Re: where does fvwm get its xterm icon?

2018-09-21 Thread Nicolas George 
David Wright (2018-09-21):
> That sounds like a different problem: a race between fvwm and the
> xterms over which order they start in. The manner in which the race
> affects me is that my (open) xterms get mapped all over the place
> instead of where I want them placed. The fix is simple except that
> the package required never made it past squeeze, so you'd need to
> visit the archives, specifically:

The real fix is even simpler: start your X11 clients from Fvwm's
InitFunction, not from .xinitrc.

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature

Re: [SOLVED] Re: Yet another UEFI/BIOS question

2018-09-21 Thread steve 

Le 21-09-2018, à 20:21:06 +0200, Pascal Hambourg a écrit :


Le 21/09/2018 à 08:34, steve a écrit :

Le 20-09-2018, à 20:25:26 +0200, Pascal Hambourg a écrit :


You don't need to convert anything. UEFI can use DOS partition tables.


I know since that's what I'm currently doing.


Doing what ?


Using msdos partition tables.


This is irrelevant because until now you were booting Debian in legacy 
(BIOS) mode.


Absolutely correct.

I am not talking about you doing anything. I am saying that native 
UEFI boot (NOT legacy boot) can use a disk with a DOS partition 
table, provided that it has an EFI system partition (Id 0xef).


Isn't it ef00?


No. ef00 is a gdisk specific mnemonic for the EFI system partition 
type identifier in a GPT partition table. The actual GUID is 
C12A7328-F81F-11D2-BA4B-00A0C93EC93B.
(0x)ef is the partition type identifier for an EFI system partition in 
a DOS partition table.


Thank you for the clarification.


Because what I finally did is install a fresh Debian on another device
(using GPT) and the ACPI errors still were there.


In legacy mode (with a BIOS boot partition) or EFI mode (with an EFI 
system partition) ?


In EFI mode. The "Bios" is now fully in EFI mode and it sees all my boot
disks.


I used the opportunity of having another Debian to convert my sda disk
to GPT tables, and change the BIOS setting to UEFI only (just for the
sake of it). So all my disk have a GPT partition table except for the 3
ones for the RAID1 array. Not sure whether I can use the same
manipulations to convert them to GPT also. But since they work fine, I
might leave it as it is.


You can, but IMO it provides little value. GPT is useful in the 
following cases :

- disk bigger that 2 TiB


Might come sooner or later.


- more that 4 partition without the extended/logical partition kludge
- need to use PARTLABEL or PARTUUD (but RAID uses its own UUID)
- system disk for Windows in EFI mode


I have but it's on it's own disk, so already in GPT.

AFAICS none of these conditions apply to your RAID disks. However I 
noticed that 2 out of the 3 RAID partition on each disk are logical 
partitions. This is not necessary if there are only 3 partitions per 
disk. So in order to get rid of the extended partition kludge, you 
could either convert the logical partitions into primary partitions or 
convert the partition table to GPT.


I think I'll do that so to have 100% GPT disks and leave the past where
it is and prepare the future. But this step worries me a bit because I
have all my personal data on one of the RAID1 and really don't want to
loose them. I think best would be to backup those data elsewhere in case
things go wrong.


Thanks a lot for all your very useful insights.

Have a nice week-end

Steve

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread Bernard Schoenacker 



- Mail original -
> De: "ajh-valmer" 
> À: debian-user-french@lists.debian.org
> Envoyé: Vendredi 21 Septembre 2018 23:19:19
> Objet: Re: Impossible booter mode graphique ou résolution 640x340
> 
> Ou les trouver et ou les mettre ?
> 
> grep Modeline /var/log/Xorg.0.log
> [  7736.098] (II) FBDEV(0): Modeline "current"x0.0   78.65  1024 1056
> 1184
> 1312  768 772 776 792 -hsync -vsync -csync (59.9 kHz b)
> 
> Cette carte me mettait une bonne résolution,
> je l'ai changée car son ventilo est bruyante pour une nvidia.
> 
> 
> De ATI et nvidia.
> 
> 
> xserver-xorg-video-ati
> 
> 
> DVI (carte) <=> VGA (moniteur), écran plat récent.
> 

bonjour,

je viens de faire une config pour obtenir du 1024x768 @ 60Hz
et il faut le placer dans le ~/.xinitrc :

xrandr --newmode  "1024x768_60.0"   65.00  1024 1048 1184 1344  768 771 777 806 
+hsync +vsync
xrandr --addmode  DVI-I-0  1024x768_60.00
xrandr --addmode  DVI-I-1  1024x768_60.00
xrandr --output DVI-I-0  --mode 1024x768_60.00
xrandr --output DVI-I-1  --mode 1024x768_60.00

attention à la sortie dvi (?), car je ne connais pas son adresse physique ...


pour le dvi prière de se référer à cet exemple :

https://www.figer.com/Publications/prises.htm

ensuite pour obtenir les modelines adaptées à son écran il faut
aller voir sur ces 2 pages :


https://www.mythtv.org/wiki/Modeline_Database
https://arachnoid.com/modelines/

remarque: 
il faut relire avec attention à ce que je donne comme renseignement dans
le message précédent

à propos de l'écran, serait il possible de connaitre ses références
et caractéristiques, c'est important car il permet de déterminer la
résolution maximale autorisée 

merci

slt
bernard

Re: Installing from live

2018-09-21 Thread David Wright 
On Wed 19 Sep 2018 at 19:16:29 (+0200), Thomas Schmitt wrote:

> > What I was envisaging was a windows user closing down, booting up a
> > USB stick's live Debian and corrupting their windows disk by using
> > it to store ISO files.
> 
> By what words could i warn MS-Windows users of this pitfall ?
> Any proposals ?

As I'm not a Windows user¹, I'm probably not the best person to put my
worries into the vocabulary that a W~ user would employ. But perhaps
something along the lines of:

Windows can close down leaving the disk partitions in a state that
assumes they will not be modified before Windows is next rebooted.
Booting a linux system and mounting those partitions (other than as
readonly) could lead to disk corruption that might be difficult to
recover from.
You need to ensure that Windows is fully closed down before using
space on its partitions for writing files. See
https://www.howtogeek.com/243901/the-pros-and-cons-of-windows-10s-fast-startup-mode/

Something like that. There might be a better reference. A Windows user
might know which specific buttons or commands to use to ensure the
correct state is reached.

¹ I vaguely recall W95, which had none of these problems; just a load
of other ones.

Cheers,
David.

Re: where does fvwm get its xterm icon?

2018-09-21 Thread David Wright 
On Thu 20 Sep 2018 at 01:39:07 (+), Kleene, Steven (kleenesj) wrote:
> On Mon Sep 10 08:47:39 EDT 2018, I wrote:
> 
> >> I can't figure out where fvwm is getting the xpm icon for an xterm.
> 
> On Wednesday, September 19, 2018 2:27 PM, David Wright replied:
> 
> > ... If you look at the man page, it explains the
> > old option -n and says "If no suitable icon is found, xterm provides a
> > compiled-in pixmap" which would correspond to your reported behaviour
> > as it can't find /usr/share/pixmaps/fvwm/null.xpm.
> 
> Thanks.  That could to explain how it comes up with the mini.xterm_48x48.xpm
> image in /usr/share/pixmaps even when I overwrite it with something else.
> 
> As a test, I put this line into ~/.fvwm/config:
>   Style xterm Icon /usr/share/pixmaps/gimp.xpm
> 
> I also had these in ~/.xinitrc:
>   xterm -geometry 125x58+964+56 -iconic -title syrano -e ssh syrano &
>   xterm -geometry 125x58+964+56 -iconic -title numbat -e ssh numbat &
> 
> Then I went through many cycles of exiting fvwm and calling startx.  The
> icons for the two xterms varied a lot from one trial to the next but were
> always either the mini.xterm_48x48.xpm image, a live screenshot, or the
> intended gimp.xpm.  At some point I noticed that whichever xterm icon came up
> first usually got gimp.xpm, while the second xterm got one of the other two
> images.  This seemed to be time-dependent, in other words.  When I added
> "sleep 1" between the two xterm calls in .xinitrc, I consistently got
> gimp.xpm for both icons, as well as for any xterms I called from the command
> line and iconized.
> 
> For reasons I can't guess, this did not work with another standard xpm
> (inkspace.xpm).  It did work with smplayer.xpm.  It did not work with my
> 0-byte null.xpm or a 1-pixel red xpm that I created.  The icons display in
> reproducible positions on the desktop, but they are not the same positions I
> saw before switching to gimp.xpm.  I have a little more work to do.

That sounds like a different problem: a race between fvwm and the
xterms over which order they start in. The manner in which the race
affects me is that my (open) xterms get mapped all over the place
instead of where I want them placed. The fix is simple except that
the package required never made it past squeeze, so you'd need to
visit the archives, specifically:

http://archive.debian.org/debian/pool/main/x/xtoolwait/

and the program can stall occasionally, as described in
https://lists.debian.org/debian-user/2017/12/msg00029.html
where a fix for that bug is also given.

So far, I haven't had to rebuild the package even though it is so old.

Cheers,
David.

> 
> From: David Wright [deb...@lionunicorn.co.uk]
> Sent: Wednesday, September 19, 2018 2:27 PM
> To: debian-user@lists.debian.org
> Subject: Re: where does fvwm get its xterm icon?
> 
> As you seem to be having trouble, here's a fuller answer than the one
> I posted before.
> 
> On Mon 17 Sep 2018 at 12:05:35 (+), Kleene, Steven (kleenesj) wrote:
> > I can't figure out where fvwm is getting the xpm icon for an xterm.  The
> > issue started when I upgraded from Debian v7 (fvwm 1:2.5.30) to Debian v9
> > (fvwm 1:2.6.7-3).  In both cases fvwm-icons was also installed.
> 
> >From /usr/share/pixmaps/.
> 
> > I have this in ~/.fvwm/config:
> > Style "XTerm"   Icon null.xpm, SloppyFocus, IconBox 200x200-1+8
> >
> > where null.xpm is intended to call /usr/share/pixmaps/fvwm/null.xpm, a
> > zero-byte file I created.
> 
> Then you need to have
> 
> Style xterm Icon fvwm/null.xpm
> 
> or it won't be found in that subdirectory.
> 
> That said, I would put the Icon in a directory like
> /usr/local/share/fvwm/ or /home/david/.fvwm/null.xpm rather than
> polluting the package's own files.
> 
> Again, that said, a zero-length file doesn't work for me on stretch.
> I haven't tried jessie or wheezy.
> 
> > When startx is called, it gets this from ~/.xinitrc:
> 
> I use .xsession …
> 
> > xterm -geometry 125x58+964+56 -iconic -title syrano -e ssh syrano &
> 
> … and I don't use -iconic so that's untested here.
> 
> > No matter what I list in config, the xterm icon that comes up matches
> > /usr/share/pixmaps/mini.xterm_48x48.xpm (an icon with a blue `T' over a red
> > `X').  If I copy some other xpm on top of that and do startx again, I still
> > get the original mini.xterm_48x48.xpm image.  Furthermore,
> > /usr/share/pixmaps/mini.xterm_48x48.xpm still shows an access time from 
> > weeks
> > ago. It seems that fvwm has that image cached or built in somehow.
> 
> That does seem likely. If you look at the man page, it explains the
> old option -n and says "If no suitable icon is found, xterm provides a
> compiled-in pixmap" which would correspond to your reported behaviour
> as it can't find /usr/share/pixmaps/fvwm/null.xpm.
> 
> > Once
> > fvwm is up, if I call "xterm &" and convert that to an icon, it appears as a
> > live window screenshot, not as mini.xterm_48x48.xpm.
> 
> That's

Re: [Debian-BR] MC navega pelos diretórios mas não os torna correntes.

2018-09-21 Thread Samuel Henrique 
Olá Gilberto,

>  Uso o mc para copiar/apagar/mover arquivos entre outras
>  coisas.  Também uso-o para navegar pelos diretórios. No
>  Debian 9.5 porém, quando saio do programa caio no
>  diretório onde fiz a chamada do mc.
>
>  Experimentei copiar os arquivos de configuração do home
>  do Slackware porque lá ele funciona bem e mesmo assim o
>  comportamento do mc no Debian não mudou.

Lendo o "Use Midnight Commander like a pro"[0] encontrei uma solução:

Adicione ao seu ~/.bashrc a linha:
alias mc='. /usr/share/mc/bin/mc-wrapper.sh'

Se precisar para o root, também adicione no bashrc do mesmo.

[0]http://klimer.eu/2015/05/01/use-midnight-commander-like-a-pro/

-- 
Samuel Henrique

[Debian-BR] MC navega pelos diretórios mas não os torna correntes.

2018-09-21 Thread Gilberto F da Silva 
 Olá!

 Uso o mc para copiar/apagar/mover arquivos entre outras
 coisas.  Também uso-o para navegar pelos diretórios. No
 Debian 9.5 porém, quando saio do programa caio no
 diretório onde fiz a chamada do mc.

 Experimentei copiar os arquivos de configuração do home
 do Slackware porque lá ele funciona bem e mesmo assim o
 comportamento do mc no Debian não mudou.

-- 

Gilberto F da Silva - gfs1...@mandic.com.br - ICQ 136.782.571
Stela dato:2.458.383,537  Loka tempo:2018-09-21 21:53:14 Vendredo 
-==-


signature.asc
Description: PGP signature

Re: [Debian-BR] Lançado o Debian 9 "Stretch"

2018-09-21 Thread Gilberto F da Silva 
On Fri, Sep 21, 2018 at 08:45:28PM -0300, Qobi Ben Nun wrote:
> Olá, novamente, Gilberto.
> 
> Eu me encaixei na revisão de traduções do site e com algumas traduções também.
> Tenho pouca experiência, porém já estou bem feliz de contribuir com meus dois
> centavos.

