iotop not working

[Rob McCathie]

Hi List,

I run Stretch, I've just installed iotop and when I try to run it I get 
this:


# iotop
Traceback (most recent call last):
  File "/usr/sbin/iotop", line 17, in 
    main()
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 620, in main
    main_loop()
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 610, in 
    main_loop = lambda: run_iotop(options)
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 508, in run_iotop
    return curses.wrapper(run_iotop_window, options)
  File "/usr/lib/python3.5/curses/__init__.py", line 94, in wrapper
    return func(stdscr, *args, **kwds)
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 501, in 
run_iotop_window

    ui.run()
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 155, in run
    self.process_list.duration)
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 434, in 
refresh_display

    lines = self.get_data()
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 415, in get_data
    return list(map(format, processes))
  File "/usr/lib/python3/dist-packages/iotop/ui.py", line 388, in format
    cmdline = p.get_cmdline()
  File "/usr/lib/python3/dist-packages/iotop/data.py", line 292, in 
get_cmdline

    proc_status = parse_proc_pid_status(self.pid)
  File "/usr/lib/python3/dist-packages/iotop/data.py", line 196, in 
parse_proc_pid_status

    key, value = line.split(':\t', 1)
ValueError: not enough values to unpack (expected 2, got 1)


Any help appreciated.


--
Regards,

Rob McCathie

Re: Looking for advice on tools (or libraries) for unsupervised, bulk symmetric encryption/decryption of files

[Celejar]

On Fri, 11 Jan 2019 21:45:57 +
Jonathan Dowland  wrote:

> On Wed, Jan 09, 2019 at 10:18:47PM -0500, Celejar wrote:
> >The standard encryption technology for linux is LUKS. It works on the
> >block device level, not the file level.
> 
> LUKS would be no good if the user wants to move/copy/share the encrypted
> files, encrypted, elsewhere: they didn't say so explicitly but that's
> the impression I got reading their message.

You're probably right; I realized after I wrote my reply (and read some
of the other replies) that my solutions likely weren't really what the
OP was looking for.

> >I believe that the most commonly used software for file level
> >encryption is EncFS. I haven't really used it much, and can't speak to
> >its long term stablity.
> 
> EncFS should not be used for any new file encryption project, IMHO.
> There was the following report in 2014:
> https://defuse.ca/audits/encfs.htm
> This is referenced in the NEWS file in the EncFS package
> https://salsa.debian.org/debian/encfs/blob/debian/sid/debian/NEWS
> 
> Both the report and the NEWS file are 5 years sold so I am not sure of
> its current status but I'd want to seek positive assurance.

Huh - good to know. But I was wondering, along similar (but less
informed) lines, how good some of the other suggestions were, e.g.
ccrypt. I know very little about ccrypt, but has it even been
audited at all? Is it sufficiently widely used that any vulnerablities
or misimplementations of the sort discovered by the EncFS audit would
have been looked for or turned up?

Celejar

Re: Migrate Stretch to New UEFI Build?

[Patrick Bartek]

On Fri, 11 Jan 2019 21:11:53 -0500
Michael Stone  wrote:

> On Fri, Jan 11, 2019 at 04:56:07PM -0800, Patrick Bartek wrote:
> >On Fri, 11 Jan 2019 07:13:30 -0500 Michael Stone  wrote:  
> >> On Thu, Jan 10, 2019 at 03:53:11PM -0800, Patrick Bartek wrote:  
> >> >Plus, I
> >> >want to have a common-shared  /boot partition for possible future
> >> >upgrades or expansions.  
> >>
> >> This is a really bad idea, and will cause far more trouble than it can
> >> possibly save in the future. You do need one EFI partition per system,
> >> and you can have different directories there for different OSs.
> >>  
> >
> >You misunderstood as I was too general in my post about partitioning.
> >
> >I WILL have a dedicated EFI System Partition (ESP) formatted FAT32
> >marked with the "boot" flag AS WELL AS a dedicated partition with a
> >mount point of /boot  /boot/efi will be the mount point for the ESP. As
> >far as I've read UEFI booting firmware, etc. does not require this.
> >It's a Linux recommendation.  But I could be wrong: UEFI/GPT is new to
> >me.  
> 
> I'm not really sure what you're trying to say here. Yes, the UEFI spec

The reason I wanted a dedicated boot partition was related to possible
future implementations, if needed, of encryption and LVM.  Now, after
more research, I've concluded I have no need for LVM, but encryption
is a possibility in the future.  Need more research.  Only played
with it years ago on an old notebook, but the installer set it all up.  


> doesn't talk about where to put the efi partition in a linux system, 
> because it isn't a linux spec. In theory you can put it anywhere or 
> nowhere (it's not used in day-to-day operation at all). But, if you 
> intend to put grub on it using the normal install process, it needs to 
> be in /boot/efi or the install won't work. (By default it will be in 
> /boot/efi/EFI/debian.) It is possible to manually put it somewhere else, 
> or to use a directory other than debian. I'm not sure why you would 
> decide to mount it elsewhere, as I can't see any benefit to doing so.
   ^^^

I didn't.  Wanted dedicated ESP mounted on /boot/efi as recommended.
And wanted /boot to be a separated partition for the reason noted
above, and not a directory in /.

