Re: Debian 9

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, Jun 27, 2017 at 05:41:57PM -0400, Fungi4All wrote:
> Highly deserving a top post
> Is this all it takes to hack the root account of a secure debian system?

This is standard operating procedure if you forget your root
password, yes.

- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAllTW6IACgkQBcgs9XrR2ka0UgCfe9Ypvjao0UCI2v+q8n/NmkMs
3SwAn1lKgrRI4miAkMoM9+xfSM4FMUmV
=vTAl
-END PGP SIGNATURE-

OT: SQL database - some questions

[Hans]

Dear list,

this is a little offtopic, but maybe you can make things a little bit clearer 
for me.

I had had a webserver hosted by a provider, which is switched off since a 
year. From this server I got a backup of a sql database. The system that ran 
that time, was wordpress, and the database is called something like 
"bla_bla_wp2016018_911.sql.gz"

On this website I wrote some blogs, which I want to have back.

So my question: Are these blogs content in this database? And if yes, can I 
restore them without to setup a complete wordpress server with sql database?

Is there an easy way or only a hard way?

Would be nice, if someone could give me some points, I am not so experienced 
with databases.

Thanks and regards

Hans

Re: OT: SQL database - some questions

[Mirco Piccin]

Hi Hans,

> I had had a webserver hosted by a provider, which is switched off since a
> year. From this server I got a backup of a sql database. The system that ran
> that time, was wordpress, and the database is called something like
> "bla_bla_wp2016018_911.sql.gz"

i suppose the backup has all the blog data, so yes, you should be able
to resume from it your blogs (if you haven't deleted them).
The backup of a database usually comes with all the data (of course)
and with all the sql commands useful to recreate the tables. You only
need to create a database for first.
Here more info:
https://dev.mysql.com/doc/mysql-backup-excerpt/5.7/en/reloading-sql-format-dumps.html

After restore, you can browse the tables  to find your blogs using
Tora, phpMyAdmin, or any other tools.
All the data will be of course with html tags.

Good luck
M

Re: OT: SQL database - some questions

[Hans]

Am Mittwoch, 28. Juni 2017, 10:41:05 CEST schrieb Mirco Piccin:
> Hi Hans,
> 
Hi Mirco

> Here more info:
> https://dev.mysql.com/doc/mysql-backup-excerpt/5.7/en/reloading-sql-format-d
> umps.html
> 

sorry, but that was not quite the thing, I was looking for.
> After restore, you can browse the tables  to find your blogs using
> Tora, phpMyAdmin, or any other tools.
> All the data will be of course with html tags.
> 

Maybe I should precise my question: How can I restore my data from this sql 
database on my desktop? Is there a tool to extract my blogs? 

I do not want to build a webserver with php and wordpress and so on, just 
extract my blogs.  Phpmyadmin needs a webserver to run. This is not, what I 
wanted, of course.

> Good luck
> M

Best

Hans

Re: OT: SQL database - some questions

[Mirco Piccin]

Hi Hans,

> Maybe I should precise my question: How can I restore my data from this sql
> database on my desktop? Is there a tool to extract my blogs?
>
> I do not want to build a webserver with php and wordpress and so on, just
> extract my blogs.  Phpmyadmin needs a webserver to run. This is not, what I
> wanted, of course.

you need apache + php only if you are using phpMyAdmin.

If you use Tora (or mySqlBrowser, or squirrel-sql, ..) you can browse
your database from your desktop.
But you must have a database server in which restore the database (and
the data)!

After restoring, i think you can copy every blog entry into an html files.
Then you can open them directly in your web browser.
Other way: you can try to migrate them to other desktop tools (like
Tagspaces) in which data are stored in html format.
Of course you can write a little bash/java/python script to do the job.

M

Re: OT: SQL database - some questions

[Darac Marjal]

On Wed, Jun 28, 2017 at 10:53:02AM +0200, Hans wrote:

Am Mittwoch, 28. Juni 2017, 10:41:05 CEST schrieb Mirco Piccin:

Hi Hans,


Hi Mirco


Here more info:
https://dev.mysql.com/doc/mysql-backup-excerpt/5.7/en/reloading-sql-format-d
umps.html



sorry, but that was not quite the thing, I was looking for.

After restore, you can browse the tables  to find your blogs using
Tora, phpMyAdmin, or any other tools.
All the data will be of course with html tags.



Maybe I should precise my question: How can I restore my data from this sql
database on my desktop? Is there a tool to extract my blogs?


SQL is a text-based language. If you open the file in vim (or gunzip it,
then open it, if you prefer a graphical editor such as gedit), you
should expect to see a series of statements. The first set will probably
start something like "CREATE TABLE". For your purposes, you can ignore
these. Scroll down to find statements beginning with either "UPDATE
" or "INSERT INTO 

I do not want to build a webserver with php and wordpress and so on, just
extract my blogs.  Phpmyadmin needs a webserver to run. This is not, what I
wanted, of course.


Good luck
M


Best

Hans



--
For more information, please reread.


signature.asc
Description: PGP signature

Re: OT: SQL database - some questions

[Brad Rogers]

On Wed, 28 Jun 2017 10:53:02 +0200
Hans  wrote:

Hello Hans,

>Maybe I should precise my question: How can I restore my data from this
>sql database on my desktop? Is there a tool to extract my blogs? 

'sqlitebrowser' _may_ be of some assistance.

