Re: systemd-nspawn + systemd-networkd

[Alexandre Rossi]

Hi,

For the container I need a static address, I know in can be configured
on container side.
Is there a way to do this config only on host side?
Edit a file to bind mac address and ip for example.
Like kvm network or "real" dhcp can do?


There does not seem to be any other option than running a full featured 
DHCP server or configuring networking in the container.


Alex

Re: What is agetty, and why can't it be stopped?

[Brian]

On Sat 08 Jun 2019 at 11:21:50 -0400, Gene Heskett wrote:

> On Saturday 08 June 2019 04:55:45 am to...@tuxteam.de wrote:
> 
> > On Fri, Jun 07, 2019 at 09:44:23PM -0400, Gene Heskett wrote:
> >
> > [...]
> >
> > > But first you need to know the name of the man page. You can't read
> > > it if you don't know its true name...
> >
> > Not a user of systemd here, but... have you ever tried "man -k
> > systemd"?
> >
> No, didn't know it existed Tomas, but howinhell is all that supposed to 
> help?  Must be 3 or 4 screens full.  What we'd need to do is to feed all 
> that to grep to see if the problem child device is mentioned.

No you don't. That is only a way a way of saying you don't have a
glimmer of what you are searching for and cannot be bothered to sort it
out. You do, however, have a plethora of bogus reasons to avoid looking
sensibly at where the suggested help given leads you.

-- 
What a way to run a radio station.
  With apologies to Anonymous.

Re: Can any setting be changed after an "install Buster from scratch"-procedure?

[tomas]

On Sat, Jun 08, 2019 at 07:57:15PM +0200, Erik Josefsson wrote:
> Hello,
> 
> I followed Ken's thread about date format in Thunderbird:
> 
> https://lists.debian.org/debian-user/2019/06/msg00133.html
> 
> and ended up reading about Dot files:
> 
> https://wiki.debian.org/DotFiles
> 
> This was very helpful for me, because I think I can now ask the
> right question:
> 
> Can every setting made with an "install Buster from
> scratch"-procedure (like the one for [Teres-I DIY laptop] available
> at box.redpill.dk) be changed after the install procedure is
> completed?

[...]

If I got right what you want, dpkg-reconfigure is your friend:
locate the package(s) to which the setting belongs which you
want to change, and then call dpkg-reconfigure .

You'll be asked the same questions you were asked at install
time.

You can also give dpkg-reconfigure a (space separated) list of
packages, do do several in a bunch.

Cheers
-- t


signature.asc
Description: Digital signature

Privacy policy of packages/softwares installed in Debian

[npdflr]

Hello,

How can one check the privacy policy for the packages/softwares (which can be 
free or non-free) installed in Debian?



If one is downloading and installing a package from a website then he/she can 
check the privacy policy link on that website.

Example:

-- Skype (https://www.skype.com/en/get-skype/) which has privacy policy: 
https://privacy.microsoft.com/en-US/privacystatement

-- Go programming language (https://golang.org/) which has privacy policy: 
https://policies.google.com/privacy?hl=en



But if one is downloading a package (which may also install dependency 
packages) via terminal or synaptic package manager then how can one check the 
privacy policy of that package?



Thank you.

Can any setting be changed after an "install Buster from scratch"-procedure?

[Erik Josefsson]

Hello,

I followed Ken's thread about date format in Thunderbird:

https://lists.debian.org/debian-user/2019/06/msg00133.html

and ended up reading about Dot files:

https://wiki.debian.org/DotFiles

This was very helpful for me, because I think I can now ask the right 
question:


Can every setting made with an "install Buster from scratch"-procedure 
(like the one for [Teres-I DIY laptop] available at box.redpill.dk) be 
changed after the install procedure is completed?


I mean, can some settings be "hard-coded" by an install procedure?

Or in other words, which settings need to be set correctly during install?

The reason I ask is that, for me, every install from scratch is quite 
time consuming and makes it very hard to check mail and do other basic 
stuff while installing, so if everything can be tinkered with after an 
install, I can probably find out how I want my laptop to be set up 
without an Ethernet connection (which I happen to need for the install 
procedure).


