network installer will not boot

2019-05-25 Thread Blair, Charles E III 
   I am trying to install debian on
an Intel NUC with a DVD device attached.  I
downloaded the network installer, then 
burnt it to a CD on a different computer.

   When I put it in the new computer and
start it, I get the message:

> Image Authorization Fail.
> System cannot boot to this device due
> to security violation

-- 
My e-mail is unreliable.
Please try again if no reply in several days.

gpg: F7C9 B577 1E5D C732 63F1  A9D2 A399 D202 50E8 50D1

Re: How to set access permissions to protect a database file?

2019-05-25 Thread mick crane 

On 2019-05-26 05:32, David Christensen wrote:

On 5/25/19 8:12 PM, mick crane wrote:

On 2019-05-26 00:49, Markos wrote:

Hi,

I made a program (reading_room.tcl), with Sqlite running on Debian 9,
to control the books of a reading room.

I implemented an authentication system for common users and
administrator users in the reading_room program.

Now I want that any user logged in the Linux be able to run the
program reading_room.tcl, which will access the database (books.db)

But I want to protect the file books.db so that only the the program
reading_room.tcl can access the books.db file. But that no user could
delete or write to the file books.db (only the program
reading_room.tcl)

Please, how can I configure the system to do that?

How to define the permissions?


I'll have a go, sure I'll get pulled up if off.

read 4, write 2, execute 1?? add these together for permissions
owner, group, anybody

I never did anything on a PC with other people having access so I 
never made a file only executable by anybody but I don't see why not.

As you wrote reading_room.tcl presume that belongs to you.
I don't know anything about tcl as yet but assume it's executable as 
it is and does something.
You may have a group librarians that want to have read/write access to 
reading_room.tcl

Assume you have backups of the files.
guess books.db wants to be 644
"su -"
"chmod 644 books.db"
 ??or if the librarians want write access to it.
"chown you.librarians books.db"
"chmod 664 books.db"

"chown you.librarians reading_room.tcl"
"chmod 771 reading_room.tcl"

mick



I don't believe there is a solution using just read, write, and mode
bits and group membership.  (Perhaps, there is a solution if you also
use access control lists?)


Suppose I have a Perl script "shared-program.pl" (sorry, I don't know
TCL) that reads a line from the terminal, lower cases the line, and
then writes the line to the terminal.  If the line contains the word
"write', the line is also written to a data file "shared-program.dat":

2019-05-25 20:31:43 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-xr-x 1 dpchrist dpchrist 267 2019-05-25 20:31:35
sandbox/perl5/shared-program.pl*

2019-05-25 20:31:49 dpchrist@tinkywinky ~
$ cat sandbox/perl5/shared-program.pl
#!/usr/bin/env perl
use strict;
use warnings;
use FindBin qw( $Bin );
use File::Slurp;
use constant DATAFILE => "$Bin/shared-program.dat";
print "$0 >";
my $line = <>;
$line = lc $line;
write_file(DATAFILE, {append => 1}, $line)
if $line =~ /write/;
print $line;


If I run the program as the owner, it works as expected:

2019-05-25 20:34:01 dpchrist@tinkywinky ~
$ sandbox/perl5/shared-program.pl
sandbox/perl5/shared-program.pl >Hi, Dave!
hi, dave!

2019-05-25 20:34:15 dpchrist@tinkywinky ~
$ sandbox/perl5/shared-program.pl
sandbox/perl5/shared-program.pl >write Bye, Dave!
write bye, dave!

2019-05-25 20:35:09 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.dat
-rw-r--r-- 1 dpchrist dpchrist 17 2019-05-25 20:35:09
sandbox/perl5/shared-program.dat

2019-05-25 20:35:22 dpchrist@tinkywinky ~
$ cat sandbox/perl5/shared-program.dat
write bye, dave!


The mode of 755 on the script allows other group members and all other
users to run the script:

tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
/home/dpchrist/sandbox/perl5/shared-program.pl >Hello, Tinky Winky!
hello, tinky winky!


But, if I clear the world read bit on the script:

2019-05-25 20:35:24 dpchrist@tinkywinky ~
$ chmod o-r sandbox/perl5/shared-program.pl

2019-05-25 20:38:08 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-x--x 1 dpchrist dpchrist 267 2019-05-25 20:31:35
sandbox/perl5/shared-program.pl*


Other users are not able to run the script because the Perl
interpreter cannot read the script:

tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
Can't open perl script
"/home/dpchrist/sandbox/perl5/shared-program.pl": Permission denied


(It might be possible for other users to run binary programs with just
the world execute bit set?)


So, the world mode needs to be read+execute for other users to run
scripts they do not own:

2019-05-25 20:59:32 dpchrist@tinkywinky ~
$ chmod o=rx sandbox/perl5/shared-program.pl

2019-05-25 21:05:53 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-xr-x 1 dpchrist dpchrist 267 2019-05-25 20:31:35
sandbox/perl5/shared-program.pl*

tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
/home/dpchrist/sandbox/perl5/shared-program.pl >Blah Blah Blab
blah blah blab


Focusing on the data file, let's add the other user to the file's 
group:


2019-05-25 20:49:08 root@tinkywinky ~
# usermod -a -G dpchrist tinkywinky

2019-05-25 20:50:33 root@tinkywinky ~
# grep dpchrist /etc/group | grep tinkywinky
dpchrist:x:13250:tinkywinky


Log out and log in again as the other user to obtain the new group 
membership.



Enable the group write bit on the data file:

2019-05-25 21:09:45 dpchrist@ti

Van a chingar a su madre pinches putos y cuando quieras nos vemos

2019-05-25 Thread oscargavmvny1979 
Enviado desde mi Samsung Mobile de Telcel

Re: How to set access permissions to protect a database file?

2019-05-25 Thread David Christensen 

On 5/25/19 8:12 PM, mick crane wrote:

On 2019-05-26 00:49, Markos wrote:

Hi,

I made a program (reading_room.tcl), with Sqlite running on Debian 9,
to control the books of a reading room.

I implemented an authentication system for common users and
administrator users in the reading_room program.

Now I want that any user logged in the Linux be able to run the
program reading_room.tcl, which will access the database (books.db)

But I want to protect the file books.db so that only the the program
reading_room.tcl can access the books.db file. But that no user could
delete or write to the file books.db (only the program
reading_room.tcl)

Please, how can I configure the system to do that?

How to define the permissions?


I'll have a go, sure I'll get pulled up if off.

read 4, write 2, execute 1  add these together for permissions
owner, group, anybody

I never did anything on a PC with other people having access so I never 
made a file only executable by anybody but I don't see why not.

As you wrote reading_room.tcl presume that belongs to you.
I don't know anything about tcl as yet but assume it's executable as it 
is and does something.
You may have a group librarians that want to have read/write access to 
reading_room.tcl

Assume you have backups of the files.
guess books.db wants to be 644
"su -"
"chmod 644 books.db"
  or if the librarians want write access to it.
"chown you.librarians books.db"
"chmod 664 books.db"

"chown you.librarians reading_room.tcl"
"chmod 771 reading_room.tcl"

mick



I don't believe there is a solution using just read, write, and mode 
bits and group membership.  (Perhaps, there is a solution if you also 
use access control lists?)



Suppose I have a Perl script "shared-program.pl" (sorry, I don't know 
TCL) that reads a line from the terminal, lower cases the line, and then 
writes the line to the terminal.  If the line contains the word "write', 
the line is also written to a data file "shared-program.dat":


2019-05-25 20:31:43 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-xr-x 1 dpchrist dpchrist 267 2019-05-25 20:31:35 
sandbox/perl5/shared-program.pl*


2019-05-25 20:31:49 dpchrist@tinkywinky ~
$ cat sandbox/perl5/shared-program.pl
#!/usr/bin/env perl
use strict;
use warnings;
use FindBin qw( $Bin );
use File::Slurp;
use constant DATAFILE => "$Bin/shared-program.dat";
print "$0 >";
my $line = <>;
$line = lc $line;
write_file(DATAFILE, {append => 1}, $line)
if $line =~ /write/;
print $line;


If I run the program as the owner, it works as expected:

2019-05-25 20:34:01 dpchrist@tinkywinky ~
$ sandbox/perl5/shared-program.pl
sandbox/perl5/shared-program.pl >Hi, Dave!
hi, dave!

2019-05-25 20:34:15 dpchrist@tinkywinky ~
$ sandbox/perl5/shared-program.pl
sandbox/perl5/shared-program.pl >write Bye, Dave!
write bye, dave!

