Re: the developers have spoken
On 20/11/14 at 12:51am, Miles Fidelman wrote: > Raffaele Morelli wrote: > >On 19/11/14 at 07:53pm, Miles Fidelman wrote: > >>Peter Nieman wrote: > >>>On 19/11/14 22:21, Miles Fidelman wrote: > >>>>Jonathan Dowland wrote: > >>>>>On Wed, Nov 19, 2014 at 12:41:45PM -0500, Miles Fidelman wrote: > >>>>>>Please DO report back. Some of us really do want to know the state > >>>>>>of alternatives. > >>>>>If you insist then please use the d-community-offtopic list[1], which > >>>>>was set up for these situations. > >>>>> > >>>>> > >>>>How about, no. Debian, the state of Debian, the future of Debian, > >>>>comparisons of Debian to alternatives are all (IMHO) completely on > >>>>topic, and of interest to THIS user. > >>>It's amazing, isn't it. At least every second message sent by systemd > >>>advocates ends with the words "stop it!", "shut up!" or "go away!". They > >>>claim to support free software and can't even tolerate free speech. > >>And seem to be intellectually incapable of finding their delete keys. > >You are such a dumbass man. > > > >Just because you, among others, are not capable to use apt the right way > >anymore. > >Switch to your fucking alternative distro and to steve jobs shit and shut > >the fuck up. > > > > > > Wow... is this what our community is coming to? Nope, it's a special thing for your three spare neurons. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2014112001.gd1...@gmail.com
Re: the developers have spoken
On 20/11/14 at 12:49am, Miles Fidelman wrote: > Raffaele Morelli wrote: > >On 19/11/14 at 04:21pm, Miles Fidelman wrote: > >>Jonathan Dowland wrote: > >>>On Wed, Nov 19, 2014 at 12:41:45PM -0500, Miles Fidelman wrote: > >>>>Please DO report back. Some of us really do want to know the state > >>>>of alternatives. > >>>If you insist then please use the d-community-offtopic list[1], which > >>>was set up for these situations. > >>> > >>> > >>How about, no. Debian, the state of Debian, the future of Debian, > >>comparisons of Debian to alternatives are all (IMHO) completely on topic, > >>and of interest to THIS user. > >> > >>Miles Fidelman > >You write from a mac osx.. you also are off topic and trolling. > > > > > > My personal machine is a Mac, by work laptop is Windows, the > high-availability cluster in my data center runs multiple generations of > Debian, as Xend Dom0s and DomUs. > > You are simply annoying and irrelevant. > > Miles Fidelman You are a ridicoulus dumbass trolling on this list [2]. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141120055349.gc1...@gmail.com
Re: the developers have spoken
On 19/11/14 at 07:53pm, Miles Fidelman wrote: > Peter Nieman wrote: > >On 19/11/14 22:21, Miles Fidelman wrote: > >>Jonathan Dowland wrote: > >>>On Wed, Nov 19, 2014 at 12:41:45PM -0500, Miles Fidelman wrote: > Please DO report back. Some of us really do want to know the state > of alternatives. > >>>If you insist then please use the d-community-offtopic list[1], which > >>>was set up for these situations. > >>> > >>> > >> > >>How about, no. Debian, the state of Debian, the future of Debian, > >>comparisons of Debian to alternatives are all (IMHO) completely on > >>topic, and of interest to THIS user. > > > >It's amazing, isn't it. At least every second message sent by systemd > >advocates ends with the words "stop it!", "shut up!" or "go away!". They > >claim to support free software and can't even tolerate free speech. > > And seem to be intellectually incapable of finding their delete keys. You are such a dumbass man. Just because you, among others, are not capable to use apt the right way anymore. Switch to your fucking alternative distro and to steve jobs shit and shut the fuck up. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141120053744.gb1...@gmail.com
Re: the developers have spoken
On 19/11/14 at 04:21pm, Miles Fidelman wrote: > Jonathan Dowland wrote: > >On Wed, Nov 19, 2014 at 12:41:45PM -0500, Miles Fidelman wrote: > >>Please DO report back. Some of us really do want to know the state > >>of alternatives. > >If you insist then please use the d-community-offtopic list[1], which > >was set up for these situations. > > > > > > How about, no. Debian, the state of Debian, the future of Debian, > comparisons of Debian to alternatives are all (IMHO) completely on topic, > and of interest to THIS user. > > Miles Fidelman You write from a mac osx.. you also are off topic and trolling. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141120053143.ga1...@gmail.com
Re: the developers have spoken
On 19/11/14 at 05:03pm, Lisi Reisz wrote: > On Wednesday 19 November 2014 16:49:13 Hugo Vanwoerkom wrote: > > Lisi Reisz wrote: > > > On Wednesday 19 November 2014 14:11:18 songbird wrote: > > >> kudoes, much love, go jessie! > > >> > > > :-)) +1 > > > > > > Lisi > > > > > > This was intended for the list, not to go off-list. Sorry again, > > > Songbird. I need to press L for the Debian list, not click on reply. > > > And I don't remember to do it. I'll plead old age, ;-) > > > > How old? > > 72. And yes, I know, many on this list are older. But old age is an > incontrovertible excuse for a poor memory. ;-) > > Lisi Thumbs up for being 72 && debian user! Respect -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141119170846.ga1...@gmail.com
Re: the developers have spoken
On 19/11/14 at 03:41pm, Dan wrote: > On Wed, Nov 19, 2014 at 3:11 PM, songbird wrote: > > the vote is in. > > > > let us thank each one of them for their efforts > > to continue making Debian what it is: > > > > a fractious and wonderful expression of free source > > code, the ability to distribute such in a relatively > > sane and safe manner. > > > > kudoes, much love, go jessie! > > > > > > songbird > > > > What is the result? > > I looked at the webpage: > https://www.debian.org/vote/2014/vote_003.en.html#outcome > > and the graph of the webpage: > https://vote.debian.org/~secretary/gr_initcoupling/ > > But I couldn't figure out which is the outcome > > Thanks, > Dani https://lists.debian.org/debian-devel-announce/2014/11/msg00014.html The winners are: Option 4 "General Resolution is not required" -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141119144742.ga15...@gmail.com
Re: find problem
On 11/11/14 at 04:09pm, B. M. wrote:
> Hi all,
>
> I'm struggling with a find problem.
>
> I want to combine find and par2create recursively in order to get the
> following done:
>
> Foreach file with a certain suffix (e.g. avi) do par2create for that
> file in its directory, so e.g.
>
> I'm in /video
> There are subfolders user1, user2 with videos video1.avi, video2.avi ...
> in them.
>
> The script should do something equivalent to:
> cd /video/user1
> par2create .video1.avi video1.avi
> par2create .video2.avi video2.avi
> cd /video/user2
> par2create .video3.avi video3.avi
> par2create .video4.avi video4.avi
> cd
>
> But I want to achieve this using the find command.
>
> So I'd expect something like
> find * -name "*.avi" -execdir par2create .'{}' '{} \;
> but this doesn't work as expected - it creates the .*.avi files "one
> folder above".
>
> How does it work using the find command?
>
> Thanks a lot!
I did a test with cp:
find config/ -name custom.php -execdir cp '{}' '{}'.pippo \;
files are copied with added suffix.
--
« Nunc est bibendum, nunc pede libero pulsanda tellus »
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141112104025.ga1...@gmail.com
Re: Unable too boot after fresh install of latest "testing"
On 10/11/14 at 03:01pm, Marko Randjelovic wrote:
> On Mon, 10 Nov 2014 10:16:59 +0200
> Jarle Aase wrote:
>
> > I have been using "testing" for quite some time. Saturday, I upgraded to
> > the latest version. That was a disaster. Eventually I gave up fixing the
> > upgrade and performed a fresh install (with encrypted root file system).
> > No matter what I did (I tried 5 - 6 fresh installs on two disks, and a
> > few boots into rescue mode to try to execute grub-install or update-grub
> > manually), I was unable to boot after the upgrade.
> >
> > After the upgrade, I have a black screen with a little cursor blinking
> > in the upper, left corner. No messages from grub. No response when I
> > press keys on the keyboard. No time-out. It just stays there.
> >
You still should be able to switch to another console with Ctrl+Alt+F{1-6}.
--
« Nunc est bibendum, nunc pede libero pulsanda tellus »
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20141110144146.gc1...@gmail.com
Re: Preventing the computer from shutting down.
On 30/10/14 at 12:11pm, Mario Castelán Castro wrote: > Hello. > > I can set up a script for backup with cron or anacron, but how can I prevent > the computer from shutting down while the backup is being performed so as to > not to leave it incomplete?. > > Regards. If I understand you request you could add some lines to you script in order to terminate your login manager, run your backup and then shutdown if and only if your backup script is not currently being executed. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141031064921.gb1...@gmail.com
Re: reInstalling my laptop
On 26/10/14 at 12:43pm, Jean-Marc wrote: > Hi the list, > > I will reinstall my laptop. > > I have a question about partitioning. > I will use this setting: > /boot > swap > The rest under LVM (/, /var, /tmp, /home) ? > > So, my question: /boot or not /boot ? Another question is why not /home in a separate partition? -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141026121620.gb1...@gmail.com
Re: lightdm's "Default Xsession"?
On 24/10/14 at 10:17am, Andrei POPESCU wrote: > On Jo, 23 oct 14, 19:38:15, John Conover wrote: > > > > I use two WM, (xfce and fvwm.) Lightdm's "Default Xsession" is fvwm2. > > > > How do I change lightdm's "Default Xsession" to xfce? > > I prefer to do this at system level (i.e. will work for any DM): > > update-alternatives --config x-session-manager That's smarter but doesn't always work. As an example I always use awesome and sometimes i3 but the command above returns only xfce4-session ie no alternatives. /r -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141024073358.gb1...@gmail.com
Re: lightdm's "Default Xsession"?
On 23/10/14 at 07:38pm, John Conover wrote: > > I use two WM, (xfce and fvwm.) Lightdm's "Default Xsession" is fvwm2. > > How do I change lightdm's "Default Xsession" to xfce? > > Thanks, > > John > > -- > > John Conover, cono...@rahul.net, http://www.johncon.com/ > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: https://lists.debian.org/20141024023816.21393.qm...@rahul.net > In /etc/lightdm/lightdm.conf (line #93 here) set user-session=xfce your available session are listed in /usr/share/xsessions/ -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141024052759.ga1...@gmail.com
Re: understanding kernel compilation and
On 23/10/14 at 03:37pm, Muhammad Yousuf Khan wrote: > Thanks for your guidence, > can you please share that i do not see kernel architecture on the website. > does that kernel file contain both x86 and amd64? > ...of course it does. But, do you know what are you doing? -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141023105140.ga1...@gmail.com
Re: Avoiding SystemD isn't hard
On 21/10/14 at 03:01pm, Steve Litt wrote: > On Tue, 21 Oct 2014 17:19:08 +0200 > Liam Proven wrote: > > > A blog post explaining why it isn't mandatory, the utter futility of > > the fork and more besides, clearly and simply. > > > > http://www.vitavonni.de/blog/201410/2014102101-avoiding-systemd.html > > What I really like about the blog is that, almost from the beginning, > the author lets us know his agenda with words like "trolls". And, just > to make his point with his non-cognizant readers, he quotes Gregory > Smith as just another "anti-systemd-troll", instead of as a guy all of > the anti-systemd people have repudiated and disavowed all alliance with. > Each and everyone on this list is supposed to be a debian user with some knowledge about debian history. Instead, reading the tons of posts (ie spam) about systemd it seems like you all are talking about something you don't know nothing about (how to purge a package and switch to another in debian!?). For the ones that are not willing to purge/install there's a patch waiting Those posts are neverending stories where really weak assumptions are being raised against systemd (casually immediately after Linus rails at Sievers because of its debug "crap" with the /proc/cmdline). Moreover, you jump in the ML every week with a different object but same contents, summarized by: I do not know exactly why, but I don't want systemd to live among the other 1 debian packages and few other init systems just because Linus pissed on Sievers and so do I on systemd which he - the Primadonna - wrote. For that IMHO he's right when using the word "troll". -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141022052357.gb4...@gmail.com
Re: If Not Systemd, then What?
On 21/10/14 at 09:41am, Jonathan Dowland wrote: > On Tue, Oct 21, 2014 at 10:18:49AM +0200, Raffaele Morelli wrote: > > Here are some interesting things one should be aware of before > > http://0pointer.de/blog/projects/the-biggest-myths.html > > > > Read enough about but still haven't read something really valuable against > > systemd from eg. Torvalds, Eric Steven Raymond, etc... (if you do, post the > > link) > > Please don't, because that isn't on topic for this mailing list. you know, it's been months that this systemd thing is going on and I thought it was tolerated (though I learned to use ^D in mutt :-) ) I apologize -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141021094833.gg1...@gmail.com
Re: If Not Systemd, then What?
Here are some interesting things one should be aware of before http://0pointer.de/blog/projects/the-biggest-myths.html Read enough about but still haven't read something really valuable against systemd from eg. Torvalds, Eric Steven Raymond, etc... (if you do, post the link) I believe the main issue with systemd and the community mainly the "badass-ness" of the guys in this "init system war" or whatever you prefer to address at. Using systemd since 2014-08-09 with no issues. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141021081847.gb1...@gmail.com
Re: apache2 what is the standard way to enable modules?
On 23/09/14 at 10:02am, Harry Putnam wrote: > Bob Proulx writes: > > > a2enmod takes a simple name like "cgi" not a name with .load or .conf > > on the end like "cgi.load". You want "a2enmod cgi" without the > > ".load" on the end. > > Yeah, I finally got that part. > > But still not seeing what is bad about what I did... after all it did > allow the cgi scripts to start working: Played with this by myself and yes, a2enmod also works if you add .load to the module name. > > >From a previous post: > > >> Thanks for the push... Tinkering with your suggestion lead me to read > >> the `LoadModule' lines on the files in mods-available. > >> > >> The line in cgi.load: > >> LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so > >> > >> Looked the most promising, so I tried: > >> > >>a2enmod cgi.load > >> > >> But it told me my MPM(?) seemed to be threaded so it gave me `cgid.conf' > >> and `cgid.load'... and away it went... cgi firing on all 8 cylinders. > > That last bit was sort of warning I guess and the it proceeded to > create the needed symlinks only with cgid.* in there names. > > After that command above, cgi scripts commenced to working. Apparently the > command figured out what needed to be done. > > So, anyway... now I know a better and more appropriate command to use. > -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140923141125.gb19...@gmail.com
Re: apache2 what is the standard way to enable modules?
2014-09-20 7:48 GMT+02:00 Bob Proulx : > Harry Putnam wrote: > > Raffaele Morelli writes: > > >> Is that what you are warning about? > > > > > > Nope, my warning was to use `a2enmod cgi` instead of `a2enmod cgi.load` > > > (which is wrong) > > > > OK, thanks. But once again you've failed to explain the nature of the > > wrongness. > > > > Can you define what the nature of this wrongness is? Will bad things > > happen...? > Seems like I missed this, apologize > > a2enmod takes a simple name like "cgi" not a name with .load or .conf > on the end like "cgi.load". You want "a2enmod cgi" without the > ".load" on the end. > > Bob > That.
Re: Skype + Linux? was Jack: was Slight New Sound Problem
On 18/09/14 at 05:19pm, Steve Litt wrote: > On Thu, 18 Sep 2014 20:29:26 +0200 > Raffaele Morelli wrote: > > > On 18/09/14 at 11:09am, Steve Litt wrote: > > > > My understanding of Jack (and please correct me if I'm wrong), is > > > that it's like being able to patchcord together all sorts of > > > software sound processor boxes, in whatever configuration I want. > > > I'd *love* to be able to do that. > > > > Yes, jack compliant applications can be routed from/to every where. > > Non compliant apps can also be routed with little tweaking (eg. > > flashplayer, skype) > > Did I just hear you saying that the latest Skype, which no longer works > with Linux without massive tweaks, can be made to work on Linux using > Jack? That would give me plenty of incentive to try again! > Nope, latest skype release dropped alsa support definitely, my fault. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140919023623.ga3...@gmail.com
Re: Jack: was Slight New Sound Problem
On 18/09/14 at 11:09am, Steve Litt wrote: > On Thu, 18 Sep 2014 09:40:56 -0500 > "T.J. Duchene" wrote: > > > Good morning, Martin! > > > > Before I can make suggestions, I need to know if you are using a > > daemon such as Jack or PulseAudio or if you are using ALSA directly. > > T.J (and anyone else), > > I really want to use Jack, but every time I've tried, I failed > miserably and gotten no sound. Is there some special mindset you need > when installing/configuring Jack, and if so, where can I find out about > it? Well, it's quite straightforward to use jackd and no particular trick is needed. Install jackd2 and its gui qjackctl and alsa-utils. Get rid or stop PulseAudio and start qjackctl, see what happens and report (qjackctl has a nice message log window) Keep in mind that often no sound means that alsamixer volumes are muted or at 0 level which seems to be the default. > My understanding of Jack (and please correct me if I'm wrong), is that > it's like being able to patchcord together all sorts of software > sound processor boxes, in whatever configuration I want. I'd *love* to > be able to do that. Yes, jack compliant applications can be routed from/to every where. Non compliant apps can also be routed with little tweaking (eg. flashplayer, skype) -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140918182925.ga1...@gmail.com
Re: View on UNIX purism in Linux Community
On 18/09/14 at 01:33pm, Peter Nieman wrote: > On 18/09/14 07:42, Lisi Reisz wrote: > >On Wednesday 17 September 2014 23:14:33 Martin Read wrote: > >> > > > > > > > > > > Is it just me who's wondering why no one - no powerful "list master" - is > trying to stop this? +1 > > This exchange of whatever is really *totally* OT, if that word has any > meaning at all. Let's try with an IKEA quality control thread and see what happen http://xkcd.com/208/ -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140918120209.ga1...@gmail.com
Re: Creating a forum for systemd debate
On 18/09/14 at 03:34am, David L. Craig wrote: > On 14Sep18:0636+0200, Raffaele Morelli wrote: > > > Delete key works perfectly and fast here BTW, none of the posters > > (spammers) > > is a debian developer and AFAIK it's not going to be. > > > > That given, can someone explain what's the use in those debates in which > > your decision > > making power it's less than a pigeon shit on a coat in the middle of a > > storm? > > > > Kind regards > > Is this viewpoint typical of DDs? You just dissed Linus Tolvalds > among many, many others, without whom you wouldn't have anything to > package. I humbly submit you need to search your conscience if > you can find it. You probably think you are a wise guy because you wrote "Linus Torvalds" in a post without any reason, but you are not, you are just proving your ignorance. Few are just dumping their egos on many threads about this systemd thing just like debian was at their own service, but fortunately it is not. They simply should switch to another distro and shut up instead of using the list like "their ego disposal". -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140918091517.ga4...@gmail.com
Re: Creating a forum for systemd debate
On 17/09/14 at 09:17am, John Hasler wrote: > Mart van de Wege writes: > > That's funny, because I keep seeing the same names coming up. > > And I see the same names coming up in the anti anti systemd rant rants. > > Quit ranting, ok? If you don't actually have anything to say don't say > it. If you do, say it and ignore the ranters. Delete key works perfectly and fast here BTW, none of the posters (spammers) is a debian developer and AFAIK it's not going to be. That given, can someone explain what's the use in those debates in which your decision making power it's less than a pigeon shit on a coat in the middle of a storm? Kind regards -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140918043652.ga3...@gmail.com
Re: Creating a forum for systemd debate
On 16/09/14 at 03:39pm, Bret Busby wrote: > On 16/09/2014, Raffaele Morelli wrote: > > > > > > « Nunc est bibendum, nunc pede libero pulsanda tellus » > > Eh, wot? > > I think that tellus is a brand of vacuum cleaner (is this something to > do with cleaning some threads of messages off the list :) ? ). > > pede - well that sounds like a root of pedestrian. > > pulsanda - that reminds me of a package named pulse audio, which is to > do with sound, and, thence, with noise. > > Does that mean that if the list is not cleaned up of the extraneous > noise, it slows to a walk? nope, it's a pray: it means that you all should end up kicking each other a OT list instead of breaking every user balls on this one ;-) with kind regards, of course -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140916080844.ga15...@gmail.com
Re: Creating a forum for systemd debate
On 15/09/14 at 02:15pm, Don Armstrong wrote: > On Mon, 15 Sep 2014, Joel Roth wrote: > > I think it should be possible to find or create a forum for those who > > are concerned about this issue. I know that I would subscribe. > > Please create one and subscribe. It's trivial to create mailing lists on > lists.alioth.debian.org, or you can use non-Debian resources. Let me > know when you've done so, and I'll be happy to point anyone who > continues to post to this mailing list about systemd there. > > > I can also sympathize with those who don't want this list dominated by > > a flame war. > > Yes, please. The pro/anti systemd discussion isn't on topic for this > mailing list. God (or whatever of your choice) bless you -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140916061157.gb2...@gmail.com
Re: Re: "no soundcards found" after Debian upgrade
2014-09-15 14:15 GMT+02:00 Menashè Eliezer : > Both of them are already in /etc/modules and /etc/modules-load.d/modules. > conf > > No effect... well, I am not a kernel doctor but something is clearly wrong with it
Re: "no soundcards found" after Debian upgrade
On 15/09/14 at 12:43pm, Menashè Eliezer wrote: > Thanks Raffaele, > You are right, once I'm loading manually the snd-usb-audio, all is fine. > So, my work-around right now is running after each restart: > $ sudo modprobe snd-hda-intel snd-usb-audio You don't have to do it manually, just add those two lines in /etc/modules snd-hda-intel snd-usb-audio But you'd better of using a file in /etc/modules-load.d/ eg. create my_alsa.conf in /etc/modules-load.d/ then add the lines above in it. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140915112852.ga5...@gmail.com
Re: "no soundcards found" after Debian upgrade
On 12/09/14 at 05:06pm, Menashè Eliezer wrote: > Just adding information about the current status, after loading manually > snd-hda-intel: > > 1. The main volume control of xfce has no effect. I need to use the Audio > Mixer for controlling the volume. > > 2. There is no sound capture device. Jack and usb michrophones are not > detected (even though I see the Logitach usb devices in lsusb. Just for > info, I know I should report it later as a new problem. I had this problem > also before the no sound cards problem. You should dig into .asoundrc stuff for that, sure you need snd-usb-audio module for your logitech webcam. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140915050736.ga3...@gmail.com
Re: "no soundcards found" after Debian upgrade
On 12/09/14 at 02:16pm, Menashè Eliezer wrote: > Thanks Raffaele, > My version of libpam-systemd is the latest available: 208-8. The bug you've > mentioned was fixed in version 204-8. > > I've noticed that pulseaudio is missing from the bin folder, even though > aptitude says it's installed. > It must be connected to my attempts to resolve sound problems based on > internet-based solutions. > So: > aptitude purge pulseaudio pulseaudio-utils gstreamer0.10-pulseaudio > pulseaudio-module-x11 paman pavumeter pavucontrol > and then aptitude install ... > Still empty, also after restart: lsmod |grep snd_hda_intel > sudo modprobe snd-hda-intel > and playback is ok. > So, right now my problem is only that I need to run manually "modprobe > snd-hda-intel". drop a line with `snd_hda_intel` into /etc/modules or create a file in /etc/modules-load.d/ with that line in, module will be loaded on every boot.. BTW there should be a reason if module is not loaded properly during boot process. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140912125302.gb16...@gmail.com
Re: apache2 what is the standard way to enable modules?
On 11/09/14 at 03:04pm, Harry Putnam wrote: > Raffaele Morelli writes: > > > [...] > > >> Thanks for the push... Tinkering with your suggestion lead me to read > >> the `LoadModule' lines on the files in mods-available. > >> > >> The line in cgi.load: > >> LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so > >> > >> Looked the most promising, so I tried: > >> > >>a2enmod cgi.load > >> > >> But it told me my MPM(?) seemed to be threaded so it gave me `cgid.conf' > >> and `cgid.load'... and away it went... cgi firing on all 8 cylinders. > > > > > > beware that a2enmod doesn't require extension > > eg. a2enmod cgi.load won't work cause the module is 'cgi', symlink is > > created for both .conf and .load in /etc/apache2/mods-enabled/ > > > > hint: enable bash completion, a2enmod completes available module > > I'm not sure what you are getting at. Do you mean it won't work > period or that only scripts with ext cgi will work? > > As reported further back in the thread: > a2enmod cgi.load > > Gave me: >cgid.conf -> ../mods-available/cgid.conf >cgid.load -> ../mods-available/cgid.load > > Now my `script.cgi' work. But I had a few from a long ago previous > setup without cgi extension... so just to test I tried this: > >cp test.cgi test > > Then opened `test.cgi' with a browser... it works > opened `test' and it does not work. > > Is that what you are warning about? Nope, my warning was to use `a2enmod cgi` instead of `a2enmod cgi.load` (which is wrong) > > Can anyone tell me how to allow scripts without cgi extension to work? > Create symlinks to the ones with extensions. -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140912070017.gc4...@gmail.com
Re: "no soundcards found" after Debian upgrade
On 11/09/14 at 05:45pm, Menashè Eliezer wrote: > Thanks Raffaele, > > Please see below. > > With kind regards, > Menashè > > On 09/11/2014 05:15 PM, debian-user-digest-requ...@lists.debian.org wrote: > >try loading snd-hda-intel first ( BTW it sounds really weird that no snd-* > > module is being loaded ). > Good idea! > modprobe snd-hda-intel results in detected sound cards. > $aplay -l > List of PLAYBACK Hardware Devices > Failed to create secure directory (/run/user/1000/pulse): Permission denied Something is wrong with pulse and permission, maybe related to libpam-systemd have at look at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731300#33 -- « Nunc est bibendum, nunc pede libero pulsanda tellus » -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140912065539.gb4...@gmail.com
Re: "no soundcards found" after Debian upgrade
On 10/09/14 at 05:33pm, Menashè Eliezer wrote: > Thank you Raffaele and Elimar, but lsmod | grep snd produces no results. I > should have mentioned it before. try loading snd-hda-intel first ( BTW it sounds really weird that no snd-* module is being loaded ). Can you post the output of ls -l /etc/modprobe.d/ ? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140911060059.gb6...@gmail.com
Re: "no soundcards found" after Debian upgrade
On 10/09/14 at 11:34am, Menashè Eliezer wrote: > Hello, I have /Debian testing/ in which the sound was fine. Few days ago, > after an update, I have "no soundcards found" with "aplay -l". lspci: > "00:1b.0 Audio device: Intel Corporation 7 Series/C210 Series Chipset Family > High Definition Audio Controller (rev 04)". I've tried everything and > searched everwhere. I prefer not reinstalling the OS. I hope someone can > help me. check if kernel module is loaded with lsmod eg. lsmod |grep snd_hda_intel if yes, probably you miss the 'model' extra option somewhere in /etc/modprobe.d/alsa.conf (or whatever) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140910102256.ga31...@gmail.com
Re: Query about .xsession-errors file
On 09/09/14 at 03:29pm, Bret Busby wrote: > Hello. > > In trying to work out why my disk space gets progressively consumed so > that I repeatedly run out of disc space without any known reason, in > examining my hidden files in my home directory, I found the file > .xsession-errors, which is currently sitting at about 740MB, and has > been growing in the last hour. > > Does some uttility or command (with switches) exist, that can purge > the file of redundant (for example, entries over a week old, or, > entries from before the current boot session) entries, so as to reduce > the file size to content that is necessary to retain for debugging? > > I am concerned that, should I simply delete the file, the system will > crash or otherwise damage to the boot session, would occur. > > Thank you in anticipation. A cron job should fit your needs, though I would investigate to prevent such errors... /r -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140909074000.ga10...@gmail.com
Re: apache2 what is the standard way to enable modules?
2014-09-04 4:19 GMT+02:00 Harry Putnam : > B writes: > > > On Wed, 03 Sep 2014 20:55:19 -0400 > > Harry Putnam wrote: > > > >> what is the name of cgi module? That would be very useful for the > >> `a2enmod' cmd. And for something real simple like making sure it is > >> installed. > >> > >> I see several files in [...]/mods-available with the string `cgi' in > >> them. None of those show up in [...]/mods-enabled. > > > > a2enmod is just for that: creating a symlink from mods-available > > to mods-enabled (usually needs a restart). > > > > You could: > > cd mods-available > > grep /var/lib/dpkg/info/*ist > > > > which will return .list; > > if it doesn't talk by itself, check what your pkg manager description > > says about it. > > Thanks for the push... Tinkering with your suggestion lead me to read > the `LoadModule' lines on the files in mods-available. > > The line in cgi.load: > LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so > > Looked the most promising, so I tried: > >a2enmod cgi.load > > But it told me my MPM(?) seemed to be threaded so it gave me `cgid.conf' > and `cgid.load'... and away it went... cgi firing on all 8 cylinders. beware that a2enmod doesn't require extension eg. a2enmod cgi.load won't work cause the module is 'cgi', symlink is created for both .conf and .load in /etc/apache2/mods-enabled/ hint: enable bash completion, a2enmod completes available module
Re: the Mysteries of asound.conf
2014-08-29 15:38 GMT+02:00 Martin G. McCormick < mar...@server1.shellworld.net>: > If one searches for debian+multiple+sound+cards, there > is a wilderness of somewhat confusing discussions and examples > as to how to configure asound.conf to insure that each card > comes up in the same order. I have two older Dells, each with > the stock CS423X sound chip on the mother board and a SB16-type > sound card. One uses an EMU10k1 driver and the other uses an > EMU8000. All seem to work and would work a lot better if they > always came up in the same order. > One school of thought tells us to put a line in > /etc/asound.conf that looks something like > options snd slots=,snd-Emu8000 > > asound.conf won't help you. drop a custom module config in /etc/modprobe.d/ eg. /etc/modprobe.d/alsa.conf and use options/index parameters eg. (my case) options snd_hda_intel index=0 options snd_aloop index=1 just look at lsmod for the kernel modules used by your sound cards. /r
Re: Domanda su systemd
Il giorno 28 agosto 2014 11:48, emmanuel segura ha scritto: > Ciao a tutti, > > ciao a tutti voi che... che state scrivendo sulla lista sbagliata! /r
Re: gps
2014-08-23 15:57 GMT+02:00 François Patte < francois.pa...@mi.parisdescartes.fr>: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Bonjour, > > Are there software available to fully manage a GPS: update maps and > all this kind of things which are usualy provided for mac or windows > when you buy a GPS. > > Iam using debian sid > > Thank you Have a look at QGis, you can easily manage your gps with gps tools and a garmin specific plugin.
Re: need help on sound recording using bplay
2014-08-07 11:05 GMT+02:00 Curt : > On 2014-08-06, Long Wind wrote: > > > > I might try sth. else > > (I mean openbsd when I have time/energy in the future) > > > > Right definitely change operating systems. Also http://www.oceanwayrecording.com/ could be of some help ;-)
Re: need help on sound recording using bplay
2014-08-06 18:29 GMT+02:00 Curt : > On 2014-08-06, Raffaele Morelli wrote: > > > > d'oh! > > "l" not "L" > > > > Yes, but I see nothing helpful in that output either for setting the > capture device for recording (mic, line-in, etc.): > > curty@einstein:~$ arecord -l > List of CAPTURE Hardware Devices > card 1: SB [HDA ATI SB], device 0: ALC662 rev1 Analog [ALC662 rev1 > Analog] > Subdevices: 1/1 > Subdevice #0: subdevice #0 > > Anyhow. this should work with both mic and line-in... $ arecord -D hw:1,0 file.wav You have only one card, ie no usb webcam or else, so in this case - D option is really not needed
Re: need help on sound recording using bplay
2014-08-06 15:33 GMT+02:00 Curt : > On 2014-08-06, Long Wind wrote: > > Thank you! I have installed alsa-utils, but still can't identify it > > with your command > > below is output by arecord -L > > > > I only obtain a list of output devices with that command. > > To define a capture device I use alsamixer (F4). d'oh! "l" not "L" apologize
Re: need help on sound recording using bplay
2014-08-06 13:50 GMT+02:00 Long Wind : > On 8/6/14, Raffaele Morelli wrote: > > 2014-08-05 22:48 GMT+02:00 Long Wind : > > > > > > > I would use arecord/aplay > > > > $ arecord -L # lists pcm devices by name, so quickly find your line-in > > > > then > > $ arecord -D device_name > > - > > t wav -f cd > > filename.wav > > > > > Thank you! I have installed alsa-utils, but still can't identify it > with your command > below is output by arecord -L > > null > Discard all samples (playback) or generate zero samples (capture) > default:CARD=AudioPCI > Ensoniq AudioPCI, ES1371 DAC2/ADC > Default Audio Device > sysdefault:CARD=AudioPCI > Ensoniq AudioPCI, ES1371 DAC2/ADC > Default Audio Device > front:CARD=AudioPCI,DEV=0 > Ensoniq AudioPCI, ES1371 DAC2/ADC > Front speakers > surround40:CARD=AudioPCI,DEV=0 > Ensoniq AudioPCI, ES1371 DAC2/ADC > 4.0 Surround output to Front and Rear speakers > iec958:CARD=AudioPCI,DEV=0 > Ensoniq AudioPCI, ES1371 DAC2/ADC > IEC958 (S/PDIF) Digital Audio Output try with $ arecord filename.wav should simply work /r
Re: need help on sound recording using bplay
2014-08-05 22:48 GMT+02:00 Long Wind : > I want to record sound from line-in of sound card, > I enter sth. like: > > brec -d /dev/dsp -b 8 -t 15 -w t2.wav > > after that l use bplay to play t2.wav, I can't hear sound > > I'm afraid I need to specify line-in, in addition to /dev/dsp, but how to > do it? > > Thanks! > I would use arecord/aplay $ arecord -L # lists pcm devices by name, so quickly find your line-in then $ arecord -D device_name - t wav -f cd filename.wav
Re: End of hypocrisy ?
2014-08-05 14:42 GMT+02:00 Slavko : > Ahoj, > > Dňa Tue, 5 Aug 2014 13:39:29 +0200 Raffaele Morelli > napísal: > > > 2014-08-05 13:08 GMT+02:00 Lisi Reisz : > > > > > On Tuesday 05 August 2014 07:56:03 Raffaele Morelli wrote: > > > > Hundreds of linux developers can't be wrong, > > > > > > It doesn't matter whether they are right or wrong. They are doing > > > it. The rest of us can either say "thank you" and be grateful for > > > the work they do, or go do our own thing. This is Open Source > > > after all. > > > > > > Lisi > > > > > > > That's quite clear and obvious to me as it should for the rest of end > > users, nevertheless the garbage collector is full of "systemd vs sysv" > > stuff. > > > > why you then reported bugs to BTS, which contains no thanks, but problem > description? by your own words, you need only tell thanks, or do own > things. > BTS has nothing to do with systemd/sysv and a bug is not a developer choice. > > Where then is the: > > come together do it better? > > Eh, words, words... > you should reboot.
Re: End of hypocrisy ?
2014-08-05 13:08 GMT+02:00 Lisi Reisz : > On Tuesday 05 August 2014 07:56:03 Raffaele Morelli wrote: > > Hundreds of linux developers can't be wrong, > > It doesn't matter whether they are right or wrong. They are doing it. The > rest of us can either say "thank you" and be grateful for the work they do, > or go do our own thing. This is Open Source after all. > > Lisi > That's quite clear and obvious to me as it should for the rest of end users, nevertheless the garbage collector is full of "systemd vs sysv" stuff. /r
Re: End of hypocrisy ?
2014-08-05 0:28 GMT+02:00 Steve Litt : > On Mon, 4 Aug 2014 14:03:35 +0200 > Raffaele Morelli wrote: > > > > I've seen tons of posts sent to this list about systemd... bla bla > > bla... and did not understand what's the matter with it. > > > > I wonder what are you all doing with your init scripts which doesn't > > work with systemd. So what? > > > > /r > > I can answer that with two reasons: > > 1) Binary log files. If you can't see what a radical departure that is >from the world of Unix, look again. > What's the matter with binary logs? wtmp isn't unix or what? Stop this "unix is perfect" thing, everyone knows (or should) unix it's not perfect and "[...] creaks and clanks and has obvious rust spots" even if he gets the job done. > > 2) Gratuitous interdependency. Part of the Unix Philosophy is that >programs should "do one thing and do it well." The user assembles a >functionality from many such small programs. Up to now, init was >just init. It started the computer, the /dev and /proc stuff, the >TTY's and the daemons, then pretty much got out of the way. Now here >comes systemd, requiring or encouraging even desktop environments to >require or suggest it. > "do one thing and do it well", oh yes, just forgot X system >Imagine if they replaced grep, cut, cat, diff, awk, sed, head, tail, >ls, and find with ks (stands for Kitchen Sink). You can do anything >you want with ks, but you need to know all its options and config >settings, and its myriad of idiosyncracies. And if it has bugs or >departures from documented behavior, as any program of its size is >likely to have at one time or another, everything breaks. > You and I don't live in imaginary worlds, your KS assumption it's quite weak. > > So whether stuff works with systemd isn't the main problem, it's just > icing on the cake when it *doesn't* work. > I see happy Fedora users each and every day and people here crying about debian switching to systemd (which other distros are planning to switch to) without having such system architect skill/reputation and any relevant argument against. Hundreds of linux developers can't be wrong, more likely mailing list end-users IMHO. /r
Re: End of hypocrisy ?
2014-08-04 15:41 GMT+02:00 Michael Kjörling : > On 4 Aug 2014 15:35 +0200, from raffaele.more...@gmail.com (Raffaele > Morelli): > > http://herpolhode.com/rob/ugly.pd > > "The requested URL /rob/ugly.pd was not found on this server." > http://herpolhode.com/rob/ugly.pdf
Re: End of hypocrisy ?
2014-08-04 15:11 GMT+02:00 Andrew McGlashan < andrew.mcglas...@affinityvision.com.au>: > On 4/08/2014 10:03 PM, Raffaele Morelli wrote: > > I've seen tons of posts sent to this list about systemd... bla bla > > bla... and did not understand what's the matter with it. > > > > I wonder what are you all doing with your init scripts which doesn't > > work with systemd. So what? > > If it isn't broken, why change it? For the sake of ultra fast initial > boot? Again, fix the packages that are broke and don't work without > systemd. > debian packages are not on-demand services, you should apply to "fix" whatever packages you are referring to or give up crying to mailing list feets (still wonder what you "all" are complaining for). What you call ultra fast initial boot is being addressed as "parallelization" (and I guess you've never been stuck on a remote server because apache ssl is waiting for you at password prompt) "not broken" doesn't mean "good", OSS is not broken but ALSA took place over it (god bless). http://herpolhode.com/rob/ugly.pd
Re: End of hypocrisy ?
2014-08-04 12:37 GMT+02:00 Andrew McGlashan < andrew.mcglas...@affinityvision.com.au>: > My own view is "why systemd" fix sysinit instead, where it is > broken or rather the packages [whatever they are] that don't work properly. > > systemd gives faster boot times, so what! I prefer to boot less often > and run with what works until I /have/ to do a reboot, so it wouldn't > matter if it took 10 times as long to boot. Improving boot times is > just like overclocking for games, it is largely irrelevant and something > to boast about ... ie, no real benefit. > > IOW systemd is a great big waste of time and resources. > > I don't want to know anything more about systemd, unless I am forced to > deal with it, I won't be. > > Cheers > A. > I've seen tons of posts sent to this list about systemd... bla bla bla... and did not understand what's the matter with it. I wonder what are you all doing with your init scripts which doesn't work with systemd. So what? /r
Re: Skype - no microphone input sound...REVISITED
2014-07-16 16:18 GMT+02:00 Man_Without_Clue : > > On 07/16/2014 11:05 PM, Raffaele Morelli wrote: > >> >> >> sorry, really bad english, I mean before your wife. >> In the past I had similar problem with alsa and different users >> concurrently, so if you are switching from your wife's account instead of >> logging out you are probably facing the same kind of problem. >> >> /r >> > Ok. > It doesn't matter which account to log in first. > Skype on my account doesn't recognize microphone for some reason. Other > recording application works. > Is it a mic only issue? If playback works my guess is that your microphone is being locked by another app (eg. google chat) > Skype also use Pulse audio and from ver. 4.3, skype only works with pulse > audio. Yes, I am currently using 4.2 with alsa-loopback device.
Re: Skype - no microphone input sound...REVISITED
2014-07-16 15:24 GMT+02:00 Man_Without_Clue : > > > On 07/16/2014 10:15 PM, Raffaele Morelli wrote: > >> >> maybe you have .asoundrc in your home? if so, rename/remove it, logout >> and login. >> >> other question: what happen if you login first of all? >> >> >> >> No, I don't see .asoundrc in home directory. > > What do you mean by what happen login first of all? sorry, really bad english, I mean before your wife. In the past I had similar problem with alsa and different users concurrently, so if you are switching from your wife's account instead of logging out you are probably facing the same kind of problem. /r
Re: Skype - no microphone input sound...REVISITED
2014-07-16 14:41 GMT+02:00 Man_Without_Clue : > > On 07/15/2014 11:34 PM, Curt wrote: > >> On 2014-07-15, ken wrote: >> >>> How about this: After moving your own ~/.Skype/ somewhere temporarily, >>> copy your wife's ~/.Skype/ to your machine. >>> >> I thought it was the same machine, different accounts (marital bliss). >> >> >> Right. > Same machine, same debian. Different user's account. > I don't know where should I be looking into... maybe you have .asoundrc in your home? if so, rename/remove it, logout and login. other question: what happen if you login first of all?
Re: Sound configuration failure in debian amd64...
2014-06-13 5:57 GMT+02:00 Bret Busby : > On 11/06/2014, Raffaele Morelli wrote: > > > > > this doesn't help, use `aplay -l` instead > > > > For this, I get > > " > ~# aplay -l > List of PLAYBACK Hardware Devices > card 1: PCH [HDA Intel PCH], device 0: ALC282 Analog [ALC282 Analog] > Subdevices: 1/1 > Subdevice #0: subdevice #0 > after a little googling, it seems that bugs relative to ALC282 are solved in the latest kernels (> march 2014) so try switching to kernel 3.13.10-1 then in /etc/modprobe.d/alsa-base.conf add those lines options snd-hda-intel index=0# ensure that card is grabbing index 0 options snd-hda-intel model=generic #
Re: Sound configuration failure in debian amd64...
2014-06-11 5:34 GMT+02:00 Tapas Das : > Hello > this isTapas Das. > I am a debian user for the last three yearsfirst it was 32-bit > debian squeeze 6.0.0... > and now using amd64 version on P8H61-MLX motherboard (ASUS) with intel > core i3 processor. > > The sound could not be configuredit was not configured just after > installation.nor could be done by installing various libraries and > development packages available at the repositories. I am trying these > things for several months, but no good. > there's no use in installing dev packages and libraries (?) randomly, you'd better of understanding what's going on. > The output generated by 'hwinfo' as superuser is as follows : > this doesn't help, use `aplay -l` instead > > root@debian-1:/home/tapas# hwinfo --sound > 14: PCI 1b.0: 0403 Audio device > [Created at pci.318] > UDI: /org/freedesktop/Hal/devices/pci_8086_1c20 > Unique ID: u1Nb.E2yA1ceTa70 > SysFS ID: /devices/pci:00/:00:1b.0 > SysFS BusID: :00:1b.0 > Hardware Class: sound > Model: "Intel Audio device" > Vendor: pci 0x8086 "Intel Corporation" > Device: pci 0x1c20 > SubVendor: pci 0x1043 "ASUSTeK Computer Inc." > SubDevice: pci 0x8445 > Revision: 0x05 > Driver: "HDA Intel" > Driver Modules: "snd_hda_intel" > Memory Range: 0xfe40-0xfe403fff (rw,non-prefetchable) > IRQ: 22 (781 events) > Module Alias: "pci:v8086d1C20sv1043sd8445bc04sc03i00" > Driver Info #0: > Driver Status: snd_hda_intel is active > Driver Activation Cmd: "modprobe snd_hda_intel" > Config Status: cfg=new, avail=yes, need=no, active=unknown > root@debian-1:/home/tapas# > my guess is that you should add the relevant line for your card model to /etc/modprobe.d/alsa-base.conf have a look at http://www.alsa-project.org/main/index.php/Help_To_Debug_Intel_HDA
Re: Remove unwanted, orphaned files and dependencies
2014-06-06 20:10 GMT+02:00 Chris Angelico : > On Sat, Jun 7, 2014 at 4:02 AM, Jerry Stuckle > wrote: > > Oh, that's right. You were found to be a clueless troll there, also. And > > you were kicked out of them. So you had to find another place to troll. > > > > Does this discussion really need to continue? > > ChrisA > Unfortunately the user list it's not moderated and those flames are more and more frequent.
Re: where is my WiFi card? (ThinkPad T61)
2014-06-05 13:42 GMT+02:00 Stanisław Findeisen < stf.list.debian.u...@eisenbits.com>: > On 2014-06-05 13:08, Darac Marjal wrote: > >> Is my integrated wireless card broken?! Or not present at all?! > > > > I don't know that laptop, but it probably can't hurt to also check the > > output of 'lsusb' and 'iw list'. > > lsusb yields nothing interesting, but iw list: > > # iw list > nl80211 not found. I've had a T61, wifi worked after loading the necessary kernel module. http://www.thinkwiki.org/wiki/Installing_Debian_Lenny_on_a_ThinkPad_T61#WiFi:_Intel_4965AGN
Re: fastest linux distro
2014-05-29 7:08 GMT+02:00 Ralf Mardorf : > On Thu, 2014-05-29 at 06:43 +0200, Raffaele Morelli wrote: > > 2014-05-29 6:27 GMT+02:00 Ralf Mardorf : > > On Wed, 2014-05-28 at 20:15 -0400, Tony Baldwin wrote: > > > jwm, openbox, wmii, tritium, etc., are window managers that might > > > reduce your load. > > > > > > Correct, however, it doesn't matter if you run JWM or KDE4, when just > > using a browser, on an averaged dual-core machine. There won't be > > noticeable performance differences. I've got a Debian install on such > > a dual-core machine with KDE4 and JWM installed. > > > > > > Don't you spread confusion, a standard kde or gnome install "sucks" > > memory because of that, > because of that [standard install]. > > Because of what does it sucks memory? It sucks (memory) if somebody > claims something that isn't true by an email sent as HTML + plain text. > > There's no need to sent the same text in one mail two times, especially > when HTML is frowned upon. And now the bomb drops ... Ralf, you are well known for your neverending-aka-lord-of-the-ring-history-threads so I won't feed you. /r
Re: fastest linux distro
2014-05-29 6:27 GMT+02:00 Ralf Mardorf : > On Wed, 2014-05-28 at 20:15 -0400, Tony Baldwin wrote: > > jwm, openbox, wmii, tritium, etc., are window managers that might reduce > > your load. > > Correct, however, it doesn't matter if you run JWM or KDE4, when just > using a browser, on an averaged dual-core machine. There won't be > noticeable performance differences. I've got a Debian install on such a > dual-core machine with KDE4 and JWM installed. Don't you spread confusion, a standard kde or gnome install "sucks" memory because of that, Awesome or JWM they run with a ridicoulus memory usage, so DE matters a lot on systems with 2gb of memory. If you have daemons/services running in the background it matters, everything matters on machines of that kind if you don't need (ssh, cups, cron, ntp, at, syslog, exim, etc etc...)
Re: Installing Thunderbird
2014-05-27 7:51 GMT+02:00 Marc Shapiro : > On 05/26/2014 12:29 PM, Marc Shapiro wrote: > >> On 05/26/2014 08:18 AM, Ethan Rosenberg, PhD wrote: >> >>> Dear List - >>> >>> Will you please give me instructions how to install Thunderbird. I've >>> tried multiple methods listed on the web to no avail. I am not satisfied >>> with Icedove; eg, never have been able to start from the desktop icon, >>> inability to prevent it from running in the background, which makes it >>> impossible to read my email from webmail, since icedove is set to remove >>> the mail from the server after it is downloaded. >>> >> What's wrong in unchecking the "remove email from server"?
Re: Will Iceweasel stay open source?
http://xkcd.com/386/ /raffaele
Re: skype confuse apt-get
2014-05-16 11:57 GMT+02:00 : > > >> Good luck! > Everything is working properly. Problem is only for next: i should > reinstall skype every time when i do "apt-get dist-upgrade". Despite skype > is working ok in time of installation of skype i have message about some > error. The message is very ambiguous > > "errors were encountered while processing skype" and no more. > You probably have a dependency problem like mine: You might want to run 'apt-get -f install' to correct these. The following packages have unmet dependencies: skype:i386 : Depends: libasound2-plugins:i386 but it is not installed E: Unmet dependencies. Try using -f. trying to install libasound2-plugins:i386 results in a "black hole" of dependencies amd64 here with i386 architecture added
Re: Cropping a large collection of .PNG screenshots
2014-04-10 10:05 GMT+02:00 Alex Mestiashvili :
> On 04/09/2014 11:03 PM, Jonathan Dowland wrote:
>
>> On Wed, Apr 09, 2014 at 03:12:40PM +0200, Alex Mestiashvili wrote:
>>
>>> |
>>> find . -name "*.png" | parallel -P8 convert -quality 95 {} -geometry
>>> 1280 /tmp/{.}.jpg|
>>>
>> Alternatively
>>
>> find . -name "*.png" -exec convert -quality 95 {} -geometry 1280
>> /tmp/{}.jpg +
>>
>> note '+' not '\;' which denotes to run jobs in parallel (here, not
>> specifying
>> a max concurrency limit)
>>
>>
>>
> Nice, thanks for sharing! but according the man page
> "Only one instance of `{}' is allowed within the command"
>
> The benefit of parallel over xargs or find is that it is much more
> flexible with arguments in {}.
> For example in the first convert example png files are converted to jpg.
> With xargs the result will look like $file.png.jpg
> With parallel one can alter arguments in {}, so the end result will be
> $file.jpg
let's say there's no use at all in using find
keep_it_simple_as_possible returns that convert (imagemagik tool) has an
outfile option:
convert [input-option] input-file [output-option] output-file
regards
/raffaele
Re: Cropping a large collection of .PNG screenshots
2014-04-09 12:03 GMT+02:00 Kevin O'Gorman : > I have a few hundred screen shots I want to put on a web page, but > they are all full-screen and I want to crop to the real contents. > This is an identical region in all cases. So I want to script it. > > So, 2 questions: > A) What's the best tool for the job? Gimp, irfanview, or something else? > B) Is there a script already in existence where I can just change the > crop rectangle? I really don't want to learn a new language for a > one-time job. I would go one-liner with imagemagik, though, according to A and B you can have a look at gimp plugins registry ( http://registry.gimp.org/taxonomy/term/159) to use the crop tool in a batch process. Moreover gimp can be used in batch mode from command line http://www.gimp.org/tutorials/Basic_Batch/ /regards
Re: Maildir ext4 slowness
2014-04-09 6:53 GMT+02:00 Stan Hoeppner : > > Mutt, as with other MUAs, creates a header cache so it only needs to > read the headers of new mail files. If you're slowing down with large > maildir folders, the most likely problem is that your header caching is > not working properly. > There a set header_cache option to add in muttrc. I use mutt+maildir+procmail on ext3 for my work mailbox, can't tell too much about speed because I often purge messages and got ~100.
Re: What an intriguing post
2014-03-31 11:03 GMT+02:00 Wilko Fokken : > On Sun, Mar 30, 2014 at 11:39:48AM -0400, Steve Litt wrote: > > > > Wilko, this is so creative, so cute, so humorous, so on-topic, and so > > necessary, especially the part about a death camp, that I'm overwhelmed > > trying to think of a worthy response. > > > The tryers should give up; > and those, who've given up, > should try. oh my... you are such an idiot you should start thinking about a bugfix release
Re: List installed packages sorted by size.
2014-03-26 9:26 GMT+01:00 Karl E. Jorgensen :
> Hi
>
> On Wed, Mar 26, 2014 at 03:07:58PM +1300, Chris Bannister wrote:
> > Hi,
> >
> > Could be useful to someone:
> > dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -n | less
>
> Nice. But
>
> dpigs -20
>
dpig -n 20
Re: Here's how to make yourself happier OT in re systemd
2014-03-04 18:15 GMT+01:00 Paul E Condon : > On 20140304_160239, Raffaele Morelli wrote: > > 2014-03-04 15:45 GMT+01:00 Steve Litt of Troubleshooters.Com < > > litt...@gmail.com>: > > > > > On Tue, 4 Mar 2014 09:05:41 +0100 > > > Raffaele Morelli wrote: > > > > > > > > > > > Lately I would add > > > > > > > > :0B > > > > * .*(systemd) > > > > $GARBAGE > > > > > > > > :0 > > > > * ^Subject.*(systemd) > > > > $GARBAGE > > > > > > I can't do that, because I really need to know about that stuff. When > > > Jessie becomes stable, I'm going to try to work with systemd. But if > > > that becomes problematic, I'll need a plan B. A lot of today's traffic > > > was very informative stuff about system startup. > > > > > > > IMHO you won't need a plan B, it's just another system service manager, > > that said you can try systemd before Jessie release, it's in debian > > Wheezy... > > > > /r > > I switched to systemd under Wheezy a couple of weeks ago. I had a > small problem convincing aptitude to stop switching back to the old > way any time that I wanted to install packages from > security.debian.org. After fixing that I have noticed no difference > from the old way, whose name I have already forgotten. My hardware has > a built in, intended, delay before start of boot, so I don't percieve > that boot is faster. Maybe it is. I just can't see it in my particular > set up. I am much more worried now about the world going nuclear > before systemd gets a chance to prove its usefulness. > +1000 sometimes people on this list get somewhat horny when discussing those things, which are really subjective in the end... they go on with a mixture of tecno-steronic, 0.02$ philosophy which I can't stand :-( > > Peace to all, I hope > respect /raffaele
Re: Here's how to make yourself happier
2014-03-04 15:45 GMT+01:00 Steve Litt of Troubleshooters.Com < litt...@gmail.com>: > On Tue, 4 Mar 2014 09:05:41 +0100 > Raffaele Morelli wrote: > > > > > Lately I would add > > > > :0B > > * .*(systemd) > > $GARBAGE > > > > :0 > > * ^Subject.*(systemd) > > $GARBAGE > > I can't do that, because I really need to know about that stuff. When > Jessie becomes stable, I'm going to try to work with systemd. But if > that becomes problematic, I'll need a plan B. A lot of today's traffic > was very informative stuff about system startup. > IMHO you won't need a plan B, it's just another system service manager, that said you can try systemd before Jessie release, it's in debian Wheezy... /r
Re: Email filtering - was Re: Here's how to make yourself happier
2014-03-04 9:38 GMT+01:00 Bret Busby : > On Tue, 4 Mar 2014, Steve Litt wrote: > > >> Hi all, >> >> Here's how I just made my life happier and less stressful: >> >> == >> GARBAGE=/dev/null >> >> ### DEBIAN LIST UBERSCREAMER ARNOLD BIRD'S 4 ADDRESSES >> :0: >> * ^From.*naturalli...@dcemail.com >> $GARBAGE >> >> :0: >> * ^From.*arnoldb...@cosmicemail.com >> $GARBAGE >> >> :0: >> * ^From.*usspookslovesys...@muchomail.com >> $GARBAGE >> >> :0: >> * ^From.*fredw...@mail.ru >> $GARBAGE >> == >> >> >> I'll probably have to add more to that as he comes on line with a slew >> of other identities, but .procmailrc is a pretty easy filtering >> mechanism. >> >> Life is more pleasant when you don't have to hear that stuff. >> >> SteveT >> >> Steve Litt* http://www.troubleshooters.com/ >> Troubleshooting Training * Human Performance >> >> >> > Is that procmail, or is that postfix (or, sendmail)? procmail of course
Re: Here's how to make yourself happier
2014-03-04 8:46 GMT+01:00 David Guntner : > Steve Litt grabbed a keyboard and wrote: > > Hi all, > > > > Here's how I just made my life happier and less stressful: > > > > == > > GARBAGE=/dev/null > > > > ### DEBIAN LIST UBERSCREAMER ARNOLD BIRD'S 4 ADDRESSES > > :0: > > * ^From.*naturalli...@dcemail.com > > $GARBAGE > > > > :0: > > * ^From.*arnoldb...@cosmicemail.com > > $GARBAGE > > > > :0: > > * ^From.*usspookslovesys...@muchomail.com > > $GARBAGE > > > > :0: > > * ^From.*fredw...@mail.ru > > $GARBAGE > > == > > > > > > I'll probably have to add more to that as he comes on line with a slew > > of other identities, but .procmailrc is a pretty easy filtering > > mechanism. > > > > Life is more pleasant when you don't have to hear that stuff. > > Unless you have a reason to want one test per address, you could simply > put them all in a single test. > > > :0: > > * ^From.*(naturalli...@dcemail.com|arnoldb...@cosmicemail.com| > usspookslovesys...@muchomail.com|fredw...@mail.ru) > > $GARBAGE > > Collect them all! :-) > > --Dave > Lately I would add :0B * .*(systemd) $GARBAGE :0 * ^Subject.*(systemd) $GARBAGE
Re: cron.daily logrotate beating up my server
2014-02-26 12:43 GMT+01:00 Tony Baldwin : > On Wed, Feb 26, 2014 at 06:41:22AM -0500, Tony Baldwin wrote: > > On Wed, Feb 26, 2014 at 12:09:05PM +0200, Andrei POPESCU wrote: > > > On Ma, 25 feb 14, 13:53:39, Tazman Deville wrote: > > > > > > > > I DO have anacron installed. > > > > > > Well, purge (not remove) it then, or adjust /etc/anacrontab as needed > ;) > > > > > > Kind regards, > > > Andrei > > > > Thanks, Andrei, > > But could you explain why I want to purge anacron, please? > > > > Actually, you know what? > The server does NOT have anacron installed. > I must have searched for it in the wrong terminal. > It IS installed on this desktop, but not on that server. > Doh... The output of... ps ax| grep cron dpkg -l cron*
Re: cron.daily logrotate beating up my server
2014-02-25 13:53 GMT+01:00 Tazman Deville : > > > My /etc/crontab is as follows: > > SHELL=/bin/sh > PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin > > # m h dom mon dow user command > 17 ** * * rootcd / && run-parts --report /etc/cron.hourly > 15 4* * * roottest -x /usr/sbin/anacron || ( cd / && run-parts > --report /etc/cron.daily ) > 07 3* * 7 roottest -x /usr/sbin/anacron || ( cd / && run-parts > --report /etc/cron.weekly ) > 52 11 * * roottest -x /usr/sbin/anacron || ( cd / && run-parts > --report /etc/cron.monthly ) > > > I DO have anacron installed. > I do not know what is relevant from syslog. > I find no mention of cron, crontab, or logrotate in /var/log/syslog > at all. > That's quite weird, indeed you should have something like that /USR/SBIN/CRON[32528]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) /USR/SBIN/CRON[32528]: (root) CMD ( cd / && run-parts --report /etc/cron.daily) etc etc... BTW Your crontab is correct run # run-parts --report /etc/cron.daily then # grep -i cron /var/log/syslog /r
Re: resolv.conf misbehaving
2014-02-20 16:17 GMT+01:00 Danny : > Hi guys, > > The past weekend I upgraded from Debian v3.0 to the latest Debian stable > (7.0 or > something) ... (wish I never did) ... > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses > and the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) > > Now it get's overwritten with : > > nameserver 10.0.0.2 > > I need to reslove both local and external addresses. At the moment I have > to > manually add the 10.0.0.5 into the resolv.conf file after rebooting. > > Any help or pointers? If you are in a hurry, a quick and really dirty trick is to write your custom resolv.conf and add the immutable attribute to it using chattr :-) You probably want to get rid of those many programs which write continuosly resolv.conf and use /etc/network/interfaces dns-nameservers r/
Re: need help on using crontab
2014-02-19 6:26 GMT+01:00 Long Wind : > I want to shutdown at some time, > so I create a file named cmd with a line below: > > 3 5 * * * root /sbin/shutdown -h now > > I run the command : " crontab cmd" > ?? > > but it doesn't shutdown > Why? First of all, is cron running? Have a `grep for CRON syslog`
Re: video compression?
2014-02-17 14:23 GMT+01:00 Thomas H. George : > Is there a best debian program to compress avi videos enough to send > them by email? > "enough" it's quite vague when referring to audio/video stuff... (eg. what about email attachments size limit of your ISP?) You can compress everything to every extent but you might end up with something unusable. BTW have a look at this ffmpeg *relative* http://libav.org/about.html /r
Re: NSA into Debian distribution!
2014-02-13 0:24 GMT+01:00 : > Hello List > > I was very alert for almost 14 years, thinking that someone could come > into Debian distributions, to install some kind of backdoor; but i could > not imagine that the backdoor has been installed little by little into the > Debian people, please see, from > https://wiki.debian.org/Debate/initsystem/systemd: > === > "Why Debian should default to systemd Fedora, OpenSuSE, Arch and Mageia > have already made the choice to use systemd, and it is getting excellent > upstream support for a growing number of packages" > --- > So well, debianites must do what masses do! We can not think by our selves > anymore. > > == > "Community Systemd is a lively project with dozens of developers from > various companies, including Red Hat, Samsung and Intel. It integrates > contributions from even more individual contributors: to this date, 438 > authors, with 63 having at least 10 commits. It can also be noted that two > of the Debian maintainers have commit permissions." > > The companies are more important than developers, good taste; the money is > more important than people! great thinking! Welcome Evil! > == > > What is really happening into Debian Organization? > Has it been taken by Companies? > Do people who are looking for freedom should left Debian? > Debian has been the single GNU/Linux trusted distribution for many years! > :0 * ^From: lati...@vcn.bc.ca /dev/null
Re: Any reason not to run amd64 these days?
2014-02-06 8:42 GMT+01:00 Chris Bannister : > On Wed, Feb 05, 2014 at 11:20:12AM +0100, Raffaele Morelli wrote: > > 2014-02-05 Andrei POPESCU : > > > > > On Du, 02 feb 14, 13:58:54, Rick Macdonald wrote: > > > > > > > > > > > > What about running 32 bit windows and apps in wine or VMWare? > > > > > > I've had issues with *sid* amd64 and skype. Would apreciate comments on > > > this from others as I plan to test a cross-grade Real Soon Now (tm). > > > > > > > jessie amd64 here, no issues with skype though I must use a loopback > device > > (alsa+jack bridge) for audio to work correctly. > > That seems like an issue to me. > Not a big deal, I am used to run jack in the background because of other audio apps (eg. ardour+hydrogen). BTW I saw there's no need anymore for that as skype is actually alsa compliant. /r
Re: Any reason not to run amd64 these days?
2014-02-05 Andrei POPESCU : > On Du, 02 feb 14, 13:58:54, Rick Macdonald wrote: > > > > > > What about running 32 bit windows and apps in wine or VMWare? > > I've had issues with *sid* amd64 and skype. Would apreciate comments on > this from others as I plan to test a cross-grade Real Soon Now (tm). > jessie amd64 here, no issues with skype though I must use a loopback device (alsa+jack bridge) for audio to work correctly. > Kind regards, > Andrei /r
Re: How can I secure a Debian installation?
2014-01-31 Brian : > On Fri 31 Jan 2014 at 07:56:29 +0100, Raffaele Morelli wrote: > > > Brian argued that a private key+allowusers does not improve security with > > respect to passwords+allowusers. > > I did :). > > > I use private key authentication with a 21 characters passphrase which is > > at minimum more secure than a 21 characters password and unless someone > > kidnaps and tortures me for the passphrase and stoles one of my boxes for > > the private key I wonder who can prove it is not. > > I think I see what you are getting at (please correct me if I am wrong). > > The passphrase protects the private key from being accessed. If there is > no access to the private key then authentication cannot take place under > any circumstances. It isn't even worthwhile trying. I agree with that. > > Because you need two things (passphrase + private key) you see this as > being more secure than a password login because any Tom, Dick or Harry > can throw passwords at sshd. Therefore this makes a password login > *intrinsically* less secure. This is what I disagree with and would like > to see some convincing evidence to support it. I hope I am not > misrepresenting your view. > Here we go. To be more accurate, it's not that password login is less secure, it's private key + passphrase that *adds* security because of its nature. That way, even a user who picks a weak passphrase has somewhat an increased security. > The myth has arisen because of so-called "script kiddy" probes. These > are conducted on a level which is actually totally incompetent and > stands no real chance of success but their existence is used to > denigrate password logins. Even with a targeted *online* attack a good > password has time on its side, just like a key. > > I've covered the argument in other posts; you would have to be very, > very lucky to conduct a successful *online* exploit against a strong > password. > Totally agree with this, my auth.log* are full of login attempts with *stupid* user names, ridicoulus password dictionaries and root login attempts. > > C'mon, what's the matter with private key authentication and the OP > request? > > There is nothing wrong with private key authentication. There is also > nothing wrong with password authentication. You choose whichever one is > suitable for your situation based on site policy and rational grounds. /r
Re: How can I secure a Debian installation?
2014-01-31 Scott Ferguson : > On 31/01/14 18:52, Raffaele Morelli wrote: > > 2014-01-31 Scott Ferguson > <mailto:scott.ferguson.debian.u...@gmail.com>>: > > > > > > > > > Security requires knowledge, you made no such discovery. > > Too much emotional content. :) > Flamefests do no one any good. If you need a public forum for your views > you should use one. Just my opinion. It's not my problem. > > But this is a user list, not a teaching room and if we were to apply the > > rule: "read on the manual" for everything then this list would not exist. > > Chill. You'll do yourself an injury lugging those goal post around. Okay, but remeber to come down from the pedestal after reshooting threads at your own pleasure.
Re: How can I secure a Debian installation?
2014-01-31 Scott Ferguson : > On 31/01/14 17:56, Raffaele Morelli wrote: > > 2014-01-31 Scott Ferguson > <mailto:scott.ferguson.debian.u...@gmail.com>>: > > > > On 31/01/14 15:29, Raffaele Morelli wrote: > > > > > > > > > > > > 2014-01-30 Brian > <mailto:a...@cityscape.co.uk> <mailto:a...@cityscape.co.uk > > <mailto:a...@cityscape.co.uk>>>: > > > > > > On Thu 30 Jan 2014 at 18:53:11 +0100, Denis Witt wrote: > > > > > > > On Tue, 28 Jan 2014 18:42:34 + > > > > Brian mailto:a...@cityscape.co.uk> > > <mailto:a...@cityscape.co.uk <mailto:a...@cityscape.co.uk>>> wrote: > > > > > > > > > The AllowUsers directive is a legitimate way to restrict > ssh > > > logins to > > > > > certain users. However, I do not see what (ssh keys + > > AllowUsers) > > > > > brings to the party that (password + AllowUsers) doesn't. > > > > > > > > > Agree but this is not my point in the thread. > > It's not your thread. > > > It's bad habit to split a comment into little pieces losing the whole > point. > > Absolutely - which is *exactly* what happens when the OP asks about > security and discussion devolves into a discussion about SSH. Security > requires a *comprehensive* approach involving risk assessment, risk > management (distribute the risk) and OpSec. Hence my original suggestion > to follow the Debian Security guide which puts SSH into context. Brian > "gets it", you don't appear to. Security requires knowledge, you made no such discovery. But this is a user list, not a teaching room and if we were to apply the rule: "read on the manual" for everything then this list would not exist. IMHO, when the op it's somewhat misleaded into believe that A security it's not better than B security when the opposite it's true, it's quite clear that someone else missed both point and the context. Regards
Re: How can I secure a Debian installation?
2014-01-31 Scott Ferguson : > On 31/01/14 15:29, Raffaele Morelli wrote: > > > > > > > > 2014-01-30 Brian mailto:a...@cityscape.co.uk>>: > > > > On Thu 30 Jan 2014 at 18:53:11 +0100, Denis Witt wrote: > > > > > On Tue, 28 Jan 2014 18:42:34 + > > > Brian mailto:a...@cityscape.co.uk>> wrote: > > > > > > > The AllowUsers directive is a legitimate way to restrict ssh > > logins to > > > > certain users. However, I do not see what (ssh keys + AllowUsers) > > > > brings to the party that (password + AllowUsers) doesn't. > > > > > > A key (if kept secret) is even harder to "guess" than a > > > password, > > > > I'd like to see a complex, random, high-entropy 20 character password > > which is guessable (or capable of being cracked) in a timeframe which > > has some significance. I'll give you "even harder" but it is of no > great > > consequence if you consider the situation where an online subversion > of > > a user's account is being attempted and a good password is in place. > > > > > > I'd like to see someone who use such 20 character password for everyday > > tasks. > > It's not only common (in some industry sectors 12 *random* characters > regularly changed and never repeated is mandated), it's good security. > Despite what some will advise entropy is the measure of exhaustion - > resulting from *brute* force attacks. 50% of the time a brute force will > only require half the entropy to succeed. Due to human bias (failure to > use random passwords and *password* *managers*) the majority of the time > passwords that exceed 8 characters will be composed solely of words, and > brute force difficulty != dictionary attack difficulty (see Niquist and > Shannon). A significant percentage of the time those word based > passwords will be a phrase... with even lower attack difficulty. Agree but this is not my point in the thread. It's bad habit to split a comment into little pieces losing the whole point. I've suggested the use of private key authentication and AllowUsers directive in sshd. Brian argued that a private key+allowusers does not improve security with respect to passwords+allowusers. I use private key authentication with a 21 characters passphrase which is at minimum more secure than a 21 characters password and unless someone kidnaps and tortures me for the passphrase and stoles one of my boxes for the private key I wonder who can prove it is not. C'mon, what's the matter with private key authentication and the OP request?
Re: How can I secure a Debian installation?
2014-01-30 Brian : > On Thu 30 Jan 2014 at 18:53:11 +0100, Denis Witt wrote: > > > On Tue, 28 Jan 2014 18:42:34 + > > Brian wrote: > > > > > The AllowUsers directive is a legitimate way to restrict ssh logins to > > > certain users. However, I do not see what (ssh keys + AllowUsers) > > > brings to the party that (password + AllowUsers) doesn't. > > > > A key (if kept secret) is even harder to "guess" than a > > password, > > I'd like to see a complex, random, high-entropy 20 character password > which is guessable (or capable of being cracked) in a timeframe which > has some significance. I'll give you "even harder" but it is of no great > consequence if you consider the situation where an online subversion of > a user's account is being attempted and a good password is in place. > I'd like to see someone who use such 20 character password for everyday tasks. > > > also it's not "ssh keys + AllowUsers" it's (or should be) > > "ssh key + key pass-phrase + AllowUsers". > > The key pass-phrase is never seen by the server; it plays no part in an > ssh login. You may think it does but the server doesn't. > It's not the passphrase indeed, as I replied to you the key must exist. No key, no authentication process even begins, simply: password it's not even being asked. > > ssh keys + AllowUsers > > and > > password + AllowUsers > > are equally as secure. > Passwords are guessable and brute force are here to stay. But can you show me how to simulate the presence of a key on a client side? > > Allowusers does what it says. It may be a requirement of the site being > accesssed but it plays no part in the security underlying an ssh login, > > There are security advantages to logging in with ssh keys; the strength > of a key isn't one of them. However, ssh key proponents never seem to > mention them. They instruct: "Use private key authentication"; no > explanation, no justification, nothing to indicate why it might be more > appropriate for the situation under discussion. It's as though they are > mesmerised by the number of bits which a key can contain. > It's quite strange you can't get the concept behind. Nobody instructs, ssh man pages do. Private keys are there and easy to understand if you are willing to. > > To return to the original point of this thread: logging in as root with > a key or with a password carries the same risk. I would say it is close > to zero in both cases.
Re: How can I secure a Debian installation?
2014-01-28 Brian > On Tue 28 Jan 2014 at 15:31:25 +0100, Raffaele Morelli wrote: > > > 2014-01-28 Joe > > > > > And so was Raffaele's reply. If you will be using ssh from outside, set > > > up keys and disable the use of passwords. Use a good password or phrase > > > on the private key, and keep it on a USB stick away from the laptop. > > > Laptops are easy to lose. If you need to use Windows, then make the > > > keys in puTTY, because as far as I know, puTTY still can't use OpenSSH > > > private keys but can make public ones. > > > > > > > Also AllowUsers directive in sshd_config should be set because If a user > is > > not listed in there, login attempts stop suddenly at [preauth] level and > > you can use the form user@domain to futher restrict access. > > The AllowUsers directive is a legitimate way to restrict ssh logins to > certain users. However, I do not see what (ssh keys + AllowUsers) brings > to the party that (password + AllowUsers) doesn't. If the private key on the client doesn't match the one on the server auth process fails suddenly without passphrase request. So access on the server is granted only with private key && passphrase. More info and better english: https://www.google.it/search?q=advantages+of+private+key+sshd&oq=advantages+of+private+key+sshd&aqs=chrome..69i57.10529j0j1&sourceid=chrome&ie=UTF-8
Re: How can I secure a Debian installation?
2014-01-28 Joe > On Mon, 27 Jan 2014 23:51:01 -0800 > Jon Danniken wrote: > > > On 01/27/2014 09:41 PM, Scott Ferguson wrote: > > > > > > Keep updated, subscribe to the security list, read and follow the > > > fine manual:- > > > https://www.debian.org/doc/manuals/securing-debian-howto/ > > > > Thanks Scott, that's just what I was looking for. > > > > And so was Raffaele's reply. If you will be using ssh from outside, set > up keys and disable the use of passwords. Use a good password or phrase > on the private key, and keep it on a USB stick away from the laptop. > Laptops are easy to lose. If you need to use Windows, then make the > keys in puTTY, because as far as I know, puTTY still can't use OpenSSH > private keys but can make public ones. > Also AllowUsers directive in sshd_config should be set because If a user is not listed in there, login attempts stop suddenly at [preauth] level and you can use the form user@domain to futher restrict access.
Re: How can I secure a Debian installation?
2014-01-28 Jon Danniken > Hello list, > > I recently came across a posting by an individual who got his > Debian machine compromised due to a number of security problems, one of > which was the default installation and running of sshd with > "PermitRootLogin = > Yes". in /etc/ssh/sshd_config. > > So I checked the Debian installation that I put on my laptop a month ago > (from the Wheezy net install CD), and sure enough I had the same > vulnerability > (I fixed it by changing the "PermitRootLogin" value). > > Fortunately I have been running behind my router, and remain unscathed, > but it caused me to wonder what other vulnerabilities are present out of > the box that I need to address, especially if I should take the laptop > out with me and connect to a public network. > > Besides the sshd root login, what else do I need to disable/fix on this > machine? > > Thanks, > > Jon Use private key authentication ;-) /r
Re: How to Downgrade from Wheezy to Squeeze
2014-01-28 Garry > > Is it possible to downgrade from Wheezy to Squeeze? > > The reason I want to downgrade is because I am trying to install Openfire > and unfortunately: > > openfire pre-depends on sun-java5-jre | sun-java6-jre | > default-jre-headless | openjdk-6-jre > > - - I would prefer downgrading if it’s possible. > - - I wouldn’t mind keeping Wheezy if I could get the pre-depends > installed. > — - If downgrading isn’t an option; can someone help me with remote > installation (server is located in the attic; I’d prefer not climbing up > there to retrieve it.) > > Thanks in advanced to anyone and everyone willing to help! You can install jre from oracle sources and then add the relevant JAVA_HOME environment variables in ~/.bashrc (or /etc/bash.bashrc for system wide) to point at it, source ~/.bashrc and test with: java --version Eventually use update-alternatives to inform debian about it. /r
Re: Connecting Debian to Android phone
2014-01-26 Csanyi Pal > > > > Have you tried go-mtpfs? > > Yes, but when I'm trying to install it on Debian SID, I get the > following bugreport, so I'm not installing it: > > Retrieving bug reports... Done > Parsing Found/Fixed information... Done > grave bugs of mtpfs (→ 1.1-4.1) > #654939 - mtpfs: broken overnight > Summary: > mtpfs(1 bug) > Are you sure you want to install/upgrade the above packages? [Y/n/?/...] > > I choose here the 'n' option. > > -- > Regards from Pal > It's safe to install also from git sources, it's just a binary. /r
Re: sad but true, Linux sucks, a bit
2014/1/15 Jarth Berilcosm > > Looking back on using Linux as a desktop OS for almost 15 years we've > seen tons of features added but not much in terms of 'bite'. > > Hardware support is a lot better but still sucks when it comes to > consumer multi-media, gaming performance etc. > > Someone wrote down a well documented list on all this and more > > http://linuxfonts.narod.ru/ > why.linux.is.not.ready.for.the.desktop.current.html > > Cheerio, > J. Well, here is *just another one* (article) on the left/right tail of the normal distribution. Linux it's not perfect (anyone is surprised?) depending on who you put on X axis. Full stop. I won't comment the whole because I want to save the neurons and synapses but want you to notice that audio *problems* references in the article are - in order of appearance - from 2007, 2009, 2004, 2012 (this last being a stupid thing about audio group)... my 0.02€ /raffaele
Re: Debian logging - confused
2014/1/15 Tanstaafl > Hi all, > > I understand and agree with the argument for having separate logs for > different services, as it makes troubleshooting individual servcies much > easier - in most cases. > > However, I also would like to have *one* log that *everything* goes to, > because in many cases it makes it much easier to see at a glance if there > is a problem - at least on systems that aren't extraordinarily busy. > grep N patterns in a single (huge) log file or grep pattern in N log files, is that your *doubt*? keep in mind that services log *problems* in various ways so you will end up searching patterns anyway.
Re: Intel soundcard does not work
2014/1/12 Martin > Hello, > I have new computer but soundcard does not work with Debian/Squeeze. > Maybe I need to tweak some configuration files or I need new driver? > It is integrated on motherboard Intel soundcard. > Can anybody give me an advice? > > Bellow are output from some command that I tought would be needed. > BTW soudcard works under Windows. > > If anybody is wondering why I use Squeeze instead of something more > recent it is because I do have complete set of DVD for Squeeze but do > not have internet connection capable for online installation of OS or > even easy acces to set of DVD for newer system. > > boza@spongia:~/tmp$ lspci -n > 00:1b.0 0403: 8086:1c20 (rev 05) > > boza@spongia:~/tmp$ lspci -v > 00:1b.0 Audio device: Intel Corporation Cougar Point High Definition Audio > Controller (rev 05) > Subsystem: Giga-byte Technology Device a002 > Flags: bus master, fast devsel, latency 0, IRQ 22 > Memory at f7d0 (64-bit, non-prefetchable) [size=16K] > Capabilities: > Kernel driver in use: HDA Intel > ] > run `aplay -l` and look at the card0 infos eg. I have $ aplay -l List of PLAYBACK Hardware Devices card 0: Intel [HDA Intel], device 0: AD1984 Analog [AD1984 Analog] Subdevices: 1/1 Subdevice #0: subdevice #0 then `cd /usr/share/doc/alsa-base/driver` check in HD-Audio-Models.txt (or the gzipped related) the model which fits to your card and add it in /etc/modprobe.d/alsa-base.conf like this options snd-hda-intel model=YOUR_MODEL reboot /r
Re: audio dropouts still
2014/1/15 Zenaan Harkness > On 1/11/14, Zenaan Harkness wrote: > > On 1/11/14, Klaus wrote: > >> On 10/01/14 14:26, Ralf Mardorf wrote: > >>> On Fri, 2014-01-10 at 14:09 +, Klaus wrote: > correlation between absolute CPU power and drop-outs > > > >> What I added to this thread is that even with a whittled down system (in > >> this case: no jackd, no pulseaudio), audio drop-out can still happen. As > > > > And thank you! This is interesting, and pertinent information, from my > > perspective. I too am very keen to get to the bottom of this > > apparently illogical problem. > > > >> far as I'm aware of, Zenaan has not tested -- or reported about his > >> tests of -- the most minimalist system. > > > > I shall do so at some point, hopefully in next day or three, and > > report back. It's an important test. > > Haven't been able to test no-X environment, but the following may be > of interest (still getting the dropouts): > > I installed the latest 3.12-1-rt-amd64 (rt) kernel, with dist-upgrade > and reboot of course. > > Reading some of the links provided in this thread, I note that > Debian's -rt kernel has: > CONFIG_HZ_250=y > # CONFIG_HZ_300 is not set > # CONFIG_HZ_1000 is not set > CONFIG_HZ=250 > > rather than CONFIG_HZ=1000, which is strongly indicated/recommended in > some of the links provided, and by realtimeconfigquickscan.git > > So it looks like we who like audio with reasonably low latency and > without dropouts, may be required to build our own kernels. I do > wonder what the purpose of the debian -rt kernel is... if it is > intended for audio, then a bug ought be filed, but I suspect not. > > Now, for the most interesting thing, and I have not found the bug with > a google search, is zita-a2j (see package zita-ajbridge). I am running > zita-a2j as follows: > zita-a2j -j cloop -r 44100 -n 2 -c 2 -Q 1 -d hw:0 -v > and jackd appears as follows: > /usr/bin/jackd -dalsa -dhw:PCH -r44100 -p256 -n2 -D -Phw:PCH,7 > > When I run zita-a2j (to capture alsa clients and feed them to jack, > just like /usr/bin/alsa_in command) I haven't yet figured out why I'm > not getting audio from alsaplayer (with alsa backend), BUT, I do get > the following errors: > > Alsa_pcmi: error on capture pollfd. > -1.458 1.22 # this line is status output, not error > Starting synchronisation. > > which appear every now and then; if I remove "-v" option, I just get > the "Starting synchronisation." messages. > > The man page for zita-a2j has the following para: > > When starting, and in case of major trouble, you will see the > 'Starting synchronisation' message. This can happen if there is a > timeout on the Jack server, e.g. a client crashed or terminated in a > dirty way. Jack1 will skip one or more cycles when new apps are > started, or when a large number of port connections is done in a short > time. his may interrupt the audio signal, but should otherwise not > have any ill consequences nor require a restart. > > > So, we have an application, zita-a2j, which is consistently showing > _some_ output which _may_ correspond to the audio dropouts we are > hearing. > > My next step is to get zita-a2j to actually work the same as alsa_in > command as in, to produce some audio through jack for me, so we can > hopefully correlate the auditory audio drop out, with these errors > (I'm hopeful). > > Also, looks like I'll have to get back to compiling own kernel. We'll see. I see you are experiencing audio dropouts still, can I ask which audio card are you using?
Re: going mad - starting jackd starts pulseaudio
If you are going to use/test jackd as your primary audio server you will need to have a look a this sooner or later http://alsa.opensrc.org/Jack_and_Loopback_device_as_Alsa-to-Jack_bridge /r 2014/1/9 Zenaan Harkness > On 1/9/14, Ralf Mardorf wrote: > > Perhaps it's restarted by D-Bus, disable jack dbus > > No, that was well and truly taken care of by me - killall is my friend > > > Setup... > Misc > [ ] Enable D-Bus interface > > - along with disabling the dbus option in qjackctl of course :) > > > However, I don't know what is the correct way to disable pulseaudio, I > > simply don't install it or replace it by a dummy package. > > Disabling pulseaudio's auto-spawn feature in /etc/pulse/client.conf > did the trick for me - I didn't even though the file existed until > strace showed me. > > > Those ways might or might not work: > > > http://askubuntu.com/questions/8425/how-to-temporarily-disable-pulseaudio > > Thanks. Looks like a useful link. I saw pasuspender earlier today, but > haven't tried it yet. Anyway, I foudn a solution that works... > > > This howto is old, kill -9 definitive didn't work in the past, perhaps > > autospawn=no and pulseaudio --kill did and does work. The howto is old. > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: > http://lists.debian.org/CAOsGNSQAVfK9pRP+83=DmXTO6=rahal6jddnow145sm2oq-...@mail.gmail.com > >
Re: going mad - starting jackd starts pulseaudio
2014/1/9 Zenaan Harkness > OK, I have not been able to solve my pulse dropouts (professionally > faded out and in, but very noticeable nonetheless - they're about a > second or less in duration, essentially random intervals between > dropouts), so have spent today trying to get jackd to work: > > I use qjackctl. > > I've disabled pulse from xfce session, sudo service pulseaudio stop, > insserv -r pulseaudio, killall -9 pulseaudio. > > ps aux | egrep -vi disk\|gvfs | egrep alsa\|jack\|pulse\|mix\|vol > gives a nice, clean output. > > BUT, when I run qjackctl (no command line options), it starts up and > auto-starts jackd as well as pulseaudio. > > How can I stop this from happening? I want to test jackd/qjackctl by > themselves. Check your qjackctl setup, driver should be alsa. /r
Re: do i need to recompile the kernel
2014/1/9 Alessandro Lima > Do I need to recompile the kernel to take all the advantages of the > processor i7 4770 in debian wheezy? > this could be of some interest to you http://www.phoronix.com/scan.php?page=article&item=intel_4770k_linux&num=1 > > > Alessandro Lima > email grandegoia...@gmail.com >
Re: MTP and Android phones
2014/1/8 Paul Cartwright > On 01/08/2014 09:59 AM, Raffaele Morelli wrote: > >works like a charm here, debian jessie. Android 4.1.2 on lg phone. >> >> I did the go-mtpfs per the web site, ran it, but got an error. Not sure >> if I was supposed to do anything with this line from the install: >> >> # edit to suit libusb installation: >> vi /tmp/go/src/github.com/hanwen/go-mtpfs/usb/usb.go >> >> but here is what happened when I ran it: >> go-mtpfs /media/s3 >> 2014/01/08 08:34:26 OpenSession failed: LIBUSB_ERROR_IO; attempting reset >> 2014/01/08 08:34:33 Configure failed: OpenSession after reset: >> LIBUSB_ERROR_TIMEOUT >> >> > exept that I moved the installation path to my ~/bin I followed that > verbatim and worked > > /r > > I don't follow.. how do you move the installation path.. like this: > > mkdir home/user/bin/go > export GOPATH=/home/user/bin/go > go get github.com/hanwen/go-mtpfs > > /tmp/go/bin/go-mtpfs will then contain the program binary. > > exactly, but it does not really matter you'll end up with the binary "go-mtpfs" so you can place it everywhere
Re: MTP and Android phones
2014/1/8 Paul Cartwright > On 01/08/2014 07:59 AM, Raffaele Morelli wrote: > > >> https://github.com/hanwen/go-mtpfs >> >> If you're going to build it yourself, you'll need to install these >> packages first: >> % apt-get install golang-go golang-src libusb-1.0-0 libusb-1.0-0-dev >> >> There seem to be pre-compiled binaries you can download too (YMMV with >> those). You'll probably need to install the libusb-1.0-0 library >> anyway. >> >> I just mount/unmount manually. One could write a udev/udisks2 rule to >> automate this I suppose. >> >> HTH, >> -- Brad > > > +1 > works like a charm here, debian jessie. Android 4.1.2 on lg phone. > > I did the go-mtpfs per the web site, ran it, but got an error. Not sure if > I was supposed to do anything with this line from the install: > > # edit to suit libusb installation: > vi /tmp/go/src/github.com/hanwen/go-mtpfs/usb/usb.go > > but here is what happened when I ran it: > go-mtpfs /media/s3 > 2014/01/08 08:34:26 OpenSession failed: LIBUSB_ERROR_IO; attempting reset > 2014/01/08 08:34:33 Configure failed: OpenSession after reset: > LIBUSB_ERROR_TIMEOUT > > exept that I moved the installation path to my ~/bin I followed that verbatim and worked /r
Re: MTP and Android phones
2014/1/7 Brad Sawatzky > On Tue, 07 Jan 2014, Dr. Jennifer Nussbaum wrote: > > > Ive Googled and tried to read up about MTP, but im still not sure how > > to get things working--different sites have you download and compile > > things from scratch, which seems crazy that you can't just plug your > > phone in. I did install mtp-tools, but i can't find mtpfs that many of > > the sites say you need to have. > > Yeah, MTP is a pain. I wish there was at least a choice for a standard > USB generic mass storage mount option... oh well. > > The best MTP software I've found is go-mtpfs. Unfortunately I don't > think it is packaged, but it is easy to build and put in $HOME/bin/ > It uses FUSE like the other options, but is _much_ faster. You can find > it here: > https://github.com/hanwen/go-mtpfs > > If you're going to build it yourself, you'll need to install these > packages first: > % apt-get install golang-go golang-src libusb-1.0-0 libusb-1.0-0-dev > > There seem to be pre-compiled binaries you can download too (YMMV with > those). You'll probably need to install the libusb-1.0-0 library > anyway. > > I just mount/unmount manually. One could write a udev/udisks2 rule to > automate this I suppose. > > HTH, > -- Brad +1 works like a charm here, debian jessie. Android 4.1.2 on lg phone.
Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
2014/1/2 Bob Proulx > Raffaele Morelli wrote: > > Bob Proulx wrote: > > > 2) The ownership of the files by root are safe. The default owner is > > > root. Files owned by root with the default permissions are not > > > writable by the web process. Files in the default configuration are > > > not exploitable by that vulnerability which requires write access to > > > files in the DocumentRoot. There is never a problem with web files > > > owned by the root user. > > > > Quite wrong. > > No. This is correct. If you disagree then please file a bug report. > Please let me know where it is filed so that I can participate in the > review. Peer review is the best way to deal with it. > > > Unless you are administering your own server with just you as user > there's > > no problem in using root for everything. > > But if you have other users you should grant write permissions to the > > website document root for them to upload stuff and simply you can't let > > anyone other than you to access as root (would you?). > > Now, rwx permissions and unprivileged users exist for that, root > ownership > > is absolutely not needed. > > Why are you responding here with this? I never said that creating a > non-priviledged and non-www-data account to hold the files was bad. > Why are you responding as if I did? Please read the thread again. I > repeatedly said creating such users were a good way to do things. > > Here I was discussing the reason the exploit was successful. The > exploit allowed the attacker access to the system as the www-data > user. Because the files were owned by the www-data user it allowed > the attacker to write files. The ability to write files gave the > attacker even more capability in this case to generate spam from the > server. The ability of the attacker to write files enabled the > attacker to leave more doors open even if the original exploit was > closed until the attacker's files are cleaned up. > > If the files were not owned by the www-data user then while the > exploit may still have occurred then the attacker would have been > prevented by the OS from writing files into the DocumentRoot. This > would likely have prevented the compromised host from becoming the > spam source that it was reported to have become. Because it would > have limited the attacker to the original exploit and prevented the > attacker from created expanded capabilities by adding files on disk. > > > Unless you are administering your own server with just you as user > > there's no problem in using root for everything. > > No one has proposing using root for everything. That would be very > bad. Why do you respond as if someone did? > Bob > Put it here as a whole to avoid unwanted breaks (as you did between "Quite wrong." and the rest of the sentence). root ownership for DocumentRoot is a problem when you deal with N developers working on N websites, because you should provide write access to them for their work to be uploaded. I solve this clearer using unprivileged users other than www-data for the ownership and r-x group access to www-data (repeating the fourth time). So, I never said nor responded as your 2) statement was bad but IMHO is just a case specific (phpmyadmin and others living in /usr/share/ which are installed by root) and should not be used as a general rule for each and every website. As I stated in one of my first responses to the OP the exploit was possibile because the dir was writeable, the files were owned by www-data but a NEW file was uploaded in the dir not overwritten. If the dir is writeable root ownership of files doesn't help, am I wrong? Moreover, I bet that if the OP will have a look at the apache log files he will find the POST request for that script. /r
Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
2013/12/31 Jerry Stuckle > > > BTW - your quoting style is not consistent, making it difficult to see > which are your comments and which are in the post you are replying to. > > Jerry > I broke quoting somewhere in the thread, BTW here is my main points. 1. one should not be using root ownership for websites to solve permissions problems in website document root. On servers where there are N web developers this is absolutely the wrong way to go (you can't go IMO). root should only be used for system administration. security it's not a matter of doing everything as root but in using right permissions and user/group rules. 2. www-data user should have r-x group permissions and unprivileged users (eg developer account) should have rwx (or rw-) permissions and ownership. www-data ownership it's safe without write permission. I just want to add a (relevant) bit. Apache has tons of directives to secure a website and if you really need to upload in a dir you can tell apache to not execute php scripts in there or force file type to text or prevent POST request from untrusted ip, etc etc and you'are done. /r
