Re: is it possible run 32-bit app on 64-bit amd system??

[Erik Christiansen]

On 13.08.19 07:47, rhkra...@gmail.com wrote:
> On Monday, August 12, 2019 10:56:22 PM riveravaldez wrote:
> > >> btw which option should i add to mplayer command line
> > >> so that it play only audio part (not video part)  of a file?
> > 
> > $ mplayer -novideo file
> 
> I'm in a strange mood today (I end up here often) -- I like to see things 
> like 
> that written as:
> 
> mplayer -novideo 
> 
> or 
> 
> mplayer -novideo 
> 
> It makes it more clear what is "fixed text" and what is a variable / 
> parameter.

Yes, to those of us who have done a bit of reading, especially from the
days when clarity of written expression was more highly valued. (Or at
least given greater formality.)

But not everyone has been exposed to the above long and widely established
substitute for italics or similar to denote non-literal text, so your
"teaching moment" is an act of generosity.

Erik

Re: dbus-deamon avoiding reboot after upgrade

[john doe]

Hi Rico, and thanks for your answer.

On 8/13/2019 9:25 PM, Reco wrote:
> On Tue, Aug 13, 2019 at 08:07:49PM +0200, john doe wrote:
>> I have no plan to reboot that server, what are the pros and cons of not
>> doing that
>
> Pro: keeping uptime
> Con: keeping previous, possibly buggy, version for dbus running.
>
>> or how can I avoid rebooting altogether?
>
> dbus is not mandatory and is redundant for typical server software.
> If you don't need it - just uninstall it. Simple as that.
>

okay, dbus is only required when a DE (Gnome,Mate, ...) is present.
If I'm correct, and given the fact that I don't use a DE, I could look
at safely remove it?

In other words, why is dbus a dependency when no DE is installed or what
are the corner cases when dbus is needed without a DE.

--
John Doe

Re: Arrow annotation in GIMP.

[Cindy-Sue Causey]

On 8/13/19, pe...@easthope.ca  wrote:
> 
> Can anyone recommend a means for adding an arrow to 
> an image in GIMP?
> 
> The article here describes something called ArrowsCreator.
> https://graphicdesign.stackexchange.com/questions/44797/how-do-i-insert-arrows-into-a-picture-in-gimp
> Is it advisable?
> 
> Any other recommendations?


Hi, Peter.. I played with this a little bit and also installed a font
viewer which was already a to-do item. Gnome-font-viewer. Super simple.
It apparently opens up in the font directory.

Dingbats had a few various arrows. The file I found for it has Adobe's
name on it, adobe-dingbats, but I can't figure out when it's pulled
into my debootstraps. It should be from the main repository, most
likely.

If that Adobe name is a deal-breaker because of e.g. copyrights or
something, your webpage there reminded me that you can do a key
combination that lets you draw a PERFECT straight line.

I just tested it with the "pencil tool" and one of the acrylic
"brushes" for its tip. That gave it a "chalkboard chalk" outer edge.
The star brush gives you kind of a sawtooth look, by the way. :)

My sample came out well enough that I added it as my own brush, grin.
Their instructions worked just as written there. I'd forgotten we can
create our own brushes.

Mine's imperfectly shaped using that option of clicking the first
point, next click AND HOLD "shift" then click your second point... And
move-cursor-&-click and move-cursor-&-click until you get whatever shape
you want then release the shift key when you're finished.

If you do freehand but still want it symmetrical, you could draw the
first half, copy & paste a copy, flip that copy, and line it up to make
the whole arrow.

Have fun!

Cindy :)

PS My apologies if this reply warps anything. I'm replying through the
Lists webpage to see if that works properly on my end.

For one thing, I haven't seen a line count toggle anywhere (yet). It's
bringing up memories of a thread about that very topic from quite a
while back. :)

-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with birdseed *

Re: GRUB command line

[Charlie]

Received from Pascal on Tue, 13 Aug 2019 23:41:59 +0200 Re:
GRUB command line

> Le 11/08/2019 à 22:54, Russell L. Harris a écrit :
> > On Sun, Aug 11, 2019 at 09:09:26PM +0200, Pascal Hambourg wrote:  
> >> Le 11/08/2019 à 19:38, Finariu Florin a écrit :  
> >>> Hi everyone,Can you tell me where I find the step by step 
> >>> installation of Debian 10 with GRUB Command line?I'm in Debian
> >>>   UEFI installer mode.  
> >> What do you mean by "installation of Debian 10 with GRUB Command
> >>line" ?  
> 
> The OP sent me a private mail with a screen shot showing the Debian
>   UEFI installer boot menu with the text "C: GRUB Command line"
>   highlighted.
> 
> GRUB command line is GRUB shell, not a POSIX Linux shell such as ash
>   or bash. You cannot use it to do a full step by step
>   installation of Debian in debootstrap style, only the first
>   step (boot the installer kernel and initramfs). All you can
>   do is start the installation like you would do with a menu
>   entry. But I do not see the point of using GRUB shell to
>   start an installation instead of using a menu entry. If you
>   need to change some settings, it is easier to edit a menu
>   entry with "e".
> 
> > Perhaps he means how to boot Debian 10 with the GRUB command line.
> > I, too, am interested in this answer, because I just
> > installed Debian 10 on a UEFI system and "grub dummy"
> > failed,  
> 
> Was there a more detailed error message than "grub dummy failed" in
>   the installer console or in the log console (tty4) ?
> 
> > so now I need to learn how
> > to boot the system, starting with the GRUB prompt.  
> 
> Are you talking about the GRUB prompt of the installer or the GRUB 
> prompt of the installed system ?

I tried this on the installed system, which gave me a grub > prompt,
with Buster, but didn't know where to go from there either.

Grub would not install on the hard drive, so didn't know where to get
it to install at the grub > prompt.

It didn't matter for me, because I changed a few things in the BIOS and
then installed again.

Charlie


East Gippsland Wildlife Rehabilitators Inc..
 http://www.egwildlife.com.au/

-- 
Registered Linux User:- 329524
***

Force without wisdom falls of its own weightHorace

***

Debian GNU/Linux - Magic indeed.

-

Re: Shimming HTTP to HTTPS.

[peter]

Sorry for the late reply.

From: David Wright
Date: Sun, 28 Jul 2019 19:40:04 -0500
> You read postings on the web with a browser. When you want to reply,
> you open a composition window and paste in the To/Cc/Subject headers
> from the web page.

Correct.

> But the point is that Message-ID:s, In-Reply-To:s and References:
> in *emails* are not URLs, but , even though their text
> is used to mark links on the web page.

OK, thanks.  For the In-Reply-To above I omitted the link string.
Hopefully I got the right message.

> Bingo. Then it looks as if all my guesses in
> https://lists.debian.org/debian-user/2019/07/msg01343.html
> were basically correct.

Yes.  My worst error, which spoiled the References, was to omit < and >. 

> > https://en.wikibooks.org/wiki/Oberon#Getting_Started and references 
> > there.
> 
> I looked at that page some while back. Without seeing it in action,
> I think I'd have difficulty in recommending any software suitable
> for it ...

It's self contained.  The entire MUA in one module.
Nothing to add; just install and use.

> If you're typing (or pasting) the references, ...

One mouse action does copy and paste.

> I would just add
> the In-Reply-To instead. That way, you can Cut/Copy the original's
> 
>   Message-ID: 
> 
> Paste the line untouched, then edit *just* these characters:
> 
>   Message-ID:change intoIn-Reply-To:
> 
> which will make your message thread correctly.

OK.  Will see the result with In-Reply-To only for this message.

Thanks,  ... Peter E.



-- 
https://en.wikibooks.org/wiki/Oberon
Tel: +1 604 670 0140Bcc: peter at easthope. ca

Re: Secure Shell refuses to accept connections from anyone

[Keith Steensma]

On 8/13/2019 5:29 PM, Keith Steensma wrote:



On 8/13/2019 1:16 PM, Michael Howard wrote:

On 13/08/2019 18:40, Keith Steensma wrote:



On 8/13/2019 11:35 AM, Michael Howard wrote:

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.



Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.
Yes that works ( ssh -l  localhost ).  So that means it 
has to

do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether 
there's

a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating 
its own

and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone 
amiss


This has happened to me a couple of times. Regenerating and 
converting solved the problem.
It may be wrong, but I'm using putty where putty does not supply a 
username or a 'key'.  I'm using it just as
a terminal (does someone have an alternate suggestion).  I agree, 
putty gets along with OpenSSH is a
 'almost' fashion.  If you convert your 'key' in the right way.  I 
have been using mine a long time just because

it takes a while to get it to work correctly.

What is your 'PasswordAuthentication' setting? If this is 'No', you 
must use keys and so will see errors similar to yours.

--
Mike Howard

I'm going to keep your name in my  book of experts.
Well, it turns out that all is not solved.  As long as the linux machine 
and and a Windows machine are isolated and each is running a static IP, 
everything works (no internet connection) and a normal user and 'root' 
can log in just fine.  But the minute I add a internet connection (and 
gateway IP) everything goes back the way it was with the normal user  
getting a "Access denied" error and another request for a password and 
root (with a good putty configured 'key') getting a 'Server refused our 
key' and a "Access denied' error' followed by a 'request for a new 
password.

You asked for a copy of my sshd_config file, so here it is (below my name)
I sure do hope that you can find a error in there that will explain things.
The auth.log has nothing in it and the putty log has nothing other than 
the authentication and the password both failed.  I suppose that may 
mean that the putty key pair is bad (and I guess I will have to generate 
a new pair and proof it again my one and only working machine just to 
make sure).

Hope you come up with something.

Thanks for your help so far.  Keith

Keith
===
#   $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO
LogLevel VERBOSE

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no


# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)

Arrow annotation in GIMP.

[peter]

Hi, 

Can anyone recommend a means for adding an arrow to 
an image in GIMP?

The article here describes something called ArrowsCreator.
https://graphicdesign.stackexchange.com/questions/44797/how-do-i-insert-arrows-into-a-picture-in-gimp
Is it advisable?