Disclaimer;  I've only used it briefly so don't know its full
capabilities.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
I'm not here for your entertainment
U & Ur Hand - P!nk


signature.asc
Description: OpenPGP digital signature

Bluetooth stopped working after upgrade

[Johann Spies]

I am working on testing and after the release of Stretch I could not
no longer use my bluetooth mouse.

I see this in the logs:

[62136.579567] Bluetooth: hci0 command 0x0c03 tx timeout
[62144.676286] Bluetooth: hci0 sending initial HCI reset command failed (-110)

I have search Duckduckgo.com and have read

https://bbs.archlinux.org/viewtopic.php?id=171357
and
https://bbs.archlinux.org/viewtopic.php?id=206606
and
https://www.mail-archive.com/kernel-packages@lists.launchpad.net/msg231896.html

of which the last link is possibly the most recent and represent a bug
reported on Ubuntu.

The solution to reinstall all the bluetooth related packages did not
work for me.

Any other ideas about a solution?

Regards
Johann

-- 
Because experiencing your loyal love is better than life itself,
my lips will praise you.  (Psalm 63:3)

Re: Debian 9

[dusan.vodopivec]

On Tue, 27 Jun 2017 19:04:07 +0200, Hans  wrote:
> The other option is, to search for a boot disk called "Kon-Boot". Booting
> from this letts you in EVERY system (Windows, linux etc.) without password.

Not every. Windows and MAC only.

Re: Debian 9

[Hans]

> Not every. Windows and MAC only.

And linux, as far as I know.

Re: Debian 9

[dusan.vodopivec]

On Wed, 28 Jun 2017 12:21:05 +0200, Hans  wrote:
> > Not every. Windows and MAC only.  
> 
> And linux, as far as I know.
> 

http://thelead82.com/
http://piotrbania.com/all/kon-boot/

Re: Debian 9

[Hans]

This is the official blog.
> http://thelead82.com/
> http://piotrbania.com/all/kon-boot/

There is an older kon-boot, see here:

http://www.supportnet.de/faqsthread/2376869

I translate this for the list.

German:
.
Bei Linux mit einem Root können Sie nur einen bestimmten User ansteuern. 
Sollte der Bootvorgang von Linux mit einem Grafikinterface gestartet werden, 
können Sie per ALT + F2 ein weiteres Fenster der Konsole öffnen. Dort können 
Sie dann mit dem entsprechenden User "Kon-USR" ohne ein zusätzliches Passwort 
einwählen. 

Anschließend befinden Sie sich dann automatisch als Root in Ihrem Linux 
Betriebssystem.
...


English:
On linux with a rootyou can only control a decent user.
If the boot process of linux should be started with a graphical interface, you 
can open a further console via ALT + F2. Here you can login to the decent user 
"Kon-USR" without an additional password.

After that  you are automatically logged in as "root" in your linux operating 
system.

This is Kon-Boot 1.0, ok, but I guess, Kon-Boot-2.1 should be able the same. 
Otherwise, just get Kon-Boot-1.0.

Best 

Hans

Re: Debian 9

[dusan.vodopivec]

On Wed, 28 Jun 2017 13:04:29 +0200, Hans  wrote:
> This is the official blog.
> > http://thelead82.com/
> > http://piotrbania.com/all/kon-boot/  
> 
> There is an older kon-boot, see here:
> 
> http://www.supportnet.de/faqsthread/2376869
> 
> ...
>
> This is Kon-Boot 1.0...

Ok. But where can you find it?

Re: Debian 9

[Hans]

> Ok. But where can you find it?

You can't! It is no more available, as it is no more free. It was free, but 
now it isn't any more. But I give you a clue:

Search for "Hiren's Boot CD 15.1" (an old rescue system), it is part of it. 
You can boot kon-boot 1.0 with this cd. Maybe "Falcon 4" (an improved version 
of Hirens CD has got it, too.

Don't tell anyone... :)

Best

Hans

Re: OT: SQL database - some questions

[Hans]

sqlbrowser looked best promising, but my sql databases can't be opened with 
it. I want to export the *.sql file into a new database, but I get stuck with 
an error. Telling ḿe "unknown statement: 1#, unrecogized token: 1"#"", so it 
looks like a format error. 

Well, I do not know, what is causing that, as I said, I am not expierience in 
databases.

Hans

 

Re: OT: SQL database - some questions

[Greg Wooledge]

On Wed, Jun 28, 2017 at 02:25:55PM +0200, Hans wrote:
> sqlbrowser looked best promising, but my sql databases can't be opened with 
> it. I want to export the *.sql file into a new database, but I get stuck with 
> an error. Telling ???e "unknown statement: 1#, unrecogized token: 1"#"", so 
> it 
> looks like a format error. 
> 
> Well, I do not know, what is causing that, as I said, I am not expierience in 
> databases.

Start by actually reading the compressed backup, using zless.  See whether
it looks like an SQL dump.  If it does, then you can proceed to the next
steps.

Install mariadb/mysql (whatever the server package is called, for your
release of Debian).  Do whatever it is you need to do in the database
admin account so that you can restore your database dump as your regular
user.

As your regular user, feed the compressed database dump to the "mysql"
(or its mariadb equivalent) command:

zcat yourfile.gz | mysql

You may have to supply a password, or some command line options to mysql,
or something like that.  Whatever you would normally do to restore a
mysql database dump.

If you get stuck, try googling "restore mysql database dump" or similar.
Yours is presumably compressed, due to the *.gz suffix on the file, so
you'll need to zcat it, instead of just feeding it directly to mysql.
That's pretty much it.

