Re: Please stop systemd-fsck on _every_ boot!

2015-01-06 Thread ~Stack~
Greetings,


On 01/06/2015 07:56 PM, Patrick Bartek wrote:
> Have you tried tune2fs on each partition?
> 
>http://crashmag.net/disable-filesystem-check-fsck-at-boot-time

I did and that didn't help either.

After I sent my plea for help, I took a break to grab some dinner and
chill. When I returned I started hacking on it again. I started with the
fact that it always complained about the swap partition. I also noticed
that it /wasn't/ using the swap partition anymore (it was very recently).

Hrm. Well maybe that "x-systemd.automount" in fstab was working in that
swap wasn't being automounted, but systemd-fsck was just ignoring the
"don't fsck this drive" field. So I removed the automount statement. I
also had my swap encrypted...could that have been playing a part in all
of this? So I disabled the swap in crypttab and rebooted.

It *still* ran a fsck, but instead of several minutes, it was 2-3
seconds. Swap also loaded properly. Hrm. So I added the swap line back
into crypttab and presto, the long fsck boot came back. To cram about
45min of trial and error into a summary: systemd-fsck _really_ does not
like having the UUID for swap in /etc/crypttab but it does seem to do ok
with /dev/sda3 as the device instead. *shrug*

In summary:
* I have systemd-fsck disabled just about every damn place I can find to
do so, yet it still runs on boot every time. I see it on the screen and
in the log messages.
* I still can't find where the hell systemd stores the same information
it displays on the boot screen.
* As far as I am concerned (granted with my very small sample size of 2)
systemd flat out ignores the 6th field of fstab.
* systemd-fsck apparently really hates UUID's for crypttab

BUT! It now takes 2-3 seconds every time it says it is running a fsck
during boot versus the 2-3 minutes it used to take.

So I think I am just going to call it a "win" for now and go to sleep. :-)

~Stack~



signature.asc
Description: OpenPGP digital signature


Re: Please stop systemd-fsck on _every_ boot!

2015-01-06 Thread Patrick Bartek
On Tue, 06 Jan 2015, ~Stack~ wrote:

> Greetings,
> 
> This problem has been a minor annoyance for a while but only recently
> have I started to use Jessie more and it is has finally peeved me
> off. I have been trying everything I can find for the last two hours
> and I still can't get systemd to STOP doing a fsck on _every_ boot!
> 
> It tells me with a nice count down that it will take 1:45 minutes to
> run. It always runs longer and it always hangs on the swap partition.
> Immediately after it finishes there is a /super/ quick message about a
> timeout on the swap partition (that I can *not* find in the log files
> anywhere) followed by another message I can't read nor find in the log
> files. I see where it runs fsck in both the daemon and syslog, but
> _every_ partition is clean. There are no errors or timeouts that I can
> find in the logs.
> 
> I keep seeing all of these posts online saying how easy it is to
> disable systemd from runing fsck because it "honors" the '0' in the
> sixth field of /etc/fstab. Well that's just pure bull$h1t... That was
> one of the first things I tried some time ago. As far as I can tell
> on neither of my Jessie machines (one physical one virtual) does
> systemd honor the fstab in terms of doing a fsck. All of the
> partitions are set to 0 in /etc/fstab.
> 
> I found a post saying to disable it in /etc/fstab as a mount option
> 'x-systemd.automount'. That doesn't work either.
> 
> $ sed -e '/^#/d' /etc/fstab
> /dev/mapper/sda2_crypt / ext4 errors=remount-ro 0 0
> UUID=af9e4bfa-5591-4b9a-a855-3444b2562493 /boot ext4 defaults 0 0
> /dev/mapper/sda3_crypt none swap,x-systemd.automount sw 0 0
> /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto  0 0
> /dev/mapper/sda4_crypt /home ext4 defaults 0 0
> 
> I tried disabling the systemd-fsck service. That didn't work either.
> 
> Finally, I just tried "fsck.mode=skip" on the kernel command
> line...guess what? That doesn't work either. I thought maybe there was
> an issue with me interupting grub manually to add that line, so I also
> added it to /etc/default/grub's GRUB_CMDLINE_LINUX_DEFAULT and ran
> update-grub. After rebooting WITH a fsck being run, I can see it in my
> /proc/cmdline and when I look through my last boot log I can *see* it
> there too! Still doesn't work and systemd-fsck still runs on _every_
> boot.
> 
> $ cat cmdline
> BOOT_IMAGE=/vmlinuz-3.16.0-4-686-pae
> root=UUID=99d5a78e-7e8d-4426-83b2-33c06d630587 ro quiet
> init=/bin/systemd fsck.mode=skip
> 
> At this point I don't even care anymore if my disks never run fsck
> again. I just want systemd-fsck to STOP running on EVERY boot.

Have you tried tune2fs on each partition?

   http://crashmag.net/disable-filesystem-check-fsck-at-boot-time

B


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106175606.2d4ab...@debian7.boseck208.net



debhelper stripping debugging symbols

2015-01-06 Thread Kip Warner
Hey list,

I am trying to debianize a personal package for native compilation. I
packaged it using the debhelper 7 syntax as aided with dh_make.

After customizing my debian/* metadata and scripts, I noticed that
dh_strip is still stripping debugging symbols from my executable, even
though debian/rules sets DEB_BUILD_OPTIONS=nostrip. The flag appears to
be totally ignored, or perhaps clobbered later?

build log:
...
   dh_strip
strip --remove-section=.comment --remove-section=.note 
debian/my-tool/usr/bin/my-tool
   dh_makeshlibs
rm -f debian/my-tool/DEBIAN/shlibs
...

My debian/rules below. Any help appreciated 



Respectfully,

-- 
Kip Warner -- Senior Software Engineer
OpenPGP encrypted/signed mail preferred
http://www.thevertigo.com


signature.asc
Description: This is a digitally signed message part


Please stop systemd-fsck on _every_ boot!

2015-01-06 Thread ~Stack~
Greetings,

This problem has been a minor annoyance for a while but only recently
have I started to use Jessie more and it is has finally peeved me off. I
have been trying everything I can find for the last two hours and I
still can't get systemd to STOP doing a fsck on _every_ boot!

It tells me with a nice count down that it will take 1:45 minutes to
run. It always runs longer and it always hangs on the swap partition.
Immediately after it finishes there is a /super/ quick message about a
timeout on the swap partition (that I can *not* find in the log files
anywhere) followed by another message I can't read nor find in the log
files. I see where it runs fsck in both the daemon and syslog, but
_every_ partition is clean. There are no errors or timeouts that I can
find in the logs.

I keep seeing all of these posts online saying how easy it is to disable
systemd from runing fsck because it "honors" the '0' in the sixth field
of /etc/fstab. Well that's just pure bull$h1t... That was one of the
first things I tried some time ago. As far as I can tell on neither of
my Jessie machines (one physical one virtual) does systemd honor the
fstab in terms of doing a fsck. All of the partitions are set to 0 in
/etc/fstab.

I found a post saying to disable it in /etc/fstab as a mount option
'x-systemd.automount'. That doesn't work either.

$ sed -e '/^#/d' /etc/fstab
/dev/mapper/sda2_crypt / ext4 errors=remount-ro 0 0
UUID=af9e4bfa-5591-4b9a-a855-3444b2562493 /boot ext4 defaults 0 0
/dev/mapper/sda3_crypt none swap,x-systemd.automount sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto  0 0
/dev/mapper/sda4_crypt /home ext4 defaults 0 0

I tried disabling the systemd-fsck service. That didn't work either.

Finally, I just tried "fsck.mode=skip" on the kernel command
line...guess what? That doesn't work either. I thought maybe there was
an issue with me interupting grub manually to add that line, so I also
added it to /etc/default/grub's GRUB_CMDLINE_LINUX_DEFAULT and ran
update-grub. After rebooting WITH a fsck being run, I can see it in my
/proc/cmdline and when I look through my last boot log I can *see* it
there too! Still doesn't work and systemd-fsck still runs on _every_ boot.

$ cat cmdline
BOOT_IMAGE=/vmlinuz-3.16.0-4-686-pae
root=UUID=99d5a78e-7e8d-4426-83b2-33c06d630587 ro quiet
init=/bin/systemd fsck.mode=skip

At this point I don't even care anymore if my disks never run fsck
again. I just want systemd-fsck to STOP running on EVERY boot.

Thanks!
~Stack~



signature.asc
Description: OpenPGP digital signature


Re: HTML viewer

2015-01-06 Thread Frank



On 01/06/2015 05:32 PM, Ralph Katz wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 01/05/2015 07:57 PM, Frank wrote:

I am looking for a simple HTML viewer I can use under MC to read
HTML docs. I have Dillo installed but even it seems overkill for
what I need. Does anyone have suggestions ?


I use html2text for that.  Very simple.






  Sounds like it might do the job for me. I'll install and
check it out.

Thanks


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54ac83fc.5020...@videotron.ca



Re: Hard Drive Issues - smartmontools

2015-01-06 Thread Jape Person

On 01/06/2015 01:30 PM, Martin Steigerwald wrote:

Am Dienstag, 6. Januar 2015, 12:21:45 schrieb Jape Person:

Hello, folks!

Please help me save my old Sony VAIO desktop system.

I have two very old Sony VAIO systems, one desktop and one
notebook. They have PATA drives. I run Debian testing (updated
every day) on them. They've run testing (as a "rolling" release
using "testing" instead of the codename in sources.list) for years.

A few weeks ago when I upgraded smartmontools to 6.3+svn3990-1 I
started seeing warnings of uncorrectable read errors from the
e-mail notifier for both systems. The ensuing upgrades to
versions 6.3+svn4002-1 and 6.3+svn4002-2 didn't improve matters.

I edited smartd.conf to notify only in case of an increase in
the error count for both systems. The notebook has been quiet
since then, but the desktop continued to warn me every day.

I purchased a replacement drive (Maxtor DiamondMax 16, model
4R120L0). I installed testing on it, ran the short and long
tests from gsmartcontrol, and saw that both tests ended
prematurely with read errors. I didn't examine the logs from
these tests, but just sent the drive back to the vendor.

I purchased another drive of the same model from a different
vendor. I got the same results from the the short and long tests.

This time I recorded the results of the short and long tests and
am attaching them here.


How about cabling and controller?

That said, its a bit unusual at least that errors appear on two systems at
about the same time.


Thank you for the suggestion.

I should have mentioned that I swapped cables earlier on in the 
process with the first "new" drive, and it made no difference. 
The controller is part of the motherboard, so the only way it's 
getting replaced is if the whole system gets replaced.


