Bullseye: exo-utils 4.16.0-1 and exo-preferred-applications???
The programs exo-csource and exo-preferred-applications seem to be absent from the package exo-utils, in spite of being advertised as still being there. This is version 4.16.0-1 of the package, on Bullseye. -- root@orca:~# cat /var/lib/dpkg/info/exo-utils.list /. /usr /usr/bin /usr/bin/exo-desktop-item-edit /usr/bin/exo-open /usr/share /usr/share/doc /usr/share/doc/exo-utils /usr/share/doc/exo-utils/NEWS.Debian.gz /usr/share/doc/exo-utils/changelog.Debian.gz /usr/share/doc/exo-utils/changelog.gz /usr/share/doc/exo-utils/copyright /usr/share/man /usr/share/man/man1 /usr/share/man/man1/exo-desktop-item-edit.1.gz /usr/share/man/man1/exo-open.1.gz root@orca:~# apt show exo-utils Package: exo-utils Version: 4.16.0-1 Priority: optional Section: xfce Source: exo Maintainer: Debian Xfce Maintainers Installed-Size: 310 kB Depends: libexo-2-0 (= 4.16.0-1), libc6 (>= 2.4), libgdk-pixbuf-2.0-0 (>= 2.22.0), libglib2.0-0 (>= 2.37.3), libgtk-3-0 (>= 3.22.0), libxfce4ui-2-0 (>= 4.15.1), libxfce4util7 (>= 4.9.0) Breaks: xfce4-cddrive-plugin (<= 0.0.1-0ubuntu2), xfce4-volstatus-icon (<= 0.1.0-0ubuntu5) Homepage: https://docs.xfce.org/xfce/exo/start Tag: implemented-in::c, interface::graphical, interface::x11, role::program, suite::xfce, uitoolkit::gtk Download-Size: 218 kB APT-Manual-Installed: no APT-Sources: http://deb.debian.org/debian bullseye/main amd64 Packages Description: Utility files for libexo This package contains the Xfce settings plugin and the utility files for libexo-2-0 which are: - exo-csource - exo-desktop-item-edit - exo-open - exo-preferred-applications root@orca:~# which exo-open /usr/bin/exo-open root@orca:~# ls /usr/bin/exo-* /usr/bin/exo-desktop-item-edit /usr/bin/exo-open root@orca:~# -- -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Xerox B215 configurar scanner con TCP/IP en Debian 10 xfce
On 8/4/21 09:34, Debian wrote: El 8/4/21 a las 09:19, Marcelo Eduardo Giordano escribió: On 7/4/21 09:17, Debian wrote: El 23/3/21 a las 20:41, Marcelo Eduardo Giordano escribió: Estimados: Les cuento que me compré una impresora Xerox B215 especialmente porque en el manual venía bien explicado la instalación en linux que seguí que es esta. ¿Cómo te fue con esto? El hilo está sin cerrar. JAP Hola amigo. Lamentablemente me fué muy mal. No pude obtener respuesta alguna. Lo solucioné utilizando la función de envío por correo electrónico, pero no es lo óptimo. El servicio técnico de XEROX es un desastre con respecto a Linux. Gracias por preguntar Una lástima, y me llama la atención. Nunca tuve ningún problema con ninguna Xerox. Salvo toquetear a mano los archivos ppd para cambiar las configuraciones por defecto, todas las que usé anduvieron bien, y fueron muchas, y desde hace años (desde 2005, Debian "sarge"), porque en la empresa donde trabajo se usa todo Xerox. Y en mi casa tengo una 3225 conectada por WiFi, por lo que toda la familia imprime sin importar dónde esté. Te voy a mandar un "privado". JAP te cuento que el problema lo tengo con el escaneo. La impresión funciona perfecto. Gracias por tu atención
Re: KVM: GPU passthrough
Gokan Atmaca wrote: > Hello > > I want to use the graphics card directly in the virtual machine. IOMMU > seems to be running, but unfortunately it doesn't work when I want to > start the virtual machine. > > > error: > pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio > :01:00.0: group 1 is not viable > Please ensure all devices within the iommu_group are bound to their > vfio bus driver. Just to confirm: you have at least two graphics cards? One for the host to boot with, one for your guest to take over? And you loaded the vfio mod and configured it with the PCI ids for your second card? There could be several. -dsr-
Re: Using a remote computer and VGA
Richmond wrote: > Is it possible to use a local computer (L) to: ssh -Y to a remote > computer (R), run a web browser on R which will then display on > L, choose what to watch on Netflix, and then having started it, move the > displayed browser window back to the X window on R, and then move > it across to the television attached to the VGA port on R? Probably not, and the issue is Netflix. The Netflix DRM talks directly to the hardware. My guess is that you would bring over a browser window with a big black window in it. You could try this with VNC; I think it would have the same problem, but I don't know for certain. What is the actual underlying problem you're trying to solve? -dsr-
Re: Using a remote computer and VGA
Richmond wrote: > Is it possible to use a local computer (L) to: ssh -Y to a remote > computer (R), run a web browser on R which will then display on > L, choose what to watch on Netflix, and then having started it, move the > displayed browser window back to the X window on R, and then move > it across to the television attached to the VGA port on R? I doubt. Usually you have 10 to 1 down/upload speed for the customer network so even this would be possible I doubt that you can render and transfer the data over TCP/IP with sufficient quality. What is the issue with VPN or proxy? Have you tought of such? There is still the limitation in the traffic, but you haven't the issue with the rendering at least.
KVM: GPU passthrough
Hello I want to use the graphics card directly in the virtual machine. IOMMU seems to be running, but unfortunately it doesn't work when I want to start the virtual machine. pci: [0.010066] ACPI: DMAR 0x9D8B7000 70 (v01 INTEL EDK2 0002 0113) [0.121392] DMAR: IOMMU enabled [0.202324] DMAR: Host address width 39 [0.202325] DMAR: DRHD base: 0x00fed91000 flags: 0x1 [0.202331] DMAR: dmar0: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [0.202333] DMAR: RMRR base: 0x009e543000 end: 0x009e78cfff [0.202336] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 0 [0.202338] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [0.202339] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [0.203666] DMAR-IR: Enabled IRQ remapping in x2apic mode [0.391676] iommu: Default domain type: Translated [0.591706] DMAR: No ATSR found [0.591762] DMAR: dmar0: Using Queued invalidation [0.591942] pci :00:00.0: Adding to iommu group 0 [0.592011] pci :00:01.0: Adding to iommu group 1 [0.592090] pci :00:08.0: Adding to iommu group 2 [0.592367] pci :00:14.0: Adding to iommu group 3 [0.592378] pci :00:14.2: Adding to iommu group 3 [0.592438] pci :00:16.0: Adding to iommu group 4 [0.592519] pci :00:17.0: Adding to iommu group 5 [0.592583] pci :00:1b.0: Adding to iommu group 6 [0.592674] pci :00:1c.0: Adding to iommu group 7 [0.592687] pci :00:1c.3: Adding to iommu group 7 [0.594066] pci :00:1f.0: Adding to iommu group 8 [0.594075] pci :00:1f.2: Adding to iommu group 8 [0.594084] pci :00:1f.4: Adding to iommu group 8 [0.594091] pci :01:00.0: Adding to iommu group 1 [0.594096] pci :01:00.1: Adding to iommu group 1 [0.594104] pci :02:00.0: Adding to iommu group 6 [0.594112] pci :03:00.0: Adding to iommu group 7 [0.594119] pci :04:00.0: Adding to iommu group 7 [0.594122] DMAR: Intel(R) Virtualization Technology for Directed I/O error: pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio :01:00.0: group 1 is not viable Please ensure all devices within the iommu_group are bound to their vfio bus driver.