Maybe my my question doesn't make sense, but for me it does, because I 
have now managed to install a fresh new Teres-I image that is available 
at box.redpill.dk, with a result that I hope I "fix", i.e. tinker with 
further to make it into a Swedish laptop.


This is my sequence of commands that brought me here:

1.Prepare image on SD card (done on another fully functional machine):
1.1.  wget http://box.redpill.dk/nonfree/nonfree-teres1-buster-1.0rc2.img.gz
1.2.  gunzip nonfree-teres1-buster-1.0rc2.img.gz
1.3.  sudo cp nonfree-teres1-buster-1.0rc2.img /dev/sda
2. Move SD card to Teres-I, connect ethernet-via-USB-cable, turn on 
machine and follow instructions on screen:

2.1.  sudo box-finalize
2.1.1.  Dialog
2.1.2.  high
2.1.2.  install language support - yes
2.1.2.  Select default language code (none to skip) - none
2.2.  sudo apt update
2.3.  sudo box-add-gui
2.4.  sudo shutdown -h now

I think that is pretty neat! (thank you Jonas!)

I have then started Teres-I again with network via tethering via USB 
turned on from a Galaxy III GT-i9300 mobile phone running LineageOS. 
Somehow Teres-I gets network early enough in the boot process to later 
do the following flawlessly:


sudo apt install aptitude
sudo aptitude update
sudo aptitude upgrade
sudo aptitude autoclean
sudo aptitude install gedit
man gedit

To me it now looks like I have a fully functional laptop, but as I wrote 
above, I need to tinker with it to get it to behave like it is a Swedish 
laptop.


The most wonderful thing is that it looks as if I could do this with 
tethering via USB (with which my DNS-issues seems gone!).


Thanks for helping out!

Best regards.

//Erik

[Teres-I DIY laptop] https://www.olimex.com/Products/DIY-Laptop/

Severe vulnerability in Exim 4.87 through 4.91

[Curt]

https://lwn.net/Articles/790553/

I was actually going to point to another article on the subject, but as
it revealed the exact modus operandi for the (local) exploit (which is
trivial to an extreme) I thought better of it.

-- 
“Decisions are never really made – at best they manage to emerge, from a chaos
of peeves, whims, hallucinations and all around assholery.” – Thomas Pynchon

Re: What is agetty, and why can't it be stopped?

[Gene Heskett]

On Saturday 08 June 2019 10:20:09 am deloptes wrote:

> Gene Heskett wrote:
> > It could be. And the linuxcnc developers/spinners are being made
> > aware of these problem's also.  That particular kernel you see above
> > I will state, has the best latency figures I have ever seen on this
> > particular machine, which with a normal kernel is so horrible I'd
> > never consider actually running a machine with it.  Milliseconds of
> > lag normally. But latency-test shows about 20 microseconds.  So one
> > could even run software stepping, slowly but it would run.  Would be
> > great if the stepping was offloaded to an accessory pci card.
> > Normally we use intel cpu's because their latency-test figures can
> > be as good as 4 microseconds for a puny powered atom board. Intel
> > has of course disco'ed that particular board, and I wish I had
> > bought more of them when they were available.
>
> Did you try running this without systemd? I recall you mentioned
> somewhere you removed it
>
> regards

No. And I doubt there would even be a running system left. I don't think 
I wrote that it had been removed...

I just didn't know that it could be made so pervasive in one swell foop.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What is agetty, and why can't it be stopped?

[Gene Heskett]

On Saturday 08 June 2019 04:55:45 am to...@tuxteam.de wrote:

> On Fri, Jun 07, 2019 at 09:44:23PM -0400, Gene Heskett wrote:
>
> [...]
>
> > But first you need to know the name of the man page. You can't read
> > it if you don't know its true name...
>
> Not a user of systemd here, but... have you ever tried "man -k
> systemd"?
>
No, didn't know it existed Tomas, but howinhell is all that supposed to 
help?  Must be 3 or 4 screens full.  What we'd need to do is to feed all 
that to grep to see if the problem child device is mentioned.