Re: OT: SQL database - some questions

[Hans]

Hi Greg, 
huu, that looks quite difficult for me. 
> Start by actually reading the compressed backup, using zless.  See whether
> it looks like an SQL dump.  If it does, then you can proceed to the next
> steps.
> 
Ho dso I do this? I unzipped my *.sql.gz and have now *.sql file. How can I 
see, if it is a sql-dump? What is this?


> Install mariadb/mysql (whatever the server package is called, for your
> release of Debian).  Do whatever it is you need to do in the database
> admin account so that you can restore your database dump as your regular
> user.
> 

I have installed mysql, but I do not want to run it as root. I am not sure, to 
kill some databases on my system, I need for other things. 

> As your regular user, feed the compressed database dump to the "mysql"
> (or its mariadb equivalent) command:
> 
> zcat yourfile.gz | mysql
> 
How can I create a database as a npormal user? mysqladmin inhibits this. I did 
mysqladmin db1 , then mysql db1 < mydatabase.sql , which only worked as root.

> You may have to supply a password, or some command line options to mysql,
> or something like that.  Whatever you would normally do to restore a
> mysql database dump.

Too heavy for me, sorry.
> 
> If you get stuck, try googling "restore mysql database dump" or similar.
> Yours is presumably compressed, due to the *.gz suffix on the file, so
> you'll need to zcat it, instead of just feeding it directly to mysql.
> That's pretty much it.

Same, too heavy.

Folks, I think, this is not an easy stuff! I am not experienced enough and I 
give up for now. 

Maybe I will take the other solution by using vim, and extract all my blogs 
from the sql-file manually, then put it into an html editor like bluegriffon, 
and then save all the blogs in a html file. Doing so, they can be trancoded 
into pdf or implemented into ODT. However, this is a lot of manual work, but 
not "brain killing" like this. 

I hoped, there would be an easy way, opening a GUI, choose my text with drag-
and-drop and off we go. 

Sorry, there is none, I see now. Let this issue close, thanks, great thanks, 
for all the help, really, but it is going much too far now.

Best wishes and thanks again

Hans

Re: Jessie --> Stretch upgrade, apt question

[Mark Fletcher]

On Sun, Jun 25, 2017 at 11:18:46AM +0200, Dejan Jocic wrote:
> On 25-06-17, Mark Fletcher wrote:
> > Hello the list!
> > 
> > I have upgraded this weekend from Jessie to Stretch. All went, overall, 
> > reasonably smoothly -- the documentation around releases is getting 
> > better and better. I plan to write a full report of the upgrade and 
> > share it here shortly. In the meantime I have one question.
> > 
> > It seems like aptitude is falling out of favour in stretch, and apt as a 
> > command line tool as opposed to the name for the general entire package 
> > management system is being recommended these days. I've never been a 
> > huge fan of apt-get (although to be fair that means little more than I 
> > settled on aptitude [command-line version not ncurses version] and 
> > learned its quirks a long time ago) and so I am, somewhat reluctantly, 
> > making the switch to apt from aptitude. apt has a couple of features I 
> > really like, but I do wish apt show made it easier to tell if a package 
> > is installed -- you have to read a lot further down the info to find 
> > out.
> > 
> > My question is that since the upgrade chromium is held back from 
> > upgrading, and in this new world I don't know how to find out why. In 
> > aptitude I would have done aptitude why-not chromium and it would most 
> > likely have told me something useful about its dependencies. How can I 
> > get apt to do similar? Or what tool should I use?
> > 
> > I'm aware that apt-cache depends chromium will tell me what it depends 
> > on, but that doesn't tell me what is stopping it from being upgraded.
> > 
> > sudo apt upgrade and sudo apt full-upgrade both just tell me chromium 
> > has been kept back, but not why.
> > 
> > sudo apt --fix-broken install finds nothing to do.
> > 
> > Suggestions would be much appreciated.
> > 
> > Mark
> > 
> 
> In short, use aptitude for why and why-not. Closest thing apt-get and
> friends have would be apt-cache --important depends/rdepends. But,
> aptitude is much better suited for that task. And for all other tasks
> that involve advanced searching, as far as I could tell. As for apt
> itself, would not know exactly, I refuse to use tool with man page that
> treats me like an idiot, while not giving me anything new and important
> compared to apt-get and friends. But guess would be that it is apt
> --important depends/rdepends. And probably not more helpful than
> apt-cache variant.
> 

Hmmm. So we end up using apt-get for major version upgrades (according 
to the recommendations of the release notes), apt most of the time 
(according to the recommendation of all the tools, including apt-get, 
when the slightest thing goes wrong), and aptitude when neither apt-get 
or apt have a good way to do something? Seems like this area of Debian 
could use a cleanup.

Thanks for the reply though.

Mark

Re: Jessie --> Stretch upgrade, apt question

[Mark Fletcher]

On Sun, Jun 25, 2017 at 11:36:37AM +, Curt wrote:
> On 2017-06-25, Mark Fletcher  wrote:
> >
> > My question is that since the upgrade chromium is held back from 
> > upgrading, and in this new world I don't know how to find out why. In 
> > aptitude I would have done aptitude why-not chromium and it would most 
> > likely have told me something useful about its dependencies. How can I 
> > get apt to do similar? Or what tool should I use?
> >
> 
> 'apt-get install ' will tell you why a package is being held
> back (or, as discussed in another thread, will ask your permission to
> install an extra package--or packages--in order to meet its dependencies).
> 

It did indeed -- turns out libgnutls depended on libtrm1 (sp?) but the 
version required "is not going to be installed".