Re: MATE/Compiz
On Mon, Mar 8, 2021 at 4:36 PM IL Ka wrote: > > But how do I automate that so Compiz starts every time I log in? >> > > Hi. I am not familiar with compiz, but here are some ideas. > If you install MATE Tweak (it will appear in the Control Center), there's an option under "Windows" to select the window manager (select "Compiz..."). You can also install fusion-icon to get this choice. Fusion-icon appears as "Compiz Fusion Icon" under Accessories in the main menu, and shows an icon in the upper-right app tray). If you want to take it a step further and use the Emerald window decorator (install emerald, emerald-themes), choose "Select Window Decorator" in fusion-icon. -- Glenn Holmer (Linux registered user #16682) "After the vintage season came the aftermath -- and Cenbe."
Re: minimize daemon downtime for apt upgrade
On Thu, Apr 08, 2021 at 01:47:22PM -0600, Charles Curley wrote: > On Thu, 8 Apr 2021 10:46:06 -0500 > Matt Zagrabelny wrote: > > > If I wait for a few months to perform an "apt upgrade", many packages > > get upgraded. > > ... > > > Is there something more elegant? > > As Dan Ritter already mentioned, you can > configure a failover DHCP server, usually a good idea anyway. > > Why are you using Sid for production software? I know it's in > pre-release freeze. The general advice is to use only current released > stable for production. > Being picky: Sid is NEVER in a state of freeze - it's permanently unstable. A package change tomorrow could delete 9/10 of your system or you could be waiting months and years for a major change to percolate through. There are really _NO_ guarantees with Sid: if you can't deal with your system executing a Halt and Catch Fire instruction once in a while, you shouldn't go anywhere near it. Sid _may_ have bugs that nothing else has: it doesn't have any security guarantee. > And why are you waiting months to do an upgrade? That has security > implications you don't want. I upgrade all machines daily, even on > stable. > if you worry about upgrades - install minimal amounts of software. For a router - don't install a desktop environment. You might get one upgrade a week on stable of a couple of packages. [The machine I have next door runs a Debian mirror - it has one job, essentially] Update REGULARLY - use unattended upgrades package. Once a week or so, take five minutes to run an update/upgrade cycle yourself and watch it go through. Install a firewall - lock down the things you want to lock down. > If you don't want to do it yourself, install unattended-upgrades. That > runs daily some time before 06:00, so even if it reboots, it shouldn't > affect most users. > Maybe also take a little time to read up something like the Debian handbook - debian-handbook package / web site to fill in info on other things that might be interesting. Folk here can be very helpful. All the best, Andy C > -- > Does anybody read signatures any more? > > https://charlescurley.com > https://charlescurley.com/blog/ >
Using a remote computer and VGA
Is it possible to use a local computer (L) to: ssh -Y to a remote computer (R), run a web browser on R which will then display on L, choose what to watch on Netflix, and then having started it, move the displayed browser window back to the X window on R, and then move it across to the television attached to the VGA port on R?
Re: [sid] efibootmgr not working on linux 5.10.x & LGA1155
On 3/18/21 9:55 PM, Sven Joachim wrote: On 2021-03-18 21:03 +0100, Grzesiek Sójka wrote: I noticed recently that efibootmgr stoped working. On all my Sid machines I get the following: # efibootmgr EFI variables are not supported on this system. But if I run Buster (the same hardware) then everything is ok. So this is definitely software problem. I also noticed that the /sys/firmware/efi/efivars directory is empty. Not here, and efibootmgr works for me. Kernel problem? Missing modules? Perhaps the efivarfs module is not loaded. I don not have to load it manually, though. The problem seems to be related to 5.10.x kernels & LGA1155 based systems. 1. On laptop based on i5-8250u efibootmgr works fine (all kernel versions) 2. On systems based on LGA1155 socket (i5-2500k, i7-3770): - kernels 5.10.x: efibootmgr does not work, directory /sys/firmware/efi/efivars is empty - kernel 5.8.0-2: efibootmgr woks as expected On 5.8.0-2 i get: # lsmod | grep efi efivarfs 16384 0 efi_pstore 16384 0 efivars20480 1 efi_pstore There is no efivars.ko in 5.10.x. Maybe that is the problem? -- Regards Greg
Re: minimize daemon downtime for apt upgrade
On Thu, 8 Apr 2021 10:46:06 -0500 Matt Zagrabelny wrote: > If I wait for a few months to perform an "apt upgrade", many packages > get upgraded. ... > Is there something more elegant? As Dan Ritter already mentioned, you can configure a failover DHCP server, usually a good idea anyway. Why are you using Sid for production software? I know it's in pre-release freeze. The general advice is to use only current released stable for production. And why are you waiting months to do an upgrade? That has security implications you don't want. I upgrade all machines daily, even on stable. If you don't want to do it yourself, install unattended-upgrades. That runs daily some time before 06:00, so even if it reboots, it shouldn't affect most users. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Paraview crashes?