Did you have time to look at the attachments I sent? What do you 
think about the 42,000 hours? This is a used drive, right? 
Unless there's some sort of anomalous behavior with 
smartmontools that can result in that figure being wrong?


I've never seen a new drive with those sorts of numbers on the 
smartctl log.


I appreciate your help.

Regards,
JP


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54ac63dd.1030...@comcast.net



Re: HTML viewer

2015-01-06 Thread Ralph Katz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 01/05/2015 07:57 PM, Frank wrote:
> I am looking for a simple HTML viewer I can use under MC to read
> HTML docs. I have Dillo installed but even it seems overkill for
> what I need. Does anyone have suggestions ?

I use html2text for that.  Very simple.


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQEcBAEBCgAGBQJUrGJxAAoJECe2FpioHXO6ooUH/3uKYnXn4iA9f4mrfbKQWTib
ww3ll2a+/tc95inSWAfvf5Lqo+VsFydCkiEyNk53gCilRW1l/qvZOjde0zyvz2vj
oAqIuivBo6+9VguJ3b7OFDzxQ3qyH/YDsjmtLrYNMz2mwHy/JuErIXEP9hjAmD04
3/NUIVmY+8KDJhcJcWwONBTD6ZQUKk5XEsGpLr9HycDorkEPnQ+fGxHHiS8BjS7n
5W1CFypBy1F5gCw0dIo495TE9SOZ4rbcycMUVRUIKcYpg0xZ7axvMfzTr7hQ2UgI
aIq0//wKlc/MHd7cS7GUsATrFEEQCPdyGMPvOV82pEXn4OLRA8Ct+LcbmtNGz48=
=vr5P
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54ac6290.7020...@rcn.com



Re: Have I been hacked?

2015-01-06 Thread Will Ness
Hello!!

While I am not an expert on the other issues on your machine, I would
recomend a wipe and a clean reinstall. Those root files with the random
characters are what an asian language font typing system rendered into the
standard qwerty would look like (lots of experience). My quick gut instinct
tells me that the language used was either Korean or Chinese but there is
no real way to tell except to type those letters into their language and
see what you get as rendered words. With the additional context of the
files being in root and being excutable my guess is they were going for
full remote access. Unless you want to spend a large chunk of time and
energy combing through your entire system resecuring it, a reinstall would
most likely be faster and more thorough and far more secure. Just my two
cents.

Cheers!!


Re: Late authentication

2015-01-06 Thread August Karlstrom

On 2015-01-05 22:50, Andrei POPESCU wrote:

One possible way around it would be to do the update via something like
cron-apt, apticron, unattended-upgrades, etc. Those tools also do inform
you if updates are available ;)


Thanks for the tip, Andrei. I have installed apticron and configured it 
to send an email to august@localhost whenever there are updates available.


-- August


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/m8hjkk$84f$1...@speranza.aioe.org



Re: Late authentication

2015-01-06 Thread August Karlstrom

On 2015-01-06 17:40, Liam O'Toole wrote:

On 2015-01-05, August Karlstrom  wrote:

I tried adding the file
/var/lib/polkit-1/localauthority/50-local.d/test.pkla with the content
below (and restarting X) but it made no difference; update-manager still
asks for root password when launched.

$ sudo cat /var/lib/polkit-1/localauthority/50-local.d/test.pkla
[test]
Identity=unix-group:sudo
Action=org.debian.apt.update-cache
ResultActive=yes


Some things to check:

- Are the file name "test.pkla" and the group name "test" unique?


I think so. At least there are no other (.pkla) files in 
/var/lib/polkit-1/localauthority/*



- Does the unix group "sudo" exist, and are you a member thereof?


Yes.


- Has the action "org.debian.apt.update-cache" been defined? (Look under
   /usr/share/polkit-1/actions/.)


Yes, it's defined in /usr/share/polkit-1/actions/org.debian.apt.policy.


- Is dbus-daemon running during your Blackbox session?


Yes, my Blackbox session is started from ~/.xinitrc with the command

exec ck-launch-session dbus-launch blackbox


-- August


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/m8hjbi$7er$1...@speranza.aioe.org



Re: Have I been hacked?

2015-01-06 Thread Ric Moore

On 01/06/2015 11:42 AM, Martin Steigerwald wrote:

Am Dienstag, 6. Januar 2015, 20:04:56 schrieb Danny:

Hi guys,


Hi Danny!


A while ago I posted a question about SFTP (I think the thread name was
"SFTP Question") about attacks I got against my server after syslog warned
me about an attempted breakin.


You might want to read this and check out your own securityh
http://www.clockwork.net/blog/2012/09/28/602/ssh_agent_hijacking
It seems too easy. Ric


--
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54ac3ed1.6080...@gmail.com



Re: Have I been hacked?

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 20:28:04 +0100, Martin Steigerwald wrote:

> Am Dienstag, 6. Januar 2015, 19:20:20 schrieb Brian:
> > On Tue 06 Jan 2015 at 19:47:09 +0100, Martin Steigerwald wrote:
> > > Am Dienstag, 6. Januar 2015, 21:51:26 schrieb Danny:
> > > > Hi guys,
> > > > 
> > > > I am afraid my happiness was short lived. To test if the deletion of the
> > > > file (and the effects thereof) would be permanent I rebooted the system
> > > > and
> > > > consequently found another file (same size, same random lettering)
> > > > booted
> > > > up with everything else. :( ... The culprit is well hidden and
> > > > regenerates
> > > > itself ...
> > > 
> > > Well… if something creates a file in /boot, it needs to be started
> > > somewhere. I still bet an examination along the ideas I suggested from a
> > > live distro may reveal where the file is created. Or it may not, at least
> > > not easily, if a changed binary creates the file, instead of some script.
> > > Its still not clear whether its really a malware or just some broken
> > > third party software you installed, but… if you didn´t install any broken
> > > third party software and it really is, read on.
> > 
> > Are we now to assume these files are only created on boot? The OP could
> > at least look into this and let us know whether this is so. It looks to
> > me there is some configuration which creates them. The configuration is
> > far more likely to have been produced by him than some invader.
> > 
> > > > I did "file -k", "grep -ir" and most of the other things you guys
> > > > suggested, but nothing showed up. I am now going through the
> > > > "after-compromise" chapter as one of you suggested.
> > > 
> > > That doesn´t make sense to me. At least file -k on one of the files should
> > > show some output.
> > 
> > Doesn't make sense to me either. The file command produces something.
> > Your mentioning of it was really a suggestion for the OP to provide
> > its output. The invitation wasn't taken up.
> > 
> > > > I will run "sleuthkit" and report if anything is found. However, I am
> > > > afraid a backup and re-installation is on the horizon for me ..
> > > > sigh .
> > > > 
> > > > Can I make the "/etc/init.d" directory readable only with the contents
> > > > thereof still executable ... untill I can properly back-up and install
> > > > everything again? ... or maybe some other short term solution ...
> > > 
> > > No. In case of a compromise, *reinstall* from *scratch*.
> > > 
> > > Its that easy.
> > 
> > Or
> > 
> > If the machine is not compromised - fix it.
> > 
> > It's that easy.
> 
> Sure, thats why I wrote:
> 
> > > No. In case of a compromise, *reinstall* from *scratch*.
> 
> I think "In case of a compromise" is clear enough.

"If the machine is not compromised" is also clear enough.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/06012015194824.c6a89cfc6...@desktop.copernicus.demon.co.uk



Re: developing on open source, apt

2015-01-06 Thread Joel Roth
On Tue, Jan 06, 2015 at 08:07:01PM +0100, bluehut wrote:
> Hello list,
> 
> Bear with me, this is a Debian question indeed.
> I would like to help with LXQt development and have a question about how
> to best go about this on Debian.
> 
> As a general question:
> Should I clone the git repo, build the programs and run them, or is
> there a way to actively develop without circumventing apt?

Just running the app from the build directory should be no 
problem, however if you need to install, you can use
checkinstall instead of 'make install'. checkinstall
creates a Debian package, which you can easily remove later on.

 
> Since I will develop on the application and test every change I made to
> me it seems easiest to just do it like that. Wihtout building .deb for
> every test version I created. However I am not sure if this is the best way.
> 
> Also LXQt comes with several libs, some of them being shipped in their
> repo, so I have the decision to take those, or the versions offerend by apt.
> 
> I hope you can help me.
> 
> -- 
> Michael
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: https://lists.debian.org/54ac3255.6080...@gmail.com
> 

-- 
Joel Roth
  


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106193700.GA6277@sprite



Re: Kernel module support for LSI 3008

2015-01-06 Thread Dan Ritter
On Tue, Jan 06, 2015 at 11:17:08AM +, ML mail wrote:
> Hello,
> 
> I installed Debian 7.7 (amd64) on a SuperStorage Server from SuperMicro and 
> noticed that my disks attached to the LSI 3008 (IT mode) chip on the 
> SuperMicro mainboard are not seen by Debian.
> 
> Is it possible that Debian 7 does not include any kernel module which 
> supports the LSI 3008 chip? I would like to access my disks directly from 
> Debian in order to either use RAID 5 with MD or ZFS.
> 

The 3008 needs mpt3sas. You will find that in the linux 3.16
kernel, which has been compiled for wheezy and is available in
wheezy-backports.

-dsr-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106191743.go30...@randomstring.org



Re: Have I been hacked?

2015-01-06 Thread Martin Steigerwald
Am Dienstag, 6. Januar 2015, 19:20:20 schrieb Brian:
> On Tue 06 Jan 2015 at 19:47:09 +0100, Martin Steigerwald wrote:
> > Am Dienstag, 6. Januar 2015, 21:51:26 schrieb Danny:
> > > Hi guys,
> > > 
> > > I am afraid my happiness was short lived. To test if the deletion of the
> > > file (and the effects thereof) would be permanent I rebooted the system
> > > and
> > > consequently found another file (same size, same random lettering)
> > > booted
> > > up with everything else. :( ... The culprit is well hidden and
> > > regenerates
> > > itself ...
> > 
> > Well… if something creates a file in /boot, it needs to be started
> > somewhere. I still bet an examination along the ideas I suggested from a
> > live distro may reveal where the file is created. Or it may not, at least
> > not easily, if a changed binary creates the file, instead of some script.
> > Its still not clear whether its really a malware or just some broken
> > third party software you installed, but… if you didn´t install any broken
> > third party software and it really is, read on.
> 
> Are we now to assume these files are only created on boot? The OP could
> at least look into this and let us know whether this is so. It looks to
> me there is some configuration which creates them. The configuration is
> far more likely to have been produced by him than some invader.
> 
> > > I did "file -k", "grep -ir" and most of the other things you guys
> > > suggested, but nothing showed up. I am now going through the
> > > "after-compromise" chapter as one of you suggested.
> > 
> > That doesn´t make sense to me. At least file -k on one of the files should
> > show some output.
> 
> Doesn't make sense to me either. The file command produces something.
> Your mentioning of it was really a suggestion for the OP to provide
> its output. The invitation wasn't taken up.
> 
> > > I will run "sleuthkit" and report if anything is found. However, I am
> > > afraid a backup and re-installation is on the horizon for me ..
> > > sigh .
> > > 
> > > Can I make the "/etc/init.d" directory readable only with the contents
> > > thereof still executable ... untill I can properly back-up and install
> > > everything again? ... or maybe some other short term solution ...
> > 
> > No. In case of a compromise, *reinstall* from *scratch*.
> > 
> > Its that easy.
> 
> Or
> 
> If the machine is not compromised - fix it.
> 
> It's that easy.