> Putting grub in a directory other than "EFI/debian" does allow for 
> multiple OSs to have their own boot loaders which can be started from 
> the UEFI boot menu. (E.g., you could have EFI/stretch, EFI/centos7, 
> EFI/sid, etc.) In this case I would still keep the efi partition mounted 
> on /boot/efi to reduce long-term confusion. I'd also add new directories 
> instead of trying to keep multiple versions of debian from overwriting 
> the debian directory.

I have been unable to find so far any detailed documentation on how to
manually set up a Linux EFI booting system -- single or mulit-boot.
What goes where. Even what to use. Etc. 

> In addition to the efi partition, where the boot loader goes, you also 
> need a /boot partition where the kernel and the grub menu configuration 
> go. (Actually, in most cases this does not need to be a separate 
> partition, but you do need a /boot directory.) You talk about sharing 
> the /boot partition and this is what I said was a really bad idea: have 
> a separate /boot per install or you'll have multiple installs stomping 
> on each other's boot configs.
> 
> Just about everything above can in theory be worked around or done 
> differently, but you'll be way outside of what you can expect support 
> for at that point.
> 

Thanks for your input, suggestions and recommendations.

B

Re: php7.3-fpm segfaults

[Roberto C . Sánchez]

On Sat, Jan 12, 2019 at 10:25:51AM +0100, Lucio wrote:
> Hello,
> 
> I'm running buster/sid on my notebook and on a desktop pc. I'd like to use
> both for PHP software development, so I've setup Apache2 and php7.3-fpm to
> create a devel env similar to the real production servers.
> 
> On the destop pc it works. On the notebook it segfaults. Please note that
> the two systems are not exactly the same, with the notebook being a older
> debian install, upgraded several releases since the first install.
> 
> Here is what i get in the logs:
> 
> # cat /var/log/php7.3-fpm.log | tail -n 7
> [12-Jan-2019 08:57:36] NOTICE: fpm is running, pid 815
> [12-Jan-2019 08:57:36] NOTICE: ready to handle connections
> [12-Jan-2019 08:57:36] NOTICE: systemd monitor interval set to 1ms
> [12-Jan-2019 08:59:45] WARNING: [pool lucio] child 1635 exited on signal 11
> (SIGSEGV) after 129.612030 seconds from start
> [12-Jan-2019 08:59:45] NOTICE: [pool lucio] child 3635 started
> [12-Jan-2019 09:09:44] WARNING: [pool lucio] child 3635 exited on signal 11
> (SIGSEGV) after 598.434794 seconds from start
> [12-Jan-2019 09:09:44] NOTICE: [pool lucio] child 23618 started
> 
> The last 2 lines repeat each time I load a page in the browser. The page
> obviously displays only a "Service Unavailable" message from Apache.
> 
> How do I get more details about what's going on with PHP-FPM?
> 

Are there corresponding entries in the Apache log?  Can you turn the
Apache log level up to debug or higher and cause the failure again?

Regards,

-Roberto
-- 
Roberto C. Sánchez

Re: php7.3-fpm segfaults

[Lucio]

Il 12/01/19 10:25, Lucio ha scritto:



How do I get more details about what's going on with PHP-FPM?



My question holds, but I have discovered something new: if I purge the 
php7.3-mysql package, php7.3-fpm starts working again, and I get:


"Your PHP installation appears to be missing the MySQL extension which 
is required by WordPress."


which shows php7.3-fpm is working. When I reinstall php7.3-mysql, it 
starts crashing again.

Source-specific routing

[Alexandre Garreau]

Hi,

I don’t know if this is the right place to ask, if my problem is not too
specific or something.

Is source-specific routing possible under debian?  I think this is what
I need in my case ("multihoming" I think): on my laptop I'm generally
connected too zero up to two differents networks (from different ISP),
and therefore have from 0 to 6-7 different IP addresses (currently: two
local IPv4 addresses and two public IPv6 addresses from my physical home
ISP (possibly counting the public IPv4 whose my NATed network is behind
and that I could use modulo some config and negotiations with flatmate),
and two public IP addresses (v6 and v4) from a VPN: misleadingly, that's
3 network interfaces: one (tun0) for my VPN ISP, and two (enp0s25 and
wlp2s0) for my physical home ISP).

I host my mail server on this machine (my laptop yes, though it is not
always up (it stays on during night, but is offline when I travel
sometimes, between two different places with internet access, but this
wasn't the case at the time I had an unlimited 3G data access through a
WWAN card (I need to get and fit another one now)).

I'd like my computer to be able to receive mail from all network
interfaces (including local networks) at any time, and preferably send
from the VPN (tun0, openvpn, and I connect through Network Manager), but
possibly also from my home physical ISP when available (without
disconnecting from my VPN, if I'm ever connected to it), and to be able
to change the default route for opening connections (for exemple
accessing web or FTP services from a local network (intranet), as I need
to in my college).