  A última vez que eu vi alguém falando sobre as traduções estava
  reclamando sobre a complicação que era contribuir com as traduções.

  A distribuição Mageia possui uma maneira fácil de se trabalhar nas
  traduções. A minha dificuldade está em encontrar alguém para fazer
  as revisões para o esperanto.
  
-- 

Gilberto F da Silva - gfs1...@mandic.com.br - ICQ 136.782.571
Stela dato:2.458.383,527  Loka tempo:2018-09-21 21:38:50 Vendredo 
-==-


signature.asc
Description: PGP signature

[Debian-BR] Lançado o Debian 9 "Stretch"

2018-09-21 Thread Gilberto F da Silva 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, Sep 21, 2018 at 09:49:58AM -0300, Ya'aqov Ben Nun wrote:
> Caro Gilberto.
> 
> Quer nos ajudar a melhorar o Projeto Debian?
> Não só é sempre bem-vindo como também estamos sempre precisando de ajuda.
> Apenas alguns esclarecimentos. O Projeto Debian é formado por uma grande
> comunidade, é feito por desenvolvedores, usuários, divulgadores,
> tradutores, só citando alguns. O Debian em si mesmo, não se faz sozinho, é
> feito por pessoas, que assim como você, ou eu , ou qualquer outra comete
> erros, faz escolhas e colocam tudo a funcionar.
> 
> Tenha sempre o pensamento crítico, faz muito bem! No entanto, poderia
> direcionar as críticas de um bom modo e nos devidos lugares. É uma boa
> conduta para ser ouvido e, melhor que isso, poder ajudar a comunidade.
> 
> Pense nisso e, mais uma vez, seja bem-vindo para nos ajudar.

  Gostei do seu texto educado.  Deu até vontade de contribuir mas aí
  fui ver no que poderia ajudar e constatei que sou um completo Zé
  Arruela que só sabe reclamar.

  
- -- 

Stela dato:2.458.383,463  Loka tempo:2018-09-21 20:06:46 Vendredo 
- -==-
"Se 5 bilhões de pessoas acreditam em uma coisa estúpida, essa 
coisa continua sendo uma coisa estúpida".
-- Anatole France
-BEGIN PGP SIGNATURE-
Comment: +-+
Comment: !   Gilberto F da Silva - ICQ 136.782.571 !
Comment: !gfs1...@gmx.net - Slackware64 14.2   !
Comment: +-+

iEUEARECAAYFAlule9AACgkQJxugWtMhGw5eggCWP6SghrV5FgIhHhy6vYOMnRxi
qwCfRV463yvL5KykDlBTde7n173pf4M=
=ca4o
-END PGP SIGNATURE-

Re: libcurl3 and libcurl4

2018-09-21 Thread A_Man_Without_Clue 



On 09/22/2018 12:21 AM, deloptes wrote:
> A_Man_Without_Clue wrote:
> 
>> I'm running the buster.
> 
> Ok, but then the question is where do you get libcurl3 from?
> 
> mixing libraries compiled against different version is dangerous.
> 
> regards
> 


libcurl3 was originally installed in Buster, I guess. When I installed
cmake, it wasreplaced with libcurl4.

Re: Relayer les alertes de sites distants

2018-09-21 Thread Yann Serre 

Bonsoir,

Un serveur web qui centralise ?
Les alertes sont envoyées par un appel de page "alerte.xxx" en https 
depuis chaque machine Debian à surveiller.
Les infos sont contenues dans un POST (dont un champ est un identifiant 
secret pour authentification).
Le serveur web reçoit les alertes, gère un historique, et envoie un mail 
ou un SMS unique, même en cas de salves d'erreurs (un mail/SMS par jour, 
par exemple).
Si l'administrateur ne se connecte pas au serveur web sous les 6h, 
nouveau mail/SMS de relance, etc...
Et pourquoi pas utiliser ce principe pour appeler tous les jours une 
page "rienadeclarer.xxx" quand tout va bien ?


Bon WE
Yann


Le 21/09/2018 à 17:05, Olivier a écrit :

Bonjour,

J'ai plusieurs réseaux sur des sites géographiques éloignés.
Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en 
temps (1 ou 2 fois par an) des alertes par mail.


Jusqu'à présent, ces alertes sont envoyées via un compte GMail, plus ou 
moins dédié à cet usage: plusieurs machines disséminées sur toute la 
France utilisent ce compte pour émettre  des alertes.


Malheureusement, une fois sur deux, pour ne pas dire plus, GMail bloque 
ces envois car ils sont pour lui un caractère suspect.


Qui a trouvé une solution satisfaisante dans ce type de situation ? 
Comment la décrire ?


J'imaginais en vrac:

1. Envoyer des SMS plutôt que des emails (mais il arrive fréquemement 
qu'une unique panne génère 20 ou 30 emails alors ...)


2. Utiliser un autre compte mail (mais lequel ?)

Quels suggestions et retour d'expérience ?

Slts

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread songbird 
Subhadip Ghosh wrote:
> Hi,
>
> I am using Debian and the recently I learned that a standard Debian 
> installation allows all 3 types of traffics especially incoming by 
> default. I know I can easily use iptables to tighten the rules but I 
> wanted to know the reasons behind the choice of this default behaviour 
> and if it makes the system more vulnerable? I tried searching on the 
> Internet but did not get any satisfactory explanation. It will be 
> helpful if anybody knows the answers to my questions or can redirect me 
> to a helpful document.

  whenever i install a new system i include ufw (a firewall
program) just to catch any funny stuff that might try to
come through.

  the default settings seem to work well enough and i'm glad
i don't have to relearn the terminology and rules for iptables.

  i'm sure a much better solution is to run a separate router
as it's own layer of firewall may keep a lot of stuff out, 
but as of yet i'm just not under attack enough to make it
worth it.


  songbird

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Dan Purgert 
Reco wrote:
>   Hi.
>
> On Fri, Sep 21, 2018 at 11:18:36PM +0200, deloptes wrote:
>> Reco wrote:
>> 
>> > So, in this regard Debian is imperfect, but at least they give you right
>> > tools to solve the problem (iptables suite), and do not force braindead
>> > firewall policies by default (like RHEL does).
>> 
>> So this is why a wise guy buys an industrial pc for 200 US or wrt capable
>> router for 20-30 US installs linux and makes a good firewall then puts it
>> between ISP and his own network.
>
> That's one way of solving it as such measure only covers one's
> conventional household needs. Barely - as there's this guest Wi-Fi and
> that curious neighbour kid.

You don't firewall between your guest wifi and your trusted stuff?


-- 
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Relayer les alertes de sites distants

2018-09-21 Thread Eric Degenetais 
Éric Dégenètais

Le ven. 21 sept. 2018 20:12, Ph. Gras  a écrit :

> Hello,
>
> > À quel moment l'OP a t'il précisé que les alertes sont émises par son
> serveur courriel ? De ma lecture ce sont X machines qui envoient ces
> messages …
>
> 2ème ligne du message :
> "Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en
> temps (1 ou 2 fois par an) des alertes par mail."
>
> 1 machine… qui émet… par mail.
>
Une MACHINE PAR RÉSEAU, d'ailleurs un peu plus loin l'OP écrit :

>plusieurs machines disséminées sur toute la
>France utilisent ce compte pour émettre  des alertes.


> >
> > De mon côté mon serveur mail est indépendant des machines distantes
> émettrices de ces messages. Utiliser gmail me permet une redondance.
>
> OK, pourquoi pas la redondance, mais tu pourrais utiliser n'importe quoi
> d'autre pour l'obtenir, non ?
>
> Bonne soirée,
>
> Ph. Gras
>
Cordialement

Éric Dégenètais

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Reco 
Hi.

On Fri, Sep 21, 2018 at 11:18:36PM +0200, deloptes wrote:
> Reco wrote:
> 
> > So, in this regard Debian is imperfect, but at least they give you right
> > tools to solve the problem (iptables suite), and do not force braindead
> > firewall policies by default (like RHEL does).
> 
> So this is why a wise guy buys an industrial pc for 200 US or wrt capable
> router for 20-30 US installs linux and makes a good firewall then puts it
> between ISP and his own network.

That's one way of solving it as such measure only covers one's
conventional household needs. Barely - as there's this guest Wi-Fi and
that curious neighbour kid.

There are laptops that are expected to connect for foreign LANs. And
foreign LANs can be expected to contain all kinds of hostilities.

There are hosting providers that provide you hardware, some OS
installation customized to their (unusual if not perversive) tastes and
all the Internet inbound access.

So, as I wrote - they give everyone the right tools, so anyone has it.
Using them is simple enough (some assembly required though), but as
others wrote in this thread - there are no sane defaults.

Reco

Re: Relayer les alertes de sites distants

2018-09-21 Thread Ph. Gras 
Salut,

> Oui, mais cela ne veut toujours pas dire que c'est *cette* machine qui est le 
> serveur courriel de l'organisation! C'est juste une machine qui émet. Sur le 
> réseau de machines de l'OP il peut y en avoir une autre qui réceptionne 
> l'ensemble des messages émis. Je persiste …

On s'en fout un peu de savoir quelle machine est le serveur de courriel. La 
question posée par Olivier n'était pas d'identifier une machine dans un parc.

> 
>> [...]
>>> De mon côté mon serveur mail est indépendant des machines distantes 
>>> émettrices de ces messages. Utiliser gmail me permet une redondance.
>> OK, pourquoi pas la redondance, mais tu pourrais utiliser n'importe quoi 
>> d'autre pour l'obtenir, non ?
> 
> Quelle est ta définition de "n'importe quoi d'autre"? S'il s'agit de 
> fournisseur de service courriel, oui bien sûr. Je pourrai moi même faire la 
> redondance sur un second serveur MX de l'organisation. Même un 3ème. Le tout 
> est de savoir ce que l'on veut et quels moyen(s) on est prêt à y mettre.

N'importe quoi d'autre ne supporte par essence aucune définition. Cela peut 
donc être n'importe quoi, par exemple une bicyclette jaune de facteur ;-)

Dans ce cas, il s'agit même d'une redondance complètement timbrée.

À vendredi prochain,

Ph. Gras

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread ajh-valmer 
> grep Modeline /var/log/Xorg.0.log 
> grep xrandr .xinitrc
> il faut trouver les adresses :
> - VGA-0/1 
> - LVDS-0/1
> - HDMI-0/1 
> - DVI-I-0/1 :
Ou les trouver et ou les mettre ?

grep Modeline /var/log/Xorg.0.log
[  7736.098] (II) FBDEV(0): Modeline "current"x0.0   78.65  1024 1056 1184 
1312  768 772 776 792 -hsync -vsync -csync (59.9 kHz b)

Cette carte me mettait une bonne résolution,
je l'ai changée car son ventilo est bruyante pour une nvidia.

> >fglrx :
> Euh, tu parles de ATI, là, pas de Nvidia?
De ATI et nvidia.

> - quel driver utilises-tu pour ta carte ATI? :
xserver-xorg-video-ati

> - quel type d'écran utilises-tu
DVI (carte) <=> VGA (moniteur), écran plat récent.

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread deloptes 
Reco wrote:

> So, in this regard Debian is imperfect, but at least they give you right
> tools to solve the problem (iptables suite), and do not force braindead
> firewall policies by default (like RHEL does).

So this is why a wise guy buys an industrial pc for 200 US or wrt capable
router for 20-30 US installs linux and makes a good firewall then puts it
between ISP and his own network.

Re: Relayer les alertes de sites distants

2018-09-21 Thread daniel huhardeaux 

Le 21/09/2018 à 20:12, Ph. Gras a écrit :

Hello,


À quel moment l'OP a t'il précisé que les alertes sont émises par son serveur 
courriel ? De ma lecture ce sont X machines qui envoient ces messages …

2ème ligne du message :
"Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en temps (1 ou 2 
fois par an) des alertes par mail."

1 machine… qui émet… par mail.


Oui, mais cela ne veut toujours pas dire que c'est *cette* machine qui 
est le serveur courriel de l'organisation! C'est juste une machine qui 
émet. Sur le réseau de machines de l'OP il peut y en avoir une autre qui 
réceptionne l'ensemble des messages émis. Je persiste ...



[...]

De mon côté mon serveur mail est indépendant des machines distantes émettrices 
de ces messages. Utiliser gmail me permet une redondance.

OK, pourquoi pas la redondance, mais tu pourrais utiliser n'importe quoi 
d'autre pour l'obtenir, non ?


Quelle est ta définition de "n'importe quoi d'autre"? S'il s'agit de 
fournisseur de service courriel, oui bien sûr. Je pourrai moi même faire 
la redondance sur un second serveur MX de l'organisation. Même un 3ème. 
Le tout est de savoir ce que l'on veut et quels moyen(s) on est prêt à y 
mettre.


[...]

--
Daniel

PULSE & ALSA

2018-09-21 Thread eduardo gil 
Pregunta simple:

¿Es necesario Pulse y ALSA o con sólo uno basta?

Vi que se instalan los dos así que por ahí convendría quitar uno.

ANTES, hace bastante tiempo, solían instalar uno solo.

Lo pregunto porque estoy teniendo problemas de sonido (no se escucha audio)

Gracias

Saludos.

Re: Print with mupdf?

2018-09-21 Thread tomas 
On Fri, Sep 21, 2018 at 09:55:02PM +0200, to...@tuxteam.de wrote:

[...]

>   http://wiki.linuxcnc.org/cgi-bin/wiki.pl?Whitepapers_For_Reference
> 
> ...it doesn't download for me at the moment (server connection times
> out). I'll try later.

Ah, got an alternative:

  https://open.library.ubc.ca/media/download/pdf/831/1.0090209/2

Cheers
-- t


signature.asc
Description: Digital signature

Re: Print with mupdf?

2018-09-21 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, Sep 21, 2018 at 04:04:06PM +, Curt wrote:

[...]