Any other recommendations?

Thanks,   ... P.



-- 
https://en.wikibooks.org/wiki/Oberon
Tel: +1 604 670 0140Bcc: peter at easthope. ca

NOM-035 Patrones deben evitar el ESTRES LABORAL

[Angelica Campos Garcia]

Mitos y realidades de la nueva NOM-035 que entra en vigor en 2 meses.

Workshop
ESTRATEGIAS 4.0 para 
EMPRESAS 100% SALUDABLES
Incluye cómo cumplir con la Nueva NOM-035

Monterrey, N.L. – 06 de Septiembre 2019
Guadalajara, Jal. – 13 de Septiembre 2019 
Ciudad de México – 20 de Septiembre 2019

PARTICIPA EN ESTE ENTRENAMIENTO Y CONOCE TODO ACERCA DEL RIESGO PSICOSOCIAL 
(NOM-035) Y EL IMPACTO NEGATIVO QUE PUEDE TENER EN LA PRODUCTIVIDAD Y EL 
RENDIMIENTO DE TUS COLABORADORES.

OJO: NORMA VIGENTE A PARTIR DEL 23 DE OCTUBRE 2019


Favor de enviar mayores informes referente al Worshop Estrategias 4.0 para 
Empresas 100% Saludables – Incluye cómo cumplir la Nueva NOM-035 – con atención 
personalizada para:

Nombre:
Empresa:
Teléfono:
Sede:
(  ) Monterrey, N.L. – 06 de Septiembre 2019
(  ) Guadalajara, Jal. – 13 de Septiembre 2019 
(  ) Ciudad de México – 20 de Septiembre 2019
Número de personas interesadas: 

O para mayor información comuníquese directamente a nuestros números:

01-800-890-86-65
(33) 36-32-63-11
(Contamos con más de 12 líneas para usted)


















Este boletín de información tiene como objetivo crear valor en usted y en su 
Organización, si desea dejar de recibir este tipo de información favor de 
contestar BAJANOM035JJ o en su defecto en el enlace que viene posteriormente.
unsubscribe from this list

NOM-035 Patrones deben evitar el ESTRES LABORAL

[Angelica Campos Garcia]

Mitos y realidades de la nueva NOM-035 que entra en vigor en 2 meses.

Workshop
ESTRATEGIAS 4.0 para 
EMPRESAS 100% SALUDABLES
Incluye cómo cumplir con la Nueva NOM-035

Monterrey, N.L. – 06 de Septiembre 2019
Guadalajara, Jal. – 13 de Septiembre 2019 
Ciudad de México – 20 de Septiembre 2019

PARTICIPA EN ESTE ENTRENAMIENTO Y CONOCE TODO ACERCA DEL RIESGO PSICOSOCIAL 
(NOM-035) Y EL IMPACTO NEGATIVO QUE PUEDE TENER EN LA PRODUCTIVIDAD Y EL 
RENDIMIENTO DE TUS COLABORADORES.

OJO: NORMA VIGENTE A PARTIR DEL 23 DE OCTUBRE 2019


Favor de enviar mayores informes referente al Worshop Estrategias 4.0 para 
Empresas 100% Saludables – Incluye cómo cumplir la Nueva NOM-035 – con atención 
personalizada para:

Nombre:
Empresa:
Teléfono:
Sede:
(  ) Monterrey, N.L. – 06 de Septiembre 2019
(  ) Guadalajara, Jal. – 13 de Septiembre 2019 
(  ) Ciudad de México – 20 de Septiembre 2019
Número de personas interesadas: 

O para mayor información comuníquese directamente a nuestros números:

01-800-890-86-65
(33) 36-32-63-11
(Contamos con más de 12 líneas para usted)


















Este boletín de información tiene como objetivo crear valor en usted y en su 
Organización, si desea dejar de recibir este tipo de información favor de 
contestar BAJANOM035JJ o en su defecto en el enlace que viene posteriormente.
unsubscribe from this list

Re: Secure Shell refuses to accept connections from anyone

[Keith Steensma]

On 8/13/2019 1:16 PM, Michael Howard wrote:

On 13/08/2019 18:40, Keith Steensma wrote:



On 8/13/2019 11:35 AM, Michael Howard wrote:

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.



Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.

Yes that works ( ssh -l  localhost ).  So that means it has to
do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its 
own

and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone 
amiss


This has happened to me a couple of times. Regenerating and 
converting solved the problem.
It may be wrong, but I'm using putty where putty does not supply a 
username or a 'key'.  I'm using it just as
a terminal (does someone have an alternate suggestion).  I agree, 
putty gets along with OpenSSH is a
 'almost' fashion.  If you convert your 'key' in the right way. I 
have been using mine a long time just because

it takes a while to get it to work correctly.

What is your 'PasswordAuthentication' setting? If this is 'No', you 
must use keys and so will see errors similar to yours.

--
Mike Howard

I'm going to keep your name in my  book of experts.

Re: Secure Shell refuses to accept connections from anyone

[Keith Steensma]

On 8/13/2019 1:16 PM, Michael Howard wrote:

On 13/08/2019 18:40, Keith Steensma wrote:



On 8/13/2019 11:35 AM, Michael Howard wrote:

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.



Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.

Yes that works ( ssh -l  localhost ).  So that means it has to
do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its 
own

and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone 
amiss


This has happened to me a couple of times. Regenerating and 
converting solved the problem.
It may be wrong, but I'm using putty where putty does not supply a 
username or a 'key'.  I'm using it just as
a terminal (does someone have an alternate suggestion).  I agree, 
putty gets along with OpenSSH is a
 'almost' fashion.  If you convert your 'key' in the right way. I 
have been using mine a long time just because

it takes a while to get it to work correctly.

What is your 'PasswordAuthentication' setting? If this is 'No', you 
must use keys and so will see errors similar to yours.

--
Mike Howard
Apparently I was saying  'NO' because the line was still commented out 
(default was 'NO'?) Now it changed to 'YES'


Well Sir:
You get the Silver Dollar.  It works  Now how do I deliver it to you.  
By  carrier pigeon.  Would that be alright?

Keith

Re: GRUB command line

[Pascal Hambourg]

Le 11/08/2019 à 22:54, Russell L. Harris a écrit :

On Sun, Aug 11, 2019 at 09:09:26PM +0200, Pascal Hambourg wrote:

Le 11/08/2019 à 19:38, Finariu Florin a écrit :
Hi everyone,Can you tell me where I find the step by step 
installation of Debian 10 with GRUB Command line?I'm in Debian UEFI 
installer mode.

What do you mean by "installation of Debian 10 with GRUB Command line" ?


The OP sent me a private mail with a screen shot showing the Debian UEFI 
installer boot menu with the text "C: GRUB Command line" highlighted.


GRUB command line is GRUB shell, not a POSIX Linux shell such as ash or 
bash. You cannot use it to do a full step by step installation of Debian 
in debootstrap style, only the first step (boot the installer kernel and 
initramfs). All you can do is start the installation like you would do 
with a menu entry. But I do not see the point of using GRUB shell to 
start an installation instead of using a menu entry. If you need to 
change some settings, it is easier to edit a menu entry with "e".



Perhaps he means how to boot Debian 10 with the GRUB command line.  I,
too, am interested in this answer, because I just installed Debian 10
on a UEFI system and "grub dummy" failed,


Was there a more detailed error message than "grub dummy failed" in the 
installer console or in the log console (tty4) ?



so now I need to learn how
to boot the system, starting with the GRUB prompt.


Are you talking about the GRUB prompt of the installer or the GRUB 
prompt of the installed system ?

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 15:03:53 Lee wrote:

> On 8/13/19, Gene Heskett  wrote:
> > On Tuesday 13 August 2019 02:24:34 deloptes wrote:
> >> Gene Heskett wrote:
> >> > Its good that we can fix it, BUT IF you are going to restrict
> >> > where we keep logfiles like this then FIX the /var/log perms so
> >> > that fetchmail, procmail, spamassassin, clamav and its ilk,
> >> > running as the user can access /var/log to keep its logs. 
> >> > Debian's legendary paranoia about who can write a log in /var/log
> >> > has long since forced most of us that want that log, into moving
> >> > it to /home/username/log and reprogramming logrotate to maintain
> >> > it there years ago.
> >>
> >> So why should user be able to write in /var/log? It is the systems
> >> log directory not the users.
> >
> > I don't have a beef with that. My beef is that there has been no
> > effort to make it easy for the user to take care of his own logs,
> > and now systemd wants to disable housekeeping the only sensible
> > place for a user to keep his logs in. And I totally fail to see how
> > that level of paranoia can be justified.
> >
> >> I am not aware of any program I've been using
> >> for the past 15y that would have a problem writing in /var/log
> >
> > Then tell me how fetchmail, procmail, clamav or spamd running as me,
> > can keep their logs in /var/log, the permissions just aren't there
> > after a reboot.
>
> I had the same problem with /var/log file permissions being reset so,
> for bind, I made a /var/log/bind, set the permissions on the directory
> & changed bind to log to /var/log/bind/named.log
>
I don't use bind, haven't touched it since it was attacked at RH6.2, in 
what, 2001? decade+ ago. I don't even think its installed. yes it is but 
its not running. In that case I sensed something wrong and rebooted the 
machine before he could clean up his tracks, then kept a list as I 
housecleaned, and sent it to his ISP along with a nastygram. 10 minutes 
later his address disappeared from the logs never to appear again.  
Since then I've only run hosts based systems. dnsmasq in the router, no 
avahi or dhcp findable & the only dns address in any machine this side 
of the router is the router. If the router doesn't have it in the cache, 
it queries the ISP.  Its all attack-proof, and it all Just Works.

Theres lots of ways to skin that cat but I always start by making sure 
its well and truly dead. :)

> ^shrug^ probably not The Right Way To Do It, but it works & I'm happy.

Didn't work here, didn't dig deep enough to find out why. I maybe could 
have made it work, but since it was  my logs, why not just move them to 
~/log ?  So I did, but stretches renewed paranoia just had to screw 
something up. Hopefully these changes will work.

