Re: Suspicious "invoice" email?
On Fri, May 17, 2024 at 03:28:35PM -0400, PMA wrote: > I received the following today from (Jerry Henley at) Ella White > . > > I suspect fraud here, so have not opened the invoice he/she attached. > > Can you possibly tell me whether the message is legitimate? I did not spend much time on it. Some, ill informed or naive people would have just paid it, or it could have been an attempt to infect a (MS Windows) PC, or it could have been an attempt to get bank a/c details. Anyway: things like that I forward to the address below and they are looked at by people in GCHQ or similar -- you can help them to combat these reprobates by forwarding suspicious emails: rep...@phishing.gov.uk -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Dovecot correct ownership for logs
On Tue, May 14, 2024 at 03:11:16PM +0200, Richard wrote: >"Top posting" (writing the answer above the text that's being replied >to) is literally industry standard behavior. Many do top post, but many do not. Places where it is often frowned on are technical mail lists such as this one. This is because only quoting to the parts of the mail that you reply to and putting you comment underneath can greatly help understanding. Read the Netiquette Guidelines (1995): https://www.ietf.org/rfc/rfc1855.txt Other discussions here: https://idallen.com/topposting.html https://www.caliburn.nl/topposting.html PS: check the dictionary definition of "literally". -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Test
Hi debian users
Re: Inclusive terminology (instead of master/slave) for network bonding/LACP
On Fri, Mar 15, 2024 at 01:42:25AM +0100, Emanuel Berg wrote: > Mike Castle wrote: > > >> It is "fixing" an issue for today's English speakers. > >> Should we scour our systems looking for similar issues in > >> other languages? Then in, say, 20 years time when different > >> words will then be considered offensive, by some, do this > >> all again? > > > > Yes. > > Remember, there are A LOT of words and expressions we don't > use anymore, and that's good, as they are offensive and > disrespectful. But once they were perfectly normal. Still, one > by one, they have disappeared from active use. That is the big difference. Not use words *currently* deemed offensive in *new* publications (books, newspaper articles, ...) - this is not hard to do. What we are faced with is something very different: a call to locate and modify use in programs that might have been written a long time ago. The effort needed to do this is large and will doubtless cause failures in systems that have been working well for years. It is not just a matter of modifying Debian (+ RedHat + ...) sources but the sources on private systems. We seem to be told that this must be done by those who will not be doing the work. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Postel's Law (Was Re: Inclusive terminology (instead of master/slave) for network bonding/LACP)
On Sat, Feb 24, 2024 at 07:44:44PM -0500, Jeffrey Walton wrote: > On Sat, Feb 24, 2024 at 7:37 PM Andy Smith wrote: > > > > [...] > > Turning back more to protocol design, we have spent decades walking > > back Postel's Law as we find more and more ways that being liberal > > in what our software accepts is untenable in the face of a hostile > > Internet. > > ++. Postel's Law is a disaster nowadays. It was fine back in the > 1980's, but it is dangerous in the toxic environments of today. > > Here's what we teach our developers: Look for any reason you can to > reject the data. If you can't find a reason, then begrudgingly perform > the processing or transformation. There is a difference between not doing validation (eg a field being numeric) and flexibility (eg a line length being 100 bytes which is more than the specified 80 bytes). This is what Postel is talking about. Otherwise I completely agree: validate, validate, validate - if I accept your bad data then it becomes my problem, if I reject it then you have to fix it. Unfortunately people will complain if you do this "everyone accepts the data", to which I reply "please tell me exactly what it means" - which should shut them up. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Inclusive terminology (instead of master/slave) for network bonding/LACP
On Sat, Feb 24, 2024 at 09:03:45AM -0500, The Wanderer wrote: > > It was a BLM thing, not sure if it matters the etymology of such > > words. > > The etymology certainly *should* matter, insofar as that is the origin > of the *meaning* of the word(s). +1 However that is not the way that the world works, or prolly more accurately how some people think. They see a word/phrase that they have decided that they "own" or somehow relates to them and so view it entirely from their perspective; they make no attempt to understand how the speaker/writer viewed the word/phrase as they *know* what the only meaning can be - everything else is a wrong interpretation. There is little point in trying to argue against someone who has decided to think this way, arguing will just confirm, to them, that you are racist/xxxist and are against them. I sometimes think that something similar to Postel's Law but applied to human interactions would be useful. However that is wishful thinking https://devopedia.org/postel-s-law -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Inclusive terminology (instead of master/slave) for network bonding/LACP
On Fri, Feb 23, 2024 at 10:33:08AM +0100, Mariusz Gronczewski wrote: > On 22.02.2024 11:19, Ralph Aichinger wrote: > > Hello! > > > > I know this is a loaded topic. I really don't want to discuss the > > political aspects of the "why", but just want to know the facts, i.e. > > how far this has been progressed in Debian. > > There is no good reason *why*. It's entirely US political feel-good activism > that doesn't change anything but wastes people's time. Do you actually think > pressing on brake pedal oppresses anybody ? Because it also has master and > slave > cylinder. > > All it does is wastes tens of thousands of people's time once the have to fix > every script, tool and doc piece related to it, for absolutely no benefit > aside from making some twitter activist happy "they did something". > It would *literally* break every single script that checks the status > of bonding config in system, as it is all just plain text. +1 It is "fixing" an issue for today's English speakers. Should we scour our systems looking for similar issues in other languages ? Then in, say, 20 years time when different words will then be considered offensive, by some, do this all again ? -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Thunderbird inbox malfunction
Paul D Schmitt wrote on 2/14/24 10:49: After an upgrade of Debian 11 yesterday, Thunderbird 115.7.0 now has an inbox issue where the listings move making it difficult to save or delete them! I had this exact issue with Debian based Antix 22 after a recent upgrade. That problem was resolved by a subsequent upgrade from Thunderbird. I haven't seen any response to this, so I just thought I'd confirm to you for your peace of mind that there is indeed a problem (or several problems) of some sort, and it's not just you who is experiencing it/them. Following the last update of TB here, it's been awful to try to work with the view of messages. I don't know how they could have released it in such a horrible state, but am assuming that the next update will fix the problem(s). Doc -- Web: http://enginehousebooks.com/drevans
Thunderbird inbox malfunction
After an upgrade of Debian 11 yesterday, Thunderbird 115.7.0 now has an inbox issue where the listings move making it difficult to save or delete them! I had this exact issue with Debian based Antix 22 after a recent upgrade. That problem was resolved by a subsequent upgrade from Thunderbird.
Re: hexchat being discontinued?
On Sun, Feb 11, 2024 at 07:42:24PM +, Richmond wrote: > You could try Pidgin. It's in the Debian repo. It has various protocols > of which irc is just one. It's a bit confusing because you have to go to > the 'buddy' menu to join an irc channel. Yes: Pidgin UI is dreadful. Lots that is non intuitive. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: running a snap package on bookworm?
Greg Wooledge wrote on 1/24/24 12:24: On Wed, Jan 24, 2024 at 12:16:21PM -0700, D. R. Evans wrote: 4. But now how do I actually run the program? I tried just running: $ acrordrdc Have you looked at the man page for snap? It's very long, so I took a guess and looked for "run". Thank you; right at the beginning of the man page it says: > The snap command lets you install, configure, refresh and remove snaps so I didn't think it would be relevant to running a package that was already installed. run Run the given snap command I read that and think: "but I don't want to run a snap command; I want to run an installed snap package". The run command executes the given snap command with the right confinement and environment. Usage: snap [OPTIONS] run [run-OPTIONS] . [...] When I try the run command: $ snap run acrordrdc unknown command: run $ I was amazed that I simply couldn't find anything about actually running installed packages (plenty of sites tell me how to install a package, but none that I looked at then told me how to run the package once it's installed). It can't be hard, but obviously I'm misunderstanding something fundamental about snap. Doc -- Web: http://enginehousebooks.com/drevans
running a snap package on bookworm?
1. I've never used a snap package before. 2. I want to run the acrordrdc program, which is available as a snap package. 3. Following instructions found following a search for help with snap, I ran: sudo apt install snapd sudo snap install core sudo snap install acrordrdc There were no obvious errors. 4. But now how do I actually run the program? I tried just running: $ acrordrdc but that produced: /user.slice/user-1000.slice/session-14.scope is not a snap cgroup which I suppose is useful to someone, but tells me nothing other than that there seems to be some sort of snap-related problem somewhere. 5. As far as I can see, no new entry was added to the start menu, so it would seem that I'm supposed to run the program -- which I assume has the same name as the package; i.e., "acrordrdc" -- from the command line; but how? Doc -- Web: http://enginehousebooks.com/drevans
Re: Resizing LVM partitions
On Mon, Jan 22, 2024 at 10:29:55AM -0500, Stefan Monnier wrote: > > lvextend --size +1G --resizefs /dev/mapper/localhost-home > > > > Ie get lvextend to do the maths & work it out for me. > > > > Those who are cleverer than me might be able to tell you how to get it right > > first time! > > lvreduce --size -50G --resizefs /dev/mapper/localhost-home Oh, even better. It is a long time since I looked at than man page. Does this still need to be done with the file system unmounted or can it be done with an active file system these days ? -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Resizing LVM partitions
On Mon, Jan 22, 2024 at 03:32:30PM +0100, sko...@uns.ac.rs wrote: > I am getting the following message at any boot: > > "The volume "Filesystem root" has only 221.1 MB disk space remaining." > > df -h says: > > Filesystem Size Used Avail Use% Mounted on > udev1.5G 0 1.5G 0% /dev > tmpfs 297M 9.0M 288M 4% /run > /dev/mapper/localhost-root 5.2G 4.7G 211M 96% / > /dev/mapper/localhost-usr14G 12G 948M 93% /usr > tmpfs 1.5G 0 1.5G 0% /dev/shm > tmpfs 5.0M 4.0K 5.0M 1% /run/lock > tmpfs 1.5G 0 1.5G 0% /sys/fs/cgroup > /dev/sda1 228M 133M 84M 62% /boot > /dev/mapper/localhost-tmp 2.3G 57K 2.2G 1% /tmp > /dev/mapper/localhost-var 2.7G 2.5G 55M 98% /var > /dev/mapper/localhost-home 257G 73G 172G 30% /home > tmpfs 297M 40K 297M 1% /run/user/1000 > > As my system has encrypted LVM, I suppose that I shall reduce some space > used for /home, and then use it to extend /, /usr, and /var logical > partitions. I think I did (or tried to do) something similar several years > ago, but forgot the proper procedure. Any link for a good tutorial is > welcomed. Thanks. The shrinking of /home is the hard part. You MUST first unmount /home, then resize the file system, then resize the logical volume. umount /home Find out how big it is: resize2fs /dev/mapper/localhost-home Change the filesystem size: resize2fs /dev/mapper/localhost-home NEW-SIZE Change the partition size: lvextend --size 200G /dev/mapper/localhost-home The hard bit is working out what NEW-SIZE should be and having it such that you use all of the partition but without making the file system size greater than the partition size - ie getting the last few megabytes right. What I do is make NEW-SIZE 2GB smaller than I want (assuming that it still fits), the size I give to lvextend 1GB smaller - so it all works, but there is wasted space & it is not quite big enough. I then do: lvextend --size +1G --resizefs /dev/mapper/localhost-home Ie get lvextend to do the maths & work it out for me. Those who are cleverer than me might be able to tell you how to get it right first time! mount /home Extending the others is easy and can be done when the system is running & active, something like: lvextend --size +1G --resizefs /dev/mapper/localhost-var Finally: ensure that you have a good backup of /home before you start. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Help: network abuse
On Thu, Dec 21, 2023 at 11:39:40AM -0500, Pocket wrote: > > On 12/21/23 10:50, Alain D D Williams wrote: > > It is NOT a firewall issue. > > > If I am correct you don't want any thing from the outside to hit your web > server? The words "web server" is ambiguous. It can mean my machine, ie can me the Apache process. The packets are hitting the machine (evidence tcpdump) but not the process (as the TCP startup does not complete). > If so your firewall is not configured correctly. You have failed to understand what is happening. I shall stop after this. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Help: network abuse
On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote: > All you should be seeing is scans which you can not prevent. I am looking at incoming packets with tcpdump. This sees packets *before* they are filtered by iptables. > What are you using for a firewall? Something hand rolled. Reasonably complicated (over 300 rules) as it deals with: internet, VPN, DMZ, internal network for virtual machines. It is NOT a firewall issue. > It is my belief that your firewall is NOT setup correctly and that is why > you are seeing the traffic. My firewall *cannot* deal with packets before they hit my machine. They only hit my machine after they have arrived over broadband. The only thing that I might be able to do is to somehow prevent discovery that my machine is listening on port 80 -- that would mean somehow distinguishing between a genuine visitor and one that is mapping the Internet to later pass that map somewhere else which generates the unwanted traffic that I see. > Amazon AWS system. should not be able to hit your http server, unless you > want it to. How do I distinguish between wanted & unwanted connections. The only thing that I can think of is to DROP incoming packets if the source port is 80 or 443 - which would disrupt the mapping process. However: if the mapping process uses normal TCP (ie high/random port number) this would do little. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Help: network abuse
On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote: > Use a firewall and set it up correctly. That I have done. The issue is broadband usage - ie before it hits the firewall. > Assuming a residential environment. > > Firewall the router and server(s) as well as all the client machines. > > I have nginx, dovecot and exim4 and other daemons running on my network > servers. > > Most, (includes many of the ones here) don't have a firewall properly > configured. Nor do they understand how to properly configure a firewall. > > You will still get scanned but there is little you can do about that. > > -- > > Hindi madali ang maging ako > -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Help: network abuse
On Thu, Dec 21, 2023 at 01:39:53PM +, Andy Smith wrote: > Okay well 30KiB/s is only about 78GiB/month which isn't really a > lot. I think we're both in UK and it's been hard to find a domestic > Internet connection that you'd run a web server on that can't cope > with 78G/mo. So ignoring it seems okay. I have been with my ISP for 14 years (moved to get IPv6), for various reasons I cannot change to a tariff that will give me anything like that (their support has also fallen through the floor) - I need to change (& the landline) and then I prolly would not care. Andrews & Arnold and Zen seem recommended. > You say these never complete a TCP handshake even though you do run > Apache on port 80? If so, it does make me wonder what they are > trying to do. They might be trying to hijack an existing TCP connection or, even simpler, cause my machine problems by having many, many 1/2 set up TCP connections (which uses memory until they expire). -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Help: network abuse
On Thu, Dec 21, 2023 at 07:50:42AM -0500, Greg Wooledge wrote: > If your home Internet service has an "allowance", you probably shouldn't > run a web server on it. Yes: I do run a web server at home, but there is only a little/personal stuff, it does not receive much real traffic, I do not want it to. Most of my web presence is hosted elsewhere. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Help: network abuse
My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is unsolicited. I do not know what it is trying to achieve but suspect no good. It is also eating my broadband allowance. This does not show up in the Apache log files - the TCP connection does not succeed. Sometimes my machine does send a packet in reply, there are 2 examples at the foot of this email. Questions: • What is going on ? • What can I do about it ? I do manually add some of the IPs to the f2b chain which will stop replies but that is about it. My ISP refuses to do anything about it - I admit that I cannot see what they could do, maybe filter packets with a source port of 80 or 443. I also get attempts to break into ssh (port 22) - I am not worried about that. I append a few lines of output of "tcpdump -n -i enp3s0" done today. 192.168.108.2 is the address of my desktop PC. The connecting IPs below all belong to Amazon but this changes with time, China is another common source of similar packets. 11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 ecr 0,nop,wscale 7], length 0 11:08:56.354700 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 3665362944, win 51894, options [mss 1402,sackOK,TS val 4179952761 ecr 0,nop,wscale 7], length 0 11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 0,nop,wscale 7], length 0 11:08:56.360696 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 1622147072, win 51894, options [mss 1410,sackOK,TS val 2887711608 ecr 0,nop,wscale 7], length 0 11:08:56.360950 IP 54.184.78.87.80 > 192.168.108.2.80: Flags [S], seq 3168796672, win 51894, options [mss 1404,sackOK,TS val 535364985 ecr 0,nop,wscale 7], length 0 11:08:56.364565 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 132317184, win 51894, options [mss 1407,sackOK,TS val 2350122105 ecr 0,nop,wscale 7], length 0 11:08:56.364708 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 1098776576, win 51894, options [mss 1405,sackOK,TS val 3426157689 ecr 0,nop,wscale 7], length 0 11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 0,nop,wscale 7], length 0 2 days ago a similar capture. Note that the source port is 443 not 80: 09:47:31.416452 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 2724200448, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 7], length 0 09:47:31.417861 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 925237248, win 51894, options [mss 1407,sackOK,TS val 756418658 ecr 0,nop,wscale 7], length 0 09:47:31.440892 IP 27.124.10.197.443 > 192.168.108.2.80: Flags [S], seq 3474063360, win 51894, options [mss 1404,sackOK,TS val 3970828642 ecr 0,nop,wscale 7], length 0 09:47:31.449393 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 2844721152, win 51894, options [mss 1407,sackOK,TS val 1831471202 ecr 0,nop,wscale 7], length 0 09:47:31.451430 IP 154.39.104.67.443 > 192.168.108.2.80: Flags [S], seq 2336358400, win 51894, options [mss 1415,sackOK,TS val 395513698 ecr 0,nop,wscale 7], length 0 09:47:31.451610 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 808976384, win 51894, options [mss 1414,sackOK,TS val 1960250978 ecr 0,nop,wscale 7], length 0 09:47:31.453372 IP 143.92.60.30.443 > 192.168.108.2.80: Flags [S], seq 3177512960, win 51894, options [mss 1408,sackOK,TS val 4033677410 ecr 0,nop,wscale 7], length 0 09:47:31.456937 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 1042087936, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 7], length 0 09:47:31.461961 IP 27.124.10.226.443 > 192.168.108.2.80: Flags [S], seq 3200516096, win 51894, options [mss 1403,sackOK,TS val 2314013026 ecr 0,nop,wscale 7], length 0 Examples where my machine sends a reply: 09:47:31.658790 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 612564992, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 7], length 0 09:47:31.659442 IP 192.168.108.2.80 > 154.39.104.67.443: Flags [S.], seq 3770299450, ack 1858732033, win 65160, options [mss 1460,sackOK,TS val 164888251 ecr 395513698,nop,wscale 7], length 0 09:47:31.756220 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 2992898048, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 7], length 0 09:47:31.756272 IP 192.168.108.2.80 > 5.45.73.147.443: Flags [.], ack 1226309633, win 509, options [nop,nop,TS val 2085784149 ecr 994101358], length 0 -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Print flakes off mailing labels, use a fixative?