> https://pdfs.semanticscholar.org/8898/277e40cca945a674f6765ed31d733dd90aaa.pdf

If I got it right, it's

  "On-Line Smooth Trajectory Planning for Manipulators"

which doesn't seem to be accessible from the link given at linuxcnc.org.
I'm a bit pressed ATM, but I'll see later.

> As I'm something of a jerk myself I found the paper of particular
> relevance.
> 
> YMMV.
> 
> ;-)

;-)

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlulTeEACgkQBcgs9XrR2kYdfwCfQhmZ1/QvClmEEGFo6CkCBfwq
DtIAn2s24M7arxofQj+MQ9vxnukoTR2b
=MUY9
-END PGP SIGNATURE-

Re: Print with mupdf?

2018-09-21 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, Sep 21, 2018 at 10:08:44AM -0400, Gene Heskett wrote:

[...]

> 

That would be

  http://batman.mech.ubc.ca/~ial/publication/theses/sonja.pdf

in

  http://wiki.linuxcnc.org/cgi-bin/wiki.pl?Whitepapers_For_Reference

...it doesn't download for me at the moment (server connection times
out). I'll try later.

I'll have a look at the other things too.

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlulTJYACgkQBcgs9XrR2kaLpgCffgYcjGI1YSj/WNDM/Hi0KrkI
lRMAn2hBvh+s+qRapsslJOsfJxVQK1/7
=b6IJ
-END PGP SIGNATURE-

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread David Wright 
On Fri 21 Sep 2018 at 22:59:57 (+0530), Subhadip Ghosh wrote:
> 
> Hi Dan,
> > The basic reason is this: it makes sense.
> > 
> > Let's suppose Debian installs a basic firewall by default. How
> > basic? Let's say:
> > 
> >  - outbound: permit
> >  - forward: deny
> >  - inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
> >response to an outbound packet
> > 
> > Now, what should happen when a user installs an SSH daemon?
> > Should it automatically change the firewall? Of course,
> > otherwise everyone who installs SSH would discover that it
> > doesn't work.
> > 
> > How many packages now have to have scripts written to update the
> > firewall?
> > 
> > What happens when a user installs a multi-protocol daemon like
> > Dovecot? Does it automatically open POP, POP/S, IMAP and IMAP/S?
> > All of them? None of them?
> > 
> > There are an infinite number of questions to be asked, all of
> > which can be summarized as "please read the user's mind and find
> > out what they want". This is particularly difficult when the
> > user doesn't know what they want.
> > 
> > Remember, Debian isn't a laptop OS. Debian isn't a desktop OS.
> > Debian isn't a phone OS. Debian isn't a server OS. Debian isn't
> > a supercomputing OS. Debian isn't an embedded device OS.
> > 
> > Debian is a Universal OS.
> 
> I wouldn't say whatever you said, doesn't make sense. I wish there
> were an easier way to know about it when I started using the OS,
> something to warn me that I need to configure the firewall to suit my
> needs. Maybe because I came from a different OS where the defaults
> were stricter, my expectations about the defaults were different.

The naive user is not going to know what to make of this warning,
so it will be as useless as Proposition 65. If/when they learn what
a firewall is, they should probably turn their attention firstly to
their router and modem combination and their ISP (particularly if it
"owns" the said devices).

OTOH default packet filtering on Debian machines could lead to an
explosion of support queries. That probably suits commercial providers
as they can then charge for their responses. Here, it just increases
the list traffic.

But if you're serious, the normal way is to write a suitable paragraph
and submit it as a wishlist bug against the debian-installer. Then it
might be discussed by people more expert than me.

Cheers,
David.

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread didier gaumet 
Le 21/09/2018 à 20:50, ajh-valmer a écrit :
s://wiki.debian.org/fr/NvidiaGraphicsDrivers#configure
> 
> Le driver proprio nvidia a besoin de fglrx qui n'existe plus sous Stretch.
> Il faut sans doute passer par le lien au dessus.

Euh, tu parles de ATI, là, pas de Nvidia?

> - Si je passe par "nouveau", pas de X graphique,
> - Si je passe par la version nvidia-340 legacy, j'ai le X
>   mais avec une résolution max impossible de 640x 340.
> 
> J'ai donc installé une autre carte vidéo AMD-ATI.
> (pensant que la nvidia pouvait être en panne).
> C'est à peine mieux avec résolution max de 1024x740, 
> encore bien insuffisante.
> Donc, ce ne serait pas la carte graphique.
[...]

- quel driver utilises-tu pour ta carte ATI?
- quel type d'écran utilises-tu (écran cathodique CRT ou écran plat LVDS)?
- quel type de câble utilises-tu entre carte graphique et écran (vidéo
composite, vidéo composantes, VGA, DVI, HDMI)?
(il me semble avoir entendu parler d'écrans plats en liaison analogique
VGA limités à des résolutions basses n'ayant rien à voir avec celles
permises par une liaison numérique DVI ou HDMI)

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Brian 
On Fri 21 Sep 2018 at 23:37:11 +0530, Subhadip Ghosh wrote:

> 
> > You mean the Windows warning "Your system is not protected"?
> > 
> > How mature shouldone be to know what it means to use the internet?
> > 
> > Where this message should come from?
> The last thing I want is a Windows like warning. I expected more like a line
> in the Installation manual warning about the default firewall configuration.

That's a fair enough comment. Perhaps an inquiry to -doc and/or -boot
might elicit some response.

-- 
Brian.

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread Bernard Schoenacker 



- Mail original -
> De: "ajh-valmer" 
> À: debian-user-french@lists.debian.org
> Envoyé: Vendredi 21 Septembre 2018 20:50:19
> Objet: Re: Impossible booter mode graphique ou résolution 640x340
> 
> Le driver proprio nvidia a besoin de fglrx qui n'existe plus sous
> Stretch.
> Il faut sans doute passer par le lien au dessus.
> 
> - Si je passe par "nouveau", pas de X graphique,
> - Si je passe par la version nvidia-340 legacy, j'ai le X
>   mais avec une résolution max impossible de 640x 340.
> 
> J'ai donc installé une autre carte vidéo AMD-ATI.
> (pensant que la nvidia pouvait être en panne).
> C'est à peine mieux avec résolution max de 1024x740,
> encore bien insuffisante.
> Donc, ce ne serait pas la carte graphique.
> 
> 
> Si je passe par la version nvidia-340 legacy, il me met le noyau
> 4.9.0-8,
> au lieu de 4.9.0-6 mais pareil, résolution de 640x 340.
> 
> Sinon, comment installer un noyau 4.17.0 ?
> 
> Merci, bonne fin de soirée.
> 

bonjour,

serait il possible de donner les caractéristiques de l'écran
afin de trouver les modelines ?

https://www.mythtv.org/wiki/Modeline_Database
https://arachnoid.com/modelines/

voici ce que j'ai chez moi

grep Modeline /var/log/Xorg.0.log 
[ 51208.853] (II) RADEON(0): Modeline "1024x768"x60.0   65.00  1024 1048 1184 
1344  768 771 777 806 -hsync -vsync (48.4 kHz e)
[ 51208.853] (II) RADEON(0): Modeline "800x600"x60.3   40.00  800 840 968 1056  
600 601 605 628 +hsync +vsync (37.9 kHz e)
[ 51208.853] (II) RADEON(0): Modeline "800x600"x56.2   36.00  800 824 896 1024  
600 601 603 625 +hsync +vsync (35.2 kHz e)
[ 51208.853] (II) RADEON(0): Modeline "848x480"x60.0   33.75  848 864 976 1088  
480 486 494 517 +hsync +vsync (31.0 kHz e)
[ 51208.853] (II) RADEON(0): Modeline "640x480"x59.9   25.18  640 656 752 800  
480 490 492 525 -hsync -vsync (31.5 kHz e)

et dans mon ~/.xinitrc j'ai ceci

grep xrandr .xinitrc

xrandr --newmode "1920x1080_60.00" 148.5 1920 2008 2052 2200 1080 1084 1089 
1125 +hsync +vsync
xrandr --addmode VGA-0 1920x1080_60.00
xrandr --output VGA-0 --mode 1920x1080_60.00


naturellement il faut trouver les adresses :

- VGA-0/1 
- LVDS-0/1
- HDMI-0/1 
- DVI-I-0/1

merci
slt
bernard

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Brian 
On Fri 21 Sep 2018 at 21:32:45 +0300, Reco wrote:

>   Hi.
> 
> On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> > On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> > 
> > >   Hi.
> > > 
> > > On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > > > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > > > Hi,
> > > > > 
> > > > > I am using Debian and the recently I learned that a standard Debian
> > > > > installation allows all 3 types of traffics especially incoming by 
> > > > > default.
> > > > > I know I can easily use iptables to tighten the rules but I wanted to 
> > > > > know
> > > > > the reasons behind the choice of this default behaviour and if it 
> > > > > makes the
> > > > > system more vulnerable? I tried searching on the Internet but did not 
> > > > > get
> > > > > any satisfactory explanation. It will be helpful if anybody knows the
> > > > > answers to my questions or can redirect me to a helpful document.
> > > > > 
> > > > 
> > > > The answer is easy. Because Debian is awesome (TM). So are most other
> > > > distributions.
> > > 
> > > Hear, hear.
> > > 
> > > > Run a netstat -t -l and you will see there is nothing listening. So 
> > > > what is
> > > > the point of running a firewall?
> > > 
> > > The point is to be a good netizen, as always. By running any sane kind of
> > > packet filter you're avoiding participating in TCP RST attack.
> > 
> > How do you do attack when (as Henning Follmann says) nothing is listening?
> 
> TCP RST attack requires exactly that. That, and an absence of a
> firewall.

You have given much food for thought. Thank you.
> 
> > There is no point with a standard Debian installation (which is what the
> > OP inquired about). Debian is already a good netizen.
> 
> Good person makes a TCP connection to unprotected (as in - no firewall
> interference) host. Since there's nothing on a host that does not listen
> appropriate TCP port - host's kernel sends back TCP RST packet.
> Good person's connection terminates, everyone's happy. That's how it
> goes in your typical LAN.
> 
> Evil person makes a TCP connection to unprotected host, but forges
> source IP. Host sends TCP RST to this forged IP, host acting as a
> 'reflector' to an attack. And being a bad netizen at the same time.
> 
> Evil person takes as many of such hosts as possible - and there goes
> your old-fashioned RST DDOS.
> 
> I recall that you've stated that your servers do not run any kind of
> packet filter. So, just in case - one cannot harm the reflector that
> way.

They don't. And, I still think the OP is fussing over nothing,

> So, in this regard Debian is imperfect, but at least they give you right
> tools to solve the problem (iptables suite), and do not force braindead
> firewall policies by default (like RHEL does).

If I used a packet filter I would want to base its use on some sensible.
Your post might help me to do it.

-- 
Brian.

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread ajh-valmer 
> Le 21/09/2018 à 17:18, ajh-valmer a écrit :
> > Par contre, j'ai suivi le mode d'emploi du lien ci-dessus, et niet, 
> > X ne se lance plus du tout.
> > Avec le driver "nvidia-xorg-video-legacy-340xx",
> > je reviens au point de départ de la panne,
> > avec une résolution graphique de 640x340 maximum, donc inacceptable.
> > Je ne sais pourquoi d'un coup la résolution X du bureau a changé
> > au boot.

On Friday 21 September 2018 18:12:07 didier gaumet wrote:
> - désolé, je me suis trompé, effectivement ta carte graphique est prise
> en charge par la version 340 legacy du driver proprio nvidia
> - je peux encore me tromper mais à mon avis tu as oublié ou mal accompli
> une étape pour ton "retour en arrière" pour utiliser Nouveau.
> - Si tu veux utiliser le driver proprio, il faut créer un fichier de
> config: https://wiki.debian.org/fr/NvidiaGraphicsDrivers#configure

Le driver proprio nvidia a besoin de fglrx qui n'existe plus sous Stretch.
Il faut sans doute passer par le lien au dessus.

- Si je passe par "nouveau", pas de X graphique,
- Si je passe par la version nvidia-340 legacy, j'ai le X
  mais avec une résolution max impossible de 640x 340.

J'ai donc installé une autre carte vidéo AMD-ATI.
(pensant que la nvidia pouvait être en panne).
C'est à peine mieux avec résolution max de 1024x740, 
encore bien insuffisante.
Donc, ce ne serait pas la carte graphique.

> Parce que le pilote ne convient pas au noyau ou alors à 
> la carte graphique.  As-tu essayé d’installer le noyau 4.17.0 ?

Si je passe par la version nvidia-340 legacy, il me met le noyau 4.9.0-8,
au lieu de 4.9.0-6 mais pareil, résolution de 640x 340.

Sinon, comment installer un noyau 4.17.0 ?

Merci, bonne fin de soirée.

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Reco 
Hi.

On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> 
> > Hi.
> > 
> > On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > > Hi,
> > > > 
> > > > I am using Debian and the recently I learned that a standard Debian
> > > > installation allows all 3 types of traffics especially incoming by 
> > > > default.
> > > > I know I can easily use iptables to tighten the rules but I wanted to 
> > > > know
> > > > the reasons behind the choice of this default behaviour and if it makes 
> > > > the
> > > > system more vulnerable? I tried searching on the Internet but did not 
> > > > get
> > > > any satisfactory explanation. It will be helpful if anybody knows the
> > > > answers to my questions or can redirect me to a helpful document.
> > > > 
> > > 
> > > The answer is easy. Because Debian is awesome (TM). So are most other
> > > distributions.
> > 
> > Hear, hear.
> > 
> > > Run a netstat -t -l and you will see there is nothing listening. So what 
> > > is
> > > the point of running a firewall?
> > 
> > The point is to be a good netizen, as always. By running any sane kind of
> > packet filter you're avoiding participating in TCP RST attack.
> 
> How do you do attack when (as Henning Follmann says) nothing is listening?

TCP RST attack requires exactly that. That, and an absence of a
firewall.

