Re: lenovo t410 - i915 - black screen

[deloptes]

Frederic Robert wrote:

> 00:02.0 VGA compatible controller: Intel Corporation Core Processor
> Integrated Graphics Controller (rev 02) (prog-if 00 [VGA controller])
> Subsystem: Lenovo Core Processor Integrated Graphics Controller
> Flags: bus master, fast devsel, latency 0, IRQ 28
> Memory at f200 (64-bit, non-prefetchable) [size=4M]
> Memory at d000 (64-bit, prefetchable) [size=256M]
> I/O ports at 1800 [size=8]
> [virtual] Expansion ROM at 000c [disabled] [size=128K]
> Capabilities: 
> Kernel driver in use: i915
> Kernel modules: i915

this is not the exact card model. I think you have to look into the specs of
the hardware. For example for my desktop I see in the specs

Graphics brand name
Intel® HD Graphics or HD Graphics 2000 (depending on CPU)

if it is a lenovo notebook or pc you could also paste the model/version.

Re: lenovo t410 - i915 - black screen

[Frederic Robert]

On 10/9/19 2:46 AM, deloptes wrote:


Have you done upgrades and what is your kernel version and exact card model?


Hi Deloptes,

Linux stretch 4.9.0-11-amd64 #1 SMP Debian 4.9.189-3+deb9u1 (2019-09-20) 
x86_64 GNU/Linux


00:02.0 VGA compatible controller: Intel Corporation Core Processor 
Integrated Graphics Controller (rev 02) (prog-if 00 [VGA controller])

Subsystem: Lenovo Core Processor Integrated Graphics Controller
Flags: bus master, fast devsel, latency 0, IRQ 28
Memory at f200 (64-bit, non-prefetchable) [size=4M]
Memory at d000 (64-bit, prefetchable) [size=256M]
I/O ports at 1800 [size=8]
[virtual] Expansion ROM at 000c [disabled] [size=128K]
Capabilities: 
Kernel driver in use: i915
Kernel modules: i915

Have a good day,

--
Frederic Robert

Re: Email based attack on University

[Keith Bainbridge]

On 9/10/19 1:42 am, Jonathan Dowland wrote:

Yes that sounds correct: if the mount didn't happen, the script isn't
there, so it won't run.



I meant to say that I'd get cron to mount the disk, then run the script 
and unmount it.



Thanks again Jonathan.

--
Keith Bainbridge

ke1th3...@gmail.com
+61 (0)447 667 468

Re: how to get odbc working for connection to mariadb in debian buster

[Charles Curley]

On Tue, 08 Oct 2019 21:51:23 -0400
John Covici  wrote:

> Do you think this package is in buster backports and if so, how do I
> access that repository?

https://backports.debian.org/

However, it is not yet in backports.
https://packages.debian.org/search?keywords=odbc-mariadb&searchon=names&suite=all§ion=all&sourceid=mozilla-search

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Email based attack on University

[Keith Bainbridge]

On 8/10/19 6:56 pm, Curt wrote:

The seminal vector of the ANU attack (a concerted, determined, and
sophisticated affair that might very well have been carried out by state
operatives) was social (as in engineering);



When the report that another Government may have been behind the attack, 
it was also reported that the University is part of the Defence Force 
training system.


--
Keith Bainbridge

ke1th3...@gmail.com
+61 (0)447 667 468

Re: lenovo t410 - i915 - black screen

[deloptes]

Frederic Robert wrote:

> [Oct 8 14:10] [drm:ironlake_irq_handler [i915]] *ERROR* CPU pipe A FIFO
> underrun
> [ +0.83] [drm:ironlake_irq_handler [i915]] *ERROR* PCH transcoder A
> FIFO underrun
> 
> Sorry if my english is not good. What's the problem?

Have you done upgrades and what is your kernel version and exact card model?

Re: how to get odbc working for connection to mariadb in debian buster

[John Covici]

Well, I got it from git and it built correctly, the instructions were
a bit different and it downloaded something during the build as well,
so I hope it works, I will be testing soon.

On Tue, 08 Oct 2019 16:34:21 -0400,
Étienne Mollier wrote:
> 
> [1  ]
> [1.1  ]
> John Covici, on 2019-10-08:
> >   There seems to be no package in the
> > repository and when I tried to build the source package downloaded
> > from mariadb itself, it looks for include files in the wrong places,
> > such as /usr/include/mysql.h .  What packages do I need for this to
> > work properly?
> 
> As of the build question initially present, the source package
> mariadb-connector-odbc build-depends on libmariadb-dev, but the
> documentation of the source code provided directly from MariaDB,
> in the file BUILD.md, mentions unixodbc-dev, but misses the
> necessary libmariadb-dev.  Maybe this was your missing bit ?
> 
> The header landed in /usr/include/mariadb/{,server/}mysql.h
> though; but using the DSC package, the build went quite well.
> 
> Kind Regards,  :)
> -- 
> Étienne Mollier 
> Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d
> 
> 
> [2 OpenPGP digital signature ]
> No public key for 640C990CE4C02D9B created at 2019-10-08T16:34:35-0400 using 
> RSA

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: how to get odbc working for connection to mariadb in debian buster

[John Covici]

Do you think this package is in buster backports and if so, how do I
access that repository?

Thanks for all your help on this one.

On Tue, 08 Oct 2019 15:55:09 -0400,
Étienne Mollier wrote:
> 
> [1  ]
> [1.1  ]
> Myself, on 2019-10-08:
> > Joe, on 2019-10-08:
> > > May 2019, but after the buster release freeze. You could check the
> > > dependencies against buster (I don't have one, my former stables are now
> > > oldstable): https://packages.debian.org/sid/odbc-mariadb
> > > If they do match, the .deb is available here.
> >
> > I could get the "odbc-mariadb" package from Sid installed on
> > Buster by just copying it on the target machine, and running:
> >
> > $ apt install ./odbc-mariadb_3.1.1-1_amd64.deb
> >
> > But past that point, I don't know much how to check it properly
> > works with both ODBC and MariaDB from Buster.  But if
> > dependencies are properly stated in the control file, then
> > logically, it should work.
> 
> Well, technically, it should work, but maintenance as updates
> will go on until Bullseye stabilisation will be... challenging,
> especially if security vulnerabilities are requiring
> corrections, and packages made available in Debian Buster are
> not sufficient any more.
> 
> Definitely something to put on the table with the client, one
> way or another...  or giving a hand with buster-backports ?
> 
> Kind Regards,  :)
> -- 
> Étienne Mollier 
> Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d
> 
> 
> [2 OpenPGP digital signature ]
> No public key for 640C990CE4C02D9B created at 2019-10-08T15:55:09-0400 using 
> RSA

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: how to get odbc working for connection to mariadb in debian buster

[John Covici]

These are the instructions I have, my application needs odbc and
nothing I can do about it.

On Tue, 08 Oct 2019 15:30:02 -0400,
Joe wrote:
> 
> On Tue, 08 Oct 2019 15:02:26 -0400
> John Covici  wrote:
> 
> > I am on stable, (buster) and I have no such package.  I wonder if it
> > would even install on buster, if I could find the .deb.  I am pretty
> > sure my client does not want me to go to sid.
> > 
> 
> No, it's new in Debian and only in unstable so far:
> 
> mariadb-connector-odbc (3.1.1-1) unstable; urgency=medium
> 
>   * Initial release (Closes: #930445)
> 
>  -- Bernhard Schmidt   Fri, 31 May 2019 19:40:33 +0200
> 
> 
> May 2019, but after the buster release freeze. You could check the
> dependencies against buster (I don't have one, my former stables are now
> oldstable): https://packages.debian.org/sid/odbc-mariadb
> If they do match, the .deb is available here.
> 
> Is there really no way other than ODBC?
> 
> Possibly it has improved a lot, but I stopped trying to make it work
> when the LibreOffice Base native MySQL connector finally started working
> some years ago. At that time, ODBC on Debian was an utter shambles,
> almost completely unusable, the GUI editor was not even functional
> enough to be a joke.
> 
> Does your client application really not have a native MySQL connector?
> I sometimes use Microsoft Access with a MariaDb backend, and even that
> has a MySQL driver, though possibly not written by the masters of
> Not-Invented-Here I have a feeling it came from MySQL themselves.
> 
> -- 
> Joe

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: Default Debian install harassed me

[John Hasler]

 Patrick Bartek writes:
> Try unistalling a DE, either in part or whole, to replace it with
> another and you'll end up with no xorg and all the stuff that goes
> with it, and all the apps that run under it. Quite a surprise.

My desktop machine has a highly-customized FVWM installation but I've
changed DEs on my laptop without  running into that.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: how to get odbc working for connection to mariadb in debian buster

[Étienne Mollier]

John Covici, on 2019-10-08:
>   There seems to be no package in the
> repository and when I tried to build the source package downloaded
> from mariadb itself, it looks for include files in the wrong places,
> such as /usr/include/mysql.h .  What packages do I need for this to
> work properly?