Hello folks, On bullseye, this happens occasionally with paraview: ``` Loguru caught a signal: SIGABRT Stack trace: 53 0x55b9a1e184ea paraview(+0x84ea) [0x55b9a1e184ea] 52 0x7fb4c3d40d0a __libc_start_main + 234 51 0x55b9a1e18314 paraview(+0x8314) [0x55b9a1e18314] 50 0x7fb4c2477ba0 QCoreApplication::exec() + 144 49 0x7fb4c246f92b QEventLoop::exec(QFlags) + 299 48 0x7fb4c24c84bf QEventDispatcherGlib::processEvents(QFlags) + 95 47 0x7fb4bd4c61cf g_main_context_iteration + 47 46 0x7fb4bd4c6118 /lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x52118) [0x7fb4bd4c6118] 45 0x7fb4bd4c5e6b g_main_context_dispatch + 603 44 0x7fb4a61817da /lib/x86_64-linux-gnu/libQt5XcbQpa.so.5(+0x697da) [0x7fb4a61817da] 43 0x7fb4c282064c QWindowSystemInterface::sendWindowSystemEvents(QFlags) + 172 42 0x7fb4c284a583 QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) + 1619 41 0x7fb4c2470f6a QCoreApplication::notifyInternal2(QObject*, QEvent*) + 298 40 0x7fb4c354215f QApplicationPrivate::notify_helper(QObject*, QEvent*) + 127 39 0x7fb4c359d32e /usr/bin/../lib/x86_64-linux-gnu/libQt5Widgets.so.5(+0x1be32e) [0x7fb4c359d32e] 38 0x7fb4c359a573 /usr/bin/../lib/x86_64-linux-gnu/libQt5Widgets.so.5(+0x1bb573) [0x7fb4c359a573] 37 0x7fb4c3548076 QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer&, bool, bool) + 470 36 0x7fb4c2470f6a QCoreApplication::notifyInternal2(QObject*, QEvent*) + 298 35 0x7fb4c354904b QApplication::notify(QObject*, QEvent*) + 1179 34 0x7fb4c354215f QApplicationPrivate::notify_helper(QObject*, QEvent*) + 127 33 0x7fb4c3581f9e QWidget::event(QEvent*) + 462 32 0x7fb4c36bfa32 /usr/bin/../lib/x86_64-linux-gnu/libQt5Widgets.so.5(+0x2e0a32) [0x7fb4c36bfa32] 31 0x7fb4c36b850a /usr/bin/../lib/x86_64-linux-gnu/libQt5Widgets.so.5(+0x2d950a) [0x7fb4c36b850a] 30 0x7fb4c353e3a1 QAction::activate(QAction::ActionEvent) + 225 29 0x7fb4c353bb62 QAction::triggered(bool) + 66 28 0x7fb4c24a7580 /usr/bin/../lib/x86_64-linux-gnu/libQt5Core.so.5(+0x2e4580) [0x7fb4c24a7580] 27 0x7fb4c3bf0f24 pqReloadFilesReaction::reload(vtkSMSourceProxy*) + 196 26 0x7fb4c2007d92 vtkSMReaderReloadHelper::ReloadFiles(vtkSMSourceProxy*) + 370 25 0x7fb4c20381bd vtkSMSourceProxy::UpdatePipelineInformation() + 125 24 0x7fb4c1f14e74 vtkPVSessionBase::ExecuteStream(unsigned int, vtkClientServerStream const&, bool) + 52 23 0x7fb4c1f16ee2 vtkPVSessionCore::ExecuteStreamInternal(vtkClientServerStream const&, bool) + 242 22 0x7fb4bfa7eb1d vtkClientServerInterpreter::ProcessStream(vtkClientServerStream const&) + 29 21 0x7fb4bfa7e66e vtkClientServerInterpreter::ProcessOneMessage(vtkClientServerStream const&, int) + 190 20 0x7fb4bfa7e555 vtkClientServerInterpreter::ProcessCommandInvoke(vtkClientServerStream const&, int) + 1173 19 0x7fb4c0403cb0 vtkSISourceProxyCommand(vtkClientServerInterpreter*, vtkObjectBase*, char const*, vtkClientServerStream const&, vtkClientServerStream&, void*) + 2080 18 0x7fb4c1f505c0 vtkSISourceProxy::UpdatePipelineInformation() + 176 17 0x7fb4bde9b976 vtkDemandDrivenPipeline::UpdateInformation() + 38 16 0x7fb4bde9da3a vtkDemandDrivenPipeline::ProcessRequest(vtkInformation*, vtkInformationVector**, vtkInformationVector*) + 1146 15 0x7fb4bde96ff3 vtkCompositeDataPipeline::ExecuteDataObject(vtkInformation*, vtkInformationVector**, vtkInformationVector*) + 83 14 0x7fb4bdea0d10 vtkExecutive::CallAlgorithm(vtkInformation*, int, vtkInformationVector**, vtkInformationVector*) + 80 13 0x7fb4bb80927e vtkXdmf3Reader::RequestDataObjectInternal(vtkInformationVector*) + 718 12 0x7fb4bb80b976 /usr/bin/../lib/x86_64-linux-gnu/libvtkIOXdmf3-pv5.9.so.1(+0x45976) [0x7fb4bb80b976] 11 0x7fb4b571e5ae XdmfReader::read(std::string const&) const + 30 10 0x7fb4b55e607e XdmfCoreReader::read(std::string const&) const + 46 9 0x7fb4b55e71ba XdmfCoreReader::readItems(std::string const&) const + 26 8 0x7fb4b55e878c XdmfCoreReader::XdmfCoreReaderImpl::openFile(std::string const&) + 908 7 0x7fb4b5584528 /usr/bin/../lib/x86_64-linux-gnu/libvtkxdmfcore-pv5.9.so.1(+0x49528) [0x7fb4b5584528] 6 0x7fb4c1722c65 /usr/bin/../lib/x86_64-linux-gnu/libstdc++.so.6(+0xa5c65) [0x7fb4c1722c65] 5 0x7fb4c17229d1 /usr/bin/../lib/x86_64-linux-gnu/libstdc++.so.6(+0xa59d1) [0x7fb4c17229d1] 4 0x7fb4c1722966 /usr/bin/../lib/x86_64-linux-gnu/libstdc++.so.6(+0xa5966) [0x7fb4c1722966] 3 0x7fb4c17177ec /usr/bin/../lib/x86_64-linux-gnu/libstdc++.so.6(+0x9a7ec) [0x7fb4c17177ec] 2 0x7fb4c3d3f537 abort + 291 1 0x7fb4c3d55ce1 gsignal + 321 0 0x7fb4c3d55d60 /usr/bin/../lib/x86_64-linux-gnu/libc.so.6(+0x3bd60) [0x7fb4c3d55d60] (2674.926s) [paraview] :0 FATL| Signal: SIGABRT [2] + abort paraview ``` Should I file a bug?