> There is no point with a standard Debian installation (which is what the
> OP inquired about). Debian is already a good netizen.

Good person makes a TCP connection to unprotected (as in - no firewall
interference) host. Since there's nothing on a host that does not listen
appropriate TCP port - host's kernel sends back TCP RST packet.
Good person's connection terminates, everyone's happy. That's how it
goes in your typical LAN.

Evil person makes a TCP connection to unprotected host, but forges
source IP. Host sends TCP RST to this forged IP, host acting as a
'reflector' to an attack. And being a bad netizen at the same time.

Evil person takes as many of such hosts as possible - and there goes
your old-fashioned RST DDOS.

I recall that you've stated that your servers do not run any kind of
packet filter. So, just in case - one cannot harm the reflector that
way.


So, in this regard Debian is imperfect, but at least they give you right
tools to solve the problem (iptables suite), and do not force braindead
firewall policies by default (like RHEL does).

Reco

Re: [SOLVED] Re: Yet another UEFI/BIOS question

2018-09-21 Thread Pascal Hambourg 

Le 21/09/2018 à 08:34, steve a écrit :

Le 20-09-2018, à 20:25:26 +0200, Pascal Hambourg a écrit :


You don't need to convert anything. UEFI can use DOS partition tables.


I know since that's what I'm currently doing.


Doing what ?


Using msdos partition tables.


This is irrelevant because until now you were booting Debian in legacy 
(BIOS) mode.


I am not talking about you doing anything. I am saying that native 
UEFI boot (NOT legacy boot) can use a disk with a DOS partition table, 
provided that it has an EFI system partition (Id 0xef).


Isn't it ef00?


No. ef00 is a gdisk specific mnemonic for the EFI system partition type 
identifier in a GPT partition table. The actual GUID is 
C12A7328-F81F-11D2-BA4B-00A0C93EC93B.
(0x)ef is the partition type identifier for an EFI system partition in a 
DOS partition table.



Because what I finally did is install a fresh Debian on another device
(using GPT) and the ACPI errors still were there.


In legacy mode (with a BIOS boot partition) or EFI mode (with an EFI 
system partition) ?



I used the opportunity of having another Debian to convert my sda disk
to GPT tables, and change the BIOS setting to UEFI only (just for the
sake of it). So all my disk have a GPT partition table except for the 3
ones for the RAID1 array. Not sure whether I can use the same
manipulations to convert them to GPT also. But since they work fine, I
might leave it as it is.


You can, but IMO it provides little value. GPT is useful in the 
following cases :

- disk bigger that 2 TiB
- more that 4 partition without the extended/logical partition kludge
- need to use PARTLABEL or PARTUUD (but RAID uses its own UUID)
- system disk for Windows in EFI mode

AFAICS none of these conditions apply to your RAID disks. However I 
noticed that 2 out of the 3 RAID partition on each disk are logical 
partitions. This is not necessary if there are only 3 partitions per 
disk. So in order to get rid of the extended partition kludge, you could 
either convert the logical partitions into primary partitions or convert 
the partition table to GPT.

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Brian 
On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:

>   Hi.
> 
> On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > Hi,
> > > 
> > > I am using Debian and the recently I learned that a standard Debian
> > > installation allows all 3 types of traffics especially incoming by 
> > > default.
> > > I know I can easily use iptables to tighten the rules but I wanted to know
> > > the reasons behind the choice of this default behaviour and if it makes 
> > > the
> > > system more vulnerable? I tried searching on the Internet but did not get
> > > any satisfactory explanation. It will be helpful if anybody knows the
> > > answers to my questions or can redirect me to a helpful document.
> > > 
> > 
> > The answer is easy. Because Debian is awesome (TM). So are most other
> > distributions.
> 
> Hear, hear.
> 
> > Run a netstat -t -l and you will see there is nothing listening. So what is
> > the point of running a firewall?
> 
> The point is to be a good netizen, as always. By running any sane kind of
> packet filter you're avoiding participating in TCP RST attack.

How do you do attack when (as Henning Follmann says) nothing is listening?
There is no point with a standard Debian installation (which is what the
OP inquired about). Debian is already a good netizen.

-- 
Brian.

Re: Relayer les alertes de sites distants

2018-09-21 Thread Ph. Gras 
Hello,

> À quel moment l'OP a t'il précisé que les alertes sont émises par son serveur 
> courriel ? De ma lecture ce sont X machines qui envoient ces messages …

2ème ligne du message :
"Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en temps (1 
ou 2 fois par an) des alertes par mail."

1 machine… qui émet… par mail.

> 
> De mon côté mon serveur mail est indépendant des machines distantes 
> émettrices de ces messages. Utiliser gmail me permet une redondance.

OK, pourquoi pas la redondance, mais tu pourrais utiliser n'importe quoi 
d'autre pour l'obtenir, non ?

Bonne soirée,

Ph. Gras

Re: netstat

2018-09-21 Thread Reco 
Hi.

On Fri, Sep 21, 2018 at 01:52:00PM -0400, rhkra...@gmail.com wrote:
> On Friday, September 21, 2018 08:55:21 AM Henning Follmann wrote:
> > Run a netstat -t -l and you will see there is nothing listening. So what is
> > the point of running a firewall?
> 
> I'm not the OP, but I decided to play along and run:
> 
> 
> root@s19:~# netstat -t -l
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address   Foreign Address State 
>  
> tcp0  0 localhost:smtp  *:* LISTEN
>  
> tcp0  0 *:microsoft-ds  *:* LISTEN
>  
> tcp0  0 *:netbios-ssn   *:* LISTEN
>  
> tcp0  0 *:53647 *:* LISTEN
>  
> tcp0  0 *:sunrpc*:* LISTEN
>  
> tcp0  0 localhost:ipp   *:* LISTEN
>  
> 
> 
> (This on my wheezy system.)
> 
> What is that telling me

You have exim (most probably), samba, nfs portmapper and CUPS running.
And that thing (whatever it is) which is listening tcp:53647.

samba, portmapper and that 53647 thing are listening on all interfaces,
i.e. are reachable from outside of your host. Unless a packet filter
intervenes, that is.

And, of course, that is TCP only, there can be processes listening UDP
sockets too.

Btw consider using 'ss -nptl' or 'netstat -nptl' for a more meaningful
result.

> and should I be worried.

No, assuming that you're:

1) Using only Debian-provided software.
2) Installed and started Samba intentionally.
3) Do not intend to provide SMB to all the Internet.

Reco

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Subhadip Ghosh 




You mean the Windows warning "Your system is not protected"?

How mature shouldone be to know what it means to use the internet?

Where this message should come from?
The last thing I want is a Windows like warning. I expected more like a 
line in the Installation manual warning about the default firewall 
configuration.

Imagine I install 450MB debian as my firewall or server - no gui, or I
install debian with arbitrary desktop - who is going to do the warning.
If it is the installer, what should happen next - should I install something
or not and even if I install it and then I decide to use a different
solution - who is going to manage it?

It overcomplicates things.

I personally would be also glad to have some kind of handy firewall.
There is a firewall program that comes installed by default in Debian. 
It's called iptables.

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread deloptes 
Subhadip Ghosh wrote:

> something to
> warn me that I need to configure the firewall to suit my needs.

You mean the Windows warning "Your system is not protected"?

How mature shouldone be to know what it means to use the internet?

Where this message should come from?

Imagine I install 450MB debian as my firewall or server - no gui, or I
install debian with arbitrary desktop - who is going to do the warning.
If it is the installer, what should happen next - should I install something
or not and even if I install it and then I decide to use a different
solution - who is going to manage it?

It overcomplicates things.

I personally would be also glad to have some kind of handy firewall.

regards

netstat (was: Re: Why does Debian allow all incoming traffic by default)

2018-09-21 Thread rhkramer 
On Friday, September 21, 2018 08:55:21 AM Henning Follmann wrote:
> Run a netstat -t -l and you will see there is nothing listening. So what is
> the point of running a firewall?

I'm not the OP, but I decided to play along and run:


root@s19:~# netstat -t -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address State  
tcp0  0 localhost:smtp  *:* LISTEN 
tcp0  0 *:microsoft-ds  *:* LISTEN 
tcp0  0 *:netbios-ssn   *:* LISTEN 
tcp0  0 *:53647 *:* LISTEN 
tcp0  0 *:sunrpc*:* LISTEN 
tcp0  0 localhost:ipp   *:* LISTEN 


(This on my wheezy system.)

What is that telling me, and should I be worried.


> By default no services (ipp might be the one exception) are running and
> listening. So that's your security, just don't run what you don't need.
> 
> 
> -H

Re: Relayer les alertes de sites distants

2018-09-21 Thread daniel huhardeaux 

Le 21/09/2018 à 19:18, Ph. Gras a écrit :

Bonsoiiir


[...]
Envoyer vers ton propre serveur

Pas très malin, vu que les alertes sont envoyées depuis cette machine :-P


À quel moment l'OP a t'il précisé que les alertes sont émises par son 
serveur courriel ? De ma lecture ce sont X machines qui envoient ces 
messages ...


De mon côté mon serveur mail est indépendant des machines distantes 
émettrices de ces messages. Utiliser gmail me permet une redondance.


[...]

--
Daniel

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Subhadip Ghosh 

Hi Roberto,

Blocking incoming and forwarded traffic would probably not be surprising
to many people.  However, blocking outgoint traffic would be exceedingly
confusing to many people.

Yep. Totally agreed.
https://www.debian.org/doc/manuals/debian-handbook/security.en.html 

Thanks.

While there is possibly an argument that not configuring a firewall by
default introduces some vulnerability, it is equally valid to argue that
there are no sensible default firewall policies that can be put into
place without a defined threat model.

I suspect that the vast majority of people deploying systems are doing
so behind some sort of device that provides border security to the local
network (e.g., router/firewall/NAT/etc.).  So, if the default threat
model is "a relatively trusted network with adequate border security"
then the current default is appropriate.

Those who deploy systems directly to a location where they are in
immediate contact with the public Internet should already understand the
ramifications of that decision and tailor their installation process
accordingly.


I don't disagree.

Thanks,
Subhadip

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Subhadip Ghosh 



Hi Dan,

The basic reason is this: it makes sense.

Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:

 - outbound: permit
 - forward: deny
 - inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
   response to an outbound packet

Now, what should happen when a user installs an SSH daemon?
Should it automatically change the firewall? Of course,
otherwise everyone who installs SSH would discover that it
doesn't work.

How many packages now have to have scripts written to update the
firewall?

What happens when a user installs a multi-protocol daemon like
Dovecot? Does it automatically open POP, POP/S, IMAP and IMAP/S?
All of them? None of them?

There are an infinite number of questions to be asked, all of
which can be summarized as "please read the user's mind and find
out what they want". This is particularly difficult when the
user doesn't know what they want.

Remember, Debian isn't a laptop OS. Debian isn't a desktop OS.
Debian isn't a phone OS. Debian isn't a server OS. Debian isn't
a supercomputing OS. Debian isn't an embedded device OS.

Debian is a Universal OS.


I wouldn't say whatever you said, doesn't make sense. I wish there were 
an easier way to know about it when I started using the OS, something to 
warn me that I need to configure the firewall to suit my needs. Maybe 
because I came from a different OS where the defaults were stricter, my 
expectations about the defaults were different.


Thanks,
Subhadip

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Subhadip Ghosh 

Hi Pablo,

On 21/09/18 9:50 PM, Pablo Álvarez Córdoba wrote:


I do not know, but:
- By default there are no services listening (except in 127.0.0.1)
- A server is usually behind a router/firewall
- It is better that each user configure their system as they want, 
instead of having default values. Although it would be nice if the 
installer warns you that by default iptables does not have any rules.


Exactly my point. I don't mind configuring the firewall for myself but I 
do like to be warned about the defaults when the default policies are 
not much strict.


Thanks,
Subhadip

Re: Relayer les alertes de sites distants

2018-09-21 Thread Ph. Gras 
Bonsoiiir

>> 
>> J'ai plusieurs réseaux sur des sites géographiques éloignés.
>> Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en temps 
>> (1 ou 2 fois par an) des alertes par mail.
>> 
>> Jusqu'à présent, ces alertes sont envoyées via un compte GMail, plus ou 
>> moins dédié à cet usage: plusieurs machines disséminées sur toute la France 
>> utilisent ce compte pour émettre  des alertes.
>> 
>> Malheureusement, une fois sur deux, pour ne pas dire plus, GMail bloque ces 
>> envois car ils sont pour lui un caractère suspect.
> 
> J'envoie à partir de différentes adresses corriel vers un compte gmail dédié, 
> le message est systématiquement accepté. Dans les paramètres du compte gmail 
> j'envoie également une copie vers une autre adresse.
> 
>> [...]
>> 
>> Quels suggestions et retour d'expérience ?
> 
> Envoyer vers ton propre serveur

Pas très malin, vu que les alertes sont envoyées depuis cette machine :-P

Je suggérerais plutôt de se pencher sur la configuration de Postfix ou autre 
MTA chargé de transporter ces alertes.
À partir des logs (/var/log/mail.*), tu peux déjà avoir une idée de ce qui pose 
problème à Gmail.

Après, tu peux t'inscrire à Postmaster tools :
https://gmail.com/postmaster/

Un machin pour lequel Google a astucieusement fait la promotion en mettant 
plein de gens comme toi dans la m…
Un petit tutoto pour l'utiliser :
https://fr.mailjet.com/blog/news/postmaster-gmail2/

Autre solution, se passer de Gmail en utilisant son propre service de mailing.