As of the build question initially present, the source package
mariadb-connector-odbc build-depends on libmariadb-dev, but the
documentation of the source code provided directly from MariaDB,
in the file BUILD.md, mentions unixodbc-dev, but misses the
necessary libmariadb-dev.  Maybe this was your missing bit ?

The header landed in /usr/include/mariadb/{,server/}mysql.h
though; but using the DSC package, the build went quite well.

Kind Regards,  :)
-- 
Étienne Mollier 
Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d




signature.asc
Description: OpenPGP digital signature

Re: how to get odbc working for connection to mariadb in debian buster

[Étienne Mollier]

Myself, on 2019-10-08:
> Joe, on 2019-10-08:
> > May 2019, but after the buster release freeze. You could check the
> > dependencies against buster (I don't have one, my former stables are now
> > oldstable): https://packages.debian.org/sid/odbc-mariadb
> > If they do match, the .deb is available here.
>
> I could get the "odbc-mariadb" package from Sid installed on
> Buster by just copying it on the target machine, and running:
>
>   $ apt install ./odbc-mariadb_3.1.1-1_amd64.deb
>
> But past that point, I don't know much how to check it properly
> works with both ODBC and MariaDB from Buster.  But if
> dependencies are properly stated in the control file, then
> logically, it should work.

Well, technically, it should work, but maintenance as updates
will go on until Bullseye stabilisation will be... challenging,
especially if security vulnerabilities are requiring
corrections, and packages made available in Debian Buster are
not sufficient any more.

Definitely something to put on the table with the client, one
way or another...  or giving a hand with buster-backports ?

Kind Regards,  :)
-- 
Étienne Mollier 
Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d




signature.asc
Description: OpenPGP digital signature

Re: how to get odbc working for connection to mariadb in debian buster

[Étienne Mollier]

Joe, on 2019-10-08 :
> On Tue, 08 Oct 2019 15:02:26 -0400
> John Covici  wrote:
>
> > I am on stable, (buster) and I have no such package.  I wonder if it
> > would even install on buster, if I could find the .deb.  I am pretty
> > sure my client does not want me to go to sid.
> >
> No, it's new in Debian and only in unstable so far:
>
> mariadb-connector-odbc (3.1.1-1) unstable; urgency=medium
>
>   * Initial release (Closes: #930445)
>
>  -- Bernhard Schmidt   Fri, 31 May 2019 19:40:33 +0200

Oops, I didn't foresee this...

> May 2019, but after the buster release freeze. You could check the
> dependencies against buster (I don't have one, my former stables are now
> oldstable): https://packages.debian.org/sid/odbc-mariadb
> If they do match, the .deb is available here.

I could get the "odbc-mariadb" package from Sid installed on
Buster by just copying it on the target machine, and running:

$ apt install ./odbc-mariadb_3.1.1-1_amd64.deb

But past that point, I don't know much how to check it properly
works with both ODBC and MariaDB from Buster.  But if
dependencies are properly stated in the control file, then
logically, it should work.

> Is there really no way other than ODBC?
>
> Possibly it has improved a lot, but I stopped trying to make it work
> when the LibreOffice Base native MySQL connector finally started working
> some years ago. At that time, ODBC on Debian was an utter shambles,
> almost completely unusable, the GUI editor was not even functional
> enough to be a joke.
>
> Does your client application really not have a native MySQL connector?
> I sometimes use Microsoft Access with a MariaDb backend, and even that
> has a MySQL driver, though possibly not written by the masters of
> Not-Invented-Here I have a feeling it came from MySQL themselves.

Well, in regular societies, it's the client that brings the
money to the company.  Should this being put on the table,
better make use of a generous slice of diplomacy.

Kind Regards,  :)
-- 
Étienne Mollier 
Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d




signature.asc
Description: OpenPGP digital signature

Re: how to get odbc working for connection to mariadb in debian buster

[Joe]

On Tue, 08 Oct 2019 15:02:26 -0400
John Covici  wrote:

> I am on stable, (buster) and I have no such package.  I wonder if it
> would even install on buster, if I could find the .deb.  I am pretty
> sure my client does not want me to go to sid.
> 

No, it's new in Debian and only in unstable so far:

mariadb-connector-odbc (3.1.1-1) unstable; urgency=medium

  * Initial release (Closes: #930445)

 -- Bernhard Schmidt   Fri, 31 May 2019 19:40:33 +0200


May 2019, but after the buster release freeze. You could check the
dependencies against buster (I don't have one, my former stables are now
oldstable): https://packages.debian.org/sid/odbc-mariadb
If they do match, the .deb is available here.

Is there really no way other than ODBC?

Possibly it has improved a lot, but I stopped trying to make it work
when the LibreOffice Base native MySQL connector finally started working
some years ago. At that time, ODBC on Debian was an utter shambles,
almost completely unusable, the GUI editor was not even functional
enough to be a joke.

Does your client application really not have a native MySQL connector?
I sometimes use Microsoft Access with a MariaDb backend, and even that
has a MySQL driver, though possibly not written by the masters of
Not-Invented-Here I have a feeling it came from MySQL themselves.

-- 
Joe

Re: how to get odbc working for connection to mariadb in debian buster

[John Covici]

I am on stable, (buster) and I have no such package.  I wonder if it
would even install on buster, if I could find the .deb.  I am pretty
sure my client does not want me to go to sid.

On Tue, 08 Oct 2019 14:20:29 -0400,
Étienne Mollier wrote:
> 
> [1  ]
> [1.1  ]
> On 08/10/2019 16.56, John Covici wrote:
> > Hi.  I am having a terrible time trying to get a package to connect to
> > mariadb using Debian buster.  There seems to be no package in the
> > repository and when I tried to build the source package downloaded
> > from mariadb itself, it looks for include files in the wrong places,
> > such as /usr/include/mysql.h .  What packages do I need for this to
> > work properly?I have unixodbc and its development files along with
> > the obcinst packages, but no driver for the database.
> > 
> > Any assistance would be appreciated.
> > 
> 
> Hi John,
> 
> This might be a blind shot, but have you tried to install the
> package odbc-mariadb, which appears with this "apt search"
> request:
> 
>   $ apt search odbc mariadb
>   Sorting... Done
>   Full Text Search... Done
>   [... a few packages ...]
>   odbc-mariadb/unstable 3.1.1-1 i386
> ODBC driver for MariaDB
> 
> It looks like a good candidate as an ODBC driver for MariaDB.
> 
> Note that I am running Sid, so your output may differ if you are
> running Stable.
> 
> Kind Regards,  :)
> -- 
> Étienne Mollier 
> Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d
> 
> [2 OpenPGP digital signature ]
> No public key for 640C990CE4C02D9B created at 2019-10-08T14:20:29-0400 using 
> RSA

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: Default Debian install harassed me

[Reco]

On Tue, Oct 08, 2019 at 11:21:26AM -0700, Patrick Bartek wrote:
> On Mon, 07 Oct 2019 12:44:32 -0500
> John Hasler  wrote:
> 
> > Patrick Bartek writes:
> > > They are each their own Hell.  Package management software solved,
> > > more or less, one type, but created another beast as the OP has
> > > discovered and that we each deal with in our own ways.  Such is life
> > > . . . and software  
> > 
> > The OP is in a hell of his own making (which is fine with me).  If he
> > wasn't such a dork he'd let Lxqt pull in Xarchiver, ignore it, and
> > install his choice of archiver.
> 
...
> Unfortunately, it's the way dependencies have been implemented.

In this particular case, it's the way a metapackage have been
implemented.
Dependencies by themselves are fine, but their usage in this case
(Depends instead of Recommends) is controversial.

In another words, do not blame the mechanism, blame the policy.


> One should be able to uninstall one thing without it trashing your whole
> system because of dependencies, Recommends, etc.

It's possible already, although it contradicts the purpose of
metapackages. First, you remove lxqt. Next, you apt-mark to manual all
its Depends and Recommends. Finally, you remove what you do not want.

And note, I did not imply that it's user-friendly in any way. And I
won't call it "simple" or "obvious".


> There should be a special switch: "uninstall only this, leave
> everything else, don't automatically install a replacement -- I'll do
> that." :)

There is no need for such switch as it's perfectly doable with stock apt
& dpkg. But since it falls into "creative Debian breakage" category, I
won't go into the details here.


> > I really don't see anything I'd call "dependency hell" any more.
> > Perhaps it's because I experienced the real thing, or perhaps because I
> > don't use a DE.
> 
> Try unistalling a DE, either in part or whole, to replace it with
> another and you'll end up with no xorg and all the stuff that goes with
> it, and all the apps that run under it. Quite a surprise.

My experience tells me otherwise, but I know how to use apt-mark.


> Dependency/Recommends have gotten to the point now of
> unnecessarily bloating a system with apps and utilities that
> aren't needed, not wanted, and will never be used.

Some examples would be nice here.


> That's why I begin all my installs with a terminal-only system and
> build it up piece by piece judiciously checking what gets installed.
> The result is a small,

uname -m && du -sxh /usr


> fast, efficient set up with only what I want -- for the most part.