I think we could, but the resultant cli would be too long. Maybe if we 
could nuke the comments and only use the filename? But even then it 
would be over a kilobyte. Even that fails:
gene@coyote:/CoCo/pyDriveWire/config$ grep usbS0 `man -k systemd`
grep: deb-systemd-helper: No such file or directory
(no path to it from the instant `pwd`)
grep: (1p): No such file or directory

And 2 minutes later its still stuck there. But does quit with a ctl-c.
Perhaps the list could be a source for locate? But that would blow up on 
the comments too.

Somewhat past ridiculous, into sublime, but you get my point. I hope.

Thank for educating me about the -k. However, the -K option seems as if 
it may be what is needed. Lets see. No, it doesn't find usbS0.  No help 
there IOW.

But it does find ttyS. In at least 10% of the pages. Thats less than 
usefull.

Nice try, it did look promising. It also would take several hours to grep 
the whole man tree.

> Cheers
> -- t

You too.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What is agetty, and why can't it be stopped?

[deloptes]

Gene Heskett wrote:

> It could be. And the linuxcnc developers/spinners are being made aware of
> these problem's also.  That particular kernel you see above I will
> state, has the best latency figures I have ever seen on this particular
> machine, which with a normal kernel is so horrible I'd never consider
> actually running a machine with it.  Milliseconds of lag normally. But
> latency-test shows about 20 microseconds.  So one could even run
> software stepping, slowly but it would run.  Would be great if the
> stepping was offloaded to an accessory pci card. Normally we use intel
> cpu's because their latency-test figures can be as good as 4
> microseconds for a puny powered atom board. Intel has of course disco'ed
> that particular board, and I wish I had bought more of them when they
> were available.

Did you try running this without systemd? I recall you mentioned somewhere
you removed it

regards

Re: kernel policy vs bug handling (how to followup #919227 ?)

[Andrea Borgia]

Il 08/06/19 12:18, Andrei POPESCU ha scritto:


On Mi, 27 mar 19, 21:22:18, Andrea Borgia wrote:

2) maybe I am not using the proper keywords but I can't seem to find
information on Debian kernel policy, specifically: when does a new kernel
from upstream enter "unstable"?


Usually quite soon after the upstream kernel is released as "stable".

During the freeze only packages meant for the next stable should be
uploaded to unstable (as per Release Team policy), so new versions might
go to experimental or not be packaged at all until after the release.


"Unstable" still has 4.19 whereas 5.0.x and 5.1.x are marked as stable 
upstream, so I guess we'll see them in the next release.


Thanks,
Andrea.

Re: kernel policy vs bug handling (how to followup #919227 ?)

[Andrei POPESCU]

On Mi, 27 mar 19, 21:22:18, Andrea Borgia wrote:
> Hi.
> 
> In an earlier post[1] I mentioned an ACPI LID issue with my laptop, which
> has been fixed in the current 5.x series[2].
> 
> My questions:
> 
> 1) other than commenting on my own bugreport[3] with this information,
> should I do anything else, like closing it or adding some special tags? As
> far as current "testing" branch is concerned, this bug is still present,
> unless you install a kernel from "experimental"[4] or upstream.

If there is a fixed version in Debian you can mark the bug accordingly.

> 2) maybe I am not using the proper keywords but I can't seem to find
> information on Debian kernel policy, specifically: when does a new kernel
> from upstream enter "unstable"?

Usually quite soon after the upstream kernel is released as "stable".

During the freeze only packages meant for the next stable should be 
uploaded to unstable (as per Release Team policy), so new versions might 
go to experimental or not be packaged at all until after the release.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: What is agetty, and why can't it be stopped?

[Jonathan Dowland]

On Sat, Jun 08, 2019 at 11:04:54AM +0200, Étienne Mollier wrote:

I count 182 systemd related manual pages on my Sid machine.
Fortunately, among the lot, there is :

systemd.index (7)- List all manpages from the systemd project

Sadly, it is not referenced in the systemd(1) SEE ALSO section,
which I would tend to consider the intuitive starting point of
any person interested in knowing more about how to handled the
arcane of this init process.