Sure, thats why I wrote:

> > No. In case of a compromise, *reinstall* from *scratch*.

I think "In case of a compromise" is clear enough.

-- 
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5777066.KTOvfcT0Ng@merkaba



developing on open source, apt

2015-01-06 Thread bluehut
Hello list,

Bear with me, this is a Debian question indeed.
I would like to help with LXQt development and have a question about how
to best go about this on Debian.

As a general question:
Should I clone the git repo, build the programs and run them, or is
there a way to actively develop without circumventing apt?

Since I will develop on the application and test every change I made to
me it seems easiest to just do it like that. Wihtout building .deb for
every test version I created. However I am not sure if this is the best way.

Also LXQt comes with several libs, some of them being shipped in their
repo, so I have the decision to take those, or the versions offerend by apt.

I hope you can help me.

-- 
Michael


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54ac3255.6080...@gmail.com



Re: Have I been hacked?

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 20:09:00 +0100, Hans wrote:

> Am Dienstag, 6. Januar 2015, 13:33:50 schrieb Jerry Stuckle:
> > 
> > One other suggestion I might make is rkhunter (apt-get install
> > rkhunter).  While not perfect (what is?), it does scan your system for a
> > number of different compromises.  It might find your sneaky pete.  Worth
> > a try, anyway.
> > 
> > Jerry
>
> Yes, rkhunter is a good way. Additionally I want to point to "chkrootkit", 
> which also does a great job.

Both these softwares do a great job of helping you to search for hairs
on the palms of your hands.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/06012015192030.d3aae089c...@desktop.copernicus.demon.co.uk



Re: Have I been hacked?

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 19:47:09 +0100, Martin Steigerwald wrote:

> Am Dienstag, 6. Januar 2015, 21:51:26 schrieb Danny:
> > Hi guys,
> > 
> > I am afraid my happiness was short lived. To test if the deletion of the
> > file (and the effects thereof) would be permanent I rebooted the system and
> > consequently found another file (same size, same random lettering) booted
> > up with everything else. :( ... The culprit is well hidden and regenerates
> > itself ...
> 
> Well… if something creates a file in /boot, it needs to be started somewhere. 
> I 
> still bet an examination along the ideas I suggested from a live distro may 
> reveal where the file is created. Or it may not, at least not easily, if a 
> changed binary creates the file, instead of some script. Its still not clear 
> whether its really a malware or just some broken third party software you 
> installed, but… if you didn´t install any broken third party software and it 
> really is, read on.

Are we now to assume these files are only created on boot? The OP could 
at least look into this and let us know whether this is so. It looks to
me there is some configuration which creates them. The configuration is
far more likely to have been produced by him than some invader.

> > I did "file -k", "grep -ir" and most of the other things you guys suggested,
> > but nothing showed up. I am now going through the "after-compromise"
> > chapter as one of you suggested.
> 
> That doesn´t make sense to me. At least file -k on one of the files should 
> show 
> some output.

Doesn't make sense to me either. The file command produces something.
Your mentioning of it was really a suggestion for the OP to provide
its output. The invitation wasn't taken up.

> > I will run "sleuthkit" and report if anything is found. However, I am afraid
> > a backup and re-installation is on the horizon for me .. sigh .
> > 
> > Can I make the "/etc/init.d" directory readable only with the contents
> > thereof still executable ... untill I can properly back-up and install
> > everything again? ... or maybe some other short term solution ...
> 
> No. In case of a compromise, *reinstall* from *scratch*.
> 
> Its that easy.

Or

If the machine is not compromised - fix it.

It's that easy.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106192020.gd3...@copernicus.demon.co.uk



Re: Have I been hacked?

2015-01-06 Thread Hans
Am Dienstag, 6. Januar 2015, 13:33:50 schrieb Jerry Stuckle:
> On 1/6/2015 2:53 PM, Danny wrote:
> >> A stab in the dark, but is it possible this machine has services exposed
> >> to the internet, and you'd not applied fixes against the recent
> >> shellshock bug?> 
> > Jip ... ssh, apache, postfix, popa3d ... come to think of it ... all the
> > candy is available ... lol ...
> 
> Although I agree with the others that a clean install is the best way,
> it's not easy.
> 
> One other suggestion I might make is rkhunter (apt-get install
> rkhunter).  While not perfect (what is?), it does scan your system for a
> number of different compromises.  It might find your sneaky pete.  Worth
> a try, anyway.
> 
> Jerry
Yes, rkhunter is a good way. Additionally I want to point to "chkrootkit", 
which also does a great job.

Best 

Hans


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/13405443.zoVhro3gvv@protheus2



Re: Have I been hacked?

2015-01-06 Thread Jerry Stuckle
On 1/6/2015 2:53 PM, Danny wrote:
>> A stab in the dark, but is it possible this machine has services exposed to 
>> the internet, and you'd not applied fixes against the recent shellshock bug?
>>
> 
> Jip ... ssh, apache, postfix, popa3d ... come to think of it ... all the candy
> is available ... lol ... 
> 
> 

Although I agree with the others that a clean install is the best way,
it's not easy.

One other suggestion I might make is rkhunter (apt-get install
rkhunter).  While not perfect (what is?), it does scan your system for a
number of different compromises.  It might find your sneaky pete.  Worth
a try, anyway.

Jerry


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54ac2a8e.6050...@gmail.com



Re: Have I been hacked?

2015-01-06 Thread Martin Steigerwald
Am Dienstag, 6. Januar 2015, 21:51:26 schrieb Danny:
> Hi guys,
> 
> I am afraid my happiness was short lived. To test if the deletion of the
> file (and the effects thereof) would be permanent I rebooted the system and
> consequently found another file (same size, same random lettering) booted
> up with everything else. :( ... The culprit is well hidden and regenerates
> itself ...

Well… if something creates a file in /boot, it needs to be started somewhere. I 
still bet an examination along the ideas I suggested from a live distro may 
reveal where the file is created. Or it may not, at least not easily, if a 
changed binary creates the file, instead of some script. Its still not clear 
whether its really a malware or just some broken third party software you 
installed, but… if you didn´t install any broken third party software and it 
really is, read on.

> I did "file -k", "grep -ir" and most of the other things you guys suggested,
> but nothing showed up. I am now going through the "after-compromise"
> chapter as one of you suggested.

That doesn´t make sense to me. At least file -k on one of the files should show 
some output.

> I will run "sleuthkit" and report if anything is found. However, I am afraid
> a backup and re-installation is on the horizon for me .. sigh .
> 
> Can I make the "/etc/init.d" directory readable only with the contents
> thereof still executable ... untill I can properly back-up and install
> everything again? ... or maybe some other short term solution ...

No. In case of a compromise, *reinstall* from *scratch*.

Its that easy.

Especially when you do not know, how the file is created on bootup. It could be 
basically anywhere.

Really read:

https://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html

:)

I´d *switch* off the machine in the case of a compromise. This will also 
disconnect it from the network.

Then I´d use a live distro to make a file-based copy to a safe place. With 
rsync I bet.

Then I´d reinstall from scratch. And be extra careful with any data I copy 
back from the backup.

-- 
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1677582.HZp1z1gOUd@merkaba



Re: Hard Drive Issues - smartmontools

2015-01-06 Thread Martin Steigerwald
Am Dienstag, 6. Januar 2015, 12:21:45 schrieb Jape Person:
> Hello, folks!
> 
> Please help me save my old Sony VAIO desktop system.
> 
> I have two very old Sony VAIO systems, one desktop and one 
> notebook. They have PATA drives. I run Debian testing (updated 
> every day) on them. They've run testing (as a "rolling" release 
> using "testing" instead of the codename in sources.list) for years.
> 
> A few weeks ago when I upgraded smartmontools to 6.3+svn3990-1 I 
> started seeing warnings of uncorrectable read errors from the 
> e-mail notifier for both systems. The ensuing upgrades to 
> versions 6.3+svn4002-1 and 6.3+svn4002-2 didn't improve matters.
> 
> I edited smartd.conf to notify only in case of an increase in 
> the error count for both systems. The notebook has been quiet 
> since then, but the desktop continued to warn me every day.
> 
> I purchased a replacement drive (Maxtor DiamondMax 16, model 
> 4R120L0). I installed testing on it, ran the short and long 
> tests from gsmartcontrol, and saw that both tests ended 
> prematurely with read errors. I didn't examine the logs from 
> these tests, but just sent the drive back to the vendor.
> 
> I purchased another drive of the same model from a different 
> vendor. I got the same results from the the short and long tests.
> 
> This time I recorded the results of the short and long tests and 
> am attaching them here.

How about cabling and controller?

That said, its a bit unusual at least that errors appear on two systems at 
about the same time.

-- 
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/3598759.MorRhdcRR7@merkaba



Re: Have I been hacked?

2015-01-06 Thread Danny
> A stab in the dark, but is it possible this machine has services exposed to 
> the internet, and you'd not applied fixes against the recent shellshock bug?
>

Jip ... ssh, apache, postfix, popa3d ... come to think of it ... all the candy
is available ... lol ... 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106195319.GB8038@fever.havannah.local



Re: Have I been hacked?

2015-01-06 Thread Danny
Hi guys,

I am afraid my happiness was short lived. To test if the deletion of the file
(and the effects thereof) would be permanent I rebooted the system and
consequently found another file (same size, same random lettering) booted up
with everything else. :( ... The culprit is well hidden and regenerates itself
...

I did "file -k", "grep -ir" and most of the other things you guys suggested, but
nothing showed up. I am now going through the "after-compromise" chapter as one
of you suggested.

