Re: question re apparmor
On 9/3/24 03:45, Andrew M.A. Cater wrote: On Tue, Sep 03, 2024 at 12:15:22AM -0400, gene heskett wrote: Just got a popup that quickly faded, checked dmesg, found this: operation="unlink" profile="/usr/bin/akonadiserver" [ 66.987054] logitech-hidpp-device 0003:046D:4094.0008: HID++ 4.5 device connected. kernel.perf_event_max_sample_rate to 49750 [72817.527464] Process accounting resumed [112391.466084] perf: interrupt took too long (5054 > 5013), lowering kernel.perf_event_max_sample_rate to 39500 Keyboard / mouse being added - don't know what the perf error is, but if you're monitoring every interrupt and process, that's an overhead you maybe can't afford? Config error? real problem? IDK. Machine had huge security update of 115 files + kernel yesterday morning. Hi Gene, If this is a Debian system: you're aware there was a Debian point release over the weekend? It looks like you've got four things: Akonadi server and akonadi crawling the system - that's KDE or maybe LXQT? mariadb_akonadi Acc htop neither of those is running One mention of mysqld - do you have both MariaDB and MySQL running concurrently? No trace in htop cupsd cups alwways> That's all been picked up by apparmor. If you're not sure what audit is giving you, maybe turn it off? How? gene@coyote:~$ man audit No manual entry for audit If you do post a wall of text, please cut it down on replies otherwise we all get swamped. I wanted to post it all, been accused of snipping too much before. The only thing I've a bunch of running is kde5, But the gui is supposedly xfce4. plasmashell etc too.. All best, as evef, Andrew Cater (amaca...@debian.org) Thanks. Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis . Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: question re apparmor
On Tue, Sep 03, 2024 at 12:15:22AM -0400, gene heskett wrote: > Just got a popup that quickly faded, checked dmesg, found this: > operation="unlink" profile="/usr/bin/akonadiserver" > [ 66.987054] logitech-hidpp-device 0003:046D:4094.0008: HID++ 4.5 device > connected. > kernel.perf_event_max_sample_rate to 49750 > [72817.527464] Process accounting resumed > [112391.466084] perf: interrupt took too long (5054 > 5013), lowering > kernel.perf_event_max_sample_rate to 39500 > Keyboard / mouse being added - don't know what the perf error is, but if you're monitoring every interrupt and process, that's an overhead you maybe can't afford? > Config error? real problem? IDK. Machine had huge security update of 115 > files + kernel yesterday morning. > Hi Gene, If this is a Debian system: you're aware there was a Debian point release over the weekend? It looks like you've got four things: Akonadi server and akonadi crawling the system - that's KDE or maybe LXQT? mariadb_akonadi One mention of mysqld - do you have both MariaDB and MySQL running concurrently? cupsd That's all been picked up by apparmor. If you're not sure what audit is giving you, maybe turn it off? If you do post a wall of text, please cut it down on replies otherwise we all get swamped. All best, as evef, Andrew Cater (amaca...@debian.org) > Thanks. > > Cheers, Gene Heskett, CET. > -- > "There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." > -Ed Howdershelt (Author, 1940) > If we desire respect for the law, we must first make the law respectable. > - Louis D. Brandeis >
Re: question related to cp (-p) and /tmp
Hi, Max Nikulin wrote: > Thomas, do you have in your collection of strange files a one moved out of a > directory encrypted using fscrypt? Not yet. I will have to think whether such files pose any particular backup problem. Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
On 10/07/2024 08:48, Greg Wooledge wrote: On Wed, Jul 10, 2024 at 08:20:23 +0700, Max Nikulin wrote: On 10/07/2024 02:35, Thomas Schmitt wrote: setfattr -n system.nfs4_acl -v '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x Shell does not interpret backslashes in single (and double) quotes. $'\0...' might be better You cannot pass raw NUL bytes as an argument to a program. Thanks. For some reason I believed that either execve or a similar system call may pass arguments directly without copy relying on NULL-terminating strings. Even if it were working, started program would have to obtain actual length e.g. from another argument. Dealing with high level languages tracking string length last time caused partial blindness. Of course, I was unaware of that setfacl may treat escaping internally. P.S. Thomas, do you have in your collection of strange files a one moved out of a directory encrypted using fscrypt? When the directory is locked, attempts to read file cause "Required key not available" errors. There is no tool to find what particular key should be added to keyring https://docs.kernel.org//filesystems/fscrypt.html#encryption-context It is up to individual filesystems to decide where to store it, but normally it would be stored in a hidden extended attribute. It should not be exposed by the xattr-related system calls such as getxattr() and setxattr()... so getfattr reports nothing.
Re: question related to cp (-p) and /tmp
Hi, Patrice Duroux wrote: > $ getfattr -d test.sh > $ One could get the impression that "system." attributes are kept obscure by developers' intention. I now found in the man page a few sentences which could be the origin of my dim (and distorted) memories about this name space: -m pattern, --match=pattern Only include attributes with names matching the regular expression pattern. The default value for pattern is "^user\\.", which includes all the attributes in the user namespace. Specify "-" for including all attributes. So what do you get from this run ? getfattr -d -m - test.sh > $ nfs4_getfacl test.sh > # file: test.sh > A::OWNER@:rwaxtTcCy > A::GROUP@:rxtcy > A::EVERYONE@:tcy It seems that man 5 nfs4_acl gives explanations of the settings under "ACE FLAGS:". I expect that nfs4_setfacl -x could remove the offending attribute, if not setfacl -x does. (I would rather move this file to my directory tree of strange files, which i keep for testing purposes.) Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
> So we now know how to prevent the immediate problem. > Does "system.nfs4_acl" show up in > getfattr -d test.sh > ? $ getfattr -d test.sh $ And this is the same regardless the value (permissions or skip) for system.nfs4_acl in /etc/xattr.conf > Maybe it is the right package to learn more about the attribute of your > file. Maybe it is even the origin of its existence. $ nfs4_getfacl test.sh # file: test.sh A::OWNER@:rwaxtTcCy A::GROUP@:rxtcy A::EVERYONE@:tcy So nothing more interesting to me despite my ignorance on NFS4. Le mer. 10 juil. 2024 à 09:11, Thomas Schmitt a écrit : > > Hi, > > Patrice Duroux wrote: > > On the other hand, after modifying /etc/xattr.conf to replace: > > system.nfs4_aclpermissions > > by: > > system.nfs4_aclskip > > then test.sh works nicely: > > So we now know how to prevent the immediate problem. > > Does "system.nfs4_acl" show up in > > getfattr -d test.sh > > ? > > > > Is there a risk to leave /etc/xattr.conf like this? > > Given our test results with "system.nfs4_acl" and your success with the > changed configuration, i'd say it is mostly beneficial. > > You could of course try to remove this hard-to-digest attribute > from the file: > > setfattr -x system.nfs4_acl test.sh > > > > If I am right, this file is provided by libattr1 package and its > > content is from upstream: > > https://git.savannah.nongnu.org/cgit/attr.git/tree/xattr.conf > > I probably misinterpreted the comment in coreutils copy.c. > SELinux and xattr.conf are not associated but only handled together in > that piece of code. > > > There remains the question how your file got this attribute. > Was it created when the filesystem was exported via NFS ? > > In the web i find references to a command nfs4_setfacl. > Debian has it in package nfs4-acl-tools: > https://tracker.debian.org/pkg/nfs4-acl-tools > Not very active but present from "old-old-stable" to Sid. > > Maybe it is the right package to learn more about the attribute of your > file. Maybe it is even the origin of its existence. > > > Have a nice day :) > > Thomas >
Re: question related to cp (-p) and /tmp
On the other hand, after modifying /etc/xattr.conf to replace: system.nfs4_aclpermissions by: system.nfs4_aclskip then test.sh works nicely: $ ./test.sh -rwxr-x--- 1 patrice patrice 300 Jul 9 10:46 ./test.sh option: -p exitcode: 0 -rwxr-x--- 1 patrice patrice 300 Jul 9 10:46 /tmp/test.sh option: --preserve=mode exitcode: 0 -rwxr-x--- 1 patrice patrice 300 Jul 10 08:32 /tmp/test.sh option: --preserve=timestamps exitcode: 0 -rwxr-x--- 1 patrice patrice 300 Jul 9 10:46 /tmp/test.sh option: --preserve=ownership exitcode: 0 -rwxr-x--- 1 patrice patrice 300 Jul 10 08:32 /tmp/test.sh Is there a risk to leave /etc/xattr.conf like this? This file also has a line regarding 'system.nfs4acl'. Is this for any compatibility? If I am right, this file is provided by libattr1 package and its content is from upstream: https://git.savannah.nongnu.org/cgit/attr.git/tree/xattr.conf Le mar. 9 juil. 2024 à 21:33, Thomas Schmitt a écrit : > > Hi, > > (I Cc: patrice.dur...@gmail.com because i see no "LDOSUBSCRIBER" in > the "X-Spam-Status:" header.) > > Jumping ahead: > > Look into the local file > > /etc/xattr.conf > > and try what happens if you change > > system.nfs4_acl permissions > > to > > system.nfs4_acl skip > > or if you newly insert thie "skip" line if no "system.nfs4_acl" is to see. > > -- > How i came to that proposal: > > Patrice Duroux wrote: > > $ LANG=C strace cp -p test.sh /tmp > > strace is a very good idea. > > > > flistxattr(4, NULL, 0) = 16 > > flistxattr(4, "system.nfs4_acl\0", 16) = 16 > > Somehow your file has an extended file attribute "system.nfs4_acl". > Inquire by: > > getfattr -d test.sh > > (I dimly remember that one needs superuser authority to read "system." > attributes. But i cannot find this in man 1 getfattr.) > > > > openat(AT_FDCWD, "/etc/xattr.conf", O_RDONLY) = 6 > > According to Google this is a configuration file: > > https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/minimal-image/f2d0d3c549d068931c52fb2e94925dd7/INCLUDED/SUSE:SLE-15:GA::attr::efd1f5b9c0b136b5dfc37de3f2d9c977/xattr.conf > ... > # How to handle extended attributes when copying between files > ... > # Actions: > # permissions - copy when trying to preserve permissions. > # skip - do not copy. > ... > system.nfs4_acl permissions > > cp sees this configuration file associated to SELinux: > > https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=751#L749 > /* Exclude SELinux extended attributes that are otherwise handled, > and are problematic to copy again. Also honor attributes > configured for exclusion in /etc/xattr.conf. > > > > fsetxattr(5, "system.nfs4_acl", > > "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80, 0) = -1 > > EOPNOTSUPP (Operation not supported) > > Here the error happens while trying to set the attribute. > Shell equivalent is > > setfattr -n system.nfs4_acl -v > '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x > > and yields here (even for the superuser and on ext4 filesystem) > > setfattr: /tmp/x: Operation not supported > > I'm not sure whether the value is a digestible format. > But if i do the same with a name in the "user." namespace i get no error > > setfattr -n user.x -v '\0\0\0...lengthy.string.above...' /tmp/x > > > Have a nice day :) > > Thomas >
Re: question related to cp (-p) and /tmp
Hi, Patrice Duroux wrote: > On the other hand, after modifying /etc/xattr.conf to replace: > system.nfs4_aclpermissions > by: > system.nfs4_aclskip > then test.sh works nicely: So we now know how to prevent the immediate problem. Does "system.nfs4_acl" show up in getfattr -d test.sh ? > Is there a risk to leave /etc/xattr.conf like this? Given our test results with "system.nfs4_acl" and your success with the changed configuration, i'd say it is mostly beneficial. You could of course try to remove this hard-to-digest attribute from the file: setfattr -x system.nfs4_acl test.sh > If I am right, this file is provided by libattr1 package and its > content is from upstream: > https://git.savannah.nongnu.org/cgit/attr.git/tree/xattr.conf I probably misinterpreted the comment in coreutils copy.c. SELinux and xattr.conf are not associated but only handled together in that piece of code. There remains the question how your file got this attribute. Was it created when the filesystem was exported via NFS ? In the web i find references to a command nfs4_setfacl. Debian has it in package nfs4-acl-tools: https://tracker.debian.org/pkg/nfs4-acl-tools Not very active but present from "old-old-stable" to Sid. Maybe it is the right package to learn more about the attribute of your file. Maybe it is even the origin of its existence. Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
Hi, i wrote: > > >setfattr -n system.nfs4_acl -v > > > '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x Max Nikulin wrote: > Shell does not interpret backslashes in single (and double) quotes. Non-interpretation by the shell was my intention. I wanted the string to reach setfattr(1) literally. Inspiration was this line from strace: fsetxattr(5, "system.nfs4_acl", "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80, 0) = -1 Greg Wooledge wrote: > Thomas's command is *relying* on setfattr interpreting the backslash > sequences, because the shell cannot be allowed to do so. Indeed. The man page supports me modulo artistic freedom. -v value, --value=value [...] If the given string is enclosed in double quotes, the inner string is treated as text. In that case, backslashes and double quotes have special meanings [...] I omitted the double quotes but obviously my value was decoded as i intended: $ getfattr -d /tmp/x getfattr: Removing leading '/' from absolute path names # file: tmp/x user.x=0sAwAAABYBpwZPV05FUk== $ base64 -d | hxd AwAAABYBpwZPV05FUk== :00 00 00 03 00 00 00 00 00 00 00 00 00 16 01 a7 0 : 0 0 0 3 0 0 0 0 0 0 0 0 0 22 1 167 0010 :00 00 00 06 4f 57 4e 45 52 40 00 00 00 00 00 O W N E R @ 16 : 0 0 0 6 79 87 78 69 82 64 0 0 0 0 0 This looks much like i would expect from correct decoding of the octal salad text. (hxd is my own binary dumper for hex, cleartext, and decimal. In a rogue ISO 9660 filesystem one never knows which byte presentation brings the decisive insight.) Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
On Wed, Jul 10, 2024 at 08:20:23 +0700, Max Nikulin wrote: > On 10/07/2024 02:35, Thomas Schmitt wrote: > > Here the error happens while trying to set the attribute. > > Shell equivalent is > > > >setfattr -n system.nfs4_acl -v > > '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x > > Shell does not interpret backslashes in single (and double) quotes. $'\0...' > might be better You cannot pass raw NUL bytes as an argument to a program. It's impossible. The argument with a NUL byte in the first position will be treated as an empty string (zero length). > echo '\026' | xxd -g 1 > : 5c 30 32 36 0a \026. > > echo $'\026' | xxd -g 1 > : 16 0a.. hobbit:~$ echo $'\000\000ABCDEFG' | hd 0a|.| 0001 Thomas's command is *relying* on setfattr interpreting the backslash sequences, because the shell cannot be allowed to do so.
Re: question related to cp (-p) and /tmp
On 10/07/2024 02:35, Thomas Schmitt wrote: Here the error happens while trying to set the attribute. Shell equivalent is setfattr -n system.nfs4_acl -v '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x Shell does not interpret backslashes in single (and double) quotes. $'\0...' might be better echo '\026' | xxd -g 1 : 5c 30 32 36 0a \026. echo $'\026' | xxd -g 1 : 16 0a.. C-style backslash escapes are interpreted by printf, but besides leading dash it would be necessary to deal with %-formats. Sorry, I am familiar enough with NFS and extended file attributes to reason if cp should copy system.nfs4_acl in this particular case.
Re: question related to cp (-p) and /tmp
Hi, (I Cc: patrice.dur...@gmail.com because i see no "LDOSUBSCRIBER" in the "X-Spam-Status:" header.) Jumping ahead: Look into the local file /etc/xattr.conf and try what happens if you change system.nfs4_acl permissions to system.nfs4_acl skip or if you newly insert thie "skip" line if no "system.nfs4_acl" is to see. -- How i came to that proposal: Patrice Duroux wrote: > $ LANG=C strace cp -p test.sh /tmp strace is a very good idea. > flistxattr(4, NULL, 0) = 16 > flistxattr(4, "system.nfs4_acl\0", 16) = 16 Somehow your file has an extended file attribute "system.nfs4_acl". Inquire by: getfattr -d test.sh (I dimly remember that one needs superuser authority to read "system." attributes. But i cannot find this in man 1 getfattr.) > openat(AT_FDCWD, "/etc/xattr.conf", O_RDONLY) = 6 According to Google this is a configuration file: https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/minimal-image/f2d0d3c549d068931c52fb2e94925dd7/INCLUDED/SUSE:SLE-15:GA::attr::efd1f5b9c0b136b5dfc37de3f2d9c977/xattr.conf ... # How to handle extended attributes when copying between files ... # Actions: # permissions - copy when trying to preserve permissions. # skip - do not copy. ... system.nfs4_acl permissions cp sees this configuration file associated to SELinux: https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=751#L749 /* Exclude SELinux extended attributes that are otherwise handled, and are problematic to copy again. Also honor attributes configured for exclusion in /etc/xattr.conf. > fsetxattr(5, "system.nfs4_acl", > "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80, 0) = -1 > EOPNOTSUPP (Operation not supported) Here the error happens while trying to set the attribute. Shell equivalent is setfattr -n system.nfs4_acl -v '\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x and yields here (even for the superuser and on ext4 filesystem) setfattr: /tmp/x: Operation not supported I'm not sure whether the value is a digestible format. But if i do the same with a name in the "user." namespace i get no error setfattr -n user.x -v '\0\0\0...lengthy.string.above...' /tmp/x Have a nice day :) Thomas
Re: Re: Re: question related to cp (-p) and /tmp
> Looks like the error happens while trying to set the extended attributes > on the destination file. I don't really know how xattr works, but > it looks like it's trying to set an attribute named "system.nfs4_acl" > on a file that's in the /tmp directory. That is more clear to me now. And so I can confirm that copying to other destination that is a local disk device gives me the same message and exitcode: $ LANG=C cp -p test.sh /home2/patrice/ ; echo $? cp: preserving permissions for '/home2/patrice/test.sh': Operation not supported 1 $ mount | grep home2 /dev/sdb7 on /home2 type ext4 (rw,relatime,stripe=32751) I should have tested this also. > I can't tell whether this is a bug in cp, or a bug in the kernel. > Someone who understands xattr might be better able to help. Just for the story, the current kernel on this system is: $ uname -srvmo Linux 6.9.8-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.9.8-1 (2024-07-07) x86_64 GNU/Linux so probably it should be reboot at some point and switch for instance to linux-image-6.9.8-amd64 that is already installed. Many thanks to all!
Re: Re: question related to cp (-p) and /tmp
On Tue, Jul 09, 2024 at 19:12:28 +0200, Patrice Duroux wrote: > $ LANG=C strace cp -p test.sh /tmp [...] > read(6, "# /etc/xattr.conf\n#\n# Format:\n# "..., 4096) = 681 > read(6, "", 4096) = 0 > close(6)= 0 > fgetxattr(4, "system.nfs4_acl", NULL, 0) = 80 > fgetxattr(4, "system.nfs4_acl", > "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80) = 80 > fsetxattr(5, "system.nfs4_acl", > "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80, 0) = -1 > EOPNOTSUPP (Operation not supported) > write(2, "cp: ", 4cp: ) = 4 > write(2, "preserving permissions for '/tmp"..., 41preserving permissions for > '/tmp/test.sh') = 41 > write(2, ": Operation not supported", 25: Operation not supported) = 25 > write(2, "\n", 1 At this point, FD 4 is the source file (./test.sh) and FD 5 is the destination file (/tmp/test.sh). > $ mount | grep patrice > /home/patrice type nfs4 > (rw,nosuid,nodev,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=X,local_lock=none,addr=Y) Looks like the error happens while trying to set the extended attributes on the destination file. I don't really know how xattr works, but it looks like it's trying to set an attribute named "system.nfs4_acl" on a file that's in the /tmp directory. I can't tell whether this is a bug in cp, or a bug in the kernel. Someone who understands xattr might be better able to help. > Finally, note that I am a «he» otherwise in French it's generally Patricia for > «her» > :-D My apologies. Patrice is a feminine name in English.
Re: Re: question related to cp (-p) and /tmp
> If we can't figure it out from her replies to our *many* requests for
> additional information, then my next request would be to strace it,
> and see exactly which system call is failing.
$ LANG=C strace cp -p test.sh /tmp
execve("/usr/bin/cp", ["cp", "-p", "test.sh", "/tmp"], 0x7ffe58e09538 /* 33
vars */) = 0
brk(NULL) = 0x561646694000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f2776e92000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=251839, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 251839, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f2776e54000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) =
3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"...,
832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=182504, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 190160, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2776e25000
mmap(0x7f2776e2c000, 114688, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f2776e2c000
mmap(0x7f2776e48000, 32768, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
0x23000) = 0x7f2776e48000
mmap(0x7f2776e5, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2b000) = 0x7f2776e5
mmap(0x7f2776e52000, 5840, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f2776e52000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libacl.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"...,
832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=38832, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 41008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2776e1a000
mmap(0x7f2776e1c000, 20480, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f2776e1c000
mmap(0x7f2776e21000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
0x7000) = 0x7f2776e21000
mmap(0x7f2776e23000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x7f2776e23000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libattr.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"...,
832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=26544, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 28696, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2776e12000
mmap(0x7f2776e14000, 12288, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f2776e14000
mmap(0x7f2776e17000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
0x5000) = 0x7f2776e17000
mmap(0x7f2776e18000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f2776e18000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P~\2\0\0\0\0\0"..., 832)
= 832
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"...,
784, 64) = 784
newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1933688, ...}, AT_EMPTY_PATH)
= 0
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"...,
784, 64) = 784
mmap(NULL, 1985936, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2776c2d000
mmap(0x7f2776c53000, 1404928, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26000) = 0x7f2776c53000
mmap(0x7f2776daa000, 348160, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
0x17d000) = 0x7f2776daa000
mmap(0x7f2776dff000, 24576, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1d1000) = 0x7f2776dff000
mmap(0x7f2776e05000, 52624, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f2776e05000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) =
3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"...,
832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=633480, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 631688, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2776b92000
mmap(0x7f2776b94000, 442368, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f2776b94000
mmap(0x7f2776c0, 176128, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
0x6e000) = 0x7f2776c0
mmap(0x7f2776c2b000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x99000) = 0x7f2776c2b000
close(3)= 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f2776b9
arch_prctl(ARCH_SET_FS, 0x7f2776b91540) = 0
set_tid_address(0x7f2776b91810) = 195619
set_robust_list(0x7f2776b91820, 24) = 0
r
Re: question related to cp (-p) and /tmp
Hi, Patrice Duroux wrote: > user:1234:-w- So it's not that /tmp would refuse on ACL. > getfacl : suppression du premier « / » des noms de chemins absolus > (sorry for the french output) The translator to french was not overly capricious. So my school french suffices. Google would help if the text would be more flowery. In cases where the output language matters more, consider to set the LANG variable to "C" as prefix to the desired command line: LANG=C getfacl /tmp/x or as persistent setting for the particular shell instance export LANG=C getfacl /tmp/x (The message by getfacl(1) refers to the first line of its output # file: tmp/x not to the input path.) Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
On Tue, Jul 09, 2024 at 13:46:12 +0200, Thomas Schmitt wrote:
> Hi,
>
> Patrice Duroux wrote:
> > > cp: preserving permissions for '/tmp/test.sh': Operation not supported
>
> Greg Wooledge wrote:
> > I was thinking something similar, but the "ls -l ./test.sh" did not
> > show any markup indicating ACL.
>
> At least cp calls ACL "permissions". See
> https://sources.debian.org/src/coreutils/9.4-3.1/lib/copy-acl.c/?hl=54#L54
> After getting return value -1 from copy_acl(), it does:
>
> error (0, errno, _("preserving permissions for %s"), quote (dst_name));
>
> The other two occurences of the error message are not as easy to decode:
> https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=1696#L1696
> https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=3340#L3340
>
> Other thought:
> Maybe chattr(1) attribute "i" can be considered a permission, too.
I'm assuming she didn't make her script immutable and then forget to
mention it. But who knows?
If we can't figure it out from her replies to our *many* requests for
additional information, then my next request would be to strace it,
and see exactly which system call is failing.
Either that, or someone else running sid might speak up and confirm
whether they can reproduce the result.
Re: question related to cp (-p) and /tmp
Hi,
Patrice Duroux wrote:
> > cp: preserving permissions for '/tmp/test.sh': Operation not supported
Greg Wooledge wrote:
> I was thinking something similar, but the "ls -l ./test.sh" did not
> show any markup indicating ACL.
At least cp calls ACL "permissions". See
https://sources.debian.org/src/coreutils/9.4-3.1/lib/copy-acl.c/?hl=54#L54
After getting return value -1 from copy_acl(), it does:
error (0, errno, _("preserving permissions for %s"), quote (dst_name));
The other two occurences of the error message are not as easy to decode:
https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=1696#L1696
https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=3340#L3340
Other thought:
Maybe chattr(1) attribute "i" can be considered a permission, too.
Have a nice day :)
Thomas
Re: question related to cp (-p) and /tmp
On Tue, Jul 09, 2024 at 13:20:04 +0200, Thomas Schmitt wrote: > Patrice Duroux wrote: > > option: --preserve=mode > > cp: preserving permissions for '/tmp/test.sh': Operation not supported > > exitcode: 1 > > [...] > > It says that the operation is not supported but still the mode of the > > copy is ok. > > Maybe it sees ACL at the source file and your /tmp filesystem cannot > do ACL ? I was thinking something similar, but the "ls -l ./test.sh" did not show any markup indicating ACL. I would have expected to see a punctuation character after the permissions (. or + or something) if that were the case. > Try with setfacl(1) whether files in the /tmp directory accept non-trivial > ACLs, like > > touch /tmp/x > setfacl -m u:1234:w /tmp/x > > The inquiry by > > getfacl /tmp/x > > should then report among others a line: > > user:1234:-w- It certainly doesn't hurt to check. More information is better in this case. She may need to install the "acl" package to get these commands. It's not installed by default, at least in bookworm.
Re: question related to cp (-p) and /tmp
Hi, Patrice Duroux wrote: > option: --preserve=mode > cp: preserving permissions for '/tmp/test.sh': Operation not supported > exitcode: 1 > [...] > It says that the operation is not supported but still the mode of the > copy is ok. Maybe it sees ACL at the source file and your /tmp filesystem cannot do ACL ? Try with setfacl(1) whether files in the /tmp directory accept non-trivial ACLs, like touch /tmp/x setfacl -m u:1234:w /tmp/x The inquiry by getfacl /tmp/x should then report among others a line: user:1234:-w- Have a nice day :) Thomas
Re: question related to cp (-p) and /tmp
On Tue, Jul 09, 2024 at 11:04:14 +0200, Patrice Duroux wrote: > $ cat test.sh > #!/usr/bin/sh > > export LANG=C > ls -l ./test.sh > echo "option: -p" > cp -p ./test.sh /tmp > echo "exitcode: "$? > ls -l /tmp/test.sh > rm /tmp/test.sh > for p in mode timestamps ownership ; do > echo "option: --preserve=$p" > cp --preserve=$p ./test.sh /tmp > echo "exitcode: "$? > ls -l /tmp/test.sh > rm /tmp/test.sh > done > On Sid (amd64), I am facing the following: > > $ ./test.sh > -rwxr-x--- 1 patrice patrice 300 Jul 9 10:46 ./test.sh > option: -p > cp: preserving permissions for '/tmp/test.sh': Operation not supported > exitcode: 1 > -rwxr-x--- 1 patrice patrice 300 Jul 9 10:46 /tmp/test.sh It would be nice to know what directory you're in when you run this. But what I really need to know is whether that directory is /tmp. Let's assume it's not. Your prompt is abbreviated as "$" so I assume you're not running this script as root. (Otherwise your prompt should have been abbreviated as "#".) Are you running this as "patrice"? Are you in /home/patrice? > It says that the operation is not supported but still the mode of the > copy is ok. > Is there an issue somewhere? I can't reproduce your results on a bookworm system (kernel 6.1.0-22-amd64), with /tmp as a regular directory in the / file system, with drwxrwxrwt permissions. It's possible that something changed between the bookworm kernel and your kernel. Or possibly your system has additional "security" features enabled (SELinux?). Can you tell us what kernel you're running, whether /tmp is a mountpoint or a regular directory, what kind of file system it is if it's mounted, and what its permissions are? Does the same issue happen with /var/tmp? How about /run/user/1000 or whatever patrice's UID is? If you make a new directory that's not under /tmp or /var/tmp with drwxrwxrwx permissions (chmod 777), and try to cp -p a file from your home directory to that new directory, do you get the same result? If you make the permissions drwxrwxrwt instead (chmod 1777), do you get the same result?
Re: Question About Free File Transfering Apps
On Sat, Jun 1, 2024 at 2:24 AM gene heskett wrote: > Well, since I'm alone, my wife passed 3.5 years back, and was not > computer literate, its my show. And sshfs Just Works. I use this machine > as the src for my output for some 3d printers, although the 4 linuxcnc > machines are largely standalone in that the gcode I run on them was all > written by me on that machine.. I often have more than one login session > to a given machine because that machine may also be its own buildbot. > Every machine has access to the world, but its all hidden behind a > dd-wrt running router doing the NAT. I don't have to fight with > samba/cifs and its daily updates to keep it working, permissions are > 100% linux, nor do I fool with nfs and its weekly updates that always > break it. > > But age is playing a role too, I have short term memory problems. > Perhaps because of my age, I'll be 90 in October if I don't fall over first. > > The only dis to ssh and friends has been the local key files and keeping > them up to date. That's very minor, its probably been a year since a new > install on one of my pi clones had me hunting down an aging key file. > Nothing like this broken bookworm install, its far more annoyance than > any of the other problems. I'll miss morning roll call, and disappear > soon enough and then it will be a bit more peaceful here. > > In the meantime, everybody take care and stay well. You are my > connection to the rest of the world. Gene, you are an inspiration to me. I hope that I am half as lucid as you when I am 90. But when you miss morning roll call how will we know?
Re: Question About Free File Transfering Apps
On 6/1/24 06:07, Michael Grant wrote: I use sshfs, works great to let me drop files on my server from my desktop. But I wouldn't call that "file sharing". I probably would call that a "network disk" or "remote mount". There's probably some formal definition out there, but when I think of file sharing, I think of someone proffering up a single file (or folder) and sharing it point-to-point with one or some small group of people. I have long been plagued by the problem if sitting in a room or on a boat with someone, 2 devices right next to one another, and no trivially easy way to send a file from one device to the other without say first uploading it to some mutual third party (e.g. whatsapp). sshfs isn't going to let you share files between say 2 phones, at least, not very easily if at all. By recommendation further up in this thread, I tried Google's Quick Share between my wife's phone and my phone. Followed all the instructions, did not work. Followed all the troubleshooting instructions. Nope, my device doesn't appear on her phone when I share, and neither the other way around. Searched the web, found a ton of people with same issue. It's DoA I'm afraid. Between family members, we have in the past shared files using a synology box and their Drive app. It works just like Dropbox except file is on your own infra. It's not open source though and I don't know how tied it actually is to Synology's infra. One certainly needs to be on the net to use it. To this day, I have yet ever to see an easy way to share a file between 2 devices without full internet connectivity, except by say getting one to run an ftp or ssh server and ftp or ssh'ing over the file between local ip addrs (e.g. 192.168.x.y). I'd love to know some well know good, not-evil, open source app that runs on all the platforms that I could tell people to install to send them a file without using the internet. I can't really see any technical reason such an thing couldn't work, say over bluetooth or local IPs and maybe it does exist, I've just never run across such a thing. The key word here is EASY. I can't be hacking someone's phone for an hour just to transfer them a file. Michael Grant The keyword with a "phone" as you refer to that handheld computer, is locked in service. Just one of the reasons I only have an expired wallmart flip phone that hasn't been renewed in 4 or 5 years. If I'm going on a long trip where a vehicle problem might need a fone to yell for help, I'll go see what wally has today. Until then its a nuisance, with every scammer on the planet calling you up at dinner time or in the middle of taking care of your horizontal homework. Amazons BIG red button has blocked 255 such scammers so far. . Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: Question About Free File Transfering Apps
On Sat, 01 Jun 2024 10:06:43 + "Michael Grant" wrote: > > To this day, I have yet ever to see an easy way to share a file > between 2 devices without full internet connectivity, except by say > getting one to run an ftp or ssh server and ftp or ssh'ing over the > file between local ip addrs (e.g. 192.168.x.y). I'd love to know > some well know good, not-evil, open source app that runs on all the > platforms that I could tell people to install to send them a file > without using the internet. I can't really see any technical reason > such an thing couldn't work, say over bluetooth or local IPs and > maybe it does exist, I've just never run across such a thing. The > key word here is EASY. I can't be hacking someone's phone for an > hour just to transfer them a file. > > Michael Grant > a. I know nothing about iOS b. I don't know if this will help I have an Android phone. If I plug its micro USB charge/data connection into my desktop's USB port, two entries appear on 'Device' in Thunar. Pictures (only) can be transferred. If I pull down the Android status menu and select the USB entry, then tap for more options, then select file transfer. one of the Device entries disappears and the other shows various directories. Files of other kinds can be transferred to and from my workstation's directories by copy and paste, and presumably by drag and drop. No additional software is required on the phone. Two Android devices plugged into something portable, such as a netbook or Raspberry Pi could presumably transfer files fairly easily. I've never needed to do it, so I haven't actually tried it between mobiles, but I use one phone this way to transfer files to and from my network, which is quicker than emailing them. I don't know what the earliest version of Android with this ability is. Update: Google says Android 9. There is a Mac app to do it, Windows and Linux machines including Chromebook do it natively. Maybe more ideas here: https://www.grover.com/blog/en/7-ways-android-data-transfer https://support.apple.com/en-gb/guide/iphone/iph3ea029318/17.0/ios/17.0 -- Joe
Re: Question About Free File Transfering Apps
Michael Grant wrote: > I have long been plagued by the problem if sitting in a room or on a boat > with someone, 2 devices right next to one another, and no trivially easy way > to send a file from one device to the other without say first uploading it > to some mutual third party (e.g. whatsapp). ... > To this day, I have yet ever to see an easy way to share a file between 2 > devices without full internet connectivity, except by say getting one to run > an ftp or ssh server and ftp or ssh'ing over the file between local ip addrs > (e.g. 192.168.x.y). I'd love to know some well know good, not-evil, open > source app that runs on all the platforms that I could tell people to > install to send them a file without using the internet. I can't really see > any technical reason such an thing couldn't work, say over bluetooth or > local IPs and maybe it does exist, I've just never run across such a thing. > The key word here is EASY. I can't be hacking someone's phone for an hour > just to transfer them a file. The web browser technology called WebRTC does that quite well, but for security reasons -- nobody wants a self-perpetuating worm -- you need an intermediary device to introduce the two participants but not to actually transfer the file. And so there is snapdrop.net, which you can choose to trust or you can run your own copy -- it's GPL3. Works between any two devices that run modern web browsers, including iPhones, Androids, Linux, Windows, Macs... There are bluetooth solutions between Linux and Android and Windows, but Apple does not allow bluetooth file transfer from or to IOS with any operating systems they don't control. -dsr-
Re: Question About Free File Transfering Apps
On 5/31/24 22:37, David Wright wrote: On Fri 31 May 2024 at 17:30:19 (+0100), mick.crane wrote: On 2024-05-31 13:58, gene heskett wrote: On 5/30/24 20:09, mick.crane wrote: On 2024-05-29 15:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. I don't know if sshfs would have issues with more than one connection. It does not, I have open sessions to 6 other machines here, possability's of up to 10 if all are turned on. AFAICT from your posts Gene, you are the sole user on your LAN, so "sharing files" takes on a particular meaning. I only drag stuff in and out of the directory in Thunar. Dragging from the directory takes a copy. I wondered what would happen if somebody deleted a file while you were half way through fetching it. AIUI you get a race. So unless you elaborate on who the potential agents are on your LAN (spouse, kids, kids mates), I don't think sshfs would be an appropriate choice, and neither does an author of the wikipedia page: "SSHFS is an alternative to those protocols [A(pple)FP, NFS, SMB] only in situations where users are confident that files and directories will not be targeted for writing by another user, at the same time." Well, since I'm alone, my wife passed 3.5 years back, and was not computer literate, its my show. And sshfs Just Works. I use this machine as the src for my output for some 3d printers, although the 4 linuxcnc machines are largely standalone in that the gcode I run on them was all written by me on that machine.. I often have more than one login session to a given machine because that machine may also be its own buildbot. Every machine has access to the world, but its all hidden behind a dd-wrt running router doing the NAT. I don't have to fight with samba/cifs and its daily updates to keep it working, permissions are 100% linux, nor do I fool with nfs and its weekly updates that always break it. But age is playing a role too, I have short term memory problems. Perhaps because of my age, I'll be 90 in October if I don't fall over first. The only dis to ssh and friends has been the local key files and keeping them up to date. That's very minor, its probably been a year since a new install on one of my pi clones had me hunting down an aging key file. Nothing like this broken bookworm install, its far more annoyance than any of the other problems. I'll miss morning roll call, and disappear soon enough and then it will be a bit more peaceful here. In the meantime, everybody take care and stay well. You are my connection to the rest of the world. Cheers, David. Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: Question About Free File Transfering Apps
On Fri 31 May 2024 at 17:30:19 (+0100), mick.crane wrote: > On 2024-05-31 13:58, gene heskett wrote: > > On 5/30/24 20:09, mick.crane wrote: > > > On 2024-05-29 15:07, Carter Zhang wrote: > > > > Are there any free apps for GNU/Linux and Android to share files over > > > > LAN? There have already been LocalSend, LanXchange, LANDrop, > > > > NitroShare, Sharik, Warpinator, TrebleShot, but they have respective > > > > problems. > > > > > > I don't know if sshfs would have issues with more than one > > > connection. > > > > > It does not, I have open sessions to 6 other machines here, > > possability's of up to 10 if all are turned on. AFAICT from your posts Gene, you are the sole user on your LAN, so "sharing files" takes on a particular meaning. > I only drag stuff in and out of the directory in Thunar. Dragging from > the directory takes a copy. I wondered what would happen if somebody > deleted a file while you were half way through fetching it. AIUI you get a race. So unless you elaborate on who the potential agents are on your LAN (spouse, kids, kids mates), I don't think sshfs would be an appropriate choice, and neither does an author of the wikipedia page: "SSHFS is an alternative to those protocols [A(pple)FP, NFS, SMB] only in situations where users are confident that files and directories will not be targeted for writing by another user, at the same time." Cheers, David.
Re: Question About Free File Transfering Apps
On Fri, May 31, 2024 at 01:16:28PM -0400, Greg Wooledge wrote: > On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote: > > I only drag stuff in and out of the directory in Thunar. Dragging from the > > directory takes a copy. I wondered what would happen if somebody deleted a > > file while you were half way through fetching it. > > If you're copying a file, that means some process has the file opened. (that's what I meant with "the meaning of fetch". Is it the drag process by the user? Then the file is not yet open -- and nothing will be copied. Is it the actual copy? Then your description is the most accurate one) > Removing (unlinking) a file that's opened causes it to vanish from the > raw directory, but the inode and the blocks of data are left alone until > all processes have closed it. Only then will it be marked for recyling. > > You'll just have to hope that the (remote) copy succeeds on the first > try, because once the remote reader loses connection, if the file is > closed on the server, it's gone. Cheers -- t signature.asc Description: PGP signature
Re: Question About Free File Transfering Apps
On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote: > I only drag stuff in and out of the directory in Thunar. Dragging from the > directory takes a copy. I wondered what would happen if somebody deleted a > file while you were half way through fetching it. If you're copying a file, that means some process has the file opened. Removing (unlinking) a file that's opened causes it to vanish from the raw directory, but the inode and the blocks of data are left alone until all processes have closed it. Only then will it be marked for recyling. You'll just have to hope that the (remote) copy succeeds on the first try, because once the remote reader loses connection, if the file is closed on the server, it's gone.
Re: Question About Free File Transfering Apps
On Fri, May 31, 2024 at 05:30:19PM +0100, mick.crane wrote: [...] > I only drag stuff in and out of the directory in Thunar. Dragging from the > directory takes a copy. I wondered what would happen if somebody deleted a > file while you were half way through fetching it. This will depend on the precise values you assign to "you" and "fetch". And, of course to "delete". Cheers -- t signature.asc Description: PGP signature
Re: Question About Free File Transfering Apps
On 2024-05-31 13:58, gene heskett wrote: On 5/30/24 20:09, mick.crane wrote: On 2024-05-29 15:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. I don't know if sshfs would have issues with more than one connection. mick It does not, I have open sessions to 6 other machines here, possability's of up to 10 if all are turned on. I only drag stuff in and out of the directory in Thunar. Dragging from the directory takes a copy. I wondered what would happen if somebody deleted a file while you were half way through fetching it. mick
Re: Question About Free File Transfering Apps
On Fri, May 31, 2024 at 08:58:34AM -0400, gene heskett wrote: > On 5/30/24 20:09, mick.crane wrote: > > On 2024-05-29 15:07, Carter Zhang wrote: > > > Are there any free apps for GNU/Linux and Android to share files over > > > LAN? There have already been LocalSend, LanXchange, LANDrop, > > > NitroShare, Sharik, Warpinator, TrebleShot, but they have respective > > > problems. > > > > I don't know if sshfs would have issues with more than one connection. > > mick > > > It does not, I have open sessions to 6 other machines here, possability's of > up to 10 if all are turned on. > > . I interpreted mick's sentence to mean multiple connections between the same two computers, or perhaps multiple clients all connecting to a single server. A single client connecting to multiple servers was never in question, at least in my mind.
Re: Question About Free File Transfering Apps
On 5/30/24 20:09, mick.crane wrote: On 2024-05-29 15:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. I don't know if sshfs would have issues with more than one connection. mick It does not, I have open sessions to 6 other machines here, possability's of up to 10 if all are turned on. . Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: Question About Free File Transfering Apps
Dear Richard, But I never use pre-complied packages since by doing this I won't know whether I will install proprietary binaries. Yours, Carter On May 31, 2024 2:38:26 PM GMT+08:00, Richard wrote: >LocalSend and LanXchange are available as precompiled archives. Also, >LocalSend is available as Flatpak. > >Am Fr., 31. Mai 2024 um 04:52 Uhr schrieb Carter Zhang < >mcut17...@autistici.org>: > >> Dear Richard, >> >> Thank you for your reply. LocalSend, LanXchange, LANDrop, NitroShare, >> Sharik, Warpinator, TrebleShot have their respective problems. >> >> LocalSend is not available in Debian's and Trisquel's official >> repositories, and it is not so convenient to complie it from source using a >> machine with a memory of 8GB. >> >> LanXchange is not available in Debian's and Trisquel's official >> repositories, source as well, and its source complication on my machine >> fails. >> >> The Android client for LANDrop is not libre. >> >> NitroShare, Sharik, Warpinator and TrebleShot are all no longer updated >> and the latest version of them cannot be complied on modern GNU/Linux >> environment. >> >> In addition, KDE Connect sometimes disconnects and cannot reconnect. >> >> Yours, >> Carter >> >> >> On May 29, 2024 10:56:02 PM GMT+08:00, Richard wrote: >> >>> KDE connect? That has clients for many systems. >>> >>> But the question is, what's the issue with the existing solutions? It's >>> quite a useless task to recommend file transfer apps when they all have the >>> same issue you try to avoid. >>> >>> Richard >>> >> signature.asc Description: PGP signature
Re: Question About Free File Transfering Apps
On 5/30/24 22:46, Carter Zhang wrote: Dear Dan, Thanks a lot for your reply but I am not clear how to use SFTP, SCP or NFS on Android. Could you please show me how? Any help will be appreciated. (lines wrapped) SFTP / SCP: https://ic.pics.livejournal.com/pushpitha/50334853/1538653/1538653_800.jpg NFS: it's not simple. -- Answer: two spoonfuls in my cup, please. Question: how much should I use? (why top-posting is bad) http://www.fscked.co.uk/writing/top-posting-cuss.html
Re: Question About Free File Transfering Apps
Dear Richard, Thank you for your reply. LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot have their respective problems. LocalSend is not available in Debian's and Trisquel's official repositories, and it is not so convenient to complie it from source using a machine with a memory of 8GB. LanXchange is not available in Debian's and Trisquel's official repositories, source as well, and its source complication on my machine fails. The Android client for LANDrop is not libre. NitroShare, Sharik, Warpinator and TrebleShot are all no longer updated and the latest version of them cannot be complied on modern GNU/Linux environment. In addition, KDE Connect sometimes disconnects and cannot reconnect. Yours, Carter On May 29, 2024 10:56:02 PM GMT+08:00, Richard wrote: >KDE connect? That has clients for many systems. > >But the question is, what's the issue with the existing solutions? It's >quite a useless task to recommend file transfer apps when they all have the >same issue you try to avoid. > >Richard signature.asc Description: PGP signature
Re: Question About Free File Transfering Apps
Dear Dan, Sorry I forgot an CC. Thanks a lot for your reply but I am not clear how to use SFTP, SCP or NFS on Android. Could you please show me how? Any help will be appreciated. On May 29, 2024 11:37:55 PM GMT+08:00, Dan Ritter wrote: >Carter Zhang wrote: >> Dear Dan, >> >> Thanks a lot for your reply but I am not clear how to use SFTP, SCP or NFS >> on Android. Could you please show me how? Any help will be appreciated. >> > >Hi, Carter. > >The etiquette of the list is that everything goes in public, so >that solutions can be shared and are searchable. > >The other side of it is that everyone is volunteering their own >time, so discussions in public benefit everyone, whereas private >discussions are just unpaid consulting. > > >-dsr- signature.asc Description: PGP signature
Re: Question About Free File Transfering Apps
On 5/30/24 20:08, mick.crane wrote: On 2024-05-29 15:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. I don't know if sshfs would have issues with more than one connection. You mean two different machines using sshfs to the same server? I don't see why it would. It's vanilla SSH to the outside world and ssh works just fine when multiple users log in. -- Perhaps this final act was meant / to clinch a lifetime's argument That nothing comes from violence and nothing ever could Fr all thse born bneath an angry star / Lest we frget hw fragile we are -- Sting, "Fragile" from _... Nothing Like the Sun_
Re: Question About Free File Transfering Apps
On 2024-05-29 15:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. I don't know if sshfs would have issues with more than one connection. mick
Re: Question About Free File Transfering Apps
A client that by your own words barely works, while fully functional alternatives have been available for many years already. So what's your point? Am Do., 30. Mai 2024 um 14:23 Uhr schrieb Anssi Saari < anssi.sa...@debian-user.mail.kapsi.fi>: > > Wow. I already mentioned an open source client? What's your point? > >
Re: Question About Free File Transfering Apps
Richard writes: > There have already been many answers. And since it's highly unlikely any > third party will include support for such a > closed down system, you might want to look at them. At least I don't think > Google will suddenly open source Nearby Share > for everyone to write clients for it. Wow. I already mentioned an open source client? What's your point?
Re: Question About Free File Transfering Apps
There have already been many answers. And since it's highly unlikely any third party will include support for such a closed down system, you might want to look at them. At least I don't think Google will suddenly open source Nearby Share for everyone to write clients for it. Am Do., 30. Mai 2024 um 11:00 Uhr schrieb Anssi Saari < anssi.sa...@debian-user.mail.kapsi.fi>: > I'd like to know too, assuming you're asking for transferring files > between Android and Linux. > > I'd like Quick Share support in Linux as it's built into Android and > available for Windows. Someone has an early version at > https://github.com/Martichou/rquickshare but I only got it working one > way, Linux PC to phone and even that needed disabling the firewall on > the PC. But maybe that'll improve. > >
Re: Question About Free File Transfering Apps
Carter Zhang writes: > Are there any free apps for GNU/Linux and Android to share files over LAN? > There have already been LocalSend, LanXchange, > LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective > problems. I'd like to know too, assuming you're asking for transferring files between Android and Linux. I'd like Quick Share support in Linux as it's built into Android and available for Windows. Someone has an early version at https://github.com/Martichou/rquickshare but I only got it working one way, Linux PC to phone and even that needed disabling the firewall on the PC. But maybe that'll improve.
Re: Question About Free File Transfering Apps
On 5/29/24 13:34, Monte Milanuk wrote: SyncThing On 5/29/24 07:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. So does sshfs, but its free, and it just works. I regularly move <1 to 60 gigabyte gcode files to my printers with it. The occasional 30 to 60 gigger gets moved to a pi clone over cat5-6 in 2 to 4 seconds. I don't know why folks think they have to have an ap for something so simple as moving a file. sshfs mounts the target device as if its a storage disk. But since its ssh based, its also encrypted, making it relatively safe from wifi snoopers. rsync operates much the same but uses checksums to verify the copy is verbatum. Cheers, Gene Heskett, CET. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: Question About Free File Transfering Apps
Hi, On Wed, May 29, 2024 at 10:07:17PM +0800, Carter Zhang wrote: > Are there any free apps for GNU/Linux and Android to share files > over LAN? There have already been LocalSend, LanXchange, LANDrop, > NitroShare, Sharik, Warpinator, TrebleShot, but they have > respective problems. Your post is woefully short of details. Which of the above did you like best, despite it not being sufficient? What was deficient about it? No one can easily answer your question without knowing what your requirements are and what problems you faced with the above solutions. Depending on what your needs are, the answer is possibly, "not that we know of." Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: Question About Free File Transfering Apps
On 5/29/24 07:58, Curt wrote: I travel to https://pairdrop.net/ on both devices on the LAN for the occasional file transfer. There is an Android app, although you don't need one (merely a browser). Thanks for that... I may have to set that up with my wife's iPhone. Getting her to use SyncThing - or any app outside the Apple ecosystem - has been a struggle. This should make it easier for us to share the occasional photo or video!
Re: Question About Free File Transfering Apps
SyncThing On 5/29/24 07:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems.
Re: Question About Free File Transfering Apps
On Wed, 29 May 2024 22:07:17 +0800 Carter Zhang wrote: > but they have respective problems. We can't advise you very well if we don't know what you think their respective problems are. A more important question: What problem would you like to solve? -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Question About Free File Transfering Apps
On 2024-05-29, Carter Zhang wrote: > > Are there any free apps for GNU/Linux and Android to share files over LAN? > There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik > Warpinator, TrebleShot, but they have respective problems=2E I just go to https://pairdrop.net/ on the both devices on the land for the occasional file transfer. Newsgroups: gmane.linux.debian.user From: Curt Subject: Re: Question About Free File Transfering Apps References: <8d2a6e13-9f36-47ed-a2e4-7543b1701...@autistici.org> Organization: Unorganized Followup-To: On 2024-05-29, Carter Zhang wrote: > > Are there any free apps for GNU/Linux and Android to share files over > LAN? > There have already been LocalSend, LanXchange, LANDrop, NitroShare, > Sharik > Warpinator, TrebleShot, but they have respective problems=2E I travel to https://pairdrop.net/ on both devices on the LAN for the occasional file transfer. There is an Android app, although you don't need one (merely a browser). https://github.com/schlagmichdoch/pairdrop/blob/master/docs/faq.md
Re: Question About Free File Transfering Apps
KDE connect? That has clients for many systems. But the question is, what's the issue with the existing solutions? It's quite a useless task to recommend file transfer apps when they all have the same issue you try to avoid. Richard
Re: Question About Free File Transfering Apps
rsync - which is biderectional and uses checksums for correct transfer. Best Hans
Re: Question About Free File Transfering Apps
On 5/29/24 10:07, Carter Zhang wrote: Are there any free apps for GNU/Linux and Android to share files over LAN? There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, Warpinator, TrebleShot, but they have respective problems. scp / sshd nc, but you don't get authentication _or_ encryption -- You can't get a leopard to change his spots... You can explain it care- fully to the leopard, but it will just sit there lookng at you, knowing that you are made of meat. After a while it will perhaps kill you. Geoffrey Pullum, Language Log (2007-01-04)
Re: Question About Free File Transfering Apps
Carter Zhang wrote: > Are there any free apps for GNU/Linux and Android to share files over LAN? > There have already been LocalSend, LanXchange, LANDrop, NitroShare, Sharik, > Warpinator, TrebleShot, but they have respective problems. On the Debian side, options include: - SFTP and SCP via SSH - SMB via samba - NFS v3 and v4 - various DAV implementations - SyncThing - and, although the server is not currently packaged, NextCloud is reasonably easy to get up and running on Debian stable. All of these have clients of various kinds on Android and other systems. -dsr-
Re: Question about what package to report bug
Le 06/03/2024 à 18:19, ke6jti a écrit : Hi, I have a possible kernel regression for a usb-dvb tuner card. I know the error in dmesg points to kernel : au0828 but I am not sure what package this belongs to. I think it belongs to v4l(video for linux) but I am still not sure what specific v4l package. Thanks for you help. apt-file shows au0828.ko comes in the linux-image-* packages. So report the bug for the one you use.
Re: question e webkit
On 11/26/23 17:52, John Hasler wrote: https://webkitgtk.org/ Thanks John. Take care & stay well. Cheers, Gene Heskett. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis
Re: question e webkit
https://webkitgtk.org/ -- John Hasler j...@sugarbit.com Elmwood, WI USA
Re: Question for this IP's PTR
f...@dnsbed.com wrote: > Greetings, > > as you see this PTR, > > $ dig -x 1.1.1.1 +short > one.one.one.one. > > so 2.2.2.2 can have the PTR two.two.two.two? and 3.3.3.3 can have > three.three.three.three? A simple counter example is $ dig -x 8.8.8.8 +short dns.google. > Sorry I am not good at the DNS knowledge. Me neither but thanks for the question. It prompted me to visit the one.one.one.one website, which is interesting. I do use 1.1.1.1 for DNS queries in my browser, but this is something much bigger.
Re: Question for this IP's PTR
On Fri, 24 Mar 2023 20:32:31 -0400 Greg Wooledge wrote: > On Sat, Mar 25, 2023 at 08:28:03AM +0800, f...@dnsbed.com wrote: > > Greetings, > > > > as you see this PTR, > > > > $ dig -x 1.1.1.1 +short > > one.one.one.one. > > > > so 2.2.2.2 can have the PTR two.two.two.two? and 3.3.3.3 can have > > three.three.three.three? > > Any IP address can have any PTR value. You just have to petition the > owner of the IP address range to set it. > > I didn't know .one was a valid TLD. It looks like .two is not, so if > someone were to assign "two.two.two.two" as the PTR value of an IP > address, that PTR would not resolve back to any IP address. (An IP > address block owner might reject such a petition.) > In general, at this time, a mail server will look at the IP address of a potential sender, check the PTR, then check for an A record matching the PTR, pointing back to the IP address. The PTR does not (currently) need to be related to an email domain using the address. A competent ISP will have set up its IP addresses with complementary PTR-A record pairs. Unfortunately, many use PTRs in the form x-11-22-33-44 which is perfectly valid, but may be rejected by mail servers as likely spammers (mine does). If you already have a PTR-A pair that doesn't look like this (e.g. is some form of your user name or account reference) you're probably OK. The relevant RFC allows (or did when I last looked) multiple PTR records for one IP address, but I don't think there's much software which can deal with that, or will return more than one. On the other hand, it's quite common for a single mail server to deal with many domains, so it's not reasonable to expect a sender or HELO/EHLO to match the PTR. My email server checks for a complementary PTR-A pair that can both be found in public DNS, and goes no further. I believe that is a typical setting. -- Joe
Re: Question for this IP's PTR
On 2023-03-25 08:32, Greg Wooledge wrote: On Sat, Mar 25, 2023 at 08:28:03AM +0800, f...@dnsbed.com wrote: Greetings, as you see this PTR, $ dig -x 1.1.1.1 +short one.one.one.one. so 2.2.2.2 can have the PTR two.two.two.two? and 3.3.3.3 can have three.three.three.three? Any IP address can have any PTR value. You just have to petition the owner of the IP address range to set it. I didn't know .one was a valid TLD. It looks like .two is not, so if someone were to assign "two.two.two.two" as the PTR value of an IP address, that PTR would not resolve back to any IP address. (An IP address block owner might reject such a petition.) Thanks Greg. I also don't know .one is a valid TLD, looks surprising. But, one.one is owned by a domain registrar (one.com), while one.one.one's zone owner is cloudflare. $ dig one.one soa +short a.b-one-dns.net. hostmaster.one.com. 2013010101 1800 900 1209600 300 $ dig one.one.one soa +short fred.ns.cloudflare.com. dns.cloudflare.com. 2305085481 1 2400 604800 3600 maybe they co-work for this domain. regards.
Re: Question for this IP's PTR
On 25/3/23 08:32, Greg Wooledge wrote: I didn't know .one was a valid TLD. It looks like .two is not, so if someone were to assign "two.two.two.two" as the PTR value of an IP address, that PTR would not resolve back to any IP address. (An IP address block owner might reject such a petition.) There is news of a recent TLD '888' but it's not yet known to whois -- Jeremy (Lists)
Re: Question for this IP's PTR
On Sat, Mar 25, 2023 at 08:28:03AM +0800, f...@dnsbed.com wrote: > Greetings, > > as you see this PTR, > > $ dig -x 1.1.1.1 +short > one.one.one.one. > > so 2.2.2.2 can have the PTR two.two.two.two? and 3.3.3.3 can have > three.three.three.three? Any IP address can have any PTR value. You just have to petition the owner of the IP address range to set it. I didn't know .one was a valid TLD. It looks like .two is not, so if someone were to assign "two.two.two.two" as the PTR value of an IP address, that PTR would not resolve back to any IP address. (An IP address block owner might reject such a petition.)
Re: question about net address
On Tue 21 Mar 2023 at 18:27:42 (-0400), Stefan Monnier wrote: > > me second. 192.168.1.1/24 just makes me confused with 192.168.1.1/32 > > which is a real host address. > > Interesting. > I can't remember ever seeing 192.168.1.1/32 used. In my my part of the > world, it's only meaningful as a degenerate form: all the syntaxes I've > seen which accept the IP/NN notation also accept just IP to mean IP/32, > so writing IP/32 is just more verbose and half-confusing (makes you > wonder why the guy bothered to add /32). On Tue 21 Mar 2023 at 18:40:00 (-0500), David Wright wrote: > > I assume the reason that host-ip-address/cidr-length is a permitted > domain-spec for ipv4: is by analogy with host-domain/cidr-length for > a:. So a:colo.example.com/28 could, if colo.example.com had an A > record with 93.184.216.34, be written 93.184.216.34/28. If you had > to write a strict network address, you'd have to figure out that it's > 93.184.216.32/28. Easy in this case, but error-prone when you're > obliged to convert, say, a looked-up x.y.z.185/28 to its network > address of x.y.z.176/28. Looking back at the OP's context, I think we're making a false assumption that the / notation is specifying a network address. I don't think it is. If we take the example of a typical /24 network, 192.168.1.0, the fact that we set an ipv4: mechanism of, say, 192.168.1.176/28 doesn't mean that there's a network or a subnet with that address/netmask. Such a network will still have an address of 192.168.1.0, and broadcast on 192.168.1.255, but the SPF notation indicates that hosts 192.168.1.176 through 192.168.1.191 are awarded a pass, because only those addresses match in the first 28 bits. The host 192.168.1.192, on the same network, with the same network address, will fail that particular test. As you can see from my quote above, the eye is less deceived by the notation a:colo.example.com/28 than it is by ipv4:93.184.216.34/28 into thinking that the latter is a network address. Cheers, David.
Re: question about net address
On Mon 20 Mar 2023 at 07:36:41 (+0800), Jeremy Ardley wrote: > On 20/3/23 02:48, David Wright wrote: > > > Checking the RFC. To my reading the final stanza is not checked > > > " The is compared to the given network. If CIDR prefix length > > > > > > high-order bits match, the mechanism matches." > > > > > > https://datatracker.ietf.org/doc/html/rfc7208#section-5.6 > > > > > > So in this case AI got it right. > > I don't follow. What's your "final stanza" referring to, and > > what's wrong with the RFC in connection with it? > > > I should have used the term 'final qnum' but I think that would be obscure. > > I meant the fourth number in the IPv4 dotted-quad notation. Ah, I see now. I was trying to apply "stanza" to a bullet point in the AI, or a section/paragraph from the RFC. > As for the RFC? It's precise and definitive. My only concern is that > some mail system implementer may 'improve' the RFC and restrict the > acceptable address range to a /32 when they see a non zero final qnum > in a /24 I don't know whether there are regression tests knocking around for checking check_host(), but they would definitely fail in that case. Hopefully some of the users (those affected) would complain. I assume the reason that host-ip-address/cidr-length is a permitted domain-spec for ipv4: is by analogy with host-domain/cidr-length for a:. So a:colo.example.com/28 could, if colo.example.com had an A record with 93.184.216.34, be written 93.184.216.34/28. If you had to write a strict network address, you'd have to figure out that it's 93.184.216.32/28. Easy in this case, but error-prone when you're obliged to convert, say, a looked-up x.y.z.185/28 to its network address of x.y.z.176/28. A minor point that I noticed was included in the AI output, which AFAIK would have to be found elsewhere than in the SPF specification or RFC7208, are the range extremities, which correctly exclude the network and broadcast addresses. Cheers, David.
Re: question about net address
On 22/3/23 06:27, Stefan Monnier wrote: Interesting. I can't remember ever seeing 192.168.1.1/32 used. In my my part of the world, it's only meaningful as a degenerate form: all the syntaxes I've seen which accept the IP/NN notation also accept just IP to mean IP/32, so writing IP/32 is just more verbose and half-confusing (makes you wonder why the guy bothered to add /32). It's reasonably common in iptables configurations -- Jeremy (Lists)
Re: question about net address
> me second. 192.168.1.1/24 just makes me confused with 192.168.1.1/32 > which is a real host address. Interesting. I can't remember ever seeing 192.168.1.1/32 used. In my my part of the world, it's only meaningful as a degenerate form: all the syntaxes I've seen which accept the IP/NN notation also accept just IP to mean IP/32, so writing IP/32 is just more verbose and half-confusing (makes you wonder why the guy bothered to add /32). :-) Stefan
Re: artifiial intelligence (was: Re: question about net address)
Le 3/19/23 à 18:51, DdB a écrit : Wow! Great hint there! I just tested it in a couple of areas and found it to be quite useful, by far more up-to-date and i did enjoy the experience. Thank you for sharing it. Am 19.03.2023 um 12:01 schrieb Yassine Chaouche: In contrast, a tool like perplexity.ai is an answer-questionning tool. Is is a search engine. It cites its sources, so you can check for yourself whether it's talking crap, or if it's backed by facts. Enjoy :) You may also give you.com chat a try. Sometimes, when perplexity.ai fails to give a satisfying answer, I turn to you.com chat, which is another question-answering search engine that cites its sources. Best, -- Yassine -- sysadm 57 33
Re: question about net address
On 2023-03-20 07:36, Jeremy Ardley wrote: As for the RFC? It's precise and definitive. My only concern is that some mail system implementer may 'improve' the RFC and restrict the acceptable address range to a /32 when they see a non zero final qnum in a /24 me second. 192.168.1.1/24 just makes me confused with 192.168.1.1/32 which is a real host address. for block address it should be clearly 192.168.1.0/24. Thanks Corey H
Re: question about net address
On 20/3/23 02:48, David Wright wrote: O Checking the RFC. To my reading the final stanza is not checked " The is compared to the given network. If CIDR prefix length high-order bits match, the mechanism matches." https://datatracker.ietf.org/doc/html/rfc7208#section-5.6 So in this case AI got it right. I don't follow. What's your "final stanza" referring to, and what's wrong with the RFC in connection with it? I should have used the term 'final qnum' but I think that would be obscure. I meant the fourth number in the IPv4 dotted-quad notation. As for the RFC? It's precise and definitive. My only concern is that some mail system implementer may 'improve' the RFC and restrict the acceptable address range to a /32 when they see a non zero final qnum in a /24 -- Jeremy (Lists)
Re: question about net address
On 3/19/23 03:28, cor...@free.fr wrote: On 19/03/2023 18:00, David Christensen wrote: On 3/18/23 16:31, cor...@free.fr wrote: On 19/03/2023 06:17, Kushal Kumaran wrote: On Sat, Mar 18 2023 at 07:28:23 PM, cor...@free.fr wrote: Hello I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? I ask this just for a setting in the SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" It means the same thing. 192.168.1.1/24 is the same range as 192.168.1.0/24, but written by someone not paying too much attention. That's correct. Thanks. AIUI: * 192.168.1.0/24 identifies an IPv4 network with an address of 192.168.1.0 and a network prefix of 24 bits. The address is within the reserved private block 192.168.0.0/16. The prefix corresponds to a class C network. * 192.168.1.1/24 identifies an IPv4 network interface with an address of 192.168.1.1 and a network prefix of 24. The interface is configured to communicate over the 192.168.1.0/24 network. So for Inleed (a local ISP)'s SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" They specify only 188.66.63.1 to send email? But as far as I know their mailserver is 188.66.63.2: mail.inleed.xyz. 300 IN A 188.66.63.2 Then this mail server should have problems in messages delivery. Thanks Corey If I correctly understand Sender Policy Framework SPF Record Syntax: http://www.open-spf.org/SPF_Record_Syntax/ The phrase "ip4:188.66.63.1/24" in the above DNS SPF record states that outgoing mail will come from hosts in the address block 188.66.63.1/24. The address 188.66.63.2 is within the published address block, so the ISP is stating that mail sent by that host is legitimate. On 3/19/23 03:38, cor...@free.fr wrote: > So, > > * 188.66.63.1/24 is a range, not a single host in SPF > * why it's not written as 188.66.63.0/24 which is more clear? > > Thanks I agree that "188.66.63.0/24" would be a more conventional way to specify a network address block. Perhaps you should ask the ISP why they used "188.66.63.1/24". David
Re: question about net address
On Sun 19 Mar 2023 at 17:16:47 (-), Curt wrote: > On 2023-03-19, Greg Wooledge wrote: > > On Sun, Mar 19, 2023 at 06:38:41PM +0800, cor...@free.fr wrote: > >> So, > >> > >> * 188.66.63.1/24 is a range, not a single host in SPF > >> * why it's not written as 188.66.63.0/24 which is more clear? > > > > Because it was written by a human being who made a tiny error. One that > > makes no difference in practice. I'm not sure we can call it a mistake without knowing the intent of the person who wrote it. For example, it would be perfectly possible to cut and paste that string from, say, a machine's /e/n/i, and not bother to change 1→0 because it's not necessary in this location. > The question is: once our AI is out of beta and connected to the web, > will it produce or more or less errors than the archetypal human > being to whom you refer. That depends what you mean by "our AI". Chatgpt? or properly trained AIs operating in particular subject areas? Am I an archetypal human being? How do you know? Cheers, David.
Re: question about net address
On Sun 19 Mar 2023 at 19:36:47 (+0800), Jeremy Ardley wrote: > On 19/3/23 19:29, Jeremy Ardley wrote: > > > > In this case of the /24 it gave an answer I expected. I imagine it > > will take a trawl of the RFC and then of actual implementations to > > find out for sure. > > > > The best description of the AI is it is informative but not authorative. > > > Checking the RFC. To my reading the final stanza is not checked > > " The is compared to the given network. If CIDR prefix length > >high-order bits match, the mechanism matches." > > https://datatracker.ietf.org/doc/html/rfc7208#section-5.6 > > So in this case AI got it right. I don't follow. What's your "final stanza" referring to, and what's wrong with the RFC in connection with it? Cheers, David.
artifiial intelligence (was: Re: question about net address)
Wow! Great hint there! I just tested it in a couple of areas and found it to be quite useful, by far more up-to-date and i did enjoy the experience. Thank you for sharing it. Am 19.03.2023 um 12:01 schrieb Yassine Chaouche: > In contrast, > a tool like perplexity.ai is an answer-questionning tool. > Is is a search engine. > It cites its sources, > so you can check for yourself whether it's talking crap, > or if it's backed by facts.
Re: question about net address
On Sun 19 Mar 2023 at 08:25:28 (-0400), Greg Wooledge wrote: > On Sun, Mar 19, 2023 at 12:45:06PM +0100, Nicolas George wrote: > > #!/bin/sh > > eval "$(recode b64..data < > H4sIACv1FmQAAzXMPQrCQBAG0H5O8TFEMII/BA3BVF7AXoLFsI5kCdl1d5JC8PCSIuVrnro+gm82 > > QPBVO4aINKtNPoYrU1Z5YZ+RyIkpuNh+sg/TG7wxRpHwg/VSXWqbx5LhA6E7Vee6EafPXQld9ofa > > oW0Jq+9xoZo4+gNQ3NCSfg== > > EOF > > )" > > Using recode instead of base64 to do a base64 decoding is... a choice. > I wonder how many people have recode installed. Here, yes, but I always used an alias written so long ago (for ISO-8859-1..UTF-8) that I hadn't ever thought about using it for base64. (My alias's name is a reminder that it overwrites whenever filenames are given.) > Within the "script" itself, you have: > > case "$(printf "%s" $q | sha256sum)" in > > This line is fascinating because you've used quotes twice where they > aren't needed and failed to use them in the one place they're required. I'd be surprised if people ran the above without first cutting/pasting and line-editing it to something like: $ recode b64..data <
Re: question about net address
On 2023-03-19, Greg Wooledge wrote: > On Sun, Mar 19, 2023 at 06:38:41PM +0800, cor...@free.fr wrote: >> So, >> >> * 188.66.63.1/24 is a range, not a single host in SPF >> * why it's not written as 188.66.63.0/24 which is more clear? > > Because it was written by a human being who made a tiny error. One that > makes no difference in practice. > The question is: once our AI is out of beta and connected to the web, will it produce or more or less errors than the archetypal human being to whom you refer.
Re: question about net address
On 2023-03-19, wrote: > > Yes, it is just a simulation of knowledge (it can be pretty > convincing at that,though). > > In other words: if you want an answer from it, you have to > know the answer beforehand. So the specific answer it gave cited above is wrong? Or did you already know the answer? > Cheers
Re: question about net address
Yassine Chaouche wrote: > Le 3/18/23 à 12:28, cor...@free.fr a écrit : > > Hello > > > > I know 192.168.1.0/24 is a valid C range for network address. > > > > but what does 192.168.1.1/24 mean? > > > > I ask this just for a setting in the SPF: > > > > spf.pinoad.se. 300 IN TXT "v=spf1 > > ip4:188.66.63.1/24 -all" > > > > > > Thanks. > > > > The A.B.C.D/24 notation can be used to either : > - specify an IP address along with its netmask > - specify a network address when D=0. Except in an SPF record when its meaning is defined somewhat differently by RFC 7208 as already noted upthread.
Re: question about net address
> * 188.66.63.1/24 is a range, not a single host in SPF > * why it's not written as 188.66.63.0/24 which is more clear? Which is more likely: - someone erroneously added `/24` when they really meant to specify just one host. - someone wrote `1` instead of the more conventional `0` at the spot that contains no relevant info for a `/24` network. ? Stefan
Re: question about net address
On Sun, Mar 19, 2023 at 12:45:06PM +0100, Nicolas George wrote: > #!/bin/sh > eval "$(recode b64..data < H4sIACv1FmQAAzXMPQrCQBAG0H5O8TFEMII/BA3BVF7AXoLFsI5kCdl1d5JC8PCSIuVrnro+gm82 > QPBVO4aINKtNPoYrU1Z5YZ+RyIkpuNh+sg/TG7wxRpHwg/VSXWqbx5LhA6E7Vee6EafPXQld9ofa > oW0Jq+9xoZo4+gNQ3NCSfg== > EOF > )" Using recode instead of base64 to do a base64 decoding is... a choice. I wonder how many people have recode installed. Within the "script" itself, you have: case "$(printf "%s" $q | sha256sum)" in This line is fascinating because you've used quotes twice where they aren't needed and failed to use them in the one place they're required.
Re: question about net address
On Sun, Mar 19, 2023 at 06:38:41PM +0800, cor...@free.fr wrote: > So, > > * 188.66.63.1/24 is a range, not a single host in SPF > * why it's not written as 188.66.63.0/24 which is more clear? Because it was written by a human being who made a tiny error. One that makes no difference in practice.
Re: question about net address
On Sun, Mar 19, 2023 at 07:07:06PM +0800, f...@dnsbed.com wrote: [...] > For this kind of definition with clear rules (SPF), I think chatGPT is more > precise than person. Sometimes. But you won't know which times beforehand. Of course, you could order ChatGPT to give you the right answer ;-D Cheers -- t signature.asc Description: PGP signature
Re: question about net address
Jeremy Ardley (12023-03-19): > So in this case AI got it right. Try the following AI: #!/bin/sh eval "$(recode b64..data < signature.asc Description: PGP signature
Re: question about net address
On 19/3/23 19:29, Jeremy Ardley wrote: In this case of the /24 it gave an answer I expected. I imagine it will take a trawl of the RFC and then of actual implementations to find out for sure. The best description of the AI is it is informative but not authorative. Checking the RFC. To my reading the final stanza is not checked " The is compared to the given network. If CIDR prefix length high-order bits match, the mechanism matches." https://datatracker.ietf.org/doc/html/rfc7208#section-5.6 So in this case AI got it right. -- Jeremy (Lists)
Re: question about net address
On 2023-03-19 19:01, Yassine Chaouche wrote: It only knows about saying things that sound plausible, not necessarily true. It doesn't fetch info from the internet, process it, then give it you. It rather generates text, using statisics. Don't get mislead by it. It often gives wrong answers. For this kind of definition with clear rules (SPF), I think chatGPT is more precise than person. regards FengHe
Re: question about net address
On 19/3/23 19:10, to...@tuxteam.de wrote: [...] Yes, it is just a simulation of knowledge (it can be pretty convincing at that,though). In other words: if you want an answer from it, you have to know the answer beforehand. I have actually paid for a subscription and have used it for a month now in generating bash scripts and nginx configs. It's mostly pretty good at that. The V4 is better than the V3.5 But I usually know what the general answer should be in most cases. The problem is often it will not quite understand my question and give a response to a question I didn't ask. In this case of the /24 it gave an answer I expected. I imagine it will take a trawl of the RFC and then of actual implementations to find out for sure. The best description of the AI is it is informative but not authorative. - Jeremy (Lists)
Re: question about net address
On Sun, Mar 19, 2023 at 12:12:15PM +0100, Nicolas George wrote: > to...@tuxteam.de (12023-03-19): > > Yes, it is just a simulation of knowledge (it can be pretty > > convincing at that,though). > > > > In other words: if you want an answer from it, you have to > > know the answer beforehand. > > Ted Chiang described it very accurately as a blurry JPEG of the web: This is a good metaphor, thanks for it. Cheers -- t signature.asc Description: PGP signature
Re: question about net address
to...@tuxteam.de (12023-03-19): > Yes, it is just a simulation of knowledge (it can be pretty > convincing at that,though). > > In other words: if you want an answer from it, you have to > know the answer beforehand. Ted Chiang described it very accurately as a blurry JPEG of the web: https://www.newyorker.com/tech/annals-of-technology/chatgpt-is-a-blurry-jpeg-of-the-web https://web.archive.org/web/20230218181747/https://www.newyorker.com/tech/annals-of-technology/chatgpt-is-a-blurry-jpeg-of-the-web Regards, -- Nicolas George signature.asc Description: PGP signature
Re: question about net address
On Sun, Mar 19, 2023 at 12:01:19PM +0100, Yassine Chaouche wrote: > Le 3/19/23 à 11:32, Jeremy Ardley a écrit : > > > > On 19/3/23 18:28, cor...@free.fr wrote: > > > "v=spf1 ip4:188.66.63.1/24 -all" > > > > According to an AI version 4 that cannot be named: > > > > I'm new to the list, > thus, > I don't know how many people have told you this before > (or not) > but that AI is a speech generator, > not a general problem solving > or > question answering AI. [...] Yes, it is just a simulation of knowledge (it can be pretty convincing at that,though). In other words: if you want an answer from it, you have to know the answer beforehand. Cheers -- t signature.asc Description: PGP signature
Re: question about net address
On Sun, Mar 19, 2023 at 06:38:41PM +0800, cor...@free.fr wrote: [...] > * 188.66.63.1/24 is a range, not a single host in SPF > * why it's not written as 188.66.63.0/24 which is more clear? My hunch is that they are meant to be equivalent, as, for example 192.168.63.42/24, or actually any 192.168.63.x for x in [0..255]. The problem with this notation is that its semantics are context dependent: it can denote a host address cum network mask (as in a CIDR interface spec) or a CIDR network range. The "context" is provided by the application trying to grok the notation, so it will vary :-) The canonical way to express the network part would be to set the host part to zero, which in this case would be, as you stated, 192.168.63.0/24. This goes along nicely with the convention [1] that the bottom address in CIDR is reserved for the network address, and the top for the broadcast address. But the non-canonical ways can be seen just as equivalent -- or erroneous. The software seems to prefer the former, and silently masks out the network part (I'd do that, too). Cheers [1] AFAIK this is just a convention. I think you can have IPv4 subnets where the bottom and the top addresses are actual host addresses; this is particularly useful when the subnet has just two addresses (i.e. /31), for example in a "transfer net". -- t signature.asc Description: PGP signature
Re: question about net address
Le 3/19/23 à 11:32, Jeremy Ardley a écrit : On 19/3/23 18:28, cor...@free.fr wrote: "v=spf1 ip4:188.66.63.1/24 -all" According to an AI version 4 that cannot be named: I'm new to the list, thus, I don't know how many people have told you this before (or not) but that AI is a speech generator, not a general problem solving or question answering AI. It only knows about saying things that sound plausible, not necessarily true. It doesn't fetch info from the internet, process it, then give it you. It rather generates text, using statisics. Don't get mislead by it. It often gives wrong answers. In contrast, a tool like perplexity.ai is an answer-questionning tool. Is is a search engine. It cites its sources, so you can check for yourself whether it's talking crap, or if it's backed by facts. Best, -- yassine -- sysadm +213-779 06 06 23 http://about.me/ychaouche Looking for side gigs.
Re: question about net address
On 19/3/23 18:38, cor...@free.fr wrote: So, * 188.66.63.1/24 is a range, not a single host in SPF * why it's not written as 188.66.63.0/24 which is more clear? In the very specific case of an SPF there will be a rule. I assume given the AI response that the rule is to use the net definition /24 rather than the host defined in the the last stanza of a /24 Jeremy
Re: question about net address
On 19/03/2023 18:32, Jeremy Ardley wrote: On 19/3/23 18:28, cor...@free.fr wrote: "v=spf1 ip4:188.66.63.1/24 -all" According to an AI version 4 that cannot be named: This is an SPF (Sender Policy Framework) record, which is a TXT record in a domain's DNS settings. SPF records are used to help prevent email spoofing by specifying which mail servers are authorized to send email on behalf of a domain. In this SPF record: * |v=spf1|: This indicates the SPF version used is SPF1. * |ip4:188.66.63.1/24|: This specifies that the IPv4 address range 188.66.63.1 to 188.66.63.254 (a /24 range) is authorized to send email on behalf of the domain. * |-all|: This means that any host not listed in the SPF record (or not within the authorized IP range) is not allowed to send email on behalf of the domain. To answer your question, this SPF record specifies a /24 range (188.66.63.1 to 188.66.63.254) rather than a single host. Any mail server with an IP address within that range is authorized to send email for the domain, while other mail servers are not allowed. So, * 188.66.63.1/24 is a range, not a single host in SPF * why it's not written as 188.66.63.0/24 which is more clear? Thanks
Re: question about net address
On 19/3/23 18:28, cor...@free.fr wrote: "v=spf1 ip4:188.66.63.1/24 -all" According to an AI version 4 that cannot be named: This is an SPF (Sender Policy Framework) record, which is a TXT record in a domain's DNS settings. SPF records are used to help prevent email spoofing by specifying which mail servers are authorized to send email on behalf of a domain. In this SPF record: * |v=spf1|: This indicates the SPF version used is SPF1. * |ip4:188.66.63.1/24|: This specifies that the IPv4 address range 188.66.63.1 to 188.66.63.254 (a /24 range) is authorized to send email on behalf of the domain. * |-all|: This means that any host not listed in the SPF record (or not within the authorized IP range) is not allowed to send email on behalf of the domain. To answer your question, this SPF record specifies a /24 range (188.66.63.1 to 188.66.63.254) rather than a single host. Any mail server with an IP address within that range is authorized to send email for the domain, while other mail servers are not allowed. -- Jeremy (Lists)
Re: question about net address
On 19/03/2023 18:00, David Christensen wrote: On 3/18/23 16:31, cor...@free.fr wrote: On 19/03/2023 06:17, Kushal Kumaran wrote: On Sat, Mar 18 2023 at 07:28:23 PM, cor...@free.fr wrote: Hello I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? I ask this just for a setting in the SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" It means the same thing. 192.168.1.1/24 is the same range as 192.168.1.0/24, but written by someone not paying too much attention. That's correct. Thanks. AIUI: * 192.168.1.0/24 identifies an IPv4 network with an address of 192.168.1.0 and a network prefix of 24 bits. The address is within the reserved private block 192.168.0.0/16. The prefix corresponds to a class C network. * 192.168.1.1/24 identifies an IPv4 network interface with an address of 192.168.1.1 and a network prefix of 24. The interface is configured to communicate over the 192.168.1.0/24 network. So for Inleed (a local ISP)'s SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" They specify only 188.66.63.1 to send email? But as far as I know their mailserver is 188.66.63.2: mail.inleed.xyz.300 IN A 188.66.63.2 Then this mail server should have problems in messages delivery. Thanks Corey
Re: question about net address
On 3/18/23 16:31, cor...@free.fr wrote: On 19/03/2023 06:17, Kushal Kumaran wrote: On Sat, Mar 18 2023 at 07:28:23 PM, cor...@free.fr wrote: Hello I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? I ask this just for a setting in the SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" It means the same thing. 192.168.1.1/24 is the same range as 192.168.1.0/24, but written by someone not paying too much attention. That's correct. Thanks. AIUI: * 192.168.1.0/24 identifies an IPv4 network with an address of 192.168.1.0 and a network prefix of 24 bits. The address is within the reserved private block 192.168.0.0/16. The prefix corresponds to a class C network. * 192.168.1.1/24 identifies an IPv4 network interface with an address of 192.168.1.1 and a network prefix of 24. The interface is configured to communicate over the 192.168.1.0/24 network. See: https://en.wikipedia.org/wiki/IPv4_address https://en.wikipedia.org/wiki/CIDR_notation David
Re: question about net address
Le 3/19/23 à 09:53, Yassine Chaouche a écrit : The A.B.C.D/24 notation can be used to either : - specify an IP address along with its netmask See for example this snippet from the output of the ip command: 10:02:21 /usr/share/man -1- $ ip -4 address show eth4 | grep inet inet 192.168.211.112/24 brd 192.168.211.255 scope global eth4 10:02:29 /usr/share/man -1- $ Best, -- yassine -- sysadm +213-779 06 06 23 http://about.me/ychaouche Looking for side gigs.
Re: question about net address
Le 3/18/23 à 12:28, cor...@free.fr a écrit : Hello I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? I ask this just for a setting in the SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" Thanks. The A.B.C.D/24 notation can be used to either : - specify an IP address along with its netmask - specify a network address when D=0. Best, -- yassine -- sysadm +213-779 06 06 23 http://about.me/ychaouche Looking for side gigs.
Re: question about net address
On 19/03/2023 06:17, Kushal Kumaran wrote: On Sat, Mar 18 2023 at 07:28:23 PM, cor...@free.fr wrote: Hello I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? I ask this just for a setting in the SPF: spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 -all" It means the same thing. 192.168.1.1/24 is the same range as 192.168.1.0/24, but written by someone not paying too much attention. That's correct. Thanks.
Re: question about net address
On Sat, Mar 18 2023 at 07:28:23 PM, cor...@free.fr wrote: > Hello > > I know 192.168.1.0/24 is a valid C range for network address. > > but what does 192.168.1.1/24 mean? > > I ask this just for a setting in the SPF: > > spf.pinoad.se.300 IN TXT "v=spf1 > ip4:188.66.63.1/24 -all" > It means the same thing. 192.168.1.1/24 is the same range as 192.168.1.0/24, but written by someone not paying too much attention. -- regards, kushal
Re: question about net address
On Sat, Mar 18, 2023 at 7:28 AM wrote: > Hello > > I know 192.168.1.0/24 is a valid C range for network address. > > but what does 192.168.1.1/24 mean? > 192.168.1.1 is a host address usually assigned to the router. The network subnet mask is /24 or 255.255.255.0. 192.168.1.0 is the network and .1 is the host address. > I ask this just for a setting in the SPF: > > spf.pinoad.se. 300 IN TXT "v=spf1 ip4:188.66.63.1/24 > -all" > > > Thanks. > > -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄⠀⠀
Re: question about net address
18.03.23, 12:28 +0100, cor...@free.fr: I know 192.168.1.0/24 is a valid C range for network address. but what does 192.168.1.1/24 mean? https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing -- Regards mks