Bon courage,

Ph. Gras

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Dan Ritter 
On Fri, Sep 21, 2018 at 09:02:26AM +0530, Subhadip Ghosh wrote:
> Hi Roberto,
> 
> On Friday 21 September 2018 08:51 AM, Roberto C. Sánchez wrote:
> > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > Hi,
> > > 
> > > I am using Debian and the recently I learned that a standard Debian
> > > installation allows all 3 types of traffics especially incoming by 
> > > default.
> > What do you mean by "all 3 types of traffics"?
> Incoming, Outgoing and Forward
> > > I know I can easily use iptables to tighten the rules but I wanted to know
> > > the reasons behind the choice of this default behaviour and if it makes 
> > > the
> > > system more vulnerable?
> > The behavior you observe is likely because that is the best default that is
> > universally applicable.
> But does it make the system more vulnerable in any way to attacks over the
> network? And how will a new Debian user would know of this behaviour? I
> don't even see it mentioned on the Stretch Installation manual anywhere.
> > 
> > > I tried searching on the Internet but did not get
> > > any satisfactory explanation. It will be helpful if anybody knows the
> > > answers to my questions or can redirect me to a helpful document.
> > > 
> > Where did you search or what terms did you use?
> Search engines (Google and Duckduckgo). Search terms were similar to the
> email subject line. I also read the wiki on Debian Firewall where it says
> about the choice of defaults but not the reasons.

The basic reason is this: it makes sense.

Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:

- outbound: permit
- forward: deny
- inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
  response to an outbound packet

Now, what should happen when a user installs an SSH daemon?
Should it automatically change the firewall? Of course,
otherwise everyone who installs SSH would discover that it
doesn't work.

How many packages now have to have scripts written to update the
firewall?

What happens when a user installs a multi-protocol daemon like
Dovecot? Does it automatically open POP, POP/S, IMAP and IMAP/S?
All of them? None of them?

There are an infinite number of questions to be asked, all of
which can be summarized as "please read the user's mind and find
out what they want". This is particularly difficult when the
user doesn't know what they want.

Remember, Debian isn't a laptop OS. Debian isn't a desktop OS.
Debian isn't a phone OS. Debian isn't a server OS. Debian isn't
a supercomputing OS. Debian isn't an embedded device OS.

Debian is a Universal OS. 

-dsr-

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Reco 
Hi.

On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > Hi,
> > 
> > I am using Debian and the recently I learned that a standard Debian
> > installation allows all 3 types of traffics especially incoming by default.
> > I know I can easily use iptables to tighten the rules but I wanted to know
> > the reasons behind the choice of this default behaviour and if it makes the
> > system more vulnerable? I tried searching on the Internet but did not get
> > any satisfactory explanation. It will be helpful if anybody knows the
> > answers to my questions or can redirect me to a helpful document.
> > 
> 
> The answer is easy. Because Debian is awesome (TM). So are most other
> distributions.

Hear, hear.

> Run a netstat -t -l and you will see there is nothing listening. So what is
> the point of running a firewall?

The point is to be a good netizen, as always. By running any sane kind of
packet filter you're avoiding participating in TCP RST attack.

> By default no services (ipp might be the one exception) are running and
> listening.

Portmapper does - tcp 111.

Reco

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Pablo Álvarez Córdoba 

I do not know, but:
\- By default there are no services listening (except in 127.0.0.1)
\- A server is usually behind a router/firewall
\- It is better that each user configure their system as they want, instead of 
having default values. Although it would be nice if the installer warns you 
that by default iptables does not have any rules.





\ Mensaje original 
On 21 sept. 2018 5:04, Subhadip Ghosh < subhadip@gmail.com> escribió:

>
>
>
> Hi,
>
> I am using Debian and the recently I learned that a standard Debian
> installation allows all 3 types of traffics especially incoming by
> default. I know I can easily use iptables to tighten the rules but I
> wanted to know the reasons behind the choice of this default behaviour
> and if it makes the system more vulnerable? I tried searching on the
> Internet but did not get any satisfactory explanation. It will be
> helpful if anybody knows the answers to my questions or can redirect me
> to a helpful document.
>
> Thanks,
> Subhadip

publickey - pabloalvarezcordoba@protonmail.ch - 0x209A3FD7.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature

Re : Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread nicolas . patrois 
Le 21/09/2018 15:18:59, ajh-valmer a écrit :

> Je n'ai plus le message "Failed to start Kernel load modules".

> Par contre, j'ai suivi le mode d'emploi du lien ci-dessus, et niet, 
> X ne se lance plus du tout.

> Avec le driver "nvidia-xorg-video-legacy-340xx",
> je reviens au point de départ de la panne,
> avec une résolution graphique de 640x340 maximum, donc inacceptable.

> Je ne sais pourquoi d'un coup la résolution X du bureau a changé
> au boot.

Parce que le pilote ne convient pas au noyau ou alors à la carte graphique.
As-tu essayé d’installer le noyau 4.17.0 ?

nicolas patrois : pts noir asocial
-- 
RÉALISME

M : Qu'est-ce qu'il nous faudrait pour qu'on nous considère comme des humains ? 
Un cerveau plus gros ?
P : Non... Une carte bleue suffirait...

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread didier gaumet 
Le 21/09/2018 à 17:18, ajh-valmer a écrit :

> Merci.
> 
> Je n'ai plus le message "Failed to start Kernel load modules".
> 
> Par contre, j'ai suivi le mode d'emploi du lien ci-dessus, et niet, 
> X ne se lance plus du tout.
> 
> Avec le driver "nvidia-xorg-video-legacy-340xx",
> je reviens au point de départ de la panne,
> avec une résolution graphique de 640x340 maximum, donc inacceptable.
> 
> Je ne sais pourquoi d'un coup la résolution X du bureau a changé
> au boot.
> 
> Voilà le topo, je ne sais plus que faire...
> 
> Sur mes 2 autres PC, je n'ai aucun problème,
> avec l'un carte nvidia et l'autre AMD-ATI,
> sous debian-stretch et même noyau 4.9.0-6-686

- désolé, je me suis trompé, effectivement ta carte graphique est prise
en charge par la version 340 legacy du driver proprio nvidia
- je peux encore me tromper mais à mon avis tu as oublié ou mal accompli
une étape pour ton "retour en arrière" pour utiliser Nouveau.
- Si tu veux utiliser le driver proprio, il faut créer un fichier de
config: https://wiki.debian.org/fr/NvidiaGraphicsDrivers#configure

Re: Print with mupdf?

2018-09-21 Thread Curt 
On 2018-09-21,   wrote:
>
>> Probably a good question Tomas, but I've no recent experience with it. 
>> Installed now, and looking for a pdf to look at, I found the phd thesis 
>> of Sonja MacFarland, dated in 2001, that probably covers some of the 
>> math in the LinuxCNC trajectory planner, which was last updated about a 
>> year ago [...]
>
> This sounds interesting in itself. Care to share a link?
>

I thought so, too, but only managed to find this paper from 2003, written in
collaboration with Elizabeth Cross.

 Jerk-Bounded Manipulator Trajectory Planning:
 Design for Real-Time Applications

https://pdfs.semanticscholar.org/8898/277e40cca945a674f6765ed31d733dd90aaa.pdf

As I'm something of a jerk myself I found the paper of particular
relevance.

YMMV.

;-)

-- 
“An oak is a tree. A rose is a flower. A deer is an animal. A sparrow is a
bird. Russia is our fatherland. Death is inevitable.” Russian school book.

Re: Relayer les alertes de sites distants

2018-09-21 Thread daniel huhardeaux 

Le 21/09/2018 à 17:05, Olivier a écrit :

Bonjour,


Bonjour



J'ai plusieurs réseaux sur des sites géographiques éloignés.
Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en 
temps (1 ou 2 fois par an) des alertes par mail.


Jusqu'à présent, ces alertes sont envoyées via un compte GMail, plus 
ou moins dédié à cet usage: plusieurs machines disséminées sur toute 
la France utilisent ce compte pour émettre  des alertes.


Malheureusement, une fois sur deux, pour ne pas dire plus, GMail 
bloque ces envois car ils sont pour lui un caractère suspect.


J'envoie à partir de différentes adresses corriel vers un compte gmail 
dédié, le message est systématiquement accepté. Dans les paramètres du 
compte gmail j'envoie également une copie vers une autre adresse.



[...]

Quels suggestions et retour d'expérience ?


Envoyer vers ton propre serveur

--
Daniel

Re: libcurl3 and libcurl4

2018-09-21 Thread deloptes 
A_Man_Without_Clue wrote:

> I'm running the buster.

Ok, but then the question is where do you get libcurl3 from?

mixing libraries compiled against different version is dangerous.

regards

Re: Impossible booter mode graphique ou résolution 640x340

2018-09-21 Thread ajh-valmer 
On Thursday 20 September 2018 23:49:21 didier gaumet wrote:
> 
https://wiki.debian.org/fr/NvidiaGraphicsDrivers#Revenir_en_arri.2BAOg-re_en_cas_d.27incident
> il n'y a à priori plus de module propriétaire nvidia pour ton matériel
>(trop vieux) donc il te faut utiliser le pilote libre "nouveau"

Merci.

Je n'ai plus le message "Failed to start Kernel load modules".

Par contre, j'ai suivi le mode d'emploi du lien ci-dessus, et niet, 
X ne se lance plus du tout.

Avec le driver "nvidia-xorg-video-legacy-340xx",
je reviens au point de départ de la panne,
avec une résolution graphique de 640x340 maximum, donc inacceptable.

Je ne sais pourquoi d'un coup la résolution X du bureau a changé
au boot.

Voilà le topo, je ne sais plus que faire...

Sur mes 2 autres PC, je n'ai aucun problème,
avec l'un carte nvidia et l'autre AMD-ATI,
sous debian-stretch et même noyau 4.9.0-6-686

A. V.

Relayer les alertes de sites distants

2018-09-21 Thread Olivier 
Bonjour,

J'ai plusieurs réseaux sur des sites géographiques éloignés.
Dans ces réseaux j'ai un une machine sous Debian qui émet de temps en temps
(1 ou 2 fois par an) des alertes par mail.

Jusqu'à présent, ces alertes sont envoyées via un compte GMail, plus ou
moins dédié à cet usage: plusieurs machines disséminées sur toute la France
utilisent ce compte pour émettre  des alertes.

Malheureusement, une fois sur deux, pour ne pas dire plus, GMail bloque ces
envois car ils sont pour lui un caractère suspect.

Qui a trouvé une solution satisfaisante dans ce type de situation ? Comment
la décrire ?

J'imaginais en vrac:

1. Envoyer des SMS plutôt que des emails (mais il arrive fréquemement
qu'une unique panne génère 20 ou 30 emails alors ...)

2. Utiliser un autre compte mail (mais lequel ?)

Quels suggestions et retour d'expérience ?

Slts

Re: sortie audio sur un netbook

2018-09-21 Thread Bernard Schoenacker 



- Mail original -
> De: "Bernard Schoenacker" 
> À: "Liste Debian" 
> Envoyé: Vendredi 21 Septembre 2018 10:23:53
> Objet: Re: sortie audio sur un netbook
> 
> 
> 
> - Mail original -
> > De: "Bernard Schoenacker" 
> > À: "Liste Debian" 
> > Envoyé: Vendredi 21 Septembre 2018 10:02:28
> > Objet: sortie audio sur un netbook
> > 
> > bonjour,
> > 
> > j'ai un problème de son sur le netbook et je ne trouve
> > pas la solution
> > 
> > lspci -nn
> > 00:00.0 Host bridge [0600]: Intel Corporation Atom Processor
> > Z36xxx/Z37xxx Series SoC Transaction Register [8086:0f00] (rev 0f)
> > 00:02.0 VGA compatible controller [0300]: Intel Corporation Atom
> > Processor Z36xxx/Z37xxx Series Graphics & Display [8086:0f31] (rev
> > 0f)
> > 00:1a.0 Encryption controller [1080]: Intel Corporation Atom
> > Processor Z36xxx/Z37xxx Series Trusted Execution Engine [8086:0f18]
> > (rev 0f)
> > 00:1d.0 USB controller [0c03]: Intel Corporation Atom Processor
> > Z36xxx/Z37xxx Series USB EHCI [8086:0f34] (rev 0f)
> > 00:1f.0 ISA bridge [0601]: Intel Corporation Atom Processor
> > Z36xxx/Z37xxx Series Power Control Unit [8086:0f1c] (rev 0f)
> > 
> > attention c'est indiqué hdmi, et ça me fait une belle jambe
> > 
> > pour pavucontrol : sortie factice
> > 
> > pour alsamixer j'ai :
> > 
> > 
> > -  (par défaut)
> > 0  bytcr-rt5640
> > 1  Intel HDMI/DP LPE Audio
> > 
> > 
> > /proc/asound/cards
> > 
> > 0 [bytcrrt5640]: bytcr-rt5640 - bytcr-rt5640
> >   bytcr-rt5640-mono-spk-in1-mic
> >  1 [Audio  ]: HdmiLpeAudio - Intel HDMI/DP LPE Audio
> >   Intel HDMI/DP LPE Audio
> > 
> > 
> > 
> > aplay -l
> >  Liste des Périphériques Matériels PLAYBACK 
> > carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 0: Baytrail Audio
> > (*) []
> >   Sous-périphériques: 1/1
> >   Sous-périphérique #0: subdevice #0
> > carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 1: Deep-Buffer
> > Audio (*) []
> >   Sous-périphériques: 1/1
> >   Sous-périphérique #0: subdevice #0
> > carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 0:
> > HdmiLpeAudio [Intel HDMI/DP LPE Audio]
> >   Sous-périphériques: 1/1
> >   Sous-périphérique #0: subdevice #0
> > carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 1:
> > HdmiLpeAudio [Intel HDMI/DP LPE Audio]
> >   Sous-périphériques: 1/1
> >   Sous-périphérique #0: subdevice #0
> > 
> > 
> > 
> > pour l'instant j'ai une piste :
> > 
> > https://www.linuxquestions.org/questions/linux-laptop-and-netbook-25/bytcr-rt5640-can%27t-get-sound-to-work-4175635564/
> > 
> > ce qui est demandé ( blacklist) : snd_hdmi_lpe_audio
> > 
> > je n'ai pas compris où faut il l'indiquer
> > 
> > mais c'est à voir ...
> > 
> > merci
> > slt
> > bernard
> > 
> 
> 
> bonjour,
> 
> j'ai trouvé dans la doc, la façon de délester un module :
> 
> echo  blacklist snd_hdmi_lpe_audio >>/etc/modprobe.d/blacklist.conf
> 
> merci
> slt
> bernard
> 

bonjour,

et j'ai toujours pas de sortie audio tout va dans dave null

merci
slt
bernard

Re: Synaptic problems - operator ERROR ;{

2018-09-21 Thread Richard Owlett 

On 09/20/2018 01:20 PM, didier gaumet wrote:

Le 20/09/2018 à 17:33, Richard Owlett a écrit :

I'm using Debian 9 with MATE.
I installed Emacs using Synaptic.