I will run "sleuthkit" and report if anything is found. However, I am afraid a
backup and re-installation is on the horizon for me .. sigh .

Can I make the "/etc/init.d" directory readable only with the contents thereof
still executable ... untill I can properly back-up and install everything again?
... or maybe some other short term solution ...

Thank You

Danny


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106195126.GA8038@fever.havannah.local



Re: Have I been hacked?

2015-01-06 Thread Glyn Astill

> From: Simon Brandmair 
>To: debian-user@lists.debian.org 
>Sent: Tuesday, 6 January 2015, 16:53
>Subject: Re: Have I been hacked?
> 
>
>On 01/06/2015 09:10 AM, Danny wrote:
>[...]
>> However, prior to this breakin, in early December 2014, I noticed my network
>> behaving strangely especially through wireless connections.
>[...]
>
>I can't give you any input on your specific problem. But here is a
>pointer from the Securing Debian Manual (if you don't already know it):
>"After the compromise (incident response)" [1]
>
>Cheers,
>Simon



A stab in the dark, but is it possible this machine has services exposed to the 
internet, and you'd not applied fixes against the recent shellshock bug?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/17969598.5435874.1420566596071.javamail.ya...@jws11106.mail.ir2.yahoo.com



Hard Drive Issues - smartmontools

2015-01-06 Thread Jape Person

Hello, folks!

Please help me save my old Sony VAIO desktop system.

I have two very old Sony VAIO systems, one desktop and one 
notebook. They have PATA drives. I run Debian testing (updated 
every day) on them. They've run testing (as a "rolling" release 
using "testing" instead of the codename in sources.list) for years.


A few weeks ago when I upgraded smartmontools to 6.3+svn3990-1 I 
started seeing warnings of uncorrectable read errors from the 
e-mail notifier for both systems. The ensuing upgrades to 
versions 6.3+svn4002-1 and 6.3+svn4002-2 didn't improve matters.


I edited smartd.conf to notify only in case of an increase in 
the error count for both systems. The notebook has been quiet 
since then, but the desktop continued to warn me every day.


I purchased a replacement drive (Maxtor DiamondMax 16, model 
4R120L0). I installed testing on it, ran the short and long 
tests from gsmartcontrol, and saw that both tests ended 
prematurely with read errors. I didn't examine the logs from 
these tests, but just sent the drive back to the vendor.


I purchased another drive of the same model from a different 
vendor. I got the same results from the the short and long tests.


This time I recorded the results of the short and long tests and 
am attaching them here.


I also ran memtest86+ 5.01 (all 11 tests) on the system for over 
40 hours with 0 errors detected.


System specs:
Intel Pentium 4 CPU 2.20GHz
Chipset: SiS 650 - FSB:100
RAM type: DDR-SDRAM
Memory 1536M

I saw this bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764233

At first I was going to add a comment to that bug to that bug 
report, thinking there must be something wrong with 
smartmontools, but I scanned down through the test logs this 
time and saw that stuff about 42,000+ hours. Does that mean what 
I think it means?


Both of the drives I purchase were sold as NEW drives (through 
Amazon.com vendors). They were not supposed to be refurbished.


My questions are --

1. Is there something wrong with this drive, or is it possibly 
just a drive that doesn't get along with smartmontools. Seems to 
be in the database, and I don't know (yet) how to check with 
Maxtor to see if the firmware for the drive needs an update.


2. Is this vendor pulling a fast one? Is this a used drive?

3. If #2 is the case, where can I find an honest vendor that 
will sell me an unused PATA drive to use with this system?


Thank you for your patience, and for any help you can give me.

Best,
JP
smartctl 6.4 2014-10-07 r4002 [i686-linux-3.16.0-4-686-pae] (local build)
Copyright (C) 2002-14, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family: Maxtor DiamondMax 16
Device Model: Maxtor 4R120L0
Serial Number:R34K39WE
Firmware Version: RAMB1TU0
User Capacity:122,942,324,736 bytes [122 GB]
Sector Size:  512 bytes logical/physical
Device is:In smartctl database [for details use: -P show]
ATA Version is:   ATA/ATAPI-7 T13/1532D revision 0
Local Time is:Tue Jan  6 11:35:38 2015 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x80) Offline data collection activity
was never started.
Auto Offline Data Collection: Enabled.
Self-test execution status:  ( 116) The previous self-test completed having
the read element of the test failed.
Total time to complete Offline 
data collection:(   30) seconds.
Offline data collection
capabilities:(0x5b) SMART execute Offline immediate.
Auto Offline data collection on/off 
support.
Suspend Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities:(0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability:(0x01) Error logging supported.
No General Purpose Logging support.
Short self-test routine 
recommended polling time:(   2) minutes.
Extended self-test routine
recommended polling time:(  68) minutes.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME  FLAG VALUE WORST THRESH TYPE  UPDATED  
WHEN_FAILE

Re: Have I been hacked?

2015-01-06 Thread Simon Brandmair
On 01/06/2015 09:10 AM, Danny wrote:
[...]
> However, prior to this breakin, in early December 2014, I noticed my network
> behaving strangely especially through wireless connections.
[...]

I can't give you any input on your specific problem. But here is a
pointer from the Securing Debian Manual (if you don't already know it):
"After the compromise (incident response)" [1]

Cheers,
Simon


[1]
https://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/m8h3u6$q7e$1...@news.albasani.net



Re: Have I been hacked?

2015-01-06 Thread berenger . morel


Le 06.01.2015 19:04, Danny a écrit :

However, I have a few other weird looking files in the /boot
directory. Can you
guys please have a look at them and tell me if they are normal or 
not.


#
drwxr-xr-x  3 root root 4.0K Jan  6 19:35 .
drwxr-xr-x 24 root root 4.0K Jan  3 17:23 ..
-rwxr-xr-x  1 root root 648K Jan  6 19:03 aknaykocbs
-rwxr-xr-x  1 root root 648K Jan  1 11:34 bxerzoalfk
-rw-r--r--  1 root root 157K Dec 10 18:57 
config-3.16.0-0.bpo.4-686-pae

-rw-r--r--  1 root root 132K Dec  8 00:36 config-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 20 08:04 cwpgfmvkrk
-rwxr-xr-x  1 root root 648K Dec 30 22:41 czhlgmsgzh
-rwxr-xr-x  1 root root 648K Dec 30 20:03 dkseypedtx
-rwxr-xr-x  1 root root 648K Jan  3 15:14 esijfkmwnd
-rwxr-xr-x  1 root root 648K Dec 27 14:49 fndswijgdk
-rwxr-xr-x  1 root root0 Dec 20 08:14 gbwokvqoch
drwxr-xr-x  3 root root  12K Jan  3 17:23 grub
-rwxr-xr-x  1 root root 648K Jan  5 07:28 gyimenpwnt
-rwxr-xr-x  1 root root 648K Dec 31 17:49 hjmmvaxfzq
-rwxr-xr-x  1 root root 648K Dec 15 21:25 hutaslspbf
-rw-r--r--  1 root root  14M Jan  3 17:25 
initrd.img-3.16.0-0.bpo.4-686-pae

-rw-r--r--  1 root root  11M Jan  2 22:01 initrd.img-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Jan  2 18:47 isrgzlchmx
-rwxr-xr-x  1 root root 648K Dec 27 14:56 izytxsbskq
-rwxr-xr-x  1 root root 648K Jan  5 18:40 kvvcqvddix
-rwxr-xr-x  1 root root 648K Jan  1 11:19 ryrfvxjggh
-rwxr-xr-x  1 root root0 Jan  5 19:08 sgopxfsiac
-rw-r--r--  1 root root 2.0M Dec 10 18:57 
System.map-3.16.0-0.bpo.4-686-pae

-rw-r--r--  1 root root 1.6M Dec  8 00:36 System.map-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 30 20:40 ttqssdikcn
-rwxr-xr-x  1 root root0 Dec 26 17:11 utxlhlmnix
-rwxr-xr-x  1 root root0 Dec 12 07:29 vdqepbezvg
-rw-r--r--  1 root root 2.9M Dec 10 18:56 
vmlinuz-3.16.0-0.bpo.4-686-pae

-rw-r--r--  1 root root 2.6M Dec  8 00:35 vmlinuz-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 31 17:30 wevzubbsgn
-rwxr-xr-x  1 root root 648K Jan  1 09:46 xjeemjyuly
-rwxr-xr-x  1 root root 648K Jan  1 17:10 zfmpizunja
-rwxr-xr-x  1 root root 648K Jan  1 10:00 zkdjlvhuui
-rwxr-xr-x  1 root root0 Dec 30 22:32 zpaqgbuxvr


What bothers me is that the "other" files are all the same size 
(648k) as the
suspected file I removed and they are very recent additions to the 
/boot

directory.

Thank You

Danny


Hello.

Imho you can safely remove those files, which seems to be a random 
suite of characters.


Oh, and, if your /boot is on another partition, just do not mount it 
automatically, or if it is really needed, mount it as read-only. If, 
really, really, you need to write on it frequently (except for kernel 
updates, I mean) then, you could add it a flag to avoid code execution 
from it, I think.


I usually place the boot partition on a different partition for other 
reasons, like:
_ putting there an ISO to boot in case of emergency (so I can boot on 
it, and install or repair a system without too many troubles)
_ storing my lilo configuration file instead of /etc (useful, because 
lilo does not detect automatically other OSes... but it's far easier to 
customize than grub)
_ and sometimes putting several kernels of several OSes in the same 
place (but this is not really useful since many many stuff goes in /lib 
anyway, plus, it tends to become messy to update my kernels since I have 
never tried to automatically ask to systems to put an OS's kernel in a 
subfolder. For Debian I think there might be a solution with hooks in 
the apt system... should search more about it someday).


Obviously, I don't do that on VMs (mostly only default stuff there), so 
here is a ls command on a ls on a sane system:


:/boot$ ls
config-3.2.0-4-amd64  grub  initrd.img-3.2.0-4-amd64  lost+found  
System.map-3.2.0-4-amd64  vmlinuz-3.2.0-4-amd64



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/fc7ec2ade72f1dd905daac4bdf4b4...@neutralite.org



Re: Have I been hacked?

2015-01-06 Thread Martin Steigerwald
Am Dienstag, 6. Januar 2015, 20:04:56 schrieb Danny:
> Hi guys,

Hi Danny!

> A while ago I posted a question about SFTP (I think the thread name was
> "SFTP Question") about attacks I got against my server after syslog warned
> me about an attempted breakin.
> 
> Consequently I installed fail2ban and did a few other things to let me sleep
> better at night.

If someone has already introduced it is too late for fail2ban.

