Re: How can I find packages manually installed using "dpkg -i"?

[David Wright]

On Tue 03 Oct 2023 at 19:58:57 (-0700), Mike Castle wrote:
> Some tools I've been using lately are apt-mark and "dpkg-query --show".
> 
> The following UNTESTED commands (ran as a normal user):
> 
> (apt-mark showauto ; apt-mark showmanual) > apt-thinks-you-installed.txt
> dpkg-query --show --showformat='${Package}\n' | grep -v -F -f
> apt-thinks-you-installed.txt > rest.txt

(I've added the omitted -f.)

> The file "rest.txt" should have a list of packages installed that were
> NOT installed via apt.  With any luck, it is small enough to examine
> manually.

I don't think your grep will work correctly. apt-thinks-you-installed.txt
contains patterns, and some of those patterns are very short, for example:
an at bc dc di gv jq mc pv tk acl ant apt bbe cpp ftp git gpg gpm kbd
lz4 mbr mpv mtr pia sed sox tar tcl ucf ufw ure vim w3m xli xxd zip.
These will match packages in the dpkg-query whose names don't actually
appear as complete strings in apt-thinks-you-installed.txt. For example,
pv is in mpv, bbe is in librubberband2. "an" and "at" occur in scores
of package names.

I think you need to enclose each pattern (ie each line of
apt-thinks-you-installed.txt) in the anchors, ^ and $. Ironically,
it would be trivial to add these characters to the output of
dpkg-query, but that's not where they're needed.

Cheers,
David.

Re: Debian live boot corrupting secure boot

[Valerio Vanni]

Il 04/10/2023 17:11, Max Nikulin ha scritto:

But neither Asus (bios from start of September) nor Microsoft 
(Windows 11) do that blacklisting.


Do you mean Windows install on hard drive or Windows install image?

should be "installed"-^


Ok, "installed".

I am curious if just booting a recent media published by Microsoft (not 
install, just booting till first dialog) may change secure boot keys. If 
I have got you right, Windows with all updates installed still allows to 
boot old Clonezilla.


I'll try. Now I don't have the machine.

If firmware has the "EFI shell" option then you may try "bcfg boot 
dump -v". Unsure if it is possible to redirect output to a file.


I'll try. Is there nothing inside Linux efi tools?


Sorry, your question is unclear for me. I was trying to suggest a way to 
inspect UEFI boot variables without disturbing its state. If Linux 
images may do something with secure boot keys then I see the following 
alternatives:

- Firmware may have EFI shell boot option included
- Perhaps there are some tools for Windows


I don't know if there is an EFI shell.

For Linux, I found this (there's no version for Debian):
https://github.com/rhboot/dbxtool

But it says it was replaced by this:
https://github.com/fwupd/fwupd

I'll try.

Re: btrfs snapshots (of root file system)?

[hw]

On Mon, 2023-10-02 at 21:33 +0200, Anders Andersson wrote:
> On Sun, Oct 1, 2023 at 7:20 AM hw  wrote:
> > 
> > Hi,
> 
> Hello! I'm not going into much detail but maybe I can guide you to
> better be able to find what you want.

Hi, like I said, my idea was to take a snapshot of the root file
system so that I could roll back after software
updates. Unfortunately, that won't work because there won't be
snapshots of the MBR and of the UEFI partition, and using clonezilla
to copy the volume didn't seem to be a very idea because it's on
hardware RAID.  I ended up replacing the disks because I wanted to do
that anyway and reinstalled.

Now I have the problem that during the installation, /home was created
as a subvolume, and it can not be deleted.  I want /home to be a
normal directory because it's mount point for another volume.  I
resorted to renaming it to /nohome so I could create the /home
directory, and I still can't delete it.  I might have to reinstall
again to get rid of it.  Btrfs still says the path to the subvolume is
home:


# btrfs subvol list /
ID 256 gen 61 top level 5 path home
ID 257 gen 1286 top level 5 path root
ID 258 gen 238 top level 257 path var/lib/machines


When I try to delete it, btrfs either says the parameter is invalid or
that it's not a subvolume, even when I try to delete it using the ID.
I don't have the exact error message now because /home has to mounted
to write emails, and I'm not gona try to delete it before unmounting
it.

