Re: A hypervisor for a headless server?

[Miles Fidelman]

Nicholas Geovanis wrote:



On Thu, Jun 1, 2023, 9:58 PM Victor Sudakov <mailto:v...@sibptus.ru>> wrote:


Dear Colleagues,

There is a hypervisor called bhyve for FreeBSD. It's completely
headless, no graphics, runs as a daemon and provides serial and VNC
consoles.

Can you please advise a similar headless and minimal hypervisor for
Debian or Ubuntu?


The classic would be Xen (which I've been running for years). There's 
also Virtual Box, and VMware ESXi.  You might check out the list at 
https://www.hitechnectar.com/blogs/open-source-hypervisor/


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Who pays Debian developement

[Miles Fidelman]

rhkra...@gmail.com wrote:

On Tuesday, January 31, 2023 05:34:49 AM Pierre-Elliott Bécue wrote:

There are also individuals making such donations.

That being said, these donations can't be used to pay a Developer for
its work in the project.


That being said, there are certainly developers out there, who are 
working on company time, to make contributions to Debian (and other) 
open source software.  And folks at places that host the work - like the 
OSU OSL - are certainly drawing salaries from their parent 
institutions.  I expect a lot of that work is grant funded.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: MacOS VM on Debian: is it reasonably possible?

[Miles Fidelman]

Well... that would basically be MacOS, or a GUI that looks like MacOS 
running on another BSD.




Mario Marietto wrote:
How difficult will it be to create a BSD system with the look and feel 
of the MacOSX ? I mean,not only based on aesthetics,but more 
structural,but not so much structural to incite the apple's lawyers.


Il giorno mar 22 nov 2022 alle ore 17:41 Jeffrey Walton 
mailto:noloa...@gmail.com>> ha scritto:


On Tue, Nov 22, 2022 at 11:10 AM Mario Marietto
mailto:marietto2...@gmail.com>> wrote:
>
> How much FreeBSD code is inside the MacOSX code today ?

That's a good question. The Darwin kernel is XNU. But a lot of
userland code is BSD. In fact, a lot of Apple's man pages say (or used
to say) they are for BSD. See attached for the codesign man page.

I remember around the time that Apple adopted the Mach kernel. They
finally got a memory manager! No more "It's not my fault" and error
code 8 (iirc). I am kind of surprised I can't find a YouTube video
with an old Mac saying it...

Also

https://www.reddit.com/r/BSD/comments/1mix5h/id_like_the_differences_in_darwin_and_freebsd/
and see https://github.com/apple/darwin-xnu .

Jeff



--
Mario.



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: MacOS VM on Debian: is it reasonably possible?

[Miles Fidelman]

Has anyone been able to run a recent version of MacOS as a VM?

Which, while it might not stop anyone doing what they like in the privacy of 
their own home, should be ample reason not to take it to a public mailing list. 
Postings just as the OP reflect badly not only upon themselves but on others 
and the project at large.

Haven't tried it recently.  It used to  be possible.  But it's a LOT 
easier to run Debian (and other, including MacOS) VMs on a Mac. Works 
just great under Parallels - and, in the past, I've done it using 
Virtual Box & VMware.


Going the other way leads into both licensing issues, and boot issues.

Miles Fidelman (typing on a Mac, which is BSD Unix underneath, sending 
via a server running Debian in a VM over Xen, with Dom0 also being 
Debian - meanwhile, there are several Windows & Linux VMs on this Mac - 
not running at the moment, but they run native speed when they are).


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Three unsolvable Problems

[Miles Fidelman]

Charles Curley wrote:

On Sun, 24 Jul 2022 10:40:14 +
Schwibinger Michael  wrote:


Three unsolvable Problems

I suggest you should make these three separate emails, as you have
three separate problems. I suspect this email thread is going to get
messy.


Maybe.  1. & 2. might be symptomatic of some kind of file system or o/s 
corruption, or flakey hardware somewhere.


I'd start by running a full set of hardware and disk diagnostics - 
preferably from a recovery disk/stick.


After that, I'd try:

1
We have about 20 USB Sticks.
Last 6 months five of them feel like being destroyed.
Reformatting & testing a bunch of those USB sticks - see if they work, 
when running from the recovery disk.

2
Printer is not working.

Printing, using the driver on the recovery disk.

If all works, then you probably need to reload your o/s.



This one is clearly a separate issue.

3
With the digicam we made MP4 files - videos.
Because the battery became empty the files are not finalized.
So vlc or avidemux cannot open them.

Can somebody help to repair them e.g. with FFmpeg?

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: general broad question for help in setting up linux server and suggestions

[Miles Fidelman]

Semih Ozlem wrote:


I am thinking of setting up a server, both for local (at home use), (I 
have already set up say samba server or openssh server) to be used 
only under one modem. However due to lack of machines dedicated for 
that purpose the server is not continuing.


I would like to make a server I set up say at home available at the 
workplace as well so that I don't have to run back home while at work. 
If possible make the server accessible via a smart phone or some other 
computer.




Two comments:

1.  If you want to make the server available, via the net, you need to 
look at something like Dynamic DNS.  Broadband services tend to 
periodically reassign your IP address.


2.  If you have any expectation of providing any services - even 
something as basic as hosting an email list, you can easily swamp a 
desktop/laptop class machine.  You probably want to look at something 
Xeon based.


Personally, I've been looking rather longingly at the Intel NUC 9 Pro - 
which provides a huge amount of capability in a mini-pc chassis.  
Basically, a workstation class mini-pc.  Of course, it's hard to get 
one's hands on them these days, and a well-loaded system will easily set 
you back $2-3000.  You can get some comparable, Supermicro mini-itx 
boxes for a bit less.


Miles Fidelman





--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Disk errors ...

[Miles Fidelman]

Michael Stone wrote:

On Thu, Jan 14, 2021 at 11:45:25AM -0500, Miles Fidelman wrote:

Dennis Wicks wrote:

Greetings;

I am getting very frequent disk errors and I can't figure out which 
drive they are occurring on. I get two messages:


[174384.704895] sata_sil :05:00.0: Event logged [IO_PAGE_FAULT 
domain=0x address=0xcf99c100 flags=0x]


[174384.705153] AMD-Vi: Event logged [IO_PAGE_FAULT device=05:00.0 
domain=0x address=0xdf853000 flags=0x]


Several of each of them occur at once, every few seconds.
Is there any way that I can figure out which drive is causing the 
problem?


1. Run diagnostics on each drive (say, the SMART long diagnostic) - 
that should get you the disk id
2. Run the diagnostics again, on just your failing drive, look for 
the drive with the flashing light
3. Depending on how old the drive is, your problem is probably a 
failing drive


Again, this is a PCI error, not a disk error. I think the OP never did 
specify the CPU & motherboard? There have been hard to track down AMD 
IOMMU issues with symptoms like this, I'd pursue that long before I'd 
run disk scans.
I agree - probably not a disk error - though it never hurts to check 
one's drives every once in a while.


What makes you think it's a PCI error?  A quick google shows that this 
particular error has been associated with various configuration issues & 
driver bugs - particularly related to NVIDIA cards. Perhaps a pointer to 
the documentation on the specific driver reporting the error?  
(Personally "page fault" could well just indicate normal swapping 
behavior under load.)







--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Disk errors ...

[Miles Fidelman]

Dennis Wicks wrote:

Greetings;

I am getting very frequent disk errors and I can't figure out which 
drive they are occurring on. I get two messages:


[174384.704895] sata_sil :05:00.0: Event logged [IO_PAGE_FAULT 
domain=0x address=0xcf99c100 flags=0x]


[174384.705153] AMD-Vi: Event logged [IO_PAGE_FAULT device=05:00.0 
domain=0x address=0xdf853000 flags=0x]


Several of each of them occur at once, every few seconds.
Is there any way that I can figure out which drive is causing the 
problem?


1. Run diagnostics on each drive (say, the SMART long diagnostic) - that 
should get you the disk id
2. Run the diagnostics again, on just your failing drive, look for the 
drive with the flashing light
3. Depending on how old the drive is, your problem is probably a failing 
drive


Having said that, you might want to track down what those log entries 
actually mean.  Traditionally, a "page fault" indicates that a page is 
not found in memory, so the o/s is swapping the required page in from 
disk.  This might simply mean that you need more memory.  You might look 
at diagnostics that indicate memory usage and swapping.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: GNU Guix

[Miles Fidelman]

On 9/29/20 1:04 PM, Nate Bargmann wrote:


I tried GNU Guix a few years back.  I did not find a compelling reason
other than package roll back to leave Debian for it.  Bullseye has the
nix-bin package available for those wanting to try it without leaving
Debian, I guess.

- Nate


I've been thinking the main reason that I'd adopt Guix is to avoid the 
systemd ecosystem.  The question for me, is whether Guix is mature & 
stable enough for production use - vis-a-vis say Gentoo, or building 
Linux-from-Scratch, or one of the BSDs (though SmartOS is starting to 
look pretty interesting).


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: linux isn't robust enough to handle bad sector??

[Miles Fidelman]

On 9/20/20 11:53 PM, David Christensen wrote:


On 2020-09-20 01:40, Reco wrote:

Hi.


Hello.  :-)



On Sun, Sep 20, 2020 at 01:32:47AM -0700, David Christensen wrote:

On 2020-09-20 00:49, Long Wind wrote:
  On Sunday, September 20, 2020, 2:15:21 PM GMT+8, David 
Christensen

First, backup your data.
Please run the following command and post your complete console 
session

-- prompt, command, output.  Substitute DISKID as appropriate:

      # smartctl -x /dev/disk/by-id/DISKID


Thank you for posting the smartctl report.  I don't see any obvious 
problems.


I do. First, drive does not have any bad sectors,

197 Current_Pending_Sector  -O--C-   100   100   000    -    0
198 Offline_Uncorrectable   C-   100   100   000    -    0


Yes.


I'd also do a smartctl -A and look at the raw read errors. Depending on 
the disk manufacturer, that can be a good indicator that there's a 
failing sector, and the drive is doing lots of reads before it can 
actually access the data in a block or sector.



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: linux isn't robust enough to handle bad sector??

[Miles Fidelman]

On 9/19/20 10:37 PM, Long Wind wrote:


i'm creating FS on problem disk
though it has passed short and long tests by smart tool
i meet bad sector, mkfs complains forever
Ctrl+C can't kill it, what should i do NOW??

[ 2719.089156] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 
0x6 frozen

[ 2719.089171] ata4.00: failed command: WRITE DMA EXT
[ 2719.089185] ata4.00: cmd 35/00:00:18:68:e1/00:08:0c:00:00/e0 tag 0 
dma 1048576 out
    res 40/00:01:01:4f:c2/00:00:00:00:00/00 Emask 
0x4 (timeout)

[ 2719.089192] ata4.00: status: { DRDY }
[ 2719.089209] ata4: hard resetting link
[ 2719.404384] ata4: SATA link up 1.5 Gbps (SStatus 113 SControl 310)
[ 2719.412162] ata4.00: configured for UDMA/33
[ 2719.412199] ata4: EH complete
[ 2749.813187] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 
0x6 frozen

[ 2749.813201] ata4.00: failed command: WRITE DMA EXT
[ 2749.813208] ata4.00: cmd 35/00:00:18:68:e1/00:08:0c:00:00/e0 tag 0 
dma 1048576 out
    res 40/00:01:01:4f:c2/00:00:00:00:00/00 Emask 
0x4 (timeout)

[ 2749.813212] ata4.00: status: { DRDY }


One thing to check is whether part of what's happening is driven by the 
onboard disk driver.  Consumer grade drives try very hard to read bad 
blocks, leading to very long timeouts that drag a machine to its knees.  
(Learned this the hard way, trying to figure out why a server, with 
raided disks, just kept going slower... and slower... and slower.)


By contrast, server-grade drives just give up after the first try - 
letting RAID do its thing.


You might want to check the specs on your drive, and run a deep set of 
diagnostics, starting with the more intrusive smart diagnostics.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: [Interim Solution] Re: FOSS equivalents of *OLD* database and spreadsheet tools?

[Miles Fidelman]

On 7/30/20 5:21 AM, Eric S Fraga wrote:


On Wednesday, 29 Jul 2020 at 04:40, Richard Owlett wrote:

On 07/27/2020 10:13 AM, Eric S Fraga wrote:

You may wish to have a look at recutils:

A database is over-kill for some personal preferences.

I had mentioned spreadsheets in original post as I had visualized a

I am confused. You also mentioned databases and specifically SQL for
querying databases.


Yes, indeed - it sure seems like SQL will be necessary for either querying,
or importing from, databases of nutritional content.  Building the app around
and SQL engine - say SQL Lite - would seem to make a lot of sense.

Anything else, and some kind of converter will be needed.

Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: FOSS equivalents of *OLD* database and spreadsheet tools?

[Miles Fidelman]

On 7/27/20 9:59 PM, rhkra...@gmail.com wrote:


Somebody wrote:



But... isn't the tool the least of your problems?  The big one being,
where are you going to get your nutritional database. (Seems to me that
most of what Weight Watchers and Noom do is collect data on millions of
products.)

 From my records in my free format database (which would not be suitable for
your program (at least not in its present condition), some notes on available
databases.

 From "USDA databases" Thu Sep 08 06:57:41 2016
Date: 09/08/16 06:57 am
Subject: USDA databases




What a great list of databases!  Thanks for posting this.  Who knew?

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: FOSS equivalents of *OLD* database and spreadsheet tools?

[Miles Fidelman]

On 7/27/20 11:16 AM, Michael Stone wrote:


On Mon, Jul 27, 2020 at 08:09:36AM -0400, Greg Wooledge wrote:

For a project of this size and scope, a Tcl application with an sqlite3
database in a local file seems well suited.


Only on the internet can someone ask a simple question and get tcl as 
the answer. :-/


Well...

1. Where else would you ask the question, if not "the internet?"

2. tcl is still pretty cool - some great things are written in it, like 
fossil-scm (the DCVS used for sqlite, built on sqlite, in tcl, by the 
author of sqlite)


Seems like a great idea.




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: FOSS equivalents of *OLD* database and spreadsheet tools?

[Miles Fidelman]

On Sat, Jul 25, 2020 at 12:38:10PM -0500, Richard Owlett wrote:

Back in 70's/80's I wrote programs as part of routine job duties.
   {8080/8085 assembler, dBase and Paradox}
Neither I, nor my employers, classed me as a "programmer".
I was "Senior Engineering Tech" or "Junior Engineer".
IOW, I was not in abject *AWE* of computers. *ROFL*

Right now I'm working on a personal project.
INPUT:  How much of what did I eat?
OUTPUT: How much [cal/protein/fiber] did I eat?

SQL {and variants} seen to dominate all else.
IIRC, dBase was simpler.

What current FOSS system might I be comfortable with?


You might try googling "open source alternatives to dbase" - there seems 
to be quite a list.  Or you could go with a NoSQL database like CouchDB.


But... isn't the tool the least of your problems?  The big one being, 
where are you going to get your nutritional database. (Seems to me that 
most of what Weight Watchers and Noom do is collect data on millions of 
products.)


Good Eating,

Miles Fidelman

RAID stuff [was Re: Advice on hardware server to use for small a dedicated data center]

[Miles Fidelman]

On 7/1/20 8:15 AM, Miles Fidelman wrote:

On 7/1/20 7:04 AM, Reco wrote:


On Wed, Jul 01, 2020 at 08:49:09PM +1000, elvis wrote:

On 1/7/20 4:51 am, Dan Ritter wrote:

Miles Fidelman wrote:

On 6/29/20 7:20 PM, Dan Ritter wrote:


Miles Fidelman wrote:

On 6/29/20 9:10 AM, Dan Ritter wrote:


Miles Fidelman wrote:

Now who's being pedantic?

Precisely.

And isn't this exactly what I said??? mdadm is an admin program, 
it doesn't

perform the raid function.

And it's OK to refer to the whole thing as an mdadm RAID.
No.. if you want to be pedantic, the proper terminology is "Linux 
Raid" or

"md RAID."?? mdadm is one of several admin programs available

What are the others, please? (That will work on a modern system,
say, Debian stable or oldstable or unstable.)