[...]

  There error messages were:

E: Unable to correct problems, you have held broken packages.

[...]

not using Synaptic myself, but from the Synaptic Help:

To Fix Broken Packages
Synaptic Package Manager will not allow any further changes to the
system before all broken packages are fixed.
To show all broken packages choose the Broken filter.
To correct the broken packages perform the following steps: choose Edit
▸ Fix Broken Packages from the menu.
Choose Edit ▸ Fix Broken Packages from the menu.
Apply the marked changes to actually fix the packages:
Click on Apply in the toolbar.
Choose Edit ▸ Apply Marked Changes from the menu.
Press the key combination Ctrl+E.
You will be asked for confirmation. Check the summarized changes that
will be applied. To continue with the actual repair confirm the changes
click on Apply
During the processing of the changes you will see a progressbar. Wait
until the changes have been applied. This can take some time depending
on the number of changes. Afterwards you will be returned to the main
window.
The progressbar is not available on Debian system. Instead you will see
a detailed terminal output.




Thought I did that. Had broken before and had had no problems.
It's moot now. Had massive system problems. Running from an alternate 
system.

Thank you.

Re: libcurl3 and libcurl4

2018-09-21 Thread A_Man_Without_Clue 



On 09/21/2018 10:56 PM, Greg Wooledge wrote:
> On Fri, Sep 21, 2018 at 10:52:23PM +0900, A_Man_Without_Clue wrote:
>> I did find that when I installed "cmake", libcurl3 was replaced with
>> libcurl4. So I removed "cmake", run apt-cache rdepends libcurl4 and
>> nothing was dependent on that so I removed it, and downloaded libcurl3
>> and re-installed it.
>>
>> Now the problem with viber is gone.
> 
> But... there's still the question of HOW you got libcurl4 in the first
> place.  There is no libcurl4 package in stretch.
> 
> As you can see on 
> it is only in buster and sid.
> 
> So, you probably frankendebianed your system at some point.  That's
> the larger issue that people were trying to uncover.  You might have
> undone *some* of the damage just now, by removing this one particular
> testing/unstable package, but there could be more.
> 


I'm running the buster.

Re: Print with mupdf?

2018-09-21 Thread Gene Heskett 
On Friday 21 September 2018 05:59:16 to...@tuxteam.de wrote:

> On Fri, Sep 21, 2018 at 05:30:22AM -0400, Gene Heskett wrote:
> > On Friday 21 September 2018 03:05:46 to...@tuxteam.de wrote:
> > > What's wrong with gv? [...]
> >
> > Probably a good question Tomas, but I've no recent experience with
> > it. Installed now, and looking for a pdf to look at, I found the phd
> > thesis of Sonja MacFarland, dated in 2001, that probably covers some
> > of the math in the LinuxCNC trajectory planner, which was last
> > updated about a year ago [...]
>
> This sounds interesting in itself. Care to share a link?
>


> > I see it has "print all", and "print-marked" options that use lpr,
> > so one would have to setup some defaults to make it use the correct
> > printer, and printer profile in a more than one printer environment.
> > Getting that /right/ might take some experimentation.
>
> Yes, but that'd be the Right Unix Way (TM), not every app bringing
> along its little world and trampling on other's front gardens >;-)

True.

> > It properly handled the graphics symbols commonly used in math, but
> > of what I looked at, no color graphics, so let me look at something
> > I am quite familiar with. But I wasn't able to navigate its broken
> > directory reader in its open selector to gain access to those docs.
> > Thats a showstopper. The slider that should allow one to scan a
> > directory tree alternates between a small marker one can drag with a
> > mouse, but on a second drag attempt it jumps to full height of the
> > buttons space, and allows no more scanning of the /usr/share/doc
> > directory while still in the a's. Total show stopper here if it's
> > incapable of navigating a directory with thousands of entries.
>
> I'll do some research on gv if nobody bears me to it. Gv builds on
> ghostscript and /should/ do color (famous last words)

I have no doubts it will do the color stuffs just fine. The code at its 
core is at least 30yo and did fine printing it to a cgp-220 ink 
squirter. Which had all the resolution of a 7 dot x 9 pin dot matrix pin 
pounder, so it did far more damage to the image than the code did.

It is the file open dialog that cripples it, sucking dead toads thru soda 
straws, but theres a move afoot on the left coast here to outlaw straws 
now. Probably another of PETA's wild ideas predicated on the toad being 
alive before it encountered the straw. :)

Since it (ghostscript) was purely a cli driven codebase 30 years ago, 
taking all its option settings from command line arguments, the trouble 
I encountered can be laid on the table in front of the coder who added 
the GUI file open dialog in more recent history. A quick look at "man 
gv" shows that the cli arguments have not all been stripped out. If 
curious try to see the diffs between gv -h, and ghostscript -h. I note 
that ghostscript still carry's the Artifex copyright notice:

gene@coyote:/media$ ghostscript -h
GPL Ghostscript 9.05 (2012-02-08)
Copyright (C) 2010 Artifex Software, Inc.  All rights reserved.

Whereas gv has even stripped that out. Both should be able to handle 
pdf's up to 1.3 but the pdf spec has been advanced since, I think to 
1.5? but don't have data to show that other than writing a script to get 
that from the headers of a quarter terabyte of pdf's I have here.

All this of coarse can be seen by any user who cares to look, so I'm 
carrying a bucket of very cold ashes to Newcastle with this post.

> cheers
> -- tomás

Take care now, Tomas.

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: libcurl3 and libcurl4

2018-09-21 Thread Greg Wooledge 
On Fri, Sep 21, 2018 at 10:52:23PM +0900, A_Man_Without_Clue wrote:
> I did find that when I installed "cmake", libcurl3 was replaced with
> libcurl4. So I removed "cmake", run apt-cache rdepends libcurl4 and
> nothing was dependent on that so I removed it, and downloaded libcurl3
> and re-installed it.
> 
> Now the problem with viber is gone.

But... there's still the question of HOW you got libcurl4 in the first
place.  There is no libcurl4 package in stretch.

As you can see on 
it is only in buster and sid.

So, you probably frankendebianed your system at some point.  That's
the larger issue that people were trying to uncover.  You might have
undone *some* of the damage just now, by removing this one particular
testing/unstable package, but there could be more.

Re: libcurl3 and libcurl4

2018-09-21 Thread A_Man_Without_Clue 



On 09/21/2018 08:29 PM, deloptes wrote:
> A_Man_Without_Clue wrote:
> 
>> Hi all,
>>
>> As I was asking in another topic, I was trying to set up CdEmu however
>> during the process of installation, I had lost libcurl3 to libcurl4
>> which led removal of Viber application. (I don't know what I did.)
>>
>> I had installed Viber as described in
>>
>> https://forums.bunsenlabs.org/viewtopic.php?pid=71634#p71634
>>
>>
>> Now I cannot install the viber because lack of the libcurl3
>>
>> How can I install back libcurl3?
>>
>>
>> M.W.C.
> 
> As I asked in the other thread how did you get libcurl4 installed?
> Did you touch your apt sources?
> 
> you can see what depends on libcurl like this
> 
> $ apt-cache rdepends --installed libcurl3
> libcurl3
> Reverse Depends:
>   virtualbox-5.2
>  |flashplayer-mozilla
> 
> 
> Just put libcurl4 instead of libcurl3.
> 
> I guess you changed the apt sources. In that case go back to stable
> (stretch), purge libcurl4 and install libcurl3
> 
> 
> regards
> 
> 



Thank you.

I did find that when I installed "cmake", libcurl3 was replaced with
libcurl4. So I removed "cmake", run apt-cache rdepends libcurl4 and
nothing was dependent on that so I removed it, and downloaded libcurl3
and re-installed it.

Now the problem with viber is gone.

Thank you. I will have to dig more about CdEmu.

M.W.C.

Re: using a Windows 7 disk image with KVM?

2018-09-21 Thread Alexander V. Makartsev 
On 21.09.2018 09:55, Chris wrote:
> On Thu, 20 Sep 2018 12:28:31 +0500
> Alexander V. Makartsev wrote:
>
>> Depending on source of your disk image I'd try to restore windows
>> bootloader (bcdboot) inside disk image and see if that helps. You can
>> do it from installation media without proceeding with repair
>> procedure. Press Shift-F10 to invoke CMD and from there you can check
>> if your disk image is ok, all partitions are intact (via
>> diskpart.exe) and restore bootloader inside mounted Windows' boot
>> partition (via bcdboot.exe).
> Another option is Mini Tool Partition Wizard [1] to repair Windows
> bootloaders. It seems the onboard tools, especially bcdboot.exe, can't
> fix it always.
>
> Chris
>
>
>
>
>
> [1] https://www.partitionwizard.com/free-partition-manager.html
>
Thanks, but I've used bcdboot for many years on thousands of computers
and it never failed me.

I always prefer to do the job with the tools that are native to OS.

-- 
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀ 
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Re: Backport of Qt issue(s)?

2018-09-21 Thread Danny Smit 
On Fri, Sep 21, 2018 at 11:37 AM  wrote:
> I'm myself (more or less) a Qt analphabet, so take with two fists of salt,
> but I'd consider including
>
>   https://lists.debian.org/debian-qt-kde/
>
> ...you might find more knowledgeable folks there.

Thanks!
I just copied the question to that mailing list.

-- 
Regards,
Danny Smit

Re: Lançado o Debian 9 "Stretch"

2018-09-21 Thread Adriano Rafael Gomes 

On Fri, Sep 21, 2018 at 08:16:57AM -0300, Gilberto F da Silva wrote:

 Durante um tempo
 não havia firefox para o Debian, havia o mesmo programa compilado
 com outro nome.


Em resumo, havia incompatibilidades entre a DFSG, a política de uso de 
marcas da Mozilla e as licenças dos logotipos, segundo o artigo em 
https://lwn.net/Articles/676799/



 Todas as
 outras listas das quais participo vêm com o cabeçalho no formato:
 [NOME DA LISTA] Assunto.  A lista do Debian não usa isso e as
 mensagens acabam perdidas no meio do lixo de email.


Também é possível filtrar pelo cabeçalho List-Id.


signature.asc
Description: PGP signature

Re: Recommandations pour un PC portable "réparable"

2018-09-21 Thread Olivier 
@Pierre L.:
Le modèle Dell Latitude 7390 me plait pas mal.
Sa doc indique clairement ses possibilités de réparation.

Slts

Le jeu. 20 sept. 2018 à 20:19, Pierre L.  a écrit :

> Alors, un choix a été fait ?
>
>
>
> Le 10/09/2018 à 12:52, Olivier a écrit :
> > J'aimerai remplacer mon propre PC portable et sacrifierai très
> > volontiers quelques millimètres (15 mm d'épaisseur en plus ne me
> > dérageraient pas) et grammes contre une machine dont je pourrai
> > moi-même remplacer les principales pièces (batterie, écran, disque).
> >
> > J'avais repéré la machine HP Elite x2 mais la batterie de sa dernière
> > mouture 1013 G3 n'est plus échangeable :-((( !
> >
> > Auriez-vous une recommandation ?
> >
>
>
>

Re: Why does Debian allow all incoming traffic by default

2018-09-21 Thread Henning Follmann 
On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> Hi,
> 
> I am using Debian and the recently I learned that a standard Debian
> installation allows all 3 types of traffics especially incoming by default.
> I know I can easily use iptables to tighten the rules but I wanted to know
> the reasons behind the choice of this default behaviour and if it makes the
> system more vulnerable? I tried searching on the Internet but did not get
> any satisfactory explanation. It will be helpful if anybody knows the
> answers to my questions or can redirect me to a helpful document.
> 

The answer is easy. Because Debian is awesome (TM). So are most other
distributions.
Run a netstat -t -l and you will see there is nothing listening. So what is
the point of running a firewall?
By default no services (ipp might be the one exception) are running and
listening. So that's your security, just don't run what you don't need.


-H



-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Compatibilidade do Debian

2018-09-21 Thread Adriano Rafael Gomes 

On Fri, Sep 21, 2018 at 11:36:16AM +, Paulo Alexandre A. P. de Oliveira 
wrote:
Alguém sabe se o Debian é compatível ou se existe alguma página acerca 
do Debian e o Laptop Asus Zenbook ux430ua e a sua compatíbilidade com 
o sistema?


Paulo, respondendo de forma genérica: existe um esforço para documentar 
como instalar, configurar e usar o Debian em algum hardware específico 
que talvez possa te ajudar: https://wiki.debian.org/InstallingDebianOn


signature.asc
Description: PGP signature

Re: Lançado o Debian 9 "Stretch"

2018-09-21 Thread Ya'aqov Ben Nun 
Caro Gilberto.

Quer nos ajudar a melhorar o Projeto Debian?
Não só é sempre bem-vindo como também estamos sempre precisando de ajuda.
Apenas alguns esclarecimentos. O Projeto Debian é formado por uma grande
comunidade, é feito por desenvolvedores, usuários, divulgadores,
tradutores, só citando alguns. O Debian em si mesmo, não se faz sozinho, é
feito por pessoas, que assim como você, ou eu , ou qualquer outra comete
erros, faz escolhas e colocam tudo a funcionar.