2019-05-25 20:35:09 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.dat
-rw-r--r-- 1 dpchrist dpchrist 17 2019-05-25 20:35:09 
sandbox/perl5/shared-program.dat


2019-05-25 20:35:22 dpchrist@tinkywinky ~
$ cat sandbox/perl5/shared-program.dat
write bye, dave!


The mode of 755 on the script allows other group members and all other 
users to run the script:


tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
/home/dpchrist/sandbox/perl5/shared-program.pl >Hello, Tinky Winky!
hello, tinky winky!


But, if I clear the world read bit on the script:

2019-05-25 20:35:24 dpchrist@tinkywinky ~
$ chmod o-r sandbox/perl5/shared-program.pl

2019-05-25 20:38:08 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-x--x 1 dpchrist dpchrist 267 2019-05-25 20:31:35 
sandbox/perl5/shared-program.pl*



Other users are not able to run the script because the Perl interpreter 
cannot read the script:


tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
Can't open perl script "/home/dpchrist/sandbox/perl5/shared-program.pl": 
Permission denied



(It might be possible for other users to run binary programs with just 
the world execute bit set?)



So, the world mode needs to be read+execute for other users to run 
scripts they do not own:


2019-05-25 20:59:32 dpchrist@tinkywinky ~
$ chmod o=rx sandbox/perl5/shared-program.pl

2019-05-25 21:05:53 dpchrist@tinkywinky ~
$ ll sandbox/perl5/shared-program.pl
-rwxr-xr-x 1 dpchrist dpchrist 267 2019-05-25 20:31:35 
sandbox/perl5/shared-program.pl*


tinkywinky@tinkywinky:~$ /home/dpchrist/sandbox/perl5/shared-program.pl
/home/dpchrist/sandbox/perl5/shared-program.pl >Blah Blah Blab
blah blah blab


Focusing on the data file, let's add the other user to the file's group:

2019-05-25 20:49:08 root@tinkywinky ~
# usermod -a -G dpchrist tinkywinky

2019-05-25 20:50:33 root@tinkywinky ~
# grep dpchrist /etc/group | grep tinkywinky
dpchrist:x:13250:tinkywinky


Log out and log in again as the other user to obtain the new group 
membership.



Enable the group write bit on the data file:

2019-05-25 21:09:45 dpchrist@tinkywinky ~
$ chmod g+w san

Re: How to set access permissions to protect a database file?

2019-05-25 Thread David Christensen 

On 5/25/19 4:49 PM, Markos wrote:

Hi,

I made a program (reading_room.tcl), with Sqlite running on Debian 9, to 
control the books of a reading room.


I implemented an authentication system for common users and 
administrator users in the reading_room program.


Now I want that any user logged in the Linux be able to run the program 
reading_room.tcl, which will access the database (books.db)


But I want to protect the file books.db so that only the the program 
reading_room.tcl can access the books.db file. But that no user could 
delete or write to the file books.db (only the program reading_room.tcl)


Please, how can I configure the system to do that?

How to define the permissions?

Thanks,

Markos


Some possibilities:

https://en.wikipedia.org/wiki/Setuid

https://en.wikipedia.org/wiki/Client%E2%80%93server_model

https://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller


David

Re: How to set access permissions to protect a database file?

2019-05-25 Thread mick crane 

On 2019-05-26 00:49, Markos wrote:

Hi,

I made a program (reading_room.tcl), with Sqlite running on Debian 9,
to control the books of a reading room.

I implemented an authentication system for common users and
administrator users in the reading_room program.

Now I want that any user logged in the Linux be able to run the
program reading_room.tcl, which will access the database (books.db)

But I want to protect the file books.db so that only the the program
reading_room.tcl can access the books.db file. But that no user could
delete or write to the file books.db (only the program
reading_room.tcl)

Please, how can I configure the system to do that?

How to define the permissions?


I'll have a go, sure I'll get pulled up if off.

read 4, write 2, execute 1  add these together for permissions
owner, group, anybody

I never did anything on a PC with other people having access so I never 
made a file only executable by anybody but I don't see why not.

As you wrote reading_room.tcl presume that belongs to you.
I don't know anything about tcl as yet but assume it's executable as it 
is and does something.
You may have a group librarians that want to have read/write access to 
reading_room.tcl

Assume you have backups of the files.
guess books.db wants to be 644
"su -"
"chmod 644 books.db"
 or if the librarians want write access to it.
"chown you.librarians books.db"
"chmod 664 books.db"

"chown you.librarians reading_room.tcl"
"chmod 771 reading_room.tcl"

mick


--
Key ID4BFEBB31

Re: bind9 startup problems: /var/cache /bind

2019-05-25 Thread Ross Boylan 
I tested my suspicion that bind9-resolvconf was somehow implicated in
the bind9 start problems by returning bind9-resolvconf to its
original, disabled, state and restarting the system.  Unfortunately,
it didn't help:
May 25 19:05:34 barley named[804]: /etc/bind/named.conf.options:2:
change directory to '/var/cache/bind' failed: file not found

But at least one theory has been eliminated.

I also reviewed permissions and ownership of /var/cache/bind and the
"directory" directive in named.conf.options for consistency with
Debian post-install scripts and packaged files.  There weren't any
differences.

Ross

Re: Debian Programming languages

2019-05-25 Thread Kenneth Parker 
On Fri, May 24, 2019 at 9:35 PM Dekks Herton  wrote:

> Paul Sutton  writes:
>
> > Hi
> >
> > As I am trying to promote contributing to Debian,  what programming
> > languages are mostly used?  I am asking as it helps to give people an
> > idea of what they need to learn or will learn as part of helping.
>
> AFAIK Kernel + low level plumbing are primarily Assembly,C,C++,Rust
>

As one who has been involved in "low level plumbing", since the 1970's
(including on IBM Mainframe Computers), I'm not afraid of Assembler
Language.  I'm surprised, that I didn't know about Rust (package rustc).
Thanks for alerting me!



-- 
> Regards.
>
> PGP Fingerprint: 3DF8 311C 4740 B5BC 3867  72DF 1050 452F 9BCE BA00
>

Kenneth Parker

Re: Debian Programming languages

2019-05-25 Thread 황병희 
Hellow~

> I am guessing as the default command line interface is bash, then bash
> and bash scripting would be useful to learn but on top of that what
> would people suggest I try and promote.

To me, Python is easy, useful, for example, my custom message-id[1] is
from python3. Also Python is good with combine Bash command, you know
subprocess module within Python.

Sincerely, Byung-Hee from South Korea.

[1] 
https://gitlab.com/soyeomul/Gnus/raw/89bdb255a3fe7843da00d216e934c43120c373a9/thanks-mid.py

-- 
^고맙습니다 _地平天成_ 감사합니다_^))//

Re: sporadic successfull mount of nfs with Stretch

2019-05-25 Thread Keith Bainbridge 

On 23/5/19 12:36 am, Stefan K wrote:

Hello,

we've some problems with Debian stretch which try to mount nfs4 shares at 
boot-time, sometimes it works and sometimes not. If its not mounting during 
start I can mount it after I login without problems.

A successfull (re)boot look like [1] and a (re)boot which doesn't mount the 
shares look like [2].

For me it looks like that it comes to a race condition and it try to mount it 
without a working networkstack. the /etc/fstab looks like:
srv-storage:/scratch  /scratchnfs defaults0 2
srv-storage:/home /data/home  nfs defaults0 2

I also try to use _netdev as mountoptions, but it didn't work.
Has anyone an idea how to solve this?

best regards
Stefan

[1] https://debianforum.de/forum/pastebin/?mode=view&s=40729
[2] https://debianforum.de/forum/pastebin/?mode=view&s=40728



Stefan

Wonder what would happen if you used the IP address instead of the 
srv-storage?


--
Keith Bainbridge

ke1th3...@gmail.com
+61 (0)447 667 468

How to set access permissions to protect a database file?

2019-05-25 Thread Markos 

Hi,

I made a program (reading_room.tcl), with Sqlite running on Debian 9, to 
control the books of a reading room.


I implemented an authentication system for common users and 
administrator users in the reading_room program.


Now I want that any user logged in the Linux be able to run the program 
reading_room.tcl, which will access the database (books.db)


But I want to protect the file books.db so that only the the program 
reading_room.tcl can access the books.db file. But that no user could 
delete or write to the file books.db (only the program reading_room.tcl)


Please, how can I configure the system to do that?

How to define the permissions?

Thanks,

Markos

Re: kernel symlinks, still needed?