On 12/4/23 16:52, Tom Browder wrote: HP printer and toner, Office Depot labels. I bought so hair spray and will try that. -Tom I just looked at Office Depot website and the only labels I see that are for both laser and inkjet are an off brand. I see why you went for the off brand, they are a whole lot cheaper than the Avery labels the same size, but maybe this is why. 100 sheets for $13. Twice as many labels for 1/3 the price. I might have tried them too. I really don't see how hairspray or any other liquid spray could do any good. If you think it will seep under the toner and glue it down that seems problematic to me and it might make the labels peel off. Cellophane tape might work better. I think you said that you took the label to the UPS store and their printer had the same problem so the problem is definitely the labels and best just swallow hard and buy the Avery labels. (Or just write the address with a ball point pen.) -Don
Re: X: how to *really* switch from nouveau to modesetting?
Felix Miata wrote on 9/12/23 11:51: You really should eliminate that xorg.conf file, and if the problem continues, don't assume it's the kernel driver at fault. Just report a bug if so inclined. Where would depend on behavior after removing xorg.conf. If it fixes the problem, there is almost assuredly no bug anywhere at all affecting you. If with modesetting it's gone, but with xserver-xorg-video-nouveau installed and in use it remains, then it would be good to report a nouveau DDX bug, though the problem could be DRI or Mesa. Unreported bugs can go a very long time before a fix occurs, if ever. What you are now experiencing is not acceptable behavior. 13 years of age is too young to accept FOSS performance degradation or need GPU upgrade. I have removed /etc/X11/xorg.conf, and the problem remains. So in this case, where should I report the issue? Doc -- Web: http://enginehousebooks.com/drevans
Re: X: how to *really* switch from nouveau to modesetting?
Felix Miata wrote on 9/11/23 19:57: You did it. You made the switch. But see below. (There are multiple components to GPU support in Linux.) (There is no "the" nouveau "driver". Graphics support is in the hands of multiple software components, several of which incorporate the string "nouveau" in naming.) I'm glad that you understand this stuff. It certainly seems non-obvious. And the days of good O'Reilly books that walk one through details like this seem to be long gone :-( From the rest of your post, it sounds like everything is as it should be, except that I should probably remove the /etc/X11/xorg.conf file. And I could also re-install the xserver-xorg-video-nouveau without effecting any change; but for now I think I'll just keep things as they are and just note these as possible changes to try sometime, with the expectation that they won't make any practical difference, but might make the system a bit cleaner to administer. And, from what you say here: > D. R. Evans composed on 2023-09-11 11:47 (UTC-0600): > >> Graphics: >> Device-1: NVIDIA GF108 [GeForce GT 430] vendor: Gigabyte driver: nouveau > > Above shows your kernel DEVICE driver is nouveau. It ships specifically for each > kernel with each kernel. For NVidia GPUs there is no other FOSS device driver > option for normal use with KMS enabled, which maximum possible FOSS performance > unconditionally requires. With KMS disabled, there is a crude generic option with > limited resolutions available that no one ever would use purposely unless too > naive to understand the opportunity loss. It's for fallback and troubleshooting > when normal is unavailable. it sounds like the issue must be in the nouveau kernel device driver, and there's nothing I can really do to change that. So I guess I will just wait and hope that some future update removes the problem. ⁂ Just for the record, to provide some context for anyone finding this thread as a result of a search: 1. The issue is that black-on-white text has a "tail" extending some distance on the right of the text (I don't know how to describe it any better than that). 2. It began with a normal bullseye update. Before that, there was no problem at all. 3. Every update and upgrade since then has exhibited the problem. 4. The monitor is KVM-switchable to another bookworm installation, which does not (and never has) exhibited the problem. Doc -- Web: http://enginehousebooks.com/drevans
X: how to *really* switch from nouveau to modesetting?
This is a follow-on to the thread that started with: https://lists.debian.org/debian-user/2023/05/msg00657.html Following the upgrade to bookworm that I recently performed, I was hoping that the problem described in the first post in that thread would magically go away. It didn't :-( Felix suggested removing the nouveau driver and using "modesetting" as the driver. I have removed the nouveau driver -- or at least I thought I did -- by executing: apt-get remove xserver-xorg-video-nouveau which moved the packages: xserver-xorg-video-nouveau xserver-xorg-video-all Upon rebooting into bookworm, though, I still see the original problem, as described in the original post. If I look to see what driver is being used: [ZB:~] inxi -SGaz System: Kernel: 6.1.0-12-amd64 arch: x86_64 bits: 64 compiler: gcc v: 12.2.0 parameters: BOOT_IMAGE=/BOOT/debian@/vmlinuz-6.1.0-12-amd64 root=ZFS=/ROOT/debian ro root=ZFS=rpool/ROOT/debian Desktop: Trinity info: kicker wm: Twin vt: 7 dm: LightDM v: 1.26.0 Distro: Debian GNU/Linux 12 (bookworm) Graphics: Device-1: NVIDIA GF108 [GeForce GT 430] vendor: Gigabyte driver: nouveau v: kernel non-free: series: 390.xx+ status: legacy-active (EOL~late 2022) arch: Fermi code: GF1xx process: 40/28nm built: 2010-16 pcie: gen: 1 speed: 2.5 GT/s lanes: 16 ports: active: HDMI-A-1 empty: DVI-I-1,VGA-1 bus-ID: 04:00.0 chip-ID: 10de:0de1 class-ID: 0300 Display: x11 server: X.Org v: 1.21.1.7 with: Xwayland v: 22.1.9 driver: X: loaded: modesetting dri: nouveau gpu: nouveau display-ID: :0 screens: 1 Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x317mm (20.00x12.48") s-diag: 599mm (23.57") Monitor-1: HDMI-A-1 mapped: HDMI-1 model: VGA TO HDMI built: 2013 res: 1920x1080 hz: 60 dpi: 96 gamma: 1.2 size: 509x286mm (20.04x11.26") diag: 584mm (23") ratio: 16:9 modes: max: 1920x1080 min: 640x480 API: OpenGL v: 4.3 Mesa 22.3.6 renderer: NVC1 direct-render: Yes [ZB:~] So the nouveau driver still seems to be available and in use, despite being removed. My xorg.conf file currently looks like this: [ZB:~] cat /etc/X11/xorg.conf Section "ServerLayout" Identifier "X.org Configured" Screen 0 "Screen0" 0 0 Screen 1 "Screen1" RightOf "Screen0" InputDevice"Mouse0" "CorePointer" InputDevice"Keyboard0" "CoreKeyboard" EndSection Section "Files" ModulePath "/usr/lib/xorg/modules" FontPath "/usr/share/fonts/X11/misc" FontPath "/usr/share/fonts/X11/cyrillic" FontPath "/usr/share/fonts/X11/100dpi/:unscaled" FontPath "/usr/share/fonts/X11/75dpi/:unscaled" FontPath "/usr/share/fonts/X11/Type1" FontPath "/usr/share/fonts/X11/100dpi" FontPath "/usr/share/fonts/X11/75dpi" FontPath "built-ins" EndSection Section "Module" Load "glx" EndSection Section "InputDevice" Identifier "Keyboard0" Driver "kbd" EndSection Section "InputDevice" Identifier "Mouse0" Driver "mouse" Option "Protocol" "auto" Option "Device" "/dev/input/mice" Option "ZAxisMapping" "4 5 6 7" EndSection Section "Monitor" Identifier "Monitor0" VendorName "Monitor Vendor" ModelName"Monitor Model" EndSection Section "Monitor" Identifier "Monitor1" VendorName "Monitor Vendor" ModelName"Monitor Model" EndSection [54/136] Section "Device" ### Available Driver options are:- ### Values: : integer, : float, : "True"/"False", ### : "String", : " Hz/kHz/MHz", ### : "%" ### [arg]: arg optional #Option "SWcursor" # [] #Option "HWcursor" # [] #Option "NoAccel" # [] #Option "ShadowFB" # [] #Option "VideoKey" # #Option "WrappedFB" # [] #Option "GLXVBlank" # [] #Option "ZaphodHeads" # #Option "PageFlip" # [] #Option "SwapLimit" # #Option "AsyncUTSDFS" # [] #Option "AccelMethod" # #Option "DRI" # Identifier "Card0" # Driver "nouveau" Driver "modesetting" BusID "PCI:4:0:0" EndSection Section "Device" ### Available Driver options are:- ### Values: : integer, : float, : "True"/"False", ### : "String", : " Hz/kHz/MHz", ### : "%" ### [arg]: arg optional #Option "SWcursor" # [] #Option "kmsdev"# #Option "ShadowFB" # [] #Option "AccelMethod" #
Re: bookworm and network connections
Brian wrote on 9/2/23 04:51: Installation over ethernet, no DE - ifupdown provided. Installation over ethernet or wireless with a DE - network-manager provided. Yep, that one's exactly what I experienced. Although the machine is used more like a server than a desktop, it has DE (KDE) to make it easier on the occasions I do need to do some work on the machine. Installation over wireless without a DE - nothing provided, that is, no networking. Doc -- Web: http://enginehousebooks.com/drevans
Re: WORKAROUND (longish): was bookworm and network connections
Brian wrote on 9/2/23 13:01: Send a mail to cont...@bugs.debian.org Ib the mail body put ressign 1051086 installation-report thanks Sorry. That's "reassign". Done. Thank you. I pondered where to assign in, and couldn't see anywhere that the report really fit. (I interpreted "installation" to mean "initial installation", not "upgrade", so didn't realise that that was the right place.) Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
Michael Kjörling wrote on 9/2/23 03:23: You might want to poke around a little among the files in /etc/NetworkManager, particularly /e/NM/system-connections. That's what NetworkManager _should_ be using to set up the interfaces. See if there's something there to explain the two seemingly being intertwined. You might already have done this, of course, and if so, I apologize for pointing out something you've already tried. I hadn't before but I went and looked carefully this morning. Since I am running ZFS, I can go back and look at those files before the upgrade and see what, if anything has changed. The only change was that there is now an "ntpsec" file in /e/NM/dispatcher.d. Nothing changed anywhere else in or under /e/NM. But see a long posting that I'm about to make about all this, with a subject line containing the word "WORKAROUND". Doc -- Web: http://enginehousebooks.com/drevans
WORKAROUND (longish): was bookworm and network connections
Starting a new thread so that this doesn't get lost in the postings in the original thread. The original thread was started at: https://lists.debian.org/debian-user/2023/09/msg00024.html That post contains a description of the problem. I now have a workaround (although not an explanation) for the problem. As I noted in the above thread, once the system was up, I could get the networking to function correctly by manually entering the commands: sudo nmcli connection down "Wired connection enp11s0(eth0)" sudo nmcli connection up "Wired connection enp11s0(eth0)" However, if I put those same nmcli commands in rc.local, the problem was not resolved. After floundering for a while, and being suspicious that manual commands once the system was up were not being treated the same as the same commands in rc.local, I tried putting these lines in rc.local (whose output I log, so I can see what's happening): nmcli connection down "Wired connection enp11s0(eth0)" nmcli sleep 10 nmcli connection up "Wired connection enp11s0(eth0)" nmcli These showed that after the first command, everything looked as it should, but after the second, everything had reverted to the broken state. But it was still true that if I entered the same commands manually after the system had completed booting, the networking worked. But I'm a slow typist, and I wondered if that 10-second pause might be too short. So I changed it to 20 seconds. And lo! and behold! That worked. I tried booting numerous times with a 10-second delay, and also with a 20-second delay. The results were consistent. With a 10-second delay, the network comes up in an unusable state. With a 20-second delay, it comes up in a working state. (Which to me suggests a race condition somewhere, but I'll let the developers deal with the exact cause and finding a proper fix.) Of course, this is all just a workaround for what appears to be a problem during network initialisation in the boot process. But it does seem to work. I will file a bug report. Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
David Wright wrote on 9/1/23 19:40: I don't see that the OP is doing anything complicated that requires rc.local to run at all. They just need to distinguish between the two Correct. I was simply trying to workaround the problem by putting commands into rc.local that are known to work when I type them manually. I wish I had never mentioned rc.local. It seems to have taken over the thread, whereas it's not the problem that I'm trying to fix at all :-( Regarding the whole "Network Manager versus old-style" thing, I would gladly have done it all old style, except that when I first installed debian on the system, it went the Network Manager route. And because that all worked until today's upgrade (which was, I think, the third upgrade upgrade of debian stable on the machine; so it worked correctly for a lustrum or so), I didn't pay much attention to it apart from being mildly annoyed that it looked a lot more complicated than old-style network management. The real problem remains, per the original post, that Network Manager isn't configuring the interfaces properly and seems to be sort-of setting one interface to be the same as the other, with the result that neither of them work. I'm going to try switching to old-style when I feel confident that I have enough high-quality time to make the switch, and I expect that to work. It would be nice to really fix the Network Manager misconfiguration; but it seems that the expertise here is all with old-style. Which is fine. I'm happy to go back to old-style. I probably need to file some sort of bug report against the upgrade, but I'd like to get a better feel for how the misconfiguration is happening before I do that. Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
