OT: Re: I am about to give up
On 11/10/24 13:49, gene heskett wrote: I have just spent the better part of the night trying to copy a 37k firmware.bin file to an sd card. file generated on a bananapi-m5 but getting no perms responses. How is this related to Debian, what is the point of a subject that is as obscure as possible. Assuming that you realy want help, please try to be mindful of the time and efforts PPLs are putting into answering on this list. Just to be clear, I'm as frustrated as you are. -- John Doe
Re: IP Masquerade failing
On 10/31/24 07:17, Timothy M Butterworth wrote: 3: virbr0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000 link/ether 52:54:00:78:fb:ce brd ff:ff:ff:ff:ff:ff 4: eth0: mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000 link/ether 00:00:00:00:11:f1 brd ff:ff:ff:ff:ff:ff Note " cat /proc/sys/net/ipv4/ip_forward 1 Why do you need to do it manually? I would think that the front-end that you use would do that. sudo firewall-cmd --zone=drop --query-masquerade yes ip addr 4: eth0: mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:00:00:00:11:f1 brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 scope global eth0 valid_lft forever preferred_lft forever [snip] > ping -4I eth0 www.google.com > PING www.google.com (64.233.180.105) from 192.168.1.1 eth0: 56(84) > > > bytes of > data. > --- www.google.com ping statistics --- > 16 packets transmitted, 0 received, 100% packet loss, time 15349ms > pipe 4 > As you can see here pinging google from eth0 fails. If masquerading was working then ping would be successful. Is your interface properly connected/configured? You are using a virtual bridge, which might implies that the masquerading by Libvirt I am able to ping www.google.com from my virtual machine which is also setup with ip masquerading. How so? Are you doing double masquerading? Can ip masquerading work on two different interfaces at the same time? Yes. HTH. -- John Doe
Re: How to can upgrade my BIOS?
Don't, if the one you have does everything you need it to do. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: state of /etc/profile
On 17/10/2024 02:58, Greg Wooledge wrote: On Wed, Oct 16, 2024 at 19:03:27 +0200, Hans wrote: But I wondered, why this file is not modified during my updates. As people told, /etc/profile is part of the package base-files and is copied from /usr/share/base-files/profile. It's not actually part of the base-files package. It's not part of *any* package. The /var/lib/dpkg/info/base-files.postinst script contains code that will modify /etc/profile if the first argument is "configure" and the second argument isn't the empty string. I don't know what would cause those particular arguments to be passed to that script. Just for reference, the excruciating details of how and when each maintainer script is called are here: https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-configuration "When we configure a package (this happens with dpkg --install and dpkg --configure), we first update any conffiles and then call: postinst configure most-recently-configured-version " So if $2 is non-empty it means an upgrade. A flow chart is here: https://www.debian.org/doc/debian-policy/ap-flowcharts.html -- John
Redis installation error(s) on Debian SID
Hello all, trying to install Redis on Debian SID, the install is failing with the following errors: apt install redis Installing: redis Installing dependencies: libjemalloc2 liblzf1 redis-server redis-tools Suggested packages: ruby-redis Summary: Upgrading: 0, Installing: 5, Removing: 0, Not Upgrading: 0 Download size: 0 B / 1232 kB Space needed: 7350 kB / 276 GB available Continue? [Y/n] Selecting previously unselected package libjemalloc2:arm64. (Reading database ... 305245 files and directories currently installed.) Preparing to unpack .../libjemalloc2_5.3.0-2+b1_arm64.deb ... Unpacking libjemalloc2:arm64 (5.3.0-2+b1) ... Selecting previously unselected package liblzf1:arm64. Preparing to unpack .../liblzf1_3.6-4+b1_arm64.deb ... Unpacking liblzf1:arm64 (3.6-4+b1) ... Selecting previously unselected package redis-tools. Preparing to unpack .../redis-tools_5%3a7.0.15-2_arm64.deb ... Unpacking redis-tools (5:7.0.15-2) ... Selecting previously unselected package redis-server. Preparing to unpack .../redis-server_5%3a7.0.15-2_arm64.deb ... Unpacking redis-server (5:7.0.15-2) ... Selecting previously unselected package redis. Preparing to unpack .../redis_5%3a7.0.15-2_all.deb ... Unpacking redis (5:7.0.15-2) ... Setting up libjemalloc2:arm64 (5.3.0-2+b1) ... Setting up liblzf1:arm64 (3.6-4+b1) ... Setting up redis-tools (5:7.0.15-2) ... Setting up redis-server (5:7.0.15-2) ... Created symlink '/etc/systemd/system/redis.service' → '/usr/lib/systemd/system/redis-server.service'. Created symlink '/etc/systemd/system/multi-user.target.wants/redis-server.service' → '/usr/lib/systemd/system/redis-server.service'. Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. Setting up redis (5:7.0.15-2) ... Processing triggers for man-db (2.13.0-1) ... Processing triggers for libc-bin (2.40-3) ... Has anyone experienced this situation before. If I remember correctly, another installlation of REDIS installed correctly on Bookworm. Any pointers/tips much appreciated Regards John Cassidy
OT: Re: Information mise à jour de vos données professionnelles
On 10/5/24 19:38, Roger Price wrote: On Sat, 5 Oct 2024, err...@free.fr wrote: On 10/4/24 2:05 PM, Espacebusiness - via Espacebusiness wrote: Bonjour, Depuis plus de 30 ans, Espacebusiness.com met en relation des entreprises Bonjour Est ce qu'un modérateur ou admi peut supprimer et BANNIR Espacebusiness de la liste Debian? leur message à caractère commercial et n'ayant aucun rapport avec Debian, Linux ou les logiciels libres en général. merci pour votre compréhension A translation of err404's message into English: Could a moderator or administrator remove and BAN Espacebusiness from the Debian list? Their commercial messages have no relation to Debian, Linux or free software. The correct way to do this is to report this as spam [1], not to polute the mailing list even more. I'm replying in English to this e-mail but not specificly to the sender. [1] https://wiki.debian.org/Teams/ListMaster/ListArchiveSpam -- John Doe
Re: Cleanup in a bash script
On 9/28/24 15:53, Tim Woodall wrote: Is there a way in bash to guarantee that a trap gets called for cleanup in a script? I have a script that works perfectly normally and cleans up after itself, even if it goes wrong. However on trying to debug something else, I wanted to run it like this: ./script |& tee log and now it doesn't clean up if I it. Is there a way in bash to guarantee (modulo uncatchable signals) that a cleanup routine gets called? You need to trap the CTRL C and execute that same clean up routine. As I don't use Bash you might want to look online for some insperation. -- John Doe
Re: How to generate a certificate for an HP printer?
On 9/22/24 21:02, Charles Curley wrote: On Sun, 22 Sep 2024 18:02:30 +0200 john doe wrote: Even if you upgrade the FW? I tried upgrading the firmware. I have the latest available, 20201215. I also have a HP. After entering credentials it allows me to access the advance capabilities of my printer. It allows me among other things to renew the selfsigned cert! To me, this is build-in! ;^) I did finally find it. Networking -> Certificates -> Configure That gives me several options. I then selected "Create a New Self-Signed Certificate". That updated the certificate. I now cannot print on that printer, even after cycling power. Do you realy need SSL/TLS for a printer, if your network is secured. If I print over the USB interface, I hear it spin its wheels, but nothing is printed. I tried deleting and re-installing it. No go. Or I could select "Create a Certificate Request" and hit Next. I filled in the details, hit Next. No complaints from the printer. I then used copy and paste to save off the cert request. This is a good thing, because when I hit "Save" I got several requests for Username and Password in a row. I gave up after the 5th such request. I'm rather frustrated and annoyed. A wild guess, would be that the default cert was signed by a trusted CA, which could explain why it was working out of the box! ;^) You could use Letsencrypt to sign your CSR, assuming that you can upload your signed cert to the printer. I can access my printer via telnet, which is, sometime less frustrating! ;^) Good luck I guess! -- John Doe
Re: How to generate a certificate for an HP printer?