2019-05-25 Thread Brian 
On Sat 25 May 2019 at 18:16:17 +0200, Andrea Borgia wrote:

> Hi.
> 
> AFAIK the following symlinks in "/" were required for LILO and are no longer
> needed with GRUB2:
> initrd.img
> initrd.img.old
> vmlinuz
> vmlinuz.old
> 
> Is there a reason for keeping them around nowadays?

Booting from a GRUB prompt can be a little easier when you know that
the kernel and initrd can be reached from /.

-- 
Brian.

Re: rebooted again, stretch losing keyboard but keyboard and batteries in it ae good

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 03:48:18 pm Felix Miata wrote:

> Gene Heskett composed on 2019-05-25 12:30 (UTC-0400):
> > Unforch, and this machine has been rebooted by hpfax several times
> > since I put all that in /e/sysctl.conf. And a cat of the dozen or so
> > subdirs in /proc/sys/net/ipv6 has all the disable-ipv6's set to 1
> > right now.
> >
> > Can you explain this? Looks like it worked, but if configure is
> > checking that, its not doing as it should. I still see a yes go by
> > when it checks for ipv6 connectivity.
> >
> > And I just had to reboot, the keyboard died, but its been swapped
> > and the batteries are brand new. But the mouse is still alive.
> >
> > I'm stumped.
>
> I'm stumped too, over what the problem is that remains since you added
> ipv6.disable=1 to your cmdline. Are you saying ipv6.disable=1 and
> keyboard function are incompatible?
>
No, I don't believe there is a connection.

> I don't boot Stretch much any more. When I boot Buster with
> ipv6.disable=1 on cmdline, the only ipv6 in dmesg is in two kernel
> cmdline regurgitations.

When buster is officially stable, I will upgrade. Thats what, another 
week?


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Debian compatibilty with ASrock J3455 question

2019-05-25 Thread An Liu 
Hi,experts

My dell vistro 5453 failed to work several days ago,and i‘m not going to
save it.

I could reuse ram and ssd,so i'm considering a motherboard for a home
NAS,w/ debian and OMV

one possible choice is j3455-itx,however,there were some posts indicated i
might have problem running Debian with this motherboard。

asrock only have win10/ubuntu on j3455's support list

Does someone have experience on this motherboard.

If there is positive answer,i will buy one,if not,it's not too late for me
to next choice,lol

Thank you

reference:

http://forum.asrock.com/forum_posts.asp?TID=5227&title=j3455itx-and-debian-88
https://forum.openmediavault.org/index.php/Thread/16375-ASRock-J3455-ITX-problems/#post131188


-- 
Liu An

Re: Laptop does not switch off when shutting down

2019-05-25 Thread deloptes 
Cindy Sue Causey wrote:

> No harm, no foul. That's cool. I'm sure it incidentally rolled in with
> something else I installed. A very BRIEF depends/rdepends snoop around
> my installs to see how that likely happened came up empty.
> 
> PPS . Have NOT seen the "resuming from hibernation" advisement
> ever since I... told Plymouth to... please go take a little vacation
> on a private island for a little bit..

Not sure, but might be you have some issue with resume and your resume
partition or might be with plymouth. I think it is very nice to show
something different than msdos 30y old style boot up screen. The resuming
message usually comes when you have hibernated/suspended to disk and it
indeed resumes from the disk.

The problem with the shutdown and hanging was in our case cause by a
conflict in the systemd rules file.

Of course in OPs case it could be any case of other conflict that prevents
systemd to complete the shutdown-

regards

Re: Debian Programming languages

2019-05-25 Thread songbird 
James H. H. Lampert wrote:
> Just out of morbid curiosity: what about a full ANSI PL/I?
>
> (And the mere fact that I'm asking ages me.)

  mu!  (unasking makes you younger?!  :) )A

  ancient languages i've used but not in quite a long
time now.

  COBOL, SNOBOL, ALGOL, LISP

  of all of them i actually wrote production code in
Pascal, assembler, COBOL and C (with embedded SQL).

  i also wrote a ton of code in C for classwork and
that was the main language i "thought" in.  some of 
those projects were quite large (write a compiler,
assembler, linking-loader, interpreter, OS, editor,
multiprocessor microcode simulator, etc.)  i'm not 
sure anyone actually teaches these that much these
days.

  for most of my projects here i mostly did either C
or shell scripts.

  recently i started picking up Python and it has been
ok so far, but there is still much about OOP that i
don't fully understand.  at a full time effort i think
it takes several years to really get a language.  since
i'm not doing this full time i expect by the time i
get to retirement age i'll have got it down well 
enough.

  my first Python program i don't consider OOP much
at all, but it went quickly enough.  next winter i
hope to revisit it and see what i can do to make it
a better structured program and more OOP.

  i'm too busy in the summer to really put much into
learning new things unless it is something quick that
will stick.


  songbird

Re: rebooted again, stretch losing keyboard but keyboard and batteries in it ae good

2019-05-25 Thread Felix Miata 
Gene Heskett composed on 2019-05-25 12:30 (UTC-0400):

> Unforch, and this machine has been rebooted by hpfax several times since 
> I put all that in /e/sysctl.conf. And a cat of the dozen or so subdirs 
> in /proc/sys/net/ipv6 has all the disable-ipv6's set to 1 right now.

> Can you explain this? Looks like it worked, but if configure is checking 
> that, its not doing as it should. I still see a yes go by when it checks 
> for ipv6 connectivity.

> And I just had to reboot, the keyboard died, but its been swapped and the 
> batteries are brand new. But the mouse is still alive.

> I'm stumped.

I'm stumped too, over what the problem is that remains since you added
ipv6.disable=1 to your cmdline. Are you saying ipv6.disable=1 and keyboard
function are incompatible?

I don't boot Stretch much any more. When I boot Buster with ipv6.disable=1 on
cmdline, the only ipv6 in dmesg is in two kernel cmdline regurgitations.
-- 
Evolution as taught in public schools is religion, not science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: Laptop does not switch off when shutting down

2019-05-25 Thread Cindy Sue Causey 
On 5/25/19, deloptes  wrote:
> Hans wrote:
>
>> I remember, this issue appeared at some other users a long time ago, but
>> I
>> do not remember, how to fix it. I believe, this issue was related to the
>> kernel, but I am not sure.
>>
>
> rather with systemd - try to get the logs at the console and see what
> exactly is hanging
>
>> However, I know, this issue is a known thing, maybe someone remembers the
>> solution of it?
>>
>> Thanks for any hints and have a nice day!
>
> might be different reasons - are you using plymouth?


Plymouth just became apparent on mine the other day. I would NEVER
install that on purpose. The reason is that it was somehow an
immediate and very visible player for distressful issues I had going
back 8 years ago or so. PS *ZAP!* (without negative consequence so
far)

Plymouth was not just zapped for no reason in the current software
development cycles versus ~8 years ago. It was a rational decision
made based on an anomaly that was occurring in the last few days.

One thing I started seeing was that my little laptop was saying it was
resuming from hibernation. That message was the first thing to appear
as I was sitting watching the credits roll by... on fresh, safely
orchestrated REBOOTS. RESUMING?! Do WHAT?!

That "resuming from hibernation" advisement was soon followed by some
kind of reference to Plymouth. That was the point at which I became
aware that Plymouth was part of my debootstrapped copy.

No harm, no foul. That's cool. I'm sure it incidentally rolled in with
something else I installed. A very BRIEF depends/rdepends snoop around
my installs to see how that likely happened came up empty.

PPS . Have NOT seen the "resuming from hibernation" advisement
ever since I... told Plymouth to... please go take a little vacation
on a private island for a little bit..

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with birdseed *

Re: Debian Programming languages

2019-05-25 Thread tomas 
On Sat, May 25, 2019 at 07:43:05PM +0300, Ryan Dean wrote:
> This is such an amazing topic which language is most widely used and which
> most useful. Many CS people only want to focus, do not want waste time in
> learning milllions of different languages, which will cause language
> barriers. We have limited amount of time and millions of other things in
> real life in addition to programming

Because there's just one tool in my workshop :-)

On the contrary: learning new languages helped me perfect my mastery
of those I thought I knew already.

Learning an OOP language made me a better C programer. Learning a
functional language made me a better C programmer. And so on.

Speaking several human languages is also a great experience.