Michel Verdier wrote on 9/1/23 15:06: If you want old names put in /etc/default/grub GRUB_CMDLINE_LINUX="net.ifnames=0" Nice to know, but I'll stay with the new names, I think. network manager is good for changing networks. For a server the network must not change normally. So you could put configuration in /etc/network/interfaces.d/ with something like : auto enp11s0 iface enp11s0 inet static mtu 1500 metric 101 address 209.97.232.18/24 netmask 255.255.255.0 gateway 209.97.232.1 auto enp12s0 iface enp12s0 inet static mtu 1500 metric 100 address 192.168.0.1/24 netmask 255.255.0.0 When I'm feeling less tired and prone to making a mistake, I'll do this. The old method seems so much simpler, so I'd be happy to go back to it. It seems that enough people are using it that it doesn't seem likely that it'll go away anytime soon. When I installed debian on this computer -- quite a few years ago -- I'm pretty sure it just went off and installed all the Network Manager stuff without asking. And, to be honest, it's worked fine for the last several years. I can't imagine why its so messed up now. I (obviously) didn't change anything related to Network Manager myself; the upgrade is entirely responsible for its now-non-functioning state. I you want IPv6 add : iface enp11s0 inet6 auto iface enp12s0 inet6 auto I would love IPv6, but my ISP doesn't support it, and has no plans to do so, so for now I'm stuck in IPv4 land. Once it works you can then remove network manager That sounds like something to celebrate. I'll try to get time to work on all this over the weekend, and let everyone know how it turns out. Thanks to everyone for their suggestions. Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
Andy Smith wrote on 9/1/23 16:32: Your situation appears to have been triggered by the renaming of your network interfaces (which was warned about in the release These weird names like "Wired connection enp11s0(eth0)" were names that the debian installer came up with several OS versions ago (stretch, perhaps?). Anyway, they haven't changed since bullseye, when everything worked (i.e., early this morning, before I ran the upgrade :-( ). Both of these are worth reading: https://wiki.debian.org/NetworkConfiguration https://wiki.debian.org/NetworkInterfaceNames I'll take a look at those. Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
Greg Wooledge wrote on 9/1/23 15:38: In particular, when using /etc/network/interfaces, only interfaces that are marked as "auto" need to be up, to satisfy this criterion. An I don't think that debian has used used /etc/network/interfaces for a while, at least not by default. Certainly there's nothing useful there on the machine that I just upgraded and whose networking is failing to configure itself correctly. Network Manager -- I think -- uses some completely different mechanism for managing networking (although I have no idea what that mechanism is.) Doc -- Web: http://enginehousebooks.com/drevans
Re: bookworm and network connections
Thank you for your thoughts... As people are addressing the rc.local issue (I now realise that I shouldn't have mentioned it :-) )... I just checked, and: 1. rc.local is being executed; 2. it is executing the nmcli commands; 3. the commands are successful. But it remains true that when the boot is fully complete, the networking is still hosed in the way that I described. So, apparently, putting commands in rc.local doesn't provide the workaround that I expected. I think that we should concentrate on the underlying networking issue so that it comes up properly rather than being derailed by trying to fix the networking after the fact. [[ I speculate wildly that systemd or something doesn't complete configuring the network until after rc.local has finished processing (I know that rc.local executes late in the boot process, but I don't think that that means that everything else has *finished* executing when rc.local runs). I may easily be wrong, but really I don't think I care. ]] I just want to get the networking to come up properly :-) I don't understand modern systemd-controlled networking initiation well enough to know where to look for something that the upgrade might have clobbered, nor how I might go about fixing it. Doc -- Web: http://enginehousebooks.com/drevans
bookworm and network connections
I just upgraded my main server to bookworm, having successfully, over the course of the past couple of months, methodically upgraded my other machines with only minor issues. Unfortunately, the upgrade of the server, the most important of my machines, has not been smooth at all, even though no important errors appeared during the upgrade process. So right now the thing I want to fix is networking (which of course worked fine in the last few releases of debian, until now). The machine has two ethernet ports, which used to be eth0 and eth1 in the old days, but are now magically called "Wired connection enp11s0(eth0)" and "Wired connection enp12s0(eth1)". When I booted the machine after the upgrade, no networking was working at all, on either interface, even though: zserver# nmcli networking connectivity full zserver# which was definitely a lie, as nothing was successfully going in or out of the machine. Looking in more detail: [Z:~] nmcli enp12s0: connected to Wired connection enp11s0(eth0) "Intel I210" ethernet (igb), D8:50:E6:C2:76:03, hw, mtu 1500 ip4 default inet4 209.97.232.18/24 route4 209.97.232.0/24 metric 100 route4 default via 209.97.232.1 metric 100 inet6 fe80::e0c1:20a:c535:873c/64 route6 fe80::/64 metric 1024 lo: connected (externally) to lo "lo" loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 inet4 127.0.0.1/8 inet6 ::1/128 enp11s0: disconnected "Intel I210" 1 connection available ethernet (igb), D8:50:E6:C2:76:02, hw, mtu 1500 enp13s0: unavailable "Intel I210" ethernet (igb), D8:50:E6:C2:76:04, hw, mtu 1500 enp14s0: unavailable "Intel I210" ethernet (igb), D8:50:E6:C2:76:05, hw, mtu 1500 DNS configuration: servers: 127.0.0.1 209.97.224.2 209.97.224.3 interface: enp12s0 Somehow, it had got into a state where enp12s0 was connected to enp11s0 (whatever that means), with the result that nothing worked. So, after a bit of messing around with an increasing sense of desperation, I discovered that: [Z:~] sudo nmcli connection down "Wired connection enp11s0(eth0)" Connection 'Wired connection enp11s0(eth0)' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2) [Z:~] sudo nmcli connection up "Wired connection enp11s0(eth0)" Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4) resulted in: [Z:~] nmcli enp11s0: connected to Wired connection enp11s0(eth0) "Intel I210" ethernet (igb), D8:50:E6:C2:76:02, hw, mtu 1500 ip4 default inet4 209.97.232.18/24 route4 209.97.232.0/24 metric 101 route4 default via 209.97.232.1 metric 101 inet6 fe80::1ae1:dfcf:be36:f72f/64 route6 fe80::/64 metric 1024 enp12s0: connected to Wired connection enp12s0(eth1) "Intel I210" ethernet (igb), D8:50:E6:C2:76:03, hw, mtu 1500 inet4 192.168.0.1/24 route4 192.168.0.0/24 metric 100 inet6 fe80::d30e:86f6:ca86:8986/64 route6 fe80::/64 metric 1024 lo: connected (externally) to lo "lo" loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 inet4 127.0.0.1/8 inet6 ::1/128 enp13s0: unavailable "Intel I210" ethernet (igb), D8:50:E6:C2:76:04, hw, mtu 1500 enp14s0: unavailable "Intel I210" ethernet (igb), D8:50:E6:C2:76:05, hw, mtu 1500 DNS configuration: servers: 127.0.0.1 209.97.224.2 209.97.224.3 interface: enp11s0 and indeed, everything was now working. Which was good, because I was running out of ideas, and had no way to reach the Internet to look for more help. Well, great, sort-of, except that every time I reboot I have to manually issue the two above nmcli commands to take down and bring back up enp11s. I tried putting them in my rc.local file, but that had no effect (for reasons that I don't understand; I was sure that that would paper over the problem). So how do I fix this so that the networking is configured to work correctly during the boot sequence, as it has always done before? (I suppose it has to be said explicitly: I did not change any configuration files ... indeed, these days I don't even know where the files are that control the network devices.) All the other machines that I have upgraded to bookworm have only a single ethernet port, which may be why I have not seen this issue after any other upgrade. Doc -- Web: http://enginehousebooks.com/drevans
Re: Trojan
On Sun, Aug 27, 2023 at 10:23:06AM +0100, Brad Rogers wrote: > On Sun, 27 Aug 2023 09:36:02 +0100 > Alain D D Williams wrote: > > Hello Alain, > > >They will look at it and do something - or so they claim, > > Most likely that 'something' will be to compile statistics about > phishing attacks. Maybe produce a leaflet, or update the advice given > on a web page somewhere. Sorry if I came across as overly cynical. It would be nice if they also went after the perps/crims behind phishing emails‡‡ - which I think they have done a bit of, but could do much more to protect the gullible. Still: it is worth reporting to them, which I do several times/week. ‡‡ and similar 'phone calls. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Trojan
On Sun, Aug 27, 2023 at 10:31:55AM +0200, to...@tuxteam.de wrote: > If you feel like you'd like to learn a bit, study the mail > headers. Ponder about which ones the sender could have faked > and which ones not. Things like that. If you live in the UK you can forward it to here: rep...@phishing.gov.uk They will look at it and do something - or so they claim, this is part of government! -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Using the bash shell: determine if the root user used 'sudo -i'
On Sat, Aug 26, 2023 at 09:25:10AM -0500, Tom Browder wrote: > In a previous thread it was shown how to detect a SUDO_USER in a bash shell. > > Is there a way to distinguish whether 'sudo -i' was used or not? I have not tested this but if bash was interactive you will find a .bash_history file in their $HOME. That assumes that they have not logged in - ie only ever sudo. > Thanks. > > -Tom -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
bash $MAIL bug in Bookworm
I have recently upgraded to Bookworm. I have set: MAIL=/var/spool/mail/addw MAILCHECK=60 I find that when doing filename expansion, by pressing TAB, that the 'You have mail' message appears when it should not. In the example below I pressed TAB after the letter 'T' (which gave me expansion 'TODO'). I am running bash. $ me TYou have mail in /var/spool/mail/addw ODO Should I report this elsewhere ? Regards -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Transport endpoint is not connected
Greg Wooledge wrote on 7/5/23 08:59: I'm still waiting for setup details to be provided. Is "sh" the user's I was merely trying to inform the OP that he wasn't alone in seeing this "Transport endpoint is not connected" message coming from bookworm when prior versions of debian stable were silent when performing the same activity. I wasn't actually seeking help -- if I had've been, I would have made some attempt to get to the bottom of the problem first, and then provided complete details here if I were unable to fix it myself. None of that seemed worthwhile just for a message that doesn't seem to be indicating a real problem. So you were going beyond my expectations when you attempted to help, and I'm sorry for the miscommunication. Doc -- Web: http://enginehousebooks.com/drevans
Re: Transport endpoint is not connected
to...@tuxteam.de wrote on 7/4/23 22:23: FWIW, since upgrading to bookworm, I see: sh: 0: getcwd() failed: Transport endpoint is not connected when I ssh into the upgraded box. This seems to be coming from getcwd() (aka get current working directory, see man page). Asking the intertubes, it seems to happen often when it or its ancestors are mounted over FUSE. This is a plain ol' ssh login, so I don't think that FUSE is involved. I have no idea why. (And, just to be clear, this has never happened before, through many releases of debian stable.) I'm assuming, for now, that: 1. I can use the box as usual despite the message; 2. the problem will be fixed at some point soon. I haven't seen any other obvious problems if I proceed to use the ssh session as normal. Are you able to access all the directories you expect to? How is, e.g. the user's $HOME mounted? Its parent? Yep... can't see any unusual behaviour at all. So far, anyway. If I get some time, I'll try to figure out exactly where and why it's happening; but at this point, since it never happened before in 15 years of sshing into the box and there seems to be no obvious consequences other than the appearance of the message at login, I'm assuming there's nothing really wrong and it's some bug -- probably a race condition, perhaps involving systemd, since that seems to have a history of them -- introduced in bookworm that will get fixed fairly quickly. Doc -- Web: http://enginehousebooks.com/drevans
Re: Transport endpoint is not connected
hlyg wrote on 6/28/23 21:32: notification message: Transport endpoint is not connected FWIW, since upgrading to bookworm, I see: sh: 0: getcwd() failed: Transport endpoint is not connected when I ssh into the upgraded box. I have no idea why. (And, just to be clear, this has never happened before, through many releases of debian stable.) I'm assuming, for now, that: 1. I can use the box as usual despite the message; 2. the problem will be fixed at some point soon. I haven't seen any other obvious problems if I proceed to use the ssh session as normal. Doc -- Web: http://enginehousebooks.com/drevans
Re: How do I remotely access the computer in the next room?