So I guess source-specific routing is what I need, so that for any
connection using any IP my computer send the packet on the right
interface with the right IP.

I feel like that's an interesting networking problem for learning
networking stuff as I'd like ^^

So any idea? place to find information?

Debian testing (buster), "vfat not found"

[Dan Marshall]

Hi, first time caller...

Originally posted this is Linux Questions' Hardware subforum. Copying and
pasting the tasty bits:

Trying to mount a thumb drive and an mp3 player under Debian testing
(buster), got a "filesystem vfat not found" message from the automounter.

Tried "sudo modprobe vfat," got an "operation not permitted."

Modinfo did find the vfat module, so at least there's that.

Both the kernel and the vfat module are the same version, 4.19.0-1-amd64.

dmesg did not report anything interesting. I can post a tail or grep for
something if somebody asks.

I did verify that my user account had access to the mount point. I also
repeated the modprobe su-ed as root. Same error message.

I verified that the thumbdrive is fat32 (which vfat should handle, if I
could get the module to load).

Did a cat /proc/devices got what I *think* is a list of numbers associated
with all the devices on my system. Not sure how to get the vfat module to
cough up what number it's trying to grab. I can post the cat /proc/devices
list if anybody asks.

[code]
sudo /sbin/modprobe -vv vfat
modprobe: INFO: ../libkmod/libkmod.c:364 kmod_set_log_fn() custom logging
function 0x5648b5e8ced0 registered
insmod /lib/modules/4.19.0-1-amd64/kernel/fs/fat/fat.ko
modprobe: INFO: ../libkmod/libkmod-module.c:886 kmod_module_insert_module()
Failed to insert module '/lib/modules/4.19.0-1-amd64/kernel/fs/fat/fat.ko':
Operation not permitted
modprobe: ERROR: could not insert 'vfat': Operation not permitted
modprobe: INFO: ../libkmod/libkmod.c:331 kmod_unref() context
0x5648b7d91410 released
[/code]

[code]
sudo /sbin/modprobe -vvv vfat
modprobe: INFO: ../libkmod/libkmod.c:364 kmod_set_log_fn() custom logging
function 0x5558b37deed0 registered
modprobe: DEBUG: ../libkmod/libkmod-index.c:755 index_mm_open()
file=/lib/modules/4.19.0-1-amd64/modules.dep.bin
modprobe: DEBUG: ../libkmod/libkmod-index.c:755 index_mm_open()
file=/lib/modules/4.19.0-1-amd64/modules.alias.bin
modprobe: DEBUG: ../libkmod/libkmod-index.c:755 index_mm_open()
file=/lib/modules/4.19.0-1-amd64/modules.symbols.bin
modprobe: DEBUG: ../libkmod/libkmod-index.c:755 index_mm_open()
file=/lib/modules/4.19.0-1-amd64/modules.builtin.bin
modprobe: DEBUG: ../libkmod/libkmod-module.c:556
kmod_module_new_from_lookup() input alias=vfat, normalized=vfat
modprobe: DEBUG: ../libkmod/libkmod-module.c:562
kmod_module_new_from_lookup() lookup modules.dep vfat
modprobe: DEBUG: ../libkmod/libkmod.c:574 kmod_search_moddep() use mmaped
index 'modules.dep' modname=vfat
modprobe: DEBUG: ../libkmod/libkmod.c:402 kmod_pool_get_module() get module
name='vfat' found=(nil)
modprobe: DEBUG: ../libkmod/libkmod.c:410 kmod_pool_add_module() add
0x5558b4632fe0 key='vfat'
modprobe: DEBUG: ../libkmod/libkmod.c:402 kmod_pool_get_module() get module
name='fat' found=(nil)
modprobe: DEBUG: ../libkmod/libkmod.c:402 kmod_pool_get_module() get module
name='fat' found=(nil)
modprobe: DEBUG: ../libkmod/libkmod.c:410 kmod_pool_add_module() add
0x5558b46330f0 key='fat'
modprobe: DEBUG: ../libkmod/libkmod-module.c:196
kmod_module_parse_depline() add dep:
/lib/modules/4.19.0-1-amd64/kernel/fs/fat/fat.ko
modprobe: DEBUG: ../libkmod/libkmod-module.c:202
kmod_module_parse_depline() 1 dependencies for vfat
modprobe: DEBUG: ../libkmod/libkmod-module.c:583
kmod_module_new_from_lookup() lookup vfat=0, list=0x5558b4632600
modprobe: DEBUG: ../libkmod/libkmod.c:501 lookup_builtin_file() use mmaped
index 'modules.builtin' modname=vfat
modprobe: DEBUG: ../libkmod/libkmod-module.c:1750
kmod_module_get_initstate() could not open '/sys/module/vfat/initstate': No
such file or directory
modprobe: DEBUG: ../libkmod/libkmod-module.c:1760
kmod_module_get_initstate() could not open '/sys/module/vfat': No such file
or directory
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=snd_pcsp mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=snd_usb_audio mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=cx88_alsa mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=snd_atiixp_modem mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=snd_intel8x0m mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=snd_via82xx_modem mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=md_mod mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=bonding mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod-module.c:1393 kmod_module_get_options()
modname=dummy mod->name=fat mod->alias=(null)
modprobe: DEBUG: ../libkmod/libkmod.c:501 lookup_builtin_file() use mmaped
index 'modules.built