And that "part" that mars your perfect installation is?

Reco

Re: Default Debian install harassed me

[Patrick Bartek]

On Mon, 07 Oct 2019 12:44:32 -0500
John Hasler  wrote:

> Patrick Bartek writes:
> > They are each their own Hell.  Package management software solved,
> > more or less, one type, but created another beast as the OP has
> > discovered and that we each deal with in our own ways.  Such is life
> > . . . and software  
> 
> The OP is in a hell of his own making (which is fine with me).  If he
> wasn't such a dork he'd let Lxqt pull in Xarchiver, ignore it, and
> install his choice of archiver.

I understand the OP's frustration. I'm dealing with it myself with
Buster and systemd (but that's another post). It's just that his
way of coping with his frustration is with animosity and rudeness.
Unfortunately, it's the way dependencies have been implemented. One
should be able to uninstall one thing without it trashing your whole
system because of dependencies, Recommends, etc. There should be a
special switch: "uninstall only this, leave everything else, don't
automatically install a replacement -- I'll do that." :)

> I really don't see anything I'd call "dependency hell" any more.
> Perhaps it's because I experienced the real thing, or perhaps because I
> don't use a DE.

Try unistalling a DE, either in part or whole, to replace it with
another and you'll end up with no xorg and all the stuff that goes with
it, and all the apps that run under it. Quite a surprise.

Dependency/Recommends have gotten to the point now of
unnecessarily bloating a system with apps and utilities that
aren't needed, not wanted, and will never be used.  That's why I begin
all my installs with a terminal-only system and build it up piece by
piece judiciously checking what gets installed. The result is a small,
fast, efficient set up with only what I want -- for the most part.  My
solution is not perfect.

B

Re: how to get odbc working for connection to mariadb in debian buster

[Étienne Mollier]

On 08/10/2019 16.56, John Covici wrote:
> Hi.  I am having a terrible time trying to get a package to connect to
> mariadb using Debian buster.  There seems to be no package in the
> repository and when I tried to build the source package downloaded
> from mariadb itself, it looks for include files in the wrong places,
> such as /usr/include/mysql.h .  What packages do I need for this to
> work properly?I have unixodbc and its development files along with
> the obcinst packages, but no driver for the database.
> 
> Any assistance would be appreciated.
> 

Hi John,

This might be a blind shot, but have you tried to install the
package odbc-mariadb, which appears with this "apt search"
request:

$ apt search odbc mariadb
Sorting... Done
Full Text Search... Done
[... a few packages ...]
odbc-mariadb/unstable 3.1.1-1 i386
  ODBC driver for MariaDB

It looks like a good candidate as an ODBC driver for MariaDB.

Note that I am running Sid, so your output may differ if you are
running Stable.

Kind Regards,  :)
-- 
Étienne Mollier 
Fingerprint:  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d



signature.asc
Description: OpenPGP digital signature

Re: fixing up an armhf screwup

[Gene Heskett]

On Tuesday 08 October 2019 10:34:28 Thomas Schmitt wrote:

> Hi,
>
> > how do I mount it to copy those 5 or so
> > files out of it and back to this card?  I've not used the -oloop
> > option in a decade and have long since forgot how.
>
> Since -o loop felt neglected it decided to become optional.
>
> So, provided you have an existing mount directory (here /mnt/iso) just
> mount the ISO file (here assumed to be debian-10.0.0-amd64-netinst.iso
> in the current working directory):
>
>   sudo mount debian-10.0.0-amd64-netinst.iso /mnt/iso
>
> This command will show that you then have a loop device
>
>   /sbin/losetup -l
>
Which returns a null on a pi3.
>
> Have a nice day :)
>
> Thomas


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: fixing up an armhf screwup

[Gene Heskett]

On Tuesday 08 October 2019 10:34:28 Thomas Schmitt wrote:

> Hi,
>
> > how do I mount it to copy those 5 or so
> > files out of it and back to this card?  I've not used the -oloop
> > option in a decade and have long since forgot how.
>
> Since -o loop felt neglected it decided to become optional.
>
Oh shit. That probably explains some of why I haven't been able to build 
a working fully-pre-emptable kernel kernel, or any kernel at all on a 
pi3 or a pi4. Despite an "ls -l /dev" showing loop0 thru loop7, a line 
in the install bails out because it can't find loop0, and the resultant 
u-sd card won't boot.  3 short green flashes, a longer one, then dark 
for 3 sec's, repeat till the universe runs down.

Now what the heck do we do?
 
> So, provided you have an existing mount directory (here /mnt/iso) just
> mount the ISO file (here assumed to be debian-10.0.0-amd64-netinst.iso
> in the current working directory):
>
>   sudo mount debian-10.0.0-amd64-netinst.iso /mnt/iso
>
> This command will show that you then have a loop device
>
>   /sbin/losetup -l
>
>
> Have a nice day :)
>
> Thomas


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: fixing up an armhf screwup

[Gene Heskett]

On Tuesday 08 October 2019 10:31:24 Dan Ritter wrote:

> Gene Heskett wrote:
> > I had, in a failed attempt to install what was supposed to be a
> > fully preemptable kernel on a pi3 that turned out to be a low-latncy
> > desktop and truly horrible latency's. accidently filled up the /boot
> > partition on the pi3's u-sd card, and my cleanups were a little
> > enthusiastic, nuking the fixup* stuff too.
> >
> > So since I have that .iso here, how do I mount it to copy those 5 or
> > so files out of it and back to this card?  I've not used the -oloop
> > option in a decade and have long since forgot how.
>
> mkdir mountplace
> sudo mount foobar.iso mountplace
> cp mountplace/path/to/files .
> sudo umount mountplace
>
> -dsr-

Thanks Dan, I appreciate it.  Then I found I hadn't deleted them, and 
spent 30 minutes trying to see why it didn't boot past one short green 
flash of the led, or if I started from powerdown, 3 short flashes, a 
much longer one, pause 3 or so seconds dark and repeat forever, or until 
I killed the power again. Finally gave up and loaded the card with 
raspian buster 10.1, made the network work, and updated it.  But it 
looks like wayland has bombed on me again: Trying to build linuxcnc with 
this ./configure --with-realtime-uspace, configure bails because theres 
no glib to be found. from its src directory:
-
checking for module installation directory... configuring for 
run-in-place
/media/pi/workpi120/buildbot/linuxcnc-dev/rtlib
checking for glib... configure: error: no -- required until somebody 
makes glib optional
---end of screen snip

so I'll have to start all over with the latest stretch. And I've already 
been to this rodeo, with a late enough fully-preemptable kernel, I've 
found that glxgears can make 60 fps full screen, and that will run my 
app like gangbusters.

Wayland, spit.  Its made a 30+ yo program first developed by NIST at 
least 30 yo, unusable. No backwards compatibility...
Sigh...

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: New Linux User needs some guidance

[Michael Lange]

Hi,

On Tue, 8 Oct 2019 13:38:25 - (UTC)
Curt  wrote:

> On 2019-10-08, Dejan Jocic  wrote:
> >
> > Anyway, most of Linux newbies will not create usb from Linux machine
> > anyway, so I doubt that any of this will help OP. Personally, can't
> > even remember when I was creating usb image from anything but Linux,
> > so can't be of much help there.
> 
> Right, and as the guy is totally blind to boot, I'm sure he'll enjoy
> wading through the usual digressive, thread-hijacking shitload of
> extraneous and sometimes erroneous verbiage in search of a precious
> nugget of useful information.
> 

I think you confused the OP (Larry Honaker, see:
https://lists.debian.org/debian-user/2019/10/msg00339.html)
with the OP of another recent thread ("goleo", see:
https://lists.debian.org/debian-user/2019/10/msg00281.html, though I
believe you probably referred rather to the follow-up:
https://lists.debian.org/debian-user/2019/10/msg00288.html).

At least I cannot see anything in the OP's question that might justify
your conclusion.

Regards

Michael

.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

The face of war has never changed.  Surely it is more logical to heal
than to kill.
-- Surak of Vulcan, "The Savage Curtain", stardate 5906.5

Re: RFE: Could crc32 be included in the debian live/installation disk?

[Reco]

On Tue, Oct 08, 2019 at 04:34:17PM +0200, Albretch Mueller wrote:
> >>  this is a hash algorithm that is implemented of the chips anyway, it
> >> is the fastest of them all, used by synch (is it?) and it is crucially
> >> helpful when data integrity is very important.
> 
> >And it's also one of those broken checksum algorithms which makes it
> >easy to replace a part of file while keeping a checksum intact.
> 
>  Well, I wasn't claiming CRC32 was fail-safe, what I actually meant is
> that data integrity would be based on:
> 
>  a) two -fast- and "reasonably" safe signature utilities which are
> based on -different algorithms-

CRC32 fails here. Key is "reasonably" safe.
If you'd propose MD5 and SHA256 (Debian does it for the every package in
repostory) - that would be considered OK.