Re: [HS] Coffre fort numérique pour documents
Bonjour, 8 avr. 2021, 18:54 de denis.fer...@gmail.com: > Pour avoir la dernière version sur debian stablé j’ai du la compiler moi-même > mais ce n’est pas sorcier. > Tu parles de KeepassXC ? Auquel cas, c'est dispo via snap également. Bonne soirée l0f4r0
Re: minimize daemon downtime for apt upgrade
On Thu, 8 Apr 2021 10:46:06 -0500 Matt Zagrabelny wrote: > Greetings! > > Scenario: > > I have a Sid desktop computer that acts as a router for my home > network. > > If I wait for a few months to perform an "apt upgrade", many packages > get upgraded. > Not offering an answer, but if you're running sid, you shouldn't wait that long between upgrades, there is a possibility of breaking it. In that time, several major package groups might be replaced, and there may be an issue about the order of upgrades to make it work. I've had to reinstall a sid for that reason, long ago. Possibly today I could recover it, but I wasn't a beginner when it happened. If you must use sid for a mission-critical job, you should be upgrading it at least weekly, I do my sid workstation almost every day. Even then, there is a risk of breaking an important package. Nearly all of sid works nearly all the time, but it's not a 100% uptime OS. -- Joe
Re: [HS] Coffre fort numérique pour documents
Bonjour, Si tu utilises KeepassXC comme suggéré, ta base de donnée est chiffrée, tu peux la dupliquer et la stocker ou tu veux ( local pc, ton NAS, google,...). Tu peux utiliser Keeweb pour la lire ( seule solution sur Ipad). Et si ton épouse n’aime pas linux, elle peut l’utiliser sur windows. Enfin, si tu aimes le H/W , tu peux imprimer la liste de tes password. Pour avoir la dernière version sur debian stablé j’ai du la compiler moi-même mais ce n’est pas sorcier. Cdt Le jeu. 8 avr. 2021 à 17:29, Tulum a écrit : > Le jeudi 8 avril 2021, 12:07:53 CEST David Martin a écrit : > > Bonjour à tous, > > L'un de vous utilise un coffre fort numérique chez un hébergeur, si oui > > que conseillez vous ? > > Digiposte ? > Chiffrement de tes fichiers + nextcloud avec serveur en Suisse ? -- Denis Fertin
Re: Kuren bij starten van Testing
On Wed, 7 Apr 2021 20:19:32 +0200 Sjoerd wrote: > De boel liep vast nadat ik in Grub voor testing gekozen had. Via Grub > kan ik ook naar andere distro's, er zijn een paar die ik eens wou > uitproberen. > Met Grub is dan ook niets mis. > Maar voor het geval ik de boel ooit om zeep help, heb ik de Super > Grub2 Disk. www.supergrubdisk.org/super-grub2-disk/ Handig :-) Thnx! -- richard lucassen http://contact.xaq.nl/
Re: minimize daemon downtime for apt upgrade
On Thu, Apr 08, 2021 at 10:46:06AM -0500, Matt Zagrabelny wrote:
> Greetings!
>
> Scenario:
>
> I have a Sid desktop computer that acts as a router for my home network.
>
> If I wait for a few months to perform an "apt upgrade", many packages get
> upgraded.
>
> The upgrade starts with shutting down isc-dhcp-server (in order to upgrade
> it), then starts to upgrade all the packages, and finally some hours later
> the upgrade starts isc-dhcp-server.
>
> This is a bit annoying as it DoS'es all the other computers on my network.
>
> I know I could do:
>
> apt install isc-dhcp-server
> apt upgrade
>
> to work around this issue.
>
> Is there something more elegant? Like a "minimize downtime" for a package
> config file?
>
> Hand-wavy solution...
>
> $ cat /etc/apt/apt.conf.d/minimize-downtime
> APT::Minimize-Downtime {
> bind9
> apache2
> isc-dhcp-server
> }
>
> Does anyone think this idea could be pushed into package metadata?
>
> Thanks for any help or dialog.
>
> -m
Dan's already made the point that you might be better running Stable.
You could try reconfiguring to Testing - which at the moment is in
freeze awaiting release (and removing any packages left from Sid which
will be in advance of testing). Testing will become stable Bullseye
on release. If you want to try this, you could, potentially, change sid
to bullseye throughout - or, actually, just install Bullseye now.
Keep something up to date regularly and there won't be many updates.
All best,
Andy C.
Re: minimize daemon downtime for apt upgrade
Matt Zagrabelny wrote: > I have a Sid desktop computer that acts as a router for my home network. I have a Stable mini-ITX "desktop" computer that acts as a router for my home network. > If I wait for a few months to perform an "apt upgrade", many packages get > upgraded. I use apticron to automatically download updated stable packages, and then it sends me an email to tell me to do the upgrade. I generally do it early in the morning, but because the router can reboot in 30 seconds thanks to a tiny SSD, I can do it during the day, too. > The upgrade starts with shutting down isc-dhcp-server (in order to upgrade > it), then starts to upgrade all the packages, and finally some hours later > the upgrade starts isc-dhcp-server. Upgrades for mine typically take a couple of minutes... and, as it turns out, it's pretty easy to configure failover for isc-dhcp-server so that it gets handled smoothly by a different computer. > This is a bit annoying as it DoS'es all the other computers on my network. I imagine so. Another thing you could do would be to assign static IPs or DHCP-assigned reliable IPs with long leases. A DHCP lease can be for 24 hours or 30 days, no problem. > I know I could do: > > apt install isc-dhcp-server > apt upgrade > > to work around this issue. > > Is there something more elegant? Like a "minimize downtime" for a package > config file? Is there a reason you use Sid instead of stable? Maybe the upcoming release of Bullseye as stable would be a good time to make that change? -dsr-
minimize daemon downtime for apt upgrade
Greetings!
Scenario:
I have a Sid desktop computer that acts as a router for my home network.
If I wait for a few months to perform an "apt upgrade", many packages get
upgraded.
The upgrade starts with shutting down isc-dhcp-server (in order to upgrade
it), then starts to upgrade all the packages, and finally some hours later
the upgrade starts isc-dhcp-server.
This is a bit annoying as it DoS'es all the other computers on my network.
I know I could do:
apt install isc-dhcp-server
apt upgrade
to work around this issue.
Is there something more elegant? Like a "minimize downtime" for a package
config file?
Hand-wavy solution...
$ cat /etc/apt/apt.conf.d/minimize-downtime
APT::Minimize-Downtime {
bind9
apache2
isc-dhcp-server
}
Does anyone think this idea could be pushed into package metadata?
Thanks for any help or dialog.
-m
Re: [HS] Coffre fort numérique pour documents
Le jeudi 8 avril 2021, 12:07:53 CEST David Martin a écrit : > Bonjour à tous, > L'un de vous utilise un coffre fort numérique chez un hébergeur, si oui > que conseillez vous ? Digiposte ? Chiffrement de tes fichiers + nextcloud avec serveur en Suisse ?BEGIN:VCARD VERSION:3.0 EMAIL;TYPE:tu...@free.fr N: NICKNAME:Tulum UID:4d162a53-38e0-42c1-8855-2a85da07fa7d X-KADDRESSBOOK-MailAllowToRemoteContent:TRUE END:VCARD signature.asc Description: This is a digitally signed message part.