> If you make a /var/log/mail & configure fetchmail, procmail, etc. to
> log there it'll probably work
>
> Regards,
> Lee


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 15:03:53 Lee wrote:

> On 8/13/19, Gene Heskett  wrote:
> > On Tuesday 13 August 2019 02:24:34 deloptes wrote:
> >> Gene Heskett wrote:
> >> > Its good that we can fix it, BUT IF you are going to restrict
> >> > where we keep logfiles like this then FIX the /var/log perms so
> >> > that fetchmail, procmail, spamassassin, clamav and its ilk,
> >> > running as the user can access /var/log to keep its logs. 
> >> > Debian's legendary paranoia about who can write a log in /var/log
> >> > has long since forced most of us that want that log, into moving
> >> > it to /home/username/log and reprogramming logrotate to maintain
> >> > it there years ago.
> >>
> >> So why should user be able to write in /var/log? It is the systems
> >> log directory not the users.
> >
> > I don't have a beef with that. My beef is that there has been no
> > effort to make it easy for the user to take care of his own logs,
> > and now systemd wants to disable housekeeping the only sensible
> > place for a user to keep his logs in. And I totally fail to see how
> > that level of paranoia can be justified.
> >
> >> I am not aware of any program I've been using
> >> for the past 15y that would have a problem writing in /var/log
> >
> > Then tell me how fetchmail, procmail, clamav or spamd running as me,
> > can keep their logs in /var/log, the permissions just aren't there
> > after a reboot.
>
> I had the same problem with /var/log file permissions being reset so,
> for bind, I made a /var/log/bind, set the permissions on the directory
> & changed bind to log to /var/log/bind/named.log
>
> ^shrug^ probably not The Right Way To Do It, but it works & I'm happy.
>
> If you make a /var/log/mail & configure fetchmail, procmail, etc. to
> log there it'll probably work
>
ISTR I tried that, making mail's owner and group both me. Didn't work, 
error was no permission, I assume because parent log was owned by 
root:root.

I tried chmod 0777, which did work, till the next reboot at which point 
it was reset to 0640 again.


> Regards,
> Lee


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

On Tue, Aug 13, 2019 at 08:07:49PM +0200, john doe wrote:
> I have no plan to reboot that server, what are the pros and cons of not
> doing that

Pro: keeping uptime
Con: keeping previous, possibly buggy, version for dbus running.

> or how can I avoid rebooting altogether?

dbus is not mandatory and is redundant for typical server software.
If you don't need it - just uninstall it. Simple as that.

Reco

Re: Error with logrotate.

[Lee]

On 8/13/19, Gene Heskett  wrote:
> On Tuesday 13 August 2019 02:24:34 deloptes wrote:
>
>> Gene Heskett wrote:
>> > Its good that we can fix it, BUT IF you are going to restrict where
>> > we keep logfiles like this then FIX the /var/log perms so that
>> > fetchmail, procmail, spamassassin, clamav and its ilk, running as
>> > the user can access /var/log to keep its logs.  Debian's legendary
>> > paranoia about who can write a log in /var/log has long since forced
>> > most of us that want that log, into moving it to /home/username/log
>> > and reprogramming logrotate to maintain it there years ago.
>>
>> So why should user be able to write in /var/log? It is the systems log
>> directory not the users.
>
> I don't have a beef with that. My beef is that there has been no effort
> to make it easy for the user to take care of his own logs, and now
> systemd wants to disable housekeeping the only sensible place for a user
> to keep his logs in. And I totally fail to see how that level of
> paranoia can be justified.
>
>> I am not aware of any program I've been using
>> for the past 15y that would have a problem writing in /var/log
>
> Then tell me how fetchmail, procmail, clamav or spamd running as me, can
> keep their logs in /var/log, the permissions just aren't there after a
> reboot.

I had the same problem with /var/log file permissions being reset so,
for bind, I made a /var/log/bind, set the permissions on the directory
& changed bind to log to /var/log/bind/named.log

^shrug^ probably not The Right Way To Do It, but it works & I'm happy.

If you make a /var/log/mail & configure fetchmail, procmail, etc. to
log there it'll probably work

Regards,
Lee

Re: Secure Shell refuses to accept connections from anyone

[Michael Howard]

On 13/08/2019 18:40, Keith Steensma wrote:



On 8/13/2019 11:35 AM, Michael Howard wrote:

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.



Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.

Yes that works ( ssh -l  localhost ).  So that means it has to
do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its own
and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone amiss


This has happened to me a couple of times. Regenerating and 
converting solved the problem.
It may be wrong, but I'm using putty where putty does not supply a 
username or a 'key'.  I'm using it just as
a terminal (does someone have an alternate suggestion).  I agree, 
putty gets along with OpenSSH is a
 'almost' fashion.  If you convert your 'key' in the right way.  I 
have been using mine a long time just because

it takes a while to get it to work correctly.

What is your 'PasswordAuthentication' setting? If this is 'No', you must 
use keys and so will see errors similar to yours.


--
Mike Howard

dbus-deamon avoiding reboot after upgrade

[john doe]

Hi,

While upgrading the dbus deamon, I get the following:

"A reboot is required to replace the running dbus-daemon.
Please reboot the system when convenient."


I have no plan to reboot that server, what are the pros and cons of not
doing that or how can I avoid rebooting altogether?

--
John Doe

Re: Secure Shell refuses to accept connections from anyone

[john doe]

On 8/13/2019 7:40 PM, Keith Steensma wrote:
>
>
> On 8/13/2019 11:35 AM, Michael Howard wrote:
>> On 13/08/2019 16:31, Joe wrote:
>>> On Tue, 13 Aug 2019 15:28:04 +0200
>>>  wrote:
>>>
 On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:
>
> On 8/12/2019 4:00 PM, elvis wrote:
>> On 12/8/19 11:23 pm, Keith Steensma wrote:
>>> The same thing happens if I fill in 'root' as the login even
>>> though a 'root' login is not permitted in the default
>>> 'sshd_config' configuration.  Even when I change the
>>> configuration to allow for 'root' login, 'root' can never login.
>>>
>>
>> Try a local ssh login to see if it rules out network problems. As
>> in ssh localhost.  or ssh -l  localhost. If it is your
>> network getting in the way it may
>> rule that out.
> Yes that works ( ssh -l  localhost ).  So that means it has to
> do with the network connections.
 Not necessarily. It can be the client, too (your PuTTY). You didn't
 describe the error message in detail (perhaps it is too unspecific,
 GUI clients tend to be like that), but perhaps PuTTY has some
 "verbose" option you can activate. Then you may infer whether there's
 a hole in the net or whether just client and server don't get along
 with each other.

>>> It is some years since I used PuTTY regularly, but I seem to recall
>>> that it didn't use OpenSSH-type keys and insisted on generating its own
>>> and providing a conversion to an OpenSSH key, which then had to be
>>> placed on the server. Is it possible this procedure may have gone amiss
>>
>> This has happened to me a couple of times. Regenerating and converting
>> solved the problem.
> It may be wrong, but I'm using putty where putty does not supply a
> username or a 'key'.  I'm using it just as
> a terminal (does someone have an alternate suggestion).  I agree, putty
> gets along with OpenSSH is a
>  'almost' fashion.  If you convert your 'key' in the right way.  I have
> been using mine a long time just because
> it takes a while to get it to work correctly.
>

I don't understand how you are connecting to your server if you don't
use username/pwd or identityfile and what do you mean by "terminal"?

In this thread, some putty alternative were suggested if that is what
you are asking.

--
John Doe

Re: Secure Shell refuses to accept connections from anyone

[Keith Steensma]

On 8/13/2019 11:35 AM, Michael Howard wrote:

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.



Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.

Yes that works ( ssh -l  localhost ).  So that means it has to
do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its own
and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone amiss


This has happened to me a couple of times. Regenerating and converting 
solved the problem.
It may be wrong, but I'm using putty where putty does not supply a 
username or a 'key'.  I'm using it just as
a terminal (does someone have an alternate suggestion).  I agree, putty 
gets along with OpenSSH is a
 'almost' fashion.  If you convert your 'key' in the right way.  I have 
been using mine a long time just because

it takes a while to get it to work correctly.

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 13:06:23 Dan Purgert wrote:

> Gene Heskett wrote:
> > On Tuesday 13 August 2019 05:41:52 Dan Purgert wrote:
> >> Gene Heskett wrote:
> >> > On Tuesday 13 August 2019 02:24:34 deloptes wrote:
> >> > [...]
> >> >
> >> >> I am not aware of any program I've been using
> >> >> for the past 15y that would have a problem writing in /var/log
> >> >
> >> > Then tell me how fetchmail, procmail, clamav or spamd running as
> >> > me, can keep their logs in /var/log, the permissions just aren't
> >> > there after a reboot.
> >>
> >> Aren't all four of those system services; with their own system
> >> users, with their own directories in /var/log (or well, at least by
> >> default)?
> >
> > No, while they may be callable by anyone, they all become the user
> > calling them.
>
> Ah, spamd & clamav are their own users here; and I don't use the other
> two (so assumed wrongly). Thanks for clarifying.
>
> >> [...]
> >> Assuming a Debian-standard /etc/logrotate.conf; it should give one
> >> the necessary examples to set up a functioning schedule for things
> >> in their $HOME (or other places).
> >
> > O0kkaayy, splain this:
> > my entry for these logs in /etc/logrotate.d:
> >
> > /home/gene/log/fetchmail.log
> > /home/gene/log/procmail.log
> > /home/gene/log/mail.log
> > {
> > su gene mail
> > rotate 4
> > maxsize 500
> > weekly
> > missingok
> > notifempty
> > copytruncate
> > compress
> > delaycompress
> > postrotate
> > kill -HUP fetchmail
> > kill -HUP procmail
> > kill -HUP spamd
> > endscript
> > }
> >
> > and an ls -l of ~/log
> >
> > gene@coyote:/etc/logrotate.d$ ls -l  ~/log
> > total 68804
> > -rw-r--r-- 1 gene gene  5413354 Aug 13 09:36 fetchmail.log
> > -rw--- 1 gene mail0 Aug 12 00:08 fetchmail.log.1
> > -rw--- 1 gene mail   20 Aug  4 00:10 fetchmail.log.2.gz
> > -rw--- 1 gene mail   20 Jul 28 00:09 fetchmail.log.3.gz
> > -rw-r--r-- 1 gene gene   636567 Aug 13 09:36 mail.log
> > -rw--- 1 gene mail0 Aug 12 00:08 mail.log.1
> > -rw--- 1 gene mail   20 Aug  4 00:10 mail.log.2.gz
> > -rw--- 1 gene mail   20 Jul 28 00:09 mail.log.3.gz
> > -rw-r--r-- 1 gene gene 64361979 Aug 13 09:36 procmail.log
> > -rw--- 1 gene mail0 Aug 12 00:08 procmail.log.1
> > -rw--- 1 gene mail   20 Aug  4 00:10 procmail.log.2.gz
> > -rw--- 1 gene mail   20 Jul 28 00:09 procmail.log.3.g
> >
> > Which does not look like its being properly rotated to me.
> > Yet this worked (without the maxsize option I just now added) for
> > all the years on wheezy.  And yes, I am a member of group mail
>
> Looks like it's trying to run correctly (June 28 -> Aug 4 being a
> week; 4th to 12th being 8 days). Although it looks like your options
> may be having problems such that the processes aren't moving the logs
> properly.
>
> Although, as I recall, multiple lines cause issues (or at least they
> did for me); you'll probably be better served with something like
> this:
>
>   /home/gene/log/*.log
>   {
>   rotate 4
>   maxsize 500
>   weekly
>   missingok
>   notifempty
>   copytruncate
>   compress
>   delaycompress
>   postrotate
>   /bin/kill -HUP fetchmail
>   /bin/kill -HUP procmail
>   /bin/kill -HUP spamd
>   endscript
>   }
>
> Note that:
>
>   - I removed the 'su' line; as I don't see it as an option in my
> manpage
your man page might be diff, from mine:
 su user group
  Rotate log files set under this user and group instead of 
using default user/group (usually root). user specifies the user name 
used for rotation and  group
  specifies  the group used for rotation. If the user/group 
you specify here does not have sufficient privilege to make files with 
the ownership you've speci‐
  fied in a create instruction, it will cause an error.

>   - I used the full path to kill, as I cron doesn't usually have a

fixed.

> HTH
might. Since the logfile is owned and grouped by me I changed to
 su gene gene
too.

We'll check again tomorrow.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Compiling Linux with "bdver2" gcc optimization option

[Étienne Mollier]

Franco Martelli , on 2019-09-13:
> Hi, everybody
>
> in order to achieve Linux kernel optimized for my CPU AMD FX-8350
> Bulldozer2 I changed the line 121 of linux-source-4.19/arch/x86/Makefile
> from:
>
> cflags-$(CONFIG_MK8) += $(call cc-option,-march=k8)
>
> to:
>
> cflags-$(CONFIG_MK8) += $(call cc-option,-march=bdver2) \
> $(call cc-option,-mtune=bdver2,$(call 
> cc-option,-mtune=generic))
>
> compiling the kernel up to Debian 9.x stretch all worked fine but with
> Debian 10 buster I get a lot of warning messages:
[...snipped warnings...]
> what does it means? Is there a way to get the kernel optimized for my
> CPU as it happened in the previous Debian versions?

Hi Franco,

I'm not fluent enough in GCC 8 for x86_64 to answer to all the
various warnings you indicated.  Some may be harmless, and some
may eat your data.  I would do a few tests with a virtual
machine supporting bdver2 instructions before going live anyway,
and backups stored far away from the machine once testing, and
possibly without contact with that kernel.  That is, if it
happens to boot; these sort of things do not look very good
for instance:

> arch/x86/kernel/sys_x86_64.o: warning: objtool: get_align_mask()+0x1d: can't 
> find jump dest instruction at .text+0x2f

I also recall having had to move from ORC to DWARF unwinder to
get the build working, but that was on old OS levels, not on
newer ones, due to the libelf being too old.

Some of these seem related to CPU vulnerabilities mitigations,
and might be worth a bug report against the kernel, either
Debian or upstream, assuming it also appears /without/ your
-march=bdver2 flag:

> mm/memory.o: warning: objtool: If this is a retpoline, please patch it in 
> with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.


Note that someone from the Gentoo community has developed a set
of patches to expand the possibilities of optimization for the
kernel, depending on Linux and GCC versions.  You may be
interested in the following one for Buster:


https://github.com/graysky2/kernel_gcc_patch/blob/master/enable_additional_cpu_optimizations_for_gcc_v8.1%2B_kernel_v4.13%2B.patch

These mainly apply changes in various code sections to put the
flags in place, and provide options through the .config file of
the source code.  I haven't tested it, but I don't believe this
will solve your warnings, reading through the patch.  Yet it
does a bit more than just replacing the compiler flag: there is
notably a component related to L1 cache shift which is modified
too.  That should bring an appreciable performance boost if it
corrects cache line mismatch.

Please be aware that CPU optimizations in kernel, targeting Zen
and Skylake in this case, seemed to be hardly detectable, or
even counter productive, with various computer usage patterns,
according to measures done by Phoronix earlier this year:

https://www.phoronix.com/scan.php?page=article=linux-50-march=1

Of course this may not be the case for your own typical load,
but I would recommend to do a few measures, to assess the actual
performance gain on your machine with, and without, CPU specific
compiler optimizations.

Kind regards,
-- 
Étienne Mollier 
  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d



signature.asc
Description: OpenPGP digital signature

Re: Error with logrotate.

[Dan Purgert]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Gene Heskett wrote:
> On Tuesday 13 August 2019 05:41:52 Dan Purgert wrote:
>
>> Gene Heskett wrote:
>> > On Tuesday 13 August 2019 02:24:34 deloptes wrote:
>> > [...]
>> >
>> >> I am not aware of any program I've been using
>> >> for the past 15y that would have a problem writing in /var/log
>> >
>> > Then tell me how fetchmail, procmail, clamav or spamd running as me,
>> > can keep their logs in /var/log, the permissions just aren't there
>> > after a reboot.
>>
>> Aren't all four of those system services; with their own system users,
>> with their own directories in /var/log (or well, at least by default)?
>>
> No, while they may be callable by anyone, they all become the user 
> calling them.

Ah, spamd & clamav are their own users here; and I don't use the other
two (so assumed wrongly). Thanks for clarifying.

>> [...]
>> Assuming a Debian-standard /etc/logrotate.conf; it should give one the
>> necessary examples to set up a functioning schedule for things in
>> their $HOME (or other places).
>
> O0kkaayy, splain this:
> my entry for these logs in /etc/logrotate.d:
>
> /home/gene/log/fetchmail.log
> /home/gene/log/procmail.log
> /home/gene/log/mail.log
> {
> su gene mail
> rotate 4
> maxsize 500
> weekly
> missingok
> notifempty
> copytruncate
> compress
> delaycompress
> postrotate
> kill -HUP fetchmail
> kill -HUP procmail
> kill -HUP spamd
> endscript
> }
>
> and an ls -l of ~/log
>
> gene@coyote:/etc/logrotate.d$ ls -l  ~/log
> total 68804
> -rw-r--r-- 1 gene gene  5413354 Aug 13 09:36 fetchmail.log
> -rw--- 1 gene mail0 Aug 12 00:08 fetchmail.log.1
> -rw--- 1 gene mail   20 Aug  4 00:10 fetchmail.log.2.gz
> -rw--- 1 gene mail   20 Jul 28 00:09 fetchmail.log.3.gz
> -rw-r--r-- 1 gene gene   636567 Aug 13 09:36 mail.log
> -rw--- 1 gene mail0 Aug 12 00:08 mail.log.1
> -rw--- 1 gene mail   20 Aug  4 00:10 mail.log.2.gz
> -rw--- 1 gene mail   20 Jul 28 00:09 mail.log.3.gz
> -rw-r--r-- 1 gene gene 64361979 Aug 13 09:36 procmail.log
> -rw--- 1 gene mail0 Aug 12 00:08 procmail.log.1
> -rw--- 1 gene mail   20 Aug  4 00:10 procmail.log.2.gz
> -rw--- 1 gene mail   20 Jul 28 00:09 procmail.log.3.g
>
> Which does not look like its being properly rotated to me.
> Yet this worked (without the maxsize option I just now added) for all the 
> years on wheezy.  And yes, I am a member of group mail

Looks like it's trying to run correctly (June 28 -> Aug 4 being a week;
4th to 12th being 8 days). Although it looks like your options may be
having problems such that the processes aren't moving the logs
properly.

Although, as I recall, multiple lines cause issues (or at least they did
for me); you'll probably be better served with something like this:

  /home/gene/log/*.log
  {
  rotate 4
  maxsize 500
  weekly
  missingok
  notifempty
  copytruncate
  compress
  delaycompress
  postrotate
  /bin/kill -HUP fetchmail
  /bin/kill -HUP procmail
  /bin/kill -HUP spamd
  endscript
  }

Note that:

  - I removed the 'su' line; as I don't see it as an option in my
manpage
  - I used the full path to kill, as I cron doesn't usually have a $PATH
set

HTH

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl1S7g4ACgkQjhHd8xJ5
ooFvJgf+O43AC0aYx6aVrWjvcpGhcNQr3elp42UscofoS2I4Ctiy0cRvM2e509cT
NP/uLrt5cnu6QKnUun0LWOW/tsZXxEoPvOzIRM3JGybV5/iloCF00vYbHMIht4wh
H6C8TvTmblpCsUMKns+YCfRIwykj1+jpRjEIVWsbny/ZbVHK19bGqUp8PK2lZHT9
LQ7YLt5cw4jgS9NBOOamaKn9wQwStZrN7YHUgVyxixVbJ/MarsYzZ3QvrElSPgEy
9Wy/witCKIdd2vAxhtWMxpmrL6RwQw6VJ4vokhyZuA7KjJrYqK1HGOVOHd0pGm9r
i4ApD6WAKsgooqD0OPgIfEvLk7mJnA==
=GlKw
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Secure Shell refuses to accept connections from anyone

[Michael Howard]

On 13/08/2019 16:31, Joe wrote:

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:


On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:


On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:

The same thing happens if I fill in 'root' as the login even
though a 'root' login is not permitted in the default
'sshd_config' configuration.  Even when I change the
configuration to allow for 'root' login, 'root' can never login.