> However, prior to this breakin, in early December 2014, I noticed my network
> behaving strangely especially through wireless connections. I have Debian
> that acts as a gateway (wlan0->br0->eth0). wlan0 is the pickup for the
> internal network that gets bridged to eth0 which then goes through the
> router to the internet. What I noticed was that wireless connections would
> break down quickly, bind9 would fail to resolve (even on wired connections)
> and pages would load slow. In general it was chaos.
> 
> Under the impression that it was a hardware failure, I changed the wlan0
> adapter. Still it was the same. So I bought a more expensive one, and still
> no change. I changed eth0 with an expensive one and still it was the same.
> I bought 2 new Netgear ADSL routers but the chaos was still there.
> 
> wlan0, br0 and eth0 just didn't want to work together no more. Eventually I
> stopped all bootup scripts and processes trying to isolate the problem. And
> guess what, I found the culprit.
> 
> Here it is:
> ##
> -rwxr-xr-x 1 root root  648K Dec 11 17:17 /boot/dippqejwvf
> ##
> 
> This file got booted up and caused all the havoc. I moved it to a secure
> place and now it seems that all gremlins have gone away. The date on this
> file is 11 Dec 2014, right about the time my troubles started. I think that
> those Chinese guys got into my system even before syslog warned me a few
> days later.

Okay, if you already made sure that this file has been executed, do the 
following:

- Make a backup of the server to a place you can be sure no one executes any 
files from. (If need be from a filesystem mounted with noexec.)

- *Wipe* your server and *reinstall* from scratch. In case you need to restore 
some data after a *clean* OS installation, look very carefully at the data 
before restoring it. Especially if the data is executable in some form or is 
used by other executables and can influence their behavior. A bunch of png or 
jpeg files that are really what they claim to be should be quite safe, but PHP 
files on a webserver: Reinstall the PHP application from scratch. In the most 
recent version. Probably select another PHP application if its not maintained 
on a regular base.

Thats about it.


Just removing a *single* suspicious file is likely not enough to *clean* your 
system. A good malware is likely to install itself into mutiple places and 
hides its presence, so what you may have found is just some left over of the 
malware installation process.

> However, I have a few other weird looking files in the /boot directory. Can
> you guys please have a look at them and tell me if they are normal or not.
> 
> #
> drwxr-xr-x  3 root root 4.0K Jan  6 19:35 .
> drwxr-xr-x 24 root root 4.0K Jan  3 17:23 ..
> -rwxr-xr-x  1 root root 648K Jan  6 19:03 aknaykocbs
> -rwxr-xr-x  1 root root 648K Jan  1 11:34 bxerzoalfk
> -rw-r--r--  1 root root 157K Dec 10 18:57 config-3.16.0-0.bpo.4-686-pae
> -rw-r--r--  1 root root 132K Dec  8 00:36 config-3.2.0-4-686-pae
> -rwxr-xr-x  1 root root 648K Dec 20 08:04 cwpgfmvkrk
> -rwxr-xr-x  1 root root 648K Dec 30 22:41 czhlgmsgzh
> -rwxr-xr-x  1 root root 648K Dec 30 20:03 dkseypedtx
> -rwxr-xr-x  1 root root 648K Jan  3 15:14 esijfkmwnd
> -rwxr-xr-x  1 root root 648K Dec 27 14:49 fndswijgdk
> -rwxr-xr-x  1 root root0 Dec 20 08:14 gbwokvqoch
> drwxr-xr-x  3 root root  12K Jan  3 17:23 grub
> -rwxr-xr-x  1 root root 648K Jan  5 07:28 gyimenpwnt
> -rwxr-xr-x  1 root root 648K Dec 31 17:49 hjmmvaxfzq
> -rwxr-xr-x  1 root root 648K Dec 15 21:25 hutaslspbf
> -rw-r--r--  1 root root  14M Jan  3 17:25 initrd.img-3.16.0-0.bpo.4-686-pae
> -rw-r--r--  1 root root  11M Jan  2 22:01 initrd.img-3.2.0-4-686-pae
> -rwxr-xr-x  1 root root 648K Jan  2 18:47 isrgzlchmx
> -rwxr-xr-x  1 root root 648K Dec 27 14:56 izytxsbskq
> -rwxr-xr-x  1 root root 648K Jan  5 18:40 kvvcqvddix
> -rwxr-xr-x  1 root root 648K Jan  1 11:19 ryrfvxjggh
> -rwxr-xr-x  1 root root0 Jan  5 19:08 sgopxfsiac
> -rw-r--r--  1 root root 2.0M Dec 10 18:57 System.map-3.16.0-0.bpo.4-686-pae
> -rw-r--r--  1 root root 1.6M Dec  8 00:36 System.map-3.2.0-4-686-pae
> -rwxr-xr-x  1 root root 648K Dec 30 20:40 ttqssdikcn
> -rwxr-xr-x  1 root root0 Dec 26 17:11 utxlhlmnix
> -rwxr-xr-x  1 root root0 Dec 12 07:29 vdqepbezvg
> -rw-r--r--  1 root root 2.9M Dec 10 18:56 vmlinuz-3.16.0-0.bpo.4-686-pae
> -rw-r--r--  1 root root 2.6M Dec  8 00:35 v

Re: upgrade from wheezy to jessie

2015-01-06 Thread Gerard ROBIN
On Tue, Jan 06, 2015 at 01:35:48PM +, Joe wrote:
> Date: Tue, 6 Jan 2015 13:35:48 +
> From: Joe 
> To: debian-user@lists.debian.org
> Subject: Re: upgrade from wheezy to jessie
> X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-pc-linux-gnu)
> 
> On Tue, 6 Jan 2015 13:48:10 +0100
> Gerard ROBIN  wrote:
> 
> 
> > 
> > I agree with you regarding jessie, I installed it on a USB drive and 
> > it works fine with systend, but but what concerns me is the
> > transition from sysvinit to systemd on wheezy. If I understand what I
> > read on the web (in English ...) it may be that my machine will not
> > boot if I do not do the job well.
> > 
> The main issue is that anything local mounted in /etc/fstab (even
> removable drives) will be treated as essential, and if they are not
> there, boot will fail. The answer is either to remove any such drives
> from fstab, as the kernel automounting should be good enough now to do
> the job consistently, or to mark them as not being required for boot.
> The fstab syntax for systemd has been extended quite a bit.
> 
> But yes, I moved three sid systems from sysvinit to systemd, the two
> simpler systems were fine, the much larger main workstation
> installation had sufficient minor problems that I felt it better to
> reinstall. Not something you want to do with a server.

Ok, I got my feet wet : 

~# apt-get install  systemd-sysv

--8<--

You are about to do something potentially harmful.
To continue type in the phrase 'Yes, do as I say!'

~# Yes, do as I say!

~# apt-get install sysv-rc-conf

and after that wheezy has booted like a charm. Luke


Thanks to everyone who replied.

-- 
Gerard
___
***
*  Created with "mutt 1.5.21-6.2+deb7u2"  *
*  under Debian Linux WHEEZY version 7.7  *
*  Registered Linux User #388243  *
*  https://Linuxcounter.net   *
***


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106164144.GA5237@mauritiusGA



Re: Late authentication

2015-01-06 Thread Liam O'Toole
On 2015-01-05, August Karlstrom  wrote:
> On 2015-01-04 17:30, August Karlstrom wrote:
>> I run Debian Wheezy with a simple window manager (Blackbox). If I
>> remember correctly, in Ubuntu some applications like Synaptic and Update
>> Manager ask for sudo password only when/if needed.
>>
>> How do I configure the system so I can launch for instance Update
>> Manager as normal user, check if there are any updates available and
>> then provide the sudo password only if the system is to be updated? As
>> Far as I understand the authentication is handled by Polkit.
>
> I tried adding the file 
> /var/lib/polkit-1/localauthority/50-local.d/test.pkla with the content 
> below (and restarting X) but it made no difference; update-manager still 
> asks for root password when launched.
>
> $ sudo cat /var/lib/polkit-1/localauthority/50-local.d/test.pkla
> [test]
> Identity=unix-group:sudo
> Action=org.debian.apt.update-cache
> ResultActive=yes
>
>
> -- August
>
>

Some things to check:

- Are the file name "test.pkla" and the group name "test" unique?
- Does the unix group "sudo" exist, and are you a member thereof?
- Has the action "org.debian.apt.update-cache" been defined? (Look under
  /usr/share/polkit-1/actions/.)
- Is dbus-daemon running during your Blackbox session?

-- 

Liam



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/slrnmao3fu.jb9.liam.p.otoole@dipsy.tubbynet



Have I been hacked?

2015-01-06 Thread Danny
Hi guys,

A while ago I posted a question about SFTP (I think the thread name was "SFTP
Question") about attacks I got against my server after syslog warned me about an
attempted breakin.

Consequently I installed fail2ban and did a few other things to let me sleep
better at night.

However, prior to this breakin, in early December 2014, I noticed my network
behaving strangely especially through wireless connections. I have Debian that
acts as a gateway (wlan0->br0->eth0). wlan0 is the pickup for the internal
network that gets bridged to eth0 which then goes through the router to the
internet. What I noticed was that wireless connections would break down quickly,
bind9 would fail to resolve (even on wired connections) and pages would load
slow. In general it was chaos.

Under the impression that it was a hardware failure, I changed the wlan0
adapter. Still it was the same. So I bought a more expensive one, and still no
change. I changed eth0 with an expensive one and still it was the same. I bought
2 new Netgear ADSL routers but the chaos was still there.

wlan0, br0 and eth0 just didn't want to work together no more. Eventually I
stopped all bootup scripts and processes trying to isolate the problem. And
guess what, I found the culprit.

Here it is:
##
-rwxr-xr-x 1 root root  648K Dec 11 17:17 /boot/dippqejwvf
##

This file got booted up and caused all the havoc. I moved it to a secure place 
and
now it seems that all gremlins have gone away. The date on this file is 11 Dec
2014, right about the time my troubles started. I think that those Chinese guys
got into my system even before syslog warned me a few days later.

However, I have a few other weird looking files in the /boot directory. Can you
guys please have a look at them and tell me if they are normal or not.