Cheers
-- tomás


signature.asc
Description: Digital signature

Re: Laptop does not switch off when shutting down

2019-05-25 Thread deloptes 
Hans wrote:

> I remember, this issue appeared at some other users a long time ago, but I
> do not remember, how to fix it. I believe, this issue was related to the
> kernel, but I am not sure.
> 

rather with systemd - try to get the logs at the console and see what
exactly is hanging

> However, I know, this issue is a known thing, maybe someone remembers the
> solution of it?
> 
> Thanks for any hints and have a nice day!

might be different reasons - are you using plymouth?

regards

Re: LXC and Docker together?

2019-05-25 Thread Richard Hector 
On 23/05/19 3:39 PM, Richard Hector wrote:
> Hi all,
> 
> Has anybody run LXC and Docker simultaneously on the same host? Do they
> play nicely together?
> 
> I need to migrate some containers (or at least the contents, or
> services) from LXC to Docker, without causing too much disruption.
> 
> Stretch doesn't seem to have Docker, so I'd be installing that from the
> Docker repo. LXC is what comes with stretch.

From my testing so far, it appears that there's no inherent problem,
except that the way I have set up a bridge interface for LXC including
the external interface is blocked by Docker's default iptables rules. I
think I can avoid that problem, once I better get my head around
Docker's networking.

Cheers,
Richard




signature.asc
Description: OpenPGP digital signature

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Reco 
Hi.

On Sat, May 25, 2019 at 06:46:07AM -0400, Gene Heskett wrote:
> On Saturday 25 May 2019 06:32:59 am Reco wrote:
> 
> > Hi.
> >
> > On Sat, May 25, 2019 at 06:25:55AM -0400, Gene Heskett wrote:
> > > On Saturday 25 May 2019 05:54:46 am Reco wrote:
> > > > Hi.
> > > >
> > > > On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> > > > > I have the following in /etc/sysctl.conf:
> > > > >
> > > > > net.ipv6.conf.all.disable_ipv6 = 1
> > > > > net.ipv6.conf.default.disable_ipv6 = 1
> > > >
> > > > These are redundant:
> > > > > net.ipv6.conf.lo.disable_ipv6 = 1
> > > > > net.ipv6.conf.eth0.disable_ipv6 = 1
> > > > > net.ipv6.conf.eth1.disable_ipv6 = 1
> > > > > net.ipv6.conf.ppp0.disable_ipv6 = 1
> > > > > net.ipv6.conf.tun0.disable_ipv6 = 1
> > > > >
> > > > > but its not enough to stop this from ip a:
> > > > > : eth0:  mtu 1500 qdisc
> > > > > : pfifo_fast state
> > > > >
> > > > > UP group default qlen 1000
> > > > > link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6
> > > > > crap.
> > > >
> > > > No. That's MAC address of your NIC, hence "link/ether". IPv6
> > > > entries start with "inet6".
> > >
> > > Then the configure script in the amanda-master (3.5.1 tarball) I
> > > just downloaded from salsa is in error.
> >
> > If the build system of a software depends on whenever builder has IPv6
> > or not - that software is broken. I say more - if building a software
> > requires network connectivity it's the reason not to use such software
> > at all.
> 
> You're about 25 years out of date reco, The software is amanda, the 
> Advanced Maryland Automatic Network Disk Archiver. I've only been using 
> it in various incarnations since 1998.  Its backing up 5 machines 
> including this one, every night when its working.  It has not since I 
> installed stretch 3 weeks ago.

And what makes you blame IPv6 for this?

Reco

Laptop does not switch off when shutting down

2019-05-25 Thread Hans 
Hi folks, 

I am fighting with a little issue. On my laptop there are two physical 
harddrives. The first one is running win7 (1st partition) and debian (second 
partition), the second one is running winXP (first partitiin) and kali-linux 
(second partition).

When doing "halt -p" in debian, the laptop is going down, then shuts off.  This 
is working fine so far.

But doing the same in kali-linux (same kernel version as debian), the system 
is going down, then it stops, but does not completely shut off. Reboot does 
also not work (going down, then tells "rebooting" but is hanging).

I installed the kernel new and grub as well - with no success.

And there is also no difference, when I am booting from the second drive as 
first drive (choosen in BIOS), or from the bootloader of the first drive. 

I remember, this issue appeared at some other users a long time ago, but I do 
not remember, how to fix it. I believe, this issue was related to the kernel, 
but I am not sure.

However, I know, this issue is a known thing, maybe someone remembers the 
solution of it? 

Thanks for any hints and have a nice day!

Best 

Hans 

signature.asc
Description: This is a digitally signed message part.

Re: kernel symlinks, still needed?

2019-05-25 Thread Sven Joachim 
On 2019-05-25 18:16 +0200, Andrea Borgia wrote:

> AFAIK the following symlinks in "/" were required for LILO and are no
> longer needed with GRUB2:
> initrd.img
> initrd.img.old
> vmlinuz
> vmlinuz.old
>
> Is there a reason for keeping them around nowadays?

If you stick to grub, not really.  You can safely delete them, and use

do_symlinks = 0

in /etc/kernel-img.conf so that they will not come back.

Cheers,
   Sven

Re: forcedeth?

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 12:36:51 pm rhkra...@gmail.com wrote:

> > On Sat, May 25, 2019 at 06:52:00AM -0400, Gene Heskett wrote:
> > > the installer locked me to ipv6, and the nearest ipv6 connectivity
> > > is probably in Pittsburgh PA, 140 some miles north of me. The
> > > installer hasn't brains enough to try ipv4 when it can't find
> > > anything working in ipv6.
>
> Just thinking out loud (with no knowledge of exactly where you live --
> what about Morgantown?  I'd be a little surprised if WVU and the town
> around it did not support ipv6 (although maybe no external (to WVU)
> ISPs support it).

Morgantown is 40+ miles up the superslab from here. We have very poorly 
maintained dsl from frontier, or nearly any bandwidth you can afford 
from shentel, the cable tv folks. After being without a phone the first 
5 months of 2013 because vz wouldn't fix anything, I voted with my 
wallet and switched it all to the cable. We've been w/o a phone or net 
for maybe 3 weeks after bad storms that took the whole county down and 
we listened to our 20kw nat gas in the back yard because all the 
batteries were dead. Old ipv4 only Arris modems and I've not toted any 
ipv6 stuffs in dd-wrt in my router either.  With no configuration 
support for ipv6 available here on this list (I have asked, thinking I'd 
make my local net ipv6, but that would take a 6 to 4 nat in the router), 
I've nuked it out of all my network configs as my local net with several 
hundred feet of cat5 and 6 seems stuck at 100 Mb, plenty fast enough for 
me.  I'll have to reconfigure it all from scratch if and when it arrives 
here, but at my age, 84, I'll probably miss roll call first and it will 
be somebody else's problem, I'm running on a battery now. The doc says 
the battery is good for ten years, but there are other problems that 
will stop me before then I suspect.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

/etc/udev/rules.d/*net* versus hwinfo --netcards

2019-05-25 Thread peter 
root@joule:~# cat /etc/udev/rules.d/*net*
# joule:/etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
  ...
# PCI device
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", \
 ATTR{address}=="00:07:e9:78:a8:b0", ATTR{dev_id}=="0x0", \
 ATTR{type}=="1", KERNEL=="eth*", NAME="mainboard"
  ...
# USB device 0x:0x (asix)
#SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", \
# ATTR{address}=="00:1d:7e:00:ee:9f", ATTR{dev_id}=="0x0", \
# ATTR{type}=="1", KERNEL=="eth*", NAME="LocLCS1788"
  ...
  
Whereas,
root@joule:~# hwinfo --netcards
20: PCI 208.0: 0200 Ethernet controller
  [Created at pci.378]
  Unique ID: vVa_.4AMaVDpEyvF
  Parent ID: 6NW+.c7JTK_YUBi2
  SysFS ID: /devices/pci:00/:00:1e.0/:02:08.0
  SysFS BusID: :02:08.0
  Hardware Class: network
  Model: "Intel 82562EZ 10/100 Ethernet Controller"
  Vendor: pci 0x8086 "Intel Corporation"
  Device: pci 0x1050 "82562EZ 10/100 Ethernet Controller"
  SubVendor: pci 0x1028 "Dell"
  SubDevice: pci 0x0155
  Revision: 0x02
  Driver: "e100"
  Driver Modules: "e100"
  Device File: LocLCS1788
  Memory Range: 0xfceff000-0xfcef (rw,non-prefetchable)
  I/O Ports: 0xddc0-0xddff (rw)
  IRQ: 20 (2 events)
  HW Address: 00:07:e9:78:a8:b0
  Permanent HW Address: 00:07:e9:78:a8:b0
  Link detected: no
  Module Alias: "pci:v8086d1050sv1028sd0155bc02sc00i00"
  Driver Info #0:
Driver Status: e100 is active
Driver Activation Cmd: "modprobe e100"
  Config Status: cfg=new, avail=yes, need=no, active=unknown
  Attached to: #10 (PCI bridge)
  ...