And the reason for THAT turned out to be that a while back, while still 
on Jessie I experimented with the deb-multimedia repository and that 
repository uses incompatible version numbers for (at least) some 
packages, which resulted in the version from the jessie deb-multimedia 
repository not being upgraded to the new stretch version, causing 
version incompatibilities.

I was musing on how to solve that when I, in an entirely separate thread 
of thought, decided to install the zoneminder software for monitoring 
security cameras. The version of it packaged for stretch is offered in 
the... deb-multimedia repository. So I have ended up adding it back to 
my system, doing which resolved the issue anyway.

Mark

Re: OT: SQL database - some questions

[Joe]

On Wed, 28 Jun 2017 15:12:26 +0200
Hans  wrote:

> Hi Greg, 
> huu, that looks quite difficult for me. 
> > Start by actually reading the compressed backup, using zless.  See
> > whether it looks like an SQL dump.  If it does, then you can
> > proceed to the next steps.
> >   
> Ho dso I do this? I unzipped my *.sql.gz and have now *.sql file. How
> can I see, if it is a sql-dump? What is this?
> 

Any program which can handle text should be able to see the content, if
it was not encrypted when the backup was made. Here is a fragment of
one of my old .sql dump files:

-- Dumping structure for table service1.tbl_units
DROP TABLE IF EXISTS `tbl_units`;
CREATE TABLE IF NOT EXISTS `tbl_units` (
  `UnitID` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `Model` varchar(20) NOT NULL,
  `Serial` varchar(10) NOT NULL,
  `Firmware` varchar(10) DEFAULT NULL,
  PRIMARY KEY (`UnitID`),
  UNIQUE KEY `Serial` (`Serial`)
) ENGINE=InnoDB AUTO_INCREMENT=312 DEFAULT CHARSET=utf8
COMMENT='Construction history';

-- Dumping data for table service1.tbl_units: ~311 rows (approximately)
DELETE FROM `tbl_units`;
/*!4 ALTER TABLE `tbl_units` DISABLE KEYS */;
INSERT INTO `tbl_units` (`UnitID`, `Model`, `Serial`, `Firmware`) VALUES
(1, 'ILC-1', '0001', 'V1.23'),
(2, 'ILC-1', '0002', 'V1.23'),
(3, 'ILC-1', '0003', 'V1.23'),
(4, 'ILC-1', '0004', 'V1.23'),
(5, 'ILC-1', '0005', 'V1.23'),
(6, 'ILC-1', '0006', 'V1.23'),
(7, 'ILC-1', '0007', 'V1.23'),
(8, 'ILC-1', '0008', 'V1.23'),

As you can see, the actual table data is in a highly structured form,
and could almost certainly be imported somewhere as CSV. I realise that
some of the data in fields of your database will be quite large.

The only issue I can see is one of size, if there is a very large
number of fields in each record of the table you need, or if a field is
too large for a cell in a CSV application such as LibreOffice Calc, or
if there are too many records.

-- 
Joe

Debian Stretch Xfce Touchpad Settings Missing

[Apurv Jyotirmay]

Hi,

I use a Synaptics touchpad on my laptop. Normally on other distributions
(Xubuntu, Manjaro, etc.), the mouse settings area displayed a tab to
configure touchpad settings, but on Debian 9 that particular tab is
missing, and because of it I'm unable to activate features like "tap to
click", which is an inconvenience. Can anyone help me find a solution to
this issue? I'm new to Debian and not really familiar with the way driver
support works.

Thanks,
Apurv

Re: Debian Stretch Xfce Touchpad Settings Missing

[Dejan Jocic]

On 28-06-17, Apurv Jyotirmay wrote:
> Hi,
> 
> I use a Synaptics touchpad on my laptop. Normally on other distributions
> (Xubuntu, Manjaro, etc.), the mouse settings area displayed a tab to
> configure touchpad settings, but on Debian 9 that particular tab is
> missing, and because of it I'm unable to activate features like "tap to
> click", which is an inconvenience. Can anyone help me find a solution to
> this issue? I'm new to Debian and not really familiar with the way driver
> support works.
> 
> Thanks,
> Apurv

In Gnome, situation like that was solved by installing
xserver-xorg-input-libinput instead of xserver-xorg-input-synaptics, if
I remember it correctly. Hope that it can help you.

Debian Stretch Xfce: effective screeen bigger than the monitor screen

[Jerome BENOIT]

Hello Forum,

I have recently migrated from Jessie to Stretch. I have a couple of minor 
issues.
One of them concern Xfce: some time my fingers seem to do a combination of keys
that magnifies the screen: I got a floating desktop environment that is lager
than my actual screen. Does any know the magic combination that leads to this 
state ?
And, more importantly, how can we go back to the normal state ?

Thanks in advance,
Jerome

Re: Debian Stretch Xfce Touchpad Settings Missing

[Dan Ritter]

On Wed, Jun 28, 2017 at 05:59:58PM +0200, Dejan Jocic wrote:
> On 28-06-17, Apurv Jyotirmay wrote:
> > Hi,
> > 
> > I use a Synaptics touchpad on my laptop. Normally on other distributions
> > (Xubuntu, Manjaro, etc.), the mouse settings area displayed a tab to
> > configure touchpad settings, but on Debian 9 that particular tab is
> > missing, and because of it I'm unable to activate features like "tap to
> > click", which is an inconvenience. Can anyone help me find a solution to
> > this issue? I'm new to Debian and not really familiar with the way driver
> > support works.
> > 
> > Thanks,
> > Apurv
> 
> In Gnome, situation like that was solved by installing
> xserver-xorg-input-libinput instead of xserver-xorg-input-synaptics, if
> I remember it correctly. Hope that it can help you.