#
drwxr-xr-x  3 root root 4.0K Jan  6 19:35 .
drwxr-xr-x 24 root root 4.0K Jan  3 17:23 ..
-rwxr-xr-x  1 root root 648K Jan  6 19:03 aknaykocbs
-rwxr-xr-x  1 root root 648K Jan  1 11:34 bxerzoalfk
-rw-r--r--  1 root root 157K Dec 10 18:57 config-3.16.0-0.bpo.4-686-pae
-rw-r--r--  1 root root 132K Dec  8 00:36 config-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 20 08:04 cwpgfmvkrk
-rwxr-xr-x  1 root root 648K Dec 30 22:41 czhlgmsgzh
-rwxr-xr-x  1 root root 648K Dec 30 20:03 dkseypedtx
-rwxr-xr-x  1 root root 648K Jan  3 15:14 esijfkmwnd
-rwxr-xr-x  1 root root 648K Dec 27 14:49 fndswijgdk
-rwxr-xr-x  1 root root0 Dec 20 08:14 gbwokvqoch
drwxr-xr-x  3 root root  12K Jan  3 17:23 grub
-rwxr-xr-x  1 root root 648K Jan  5 07:28 gyimenpwnt
-rwxr-xr-x  1 root root 648K Dec 31 17:49 hjmmvaxfzq
-rwxr-xr-x  1 root root 648K Dec 15 21:25 hutaslspbf
-rw-r--r--  1 root root  14M Jan  3 17:25 initrd.img-3.16.0-0.bpo.4-686-pae
-rw-r--r--  1 root root  11M Jan  2 22:01 initrd.img-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Jan  2 18:47 isrgzlchmx
-rwxr-xr-x  1 root root 648K Dec 27 14:56 izytxsbskq
-rwxr-xr-x  1 root root 648K Jan  5 18:40 kvvcqvddix
-rwxr-xr-x  1 root root 648K Jan  1 11:19 ryrfvxjggh
-rwxr-xr-x  1 root root0 Jan  5 19:08 sgopxfsiac
-rw-r--r--  1 root root 2.0M Dec 10 18:57 System.map-3.16.0-0.bpo.4-686-pae
-rw-r--r--  1 root root 1.6M Dec  8 00:36 System.map-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 30 20:40 ttqssdikcn
-rwxr-xr-x  1 root root0 Dec 26 17:11 utxlhlmnix
-rwxr-xr-x  1 root root0 Dec 12 07:29 vdqepbezvg
-rw-r--r--  1 root root 2.9M Dec 10 18:56 vmlinuz-3.16.0-0.bpo.4-686-pae
-rw-r--r--  1 root root 2.6M Dec  8 00:35 vmlinuz-3.2.0-4-686-pae
-rwxr-xr-x  1 root root 648K Dec 31 17:30 wevzubbsgn
-rwxr-xr-x  1 root root 648K Jan  1 09:46 xjeemjyuly
-rwxr-xr-x  1 root root 648K Jan  1 17:10 zfmpizunja
-rwxr-xr-x  1 root root 648K Jan  1 10:00 zkdjlvhuui
-rwxr-xr-x  1 root root0 Dec 30 22:32 zpaqgbuxvr


What bothers me is that the "other" files are all the same size (648k) as the
suspected file I removed and they are very recent additions to the /boot
directory.

Thank You

Danny


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106180456.GA8657@fever.havannah.local



Re: upgrade from wheezy to jessie

2015-01-06 Thread Thom Miller


On 01/06/2015 06:57 AM, Joe wrote:
> On Tue, 06 Jan 2015 13:42:43 +
> Eduardo M KALINOWSKI  wrote:
> 
>> On Ter, 06 Jan 2015, Joe wrote:
>>> The main issue is that anything local mounted in /etc/fstab (even
>>> removable drives) will be treated as essential, and if they are not
>>> there, boot will fail. The answer is either to remove any such
>>> drives from fstab, as the kernel automounting should be good enough
>>> now to do the job consistently, or to mark them as not being
>>> required for boot.
>>
>> This is already noted in the release notes.
>>
> 
> Yes, but I believe it is likely to be the main reason for a possible
> lack of booting, about which the OP was concerned. I was making the
> point that is a very simple thing to avoid.
> 

I very recently updated two systems from wheezy to jessie. Both are
running fine (I'm using one right now), but I had exactly the problem
above on one system.

I had an fstab entry that halted booting. Removed that line and it
booted fine.

The only other issue I've had since the upgrade is a wireless driver
(which I didn't want) was failing to load and my logs filled up 89G of
space telling me over and over in messages, syslog and kern.log until
the root partition was full.

-Thom


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54ac0450.5070...@cagroups.com



Re: Debian Contact for Avago

2015-01-06 Thread Darac Marjal
On Tue, Jan 06, 2015 at 09:40:00AM -0500, Christopher Depweg wrote:
>Sorry, here is the question:
> 
>With the available ISO image for Debian 7.6 , we are not able to boot into
>the Debian 7.6 on-board SATA OS after installation. Attached the screen
>shot. Same observation is made for both x86 and x64 OS. We are suspecting
>the ISO image.
> 
>Could you please help us to get the valid ISO image?

In the same directory on the mirror as the ISO image (so, for example,
http://cdimage.debian.org/debian-cd/7.7.0/i386/iso-cd/) there are files
"MD5SUMS", "SHA1SUMS", "SHA256SUMS" and "SHA512SUMS". Each of these
contains hashsums for the ISO images. You can use any appropriate tool
to calculate the hashsum of the ISO file and compare it to the one in
the file.

If the hashsums match, you can be confident that the file has been
downloaded correctly.

Additionally, each {HASH}SUMS file has an associated "{HASH}SUMS.sign"
file (e.g. MD5SUMS.sign) which can be provided to GnuPG or PGP. The
signature should be validly signed by one of the keys listed at
https://www.debian.org/CD/verify.

If the signature matches, you can be confident that the hashsum files
are identical to those released by Debian.

If you are struggling to achieve a full, correct download, consider
using jigdo (https://www.debian.org/CD/jigdo-cd/) which should be more
tolerant of errors.

> 
>**
> 
>Thanks,
> 
>**
> 
>Chris
> 
>**
> 
>From: Christopher Depweg [mailto:[1]christopher.dep...@avagotech.com]
>Sent: Tuesday, January 06, 2015 9:38 AM
>To: '[2]debian-user@lists.debian.org'
>Subject: Debian Contact for Avago
> 
>**
> 
>Hi I am the product manager for OS drivers with Avago (LSI) *** I have a
>question below, I was wondering who within debian could help me.
> 
>**
> 
>Thanks,
> 
>**
> 
>Chris
> 
> References
> 
>Visible links
>1. mailto:christopher.dep...@avagotech.com
>2. mailto:debian-user@lists.debian.org


signature.asc
Description: Digital signature


Re: Late authentication

2015-01-06 Thread Liam O'Toole
On 2015-01-06, Tony van der Hoff  wrote:
> On 05/01/15 22:40, Andrei POPESCU wrote:
>> On Du, 04 ian 15, 17:02:12, August Karlstrom wrote:
>>> I run Debian Wheezy with a simple window manager (Blackbox). If I remember
>>> correctly, in Ubuntu some applications like Synaptic and Update Manager ask
>>> for sudo password only when/if needed.
>>>
>>> How do I configure the system so I can launch for instance Update Manager as
>>> normal user, check if there are any updates available and then provide the
>>> sudo password only if the system is to be updated? As Far as I understand
>>> the authentication is handled by Polkit.
>> 
>
> I don't believe Synaptic works that way, but Apper, available in Wheezy
> repositories, does. However, it's a KDE utility, so may not suit your
> purpose.

I'm pretty sure that the same was true of the Software Update
application in GNOME 2 (binary /usr/bin/gpk-update-viewer, from package
gnome-packagekit), but I can't find anything in the GNOME 3.x changelogs
pertaining to the change in behaviour. The same application on RHEL 6
(version 2.28.3) definitely checks for updates even when launched by a
normal user. I agree with the OP that it's probably a question of
tweaking PolicyKit.

-- 

Liam



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/slrnmanuf9.i43.liam.p.otoole@dipsy.tubbynet



RE: Debian Contact for Avago

2015-01-06 Thread Christopher Depweg
Sorry, here is the question:

With the available ISO image for Debian 7.6 , we are not able to boot into
the Debian 7.6 on-board SATA OS after installation. Attached the screen
shot. Same observation is made for both x86 and x64 OS. We are suspecting
the ISO image.

Could you please help us to get the valid ISO image?



Thanks,



Chris



*From:* Christopher Depweg [mailto:christopher.dep...@avagotech.com]
*Sent:* Tuesday, January 06, 2015 9:38 AM
*To:* 'debian-user@lists.debian.org'
*Subject:* Debian Contact for Avago



Hi I am the product manager for OS drivers with Avago (LSI) – I have a
question below, I was wondering who within debian could help me.



Thanks,



Chris


Debian Contact for Avago

2015-01-06 Thread Christopher Depweg
Hi I am the product manager for OS drivers with Avago (LSI) – I have a
question below, I was wondering who within debian could help me.



Thanks,



Chris


Re: upgrade from wheezy to jessie

2015-01-06 Thread Jerry Stuckle
On 1/6/2015 7:27 AM, Tony van der Hoff wrote:
> On 06/01/15 13:12, Brian wrote:
>> On Tue 06 Jan 2015 at 12:11:48 +0100, Gerard ROBIN wrote:
>>
>>> usually when the distribution changes, I update my system rather than 
>>> reinstall everything. But for the transition from wheezy to jessie, 
>>> I would like to know:
>>>
>>> -1- Is it possible to go from wheezy to jessie, keeping sysvinit.
>>
>> https://www.debian.org/releases/testing/i386/release-notes/ch-information.en.html#systemd-upgrade-default-init-system
>>
>> An alternative for you is to install sysvinit-core after updating but
>> before upgrading.
>>
>>
> 
> There's an awful lot of FUD spread on the internet (and, sadly, even on
> this list), mostly engendered by bigotry against the systemd author(s).
> 
> My advice would be to go with the minimum effort upgrade, as you would
> have done in the past. I've been running Jessie in a KVM client for
> several months now, with zero problems.
> 
> 

There are also a lot of technical reasons why knowledgeable people  who
have no opinion about the systemd author(s) don't like systemd

There are also some people who discard any comments against systemd as
"FUD, mostly engendered by bigotry against the systemd author(s)".
Including on this list, sadly.

Jerry


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54abf2bc.5070...@gmail.com



Re: HTML viewer

2015-01-06 Thread Frank



On 01/06/2015 07:30 AM, Wilko Fokken wrote:

On Tue, Jan 06, 2015 at 02:01:05AM +0100, Emil Oppeln-Bronikowski wrote:

w3m, links or elinks. With w3m being the most pager-like..


.. and lynx (I like it's brilliant display).




  For now I'm running w3mbut I'll have a look at Lynx.