Appears that udev ignores the rule which should assign "mainboard".
How does "Device File: LocLCS1788" become associated with the 
mainboard Ethernet hardware?  A cache from an old configuration?
A cache in wicd?

Not surprisingly, configuration of the mainboard interface fails.
peter@joule:~$ systemctl status networking.service
b networking.service - Raise network interfaces
   Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor prese
   Active: failed (Result: exit-code) since Sat 2019-05-25 08:17:49 PDT; 2min 6s
 Docs: man:interfaces(5)
  Process: 368 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=1
  Process: 360 ExecStartPre=/bin/sh -c [ "$CONFIGURE_INTERFACES" != "no" ] && [
 Main PID: 368 (code=exited, status=1/FAILURE)

May 25 08:17:47 joule systemd[1]: Starting Raise network interfaces...
May 25 08:17:49 joule ifup[368]: Cannot find device "mainboard"
May 25 08:17:49 joule ifup[368]: ifup: failed to bring up mainboard
May 25 08:17:49 joule systemd[1]: networking.service: Main process exited, code=
May 25 08:17:49 joule systemd[1]: Failed to start Raise network interfaces.
May 25 08:17:49 joule systemd[1]: networking.service: Unit entered failed state.
May 25 08:17:49 joule systemd[1]: networking.service: Failed with result 'exit-c

Ideas?

Thanks,... Peter E.

-- 
Composed and transmitted by software designed to avoid the 
complication and vulnerability of antivirus software.
Pender Is., BC: +1 604 670 0140
Bcc: peter at easthope. ca

Re: Debian Programming languages

2019-05-25 Thread Ryan Dean 
This is such an amazing topic which language is most widely used and which
most useful. Many CS people only want to focus, do not want waste time in
learning milllions of different languages, which will cause language
barriers. We have limited amount of time and millions of other things in
real life in addition to programming

On Sat, May 25, 2019 at 6:25 PM Paul Sutton  wrote:

> Hi All
>
> Just to say thank for the information.  I have made a short blog post on
> some of the languages mentioned and put links to what I would hope are
> useful related resources.
>
> http://zleap.net/debian-getting-started-3/
>
> I am trying to write this so I can hopefully encourage those who are
> learning to write code to get involved with Debian so their skills can
> be improved through helping,  I have learnt a heck of a lot just by
> being here doing what I have done so far.
>
> I will probably add to this further but it's up.
>
> Hopefully all this is helpful.
>
> Paul
>
>
> On 24/05/2019 16:08, Paul Sutton wrote:
>
> > Hi
> >
> > As I am trying to promote contributing to Debian,  what programming
> > languages are mostly used?  I am asking as it helps to give people an
> > idea of what they need to learn or will learn as part of helping.
> >
> > I am guessing as the default command line interface is bash, then bash
> > and bash scripting would be useful to learn but on top of that what
> > would people suggest I try and promote.
> >
> > Not just on the coding side of things as we have markdown / html / css
> > perhaps LaTeX for documentation.
> >
> >
> > Thanks
> >
> > Paul
> >
> --
> Paul Sutton
> http://www.zleap.net
> https://www.linkedin.com/in/zleap/
> gnupg : 7D6D B682 F351 8D08 1893  1E16 F086 5537 D066 302D
>
>

Re: forcedeth?

2019-05-25 Thread rhkramer 
> On Sat, May 25, 2019 at 06:52:00AM -0400, Gene Heskett wrote:
> > the installer locked me to ipv6, and the nearest ipv6 connectivity
> > is probably in Pittsburgh PA, 140 some miles north of me. The
> > installer hasn't brains enough to try ipv4 when it can't find
> > anything working in ipv6.

Just thinking out loud (with no knowledge of exactly where you live -- what 
about Morgantown?  I'd be a little surprised if WVU and the town around it did 
not support ipv6 (although maybe no external (to WVU) ISPs support it).

rebooted again, stretch losing keyboard but keyboard and batteries in it ae good

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 11:28:58 am Tom H wrote:

> Off-list...
>
> > link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.
>
> This isn't related to ipv6.
>
> "00:1f:c6:62:fc:bb" is the NIC's MAC address.
>
> "ff:ff:ff:ff:ff:ff" is the NIC's hardware broadcast address.
>
> ifconfig doesn't expose this but ip does. You can change it with "ip
> link set dev ethX broadcast aa:bb:cc:dd:ee:ff" but it'll break ARP
> (AFAIK).
>
> Your "*.disable_ipv6 = 1" sysctl settings'll disable ipv6, if you're
> not using NM or systemd-networkd. They only respect their own on/off
> ipv6 settings (in fact, I'm not sure that you can disable ipv6
> completely with systemd-networkd; you have to have a link-local ipv6
> address no matter what).
>
> Regarding some other things in the thread.
>
> There are two ipv6 variables that can be set to "1" on the kernel
> cmdline, "ipv6.disable_ipv6" and "ipv6.disable".
>
> "ipv6.disable_ipv6=1" disables ipv6 addresses but allows the the
> kernel to enable the ipv6 stack/
>
> "ipv6.disable=1" disables ipv6 completely and some applications'll
> fail in obvious or non-obvious ways.
>
> With "ipv6.disable_ipv6=1", "/proc/sys/net/ipv6" exists.
>
> With "ipv6.disable=1", "/proc/sys/net/ipv6" doesn't exist.

Thanks, good info, I'll relay to the amanda list.

Unforch, and this machine has been rebooted by hpfax several times since 
I put all that in /e/sysctl.conf. And a cat of the dozen or so subdirs 
in /proc/sys/net/ipv6 has all the disable-ipv6's set to 1 right now.

Can you explain this? Looks like it worked, but if configure is checking 
that, its not doing as it should. I still see a yes go by when it checks 
for ipv6 connectivity.

And I just had to reboot, the keyboard died, but its been swapped and the 
batteries are brand new. But the mouse is still alive.

I'm stumped.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

kernel symlinks, still needed?

2019-05-25 Thread Andrea Borgia 

Hi.

AFAIK the following symlinks in "/" were required for LILO and are no 
longer needed with GRUB2:

initrd.img
initrd.img.old
vmlinuz
vmlinuz.old

Is there a reason for keeping them around nowadays?

Thanks,
Andrea.

Re: Debian Programming languages

2019-05-25 Thread Paul Sutton 
Hi All

Just to say thank for the information.  I have made a short blog post on
some of the languages mentioned and put links to what I would hope are
useful related resources.

http://zleap.net/debian-getting-started-3/

I am trying to write this so I can hopefully encourage those who are
learning to write code to get involved with Debian so their skills can
be improved through helping,  I have learnt a heck of a lot just by
being here doing what I have done so far.

I will probably add to this further but it's up.

Hopefully all this is helpful.  

Paul


On 24/05/2019 16:08, Paul Sutton wrote:

> Hi
>
> As I am trying to promote contributing to Debian,  what programming
> languages are mostly used?  I am asking as it helps to give people an
> idea of what they need to learn or will learn as part of helping.
>
> I am guessing as the default command line interface is bash, then bash
> and bash scripting would be useful to learn but on top of that what
> would people suggest I try and promote.
>
> Not just on the coding side of things as we have markdown / html / css
> perhaps LaTeX for documentation.
>
>
> Thanks
>
> Paul
>
-- 
Paul Sutton
http://www.zleap.net
https://www.linkedin.com/in/zleap/
gnupg : 7D6D B682 F351 8D08 1893  1E16 F086 5537 D066 302D

Re: forcedeth?

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 07:33:01 am Andy Smith wrote:

> On Sat, May 25, 2019 at 06:52:00AM -0400, Gene Heskett wrote:
> > the installer locked me to ipv6, and the nearest ipv6 connectivity
> > is probably in Pittsburgh PA, 140 some miles north of me. The
> > installer hasn't brains enough to try ipv4 when it can't find
> > anything working in ipv6.
>
> My recollection was that none of that was ever established in any of
> the threads you posted here, so that is a really weird thing to keep
> stating. Did IPv6 use all your toilet paper and kick your dog or
> something?
>
> Andy

You just pulled my trigger.