So how do you delete a subvolume?  Why isn't the path adjusted when
renaming it?  That must be somehow buggy.

> > with btrfs, how do I make a snapshot of the root file system?  The
> > purpose is to update software and being able to go back to a previous
> > state if necessary.
> > 
> > There doesn't seem to be a command to create snapshots but only
> > subvolumes?  How does a subvolume turn into a snapshot?  (The root
> > file system is, of course, not on a subvolume.)
> 
> Everything in btrfs is a suvolume, including the root (aka
> "top-level").

Well, that is nonsense.  Something that's on top isn't on a lower
level.

> A snapshot is merely a subvolume created *from* another
> subvolume, and can optionally be read-only.
> 
> You can take a snapshot of the top level subvolume by doing "btrfs sub
> snap / @foo". Documentation for creating both empty subvolumes and
> snapshots are in btrfs-subvolume.

Isn't that 'btrfs subvolume snapshot ...'?  And I would have created
the snapshot on the other volume because the other volume is larger.
>From what I've been reading that should be no problem.

> > How do I merge snapshots?  IIRC, when you remove a ZFS snapshot, the
> > older state is merged to the state the snapshot is in.  Apparently
> > btrfs can only delete snapshots --- and it seems like a bad idea to
> > delete the root file system.  How would I boot from it when it's been
> > deleted?
> 
> I don't think you can merge snapshots the way you describe. I don't
> see how it could be atomic?

Why would something be atomic?  Think of how ZFS does it.  IIRC, you either
'destroy' a snapshot, which is misleading because the snapshot isn't
destroyed but what the snapshot was made of is being merged with the
snapshot such that its origin disappears and what you get is the
current version as the result of the merge.  Or you 'rollback' to
something a snapshot was made of and you get that.  Both happens in
the same place.  That also is so confusing that I never really did
anything with snapshots.

Btrfs seems to suck in that when you create a snapshot --- which can't be
merged --- and, which is very important, it doesn't happen in place:
If you want to roll back to a previous version, you somehow need to
replace the current version with the old version, and that leaves you
with the question of how you put the old version into the newer
version after you deleted the newer one.

Not being able to do it in place makes me wonder what snapshots are
supposed to be for.  They're pretty useless when you can't just roll
back, and they are no substitue for backups.  If you have to make them
on the same volume, that's a very severe limitation.  So what's the
point?

Or maybe I got it all wrong.  It's confusing.

> You can however move subvolumes around freely, create new snapshots
> at will, and select the boot subvolume either by the "subvol="
> mount option or by setting the default subvolume (btrfs sub
> set-default).

So I can create a snapshot on a different volume?  I haven't tried.

There's no subvolume for /boot but an EFI partition.  IIRC that's part
of the reason why you can not use btrfs for boot volumes without
hardware RAID.  When one of the disks fails, you're screwed if the
'right' one is the one that failed.

> > Can I make a snapshot on a different volume?  The manpage doesn't say
> > that the destination of a subvolume must be on the same volume, and in
> > any case, I should be able to do that.
> 
> You can create snapshots anywhere *within the same 

Re: Update on problem mounting NFS share

[David Christensen]

On 10/4/23 05:03, Steve Matzura wrote:

On 10/3/2023 6:06 PM, David Christensen wrote:

On 10/3/23 12:03, Steve Matzura wrote:

I gave up on the NFS business and went back to good old buggy
but reliable SAMBA (LOL), ...




I have attempted to document the current state of Samba on my
SOHO, below.  ...



Wow but that's an awful lot of work for something that seems to be a
timing problem. But at least I learned something.


What is posted is the results of a lot of work -- trying countless
combinations of settings on the server and on the client via edit,
rebooting, and test cycles; until I found a combination that seems to work.


Your OP of /etc/fstab:

//192.168.1.156/BigVol1 /mnt/bigvol1 civs
vers=2.0,credentials=/root/smbcreds,ro

* The third field is "civs".  Should that be "cifs"?

* The fourth field contains "ro".  Is that read-only?  If so, how do you
create, update, and delete files and directories on /mnt/bigvol1?