You can also run synclient to adjust settings. There's a section
on it in the Debian wiki.

-dsr-

Re: Debian Stretch Xfce: effective screeen bigger than the monitor screen

[Jape Person]

On 06/28/2017 12:26 PM, Jerome BENOIT wrote:

Hello Forum,

I have recently migrated from Jessie to Stretch. I have a couple of minor 
issues.
One of them concern Xfce: some time my fingers seem to do a combination of keys
that magnifies the screen: I got a floating desktop environment that is lager
than my actual screen. Does any know the magic combination that leads to this 
state ?
And, more importantly, how can we go back to the normal state ?

Thanks in advance,
Jerome




Hi, Jerome

I'm an Xfce user. The desktop magnification / zoom feature I'm familiar 
with is placing the mouse cursor somewhere on the desktop (other than in 
a window), holding down the Alt key, and moving the scroll wheel on the 
mouse. Getting the desktop back to normal is a matter of holding down 
Alt and moving the scroll wheel in the "down" direction -- toward the 
back of the mouse.


It might be possible to assign this function to a combination of keys on 
the keyboard, but I've not looked into that.


HTH,
JP

Re: Debian Stretch Xfce: effective screeen bigger than the monitor screen

[Jerome BENOIT]

Indeed :-)

Thanks a lot for your prompt reply

On 28/06/17 20:52, Apurv Jyotirmay wrote:
> For me it has always been with holding "alt" key and use scroll wheel. Try it.
> -Apurv
> 
> On Jun 28, 2017 22:13, "Jerome BENOIT"  > wrote:
> 
> Hello Forum,
> 
> I have recently migrated from Jessie to Stretch. I have a couple of minor 
> issues.
> One of them concern Xfce: some time my fingers seem to do a combination 
> of keys
> that magnifies the screen: I got a floating desktop environment that is 
> lager
> than my actual screen. Does any know the magic combination that leads to 
> this state ?
> And, more importantly, how can we go back to the normal state ?
> 
> Thanks in advance,
> Jerome
> 

Stretch: RUNPATH seems no more taken into account

[Jerome BENOIT]

Hi Again,

I migrated from Jessie to Stretch a few days ago.

I have just realised that the RUNPATH (as printed by `chrpath -l`)
of one of my local program is no more taken into account.
I rebuilt it, but the issue remains.
Any idea ?

Thanks in advance,
Jerome

Re: Stretch and network management

[Brian]

On Tue 27 Jun 2017 at 17:45:36 -0700, tony mollica wrote:

[No quoted text from me. The html guff is just deleted].

n-m worked for ethernet when you first rebooted. Now you have to ask
youself why it did not work for wireless when it is normally so reliable.
I'd go back to the pristine state without wicd on the machine and try
again. Maybe purge n-m and reinstall. But that sounds a bit drastic.

Re: Jessie --> Stretch upgrade, apt question

[Brian]

On Wed 28 Jun 2017 at 22:19:18 +0900, Mark Fletcher wrote:

> On Sun, Jun 25, 2017 at 11:18:46AM +0200, Dejan Jocic wrote:
> > 
> > In short, use aptitude for why and why-not. Closest thing apt-get and
> > friends have would be apt-cache --important depends/rdepends. But,
> > aptitude is much better suited for that task. And for all other tasks
> > that involve advanced searching, as far as I could tell. As for apt
> > itself, would not know exactly, I refuse to use tool with man page that
> > treats me like an idiot, while not giving me anything new and important
> > compared to apt-get and friends. But guess would be that it is apt
> > --important depends/rdepends. And probably not more helpful than
> > apt-cache variant.
> > 
> 
> Hmmm. So we end up using apt-get for major version upgrades (according 
> to the recommendations of the release notes), apt most of the time 
> (according to the recommendation of all the tools, including apt-get, 
> when the slightest thing goes wrong), and aptitude when neither apt-get 
> or apt have a good way to do something? Seems like this area of Debian 
> could use a cleanup.
> 
> Thanks for the reply though.

Dejan Jocic makes a fair point contasting the search aspects of aptitude
and apt-cache and questions whether apt provides anything significantly
more than apt-get.

I think you are reading too much into his reply. For example, I suspect
aptitude would handle a major version upgrade just as well as apt-get.
No doubt it has been done successfully; day-to-day upgrades too. I do
not know where apt fits into this picture; it provides fluffiness,
perhaps.

What would a cleanup involve?

Re: Jessie --> Stretch upgrade, apt question

[David Wright]

On Sun 25 Jun 2017 at 11:36:37 (+), Curt wrote:
> On 2017-06-25, Mark Fletcher  wrote:
> >
> > My question is that since the upgrade chromium is held back from 
> > upgrading, and in this new world I don't know how to find out why. In 
> > aptitude I would have done aptitude why-not chromium and it would most 
> > likely have told me something useful about its dependencies. How can I 
> > get apt to do similar? Or what tool should I use?
> >
> 
> 'apt-get install ' will tell you why a package is being held
> back (or, as discussed in another thread, will ask your permission to
> install an extra package--or packages--in order to meet its dependencies).

