2016 (RFC 7788
> section 8 );
> rejected as a gTLD in 2018
>
;
> and then the usage from RFC 7788 was effectively superceded by the
> recommendation and assignment for non-unique use of home.arpa a few
> months later in RFC 8375 .
> 
> This may or may not have anything to do with your issues; but in
> general, making up own TLDs and hoping that they will never conflict
> with public ones is a bad idea these days. Just look at how many
> internal names suddenly started having issues after Google was
> assigned .dev in 2019; to say nothing of that they made it a
> preloaded-HSTS TLD.
> 
> It's better to either use .home.arpa (which is specifically reserved
> for the purpose) or to actually register a domain (even if the name
> server delegations are bogus so it never meaningfully resolves on the
> public Internet).

Thank you for the insight!

I just clicked through the routers DHCP configuration options (note
there are no explicit DNS options).  This is a ZTS ZXHN H268N Router
provided with a custom Firmware A1 WLAN Box 027_42w2_MU from my
provider that claims "The firmware of your device is the latest."...

... and I haven't found a way to configure the domain.

But note, if I do _not_ configure 
/etc/NetworkManager/conf.d/localdns.conf
dns=dnsmasq

but leave the default, then DNS resolves fine.

It's only when I add dnsmasq to handle the .vpn and .virt domains that
the .home domain starts caching the NXDOMAIN responses and causes
issues.  So I'm still crossing my fingers that this can be resolved
with some dnsmasq configuration which I haven't understood yet.

Thanks!
David

PS: forgive me for repeating: it seems I'm not receiving mails via the
list subscription so please keep my CC:ed if you will.  Thank you!

-- 
David Ayers

Supporting:
Free Software Foundation Europe[]   (http://www.fsfe.org)
Become a supporter of the FSFE!  [][][] 
Your donation powers important work!   ||   (http://fsfe.org/donate)



signature.asc
Description: This is a digitally signed message part

Re: NetworkManager with dnsmasq caching NXDOMAIN response of router

[David Ayers]

> On 8/7/24 11:42, jeremy ardley wrote:
> 
> There is also the file /etc/nsswitch.conf. That gives you fine
> grained control over name services and the order they are consulted 
> If you have a very small .home network you can create static entries
> in /etc/hosts and if configured in nsswitch.conf will be used before
> any call to an external dns provider. 
> 
> I also forgot to mention my usual warning:
> 
> NetworkManager is *not* stable and if you do anything complex with it
> you can expect trouble.
> 
> 
> Personally I use systemd-networkd as that seems much more stable and
> predictable and is easier to congigure

Thanks, and yes, /etc/hosts is what I have been juggling until now but
even though the network is "überschaubar" (small) it is volatile. 
After reboots of the router the printer/scanner, nas all get new
IPs/DHCP leases and editing /etc/hosts is becoming cumbersome.

NetworkManager is the default... I assume that the defaults is what is
the most stable.  If it is not, there should be a process to exchange
the default.  I'd really like to avoid straying from what most people
use.  But I don't really believe that this is a NetworkManager issue. 
Do me it seems to be a ZTE router, which I don't control, or hopefully
a dnsmasq configuration issue, which I do control.

Thanks!
David

PS: it seems I'm not receiving mails via the list subscription so
please keep my CC:ed if you will.  Thank you!

-- 
David Ayers

Supporting:
Free Software Foundation Europe[]   (http://www.fsfe.org)
Become a supporter of the FSFE!  [][][] 
Your donation powers important work!   ||   (http://fsfe.org/donate)



signature.asc
Description: This is a digitally signed message part

Re: NetworkManager with dnsmasq caching NXDOMAIN response of router

[Michael Kjörling]

On 8 Jul 2024 01:03 +0200, from ay...@fsfe.org (David Ayers):
> Hello everyone!
> 
> My Debian 12/bookworm laptop uses DHCP with NetworkManager which
> produce an /etc/resolv.conf containing:
> # Generated by NetworkManager
> ```
> search home
> nameserver 192.168.1.254
> ```

Note that .home is somewhat of a special snowflake with regards to
TLDs. It was suggested as the default for HNCP in 2016 (RFC 7788
section 8 );
rejected as a gTLD in 2018
;
and then the usage from RFC 7788 was effectively superceded by the
recommendation and assignment for non-unique use of home.arpa a few
months later in RFC 8375 .

This may or may not have anything to do with your issues; but in
general, making up own TLDs and hoping that they will never conflict
with public ones is a bad idea these days. Just look at how many
internal names suddenly started having issues after Google was
assigned .dev in 2019; to say nothing of that they made it a
preloaded-HSTS TLD.

It's better to either use .home.arpa (which is specifically reserved
for the purpose) or to actually register a domain (even if the name
server delegations are bogus so it never meaningfully resolves on the
public Internet).

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: Great system

[Andrew M.A. Cater]

On Mon, Jul 08, 2024 at 01:19:14AM +, Richard Bostrom wrote:
> Debian is such a great system. But now copying and rsync does not work and it 
> has to be done from a live-usb. The system is turning un-usable. Please less 
> releases and more stable releases. I am reverting to the version prior of 
> bookworm. Although graphically not as good.
> 
> Yours sincerely
> Richardh Bostrom
> 
> Sent with [Proton Mail](https://proton.me/) secure email.

Morning Richard,

I'd suggest reinstalling with the latest point release of Debian stable.
12.6 was released a couple of weeks ago as was 11.10

Debian 11 will receive only one more release as it transitions to LTS,
probably around August 31st. 

Are there any other signs of what's wrong? Logs? Have you changed anything
recently?

All the very best, as ever,

Andy
(amaca...@debian.org)