I agree with both: it should probably be added to the main entry
point's SEE ALSO section. That would likely be a very simple patch,
which I might attempt myself if I have some time.

--

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Jonathan Dowland
⢿⡄⠘⠷⠚⠋⠀ https://jmtd.net
⠈⠳⣄ Please do not CC me, I am subscribed to the list.

Re: What is agetty, and why can't it be stopped?

[Étienne Mollier]

On 6/8/19 10:55 AM, to...@tuxteam.de wrote:
> On Fri, Jun 07, 2019 at 09:44:23PM -0400, Gene Heskett wrote:
> 
> [...]
> 
>> But first you need to know the name of the man page. You can't read it if 
>> you don't know its true name...
> 
> Not a user of systemd here, but... have you ever tried "man -k systemd"?
> 
> Cheers
> -- t
> 

Good Day (or night, depending on your TZ),

I was writing a not about `apropos`, but you fired faster than
myself.  ;-)

I count 182 systemd related manual pages on my Sid machine.
Fortunately, among the lot, there is :

systemd.index (7)- List all manpages from the systemd project

Sadly, it is not referenced in the systemd(1) SEE ALSO section,
which I would tend to consider the intuitive starting point of
any person interested in knowing more about how to handled the
arcane of this init process.  systemd.index(7) alone is almost
1500 lines long in the meantime, but it references some manual
pages that are not listed by `apropos`.

Kind Regards,
-- 
Étienne Mollier 

Re: What is agetty, and why can't it be stopped?

[tomas]

On Fri, Jun 07, 2019 at 09:44:23PM -0400, Gene Heskett wrote:

[...]

> But first you need to know the name of the man page. You can't read it if 
> you don't know its true name...

Not a user of systemd here, but... have you ever tried "man -k systemd"?

Cheers
-- t


signature.asc
Description: Digital signature

Re: What is agetty, and why can't it be stopped?

[Gene Heskett]

On Saturday 08 June 2019 01:18:21 am deloptes wrote:

> Gene Heskett wrote:
> > BOOT_IMAGE=/vmlinuz-4.9.0-9-rt-amd64
> > root=UUID=0e698024-1cf3-4dbc-812d-10552c01caab ro
>
> Gene,
> I can barely follow your problems with Stretch. I am just amazed how
> this could be that hard. I was wondering if you possibly copied
> configurations from your jessie, or is it related to the linuxcnc
> distro.
>
It could be. And the linuxcnc developers/spinners are being made aware of 
these problem's also.  That particular kernel you see above I will 
state, has the best latency figures I have ever seen on this particular 
machine, which with a normal kernel is so horrible I'd never consider 
actually running a machine with it.  Milliseconds of lag normally. But 
latency-test shows about 20 microseconds.  So one could even run 
software stepping, slowly but it would run.  Would be great if the 
stepping was offloaded to an accessory pci card. Normally we use intel 
cpu's because their latency-test figures can be as good as 4 
microseconds for a puny powered atom board. Intel has of course disco'ed 
that particular board, and I wish I had bought more of them when they 
were available.

But we normally need more than the 17 lines we can get from a parport to 
do a good job of controlling things. To that end a Mesa 5i25 card in a 
pci slot, can give us 34 control lines on 2 breakout boards, or sub a 
Mesa 7i76 for one of the breakouts which gives us up to 4 stepper 
drivers, 16 other outputs heavy enough to drive small relays, 1 3 line 
ABZ encoder input and 32 other inputs, more than enough to control a 
tool changer, work pallet loaders, whatever we can dream up. And for 
carving furniture parts, some of the jigs can get pretty complex with 
their own motors to be controlled.

> Last time I had massive issues was at the time of woody-sarge-edge.

Thats a while back. Wheezy has been great for us, but all good things 
must come to and end, if only because newer hardware demands it.