I think there's precisely one -- libblockdev2.

lvm does its own raid now too...

https://www.reddit.com/r/linuxquestions/comments/9kkk3b/md_raid_lvm_vs_lvm_raid/ 


... and it's not the mdraid, but entirely different kernel subsystem.
Last time I've checked it, they did not even implemented incremental
RAID assembly in LVM, meaning that you won't be able to use such array
if a single drive from LVM-based RAID will fail.
They've solved this problem in mdraid like 15 years ago.


But staying on-topic, I'm too very interested to hear about alternative
interfaces to mdraid, which do not involve mdadm. libblockdev2 does not
count, it's merely a wrapper.


Sure looks like LVM raid make use of the same underlying md raid 
software as administered mdadm.


Which kind of just reiterates what I said earlier - mdadm, as an 
administrative interface, is distinct & separate from the various 
software components that create md raid devices.  In the past, there 
were several other admin programs, but mdadm seems to be the major, 
maintained tool.


The info that LVM now includes some direct raid setup tools (that also 
make use of the underlying mdraid system), is new, and possibly useful.


Which does raise an interesting question:  When the Debian installer 
gives the option to set up RAID volumes, does it use mdadm, or do it's 
own config, or use common libraries?  (Kind of arcane, but inquiring 
minds want to know.)


Miles Fidelman


Answered my own question.  The older set of tools were packaged as md 
tools and raid tools.  Meanwhile, configuration of RAID partitions is 
done by partman.




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 7/1/20 7:04 AM, Reco wrote:


On Wed, Jul 01, 2020 at 08:49:09PM +1000, elvis wrote:

On 1/7/20 4:51 am, Dan Ritter wrote:

Miles Fidelman wrote:

On 6/29/20 7:20 PM, Dan Ritter wrote:


Miles Fidelman wrote:

On 6/29/20 9:10 AM, Dan Ritter wrote:


Miles Fidelman wrote:

Now who's being pedantic?

Precisely.


And isn't this exactly what I said??? mdadm is an admin program, it doesn't
perform the raid function.

And it's OK to refer to the whole thing as an mdadm RAID.

No.. if you want to be pedantic, the proper terminology is "Linux Raid" or
"md RAID."?? mdadm is one of several admin programs available

What are the others, please? (That will work on a modern system,
say, Debian stable or oldstable or unstable.)

I think there's precisely one -- libblockdev2.

lvm does its own raid now too...

https://www.reddit.com/r/linuxquestions/comments/9kkk3b/md_raid_lvm_vs_lvm_raid/

... and it's not the mdraid, but entirely different kernel subsystem.
Last time I've checked it, they did not even implemented incremental
RAID assembly in LVM, meaning that you won't be able to use such array
if a single drive from LVM-based RAID will fail.
They've solved this problem in mdraid like 15 years ago.


But staying on-topic, I'm too very interested to hear about alternative
interfaces to mdraid, which do not involve mdadm. libblockdev2 does not
count, it's merely a wrapper.


Sure looks like LVM raid make use of the same underlying md raid 
software as administered mdadm.


Which kind of just reiterates what I said earlier - mdadm, as an 
administrative interface, is distinct & separate from the various 
software components that create md raid devices.  In the past, there 
were several other admin programs, but mdadm seems to be the major, 
maintained tool.


The info that LVM now includes some direct raid setup tools (that also 
make use of the underlying mdraid system), is new, and possibly useful.


Which does raise an interesting question:  When the Debian installer 
gives the option to set up RAID volumes, does it use mdadm, or do it's 
own config, or use common libraries?  (Kind of arcane, but inquiring 
minds want to know.)


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 6/29/20 7:20 PM, Dan Ritter wrote:


Miles Fidelman wrote:

On 6/29/20 9:10 AM, Dan Ritter wrote:


Miles Fidelman wrote:

Now who's being pedantic?

Precisely.


And isn't this exactly what I said??? mdadm is an admin program, it doesn't
perform the raid function.

And it's OK to refer to the whole thing as an mdadm RAID.


No.. if you want to be pedantic, the proper terminology is "Linux Raid" 
or "md RAID."  mdadm is one of several admin programs available


saying "mdadm raid" is like saying "libvert hypervisor" - when what you 
really mean is Xen, or KVM, or ESXI - accessed through libvert


When you're building systems, details matter.

Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

Actually, he seems to be designing a central database to support 2000 
retail restaurants.


And based on most recent posts, seems to be pre-startup designing a product.

My sense is that what he really needs is somebody on the team who 
understands distributed enterprise architectures.


Miles


On 6/29/20 2:00 AM, Leslie Rhorer wrote:
Not necessarily, and in particular not given his needs, if I 
recall them correctly.  LVM is fine for many purposes, but it is not 
required, nor is a network file system.  My servers at home have no 
partitions and no LVM, and I have the RAID system for the data volume 
formatted as XFS.  I use separate partitioned SSDs for booting and swap.


On 6/28/2020 3:48 PM, Miles Fidelman wrote:

On 6/28/20 3:58 PM, D. R. Evans wrote:


Dan Ritter wrote on 6/26/20 1:41 PM:

echo test wrote:


Note: I will need some RAID solution hard or soft.

We are firmly of the opinion that mdadm or ZFS are the best
solutions here.


Absolutely.

Actually I'd go further and differentiate the two by suggesting that 
if you
use ECC memory (which you definitely should for a business server) 
then ZFS is
the way to go. If for some reason you can't use ECC memory, then 
mdadm is
arguably the thing to use (although there is certainly a valid 
position that
says that ZFS is /still/ the right one). At least, that's the way I 
have my

systems configured.


Just to be clear... mdadm is NOT raid - it's an admin program for 
managing linux raid (md) devices.  And then you need to worry about 
LVM (logical volume manager), and a network file system on top of them.


Miles




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 6/29/20 9:10 AM, Dan Ritter wrote:


Miles Fidelman wrote:

Just to be clear... mdadm is NOT raid - it's an admin program for managing
linux raid (md) devices.?? And then you need to worry about LVM (logical
volume manager), and a network file system on top of them.

Just to be clear, you are being pedantic bordering on wrong here. This
is like saying "a hamburger is not ground beef patties, and then you
need to worry about vegetables and condiments".

mdadm is the administrative interface program for the kernel's md
subsystem. It is used generically as a synonym for "the kernel's
md subsystem" because for most people encountering them, they
are inextricably intertwined.

The kernel's md subsystem manages RAID 0, 1, 4, 5, 6 and 10. It
also has a non-RAID linear mode, a container abstraction, and a
fault-simulation mode.


Now who's being pedantic?

And isn't this exactly what I said?  mdadm is an admin program, it 
doesn't perform the raid function.




LVM is completely independent of the md subsystem, and can be
used with or without it. Some people love it. Some avoid it like
the plague -- oops. Some avoid it like rational people avoid the
plague.

Various network file systems are also completely independent of
the md subsystem.
ZFS is an integrated data storage system that presents N
filesystem and partition-equivalent views to the kernel. It is
independent of and an alternative to md and lvm. It offers a
semi-integrated NFS and CIFS export facility. Underneath, it
offers storage options including error-detection, compression, mirroring,
striping, RAID-5 and -6 style parity, read caching and write
caching. Only the error detection is mandatory.

I'm pretty sure we all know this.  The point is that comparing mdadm to 
ZFS is an apples to oranges comparison.  You don't chose between mdadm 
and ZFS, you chose between ZFS and a stack of software that performs the 
same set of functions.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 6/28/20 3:58 PM, D. R. Evans wrote:


Dan Ritter wrote on 6/26/20 1:41 PM:

echo test wrote:


Note: I will need some RAID solution hard or soft.

We are firmly of the opinion that mdadm or ZFS are the best
solutions here.


Absolutely.

Actually I'd go further and differentiate the two by suggesting that if you
use ECC memory (which you definitely should for a business server) then ZFS is
the way to go. If for some reason you can't use ECC memory, then mdadm is
arguably the thing to use (although there is certainly a valid position that
says that ZFS is /still/ the right one). At least, that's the way I have my
systems configured.


Just to be clear... mdadm is NOT raid - it's an admin program for 
managing linux raid (md) devices.  And then you need to worry about LVM 
(logical volume manager), and a network file system on top of them.


Miles




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 6/28/20 6:37 AM, echo test wrote:



Hello,

Thank you for all your answers and sorry to be late for answering.
> I prefer ZFS but I find that lots of corps prefer mdadm. I really think that's simply > 
because ZFS came from Sun and they lack Solaris backgrounds. Now, in a 
low-> RAM environment with simpler disc needs, I would probably go 
with mdadm.
> Anything else I would choose ZFS. It's ability to take care of itself is surprisingly 
> strong. Less work for me after the set up and installation.


ZFS beeing a filesystem and mdadm an utility software, I think I'll go 
for mdadm. I didn't know that Debian was supporting ZFS I always used 
Ext4.


It's a stack.  You build up from disk, to block-level raid, to volume 
manager, to file system, to access protocol.


ZFS includes multiple levels of the stack.  And yes there are ZFS 
implementations for Debian, along with a dozen or more other file systems.




Sorry if I'm misunderstanding, are you saying that Debian  cannot 
scale in a bigger enterprise ?

Can you tell me what happened with hardware RAID solutions?

> small" could be anything from 10 to 1000 users. Mentioning some numbers
> could get you more useful recommendations.
> In any case, some interesting hardware not mentioned so far (don't
> forget about the power consumption).

Small here is for me about 2000 users all are restaurants that save 
their selling history locally on their own server then 2 or 3 times in 
the morning they will rsync their postgres data on my data center.
About the power consumption, any advice about some low power hardware 
are also welcome.


Something seems a little flakey about that architecture.  Rsyncng 
postgress data?  There are lots of better ways to merge data into a 
database.  Particularly in these days of cheap, continuous, broadband 
connectivity.  And if you can't get business broadband in all your 
locations, cellular modems are dirt cheap.  (I speak as someone who's 
designed more than a few mobile data collection systems - everything 
from tactical military systems to transit buses).






> Supermicro 1U servers - run two or more of them
> and it's easy to turn them into a high-available cluster
> ...
> Note: I'm seriously considering migrating from Debian for our
> next refresh - I really don't like systemd - might go all the way to BSD
>or an OpenSolaris distro.

Supermicro seems definitely to propose some great stuff I will take 
them in account. Why do you dislike systemd ? I heard many people 
saying the same thing and I don't really understand what are their 
motivation except initd is less invasive.


It's a spaghetti coded package of crap, that takes over your system and 
does things its way.  I prefer modularity, and control over my systems.




I don't really know how to answer to your question but let's try.  We 
are a startup and for the moment we have a production and a 
development, in fact the production is just like a test environment 
because we do continuous delivery, we push everyday in order to know 
more quickly  when something has been broken and our semi-automated 
tests didn't detect it. Personally, I'm a self learner, and probably 
many guys of my team are too. So some advices here are also welcome.
We want to be able to handle 2500+ rsync in the morning (probably 
distributing them in time in order to avoid a single big load acting 
as a ddos) and for each client of my clients (restaurants) a get and 
put profile request.
Note: client's profile are shared across restaurants and clients can 
find/filter restaurants on the website which is not yet built but we 
are working on it.


Rsync is just wrong for that kind of application.  What are you syncing, 
anyway.  2500 postgress instances, some raw data files for input to a 
single instance of postgress, something else?  And if the postgress 
instance is feeding live data to apps, you really need to focus first on 
your high-availability strategy - single points of failure will kill you.


Come to think of it, you're a poster child for doing everything in the 
cloud.  As a startup, you've got way too many other things to worry 
about than home brewing an IT environment - focus on your core 
product/service, whatever that is.  (Now, if you're setting up a service 
bureau, that's another story - in which case, hire some folks who 
actually know how to do this stuff.  Here, I'm speaking as someone who 
HAS homebrewed a small service bureau, with serious experience in 
computing & IT - back before any of this stuff was available off the 
shelf.  It's a royal PITA.  These days, I'm far more likely to set up a 
new domain, or app, on a hosting service, than on our cluster - unless & 
until I know that it needs to be around for a while.  Life's too short.)


Miles Fidelman




--
In theory

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

A few comments on the advice below

On 6/28/20 3:16 AM, David Christensen wrote:

On 2020-06-26 11:34, echo test wrote:


I view Debian as the dominant enthusiast Linux distribution in the 
USA. I use it on my SOHO laptops and desktops because it mostly works 
on most x86/x86_64 computers made in the last ~20 years. (But, it is 
common for the "stable" version not to work on recently designed 
hardware.)  I also have a Ubiquitti Networks Unifi Controller 
application stack running on a Debian VPS on the Internet ($5/month).  
I am the only user and it has never failed. Other people with far more 
knowledge, skills, and ambition do more with Debian, but the effort 
appears to be both heroic and lonely. I have yet to hear of an 
"enterprise" environment built on Debian, but you can tell us about 
yours when you build it. (URL's for examples of such are welcome.)


Also pretty dominant in enterprise settings - particularly 
universities.  Still built primarily for use on servers.  You find it 
all over cluster configurations.  Scratch a big data analysis cluster 
and you'll likely as not find Debian.





I view FreeBSD as the dominant free x86/x86_64 BSD/Unix server 
distribution.  I use it on my SOHO servers because the design is 
traditional, the feel is polished, software packages are recent, and 
there are good books available [1, 2].  FreeBSD has notable enterprise 
deployments and commercial derivatives [3].


Yup.  Lots of old-timers prefer BSD for servers.  I've been thinking of 
migrating myself (I just hate systemd).  Also a lot of OpenSolaris 
derivatives out there.


But... for servers, I'd guess that (open source) Ubuntu & CentOS are 
probably a lot more common.



with hardwares like Dell EMC PowerEdge or Lenovo ThinkCenter which
seems to never mention that they support Debian. What kind of issues 
can I

encounter with such hardwares except simple cases like having to install
missing drivers with some already available firmwares.


You're looking in the wrong place.  Look at the Debian site, for the 
list of supported hardware.  Look at the installation documents for 
driver installation (which is more an issue for peripheral support - is 
there a driver for every device that you plan to install?).





Note: I will need some RAID solution hard or soft.


"Enterprise" implies storage area networks.  This requires hardware 
(and support software).


No, it does not.  Particularly in these days of converged hardware.

RAID is easy - Debian supports a number of software RAID options, and 
most motherboards support some form of hardware RAID (as to many 
external drive enclosures).


Sharing across nodes is easy, too - NFS.

Now, if you want to get fancy, and talk about high-availability, 
failover and such, things get a bit more baroque - we're talking things 
like real-time replication (look at DRBD), and fancy file systems.  And 
things get really tough, if you have multiple sites.  Red Hat has some 
good solutions, out-of-the-box, and last time I looked, they were all 
based on open source components - you could integrate those with CentOS, 
and probably Debian - but it takes a lot of work.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

On 6/27/20 11:56 PM, Kenneth Parker wrote:



On Sat, Jun 27, 2020, 8:08 PM Fred <mailto:f...@blakemfg.com>> wrote:


On 6/27/20 1:04 PM, Miles Fidelman wrote:
> I've had good luck with Supermicro 1U servers - run two or more
of them
> and it's easy to turn them into a high-available cluster.
> https://www.rackmountsetc.com/ has been pretty good to me when
it comes
> to configuring & assembling Supermicro components (and suggesting
> specific configurations).  You might also look into Ganeti as a
cluster
> management package (open source, originated at google for internal
> use).  Same horsepower & quality as a Dell or HP server, at a
> considerably lower price.
>
> I've been running Debian this way, in a data center, for at least a
> decade. (Note:  I'm seriously considering migrating from Debian
for our
> next refresh - I really don't like systemd - might go all the
way to BSD
> or an OpenSolaris distro.)
>
> One other alternative:   A lot of people seem to swear by Mac
Minis as
> servers.  They're already BSD under the hood, and I've run all
kinds of
> Linux distros on Macs, under virtualization.  You should be able
to run
> Debian directly, though I've never tried it.
>
> Miles Fidelman
>
>
> On 6/26/2020 1:34 PM, echo test wrote:
>>> Hello,
>>>
>>> First of all, please don't ask me why I simply don't want to
use aws
>>> or gcp.
>>>
>>> Then, I want to build a small data center for my company for
hosting
>>> a web app and a mail server. It's the first time I'm going to buy
>>> some hardware for this. I tried looking for it on the web in
order to
>>> compare them but it seems that hardware vendors never want to
talk
>>> about Debian on their websites.
>>>
>>> Seriously, I prefer using my money for donating to the Debian
>>> foundation than having to pay for Ubuntu or Red Hat Enterprise
>>> because I love Debian and ...
>>>
>>> So, I want to know if It's a good idea to try using Debian in an
>>> enterprise context, with hardwares like Dell EMC PowerEdge or
Lenovo
>>> ThinkCenter which seems to never mention that they support
Debian.
>>> What kind of issues can I encounter with such hardwares except
simple
>>> cases like having to install missing drivers with some already
    >>> available firmwares.
>>>
>>> Can you give me some alternative hardwares in case this idea
may take
>>> me to much time to solve ?
>>>
>>> Note: I will need some RAID solution hard or soft.
>>>
>>> Sorry if my English is bad, it's not my mother language
>>>
>>> Thank you.
>
To Miles Fidelman:
Devuan Linux is Debian with all traces of systemd removed.