On 9/22/24 17:05, Charles Curley wrote: On Sun, 22 Sep 2024 15:54:09 +0200 john doe wrote: On 9/21/24 23:25, Charles Curley wrote: I have an HP LaserJet MFP M234sdw printer. I am getting error messages from CUPS that say something like "cups-pki expired". The certificate on the printer expired recently. Is it a selfsigned cert? I think so. The embedded web server says, By default, a pre-installed self-signed printer certificate is created to identify this printer. You can change this certificate to more accurately identify the printer and to update the length of time the certificate is valid. How do I generate a signed certificate to use in the printer? There is no mechanism to do so in the printer's firmware. Even if you upgrade the FW? I tried upgrading the firmware. I have the latest available, 20201215. I also have a HP. After entering credentials it allows me to access the advance capabilities of my printer. It allows me among other things to renew the selfsigned cert! To me, this is build-in! ;^) -- John Doe
Re: How to generate a certificate for an HP printer?
On 9/21/24 23:25, Charles Curley wrote: I have an HP LaserJet MFP M234sdw printer. I am getting error messages from CUPS that say something like "cups-pki expired". The certificate on the printer expired recently. Is it a selfsigned cert? How do I generate a signed certificate to use in the printer? There is no mechanism to do so in the printer's firmware. Even if you upgrade the FW? -- John Doe
Brightness Control Hotkeys not working on Debian 12, Lenovo IdeaPad3
Dear Debian Users: I recently got a Lenovo IdeaPad3 with an Intel i5 1135G7 CPU with Iris XE graphics. I can adjust the screen brightness by manually sliding the controls in the quick settings at the top of the screen, but the hotkeys on the keyboard do not work to adjust the screen brightness. The hotkeys do work for adjusting audio, airplane mode, locking the screen and turning the touchpad on or off. Any easy way to get the brightness controls to work? Here's the output from: inxi -SGMz System: Kernel: 6.1.0-25-amd64 arch: x86_64 bits: 64 Desktop: GNOME v: 43.9 Distro: Debian GNU/Linux 12 (bookworm) Machine: Type: Laptop System: LENOVO product: 81X7 v: IdeaPad 3 14ITL05 serial: Mobo: LENOVO model: LNVNB161216 v: SDK0T76465 WIN serial: UEFI: LENOVO v: GCCN30WW date: 08/05/2022 Graphics: Device-1: Intel TigerLake-LP GT2 [Iris Xe Graphics] driver: i915 v: kernel Device-2: Luxvisions Innotech Integrated Camera type: USB driver: uvcvideo Display: wayland server: X.Org v: 1.22.1.9 with: Xwayland v: 22.1.9 compositor: gnome-shell driver: dri: iris gpu: i915 resolution: 1920x1080~60Hz API: OpenGL v: 4.6 Mesa 22.3.6 renderer: Mesa Intel Xe Graphics (TGL GT2) Thank you in advance and I wish you all a great day. Regards, John Anderson
MAC filter
The MAC filter needs a local filter for the two 16 X dual hex, (23 total,) digits. The MAC is router usually aligned internally by the router, and contains unique hex digits. Does any anyone recall how to query the digits to the display? Thanks, John -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: Usage: "debian ... amd64-netinst.iso"
On 8/31/24 05:48, John Conover wrote: What does a "debian ... amd64-netinst.iso" do with an .iso? You have enough data in the iso file to start a Debian installation, most of the PKGs will be fetched from the internet. Can it be coverted to a USB. How? cp . -- John Doe
Re: Direct Messaging
On 8/31/24 17:01, Ryan Nowakowski wrote: On Sat, Aug 31, 2024 at 03:18:10PM +0100, Darac Marjal wrote: On 31/08/2024 14:26, Tom Browder wrote: Anyone know of a way to send text messages to willing recipients from one’s own website and server without hiring DM provider? (disclosure: I'm the author of the django-sms Twilio backend) I guess, this is not what you asked! To the OP, Twilio with the lang of your choosing! ;^) -- John Doe
Usage: "debian ... amd64-netinst.iso"
What does a "debian ... amd64-netinst.iso" do with an .iso? Can it be coverted to a USB. How? Thanks, John -- John Conover, cono...@panix.com, http://www.johncon.com/
hunspell-gl does not match the description
I hand install my debian packages, and have an offline repository, because garbage like this tends to slip onto my machine. This package slipped in through firefox somehow, and framerate on recordings stalled out. It more than likely interferes with opengl. RIP Firefox...
Debian 11 isolinux AMD64 USB 32GB source
Is Debian 11 isolinux AMD64 USB 32GB source available? Help would appreciated, John -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: Chain Loading Preseed Files
On 8/20/24 21:04, Charles Curley wrote: I have a preseed file set up to do a lot of the installation process for me. However, I still have to customize it for each machine, e.g. host name. I then do the disk partition layout manually during the installation. What I would like to do is have a file with the standard parts of the setup, and then separate files for each machine. I can do the include, but it doesn't seem to work correctly. The Debian GNU/Linux Installation Guide says "It is possible to include other preconfiguration files from a preconfiguration file. Any settings in those files will override pre-existing settings from files loaded earlier. This makes it possible to put, for example, general networking settings for your location in one file and more specific settings for certain configurations in other files." B.5.3 If a.cfg calls b.cfg, it appears that b.cfg's settings override a.cfg's regardless of the order. If both files set the host name, I get b.cfg's host name regardless of whether a.cfg sets the host name before or after calling b.cfg. The below assumes that this is not a regression or a bug for the debian-boot mailing list. When I was playing with this, the only way I could get it to work was by specifying options that are common in `preseed.cfg` and add more specific options in included CFG files. For the sake of clarity `preseed.cfg` could have the name of `common.cfg` and `node01.cfg`, `node02.cfg` would have specific configs for node01 and node02 respectively. This makes it impossible to specify options twice with different values. To me the documentation is somewhat misleading and does not match what you already found out. -- John Doe
Can a standard USB have sub directives?
Can a standard USB have sub directives?
I was doing some stress testing, and some sub directives had very long
write latency's. (All less than 4GB.)
Thanks,
John
--
John Conover, cono...@panix.com, http://www.johncon.com/
Re: Internet facing Firewalls mDNS UPnP SMB
On 8/6/24 01:47, George at Clug wrote: On Monday, 05-08-2024 at 22:25 john doe wrote: On 8/5/24 12:50, George at Clug wrote: On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: On 2024-08-04, George at Clug wrote: YOu realy need to be intimate with nftables, you might want to consider a frontend to nftables. It is hard to give up on iptables, but you are correct, in both your points. Thank you. When I understand that I'm asking to much questions that are unrelated to the purpose of a mailing list, I take that as an opportunity to regroup and see what I can do about it. Mailing lists eticket suggests to keep the traffic to a minimum and to send privately things that are not of the interest of everyone. This also allows to have an archive that is as relevent as possible and on topick as possible! Firewalld, UFW and Foomuuri are all options you might want to play with. -- John Doe
Re: Internet facing Firewalls mDNS UPnP SMB
On 8/5/24 12:50, George at Clug wrote: On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: On 2024-08-04, George at Clug wrote: I think I finally have success (had to fix way too many typos). Please review, and please comment if it can be improved. Don't fix typo and instead rewrite your rules with nftables https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables It's so much easier and cleaner with nftables :) Thanks for the link, Michel, it had an interesting translation commands which I put to good use. There will be some new learning if I am going to be able to do as it suggests, "implement new nftables mechanisms such as sets, maps, verdict maps, concatenations and more". Down below is the output of the translation commands for my Iptables commands. Interesting but again, I will need to learn what this means, it does not look self explanatory. But hopefully, like everything computer related, it is usually not that complex, just you need to understand the new syntax and how to use it. YOu realy need to be intimate with nftables, you might want to consider a frontend to nftables. -- John Doe
Re: Internet facing Firewalls mDNS UPnP SMB
On 8/4/24 06:48, jeremy ardley wrote: On 4/08/2024 12:26 pm, George at Clug wrote: If I go to the local coffee shop and connect my laptop to their WiFi, which incoming and now outgoing ports should I have blocked to ensure that no nefarious people are able to communicate with my laptop The rules for public networks are very simple. - Allow all outgoing traffic On a laptop, inbound connections should be restricted unless you want services to be accessible on your laptop by way of FWing and and securing the services. Outbound connections is up to you. -- John Doe
Re: nsswitch what should come first
On 8/3/24 22:58, Lee wrote: On Sat, Aug 3, 2024 at 2:55 AM Jeffrey Walton wrote: On Fri, Aug 2, 2024 at 5:13 PM Lee wrote: On Thu, Aug 1, 2024 at 10:40 PM Jeffrey Walton wrote: I personally remove mDNS and Bonjour from my machines. mDNS is not the source of truth on my networks. Rather, DNS is the source of truth in my networks ... Do you have any network printers? That work without having mDNS enabled? Yes. I enable SLP, LPD and IPP only. I use CUPS Postscript drivers. And I believe I use PCL-5, and not PCL-6. I disable AirPrint, Bonjour, WS-Discovery, WS-Print, Telnet printing, TFTP printing and 9100-Printing. Oh my goodness!! I install Debian and printing Just Works. I know it's got something to do with mDNS because printing didn't work for me with mDNS disabled, but... that's a lot of enabling and disabling that you do. What does all that get you? More controle over what's going on on the network! ;^) This allows to have a restrict FW for example. That is also why UPNP is also disabled on my network. -- John Doe
Re: why reliable linux hasn't gained more market share?