Re: Log in details

[Ben Caradoc-Davies]

On 12/01/2019 16:05, Johndy Laviña wrote:

Hi,
May I know what is the login and password for Debian GNU / Linux 9?
Thanks


Live or installed?

For Debian Live, the login is "user" and password is "live". You will 
need these if you lock the screen. To get root, open a terminal and use 
use "sudo -i".


For installed Debian, login and password are set at install time.

Kind regards,

--
Ben Caradoc-Davies 
Director
Transient Software Limited 
New Zealand

go-mtpfs does not work

[Kamil Jońca]

I used to use go-mtpfs to connect my android phone to my debian box.
But recently it starts to behave strange.

after issue

go-mtpfs -dev 'b41adca4' /media/skowronek/

I have mounted phone under /media/skowronek as expected
I can list or view/copy files.
But after few second everything disappears  :(
Everything becames empty.
I do not know if it is go-mtpfs issue, or for example usb libraries.

Any hints?
KJ

-- 
http://stopstopnop.pl/stop_stopnop.pl_o_nas.html
You can't hurt me!!  I have an ASSUMABLE MORTGAGE!!

lightdm becomes unusable

[MENGUAL Jean-Philippe]

Hi,

On my sid and after installing polkit-mate to get my usb sticks mounted 
without any password as a regular user, I rebooted and the screen stays 
black. lightem stops and in log: "Greeter closed communication channel". 
Why not but... why did it this? I have no additional indications.


Thank for your help

Regards

--
signature_jp_2
Logo Hypra  JEAN-PHILIPPE MENGUAL
DIRECTEUR TECHNIQUE ET QUALITÉ
102, rue des poissonniers, 75018, Paris
Tel : +331 84 73 06 61  Mob : +336 76 34 93 37

jpmeng...@hypra.fr 
www.hypra.fr 
Facebook Hypra  Twitter Hypra 
 Linkedin Jean-Philippe 

Re: kernel "unsigned" in sid

[dotdeb]

On Fri, Jan 11, 2019 at 3:52 PM Michael Stone  wrote:

> How did you get the unsigned kernel installed in the first place? It's
> not typically installed, and I don't see any dependencies that would pull
> it in. If it weren't installed there'd be no problem. :)


Good question. I upgrade my sid regularly and don't mess with the kernel: I
installed the metapackage that depends on the latest kernel and leave the
system uprgrade to its convenience.
I have no idea of where this "unsigned" came from. Is it possible that at
some point the metapackage depended on it?


> If you have
> another kernel already installed, boot into that, then replace the
> unsigned kernel with the corresponding kernel that lacks the -unsigned
> suffix.If you don't have another kernel installed, try installing an
>
older one or (as you suggested) wait for the next one. In theory you
> should be able to just remove the -unsigned and replace it without
> having another kernel available, but it's better to have an alternative
> in case something goes wrong.
>

Unfortunately no other kernel installed and, unless I go and dig into
snapsot, at the moment in sid no other kernel version number is available.
If I try to install the "signed" version, something unhelty happens because
the same /lib/modules/4.19.0-1-amd64/ is shared by the two.
I'll wait for the next one.


> -unsigned means that the kernel doesn't come with a signature that can
> be used for secure boot. It's part of the build process for the signed
> kernels, is a reproducible build, and may have other special-purpose
> applications, but it is not generally needed.
>

Clear enough.

Thank you.

a.

Re: The Dark Mod on Stretch?

[Boyan Penkov]

Hello all,

OK, here's my results:

-- trying on 2.06 sources, I was unable to get it to compile, halting
at the null pointer error above...

-- trying on a fresh subversion checkout (svnversion returns 7909M), I
apply Rico's patches in order and get a clean compile, that drops a
nice thedarkmod.x64 in my working directory.  I then tried to launch
it, and kept getting PATH errors.  I looked up the hardcoded path,
moved some stuff around, and got this:

→ games/darkmod pwd
 11:50:20
/usr/share/games/darkmod
→ games/darkmod tree
 11:50:23
.
├── darkmod
│   └── fms
│   ├── consolehistory.dat
│   └── river.pk4
├── fms
│   ├── consolehistory.dat
│   └── river.pk4
└── thedarkmod.x64

3 directories, 5 files
→ games/darkmod ./thedarkmod.x64
 11:50:25
TDM 2.07/64 #7909 (7909M) linux-x86_64 Jan 12 2019 08:24:55
found interface lo - loopback
found interface enp8s0 - 10.0.1.9/255.255.255.0
Found Generic CPU, features: MMX SSE SSE2 SSE3
tdm using MMX & SSE & SSE2 & SSE3 for SIMD processing.
-- Initializing File System --
Current search path:
  /usr/share/games/darkmod/
File System Initialized.
--
Unknown command 'vid_restart'
- Game Map Shutdown --
- Game Map Shutdown done -
idRenderSystem::Shutdown()
I18NLocal: Shutdown.
 Game Shutdown ---
Shutdown event system
...not started
--
Sys_Error: Couldn't load default.cfg
About to exit with code 1
→ games/darkmod
 11:50:34

The river.pk4 is a package file I pulled down to get something to test.