> >>  Does Debian internally have the kind of check pointing that Windows
> >> does with which you could revert the state of an OS to a operating
> >> "moment" you can manage?

> >Sure. And it's called "off-host backup", a concept which predates both
> >Linux and Windoze. As you helpfully mention below, "you do not own your
> >computer", so "in-host" checkpoints are untrusted by your very own
> >definition.
> 
>  I think you are twisting a bit my point here in a confusing way.

Nope. If you need an immutable OS state (be it a backup, a snapshot or
whatever), you do not store it on the same host. If you do not trust the
OS (or the hardware), there's no reason to trust a snapshot of its state.

Now if you *do* trust the OS, there are some interesting possibilities,
starting with filesystem snapshots.


>  No, you do not own your computers or any networked device you use,
> but you have an easy way to check if the data in it has been changed,
> when and how. I have been noticing all along how data has been left in
> my computer (definitely more than cookies) and how my file systems
> have been altered. Even the idea of an encrypted hard drive is a joke
> once you open a browser.
> 
> >>  the reason why I push for the crc32 algo is because instead of using
> >> sha?sums which are much slower, I would rely on both crc32 and md5sum,
> >> when I have to baselines the 200+K files included in the base install
> >> that comes with the installation disk.
> 
> >A noble if misguided effort. Surely you're aware that Debian project
> >provides both install media and LiveDVDs along with checksums of them?
> >They did this job for you already.
> 
>  Yes, but where is the GUI based data integrity check?

Never felt the need for one.
I fail to see what's so hard in running:

md5sum -c 
sha256sum -c 

But maybe some other list participant can help you here.


> >>  Nowadays you can safely assume that you do not own your computer
> 
> > And refraining from using certain processor architectures and non-free
> > operating systems ...
> 
>  Your joke is beside my point

I'm dead serious. If you're using x86 newer than Pentium the First,
consider yourself pwned, because you do not control the hardware, they
do. The only question is whenever it's a good, democratic US control, or
totalitarian Chinese one.


> >>  I would like to remove all cookies
> 
> >Why accept them in the first place then?
> 
>  because "cookies" have been turned into an all encompassing black
> mail and tracking mechanism,

Spare me the usual scarytales, please. Whichever browser you're using
should allow you to set a whitelist policy on cookies (as opposed do
brain-dead blacklist policy by default).
It may break some authentication, sure, so whitelist domains until it
ain't.


> so if you don't accept them they will not show you pages,

And if a site implements such policy it's not worth your time.


> let you get to your email account, ...

LOL. Why exactly should I deny myself the access to my own e-mail on my
server? Also, both SMTP and IMAP do not use cookies last time I've
checked.


> I hate JS for more than one good reason, they slow your Internet
> experience, dump of all kinds of commercial cr@p on you,

... But you do not disable it because?


> > Checksumming of /lib* /usr and the like is done by every Debian package
> > already.
> 
>  at installation, right?

Nope. Every package you install has checksums. It does not matter if
it's a freshly installed package or it's an updated one. Checksums are
there. Waiting.


> but, again, this is not what I am talking
> about. Debian should offer an easy way to baseline its installation on
> an ongoing basis.

An install media is signed.
An installation process is reproducible and deterministic.
Hence the OS that comes from the process is initially deterministic too.

But prove me wrong. File a wishlist bug report and share its number with
the list.


> > Checksumming of /boot is an interesting idea (AFAIK you can validate
> > the kernel only, but that's it), but I'd use something like dm-integrity
> > for this.
> 
>  Heck I would even dump the BIOS

But they do not let you dump the full content of the BIOS ("pwned", see
above)

Re: et.al.

[David Wright]

I think this got attached to the wrong subthread.

On Tue 08 Oct 2019 at 09:08:40 (+0200), Thomas Schmitt wrote:
> i wrote:
> > > I wonder whether my mail provider would allow me to send via SMTP
> > >   MAIL FROM:
> > >   From: "Somebody Else" 
> 
> David Wright wrote:
> > It's fairly easy to find out by trying it out,
> 
> I have the technical means but not the courage to challenge my provider.
> 
> > Perhaps not as easy as it was,
> > because unencrypted telnet has all but gone.
> 
> A few years ago i had to add stunnel to my mail sender tool chain.
> 
> > $ openssl s_client -starttls smtp -crlf -connect 
> > smtp.some.submission.host.tld:12345
> 
> SMTP by hand. Impressive.

Not really. After all, S stands for Simple. It's really not very
different from my interactive Fortran programs from the 1970s,
or the Adventure game from the same era.
https://www.filfre.net/wp-content/uploads/2012/11/think.png

> I would rather tinker with my SMTP sender.

I find exim a lot more complicated to drive. There's an open thread
here that I ought to close: the one where I was trying to set up
intra-LAN emails at home. Having solved it, I ought to post how.
> > ehlo wren.corp
> 
> That would be the link between mail and subscription, according to Brian's
> theory (if i understand it correctly).
> Is "corp" in any way part of your subscription ?

Absolutely not! No, it's just the domain name of my LAN at home. In
my employment days, it was an Internet-resolvable hostname, but
those days are long gone, and all my pretty hostnames are now
corporate gobbledegook.

> The mail, to which this is a reply, has:
> > Received: from david by corp with local (Exim 4.92)
> >  (envelope-from )
> >  id 1iHhck-00016w-Lc; Tue, 08 Oct 2019 00:01:26 -0500
> 
> In my mailbox the "(envelope-from <...>)" are rather rare on debian-user.
> Most frequent they are inside the gnu.org mail server network.
> About any mail on their lists has them in the Receive: headers which
> gnu.org servers add.
> But Brian and you get them added to the most early "Received:".

Yes, several systems I use have different ways of displaying the
envelope ± HELO along the way at different points. Sometimes
they're labelled smtp.mailfrom and smtp.helo: eg if I send mails
directly to myself (at my real domain).

And IIUI it's the envelope that actually determines where the email
goes, not the To: in the email, though I assume my exim determines
the former from the latter.

(One of the problems in the thread I mentioned is making sure that
exim doesn't rewrite *all* my LAN domain names into my Internet
domain name, but only the emails I'm sending to the ISP's smarthost.)

> > I see lots of DKIM stuff in your emails
> 
> In the past i sent mails to the receivers directly. But more and more
> refused on my self-made SMTP. So i went back to the end-user way of
> handing my outgoing mail to my mail provider so that all that fancy
> header stuff gets added.
> Then came end-user encryption (whatever this shall bring as benefit)
> which i could counter by stunnel(8).
> 
> Let's see how long they allow me to tickle their servers by hand.

Yes, I don't run my own mail server as it seems quite tricky and
something that you have to keep exactly correct all the time, like
any system that's operating in Real Time—you don't want to drop the
ball just when an importent email arrives.

> >   There is no inherent relationship between either "reverse" (from
> >   MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP
> >   transaction ("envelope") and the addresses in the header section.
> >   (RFC 5321.)
> 
> But the "Received: ...(envelope-from" gesture seems to try to establish
> such a relationship.
> It would be interesting to learn why Exim (or something else ?) adds
> this info.

Because the servers en route to the email's destination never look at
the Header and Body, but only the envelope, AIUI.

> In your case the addresses in "From:" and "(envelope-from"
> are the same. This kills my theory about the reason why Brian's mails
> have "(envelope-from".

AIUI exim rewrites my From: n...@wren.corp into name@lionunicorn… and
then copies that into the envelope: I don't try to interfere with the
copying, but I could if my ISP accepts the result. As a 587 submission
port, they might do checking that a 25 transfer port doesn't do.

> > I've always assumed the envelope from is generated from the 'mail
> > from' line, and that the envelope should reach the Debian list
> > processing system unchanged.
> 
> I never bothered to find out whether the wide-world mail servers use
> any other protocol or extra SMTP commands to organize their network.
> But if they use RFC5321 like us commoners then your theory looks
> plausible.
> 
> Only that Brian stated not to use his subscribed address in "MAIL FROM"
> and not to see it in "(envelope-from ".
> Maybe i got him wrong ?
> (Keeping semi-private mail-addresses out of the list archives might have
>  confused our conversation.)

Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)

[Joe]

On Tue, 8 Oct 2019 08:52:11 -0400
Greg Wooledge  wrote:

> On Tue, Oct 08, 2019 at 09:13:31AM +0100, Joe wrote:
> > On Tue, 8 Oct 2019 00:25:44 -0500
> > David Wright  wrote:  
> > > Why would you use a "subscribed.address" (presumably an email
> > > address) for your HELO (presumably actually a EHLO). I was under
> > > the impression that it should be a domain, ie a FQDN.  
> > 
> > It should actually be a hostname, it's the official public name of
> > the mail server, though not of course its local network name. It
> > must be resolvable in public DNS. In practice, not much of this is
> > enforced, and you can get away with a domain name and, apparently,
> > an email address.  
> 
> "Enforcement" is entirely up to the receiver's discretion. 