  


Try a local ssh login to see if it rules out network problems. As
in ssh localhost.  or ssh -l  localhost. If it is your
network getting in the way it may
rule that out.
  

Yes that works ( ssh -l  localhost ).  So that means it has to
do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.


It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its own
and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone amiss


This has happened to me a couple of times. Regenerating and converting 
solved the problem.


--
Mike Howard

Re: Secure Shell refuses to accept connections from anyone

[Joe]

On Tue, 13 Aug 2019 15:28:04 +0200
 wrote:

> On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:
> > 
> > 
> > On 8/12/2019 4:00 PM, elvis wrote:  
> > >On 12/8/19 11:23 pm, Keith Steensma wrote:  
> > >>
> > >>The same thing happens if I fill in 'root' as the login even
> > >>though a 'root' login is not permitted in the default
> > >>'sshd_config' configuration.  Even when I change the
> > >>configuration to allow for 'root' login, 'root' can never login.
> > >>
> > >>  
> > >
> > >
> > >Try a local ssh login to see if it rules out network problems. As
> > >in ssh localhost.  or ssh -l  localhost. If it is your
> > >network getting in the way it may
> > >rule that out.
> > >  
> > Yes that works ( ssh -l  localhost ).  So that means it has to
> > do with the network connections.  
> 
> Not necessarily. It can be the client, too (your PuTTY). You didn't
> describe the error message in detail (perhaps it is too unspecific,
> GUI clients tend to be like that), but perhaps PuTTY has some
> "verbose" option you can activate. Then you may infer whether there's
> a hole in the net or whether just client and server don't get along
> with each other.
> 

It is some years since I used PuTTY regularly, but I seem to recall
that it didn't use OpenSSH-type keys and insisted on generating its own
and providing a conversion to an OpenSSH key, which then had to be
placed on the server. Is it possible this procedure may have gone amiss,
or perhaps it is willing to use OpenSSH keys now?

-- 
Joe

Re: Love 2d and debian 10

[Paul Sutton]

On 13/08/2019 16:02, Cindy Sue Causey wrote:
> On 8/13/19, Nektarios Katakis  wrote:
>> On Tue, 13 Aug 2019 11:33:17 +0100
>> Paul Sutton  wrote:
>>> On 13/08/2019 11:16, Nektarios Katakis wrote:
 From what I see the love2d software provides 2 packages for linux.
 One specific to Ubuntu distro and one with AppImage. You re not
 mentioning which one you used to be able to reproduce.
>>> I am installing with
>>>
>>> apt install love (as root of course)
>>>
>>> How do I perhaps query dpkg to see what exactly it has installed etc?
>> You can check that with `apt list --installed | grep '.
>> Can you please show the output of `apt-cache policy love`?
>> love package is not in the mainline apt repositories (I cannot find it).
> Hi Cindy

:~$ apt-cache policy love
love:
  Installed: 11.1-2
  Candidate: 11.1-2
  Version table:
 *** 11.1-2 500
    500 http://mirror.bytemark.co.uk/debian buster/main amd64 Packages
    100 /var/lib/dpkg/status

Package described by apt search love is

love/stable,now 11.1-2 amd64 [installed]
  2D game development framework based on Lua and OpenGL

Paul
> Hi.. I was able to find it in Buster while lurking along just now:
>
> pool/main/l/love/love_11.1-2_amd64.deb
>
> Dpkg suggested dpkg-deb. I played a few seconds with the resulting
> observations being..
>
> * Sometimes you might need the whole page name including the version
> and dotDEB instead of only the name without those very specific
> identifiers.
>
> * Sometimes the package must at least be downloaded locally but not
> necessarily installed.
>
> "apt-file list" was able to show what "love" offers even though love
> is nowhere near my own setup. Apt-file worked great when called upon
> from any ol' directory, too.
>
> Apt-file did NOT like being offered a full path regardless of that
> path being any of these:
>
> /var/cache/apt/archives/rurple-ng
> /var/cache/apt/archives/rurple-ng*
> /var/cache/apt/archives/rurple-ng_0.5+16-2_all.deb
>
> A possible "why" is maybe the full path is internally addended to how
> "apt-file" is intelligent enough to already know that /var/cache path
> without us having to type it out in full. That would explain apt-file
> working with only a package name offered from anywhere within our file
> hierarchy. As such, apt-file might be reading those 3 full paths
> redundantly as:
>
> /var/cache/apt/archives/var/cache/apt/archives/rurple-ng*
>
> For dpkg-deb, these worked:
>
> dpkg-deb --contents /var/cache/apt/archives/rurple-ng*
> dpkg-deb --contents /var/cache/apt/archives/rurple-ng_0.5+16-2_all.deb
>
> Because the immediately above worked, this next one understandably did
> not and instead presented as "No such file or directory":
>
> dpkg-deb --contents /var/cache/apt/archives/rurple-ng
>
> The following only worked from within /var/cache/apt/archives AND also
> from within a duplicate, generic backup's directory:
>
> dpkg-deb --contents rurple-ng*
>
> In other words, dpkg-deb seems to poke around similar to how "ls" does.
>
> Those were *my* experiences, anyway. Totally worthwhile few minutes
> spent because the comparisons are a peek into package
> programming/development options/style variances, too.
>
> An observation overall is.. don't forget that any kind of change
> within dependencies could be the root of what's going on, too. The
> mere thought of that just made my head spin. PySolFC just experienced
> that a few weeks ago, broke completely, after one or more of its
> Python dependencies were upgraded. Cue the *crickets* stinger.. :)
>
> Cindy :)

-- 
Paul Sutton
http://www.zleap.net
gnupg : 7D6D B682 F351 8D08 1893  1E16 F086 5537 D066 302D

https://fediverse.party/ - zl...@social.isurf.ca

Compiling Linux with "bdver2" gcc optimization option

[Franco Martelli]

Hi, everybody

in order to achieve Linux kernel optimized for my CPU AMD FX-8350
Bulldozer2 I changed the line 121 of linux-source-4.19/arch/x86/Makefile
from:

cflags-$(CONFIG_MK8) += $(call cc-option,-march=k8)

to:

cflags-$(CONFIG_MK8) += $(call cc-option,-march=bdver2) \
$(call cc-option,-mtune=bdver2,$(call
cc-option,-mtune=generic))

compiling the kernel up to Debian 9.x stretch all worked fine but with
Debian 10 buster I get a lot of warning messages:


mm/memory.o: warning: objtool: remap_pfn_range()+0xd5: unsupported
intra-function call
mm/memory.o: warning: objtool: If this is a retpoline, please patch it
in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.
mm/mlock.o: warning: objtool: __munlock_isolate_lru_page()+0xd6: stack
state mismatch: cfa1=7+64 cfa2=7+56
mm/mlock.o: warning: objtool: clear_page_mlock()+0x39: unsupported
instruction in callable function
mm/mlock.o: warning: objtool: mlock_vma_page()+0x8e: sibling call from
callable instruction with modified stack frame
mm/mlock.o: warning: objtool: munlock_vma_page()+0x163: return with
modified stack frame
kernel/bpf/stackmap.o: warning: objtool: bpf_get_stack()+0x68: return
with modified stack frame
kernel/bpf/sockmap.o: warning: objtool: bpf_exec_tx_verdict()+0x436:
stack state mismatch: cfa1=7+168 cfa2=7+160
kernel/power/qos.o: warning: objtool: pm_qos_remove_request()+0x6d:
return with modified stack frame
arch/x86/kernel/dumpstack.o: warning: objtool: __die()+0xc2: return with
modified stack frame
arch/x86/kernel/cpu/amd.o: warning: objtool: bsp_init_amd()+0xb1: can't
find jump dest instruction at .text+0x193
arch/x86/kvm/x86.o: warning: objtool: kvm_set_cr3()+0x18: can't find
jump dest instruction at .text+0x5cc0
arch/x86/kernel/ldt.o: warning: objtool: write_ldt()+0x110: can't find
jump dest instruction at .text+0x56a
mm/mmap.o: warning: objtool: init_user_reserve()+0x34: return with
modified stack frame
mm/mmap.o: warning: objtool: init_admin_reserve()+0x34: return with
modified stack frame
mm/mmap.o: warning: objtool: vm_brk_flags()+0x55: stack state mismatch:
cfa1=7+80 cfa2=7+72
mm/mmap.o: warning: objtool: do_mmap()+0x1bf: stack state mismatch:
cfa1=7+80 cfa2=7+72
mm/mprotect.o: warning: objtool: change_protection()+0x4f5: can't find
jump dest instruction at .text+0x5a3
mm/mremap.o: warning: objtool: move_page_tables()+0x60: stack state
mismatch: cfa1=7+144 cfa2=7+136
mm/mremap.o: warning: objtool: __se_sys_mremap()+0x12d: stack state
mismatch: cfa1=7+160 cfa2=7+152
arch/x86/kernel/sys_x86_64.o: warning: objtool: get_align_mask()+0x1d:
can't find jump dest instruction at .text+0x2f
mm/page_vma_mapped.o: warning: objtool: check_pte()+0x108: return with
modified stack frame
mm/page_vma_mapped.o: warning: objtool: page_vma_mapped_walk()+0x15e:
stack state mismatch: cfa1=7+56 cfa2=7+40
mm/pagewalk.o: warning: objtool: __walk_page_range()+0x1be: return with
modified stack frame
kernel/printk/printk.o: warning: objtool: devkmsg_write.cold.15()+0x30:
can't find jump dest instruction at .text.unlikely+0x2a1
arch/x86/kvm/emulate.o: warning: objtool: rsm_load_state_32()+0x2e2:
can't find jump dest instruction at .text+0xfa4
arch/x86/kvm/i8254.o: warning: objtool: pit_ioport_read()+0x141: can't
find jump dest instruction at .text+0x7cb
arch/x86/kvm/mmu.o: warning: objtool:
kvm_calc_tdp_mmu_root_page_role()+0xb: can't find jump dest instruction
at .text+0x3fd
arch/x86/kvm/lapic.o: warning: objtool: recalculate_apic_map()+0x2f6:
can't find jump dest instruction at .text+0x968
mm/rmap.o: warning: objtool: try_to_unmap_one()+0x4d1: can't find jump
dest instruction at .text+0x185b
arch/x86/kvm/ioapic.o: warning: objtool:
rtc_irq_eoi_tracking_reset()+0x45: return with modified stack frame
arch/x86/kvm/ioapic.o: warning: objtool: ioapic_mmio_write()+0x62: stack
state mismatch: cfa1=7+48 cfa2=7+40
arch/x86/kvm/ioapic.o: warning: objtool: ioapic_mmio_read()+0xe5: stack
state mismatch: cfa1=7+64 cfa2=7+56
arch/x86/kvm/ioapic.o: warning: objtool: kvm_get_ioapic()+0x72: return
with modified stack frame
arch/x86/kvm/ioapic.o: warning: objtool: kvm_set_ioapic()+0x105: return
with modified stack frame
arch/x86/kvm/irq_comm.o: warning: objtool: kvm_set_msi_irq()+0x60:
return with modified stack frame
kernel/rcu/sync.o: warning: objtool: rcu_sync_init()+0x52: return with
modified stack frame
mm/vmalloc.o: warning: objtool: vmalloc_to_page()+0x150: return with
modified stack frame
mm/vmalloc.o: warning: objtool: vunmap_page_range()+0x2fc: return with
modified stack frame
mm/vmalloc.o: warning: objtool: vm_unmap_ram()+0x11f: sibling call from
callable instruction with modified stack frame
mm/vmalloc.o: warning: objtool: vmap_page_range_noflush()+0x2ec: return
with modified stack frame
mm/vmalloc.o: warning: objtool: vread()+0x1cf: stack state mismatch:
cfa1=7+96 cfa2=7+88
mm/vmalloc.o: warning: objtool: vwrite()+0x176: stack state mismatch:
cfa1=7+96 cfa2=7+88
arch/x86/kvm/cpuid.o: warning: objtool: do_cpuid_ent()+0x6b4: 