I suspect I am unable to find the default.cfg since I am not running
through all the stuff  that tdm_updater uses.  Any thoughts here?

Cheers!

On Sat, Jan 12, 2019 at 8:36 AM Reco  wrote:
>
> Hi.
>
> On Sat, Jan 12, 2019 at 07:57:32AM -0500, Boyan Penkov wrote:
> > Thanks for your patience -- trying this now...
> >
> > Did you get the following errors?
> >
> > game/StimResponse/StimResponseTimer.cpp: At global scope:
> > game/StimResponse/StimResponseTimer.cpp:22:62: error: non-constant
> > condition for static assertion
> >  static_assert((size_t)&((TimerValue*)NULL)->Time.Millisecond == 4,
> > "TimerValue type has wrong packing");
> >~~~^~~~
> > game/StimResponse/StimResponseTimer.cpp:22:62: error: dereferencing a
> > null pointer in ‘*0’
> > game/StimResponse/StimResponseTimer.cpp:23:61: error: non-constant
> > condition for static assertion
> >  static_assert((size_t)&((TimerValue*)NULL)->Val.Millisecond == 4,
> > "TimerValue type has wrong packing");
> >~~^~~~
> > game/StimResponse/StimResponseTimer.cpp:23:61: error: dereferencing a
> > null pointer in ‘*0’
>
> No, I'd remember those. My 2.06 does not have these asserts at all:
>
> $ grep -c assert thedarkmod/game/StimResponse/StimResponse.cpp
> 0
>
> Reco
>


-- 
Boyan Penkov

Re: Migrate Stretch to New UEFI Build?

[Glenn Holmer]

On Fri, Jan 11, 2019 at 8:12 PM Michael Stone  wrote:
> Putting grub in a directory other than "EFI/debian" does allow for
> multiple OSs to have their own boot loaders which can be started from
> the UEFI boot menu. (E.g., you could have EFI/stretch, EFI/centos7,
> EFI/sid, etc.) In this case I would still keep the efi partition mounted
> on /boot/efi to reduce long-term confusion. I'd also add new directories
> instead of trying to keep multiple versions of debian from overwriting
> the debian directory.

Do you know how to do this? I've had quite a bit of difficulty just adding
new boot entries to EFI, including bizarre results like my newly-added boot
entry not appearing after reboot but both PXE entries (IPV4/6) being
duplicated. I've been using efibootmgr from within Linux as well as bcfg
from the EFI shell.

I've been trying in a VM with both stretch and buster installed (both use
the vendor directory "\EFI\debian)" as well as on my new laptop with Ubuntu
and Ubuntu Studio installed (both use the vendor directory "\EFI\ubuntu").
I was able to install GRUB to a new EFI directory (e.g. "ubustu" for Ubuntu
Studio), but I was left with the impression that there was something
hard-coded that was overriding the specification of vendor directory
(--bootloader-id in grub-install) when creating the EFI boot entry (e.g.
the "ubustu" entry booted Ubuntu, not Ubuntu Studio).

In practice, I suppose it doesn't matter because the most recently
installed GRUB will contain menu items to boot both operating systems, but
I am relatively new to EFI and want to learn it thoroughly.

--
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."

Re: Setting a USB for multi usages

[Richard Owlett]

On 01/12/2019 05:58 AM, Thomas Schmitt wrote:

Hi,


Now at mounting, I have a strange behavior: polki requires a root password
to mount both the Debian partition and the data partition. I use Debian sid
with MATE desktop.


If the partitions are recognized by the Linux kernel (i.e. show up as
/dev/sdb1, sdb2, sdb3) then the partition table is ok.

Password questions for mounting USB sticks seem to be normal.
Google "polkit mount password" yields plenty of discussions and proposals.
Maybe one of our fellow group members can shorten your search for the
right one.



As one who has had many problems with privileges/permissions/etc issues, 
"polkit" is the keyword.


I did the suggested search and found:
   http://smcv.pseudorandom.co.uk/2015/why_polkit/
and
   https://wiki.archlinux.org/index.php/Polkit#For_specific_actions

They briefly summarize the problem system designers faced and hint at 
how a user could approach solving the problems in particular use case.


Wish someone had pointed me to polkit a long time ago.