It's less risky to add the -s switch and just be a user, thus:

$ apt-get -s install 

>>> [Re: apt-get upgrade problem] >>> What?

Attached…

Cheers,
David.

Re: Stretch and network management

[tony mollica]

  
  
Networkmanager out, wicd in.
  
  I purge both of these
  from the system an installed them one at a time,
  network-manager first.  It always
connects to the wired interface but won't act reliably
with the wireless connection.  I
  tried every which way but get either  a 'not
managed' or 'not 'available' note in NM no matter
what I put in the config files, or not.  No
difference when using 'managed= TRUE or FALSE , or any other entries for that matter.  unreliable.
  
  Wicd works and connects
first time up after an install and
reboot but even so, some of the display
information is not reliable. 
  It connects to my
wifi but there
  is no listing for it in the panel,
  as well as no other wifi networks
  are listed either.  Just a bit
  more problems and I'll
  just make
it a manual installation or
run another
  cable
to bypass the entire
issue.

Bottom
line is there is
something amiss with
network
  interaction with
  both of these
  tools with the
  change from jessie
to stretch.

tjm
  
On 06/28/2017 11:18 AM, Brian wrote:


  On Tue 27 Jun 2017 at 17:45:36 -0700, tony mollica wrote:

[No quoted text from me. The html guff is just deleted].

n-m worked for ethernet when you first rebooted. Now you have to ask
youself why it did not work for wireless when it is normally so reliable.
I'd go back to the pristine state without wicd on the machine and try
again. Maybe purge n-m and reinstall. But that sounds a bit drastic.





  

debootstick: Turn chroot into bootable image

[Cindy-Sue Causey]

Hi, All...

Am posting this because I see a notable number of threads concerning
problems creating bootable images. I know nothing about "debootstick"
except that there was not one single mention of it in a 4000MB+ sized
inbox. :)

"apt-cache show debootstick" provides the following description:

"debootstick is used to generate a bootable image from a Debian or
Ubuntu chroot environment (such as one generated with debootstrap,
docker export, etc.).
 This image should then be copied to a USB stick or disk and used to
boot any amd64 machine (BIOS- or UEFI-based).
 The embedded system is ready to be started live (no installation
procedure needed), and is fully upgradeable (kernel and bootloader
included)."

It's explicitly stating "amd64" so that's an important point to note
regarding its potential success or failure.

Otherwise, that's all I know about it, and unfortunately I don't have
the resources to test it first before sharing.

Hope this helps someone some day.. :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: Debian 9

[deloptes]

sare...@att.net wrote:

> The administrator password is not working in Debian 9 cinnamon. How can we
> use synaptic package manager or update the system if the administrator
> password is not working? I double checked the password during installation
> to be sure it is correct. I even reinstalled the system and the same
> problem occurs. This is unacceptable. First the Cd iso's did not work and
> now this. What is going on?

keyboard layout and special characters or mapping of chars ??

Re: Nice email thanking the stretch release

[RavenLX]

On 06/28/2017 04:32 PM, Ana Guerrero Lopez wrote:


Hi folks,

After the release announcement, I got a bunch of direct emails.
Plenty of "thank you", "yeah", "finally!" and of course, a few
"UNSUBSCRIBE" ;)
The email below stood out and I thought it would be nice to share it
with the projet. The writer is in bcc in case they wants to add something.

Ana


Aw, thanks! :) I meant ever word too - You guys really do rock! :)

And an update. I got both my laptops running Stretch now! Didn't do the 
UEFI thing after all but the weird thing is the oldest laptop DID ask if 
I wanted to install EFI! I was rather surprised! I did legacy on both 
though, as I really needed to get this done. Another surprise was that 
same older laptop was complaining about an i915 buffer "underrun" on one 
of the bootups after having to hard-core turn off after a hangup (have 
no idea what caused that!) But no problems ever since.


The installs went well. I had to tweak my own script that installed and 
configured stuff I needed but that one was my doing. :)


I'm running KDE on both laptops (my minimal KDE install script worked 
fine). I'm really enjoying Debian 9! I even have some older DOS and 
Windows games set up to run in DosBox and PlayOnLinux. I don't even USE 
windows anymore now! And what's nice is it integrates and runs as if 
it's running natively. Fast and no lagging.


Anyway, glad to finally be upgraded and ready to roll. Thank you guys! :)

[my original post and comments below, for reference.]





On 06/18/2017 02:22 AM, Ana Guerrero Lopez wrote:
[snipped header]


After 26 months of development the Debian project is proud to present
its new stable version 9 (code name "Stretch"), which will be supported
for the next 5 years thanks to the combined work of the Debian Security
team [1] and of the Debian Long Term Support [2] team.


A *huge* thank you to the Debian team! You guys rock! It was amazing to
see how everyone worked so hard in those last few hours before release
(I was in IRC for the first time in years, watching things unfold).



 1: https://security-team.debian.org/
 2: https://wiki.debian.org/LTS

Debian 9 is dedicated [3] to the project's founder Ian Murdock, who
passed away on 28 December 2015.


RIP. I don't know if he knew how big an impact he made in the computing
world. But he'll always be a legend in my book.


 3: http://ftp.debian.org/debian/doc/dedication/dedication-9.0.txt

In "Stretch", the default MySQL variant is now MariaDB. The replacement
of packages for MySQL 5.5 or 5.6 by the MariaDB 10.1 variant will happen
automatically upon upgrade.