Re: Love 2d and debian 10

[Cindy Sue Causey]

On 8/13/19, Nektarios Katakis  wrote:
> On Tue, 13 Aug 2019 11:33:17 +0100
> Paul Sutton  wrote:
>> On 13/08/2019 11:16, Nektarios Katakis wrote:
>> > From what I see the love2d software provides 2 packages for linux.
>> > One specific to Ubuntu distro and one with AppImage. You re not
>> > mentioning which one you used to be able to reproduce.
>>
>> I am installing with
>>
>> apt install love (as root of course)
>>
>> How do I perhaps query dpkg to see what exactly it has installed etc?
>> >
>
> You can check that with `apt list --installed | grep '.
> Can you please show the output of `apt-cache policy love`?
> love package is not in the mainline apt repositories (I cannot find it).


Hi.. I was able to find it in Buster while lurking along just now:

pool/main/l/love/love_11.1-2_amd64.deb

Dpkg suggested dpkg-deb. I played a few seconds with the resulting
observations being..

* Sometimes you might need the whole page name including the version
and dotDEB instead of only the name without those very specific
identifiers.

* Sometimes the package must at least be downloaded locally but not
necessarily installed.

"apt-file list" was able to show what "love" offers even though love
is nowhere near my own setup. Apt-file worked great when called upon
from any ol' directory, too.

Apt-file did NOT like being offered a full path regardless of that
path being any of these:

/var/cache/apt/archives/rurple-ng
/var/cache/apt/archives/rurple-ng*
/var/cache/apt/archives/rurple-ng_0.5+16-2_all.deb

A possible "why" is maybe the full path is internally addended to how
"apt-file" is intelligent enough to already know that /var/cache path
without us having to type it out in full. That would explain apt-file
working with only a package name offered from anywhere within our file
hierarchy. As such, apt-file might be reading those 3 full paths
redundantly as:

/var/cache/apt/archives/var/cache/apt/archives/rurple-ng*

For dpkg-deb, these worked:

dpkg-deb --contents /var/cache/apt/archives/rurple-ng*
dpkg-deb --contents /var/cache/apt/archives/rurple-ng_0.5+16-2_all.deb

Because the immediately above worked, this next one understandably did
not and instead presented as "No such file or directory":

dpkg-deb --contents /var/cache/apt/archives/rurple-ng

The following only worked from within /var/cache/apt/archives AND also
from within a duplicate, generic backup's directory:

dpkg-deb --contents rurple-ng*

In other words, dpkg-deb seems to poke around similar to how "ls" does.

Those were *my* experiences, anyway. Totally worthwhile few minutes
spent because the comparisons are a peek into package
programming/development options/style variances, too.

An observation overall is.. don't forget that any kind of change
within dependencies could be the root of what's going on, too. The
mere thought of that just made my head spin. PySolFC just experienced
that a few weeks ago, broke completely, after one or more of its
Python dependencies were upgraded. Cue the *crickets* stinger.. :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with 2 Python tutorials and more editors than she can remember
inquisitively, experimentally installing k/t Debian CHOICE! *

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 05:41:52 Dan Purgert wrote:

> Gene Heskett wrote:
> > On Tuesday 13 August 2019 02:24:34 deloptes wrote:
> > [...]
> >
> >> I am not aware of any program I've been using
> >> for the past 15y that would have a problem writing in /var/log
> >
> > Then tell me how fetchmail, procmail, clamav or spamd running as me,
> > can keep their logs in /var/log, the permissions just aren't there
> > after a reboot.
>
> Aren't all four of those system services; with their own system users,
> with their own directories in /var/log (or well, at least by default)?
>
No, while they may be callable by anyone, they all become the user 
calling them.

> >> [...]
> >> Logrotate also does not need to be modified - only for your custom
> >> stuff, so it is expected and desired and it is easy to adjust.
> >
> > Maybe for someone intimately fam with how it works, not so easy on a
> > onetime basis after an install. One doesn't get familiar enough, nor
> > manage to commit it to short term memory.
>
> Assuming a Debian-standard /etc/logrotate.conf; it should give one the
> necessary examples to set up a functioning schedule for things in
> their $HOME (or other places).

O0kkaayy, splain this:
my entry for these logs in /etc/logrotate.d:

/home/gene/log/fetchmail.log
/home/gene/log/procmail.log
/home/gene/log/mail.log
{
su gene mail
rotate 4
maxsize 500
weekly
missingok
notifempty
copytruncate
compress
delaycompress
postrotate
kill -HUP fetchmail
kill -HUP procmail
kill -HUP spamd
endscript
}

and an ls -l of ~/log

gene@coyote:/etc/logrotate.d$ ls -l  ~/log
total 68804
-rw-r--r-- 1 gene gene  5413354 Aug 13 09:36 fetchmail.log
-rw--- 1 gene mail0 Aug 12 00:08 fetchmail.log.1
-rw--- 1 gene mail   20 Aug  4 00:10 fetchmail.log.2.gz
-rw--- 1 gene mail   20 Jul 28 00:09 fetchmail.log.3.gz
-rw-r--r-- 1 gene gene   636567 Aug 13 09:36 mail.log
-rw--- 1 gene mail0 Aug 12 00:08 mail.log.1
-rw--- 1 gene mail   20 Aug  4 00:10 mail.log.2.gz
-rw--- 1 gene mail   20 Jul 28 00:09 mail.log.3.gz
-rw-r--r-- 1 gene gene 64361979 Aug 13 09:36 procmail.log
-rw--- 1 gene mail0 Aug 12 00:08 procmail.log.1
-rw--- 1 gene mail   20 Aug  4 00:10 procmail.log.2.gz
-rw--- 1 gene mail   20 Jul 28 00:09 procmail.log.3.g

Which does not look like its being properly rotated to me.
Yet this worked (without the maxsize option I just now added) for all the 
years on wheezy.  And yes, I am a member of group mail

Thanks.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Love 2d and debian 10

[Greg Wooledge]

On Tue, Aug 13, 2019 at 11:33:17AM +0100, Paul Sutton wrote:
> I am installing with
> 
> apt install love (as root of course)
> 
> How do I perhaps query dpkg to see what exactly it has installed etc?

man dpkg

And this is my POLITE answer.

Re: is it possible run 32-bit app on 64-bit amd system??

[Greg Wooledge]

On Tue, Aug 13, 2019 at 07:47:52AM -0400, rhkra...@gmail.com wrote:
> I'm in a strange mood today (I end up here often) -- I like to see things 
> like 
> that written as:
> 
> mplayer -novideo 
> 
> or 
> 
> mplayer -novideo 
> 
> It makes it more clear what is "fixed text" and what is a variable / 
> parameter.

Clear to YOU.

But then you get the occasional fool who puts the literal < and > signs
in their command.

Basically, there isn't any good way to write example commands in
standard ASCII text without confusing *someone*.  The OP was happy
with the answer that was given, so it worked.  Arguing that a different
markup syntax might have worked better is just wasting time.

> (Of course, it doesn't work for code that requires < and > in the syntax ;-(

One of my pet peeves is the recent trend (last few years) of people
putting `backticks` around their example shell commands in IRC.  Some
of the common markup systems use backticks to mean "display this with
a fixed-width terminal-style font".  Unfortunately, IRC is *not* one
of those systems, and in technical channels that deal with Unix shell
commands, where backticks can be part of the actual shell command syntax
(albeit deprecated), it can be extremely confusing whether the user
intended the backticks to be literal, or part of their markup.

I've actually seen users put commands with `...` around them in their
bash scripts, then ask why it's not working.  More than once.