Re: dumb question about SSL

[Roberto C . Sánchez]

On Sat, Jan 12, 2019 at 09:27:01AM +, Joe wrote:
> 
> Apache should be quite happy with the 'snakeoil' certificate made by
> Debian when it is installed.

Which should not be used in production or even in testing, as it
increases the likelihood that it will accidentally be deployed that way.

> There are a couple of other things that
> need to be done for SSL to work (such as enabling the Apache SSL
> module) and it's long enough ago that I did it last that you had better
> look up a few tutorials. If you need to make your web server available
> publicly (and the best of luck if you have the courage to do that) then
> its certificate must be traceable back to a public CA.
> 
That depends on who will be accessing the server in a way that requires
trusting the server.  A self-managed CA or even a self-signed
certificate may be perfectly adequate for a single user or small number
of users.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Re: The Dark Mod on Stretch?

[Reco]

Hi.

On Sat, Jan 12, 2019 at 07:57:32AM -0500, Boyan Penkov wrote:
> Thanks for your patience -- trying this now...
> 
> Did you get the following errors?
> 
> game/StimResponse/StimResponseTimer.cpp: At global scope:
> game/StimResponse/StimResponseTimer.cpp:22:62: error: non-constant
> condition for static assertion
>  static_assert((size_t)&((TimerValue*)NULL)->Time.Millisecond == 4,
> "TimerValue type has wrong packing");
>~~~^~~~
> game/StimResponse/StimResponseTimer.cpp:22:62: error: dereferencing a
> null pointer in ‘*0’
> game/StimResponse/StimResponseTimer.cpp:23:61: error: non-constant
> condition for static assertion
>  static_assert((size_t)&((TimerValue*)NULL)->Val.Millisecond == 4,
> "TimerValue type has wrong packing");
>~~^~~~
> game/StimResponse/StimResponseTimer.cpp:23:61: error: dereferencing a
> null pointer in ‘*0’

No, I'd remember those. My 2.06 does not have these asserts at all:

$ grep -c assert thedarkmod/game/StimResponse/StimResponse.cpp
0

Reco

zoneminder in experimental

[Rainer Dorsch]

[copying debian-user that you do not get the same questions multiple times, if 
others have the same question]

Hi Dimitry,

I just saw you manage an incredible amount of Debian packages:

https://qa.debian.org/developer.php?email=onlyjob%40debian.org

Many thanks for that. While looking through the list, I discovered brainparty, 
which I did not know before.

I am using zoneminder here in stretch. I saw you uploaded several new versions 
1.32.x to experimental. I am just wondering if you intend to upload a new 
version to sid before the release of buster or do the versions 1.32.x have 
severe limitations over the version 1.30.4 which is currently in sid and 
buster?

Many thanks
Rainer

-- 
Rainer Dorsch
http://bokomoko.de/

Re: The Dark Mod on Stretch?

[Boyan Penkov]

Thanks for your patience -- trying this now...

Did you get the following errors?