Re: [HS] Coffre fort numérique pour documents
Bonsoir, https://bitwarden.com/ semble être pour la gestion des mots de passes et ne permet pas de stocker des documents. François-Marie BILLARD Le 08/04/2021 à 13:08, Sébastien Dinot a écrit : Bonjour, David Martin a écrit : L'un de vous utilise un coffre fort numérique chez un hébergeur, si oui que conseillez vous ? [ réponse un poil hors sujet, mais ce questionnement m'interpelle ] Pour ma part, je tique un peu à l'idée de confier mes secrets à un tiers, même si ce tiers me garantit que la solution est sûre par design. En effet, même en considérant que c'est effectivement le cas et que je suis le seul à détenir les clés donnant accès à mes secrets, il n'en reste pas moins que je ne pourrai avoir accès à mes secrets qu'à condition que : * je continue à payer pour le service, l'export étant rarement proposé dans les offres SaaS ; * l'entreprise maintienne le service ; * aucune autorité administrative ou judiciaire ne décide de bloquer mon accès (ou l'accès de tous) au service. Or, mes secrets, j'y tiens (je tiens à ce qu'ils restent secrets et je tiens à pouvoir y accéder). Du coup, à titre privé et personnel, je préfère utiliser KeePassXC (et son greffon KeePassXC-Browser), synchronisant mes bases entre mes PC via Unison, mais : * Dans le cadre du travail, j'ai déployé une instance de HashiCorp Vault : https://www.vaultproject.io/ L'interface web n'est sans doute pas la plus conviviale que l'on puisse imaginer, mais Vault présente l'avantage d'être utilisable par les humains et par « les machines » comme on dit. * À titre privé, j'envisage de déployer pour les autres membres de ma famille une instance de Bitwarden sur mon serveur : Je n'ai encore jamais essayé cette application, mais plusieurs personnes m'en ont dit du bien. Sébastien
Re: Hébergement de nom de domaine (sondage ultra rapide)
kaliderus a écrit : > Actuellement chez online, j'envisage de passer chez ikoula et vous ? > pourquoi ? Au niveau professionnel tant que personnel, j'utilise les services de Gandi et d'OVH (2 registrars différents selon les projets pour des raisons historiques) depuis respectivement 21 et 11 ans. Je suis satisfait des deux désormais (j'écris « désormais » parce que Gandi a fait de gros progrès ces derniers temps pour ce qui est du rafraîchissement de ses DNS, passant de 20 minutes à 10 secondes). Les deux registrars disposent d'une API qui permet par exemple de créer des entrées pour les besoins de Let's Encrypt (challenge DNS) ou de projets IaC (mise à jour des DNS en fonction des adresses IP obtenues par les scripts de déploiement automatique de l'infrastructure). Sébastien -- Sébastien Dinot, sebastien.di...@free.fr http://www.palabritudes.net/ Ne goûtez pas au logiciel libre, vous ne pourriez plus vous en passer !
Re: No space left when: update-initramfs: Generating /boot/initrd.img-5.10.0-5-amd64
> > Where would I put the -s please? > > Explanation of how to find the answer: > He was talking about 'apt' commands. > If you read 'man apt' it hints that it is a front-end to > various 'apt-*' commands like 'apt-get'. > The hints look like "apt-get(8)" which is a reference > to the 'apt-get' man page in Section 8, which can > be read using the command: > man 8 apt-get > And if you read that man page, you can find an > explanation of the -s option when used with a > 'apt-get' command. Gotcha. I like the long option names there, almost all of which are immediately suggestive of what the change of behaviour might be: --simulate, --just-print, --dry-run, --recon, --no-act Especially: --simulate and --dry-run (for users of rsync and other commands that use the same long option name)
Re: No space left when: update-initramfs: Generating /boot/initrd.img-5.10.0-5-amd64
On Thu, 8 Apr 2021 at 22:23, Marco Ippolito wrote: > > And I'm a big fan of -s with commands like these, so that > > you know what's going to be changed. Then recall the command > > and remove the -s. > Where would I put the -s please? Explanation of how to find the answer: He was talking about 'apt' commands. If you read 'man apt' it hints that it is a front-end to various 'apt-*' commands like 'apt-get'. The hints look like "apt-get(8)" which is a reference to the 'apt-get' man page in Section 8, which can be read using the command: man 8 apt-get And if you read that man page, you can find an explanation of the -s option when used with a 'apt-get' command.
Re: [HS] Coffre fort numérique pour documents
Le Thu, 8 Apr 2021 12:07:53 +0200, David Martin a écrit : > Bonjour à tous, > L'un de vous utilise un coffre fort numérique chez un hébergeur, si > oui que conseillez vous ? Tu chiffre toi même bien costaud et tu héberge quelque part, peu importe où et selon tes besoin. Moins tu fais confiance, moins tu es déçu. Après ça dépend un peu de ce que doit contenir le "coffre" et comment tu dois y accéder, et j'aurais plus tendance a faire confiance aux Suisses qu'aux Étatsuniens.
Re: Hébergement de nom de domaine (sondage ultra rapide)
bonjour Le 07/04/2021 à 18:08, kaliderus a écrit : Bonjour, Petit sondage ultra rapide (amusant) : J'ai 3 domaines à enregistrer (juste besoin d'enregistrer et de configurer mes DNS), dans ma situation, vers quels registrars iriez-vous ? Actuellement chez online, j'envisage de passer chez ikoula et vous ? pourquoi ? Bon amusement. bonjour Personnellement j'ai un nom de domaine en .fr chez OVH depuis 11 ans. Jamais constaté de pb ; propagation rapide des mises à jours. amitiés Erwann
Re: Boot better have mounted on root or /boot ?
> Eventually it all boils down to one's ability to predict the future or > at least a subset thereof. What would you consider in your future planning regarding sizing /boot? e.g. how many kernels (with how many built-in modules and with what compression) to keep around for alternate booting or reuse elsewhere... ... what else?