Tenha sempre o pensamento crítico, faz muito bem! No entanto, poderia
direcionar as críticas de um bom modo e nos devidos lugares. É uma boa
conduta para ser ouvido e, melhor que isso, poder ajudar a comunidade.

Pense nisso e, mais uma vez, seja bem-vindo para nos ajudar.

Compatibilidade do Debian

2018-09-21 Thread Paulo Alexandre A. P. de Oliveira 
Alguém sabe se o Debian é compatível ou se existe alguma página acerca 
do Debian e o Laptop Asus Zenbook ux430ua e a sua compatíbilidade com o 
sistema?


Desde já obrigado, e um Abraço :)

Re: Lançado o Debian 9 "Stretch"

2018-09-21 Thread Gilberto F da Silva 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, Sep 20, 2018 at 08:29:11PM -0300, Samuel Henrique wrote:

> Geralmente não vale a pena explicitar uma point release e a única
> utilidade prática dela é a ISO atualizada, os updates do sistema em sí
> já vem antes da point release sair se você tem o proposed-updates
> habilitado, o que é o caso de uma instalação padrão.

  Eu vejo lá no distrowatch anuncio até de release candidate mas não
  vejo o que você chamam de point release do Debian.

  Gostando ou não do Debian, é uma distribuição importante. Se o
  Debian desaparecer, a quantidade de distribuições vai ficar bem
  ralinha. Quase tudo é baseado no Debian.


- -- 

Stela dato:2.458.382,970  Loka tempo:2018-09-21 08:17:34 Vendredo 
- -==-
Um gato preto cruzando o seu caminho significa que o bicho está indo 
para algum lugar.
-- Groucho Marx
-BEGIN PGP SIGNATURE-
Comment: +-+
Comment: !   Gilberto F da Silva - ICQ 136.782.571 !
Comment: !gfs1...@gmx.net - Slackware64 14.2   !
Comment: +-+

iEYEARECAAYFAluk1PkACgkQJxugWtMhGw7zngCgyjNJJQ6ys+v/mT2lB7k+CSVV
mVkAoNrKhgjP3nzxHi8l7RVrSPxYDLUp
=yumS
-END PGP SIGNATURE-

Re: Lançado o Debian 9 "Stretch"

2018-09-21 Thread Gilberto F da Silva 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, Sep 20, 2018 at 08:29:11PM -0300, Samuel Henrique wrote:
> Olá,
> 
> > > http://ftp.debian.org/debian/doc/dedication/dedication-9.0.pt_BR.txt
> >
> >
> >   Esses dias fui baixar uma versão do Debian.  Notei que estava na
> >   versão 9.5 Por alguma razão esdrúxula típica do Debian, as versões
> >   fracionadas não são anunciadas no distrowatch.
> 
> O que te faz achar que isso é devido a "alguma coisa esdrúxula típica do
> Debian"? Até onde sei o Debian não interfere em como o distrowatch
> funciona, eles que decidem como descrever a release lá.

  O pessoal do Debian implica com alguns detalhes. Durante um tempo
  não havia firefox para o Debian, havia o mesmo programa compilado
  com outro nome.

  Eu tenho uma certa antipatia pelo Debian.  De tempos em tempos eu
  tento ser racional, deixar isso de lado e usar a distribuição. Se
  alguma coisa foi empacotada para Linux, há grandes chances de
  ter sido feito para o Debian.

  A lista da distribuição, no entanto, sempre me aborrece.  Todas as
  outras listas das quais participo vêm com o cabeçalho no formato:
  [NOME DA LISTA] Assunto.  A lista do Debian não usa isso e as
  mensagens acabam perdidas no meio do lixo de email.
  
- -- 

Stela dato:2.458.382,956  Loka tempo:2018-09-21 07:56:44 Vendredo 
- -==-
Deus deve amar os homens medíocres. Fez vários deles.
-- Abraham Lincoln
-BEGIN PGP SIGNATURE-
Comment: +-+
Comment: !   Gilberto F da Silva - ICQ 136.782.571 !
Comment: !gfs1...@gmx.net - Slackware64 14.2   !
Comment: +-+

iEYEARECAAYFAluk0ykACgkQJxugWtMhGw7T/wCfYWvn6y9wvK1ajkWW7SZtuu7L
kkAAn2ypk5+wFR9pL11D/E5pd9x02nTs
=lNh9
-END PGP SIGNATURE-

Re: libcurl3 and libcurl4

2018-09-21 Thread deloptes 
A_Man_Without_Clue wrote:

> Hi all,
> 
> As I was asking in another topic, I was trying to set up CdEmu however
> during the process of installation, I had lost libcurl3 to libcurl4
> which led removal of Viber application. (I don't know what I did.)
> 
> I had installed Viber as described in
> 
> https://forums.bunsenlabs.org/viewtopic.php?pid=71634#p71634
> 
> 
> Now I cannot install the viber because lack of the libcurl3
> 
> How can I install back libcurl3?
> 
> 
> M.W.C.

As I asked in the other thread how did you get libcurl4 installed?
Did you touch your apt sources?

you can see what depends on libcurl like this

$ apt-cache rdepends --installed libcurl3
libcurl3
Reverse Depends:
  virtualbox-5.2
 |flashplayer-mozilla


Just put libcurl4 instead of libcurl3.

I guess you changed the apt sources. In that case go back to stable
(stretch), purge libcurl4 and install libcurl3


regards

Re: CdEmu

2018-09-21 Thread deloptes 
A_Man_Without_Clue wrote:

> 
> 
> On 09/21/2018 02:28 AM, deloptes wrote:
>> A_Man_Without_Clue wrote:
>> 
>>> I am trying to run CdEmu on buster but unable to do so.
>>>
>>> I get
>>>
>>> "ERROR: Failed to connect to CDEmu daemon: g-dbus-error-quark: Error
>>> calling StartServiceByName for net.sf.cdemu.CDEmuDaemon:
>>> GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process
>>> net.sf.cdemu.CDEmuDaemon exited with status 255 (25)
>>> "
>>> Also, .cdemu-daemon.log
>>>
>>> Starting CDEmu daemon with following parameters:
>>> - num devices: 1
>>> - control device: /dev/vhba_ctl
>>> - audio driver: default
>>> - bus type: session
>>>
>>> cdemu0: Kernel I/O: failed to open control device /dev/vhba_ctl: No such
>>> file or directory!
>>> cdemu: Daemon: failed to start device #0!
>>> cdemu: Daemon: failed to create device!
>>> Daemon initialization and start failed!
>>>
>>>
>>> I installed from deb-multimedia
>>>
>>>
>>> Can anybody suggest to fix?
>> 
>> It looks like you are missing some kernel support. On top the dbus might
>> be resulting from this or another issue.
>> 
>> https://cdemu.sourceforge.io/about/vhba/
>> 
>> Look like you need to read a bit more documentation ;-)
>> 
>> regards
>> 
> 
> Thanks for reply but this had lead me to deeper shit.
> 
> Forget it. I have given up. I don't want to screw whole system up.
> During the process, I lost libcurl3 and I lost the application that
> depends on it. CrapNow I cannot get it back because of
> libcurl4...don't know what to do anymore.
> 
> 
> Thanks anyway.
> 
> M.W.C.

Never mind. Just for the record libcurl3 is default in debian stretch. How
did you get libcurl4 installed? And why?
you should take the version matching your library set.

$ dpkg -l | grep curl
ii  libcurl3:amd64  7.52.1-5+deb9u7

I did not have time to go through the documentation, but it looks like you
need a kernel driver to use this CD emulation. I was thinking when you have
the driver it would work.
We usually do all the work in virutal machine or chrooted environment, where
you can easily revert back and not impact your working environment.

regards

libcurl3 and libcurl4

2018-09-21 Thread A_Man_Without_Clue 
Hi all,

As I was asking in another topic, I was trying to set up CdEmu however
during the process of installation, I had lost libcurl3 to libcurl4
which led removal of Viber application. (I don't know what I did.)

I had installed Viber as described in

https://forums.bunsenlabs.org/viewtopic.php?pid=71634#p71634


Now I cannot install the viber because lack of the libcurl3

How can I install back libcurl3?


M.W.C.

Re: Print with mupdf?

2018-09-21 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, Sep 21, 2018 at 05:30:22AM -0400, Gene Heskett wrote:
> On Friday 21 September 2018 03:05:46 to...@tuxteam.de wrote:
> > What's wrong with gv? [...]

> Probably a good question Tomas, but I've no recent experience with it. 
> Installed now, and looking for a pdf to look at, I found the phd thesis 
> of Sonja MacFarland, dated in 2001, that probably covers some of the 
> math in the LinuxCNC trajectory planner, which was last updated about a 
> year ago [...]

This sounds interesting in itself. Care to share a link?

> I see it has "print all", and "print-marked" options that use lpr, so one 
> would have to setup some defaults to make it use the correct printer, 
> and printer profile in a more than one printer environment. Getting 
> that /right/ might take some experimentation.

Yes, but that'd be the Right Unix Way (TM), not every app bringing along
its little world and trampling on other's front gardens >;-)

> It properly handled the graphics symbols commonly used in math, but of 
> what I looked at, no color graphics, so let me look at something I am 
> quite familiar with. But I wasn't able to navigate its broken directory 
> reader in its open selector to gain access to those docs. Thats a 
> showstopper. The slider that should allow one to scan a directory tree 
> alternates between a small marker one can drag with a mouse, but on a 
> second drag attempt it jumps to full height of the buttons space, and 
> allows no more scanning of the /usr/share/doc directory while still in 
> the a's. Total show stopper here if it's incapable of navigating a 
> directory with thousands of entries.

I'll do some research on gv if nobody bears me to it. Gv builds on ghostscript
and /should/ do color (famous last words)

cheers
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlukwPQACgkQBcgs9XrR2kaohwCfcNF0dqqYcNLe6nudK9mRPCGY
4BQAn0cnkoIikoSM1xWdzxOjuXsJ1G4a
=RR44
-END PGP SIGNATURE-

Re: Backport of Qt issue(s)?

2018-09-21 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, Sep 21, 2018 at 11:19:14AM +0200, Danny Smit wrote:
> Hi all,

[...]

> Also, please let me know if there is a better mailing list to ask the 
> question.

I'm myself (more or less) a Qt analphabet, so take with two fists of salt,
but I'd consider including

  https://lists.debian.org/debian-qt-kde/

...you might find more knowledgeable folks there.

Cheers and thanks for fixing the world :-)
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAluku7wACgkQBcgs9XrR2kYiIACfRomGmCeySOOKUTfN9TBiT3gD
DbwAnRRh6q39TdWfTb9APK71VdLCE/13
=k93h
-END PGP SIGNATURE-

Re: Print with mupdf?

2018-09-21 Thread Gene Heskett 
On Friday 21 September 2018 03:05:46 to...@tuxteam.de wrote:

> On Thu, Sep 20, 2018 at 12:15:40PM -0400, Gene Heskett wrote:
>
> [...]
>
> > Considering the src, and licenseing, thats not surprising.
> > ghostscript was written to get away from that, was gpl'd but no
> > support from Artifex, but has since been relegated to print only
> > functions, stripping out what was an excellent at the time 20 years
> > back, a truely excellent screen renderer and a page file at a time
> > printer driver [...]
>
> What's wrong with gv? That's ghostview's younger sister, and (as
> ghostview) a GUI around ghostscript's X backend. Displays pdf and
> postscript fine around here.
>
Probably a good question Tomas, but I've no recent experience with it. 
Installed now, and looking for a pdf to look at, I found the phd thesis 
of Sonja MacFarland, dated in 2001, that probably covers some of the 
math in the LinuxCNC trajectory planner, which was last updated about a 
year ago.

Very interesting reading about properly driving a robot for both smooth 
motions and minimum wasted time. Several hundred pages of method and 
math that exceeds my math abilities.

I see it has "print all", and "print-marked" options that use lpr, so one 
would have to setup some defaults to make it use the correct printer, 
and printer profile in a more than one printer environment. Getting 
that /right/ might take some experimentation.

It properly handled the graphics symbols commonly used in math, but of 
what I looked at, no color graphics, so let me look at something I am 
quite familiar with. But I wasn't able to navigate its broken directory 
reader in its open selector to gain access to those docs. Thats a 
showstopper. The slider that should allow one to scan a directory tree 
alternates between a small marker one can drag with a mouse, but on a 
second drag attempt it jumps to full height of the buttons space, and 
allows no more scanning of the /usr/share/doc directory while still in 
the a's. Total show stopper here if it's incapable of navigating a 
directory with thousands of entries.


> Cheers
> -- t
Take care Tomas.

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Backport of Qt issue(s)?

2018-09-21 Thread Danny Smit 
Hi all,

I'm running into two (old) Qt bugs on Debian 9.5. Preferably I'd like
to see them fixed upstream, so that the whole world can benefit from
the changes, instead of
applying patches locally. I'm willing to send pull requests of needed.

I noticed by default Debian uses Qt 5.7, which isn't an LTS Qt version
and not supported by Qt itself anymore. Will the Debian community
(itself) do backports for this version? Can I submit (pull) requests
in order to get bugfixes backported to the Qt that is provided by
Debian? And is likely that my request for such backports will even get
accepted?

It currently concerns the following two issues:
https://bugreports.qt.io/browse/QTBUG-37641 (not yet fixed, I'm also
trying to get it fixed upstream)
https://bugreports.qt.io/browse/QTBUG-48344 (fixed in Qt 5.11)

Also, please let me know if there is a better mailing list to ask the question.

--
Kind regards,
Danny Smit

Beignet et fwupd

2018-09-21 Thread Jean-Marc 
salut la liste,

Dans une de mes lectures quotidiennes, j'ai aperçu deux choses intéressantes.