Children are taught in elementary school that computer == Windows. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Debian LTS
I need to use Debian 11 for about an additional 6 months, (its a
very complicated system.)
Current Debian 11 LTS:
deb http://deb.debian.org/debian/ bullseye main contrib non-free
deb-src http://deb.debian.org/debian/ bullseye main contrib non-free
deb https://deb.debian.org/debian-security bullseye-security main contrib
deb-src https://deb.debian.org/debian-security bullseye-security main
contrib
Note that if you already follow security.debian.org (and you
should), this should mostly be a noop. In other words, Debian LTS
reuses the same mirror infrastructure as the regular release team,
it's just a responsibility handover.
My Debian 11 LTS is current configuration:
deb http://deb.debian.org/debian/ bullseye main contrib non-free
deb-src http://deb.debian.org/debian/ bullseye main
deb http://security.debian.org/debian-security bullseye-security main
deb-src http://security.debian.org/debian-security bullseye-security main
Any compatibility advice would greatly appreciated,
John
--
John Conover, cono...@panix.com, http://www.johncon.com/
Re: Testing CD preseed oops
On 7/28/24 21:55, Charles Curley wrote: I have the latest testing netinst (20240722-03:17), and would like to install it on a virtual machine. I have a preseed file on a USB stick. As this is a virtual machine, the virtual hard drive is at vda, and the USB stick shows up at sda. When I go to load the debconf file, the installer doesn't find it. I then go to a console and manually mount the USB stick on /media. I can then ls the stick, more the preseed file, etc. When I then go back to the installer, it still cannot find the preseed file, and the USB stick has been unmounted. This has worked in the past. I boot from the help screen with the command line: expert auto file=/media/preseed.cfg I notice that the error message indicates that the installer failed to process "file:///media/preseed.cfg" (note the three slashes). I guess, this would be more for the debian-boot mailing list, as apparently this is a regression. In my case, I use the Qemu's built-in tftp server. -- John Doe
Peoria High School
Peoria High School was used as reference for the high school Homer and Marge went to. I don’t remember if it was supposed to be Springfield High. I designed it back in ‘91 or ‘92 when I was working on the show. I grew up in Peoria and went to Peoria High School and felt that the front of the school had the perfect classic high school look. Cheers! John Rice
Reviving Usenet Was: How to find suitable mailing list or USENET group
Max writes: > Gnus (Emacs) should be a bit more than just text UI. Yes, of course Gnus: it's what I use. But there is no point in mentioning anything connected with Emacs when talking about enticing people away from Facebook et al even though it is actually quite easy to use these days. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to find suitable mailing list or USENET group
Sirius writes: > Usenet is rather quiet these days, something I hope will change once > people tire of web-forums that is more preoccupied with showing you > ads than they are solving your problem. Not as long as browsers fail to support it and the myth that it cannot handle anything but plain text persists. That's a Big Eight rule, not a limitation on the software. It is obsolete and should be dropped. It doesn't even apply to the alt hierarchy. NNTP is a peer-to-peer protocol: you also don't need centralized servers. In the old days it took a T1 and a VAX but now anyone with a laptop, a fixed IP (or IPV6) and Starlink or fiber could outperform IHNP4. I don't think a graphical Usenet client exists but it easily could. Even easier might be a browser plugin. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Cannot execute any container using podman run
On 7/2/24 16:38, Jörg Kastning wrote: Dear Debian users, I have installed Podman via `sudo apt install podman` on Debian 12 (Bookworm) and setup subuids and subgids for my user to use rootless podman. However my host seems to have some issue as I'm not able to run (instantiate) any container using the `podman run` command. Please see the following code block for information regarding my installation and the error I get when trying to run some container: ~~~ :~$ podman version Client: Podman Engine Version: 4.3.1 API Version: 4.3.1 Go Version: go1.19.8 Built: Thu Jan 1 01:00:00 1970 OS/Arch: linux/amd64 :~$ podman images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/library/hello-world latest d2c94e258dcb 14 months ago 28.5 kB :~$ podman run --rm hello-world conmon: option parsing failed: Unknown option --full-attach Error: write child: broken pipe ~~~ I don't know how to troubleshoot this issue and did not find any useful search result on the web. Your guidance and help in troubleshooting is much appreciated. In case you need more information to be able to help, please let me know what you need to know. Best regards, Joerg I would first try to purge the podman package with the autoremove option and reinstall the package. When installed, use sudo to gain root access. -- John Doe
Re: how2 format a flash drive
George at Clug writes: > While collecting information about individuals and selling their data > is common practice these days It's common practice because people won't pay for services but will tolerate advertising. > Of course, by the mere fact of visiting a web site (for example, that > has Google Analytics installed) I've never visited a site that cares that I block Google Analytics. The best way to protect your "personal information" is to not have accounts with any of the popular "social media" services, especially Google, Facebook, and Twitter (and never use Windows, of course). -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to get an email notification every time a package is updated upstream?