No Andy, it didn't drink my last beer (Murphy does that), or kill any 
kittens but it did totally disable ipv4. How? Simply by refusing to 
apply a route/gateway to the ipv4 settings we do manually. And depending 
on the phase of the moon, those of us on host file networks are forced 
to edit the /e/n/i/config files and immediately chattr +i them in order 
to protect them from N-M's incessant meddling, ditto for resolv.conf, 
which we have to make into a real file, and chattr +i it for the same 
reason.  For a while we could remove N-M on armhf-jessie but now its 
somehow linked to our choice of desktops so the only way is to rm it by 
hand, or chattr +i everything it touches. N-M at least has the common 
decency to not complain or go crazy when it finds itself locked out of 
its playpen. Unforch I can't say the same for hpfax, in the hplip 
package you get with cups.  Its crashed this machine 6 or 7 times by 
killing hid-common, leaving the only working button the reset button on 
the machines front panel. Somebody put a call to hpfax in the root 
crontab, and when it gets called with nothing to do it goes postal 
killing all input devices on the usb bus by killing hid-common.  A 
separate problem of course, one that hp needs to fix before buster goes 
live.

You folks with ipv6 all think we should all just switch and be done with 
it, but the nearest ipv6 connection to me is probably 140 miles north of 
here in Pittsburgh.  So we're stuck on ipv4. My router doesn't pass it, 
my isp supplied cable modem doesn't pass it and you folks should be 
aware, first and foremost, that ipv6 does NOT cover the planet yet. 10% 
of it maybe on a geographical basis.  The rest of us are stuck on ipv4 
and we are being punished because there's nothing we can do about it.

You all claim that N-M won't bother an interface defined as static. Thats 
an outright blatant lie, I've had it tear down working interfaces half a 
dozen times in the last month on two different stretch installs, one 
arm64 and one amd64 because I wasn't quick enough with the sudo chattr 
to lock a file I had just edited with the properly marked as static 
data. I took the time to ping yahoo.com, got a response and N-M tore it 
down before I could lock it.

Put a kill switch in that puppy. defaulted to off. And take a survey to 
see how many have turned it on a year from now. I'll be apologetic if 
its more than the 5% carrying their lappy to dunkin donuts.

/ipv6 rant.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd - PID 1 is killed it seems

2019-05-25 Thread arne 
> > # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> >
> > I found out PID 1 is killed when I tried to reboot:
> > # reboot
> > Failed to open /dev/initctl: No such device or address
> > Failed to talk to init daemon.
> >
> > So I will have to use SysReq keys
> >  
> 
> Can somebody, please link me to the Documentation Files on those
> SysReq keys?  Thanks!
> 
> Kenneth Parker
> 
> >
> >  
https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd - PID 1 is killed it seems

2019-05-25 Thread tomas 
On Sat, May 25, 2019 at 08:35:45AM -0400, Kenneth Parker wrote:

[...]

> Can somebody, please link me to the Documentation Files on those SysReq
> keys?  Thanks!

https://en.wikipedia.org/wiki/Magic_SysRq_key

Cheers
-- t


signature.asc
Description: Digital signature

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd - PID 1 is killed it seems

2019-05-25 Thread Kenneth Parker 
On Sat, May 25, 2019, 5:45 AM arne  wrote:

> On Sat, 25 May 2019 00:21:07 +0200
> arne  wrote:
>
> > On Fri, 24 May 2019 23:43:49 +0200
> > arne  wrote:
> >
> > > On Fri, 24 May 2019 14:01:35 -0700
> > > Fred  wrote:
> > >
> > > > Hello,
> > > > I subscribe to the Devuan Linux mailing list.  This posting just
> > > > arrived and it appears quite important to Debian.
> > > >
> > > >  Forwarded Message 
> > > > Subject:  [DNG] Linux system can be brought down by sending
> > > > SIGILL to Systemd
> > > > Date: Fri, 24 May 2019 22:04:34 +0200
> > > > From: Martin Steigerwald 
> > > > To:   DNG 
> > > >
> > > >
> > > >
> > > > Hi!
> > > >
> > > > Today in a Linux training a participant attempted to bring down
> > > > Debian workstation with Systemd by sending signals to PID 1 as I
> > > > invited them to try to bring down PID 1 while thinking for myself
> > > > that this would not be possible from my past experiences about
> > > > trying to bring down PID 1 – init – myself.
> > >
> > > # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> > > ...^C
> > >
> > > no problem here
> > > kernel 5.1.4 stretch amd64 with systemd
> > >
> >
> > Perhaps that test was a little too short so I let it run a little
> > longer:
> >
> > # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> >
> ..^C
> >
> > again no problem here.
> >
> > I had no fear to run the script as I use systemd, so I know how to
> > use the SysReq keys very well ;)
> >
> >
> >
>
> # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
>
> I found out PID 1 is killed when I tried to reboot:
> # reboot
> Failed to open /dev/initctl: No such device or address
> Failed to talk to init daemon.
>
> So I will have to use SysReq keys
>

Can somebody, please link me to the Documentation Files on those SysReq
keys?  Thanks!

Kenneth Parker

>
>

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd

2019-05-25 Thread tomas 
On Sat, May 25, 2019 at 10:25:26AM +0300, Reco wrote:

[...]

> Seems harmless to me as one needs to be root to send signals to PID 1.

This is *exactly* the point. If you are root, there are far more creative
(and fun) ways to bring down your system, regardless of how your init
process is called.

I'll pay a virtual beer [1] to the first one here which comes with a shell
one-liner overwriting the first gig of init's heap space with /dev/urandom
(say the modern and correct moral equivalent of

  dd if=/dev/urandom of=/proc/1/mem bs=4096 count=256k 

... shouldn't be hard).

Cheers

[1] exchangeable by some physical $beverage of choice should we meet
   in person.

-- t


signature.asc
Description: Digital signature

Re: forcedeth?

2019-05-25 Thread Andy Smith 
On Sat, May 25, 2019 at 06:52:00AM -0400, Gene Heskett wrote:
> the installer locked me to ipv6, and the nearest ipv6 connectivity
> is probably in Pittsburgh PA, 140 some miles north of me. The
> installer hasn't brains enough to try ipv4 when it can't find
> anything working in ipv6.

My recollection was that none of that was ever established in any of
the threads you posted here, so that is a really weird thing to keep
stating. Did IPv6 use all your toilet paper and kick your dog or
something?

Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: forcedeth?

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 06:37:05 am Andrei POPESCU wrote:

> On Jo, 02 mai 19, 16:19:08, Gene Heskett wrote:
> > On Thursday 02 May 2019 14:18:53 Pascal Hambourg wrote:
> > > Le 02/05/2019 à 13:25, Gene Heskett a écrit :
> > > > Ha anything been done to forcedeth since wheezy?
> > >
> > > Why are you asking ?
> > >
> > > > I have installed the LCNC version of stretch
> > >
> > > What is LCNC and how does if differ from vanilla stretch ?
> >
> > Probably the biggest diff is the substitution of a fully preempt-rt
> > patched kernel, real time enough to run heavy machinery which is
> > what LinuxCNC, AKA LCNC linux does.
>
> My cristal ball says LinuxCNC is using the standard Debian kernel
> during the install.
>
> You could try booting from the standard Debian kernel and see if there
> are any changes. If yes, the culprit is most likely the LinuxCNC
> kernel.
>
I got that fixed 2 weeks ago, the installer locked me to ipv6, and the 
nearest ipv6 connectivity is probably in Pittsburgh PA, 140 some miles 
north of me. The installer hasn't brains enough to try ipv4 when it 
can't find anything working in ipv6.

> Kind regards,
> Andrei


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 06:32:59 am Reco wrote:

>   Hi.
>
> On Sat, May 25, 2019 at 06:25:55AM -0400, Gene Heskett wrote:
> > On Saturday 25 May 2019 05:54:46 am Reco wrote:
> > >   Hi.
> > >
> > > On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> > > > I have the following in /etc/sysctl.conf:
> > > >
> > > > net.ipv6.conf.all.disable_ipv6 = 1
> > > > net.ipv6.conf.default.disable_ipv6 = 1
> > >
> > > These are redundant:
> > > > net.ipv6.conf.lo.disable_ipv6 = 1
> > > > net.ipv6.conf.eth0.disable_ipv6 = 1
> > > > net.ipv6.conf.eth1.disable_ipv6 = 1
> > > > net.ipv6.conf.ppp0.disable_ipv6 = 1
> > > > net.ipv6.conf.tun0.disable_ipv6 = 1
> > > >
> > > > but its not enough to stop this from ip a:
> > > > : eth0:  mtu 1500 qdisc
> > > > : pfifo_fast state
> > > >
> > > > UP group default qlen 1000
> > > > link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6
> > > > crap.
> > >
> > > No. That's MAC address of your NIC, hence "link/ether". IPv6
> > > entries start with "inet6".
> > >
> > > Reco
> >
> > Then the configure script in the amanda-master (3.5.1 tarball) I
> > just downloaded from salsa is in error.
>
> If the build system of a software depends on whenever builder has IPv6
> or not - that software is broken. I say more - if building a software
> requires network connectivity it's the reason not to use such software
> at all.
>
> Reco

You're about 25 years out of date reco, The software is amanda, the 
Advanced Maryland Automatic Network Disk Archiver. I've only been using 
it in various incarnations since 1998.  Its backing up 5 machines 
including this one, every night when its working.  It has not since I 
installed stretch 3 weeks ago.