Yes, that's what I meant, there's nobody else to enforce anything. But
I've never had an email rejected for a mismatched HELO.

> Some
> receivers use it as an anti-spam measure -- if your HELO string
> doesn't resolve, they won't accept your connection.

Yes, I do that, and I think it's the default for Exchange servers. A
look through the Exim configuration file gives a lot of anti-spam hints
in terms of the built-in options.

>  I've even heard
> of receivers who attempt to make an STMP connection back to the MX of
> your HELO domain, to make sure you have a running incoming SMTP
> service.
> 
I haven't seen that one, that I'm aware of. But that presumably is
circumvented simply by using a HELO for a domain that is known to run a
mail server. In the days when I used Telnet to talk to mail servers, I
used a well-known six-character domain name for my HELO for brevity,
with which I had no connection whatever. No server ever refused it.

> Other receivers may simply log it, or ignore it altogether.
> 

Indeed, but it's of value. A lot of people seem to think that using
their IP address, or my own IP address or domain name as their HELO is
clever.

-- 
Joe

how to get odbc working for connection to mariadb in debian buster

[John Covici]

Hi.  I am having a terrible time trying to get a package to connect to
mariadb using Debian buster.  There seems to be no package in the
repository and when I tried to build the source package downloaded
from mariadb itself, it looks for include files in the wrong places,
such as /usr/include/mysql.h .  What packages do I need for this to
work properly?I have unixodbc and its development files along with
the obcinst packages, but no driver for the database.

Any assistance would be appreciated.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici wb2una
 cov...@ccs.covici.com

Re: Email based attack on University

[Jonathan Dowland]

On Tue Oct 8, 2019 at 5:35 PM Keith Bainbridge wrote:
> So I put noexec under the heading of it may deter somebody who is 
> looking for easy targets.

Yes I think of it like a speed bump, rather than a barrier.

> bash without the -c will run a script however.

Yes.

> Now to make that info useful. I have back-up disks mount noexec and then 
> unmount as part of the script. BUT I've had a couple of instances of the 
> back landing in the mount point for some reason. If the script is on the 
> disk, it can only run if the disk mounts, surely. So now is the time to 
> check it all out

Yes that sounds correct: if the mount didn't happen, the script isn't
there, so it won't run.

> Again, thanks for persisting.

You're welcome!

Re: fixing up an armhf screwup

[Gene Heskett]

On Tuesday 08 October 2019 10:15:28 Gene Heskett wrote:

> I had, in a failed attempt to install what was supposed to be a fully
> preemptable kernel on a pi3 that turned out to be a low-latncy desktop
> and truly horrible latency's. accidently filled up the /boot partition
> on the pi3's u-sd card, and my cleanups were a little enthusiastic,
> nuking the fixup* stuff too.
>
> So since I have that .iso here, how do I mount it to copy those 5 or
> so files out of it and back to this card?  I've not used the -oloop
> option in a decade and have long since forgot how.
>
> Cheers, Gene Heskett

Never mind, I found them on github.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: RFE: Could crc32 be included in the debian live/installation disk?

[Albretch Mueller]

>>  this is a hash algorithm that is implemented of the chips anyway, it
>> is the fastest of them all, used by synch (is it?) and it is crucially
>> helpful when data integrity is very important.

>And it's also one of those broken checksum algorithms which makes it
>easy to replace a part of file while keeping a checksum intact.

 Well, I wasn't claiming CRC32 was fail-safe, what I actually meant is
that data integrity would be based on:

 a) two -fast- and "reasonably" safe signature utilities which are
based on -different algorithms-
 b) that data will be used anyway

 When you are dealing with the process of managing such relatively
large amounts of data, you need something as fast as possible. Debian
install already takes some time.

 It is extremely unlikely (verging on impossibility) that you could
corrupt two different signatures of the same data while at the same
time keeping the file size intact and on top of that that data will
functionally relate to other data and ultimately cross someone's life,
mind. Say for example, code (as it is the case of Debian packages)
most probably that altered package will not compile and if it does how
could it functionally relate to the other pieces of the "system"?

>>  I like to do baseline checks when I first install an OS base and when
>> I upgrade it.

>apt install debsums

>Every Debian package contains MD5 checksums of the files it provides.
>All you need to do is to check them on a routine basis.
>If you need a better checksum algorithm, you use IDS, not homegrown
>scripts.

 thank you and yes the MD5 checksums of the file (to which some other
checksum could and should be added) could be used to produce a
baseline at the end of the installation (as a seamless option to the
user), which user could save some place and then when user feels like
checking his base installation, user would go to the Debian live
initial installation DVD and just run that "data integrity" check
utility to the new baseline of the system and compare it to what was
kept before.

 Of course, that could be easily be misused for some nefarious
intentions ;-). I am talking here only about data integrity.

>>  Does Debian internally have the kind of check pointing that Windows
>> does with which you could revert the state of an OS to a operating
>> "moment" you can manage?

>Sure. And it's called "off-host backup", a concept which predates both
>Linux and Windoze. As you helpfully mention below, "you do not own your
>computer", so "in-host" checkpoints are untrusted by your very own
>definition.

 I think you are twisting a bit my point here in a confusing way.

 No, you do not own your computers or any networked device you use,
but you have an easy way to check if the data in it has been changed,
when and how. I have been noticing all along how data has been left in
my computer (definitely more than cookies) and how my file systems
have been altered. Even the idea of an encrypted hard drive is a joke
once you open a browser.

>>  the reason why I push for the crc32 algo is because instead of using
>> sha?sums which are much slower, I would rely on both crc32 and md5sum,
>> when I have to baselines the 200+K files included in the base install
>> that comes with the installation disk.

>A noble if misguided effort. Surely you're aware that Debian project
>provides both install media and LiveDVDs along with checksums of them?
>They did this job for you already.

 Yes, but where is the GUI based data integrity check?

>>  Nowadays you can safely assume that you do not own your computer

> And refraining from using certain processor architectures and non-free
> operating systems ...

 Your joke is beside my point

>>  I would like to remove all cookies

>Why accept them in the first place then?

 because "cookies" have been turned into an all encompassing black
mail and tracking mechanism, so if you don't accept them they will not
show you pages, let you get to your email account, ...

 One of the problems of the Internet is that they can lie to "We the
people" but we can't lie to them. Imagine a java based (so that it
works on most OS) seamless Internet proxy based on already existing
technologies such as an HTML parser and Nashorn used to "Yes, sure!"
them and send them all kind of well-crafted bogus data. I hate JS for
more than one good reason, they slow your Internet experience, dump of
all kinds of commercial cr@p on you, ... that utility would take care
of that. It would be like reader mode on steroids, they think they are
making you view their bsing ads while you arent seeing or being
bothered by any of it ...

 I could imagine some idiots telling me that that would be "against
the law", some "user agreement", ... that "capitalism would go down if
such a thing existed". If I want to buy some toilet paper I would go
and get it I don’t need some so-called "AI"-based bs "reminding me"
or, and this is not a figurative joke, that actually happened to me,
ask my doctor about a colonoscopy 

Re: fixing up an armhf screwup

[Thomas Schmitt]

Hi,

> how do I mount it to copy those 5 or so
> files out of it and back to this card?  I've not used the -oloop option
> in a decade and have long since forgot how.

Since -o loop felt neglected it decided to become optional.

So, provided you have an existing mount directory (here /mnt/iso) just
mount the ISO file (here assumed to be debian-10.0.0-amd64-netinst.iso
in the current working directory):

  sudo mount debian-10.0.0-amd64-netinst.iso /mnt/iso

This command will show that you then have a loop device

  /sbin/losetup -l


Have a nice day :)

Thomas

Re: fixing up an armhf screwup

[Dan Ritter]

Gene Heskett wrote: 
> I had, in a failed attempt to install what was supposed to be a fully 
> preemptable kernel on a pi3 that turned out to be a low-latncy desktop 
> and truly horrible latency's. accidently filled up the /boot partition 
> on the pi3's u-sd card, and my cleanups were a little enthusiastic, 
> nuking the fixup* stuff too.
> 
> So since I have that .iso here, how do I mount it to copy those 5 or so 
> files out of it and back to this card?  I've not used the -oloop option 
> in a decade and have long since forgot how.

mkdir mountplace
sudo mount foobar.iso mountplace
cp mountplace/path/to/files .
sudo umount mountplace

-dsr-

lenovo t410 - i915 - black screen

[Frederic Robert]

Hello,

How are you? I am using Debian Stretch on Lenovo t410. A few days ago, 
my computer often goes in black screen. I found these lines in dmesg


[Oct 8 14:10] [drm:ironlake_irq_handler [i915]] *ERROR* CPU pipe A FIFO 
underrun
[  +0.83] [drm:ironlake_irq_handler [i915]] *ERROR* PCH transcoder A 
FIFO underrun


Sorry if my english is not good. What's the problem?