David

Re: Debian live boot corrupting secure boot

[Jeffrey Walton]

On Tue, Oct 3, 2023 at 11:44 AM Valerio Vanni  wrote:
>
> Il 03/10/2023 04:01, Jeffrey Walton ha scritto:
>
> >>> Does it mean that you can not boot your *old* Clonezilla live after 
> >>> booting a latest Clonezilla? If so, it is better to discuss the issue 
> >>> with shim or grub developers.
> >>
> >> Yes. If I load a Clonezilla live newer than 3.1.0-11, then I cannot boot
> >> anymore 2.8.1-12.
> >
> > I would probably bet if you booted to Windows, the OS would check the
> > Forbidden Signature/Secure Boot DBX and (re)apply KB5012170 [0] as
> > required.
>
> No, it hasn't happened. If you read the entire discussion, it hasn't
> happened neither with Windows 10 nor Windows 11.
> The only action that breaks secure boot of Clonezilla 2.8.1-12 is
> reaching the page of Grub entries in recent Clonezilla and Debian live.
>
> > So you are probably going to have to deal with this sooner rather than
> > later. Both OSes are going to try to update the database with
> > signatures of the bad grub programs. Or I would not bet against it.
> >
> > [0] 
> > https://support.microsoft.com/en-gb/topic/kb5012170-security-update-for-secure-boot-dbx-72ff5eed-25b4-47c7-be28-c42bd211bb15
>
> Yes, no one can tell... but this update has more than six months.
> So far it seems that Linux has a larger revocation database.
>
> And, even if Windows would adopt this larger database, I keep on
> considering it bad in a live environment. Be it Live Windows or Live Linux.

Did you see new grub vulnerabilities were just announced? [1] I would
not be surprised if both Linux and Windows updated the Forbidden
Signature/Secure Boot DBX.

You're going to have to deal with it eventually. Restoring UEFI
firmware to run an old Clonezilla is not a long term solution.

[1] https://www.openwall.com/lists/oss-security/2023/10/04/5

Jeff

Re: Debian live boot corrupting secure boot

[Max Nikulin]

On 03/10/2023 01:34, Valerio Vanni wrote:

Il 02/10/2023 18:45, Max Nikulin ha scritto:


But neither Asus (bios from start of September) nor Microsoft 
(Windows 11) do that blacklisting.


Do you mean Windows install on hard drive or Windows install image?

should be "installed"-^


Machine comes with Windows 10 pre installed, and then it's updated from 
Windows update. Then I installed Windows 11 with upgrade assistant.

So far, no blacklist of old Clonezilla.

Do you mean that installing Windows 10 or 11 from scratch could behave 
differently?


I am curious if just booting a recent media published by Microsoft (not 
install, just booting till first dialog) may change secure boot keys. If 
I have got you right, Windows with all updates installed still allows to 
boot old Clonezilla.


I just have spotted in the news
https://security-tracker.debian.org/tracker/CVE-2023-4692
"Crafted file system images can cause heap-based buffer overflow and may 
allow arbitrary code execution and secure boot bypass"


and a related link

https://github.com/rhboot/shim/blob/main/SBAT.md
Secure Boot Advanced Targeting

If firmware has the "EFI shell" option then you may try "bcfg boot 
dump -v". Unsure if it is possible to redirect output to a file.


I'll try. Is there nothing inside Linux efi tools?


Sorry, your question is unclear for me. I was trying to suggest a way to 
inspect UEFI boot variables without disturbing its state. If Linux 
images may do something with secure boot keys then I see the following 
alternatives:

- Firmware may have EFI shell boot option included
- Perhaps there are some tools for Windows

Re: No wifi on debian 12 fresh install (HP laptop 440 14" G10)

[Itay]

Thank you for the quick reply.
I will follow yous and Michale's advice.