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: forcedeth?

2019-05-25 Thread Andrei POPESCU 
On Jo, 02 mai 19, 16:19:08, Gene Heskett wrote:
> On Thursday 02 May 2019 14:18:53 Pascal Hambourg wrote:
> 
> > Le 02/05/2019 à 13:25, Gene Heskett a écrit :
> > > Ha anything been done to forcedeth since wheezy?
> >
> > Why are you asking ?
> >
> > > I have installed the LCNC version of stretch
> >
> > What is LCNC and how does if differ from vanilla stretch ?
> 
> Probably the biggest diff is the substitution of a fully preempt-rt 
> patched kernel, real time enough to run heavy machinery which is what 
> LinuxCNC, AKA LCNC linux does.

My cristal ball says LinuxCNC is using the standard Debian kernel during 
the install.

You could try booting from the standard Debian kernel and see if there 
are any changes. If yes, the culprit is most likely the LinuxCNC kernel.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Reco 
Hi.

On Sat, May 25, 2019 at 06:25:55AM -0400, Gene Heskett wrote:
> On Saturday 25 May 2019 05:54:46 am Reco wrote:
> 
> > Hi.
> >
> > On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> > > I have the following in /etc/sysctl.conf:
> > >
> > > net.ipv6.conf.all.disable_ipv6 = 1
> > > net.ipv6.conf.default.disable_ipv6 = 1
> >
> > These are redundant:
> > > net.ipv6.conf.lo.disable_ipv6 = 1
> > > net.ipv6.conf.eth0.disable_ipv6 = 1
> > > net.ipv6.conf.eth1.disable_ipv6 = 1
> > > net.ipv6.conf.ppp0.disable_ipv6 = 1
> > > net.ipv6.conf.tun0.disable_ipv6 = 1
> > >
> > > but its not enough to stop this from ip a:
> > > : eth0:  mtu 1500 qdisc pfifo_fast
> > > : state
> > >
> > > UP group default qlen 1000
> > > link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.
> >
> > No. That's MAC address of your NIC, hence "link/ether". IPv6 entries
> > start with "inet6".
> >
> > Reco
> 
> Then the configure script in the amanda-master (3.5.1 tarball) I just 
> downloaded from salsa is in error.

If the build system of a software depends on whenever builder has IPv6
or not - that software is broken. I say more - if building a software
requires network connectivity it's the reason not to use such software
at all.

Reco

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Gene Heskett 
On Saturday 25 May 2019 05:54:46 am Reco wrote:

>   Hi.
>
> On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> > I have the following in /etc/sysctl.conf:
> >
> > net.ipv6.conf.all.disable_ipv6 = 1
> > net.ipv6.conf.default.disable_ipv6 = 1
>
> These are redundant:
> > net.ipv6.conf.lo.disable_ipv6 = 1
> > net.ipv6.conf.eth0.disable_ipv6 = 1
> > net.ipv6.conf.eth1.disable_ipv6 = 1
> > net.ipv6.conf.ppp0.disable_ipv6 = 1
> > net.ipv6.conf.tun0.disable_ipv6 = 1
> >
> > but its not enough to stop this from ip a:
> > : eth0:  mtu 1500 qdisc pfifo_fast
> > : state
> >
> > UP group default qlen 1000
> > link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.
>
> No. That's MAC address of your NIC, hence "link/ether". IPv6 entries
> start with "inet6".
>
> Reco

Then the configure script in the amanda-master (3.5.1 tarball) I just 
downloaded from salsa is in error.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: [Possibly fake news] [DNG] Linux system can be brought down by sending SIGILL to Systemd

2019-05-25 Thread Nicolas George 
to...@tuxteam.de (12019-05-25):
> That means that to send SIGILL to pid 1 you most probably gotta be
> root (systemd or not). And then, there are more classy ways to bring
> your system down anyway.
> 
> Folks, please double-check that stuff before reposting. I don't want
> the Debian mailing list to become Fakebook or Twitter.

No need to double check: with a little common sense and technical
competence, a single check is enough.

Remember folks:

The proof that systemd is evil is that "cat /lib/systemd/systemd >
/dev/sda" will likely make your system unbootable.

Regards,

-- 
  Nicolas George


signature.asc
Description: PGP signature

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Andy Smith 
Hi Gene,

[You asked how to do this so I am answering, but for the record I
don't believe it is a good idea to disable the current version of
the Internet protocol and rely on the legacy Internet protocol. If
there are problems with IPv6 then I think they should be fixed, not
disabled.]

On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> I have the following in /etc/sysctl.conf:
> 
> net.ipv6.conf.all.disable_ipv6 = 1
> net.ipv6.conf.default.disable_ipv6 = 1
> net.ipv6.conf.lo.disable_ipv6 = 1
> net.ipv6.conf.eth0.disable_ipv6 = 1
> net.ipv6.conf.eth1.disable_ipv6 = 1
> net.ipv6.conf.ppp0.disable_ipv6 = 1
> net.ipv6.conf.tun0.disable_ipv6 = 1

Note that there can be race conditions because some of these sysctls
may not exist until the network interfaces themselves exist and/or
are brought up. You may therefore prefer to disable IPv6 at the
kernel command line level, or by using post-up commands in each
interface stanza in /etc/network/interfaces.

Disable at kernel command line: ipv6.disable=1

Example of disabling in /etc/network/interfaces:

auto eth0
iface eth0 …
address …
netmask …
gateway …
post-up echo 1 > /proc/sys/net/ipv6/conf/$IFACE/disable_ipv6

(assuming you leave the entries for "all" and "default" in
/etc/sysctl.conf)

> but its not enough to stop this from ip a:
> : eth0:  mtu 1500 qdisc pfifo_fast state 
> UP group default qlen 1000
> link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.

This isn't "ipv6 crap". That is the MAC address of your Ethernet
interface at the link level. IPv6 address output from "ip a" start
with "inet6" not "link/ether". For example:

2: eth0:  mtu 1500 qdisc mq state UP group 
default qlen 1000
link/ether aa:00:00:4b:a0:c1 brd ff:ff:ff:ff:ff:ff
inet6 2001:ba8:1f1:f019::2/128 scope global 
   valid_lft forever preferred_lft forever

Possibly there isn't even any IPv6 addressing present and you are
experiencing some other problem so, as usual, I recommend focusing
on the details of the actual problem you have rather than trying to
guess what the cause is and only asking about that.

> Any ipv6 connectivity is at least 100 miles away.

Incorrect; IPv6 can be used on a local network, and on the loopback
interface of every host. As it is the current version of the
Internet protocol, it can and should be used any time any IP
networking wants to be used, even within the same host. If you want
to disable that and revert to legacy protocols that should be
recognised as a deviation from the norm.

> So I need a way to shut it off so thouroughly that nothing in a
> ./configure script believes its a working connection.

Almost certainly not your issue. Apps are supposed to support IPv6
but only use it if there is a global scope IPv6 address on the
interface that the app is trying to use. We don't even know if that
is what is happening because you haven't shown us the actual problem.

> Its creating all sorts of hate, discontent and general havoc
> trying to build a tarball because it makes things disable ipv4,
> the only WORKING connectivity my little 7 or 9 machine network,
> all behind dd-wrt anyway, has.

If it really is causing problems then show us those problems and I'm
sure they can be fixed, but you haven't demonstrated any, so it's
highly likely that this is a result of a misunderstanding.

> Please advise, we are still in jurrasic park here in WV.

Fortunately the Linux kernel and network stack is not.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Reco 
Hi.