Have a good day,

--
Frederic Robert

fixing up an armhf screwup

[Gene Heskett]

I had, in a failed attempt to install what was supposed to be a fully 
preemptable kernel on a pi3 that turned out to be a low-latncy desktop 
and truly horrible latency's. accidently filled up the /boot partition 
on the pi3's u-sd card, and my cleanups were a little enthusiastic, 
nuking the fixup* stuff too.

So since I have that .iso here, how do I mount it to copy those 5 or so 
files out of it and back to this card?  I've not used the -oloop option 
in a decade and have long since forgot how.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: New Linux User needs some guidance

[Curt]

On 2019-10-08, Dejan Jocic  wrote:
>
> Anyway, most of Linux newbies will not create usb from Linux machine
> anyway, so I doubt that any of this will help OP. Personally, can't even
> remember when I was creating usb image from anything but Linux, so can't
> be of much help there.

Right, and as the guy is totally blind to boot, I'm sure he'll enjoy
wading through the usual digressive, thread-hijacking shitload of
extraneous and sometimes erroneous verbiage in search of a precious
nugget of useful information.

> All best,
> Dejan
>
>


-- 
"There are no foreign lands. It is the traveler only who is foreign."
-- Robert Louis Stevenson

Re: New Linux User needs some guidance

[Thomas Schmitt]

Hi,

after not finding in the man page a description of cp behavior with
existing target file, i looked up POSIX

  https://pubs.opengroup.org/onlinepubs/9699919799/utilities/cp.html
  "3. If source_file is of type regular file, [...]
 a. [...] if dest_file exists, the following steps shall be taken:
  [...]
  ii. A file descriptor for dest_file shall be obtained by performing
  actions equivalent to the open() function defined in the System
  Interfaces volume of POSIX.1-2017 called using dest_file as the
  path argument, and the bitwise-inclusive OR of O_WRONLY and
  O_TRUNC as the oflag argument.
  "

open() is descibed by man 2 open:
  "The  argument  flags  must  include  one of the following access modes:
   O_RDONLY, O_WRONLY, or O_RDWR.  These request opening  the  file  read-
   only, write-only, or read/write, respectively.
   [...]
  O_TRUNC
  If  the file already exists and is a regular file and the access
  mode allows writing (i.e., is O_RDWR or  O_WRONLY)  it  will  be
  truncated to length 0.  If the file is a FIFO or terminal device
  file, the O_TRUNC flag is ignored.   Otherwise,  the  effect  of
  O_TRUNC is unspecified.
   "

So bitrot could indeed happen if open(2) decides to change its unspecified
behavior for block devices.
(I have difficulties to imagine what one must smoke in order to come to
 the idea of unlinking the device file and creating a data file instead.)


Have a nice day :)

Thomas

Re: New Linux User needs some guidance

[Greg Wooledge]

On Tue, Oct 08, 2019 at 01:13:18PM +0100, Tony van der Hoff wrote:
> cp copies a file onto s file system, bit that's not what's wanted here.
> To create a bootable image from a .iso, you need 'dd'

I know I'm repeating what others have said, but this misunderstanding
is so damned pervasive that it *requires* repetition to drive it out
of people's heads.

cp copies bytes to a target.  That target *could* be a file within a
file system.  Or it could be a raw disk device.

dd also copies bytes to a target.  That target *could* be a file within
a file system.  Or it could be a raw disk device.

Either one will work.  You just have to specify the correct target.

The Debian installation guide gives the exact instructions, and it
chooses cp, because it's the simplest command to type.

In fact, so few people actually READ THE INSTALL GUIDE that I will just
copy it here.  Maybe someone will read it here, if I copy it for them.

https://www.debian.org/releases/buster/amd64/ch04s03.en.html

  The CD or DVD image you choose should be written directly to the USB
  stick, overwriting its current contents. For example, when using an
  existing GNU/Linux system, the CD or DVD image file can be written
  to a USB stick as follows, after having made sure that the stick
  is unmounted:

# cp debian.iso /dev/sdX
# sync

  ! Important
  The image must be written to the whole-disk device and not a partition,
  e.g. /dev/sdb and not /dev/sdb1. Do not use tools like unetbootin
  which alter the image.

Re: New Linux User needs some guidance

[Dejan Jocic]

On 08-10-19, Tony van der Hoff wrote:
> On 07/10/2019 19:04, Thomas Schmitt wrote:
> > Hi,
> > 
> > lwhona...@gmail.com wrote:
> >> I was under the impression, if I copied the dvd image to a usb stick,
> >> I could boot from the stick and start the install.
> > 
> > This is true. You have to put it as image onto the raw USB stick device.
> > 
> >   https://www.debian.org/CD/faq/#write-usb
> > proposes for GNU/Linux something like
> >   cp debian-10.0.0-amd64-netinst.iso /dev/sdd
> > where /dev/sdd is the device file representing the USB stick.
> 
> I've been following this thread with interest, as right from the start
> it talks about "copying" the .iso image to the ssd. At risk of
> displaying some ignorance, and attracting flames, I think this is
> misleading and take issue with the FAQ.
> 
> cp copies a file onto s file system, bit that's not what's wanted here.
> To create a bootable image from a .iso, you need 'dd', i.e.
> sudo dd bs=4M \
> if=/path-todebian-10.iso\
> of=/dev/sdx\
> oflag=sync
> 
> Make sure you identify the correct usb stick for sdx, or you may end up
> overwriting something important.
> 
> This is explained in detail at
> https://linuxize.com/post/create-bootable-debian-10-usb-stick-on-linux/
> 
> It worked for me.
> Good luck, Tony
> -- 
> Tony van der Hoff| mailto:t...@vanderhoff.org
> Buckinghamshire, England |
> 

You do not need dd command to make bootable usb with iso image. You can
do that also with cat, or cp. All 3 ways will do, if you are doing it
from Linux system. For cat: 

cat /path-to-downloaded-image.iso > /dev/sdX; sync ( X is number of the
drive, usually "b" but you need to check anyway, or you'll wipe some
drive instead )

for cp:

cp /path-to-downloaded-image.iso /dev/sdX; sync ( same as above applies )

sync is recommended to make sure that any data from RAM will be written
where it should go ( that all reads and writes will be executed and that
there will be nothing left in pending status ). To check on which device
you would like to write your image, you can use lsblk. 

dd is useful command for creating various backup images, testing storage
devices and similar, but is certainly not required for making bootable
installation images on the usb devices.

Anyway, most of Linux newbies will not create usb from Linux machine
anyway, so I doubt that any of this will help OP. Personally, can't even
remember when I was creating usb image from anything but Linux, so can't
be of much help there.

All best,
Dejan

Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)

[Greg Wooledge]

On Tue, Oct 08, 2019 at 09:13:31AM +0100, Joe wrote:
> On Tue, 8 Oct 2019 00:25:44 -0500
> David Wright  wrote:
> > Why would you use a "subscribed.address" (presumably an email address)
> > for your HELO (presumably actually a EHLO). I was under the impression
> > that it should be a domain, ie a FQDN.
> 
> It should actually be a hostname, it's the official public name of the
> mail server, though not of course its local network name. It must be
> resolvable in public DNS. In practice, not much of this is enforced,
> and you can get away with a domain name and, apparently, an email
> address.

"Enforcement" is entirely up to the receiver's discretion.  Some receivers
use it as an anti-spam measure -- if your HELO string doesn't resolve,
they won't accept your connection.  I've even heard of receivers who
attempt to make an STMP connection back to the MX of your HELO domain,
to make sure you have a running incoming SMTP service.

Other receivers may simply log it, or ignore it altogether.

Re: New Linux User needs some guidance

[Thomas Schmitt]

Hi,

(We are discussing this for the archive, as Larry Honaker probably needs
 advise for doing it on MS-Windows.)

Tony van der Hoff wrote:
> cp copies a file onto s file system, bit that's not what's wanted here.

It does indeed. But (at least with our GNU coreutils cp) copying a
data file to a block device file does not replace the device file by
a copied data file but rather copies the data file content into the
block device file.

The proposals at
  https://www.debian.org/CD/faq/#write-usb
have been tested at least once. debian-cd will surely accept a bug report
if they do not work any more due to bitrot.


> To create a bootable image from a .iso, you need 'dd', i.e.

dd is a great tool, indeed, and i use it for the purpose out of tradition.
But it does nothing essential for the copied image to be able to work.
Any program run which produces a correct byte-by-byte copy of the image on
the USB stick will do.

For example some useless use of "cat":
  cat image.iso >/dev/sde


> Make sure you identify the correct usb stick for sdx, or you may end up
> overwriting something important.

Yeah. This is a big problem. We'd need a desktop-user-safe GUI tool which
by some AI detects the USB stick which is least worthy of preservation.


Have a nice day :)

Thomas

Re: New Linux User needs some guidance

[Tony van der Hoff]

On 07/10/2019 19:04, Thomas Schmitt wrote:
> Hi,
> 
> lwhona...@gmail.com wrote:
>> I was under the impression, if I copied the dvd image to a usb stick,
>> I could boot from the stick and start the install.
> 
> This is true. You have to put it as image onto the raw USB stick device.
> 
>   https://www.debian.org/CD/faq/#write-usb
> proposes for GNU/Linux something like
>   cp debian-10.0.0-amd64-netinst.iso /dev/sdd
> where /dev/sdd is the device file representing the USB stick.