Re: Xerox B215 configurar scanner con TCP/IP en Debian 10 xfce
El 8/4/21 a las 09:19, Marcelo Eduardo Giordano escribió: On 7/4/21 09:17, Debian wrote: El 23/3/21 a las 20:41, Marcelo Eduardo Giordano escribió: Estimados: Les cuento que me compré una impresora Xerox B215 especialmente porque en el manual venía bien explicado la instalación en linux que seguí que es esta. ¿Cómo te fue con esto? El hilo está sin cerrar. JAP Hola amigo. Lamentablemente me fué muy mal. No pude obtener respuesta alguna. Lo solucioné utilizando la función de envío por correo electrónico, pero no es lo óptimo. El servicio técnico de XEROX es un desastre con respecto a Linux. Gracias por preguntar Una lástima, y me llama la atención. Nunca tuve ningún problema con ninguna Xerox. Salvo toquetear a mano los archivos ppd para cambiar las configuraciones por defecto, todas las que usé anduvieron bien, y fueron muchas, y desde hace años (desde 2005, Debian "sarge"), porque en la empresa donde trabajo se usa todo Xerox. Y en mi casa tengo una 3225 conectada por WiFi, por lo que toda la familia imprime sin importar dónde esté. Te voy a mandar un "privado". JAP
Re: .profile not being src'd at login on uptodate buster
> >> Where I want output, I protect it with: > >> > >> [ -n "$PS1" ] && printf … > > > > Maybe consider: > > > > [[ -t 1 ]] && printf ... > > Until your script that was started via crontab silently fails. I > *like* always having error messages enabled. I like logs too but -t was in the spirit of -n $PS1, only slightly more robust, I think.
Re: No space left when: update-initramfs: Generating /boot/initrd.img-5.10.0-5-amd64
> And I'm a big fan of -s with commands like these, so that > you know what's going to be changed. Then recall the command > and remove the -s. Where would I put the -s please?
Re: Instalar scanner de Epson L3110
On 7/4/21 13:45, riveravaldez wrote: On 3/27/21, Marcelo Eduardo Giordano wrote: Estimados: No puedo instalar el scanner de la multifunción Epson L3110. He bajado los controladores de la página de epson y me da el siguiente error. dpkg -i epsonscan2-bundle-6.6.2.3.x86_64.deb dpkg: error: el archivo 'epsonscan2-bundle-6.6.2.3.x86_64.deb' no es un fichero normal Creo que apt-get hace un tiempo permite instalar .deb locales, si no recuerdo mal era algo como: $ sudo apt-get install /ruta/completa/a/archivo/epson-etc.deb Quizá puedas hacer la prueba y ver si el mensaje de error (si sigue fallando) nos da alguna pista mejor. Saludos El fin de semana me pongo a probarlo. Muchas gracias
Re: Xerox B215 configurar scanner con TCP/IP en Debian 10 xfce
On 7/4/21 09:17, Debian wrote: El 23/3/21 a las 20:41, Marcelo Eduardo Giordano escribió: Estimados: Les cuento que me compré una impresora Xerox B215 especialmente porque en el manual venía bien explicado la instalación en linux que seguí que es esta. ¿Cómo te fue con esto? El hilo está sin cerrar. JAP Hola amigo. Lamentablemente me fué muy mal. No pude obtener respuesta alguna. Lo solucioné utilizando la función de envío por correo electrónico, pero no es lo óptimo. El servicio técnico de XEROX es un desastre con respecto a Linux. Gracias por preguntar
Re: [HS] Rogue DHCP
Bonjour David, Le 02-04-2021, à 14:29:00 +0200, David Martin a écrit : Bonjour, Je cherche à faire fonctionner nmap avec l'option --script broadcast-dhcp-discover . mais ça ne fonctionne pas. Je pense que je devrais au moins trouver celui qui m'offre une adresse. J'ai testé de mettre le script dans un répertoire avec les foncton rand.lua etc... tout ce qui doit etre nécessaire au prérequis inscript en entete du script. Mais je n'y arrive pas. J'ai testé ceci : nmap --script broadcast-dhcp-discover -e eth0 -p67 nmap --script boradcast-dhcp-discover -e eth0 nmap --script broadcast-dhcp-discover -p67 namap --script broadcast-dhcp-discover nada Avez-vous une idée de ce que j'ai loupé ? Ne manque-t-il pas un réseau à scanner, par exemple nmap --script broadcast-dhcp-discover -e eth0 -p67 192.168.1.0/24 Steve
Re: Need to do 'swanctl --load-all' every boot
Sijmen J. Mulder wrote:
> Hi all,
>
> I've set up an IPsec + IKEv2 VPN server ('road warrior' set up) on
> Debian 10 with StrongSwan. It was my understanding that
> /etc/strongswan.d/swanctl.conf is the modern way to configure it
> so that's what I did.
>
> But now after every boot I have to run 'swanctl --load-all' to be able
> to be able to authenticate with the VPN. I found a slightly related
> Stack Exchange post[1] which talks about charon-systemd vs.
> starter/chron and to be honest it's not quite clear to me what these
> different parts are supposed to do.
>
> These are the strongswan and charon packages I have installed:
>
> charon-systemd
> libcharon-extra-plugins
> libstrongswan
> libstrongswan-extra-plugins
> libstrongswan-standard-plugins
> strongswan-charon
> strongswan-libcharon
> strongswan-starter
> strongswan-swanctl
>
> So it looks like *both* the starter and charon-systemd are installed.
> But when I remove the starter the service doesn't seem to work at all -
> I can't initiate IPsec connections to the machine then.
>
> There is of course the StrongSwan documentation but it didn't help me
> in this aspect.
>
> Any ideas?
I ran IPsec in various ways for about 15 years. Here's what I
can tell you: Wireguard is superior in every single way.
It's easier to configure.
It's easier to debug.
It's probably more secure.
For stable, Wireguard is in buster-backports; it will be
in-kernel in bullseye -- you'll still need to install the tools
package.
Wireguard's model is similar to SSH: you generate public and
private keys for the server and for each user. The server's
config gets to know the users' public keys; the users' configs
each need to know the server's public key and its name or IP
address. If you want to add a user, you generate a key pair and
add the public side to the server config; if you want to delete
a user, you remove their entry from the server config.
The main site is at wireguard.com, because there's a wire-fence
manufacturer sitting on wireguard.org.
-dsr-
Re: .profile not being src'd at login on uptodate buster
On Thu, Apr 08, 2021 at 07:50:23AM +, Curt wrote: > What about addressing his primary point rather than what in my > benefit-of-the-doubt humor I construe as a typographical oversight? I don't remember what the "primary point" was. Was it the same as the Subject: header -- .profile not being read at login? Yeah, we know about that. We've already addressed that. .profile is only read at login time if you login to a shell -- e.g. using ssh or a text console login. (And of course, only if your login shell actually reads .profile. Shells like tcsh which read different files obviously won't read it -- and they wouldn't be able to handle it anyway, because they use different syntax.) It is not read if you login to an X session using a graphical Display Manager. It MAY be read if you login to a Wayland session using a graphical Display Manager. I don't have Wayland stuff installed to test.