+1

I run, both Devuan and Debian, on my multiple systems in my Apartment, 
with the idea of being conversant on both Technologies.


Best regards,
Fred


Kenneth Parker


Yes... but what ARE those systems, and how do they apply to the original 
poster's question?


Miles



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Advice on hardware server to use for small a dedicated data center

[Miles Fidelman]

I've had good luck with Supermicro 1U servers - run two or more of them 
and it's easy to turn them into a high-available cluster. 
https://www.rackmountsetc.com/ has been pretty good to me when it comes 
to configuring & assembling Supermicro components (and suggesting 
specific configurations).  You might also look into Ganeti as a cluster 
management package (open source, originated at google for internal 
use).  Same horsepower & quality as a Dell or HP server, at a 
considerably lower price.


I've been running Debian this way, in a data center, for at least a 
decade. (Note:  I'm seriously considering migrating from Debian for our 
next refresh - I really don't like systemd - might go all the way to BSD 
or an OpenSolaris distro.)


One other alternative:   A lot of people seem to swear by Mac Minis as 
servers.  They're already BSD under the hood, and I've run all kinds of 
Linux distros on Macs, under virtualization.  You should be able to run 
Debian directly, though I've never tried it.


Miles Fidelman


On 6/26/2020 1:34 PM, echo test wrote:

Hello,

First of all, please don't ask me why I simply don't want to use aws 
or gcp.


Then, I want to build a small data center for my company for hosting 
a web app and a mail server. It's the first time I'm going to buy 
some hardware for this. I tried looking for it on the web in order to 
compare them but it seems that hardware vendors never want to talk 
about Debian on their websites.


Seriously, I prefer using my money for donating to the Debian 
foundation than having to pay for Ubuntu or Red Hat Enterprise 
because I love Debian and ...


So, I want to know if It's a good idea to try using Debian in an 
enterprise context, with hardwares like Dell EMC PowerEdge or Lenovo 
ThinkCenter which seems to never mention that they support Debian. 
What kind of issues can I encounter with such hardwares except simple 
cases like having to install missing drivers with some already 
available firmwares.


Can you give me some alternative hardwares in case this idea may take 
me to much time to solve ?


Note: I will need some RAID solution hard or soft.

Sorry if my English is bad, it's not my mother language

Thank you.


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: technical terms overhaul

[Miles Fidelman]

On 6/22/20 5:59 AM, Will Mengarini wrote:

* Miles Fidelman  [20-06/20=Sa 11:58 -0400]:

Solve the problem of establishing a good set of gender-neutral
pronouns, for English, (and maybe declarations in other
languages) - then let's come back and debate colors.

Here you go:
   cocos cos coselfco's
   she   her hersherself   she's
   hehis his himself   he's
   itits its itselfit's
See <https://en.wiktionary.org/wiki/co#English>.

The "co/cos/coself/co's" pronouns were first introduced in 1970 in
the U.S commune named "Twin Oaks", which was founded in 1967.  It was
modeled on the community described in B.F Skinner's /Walden Two/;
see <https://en.wikipedia.org/wiki/Twin_Oaks_Community,_Virginia>.

They're in both Wiktionary and Wikipedia:
   en.wiktionary.org/wiki/Appendix:English_third-person_singular_pronouns
   en.wikipedia.org/wiki/Gender-specific_and_gender-neutral_pronouns


It's only a good solution if people actually adopt and use them. 
They/them/their has caught on, but it's kind of hard to differentiate 
singular/plural when you use them to be gender neutral.


Miles


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: technical terms overhaul

[Miles Fidelman]

On 6/21/20 2:55 PM, James H. H. Lampert wrote:

Personally, if I were a moderator on this List, I would order this 
thread terminated with extreme prejudice.


Agreed.

Speaking as someone who hosts a lot of email lists - it really gets 
annoying when discussions of offense & netiquette crowd out a 
substantive discussion.  I'm almost at the point where I'm willing to 
relax my strong "free speech" stance, to make calls for "moderation" or 
banning people the one and only grounds for immediate ejection from a list.


Cheers,

Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: technical terms overhaul

[Miles Fidelman]

Edwin Land once said: "/Politeness is the slow poison of collaboration." 
/I've generally found that to be quite true.  (Then again, I'm a New 
York Jew - brusqueness and argumentativeness are my bywords.)


Re. whitelist/blacklist:  IMO, on the one hand the really direct tie 
between good/bad and white/black is kind of stark.  On the other hand, 
where does this end?  Stop using "whiteout" to describe blizzard 
conditions (and perhaps only use it to refer to correcting fluid)?  Stop 
using "blackout" power outages? Stop using "white" to denote the sum of 
all colors, and "black" to denote the absence (or vice versa, if we're 
talking paint)?


Seems like just another case where we can let arguments over politically 
correct word usage, get in the way of actual communication & getting 
work done.


Solve the problem of establishing a good set of gender-neutral pronouns, 
for English, (and maybe declarations in other languages) - then let's 
come back and debate colors.  Meanwhile, life's too short for this.


Miles Fidelman

On 6/20/20 3:25 AM, Weaver wrote:

On 20-06-2020 12:57, Dan Ritter wrote:

Weaver wrote:

I think it's possible to get too politically correct.

Try this phrase:

"I think it's possible to get too polite."

No, there's no value in twisting words.
The wrong connotation gets promoted.

  

I suppose that's true -- if your object is to insult someone.

No insult was intended or implied.
You prefer to see it way.

  

Why are we attaching a concept like skin colour to list names as a
serious proposition?

Exactly. Since it doesn't matter to you, why not be polite?


See how you've created a straw man to tear down by adjusting the
terminology?
Obviously it does or I wouldn't have posted.
I always ask questions and never impose my standards on others.
See the difference?


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Return a Debian system to a pristine state

[Miles Fidelman]

On 5/29/20 10:32 AM, Victor Sudakov wrote:


John Hasler wrote:

Victor writes:

But *many* people do install productivity tools, office tools, games,
developer environments separately after the install, and then regret
it and wish to get rid of them cleanly.

What does

  apt remove --purge  ; apt autoremove

not do that you want done?

Unfortunately it does not know what packages are unwanted, nor
do I (the user) to tell it.

We are all familiar with the situation when after a long period of
usage, a system becomes full of software which we once installed for
some purpose and then abandoned or disused. A gentle hint on what is an
 would be very much appreciated at such moments.

Maybe the high-level package management software (aptitude?) is better
at that?

Of course, in any serious server environment, one is likely to have lots 
of software that was NOT installed through dpkg or apt - ranging from 
stuff installed directly from tarballs, to local configurations & scripts.


As far as I can tell, the only way to get to a "pristine" system, is to 
rebuild from scratch.


Miles Fidelman




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Return a Debian system to a pristine state

[Miles Fidelman]

On 5/28/20 10:34 AM, Victor Sudakov wrote:


Greg Wooledge wrote:

On Thu, May 28, 2020 at 08:50:44PM +0700, Victor Sudakov wrote:

What is searched for in Debian is the ability to remove the bloatware
which was not present at the time of installation.

But... but... it's precisely DURING the installation that most of the
crappy "bloatware" GETS ONTO THE SYSTEM!

What?!


How meny people do you think install GNOME or KDE or XFCE separately
after the install, as opposed to ACCEPTING A DEFAULT during the install?

The way you put it, those GNOME or KDE or XFCE would be part of the
"pristine system" and I'm fine with it.

But *many* people do install productivity tools, office tools, games,
developer environments separately after the install, and then regret it
and wish to get rid of them cleanly.

And then there are those of us who run servers, don't want any of the 
desktop applications - but then we know enough not to install it in the 
first place.  We tend to be more worried about all the interdependcies 
installed/required by systemd - but that's another battle entirely.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Return a Debian system to a pristine state

[Miles Fidelman]

Of course, the real way to return ANY system to a pristine state is to 
do a re-install from scratch.


Which, one might add, is why we have things like Ansible.

Miles Fidelman

On 5/28/20 1:15 AM, Victor Sudakov wrote:

Dan Ritter wrote:

Victor Sudakov wrote:

A production system, especially a desktop system, tends to accumulate
unnecessary packages. Users install software for testing, then forget
about it, or it falls into disuse...

In FreeBSD, you can always run "pkg delete -a" and return to the
post-install state (well, almost). This command will remove all the
third-party packages added to the base system after installation
(modified files under /usr/local/ will remain).

What's the procedure for Debian?

There is no pristine state for Debian.

There should be, even if this "pristine state" is but a list of packages
at the moment of the first boot.


Choices made during
installation affect what the first boot experience looks like.

The first boot experience is what can be called a pristine state. If
something or someone saved that initial list of packages, it could be
called "the pristine state."

For the future, I'll always save the output of "dpkg -l" after the first
boot for later comparison, but I did not expect it was not being done
somewhere automatically already.

[dd]


/var/lib/apt/lists/* has package information; if you grep for
Priority: required  you will find packages that *must* be
installed. The ranking is:

  required > important > standard > optional > extra

This is interesting. This job of finding "extra" packages installed
since the first boot can probably be done by the user, but I expected
some ready solution to exist.


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Serial port software

[Miles Fidelman]

On 11/27/19 7:38 PM, John Hasler wrote:


Paul Sutton wrote:

We have need, at the South Devon Tech Jam to gain access to a switch
that has a serial port, but using the serial port, (having issues using
the switch ip address).

I have a netbook running debian along with a usb -> 9 pin serial
connector cable. and have been asked to install software to allow serial
connection.

"Something that gives as close to a proper RS232 serial port operation
as possible."

As there seems to be a wide range of options presented by 'apt search
serial' I decided to ask here for recommendations please.

Use Minicom, or Xminicom to provide a bit of comfort to text-mode
phobics.  How close you can get to "proper RS232 serial port operation"
will probably be limited by the USB <-> serial chip in that cable.


You might want to review https://www.tldp.org/HOWTO/Serial-HOWTO.html


Section 14 has a good list of software.





--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: cannot bring up phpmyadmin in browser, cannot link to mysql

[Miles Fidelman]

On 10/5/19 11:51 AM, Dave wrote:

On our old server we used to access phpmyadmin via 
"oursite.com/phpmyadmin"


on the new server we have installed phpmyadmin / php / and sql-server ...

we cannot access phpmyadmin.

also we have not been able to link other programs like wordpress to sql
or phpmyadmin to sql.

DEBIAN 9.04

please advise


Well, for starters, work through the install & configuration steps, line 
by line.  Make sure you got it right.  (Also, go back and review your 
detailed notes from the installation on your old server - you did make & 
keep notes, right?)


Other piece of advice:  I've found that complex software works better 
when installed from a source tarball, with ./config; make install.  For 
all the basic stuff, packages & apt work just fine.  For more complex 
stuff, I always install from the most current stable upstream source.  
It's saved me no end of trouble.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: disk going bad? or fuser related issues? . . .

[Miles Fidelman]

On 10/4/19 10:45 AM, Albretch Mueller wrote:


  I use ntfs as a data transfer file system between Mac OS, *nix and
Windows (I code primarily in java). Even though while using that
partition through fuser it is noticeable slower, afaik, it is the only
viable option there is.

  Lately I have been noticing the NTFS partition being slower than
usual: telling me I am not allowed to open that partition and/or the
OS doing it itself but taking its time (like 5 seconds). The other
partitions mount just fine, so it doesn't seem to be a hardware issue.

  Is that disk partition somehow going bad or there might be something
else going on?

  Also, the disk seems to be somewhat noiser now or I am not sure if I
have started noticing it to be so because it is failing.

The best thing to do is run some tests on the disk, like the long SMART 
test.


If you see lots of disk errors - there's a good chance you're having 
hardware or media issues, backup as quickly as you can and replace the 
drive.


Also just check the total hours-in-service against the rated life for 
your drive.


The thing to watch out for (learned the hardware):

- server-grade disks fail quickly, relying on RAID to take over

- commercial-grade disks, on the other hand, will keep trying to read a 
sector - trying as hard as they can to retrieve data - even if it takes 
100s of attempts, and tens of seconds


It can be really confusing to find that one's machine is getting slower, 
and slower, and slower, for no apparent reason.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: I support the founder of FreeSoftware

[Miles Fidelman]

On 9/19/19 2:29 PM, rhkra...@gmail.com wrote:


'

My overall points though, include:

* that we can judge some of the actions of any man one way, and other 
actions by the same man another way, and sometimes one can overshadow 
the other, and sometimes not.


* I don't wish to judge a man and, for example, excuse all his sins 
because of some good he has done, nor to forget the good a man may 
have done because of his sins. But that doesn't mean his sins should 
be forgiven if they are "factual".


"Friends, Romans, countrymen, lend me your ears; I come to bury Caesar, 
not to praise him. The evil that men do lives after them; The good is 
oft interred with their bones;"


These days, it seems, we don't wait for them to die. We just kill them, 
professionally.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: What is agetty, and why can't it be stopped?

[Miles Fidelman]

On 6/5/19 11:15 PM, David Wright wrote:


On Wed 05 Jun 2019 at 22:43:53 (-0400), Felix Miata wrote:

Gene Heskett composed on 2019-06-05 22:04 (UTC-0400):


root@coyote:~$ locate agetty
/sbin/agetty

Maybe this will be a useful clue:

In Stretch, any gettys running on vtty[1-6] are actually agettys.
Files in /etc/systemd/system/getty.target.wants/ are symlinks to:
/lib/systemd/system/getty@service
# ps -A | grep get
  1021 tty3 00:00:00 agetty
  1022 tty4 00:00:00 agetty
  1023 tty2 00:00:00 agetty
  1451 tty1 00:00:00 agetty
  3932 tty6 00:00:00 agetty
12733 tty5 00:00:00 agetty

Why all this would tie up the serial port I don't know.


Depends on how the serial port is configured.  It's pretty standard for 
it to be set up as a console, by default, in which case an instance of 
getty would be running waiting for a user to login.


Miles Fidelman

Re: What is agetty, and why can't it be stopped?

[Miles Fidelman]

One minor nit...

On 6/6/19 3:22 AM, to...@tuxteam.de wrote:

Back then [TM], when we were young and handsome [1], a Unix
box had several terminals connected to it. Typically users
would show up at one of these terminals, perhaps hit ENTER,
and be presented with some greeting -- something like "Login:",
perhaps.

Entering user name and password gave the user an interactive
session, courtesy of a shell.


No longer so young, and never handsome, but still connecting to our 
servers via a terminal connection (SSH specifically).  Pretty common for 
servers - why bother with popping an X-window or other GUI for sys admin 
work.  Lots of getty instances running, sitting on network ports, just 
waiting for logins.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: What is agetty, and why can't it be stopped?