I've been following this thread with interest, as right from the start
it talks about "copying" the .iso image to the ssd. At risk of
displaying some ignorance, and attracting flames, I think this is
misleading and take issue with the FAQ.

cp copies a file onto s file system, bit that's not what's wanted here.
To create a bootable image from a .iso, you need 'dd', i.e.
sudo dd bs=4M \
if=/path-todebian-10.iso\
of=/dev/sdx\
oflag=sync

Make sure you identify the correct usb stick for sdx, or you may end up
overwriting something important.

This is explained in detail at
https://linuxize.com/post/create-bootable-debian-10-usb-stick-on-linux/

It worked for me.
Good luck, Tony
-- 
Tony van der Hoff| mailto:t...@vanderhoff.org
Buckinghamshire, England |

Re: iptables why rejects this output?

[BAGI Ákos]

I figured out, the packet is INVALID.
I have absolutly no idea how can it happen.

2019.10.07 23:29 keltezéssel, Reco írta:

Hi.

On Mon, Oct 07, 2019 at 10:55:53PM +0200, BAGI Ákos wrote:

you mean I should make the firewall settings public?
good idea :)

If your security depends on obscurity, you do not have a security in the
first place.

Your INPUT rules can be probed.
Your FORWARD rules aren't relevant to your problem.
Your OUTPUT rules are, and they do nothing to protect you from the
hostile Internet.

So if you're asking why a certain iptables rule produces a
certain kernel output - please provide the offending rule at least.
Or better - full OUTPUT chain.

Reco

Re: New Linux User needs some guidance

[Thomas Schmitt]

Hi,

i wrote:
> > ... or from a fresh attempt to install the ISO onto the USB stick by
> > one of the ISO-to-stick converters (unetbootin, Rufus, ...).

to...@tuxteam.de wrote:
> Oh, they do that? Thanks for teaching me something new :-/

I have no comprehensive knowledge of that topic. Just what i learned
during bug hunts and conversations with people whose projects are
neighbors of mine in respect to bootable ISOs.
Possibly one should explore
  https://en.wikipedia.org/wiki/List_of_tools_to_create_Live_USB_systems

In case of Rufus (of which i know the developer as being helpful):
  https://en.wikipedia.org/wiki/Rufus_%28software%29
  "Rufus supports a variety of bootable .iso files, including various
   Linux distributions and Windows installation .iso files, [...]
   If needed, it will install a bootloader such as SYSLINUX or GRUB
   onto the flash drive to render it bootable."

The art (and popular point of failure) is to connect the operating system
files from the ISO with the bootloader of the USB stick. This demands
knowledge about what projects like debian-cd or live-wrapper have prepared
for booting, and where in these preparation to join-in by the own bootloader.

For Debian ISOs on USB sticks, i tend to propose Rufus in its no-fuzz "dd"
mode, which is supposed to do what our good old Unix dd does.
This leaves the whole work of booting to debian-cd and live-wrapper
where the user can complain in case of failure.


Have a nice day :)

Thomas

Re: Dual boot: one legacy, the other uefi

[Curt]

On 2019-10-08, Joe  wrote:
>
> But I'm pretty sure that any pre-installed Windows, and very few people
> now install it themselves, will be a UEFI installation, which cannot be
> changed to boot in legacy mode, nor vice-versa.
>

>From what I'm understanding you're batting a thousand here, Joe.

https://docs.microsoft.com/en-us/windows/deployment/mbr-to-gpt

https://www.asus.com/us/support/FAQ/1013017/


-- 
"There are no foreign lands. It is the traveler only who is foreign."
-- Robert Louis Stevenson

Re: Dual boot: one legacy, the other uefi

[Joe]

On Mon, 7 Oct 2019 23:29:09 +0200
Pascal Hambourg  wrote:

> Le 07/10/2019 à 09:42, Joe a écrit :
> > On Sun, 6 Oct 2019 23:26:32 +0200
> > Pascal Hambourg  wrote:
> >   
> >> Le 06/10/2019 à 22:45, Beco a écrit :  
> >>>
> >>> Now the system can boot both systems ok. But to choose which one
> >>> you want, you need to enter the BIOS, change legacy to UEFI, and
> >>> vice-versa, then you can boot.  
> >>
> >> Would you mind telling which systems boots in EFI mode and which
> >> one boots in legacy mode ?
> >>  
> > Windows 8/8a/10 boot only in EFI.  
> 
> I don't think so. Source ?
> 

As I Understood It. Definitely, computers certified for these versions
must have EFI mode available, which is not, of course, the same thing.

Yes, even Win10 appears to be able to be installed to boot in legacy
mode. Shows how many Windows installations I've done recently

But I'm pretty sure that any pre-installed Windows, and very few people
now install it themselves, will be a UEFI installation, which cannot be
changed to boot in legacy mode, nor vice-versa.

-- 
Joe

Re: New Linux User needs some guidance

[tomas]

On Tue, Oct 08, 2019 at 09:35:09AM +0200, Thomas Schmitt wrote:
> Hi,
> 
> to...@tuxteam.de wrote:
> > The error message quoted by the original poster strongly suggests
> > that he's got that part right: it is the boot loader complaining.
> 
> No. It is the wrong flavor of SYSLINUX software and much too old.

Yep. I retracted that, as you notice:

> Next mail from to...@tuxteam.de:
> > so yes, this could be just the "leftovers"
> > from an older use of that USB stick.
> 
> ... or from a fresh attempt to install the ISO onto the USB stick by
> one of the ISO-to-stick converters (unetbootin, Rufus, ...).

Oh, they do that? Thanks for teaching me something new :-/

Cheers
-- tomás


signature.asc
Description: Digital signature

Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)

[Joe]

On Tue, 8 Oct 2019 00:25:44 -0500
David Wright  wrote:


> > 
> > "subscribed.address" is the HELO and can be what I want it to be.
> > See the headers of my previous mail.  
> 
> Why would you use a "subscribed.address" (presumably an email address)
> for your HELO (presumably actually a EHLO). I was under the impression
> that it should be a domain, ie a FQDN.

It should actually be a hostname, it's the official public name of the
mail server, though not of course its local network name. It must be
resolvable in public DNS. In practice, not much of this is enforced,
and you can get away with a domain name and, apparently, an email
address.

It's a while since I did any email diagnostics, but certainly the HELO
pretty much only had to exist, it didn't seem to be checked very much.
I have seen email from a Small Business Server refused because the
default HELO was the invalid domain name x.local, as someone had
forgotten to set it properly. I can't be bothered (i.e. I haven't had to
do it yet) setting different HELOs for each domain that I use, and it
has never been a problem.

Neither does the MX record have to match any email address, nor the PTR
record for the sending IP address. There are many complex setups where
a business might send through one third-party SMTP server and receive
through the SMTP server of a mail-cleaning service, for example. The
only constraint (again, so far) on a sending address PTR is that it must
have a complementary A record, which does not have to be the address
that the MX points to or anything related to the email itself. Many ISPs
cannot handle multiple PTRs for the same IP address, at least not in
their user control panels, though they are permitted by RFC.

-- 
Joe

potential bug: buster: systemd-networkd not working reliable

[Markus Rathgeb]

Hi,

it seems systemd-networkd of the Buster distribution does not work
reliable on some of my systems.
Can you help me to further analyze the problem in front of bug creation?

Short summary:
If an interface uses static addresses and the cable is unplugged and
plugged in again, the interface does not go up anymore.

Detailed summary:

Architecture: amd64
Kernel: Linux 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2 (2019-08-28)
x86_64 GNU/Linux
systemd: Version: 241-7~deb10u1

The system contains two ethernet links "enp1s0" and "eno1".
The kernel module used for this interfaces is "igb".

===
Oct 08 09:38:44 sb-0001c0237244 kernel: igb: Intel(R) Gigabit Ethernet
Network Driver - version 5.4.0-k
Oct 08 09:38:44 sb-0001c0237244 kernel: igb: Copyright (c) 2007-2014
Intel Corporation.
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0 enp1s0:
renamed from eth0
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0: added PHC on enp1s0
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0: Intel(R)
Gigabit Ethernet Network Connection
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0: enp1s0:
(PCIe:2.5Gb/s:Width x1) 00:01:c0:23:72:44
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0: enp1s0: PBA
No: FF-0FF
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :01:00.0: Using MSI-X
interrupts. 2 rx queue(s), 2 tx queue(s)
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0 eno1: renamed from eth0
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0: added PHC on eno1
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0: Intel(R)
Gigabit Ethernet Network Connection
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0: eno1:
(PCIe:2.5Gb/s:Width x1) 00:01:c0:23:72:51
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0: eno1: PBA
No: FF-0FF
Oct 08 09:38:44 sb-0001c0237244 kernel: igb :02:00.0: Using MSI-X
interrupts. 2 rx queue(s), 2 tx queue(s)
Oct 08 09:38:47 sb-0001c0237244 kernel: igb :01:00.0 enp1s0: igb:
enp1s0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Oct 08 09:38:48 sb-0001c0237244 kernel: igb :02:00.0 eno1: igb:
eno1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
===

The network configuration for "eno1" looks like (10-ethernet-eno1.network)
===
[Match]
Name=eno1

[Network]
DHCP=no
Address=10.10.69.1/24
Address=10.10.69.200/24
Address=10.10.69.201/24
Address=10.10.69.202/24
===

The network configuration for "enp1s0" looks like (10-ethernet-enp1s0.network)
===
[Match]
Name=enp1s0

[Network]
DHCP=ipv4
===

If the network cable on enp1s0 is unplugged the assigned address is
dropped and the interface went down. If the cable is plugged in again,
the interface goes up and requests an address using DHCP.