Thanks


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54abee44.7010...@videotron.ca



Re: upgrade from wheezy to jessie

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 14:32:00 +0100, Tony van der Hoff wrote:

> On 06/01/15 13:48, Gerard ROBIN wrote:
> > 
> > I agree with you regarding jessie, I installed it on a USB drive and 
> > it works fine with systend, but but what concerns me is the transition 
> > from sysvinit to systemd on wheezy. If I understand what I read on the
> > web (in English ...) it may be that my machine will not boot if I do 
> > not do the job well.
> > 
> I've not heard that, except maybe in very old reports.
> I think the installer has now reached a stage of maturity to avoid such
> pit-falls, and will, presumably, mature more until the release. I'd then
> be inclined to wait for a month or two before upgrading, to allow it to
> gain even more maturity. I would expect all to go smoothly.

New installations from d-i are, of course, different from upgrading from
Wheezy and testing of the betas and release candidates is very important.
Tommorrow should see a new version of the installer released. Reports of
success (or otherwise) made with the installation-report package are
more than welcome.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106140100.gc3...@copernicus.demon.co.uk



Re: upgrade from wheezy to jessie

2015-01-06 Thread Joe
On Tue, 06 Jan 2015 13:42:43 +
Eduardo M KALINOWSKI  wrote:

> On Ter, 06 Jan 2015, Joe wrote:
> > The main issue is that anything local mounted in /etc/fstab (even
> > removable drives) will be treated as essential, and if they are not
> > there, boot will fail. The answer is either to remove any such
> > drives from fstab, as the kernel automounting should be good enough
> > now to do the job consistently, or to mark them as not being
> > required for boot.
> 
> This is already noted in the release notes.
> 

Yes, but I believe it is likely to be the main reason for a possible
lack of booting, about which the OP was concerned. I was making the
point that is a very simple thing to avoid.

-- 
Joe


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106135714.29372...@jresid.jretrading.com



Re: upgrade from wheezy to jessie

2015-01-06 Thread Eduardo M KALINOWSKI

On Ter, 06 Jan 2015, Joe wrote:

The main issue is that anything local mounted in /etc/fstab (even
removable drives) will be treated as essential, and if they are not
there, boot will fail. The answer is either to remove any such drives
from fstab, as the kernel automounting should be good enough now to do
the job consistently, or to mark them as not being required for boot.


This is already noted in the release notes.

--
Eduardo M KALINOWSKI
edua...@kalinowski.com.br



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: 
https://lists.debian.org/20150106134243.horde.viaxbcqbhjp9llrc26vg...@mail.kalinowski.com.br



Re: upgrade from wheezy to jessie

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 13:48:10 +0100, Gerard ROBIN wrote:

> On Tue, Jan 06, 2015 at 01:27:35PM +0100, Tony van der Hoff wrote:
> > 
> > My advice would be to go with the minimum effort upgrade, as you would
> > have done in the past. I've been running Jessie in a KVM client for
> > several months now, with zero problems.
> 
> I agree with you regarding jessie, I installed it on a USB drive and 
> it works fine with systend, but but what concerns me is the transition 
> from sysvinit to systemd on wheezy. If I understand what I read on the
> web (in English ...) it may be that my machine will not boot if I do 
> not do the job well.

The sysvinit package is on a Wheezy system. It will be upgraded to

  https://packages.debian.org/jessie/sysvinit

   This package depends on init, which is an essential package
   that pulls in the default init system. Starting with jessie,
   this will be systemd on Linux. It facilitates a smooth
   transition and provides a fallback SysV init binary which can be
   used to boot the system via the init=/lib/sysvinit/init kernel
   command line parameter in case the system fails to start after
   the switch to systemd.

The fallback SysV init binary has been thoughtfully provided to cater
for the situation you are concerned about.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106133721.gb3...@copernicus.demon.co.uk



Re: upgrade from wheezy to jessie

2015-01-06 Thread Joe
On Tue, 6 Jan 2015 13:48:10 +0100
Gerard ROBIN  wrote:


> 
> I agree with you regarding jessie, I installed it on a USB drive and 
> it works fine with systend, but but what concerns me is the
> transition from sysvinit to systemd on wheezy. If I understand what I
> read on the web (in English ...) it may be that my machine will not
> boot if I do not do the job well.
> 
The main issue is that anything local mounted in /etc/fstab (even
removable drives) will be treated as essential, and if they are not
there, boot will fail. The answer is either to remove any such drives
from fstab, as the kernel automounting should be good enough now to do
the job consistently, or to mark them as not being required for boot.
The fstab syntax for systemd has been extended quite a bit.

But yes, I moved three sid systems from sysvinit to systemd, the two
simpler systems were fine, the much larger main workstation
installation had sufficient minor problems that I felt it better to
reinstall. Not something you want to do with a server.

-- 
Joe


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106133548.42c37...@jresid.jretrading.com



Re: upgrade from wheezy to jessie

2015-01-06 Thread Tony van der Hoff
On 06/01/15 13:48, Gerard ROBIN wrote:
> On Tue, Jan 06, 2015 at 01:27:35PM +0100, Tony van der Hoff wrote:
>> Date: Tue, 06 Jan 2015 13:27:35 +0100
>> From: Tony van der Hoff 
>> To: debian-user@lists.debian.org
>> Subject: Re: upgrade from wheezy to jessie
>> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101
>>  Thunderbird/24.2.0
>>
>> On 06/01/15 13:12, Brian wrote:
>>> On Tue 06 Jan 2015 at 12:11:48 +0100, Gerard ROBIN wrote:
>>>
 usually when the distribution changes, I update my system rather than 
 reinstall everything. But for the transition from wheezy to jessie, 
 I would like to know:

 -1- Is it possible to go from wheezy to jessie, keeping sysvinit.
>>>
>>> https://www.debian.org/releases/testing/i386/release-notes/ch-information.en.html#systemd-upgrade-default-init-system
>>>
>>> An alternative for you is to install sysvinit-core after updating but
>>> before upgrading.
>>>
>>>
>>
>> There's an awful lot of FUD spread on the internet (and, sadly, even on
>> this list), mostly engendered by bigotry against the systemd author(s).
>>
>> My advice would be to go with the minimum effort upgrade, as you would
>> have done in the past. I've been running Jessie in a KVM client for
>> several months now, with zero problems.
> 
> I agree with you regarding jessie, I installed it on a USB drive and 
> it works fine with systend, but but what concerns me is the transition 
> from sysvinit to systemd on wheezy. If I understand what I read on the
> web (in English ...) it may be that my machine will not boot if I do 
> not do the job well.
> 
I've not heard that, except maybe in very old reports.
I think the installer has now reached a stage of maturity to avoid such
pit-falls, and will, presumably, mature more until the release. I'd then
be inclined to wait for a month or two before upgrading, to allow it to
gain even more maturity. I would expect all to go smoothly.

-- 
Tony van der Hoff  | mailto:t...@vanderhoff.org
Ariège, France |


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54abe3d0.6080...@vanderhoff.org



Re: A USB HDD is trouble outbreak in debian7.7

2015-01-06 Thread Joel Rees
Thank you for the clarification.

I guess I misread those wikipedia pages. Reading it now, it looks like
maybe the page author was recommending booting the MAKAI distribution
on a PC to use as a base for installing the GLANTANK firmware?

And was GLANTANK supposed to be a customizable NAS, as I described it?
Or am I completely lost?

--
Joel Rees

On Tue, Jan 6, 2015 at 10:53 AM, kinneko  wrote:
> Hi, all.
>
> I think, the hardware of GLANTANK is obsolete.
> The useful life of this product was end.
> XScale can't get support of Intel and no one maintains that.
>
> Intel XScale IOP Linux
> http://xscaleiop.sourceforge.net/
> http://sourceforge.net/projects/xscaleiop/files/
>
> MAKAI is unrelated to NAS and ARM.
> MAKAI is self-rebuildable LiveCD project.
> MAKAI supports x86, ONLY.
> It's Minimal system and not include NAS manager.
>
> This problem seems to have 2 problems.
> - XScale: The DMA function of XScale is not good. Intel failed to support it.
> - Hard drive: There may be also a problem with function of a JBOD controller.
>
>
> 2015-01-06 9:43 GMT+09:00 Joel Rees :
>> GLANTANK is a gigabit version of LANTANK. IO-DATA's child company
>> Chousensha (Challenger) produced these in response to the Kurobako
>> (with which some here may be familiar).
>>
>> http://ja.wikipedia.org/wiki/GLAN_Tank
>> http://translate.google.co.jp/translate?hl=en&sl=ja&u=http://ja.wikipedia.org/wiki/GLAN_Tank&prev=search
>>
>> http://ja.wikipedia.org/wiki/LAN_Tank
>> http://translate.google.co.jp/translate?hl=en&sl=ja&u=http://ja.wikipedia.org/wiki/GLAN_Tank&prev=search
>>
>> These are customizable NAS units, apparently running a customized
>> debian (MAKAI -- MAKe Again ISO Image) internally.
>>
>> http://makai.sourceforge.jp/wiki/index.php?FrontPage
>> http://translate.google.co.jp/translate?hl=en&sl=ja&u=http://ja.wikipedia.org/wiki/GLAN_Tank&prev=search
>>
>> LANTANK had an SH4 cpu, but the GLANTANK has an ARM (XScale).
>>
>> On Mon, Jan 5, 2015 at 9:22 AM, Jun Itou  wrote:
>>> I managed debian 7 by the following constitution.
>>>
>>>   Body) I-O DATA GLANTANK 2.0TB (500GB * 4 RAID0, iop32x)
>>>   USB1) I-O DATA HDZ-UES  2.0TB (500GB * 4 JBOD)
>>>   USB2) I-O DATA HDZ-UES  1.0TB (250GB * 4 JBOD)
>>>   USB3) I-O DATA HDZ-UES  1.0TB (250GB * 4 JBOD)
>>>   USB4) I-O DATA HDW-UE   1.0TB (500GB * 2 JBOD)
>>>
>>> After making 7.7 from debian 7.6, malfunction occurred.
>>>
>>>   1) A sector error occurs when I do mount and becomes the lead only
>>>   2) I fail in synchronization of the file system when I do fdisk
>>>
>>> I gave following tests to cut a problem into pieces.
>>>
>>>   1) I do operation same as GLANTANK in x64 environment whether it is a 
>>> problem of the hardware.
>>> -> Because the same problem occurs with both, it is not peculiar to 
>>> hardware.
>>>
>>>   2) I confirm whether it is the problem of the HDD of USB1 - 4 with the 
>>> test tool of the HDD maker.
>>> -> Because the HDD of all passed a test, it is not a problem of USB1 - 
>>> 4.
>>>
>>>   3) I do the same operation in Fedora whether it is a problem peculiar to 
>>> debian.
>>> -> Because it reappeared in Fedora, I conclude it to be a problem of 
>>> kernel.
>>>
>>>   4) I change a version of kernel on debian and do the same operation.
>>> -> 3.2.62   : It does not reappear
>>>3.2.63 ~ : Reappear
>>>3.18.0 ~ : Reappear
>>>
>>>   5) I report it to kernel.org and do the same operation after enforcement 
>>> in the end run which there was of the answer.
>>> -> Please refer to https://bugzilla.kernel.org/show_bug.cgi?id=89511.
>>
>> The summary here is that the GLANTANK seems not to like the
>> SYNCHRONIZE CACHE command.
>>
>> 話をまとめると GLANTANK が SYNCHRONIZE CACHE の命令に応じないようです。
>>
>> https://bugzilla.kernel.org/show_bug.cgi?id=89511#c35
>>
>> Alan Stern says that the kernel should be able to handle this in 3.18
>> or later, but Jun indicates that 3.18 does not handle it yet.
>>
>> スターン氏によると、カーネルの 3.18 なら対処できるであろう、ということでした。その反面、 JunItou の結果はそうではなかった。
>>
>>> It is to say that my USB HDD cannot support the change of this journal 
>>> function in conclusion.
>>> I make kernel latest or seem to but make a USB HDD a different one if I 
>>> continue managing it by the present constitution.
>>>
>>> I knew that it was not developed debian 8 for GLANTANK by a document.
>>> Because there is no help for it, I think to manage it without formating 
>>> ext2, and using the journal function.
>>>
>>> ※In addition, one of file system is destroyed when an error happens as for 
>>> this malfunction even once.
>>>   I hope that it reappears and is not given a test with the contained HDD 
>>> of important data.
>>>
>>> ※Because the funny grammar is machine translation; a pardon
>>>
>>> That's all.
>>
>> I'm thinking that the best place to fix this would be in the MAKAI
>> community, but, as I check back in the Japanese list from last month,
>> it looks like Jun has already tried contacting them. And that
>> community seems to be an abandone