On Sun, Jul 02, 2023 at 06:49:07PM -0400, hobie of RMN wrote: > Hi, All - > > I need the best way currently available to operate my brother's computer > in the next room through my computer. I think we're both running Debian > 11, the stable version for me, the testing version for him. I've tried > ssh -X. It does work but only for a short time, then the connection > crumbles - his computer has often locked up on him and we have no idea > why, so the 'short time' aspect of the -X approach may relate to that. > > The point is, he's been away from home for awhile now and we're not sure > when he'll return. Chiefly I'm looking for the most convenient way to keep > an eye on his incoming e-mail for him. Mostly I use Mutt; he uses > claws-mail exclusively, so I'll need to remotely launch claws-mail and > have it retrieve latest e-mails. Claws-mail stores mail in the MH mailbox format. Mutt can handle MH mailboxes. Why not use mutt via ssh on his machine, for most messages you do not need to use X (ie graphics), this might mean that the connection is more robust. You would only use graphics for displaying some attachments, eg images. > Thanks in advance for any help on this. > > --hobie > -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Qemu Numeric Lock problem
On Wed, Jun 21, 2023 at 05:42:30PM +0100, Alain Williams wrote: > I have an issue with virtual machines under qemu. Caps Lock is also affected the same way. > Sequence as follows: > > I press Numeric Lock (or Num Lock) so that the keyboard indicator lights up. > > I then switch to the workspace that contains a running virtual machine. The > virtualised OS does not seem to be important, this happens with Debian and > Rocky Linux. > > When I press keys on the numeric keypad I do not get numbers. What gets sent > are the sequences that do Home, Page Up, ... > > I press Num Lock so that the keyboard indicator goes out. > > I press keys on the numeric keypad and get numbers. > > So: it seems that the state of the Num Lock key is not picked up by qemu. > > > Is this is qemu bug or can I tweak the configuration ? > > Thanks in advance. > > > I am running Debian 10 - Buster. I use the Mate desktop. > > -- > Alain Williams > Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT > Lecturer. > +44 (0) 787 668 0256 https://www.phcomp.co.uk/ > Parliament Hill Computers. Registration Information: > https://www.phcomp.co.uk/Contact.html > #include > -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Qemu Numeric Lock problem
I have an issue with virtual machines under qemu. Sequence as follows: I press Numeric Lock (or Num Lock) so that the keyboard indicator lights up. I then switch to the workspace that contains a running virtual machine. The virtualised OS does not seem to be important, this happens with Debian and Rocky Linux. When I press keys on the numeric keypad I do not get numbers. What gets sent are the sequences that do Home, Page Up, ... I press Num Lock so that the keyboard indicator goes out. I press keys on the numeric keypad and get numbers. So: it seems that the state of the Num Lock key is not picked up by qemu. Is this is qemu bug or can I tweak the configuration ? Thanks in advance. I am running Debian 10 - Buster. I use the Mate desktop. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: video issue following latest bullseye update
I'm sorry I'm so slow to respond... it's all a matter of trying to put aside quality uninterruptible time to work on this. Since the problem is not so bad that I can't perform work with this computer, a lot of other work-related things unfortunately have to take priority. Felix Miata wrote on 5/23/23 13:26: I currently get: [ZB:~] sudo inxi -GSaz System:Kernel: 5.10.0-23-amd64 x86_64 bits: 64 compiler: gcc v: 10.2.1 parameters: BOOT_IMAGE=/BOOT/debian@/vmlinuz-5.10.0-23-amd64 root=ZFS=/ROOT/debian ro root=ZFS=rpool/ROOT/debian Desktop: Trinity R14.1.1~[DEVELOPMENT] tk: Qt 3.5.0 info: kicker wm: Twin 3.0 dm: LightDM 1.26.0 The line wrapping suggests you never succeeded to do "inxi -U". As seen below, The officially supported version of inxi on bullseye [inxi 3.3.01-00 (2021-02-08), according to "inxi --version"] seems to have "-U" disabled. Which I guess makes sense. Are all users of ZFS supposed to include two root= parameters on their linu lines? What an excellent question. I don't know for sure, but I suspect that it's related to the fact that I am running root-on-ZFS (i.e., the / filesystem is on a ZFS disk). It's been like that for many years on this machine, and I believe that when I first installed root-on-ZFS, the instructions told me to do that. FWIW, I have another root-on-ZFS system, and it also has two "root=" parameters. But I am still seeing the original problem I reported. Could it be that your PC doesn't like LightDM? Try switching to TDM. All my TDM has never worked properly on this machine; TDM doesn't correctly figure out which video card to use (at least, it didn't last time I tried it), so it presents me with a black screen, leaving me having to ssh into the machine and reconfigure it to use LightDM. Debians use it only. I also use TDM to run Plasma on Leap and Tumbleweed. I switched from the modesetting DIX driver to the nouveau DDX driver via: # cat /etc/X11/xorg.conf.d/15-ddxdrv.conf #Section "OutputClass" Section "Device" Identifier "DDX" # MatchDriver "amdgpu" # Driver "amdgpu" # MatchDriver "intel" # Driver "intel" # MatchDriver "modesetting" # Driver "modesetting" # MatchDriver "nouveau" Driver "nouveau" # MatchDriver "radeon" # Driver "radeon" EndSection I was unable to detect any kind of video corruption in the TDE 14.1.x relnotes window, or doing what follows in TDE's Konsole: I don't think it can be a TDE issue, as the same problem exists on this machine if I run the official KDE that is currently in bullseye. I suppose your issue could involve a timing coincidence, and your problem may be failing gfxcard RAM. I suppose anything is possible. But since this began as soon as I applied a bullseye update, it seems much more likely that it's a nouveau issue that landed on this machine when I performed the update. The modesetting DIX is newer technology than the reverse-engineered, "experimental" nouveau DDX. Whatever happened when you attempted switching to the DIX should not have happened. Do you have /etc/X11/xorg.conf or any content in /etc/X11/xorg.conf.d/ directed to gfx (device, monitor, screen, driver) other than the file I suggested? Here is xorg.conf (which I believe was auto-created at some point; I have no notes that say that I created it): [ZB:X11] cat xorg.conf | pastebinit https://paste.debian.net/1281598/ [ZB:X11] And /etc/X11/xorg.conf.d/ just contains the file you suggested (currently set to nouveau): [ZB:xorg.conf.d] ls -al total 11 drwxr-xr-x 2 root root 3 May 22 14:46 . drwxr-xr-x 14 root root 25 Nov 9 2021 .. -rw-r--r-- 1 root root 88 May 22 14:46 50-device.conf [ZB:xorg.conf.d] cat * Section "Device" Identifier "DDX" # Driver "modesetting" Driver "nouveau" EndSection [ZB:xorg.conf.d] Doc -- Web: http://enginehousebooks.com/drevans
Re: video issue following latest bullseye update
Felix Miata wrote on 5/19/23 11:23: How much time did you allow the login screen to show up? I've lately seen on Somewhere between three and five minutes, I'd say. Certainly long after the disk light stopped flickering and the system seemed to have reached a stable state. systemctl restart OK; so that would be: systemctl restart lightdm Useful to know; thank you. I reinstalled xserver-xorg-video-nouveau from the console, and (fortunately) when I rebooted LDM came up as usual and I was able to log in as I normally do. Obviously, the original issue still exists, but at least I got a graphical display back. If by that you mean back to 640x480 or 800x600 instead of your display's native No; I didn't mean that. Sorry I wasn't clear. I meant that after reinstalling xserver-xorg-video-nouveau and rebooting, everything looked the way it did before I removed xserver-xorg-video-nouveau, so I was back exactly to what I was seeing when I first started this thread. [1] Instead of driver removal/reinstallation, create file, or add following content to existing file: /etc/X11/xorg.conf.d/50-device.conf Section "Device" Identifier "DDX" Driver "modesetting" # Driver "nouveau" EndSection I have created that file, with those contents: [ZB:~] cat /etc/X11/xorg.conf.d/50-device.conf Section "Device" Identifier "DDX" Driver "modesetting" # Driver "nouveau" EndSection [ZB:~] Do you really mean "DDX", not "DIX"? < I made the edit according to your instructions (i.e., "DDX") but I'm not certain that your e-mail didn't contain a typo. By simply moving the # to the other driver line, you can easily switch between using the two display drivers by restarting your DM or rebooting. Right now, the 50-device.conf file looks exactly as it does above but, and I have restarted lightdm by issuing: systemctl restart lightdm from the console. I currently get: [ZB:~] sudo inxi -GSaz System:Kernel: 5.10.0-23-amd64 x86_64 bits: 64 compiler: gcc v: 10.2.1 parameters: BOOT_IMAGE=/BOOT/debian@/vmlinuz-5.10.0-23-amd64 root=ZFS=/ROOT/debian ro root=ZFS=rpool/ROOT/debian Desktop: Trinity R14.1.1~[DEVELOPMENT] tk: Qt 3.5.0 info: kicker wm: Twin 3.0 dm: LightDM 1.26.0 Distro: Debian GNU/Linux 11 (bullseye) Graphics: Device-1: NVIDIA GF108 [GeForce GT 430] vendor: Gigabyte driver: nouveau v: kernel bus ID: 04:00.0 chip ID: 10de:0de1 class ID: 0300 Display: server: X.Org 1.20.11 driver: loaded: nouveau unloaded: modesetting display ID: :0 screens: 1 Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2") s-diag: 582mm (22.9") Monitor-1: HDMI-1 res: 1920x1080 hz: 60 dpi: 96 size: 509x286mm (20.0x11.3") diag: 584mm (23") OpenGL: renderer: NVC1 v: 4.3 Mesa 20.3.5 direct render: Yes But I am still seeing the original problem I reported. [I also did a test, just to prove to myself that what I'm seeing isn't due to some weird monitor problem (it's a pretty new monitor, and I wanted to be sure that somehow I hadn't just missed seeing the problem before I performed the update -- even though the issue is so obvious that I can't really believe that I wouldn't have noticed it before). I took a screenshot of a screen display that exhibited the problem (a konqueror file listing), and copied the file to another system that is attached to the same KVM switch. When I display the screenshot image in this, my normal desktop system, I see the problem; when I look at the same image file on my other system -- which has NOT had the recent update applied -- the problem is absent, even though I'm viewing it on the very same monitor. So I am as sure as I can be that, as I believed, the recent bullseye update led to the issue.] Doc -- Web: http://enginehousebooks.com/drevans
Re: video issue following latest bullseye update
Felix Miata wrote on 5/15/23 13:25: Try using the (default) modesetting DIX display driver instead of Nouveau. Remove package xserver-xorg-video-nouveau and reboot to see if it makes a difference. I did this, and when I rebooted I was in the Linux console instead of Light DM (which is my display manager). Hitting ctrl-alt-F7 to go to the X screen did not show me the LDM login screen, or any other X screen, but instead another non-graphical screen. I reinstalled xserver-xorg-video-nouveau from the console, and (fortunately) when I rebooted LDM came up as usual and I was able to log in as I normally do. Obviously, the original issue still exists, but at least I got a graphical display back. Doc -- Web: http://enginehousebooks.com/drevans
Re: video issue following latest bullseye update
Felix Miata wrote on 5/15/23 13:25: Try using the (default) modesetting DIX display driver instead of Nouveau. Remove package xserver-xorg-video-nouveau Synaptic is telling me that this will also remove: xserver-xorg-video-all Is it OK that that will also be removed? Doc -- Web: http://enginehousebooks.com/drevans
Re: video issue following latest bullseye update
Felix Miata wrote on 5/15/23 11:16: D. R. Evans composed on 2023-05-15 09:49 (UTC-0600): I'm wondering if someone can walk me through how to figure out what video driver I am using, and what other drivers might be available to try? Not without knowing anything about your GPU: Yes, I figured that that would be the first step; I didn't know how to do that either, so thanks for taking my "walk me through" request seriously. sudo sed -i 'a/^B_ALLOW_UPDATE/#B_ALLOW_UPDATE/g' /etc/inxi.conf # just doit inxi -SGaz # paste into your reply [ZB:tmp] inxi -SGaz System:Kernel: 5.10.0-23-amd64 x86_64 bits: 64 compiler: gcc v: 10.2.1 parameters: BOOT_IMAGE=/BOOT/debian@/vmlinuz-5.10.0-23-amd64 root=ZFS=/ROOT/debian ro root=ZFS=rpool/ROOT/debian Desktop: Trinity info: kicker wm: Twin dm: LightDM 1.26.0 Distro: Debian GNU/Linux 11 (bullseye) Graphics: Device-1: NVIDIA GF108 [GeForce GT 430] vendor: Gigabyte driver: nouveau v: kernel bus ID: 04:00.0 chip ID: 10de:0de1 class ID: 0300 Display: x11 server: X.Org 1.20.11 driver: loaded: nouveau unloaded: modesetting display ID: :0 screens: 1 Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2") s-diag: 582mm (22.9") Monitor-1: HDMI-1 res: 1920x1080 hz: 60 dpi: 96 size: 509x286mm (20.0x11.3") diag: 584mm (23") OpenGL: renderer: NVC1 v: 4.3 Mesa 20.3.5 direct render: Yes [ZB:tmp] FYI, the actual physical size of the monitor is quite a lot larger than the 23" reported in the output above. I don't suppose that that matters, but I noticed that the numbers are wrong, so I thought I'd better mention it. The actual diagonal size of the monitor is ~32". cat /var/log/Xorg.0.log | pastebinit # provide resulting URL in reply https://paste.debian.net/1280303/ Thank you. Doc -- Web: http://enginehousebooks.com/drevans
video issue following latest bullseye update
Following an update this morning to one of my bullseye systems, an irritating video problem has surfaced. The best way I can think of to describe the problem is that if one has a line of black text on what is supposed to be a white background, to the right of the text a clear, short tail of even whiter background is visible (the tail is maybe an inch or so long). The update was to: Linux 5.10.0-23-amd64 #1 SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux I suspect that this is due to a driver issue related to the update. (I have tried a couple of different desktops, KDE and TDE, but they both exhibit the problem, so I don't think it can be caused by the desktop software. The problem did not exist prior to this morning's update.) So I'm wondering if someone can walk me through how to figure out what video driver I am using, and what other drivers might be available to try? Doc -- Web: http://enginehousebooks.com/drevans
Thunderbird and font size used to display plain text e-mails?
I have looked everywhere I can think of, and have been unable to find an answer -- among the ridiculous number of ways that fonts appear to be controlled in Thunderbird -- that works for this issue :-( I recently changed to a larger monitor, and, after lots of twiddling, have more-or-less got most programs looking reasonably sensible. But Thunderbird is being recalcitrant. I am using TB 102.10.0, which is the current version in the debian stable repositories, on 64-bit debian stable. Here is the issue: When I open TB, I see three panes: one runs the full height of the TB window, and is on the left of the screen. It contains a list of the TB e-mail folders. The remaining space is divided into two panes, one vertically above the other. The second pane, the top one of these two, shows the subjects of received e-mails in whatever folder is selected in the first pane. The third pane, below the second one, is where the contents of e-mails are displayed. I have TB configured so as to display incoming e-mail as plain text. They display correctly, BUT the font used to display the contents in the third pane is too large on the new monitor. How *exactly* do I control the size of the font used to display the contents of received plain text e-mails? That is: -- | | | | | | | | | | |-| | | | <- how to control font size | | | <- in this pane?? -- Doc -- Web: http://enginehousebooks.com/drevans
Re: Apt sources.list
On Sat, Apr 15, 2023 at 11:00:52AM -0400, pa...@quillandmouse.com wrote: > Okay. Let's open this can of worms. The ONLY reason https is used on > most sites is because Google *mandated* it years ago. ("Mandate" means > we'll downgrade your search ranking if you don't use https.) There is > otherwise no earthly reason to have an encrypted connection to a web > server unless there is some exchange of private information between you > and the server. Where I live (England) I do not care if "the authorities" see what I have installed on my machine. If I lived in a totalitarian state†† there are some packages that might raise my profile on some "radar". †† There are several - I will not mention names as I wish to keep politics out of this list. > Reading through all of Google's explanations, I've never seen a > satisfactory explanation for this change. With that in mind, I believe > the Debian gods did the right thing in leaving their web connections > "insecure". Though, in truth, the integrity of Debian server contents > wouldn't be changed in the slightest whether the connection was > encrypted or not. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Apt sources.list
On Sat, Apr 15, 2023 at 03:48:31PM +0200, to...@tuxteam.de wrote: > On Sat, Apr 15, 2023 at 02:01:27PM +0100, Alain D D Williams wrote: > > [...] > > > While we are talking about this, is there any reason why all the http: > > should > > not be https: ? > > It's just unnecessary CPU on the server, that's all. That used to be the case many years ago. Modern CPUs have instructions that make it much quicker. "On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10 KB of memory per connection and less than 2% of network overhead." https://istlsfastyet.com/ -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Apt sources.list