[Miles Fidelman]

agetty is "alternatative getty" - it's the terminal driver that listens 
on each terminal port


it's launched by init (or systemd), most likely in respawn mode - you'll 
need to find the init file (or systemd equivalent) that launches it, and 
change the config


do a "man getty" or "man agetty" and you should find what you need

Miles Fidelman

On 6/5/19 10:04 PM, Gene Heskett wrote:

Greetings all;

This machine has only one serial port, which I normally use a session of
minicom to connect as a terminal quit a bit dumber than a vt102, to a
TRS-80 Color Computer 3 in the basement. But my normal config for
minicom is /dev/ttyS0, but it claims the device is taken.

Sure enough, an lsof|grep ttyS0 shows an agetty attached to it.  And a
killall agetty as root only changes its pid until I've done the killall
as rapidly as I can uparrow and repeat it 6 or 7 times.

grepping thru  /etc does not seem to find any hits, so I've no clue whats
starting it.  So next I will do a search thru synaptic and remove it if
it will let me, or somehow disable it forever.

And the search for agetty in synaptic is also empty.
But as root, a locate agetty hits paydirt.

root@coyote:~$ locate agetty
/sbin/agetty
/usr/share/doc/util-linux/modems-with-agetty.txt
/usr/share/man/man8/agetty.8.gz

And the man 8 agetty page seems to indicate its a serial connection, I've
heard of as being available for troubleshooting even if its not fully
booted. Great, except I'm not sure I could go to the coco's keyboard and
run supercomm to see into linux, never tried it. In any event, the coco
is expecting a cr, and will respond by launching a shell bound to that
serial port on its end of the cable.

So what I'd like for it to do, is be totally silent during the rest of
this machines boot, and once a user, me, is logged in, go away just as
silently, freeing the only serial hardware port for my own use.

Next problem with minicom running as me is that it has no permissions to
save as its .dfl, the options it needs to Just Work as opposed to
messing around in its config screens finding a group of setting that
will work with the shells available on the coco, which of course is not
running its native rsdos, but a unix like system called nitros9 these
days.  Its os9 plus a few shots of unix testosterone.
   
What do I do next to get rid of this nearly invisible agetty gizmo once

this machine is booted?  It might be handy if this machine is truly
hung, but I can count those instances on one hand with fingers left over
in the 21 years I have been a linux only house.

Thanks all;

Cheers, Gene Heskett


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Why choose Debian on server

[Miles Fidelman]

On 1/3/19 5:55 AM, Reco wrote:


Hi.

On Wed, Jan 02, 2019 at 02:56:41PM -0500, Miles Fidelman wrote:

some of the recent politics, has made me far less comfortable that Debian will 
remain a stable platform - and I'm seriously considering migrating to either 
Gentoo or a BSD platform.

LOL, you've made my day, sir. It's hardly wise to consider FreeBSD as a
shelter from 'political issues' - [1], [2], and that's the only alive
BSD these days.


Except for NetBSD, OpenBSD, DragonflyBSD, and, of course, OSX.

As to the political issues - looks like a reasonable, and detailed 
policy AND PROCEDURES to me - not like the kangaroo court in the Debian 
world.  And then there was all the bullshit about how systemd was 
handled - including resignations of core developers over it.



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Why choose Debian on server

[Miles Fidelman]

On 1/2/19 5:16 PM, deloptes wrote:


Miles Fidelman wrote:


I'm not sure how well GIMP would run on across a network, particularly
if one wants to use a pen.  It's really designed to run on a machine
with a head.

so you are saying you can not ssh -X to the server and run your gimp if that
is what you want? I bet you can and I bet you can configure the server the
way you like - it is just another PC ;-) regardless hypervisors and
underlaying stuff.


No, but:

X11 is one of those things that one doesn't always install on servers.

If one wants GPU acceleration, one commonly does not install GPUs on 
servers.


Behavior over a network might be a bit problematic.  I expect network 
jitter might interfere with things like fine drawing with a wacom tablet.


Now, if one works in a graphics shop, with a serious rendering cluster 
in the same room – then maybe running GIMP on the server might make some 
sense.


Miles Fidelman





--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Why choose Debian on server

[Miles Fidelman]

On 1/2/19 1:41 PM, deloptes wrote:


Joe wrote:


Indeed. I'm currently working on getting Debian onto a small Acer
laptop, which is not trivial. I've run it on a netbook for several
years. But laptops and servers are solutions to different problems, and
don't generally need the same hardware and software. I wouldn't run
Gimp on a server, nor a RADIUS server on a laptop.

before start using the Fujitsu PC I used the same on a Dell E5440, I just
took the hard drive and put it into the Fujitsu PC. It started without a
problem.

The server is just a more powerful PC and the PC from today is the server
from 10y ago.



Not really true.  Servers tend to be configured very differently than 
desktop machines:  Multiple network ports, support for storage area 
networks, remote management, redundancy, different disks, not to mention 
headless.  One tends to run more specialized stuff, as well - 
hypervisors, storage management, failover stuff, back-end stuff 
(databases, mail servers, list servers).  One tends to run different 
drivers, and tune things differently.




I don't see a problem running Gimp on a server or RADIUS on a laptop ...
well, depends on the laptop and radius configuration.

I'm not sure how well GIMP would run on across a network, particularly 
if one wants to use a pen.  It's really designed to run on a machine 
with a head.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Why choose Debian on server

[Miles Fidelman]

On 1/2/19 2:51 AM, Alessandro Baggi wrote:

Hi list,
I'm new to this list and I'm choosing the right distribution for 
server needs. I hope that I'm not OT and don't want start a flame. 
I'm evaluating the possibility to switch on debian so I hope you will 
give your experiences about this topic.


At the moment I'm using CentOS 7 on server and workstation but very 
old software, add third repos for get some software, use unmaintained 
software where patchs are released by dev distro team, big changes 
between a current release and next release, big corporation piloted 
distro, waiting that rh release a security patches and then 
recompiled on centos, problem on new hardware, unable to install new 
software from source due to old libs get me bored, and frustated in 
the last year. I like flexibility and I noticed that centos chains my 
knowledge.


Today seems that RH Family is the standard and rh is more supported 
by software vendors. Considering 10 years of support, Selinux working 
out of the box, stability, enteprise class and free distro..user 
choose Centos with the perception that things work better because all 
is "followed" by a corporation. With this assumption users feel more 
secure and unfailing.




Traditionally, Red Hat (CentOS) and Debian  aimed primarily at servers - 
dating back to a time when server were the only place one ran Linux (if 
you were running Unix on a desktop, you probably had a Sun 
Workstation).  Graphical desktops came in with newer distros.  Suse also 
falls in this category.


These days, Red Hat has strong support, precisely because it's a 
commercial, supported product, and the primary distro used by large 
government & corporate users (outside of IBM and Oracle customers, who 
have their own distros).  If you're running Linux on a production 
server, it's probably Red Hat. CentOS is the free version.  Debian has 
been popular with those of us who don't like Red Hat's way of doing things.


Today, as I face some upgrade issues of my own, I'm really not so sure.  
All of the debacle around systemd, and some of the recent politics, has 
made me far less comfortable that Debian will remain a stable platform - 
and I'm seriously considering migrating to either Gentoo or a BSD platform.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Fwd: You removed Weboob package over pollitical reasons?Whole Internet laughs at you

[Miles Fidelman]

On 12/24/18 6:43 PM, Mark Fletcher wrote:
On Tue, Dec 25, 2018 at 7:56 Miles Fidelman 
mailto:mfidel...@meetinghouse.net>> wrote:


Not for nothing... 



Please don’t top post.


Yeah, whatever.  Grammar nazi.




but I'd never heard of weboob before.  Looks like a
rather powerful set of functions.  All the controversy has probably
provided some much needed visibility.

Personally, I don't care about the packaging - I tend to find that
packagers tend to just muck things up.  For anything except the most
common stuff, I'll always stick with >make;make install


In that case, why use Debian? The packaging (and the policies to 
support and govern it) are what makes Debian, Debian. Might as well 
use LFS if you’re going to make ; make install everything anyway.


Apt is well and good, and makes it easy enough to install all the basic 
packages on a new server.  After that, I've found that serious things, 
like databases, list managers - are generally well behind, and often 
don't build right.


Frankly, ever since systemd, I've been planning on migrating our 
production servers to BSD - just not a high enough priority. Debian has 
basically turned to garbage.





(Not that make ; make install is in any way evil; it’s great when it’s 
needed, it’s just not needed very much by users in Debian)


In your opinion.  Not in my experience.




With apologies to Miles for previously accidentally replying to him 
directly instead of replying only on-list...


Accepted.

Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: You removed Weboob package over pollitical reasons?Whole Internet laughs at you

[Miles Fidelman]

Not for nothing... but I'd never heard of weboob before.  Looks like a 
rather powerful set of functions.  All the controversy has probably 
provided some much needed visibility.


Personally, I don't care about the packaging - I tend to find that 
packagers tend to just muck things up.  For anything except the most 
common stuff, I'll always stick with >make;make install


Miles Fidelman

On 12/24/18 5:25 AM, Ivan Ivanov wrote:

500 comments at Slashdot, >200 at Phoronix and >1000 at linux org ru! See now?

When a technical project starts making their decisions over pollitical reasons
rather than technical, it is doomed. Good time to switch to a similar distro
with mentally sane leadership, like Devuan. Also what's good about Devuan :

Devuan does not use System8==D as its' init system! SystemD contains >1 million
lines of bloated code and lots of vulnerabilities have been found there and
countless haven't, also the SystemD creators are arrogant and refuse to fix many
discovered security vulnerabilities, to a point where they've been awarded a
" Pwnie award " for refusing to fix a critical vuln.

That is why I prefer the distros which are using something else as init system:
either good old SysV, or something more modern like OpenRC (at Artix Linux) or
runit (at Void Linux) , just not systemd! There are only a few such distros left
because of Redhat pressure, and luckily Devuan is one of them.
If you found Debian as useful before it went nuts then maybe you'd like Devuan,
or even some other distros that I mentioned: Artix Linux =Arch with a human face
(has GUI + everything configured by default, nice GUI package manager and
convenient to use even for the beginners), and Void Linux -amazingly fast distro
really suitable for old PCs, but lacks some packages so you'd need to compile
the things from source once in a while, in comparison Artix has almost the same
set of packages as Arch. Both Artix and Void are very stable despite their
packages are really new and they are among the first to get new Linux kernels
with fresh drivers.

Or maybe MX Linux, one of the top popularity distros nowadays which is
also "no systemd" and somehow only recently I learned about it

Best regards,
Ivan Ivanov,
open source firmware developer


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

On 10/24/18 2:05 PM, Joe wrote:


On Wed, 24 Oct 2018 12:47:10 -0400
Miles Fidelman  wrote:


On 10/24/18 6:45 AM, rhkra...@gmail.com wrote:


On Wednesday, October 24, 2018 12:32:15 AM Miles Fidelman wrote:
  

Yes, but you really need a PUBLIC static IP address, or things
tend to
  

get hairy.  Dynamic DNS will help, but only to a point.  And, a
lot of
  

ISPs really don't like it if you run servers at the edge.

We are currently such a small group, I don't think it will be an
issue -- if that changes, we can change.
  

Which - DynDNS or ISP objections?

The thing about dynamic DNS is that people cache DNS records - mail
sent to the list WILL go to the wrong place on occasion.

Re. ISP objections - those objections sometimes take the form of
active measures that block various kinds of traffic.

Then they're not a proper ISP. I pay for an *Internet* connection, not
just the forwarding of a few ports that are convenient for the provider.


You can argue what constitutes proper or not, if you want a connection 
with any level of bandwidth, you're talking a major carrier - and they 
deliver the service that they want to.





Bummer.  But maybe another, larger, Linux user group might help
you
  

out?  I expect there might be somebody on this list who might
volunteer
  

(hint, hint).  Maybe somebody at a nearby university - I believe
you
  

have a few of those in the Lehigh Valley :-)

We've had somebody make such an offer, and we'll probably take them
up on it -- I sort of wanted to try to set up a small mail list on
one of my computers, as long as I didn't have to run a web server
or a *nix style MTA
  

Now that is kind of hard to do.  All the mailing list servers that
I've worked with require a rather intimate interconnection with the
MTA that processes mail.  And that's before you "wire in" anti-spam
and anti-virus filters.  And, you'll need a webserver for access to
various administrative functions, and archive access.  Depending on
the list server, you might also require a dbms.  Setting up list
services can be an entertaining and educational exercise (also
frustrating), but it's not simple.  (Actually, the simplest approach
is using an MTA and managing lists in the alias file.)

There's no technical problem to using a local MTA and your ISP's SMTP
server as a proxy.


You still need a local MTA - which the OP doesn't seem to want to run.

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

On 10/24/18 2:30 PM, rhkra...@gmail.com wrote:


Ahh, a useful clue -- so the mail lists that list procmail as a dependency
(and no MTA) might meet my desires of being able to run a mail list without
setting up an MTA on my own machine.



No.

Procmail is primarily a LOCAL delivery agent - generally attached to a 
local MTA.  Mail for local addresses is handed to procmail, which can do 
things like sort mail into folders, return vacation messages, and so 
forth.  You might be able to coble together some basic list services, 
but only if you have an MTA to hand outgoing mail to.




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

On 10/24/18 12:56 PM, mick crane wrote:

On 2018-10-24 17:47, Miles Fidelman wrote:

We've had somebody make such an offer, and we'll probably take them 
up on it -- I sort of wanted to try to set up a small mail list on 
one of my computers, as long as I didn't have to run a web server or 
a *nix style MTA



Now that is kind of hard to do.  All the mailing list servers that
I've worked with require a rather intimate interconnection with the
MTA that processes mail.  And that's before you "wire in" anti-spam
and anti-virus filters.  And, you'll need a webserver for access to
various administrative functions, and archive access.  Depending on
the list server, you might also require a dbms.  Setting up list
services can be an entertaining and educational exercise (also
frustrating), but it's not simple.  (Actually, the simplest approach
is using an MTA and managing lists in the alias file.)



It's not very PC but disqus seems to work


Ummm... Disqus is
- not a mailing list server, it's a forum
- it's a hosted service, not something one can set up on one's own 
server, much less a desktop




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

On 10/24/18 6:45 AM, rhkra...@gmail.com wrote:


On Wednesday, October 24, 2018 12:32:15 AM Miles Fidelman wrote:

> Yes, but you really need a PUBLIC static IP address, or things tend to

> get hairy.  Dynamic DNS will help, but only to a point.  And, a lot of

> ISPs really don't like it if you run servers at the edge.

We are currently such a small group, I don't think it will be an issue 
-- if that changes, we can change.




Which - DynDNS or ISP objections?

The thing about dynamic DNS is that people cache DNS records - mail sent 
to the list WILL go to the wrong place on occasion.


Re. ISP objections - those objections sometimes take the form of active 
measures that block various kinds of traffic.



> Bummer.  But maybe another, larger, Linux user group might help you

> out?  I expect there might be somebody on this list who might volunteer

> (hint, hint).  Maybe somebody at a nearby university - I believe you

> have a few of those in the Lehigh Valley :-)

We've had somebody make such an offer, and we'll probably take them up 
on it -- I sort of wanted to try to set up a small mail list on one of 
my computers, as long as I didn't have to run a web server or a *nix 
style MTA


Now that is kind of hard to do.  All the mailing list servers that I've 
worked with require a rather intimate interconnection with the MTA that 
processes mail.  And that's before you "wire in" anti-spam and 
anti-virus filters.  And, you'll need a webserver for access to various 
administrative functions, and archive access.  Depending on the list 
server, you might also require a dbms.  Setting up list services can be 
an entertaining and educational exercise (also frustrating), but it's 
not simple.  (Actually, the simplest approach is using an MTA and 
managing lists in the alias file.)


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

On 10/23/18 8:16 PM, rhkra...@gmail.com wrote:


On Tuesday, October 23, 2018 11:04:52 AM Miles Fidelman wrote:

Speaking from experience:  Running your own server is a bit of a pain -
to setup, and to administer,

Must be my day to reply to email messages ;-)  Yes, I've tried that before.


and it's best done on a server with a
static IP address, not on a desktop behind a NAT router.