On 30/06/2024 12:19, Greg Wooledge wrote: On Sat, Jun 29, 2024 at 20:12:36 -0700, Will Mengarini wrote: All we still need to know is whether the OP cares about packages that aren't installed, or whether some other aspect of Greg's solution isn't sufficient. If there's interest in new versions of uninstalled packages, then we have an additional bit of complexity -- how do you know whether the candidate package is "new"? You would need an "old" version number to compare against. Possible answers include "the candidate version number that I got the last time I ran the script" or "a version number that I'll provide as a second argument to the script". We'd need to know what the OP has in mind here. rmadison will fetch data about package versions available in the Debian repositories. Its output might be usefully parsed by a script. -- John
Re: System time/timezone, was Re: Maximum size .bash_aliases file
On 28/06/2024 18:42, Keith Bainbridge wrote: On 28/6/24 16:13, John Crawley wrote: Except that midnight is also 0:00, so you still have the am/pm confusion. They should have kept 0:00 just for midnight really. That's the first time I've seen anything to justify calling midnight AM. Thankyou But how can mid-day be after mid-day? Ah: it has been set up as a convention. To be honest, I don't think I often hear mid-day referred to as "zero hour" (0:00) here in Japan. It seems to be more common for midnight, where it makes sense, being the same as in the 24hr clock. btw in Thailand they divide the day into four six-hour sections, so you can have "three in the night", "three in the morning", "three in the afternoon" or "three in the evening". -- John
Re: How to use /etc/adjtime
David writes: > With chrony, you can monitor the RTC over time and adjust the system > clock in accordance with its drift rate at boot time, without > correcting the RTC itself, or you can actually set the RTC from the > system clock periodically. That leads to the probelem that started this thread: system time being set incorrectly at boot and then stepped later. > The particular problem at shutdown is that there were/are systems, as > you described, that write the system time to the RTC without > necessarily regarding how you might be running the clock otherwise. > That alteration is unknowable for chrony when it restarts after > booting. Obviously you must make sure that only one process ever writes to the RTC. Actually you need never write to the RTC at all: just track its offset and drift rate. That would require hacking the boot process to make sure only your code ever reads it, though. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to use /etc/adjtime
David writes: > It's not clear to me which NTP (protocol) packages are set up to use > the util-linux stuff, assuming you're not rolling your own > startup/shutdown scripts. (That's the problem in the Subject line, in > a sense.) Chrony can. I don't know about Ntpsec. But that doesn't get the adjustment made early enough. > The critical part of the whole operation AIUI is not what happens at > startup, The tricky part, I think, is correcting the rtc before it is used to initialize the system time. Otherwise you'll still have to step or slew the system time. > but at shutdown: writing to the RTC, and the correct preservation of > its state. You write to the rtc and to /etc/adjtime periodically at a rate determined by the computed hot drift rate and also during a controlled shutdown. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to use /etc/adjtime
Stefan writes: > The question remains: how to make use of that info upon wakeup to > adjust the "initial" time before NTP takes over. hwclock -a can do this. If you use it be sure ntpsec isn't trying to do the same thing. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: System time/timezone, was Re: Maximum size .bash_aliases file
On 28/06/2024 14:00, Erwan DAVID wrote: Le 28 juin 2024 13:12:03 David Wright a écrit : On Wed 26 Jun 2024 at 12:50:32 (-0400), Greg Wooledge wrote: On Wed, Jun 26, 2024 at 11:25:38 -0500, John Hasler wrote: I wrote: 12 Noon and 12 Midnight works. David Wright wrote: Except that The Wanderer's "strictly correct" version, M for noon, is out there in some pre-2008 documents. If you use M for noon you should use either AM or PM for midnight. That was the case in 1984¹, when they used PM, which agrees with the expression "midnight on Saturday", and with the terminology of deadlines, both of which assume that midnight belongs to the end of the day. But it's still somewhat arbitrary. By the 2000 edition, they decided to eliminate M in favour of 12 AM, presumably because of 12 PM being already established for midnight. Then, in the 2008 edition, they swapped AM and PM around, without so much as a footnote. Or... you could STOP confusing yourself and everyone around you, and use the correct, standard notation. 12:00 AM = Midnight 12:00 PM = Noon Like it or not, this is what people agreed on, decades or centuries ago. If you use this, you will be understood. If you make up your own crazy crap, you will not be. And then you risk polluting your mind with your made-up crap to the point where you can no longer remember what the correct versions are. I don't think that adopting AM/PM at 12 o'clock is some centuries-old tradition, with such a recent volte-face. The best idea is just to avoid them both. As the Chicago Manual of Style online FAQ says: "Q. To me, 12:00 is either noon or midnight, never a.m. or p.m. I keep seeing copy that says “before 12 p.m.” and I can’t convince the copywriters that this is confusing. Can you cite any rule that would clarify this once and for all? "A. Yes. Please see CMOS 9.38: “Except in the twenty-four-hour system (see 9.39), numbers should never be used to express noon or midnight (except, informally, in an expression like twelve o'clock at night). Although noon can be expressed as 12:00 m. (m. = meridies), very few use that form. And the term 12:00 p.m. is ambiguous, if not illogical.” I was taught that at school in the 1950s. It seems it got forgotten. ¹ various editions of US Government Printing Office Style Manual. Cheers, David. Seen in Japan that noon is 0:00 pm Quite logical -- Erwan David Except that midnight is also 0:00, so you still have the am/pm confusion. They should have kept 0:00 just for midnight really. -- John
Re: System time/timezone, was Re: Maximum size .bash_aliases file
I wrote: > 12 Noon and 12 Midnight works. David Wright wrote: > Except that The Wanderer's "strictly correct" version, M for noon, > is out there in some pre-2008 documents. If you use M for noon you should use either AM or PM for midnight. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: System time/timezone, was Re: Maximum size .bash_aliases file
The Wanderer writes: > (Similar logic could be used for 11:59:59 PM, 12:00 M, and 12:00:01 AM, > where the standalone M would stand for "midnight". That does expose one > unfortunate weakness of this system: unless you introduce an additional > layer of complexity, e.g. using "00:00 M", the notations for noon and > midnight would be identical.) 12 Noon and 12 Midnight works. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: OT - list mail claimed to be "known" spam!
Felix Miata wrote: > Trying to get EL to stop putting subscribed email into "known spam" is > futile. The mechanism EL provides to avoid such diversions doesn't work > with debian mailing list posts. Quit using EL email. Use Pobox. Yes, it costs money. It's worth it. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: System time/timezone, was Re: Maximum size .bash_aliases file
Brad Rogers writes: > Due, mainly, to the literacy of the people that moved, rather than any > deliberate choice. That is, spelling was often a 'best guess'. https://en.wikipedia.org/wiki/Webster's_Dictionary#Noah_Webster's_American_Dictionary_of_the_English_Language -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: CD/DVD is obsolete or deprecate at 2025?
JHHL writes: > Some of us still prefer physical media Do you mean read-only media? All media are physical. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: overthewire.org: safe to use?
On 6/16/24 19:27, Tom Browder wrote: Anyone here have any cautionary advice about using the ssh to war games on their site? I'm not able to find what information, they are collecting, if you need to retreave files from their servers... My grandson just spent last week at a Cyber Security Camp offered by the U of West Florida, and they used it for many of their activities. On Debian it’s the “bandit” package that provides ssh access without any user prep except the installed package—and I’m not used to that at all. Not sure that [1] is the PKG you are refering to! According to [2], nothing needs to be installed. [1] https://packages.debian.org/buster/bandit. [2] https://overthewire.org/wargames/bandit/bandit0.html -- John Doe
Re: "Repeaters", etc.
David writes: > AIUI in the USA for residential 120/240V single-phase three-wire service > drops, electrical utilities either run all three phases along the > distribution line or they run two phases. Running one phase and a neutral > instead of two phases would reduce the power by the square root of 3 Here in rural Wisconsin the 7200V distribution line leaves the substation as three phases and a grounded neutral. This eventually branches out into three single phase lines consisting of a phase and a grounded neutral. The pole pigs are connected phase to neutral. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Cindex
https://www.opencindex.com/about-cindex/ -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: [SOLVED] Trouble/bug with initramfs-tools adding encrypted swap partition
On 26/04/2024 12:56, David Wright wrote: On Fri 26 Apr 2024 at 11:27:24 (+0900), John Crawley wrote: Innocent question: what difference does the comment make vs just ending the file with an empty line? Nothing for the computer, but visibility for me. Say you print the file on paper. All you see is white space after the end of the printed text. Is there an empty line? Or take, for instance, my example above, and think back to those VDUs, as we called them, where the firmware added a newline as soon as the cursor reached the right side of the screen, without waiting to see whether the next character was itself a newline or not.¹ So using an empty line approach, you might find yourself looking at a screen like: Last character position on the screen ---↓ swap LABEL= … … … … … … … … … … … … … … … … … … … … … =512 $ Now, is that an empty line before the prompt, or did the terminal add the extra newline itself because the swap line was exactly 80 characters long? Thanks! And nano is worse: to know you've reached the bottom, you have to check the cursor doesn't advance when you pound on the downarrow key. Yes, that's what I usually do. :) -- John
Re: [SOLVED] Trouble/bug with initramfs-tools adding encrypted swap partition
On 24/04/2024 22:37, David Wright wrote: On Wed 24 Apr 2024 at 14:50:36 (+0200), Richard wrote: upon gathering my thoughts for answering to you I found the solution to this: update-initramfs can't handle the case that crypttab ends in the line of the last entry and not in a new line character. I think there either should be a fix for this or at least a way to handle this case with a much clearer error message. So I'll probably open a bug report for the package and the maintainer can decide if that should be forwarded upstream. Such a rather trivial case shouldn't be resulting in such fatal errors. Some time at the end of the last century, I remember some startup script that cat'd its configuration file for that very reason. It taught me the habit of always finishing files with a blank comment line: $ cat /etc/crypttab # swapLABEL=cryptswap /dev/urandom swap,offset=2048,cipher=aes-xts-plain64,size=512 # $ Innocent question: what difference does the comment make vs just ending the file with an empty line? -- John
Re: youtube-dl blocked?