On Sat, Apr 15, 2023 at 08:52:06AM -0400, Greg Wooledge wrote: > On Sat, Apr 15, 2023 at 01:23:05PM +0100, Brian wrote: > > On Sat 15 Apr 2023 at 08:11:17 -0400, pa...@quillandmouse.com wrote: > > > --- > > > > > > deb http://debian.uchicago.edu/debian/ bookworm main contrib non-free > > > deb-src http://debian.uchicago.edu/debian/ bookworm main contrib non-free > > > > > > deb http://security.debian.org/debian-security bookworm-security main > > > contrib non-free deb-src http://security.debian.org/debian-security > > > bookworm-security main contrib non-free > > > > > > --- While we are talking about this, is there any reason why all the http: should not be https: ? I have done this on my own machine without ill effect. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: No /
On Tue, Mar 07, 2023 at 05:33:45PM +0100, Michael Lee wrote: > Is it possible to reinstall the system and still retain the settings, > logins, etc.? This is what backups are for. I assume that you have something. > Michael Lee -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Libembree, but static
Hi, We currently have libembree in .so shared library. Is it possible for the maintainers to provide the static .a? I use the latest available in testing 3.13.5 Thanks
Re: GPG problems
On Sun, Dec 04, 2022 at 04:28:00PM +0200, Teemu Likonen wrote: > * 2022-12-04 12:05:56+, Alain D. D. Williams wrote: > > > Part of the problem is the hopeless message "Server indicated a > > failure" which says little. Any idea how I could get something more > > informative ? > > You can change debug logging level. Edit ~/.gnupg/dirmngr.conf file and > write something like this: > > debug-level expert #or: guru > log-file /tmp/dirmngr-log.txt > > Then kill dirmngr > > $ gpgconf --kill dirmngr > > and try key servers again. See the log file mentioned above. Thanks ... it does not really help (I attach it). The message is: command 'KS_PUT' failed: Server indicated a failure I ran it with debugging on the Debian 11 machine where it works. I put the PIv4 address for keys.openpgp.org into /etc/hosts - the Debian 10 machine has IPv6 that works, the Debian 11 machine is IPv4 only. No change. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include 2022-12-04 17:44:27 dirmngr[18851.0] permanently loaded certificates: 138 2022-12-04 17:44:27 dirmngr[18851.0] runtime cached certificates: 0 2022-12-04 17:44:27 dirmngr[18851.0]trusted certificates: 138 (137,0,0,1) 2022-12-04 17:44:27 dirmngr[18851.6] handler for fd 6 started 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> # Home: /home/addw/.gnupg 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> # Config: /home/addw/.gnupg/dirmngr.conf 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> OK Dirmngr 2.2.27 at your service 2022-12-04 17:44:27 dirmngr[18851.6] connection from process 18850 (1000:1000) 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- GETINFO version 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> D 2.2.27 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> OK 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- KEYSERVER 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> S KEYSERVER hkps://keys.openpgp.org 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> OK 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- KS_PUT 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> INQUIRE KEYBLOCK 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- [ 44 20 98 33 04 60 ec 50 1f 16 09 2b 06 01 04 01 ...(626 byte(s) skipped) ] 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- END 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> INQUIRE KEYBLOCK_INFO 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- D pub::256:22:BA366B977C06BAF7:1626099743:::%0Afpr:4D48D5BAF3736D50214AFC3FBA366B977C06BAF7:%0Auid:1626099743Alain D D Williams :::%0Auid:1670002234Alain D D Williams :::%0Asub::256:18:0315E84A964E21C9:1626099743:::%0Afpr:75F7570849B82972171A762C0315E84A964E21C9:%0A 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- END 2022-12-04 17:44:27 dirmngr[18851.6] command 'KS_PUT' failed: Server indicated a failure 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> ERR 219 Server indicated a failure 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 <- BYE 2022-12-04 17:44:27 dirmngr[18851.6] DBG: chan_6 -> OK closing connection 2022-12-04 17:44:27 dirmngr[18851.6] handler for fd 6 terminated 2022-12-04 17:55:27 dirmngr[18851.0] running scheduled tasks 2022-12-04 18:05:28 dirmngr[18851.0] running scheduled tasks 2022-12-04 18:15:28 dirmngr[18851.0] running scheduled tasks 2022-12-04 18:25:29 dirmngr[18851.0] running scheduled tasks 2022-12-04 18:33:58 dirmngr[18851.6] handler for fd 6 started 2022-12-04 18:33:58 dirmngr[18851.6] DBG: chan_6 -> # Home: /home/addw/.gnupg 2022-12-04 18:33:58 dirmngr[18851.6] DBG: chan_6 -> # Config: /home/addw/.gnupg/dirmngr.conf 2022-12-04 18:33:58 dirmngr[18851.6] DBG: chan_6 -> OK Dirmngr 2.2.27 at your service 2022-12-04 18:33:58 dirmngr[18851.6] connection from process 22347 (1000:1000) 2022-12-04 18:33:58 dirmngr[18851.6] DBG: chan_6 <- KILLDIRMNGR 2022-12-04 18:33:58 dirmngr[18851.6] DBG: chan_6 -> OK closing connection 2022-12-04 18:36:18 dirmngr[22361.0] permanently loaded certificates: 138 2022-12-04 18:36:18 dirmngr[22361.0] runtime cached certificates: 0 2022-12-04 18:36:18 dirmngr[22361.0]trusted certificates: 138 (137,0,0,1) 2022-12-04 18:36:18 dirmngr[22361.6] handler for fd 6 started 2022-12-04 18:36:18 dirmngr[22361.6] DBG: chan_6 -> # Home: /home/addw/.gnupg 2022-12-04 18:36:18 dirmngr[22361.6] DBG: chan_6 -> # Config: /home/addw/.gnupg/dirmngr.conf 2022-12-04 18:36:18 dirmngr[22361.6] DBG: chan_6 -> OK Dirmngr 2.2.27 at your service 2022-12-04 18:36:18 dirmngr[22361.6] connection from process 22360 (1000:1000) 2022-12-04 18
Re: GPG problems
On Sat, Dec 03, 2022 at 02:59:41PM -0500, Jeffrey Walton wrote: > keys.openpgp.org should be operational. It responds to ping. > > Also have a look at > https://lists.gnupg.org/pipermail/gnupg-users/2021-June/065261.html . No, that is not the issue. It works on Debian 11 but not Debian 10, both attempts within a few minutes of each other, both connect to hkps://keys.openpgp.org Both run the same version of gpg (GnuPG) 2.2.27 (I installed from backports on Debian 10) gpg reports the version of libgcrypt On Debian 10 it is 1.8.4 on Debian 11 it is 1.8.8 Could that be an issue ? I am reluctant to speculatively upgrade for fear of breaking something else. Part of the problem is the hopeless message "Server indicated a failure" which says little. Any idea how I could get something more informative ? -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
GPG problems
I am running Debian 10 (buster). I generated a new key that I wanted to upload, but it fails: $ gpg --send-keys 0xBA366B977C06BAF7 gpg: sending key 0xBA366B977C06BAF7 to hkps://keys.openpgp.org gpg: keyserver send failed: Server indicated a failure gpg: keyserver send failed: Server indicated a failure I copied my ~/.gnupg to a Debian 11 (bullesys) machine, it works: $ gpg --send-keys 0xBA366B977C06BAF7 gpg: sending key 0xBA366B977C06BAF7 to hkps://keys.openpgp.org $ Back on buster I grabbed the latest version: /etc/apt/sources.list: deb http://deb.debian.org/debian/ buster-backports main contrib non-free # apt -V -t=buster-backports install gpg I killed the dirmngr daemon: # killall dirmngr I tried the send-keys again and got the same result, ie failure. Please: what should I do to fix this. Thanks in advance -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: just saying
On Thu, Nov 24, 2022 at 10:43:19PM +, Peter von Kaehne wrote: > > > > > Even if you have it can be very hard to find carefully constructed back > > doors. > > Shrug.. as opposed to installing closed source programmes where you know you > are spied upon ? Which may of course have back doors but thanks tk being > closed you I’ll not even learn about? OK - I agree with you. FLOSS is much better from that point of view; my point was that FLOSS is not a guarantee. The OP was talking about spooks, these guys are well funded and capable of producing hard to detect back doors. FLOSS is also more resistant to a government bribing or strong arming a closed source company to include a spook produced back door. "much better" != "perfect" - ie vigilance is still needed. > > Some code has been carefully looked at but most has not. > > > >>> On Thu, Nov 24, 2022 at 4:03 PM mick.crane wrote: > >>> > >>> I love open source, more than you might think, but I have a niggling > >>> feeling it's been infiltrated to make user control difficult. > >>> If I was a spook it's what I'd do. > >>> Please prove me wrong. > >>> mick -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: just saying
On Thu, Nov 24, 2022 at 04:05:31PM -0500, Jeremy Hendricks wrote: > I have no idea what you mean. It’s open source and you can analyze the code > line by line. Very true ... but how much code have you analyzed line by line ? Even if you have it can be very hard to find carefully constructed back doors. Some code has been carefully looked at but most has not. > On Thu, Nov 24, 2022 at 4:03 PM mick.crane wrote: > > > I love open source, more than you might think, but I have a niggling > > feeling it's been infiltrated to make user control difficult. > > If I was a spook it's what I'd do. > > Please prove me wrong. > > mick > > > > -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: deduplicating file systems: VDO with Debian?
On Wed, 09 Nov 2022 13:28:46 +0100 hw wrote: > On Tue, 2022-11-08 at 09:52 +0100, DdB wrote: > > Am 08.11.2022 um 05:31 schrieb hw: > > > > That's only one point. > > > What are the others? > > > > > > > And it's not really some valid one, I think, as > > > > you do typically not run into space problems with one single > > > > action (YMMV). Running multiple sessions and out-of-band > > > > deduplication between them works for me. > > > That still requires you to have enough disk space for at least > > > two full backups. > > > I can see it working for three backups because you can > > > deduplicate the first two, but not for two. And why would I > > > deduplicate when I have sufficient disk > > > space. > > > > > Your wording likely confuses 2 different concepts: > > N, I'm not confusing that :) Everyone says so and I don't know > why ... > > > Deduplication avoids storing identical data more than once. > > whereas > > Redundancy stores information on more than one place on purpose to > > avoid loos of data in case of havoc. > > ZFS can do both, as it combines the features of a volume manager > > with those of a filesystem and a software RAID.( I am using > > zfsonlinux since its early days, for over 10 years now, but without > > dedup. ) > > > > In the past, i used shifting/rotating external backup media for that > > purpose, because, as the saying goes: RAID is NOT a backup! Today, i > > have a second server only for the backups, using zfs as well, which > > allows for easy incremental backups, minimizing traffic and disk > > usage. > > > > but you should be clear as to what you want: redundancy or > > deduplication? > > The question is rather if it makes sense to have two full backups on > the same machine for redundancy and to be able to go back in time, or > if it's better to give up on redundancy and to have only one copy and > use snapshots or whatever to be able to go back in time. And the answer is no. The redundancy you gain from this is almost, though not quite, meaningless, because of the large set of common data-loss scenarios against which it offers no protection. You've made it clear that the cost of storage media is a problem in your situation. Doubling your backup server's requirement for scarce and expensive disk space in order to gain a tiny fraction of the resiliency that's normally implied by "redundancy" doesn't make sense. And being able to go "back in time" can be achieved much more efficiently by using a solution (be it off-the-shelf or roll-your-own) that starts with a full backup and then just stores deltas of changes over time (aka incremental backups). None of this, for the record, is "deduplication", and I haven't seen any indication in this thread so far that actual deduplication is relevant to your use case. > Of course it would better to have more than one machine, but I don't > have that. Fine, just be realistic about the fact that this means you cannot in any meaningful sense have "two full backups" or "redundancy". If and when you can some day devote an RPi tethered to some disks to the job, then you can set it up to hold a second, completely independent, store of "full backup plus deltas". And *then* you would have meaningful redundancy that offers some real resilience. Even better if the second one is physically offsite. In the meantime, storing multiple full copies of your data on one backup server is just a way to rapidly run out of disk space on your backup server for essentially no reason. Cheers! -Chris
Re: ZFS performance (was: Re: deduplicating file systems: VDO with Debian?)
hw wrote on 11/9/22 04:41: configure the controller cards, so that won't really work. And ZFS with Linux isn't so great because it keeps fuse in between. That isn't true. I've been using ZFS with Debian for years without FUSE, through the ZFSonLinux project. The only slightly discomforting issue is that it's not officially supported on Debian because of a perceived license conflict. Doc -- Web: http://enginehousebooks.com/drevans
Re: Ubuntu
Bonjour Nadir, Je rejoint complètement les propos de Didier et je le remercie pour sa clarté entre Ubuntu et Debian. En tant que membre de la communauté de Debian Facile <https://debian-facile.org/>, je suis le trésorier de cette association depuis 2018, je ne peux que t'encourager à t'y rendre. Si tu souhaites découvrir Debian, je ne peux que t'encourager à installer Debian et non pas Ubuntu, tu trouveras de l'aide avec cette communauté via la liste mail Debian ou celle de Debian Facile <https://debian-facile.org/> à travers son forum <https://debian-facile.org/forum.php>, ses cahiers du débutant <https://debian-facile.org/projets/lescahiersdudebutant/> ou son iso d'installation <https://debian-facile.org/projets:iso-debian-facile>. Bonne découverte ! Alex (SuShY sur Debian Facile) ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - - Le 04/11/2022 à 09:40, didier gaumet a écrit : Le 04/11/2022 à 08:48, Nadir a écrit : Bonjour, Je viens d'installer Ubuntu qui est un produit Debian. Est-il utile pour moi d’accéder au forum Debian facile ? Est-il possible de réinstaller mon logiciel via Debian facile ? Merci d’avance pour votre réponse, Nadir Bengana Bonjour, - alors non, Ubuntu n'est pas un produit Debian. Debian est une association qui ne vend aucun produit et qui publie la distribution Linux Debian. Canonical est une société commerciale qui publie la distribution Linux Ubuntu qui est largement basée sur Debian. Mais Ubuntu n'est pas Debian, bien que certaines connaissances et compétences acquises sur Debian (ou n'importe quelle distribution Linux en générale) puissent être utiles sur Ubuntu: les différences entre Ubuntu et Debian peuvent être difficiles à gérer (plus pour lui que pour celui qui offre son aide) lorsqu'on cherche à dépanner un débutant sur Ubuntu. - Debian Facile est un site d'aide à l'installation, l'administration et l'utilisation de Debian. Oui il est possible de consulter Debian Facile pour gérer son Ubuntu, mais ce n'est probablement pas la meilleure méthode - Ubuntu propose pas mal de documentation, wiki et forums, tant en anglais, qu'ici en français: https://doc.ubuntu-fr.org/. Si je me mettais à Ubuntu c'est probablement par là que je commencerais< Le but de ce message n'est pas de se débarrasser de toi sur cette liste Debian, c'est plutôt de faciliter ton parcours avec Ubuntu. Bon courage et bonne exploration :-)
Re: Éteindre ou redémarrer sa machine à partir de son user
Bonjour, Problème résolu avec un "apt install polkitd" qui s'était désinstaller par erreur. A++ ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - - Le 02/11/2022 à 13:57, Alexandre D a écrit : Bonjour à tous, Ma machine tourne sur une Debian SID depuis 2018, voici la configuration à ce jour : * OS :Debian GNU/Linux bookworm/sid x86_64 * Kernel : 6.0.0-2-amd64 * Shell : bash 5.2.2 Depuis une mise à jour installée hier, je ne peux plus reteindre ou redémarrer ma machine depuis mon compte utilisateur, voici le retour des commandes : * systemctl poweroff --> Call to PowerOff failed: Access denied * systemctl reboot --> Call to Reboot failed: Access denied Avez-vous une idée pour résoudre le problème ? Par avance, merci. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - -
Éteindre ou redémarrer sa machine à partir de son user
Bonjour à tous, Ma machine tourne sur une Debian SID depuis 2018, voici la configuration à ce jour : * OS :Debian GNU/Linux bookworm/sid x86_64 * Kernel : 6.0.0-2-amd64 * Shell : bash 5.2.2 Depuis une mise à jour installée hier, je ne peux plus reteindre ou redémarrer ma machine depuis mon compte utilisateur, voici le retour des commandes : * systemctl poweroff --> Call to PowerOff failed: Access denied * systemctl reboot --> Call to Reboot failed: Access denied Avez-vous une idée pour résoudre le problème ? Par avance, merci. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - -
How to use hw vendor EFI diagnostics ?