Re: Kernel module support for LSI 3008

2015-01-06 Thread Burhan Hanoglu
On Tue, Jan 6, 2015 at 1:17 PM, ML mail  wrote:

> Hello,
>
> I installed Debian 7.7 (amd64) on a SuperStorage Server from SuperMicro
> and noticed that my disks attached to the LSI 3008 (IT mode) chip on the
> SuperMicro mainboard are not seen by Debian.
>
> Is it possible that Debian 7 does not include any kernel module which
> supports the LSI 3008 chip? I would like to access my disks directly from
> Debian in order to either use RAID 5 with MD or ZFS.
>
>
lspci -v

Check to see if the controller is listed with a kernel driver...


Re: HTML viewer

2015-01-06 Thread Emil Oppeln-Bronikowski
On Tue, Jan 06, 2015 at 01:30:50PM +0100, Wilko Fokken wrote:
> .. and lynx   (I like it's brilliant display).

Is it still being updated? Hell, it is. I'll check it out just for fun.

-- 
vag·a·bond adjective \ˈva-gə-ˌbänd\
 a :  of, relating to, or characteristic of a wanderer 
 b :  leading an unsettled, irresponsible, or disreputable life


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106130405.GA4196@mikrus



Re: upgrade from wheezy to jessie

2015-01-06 Thread Gerard ROBIN
On Tue, Jan 06, 2015 at 01:27:35PM +0100, Tony van der Hoff wrote:
> Date: Tue, 06 Jan 2015 13:27:35 +0100
> From: Tony van der Hoff 
> To: debian-user@lists.debian.org
> Subject: Re: upgrade from wheezy to jessie
> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101
>  Thunderbird/24.2.0
> 
> On 06/01/15 13:12, Brian wrote:
> > On Tue 06 Jan 2015 at 12:11:48 +0100, Gerard ROBIN wrote:
> > 
> >> usually when the distribution changes, I update my system rather than 
> >> reinstall everything. But for the transition from wheezy to jessie, 
> >> I would like to know:
> >>
> >> -1- Is it possible to go from wheezy to jessie, keeping sysvinit.
> > 
> > https://www.debian.org/releases/testing/i386/release-notes/ch-information.en.html#systemd-upgrade-default-init-system
> > 
> > An alternative for you is to install sysvinit-core after updating but
> > before upgrading.
> > 
> >
> 
> There's an awful lot of FUD spread on the internet (and, sadly, even on
> this list), mostly engendered by bigotry against the systemd author(s).
> 
> My advice would be to go with the minimum effort upgrade, as you would
> have done in the past. I've been running Jessie in a KVM client for
> several months now, with zero problems.

I agree with you regarding jessie, I installed it on a USB drive and 
it works fine with systend, but but what concerns me is the transition 
from sysvinit to systemd on wheezy. If I understand what I read on the
web (in English ...) it may be that my machine will not boot if I do 
not do the job well.

-- 
Gerard
___
***
*  Created with "mutt 1.5.21-6.2+deb7u2"  *
*  under Debian Linux WHEEZY version 7.7  *
*  Registered Linux User #388243  *
*  https://Linuxcounter.net   *
***


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106124810.GA9947@mauritiusGA



Re: HTML viewer

2015-01-06 Thread Wilko Fokken
On Tue, Jan 06, 2015 at 02:01:05AM +0100, Emil Oppeln-Bronikowski wrote:
> w3m, links or elinks. With w3m being the most pager-like..

.. and lynx (I like it's brilliant display).


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106123050.ga20...@fok02.laje.edewe.de



Re: upgrade from wheezy to jessie

2015-01-06 Thread Tony van der Hoff
On 06/01/15 13:12, Brian wrote:
> On Tue 06 Jan 2015 at 12:11:48 +0100, Gerard ROBIN wrote:
> 
>> usually when the distribution changes, I update my system rather than 
>> reinstall everything. But for the transition from wheezy to jessie, 
>> I would like to know:
>>
>> -1- Is it possible to go from wheezy to jessie, keeping sysvinit.
> 
> https://www.debian.org/releases/testing/i386/release-notes/ch-information.en.html#systemd-upgrade-default-init-system
> 
> An alternative for you is to install sysvinit-core after updating but
> before upgrading.
> 
>

There's an awful lot of FUD spread on the internet (and, sadly, even on
this list), mostly engendered by bigotry against the systemd author(s).

My advice would be to go with the minimum effort upgrade, as you would
have done in the past. I've been running Jessie in a KVM client for
several months now, with zero problems.


-- 
Tony van der Hoff  | mailto:t...@vanderhoff.org
Ariège, France |


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54abd4b7.4010...@vanderhoff.org



Re: upgrade from wheezy to jessie

2015-01-06 Thread Brian
On Tue 06 Jan 2015 at 12:11:48 +0100, Gerard ROBIN wrote:

> usually when the distribution changes, I update my system rather than 
> reinstall everything. But for the transition from wheezy to jessie, 
> I would like to know:
> 
> -1- Is it possible to go from wheezy to jessie, keeping sysvinit.

https://www.debian.org/releases/testing/i386/release-notes/ch-information.en.html#systemd-upgrade-default-init-system

An alternative for you is to install sysvinit-core after updating but
before upgrading.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/06012015120943.e12976c26...@desktop.copernicus.demon.co.uk



Re: Sendmail command

2015-01-06 Thread Emil Oppeln-Bronikowski
On Tue, Jan 06, 2015 at 06:34:45AM -0500, Roman Gelfand wrote:
> Is there a way to specify smart host and credentials with Sendmail
> command?  If yes,  could you point me to example.

May I recommend msmtp? It's perfect for relaying e-mail to always-connected, 
real SMTPs. I'm using it on my, mostly offline, laptop, to deliver my e-mails 
via Mutt.

-- 
vag·a·bond adjective \ˈva-gə-ˌbänd\
 a :  of, relating to, or characteristic of a wanderer 
 b :  leading an unsettled, irresponsible, or disreputable life


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150106114546.GA3702@mikrus



Sendmail command

2015-01-06 Thread Roman Gelfand
Is there a way to specify smart host and credentials with Sendmail
command?  If yes,  could you point me to example.

Thanks in advance


Kernel module support for LSI 3008

2015-01-06 Thread ML mail
Hello,

I installed Debian 7.7 (amd64) on a SuperStorage Server from SuperMicro and 
noticed that my disks attached to the LSI 3008 (IT mode) chip on the SuperMicro 
mainboard are not seen by Debian.

Is it possible that Debian 7 does not include any kernel module which supports 
the LSI 3008 chip? I would like to access my disks directly from Debian in 
order to either use RAID 5 with MD or ZFS.

Regards
ML


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/1795940916.5192065.1420543028048.javamail.ya...@jws106135.mail.bf1.yahoo.com



upgrade from wheezy to jessie

2015-01-06 Thread Gerard ROBIN
Hello,
usually when the distribution changes, I update my system rather than 
reinstall everything. But for the transition from wheezy to jessie, 
I would like to know:

-1- Is it possible to go from wheezy to jessie, keeping sysvinit.

-2- if not, from what I read on the internet, go from sysvinit to
systemd is not without risk. What about it exactly?

(I would say that I am not concerned whether sytemd is better or 
worse than sysvinit. I'm not proficient enough ...)

tia.

-- 
Gerard
___
***
*  Created with "mutt 1.5.21-6.2+deb7u2"  *
*  under Debian Linux WHEEZY version 7.7  *
*  Registered Linux User #388243  *
*  https://Linuxcounter.net   *
***


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2015010648.GA5213@mauritiusGA



Re: Late authentication

2015-01-06 Thread Tony van der Hoff
On 05/01/15 22:40, Andrei POPESCU wrote:
> On Du, 04 ian 15, 17:02:12, August Karlstrom wrote:
>> I run Debian Wheezy with a simple window manager (Blackbox). If I remember
>> correctly, in Ubuntu some applications like Synaptic and Update Manager ask
>> for sudo password only when/if needed.
>>
>> How do I configure the system so I can launch for instance Update Manager as
>> normal user, check if there are any updates available and then provide the
>> sudo password only if the system is to be updated? As Far as I understand
>> the authentication is handled by Polkit.
> 

I don't believe Synaptic works that way, but Apper, available in Wheezy
repositories, does. However, it's a KDE utility, so may not suit your
purpose.



-- 
Tony van der Hoff  | mailto:t...@vanderhoff.org
Ariège, France |


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54abbd1c.3030...@vanderhoff.org