So we are having growing pains, some of which are directly related to our 
realtime kernel needs. And there have been times in the past where we've 
had to disable PAE on 32 bit installs because the PAE latency was bad, 
same for a full 64 bit install, the bigger stack frame = lots more 
latency. Linuxcnc itself is growing as we find and fix bugs and add 
abilities. Since it can control virtually any machine, it is more 
complex than the commercial offerings designed for a single machine.  
Not well known, the utube videos have been taken down, but Toys TRO 
engines are (or were, they've been secretive about it) carved from a 
solid block of alu by linuxcnc. No commercial software can do that 
without moving the partially carved engine block around to other 
machines to do a specific operation. Capable of running a 9 axis 
machine, its was at one time considered munitions subject to export 
controls.

> regards


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: unattended-upgrades downloaded package information only from the sources in sources.list.d directory ignoring sources.list file

[Martin T]

> I did some further debugging and it is the
> /usr/lib/apt/apt.systemd.daily script executed by apt-daily systemd
> service unit which updates the package index from the sources:

I configured cron with one minute interval to log the output of "apt
policy" with a timestamp into a log file in order to understand when
exactly the repository list is messed up. Turns out, that
/usr/lib/apt/apt.systemd.daily script executed by apt-daily systemd
service unit does not mess up the repository list. It happened between
"Sat Jun  8 06:25:01 UTC 2019" and "Sat Jun  8 06:26:01 UTC 2019".
When I check the logs for 06:00 to 06:30 time-period, then following
was logged:

$ sudo journalctl --since "2019-06-08 06:00:00" --until "2019-06-08 06:30:00"
-- Logs begin at Mon 2019-05-13 19:38:07 UTC, end at Sat 2019-06-08
08:11:24 UTC. --
Jun 08 06:25:04 vps systemd[1]: Reloading The Apache HTTP Server.
Jun 08 06:25:05 vps systemd[1]: Reloaded The Apache HTTP Server.
Jun 08 06:25:05 vps liblogging-stdlog[556]:  [origin
software="rsyslogd" swVersion="8.24.0" x-pid="556"
x-info="http://www.rsyslog.com";] rsyslogd was HUPed
$

What and why is sending those signals to processes? Could it somehow
affect the repository list..?


thanks,
Martin

Re: UEFI beginner questions

[Joe]

On Fri, 7 Jun 2019 22:46:02 -0400
tuulen  wrote:

> Hi,
> I am an ordinary GUI and mouse computer user, not a command line
> user.  But I want to get away from both Apple and Microsoft.  I spent
> a lot of time looking into Linux, Unix, BSD, and eventually I
> discovered Debian.  And because I like to know the details of what I
> am doing I also discovered that I just naturally like Debian, too, as
> Debian is built upon explanations, fine with me!
> 
> I was in the process of partitioning my hard drive to install Debian
> when I encountered a couple of UEFI complications.  My HP Laptop with
> Windows 10 does not offer a way to disable the "secure boot" feature
> of UEFI, so that makes Debian off limits.  Then I went to the HP
> website but almost all of the available HP desktops and laptops have
> Windows 10, with presumably the same useless UEFI that I now have,
> and I did not see any Linux-compatible HP computers as available.

I bought an Acer netbook about eight months ago, with Win10 installed.
It is UEFI only, no legacy boot. The standard Debian stable netinstall
image booted fine, and installed a dual boot system alongside Win10. The
current Debian stable can use UEFI. I saw no reference to secure boot,
though I've no doubt it will be enforced in another year or two.

-- 
Joe

Re: UEFI beginner questions

[Pascal Hambourg]

Le 08/06/2019 à 04:46, tuulen a écrit :


I was in the process of partitioning my hard drive to install Debian when I
encountered a couple of UEFI complications.  My HP Laptop with Windows 10
does not offer a way to disable the "secure boot" feature of UEFI, so that
makes Debian off limits.


I am surprised that the firmware does not offer a way to disable secure 
boot (sometimes the procedure is rather tedious). This means that legacy 
boot is not supported either.


Note that Buster, the next Debian version which is expected to be 
released soon, supports UEFI secure boot.