I just got myself a new laptop - the old one broke. It is an HP stream, I wiped MS Windows and installed Linux Mint 21. The machine came with some nice hardware diagnostics, written by/for HP. These could be run without booting MS Windows. I would like to have the ability to run these as they know more about the laptop's hardware than what is installed from Mint -- just some generic memory test. I did copy the EFI before it was overwritten by the Linux installation. How do I integrate the HP diagnostics into the current EFI ? Thanks in advance. This is what there is now: /boot/efi/ /boot/efi/EFI /boot/efi/EFI/ubuntu /boot/efi/EFI/ubuntu/grubx64.efi /boot/efi/EFI/ubuntu/shimx64.efi /boot/efi/EFI/ubuntu/mmx64.efi /boot/efi/EFI/ubuntu/BOOTX64.CSV /boot/efi/EFI/ubuntu/grub.cfg /boot/efi/EFI/BOOT /boot/efi/EFI/BOOT/BOOTX64.EFI /boot/efi/EFI/BOOT/fbx64.efi /boot/efi/EFI/BOOT/mmx64.efi This is what I have preserved from before Linux install: System Volume Information EFI EFI/HP EFI/HP/BIOS EFI/HP/BIOS/Current EFI/HP/BIOS/Current/085B5.bin EFI/HP/BIOS/Current/085B5.s12 EFI/HP/BIOS/Current/085B5.sig EFI/HP/BIOS/Previous EFI/HP/BIOS/New EFI/HP/HP Support Framework EFI/HP/HP Support Framework/Logs EFI/HP/HP Support Framework/Logs/1275192963.xml EFI/HP/dip.zip EFI/HP/SystemDiags EFI/HP/SystemDiags/EADB.json EFI/HP/SystemDiags/SystemDiags.ini EFI/HP/SystemDiags/HpHwDiagsSnapshot.cee EFI/HP/SystemDiags/LICENCE.txt EFI/HP/SystemDiags/CryptRSA.efi EFI/HP/SystemDiags/SysDiags.s09 EFI/HP/SystemDiags/SystemDiags-5CD2301RGW.html EFI/HP/SystemDiags/SysDiags.efi EFI/HP/SystemDiags/TestCoverage.json EFI/HP/SystemDiags/SysDiags.s14 EFI/HP/SystemDiags/DI.efi EFI/HP/SystemDiags/SysDiags.s12 EFI/HP/SystemDiags/SystemDiags.log EFI/HP/SystemDiags/SystemDiagsCeeHistory.log EFI/HP/DI.efi EFI/HP/BIOSUpdate EFI/HP/BIOSUpdate/BiosMgmt.s12 EFI/HP/BIOSUpdate/CryptRSA.efi EFI/HP/BIOSUpdate/BiosMgmt.s14 EFI/HP/BIOSUpdate/BiosMgmt.efi EFI/HP/BIOSUpdate/BiosMgmt.s09 EFI/Boot EFI/Boot/bootx64.efi There is also some MS stuff (I'm just listing top level directories, 185 in total): EFI/Microsoft EFI/Microsoft/Recovery EFI/Microsoft/Boot -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Nouveau - Renseignements
Bonsoir et bienvenue à toi dans le monde du libre. Personnellement, je te conseil une distribution Debian, et la communauté Debian Facile <https://debian-facile.org/> pour son entraide et sa richesse dans son forum. Voici quelques pistes : * Les cahiers du débutant sur Debian GNU/Linux Bullseye <https://debian-facile.org/projets/lescahiersdudebutant/> * Documentation de Debian-Facile <https://debian-facile.org/wiki> Bonne lecture et belle aventure. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - - Le 06/08/2022 à 19:38, DA SILVA a écrit : Bonjour, Depuis quelque temps, j'utilise un système d'exploitation qui est Windows 10, je l'utilise pour des besoins personnels, professionnels et pour un usage gaming. Malheureusement, leur politique de confidentialité (traqueur, ciblage, force installation, créer un compte Microsoft obligatoirement...) ne me convient pas du tout. J'ai réfléchi et je souhaite passer sur un autre système d'exploitation qui est Linux, je souhaite un système d'exploitation simple d'utilisation, sécuriser, puissant, compatible avec mes composants et enfin respectueux de la vie privée. Est-ce que ses critères ci-dessus sont dans votre politique de votre système d'exploitation ? Étant un nouveau et débutant, je souhaite avoir un guide complet pour savoir l'installer, le configurer (mise à jour, pilotes, création de l'utilisateur...) Je vous souhaite une excellente journée. Cordialement,
Re: issue with purging an old kernel
DdB wrote on 6/20/22 10:07: Since i am running dozens of VM's, i can say: Me2 am running into this regularly, when i am trying to purge old kernels. I am seeing this so frequently, that i even wrote a script (meant to be run inside the VM's) to clean up the mess, some apt-scripts happen to leave behind. It's comforting to know that this seems to be a relatively common occurrence (although this is the first time I've run into it, and I've been running debian for maybe seven or eight years at this point). As far as I know I have only official debian stable packages on the system, so it has the flavour of a minor packaging bug somewhere. Anyway, I'm not going to worry about it, given that you see it so often. I have cleared out the offending directory and moved on. Thanks to you and the other posters for responding. Doc -- Web: http://enginehousebooks.com/drevans
acceso full a una ip
buenas a todos Necesito que me aclaren esto soy nuevo e esto de iptables. Necesito a una ip de mi lan por ej la 192.168.200.3 darle acceso ainternet full y que no tenga nada que ver con el proxy, es para que baje actualizaciones y todo para servidores etc. puede ser así Ahh la ip real par el proxy por ej 200.55.55.3 iptables -A INPUT -s 192.168.200.3 -j ACCEPT ?? Acepto toda ayuda
issue with purging an old kernel
Normally to remove an old kernel from my debian stable systems, I issue the following command: apt purge linux-headers--amd64 linux-headers--common linux-image--amd64 Following this recipe, which has always worked in the past, I issued: apt purge linux-headers-5.10.0-11-amd64 linux-headers-5.10.0-11-common linux-image-5.10.0-11-amd64 But it failed, with the error message: Purging configuration files for linux-image-5.10.0-11-amd64 (5.10.92-2) ... rmdir: failed to remove '/lib/modules/5.10.0-11-amd64': Directory not empty dpkg: warning: while removing linux-image-5.10.0-11-amd64, directory '/lib/modules/5.10.0-11-amd64' not empty so not removed If I look in the named directory, I see: root@zbrew:~# ls -al /lib/modules/5.10.0-11-amd64 total 35 drwxr-xr-x 3 root root 3 Jun 20 08:49 . drwxr-xr-x 7 root root 7 Jun 17 07:08 .. drwxr-xr-x 2 root root 2 Apr 25 07:53 misc and the directory /lib/modules/5.10.0-11-amd64/misc turns out to be empty. So it seems reasonable to remove /lib/modules/5.10.0-11-amd64/misc/ manually and re-execute the purge command. But before I try that, I'm puzzled as to how this situation could have arisen. Has anyone else seen this happen, and does anyone have a reasonable suggestion as to how it could have occurred? Doc -- Web: http://enginehousebooks.com/drevans
Re: google account say it will no longer deliver email
On Sat, Jun 04, 2022 at 10:02:05PM +0200, sp...@caiway.net wrote: > Hi, > > My first mail provider (in Oslo) promised free mailadress for life. > > Then it was sold to a kapitalist and they started to ask money. > > I do not like that. > > I know it is possible to run a free host. > > By volunteers running the server for example. Oh - great ... please do us all a favour and set up a free host and give us free addresses for life. Thanks! -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
[SOLVED] Re: postfix + gmail
And, of course, half an hour after giving up and asking for help, I discovered what I needed to change. I did a "journalctl | grep smtp" and noticed that, when my machine was connecting to gmail, it seemed to be doing so on port 25. Aha! So I changed my transport file explicitly to use port 587 when connecting to smtp.googlemail.com, reloaded everything and now it works. (Slightly in my defence, I had briefly pondered the question of port number earlier this morning, but, since I hadn't seem any mention of it in my reading of solutions to this problem, I figured that the fact that I had enabled auth in the main.cf file must mean that postfix was automagically going to use port 587 instead of port 25. Now I know better.) Doc -- Web: http://enginehousebooks.com/drevans
postfix + gmail
I am trying to configure postfix correctly to send e-mail to a gmail.com account, using my gmail credentials. 1. It all works fine if I use Thunderbird, with the following configuration: server name: smtp.googlemail.com port:587 Connection security: STARTTLS Authentication method: normal password username: doc.ev...@gmail.com and the password set to my gmail password. That, in fact, is the method that I am using to post this e-mail to the reflector. 2. But when I try to duplicate that with postfix, I receive the following error: : host smtp.googlemail.com[142.250.138.16] said: 530-5.7.0 Authentication Required. Learn more at 530 5.7.0 https://support.google.com/mail/?p=WantAuthError e12-20020a9d490c00b0060b6facd5e4sm4170514otf.29 - gsmtp (in reply to MAIL FROM command) I have spent most of the morning following various Internet threads related to this error, and making many variations to my postfix configuration, but without success. FWIW, here are the relevant parts of my current postfix configuration, and it generates the error message quoted above (I am running debian stable): in main.cf: smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd smtp_sasl_security_options = smtp_sasl_type = cyrus smtp_use_tls = yes smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt in sasl_passwd: [smtp.googlemail.com]:587 doc.ev...@gmail.com: I did check that the password matches exactly the password in Thunderbird. So if some postfix guru could enlighten me as to what I need to change, I'd be very grateful. Doc -- Web: http://enginehousebooks.com/drevans
Re: Choix d'un gestionnaire de mots de passe
Bonsoir, Même ressenti et même usage pour moi avec Vaultwarden en auto-hébergé. Multi plateforme et accessible de partout. A++ ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - - Le 26/05/2022 à 20:56, nou...@ti-nuage.fr a écrit : Bonjour, J'apprécie particulièrement Vaultwarden en auto-hébergé. Multi plateforme et accéssible de partout. Autrement pour ce qui est en ligne de commande, korben à récemment publié un article à propos de Spectre : https://korben.info/spectre-calculateur-mots-passe.html On 26/05/2022 20:43, hamster wrote: Le 26/05/2022 à 19:05, kaliderus a écrit : > Bonjour la liste, > > Quel est votre gestionnaire de mot de passe préféré et pourquoi ? KeepassXC, parce que c'est le seul qui a été certifié par l'ANSSI (pour ce que j'en sais). Je prend la version XC parce que c'est nettement mieux intégré dans linux. Sur le sujet des mots de passe, je pense que vous connaissez déjà cette conférence : https://www.videos-libr.es/w/cf58e9a4-bce3-471a-bb40-5e5c3fcb71f1 > Je suis en train de tester keepass qui semble pas mal foutu, > néanmoins, une interface uniquement en ligne de commande ne serait pas > pour me déplaire. Heu, attend, tu veux en faire quoi de ton gestionnaire de mot de passe ? > J'ai aussi envisagé de chiffrer tout simplement un fichier > texte... Ca dépend de ton usage. Quand je me logue sur un nouveau site web, je rentre a la main mon identifiant et mot de passe, et keepass me demande si je veux les enregistrer. Ensuite, quand je retourne sur le meme site web, keepass me propose de taper l'identifiant et le mot de passe a ma place. De meme, quand j'ouvre mon mail avec thunderbird, keepass tape le mot de passe a ma place. Bien sur, j'ai du installer une extension dans firefox et une autre dans thunderbird pour que keepass puisse interagir de la sorte avec ces 2 logiciels. Je sais pas comment faire un tel fonctionnement avec un simple fichier texte chiffré. Tu risque fort de trouver rapidement que faire des copier/coller depuis un fichier texte c'est relou, et d'ailleurs le fait que ton mot de passe reste dans le presse papier a chaque fois que tu fait un copier/coller est une faille de sécurité. > l'idéal serait un outil en ligne de commande Donc les logiciels dans lesquels tu utilise tes mots de passe sont aussi en ligne de commande ? Je veux dire : tu surfe sur le web avec ELinks ou equivalent ??? Keepass a une interface graphique, qui me sert a… taper mon mot de passe maitre pour déverouiller la base de données. Ensuite je n'ai plus a cliquer dans keepass. Tout se passe directement dans les logiciels qui ont besoin des mots de passe.
Re: When will Debian book Authors be publishing Debian 11 Bullseye System Administrator's Handbook?
Respected IL Ka, Thank you very much for your reply. I will right away buy Debian 10 System Administration Handbook. Regards Adrian On Fri, Apr 29, 2022 at 11:50 AM IL Ka wrote: > Debian 10 handbook (https://debian-handbook.info/) still can be used to > study Debian because lots of things are the same. > After this book you can read Debian 11 release notes: > https://www.debian.org/releases/stable/amd64/release-notes/index.en.html > >>
Does this video on YouTube tutorial complacent with Debian 11 Bullseye System Administration?
Respected Everyone, I have installed Debian 11 Bullseye on my Laptop and found the following video tutorial. https://youtu.be/wsh64rjnRas Does this video tutorial coalign with Debian 11 Bullseye System Administration? I really need the latest tutorial. Thank you. Regards Adrian
When will Debian book Authors be publishing Debian 11 Bullseye System Administrator's Handbook?
Respected Debian Book Authors, When will you be going to publish Debian 11 Bullseye System Administrator's Handbook? I cannot wait to buy it from Amazon. I really need it. Please publish it as soon as possible. Is there any website or video site from where I can learn to be a Complete Debian 11 Bullseye Administrator? Can you point me in the right direction? Please let me know. Cheers Adrian
Re: Start ZFS partition on boot.
James Allsopp wrote on 3/18/22 15:20: I'm having lots of trouble starting my zfs /var partition as part of boot, I urge you to post the question on the zfs-discuss reflector. Doc -- Web: http://enginehousebooks.com/drevans
Re: jupyter-notebook and bullseye
Reco wrote on 12/31/21 1:47 PM: That was certainly a help (although I wonder why it was necessary for me to do that manually), It's official Debian policy now, believe it or not. python 2.x is /usr/bin/python2. python 3.x is /usr/bin/python3. If the user really wants /usr/bin/python the user should install python-is-python2 or python-is-python3. And these two packages conflict with each other. Once upon a time, not really that long ago, Debian seemed to make very sensible decisions to keep everything stable and working across upgrades. In the past few years, however, I find myself shaking my head and wondering "what were they thinking?" It's not that some of the things they've done are necessarily *wrong* per se, but they have certainly been a lot more experimental than one wants in an environment that one expects to keep working properly across upgrades; it seems that somehow the importance of keeping the users' systems functioning as one hopes they will is now a much lower priority than it used to be. but ultimately I am still unable to do anything. I'm not familiar with jupyter and I'm not using it. Pretty wise; I think. I was sucked in a bit about the hype that surrounds it and put in quite a bit of effort to build some useful notebooks a few years ago. But now I find that it's pretty much like the majority of experiments I've tried over the years: it looks nifty, and doubtless some people find it useful, but for me it's too fragile and ultimately the cost in time isn't worth the possible benefit. But it certainly would be nice to at least be able to use my old jupyter notebooks, even if it's unlikely that I'll create any new ones. Judging from [1], you're required to reinstall all these "jupyter kernels", because what you have was installed for python2, but what you need is to install them for python3. But then again, I could be wrong. Sorry, cannot help you further. That's probably a good bet. I don't remember how any of those kernels got installed [I thought that all except the sos kernel were from debian repositories, but my memory might be faulty], so I'll have to search around and see what I can dig up. The evidence to hand does seem to suggest that they don't auto-upgrade and therefore need to be upgraded manually somehow. Thank you for taking the time to share your thoughts, especially as you don't use jupyter yourself. Doc -- Web: http://enginehousebooks.com/drevans
Re: jupyter-notebook and bullseye