(And then there's mysql.  Oh my god, don't get me started on mysql.)

Re: Secure Shell refuses to accept connections from anyone

[tomas]

On Tue, Aug 13, 2019 at 08:23:35AM -0500, Keith Steensma wrote:
> 
> 
> On 8/12/2019 4:00 PM, elvis wrote:
> >On 12/8/19 11:23 pm, Keith Steensma wrote:
> >>
> >>The same thing happens if I fill in 'root' as the login even
> >>though a 'root' login is not permitted in the default
> >>'sshd_config' configuration.  Even when I change the
> >>configuration to allow for 'root' login, 'root' can never login.
> >>
> >>
> >
> >
> >Try a local ssh login to see if it rules out network problems. As
> >in ssh localhost.  or ssh -l  localhost. If it is your
> >network getting in the way it may
> >rule that out.
> >
> Yes that works ( ssh -l  localhost ).  So that means it has to
> do with the network connections.

Not necessarily. It can be the client, too (your PuTTY). You didn't
describe the error message in detail (perhaps it is too unspecific,
GUI clients tend to be like that), but perhaps PuTTY has some
"verbose" option you can activate. Then you may infer whether there's
a hole in the net or whether just client and server don't get along
with each other.

Cheers
-- tomás


signature.asc
Description: Digital signature

Re: Secure Shell refuses to accept connections from anyone

[Keith Steensma]

On 8/12/2019 4:00 PM, elvis wrote:

On 12/8/19 11:23 pm, Keith Steensma wrote:


The same thing happens if I fill in 'root' as the login even though a 
'root' login is not permitted in the default 'sshd_config' 
configuration.  Even when I change the configuration to allow for 
'root' login, 'root' can never login.






Try a local ssh login to see if it rules out network problems. As in 
ssh localhost.  or ssh -l  localhost. If it is your network 
getting in the way it may

rule that out.

Yes that works ( ssh -l  localhost ).  So that means it has to do 
with the network connections.  But these are all in-house connections 
that are sitting right on my workbench.  The switch and cables are less 
than a year old (I know that doesn't mean much). But if you think this 
problem is pointing toward a network condition, I can sure change out 
some things real fast and prove that right or wrong.

Re: revise the /etc/security/limits.conf doesn't take effect for normal user.

[Greg Wooledge]

On Mon, Aug 12, 2019 at 09:58:14PM +, Hongyi Zhao wrote:
> On Mon, 12 Aug 2019 15:40:03 +0200, Greg Wooledge wrote:
> 
> >  You
> > could start by telling us which DM it is (lightdm, gdm3, sddm, etc.).
> 
> gdm3
> 
> And I don't know to let the limits take effect within this environment.

I don't either.

First thing you can do is look for a file like /etc/pam.d/gdm3 (or possibly
/etc/pam.d/gdm), and see if it contains the pam_limits.so line.  If
it doesn't, then you know it isn't reading /etc/security/limits.conf
file, and your first step would be to add the pam_limits.so line.
VERY carefully, after reading all of the PAM documentation.

If it does contain this line, then perhaps you can try running a standard
Debian X session instead of a GNOME session.  Pick your favorite regular
window manager that is NOT part of a desktop environment, put that in
your ~/.xsession file, login with a Debian session, open a terminal, and
see if the limits are correct.  Then remove the ~/.xsession file (or
restore it to whatever it was before) to go back to the way things were
before, if you still want to.

If the limits are correct in a terminal executed by a regular window
manager inside a Debian session, then you know the PAM stuff is working
correctly.  If they're NOT correct inside a terminal executed by dbus
inside a GNOME session, then you have some more digging to do.  It's
possible that they're working just fine in other pieces of your GNOME
session, just not in terminals.  It's possible that you may or may not
care about terminals, or that you may or may not care ONLY about terminals.
You're not exactly giving us much detail here.

Re: Error with logrotate.

[Greg Wooledge]

On Tue, Aug 13, 2019 at 09:30:34AM +1200, Philip wrote:
> I just updated from Debian 8 to 9 and I'm getting the following error.  I'm
> guessing it's something to do with permissions?
> 
> Something to do with the create 640 root adm?
> 
> /etc/cron.daily/logrotate:
> error: unable to open /home/philip/logs/access.log.1 for compression

Could be permissions, yes.

> /home/philip/logs/*.log {
>   su philip philip
[...]
>   create 640 root adm

If you're running as "philip:philip" then you can't create files as
"root:adm".

Moreover, any existing files like /home/philip/logs/access.log.1 that
are owned by "root:adm" can't be written by a process running as
"philip:philip".

Most likely, what you want to do is replace the "create 640 root adm"
with "create 640 philip philip", and then verify/change the ownership
of any existing files, as well as the directory they're in, so that
the logrotate process running as "philip:philip" can read and write
everything.

Re: OT: While we're talking about logrotate (was: Re: Error with logrotate.)

[rhkramer]

PS: I do (now) recall that one of the descriptions of how to do what I wanted 
was in an old (online) issue of Dr. Dobbs, and I spent a fair amount of time 
trying to get that one to do what I wanted, but it refused to cooperate ;-)

On Tuesday, August 13, 2019 07:58:16 AM rhkra...@gmail.com wrote:
> While we're talking about logrotate, I'd like to ask if anyone else has
> seen (and solved) the problem I had with logrotate.
> 
> There were times in the past when I wanted to do things like keep a log (or
> a backup of one or more files) something like this: 7 daily logs for one
> week, then 4 (or 5) weekly logs for one month, then, 12 monthly logs for
> one year (and, ideally, in some circumstances, n yearly logs forever).
> 
> I found various descriptions of how (iiuc) I could make logrotate do that
> for me, but they never worked correctly for me.  (I forget the exact
> problem, it may have been that they would not, for example, delete (or
> overwrite), for example, the daily logs -- but, as I say, I really don't
> remember the problem, just that I couldn't get it to work.)
> 
> If this rings the bell for anyone, and you had a similar problem and found
> the solution, I'd appreciate any hints you can offer.  (If you think the
> solutions on the web "just work", then you probably haven't encountered
> the problem I found.)
> 
> Thanks!

Re: is it possible run 32-bit app on 64-bit amd system??

[rhkramer]

On Monday, August 12, 2019 10:56:22 PM riveravaldez wrote:
> >> btw which option should i add to mplayer command line
> >> so that it play only audio part (not video part)  of a file?
> 
> $ mplayer -novideo file

I'm in a strange mood today (I end up here often) -- I like to see things like 
that written as:

mplayer -novideo 

or 

mplayer -novideo 

It makes it more clear what is "fixed text" and what is a variable / parameter.

(Of course, it doesn't work for code that requires < and > in the syntax ;-(

(BTW, while I'm being cantankerous (that's the word I should have used 
earlier, I don't like the "foo" ..., approach, my mind just doesn't seem wired 
that way.

cheers to all!

Re: Trackman Marble under wayland in Buster

[Zenaan Harkness]

On Wed, Aug 07, 2019 at 11:29:48AM -0400, Henning Follmann wrote:
> Hello,
> I just updated to buster and with that comes wayland.
> I am using a Trackman marble and I do have a custom
> configuration for it to switch to scoll when I hold
> button 8 (called "EmulateWheel").
> Is there a way to do this under wayland?
> 
> here is my previous marblemouse.conf for X:
> 
> Section "InputClass"
> Identifier  "Marble Mouse"
> MatchProduct "Logitech USB Trackball"
> MatchIsPointer "on"
> MatchDevicePath "/dev/input/event*"
> Driver "evdev"
>   Option "Buttons""9"
>   Option "ButtonMapping"  "1 9 3 4 5 6 7 2 8"
> Option "EmulateWheel" "true"
> Option "EmulateWheelButton" "8"
> Option "Emulate3Buttons" "true"
> EndSection
> #


Please do post an update if you find out - perhaps someone on a
Wayland mailing list might know.  Still on Debian 9 here, but will
upgrade in a few months I guess…

Re: Love 2d and debian 10

[Nektarios Katakis]

On Tue, 13 Aug 2019 11:33:17 +0100
Paul Sutton  wrote:

> On 13/08/2019 11:16, Nektarios Katakis wrote:
> > On Tue, 13 Aug 2019 08:50:40 +0100
> > Paul Sutton  wrote:
> >  
> >> Hi
> >>
> >> I am trying to run Love2d which is a 2d game engine. This worked
> >> fine on Debian 9 but seems to crash on debian 10.  I don't think
> >> this is a hardware issue as this happens on both my desktop and
> >> netbook (I have included desktop output of lshw -c video in my
> >> blog post)
> >>
> >> http://zleap.net/love-2d-debian-10-issues/
> >>
> >> Has anyone else had similar issues or can someone perhaps test this
> >> and see if there is a problem please.
> >>
> >>
> >> Thanks
> >>
> >> Paul  
> > From what I see the love2d software provides 2 packages for linux.
> > One specific to Ubuntu distro and one with AppImage. You re not
> > mentioning which one you used to be able to reproduce.  
> 
> 
> Hi
> 
> 
> I am installing with
> 
> apt install love (as root of course)
> 
> How do I perhaps query dpkg to see what exactly it has installed etc?
> 
> Hope this helps 
> 
> Paul
> 
> 
> >  

You can check that with `apt list --installed | grep '.
Can you please show the output of `apt-cache policy love`?
love package is not in the mainline apt repositories (I cannot find it).

Regards
-- 
Nektarios Katakis

Re: Love 2d and debian 10

[Paul Sutton]

On 13/08/2019 11:16, Nektarios Katakis wrote:
> On Tue, 13 Aug 2019 08:50:40 +0100
> Paul Sutton  wrote:
>
>> Hi
>>
>> I am trying to run Love2d which is a 2d game engine. This worked fine
>> on Debian 9 but seems to crash on debian 10.  I don't think this is a
>> hardware issue as this happens on both my desktop and netbook (I have
>> included desktop output of lshw -c video in my blog post)
>>
>> http://zleap.net/love-2d-debian-10-issues/
>>
>> Has anyone else had similar issues or can someone perhaps test this
>> and see if there is a problem please.
>>
>>
>> Thanks
>>
>> Paul
> From what I see the love2d software provides 2 packages for linux. One
> specific to Ubuntu distro and one with AppImage. You re not mentioning
> which one you used to be able to reproduce.