Going clean-install on my two laptops. I need to learn the differences
between MariaDB and MySQL as the boss at work (we use Ubuntu there)
wants MariaDB.


Firefox and Thunderbird return to Debian with the release of "Stretch",
and replace their debranded versions Iceweasel and Icedove, which were
present in the archive for more than 10 years.


So I can remove that from my script! Cool! I didn't even know that.


Thanks to the Reproducible Builds project, over 90% of the source
packages included in Debian 9 will build bit-for-bit identical binary
packages. This is an important verification feature which protects users
from malicious attempts to tamper with compilers and build networks.
Future Debian releases will include tools and metadata so that end-users
can validate the provenance of packages within the archive.


THIS will be very useful especially for those who compile kernels or
modules, I'm sure. I don't (anymore) and haven't in years. But with all
the malware going around in other OSs, it's only a matter of time before
it gets to be more of a problem in Debian. Luckily things are still safe
and secure for the most part. And good to see it's going to always be
that way.


Administrators and those in security-sensitive environments can be
comforted in the knowledge that the X display system no longer requires
"root" privileges to run.


There were some talk in the chat about KVM and "permission denied" when
using i915 chips. But as far as I can tell, that's an old issue and
might be a kernel issue? I don't have any machines with an i915 type
chip so I can't test it. But they were testing and some still had issues
while someone else on an i386 with the same chip had no issues.


The "Stretch" release is the first version of Debian to feature the
"modern" branch of GnuPG in the "gnupg" package. This brings with it
elliptic curve cryptography, better defaults, a more modular
architecture, and improved smartcard support. We will continue to supply
the "classic" branch of GnuPG as gnupg1 for people who need it, but it
is now deprecated.

Debug packages are easier to obtain and use in Debian 9 "Stretch". A new
"dbg-sym" repository can be added to the APT source list to provide
debug symbols automatically for many packages.
The UEFI ("Unified Extensible Firmware Interface") support first
introduced in "Wheezy" continues to be greatly

Re: OT: SQL database - some questions

[Celejar]

On Wed, 28 Jun 2017 10:00:00 +0200
Hans  wrote:

> Dear list,
> 
> this is a little offtopic, but maybe you can make things a little bit clearer 
> for me.
> 
> I had had a webserver hosted by a provider, which is switched off since a 
> year. From this server I got a backup of a sql database. The system that ran 
> that time, was wordpress, and the database is called something like 
> "bla_bla_wp2016018_911.sql.gz"
> 
> On this website I wrote some blogs, which I want to have back.
> 
> So my question: Are these blogs content in this database? And if yes, can I 

WordPress database backups contain all the blog content (but not, IIUC,
files (such as media) that you may have uploaded in association with
the blog).

> restore them without to setup a complete wordpress server with sql database?

Yes, as other posters have suggested, but you should think carefully
about your insistence on not setting up a WordPress installation. It's
actually not that difficult - mysql and wordpress can both be easily
installed the usual way via the package managment system, and while
there may be a little fussing necessary to get WP working properly and
import your database backup, it shouldn't be too difficult even for a
database novice. WordPress has great documentation for this sort of
thing, and the last time I did this (in a very similar situation to
yours - I was leaving one hosting provider for another, the former
account was shut down, and I had up to date database backups), I was
actually quite shocked by how simple it was - just open the WordPress
interface (dashboard), do "import database", and that's pretty much it!

> Is there an easy way or only a hard way?

> Would be nice, if someone could give me some points, I am not so experienced 
> with databases.
> 
> Thanks and regards
> 
> Hans

Celejar

Re: firewall rules for NAT

[Igor Cicimov]

On 27 Jun 2017 9:29 pm, "Lucio Crusca"  wrote:

Il 26/06/2017 11:35, Dan Purgert ha scritto:

> That shouldn't be happening -- you may have an errant rule you didn't
> show
>

I think I did show that rule:


-A POSTROUTING -d 10.7.33.109/32 -p tcp -m tcp --dport 25 -j SNAT
--to-source 10.7.33.100


Yes you do need that rule, in case when not using MASQUERADE you have to
use SNAT or you'll get timeouts as you found out.

Your problem is that something changes the source ip of the packets sent
from the router vm to the mail server one NOT the other way around. The
only candidate i can see in your config, assuming you have shown us the
full configs, are these rules:

-A POSTROUTING -s 10.7.33.0/24 ! -d 10.7.33.0/24 -p tcp -j MASQUERADE
--to-ports 1024-65535
-A POSTROUTING -s 10.7.33.0/24 ! -d 10.7.33.0/24 -p udp -j MASQUERADE
--to-ports 1024-65535
-A POSTROUTING -s 10.7.33.0/24 ! -d 10.7.33.0/24 -j MASQUERADE

but they look ok to me to be honest, they change the source ip of the
packets but only if the destination is not 10.7.33.0/24 subnet which should
not cause the issue you are seeing.


The problem is that without that rule things do not work at all
(connections time out).

For example, I've tried adding only the DNAT rule for TCP port 26, without
the SNAT rule above, forwarded to the same mail server.