My desktop has a static IP address, behind a NAT router.  (But it is an
address in one of the private ranges (192.168.n.n)


Yes, but you really need a PUBLIC static IP address, or things tend to 
get hairy.  Dynamic DNS will help, but only to a point.  And, a lot of 
ISPs really don't like it if you run servers at the edge.  If you really 
want to run a server on your desktop, you need an ISP that will sell you 
both a business grade line and a static IP address.



(Sympa is what
I recommend for those who want to run their own, by the way.)

For simple things, I hate to recommend it, but google groups is about as
free & easy as it gets.

I don't know why I didn't really think of that, but I guess the times I've
been involved with groups that used it, there were things I didn't like about
it, but I may look again.
  

Otherwise, I expect somebody in your membership might have a corporate
machine they'd host you on.

No, we're a small group, mostly retirees at this point (I think).  When I
asked at the last meeting, nobody had anything to offer.


Bummer.  But maybe another, larger, Linux user group might help you 
out?  I expect there might be somebody on this list who might volunteer 
(hint, hint).  Maybe somebody at a nearby university - I believe you 
have a few of those in the Lehigh Valley :-)


Best,

Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on mailing list software -- special requirements

[Miles Fidelman]

Speaking from experience:  Running your own server is a bit of a pain - 
to setup, and to administer, and it's best done on a server with a 
static IP address, not on a desktop behind a NAT router. (Sympa is what 
I recommend for those who want to run their own, by the way.)


For simple things, I hate to recommend it, but google groups is about as 
free & easy as it gets.


Otherwise, I expect somebody in your membership might have a corporate 
machine they'd host you on.


Miles Fidelman


On 10/23/18 9:53 AM, rhkra...@gmail.com wrote:

(Aside to Jeff: Just sending you a copy of this for your information.)

Background: I am working with a Linux SIG that used to be part of a more
general computer group.  We plan to change the name to mention "LUG" (GLVLUG
-- Greater Lehigh Valley Linux User Group).

I want to establish a mailing list for the group.

I want to find either:

* a "service" that would host a mailing list for the group for free

* or, put a (simple) mailing list application on one of my machines, behind
a firewall (well, NAT) and not require the use of anything that (in my mind)
takes a lot of work or more knowledge than I have atm to setup -- for example,
I don't want it to depend on (or be) an MTA, Apache (or any other web server),
or even a windows email client that I'm not using (I currently use kmail, and
plan to stick with it).

I know I could do something in kmail by adding a mail list such that I could
send out emails to a reasonable number of people, but that doesn't solve the
problem of other people posting to the list.

I'd prefer that, whatever I find, receive / retrieve posts via POP3 (via my
ISP) and send posts via SMTP (again, via my ISP), and I'd prefer that emails
be stored in mbox files (but, I could live with maildir).

One of my machines is running Debian 7.11 (Wheezy), and the other is running
Debian 8.11 (Jessie) -- I'd probably install whatever I find on the 8.11
machine.

I looked at packages available that might meet my needs (just by searching for
mailing list in apper and then looking at the dependencies) -- I found the
following that might meet my needs -- I'll start by investigating courier (the
pop version).

* courier-pop
* enemies-of-carlotta
* mimmj
* quickml
* schleuder
* smartlist

I'd appreciate any advice anyone can offer.


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: mailing list vs "the futur"

[Miles Fidelman]

On 8/29/18 11:29 AM, John Hasler wrote:


Michael Stone wrote:

FWIW, I think SMTP (and IMAP) is on its way out as well. I expect
that in 20 years HTTP will still be going strong [...]

tomás writes:

Rather some Google/Amazon/Facebook/Microsoft backed abominable
mutation of that. One that (in subtle ways) gives a competitive
advantage to centralized services.

I think that SMTP will still be going strong but "consumers" will all
use Webmail and all but the largest organizations will either use
Webmail as well or contract for email service.  You'll be free to run
your own server (but not from home: ISPs will block it) but no one will
talk to you.


You miss the point.  SMTP is for transit between servers.  Maybe 
"consumers" prefer gmail, or yahoo, or some form of webmail - but we're 
never going to see a world where all mail goes through gmail - certainly 
not all business mail.


Chances are, that most mail - at least business mail - will originate in 
Outlook, go through an Exchange server, and from there, travel over SMTP.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: mailing list vs "the futur"

[Miles Fidelman]

On 8/28/18 5:24 PM, Mark Rousell wrote:

I was going to say that you and I have started going round in circles 
and should just agree to disagree about certain things but this is a 
different strand of the discussion that still seems to be advancing.


On 28/08/2018 20:01, Michael Stone wrote:

On Tue, Aug 28, 2018 at 04:46:15PM +0100, Mark Rousell wrote:
web forums, app-based, IM-style, etc.) but none of that, to my mind, 
lessens
NNTP's ideal applicability to getting private discussion group 
messages from

place to place (the front end UI/UX being a different thing again).


Ignoring the changes to user requirements for UI/UX is at least part 
of why NNTP is no longer a major factor in internet usage.


Last time I looked, Thunderbird & Exchange both support news - a 
newsgroup looks just like another email account.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: mailing list vs "the futur"

[Miles Fidelman]

On 8/28/18 1:44 PM, Michael Stone wrote:

On Tue, Aug 28, 2018 at 04:50:27PM +0100, Mark Rousell wrote:
Additionally, both FTP and HTTP were not and are not federated, 
one-to-many

services or systems in the way that Usenet was


I guess this is where I say "But why would you expect it to be?" and 
ignore the rest of the argument.


But one might want it to be - as compared to something centralized, like 
a list server or forum.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: mailing list vs "the futur"

[Miles Fidelman]

On 8/28/18 1:48 PM, Michael Stone wrote:


On Tue, Aug 28, 2018 at 05:02:08PM +0100, Mark Rousell wrote:
Lots of people download files from FTP servers but that's a wholly 
different
culture and use case than Usenet provided for in practice. And who 
said that
binaries (whether legal or illegal) was not a big part of Usenet at 
its height?


Anyone who argues that NNTP is the most efficient thing around? I 
guarantee that for large files FTP is more efficient, and that when 
one person is sending a file to a small number of other peopl, FTP is 
dramatically more efficient. I guess NNTP binary distribution is more 
efficient in some theoretical world where exactly the right 
subscriptions are distributed to exactly the right people via local 
transit servers, with no reposts. We can probably just write the 
volume of such transfers off as noise in the real world.


NNTP is exceptionally efficient for large scale message distribution - 
when compared to, say, a mailing list server that sends a message per 
subscriber.


For binary files, something like bit torrent is clearly more efficient.  
Though, a while back, somebody implemented a rather efficient mechanism 
that used NNTP for distributing header information, and a distributed 
hash table for the files themselves. Saved a lot of bandwidth.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: [OT] Best (o better than yahoo) mail provider for malinglists

[Miles Fidelman]

I would suggest looking for somebody who runs Sympa.

Open source, well supported, more "industrial strength" than Mailman 
(designed for universities, supporting lots of lists).


I've been running it on our servers, for at least a decade (who's 
counting) - it's rock solid, well supported by both a core team (at 
Renater - the French Research & Education Network), and a larger 
community.  (For example, a patch for DMARC came out almost 
immediately.  It took a lot longer for a mailman patch to show up, and 
even longer for it to make into the standard release).  Also, Sympa is 
built around a database, mailman isn't - makes a difference for folks 
running multiple lists.  Lots more things that can be customized.


There's a list of hosting providers at 
https://www.sympa.org/users/custom - but they're mostly in France.  You 
might have to do a little hunting - or post on the sympa users list.


There's also Groupserver (http://groupserver.org) - a rather interesting 
package that does a good job of melding traditional lists, with a 
web-based forum interface.  It's open source, with hosting available - 
from a small group in New Zealand.  It has a bit of traction in the 
"electronic democracy" community.


Miles Fidelman


On 8/28/18 12:25 PM, Mark Rousell wrote:

On 28/08/2018 17:12, Francesco Porro wrote:

Ciao,

As a member of this mailing list, I have a little (OT) question for you:
which is the best free email service around to receive mailing lists?


I cannot personally recommend any free, proprietary email service 
providers.


Instead I'd say that running your own mail server would be best for 
this, assuming you have some kind of always-on connection with a 
static IP you can utilise.


Although incoming spam is a potential problem the real difficulties 
with running your own mail server in my opinion are (a) maintaining 
deliverability of outgoing mail and (b) making sure you're not 
relaying spam. Keeping software and configuration up to date is 
important. However, in the sort of scenario you describe, you might 
not need to use your mail server for outgoing mail which could 
simplify things. Ideally you could use your ISP's or domain provider's 
mail server for outgoing mail whilst directing incoming mail for your 
domain to your own server. (I should add that using your own domain is 
always wise, rather than relying on service providers' email addresses).


Learning how to do all this could involve a learning curve but it's 
entirely feasible.


--
Mark Rousell
  
  
  


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: mailing list vs "the futur"

[Miles Fidelman]

On 8/12/18 8:10 AM, Zenaan Harkness wrote:


On Thu, Aug 09, 2018 at 07:03:29PM -0400, Rich Kulawiec wrote:

... mighty fine list you've got there - mailing lists are even better
than I thought they were.


19. Mailing lists interoperate.  I can easily forward a message from this
list to another one.  Or to a person.  I can send a message to multiple
lists.  I can forward a message from a person to this list.  And so on.
Try doing this with web forum software A on host B with destinations
web forum software X and Y on hosts X1 and Y1.  Good luck with that.

Oh come on - this one's a no-brainer on the web - you click the Like
button on the website, which takes you to a "Share with friend", and
if it doesn't then see if there's a "Tweet" button and click that.


And then there's LinkedIn - which makes it nearly impossible to share 
things with anything other than another LinkedIn user (except by using 
one's browser to mail the item or a link).


Nope.  Forwarding by email is about the only universal way to share 
stuff, or to move it from some service or another to one's personal 
storage (I can't tell you how often I email stuff to myself).


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Get the external IP address from a Linux box

[Miles Fidelman]

On 5/24/18 4:22 PM, Erwan David wrote:


Le 05/24/18 à 22:17, Stefan Monnier a écrit :

Alberto Luaces  writes:


Joe writes:


On the assumption that you are using a router of some kind, your public
IP address will be that of the router WAN port (cable, ADSL, etc.) and
there will be a method of determining that by connecting to the router
as an administrator. That method will depend entirely on the router.

If the router supports upnp and it is activated, you can check the
external IP in an device-independent way with

upnpc -l | grep ExternalIPAddress

The miniupnpc Debian package even comes with the `external-ip` script
which basically does the above.

I just tried it and it worked (tho only after I installed & enabled
miniupnpd on my OpenWRT router).  Of course, the IP address that my
router gets could itself be an "internal IP" behind a NAT firewall of my
ISP, so even if `external-ip` does give an answer I'm not sure it's
guaranteed to be "the" external IP address.


 Stefan



You could also be natted to one pool, so get different addresses for
different connections, or even have different services natted to
different pools (eg because there is a transparent proxy for outgoing
HTTP connections)


On the assumption that you're connected to a NAT router - the easiest 
way is to log into the admin port on the router - usually there's a 
management interface that will tell you your external IP address.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: domain names, was: hostname

[Miles Fidelman]

On 3/23/18 8:46 PM, David Wright wrote:


On Fri 23 Mar 2018 at 13:05:17 (-0400), Miles Fidelman wrote:

On 3/23/18 1:01 PM, David Wright wrote:

On Fri 23 Mar 2018 at 11:59:06 (-0400), Miles Fidelman wrote:

At some point, the network name that one's PC inserts into outgoing
mail might become important.

I venture to suggest that many (most?) .home users will be using their
ISP's smarthost, which would mean that the ISP (a) usually insist on
authentication and (b) and likely to have issued the network name
(like ip70-179-161-106.fv.ks.cox.net) themselves.



Not actually sure of that.  Verizon stopped offering mail a while
ago (sent people to AOL), and then there are folks who have
university or work accounts.

Verizon own AOL.


Right.  Forgot about that.

Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: domain names, was: hostname

[Miles Fidelman]

On 3/23/18 1:01 PM, David Wright wrote:


On Fri 23 Mar 2018 at 11:59:06 (-0400), Miles Fidelman wrote:

On 3/22/18 10:03 PM, David Wright wrote:


On Thu 22 Mar 2018 at 20:26:26 (+), Brian wrote:

On Thu 22 Mar 2018 at 12:44:53 -0500, David Wright wrote:

[...]


Here are my points, as it's a month since I made them. I didn't
quite answer the question as posed.

--✄--


that as well as being asked to supply a hostname I've also been asked
to supply a domain value.

What, on a home LAN, is that used for?

Nothing, with the possible exceptions of:

. avoiding this message at boot up:
   Mon Feb 19 04:58:38 2018: [] Starting MTA:hostname --fqdn did not return 
a fully qualified name,
   Mon Feb 19 04:58:38 2018: dc_minimaldns will not work. Please fix your 
/etc/hosts setup.

. satisfying a broken smarthost¹,

. causing some discussion here.


One possible additional consideration:

Home machines are often behind a NAT router - the real IP address of
the machine is that of the network side of the router.

Yes, see the first paragraph of my previous post where I used
the word "forced" in a way that caused some dismay,
https://lists.debian.org/debian-user/2018/03/msg00799.html
(and where I also forgot to revert the Subject line).


Some spam filters do reverse lookups on IP addresses in mail
headers.  And, depending on what headers they validate, if your
outgoing messages contain an IP address that doesn't resolve to the
domain of your router - funny things might happen.

Given how much spam originates from botnet-infected home machines,
and/or use forged sender information, I would not be surprised if
some spam filters aren't checking the originating header for
consistency.

At some point, the network name that one's PC inserts into outgoing
mail might become important.

I venture to suggest that many (most?) .home users will be using their
ISP's smarthost, which would mean that the ISP (a) usually insist on
authentication and (b) and likely to have issued the network name
(like ip70-179-161-106.fv.ks.cox.net) themselves.


Not actually sure of that.  Verizon stopped offering mail a while ago 
(sent people to AOL), and then there are folks who have university or 
work accounts.


Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

Well, I think Greg Wooledge is right here


Let's rewind the discussion.
The original context was "why do I need to have a dot in my HELO string".

The reason you need a dot in your HELO string is because SMTP receivers
may reject you as a spammer (or incompetent, same end result) if you do
not have one.

That's all.

All this academic crap about nodes and empty lists is irrelevant.


But since we've gotten so off track already (and we all live for that, 
right?)



On 3/22/18 11:04 PM, Richard Hector wrote:

On 23/03/18 14:44, Miles Fidelman wrote:


When it comes to hosts, it is generally understood that the FQDN
consists of both the hostname and domainname, and an awful lot of
protocol specs cite (and quote) https://tools.ietf.org/html/rfc1983 -
the "Internet Users' Glossary" which says...

Fully Qualified Domain Name (FQDN)
   The FQDN is the full name of a system, rather than just its
   hostname.  For example, "venera" is a hostname and
   "venera.isi.edu" is an FQDN.  See also: hostname, Domain Name
   System.

Another reference, thanks. Still not specific.


Not sure what gets more specific than the glossary of terms used in 
common by all the other RFCs.


Granted that it doesn't really cover the case where a node doesn't 
designate a "system" (though one could consider DNS as a system, in 
which case "." is the full name, and it doesn't have a hostname).





Now, arguably, "." is an FQDN specifying the very top of the DNS tree,
and "com" (or "com.") specifies the top of the com domain - but who
really cares.  Particularly since the whole discussion started around
fully qualified HOST names.

This is my point. And AFAIK DNS would happily accept an A record for
com, and probably . too. (I haven't tried it in BIND; I should ...)


Interesting.  Of course the authoritative records would have to be on 
either on


*.root-servers.net.
or
*.gtld-servers.net.

(per the SOA and NS records)

Might be interesting to see  how bind would work if you created a local 
record.