Hi


I am installing with

apt install love (as root of course)

How do I perhaps query dpkg to see what exactly it has installed etc?

Hope this helps 

Paul


>
-- 
Paul Sutton
http://www.zleap.net
gnupg : 7D6D B682 F351 8D08 1893  1E16 F086 5537 D066 302D

https://fediverse.party/ - zl...@social.isurf.ca

Re: Love 2d and debian 10

[Nektarios Katakis]

On Tue, 13 Aug 2019 08:50:40 +0100
Paul Sutton  wrote:

> Hi
> 
> I am trying to run Love2d which is a 2d game engine. This worked fine
> on Debian 9 but seems to crash on debian 10.  I don't think this is a
> hardware issue as this happens on both my desktop and netbook (I have
> included desktop output of lshw -c video in my blog post)
> 
> http://zleap.net/love-2d-debian-10-issues/
> 
> Has anyone else had similar issues or can someone perhaps test this
> and see if there is a problem please.
> 
> 
> Thanks
> 
> Paul

From what I see the love2d software provides 2 packages for linux. One
specific to Ubuntu distro and one with AppImage. You re not mentioning
which one you used to be able to reproduce.

-- 
Nektarios Katakis

Re: Error with logrotate.

[Dan Purgert]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Gene Heskett wrote:
> On Tuesday 13 August 2019 02:24:34 deloptes wrote:
> [...]
>> I am not aware of any program I've been using 
>> for the past 15y that would have a problem writing in /var/log
>
> Then tell me how fetchmail, procmail, clamav or spamd running as me, can 
> keep their logs in /var/log, the permissions just aren't there after a 
> reboot.

Aren't all four of those system services; with their own system users,
with their own directories in /var/log (or well, at least by default)?

>> [...]
>> Logrotate also does not need to be modified - only for your custom
>> stuff, so it is expected and desired and it is easy to adjust.
>
> Maybe for someone intimately fam with how it works, not so easy on a 
> onetime basis after an install. One doesn't get familiar enough, nor 
> manage to commit it to short term memory.

Assuming a Debian-standard /etc/logrotate.conf; it should give one the
necessary examples to set up a functioning schedule for things in their
$HOME (or other places).


-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl1Shd8ACgkQjhHd8xJ5
ooHWAQf/fFpJq38BCynCpMptc307adtIjGzh2+eoYKplvXgV5EgrundNCVvul0xX
V8YS+V2ycvVLAKguM/Sq0AluXCvRvfGfBn10mT+ZJlpG5i7ogvN6GjnH68aQN/Hg
WQ1yT950jYXgOJ1lNhNOBK5ufekEFcl3Fz7nzbpJtew8pqznZFOLSZaWkBZtciTY
gVR1htNNBsUKPCD306Y0z5EMUsobCty3rmrhGA4ENnZLTPV1dN/wYrdNvVvHaxTA
qeFQmRVTofUl9WllgyfwFVPG+3BYGN0CSiu8YgnOF7z9nyiCH/lJLgx+y8PZnc4S
4iRwEA3hiXSglya2oCsluWtUbpsdCA==
=Sypc
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 02:24:34 deloptes wrote:

> Gene Heskett wrote:
> > Its good that we can fix it, BUT IF you are going to restrict where
> > we keep logfiles like this then FIX the /var/log perms so that
> > fetchmail, procmail, spamassassin, clamav and its ilk, running as
> > the user can access /var/log to keep its logs.  Debian's legendary
> > paranoia about who can write a log in /var/log has long since forced
> > most of us that want that log, into moving it to /home/username/log
> > and reprogramming logrotate to maintain it there years ago.
>
> So why should user be able to write in /var/log? It is the systems log
> directory not the users.

I don't have a beef with that. My beef is that there has been no effort 
to make it easy for the user to take care of his own logs, and now 
systemd wants to disable housekeeping the only sensible place for a user 
to keep his logs in. And I totally fail to see how that level of 
paranoia can be justified.

> I am not aware of any program I've been using 
> for the past 15y that would have a problem writing in /var/log

Then tell me how fetchmail, procmail, clamav or spamd running as me, can 
keep their logs in /var/log, the permissions just aren't there after a 
reboot.

> User programs you can put everywhere you want and you can customize
> whatever you want, but do not change things that are good and working
> please.
>
> usually you use opt for custom stuff, so why don't you put
> there /opt//log

Would that work from /etc/logrotate stuffs? Short answer no.

IMO if it can't reliably use /var/log, the alternative is to create ones 
own logrotate scheme. Possibly running a local modified copy of 
logrotate living in his own ~/bin and  driven from his own crontab.

> Logrotate also does not need to be modified - only for your custom
> stuff, so it is expected and desired and it is easy to adjust.

Maybe for someone intimately fam with how it works, not so easy on a 
onetime basis after an install. One doesn't get familiar enough, nor 
manage to commit it to short term memory.
> just my 5c

Chuckle, inflation has made it worth more than that. I can remember 
walking the 2 blocks to the store and bringing back a loaf of Wonder 
Bread for 8 cents.  Can you?

> regards

Take care deloptes.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Error with logrotate.

[Gene Heskett]

On Tuesday 13 August 2019 01:30:09 Erik Christiansen wrote:

> On 13.08.19 00:38, Gene Heskett wrote:
> > Its good that we can fix it, BUT IF you are going to restrict where
> > we keep logfiles like this then FIX the /var/log perms so that
> > fetchmail, procmail, spamassassin, clamav and its ilk, running as
> > the user can access /var/log to keep its logs.  Debian's legendary
> > paranoia about who can write a log in /var/log has long since forced
> > most of us that want that log, into moving it to /home/username/log
> > and reprogramming logrotate to maintain it there years ago.
>
> Nuthin' wrong with that. An individual user's logs in his tree, and
> system logs in theirs. No effort:
>
> $ grep log .fetchmailrc .procmailrc
> .fetchmailrc:set logfile "/tmp/fetchmail_log"
> ...
> .procmailrc:LOGFILE=$MAILDIR/tmp_log.$$
> .procmailrc:FINAL_LOG=$MAILDIR/log
>
> If you had a house full of rowdy teenagers, would you really want them
> all able to wallop /var/log? And what if it were a tribe of uni
> students? (I think I have you sufficiently worried now, Gene.)
>
> Erik
> (Who was both, once.)

So was I, a long time ago.

Not a bit Eric. I'm hiding behind dd-wrt. Keyboard events if they occur, 
were created by my fingers.

The last time I had children with me was nominally '85, when the 2nd 
decided she didn't like WV and took heer & the kids back to Nebraska 
where she could game the welfare system I had a timex-1000 I'd built a 
16k rampack for.  They wore out that membrane keyboard in less than a 
week and I had to cobble up a box with a surplus ti-99 keyboard with a 
rewired matrix for it. Now my youngest is in his late 40's and 1500+ 
miles west on i-80 in Nebraska. Fixing gear from nuclear power 
facilities.  Next up has his own tractor, pulling a powder wagon full of 
portland for the Kansas Hyway Dept. Next up is all over the country 
planting new power poles where-ever the last big storm hit & put a few 
hundred thousand in the dark, and the oldest is doing contract takeoffs 
for the biggest electrical contractor on the right coast.

I am it, my 79 yo wife is an invalid, no longer mobile enough to even get 
in the same room with a keyboard, and has zero interest in it if I took 
her a keyboard.  And I am close to calling it a good run at 84, my 
ticker is going to get looked at Wednesday. Needs some bypasses I 
suspect. In the meantime, my regular schedule is on hold, just taking 
care of the missus, cooking and dishwashing in a dishwasher.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Love 2d and debian 10

[Paul Sutton]

Hi

I am trying to run Love2d which is a 2d game engine. This worked fine on
Debian 9 but seems to crash on debian 10.  I don't think this is a
hardware issue as this happens on both my desktop and netbook (I have
included desktop output of lshw -c video in my blog post)

http://zleap.net/love-2d-debian-10-issues/

Has anyone else had similar issues or can someone perhaps test this and
see if there is a problem please.


Thanks

Paul
-- 
Paul Sutton
http://www.zleap.net
https://www.linkedin.com/in/zleap/
gnupg : 7D6D B682 F351 8D08 1893  1E16 F086 5537 D066 302D

Re: lenteur maladive

[Yves Rutschle]

On Fri, Aug 09, 2019 at 09:52:31AM +0200, Pierre L. wrote:
> Ca reste toute de même étonnant que ca arrive d'un coup !

Ça peut être la pile du BIOS qui commence à flancher, le
BIOS qui a perdu sa configuration, et qui par exemple décide
de faire tourner les RAM plus lentement qu'elles ne le
peuvent. Ou pire, sans cache.
(Je sais pas si ce genre de chose existe toujours, mais
ça se pouvait "y'a longtemps").


Y.

Re: Error with logrotate.

[deloptes]

Gene Heskett wrote:

> Its good that we can fix it, BUT IF you are going to restrict where we
> keep logfiles like this then FIX the /var/log perms so that fetchmail,
> procmail, spamassassin, clamav and its ilk, running as the user can
> access /var/log to keep its logs.  Debian's legendary paranoia about who
> can write a log in /var/log has long since forced most of us that want
> that log, into moving it to /home/username/log and reprogramming
> logrotate to maintain it there years ago.

So why should user be able to write in /var/log? It is the systems log
directory not the users. I am not aware of any program I've been using for
the past 15y that would have a problem writing in /var/log

User programs you can put everywhere you want and you can customize whatever
you want, but do not change things that are good and working please.

usually you use opt for custom stuff, so why don't you put
there /opt//log

Logrotate also does not need to be modified - only for your custom stuff, so
it is expected and desired and it is easy to adjust.

just my 5c

regards