Then from the client I've tried to open a TCP connection on port 26:

echo hello | netcat 1.2.3.4 26

In the phisycal host system I get:

Jun 27 13:21:09 hostmachine kernel: [2479354.931255] IN=eth0 OUT=
MAC=74:d0:2b:99:a1:f5:2c:21:31:28:a6:fb:08:00 SRC=217.61.166.36 DST=1.2.3.4
LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=18186 DF PROTO=TCP SPT=51600 DPT=26
WINDOW=29200 RES=0x00 SYN URGP=0

In the router virtual machine I get:

Jun 27 13:21:34 router kernel: [2479319.331492] IN=eth0 OUT=
MAC=52:54:00:02:90:d2:52:54:00:f0:37:ba:08:00 SRC=217.61.166.36
DST=10.7.33.100 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=18186 DF PROTO=TCP
SPT=51600 DPT=26 WINDOW=29200 RES=0x00 SYN URGP=0

In the mail server virtual machine I get

Jun 27 13:21:09 mx kernel: [2479308.578043] IN=ens2 OUT=
MAC=52:54:00:8d:4c:2a:52:54:00:02:90:d2:08:00 SRC=217.61.166.36
DST=10.7.33.109 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=18186 DF PROTO=TCP
SPT=51600 DPT=26 WINDOW=29200 RES=0x00 SYN URGP=0

So the packet actually reaches the mail server as expected. However the
client never gets a reply.

fail2ban with nftables

[Denis Polom]

On Debian 9 with latest updates, fail2ban not creating rules when used with
nftables:

2017-06-29 01:06:14,217 fail2ban.action [2593]: ERROR   nft add set
inet filter f2b-sshd \{ type ipv4_addr\; \}
nft insert rule inet filter INPUT tcp dport \{ ssh \} ip saddr @f2b-sshd
reject -- stdout: b''
2017-06-29 01:06:14,218 fail2ban.action [2593]: ERROR   nft add set
inet filter f2b-sshd \{ type ipv4_addr\; \}
nft insert rule inet filter INPUT tcp dport \{ ssh \} ip saddr @f2b-sshd
reject -- stderr: b':1:1-74: Error: Could not process rule: No
such file or directory\ninsert rule inet filter INPUT tcp dport { ssh } ip
saddr @f2b-sshd
reject\n^^\n'
2017-06-29 01:06:14,218 fail2ban.action [2593]: ERROR   nft add set
inet filter f2b-sshd \{ type ipv4_addr\; \}
nft insert rule inet filter INPUT tcp dport \{ ssh \} ip saddr @f2b-sshd
reject -- returned 1
2017-06-29 01:06:14,218 fail2ban.actions[2593]: ERROR   Failed to
start jail 'sshd' action 'nftables-multiport': Error starting action

Let me know what more info you need.

Any idea?

Re: Stretch and network management

[Michael Biebl]

Am 28.06.2017 um 23:19 schrieb tony mollica:
> Networkmanager out, wicdin.
> 
> I purge both of these from the system an installed them one at a time,
> network-manager first.  It always connects to the wired interface but
> won't act reliably with the wireless connection.  I tried every which
> way but get either  a 'not managed' or 'not 'available' note in NMno
> matter what I put in the config files, or not.  No difference when using
> 'managed= TRUE or FALSE , or any other entries for that matter.  unreliable.

Could you try adding the following to
/etc/NetworkManager/NetworkManager.conf:

[device]
wifi.scan-rand-mac-address=no

Also make sure the wifi device is not configured in /etc/network/interfaces.

Does that help?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: Debian 9

[Jimmy Johnson]

On 06/27/2017 09:49 AM, Greg Wooledge wrote:

On Tue, Jun 27, 2017 at 04:00:13PM +, sare...@att.net wrote:

The administrator password is not working in Debian 9 cinnamon.


I bet you used a Live CD.


I downloaded the iso to check this out, yes it won't give you root 
passwd, the install takes the passwd while installing.  Sudo is 
installed but the user is not allowed sudo rights. Now I have this 
install and it's worst than the live dvd, it least you can sudo with the 
live dvd. Is there an easy fix I can try?  I've been googling but 
nothing easy to do.

--
Jimmy Johnson

Registered Linux User #380263

Re: Debian 9

[Sean Behan]

On Wed, Jun 28, 2017 at 06:24:17PM -0700, Jimmy Johnson wrote:
> On 06/27/2017 09:49 AM, Greg Wooledge wrote:
> I downloaded the iso to check this out, yes it won't give you root passwd,
> the install takes the passwd while installing.  Sudo is installed but the
> user is not allowed sudo rights. Now I have this install and it's worst than
> the live dvd, it least you can sudo with the live dvd. Is there an easy fix
> I can try?  I've been googling but nothing easy to do.
 
Login as root, run "visudo" and uncomment the line that says:

# Allow members of group sudo to execute any command

Then log out and back in on your regular user


signature.asc
Description: PGP signature

Re: Debian 9

[Jimmy Johnson]

On 06/28/2017 06:24 PM, Jimmy Johnson wrote:

On 06/27/2017 09:49 AM, Greg Wooledge wrote:

On Tue, Jun 27, 2017 at 04:00:13PM +, sare...@att.net wrote:

The administrator password is not working in Debian 9 cinnamon.


I bet you used a Live CD.


I downloaded the iso to check this out, yes it won't give you root 
passwd, the install takes the passwd while installing.  Sudo is 
installed but the user is not allowed sudo rights. Now I have this 
install and it's worst than the live dvd, it least you can sudo with the 
live dvd. Is there an easy fix I can try?  I've been googling but 
nothing easy to do.


I loaded my netinstall disc and ran the repair, I opened a shell and ran 
#passwd root and rebooted and now have root.

--
Jimmy Johnson

Registered Linux User #380263