Re: .profile not being src'd at login on uptodate buster
On Thu, Apr 08, 2021 at 11:14:48AM +0100, Tixy wrote: > I believe ">/dev/stderr" is not Posix standard and knowing the correct > standard way of doing this could be beneficial. That's correct -- it's not portable. On systems where /dev/stderr actually exists (such as Debian GNU/Linux), according to the man page, bash will actually open /dev/stderr and the semantics will be those of whatever the underlying operating system implements. Testing for confirmation: unicorn:~$ strace -eopen,openat bash -c 'echo hi >/dev/stderr' 2>&1 | tail -3 openat(AT_FDCWD, "/dev/stderr", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3 hi +++ exited with 0 +++ A redirection to /dev/stderr on systems where a real /dev/stderr does NOT exist is handled internally by bash, and is treated similarly to >&2. (I actually wish bash would do this on ALL systems for consistency, but alas.) Any other use of /dev/stderr (not a redirection) relies on the operating system's actual /dev/stderr node, which may not exist on commercial Unix systems, and whose semantics are different across different systems where it does exist. Why is that an issue? On some systems, /dev/stderr is a symlink to something like /dev/fd/2 which means you get the file descriptor duplication semantics that you want. On other systems, it's a symlink directly to some device node, and opening it gives you a second, independent file descriptor pointing to that device. Writes to the two file descriptors are therefore NOT synchronized, the way they would be if you had used >&2. And of course, if the shell reading the script is NOT bash, then you would have to consult the documentation for whichever shell it is. In many cases, you'll be relying on the operating system's /dev/stderr node. tl;dr: Just use >&2.
Re: Boot better have mounted on root or /boot ?
Greg Wooledge wrote: > On Thu, Apr 08, 2021 at 08:55:47AM +0800, Robbi Nespu wrote: >> Filesystem Size Used Avail Use% Mounted on >> /dev/sda1 110G 62G 43G 60% / >> >> What actually the best way for boot directory? put on same root directory >> like I have right now or it better to have it own partition? > The only time you *need* to make it a separate partition is when > you're doing certain flavors of disk encryption. Under those setups, > you need an unencrypted /boot so you can boot and mount your encrypted > root file system. Not even when doing FDE. GRUB2 is able to decipher LUKSv1 volumes. But, given that LUKSv1 has been superceded by the newer v2 format, I would still create a separate /boot, so only it needs to be encrypted using the potential weaker LUKSv1 format while the rest of the system can be on a LUKv2 volume. https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html S° -- Sigmentation fault. Core dumped.
Re: Boot better have mounted on root or /boot ?
On Donnerstag, 8. April 2021 02:15:00 -04 Andrei POPESCU wrote: > On Jo, 08 apr 21, 08:55:47, Robbi Nespu wrote: > > I use auto partitioning (if not mistaken) and boot mounted on root > > "/" instead of creating own "/boot" partition > > > > $ df -h /boot/ > > Filesystem Size Used Avail Use% Mounted on > > /dev/sda1 110G 62G 43G 60% / > > > > What actually the best way for boot directory? put on same root > > directory like I have right now or it better to have it own > > partition? > The "best" way depends a lot on the criteria used to evaluate. > > For me the simplicity of having 'boot' on '/' wins in most cases. It > avoids a lot of issues (like running out of space in /boot) with no > significant downside I'm aware of. > > I've used a separate boot only when there was no way around it, e.g. > the original RaspberryPi needs a FAT /boot partition. > > Kind regards, > Andrei With my setups it is far more likely that / fills up than /boot so having a separate /boot partition at least allows me to boot and solve the problem easily. On the other hand in this case booting from another disk or USB-stick is possible but a wee bit more uncomfortable. As you brought in the case of Raspberries: with today's available disk space there is no reason to be frugal with /boot space except if one has to make do with an SD-card or internal NAND memory. I'd say: if you plan to use your setup for many years without reinstalling, you are better off with separate partitions with well planned sizes. If you reinstall more often (like once or twice a year) put all on one partition. Should it turn out that you use that computer for many years without reinstallation but upgrade - upgrade - upgrade and you need more diskspace for /var or /usr add a disk or two. Caveat: your installation will become somewhat baroque. Power consumption is another concern. Eventually it all boils down to one's ability to predict the future or at least a subset thereof. Cheers Eike
Re: [HS] Coffre fort numérique pour documents
Bonjour, David Martin a écrit : > L'un de vous utilise un coffre fort numérique chez un hébergeur, si > oui que conseillez vous ? [ réponse un poil hors sujet, mais ce questionnement m'interpelle ] Pour ma part, je tique un peu à l'idée de confier mes secrets à un tiers, même si ce tiers me garantit que la solution est sûre par design. En effet, même en considérant que c'est effectivement le cas et que je suis le seul à détenir les clés donnant accès à mes secrets, il n'en reste pas moins que je ne pourrai avoir accès à mes secrets qu'à condition que : * je continue à payer pour le service, l'export étant rarement proposé dans les offres SaaS ; * l'entreprise maintienne le service ; * aucune autorité administrative ou judiciaire ne décide de bloquer mon accès (ou l'accès de tous) au service. Or, mes secrets, j'y tiens (je tiens à ce qu'ils restent secrets et je tiens à pouvoir y accéder). Du coup, à titre privé et personnel, je préfère utiliser KeePassXC (et son greffon KeePassXC-Browser), synchronisant mes bases entre mes PC via Unison, mais : * Dans le cadre du travail, j'ai déployé une instance de HashiCorp Vault : https://www.vaultproject.io/ L'interface web n'est sans doute pas la plus conviviale que l'on puisse imaginer, mais Vault présente l'avantage d'être utilisable par les humains et par « les machines » comme on dit. * À titre privé, j'envisage de déployer pour les autres membres de ma famille une instance de Bitwarden sur mon serveur : https://bitwarden.com/ Je n'ai encore jamais essayé cette application, mais plusieurs personnes m'en ont dit du bien. Sébastien -- Sébastien Dinot, sebastien.di...@free.fr http://www.palabritudes.net/ Ne goûtez pas au logiciel libre, vous ne pourriez plus vous en passer !
Need to do 'swanctl --load-all' every boot
Hi all,
I've set up an IPsec + IKEv2 VPN server ('road warrior' set up) on
Debian 10 with StrongSwan. It was my understanding that
/etc/strongswan.d/swanctl.conf is the modern way to configure it
so that's what I did.
But now after every boot I have to run 'swanctl --load-all' to be able
to be able to authenticate with the VPN. I found a slightly related
Stack Exchange post[1] which talks about charon-systemd vs.
starter/chron and to be honest it's not quite clear to me what these
different parts are supposed to do.
These are the strongswan and charon packages I have installed:
charon-systemd
libcharon-extra-plugins
libstrongswan
libstrongswan-extra-plugins
libstrongswan-standard-plugins
strongswan-charon
strongswan-libcharon
strongswan-starter
strongswan-swanctl
So it looks like *both* the starter and charon-systemd are installed.