Package: yt-dlp Version: 2024.04.09-1 Installed-Size: 10294 Maintainer: Unit 193 Architecture: all Depends: python3-brotli, python3-certifi, python3-mutagen, python3-pycryptodome, python3-requests, python3-urllib3, python3-websockets, python3:any, python3-pkg-resources Recommends: aria2 | wget | curl, ca-certificates, ffmpeg Suggests: libfribidi-bin | bidiv, phantomjs Description-en: downloader of videos from YouTube and other sites yt-dlp is a youtube-dl fork based on the now inactive youtube-dlc. The main focus of this project is adding new features and patches while also keeping up to date with the original project. . yt-dlp is a small command-line program to download videos from YouTube.com and other sites that don't provide direct links to the videos served. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Current best practices for system configuration management?
On 21/04/2024 08:40, Mike Castle wrote: One thing Linux-Fan mentioned was `config-package-dev`. In my OP, I commented about ``slightly old to really old tools'', and that was one I was thinking of. It looks like it hasn't been touched in seven years, and I wasn't sure if it still worked. But that drive by comments lends some hope. Using it would help address Alex's concern about modifying existing config files. That debhelper extension is designed precisely for that situation. But, its age is pretty much what inspired me to start this thread. I've been using config-package-dev for some years now - to add some customized configs to existing installed packages - and it still seems to be working perfectly. It's just a wrapper on top of dpkg diverts so there's not all that much to go wrong. -- John
Re: Debian 12.5 up-to-date Xfce, Firefox clings to USB stick
On 16/04/2024 03:52, Curt wrote: On 2024-04-15, David Wright wrote: On Sun 14 Apr 2024 at 14:24:29 (-), Curt wrote: On 2024-04-04, Max Nikulin wrote: If you do not trust Gmail as a web application, use a mail application that supports IMAP. Gmail supports IMAP since more or less forever. AIUI the OP's problem was not when reading mail, but with mail submission of attachments. And in what way does that affect a true statement and a phraseology that clearly implies an nonexistent incompatibility? Loosen the interpretation of Max Nikulin's statement slightly: "If you do not trust Gmail as a web application, use any mail application that supports IMAP" and it makes sense. -- John
Re: What use can i give to linux?
Desktop Linux is widely used in physics and mathematics. NASA uses Linux extensively, including on Mars and on the ISS. SpaceX uses Linux on their rockets and spacecraft. Over 90% of the top 1 million Web servers run Linux, including Yahoo, X, and Ebay. Almost all supercomputers use Linux. Linux has a large and growing share of the automotive market. Your router almost certainly runs Linux. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: making Debian secure by default
Joe writes: > Which didn't happen, at least not for two years. It happened eventually, which is my point. > I would suggest that for any software as critical as OpenSSL, more > than one pair of eyes would have been appropriate *before* release. I would suggest that critical projects such as OpenSSL need to practice a form of "dependecy management" analogous to "supply chain management": track dependency chains and periodically re-qualify each level. A full audit might not be possible but at least look closely enough to notice when a library is being supported by one overworked guy who is taking patches from random strangers. NOTE: this is just a suggestion. I don't claim to be any sort of security expert nor am I trying to tell anyone what to do. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: making Debian secure by default
Joe writes: > I think this was amply demonstrated by Heartbleed, where the offending > code was examined by *one* other pair of eyes, before approval was > granted for inclusion in OpenSSL. The "many eyes" phase comes after release. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Root password strength
tomas writes: > Actually, I use between pwgen -n 8 (user pw) and pwgen -n 16 (LUKS > encryption). -n is the default for pwgen. Note that this slightly reduces the size of the search space. Unfortunately many sites require it. > I memorize the most important of them. I memorize the ones I use most often through use. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Root password strength
Pierre-Elliott Bécue writes: > My home sees plenty different people coming in. Some I trust, some I > trust less. Also videocalls is a nice way to get a paper password > recorded (and yes it happens). I keep my passwords in a small book the size of a passport and I secure it the same way I secure my wallet. No visitor is going to get access to it and no video call would get a look at it (if I did those). Bruce Schneier recommends this approach. Most people are going to use crackable passwords if you insist that they memorize them. You can't stop that by yelling at them. I use a password manager for non-critical passwords, but I also write them down in my password book. I don't want to lose them in a disk crash and I won't store anthing important in the "cloud". The never write down a password rule originated back when you only had one 6 or 8 character password which you used to log on to the VAX via the VT100 in your cubicle. People would stick a slip of paper with their password on it under the keyboard where the janitor could get at it. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Root password strength
Pierre-Elliott Bécue writes: > Writing down a password is a bad idea. Why? -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Root password strength
Use one of the password generating programs such as pwgen to produce a 12 character random password. Write it down. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Root password strength
Pierre-Elliott Bécue writes: > A phrase you will easily remember but that would be hardcore to guess > through social engineering is perfect. Better is a random string that you write down. When people try to generate phrases that meet those requirements they usually fail. -- John Hasler j...@sugarbit.com Elmwood, WI USA
emacs 27.1 from Buster work on Bookworm?
Can emacs 27.1 from Debian 11 Buster be installed on Debian 12 Bookworm? Thanks, John -- John Conover, cono...@panix.com, http://www.johncon.com/
logcheck(1) in bookworm 12.5 /etc/logcheck/logcheck.logfiles.d/syslog.logfiles
Email from logcheck(1) contains: E: File could not be read: /var/log/syslog E: File could not be read: /var/log/auth.log which do not exist in bookworm 12.5. The offending file: /etc/logcheck/logcheck.logfiles.d/syslog.logfiles contains both filenames. Thanks, John -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: Committing git working tree with other git repos
On 3/13/24 16:04, Paul M Foster wrote: Folks: I have a /home/paulf/stow directory with contains subdirectories for each of the packages whose dotfiles I want to manage, like: /home/paulf/stow/alacritty In each subdirectory, I have all the config files for that packages, under git management. This means that the directory will look like this: /home/paulf/stow/alacritty/.git /home/paulf/stow/alacritty/.config/alacritty/alacritty.yml This works well with stow (configs are now symlinks in $HOME). I'd like to copy all of this to a git repo on gitlab. You would think you could go to the ~/stow directory, "git init", then "git add" each directory, and all is good. However, git looks inside the directories and sees there are already .git directories there, and refuses to add the directories and their contents to its repo. Instead, it wants you to use "submodules", to wit: git submodule add ./alacritty This adds an *empty* alacritty subdirectory to the git repo, which isn't useful. I need a way to bring all these subdirectories and their contents under a git repo so I can send it to gitlab. Any suggestions? Sometime, learning something new is better than trying to get your own way! ;^) I can only suggest you to dig into Git submodules. -- John Doe
Difference between bookworm installation files?
What is the difference between: debian-live-12.5.0-amd64-xfce.iso And: debian-12.5.0-amd64-DVD-1.iso Thanks, John -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: Spam from the list?