Another common definition of an FQDN is that it uniquely identifies a
node in the DNS tree.  By that view "." is the FQDN for the top of the
tree, and "com" (or "com." is the top of the .com domain - but who
really cares, except for pedantic purposes.

When talking about specs and RFCs (which maybe only I was), surely
pedantic purposes are what it's all about?


Well yes, but if one wants to get pedantic, one has to note that the 
standards are explicitly vague about some things.


Notably:

RFC-1034, DOMAIN NAMES - CONCEPTS AND FACILITIES
3. DOMAIN NAME SPACE and RESOURCE RECORDS
3.1. Name space specifications and terminology

Starts with "The domain name space is a tree structure.  Each node and 
leaf on the
tree corresponds to a resource set (which may be empty)."  and goes on 
to say

"The domain name of a node is the list of the labels on the path from the
node to the root of the tree."

From there, and in other RFCs, there is some specificity ("MUSTs" & 
"SHOULDs"), but there is also language like

"By convention," and a lot of "MAYs".

I.e., one can only be pedantic up to a point.  And then one has to 
accept that there are general understandings, as well as wide variances 
in the way different people & software implement things.



   There aren't any
nameservers that resolve "." or "com" or "mil" - implying that there are
no records in the system for them (maybe there should be, but that's
another question for another day).

There might not be A,  or MX records, but there are certainly
servers, and they serve at least SOA and NS (and RRSIG) records for all
3 of those.


So there are.  I stand corrected.

Cheers,

Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: domain names, was: hostname

[Miles Fidelman]

On 3/22/18 10:03 PM, David Wright wrote:


On Thu 22 Mar 2018 at 20:26:26 (+), Brian wrote:

On Thu 22 Mar 2018 at 12:44:53 -0500, David Wright wrote:

[...]


Here are my points, as it's a month since I made them. I didn't
quite answer the question as posed.

--✄--


that as well as being asked to supply a hostname I've also been asked
to supply a domain value.

What, on a home LAN, is that used for?

Nothing, with the possible exceptions of:

. avoiding this message at boot up:
   Mon Feb 19 04:58:38 2018: [] Starting MTA:hostname --fqdn did not return 
a fully qualified name,
   Mon Feb 19 04:58:38 2018: dc_minimaldns will not work. Please fix your 
/etc/hosts setup.

. satisfying a broken smarthost¹,

. causing some discussion here.


One possible additional consideration:

Home machines are often behind a NAT router - the real IP address of the 
machine is that of the network side of the router.


Some spam filters do reverse lookups on IP addresses in mail headers.  
And, depending on what headers they validate, if your outgoing messages 
contain an IP address that doesn't resolve to the domain of your router 
- funny things might happen.


Given how much spam originates from botnet-infected home machines, 
and/or use forged sender information, I would not be surprised if some 
spam filters aren't checking the originating header for consistency.


At some point, the network name that one's PC inserts into outgoing mail 
might become important.


Miles Fidelman





--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/22/18 7:14 PM, Richard Hector wrote:


On 23/03/18 11:31, Dan Purgert wrote:

Richard Hector wrote:

On 23/03/18 01:17, Greg Wooledge wrote:

[...]
RFC 1594 <https://tools.ietf.org/html/rfc1594>: A Fully Qualified
Domain Name (FQDN) is a domain name that includes all higher level
domains relevant to the entity named.  If you think of the DNS as a
tree-structure with each node having its own label, a Fully Qualified
Domain Name for a specific node would be its label followed by the
labels of all the other nodes between it and the root of the tree.

For example, for a host, a FQDN would include the string that
identifies the particular host, plus all domains of which the host is
a part up to and including the top-level domain (the root domain is
always null).

Thanks - Having read that paragraph of the RFC, it doesn't seem to
require any particular number of levels, only that all that exist are
present.

Richard

It requires two "levels"

  1. the TLD itself
  2. the named host

Therefore, "com." (that is, the TLD 'com') is not a valid FQDN. However,
"a.com." (that is, the host 'a' on the 'com' TLD) is a valid FQDN.

That's not what I see in the RFC. The DNS only seems to care about a
tree of nodes with labels, not whether a particular node represents a
host or a network or something else. So if the node in question has the
label "com", and "All the other nodes" consist of just the root domain
(with the null label), that should be sufficient. Even just the null
label followed by (empty list) should be enough. What you say may well
be what was intended, but it doesn't seem specific to me.

I realise practical considerations may be different, but I don't see any
more requirement than that in that RFC.

Christ, why are we still discussing this.  (And what does it have to do 
with the original question about "Federated, decentralised communication 
on the internet?"  ... which was originally a question about how 
"hostname" is used by Debian)  But...


An FQDN defines the location of an entity in the DNS tree.  For a host - 
which is what we've been discussing, and generally what one is talking 
about when talking about FQDN's an FQDN consists of both a hostname AND 
a domain name.  (Again, in the Linux context, one is generally making 
the distinction between "hostname," "network name," and "fully qualified 
domain name" - often in the context of setting up a machine, or the 
"hostname" and "dnsdomainname" commands, "hostname --fqdn", or the files 
where such information is stored.)


When it comes to hosts, it is generally understood that the FQDN 
consists of both the hostname and domainname, and an awful lot of 
protocol specs cite (and quote) https://tools.ietf.org/html/rfc1983 - 
the "Internet Users' Glossary" which says...


   Fully Qualified Domain Name (FQDN)
  The FQDN is the full name of a system, rather than just its
  hostname.  For example, "venera" is a hostname and
  "venera.isi.edu" is an FQDN.  See also: hostname, Domain Name
  System.


Now, arguably, "." is an FQDN specifying the very top of the DNS tree, 
and "com" (or "com.") specifies the top of the com domain - but who 
really cares.  Particularly since the whole discussion started around 
fully qualified HOST names.


Another common definition of an FQDN is that it uniquely identifies a 
node in the DNS tree.  By that view "." is the FQDN for the top of the 
tree, and "com" (or "com." is the top of the .com domain - but who 
really cares, except for pedantic purposes.   There aren't any 
nameservers that resolve "." or "com" or "mil" - implying that there are 
no records in the system for them (maybe there should be, but that's 
another question for another day).


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/22/18 7:06 PM, dekks herton wrote:


On 03/21, Miles Fidelman wrote:

On 3/21/18 11:48 AM, Charlie Gibbs wrote:


On 21/03/18 01:00 AM, to...@tuxteam.de wrote:


My problem with "social networks" is that they're monopolies. 
Imagine popping down to the local pub for a pint and a bit of 
conversation, only to find that it's part of a huge chain run by a 
transnational conglomerate.  I much prefer the Usenet model, 
although web sites that let you leave messages come pretty close. 
What I don't like are those web sites that make you log in through 
Facebook in order to post.  Since I don't have a Facebook account 
and never will, such sites will have to do without my pearls of 
wisdom.  :-)


Maybe we should move back to USENET.  It worked pretty well, and it's 
still going strong in some quarters.  Add some global identity & 
reputation management, and the ability to set up lots of small 
newsgroups - and we'd have one hell of a Facebook killer.


There's always Fidonet lol

Does Fidonet still live?  I just checked fidonet.org and a lot of the 
links (like the node status one) go to odd places.  Fidonet.us seems to 
be current, but no list of active nodes.  Sigh...


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/22/18 3:56 AM, deloptes wrote:


Miles Fidelman wrote:


the problem with DMARC is simple - it breaks any kind of retransmission
- in particular mailing lists

that's why I don't get the mails delivered to the mailbox or get numerous
non deliverable mails from the mail server.

nevertheless you will not be able to resent mails soon and perhaps the news
group community should react respectively in time and not just state "the
problem with DMARC".
You know what happens in nature with animals that do not evolve. I am sure
there is a way to handle this with DMARC as well.

Well, the list management community HAS been trying to engage with DMARC 
- the thing is the DMARC folks are not really all that responsive - "not 
their problem" and it's a standard that's being imposed by fiat, not in 
the Internet way.


There are work-arounds, sort of - the basic one being to set a list 
manager to have all emails show as coming from the list, not the 
original author.  Makes "reply-to-author" a pain.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/21/18 7:57 PM, Dan Purgert wrote:


Miles Fidelman wrote:

On 3/21/18 5:25 PM, Richard Owlett wrote:

[...]

I'm a consumer not a provider, but I understood that "control
membership" was part of structure for a "moderated group".
Education cheerfully accepted ;}



Not really.  Moderated meant that posts were filtered through one or
more moderators for approval.  Now that provided (provides) some degree
of control over who can post, it says nothing about who can read
messages (account on a machine that subscribes to the newsgroup).  It's
possible to rigidly control the machines that receive messages, and
potentially control accounts on those machines - but that's a
hard-to-implement approach.  Now, if traffic were encrypted, and there
was an out-of-band key management system (e.g., something like Kerberos
or OAuth) - one could then apply global restrictions on who could
actually read traffic sent to a particular newsgroup.

It has always been my understanding that "newsgroups" were somewhat
intended to be publicly readable -- i.e. "this is the current news".

Mailing lists, on the other hand were the ones that were somewhat more
(semi-)private discourse.

I'm not really sure "intended" is the right choice of word here though.
I mean, reality tends to distort "a creator's intent" pretty well.

I'm not sure "intended" is the right word either.  I think it was more a 
matter of scaling and membership management, and perhaps traffic 
management.  Mailing lists get really unwieldy as membership grows.  
Newsgroups scale rather well.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/21/18 5:15 PM, deloptes wrote:


But back to DMARC, it indeed works for the big players as smaller one can
not easily implement and get the ratings the bigger get, however I have
seen also smaller companies use their own mail servers and keep them up to
date and score pretty well.


the problem with DMARC is simple - it breaks any kind of retransmission 
- in particular mailing lists


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/21/18 5:25 PM, Richard Owlett wrote:

On 03/21/2018 03:38 PM, Miles Fidelman wrote:

On 3/21/18 12:32 PM, Richard Owlett wrote:


On 03/21/2018 11:05 AM, Miles Fidelman wrote:

On 3/21/18 11:48 AM, Charlie Gibbs wrote:


On 21/03/18 01:00 AM, to...@tuxteam.de wrote:


My problem with "social networks" is that they're monopolies. 
Imagine popping down to the local pub for a pint and a bit of 
conversation, only to find that it's part of a huge chain run by a 
transnational conglomerate. I much prefer the Usenet model, 
although web sites that let you leave messages come pretty close. 
What I don't like are those web sites that make you log in through 
Facebook in order to post. Since I don't have a Facebook account 
and never will, such sites will have to do without my pearls of 
wisdom. :-)


Maybe we should move back to USENET.  It worked pretty well, and 
it's still going strong in some quarters.


*YES!* I use email and USENET only.
I attempted Facebook years ago. I set it up two have some family and 
one friend set up as "friends". I was careful to *NOT* to specify 
anything about where I lived. I was immediately spammed by 
advertising geographically associated with my "friends". The current 
fiasco with data mining private information says I was right.


  Add some global identity & reputation management, and the ability 
to set up lots of small newsgroups - and we'd have one hell of a 
Facebook killer.


Free market does a pretty good job. I'm currently subscribed to >20 
tech oriented mailing lists with few problems.


I was thinking of STANDARDS for identity management across USENET 
sites, coupled with some access controls.  Right now, one key limit 
of USENET (well, NNTP) is that there are lots of ways of spoofing 
identity on posts, and no way to really limit access on a per-group 
basis.  Email lists provide a lot more control. So does FaceBook.


(FYI:  I currently HOST 20+ email lists - mostly community groups. 
I'd love to run them as USENET groups, but - can't control membership.)




I'm a consumer not a provider, but I understood that "control 
membership" was part of structure for a "moderated group".

Education cheerfully accepted ;}


Not really.  Moderated meant that posts were filtered through one or 
more moderators for approval.  Now that provided (provides) some degree 
of control over who can post, it says nothing about who can read 
messages (account on a machine that subscribes to the newsgroup).  It's 
possible to rigidly control the machines that receive messages, and 
potentially control accounts on those machines - but that's a 
hard-to-implement approach.  Now, if traffic were encrypted, and there 
was an out-of-band key management system (e.g., something like Kerberos 
or OAuth) - one could then apply global restrictions on who could 
actually read traffic sent to a particular newsgroup.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/21/18 12:32 PM, Richard Owlett wrote:


On 03/21/2018 11:05 AM, Miles Fidelman wrote:

On 3/21/18 11:48 AM, Charlie Gibbs wrote:


On 21/03/18 01:00 AM, to...@tuxteam.de wrote:


My problem with "social networks" is that they're monopolies. 
Imagine popping down to the local pub for a pint and a bit of 
conversation, only to find that it's part of a huge chain run by a 
transnational conglomerate.  I much prefer the Usenet model, 
although web sites that let you leave messages come pretty close. 
What I don't like are those web sites that make you log in through 
Facebook in order to post. Since I don't have a Facebook account and 
never will, such sites will have to do without my pearls of wisdom.  
:-)


Maybe we should move back to USENET.  It worked pretty well, and it's 
still going strong in some quarters.


*YES!* I use email and USENET only.
I attempted Facebook years ago. I set it up two have some family and 
one friend set up as "friends". I was careful to *NOT* to specify 
anything about where I lived. I was immediately spammed by advertising 
geographically associated with my "friends". The current fiasco with 
data mining private information says I was right.


  Add some global identity & reputation management, and the ability 
to set up lots of small newsgroups - and we'd have one hell of a 
Facebook killer.


Free market does a pretty good job. I'm currently subscribed to >20 
tech oriented mailing lists with few problems.


I was thinking of STANDARDS for identity management across USENET sites, 
coupled with some access controls.  Right now, one key limit of USENET 
(well, NNTP) is that there are lots of ways of spoofing identity on 
posts, and no way to really limit access on a per-group basis.  Email 
lists provide a lot more control.  So does FaceBook.


(FYI:  I currently HOST 20+ email lists - mostly community groups. I'd 
love to run them as USENET groups, but - can't control membership.)


Miles Fideman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Federated, decentralised communication on the internet

[Miles Fidelman]

On 3/21/18 11:48 AM, Charlie Gibbs wrote:


On 21/03/18 01:00 AM, to...@tuxteam.de wrote:


My problem with "social networks" is that they're monopolies. Imagine 
popping down to the local pub for a pint and a bit of conversation, 
only to find that it's part of a huge chain run by a transnational 
conglomerate.  I much prefer the Usenet model, although web sites that 
let you leave messages come pretty close. What I don't like are those 
web sites that make you log in through Facebook in order to post.  
Since I don't have a Facebook account and never will, such sites will 
have to do without my pearls of wisdom.  :-)


Maybe we should move back to USENET.  It worked pretty well, and it's 
still going strong in some quarters.  Add some global identity & 
reputation management, and the ability to set up lots of small 
newsgroups - and we'd have one hell of a Facebook killer.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: More then 2800 spams from the list...

[Miles Fidelman]

Comments at end.


On 3/19/18 12:22 PM, to...@tuxteam.de wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Mar 19, 2018 at 05:35:04PM +0200, Michelle Konzack wrote:

Hello Richard and *,

Am 2018-03-19 hackte Richard Owlett in die Tasten:

I didn't. But as my ISP has an excellent spam filter I don't see what
many others see. I suspect the key is interpreting the header
information the OP gave. Is there a guide for an average user to
interpreting that information?

It seems, the spamer is on the List and manipulated the Mailinglist
messages b using the original headers removed anything newer then
the  Receied Headers and sent the message to more then 17000
servers.

What do you mean by "the spammer is on the list"? The spam messages
don't go via list. I would get them (my own mail server and no spam
filter beyond the standard Exim header checking, which would never
drop/reject a mail coming from the list).


 is subject of a DOS attack.

Yes, I rather think they are targetting you. The Debian mailing
list headers seem to me (well placed) spoof.


It seems, the Attacker know probably several 10.000 wrong configured
mailservers and now use it, to pull down my server...