But when I remove the starter the service doesn't seem to work at all -
I can't initiate IPsec connections to the machine then.
There is of course the StrongSwan documentation but it didn't help me
in this aspect.
Any ideas?
Thanks,
Sijmen Mulder
1:
https://unix.stackexchange.com/questions/557032/how-to-start-a-swanctl-conf-configured-tunnel-automatically
Re: .profile not being src'd at login on uptodate buster
On Thu, 2021-04-08 at 07:50 +, Curt wrote: > On 2021-04-07, Greg Wooledge wrote: > > On Wed, Apr 07, 2021 at 09:41:51PM +, Lee wrote: > > > Interesting.. "echo foo" in .bashrc does break scp, but not "echo foo >2" > > > > That redirects to a file named "2". > > > > > .. but that doesn't work for bash, so hhrmm.. > /dev/stderr seems to > > > work in all cases: > > > > You wanted >&2 . > > What about addressing his primary point rather than what in my > benefit-of-the-doubt humor I construe as a typographical oversight? Given Lee's statement it seems likely to me that he indeed tried the incorrect redirection ">2" and it would be worthwhile pointing this out, certainly not warrant criticism. I believe ">/dev/stderr" is not Posix standard and knowing the correct standard way of doing this could be beneficial. -- Tixy
[HS] Coffre fort numérique pour documents
Bonjour à tous, L'un de vous utilise un coffre fort numérique chez un hébergeur, si oui que conseillez vous ? -- david martin
Re: [HS] Rogue DHCP
Salut Bernard,
Non eth0 n'est pas erronée, je nomme mes interfaces en ce sens... je suis
un vieux ;-)
Merci pour tes réponses, mais l'idée est de déceler si un serveur DHCP
(monté par un élève par exemple ou un prof) clandestin
est monté en plus de celui officiel sur le réseau d'un établissement
scolaire).
nmap semble le faire très bien... mais je n'arrive à rien et je ne vois pas
ce qui ch.. dans la colle.
Bien à toi
Termshark, connais pas
Le ven. 2 avr. 2021 à 15:59, Bernard Schoenacker <
bernard.schoenac...@free.fr> a écrit :
>
> - Mail original -
>
> > De: "David Martin"
> > À: "debian-user-french@lists.debian.org French"
> >
> > Envoyé: Vendredi 2 Avril 2021 14:29:00
> > Objet: [HS] Rogue DHCP
>
> > Bonjour,
>
> > Je cherche à faire fonctionner nmap avec l'option --script
> > broadcast-dhcp-discover . mais ça ne fonctionne pas.
>
> > Je pense que je devrais au moins trouver celui qui m'offre une
> > adresse.
>
> > J'ai testé de mettre le script dans un répertoire avec les foncton
> > rand.lua etc... tout ce qui doit etre nécessaire au prérequis
> > inscript en entete du script.
>
> > Mais je n'y arrive pas.
>
> > J'ai testé ceci :
>
> > nmap --script broadcast-dhcp-discover -e eth0 -p67
> > nmap --script boradcast-dhcp-discover -e eth0
> > nmap --script broadcast-dhcp-discover -p67
> > namap --script broadcast-dhcp-discover
>
> > nada
>
> > Avez-vous une idée de ce que j'ai loupé ?
>
> > J'essai de trouver une alternative à rogue dhcp de windows pour
> > détecter si plusieurs serveur dhcp emette sur le meme lan.
>
> > --
>
> > david martin
>
> Bonjour David,
>
> Je suis vraiment navré de devoir casser du
> sucre sur ton dos, mais la dénomination de
> la carte réseau est erronée (eth0) ...
>
> voici ma solution qui n'est peut être pas bonne (?) :
>
> sudo apt install -y net-tools libnet-netmask-perl
> libnet-ifconfig-wrapper-perl
>
> ifconfig -a |awk '{print $1}' |head -1 |tr -d :
>
> alternative : ip link show |awk '{print $2}' |tail -2
>
> pour le "forensic" du réseau :
>
> installation de wireshark :
>
> sudo apt install -y wireshark-common wireshark-gtk
>
> documentation :
>
> https://mwoodsmcpd.wordpress.com/2011/11/17/how-to-filter-dhcp-traffic-with-wireshark/
>
> désolé pour le reste, mais comme le message est partiellement
> obfusqué par rapport au contexte, il m'est impossible
> d'avoir un discernement plus certain ...
>
> Merci pour ton aimable attention
>
> Bien à toi
>
> Bernard
>
--
david martin
Re: Effacer plusieurs millions de fichiers d'un répertoire !
Le 07/04/21 à 21:45, Étienne Mollier a écrit : > Si le répertoire est vide, alors les commandes suivantes > devraient faire l'affaire pour récupérer les 959M restants : > > $ sudo rmdir /var/lib/php/sessions > $ sudo mkdir /var/lib/php/sessions Oui, mais attention aux droits, les regarder avant de supprimer le dossier, sur mes machines avec du php il est en 733 avec le sticky bit activé (drwx-wx-wt => les fichiers créés dedans sont alors en 600, sous le user qui les crée, celui du pool php concerné, seul root peut les lister tous, sinon chaque user peut lister/lire/modifier les siens uniquement). Il faudrait dans ce cas ajouter un $ sudo chmod 1733 /var/lib/php/sessions -- Daniel Mieux vaut s'attendre au prévisible que d'être surpris par l'inattendu. Pierre Dac
Re: .profile not being src'd at login on uptodate buster
On 2021-04-07, Greg Wooledge wrote: > On Wed, Apr 07, 2021 at 09:41:51PM +, Lee wrote: >> Interesting.. "echo foo" in .bashrc does break scp, but not "echo foo >2" > > That redirects to a file named "2". > >> .. but that doesn't work for bash, so hhrmm.. > /dev/stderr seems to >> work in all cases: > > You wanted >&2 . What about addressing his primary point rather than what in my benefit-of-the-doubt humor I construe as a typographical oversight?
Re: Boot better have mounted on root or /boot ?
On Jo, 08 apr 21, 08:55:47, Robbi Nespu wrote: > > I use auto partitioning (if not mistaken) and boot mounted on root "/" > instead of creating own "/boot" partition > > $ df -h /boot/ > Filesystem Size Used Avail Use% Mounted on > /dev/sda1 110G 62G 43G 60% / > > What actually the best way for boot directory? put on same root directory > like I have right now or it better to have it own partition? The "best" way depends a lot on the criteria used to evaluate. For me the simplicity of having 'boot' on '/' wins in most cases. It avoids a lot of issues (like running out of space in /boot) with no significant downside I'm aware of. I've used a separate boot only when there was no way around it, e.g. the original RaspberryPi needs a FAT /boot partition. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