1/ beignet (https://packages.debian.org/beignet-opencl-icd)
Ou plus exactement beignet-opencl-icd qui est une bibliothèque OpenCL pour 
processeurs graphiques Intel ;
Description du paquet :
 Ce paquet fournit la bibliothèque partagée pour l'implémentation d'Intel
 qui prend en charge les GPU intégrés des processeurs Intel Ivy Bridge
 (ix-3xxx), Bay Trail et suivants.

2/ LVFS et fwupd (https://packages.debian.org/fwupd)
fwupd est un daemon permettant la mise à jour des firmwares.

Utilisez-vous ces paquets ?

Bonne journée à tous,

Jean-Marc 
https://6jf.be/keys/ED863AD1.txt


pgpal_yE0pgV9.pgp
Description: PGP signature

Re: installation linux sur un "netbook" asus

2018-09-21 Thread Bernard Schoenacker 


- Mail original - 

> De: "Eric Degenetais" 
> À: "Bernard Schoenacker" 
> Cc: "ML Debian User French" 
> Envoyé: Vendredi 21 Septembre 2018 10:08:11
> Objet: Re: installation linux sur un "netbook" asus

> Le ven. 21 sept. 2018 01:40, Bernard Schoenacker <
> bernard.schoenac...@free.fr > a écrit :

> Cordialement

> Éric Dégenètais

bonjour,

désolé, mais le bios en question ne laisse pas beaucoup
de choix

merci
slt
bernard

Re: sortie audio sur un netbook

2018-09-21 Thread Bernard Schoenacker 



- Mail original -
> De: "Bernard Schoenacker" 
> À: "Liste Debian" 
> Envoyé: Vendredi 21 Septembre 2018 10:02:28
> Objet: sortie audio sur un netbook
> 
> bonjour,
> 
> j'ai un problème de son sur le netbook et je ne trouve
> pas la solution
> 
> lspci -nn
> 00:00.0 Host bridge [0600]: Intel Corporation Atom Processor
> Z36xxx/Z37xxx Series SoC Transaction Register [8086:0f00] (rev 0f)
> 00:02.0 VGA compatible controller [0300]: Intel Corporation Atom
> Processor Z36xxx/Z37xxx Series Graphics & Display [8086:0f31] (rev
> 0f)
> 00:1a.0 Encryption controller [1080]: Intel Corporation Atom
> Processor Z36xxx/Z37xxx Series Trusted Execution Engine [8086:0f18]
> (rev 0f)
> 00:1d.0 USB controller [0c03]: Intel Corporation Atom Processor
> Z36xxx/Z37xxx Series USB EHCI [8086:0f34] (rev 0f)
> 00:1f.0 ISA bridge [0601]: Intel Corporation Atom Processor
> Z36xxx/Z37xxx Series Power Control Unit [8086:0f1c] (rev 0f)
> 
> attention c'est indiqué hdmi, et ça me fait une belle jambe
> 
> pour pavucontrol : sortie factice
> 
> pour alsamixer j'ai :
> 
> 
> -  (par défaut)
> 0  bytcr-rt5640
> 1  Intel HDMI/DP LPE Audio
> 
> 
> /proc/asound/cards
> 
> 0 [bytcrrt5640]: bytcr-rt5640 - bytcr-rt5640
>   bytcr-rt5640-mono-spk-in1-mic
>  1 [Audio  ]: HdmiLpeAudio - Intel HDMI/DP LPE Audio
>   Intel HDMI/DP LPE Audio
> 
> 
> 
> aplay -l
>  Liste des Périphériques Matériels PLAYBACK 
> carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 0: Baytrail Audio
> (*) []
>   Sous-périphériques: 1/1
>   Sous-périphérique #0: subdevice #0
> carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 1: Deep-Buffer
> Audio (*) []
>   Sous-périphériques: 1/1
>   Sous-périphérique #0: subdevice #0
> carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 0:
> HdmiLpeAudio [Intel HDMI/DP LPE Audio]
>   Sous-périphériques: 1/1
>   Sous-périphérique #0: subdevice #0
> carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 1:
> HdmiLpeAudio [Intel HDMI/DP LPE Audio]
>   Sous-périphériques: 1/1
>   Sous-périphérique #0: subdevice #0
> 
> 
> 
> pour l'instant j'ai une piste :
> 
> https://www.linuxquestions.org/questions/linux-laptop-and-netbook-25/bytcr-rt5640-can%27t-get-sound-to-work-4175635564/
> 
> ce qui est demandé ( blacklist) : snd_hdmi_lpe_audio
> 
> je n'ai pas compris où faut il l'indiquer
> 
> mais c'est à voir ...
> 
> merci
> slt
> bernard
> 


bonjour,

j'ai trouvé dans la doc, la façon de délester un module :

echo  blacklist snd_hdmi_lpe_audio >>/etc/modprobe.d/blacklist.conf

merci
slt
bernard

Re: installation linux sur un "netbook" asus

2018-09-21 Thread Eric Degenetais 
Le ven. 21 sept. 2018 01:40, Bernard Schoenacker <
bernard.schoenac...@free.fr> a écrit :

>
> bonjour,
>
bonjour,

>
> merci de s'être donné tant de peine ...
>
> je n'ai pas de possibilité de sélectionner le mode entre uefi/legacy
>
> en dormant un peut, j'ai trouvé la solution qui consiste à désactiver le
> boot
> sur le disque dur windows et là j'ai accès à la clé usb
>
> N'y a t'il pas des réglages de l'ordre des périphériques bootables ?
Si désactiver le boot sur disque interne marche, ça sent le disque trouvé
en premier, et dans ce cas il devrait y avoir un moyen de changer l'ordre
de recherche.


> merci pour tout
>
> slt
> bernard
>
> Cordialement

Éric Dégenètais

Re: using a Windows 7 disk image with KVM?

2018-09-21 Thread Gary Dale 

On 2018-09-21 12:53 AM, Chris wrote:

On Fri, 21 Sep 2018 00:13:28 -0400
Gary Dale wrote:


I'm pleased to report that with the firmware change, the new image
booted fine first try! Now I just need to do a little tuning.

Which tool did you use to create the disk image? Was it a physical
machine before?

Did you have to "repair" the windows installation before booting in KVM?

Chris

BTW: before making the image, I did run MergeIDE on the physical 
machine. It is probably required since Windows hates being moved to new 
hardware.

sortie audio sur un netbook

2018-09-21 Thread Bernard Schoenacker 
bonjour,

j'ai un problème de son sur le netbook et je ne trouve
pas la solution

lspci -nn
00:00.0 Host bridge [0600]: Intel Corporation Atom Processor Z36xxx/Z37xxx 
Series SoC Transaction Register [8086:0f00] (rev 0f)
00:02.0 VGA compatible controller [0300]: Intel Corporation Atom Processor 
Z36xxx/Z37xxx Series Graphics & Display [8086:0f31] (rev 0f)
00:1a.0 Encryption controller [1080]: Intel Corporation Atom Processor 
Z36xxx/Z37xxx Series Trusted Execution Engine [8086:0f18] (rev 0f)
00:1d.0 USB controller [0c03]: Intel Corporation Atom Processor Z36xxx/Z37xxx 
Series USB EHCI [8086:0f34] (rev 0f)
00:1f.0 ISA bridge [0601]: Intel Corporation Atom Processor Z36xxx/Z37xxx 
Series Power Control Unit [8086:0f1c] (rev 0f)

attention c'est indiqué hdmi, et ça me fait une belle jambe

pour pavucontrol : sortie factice

pour alsamixer j'ai :


-  (par défaut)
0  bytcr-rt5640
1  Intel HDMI/DP LPE Audio 


/proc/asound/cards

0 [bytcrrt5640]: bytcr-rt5640 - bytcr-rt5640
  bytcr-rt5640-mono-spk-in1-mic
 1 [Audio  ]: HdmiLpeAudio - Intel HDMI/DP LPE Audio
  Intel HDMI/DP LPE Audio



aplay -l
 Liste des Périphériques Matériels PLAYBACK 
carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 0: Baytrail Audio (*) []
  Sous-périphériques: 1/1
  Sous-périphérique #0: subdevice #0
carte 0: bytcrrt5640 [bytcr-rt5640], périphérique 1: Deep-Buffer Audio (*) []
  Sous-périphériques: 1/1
  Sous-périphérique #0: subdevice #0
carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 0: HdmiLpeAudio [Intel 
HDMI/DP LPE Audio]
  Sous-périphériques: 1/1
  Sous-périphérique #0: subdevice #0
carte 1: Audio [Intel HDMI/DP LPE Audio], périphérique 1: HdmiLpeAudio [Intel 
HDMI/DP LPE Audio]
  Sous-périphériques: 1/1
  Sous-périphérique #0: subdevice #0



pour l'instant j'ai une piste :

https://www.linuxquestions.org/questions/linux-laptop-and-netbook-25/bytcr-rt5640-can%27t-get-sound-to-work-4175635564/

ce qui est demandé ( blacklist) : snd_hdmi_lpe_audio

je n'ai pas compris où faut il l'indiquer

mais c'est à voir ...

merci
slt
bernard

Re: using a Windows 7 disk image with KVM?

2018-09-21 Thread Gary Dale 

On 2018-09-21 12:53 AM, Chris wrote:

On Fri, 21 Sep 2018 00:13:28 -0400
Gary Dale wrote:


I'm pleased to report that with the firmware change, the new image
booted fine first try! Now I just need to do a little tuning.

Which tool did you use to create the disk image? Was it a physical
machine before?

Did you have to "repair" the windows installation before booting in KVM?

Chris

I used dd after booting the physical Windows machine using 
systemrescuecd. I mounted a share on the hypervisor machine then did "dd 
if=/dev/sda of=/.raw


When that finished, I ssh'd to the hypervisor and moved the raw file to 
my (unshared) folder of virtual machines.


Finally from my office workstation, I connected to the hypervisor and 
created the new VM from the existing disk image using the UEFI boot 
firmware.


And that was it, almost. I did have to do a little trickery to get it do 
switch to virtio drivers from IDE. It's a chicken & egg situation - you 
need a device that uses the virtio driver before you can install it in 
Windows, so I attached another disk image to use virtio while my 
original still used IDE. After browsing to the correct folder on the 
virtio CD image, I installed the virtio driver then shut down the VM. 
Then I set the boot drive to use virtio and disconnected the other disk 
image. This way Windows has the virtio driver it needs for the boot disk.


You might be able to do this using the repair tools as well but this 
seemed easier. Of course, there is no requirement to use virtio drivers, 
but the speed increase is noticeable.

Re: Print with mupdf?

2018-09-21 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, Sep 20, 2018 at 12:15:40PM -0400, Gene Heskett wrote:

[...]

> Considering the src, and licenseing, thats not surprising. ghostscript 
> was written to get away from that, was gpl'd but no support from 
> Artifex, but has since been relegated to print only functions, stripping 
> out what was an excellent at the time 20 years back, a truely excellent 
> screen renderer and a page file at a time printer driver [...]

What's wrong with gv? That's ghostview's younger sister, and (as
ghostview) a GUI around ghostscript's X backend. Displays pdf and
postscript fine around here.

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlukmEoACgkQBcgs9XrR2kZTXgCZATZpj8v7R+xXxd0Zk3CUdXDG
5FcAn2Sy59UQc5oTX4WmbSS+p4L64w7h
=kgOP
-END PGP SIGNATURE-

[SOLVED] Re: Yet another UEFI/BIOS question

2018-09-21 Thread steve 

Le 20-09-2018, à 20:25:26 +0200, Pascal Hambourg a écrit :


You don't need to convert anything. UEFI can use DOS partition tables.


I know since that's what I'm currently doing.


Doing what ?


Using msdos partition tables.

I am not talking about you doing anything. I am saying that native 
UEFI boot (NOT legacy boot) can use a disk with a DOS partition table, 
provided that it has an EFI system partition (Id 0xef).


Isn't it ef00?


But as mentioned in my
first message, I suspect the ACPI issues arising during boot time might
be linked to that fact. So that's why I'd like to try to be 100% UEFI
compliant.


Linked to what fact ? That the disks have DOS partition tables ? No 
way ACPI cares about that.


That's what I confirmed succeeding in my entreprise :)

Because what I finally did is install a fresh Debian on another device
(using GPT) and the ACPI errors still were there.

I used the opportunity of having another Debian to convert my sda disk
to GPT tables, and change the BIOS setting to UEFI only (just for the
sake of it). So all my disk have a GPT partition table except for the 3
ones for the RAID1 array. Not sure whether I can use the same
manipulations to convert them to GPT also. But since they work fine, I
might leave it as it is.

I used http://www.linuxtopic.com/2017/08/convert-mbr-to-gpt.html to help
me, might be useful to others.

Thanks for time taken to answer.

Best,
Steve

Re : Impossible de booter en mode graphique

2018-09-21 Thread nicolas . patrois 
Le 20/09/2018 23:02:18, Bernard Schoenacker a écrit :

> il faut supprimer tout ce qui est nvidia et utiliser 
> le mode vesa (xserver-xorg-video-vesa)

Heu, non.
Je pense qu’il lui est arrivé ce qui m’est arrivé il y a quelques jours : le 
pilote nVidia empaqueté par Debian merdouillait à la configuration après 
installation.
J’ai donc quitté la session, tenté le bazar sans X, en tty pur, pareil.
En fait, mon noyau (4.3.0) était trop vieux. Je suis passé au 4.17.0 (pas au 
4.18.0 qui plante carrément au démarrage et noie la console sous un spam 
continu de messages) et tout est passé après reconfiguration en tty.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908597

nicolas patrois : pts noir asocial
-- 
RÉALISME

M : Qu'est-ce qu'il nous faudrait pour qu'on nous considère comme des humains ? 
Un cerveau plus gros ?
P : Non... Une carte bleue suffirait...