Yes, that's how it looks to me. Perhaps they're real bounces,
perhaps they're fake. But I'm pretty sure by now that the
Debian-list related headers are plain fake, to nudge people
into "responding to list" and thus spreading the spam even
more. So folks, don't do that. And if you do, at least strongly
snip the original (as Michelle has done, thankfully) and don't
include the whole kaboodle, top-posting style (you don't top-post,
do you ;-)

FWIW, I've sent a test mesage to (some randomly chosen user name)
at one of the servers in list and am awaiting a bounce message.

Let's see...

@Michelle: could you please send me a *complete* bounce message,
headers and all, as it arrives at your place? I still can't figure
out what kind of headers you sent to this list.




Actually, what's more important are a collection of spam & bounce 
messages - both from Michelle, and anybody else who's seen the spam.


That way we can tell if they're all coming from one place (the list, or 
otherwise) or if they're coming from lots of sites across a botnet.


All we know right now is

1. the mailer (purportedly) at freash.longvieace.com is reporting a ton 
of bounces on a mail that purportedly came from Michelle via 
Debian-user, and


2. the spam (purportedly) got to that mailer from mail.tamay-dogan.net

None of the other headers can be trusted.  Actually, not even that 
message can be trusted - except that spambots don't generally report 
bounces.


One needs more copies of the spam, and more bounce messages, to figure 
out what's going on.


The general assumption here is that some spambot has manufactured 
headers that make it look like a message from Michelle to Debian-User.  
Beyond that, we really don't know anything useful or actionable.


Miles Fidelman (who deals with this sh*t on too many lists that he 
manages, sigh...)








--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Cumulative internet data transfer {up AND down}

[Miles Fidelman]

On 11/17/17 9:20 AM, Eric S Fraga wrote:


On Friday, 17 Nov 2017 at 08:52, Richard Owlett wrote:

I'm interested in investigating cumulative data to/from the internet
for selected interval ranging from an hour to a week.
My only connection is a device connected thru a USB port.
My web search turned up only discussion of measuring throughput RATE.
Suggestion of keyword(s) for search?

I use vnstat for daily/weekly/monthly stats.  Can also give you typical
use by hour of day.


Ditto to vnstat

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: attach a big picture

[Miles Fidelman]

On 10/21/17 11:35 AM, Roger Lynn wrote:


On 21/10/17 07:10, arne wrote:

On Sat, 21 Oct 2017 01:36:39 -0400
Felix Miata  wrote:

If you install and run Apache on Debian you can simply provide a URI
to an image file on your own Debian PC.

You don't need Apache if you already have nginx installed. (nginx is what I
would use if I needed a web server.)


Either way, that doesn't work too well if you're behind a NAT router 
and/or have a dynamic IP address.  At the very least you have to open a 
port, and you may have to run dynamic DNS.


It's far easier to use something like filemail.com - uploads a file, 
then emails a link to it, and free for most uses.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: HNI Email List

[Miles Fidelman]

On 9/7/17 11:20 AM, Dan Ritter wrote:


On Thu, Sep 07, 2017 at 09:10:02PM +0530, Educational Tutorials Inc. wrote:

Hi,

We are looking for data of HNI USA customers. Please let us know your
pricing and also send some samples.


*Feel Free to ask if have any queries.*

So -- do you frequently buy lists for spamming, or is this your
first time?



So let's see, a company that home-tutors foster children, is looking for 
a list to spam customers of an office furniture company, and asking on a 
Linux distro support list.


So not just a spammer, but a moronic one.  (And certainly one I wouldn't 
trust for any kind of educational services.)



Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: OCR

[Miles Fidelman]

Probably CamScanner on a smartphone.


On 8/22/17 3:22 PM, Stephen Grant Brown wrote:

Hi All,
What is the best OCR package to use to scan the receipts given 
immediately after making a purchase?

Yours Sincerely
Stephen Grant Brown


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: perl system integrity?

[Miles Fidelman]

On 7/18/17 12:52 PM, Jude DaShiell wrote:

Does any means exist within perl to detect that a perl base installed 
on a system is completely intact?  Perl base is perl binary and all 
support packages that binary uses before cpan or cpanp is run.  The 
perl base is put on newly installed systems.
I am interested in this since sometimes system updates break perl and 
steps have to be taken to clear the breakage then repair steps need to 
be taken.  If a means exists to let a user know this list of packages 
came with your installed system and are now missing perl system 
repairs could be expedited.
Aside from perl, such capabilities added to other base systems like 
python for one example could help out repairing those other systems too.


Perl has the best collection of regression tests that I've ever seen.  
When you install from a source tarball, and run "make test" - everything 
gets checked.  Same again when you install/update modules via cpan.  It 
takes a while, but you know everything is working.


Personally, when I'm using perl, I always install from scratch, and 
maintain using cpan - packagers & packaging just muck it up.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 4/10/17 9:32 PM, Ric Moore wrote:


On 04/10/2017 09:37 AM, Greg Wooledge wrote:


Does that mean systemd is the ideal replacement?  No.  Systemd has these
overreaching tendrils in places it's got no business sticking tendrils.
Why does it have its own ntp daemon?  Why does it implement file system
automount behavior?  These things already exist as userspace processes.
Mature, trusted userspace processes, sometimes with multiple competing
alternatives already.

But then on the other hand, what else would you use instead of systemd?
Nobody has proposed a superior alternative yet, that I've seen.

So, IMHO, the best thing to do is to use systemd, but don't use any of
its optional intrusive tendrils.  Other people have other opinions, and
that's awesome.  A healthy, vigorous competitive environment benefits
all of us.


If and when you start to manage a cluster, the need for those 
"tendrils" become apparent. You will need autostart and auto-restart 
features close to kernel level processes on node failures. SystemD 
seems to foot that bill. Ric


Funny thing, I don't hear folks who run clusters agitating for systemd - 
perhaps the contrary.  They want far more granular control of their 
systems than some huge monolithic blob of code that doesn't always 
behave as desired.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 4/10/17 2:07 AM, Patrick Bartek wrote:


On Sun, 9 Apr 2017 17:39:50 -0400 Miles Fidelman
 wrote:


On 4/9/17 4:15 PM, Patrick Bartek wrote:


After much reading, I consider systemd more suited to large, busy
servers than a desktop box or notebook with just one user.  It's
like being forced to use a huge tractor-trailer rig with lots of
chrome and lights and 24 gears when a simple mini-van will do. ;-)



Funny thing.  As far as I can tell, those of us who run production
servers are the ones who are most disturbed by the ways that systemd
wends its way into all aspects of a system.

Perhaps instead of "..more suited," it should have been "intended" for
servers.  After all, wasn't systemd adopted first for RHEL whose
market is mainly servers?


That probably has more to do with the people involved, and who they work 
for.


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 4/9/17 4:15 PM, Patrick Bartek wrote:


After much reading, I consider systemd more suited to large, busy
servers than a desktop box or notebook with just one user.  It's
like being forced to use a huge tractor-trailer rig with lots of chrome
and lights and 24 gears when a simple mini-van will do. ;-)


Funny thing.  As far as I can tell, those of us who run production 
servers are the ones who are most disturbed by the ways that systemd 
wends its way into all aspects of a system.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Using Samsung tablets for Debian

[Miles Fidelman]

On 3/21/17 3:26 AM, Darac Marjal wrote:


On Tue, Mar 21, 2017 at 03:58:15AM +, Don Littlefield wrote:

Hello,

 I want to buy a Samsung tablet and want to load Debian on it. My 
question is
do I need to get a tablet that is unlocked to do this? Does this have 
anything
to do with the Linux program operation on the device? I do not want 
to use it

as a phone, Just to use it as a computer. Thank you for the responding.


First, a matter of terms:

- your device will be "locked" in that you don't have access to the root 
account - that's easy to overcome - there are lots of directions 
floating around on how to "jailbreak" Android (and, when you install 
Debian, you'll be wiping out Android anyway)


- if your device includes a cellular modem, and was purchased from a 
carrier, it may also be "locked" to that carrier - which is a separate 
issue


You have three different cases to consider:

1. You have a cellular modem, and you want to keep using the cellular 
data service.  In this case, you might not want to install Debian.  
There are modem & carrier specific software & configuration that are 
likely to be unsupported in Debian (and this is the code that's 
generally locked down the heaviest, as it effects FCC type approval for 
the tablet).


2. You have a cellular modem, but you don't care about using cellular 
service.  In that case, you don't have to worry about whether Debian 
supports them.  Stuff may be locked down, but you don't care - you'll 
need to find a way to wipe the machine and then install Debian.  This is 
the same as 3.


3. You DON'T have any cellular service.  Then, again, you wipe the 
machine & install Debian.


Having said that, one might ask WHY you want to install Debian. Android 
is a Linux distro, complete with all the drivers needed for the Tablet's 
hardware.  You might consider just rooting your tablet, and calling it a 
day.  (Note:  I've also seen descriptions on how to install Debian "on 
top of" Android - but I'm not quite sure what that means.  You probably 
end up with some kind of hybrid environment.)


There are some forums for Android developers that might be worth 
exploring for more info.


Miles Fidelman





--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Guide(s?) to backup philosophies

[Miles Fidelman]

On 3/14/17 11:18 AM, Dan Ritter wrote:


On Tue, Mar 14, 2017 at 05:54:06PM +, Glenn English wrote:

On Mon, Mar 13, 2017 at 12:38 PM, Dan Purgert  wrote:

David Christensen wrote:

On 03/11/2017 07:10 AM, Richard Owlett wrote:

I've vague ideas of what backup pattern(s) I might follow.
I'm looking for reading materials that might trigger "I hadn't thought
of that" moments.

Suggestions?

I didn't see anybody talk about incremental backup (the backup
consists of current versions as well as earlier ones -- often earlier
work can replace erroneous or lost current work. Or work you don't
notice is gone for a few days.). There are 2 I know of, and one (and
probably many more) that may do that:

Having been there and done that, I can assure you that having a
live snapshot system -- rsnapshot or btrfs/zfs native tools --
is more fun and less work for everyone.

Only if they do versioning.  Otherwise, live snapshots mirror deletes - 
not very useful if you want to restore an accidental delete!


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Guide(s?) to backup philosophies

[Miles Fidelman]

On 3/14/17 10:54 AM, Glenn English wrote:


On Mon, Mar 13, 2017 at 12:38 PM, Dan Purgert  wrote:

David Christensen wrote:

On 03/11/2017 07:10 AM, Richard Owlett wrote:

I've vague ideas of what backup pattern(s) I might follow.
I'm looking for reading materials that might trigger "I hadn't thought
of that" moments.

Suggestions?

I didn't see anybody talk about incremental backup (the backup
consists of current versions as well as earlier ones -- often earlier
work can replace erroneous or lost current work. Or work you don't
notice is gone for a few days.). There are 2 I know of, and one (and
probably many more) that may do that:



Adding two:

I've been using rdiff-backup for years - essentially it's time machine 
for linux.  There's a little helper routine called "backup ninja" and a 
gui (works in a text window) called ninjahelper.  It will do incremental 
backups across two machines, and knows how to set up jobs for mysql, 
postgress, and the entire file system.  It takes a little work to set up 
(server and client), and it's a bit tricky to do recoveries (command 
line rdiff-backup commands) - but it does the job very well.  It's great 
of recovering accidentally deleted files, and older versions of files.  
For full snapshots (e.g., crash recovery), I just use RAIDED disks, 
mirrored via DRBD to a failover machine.


If you're on a desktop machine, you might consider a cloud backup 
service.  I recommend CrashPlan - there's a linux client, it will back 
up to other machines (local and remote) for free, and there's a very 
reliable, and cheap cloud backup (particularly nice pricing for backing 
up all machines in a household, with unlimited storage).


I use the first approach on our production servers, the second for all 
the machines at home (mix of Mac, Windows, Linux).  My wife and I also 
run Time Machine on our Macbooks - there's a lot to be said for having 
backup that doesn't require having an external disk plugged in.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 3/14/17 4:37 AM, Liam O'Toole wrote:

On 2017-03-13, Erwan David  wrote:

Le 03/13/17 à 20:40, Greg Wooledge a écrit :

On Mon, Mar 13, 2017 at 12:30:11PM -0700, Patrick Bartek wrote:

The Linux mantra has always been "choice," plethoras of choices. So why
at install time, is there no choice for the init system?  You get what
the developers decide. Yes, you can install a new one -- I've done it
and it works -- but only after the install.  It'd be a lot easier, if
there were a choice to begin with just like whether you want a GUI and
which one.

Because the number of people who want to run a new version of Debian with
an ancient and deprecated init system is probably in the triple digits,
worldwide.

You are a member of a small minority.  It's not reasonable to expect
that a whole bunch of time will be spent making install images with
alternative init systems for such a small demand.  You have a solution
which works just fine.


So why don't you use windows, if you despise minorities ?

Using Windows on a server or a phone would put you in a minority.


Your email is both insulting and contemptful. If this is your only
argument, that's bad for the point you pretend to denfend.

You are overreacting. Greg's point is that there is little demand for an
installer which allows a choice of init system, and that spending time
on providing such an installer would not be justified. You are welcome
to disagree with that assessment, but please leave out the emotional
codswallop.

There USED TO BE a lot of demand for a choice of installer at init time 
- from pretty much all of us who object to systemd.  Nobody listened, 
eventually people gave up, and a lot moved to other distros.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 3/13/17 4:33 PM, Martin Read wrote:


On 13/03/17 19:30, Patrick Bartek wrote:

The Linux mantra has always been "choice," plethoras of choices. So why
at install time, is there no choice for the init system?


Looking at the BTS page for package 'debian-installer', nobody seems 
to have filed a wishlist bug requesting this feature.


This seems like at least a contributory reason.


Actually, there have been numerous bugs filed against both 
debian-installer and debootstrap about failures of the --include and 
--exclude statements --- that directly effect the ability to specify 
sysvinit instead of systemd.  I don't recall seeing close messages about 
all of them.


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 3/13/17 12:44 PM, Erwan David wrote:


Le 03/13/17 à 20:40, Greg Wooledge a écrit :

On Mon, Mar 13, 2017 at 12:30:11PM -0700, Patrick Bartek wrote:

The Linux mantra has always been "choice," plethoras of choices. So why
at install time, is there no choice for the init system?  You get what
the developers decide. Yes, you can install a new one -- I've done it
and it works -- but only after the install.  It'd be a lot easier, if
there were a choice to begin with just like whether you want a GUI and
which one.

Because the number of people who want to run a new version of Debian with
an ancient and deprecated init system is probably in the triple digits,
worldwide.

You are a member of a small minority.  It's not reasonable to expect
that a whole bunch of time will be spent making install images with
alternative init systems for such a small demand.  You have a solution
which works just fine.


So why don't you use windows, if you despise minorities ?
Your email is both insulting and contemptful. If this is your only
argument, that's bad for the point you pretend to denfend.

+1

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: If Linux Is About Choice, Why Then ...

[Miles Fidelman]

On 3/13/17 12:40 PM, Greg Wooledge wrote:


On Mon, Mar 13, 2017 at 12:30:11PM -0700, Patrick Bartek wrote:

The Linux mantra has always been "choice," plethoras of choices. So why
at install time, is there no choice for the init system?  You get what
the developers decide. Yes, you can install a new one -- I've done it
and it works -- but only after the install.  It'd be a lot easier, if
there were a choice to begin with just like whether you want a GUI and
which one.

Because the number of people who want to run a new version of Debian with
an ancient and deprecated init system is probably in the triple digits,
worldwide.

You are a member of a small minority.  It's not reasonable to expect
that a whole bunch of time will be spent making install images with
alternative init systems for such a small demand.  You have a solution
which works just fine.


That might be because all of those who run servers - the traditional 
realm of Debian - have given up and migrated elsewhere.  We can't afford 
to run a poorly designed load of crap, that takes over one's machine, as 
an init system.


Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

[OT] Antikythera mechanism [was Re: Do have programs have poor documentation?]

[Miles Fidelman]

Talk about a thread going South!  (Perhaps we can get back to bashing 
systemd?)



On 12/30/16 7:07 PM, deloptes wrote:

In what way is the Antikythera mechanism not a computer?  And where did
your 400 years come from?