game/StimResponse/StimResponseTimer.cpp: At global scope:
game/StimResponse/StimResponseTimer.cpp:22:62: error: non-constant
condition for static assertion
 static_assert((size_t)&((TimerValue*)NULL)->Time.Millisecond == 4,
"TimerValue type has wrong packing");
   ~~~^~~~
game/StimResponse/StimResponseTimer.cpp:22:62: error: dereferencing a
null pointer in ‘*0’
game/StimResponse/StimResponseTimer.cpp:23:61: error: non-constant
condition for static assertion
 static_assert((size_t)&((TimerValue*)NULL)->Val.Millisecond == 4,
"TimerValue type has wrong packing");
   ~~^~~~
game/StimResponse/StimResponseTimer.cpp:23:61: error: dereferencing a
null pointer in ‘*0’


Cheers!

On Tue, Jan 8, 2019 at 3:08 PM Reco  wrote:
>
> Hi.
>
> On Tue, Jan 08, 2019 at 08:22:53AM -0500, Boyan Penkov wrote:
> > Hello,
> >
> > Anybody here play http://www.thedarkmod.com/main/ 
> >  ?
>
> I wish ☹
>
> >  have folks been able to get 2.07 to compile on Stretch, under only 64-bit?
>
> I could try if you provide me the source. 2.06, which I took from [1],
> can be built like this:
>
> 1) Build-deps:
>
> apt install scons m4 subversion mesa-common-dev libxxf86vm-dev \
> libopenal-dev libxext-dev
> apt purge libcurl4-gnutls-dev
>
> 2) Patching:
>
> patch -p1 -i /tmp/01-multilib.patch
> patch -p1 -i /tmp/02-ffmpeg.patch
>
> 3) Building:
>
> scons BUILD="release" TARGET_ARCH="x64" -j`nproc`
>
>
> Of course, doing it the proper way (unbundling all the libraries, fixing
> signed/unsigned mixups, etc), wrapping the thing into a package - is
> outside of scope of this mini-howto.
>
> Reco
>
> [1] http://www.thedarkmod.com/downloads/



-- 
Boyan Penkov

Re: Setting a USB for multi usages

[Thomas Schmitt]

Hi,

> Now at mounting, I have a strange behavior: polki requires a root password
> to mount both the Debian partition and the data partition. I use Debian sid
> with MATE desktop.

If the partitions are recognized by the Linux kernel (i.e. show up as
/dev/sdb1, sdb2, sdb3) then the partition table is ok.

Password questions for mounting USB sticks seem to be normal.
Google "polkit mount password" yields plenty of discussions and proposals.
Maybe one of our fellow group members can shorten your search for the
right one.


Have a nice day :)

Thomas

Re: Log in details

[Étienne Mollier]

On 1/12/19 4:05 AM, Johndy Laviña wrote:
> May I know what is the login and password for Debian GNU / Linux 9?

Hi Johndy,

If you are mentioning Debian Live images, I believe the
login and password are user/live, but I am not sure it
still holds true.  Login should be automatic apparently:


https://live-team.pages.debian.net/live-manual/html/live-manual/the-basics.en.html#210

Kind regards,
-- 
Étienne Mollier 

Re: kernel regression from stable to testing (acpi lid / EEEpc 1215p)

[Andrea Borgia]

Il 09/01/19 00:07, Michael Lange ha scritto:




Just because it is old does not necessarily mean that no one bothers.


Sorry, that's not what I meant: I wanted to say the kernel is so old 
that it probably doesn't really matter if it is the debian or the 
upstream version I am using. That is, whatever patches Debian might have 
added back then have gone mainline for the most part.



Andrea.

Re: Log in details

[john doe]

On 1/12/2019 4:05 AM, Johndy Laviña wrote:
> Hi,
> 
> May I know what is the login and password for Debian GNU / Linux 9?
> 

There are no default user and password, they are provided at
installation time.

-- 
John Doe

Re: Log in details

[Tom Furie]

On Sat, Jan 12, 2019 at 03:05:46AM +, Johndy Laviña wrote:
> 
> May I know what is the login and password for Debian GNU / Linux 9?

They're whatever you set them to when installing the system.

Cheers,
Tom

-- 
You could get a new lease on life -- if only you didn't need the first
and last month in advance.


signature.asc
Description: PGP signature

Log in details

[Johndy Laviña]

Hi,

May I know what is the login and password for Debian GNU / Linux 9?

Thanks

Re: dumb question about SSL

[Joe]

On Fri, 11 Jan 2019 22:17:05 +
mick crane  wrote:

> I'm having a bit of bother with my home server thingy.
> does apache, roundcube, dovecot, cups.
> is buster.
> Is problem with roundcube communicating with dovecot or something. 
> sending mail times out and the settings webpage isn't working whereas
> it was fine  a week ago.
> 
> It occurs to me I don't really understand how SSL works and if
> problem I have might be to do with that not understanding.
> You can make a self signed certificate, a public, private pair
> Apache says you can make one and Dovecot says you can make one.
> So are these SSL pairs separate things or one thing in one place that 
> identifies the machine.
> What happens if connect to running apache  over encryption then
> connect to running dovecot over webmail with encryption, does it
> expect different keys ?
> I'm a bit confused about it.
> are the keys particular to the machine ? the domain ? the software ?
> 

To begin with, Debian will normally make the keys required by the
programs that actually need them, such as Apache and most mail servers.
Some programs don't need keys, but can use them (such as FreeRADIUS and
OpenVPN) so you then generally need to make them yourself. The EasyRSA
program makes that, as you would expect, easier, but if you intend to
make any but the most casual use of certificates, you ought to
understand what's going on, and should read a few OpenSSL tutorials.

A program used on the Net (pretty much just browsers) needs to be able
to trace the keys it finds back to a Certificate Authority that it
knows about i.e. a public one. Internal client-server programs don't
generally need to, so self-signed keys are OK. In fact, where keys are
used for authentication, such as with OpenVPN and FreeRADIUS, a private
Certificate Authority is vital. If OpenVPN will accept any client key