On 07/03/2024 21:04, Andy Smith wrote: Hi, On Thu, Mar 07, 2024 at 09:44:51AM +0100, Hans wrote: --- sninp --- Authentication-Results: mail35c50.megamailservers.eu; spf=none smtp.mailfrom=lists.debian.org Authentication-Results: mail35c50.megamailservers.eu; dkim=fail reason="signature verification failed" (2048-bit key) header.d=debian.org header.i=@debian.org header.b="pDp/TPD5" Return-Path: Received: from bendel.debian.org (bendel.debian.org [82.195.75.100]) by mail35c50.megamailservers.eu (8.14.9/8.13.1) with ESMTP id 425I9ZEK112497 for ; Tue, 5 Mar 2024 18:09:37 + --- snap --- White mails get the dkim=pass and spam mails got dkim=fail (as you see above). A great many legitimate emails will fail DKIM so it is not a great idea to reject every email that does so. I don't think that you are going to have a good time using Internet mailing lists while your mail provider rejects mails with invalid DKIM, so if I were you I'd work on fixing that rather than trying to get everyone involved to correctly use DKIM. In this specific example your problem is that a mail came through the Debian bug tracking system (which pretends to be the original sender) and on the way out was DKIm signed by debian.org and then went through Debian's list servers. Somewhere in there the DKIM signature was broken. I don't rate your chances of getting the operators of bugs.debian.org and lists.debian.org to agree to preserve DKIM since I know at least some of them are severely opposed to DKIM. Your mailbox provider really should not be rejecting everything that has a broken DKIm signature. This email from me will probably have a broken DKIM signature. Thanks, Andy Andy's mail's DKIM looks OK here: Authentication-Results: mx.zohomail.com; dkim=pass; spf=none (zohomail.com: 82.195.75.100 is neither permitted nor denied by domain of lists.debian.org) smtp.mailfrom=bounce-debian-user=john=bunsenlabs@lists.debian.org; dmarc=pass(p=none dis=none) header.from=strugglers.net ARC-Seal: i=1; a=rsa-sha256; t=1709813111; cv=none; d=zohomail.com; s=zohoarc; b=E/0YtYVq6D01XC5ug3vazK169M6jDxoXOO6K7rs6qdKhNHP1XDV7QSLAvwJetsjzooDe39MNSl/160MWgl3URqQ1YhPYZ9aBFQ3DsmN74mTKPiQYOxqx0XzNy1Nemo4oRetVQDrwEGeegQWUBbrxtbD18x8R7Dd9Ps19NxKRMP8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1709813111; h=Content-Type:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Resent-Sender:Resent-Date:References:Resent-Message-ID:Resent-From:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=ohelUf+wTnNtAeaNpYE6UONuc2euPhvqBvxLaU7Fz7c=; b=MUW94hTSknXpUch7F94usVvulKMrwldlWtoyP582oO6+EMhKaeisaBraF7KE46pdbHyE+AAzf/dn0xPDxNnN+M+RXSbXsQvu7qEIe/+q6fCdppDhql+IMx+U9H+Q61olqpD+JMh9IxFgAUSKme0bLD8NhFKOskvLdtzqq3XeIpg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=none (zohomail.com: 82.195.75.100 is neither permitted nor denied by domain of lists.debian.org) smtp.mailfrom=bounce-debian-user=john=bunsenlabs@lists.debian.org; dmarc=pass header.from= (p=none dis=none) --snip-- DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strugglers.net; s=alpha; h=In-Reply-To:Content-Type:MIME-Version:References :Message-ID:Subject:To:From:Date:Content-Transfer-Encoding:Sender:Reply-To:Cc :Content-ID:Content-Description:Resent-To; bh=ohelUf+wTnNtAeaNpYE6UONuc2euPhvqBvxLaU7Fz7c=; b=c5YTQp9JWbbPNuLxDYO19XXqgy KmEiV4tSD2LlNXy4C9/5PPfZ5JGT6U70UQpwIXgC1alHcUyD+LY6JDPEbO33KuWsWr4gvrJCwrq0u HMUc+sKwQgknFeLxa5Jk3a3VFLURsYYec+6Lc9C4WsQB9I+xuv8CmO22xpRRNqB3SWdR7gtHy+Ab8 1UGvqoeEsCAtc5y2dt3uiX6Uy5qYDRbgbSVBhfq4TwjxmyTqmnkT1oG62tW2LavipJDvfR/40weCR B/S7To5h6Lgc/1oLArFNtrtPlfyyRg38maGSj5Jgt9X5Vwdfg187lIla/I4OBjib2pDV5d38QzL7v 4Vz0PYFg==; -- John
Re: strange time problem with bullseye
Look at the chronyd settime command and the chrony.conf makestep directive. These are intended for your situation. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: bash parameter expansion "doesn't like" dots?
On 05/03/2024 11:36, Max Nikulin wrote: On 05/03/2024 09:02, Greg Wooledge wrote: On Tue, Mar 05, 2024 at 10:49:34AM +0900, John Crawley wrote: I think ^ has been deprecated recently. I failed to find a reference on the web just now though. So, ^ isn't "deprecated". It's just not portable to sh. Running shellcheck on a *sh* script with a [^s] glob gives https://www.shellcheck.net/wiki/SC3026 "In POSIX sh, ^ in place of ! in glob bracket expressions is undefined." with some links. There is no warning in the case of a #!/bin/bash script. Thanks! Shellcheck also says: "Dash used to support [^c] when compiled with fnmatch and glob from glibc, but it was considered as a bug and fixed in version 0.5.12." That's the version of dash which arrived in Debian Bookworm. -- John
Re: bash parameter expansion "doesn't like" dots?
On 05/03/2024 11:02, Greg Wooledge wrote: On Tue, Mar 05, 2024 at 10:49:34AM +0900, John Crawley wrote: On 05/03/2024 05:27, David Wright wrote: Which shell also matters. The OP appears to be using ^ to negate, but ! has the advantage that it will be understood in bash and dash. I think ^ has been deprecated recently. I failed to find a reference on the web just now though. POSIX specifies that ! is the negation character in glob ranges, largely because ^ used to be a synonym for | in the old Bourne shell (for the benefit of keyboards that didn't have a convenient | character). The use of ^ as a glob negation is a bash extension. It's nice for people who may not even realize that they're supposed to be using ! because they learned regular expressions first. So, ^ isn't "deprecated". It's just not portable to sh. ^ worked as a negator in dash character classes up to Bullseye though, so something has changed recently. That's what my web searching failed to find... -- John
Re: bash parameter expansion "doesn't like" dots?
On 05/03/2024 05:27, David Wright wrote:
Pattern matching in the shell is not the same as in grep: the
rules are different, but similar enough to confuse.
Grep uses regular expressions, while the shell is usually globs. (I have no
experience of shells other than dash and bash though.)
Bash can compare with regexes using the =~ operator [[ $A =~ $B ]] ...
Which shell also matters. The OP appears to be using ^ to negate,
but ! has the advantage that it will be understood in bash and dash.
I think ^ has been deprecated recently. I failed to find a reference on the web
just now though.
Testing with dash on Bullseye:
$ v=string
$ echo ${v#*[!s]}
ring
$ echo ${v#*[^s]}
ring
But on Bookworm:
$ v=string
$ echo ${v#*[!s]}
ring
$ echo ${v#*[^s]}
tring
Now the ^ is being treated as just a list member.
With Bash the ^ still seems to be treated as a negator on Bookworm.
So yes, we should be switching to !
--
John
Re: bash parameter expansion "doesn't like" dots?
On 04/03/2024 10:07, David Wright wrote:
On Sun 03 Mar 2024 at 17:58:53 (-0600), Albretch Mueller wrote:
bash doesn't seem to like dots too close to brackets:
echo "${_VAR//[^0-9a-zA-Z.,_-]/}"
works fine.
On 3/3/24, Albretch Mueller wrote:
_VAR="admissions.piedmont.edu_files?trackid=wnm:1980&PDFfiller=what-is-the-second-fundamental-theorem-of-calculus(1).pdf"
echo "${_VAR//[^a-zA-Z0-9_-]/}"
echo "${_VAR//[^a-zA-Z0-9_-.]/}"
↑↑↑
That's a range, except that it isn't because it's written backwards.
Check for yourself by testing with 9-0 instead of 0-9.
Cheers,
David.
So the problem isn't about dots, but the handling of the - which has to go last
if it isn't to be treated as a range marker.
https://www.gnu.org/software/grep/manual/html_node/Character-Classes-and-Bracket-Expressions.html
says:
‘-’
represents the range if it’s not first or last in a list or the ending
point of a range. To make the ‘-’ a list item, it is best to put it last.