On Sat, May 25, 2019 at 05:38:22AM -0400, Gene Heskett wrote:
> I have the following in /etc/sysctl.conf:
> 
> net.ipv6.conf.all.disable_ipv6 = 1
> net.ipv6.conf.default.disable_ipv6 = 1

These are redundant:

> net.ipv6.conf.lo.disable_ipv6 = 1
> net.ipv6.conf.eth0.disable_ipv6 = 1
> net.ipv6.conf.eth1.disable_ipv6 = 1
> net.ipv6.conf.ppp0.disable_ipv6 = 1
> net.ipv6.conf.tun0.disable_ipv6 = 1

> but its not enough to stop this from ip a:
> : eth0:  mtu 1500 qdisc pfifo_fast state 
> UP group default qlen 1000
> link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.

No. That's MAC address of your NIC, hence "link/ether". IPv6 entries
start with "inet6".

Reco

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd - PID 1 is killed it seems

2019-05-25 Thread arne 
On Sat, 25 May 2019 00:21:07 +0200
arne  wrote:

> On Fri, 24 May 2019 23:43:49 +0200
> arne  wrote:
> 
> > On Fri, 24 May 2019 14:01:35 -0700
> > Fred  wrote:
> >   
> > > Hello,
> > > I subscribe to the Devuan Linux mailing list.  This posting just
> > > arrived and it appears quite important to Debian.
> > > 
> > >  Forwarded Message 
> > > Subject:  [DNG] Linux system can be brought down by sending
> > > SIGILL to Systemd
> > > Date: Fri, 24 May 2019 22:04:34 +0200
> > > From: Martin Steigerwald 
> > > To:   DNG 
> > > 
> > > 
> > > 
> > > Hi!
> > > 
> > > Today in a Linux training a participant attempted to bring down
> > > Debian workstation with Systemd by sending signals to PID 1 as I
> > > invited them to try to bring down PID 1 while thinking for myself
> > > that this would not be possible from my past experiences about
> > > trying to bring down PID 1 – init – myself.
> > 
> > # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> > ...^C
> > 
> > no problem here
> > kernel 5.1.4 stretch amd64 with systemd
> >   
> 
> Perhaps that test was a little too short so I let it run a little
> longer:
> 
> # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> ..^C
> 
> again no problem here.
> 
> I had no fear to run the script as I use systemd, so I know how to
> use the SysReq keys very well ;)
> 
> 
> 

# while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done

I found out PID 1 is killed when I tried to reboot:
# reboot
Failed to open /dev/initctl: No such device or address
Failed to talk to init daemon.

So I will have to use SysReq keys

I need to totally stop ANY indication of ipv6 connectivity, how.

2019-05-25 Thread Gene Heskett 
I have the following in /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
net.ipv6.conf.eth1.disable_ipv6 = 1
net.ipv6.conf.ppp0.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1

but its not enough to stop this from ip a:
: eth0:  mtu 1500 qdisc pfifo_fast state 
UP group default qlen 1000
link/ether 00:1f:c6:62:fc:bb brd ff:ff:ff:ff:ff:ff <--ipv6 crap.

Any ipv6 connectivity is at least 100 miles away. So I need a way to shut 
it off so thouroughly that nothing in a ./configure script believes its 
a working connection. Its creating all sorts of hate, discontent and 
general havoc trying to build a tarball because it makes things disable 
ipv4, the only WORKING connectivity my little 7 or 9 machine network, 
all behind dd-wrt anyway, has.

Please advise, we are still in jurrasic park here in WV.


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd

2019-05-25 Thread mick crane 

On 2019-05-25 08:25, Reco wrote:


again no problem here.


Stretch's systemd:

# kill -ILL 1
Message from syslogd@xxx at May 25 10:19:09 ...
 systemd[1]: Caught , dumped core as pid 822.
...
systemd[1]: Freezing execution.


The userspace and the kernel will work after this, but anything that's
related to systemd (including poweroff and shutdown) just hangs.

Seems harmless to me as one needs to be root to send signals to PID 1.


If you are going to kill off processes as root I'd expect things to be 
unhappy.
I once accidentally removed everything from / down and that stopped it 
working as well.


mick

--
Key ID4BFEBB31

Re: [Possibly fake news] [DNG] Linux system can be brought down by sending SIGILL to Systemd

2019-05-25 Thread Curt 
On 2019-05-25,   wrote:
>
> Folks, please double-check that stuff before reposting. I don't want
> the Debian mailing list to become Fakebook or Twitter.
>

Or Der Spiegel.

https://www.theatlantic.com/international/archive/2019/01/der-spiegal-fabrication-scandal-global/579889/

-- 
“Decisions are never really made – at best they manage to emerge, from a chaos
of peeves, whims, hallucinations and all around assholery.” – Thomas Pynchon

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd

2019-05-25 Thread Reco 
Hi.

On Sat, May 25, 2019 at 12:21:07AM +0200, arne wrote:
> On Fri, 24 May 2019 23:43:49 +0200
> arne  wrote:
> 
> > On Fri, 24 May 2019 14:01:35 -0700
> > Fred  wrote:
> > 
> > > Hello,
> > > I subscribe to the Devuan Linux mailing list.  This posting just
> > > arrived and it appears quite important to Debian.
> > > 
> > >  Forwarded Message 
> > > Subject:  [DNG] Linux system can be brought down by sending
> > > SIGILL to Systemd
> > > Date: Fri, 24 May 2019 22:04:34 +0200
> > > From: Martin Steigerwald 
> > > To:   DNG 
> > > 
> > > 
> > > 
> > > Hi!
> > > 
> > > Today in a Linux training a participant attempted to bring down
> > > Debian workstation with Systemd by sending signals to PID 1 as I
> > > invited them to try to bring down PID 1 while thinking for myself
> > > that this would not be possible from my past experiences about
> > > trying to bring down PID 1 – init – myself.  
> > 
> > # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> > ...^C
> > 
> > no problem here
> > kernel 5.1.4 stretch amd64 with systemd
> > 
> 
> Perhaps that test was a little too short so I let it run a little
> longer:
> 
> # while true; do kill -ILL 1 ; echo -n "." ;  sleep 0.5 ; done
> ..^C
> 
> again no problem here.

Stretch's systemd:

# kill -ILL 1
Message from syslogd@xxx at May 25 10:19:09 ...
 systemd[1]: Caught , dumped core as pid 822.
...
systemd[1]: Freezing execution.


The userspace and the kernel will work after this, but anything that's
related to systemd (including poweroff and shutdown) just hangs.

Seems harmless to me as one needs to be root to send signals to PID 1.

> I had no fear to run the script as I use systemd, so I know how to
> use the SysReq keys very well ;)

There's also that /proc/sysrq-trigger in the case the console isn't
accessible.

Reco

Re: I'm a bit confused on how to upgrade to stretch 9.7

2019-05-25 Thread Andrei POPESCU 
On Vi, 25 ian 19, 13:36:37, Kent West wrote:
> 
> The basic difference between upgrade and dist-upgrade is that upgrade
> doesn't remove existing or pull in not-installed stuff, whereas
> dist-upgrade might.

That is true for 'apt-get upgrade/dist-upgrade'. 'apt upgrade' will 
install packages.

> The former is good when you need a box to undergo
> minimal change; the latter is good when you just want things to "work". The
> former is probably more suitable for servers, the latter for end-user
> computers.
> 
> I usually do "dist-upgrade" out of habit (as I spend most of my time on
> end-user computers); but "upgrade" might be, at least theoretically, safer.

On Debian stable 'apt full-upgrade' is almost never necessary[1] if you 
use 'apt upgrade' regularly, the major exception being upgrading to the 
next stable release (of course).

Even on testing or unstable one could use 'apt upgrade' regularly and 
'apt full-upgrade' only when necessary.

[1] I seem to recall that in the cases where it is necessary 'apt' will 
mention "held back packages" and will even suggest to use 
'full-upgrade'.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Recommmended IDE for C++ 17 (gcc8)?

2019-05-25 Thread Georgi Naplatanov 
On 5/25/19 4:04 AM, rhkra...@gmail.com wrote:
> Is anyone here using an IDE for working on C++ code at the revision 17 level 
> (aka gcc8), iiuc.  
> 
> I'm looking for something that will work on Jessie.
> 
> I've been trying to use version 5.3.2 of kdevelop (from a flatpack or 
> whatever 
> they call it) and have been running into problems.  *Maybe* it is because 
> some 
> of the files are using features of C++ 17.

Hi,

if you have a budget for paid software then you can try CLion

https://www.jetbrains.com/clion/specials/clion/clion.html.

The IDE is written in Java so it should work on Jessie.


Kind regards
Georgi