signed by a particular CA, then you need to keep that CA private, not
even sharing it with other programs on the same server.

> I dunno what I've done. I think I made some keys for apache the other 
> day to see if I could get ssl working ( is just local so I don't
> really need it, but anyway ) but perhaps I made keys from dovecot
> documentation a year or so ago.
> 

Apache should be quite happy with the 'snakeoil' certificate made by
Debian when it is installed. There are a couple of other things that
need to be done for SSL to work (such as enabling the Apache SSL
module) and it's long enough ago that I did it last that you had better
look up a few tutorials. If you need to make your web server available
publicly (and the best of luck if you have the courage to do that) then
its certificate must be traceable back to a public CA.

> Perhaps there might be an issue that I changed my local domain from 
> "local" to "home" in that time. Could that have anything to do with
> it ?
> 
> Should I delete all the ssl directories I can find to see if that
> helps ?

Probably not, just do a bit of reading. Note that Apache can also use
client certificates for authentication, a completely separate subject,
bear that in mind when you look for tutorials.

-- 
Joe

php7.3-fpm segfaults

[Lucio]

Hello,

I'm running buster/sid on my notebook and on a desktop pc. I'd like to 
use both for PHP software development, so I've setup Apache2 and 
php7.3-fpm to create a devel env similar to the real production servers.


On the destop pc it works. On the notebook it segfaults. Please note 
that the two systems are not exactly the same, with the notebook being a 
older debian install, upgraded several releases since the first install.


Here is what i get in the logs:

# cat /var/log/php7.3-fpm.log | tail -n 7
[12-Jan-2019 08:57:36] NOTICE: fpm is running, pid 815
[12-Jan-2019 08:57:36] NOTICE: ready to handle connections
[12-Jan-2019 08:57:36] NOTICE: systemd monitor interval set to 1ms
[12-Jan-2019 08:59:45] WARNING: [pool lucio] child 1635 exited on signal 
11 (SIGSEGV) after 129.612030 seconds from start

[12-Jan-2019 08:59:45] NOTICE: [pool lucio] child 3635 started
[12-Jan-2019 09:09:44] WARNING: [pool lucio] child 3635 exited on signal 
11 (SIGSEGV) after 598.434794 seconds from start

[12-Jan-2019 09:09:44] NOTICE: [pool lucio] child 23618 started

The last 2 lines repeat each time I load a page in the browser. The page 
obviously displays only a "Service Unavailable" message from Apache.


How do I get more details about what's going on with PHP-FPM?

Re: Setting a USB for multi usages

[MENGUAL Jean-Philippe]

Hi,

Thanks for your reply. As I want debian 8 installer, I am not sure about 
EFI so I use this method, I could not have creatd it myself.


Le 11/01/2019 à 23:03, Thomas Schmitt a écrit :

Hi,

MENGUAL Jean-Philippe wrote:

My purpose is having a USB stick splitted in 2 parts:
1. MBR + partitions: a Debian installer from an ISO
2. A blank partition to install data or whatver

While I know to "burn" an iso on a key via dd, how can I do to have a clean
installer but using key for other usages?


Put the ISO onto the stick, completely deface its pseudo-GPT,
and use program fdisk to add one or more partitions.

1. I issue dd if=/dev/zero of=/dev/sdb
2. Then: dd if=my-iso of=/dev/sdb
3. I ran the command you suggest below.

dd if=/dev/zero bs=512 seek=1 count=1 of=/dev/sdb
dd if=/dev/zero bs=512 seek=$n count=1 of=/dev/sdb

Now at mounting, I have a strange behavior: polki requires a root 
password to mount both the Debian partition and the data partition. I 
use Debian sid with MATE desktop.


Why? Is it a misbehavior I should report to polkit or semething else? 
How can I mount the partitions, in particular the data one, to let the 
user write and read?


Thanks

Regards



The partition situation in a Debian ISO for x86 is not as nice
as it should/could be:

   $ /sbin/fdisk -lu debian-9.3.0-amd64-netinst.iso
   ...
   Device  Boot StartEnd Sectors  Size Id Type
   debian-9.3.0-amd64-netinst.iso1 *0 593919  593920  290M  0 Empty
   debian-9.3.0-amd64-netinst.iso2   3760   4591 832  416K ef EFI 
(FAT-12/1

Note the EFI partition 2 of type 0xef sitting inside partition 1 which
is of type 0x00.
Nevertheless fdisk will add partition 3 and 4 if you ask it to do so.


There are the data of a GPT, but it is not properly announced by a
protective MBR partition of type 0xee. The GPT shows the same overlapping
partitions, which are explicitely forbidden by the GPT specs.
Thus my advise to remove the GPT header block:

   dd if=/dev/zero bs=512 seek=1 count=1 conv=notrunc of=/dev/sdX

where /dev/sdX is the device file of your USB stick.
(Option conv=notrunc is just for the case your of= target is an .iso file
  and not a disk device file.)


On a USB stick, the GPT backup header will probably not be recognized
because it will be misplaced. But an overly smart partition editor might
still find it and propose to replace your MBR partition table by that
GPT.

To kill the backup GPT header, you need to compute the last 512-byte
block number n of the ISO (in case of the 9.3.0 ISO n is 593919):

   n=$(expr $(ls -l debian-9.3.0-amd64-netinst.iso | awk '{print $5}') / 512 - 
1)

and zeroize that block:

   dd if=/dev/zero bs=512 seek=$n count=1 conv=notrunc of=/dev/sdX

After this, programs like gdisk will not try to overwrite the MBR
partition table by the GPT.


Have a nice day :)

Thomas

Re: Monitor process who is eat my entropy

[Lucio]

Hello,

Il 11/01/19 20:28, basti ha scritto:

I have try lsof /dev/urandom without luck.


I'm afraid /dev/urandom is not the only way to get random bytes from the 
kernel.


Maybe the `top` command can help, it does not filter specifically by 
entropy usage, but processes that use a lot of entropy usually hit the 
CPU hard.