--
John
Re: debian-devel wishlist "bugs"
https://wiki.debian.org/RFP -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: medically smart watches
Gene writes: > I have only one enabled radio, in a 3d printer, lists all the > neighbors wifi routers it scans for and I assume the neighbors can > hear it, but this things login id does not appear in its scan. Maybe > its duff, IDK. Bluetooth is not WiFi. Different protocols. https://en.wikipedia.org/wiki/Bluetooth -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: medically smart watches
https://en.wikipedia.org/wiki/Noninvasive_glucose_monitor -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: grub-pc error when upgrading from buster to bullseye
On 2024-02-12 15:14, Greg Wooledge wrote: According to <https://unix.stackexchange.com/questions/745904/how-does-the-grub-pc-postinstall-script-know-which-device-to-install-to> it uses debconf's database. That page includes instructions for viewing the device and changing it. I had just started looking into the grub-pc package before I saw this. I'll be able to test this out sometime tomorrow. I can't verify this on my machine, because mine uses UEFI. Will advise. Thank you Greg! -- Regards, John Boxall
Re: Does "LC_ALL=C" work on all shells?
Franco Martelli writes: > > If I want English output of an application I set the environment > variable LC_ALL to "C" inline of the command e.g.: > . . . > > So the question is: does anybody know if this syntax works on all shells > other than bash? csh, korn, dash, zsh ⦠> Hi Franco. egrep ALL .bashrc LC_ALL=C set | egrep ALL LC_ALL=C dash set | egrep ALL So, apparently not, (I don't have it set in /etc/profile, which is read when dash is invoked; initializing in ~/.profile would work, too. Probably the same in csh, korn, zsh ...) John -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: grub-pc error when upgrading from buster to bullseye
On 2024-02-12 09:34, Thomas Schmitt wrote: The disk/by-id file names are made up from hardware properties. I believe to see in the name at least: Manufacturer, Model, Serial Number. So you will have to find the configuration file which knows that /dev/disk/by-id address and change it either to the new hardware id or to a /dev/disk/by-uuid address, which refers to the cloned disk content. Have a nice day :) Thomas Thank you Thomas. That is what I am trying to find as I have searched for both the SSD drive model number and the WWN on the cloned HDD but can't find anything. I am aware that the label and uuid (drive and partition) are replicated on the cloned drive, but I can't find the model number (in text format) stored anywhere on the drive. I will keep looking. -- Regards, John Boxall
grub-pc error when upgrading from buster to bullseye
I am attempting to upgrade my laptop (Thinkpad X230) from buster to bullseye and have run into the error below. In order to ensure that all goes well and not to lose all of the tweaks I have added over time, I am performing the upgrade first on a cloned HDD (via "dd") of the working SDD. apt-get -y upgrade --without-new-pkgs Setting up grub-pc (2.06-3~deb11u6) ... /dev/disk/by-id/ata-WDC_WDS100T2B0A-00SM50_21185R801540 does not exist, so cannot grub-install to it! You must correct your GRUB install devices before proceeding: DEBIAN_FRONTEND=dialog dpkg --configure grub-pc dpkg --configure -a dpkg: error processing package grub-pc (--configure): installed grub-pc package post-installation script subprocess returned error exit status 1 All of the latest updates for buster have been applied before starting the process (below). apt-get update;apt-get -y upgrade;apt-get -y dist-upgrade; #shutdown, boot Debian live #clone working SSD drive to an HDD #boot cloned drive #login and open terminal session #su to root update-initramfs -u -k all grub-install --recheck /dev/sda apt-get update;apt-get -y upgrade;apt-get -y dist-upgrade; #modify /etc/apt/source.list to point to bullseye #modify all /etc/apt/source.list.d/* files to point to bullseye apt-get update;apt-get -y upgrade --without-new-pkgs; Running the recommended dpkg commands brings up the dialog to install grub and does complete successfully so that I can then run "apt-get -y dist-upgrade", which also runs successfully. What is confusing to me is that the error indicates the source SDD even though I have updated the boot images and installed grub on the cloned HDD. Is there some other configuration file that needs to be updated/removed so that the grub-pc install works without intervention? Source system info: user:~$ uname -a Linux laptop 4.19.0-26-amd64 #1 SMP Debian 4.19.304-1 (2024-01-09) x86_64 GNU/Linux user:~$ cat /etc/debian_version 10.13 user:~$ lscpu Architecture:x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian Address sizes: 36 bits physical, 48 bits virtual CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 2 Core(s) per socket: 2 Socket(s): 1 NUMA node(s):1 Vendor ID: GenuineIntel CPU family: 6 Model: 58 Model name: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz Stepping:9 CPU MHz: 1202.696 CPU max MHz: 3600. CPU min MHz: 1200. BogoMIPS:5786.44 Virtualization: VT-x L1d cache: 32K L1i cache: 32K L2 cache:256K L3 cache:4096K NUMA node0 CPU(s): 0-3 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm cpuid_fault epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts md_clear flush_l1d -- Regards, John Boxall
Re: How can we change the keyboard layout?
Greg writes: > To "change the keyboard layout" could mean either to select a > different layout, or to modify an existing layout. In fact, I think > *most* people would assume the former. I think the possibility of *altering* the keyboard layout would not even occur to most users. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Copy from Firefox and paste into Terminal with Vim
My .vimrc contains syntax on set mouse-=a And pasting works. VIM - Vi IMproved 9.0 (2022 Jun 28, compiled Nov 20 2023 16:05:25) Included patches: 1-2116 -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: chrony date months off
Max Nikulin wrote: > I think, the problem is no RTC on some *pi board, certainly chrony out of > box setup is not ready to such environment and its solution is not > maxstep. That's what makestep (initstepslew now being deprecated) is for. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: chrony date months off
Gene writes: > How do I setup /etc/chrony/chrony.conf so it slams the system clock to > the current time on the first cycle as its rebooting? initstepslew man chrony.conf -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: in an object oriented world
Songbird writes: > because it only comes from GOD. no other process can send this > signal. I meant why should GOD believe the reply? > objects are only created by authorized calls to other > objects so there is no pathway to infect if done correctly. > if you do not allow random objects to be created that > are not verified and vetted then there are no viruses. Then there is no need for your verification process. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: in an object oriented world
Songbird writes: > every thing running on a computer should be able to say: > "I am [x version ...], these are my parents [y, z, 1, ...], i was > compiled by program [...] from source code [...], here are my > credentials [blah, blah]" > when sent a signal from GOD. Why should she believe it? > any process which does not respond should be thus cast into the outer > darkness of the bits and never to return (aka a virus or unauthorized > program). Malware can lie. A virus can infect an authorized program and use its credentials. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: I've an editable .pdf form I need to fill out
Klaus writes: > Did you notice, that I was talking about the reduced, crippled OpenSource > browser: chromium I wrote: > In what way is it crippled? Gene writes: > Port 80 has been hijacked. You cannot send it to monitor your own web > page at http://localhost:80, but the result is a 403 because google > doesn't know WTH to do with localhost... I just tried that. No hijacking: works fine. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: I've an editable .pdf form I need to fill out
Greg Wooledge writes: > Chrome does not "hijack port 80". You can go to http://localhost:80/ > to talk to a local web server *just fine* in Chrome. And in Chromium. And in Firefox or Lynx when Chromium is running. Nothing's being hijacked. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: I've an editable .pdf form I need to fill out
Klaus writes: > Did you notice, that I was talking about the reduced, crippled OpenSource > browser: chromium In what way is it crippled? -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: counting commas
Roy J. Tellason writes: > Where does that leave those of us that wrote c for CP/M? I wrote: > Or for MTS? Gene writes: > That, i've not heard of John, please expand. Michigan Terminal System. A multi-user OS running on the Amdahl 470V/6 at the University of Michigan. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: counting commas