If the network cable on eno1 is unplugged the assigned addresses are
dropped and the interface went down. If the cable is plugged in again,
the interface does NOT go up but stays down.

I enabled the debug log level for systemd-networkd.
If the cable of eno1 is unplugged I see:
===
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Flags
change: -LOWER_UP -RUNNING
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: Sent message
type=signal sender=n/a destination=n/a
path=/org/freedesktop/network1/link/_35
interface=org.freedesktop.DBus.Properties member=PropertiesChanged
cookie=37 reply_cookie=0 signature=sa{sv}as error-name=n/a
error-message=n/a
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Lost carrier
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: NDISC: Stopping
IPv6 Router Solicitation client
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address 10.10.69.202
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address 10.10.69.200
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address 10.10.69.201
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address 10.10.69.1
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: State is
configured, dropping config
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address: 10.10.69.202/24 (valid forever)
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address: 10.10.69.200/24 (valid forever)
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address: 10.10.69.201/24 (valid forever)
Oct 08 09:45:26 sb-0001c0237244 systemd-networkd[294]: eno1: Removing
address: 10.10.69.1/24 (valid forever)
===

If the cable is plugged in again, no additional message appears.

Before I updated to Buster I run into this bug:
https://github.com/systemd/systemd/issues/5625
This could be worked around using: "IPv6AcceptRA=no" and
"LinkLocalAddressing=no"
I don't run into this error after updating anymore (it has been about DHCP).
Using that lines (regardless if no or yes is choosen) for the static
interface on Buster does not make any difference, so the error is
different.

But while reading that bug, I assume the NDISC message 

Re: Email based attack on University

[Curt]

On 2019-10-08, Keith Bainbridge  wrote:
>
> So I put noexec under the heading of it may deter somebody who is 
> looking for easy targets.
>

The seminal vector of the ANU attack (a concerted, determined, and
sophisticated affair that might very well have been carried out by state
operatives) was social (as in engineering); this could be considered a
clueful lesson--if only they were capable of receiving one--to those
system administrators positing the irrelevancy of human nature in these
technical matters.

Of course, we've already seen someone suggest here crippling modern
email (in a University setting!) to the point of bare-bones ascii text
communication with zero attachments; it is only a matter of time before
one of our brilliant members opines that the veritable solution to our
security concerns is the elimination of the human element altogether. 

-- 
"There are no foreign lands. It is the traveler only who is foreign."
-- Robert Louis Stevenson

Re: New Linux User needs some guidance

[Thomas Schmitt]

Hi,

to...@tuxteam.de wrote:
> The error message quoted by the original poster strongly suggests
> that he's got that part right: it is the boot loader complaining.

No. It is the wrong flavor of SYSLINUX software and much too old.
Even debian-8.1.0-amd64-netinst.iso has "ISOLINUX 6.03 20150107"
and debian-9.3.0-amd64-netinst.iso has "ISOLINUX 6.03 20171018".
(mount as /mnt/iso and do
   strings /mnt/iso/isolinux/isolinux.bin | fgrep ISOLINUX | less
 to see the message text of the boot program.
)

Our new friend Larry sees "Syslinux 4.03 2010-10-22", which i would
blame on boot preparations on the USB stick which should have been
overwritten by the ISO, if it was copied correctly.


Next mail from to...@tuxteam.de:
> so yes, this could be just the "leftovers"
> from an older use of that USB stick.

... or from a fresh attempt to install the ISO onto the USB stick by
one of the ISO-to-stick converters (unetbootin, Rufus, ...).


Have a nice day :)

Thomas

Re: New Linux User needs some guidance

[tomas]

On Mon, Oct 07, 2019 at 08:04:16PM +0200, Thomas Schmitt wrote:

[...]

> > Syslinux 4.03 2010-10-22 EDD © © 1994-2010 H. Peter Aanvin et al
> 
> This does not look like the first bootloader message of a contemporary
> Debian ISO image. If booted via legacy BIOS it should say "ISOLINUX"
> rather than "Syslinux" and, depending on the age of your ISO image,
> tell a younger age and higher revision.

Ah, good catch, as always: so yes, this could be just the "leftovers"
from an older use of that USB stick.

So my other post in this thread is most probably wrong.

Thanks
-- tomás


signature.asc
Description: Digital signature

Re: et.al.

[Thomas Schmitt]

Hi,

i wrote:
> > I wonder whether my mail provider would allow me to send via SMTP
> >   MAIL FROM:
> >   From: "Somebody Else" 

David Wright wrote:
> It's fairly easy to find out by trying it out,

I have the technical means but not the courage to challenge my provider.


> Perhaps not as easy as it was,
> because unencrypted telnet has all but gone.

A few years ago i had to add stunnel to my mail sender tool chain.


> $ openssl s_client -starttls smtp -crlf -connect 
> smtp.some.submission.host.tld:12345

SMTP by hand. Impressive.
I would rather tinker with my SMTP sender.


> ehlo wren.corp

That would be the link between mail and subscription, according to Brian's
theory (if i understand it correctly).
Is "corp" in any way part of your subscription ?

The mail, to which this is a reply, has:
> Received: from david by corp with local (Exim 4.92)
>  (envelope-from )
>  id 1iHhck-00016w-Lc; Tue, 08 Oct 2019 00:01:26 -0500

In my mailbox the "(envelope-from <...>)" are rather rare on debian-user.
Most frequent they are inside the gnu.org mail server network.
About any mail on their lists has them in the Receive: headers which
gnu.org servers add.
But Brian and you get them added to the most early "Received:".


> I see lots of DKIM stuff in your emails

In the past i sent mails to the receivers directly. But more and more
refused on my self-made SMTP. So i went back to the end-user way of
handing my outgoing mail to my mail provider so that all that fancy
header stuff gets added.
Then came end-user encryption (whatever this shall bring as benefit)
which i could counter by stunnel(8).

Let's see how long they allow me to tickle their servers by hand.


>   There is no inherent relationship between either "reverse" (from
>   MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP
>   transaction ("envelope") and the addresses in the header section.
>   (RFC 5321.)

But the "Received: ...(envelope-from" gesture seems to try to establish
such a relationship.
It would be interesting to learn why Exim (or something else ?) adds
this info. In your case the addresses in "From:" and "(envelope-from"
are the same. This kills my theory about the reason why Brian's mails
have "(envelope-from".


> I've always assumed the envelope from is generated from the 'mail
> from' line, and that the envelope should reach the Debian list
> processing system unchanged.

I never bothered to find out whether the wide-world mail servers use
any other protocol or extra SMTP commands to organize their network.
But if they use RFC5321 like us commoners then your theory looks
plausible.

Only that Brian stated not to use his subscribed address in "MAIL FROM"
and not to see it in "(envelope-from ".
Maybe i got him wrong ?
(Keeping semi-private mail-addresses out of the list archives might have
 confused our conversation.)


> I've always assumed that what is in parentheses is all "noise" as far
> as SMTP is concerned, like that Exim version number, the envelope-from
> and, in your email for example, (Client did not present a certificate).

The specs seem to support your assumption. RFC5322 says that the meaning
of the tokens in "Received:" would be discussed in RFC5321. But there i
fail to find any tangible info beyond the obvious meaning of "Received:".

"(Client did not present a certificate)" is possibly a future threat for me.
Why does one have to be a cryptography expert to send a mail ? Grrr...


Have a nice day :)

Thomas

Re: New Linux User needs some guidance

[tomas]

On Mon, Oct 07, 2019 at 04:40:00PM -, Dan Purgert wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> 
>  wrote:
> >
> > Greetings All,
> >
> > Briefly, I am a new Linux want-to-be [...]

Welcome!

[...]

> If I'm understanding you properly, yes.  You need to take it from an
> "iso image" and actually have the data itself on the USB key (for lack
> of a better word, you need to "burn the image" to the USB key). 

The error message quoted by the original poster strongly suggests
that he's got that part right: it is the boot loader complaining.

Had he failed in the way you suggest, he wouldn't have reached
that error message.

Cheers
-- t


signature.asc
Description: Digital signature