Itay

On Wed, 4 Oct 2023, at 15:41, Alexander V. Makartsev wrote:
> On 04.10.2023 17:08, Itay wrote:
>> Hi
>> 
>> I recently purchased an HP ProBook 440 14" G10 laptop.
>> This configuration is certified by Ubuntu[1].
>> The specs, as advertised by HP, can be found here[2].
>> 
>> The installation (debian 12 'bookworm') went as expected (using DVD and wired
>> connection).  However, after reboot, I discovered that wifi was not working.
>> Bluetooth, on the other hand, is working.
>> 
>> After three days of search on the internet[3]-[9] I am really at a loss.
>> I have been a long-time debian *user* -- but am not an expert.
>> I am aware of the possibility to download drivers and compile them from
>> source[10]-[12], but hesitate to do that without an expert guide.
>> 
>> System and device information, as gathered by wireless-info script[13], will
>> follow the references.
>> 
>> Please advise
>> Thanks in advance.
>> Itay
>> 
>> 
>> ...
>> # kernel 
>> 
>> Linux 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-1 (2023-07-14) 
>> x86_64 unknown unknown GNU/Linux
>> ...
>> # lspci #
>> 
>> 03:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. Device 
>> [10ec:c852] (rev 01)
>> Subsystem: Hewlett-Packard Company Device [103c:88e5]
>> ...
>> 
> https://forums.debian.net/viewtopic.php?t=155976
> 
> You need [1] to compile a kernel module for your wifi adapter. There is no 
> other way.
> Just follow build instructions [2] closely and you should be fine.
> 
> 
> [1] https://forums.debian.net/viewtopic.php?t=155976
> [2] 
> https://github.com/lwfinger/rtw89#dkms-packaging-for-debian-and-its-derivatives
> 
> --
> With kindest regards, Alexander.
> 
> ⢀⣴⠾⠻⢶⣦⠀ 
> ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
> ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
> ⠈⠳⣄

Re: No wifi on debian 12 fresh install (HP laptop 440 14" G10)

[Itay]

Thank you for the quick reply.

On Wed, 4 Oct 2023, at 15:32, Michael Kjörling wrote:
> On 4 Oct 2023 15:08 +0300, from deb...@itayf.fastmail.fm (Itay):
>> The installation (debian 12 'bookworm') went as expected (using DVD and wired
>> connection).  However, after reboot, I discovered that wifi was not working.
>> Bluetooth, on the other hand, is working.
>
> Looks like your wireless NIC is a Realtek 10ec:c852 which on 6.1 needs
> an out-of-tree kernel module?
>
> See https://forums.debian.net/viewtopic.php?t=155976
>
> Which in https://forums.debian.net/viewtopic.php?p=782189#p782189 in
> turn points to https://github.com/lwfinger/rtw89/tree/main
>
> Or you can try installing the kernel from bookworm-backports which is
> currently on the 6.4 series, since 6.4 apparently includes that driver.
> https://packages.debian.org/bookworm-backports/linux-image-amd64

Am I right to assume that the second method implies a bigger change from the 
standard installation (and therefore might be less preferable)?

> -- 
> Michael Kjörling  https://michael.kjorling.se
> “Remember when, on the Internet, nobody cared that you were a dog?”

Re: No wifi on debian 12 fresh install (HP laptop 440 14" G10)

[Alexander V. Makartsev]

On 04.10.2023 17:08, Itay wrote:

Hi

I recently purchased an HP ProBook 440 14" G10 laptop.
This configuration is certified by Ubuntu[1].
The specs, as advertised by HP, can be found here[2].

The installation (debian 12 'bookworm') went as expected (using DVD and wired
connection).  However, after reboot, I discovered that wifi was not working.
Bluetooth, on the other hand, is working.

After three days of search on the internet[3]-[9] I am really at a loss.
I have been a long-time debian *user* -- but am not an expert.
I am aware of the possibility to download drivers and compile them from
source[10]-[12], but hesitate to do that without an expert guide.

System and device information, as gathered by wireless-info script[13], will
follow the references.

Please advise
Thanks in advance.
Itay


...
# kernel 

Linux 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-1 (2023-07-14) x86_64 
unknown unknown GNU/Linux
...
# lspci #

03:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. Device 
[10ec:c852] (rev 01)
Subsystem: Hewlett-Packard Company Device [103c:88e5]
...

https://forums.debian.net/viewtopic.php?t=155976

You need [1] to compile a kernel module for your wifi adapter. There is 
no other way.

Just follow build instructions [2] closely and you should be fine.


[1] https://forums.debian.net/viewtopic.php?t=155976
[2] 
https://github.com/lwfinger/rtw89#dkms-packaging-for-debian-and-its-derivatives


--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Re: No wifi on debian 12 fresh install (HP laptop 440 14" G10)

[Michael Kjörling]

On 4 Oct 2023 15:08 +0300, from deb...@itayf.fastmail.fm (Itay):
> The installation (debian 12 'bookworm') went as expected (using DVD and wired
> connection).  However, after reboot, I discovered that wifi was not working.
> Bluetooth, on the other hand, is working.

Looks like your wireless NIC is a Realtek 10ec:c852 which on 6.1 needs
an out-of-tree kernel module?

See https://forums.debian.net/viewtopic.php?t=155976

Which in https://forums.debian.net/viewtopic.php?p=782189#p782189 in
turn points to https://github.com/lwfinger/rtw89/tree/main

Or you can try installing the kernel from bookworm-backports which is
currently on the 6.4 series, since 6.4 apparently includes that driver.
https://packages.debian.org/bookworm-backports/linux-image-amd64

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

No wifi on debian 12 fresh install (HP laptop 440 14" G10)

[Itay]

Hi

I recently purchased an HP ProBook 440 14" G10 laptop.
This configuration is certified by Ubuntu[1].
The specs, as advertised by HP, can be found here[2].

The installation (debian 12 'bookworm') went as expected (using DVD and wired
connection).  However, after reboot, I discovered that wifi was not working.
Bluetooth, on the other hand, is working.

After three days of search on the internet[3]-[9] I am really at a loss.
I have been a long-time debian *user* -- but am not an expert.
I am aware of the possibility to download drivers and compile them from
source[10]-[12], but hesitate to do that without an expert guide.

System and device information, as gathered by wireless-info script[13], will
follow the references.

Please advise
Thanks in advance.
Itay


## references

[1] https://ubuntu.com/certified/202301-31130/22.04%20LTS
[2] https://h20195.www2.hp.com/v2/GetDocument.aspx?docname=c08480164
[3] https://forums.debian.net/viewtopic.php?t=151340
[4] 
https://askubuntu.com/questions/1475717/network-controller-driver-of-rtl8852ce-does-not-work-on-20-04
[5] 
https://askubuntu.com/questions/1215532/realtek-8822ce-wifi-not-working-but-bluetooth-working
[6] 
https://askubuntu.com/questions/1336379/network-driver-for-realtek-8852-20-10
[7] 
https://naushadbhat.medium.com/ubuntu-wifi-not-working-in-new-hp-laptops-solution-533e68613b7b
[8] https://forums.linuxmint.com/viewtopic.php?t=397536
[9] http://linux-wless.passys.nl/
[10] 
https://www.realtek.com/en/component/zoo/category/network-interface-controllers-10-100-1000m-gigabit-ethernet-pci-express-software
[11] https://github.com/airium/Realtek-PCIe-GBE-NIC-Driver
[12] https://github.com/lwfinger
[13] https://github.com/UbuntuForums/wireless-info


## wireless info START ##

Report from: 04 Oct 2023 11:45 IDT +0300

Booted last: 04 Oct 2023 00:00 IDT +0300

Script from: 25 Jan 2020 03:34 UTC +

# release ###

Distributor ID: Debian
Description: Debian GNU/Linux 12 (bookworm)
Release: 12
Codename: bookworm

# kernel 

Linux 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-1 (2023-07-14) x86_64 
unknown unknown GNU/Linux

Parameters: ro, quiet

# desktop ###

sed: can't read /root/.dmrc: No such file or directory

Could not be determined.

# lspci #

03:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. Device 
[10ec:c852] (rev 01)
Subsystem: Hewlett-Packard Company Device [103c:88e5]

04:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. 
RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [10ec:8168] (rev 15)
Subsystem: Hewlett-Packard Company RTL8111/8168/8411 PCI Express Gigabit 
Ethernet Controller [103c:8b78]
Kernel driver in use: r8169

# lsusb #

Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 005: ID 04f3:0c7e Elan Microelectronics Corp. ELAN:ARM-M4
Bus 003 Device 004: ID 0bda:c85c Realtek Semiconductor Corp. Bluetooth Radio
Bus 003 Device 002: ID 0408:5483 Quanta Computer, Inc. HP HD Camera
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

# PCMCIA card info ##

# rfkill 

13: hci0: Bluetooth
Soft blocked: no
Hard blocked: no

# secure boot ###

SecureBoot disabled

# lsmod #

wmi_bmof   16384  0
wmi36864  2 video,wmi_bmof

# interfaces 

[/etc/network/interfaces]

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

# ifconfig ##

1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
link/loopback  brd 
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute 
   valid_lft forever preferred_lft forever
2: enp4s0:  mtu 1500 qdisc fq_codel state UP 
group default qlen 1000
link/ether  brd 
inet 10.0.0.17/24 brd 10.0.0.255 scope global dynamic noprefixroute enp4s0
   valid_lft 3358sec preferred_lft 3358sec
inet6 2a10:8010:680d:0:baa1:56c:141b:ca7/64 scope global temporary dynamic 
   valid_lft 86122sec preferred_lft 84235sec
inet6 2a10:8010:680d:0:/64 scope global dynamic 
mngtmpaddr noprefixroute 
   valid_lft 86122sec preferred_lft 86122sec
inet6 fe80::/64 scope link noprefixroute 
   valid_lft forever preferred_lft forever

# iwconfig ##

lono wireless extensions.

enp4s0no wireless extensions.

# route #

default via 10.0.0.138 dev enp4s0 proto dhcp src 10.0.0.17 metric 100 
10.0.0.0/24 dev enp4s0 proto kernel scope link src 10.0.0.17 metric 100 

# 

Re: List packages from non-default repositories

[Max Nikulin]

On 04/10/2023 15:42, Jörg-Volker Peetz wrote:

$ apt list '~i' | grep -v '/testing'

and

$ apt-show-versions | grep -v '/testing '

show the same packages, correctly, but

$ apt list '~i!~Atesting'

is missing some packages.


It is the reason why I added '?narrow'. Try

   apt list '?any-version(~i!~A^testing)'

For me it is not intuitive that the outer '?any-version()' modifies 
result of the inner '?and()'.


Actually the expression gives *some* upgradable packages in addition, 
but not all of them. For the stable release installed libc6 version is 
available from bookworm/main, but thunderbird-102 has been wiped from 
bookworm-security, so


apt list '?narrow(~i, ~n"^(thunderbird|libc6)$", !~A^stable)'
Listing... Done
thunderbird/stable-security 1:115.3.1-1~deb12u1 amd64 [upgradable from: 
1:102.15.1-1~deb12u1]

N: There are 3 additional versions. Please use the '-a' switch to see them.

skips libc6 however it can be upgraded

apt list '~U~n"^(thunderbird|libc6)$"'
Listing... Done
libc6/stable-security 2.36-9+deb12u3 amd64 [upgradable from: 2.36-9+deb12u1]
thunderbird/stable-security 1:115.3.1-1~deb12u1 amd64 [upgradable from: 
1:102.15.1-1~deb12u1]


It took some time for me to figure out what is the difference.

apt policy libc6 thunderbird
libc6:
  Installed: 2.36-9+deb12u1
  Candidate: 2.36-9+deb12u3
  Version table:
 2.37-10 100
100 http://deb.debian.org/debian trixie/main amd64 Packages
 2.36-9+deb12u3 500
500 http://security.debian.org/debian-security 
bookworm-security/main amd64 Packages

 *** 2.36-9+deb12u1 500
500 http://deb.debian.org/debian bookworm/main amd64 Packages
100 /var/lib/dpkg/status
thunderbird:
  Installed: 1:102.15.1-1~deb12u1
  Candidate: 1:115.3.1-1~deb12u1
  Version table:
 1:115.3.1-1~deb12u1 500
500 http://security.debian.org/debian-security 
bookworm-security/main amd64 Packages

 1:115.2.2-1 100
100 http://deb.debian.org/debian trixie/main amd64 Packages
 *** 1:102.15.1-1~deb12u1 100
100 /var/lib/dpkg/status
 1:102.13.0-1~deb12u1 500
500 http://deb.debian.org/debian bookworm/main amd64 Packages

So either ", !~U" should be added inside "?narrow()" or "| ~U" outside 
of it, depending on desired result in respect to upgradable packages.

Re: List packages from non-default repositories

[Jörg-Volker Peetz]

Max Nikulin wrote on 04/10/2023 04:22:

On 04/10/2023 01:29, Jörg-Volker Peetz wrote:

Max Nikulin wrote on 03/10/2023 12:11:

apt list '?narrow(~i, !~Astable|~Astable-backports|!~O^Debian$|~o|~c)'


In my experience the only tool that gives correct answers, is 
apt-show-versions in the package of the same name:


$ apt-show-versions | grep -v '/stable '


Thanks.

Do you have an example of a case when apt-show-versions works better when the 
following command?


   apt list '~i' | grep -Ev '[/,]stable(-updates|-security)?,'



I have to add that I'm working on a system from the testing archive with 
unstable and experimental archives also available.


Indeed the commands

$ apt list '~i' | grep -v '/testing'

and

$ apt-show-versions | grep -v '/testing '

show the same packages, correctly, but

$ apt list '~i!~Atesting'

is missing some packages.

Regards,
Jörg.

Re: List packages from non-default repositories

[Max Nikulin]

On 04/10/2023 11:58, David Wright wrote:

Explanations for these hits:
   linux-image is the previous kernel,
   xtoolwait is from squeeze,
   youtube-dl is the last I found before I started using yt-dlp,
   and I don't have backports in my sources.list.


Besides youtube-dl, these packages should be reported by

   apt list '~o'

In my cases '~o' was inapplicable since packages are available from 
configured repositories. At certain moment (after reinstalling 
libstdc++6 and removing gcc-13-base) my list was

  elpa-org/testing,now 9.6.9+dfsg-1 all [installed]
  libnss3/testing,now 2:3.92-1 amd64 [installed,automatic]
  libx11-6/testing,now 2:1.8.6-1 amd64 [installed,automatic]
  libx11-xcb1/testing,now 2:1.8.6-1 amd64 [installed,automatic]
  linux-image-6.4.0-0.deb12.2-amd64/stable-backports,now 
6.4.4-3~bpo12+1 amd64 [installed,automatic]


I have realized that in my original command '~o' may be omitted, '~c' 
was added at a wrong place. In comparison to "apt list '~i'" or 
apt-show-versions + grep it had additional feature (or bug). It listed 
upgradable packages. So my current pattern to get package candidates for 
clean-up is (for oldstable)


  apt list '?narrow(~i, 
!~A^oldstable|~A^oldstable-backports|!~O^Debian$, !~U) | ~c | ~b'

Re: swap-fle on arm64, need to disable, how?

[gene heskett]

On 10/1/23 18:46, Stefan Monnier wrote:

There I disagree, Greg, it makes a handy download tool, directly
from wherever, directly to the machine that needs it.  That,
apt/synaptic and git are the major net tools I use.  Obviously I'm
not trying to run them simultaneously. Every machine here 7 ATM, can
browse the net, making it very easy to keep them up to date.

Do you have some big honking KVM to multiplex all those machines
onto your screen and keyboard, or do you actually have 7 screens and
7 keyboards and you need to walk over from one to the other?

Here I was going to ask if you'd ever hear of ssh and sshfs. but thn I read
the next paragraph.


Then why do you need to run firefox on the rpi's?  I'd use Firefox on my
desktop and if I need to download files to one of the other machines,
I'd copy those files via `scp` or `sshfs` or even NFS (NFS
authentication is a PITA in my experience, but if you can use
a dedicated local network where you all machines can somewhat trust
each other, NFS can be a good option).


NFS is a pita.
sshfs just works for file movement. ssh -X for login stuff. It helps of 
course that I am the only "live user"



And Odroid?  Where do I send condolence flowers?


I was not super happy with some aspects (e.g. the fact that I can't get
the source code for some of the firmware, including the Petitboot that's
included, nor is there any way to change that firmware's config (e.g. to
make Petitboot use the serial console rather than the HDMI output)), but
in practice it works well and the hardware is fully supported by the
vanilla Linux kernel.

It wasn't anywhere near primetime ready when I bought on 7 or 8 years 
ago. Actually supporting linux was not then a prioirty. I use winderz 
stuff for target practice here.


 Stefan

.


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: How can I find packages manually installed using "dpkg -i"?

[Max Nikulin]

On 04/10/2023 09:58, Mike Castle wrote:

The following UNTESTED commands (ran as a normal user):

(apt-mark showauto ; apt-mark showmanual) > apt-thinks-you-installed.txt
dpkg-query --show --showformat='${Package}\n' | grep -v -F
apt-thinks-you-installed.txt > rest.txt

The file "rest.txt" should have a list of packages installed that were
NOT installed via apt.  With any luck, it is small enough to examine
manually.


My expectation is that rest.txt contains a list of broken or removed, 
but not purged packages and an alternative way to get a similar list is


  apt list '?config-files | ?broken'

or 'apt list '~c|~b'. I wonder what is the output of

  dpkg-query --show --showformat='${Status} ${Package}\n' PKG

for any package from rest.txt that is still installed.

Re: SMART error messages being sent to the wrong address

[tomas]

On Wed, Oct 04, 2023 at 02:43:36AM -0400, Jeffrey Walton wrote:

[...]

> $ sudo su -

...better spelt these days as "sudo -i" (or "sudo -s"), see sudo(1)'s
man page.

> $ grep -iIR fanny /etc

If you are sudoing just for one command, even better:

  sudo grep ...

will do. Besides saving quite a few keystrokes, it has other upsides.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: XFCE4 without panels

[Joe]

On Tue, 3 Oct 2023 17:25:09 -0400
 wrote:

> On Tue, 3 Oct 2023 21:53:36 +0100
> Joe  wrote:
> 
>  
> > I use the Third Option, the deskbar, which gives vertical panels at
> > the side and as far as I can see, no spaces between anything, unless
> > you actually place a separator. I use 36 pixels for the launcher
> > panel and 44 pixels, on the other side, for open applications and
> > notifications. The Applications icon has to be renamed to no more
> > than four letters, as the text is horizontal in 36 pixels width, I
> > call mine 'Main'. The panels can be set to a fixed size or to
> > autosize, and I keep the right-hand one down a bit from the top.
> > Some applications don't know to keep the panel area clear, and if
> > it's right at the top, I lose the close widget as the panel stays
> > on top of the application. The panels can be set to autohide, but I
> > prefer to keep them open all the time.
> > 
> > The analogue clock is 60 pixels wide to make it useful, and I leave
> > it unlocked. Wherever it is placed it will obscure something at some
> > time, so I leave it movable.  
> 
> Not sure what the "deskbar" is. However, I tried one last time to get
> XFCE's panel to act right vertically on the left, it looks fine. So I
> added polybar, and it's pretty much what I was looking for.
> 

Good. On the panel dialog box, there is a dropdown which chooses
between vertical, horizontal or deskbar. Vertical and deskbar behave
slightly differently.

-- 
Joe

Re: SMART error messages being sent to the wrong address

[Jeffrey Walton]

On Tue, Oct 3, 2023 at 9:32 PM Gary Dale  wrote:
>
> I'm running Debian/Bookworm on a headless server. The box has had a
> variety of roles and names. At one time it was called fanny after the
> groundbreaking rock band and because it had a lot of fans in it. This
> latter attribute led to it being made into a file server and renamed
> BigData.
>
> The problem I'm having is that SMART error messages are being sent to
> root@fanny. instead of to me. /etc/aliases has all mail to
> root going to me, but because this addressed to root on a machine with a
> different name, it goes out and I only get the message when it bounces
> (because the machine name no longer exists).
>
> I can't find where the e-mail address is being set. Tracing down the
> smartmontools config files didn't turn up any obvious problems.
>
> Can anyone point in the right direction?

If Greg and Charles' suggestions do not work, I would grep for it.

$ sudo su -
$ grep -iIR fanny /etc

That should uncover places the old name shows up.

Jeff