Reco wrote on 12/17/21 6:10 AM: Hi. On Thu, Dec 16, 2021 at 12:43:51PM -0700, D. R. Evans wrote: FileNotFoundError: [Errno 2] No such file or directory: '/usr/bin/python' ... Can someone suggest how I might get back to the fully-working set of kernels that I had in buster? Try this: apt install python-is-python3 Thank you very much. That was certainly a help (although I wonder why it was necessary for me to do that manually), but ultimately I am still unable to do anything. "jupyter kernelspec list" now looks better: [ZB:jupyter] jupyter kernelspec list Available kernels: ir /home/n7dr/.local/share/jupyter/kernels/ir markdown/home/n7dr/.local/share/jupyter/kernels/markdown bash/usr/local/share/jupyter/kernels/bash gnuplot /usr/local/share/jupyter/kernels/gnuplot sos /usr/local/share/jupyter/kernels/sos python3 /usr/share/jupyter/kernels/python3 [ZB:jupyter] But if I actually run jupyter-notebook on a known-good .ipynb file I get the following: [ZB:jupyter] jn CQ* [I 13:22:37.809 NotebookApp] Loading IPython parallel extension [I 13:22:37.824 NotebookApp] Serving notebooks from local directory: /home/n7dr/notebooks/jupyter [I 13:22:37.824 NotebookApp] Jupyter Notebook 6.2.0 is running at: [I 13:22:37.824 NotebookApp] http://localhost:/?token=5e06127359465bc598e53eb5b48ef202592e96e3a1fe4ba7 [I 13:22:37.824 NotebookApp] or http://127.0.0.1:/?token=5e06127359465bc598e53eb5b48ef202592e96e3a1fe4ba7 [I 13:22:37.825 NotebookApp] Use Control-C to stop this server and shut down all kernels (twice to skip confirmation). [C 13:22:42.319 NotebookApp] To access the notebook, open this file in a browser: file:///home/n7dr/.local/share/jupyter/runtime/nbserver-2497406-open.html Or copy and paste one of these URLs: http://localhost:/?token=5e06127359465bc598e53eb5b48ef202592e96e3a1fe4ba7 or http://127.0.0.1:/?token=5e06127359465bc598e53eb5b48ef202592e96e3a1fe4ba7 [W 13:22:50.477 NotebookApp] 404 GET /nbextensions/widgets/notebook/js/extension.js?v=20211231132234 (127.0.0.1) 96.38ms referer=http://localhost:/notebooks/CQ%20WW.ipynb [I 13:22:51.078 NotebookApp] 302 GET /notebooks/activity-160.png (127.0.0.1) 0.67ms [I 13:22:51.171 NotebookApp] 302 GET /notebooks/2017-ALL.png (127.0.0.1) 0.61ms [I 13:22:51.394 NotebookApp] 302 GET /notebooks/cq-ww-qso-nlogs-a-u.png (127.0.0.1) 0.62ms [I 13:22:51.456 NotebookApp] 302 GET /notebooks/cq-ww-qso-percentiles.png (127.0.0.1) 0.64ms [I 13:22:51.576 NotebookApp] Kernel started: 9636f23d-6e5c-4ce6-931a-f0844f8876e5, name: bash /usr/bin/python: No module named bash_kernel [I 13:22:54.576 NotebookApp] KernelRestarter: restarting kernel (1/5), new random ports /usr/bin/python: No module named bash_kernel [I 13:22:57.590 NotebookApp] KernelRestarter: restarting kernel (2/5), new random ports /usr/bin/python: No module named bash_kernel [I 13:23:00.598 NotebookApp] KernelRestarter: restarting kernel (3/5), new random ports /usr/bin/python: No module named bash_kernel [I 13:23:03.605 NotebookApp] KernelRestarter: restarting kernel (4/5), new random ports /usr/bin/python: No module named bash_kernel [W 13:23:06.621 NotebookApp] KernelRestarter: restart failed [W 13:23:06.621 NotebookApp] Kernel 9636f23d-6e5c-4ce6-931a-f0844f8876e5 died, removing from map. [W 13:23:12.691 NotebookApp] Replacing stale connection: 9636f23d-6e5c-4ce6-931a-f0844f8876e5:1820effccd3749579998b085be46704b [W 13:23:34.746 NotebookApp] Replacing stale connection: 9636f23d-6e5c-4ce6-931a-f0844f8876e5:1820effccd3749579998b085be46704b [W 13:23:51.683 NotebookApp] Timeout waiting for kernel_info reply from 9636f23d-6e5c-4ce6-931a-f0844f8876e5 [E 13:23:51.686 NotebookApp] Error opening stream: HTTP 404: Not Found (Kernel does not exist: 9636f23d-6e5c-4ce6-931a-f0844f8876e5) [W 13:23:51.689 NotebookApp] 404 GET /api/kernels/9636f23d-6e5c-4ce6-931a-f0844f8876e5/channels?session_id=1820effccd3749579998b085be46704b (127.0.0.1): Kernel does not exist: 9636f23d-6e5c-4ce6-931a-f0844f8876e5 [W 13:23:51.690 NotebookApp] 404 GET /api/kernels/9636f23d-6e5c-4ce6-931a-f0844f8876e5/channels?session_id=1820effccd3749579998b085be46704b (127.0.0.1) 39005.31ms referer=None [W 13:23:51.690 NotebookApp] 404 GET /api/kernels/9636f23d-6e5c-4ce6-931a-f0844f8876e5/channels?session_id=1820effccd3749579998b085be46704b (127.0.0.1): Kernel does not exist: 9636f23d-6e5c-4ce6-931a-f0844f8876e5 [W 13:23:51.691 NotebookApp] 404 GET /api/kernels/9636f23d-6e5c-4ce6-931a-f0844f8876e5/channels?session_id=1820effccd3749579998b085be46704b (127.0.0.1) 16950.43ms referer=None [W 13:23:55.701 NotebookApp] Replacing stale connection: 9636f23d-6e5c-4ce6-931a-f0844f8876e5:1820effccd3749579998b085be46704b [W 13:24:23.733 NotebookApp] Replacing stale connection: 9636f23d-6e5c-4ce6-931a-f0844f8876e5:1820effccd3749579998b085be46704b And in the brow
jupyter-notebook and bullseye
I don't use jupyter-notebook often, so I only just discovered that I am encountering a problem with it following my upgrade from buster to bullseye a couple of months ago. It worked fine on buster, and I have changed nothing related to jupyter since the upgrade. When jupyter-notebook starts the browser, I see a big red "kernel error" button, and when I press it, the following pops up: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/tornado/web.py", line 1704, in _execute result = await result File "/usr/lib/python3/dist-packages/tornado/gen.py", line 769, in run yielded = self.gen.throw(*exc_info) # type: ignore File "/usr/lib/python3/dist-packages/notebook/services/sessions/handlers.py", line 69, in post model = yield maybe_future( File "/usr/lib/python3/dist-packages/tornado/gen.py", line 762, in run value = future.result() File "/usr/lib/python3/dist-packages/tornado/gen.py", line 769, in run yielded = self.gen.throw(*exc_info) # type: ignore File "/usr/lib/python3/dist-packages/notebook/services/sessions/sessionmanager.py", line 88, in create_session kernel_id = yield self.start_kernel_for_session(session_id, path, name, type, kernel_name) File "/usr/lib/python3/dist-packages/tornado/gen.py", line 762, in run value = future.result() File "/usr/lib/python3/dist-packages/tornado/gen.py", line 769, in run yielded = self.gen.throw(*exc_info) # type: ignore File "/usr/lib/python3/dist-packages/notebook/services/sessions/sessionmanager.py", line 100, in start_kernel_for_session kernel_id = yield maybe_future( File "/usr/lib/python3/dist-packages/tornado/gen.py", line 762, in run value = future.result() File "/usr/lib/python3/dist-packages/notebook/services/kernels/kernelmanager.py", line 176, in start_kernel kernel_id = await maybe_future(self.pinned_superclass.start_kernel(self, **kwargs)) File "/usr/lib/python3/dist-packages/jupyter_client/multikernelmanager.py", line 185, in start_kernel km.start_kernel(**kwargs) File "/usr/lib/python3/dist-packages/jupyter_client/manager.py", line 313, in start_kernel self.kernel = self._launch_kernel(kernel_cmd, **kw) File "/usr/lib/python3/dist-packages/jupyter_client/manager.py", line 222, in _launch_kernel return launch_kernel(kernel_cmd, **kw) File "/usr/lib/python3/dist-packages/jupyter_client/launcher.py", line 134, in launch_kernel proc = Popen(cmd, **kwargs) File "/usr/lib/python3.9/subprocess.py", line 951, in __init__ self._execute_child(args, executable, preexec_fn, close_fds, File "/usr/lib/python3.9/subprocess.py", line 1823, in _execute_child raise child_exception_type(errno_num, err_msg, err_filename) FileNotFoundError: [Errno 2] No such file or directory: '/usr/bin/python' - It is certainly true that that file does not exist, but something is obviously telling jupyter to look for it. So something about the jupyter configuration seems to have been hosed by the upgrade. The command "jupyter kernelspec list" produces: [ZB:~] jupyter kernelspec list -bash: /home/n7dr/.local/bin/jupyter: /usr/bin/python: bad interpreter: No such file or directory [ZB:~] In buster I had perhaps half a dozen kernels available (and they all worked). Can someone suggest how I might get back to the fully-working set of kernels that I had in buster? Doc -- Web: http://enginehousebooks.com/drevans
Re: Problème carte son USB
Bonjour, Non, les microcoupures sont aussi en local avec des musiques en .flac, .mp3 ou .wav. J'ai déjà testé avec Librazic, les problèmes sont les mêmes. Ayant exposé tout ça chez Linuxmao, ils penchent pour un problème de pilote, j'ai fait changé la carte USB par mon revendeur pour éliminer le problème matériel. Aucun problème à signaler sur Mac ou Windows. Même avec les autres périphériques de débranché, le problème se reproduit. Alex. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - - Le 22/11/2021 à 13:47, Haricophile a écrit : Le Mon, 22 Nov 2021 12:42:04 +0100, Haricophile a écrit : Bonjour, J'ai solliciter les équipes de linuxmao qui me conseille justement de venir ici car pour eux il s'agirait d'un problème de pilote pour la carte son. Merci pour ton message. Ah possible. Mais si les microcoupures ne sont que en réseau, je me poserait quand même la question de savoir s'il ne faut pas gratter par là. Dans les questions, il y a quel est le chipset de ta carte, comment tu diffuse en réseau, pulseaudio sous SID... Sous SID, il peut aussi y avoir une question du kernel Linux, je commencerais par tester avec une autre version de kernel, voire avec une version stable comme Librazic en "live USB". Ah, et comme c'est de l'USB, a tout zazard débranche les autres appareils branchés sur le même contrôleur.
Problème carte son USB
Bonjour, J'ai fait l'acquisition d'une carte son USB (Berhinger UMC202HD) reconnu par Debian au démarrage est presque opérationnelle. Je rencontre un problème de micro coupure lors de la lecture musicale en réseau, sur le web ou en local. J'ai désinstallé puis réinstallé pulseaudio et alsa mais cela ne résout pas le problème. Je suis sous Debian GNU/Linux bookworm/sid x86_64 avec un noyau 5.15.0-1-amd64. Merci par avance pour votre aide. Librement -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ ⠈⠳⣄ ⠀⠀ Alexandre D. https://alexbook.fr alexan...@alexbook.fr - - - - - - - System : Debian SID - - - - - - - -
Re: bullseye and running graphics over ssh
Greg Wooledge wrote on 10/7/21 2:21 PM: On Thu, Oct 07, 2021 at 02:15:45PM -0600, D. R. Evans wrote: For years (decades, actually) I have routinely executed graphical programs over ssh (i.e., I sit at computer A, ssh into computer B, then run a graphical program on computer B whose windows, mouse events, etc., all occur on computer A). In bullseye, at least out-of-the-box bullseye, this suddenly no longer works. You should have been using "ssh -X B" all along to get this functionality. Your previous system A must have had ssh_config (or your personal .ssh/config) set up to turn on X11 forwarding by default, which is not recommended. That's interesting... ssh_config was overwritten. Normally when a config file I've altered is overwritten during an upgrade, I expect to be told and to be given a chance to do something sensible -- and that didn't happen in the case of the global ssh configuration file. But indeed, comparing the bullseye ssh_config to the one I had in buster, I see that ForwardX11 has changed back to "no" whereas I had forced it to "yes" in buster. You're right that making that change in the global config file was bad practice, so this time I've left the global ssh_config unchanged from the default and added an explicit ForwardX11 yes to the entry for the destination host in ~/.ssh/config. So nothing to do with Wayland. Thanks for putting me straight and saving me a lot of frustration. Doc -- Web: http://enginehousebooks.com/drevans
bullseye and running graphics over ssh
For years (decades, actually) I have routinely executed graphical programs over ssh (i.e., I sit at computer A, ssh into computer B, then run a graphical program on computer B whose windows, mouse events, etc., all occur on computer A). In bullseye, at least out-of-the-box bullseye, this suddenly no longer works. I have bullseye running on both computers. The first indication of a problem is immediately when I log in via ssh. I now see: xrdb: Can't open display '' as part of the login process. The cause seems to be the line: xrdb -load ~/.Xresources in .bashrc. For some reason that no longer works as it has in the past. And this seems to be because the DISPLAY variable hasn't been set. I really don't understand what's going on, because this has worked forever. And naturally, since DISPLAY isn't set, nothing else works. Can someone point me to some instructions as to how to fix all this? I suspect it's all to do with Wayland suddenly becoming the default. But I can't find any way to STOP bullseye using Wayland and forcing it to revert to the X that I've known since the 1990s. There must be some way either to get X working over Wayland or to remove Wayland until it properly supports X sessions unobtrusively; but I can't find it. Doc -- Web: http://enginehousebooks.com/drevans
Re: failed upgrade buster -> bullseye
D. R. Evans wrote on 10/4/21 4:36 PM: D. R. Evans wrote on 10/4/21 4:12 PM: I just tried to upgrade my main desktop machine (this machine) from buster to bullseye. I am suspicious that the problem is related to having root on ZFS on this machine. So I have posted a request for help on the zfsonlinux reflector, and probably it would be best if no one here spent much (or any) time thinking about the problem unless/until I am satisfied that the issue is unrelated to ZFS. Indeed, the problem seems to have been caused by using root on ZFS. Running bullseye here now. Doc -- Web: http://enginehousebooks.com/drevans
Re: failed upgrade buster -> bullseye
D. R. Evans wrote on 10/4/21 4:12 PM: I just tried to upgrade my main desktop machine (this machine) from buster to bullseye. I am suspicious that the problem is related to having root on ZFS on this machine. So I have posted a request for help on the zfsonlinux reflector, and probably it would be best if no one here spent much (or any) time thinking about the problem unless/until I am satisfied that the issue is unrelated to ZFS. Doc -- Web: http://enginehousebooks.com/drevans
failed upgrade buster -> bullseye
I just tried to upgrade my main desktop machine (this machine) from buster to bullseye. The upgrade halted with: ... Setting up libgnustep-base1.27 (1.27.0-3) ... Processing triggers for shared-mime-info (2.0-1) ... Setting up gnustep-base-runtime (1.27.0-3) ... Setting up unar (1.10.1-2+b6) ... Errors were encountered while processing: linux-image-5.10.0-8-amd64 linux-image-amd64 Sub-process /usr/bin/dpkg returned an error code (1) I have no idea what to do (other than to refrain from rebooting and hope that I don't lose power for so long that the UPS dies). How do I start to find and fix the problem??? I do have a script record of the entire upgrade. It's about 6MB in length. Doc -- Web: http://enginehousebooks.com/drevans
Re: problem with sound for bullseye upgrade on amd64: must be root for sound to work on my machine
I finally got my sound working. I followed some advice from here: https://www.linuxquestions.org/questions/slackware-14/alsa-1-2-5-upgrade-errors-4175695921/page3.html which was a similar problem to mine, and not sure what did it, but I got a flash pop up on my screen about alsa, and tested all things working now. Man, what a frustration. Otherwise, the bullseye upgrade has been flawless for me so far. On 8/25/21 2:30 PM, James D Freels wrote: Thanks for responding Georgi, I had already tried "alsactl init" earlier based on other advise found on the WWW. However, I did not pay close enough attention because of error messages I get as shown below: alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:0 use case configuration -2 Found hardware: "CMI8786" "CMI8786" "CS4245 CMI8786" "0x1043" "0x8467" Hardware is initialized using a generic method alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:1 use case configuration -2 Found hardware: "USB-Audio" "USB Mixer" "USB046d:082c" "" "" Hardware is initialized using a generic method alsa-lib parser.c:260:(error_node) UCM is not supported for this HDA model (HDA NVidia at 0xfe9fc000 irq 49) alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:2 use case configuration -6 Found hardware: "HDA-Intel" "Nvidia GPU 51 HDMI/DP" "HDA:10de0051,38422724,00100100" "0x3842" "0x2724" Hardware is initialized using a generic method I cannot find much about this message, nor how to correct it. The alsamixer seems to work fine as expected and indicates I have the sound card active and should hear sound. But, it only provides actual sound if I am root. On 8/25/21 1:28 PM, Georgi Naplatanov wrote: Hi James, try to run: # alsactl init as root, reboot and adjust all channels with alsamixer or similar with your (non-root) user. Kind regards Georgi On 8/25/21 20:02, James D Freels wrote: I have not received a response yet, but I am hoping. What I know: -sound works as root, not as user -snd_oxygen module (required driver for my card) is loaded, but I can't verify what is loading it. no messages in dmesg show it being loaded -since snd_oxygen is loaded, it makes sense that aplay works as root -pulse does not show the sound card, but does show the hdmi audio on my nvidia card, and the microphone on my web cam. Both are muted in pavucontrol -big question: why doesn't sound card get loaded by pulseaudio ? How can I force that -I am now going over every occurrence of a pulseaudio configuration file on my system for a clue Any help appreciated. Is there a good troubleshoot procedure for debian/11/bullseye sound problems ? On 8/24/21 3:05 PM, James D Freels wrote: Hello, I am a long-time debian user, and just recently upgraded my buster amd64 machine to bullseye. Essentially everything works as expected so far. However, one very nagging problem I currently have is that my sound does not work unless I am rooted. For example, if I issue the command aplay bark.au where bark.au is a snippet sound file of a dog barking, it fails. However, if I issue the command sudo aplay bark.au it works fine. Similar sound playing occurs with any sound-playing app. For example mpg123, vlc, etc., all require a sudo or be logged in as root to work. I have looked all around the WWW to try to find a solution to this problem. The most common solution is to make sure that user ids are in the audio group in the /etc/group configuration file. Of course, I have that, and have confirmed it. This is not a brand new installation after all, but an upgrade. Other common remedies I have tried are to fiddle with the pavucontrol and alsamixer settings. My sound card does not show up in the pavucontrol (pulse doesn't find my sound card), but DOES show up in the alsamixer. I have also looked at the debian sound wiki, and other sources to try to fix this problem. Then, I remembered that I often used this form to learn about debian way back in the days when I first started using debian about 1994 or so. Perhaps I can get some expert help. Maybe a source I can go down a list of troubleshoot to nail this one down. It is obviously a permissions issue (I also looked at device permissions, etc.). Just a bit puzzled and frustrated. P.S. BTW, my sound card is a C-Media, Xonor DG with chip set CMI8788 and uses the oxygen HD audio driver. lspci -v output corresponding: 05:02.0 Multimedia audio controller: C-Media Electronics Inc CMI8788 [Oxygen HD Audio] Subsystem: ASUSTeK Computer Inc. CMI8786 (Xonar DG) Flags: bus master, medium devsel, latency 64, IRQ 22, NUMA node 0 I/O ports at e800 [size=256] Capabilities: [c0] Power Management version 2 Kernel driver in use: snd_oxygen Kernel modules:
Re: problem with sound for bullseye upgrade on amd64: must be root for sound to work on my machine
Thanks for responding Georgi, I had already tried "alsactl init" earlier based on other advise found on the WWW. However, I did not pay close enough attention because of error messages I get as shown below: alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:0 use case configuration -2 Found hardware: "CMI8786" "CMI8786" "CS4245 CMI8786" "0x1043" "0x8467" Hardware is initialized using a generic method alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:1 use case configuration -2 Found hardware: "USB-Audio" "USB Mixer" "USB046d:082c" "" "" Hardware is initialized using a generic method alsa-lib parser.c:260:(error_node) UCM is not supported for this HDA model (HDA NVidia at 0xfe9fc000 irq 49) alsa-lib main.c:1014:(snd_use_case_mgr_open) error: failed to import hw:2 use case configuration -6 Found hardware: "HDA-Intel" "Nvidia GPU 51 HDMI/DP" "HDA:10de0051,38422724,00100100" "0x3842" "0x2724" Hardware is initialized using a generic method I cannot find much about this message, nor how to correct it. The alsamixer seems to work fine as expected and indicates I have the sound card active and should hear sound. But, it only provides actual sound if I am root. On 8/25/21 1:28 PM, Georgi Naplatanov wrote: Hi James, try to run: # alsactl init as root, reboot and adjust all channels with alsamixer or similar with your (non-root) user. Kind regards Georgi On 8/25/21 20:02, James D Freels wrote: I have not received a response yet, but I am hoping. What I know: -sound works as root, not as user -snd_oxygen module (required driver for my card) is loaded, but I can't verify what is loading it. no messages in dmesg show it being loaded -since snd_oxygen is loaded, it makes sense that aplay works as root -pulse does not show the sound card, but does show the hdmi audio on my nvidia card, and the microphone on my web cam. Both are muted in pavucontrol -big question: why doesn't sound card get loaded by pulseaudio ? How can I force that -I am now going over every occurrence of a pulseaudio configuration file on my system for a clue Any help appreciated. Is there a good troubleshoot procedure for debian/11/bullseye sound problems ? On 8/24/21 3:05 PM, James D Freels wrote: Hello, I am a long-time debian user, and just recently upgraded my buster amd64 machine to bullseye. Essentially everything works as expected so far. However, one very nagging problem I currently have is that my sound does not work unless I am rooted. For example, if I issue the command aplay bark.au where bark.au is a snippet sound file of a dog barking, it fails. However, if I issue the command sudo aplay bark.au it works fine. Similar sound playing occurs with any sound-playing app. For example mpg123, vlc, etc., all require a sudo or be logged in as root to work. I have looked all around the WWW to try to find a solution to this problem. The most common solution is to make sure that user ids are in the audio group in the /etc/group configuration file. Of course, I have that, and have confirmed it. This is not a brand new installation after all, but an upgrade. Other common remedies I have tried are to fiddle with the pavucontrol and alsamixer settings. My sound card does not show up in the pavucontrol (pulse doesn't find my sound card), but DOES show up in the alsamixer. I have also looked at the debian sound wiki, and other sources to try to fix this problem. Then, I remembered that I often used this form to learn about debian way back in the days when I first started using debian about 1994 or so. Perhaps I can get some expert help. Maybe a source I can go down a list of troubleshoot to nail this one down. It is obviously a permissions issue (I also looked at device permissions, etc.). Just a bit puzzled and frustrated. P.S. BTW, my sound card is a C-Media, Xonor DG with chip set CMI8788 and uses the oxygen HD audio driver. lspci -v output corresponding: 05:02.0 Multimedia audio controller: C-Media Electronics Inc CMI8788 [Oxygen HD Audio] Subsystem: ASUSTeK Computer Inc. CMI8786 (Xonar DG) Flags: bus master, medium devsel, latency 64, IRQ 22, NUMA node 0 I/O ports at e800 [size=256] Capabilities: [c0] Power Management version 2 Kernel driver in use: snd_oxygen Kernel modules: snd_oxygen Nothing has changed with the hardware, and I know the setup works. This seems to be a permissions/software issue. -- Father, if you are willing, please take this cup of suffering away from me. Yet I want your will to be done, not mine. Luke 22:42 NLT James D. Freels, Ph.D., P.E. freel...@gmail.com 865-457-6742 (landline) 865-919-0320 (cell)
Re: problem with sound for bullseye upgrade on amd64: must be root for sound to work on my machine
I have not received a response yet, but I am hoping. What I know: -sound works as root, not as user -snd_oxygen module (required driver for my card) is loaded, but I can't verify what is loading it. no messages in dmesg show it being loaded -since snd_oxygen is loaded, it makes sense that aplay works as root -pulse does not show the sound card, but does show the hdmi audio on my nvidia card, and the microphone on my web cam. Both are muted in pavucontrol -big question: why doesn't sound card get loaded by pulseaudio ? How can I force that -I am now going over every occurrence of a pulseaudio configuration file on my system for a clue Any help appreciated. Is there a good troubleshoot procedure for debian/11/bullseye sound problems ? On 8/24/21 3:05 PM, James D Freels wrote: Hello, I am a long-time debian user, and just recently upgraded my buster amd64 machine to bullseye. Essentially everything works as expected so far. However, one very nagging problem I currently have is that my sound does not work unless I am rooted. For example, if I issue the command aplay bark.au where bark.au is a snippet sound file of a dog barking, it fails. However, if I issue the command sudo aplay bark.au it works fine. Similar sound playing occurs with any sound-playing app. For example mpg123, vlc, etc., all require a sudo or be logged in as root to work. I have looked all around the WWW to try to find a solution to this problem. The most common solution is to make sure that user ids are in the audio group in the /etc/group configuration file. Of course, I have that, and have confirmed it. This is not a brand new installation after all, but an upgrade. Other common remedies I have tried are to fiddle with the pavucontrol and alsamixer settings. My sound card does not show up in the pavucontrol (pulse doesn't find my sound card), but DOES show up in the alsamixer. I have also looked at the debian sound wiki, and other sources to try to fix this problem. Then, I remembered that I often used this form to learn about debian way back in the days when I first started using debian about 1994 or so. Perhaps I can get some expert help. Maybe a source I can go down a list of troubleshoot to nail this one down. It is obviously a permissions issue (I also looked at device permissions, etc.). Just a bit puzzled and frustrated. P.S. BTW, my sound card is a C-Media, Xonor DG with chip set CMI8788 and uses the oxygen HD audio driver. lspci -v output corresponding: 05:02.0 Multimedia audio controller: C-Media Electronics Inc CMI8788 [Oxygen HD Audio] Subsystem: ASUSTeK Computer Inc. CMI8786 (Xonar DG) Flags: bus master, medium devsel, latency 64, IRQ 22, NUMA node 0 I/O ports at e800 [size=256] Capabilities: [c0] Power Management version 2 Kernel driver in use: snd_oxygen Kernel modules: snd_oxygen Nothing has changed with the hardware, and I know the setup works. This seems to be a permissions/software issue. -- Father, if you are willing, please take this cup of suffering away from me. Yet I want your will to be done, not mine. Luke 22:42 NLT James D. Freels, Ph.D., P.E. freel...@gmail.com 865-457-6742 (landline) 865-919-0320 (cell)
problem with sound for bullseye upgrade on amd64: must be root for sound to work on my machine
Hello, I am a long-time debian user, and just recently upgraded my buster amd64 machine to bullseye. Essentially everything works as expected so far. However, one very nagging problem I currently have is that my sound does not work unless I am rooted. For example, if I issue the command aplay bark.au where bark.au is a snippet sound file of a dog barking, it fails. However, if I issue the command sudo aplay bark.au it works fine. Similar sound playing occurs with any sound-playing app. For example mpg123, vlc, etc., all require a sudo or be logged in as root to work. I have looked all around the WWW to try to find a solution to this problem. The most common solution is to make sure that user ids are in the audio group in the /etc/group configuration file. Of course, I have that, and have confirmed it. This is not a brand new installation after all, but an upgrade. Other common remedies I have tried are to fiddle with the pavucontrol and alsamixer settings. My sound card does not show up in the pavucontrol (pulse doesn't find my sound card), but DOES show up in the alsamixer. I have also looked at the debian sound wiki, and other sources to try to fix this problem. Then, I remembered that I often used this form to learn about debian way back in the days when I first started using debian about 1994 or so. Perhaps I can get some expert help. Maybe a source I can go down a list of troubleshoot to nail this one down. It is obviously a permissions issue (I also looked at device permissions, etc.). Just a bit puzzled and frustrated. P.S. BTW, my sound card is a C-Media, Xonor DG with chip set CMI8788 and uses the oxygen HD audio driver. lspci -v output corresponding: 05:02.0 Multimedia audio controller: C-Media Electronics Inc CMI8788 [Oxygen HD Audio] Subsystem: ASUSTeK Computer Inc. CMI8786 (Xonar DG) Flags: bus master, medium devsel, latency 64, IRQ 22, NUMA node 0 I/O ports at e800 [size=256] Capabilities: [c0] Power Management version 2 Kernel driver in use: snd_oxygen Kernel modules: snd_oxygen Nothing has changed with the hardware, and I know the setup works. This seems to be a permissions/software issue. -- James D. Freels, Ph.D., P.E. freel...@gmail.com 865-457-6742 (landline) 865-919-0320 (cell)
Re: Firewall POSTROUTING problem
On Thu, Aug 12, 2021 at 01:28:57AM +0300, IL Ka wrote: > > > > > > > > > > iptables -A FORWARD -j ACCEPT > > > > Are you sure your packets are forwarded via netfilter? > Try to disable forwarding (with sysctl) or change rulte to -j DROP and > check traffic with sniffer (no packet should be forwarded from virt machine > to the Internet) It now works all of a sudden I am scratching my head to see what I have changed. The only thing is rebooting the virtual machine that I was testing from. I cannot see that that should have made a difference. I was changing the firewall ... Anyway: thanks for now, I am sorry if I have wasted anyone's time :-( -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Firewall POSTROUTING problem
On Wed, Aug 11, 2021 at 11:50:30PM +0200, deloptes wrote: > Alain D D Williams wrote: > > > iptables -A FORWARD -j ACCEPT > > > > and the OUTPUT? OUTOUT is also ACCEPT, however this is not, I think, important as the packets come from 10.239.239.23 (via br0) and go to the Internet - thus FORWARD is what is important. Anyway: I see (on the modem) the packets with source 10.239.239.23 > > and this is not a problem ... evidence is outgoing packets with source > > address 10.239.239.23 > > ah, ok, I misinterpreted it. The important stuff from ifconfig is: br0: flags=4163 mtu 1500 inet 10.239.239.254 netmask 255.255.255.0 broadcast 10.239.239.255 inet6 fe80::7ca1:36ff:fe12:7402 prefixlen 64 scopeid 0x20 ether ee:3c:27:eb:c0:4f txqueuelen 1000 (Ethernet) RX packets 31632 bytes 2596968 (2.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2065 bytes 374487 (365.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 enp3s0: flags=4163 mtu 1500 inet 192.168.108.2 netmask 255.255.255.0 broadcast 192.168.108.255 inet6 2001:4d48:ad51:2f00::2:2 prefixlen 112 scopeid 0x0 inet6 fe80::922b:34ff:fe12:6470 prefixlen 64 scopeid 0x20 ether 90:2b:34:12:64:70 txqueuelen 1000 (Ethernet) RX packets 922014 bytes 240006341 (228.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 562616 bytes 80027668 (76.3 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Firewall POSTROUTING problem
On Wed, Aug 11, 2021 at 11:32:51PM +0200, deloptes wrote: > I remember it was not only the POSTROUTING. May be I am wrong, but I think > FORWARD and OUTPUT is important. > I also wonder why you are mixing up the -s and --to-source. You should be > using the local address for -s and --to-source the translation (the > outgoing addresses 10.239.239.23) This says that anything with a source address 10.239.239.0/24 (ie virtual machine) will have the source address changed to 192.168.108.2; this is so that the BB modem does another NAT setting the source address to my external IP address. While I am debugging this, to avoid complication, I have set: iptables -A FORWARD -j ACCEPT and this is not a problem ... evidence is outgoing packets with source address 10.239.239.23 -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Firewall POSTROUTING problem
Hi, I have problems getting POSTROUTING to work on a Debian 10 box. Setup: INTERNET ... Broadband modem 192.168.108.1 Network internal to the Debian box for virtual machines 10.239.239.0/24 Debian has address 192.168.108.2 (interface enp3s0) and 10.239.239.254 (interface br0) Processes on Debian 10 can talk to the Internet Processes on virtual machines (eg 10.239.239.23) can talk to the Debian machine (ie 192.168.108.2) on which they are hosted. If on 10.239.239.23 I ping the BBC (212.58.249.145) and look with a packet sniffer on the BB modem I see outgoing addresses 10.239.239.23 This should not happen. I am running an iptables firewall that should fix this with the rule below: iptables -t nat -A POSTROUTING -s 10.239.239.0/24 -j SNAT --to-source 192.168.108.2 I have tried variations like: iptables -t nat -A POSTROUTING -o enp3s0 -j SNAT --to-source 192.168.108.2 It is as if the POSTROUTING rule is being ignored. This seems to be confirmed by the output below which shows that 0 packets have been through POSTROUTING. Can anyone shed any light on this ? Thanks in advance # iptables -L -n -t nat -v Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 SNAT all -- * * 10.239.239.0/24 0.0.0.0/0 to:192.168.108.2 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 https://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: https://www.phcomp.co.uk/Contact.html #include
Re: Memory allocation failed during fsck of large EXT4 filesystem
On 7/5/21 1:54 PM, Michael Stone wrote: On Mon, Jul 05, 2021 at 12:53:39PM +0300, IL Ka wrote: 7TB seems like too much for one partition imho. Consider splitting it into the parts That's silly. It's 2021; 7TB isn't particularly large and there's no value in breaking things into multiple partitions for no reason. Maybe to have the ability to restore or reinstall the system without bothering /home?
Re: Debian stable - updates
Christian wrote on 6/25/21 6:19 AM: Is Debian stable safe to use - I mean in the sense that it gets security updates for the installed packages? Yes, it does get security updates. It also gets non-security updates for some of the most popular packages. For years I have run debian stable on my main desktop machine (the one I am using to type this e-mail). It has had fewer major issues than any other distribution I have tried. Doc Evans -- Web: http://enginehousebooks.com/drevans
Re: How do I permanently disable unattended downloads of software/security updates?
On 6/3/21 11:15 PM, Stella Ashburne wrote: Hi Thomas Thank you for your help and time. I really appreciate it. Sent: Friday, June 04, 2021 at 10:23 AM From: "Thomas D. Dean" To: debian-user@lists.debian.org Subject: Re: How do I permanently disable unattended downloads of software/security updates? I have the same problem. OK, but do you use Ubuntu or Debian or both? I saw this in: https://askubuntu.com/questions/1038923 sudo systemctl disable apt-daily.service sudo systemctl disable apt-daily.timer sudo systemctl disable apt-daily-upgrade.timer sudo systemctl disable apt-daily-upgrade.service A poster named l0f...@tuta.io replied to me via this mailing list yesterday and below is what he wrote (verbatim): "Cannot remember if you have Gnome installed but you should have a look at https://unix.stackexchange.com/a/594287, especially ALL the associated comments (click on "Show 7 more comments")." When I did a *fresh* minimal install of Debian about two years ago, I didn't install the whole Gnome DE. Instead, I installed the following packages: xorg gnome-core gnome-tweak-tool synaptic file-roller gedit A few days ago, after reading replies from some posters, I purged the package called unattended-upgrades. I don't know how and when it was installed in the first place. You see, about two years I chose the option Expert Install (without GUI) and during the installation process, I chose the option to not install updates automatically. After reading what was written in the page (https://unix.stackexchange.com/a/594287), I disabled the package called PackageKit today. Only time will tell if said step works. By the way, does Ubuntu use the full or stripped-down version of Gnome Desktop Environment? *fresh* = not upgraded from Debian Stretch I use Ubuntu. I removed the ubuntu desktop and installed vanilla gnome. Google: 'Converting Ubuntu 20.04 LTS to Vanilla Gnome3' After I disabled timers, I rebooted. apt-update && apt-upgrade. After that I had one popup that said I had upgrades pending. The apt timer was set to expire in 3 hours...