Roy J. Tellason writes: > Where does that leave those of us that wrote c for CP/M? Or for MTS? -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: counting commas
debian-u...@howorth.org.uk writes: > There shouldn't be a comma in that sentence, in English. There is in > the closely related expression "I won, you lost." The program has to be able to deal with bad writing. > At the risk of being seen as old-fashioned, but as a user of both > languages, I think Perl is a much better choice than C for string > processing. Use SPITBOL. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: counting commas
On 19/01/2024 16:10, fxkl4...@protonmail.com wrote: why doesn't grep count 2 commas echo 'Kích thước máy xay cỏ, giá máy thế nào , phụ tùng máy mua ở đâu' | grep -c , 1 echo 'Kích thước máy xay cỏ, giá máy thế nào , phụ tùng máy mua ở đâu' | cut -d, -f1 Kích thước máy xay cỏ echo 'Kích thước máy xay cỏ, giá máy thế nào , phụ tùng máy mua ở đâu' | cut -d, -f2 giá máy thế nào echo 'Kích thước máy xay cỏ, giá máy thế nào , phụ tùng máy mua ở đâu' | cut -d, -f3 phụ tùng máy mua ở đâu Grep's -c option counts the *lines* which match. You only inputted one line, and grep said one line was found which matched *,* -- John
Re: normally start new xterms
Thanks Thomas. Have a good one ... John Thomas Schmitt writes: > Hi, > > i wrote: > > > *FvwmButtons xterm_ts5 linuxterm.xpm Exec xterm -ls -geometry 80x24 -bg > > > wheat -fg black -sl 1 +sb > > John Conover wrote: > > > >Action 'Exec exec xterm ...' > > The framework of this line probably stems from a SuSE Linux of 1999. > It still works with the fvwm of Debian 11. > > I now read man 1 FvwmButtons. All applicable descriptions and examples > demand the keyword "Action". > > The "exec" before "xterm" is used in some examples of the man page and > mentioned already in my S.R.Bourne of 1983 (without "xterm", of course). > As reasoning i found > > https://www.fvwm.org/Wiki/Tips/FvwmStartup/#33-use-exec-exec-to-prevent-unnecessary-dead-shell-processes > I have 63 such processes lingering around. But there are 131 xterms. > Many of them have process 1 as parent. Probably they stem from a script > which i use to populate the 8 "desktops" by a handful of xterms when the > system comes up. > > > Have a nice day :) > > Thomas -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: normally start new xterms
Thomas Schmitt writes: > Hi, > > i wrote: > > >xterm -ls -geometry 80x24 -bg wheat -fg black -sl 1 +sb & > > Max Nikulin wrote: > > Options may be put into ~/.Xresources > > xterm*vt100.saveLines: 1 > > xterm*VT100.background: wheat > > xterm*VT100.foreground: black > > I have it in ~/.fvwm2rc as: > > *FvwmButtons xterm_ts5 linuxterm.xpm Exec xterm -ls -geometry 80x24 -bg wheat > -fg black -sl 1 +sb Action 'Exec exec xterm ...' Maybe John > > This causes a button in the button box which creates a new xterm when > clicked. > -- John Conover, cono...@panix.com, http://www.johncon.com/
Re: No Release file for Security Update
Tixy writes: > Where could your machine be getting this IP address from? It's the > same IP address shown in your output when you used the incorrect > address 'ftp.security.debian.org' and for me that doesn't resolve to > any IP address. >From here both security.debian.org and ftp.security.debian.org resolve to 57.128.81.193. Happens both with Unbound and with 8.8.8.8. toncho/~ 22 dig ftp.security-debian.org ; <<>> DiG 9.19.19-1-Debian <<>> ftp.security-debian.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2686 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;ftp.security-debian.org. IN A ;; ANSWER SECTION: ftp.security-debian.org. 3296 IN CNAME security-debian.org. security-debian.org.3089IN A 57.128.81.193 ;; Query time: 0 msec ;; SERVER: 192.168.1.2#53(192.168.1.2) (UDP) ;; WHEN: Thu Jan 18 12:03:08 CST 2024 ;; MSG SIZE rcvd: 101 toncho/~ 22 dig @8.8.8.8 ftp.security-debian.org ; <<>> DiG 9.19.19-1-Debian <<>> @8.8.8.8 ftp.security-debian.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42376 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ftp.security-debian.org. IN A ;; ANSWER SECTION: ftp.security-debian.org. 3600 IN CNAME security-debian.org. security-debian.org.3600IN A 57.128.81.193 ;; Query time: 308 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP) ;; WHEN: Thu Jan 18 12:03:42 CST 2024 ;; MSG SIZE rcvd: 82 toncho/~ 22 dig @8.8.8.8 security-debian.org ; <<>> DiG 9.19.19-1-Debian <<>> @8.8.8.8 security-debian.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13855 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;security-debian.org. IN A ;; ANSWER SECTION: security-debian.org.3600IN A 57.128.81.193 ;; Query time: 284 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP) ;; WHEN: Thu Jan 18 12:05:00 CST 2024 ;; MSG SIZE rcvd: 64 -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: No Release file for Security Update
Host gives me the same result. However, apt says: 0% [Connecting to security-debian.org (57.128.81.193)] and times out. Using "nameserver 8.8.8.8" changes nothing. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: No Release file for Security Update
Thomas George wrote: > I typed the above line exactly. apt-get update searches for > security.debian.org:80 [57.128.81.193] and times out, no connection Gene writes: > And that is not the address I get from here It's the one I get from here, and it times out. My DNS is working. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to prevent rtkit from giving firefox higher priority?
I wrote: > You may be able to prevent Firefox from getting increased priority by > using polkit. hw writes: > How would I do that? All the freedektop stuff always has been a big > mystery, and polkit is part of it, or isn't it? I don't know, but it at least has a man page and I think that this is the sort of stuff it is supposed to be for. Worth investigating. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: How to prevent rtkit from giving firefox higher priority?
You may be able to prevent Firefox from getting increased priority by using polkit. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Seeking a Terminal Emulator on Debian for "Passthrough" Printing
Thierry writes: > Currently, PuTTY is an option but its current version has limitations > that make it insufficient for our operational use. Commission the PuTTY authors to add the missing features or pay someone else to do it if they aren't interested. https://www.chiark.greenend.org.uk/~sgtatham/putty/ -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Temporary failure in name resolution
Curt writes: > Yet the reserved gTLDs from the 2018 ICANN resolution are .home, .corp, > and .mail. Does home.arpa comply with that resolution? Yes. Turns out that there were existing uses of '.home'. Also, putting it under 'arpa.' puts it under IETF control. https://datatracker.ietf.org/doc/html/rfc8375 -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Donate money
David writes: > This forces _everybody_ to comply with American law: unilateral world > order by any other name. It is not a uniquely USA law. It's part of an international scheme in which most governments participate. > A directly attributed, undisguised donation to an Assange fund, or any > other (because this applied to more than one isolated case) does not > qualify as `money-laundering'. I didn't say that it did. I said that preventing "money laundering" is what the scheme *purports* to do. > Yes, we definitely need something better than Paypal. I don't like PayPal either but you won't find any way to do international transactions without dealing with obnoxious regulations. -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Donate money
David writes: > The way they would withhold payments as not going to approved entities > by the powers that be has forced me into believing they are more of an > information gathering utility disguised as a financial one. If you > undertake to act as a medium in a financial transaction, that's what > you do. They have to comply with the (vaguely worded) law if they want to stay in business. I doubt that they like it any more than we do. > You don't put through some transactions and not others, simply because > they are heading to an Assange fund or some other entity not currently > approved of by American foreign policy preference. The "know your customer" regulations are by no means a US-only phenomena. It's supposed to prevent "money laundering". -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: systemd-timesyncd
Gene writes: > Lately, everytime I go anywhere near google or a gmail link I get > attacked by a virus that calls itself norton antivirus. Delete all your Firefox caches and upgrade Firefox. That phishing malware has nothing to do with Google or Norton. You acquired it by visiting an infected or malicious Web site. Quit using Google search. Use DuckDuckGo. -- John Hasler j...@sugarbit.com Elmwood, WI USA