I understand what you mean, but it was in the last 400y that this machine
took shape. In fact it was Turing that defined it. But he would not be able
to define it if it was not the mathematicians before him. I agree with you
as well, we could go to the roots of mathematics, however even if the
definition of such a machine was so old, it wouldn't be possible to build
it without the technical advantage, so ... I still think my statement is
true. You can argue as long as you will.


Well, you kind of forget:
Joseph Jacquard (and maybe Basile Bouchon)
not to mention Charles Babbage and Ada Lovelance
Alonzo Church.
And of course,  John von Neumann (if you want to talk actual hardware 
architecture)



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Pendrive computer

[Miles Fidelman]

On 12/28/16 3:13 PM, Richard Owlett wrote:


On 12/28/2016 12:20 PM, Miles Fidelman wrote:

On 12/28/16 1:06 PM, Richard Owlett wrote:


On 12/28/2016 8:31 AM, rhkra...@gmail.com wrote:

Just wondering if anybody on here has acquired something like
the following



Even if preloaded with Windoze I would be interested in a
product specific reference.
If it can run Windows(TM) it can run a "real" OS.
Imagine you were VP of sales of a company that manufactured
such a device. You started receiving requests from a market
segment requiring no additional hardware engineering costs and
the market wanted a free (as in speech &/or beer) OS.



Most of the models seem to come pre-loaded with Windows, but one
model seems to come with Ubuntu (though that may have been
discontinued).  The specs say that they only have drivers for
Windows.  Google reports some install instructions for Ubuntu,
but haven't found any for Debian.



URL? ?? ???


Google:  "Intel Compute Stick"

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Pendrive computer

[Miles Fidelman]

On 12/28/16 1:06 PM, Richard Owlett wrote:


On 12/28/2016 8:31 AM, rhkra...@gmail.com wrote:
Just wondering if anybody on here has acquired something like the 
following



Even if preloaded with Windoze I would be interested in a product 
specific reference.

If it can run Windows(TM) it can run a "real" OS.
Imagine you were VP of sales of a company that manufactured such a 
device. You started receiving requests from a market segment requiring 
no additional hardware engineering costs and the market wanted a free 
(as in speech &/or beer) OS.




Most of the models seem to come pre-loaded with WIndows, but one model 
seems to come with Ubuntu (though that may have been discontinued).  The 
specs say that they only have drivers for Windows.  Google reports some 
install instructions for Ubuntu, but haven't found any for Debian.


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: looking for a piece of software that will take an url (say to a blog post) and email me the contents

[Miles Fidelman]

It used to be that ALL the browsers I used had a "forward as email" menu 
option, and, as I recall, some of them would bundle together pictures 
and other includes that went with a page.


I just checked, and to my horror, I now see that NONE of my browsers 
(Safari, Chrome, Firefox, Edge) offer that option - one offers "save as 
PDF" and another offers "mail link to page."


I expect that Seamonkey might still offer it - given that it still 
combines a browser and mail client in one program - but it's gotten 
flakier of late, which is why I stopped using it.


It also seems like various plug-ins and services, for doing this, have 
disappeared.  Now I'm kind of curious about it.



On 11/5/16 10:41 PM, Dan Hitt wrote:

Thanks Miles (and also Dan P and Celejar for other solutions).

Indeed Firefox has an archive format (maybe called 'maff'?), but how
could you mail it to yourself?

That is, how could you mail the maff without taking your hands off the
keyboard, or switching apps or something like that?

Ideally, the way it would work is you find a blog post or something
that you like, then you go to a drop-down menu, and select 'mail this
to me'.  Are there any plugins that are so savvy?

TIA for any info, and thanks again Dan P and Celejar.

dan

On Sat, Nov 5, 2016 at 6:47 PM, Miles Fidelman
 wrote:

On 11/5/16 6:01 PM, Dan Hitt wrote:


Does anybody know of a piece of software that you can give an URL to,
and it will then fetch the url and email the contents to you?

This could be a stand-alone app on the desktop, or a plug-in to a
browser, or a web site, or some combo.  (I guess it could be a
pipeline of curl and some mail program, but i'm afraid i'd just get
piles of incomprehensible text.)



Well you might try:

curl http://www.foo.com | uuencode page.html | mail myn...@mydomain.com
or
( echo "Content-Type: text/html"; curl http://www.foo.com) | sendmail
myn...@mydomain.com

Now, if you want all the components of a page - like embedded images and
such, or an entire site - then you might explore some of curl's options for
downloading a site, pipe that through zip, and email the archive.

Or... most browsers will do this for you!

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: looking for a piece of software that will take an url (say to a blog post) and email me the contents

[Miles Fidelman]

On 11/5/16 6:01 PM, Dan Hitt wrote:


Does anybody know of a piece of software that you can give an URL to,
and it will then fetch the url and email the contents to you?

This could be a stand-alone app on the desktop, or a plug-in to a
browser, or a web site, or some combo.  (I guess it could be a
pipeline of curl and some mail program, but i'm afraid i'd just get
piles of incomprehensible text.)



Well you might try:

curl http://www.foo.com | uuencode page.html | mail myn...@mydomain.com
or
( echo "Content-Type: text/html"; curl http://www.foo.com) | sendmail 
myn...@mydomain.com


Now, if you want all the components of a page - like embedded images and 
such, or an entire site - then you might explore some of curl's options 
for downloading a site, pipe that through zip, and email the archive.


Or... most browsers will do this for you!

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: WARNING! New Perl/Perl-base upgrade removes 141 Sid/Unstable packages

[Miles Fidelman]

As a general rule, I find that using Debian packaging for perl makes 
absolutely no sense - and often problematic.


Perl has its own ecosystem (cpan) that does an incredibly good job of 
packaging, updating, and dependency management.  Mixing and matching 
that with Debian packaging, and expecting packagers to keep up with 
updates to lots of different perl modules, is just a recipe for disaster.


Far better to install perl manually and use cpan to manage updates and 
installs.



On 9/28/16 4:06 PM, Stefan Monnier wrote:

It doesn't remove anything without your permission.  It proposes
a solution to the problem you present it with.  You can reject that
solution and have it try again.

FWIW, the way it presents the solution makes it hard to see what's
really going on.  More specifically, the list of removed packages does
not distinguish the manually-installed packages from the
automatically-installed ones.

I usually don't care about removing automatically-installed packages,
whereas I rarely want to remove manually-installed packages.


 Stefan


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: WordPress on Debian

[Miles Fidelman]

On 9/19/16 3:36 PM, David Wright wrote:


On Mon 19 Sep 2016 at 13:43:04 (-0500), Kent West wrote:

On Mon, Sep 19, 2016 at 1:29 PM, Kent West  wrote:


On Mon, Sep 19, 2016 at 11:53 AM, Tony Baldwin 
wrote:


On 09/19/2016 12:26 PM, Miles Fidelman wrote:


On 9/19/16 12:20 PM, Tony Baldwin wrote:

I make a new user on the server for each new WP site, and then install

their WP in /home/$user/www . much simpler than having bits of it all
over the machine.



So what I'm hearing is that I should forego using apt/aptitude to install
WordPress, and just install in manually?

Neither of those people appear to reveal their update policy or how
they deal with security fixes.



I just use the built in WordPress updater - which takes care of 
everything.  No need to worry about whether some packager has updated 
both the core and every theme and module that I use (guaranteed, they 
haven't).


Now, when it comes to perl based systems, such as the sympa mailing list 
manager (mailman, too for that matter), - better to use cpan to install 
and update all of one's perl system and modules.


As to security fixes - those are far more likely to come from upstream, 
in a timely manner.


Apt is a fantastic package management system, for widely used things, 
that don't change very often.  For anything else, relying on human 
packagers is a recipe for disaster - particularly when dealing with, 
potentially, 3 layers of packaging (the upstream package, an 
intermediate packaging system like cpan, and the Debian repository.)


Miles Fidelman



--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: WordPress on Debian

[Miles Fidelman]

On 9/19/16 12:20 PM, Tony Baldwin wrote:

I have always downloaded the latest from wordpress, created a DB  on 
my server and basically manually installed the upstream pkg (which I 
know is often discouraged here, but if you do it Our Way (ie. the 
Debian Way,
aka the Right Way for most stuff), and then ask any questions on 
#wordpress on freenode, they get all nasty (I've been banned from the 
channel for life!)
I make a new user on the server for each new WP site, and then install 
their WP in /home/$user/www . much simpler than having bits of it all 
over the machine.
I do the same with dokuwiki installations and other CMS or site 
platforms, too, installing from upstream.




That's what I do as well.  For complex software (e.g., WordPress, 
Drupal, mailing list managers), I always end up downloading the latest 
tarball, unpacking it, and then ./config; make; make test; make 
install.  It all just works so much better than relying on out-of-date 
packages.


If I want to get ambitious, and keep track of things via the package 
manager, I use checkinstall.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: odd load patterns - SOLVED

[Miles Fidelman]

Well, I found out where all that load was coming from.

Looks like a recent Thunderbird update reset its config to "keep all 
messages for this account on this computer" - for all accounts


Given that I'm the admin for some servers, and a bunch of email lists, I 
keep filtered spam and viruses for analysis, and I keep email going back 
about 30 years  that kind of causes a lot of synchronization traffic 
- to the point of really bogging down our imap daemon.


Consider this a friendly warning for those of you who use Thunderbird & 
IMAP!


Cheers,

Miles Fidelman


Hi,

I wonder if anybody might have some thoughts on this:

Lately, our server has been showing high loading, but top shows that 
the CPU is mostly in wait mode, and iotop shows low disk i/o traffic.


Usually, the system shows high load when either

a. Someone is indexing our web server (which shows up as CPU load on 
apache).


b. Our list manager is processing a bunch of traffic (most of the load 
comes from spam and virus filtering - which shows up as cpu load on 
amavisd, and clamd, as well as a lot of disk i/o).


The one place I see this effect behavior, if for email clients 
accessing IMAP - I've been seeing timeouts, and exceptionally high 
delays to load an inbox, or move stuff to the trash.


This pattern is new - and there's really nothing that I've changed in 
terms of configuration or loading that I can see.


So... any thoughts?  Any diagnostic approaches?

Thanks much,

Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: odd load patterns

[Miles Fidelman]

On 9/14/16 2:53 AM, Frédéric Marchal wrote:


On Tuesday 13 September 2016 20:09:26 Miles Fidelman wrote:

Hi,

Lately, our server has been showing high loading, but top shows that the
CPU is mostly in wait mode, and iotop shows low disk i/o traffic.

How do you know the load is high? Where is the indication coming from?


Umm... "top" and "iotop"  (which addresses your own follow-up question)


I'm interested in more opinions and diagnostic tools too because my laptop
suddenly became very slow and unresponsive yesterday until I restarted it. top
was showing a mostly idle cpu but kde system activity was displaying a lot of
"disk sleep".




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

odd load patterns

[Miles Fidelman]

Hi,

I wonder if anybody might have some thoughts on this:

Lately, our server has been showing high loading, but top shows that the 
CPU is mostly in wait mode, and iotop shows low disk i/o traffic.


Usually, the system shows high load when either

a. Someone is indexing our web server (which shows up as CPU load on 
apache).


b. Our list manager is processing a bunch of traffic (most of the load 
comes from spam and virus filtering - which shows up as cpu load on 
amavisd, and clamd, as well as a lot of disk i/o).


The one place I see this effect behavior, if for email clients accessing 
IMAP - I've been seeing timeouts, and exceptionally high delays to load 
an inbox, or move stuff to the trash.


This pattern is new - and there's really nothing that I've changed in 
terms of configuration or loading that I can see.


So... any thoughts?  Any diagnostic approaches?

Thanks much,

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Using serial console as a poor mans IP kvm?

[Miles Fidelman]

On 9/8/16 3:26 PM, Jarle Aase wrote:

I want to set up a few servers at home. Unfortunately, as I live in 
Bulgaria at the moment, the electric power is gone pretty often for 
longer periods than my UPS'es can deal with. So my servers will have 
to be started at least a few times every quarter.


Another challenge with living in Bulgaria is that there is no law or 
order. The Police is just a branch of the Mafia. I need to protect the 
data on the servers with full disk encryption in case they are stolen.


That means that I need to reboot the servers relatively often, and 
provide the luks passwords every time. Some times I am far away when 
this happens. I have been considering Supermicro motherboards with 
built in support for remote management - or old KVM IP switches from 
Ebay. The problem with Supermicro is that it's expensive and difficult 
to get the RAM required for their recent Skylake boards. The problem 
with Ebay is that few suppliers ships to Bulgaria, and getting 
anything trough the custom's here takes a whole day. Then there is the 
question if the device works at all...


So I'm thinking about serial consoles. My gateway router will reboot 
after an outage, and it can act as a VPN endpoint. So I can access IP 
devices. With a rasberry pi and some relays, I can probably trigger a 
cold reboot whenever I need to. If I could log on to the grub console 
on the servers over a serial link, that's all I need, really.


Does anyone here have any experience with remote control with Debian 
boxes over serial? Will it work reliable?




It sort of works.

I've done this two ways:

1.  External serial-to-ethernet box.  The external box turns out to be 
somewhat flakey, and a security hole (unpatched embedded linux with some 
vulnerabilities, and it needs to be rekeyed annually, but that doesn't 
actually work very smoothly).


2. Supermicro IPMI board:  Sometimes works, sometimes simply doesn't 
respond - usually when one needs it most.


In both cases, unless you layer a VPN on top of them, they are really 
nasty security holes.  I've ended up resorting to the old "call the data 
center and have a human push the button" - but that doesn't sound like 
it applies to your situation.


Good luck finding a solution.

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: Advice on downloading software please

[Miles Fidelman]

On 8/27/16 9:55 AM, Steve Greig wrote:

I would like to download a programme (opencpn) onto my laptop which is 
running debian. It is so long since I have done this I can not 
remember how to start. Also I am not sure which version of debian I 
have which seems to be relevant according to the website. Instructions 
are given at http://opencpn.org/ocpn/download.


Any advice would be very  much appreciated. Steve


Well, normally, I'd recommend either:
a. using apt to install from a Debian repository, or if not available,
b. downloading a tarball to /usr/local/src and then ./configure; make; 
make check; make install


But... there doesn't seem to be either a Debian package or a tarball.  
The code is GPL, and it's all on GitHub (including and INSTALL file 
giving instructions for building from source) - but the actual files are 
all spread out.


My suggestion would be to contact the developers and ask where to find a 
current source tarball.


Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: A minimalist network

[Miles Fidelman]

Richard,

On 8/19/16 10:08 AM, Richard Owlett wrote:



NO 
I physically have two other machines on my desk which I could serve 
nicely to connect to the internet. Connecting either of the T43 or R61 
ha NEVER been considered ;)




Perhaps a stupid question, but you describe

"The Debian machine is having various configurations of Jessie 
installed. Consider it a laboratory experiment. It can have multiple 
installs in a day. It intentionally has *NO* internet connectivity. It 
has a small partition set aside for preseed.cfg and miscellaneous 
scripts."


It seems to me that it's awfully cumbersome doing "multiple installs in 
a day" without a network connection.   Sure, you can burn a minimal 
system to a live-CD or DVD, but as soon as you want anything more (say 
some of those tools for experimenting with networking), you need to pull 
stuff from a repository, or it gets VERY cumbersome.


So... how are you doing all of those installs?

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Re: A minimalist network

[Miles Fidelman]

On 08/17/2016 03:27 PM, Richard Owlett wrote:

I am groping for the questions I *SHOULD BE* asking ;/

Q:  How does Ethernet work?

Q:  How do TCP/IP local area networks work?

Q:  How does the Internet work?



https://www.amazon.com/Networking-Dummies-Doug-Lowe/dp/B01FBEEOBU/ref=sr_1_2?s=books&ie=UTF8&qid=1471484996&sr=1-2&keywords=networking+for+dummies

or, for the real nitty gritty,

https://www.amazon.com/Computer-Networks-5th-Andrew-Tanenbaum/dp/0132126958




--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra