Re: [sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Erwan David]

Le 18/07/2024 à 08:31, Sébastien NOBILI a écrit :

Bonjour,

Le 2024-07-17 20:17, Gaëtan Perrier a écrit :

Peut-être n'y a-t-il pas assez de place pour 3 noyaux.


Je n'en ai qu'un seul.


Ça fait beaucoup de place occupée pour un seul noyau, et c'est assez 
inhabituel. En général
il y en a au moins deux : le courant et le n-1 (ou le n+1 si on n'a 
pas encore reboot).


Ici j'ai 152M d'occupés pour deux noyaux installés :

```
$ ls /boot/vmlinuz-*
/boot/vmlinuz-6.1.0-22-amd64  /boot/vmlinuz-6.1.0-23-amd64
```

Si tu n'as réellement qu'un seul noyau installé, tu as peut-être de la 
place perdue quelque

part…

Sébastien


Un vieil initrd qui traîne ? Ce sont eux qui prennent de la place, 
surtout s'ils ont les firmware de tous les modules (ceux des cartes 
graphiques en particulier)

Re: [sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Sébastien NOBILI]

Bonjour,

Le 2024-07-17 20:17, Gaëtan Perrier a écrit :

Peut-être n'y a-t-il pas assez de place pour 3 noyaux.


Je n'en ai qu'un seul.


Ça fait beaucoup de place occupée pour un seul noyau, et c'est assez 
inhabituel. En général
il y en a au moins deux : le courant et le n-1 (ou le n+1 si on n'a pas 
encore reboot).


Ici j'ai 152M d'occupés pour deux noyaux installés :

```
$ ls /boot/vmlinuz-*
/boot/vmlinuz-6.1.0-22-amd64  /boot/vmlinuz-6.1.0-23-amd64
```

Si tu n'as réellement qu'un seul noyau installé, tu as peut-être de la 
place perdue quelque

part…

Sébastien

Re: [sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Gaëtan Perrier]

Le mercredi 17 juillet 2024 à 08:24 +0200, Jean-Marc a écrit :
> 
> Le 17/07/24 à 00:52, Gaëtan Perrier a écrit :
> > Bonjour,
> 
> salut Gaëtan,
> 
> > je rencontre un problème sur sid après les mises à jour de ce jour.
> > 
> > Paramétrage de initramfs-tools (0.142) ...
> > update-initramfs: deferring update (trigger activated)
> > Traitement des actions différées (« triggers ») pour initramfs-tools
> > (0.142) ...
> > update-initramfs: Generating /boot/initrd.img-6.9.9-amd64
> > zstd: error 70 : Write error : cannot write block : No space left on device
> > E: mkinitramfs failure zstd -q -9 -T0 70
> > update-initramfs: failed for /boot/initrd.img-6.9.9-amd64 with 1.
> > dpkg: erreur de traitement du paquet initramfs-tools (--configure) :
> >   le sous-processus paquet initramfs-tools script post-installation
> > installé a
> > renvoyé un état de sortie d'erreur 1
> > Des erreurs ont été rencontrées pendant l'exécution :
> >   initramfs-tools
> > Error: Sub-process /usr/bin/dpkg returned an error code (1)
> > 
> > 
> > Pourtant il me reste de la place sur boot:
> > 
> > Sys. de fichiers Taille Utilisé Dispo Uti% Monté sur
> > /dev/sdb2  474M    276M  170M  62% /boot
> 
> Peut-être n'y a-t-il pas assez de place pour 3 noyaux.

Je n'en ai qu'un seul.

> 
> > Ça fait 12 ou 13 ans que je tourne avec cette partition boot sans problème.
> > Est-ce qu'il y a eu des changements récents sur la conso disque des noyaux
> > ?
> 
> Difficile à dire.
> 
> La dernière version d'apt sur sid donne aussi une indication de la place 
> nécessaire.
> 
> Qu'utilises-tu pour tes mises à jour ?

j'utilise apt.

> 
> J'ai aussi fait face à ce genre de soucis avec un système installé il y 
> a longtemps.  La taille du /boot n'est plus assez grande.
> 
> J'ai résolu le problème en passant le paramètre MODULES=dep à la 
> commande update-initramfs via le fichier 
> /etc/initramfs-tools/conf.d/modules-dep pour n'embarquer que les modules 
> nécessaires.

Merci, ça fonctionne ! :)

Gaëtan


signature.asc
Description: This is a digitally signed message part

Re: hplip: hp-check error in line 630 since last update

[Brad Rogers]

On Wed, 17 Jul 2024 13:55:55 +0200
Daniel Schröter  wrote:

Hello Daniel,

>thanks for this information. Sounds more then similar ;-)

:-)

Thought so.  

I implemented the fix here, and can confirm hplip is up and running
again.

Good luck.

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
Tired of doing day jobs with no thanks for what I do
Do Anything You Wanna Do - Eddie & The Hotrods


pgpP7mK4n6dVQ.pgp
Description: OpenPGP digital signature

Re: hplip: hp-check error in line 630 since last update

[Daniel Schröter]

Hello Brad,

thanks for this information. Sounds more then similar ;-)

I'm going to close my bug report

Bye

Re: [sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Michel Verdier]

Le 17 juillet 2024 Jean-Marc a écrit :

> J'ai résolu le problème en passant le paramètre MODULES=dep à la commande
> update-initramfs via le fichier /etc/initramfs-tools/conf.d/modules-dep pour
> n'embarquer que les modules nécessaires.

Sur bookworm le paramètre est dans
/etc/initramfs-tools/initramfs.conf
et surchargé dans
/etc/initramfs-tools/conf.d/driver-policy

Re: [sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Jean-Marc]

Le 17/07/24 à 00:52, Gaëtan Perrier a écrit :

Bonjour,


salut Gaëtan,


je rencontre un problème sur sid après les mises à jour de ce jour.

Paramétrage de initramfs-tools (0.142) ...
update-initramfs: deferring update (trigger activated)
Traitement des actions différées (« triggers ») pour initramfs-tools
(0.142) ...
update-initramfs: Generating /boot/initrd.img-6.9.9-amd64
zstd: error 70 : Write error : cannot write block : No space left on device
E: mkinitramfs failure zstd -q -9 -T0 70
update-initramfs: failed for /boot/initrd.img-6.9.9-amd64 with 1.
dpkg: erreur de traitement du paquet initramfs-tools (--configure) :
  le sous-processus paquet initramfs-tools script post-installation installé a
renvoyé un état de sortie d'erreur 1
Des erreurs ont été rencontrées pendant l'exécution :
  initramfs-tools
Error: Sub-process /usr/bin/dpkg returned an error code (1)


Pourtant il me reste de la place sur boot:

Sys. de fichiers Taille Utilisé Dispo Uti% Monté sur
/dev/sdb2  474M276M  170M  62% /boot


Peut-être n'y a-t-il pas assez de place pour 3 noyaux.


Ça fait 12 ou 13 ans que je tourne avec cette partition boot sans problème.
Est-ce qu'il y a eu des changements récents sur la conso disque des noyaux ?


Difficile à dire.

La dernière version d'apt sur sid donne aussi une indication de la place 
nécessaire.


Qu'utilises-tu pour tes mises à jour ?

J'ai aussi fait face à ce genre de soucis avec un système installé il y 
a longtemps.  La taille du /boot n'est plus assez grande.


J'ai résolu le problème en passant le paramètre MODULES=dep à la 
commande update-initramfs via le fichier 
/etc/initramfs-tools/conf.d/modules-dep pour n'embarquer que les modules 
nécessaires.



A+


Bonne journée.


Gaëtan


--
Jean-Marc


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: hplip: hp-check error in line 630 since last update

[Brad Rogers]

On Tue, 16 Jul 2024 11:01:30 +0200
Daniel Schröter  wrote:

Hello Daniel,

>
>I opened a bug report but didn't get an answer.
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076210
>
>Someone has a workaround?

See;

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075760

Which is very similar to your report.

There is a solution there.  There's also mention of an nmu upload in a
few days time.

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
It's not your heart, it's your bank I want to break
It's Yer Money - Wonder Stuff


pgpi6TdxbLsaz.pgp
Description: OpenPGP digital signature

[sid] update-initramfs: Generating /boot/initrd.img-6.9.9-amd64 => zstd: error 70 : Write error : cannot write block : No space left on device

[Gaëtan Perrier]

Bonjour,

je rencontre un problème sur sid après les mises à jour de ce jour.

Paramétrage de initramfs-tools (0.142) ...
update-initramfs: deferring update (trigger activated)
Traitement des actions différées (« triggers ») pour initramfs-tools
(0.142) ...
update-initramfs: Generating /boot/initrd.img-6.9.9-amd64
zstd: error 70 : Write error : cannot write block : No space left on device 
E: mkinitramfs failure zstd -q -9 -T0 70
update-initramfs: failed for /boot/initrd.img-6.9.9-amd64 with 1.
dpkg: erreur de traitement du paquet initramfs-tools (--configure) :
 le sous-processus paquet initramfs-tools script post-installation installé a
renvoyé un état de sortie d'erreur 1
Des erreurs ont été rencontrées pendant l'exécution :
 initramfs-tools
Error: Sub-process /usr/bin/dpkg returned an error code (1)


Pourtant il me reste de la place sur boot:

Sys. de fichiers Taille Utilisé Dispo Uti% Monté sur
/dev/sdb2  474M276M  170M  62% /boot

Ça fait 12 ou 13 ans que je tourne avec cette partition boot sans problème.
Est-ce qu'il y a eu des changements récents sur la conso disque des noyaux ?

A+

Gaëtan


signature.asc
Description: This is a digitally signed message part

hplip: hp-check error in line 630 since last update

[Daniel Schröter]

Hello,

someone else has the problem with hp-check since last update?
$ hp-check
/usr/bin/hp-check:630: SyntaxWarning: invalid escape sequence '\s'
  lsusb_pat =
re.compile("""^Bus\s([0-9a-fA-F]{3,3})\sDevice\s([0-9a-fA-F]{3,3}):\sID\s([0-9a-fA-F]{4,4}):([0-9a-fA-F]{4,4})(.*)""",
re.IGNORECASE)
Traceback (most recent call last):
  File "/usr/bin/hp-check", line 38, in 
from base.g import *
  File "/usr/share/hplip/base/g.py", line 239, in 
sys_conf = SysConfig()
   ^^^
  File "/usr/share/hplip/base/g.py", line 184, in __init__
ConfigBase.__init__(self, '/etc/hp/hplip.conf')
  File "/usr/share/hplip/base/g.py", line 89, in __init__
self.read()
  File "/usr/share/hplip/base/g.py", line 130, in read
self.conf.readfp(fp)

AttributeError: 'ConfigParser' object has no attribute 'readfp'. Did you mean:
'read'?


I opened a bug report but didn't get an answer.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076210

Someone has a workaround?

Thanks!

Bye

Re: Luks/lvm => migration vers un nouveau disque : grub rescue grub error lvmid/48r3xxxx

[Michel Verdier]

Le 14 juillet 2024 Greg a écrit :

> MAJ de /etc/crypttab pour y ajouter mon luks du sdc2 (nouveau disque)
> # blkid | grep 3ca2c544
> /dev/sdc2: UUID="3ca2c544-2104-4e57-9a17-d636921a7b8a"
> TYPE="crypto_LUKS" PARTUUID="fae97942-02"
>
> # grep 3ca2c544 /etc/crypttab
> 202407 UUID=3ca2c544-2104-4e57-9a17-d636921a7b8a none luks,discard
>
> # update-grub ou update-initramfs -c -u => donne le même resultat au
> boot ... grub rescue
> "grub error lvmid/48r3 ." not found(c'est le VG UUID de mon
> nouveau lvm)

update-initramfs ne s'occupe que du root actuel, et s'il est dans
/etc/crypttab crée une ligne crypttab dans le initramfs. Mais ne prend
pas le futur root. Tu peux le vérifier avant reboot avec :
 mkdir ramfs
 unmkinitramfs -v /boot/initrd.img- ramfs/
 cat ramfs/main/cryptroot/crypttab
 
Perso je passe par un autre truc pour faire les cryptsetup donc je n'ai
jamais eu à vérifier, mais ça devrait peut-être se régler en faisant la
modif crypttab et update-initramfs en rescue. Ou tout simplement en
modifiant le initramfs si tu maîtrise cpio.

Re: Luks/lvm => migration vers un nouveau disque : grub rescue grub error lvmid/48r3xxxx

[didier gaumet]

j'ai potentiellement répondu un peu trop vitre: ma réponse précédente 
n'est valable que si tu utilises KVM/Qemu.
Et si tu utilises bien KVM/Qemu, tu peux aussi ne pas être radin sur la 
taille des disques virtuels: sauf si tu spécifies explicitement 
d'allouer entièrement la taille maximale du disque lors de la création 
de celui-ci, l'allocation est dynamique, donc si tu ne mets que 1 Go sur 
un disque virtuel de 1 To, l'espace occupé ne représente que 1 Go, si je 
me souviens bien.

Re: Luks/lvm => migration vers un nouveau disque : grub rescue grub error lvmid/48r3xxxx

[didier gaumet]

Bonjour,

j'ai pas lu dans le détail parce que, simplement je me suis posé la 
question: pourquoi, si c'est possible (et apparemment ça l'est même si 
je n'ai jamais pratiqué), ne pas agrandir le disque virtuel actuel 
plutôt qu'en créer un nouveau plus grand? on se retrouve alors ensuite 
avec une problématique classique d'agrandissement des partitions du disque:

https://computingforgeeks.com/how-to-extend-increase-kvm-virtual-machine-disk-size/

Luks/lvm => migration vers un nouveau disque : grub rescue grub error lvmid/48r3xxxx

[Greg]

Bonjour,

J'ai ma VM debian qui est un peu à l'étroit côté disque

* nouveau disque de 50Go 
* /bootsur sdc1 (UUID="4a43caa0-2f0a-414a-8ba5-455aa45d8bc0")
* luks+lvm sur sdc2 (un lukOpen à la main fonctionne)

Je copie ce qui est sur l'ancien disque sur le nouveau (avec les rsync
pour /boot / /var, exclusion des /run et consorts)

je mount tout ça +  du bind pour préparer un chroot : 

for i in /sys /proc /dev; do mount --bind "$i" /media/202407/slash"$i";
done ; for p in var boot ; do mount --bind  /media/202407/$p
/media/202407/slash/$p ; done &&  /sbin/chroot /media/202407/slash

MAJ de /etc/crypttab pour y ajouter mon luks du sdc2 (nouveau disque)
# blkid | grep 3ca2c544
/dev/sdc2: UUID="3ca2c544-2104-4e57-9a17-d636921a7b8a"
TYPE="crypto_LUKS" PARTUUID="fae97942-02"

# grep 3ca2c544 /etc/crypttab
202407 UUID=3ca2c544-2104-4e57-9a17-d636921a7b8a none luks,discard

# update-grub ou update-initramfs -c -u => donne le même resultat au
boot ... grub rescue
"grub error lvmid/48r3 ." not found(c'est le VG UUID de mon
nouveau lvm)

J'ai tenté un sed dans /boot/grub/grub.cfg /boot/grub/i386-pc/load.cfg
  
  s/3491398d-b897-4ac2-9697-e9793d606c0d/4a43caa0-2f0a-414a-8ba5-455aa45d8bc0/g

* 349xx => partition boot "actuelle" (sda1)
* 4a4xx => futur boot (sdc1)

J'ai raté quoi d'évident ? (c'est forcément un pb interface
chaise-clavier) 
Je pense que grub ne détecte pas mon sdc2 en tant que luks 

C'est sûrement brouillon, si cela ne l'était pas ... j'aurais ptet
trouvé la solution tout seul ...



Note : si je boot en sda1 => je suis quand même obligé de faire un
luksOpen de mon nouveau disque (sdc2) pour pouvoir monter les
"nouvelles" partition (malgrés le crypttab à jour)

[SUCESS with caution] Re: Corrupt MATE configuration due to OPERATOR ERROR

[Richard Owlett]

On 06/17/2024 09:33 AM, Mike Kupfer wrote:

Richard Owlett wrote:


I created a new, _apparently_ identical, panel.
*HOWEVER*
   it displays something for each item open/active in *ANY* workspace.

How do I get back to displaying something for each item open/active in
the *CURRENT* workspace?


This is the "window list" applet that you're describing.  Position your
mouse just to the left of the leftmost item in the applet, and
right-click.  You should get a menu that has items like "System Monitor"
and "Preferences".  Click on "Preferences".  That should bring up the
controls for the applet as a whole.  Somewhere in there will be a
control for whether to display windows from the current workspace versus
from all workspaces.

mike



Thank you. That's the needed solution.

The "caution" in my subject is for future readers of this thread.

I wish to emphasize the *just to the left* in the above.
If you go minimally too far to the left you get a menu related to 
modifying current panel or creating additional panels.


*Immediately* adjacent to the leftmost item are a faint grey set of
3 dots vertically aligned. You must right-click ON those dots.

Re: Corrupt MATE configuration due to OPERATOR ERROR

[Mike Kupfer]

Richard Owlett wrote:

> I created a new, _apparently_ identical, panel.
> *HOWEVER*
>   it displays something for each item open/active in *ANY* workspace.
> 
> How do I get back to displaying something for each item open/active in
> the *CURRENT* workspace?

This is the "window list" applet that you're describing.  Position your
mouse just to the left of the leftmost item in the applet, and
right-click.  You should get a menu that has items like "System Monitor"
and "Preferences".  Click on "Preferences".  That should bring up the
controls for the applet as a whole.  Somewhere in there will be a
control for whether to display windows from the current workspace versus
from all workspaces.

mike

Re: Corrupt MATE configuration due to OPERATOR ERROR

[Charles Curley]

On Mon, 17 Jun 2024 05:35:17 -0500
Richard Owlett  wrote:

> ENVIRONMENT:
> Running Debian 9.13 with MATE 1.16.3 on DELL LATITUDE E6410 laptop
> an external monitor is used via ARandR 0.1.9
> Using SeaMonkey 2.49.4 for browser and email
> Yes. Multiple rev's behind. Doing housekeeping before updating ;}
> 
> MATE with installation defaults had run fine.
> Long ago I had added additional panel at top of screen to have room
> for common activities - no problem for years.

I suggest that, if you intend to upgrade to the current stable,
bookworm (Debian 12), you do that now by a completely new installation.
Restore your customization a bit at a time. If you are lucky, the
problem will go away. If the problem returns and you are lucky, you
will know which customization to revert to fix it.

You do have good backups, right?

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Corrupt MATE configuration due to OPERATOR ERROR

[Richard Owlett]

ENVIRONMENT:
   Running Debian 9.13 with MATE 1.16.3 on DELL LATITUDE E6410 laptop
   an external monitor is used via ARandR 0.1.9
   Using SeaMonkey 2.49.4 for browser and email
   Yes. Multiple rev's behind. Doing housekeeping before updating ;}

MATE with installation defaults had run fine.
Long ago I had added additional panel at top of screen to have room for 
common activities - no problem for years.


My problem is explicitly with the bottom panel only.
The *default* on installation is to display:
  1. 4 boxes on right end to select "current" workspace
  2. something for each item open/active in the *current* workspace.

PROBLEM SEQUENCE
An unwanted icon was displayed - in appearance a file opened
 by Pluma.
Did not recall having opened that file recently.
Couldn't "close" &/or "delete" it.
In frustration:
  1. right clicked on panel
  2. chose "Delete This Panel"
I don't recall if confirmation was requested - in any case panel gone!

I created a new, _apparently_ identical, panel.
*HOWEVER*
  it displays something for each item open/active in *ANY* workspace.

How do I get back to displaying something for each item open/active in 
the *CURRENT* workspace?


TIA

Re: Synaptic Update Error

[Greg Wooledge]

On Fri, May 24, 2024 at 08:14:16AM -0400, Stephen P. Molnar wrote:
> E: Release file for
> http://debian.uchicago.edu/debian/dists/bookworm-updates/InRelease is
> expired (invalid since 1d 15h 6min 44s). Updates for this repository will
> not be applied.

Slightly worrisome.

> deb http://debian.uchicago.edu/debian/ bookworm non-free-firmware non-free
> contrib main
> deb-src http://debian.uchicago.edu/debian/ bookworm non-free-firmware
> non-free contrib main

If this mirror continues to be out of date, consider replacing it with
a mirror that's NOT out of date.  Or using one of the round robin
mirror load-balancers, or the deb.debian.org mega-load-balancer.

Synaptic Update Error

[Stephen P. Molnar]

During a routine update I got the error:

E: Release file for 
http://debian.uchicago.edu/debian/dists/bookworm-updates/InRelease is 
expired (invalid since 1d 15h 6min 44s). Updates for this repository 
will not be applied.


/etc/apt/sources.lis entries are:

# deb cdrom:[Debian GNU/Linux 12.5.0 _Bookworm_ - Official amd64 DVD 
Binary-1 with firmware 20240210-11:28]/ bookworm non-free-firmware main 
contrib


deb http://debian.uchicago.edu/debian/ bookworm non-free-firmware 
non-free contrib main
deb-src http://debian.uchicago.edu/debian/ bookworm non-free-firmware 
non-free contrib main


deb http://security.debian.org/debian-security/ bookworm-security 
non-free-firmware non-free contrib main
deb-src http://security.debian.org/debian-security/ bookworm-security 
non-free-firmware non-free contrib main


# bookworm-updates, to get updates before a point release is made;
# see 
https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
deb http://debian.uchicago.edu/debian/ bookworm-updates 
non-free-firmware non-free contrib main
deb-src http://debian.uchicago.edu/debian/ bookworm-updates 
non-free-firmware non-free contrib main


I am somewhat puzzled, as I don't see '/InRelease' in any of the entries 
in /etc/apt/sources.list. Where does the problem source in sudo apt 
update come from. I am rather loathe to edit the sources.list.


Thanks in advance.

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Jonathan Chung]

Hi, 

I think that the core problem which led to this also was on GRPCs side.
They should not tell users to compile their library but rather point
them to install it from their distros' packet manager
(https://grpc.io/docs/languages/cpp/quickstart/#install-grpc) if
possible. I will try to do the switch tonight as I just use GRPC as
library in a project and don't need to change anything in the GRPC
source.

Have a nice day,

Jonathan Chung

Am Mittwoch, dem 03.04.2024 um 08:35 +0200 schrieb Thomas Schmitt:
> Hi,
> 
> Chung  Jonathan wrote:
> > Yes, I think the local fix is the way to go.
> 
> I wrote:
> > > (You forgot to Cc: debian-user@lists.debian.org.
> > > Consider to send your mail to the list address, too. I too would
> > > then
> > > resend my following reply to the list.)
> 
> Since my "following reply" is quoted in Jonathan Chung's reply to the
> list
> i don't have to resend it. (I gave my opinion that the problem is not
> a
> bug in the context of Debian 12 or 13 and pointed to
> https://wiki.debian.org/BuildingTutorial for a private fix of the
> problem.)
> 
> 
> Jeffrey Walton wrote:
> > Your problem is one that plagues Linux. You compile and link
> > against
> > one version of a library, and then you runtime link against another
> > version.
> 
> This should not be a problem with a well maintained library which
> cares
> to stay ABI compatible with its older releases.
> In the present case it was a bug in the loading program pigz which
> prevented zlib from being usable.
> 
> 
> > I consider it a
> > security bug since essentially random libraries are being loaded at
> > runtime.
> > To fix the problem yourself, add an RPATH to your LDFLAGS when
> > building your program:
> >     -Wl,-rpath=/path/to/expected/libz -Wl,--enable-new-dtags
> 
> Well, this is nearly as unflexible as static compilation but does not
> seem to prevent the use of a replaced library at the given path.
> 
> Using .so files has its advantages and disadvantages. For a distro
> the
> advantage (without the pigz bug) is that customers of different
> versions
> of a library can be consolidated to using the newest available
> version.
> An advantage for the user is that bugs in a library can be fixed
> without
> the need for re-building all its customers.
> 
> 
> Have a nice day :)
> 
> Thomas
> 

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Thomas Schmitt]

Hi,

Chung  Jonathan wrote:
> Yes, I think the local fix is the way to go.

I wrote:
> > (You forgot to Cc: debian-user@lists.debian.org.
> > Consider to send your mail to the list address, too. I too would then
> > resend my following reply to the list.)

Since my "following reply" is quoted in Jonathan Chung's reply to the list
i don't have to resend it. (I gave my opinion that the problem is not a
bug in the context of Debian 12 or 13 and pointed to
https://wiki.debian.org/BuildingTutorial for a private fix of the problem.)


Jeffrey Walton wrote:
> Your problem is one that plagues Linux. You compile and link against
> one version of a library, and then you runtime link against another
> version.

This should not be a problem with a well maintained library which cares
to stay ABI compatible with its older releases.
In the present case it was a bug in the loading program pigz which
prevented zlib from being usable.


> I consider it a
> security bug since essentially random libraries are being loaded at
> runtime.
> To fix the problem yourself, add an RPATH to your LDFLAGS when
> building your program:
> -Wl,-rpath=/path/to/expected/libz -Wl,--enable-new-dtags

Well, this is nearly as unflexible as static compilation but does not
seem to prevent the use of a replaced library at the given path.

Using .so files has its advantages and disadvantages. For a distro the
advantage (without the pigz bug) is that customers of different versions
of a library can be consolidated to using the newest available version.
An advantage for the user is that bugs in a library can be fixed without
the need for re-building all its customers.


Have a nice day :)

Thomas

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Greg Wooledge]

On Tue, Apr 02, 2024 at 06:34:43PM -0400, Jeffrey Walton wrote:
> On Tue, Apr 2, 2024 at 6:24 PM Chung Jonathan  wrote:
> >
> > Dear Franco Martelli, dear Thomas Schmitt,
> >
> > Sorry for the potential duplication. This mail should now also go to the 
> > list.
> >
> > I believe I found the problem which was on my side. I do have libz.so.1.3, 
> > since I manually compiled grpc on my machine and this also uses a newer 
> > version of zlib appearently. So this is not a Debian problem but rather 
> > specific to my setup. A clean install in a VM indeed works as expected.
> > Do you still think a bug report is worth it?
> 
> Your problem is one that plagues Linux. You compile and link against
> one version of a library, and then you runtime link against another
> version. This should have been fixed for users a long time ago, but
> the folks responsible leave users to suffer it. I consider it a
> security bug since essentially random libraries are being loaded at
> runtime.
> 
> To fix the problem yourself, add an RPATH to your LDFLAGS when
> building your program:
> 
> -Wl,-rpath=/path/to/expected/libz -Wl,--enable-new-dtags
> 
> The loader will encounter the RPATH when loading your executable, and
> load the correct library for your program.

I've run into a variant of this issue myself.  I had compiled an
upstream version of Tcl, which builds a shared library named libtcl8.6.so
in the lib/ subdirectory of the --prefix used for ./configure, where
the default value of --prefix is /usr/local.

This places the shared library in /usr/local/lib which happens to be in
the default set of paths used by ldconfig and ld.so.  Which in turn
means that the locally built library gets used when running Debian's
packaged version of Tcl, taking priority over the version installed in
/usr/lib/x86_64-linux-gnu/ or whatver arch-specific directory is used.

In my case, the solution was to build my local version of Tcl with a
different --prefix.  Then there's nothing dropped into /usr/local/lib
and there's no conflict with the system's packages.

Of course, this is a particularly subtle problem that most users are not
going to be aware of.  It's specific to packages that build part of
themselves as a shared library, which immediately makes most programs
immune to it.  But when it *does* affect you, it can be tricky to
figure out what's happening.

It sounds like the OP's pigz issue was of a similar nature.  If this is
the case, then filing a Debian bug report isn't going to be helpful,
unless it's done as a sort of documentation for anyone else who runs
into the same problem in the future.

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Jeffrey Walton]

On Tue, Apr 2, 2024 at 6:24 PM Chung Jonathan  wrote:
>
> Dear Franco Martelli, dear Thomas Schmitt,
>
> Sorry for the potential duplication. This mail should now also go to the list.
>
> I believe I found the problem which was on my side. I do have libz.so.1.3, 
> since I manually compiled grpc on my machine and this also uses a newer 
> version of zlib appearently. So this is not a Debian problem but rather 
> specific to my setup. A clean install in a VM indeed works as expected.
> Do you still think a bug report is worth it?

Your problem is one that plagues Linux. You compile and link against
one version of a library, and then you runtime link against another
version. This should have been fixed for users a long time ago, but
the folks responsible leave users to suffer it. I consider it a
security bug since essentially random libraries are being loaded at
runtime.

To fix the problem yourself, add an RPATH to your LDFLAGS when
building your program:

-Wl,-rpath=/path/to/expected/libz -Wl,--enable-new-dtags

The loader will encounter the RPATH when loading your executable, and
load the correct library for your program.

Jeff

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Chung Jonathan]

Dear Franco Martelli, dear Thomas Schmitt,

Sorry for the potential duplication. This mail should now also go to the list.

I believe I found the problem which was on my side. I do have libz.so.1.3, 
since I manually compiled grpc on my machine and this also uses a newer version 
of zlib appearently. So this is not a Debian problem but rather specific to my 
setup. A clean install in a VM indeed works as expected.
Do you still think a bug report is worth it?

Thanks for your prompt responses,

Jonathan Chung

Am 02.04.2024 um 21:37 schrieb Chung Jonathan :

Dear Franco Martelli, dear Thomas Schmitt,

Yes, /etc/debian_version reports 12.5. However, as I have the docker sources as 
external repository those might have introduced an update to zlib. I will try 
to narrow it down and then open a subsequent bug report - possibly on a clean 
VM too.

The error first occurred as I installed a docker image. However, pigz --version 
also gave this error.

Thank you for pointing me to the correct directions,

Jonathan Chung

Am 02.04.2024 um 21:07 schrieb Franco Martelli :
On 02/04/24 at 10:27, Jonathan Chung wrote:
Dear sir or madam,
I'm new with Debian bug reporting and thus need some help with that.
pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
upstream https://github.com/madler/pigz/issues/111
Installing the version from sid resolves the issue which is clearly not
optimal. I think the fix should be backported.
Can someone help me to file a bug report?

To file a bug report use "reportbug pigz" and answer the questions… but I use 
regularly "pigz" in my backup scripts and I didn't notice nothing wrong ?_?
My installed version is:

~$ dpkg -l | grep pigz
ii  pigz 2.6-1  
   amd64Parallel Implementation of GZip

I just tested it and I've nothing to report:

~$ tar tf frankbck2.tgz --use-compress-program=pigz >/dev/null
~$ echo $?
0

Are you sure you are using Debian 12.5 ?

Kind regards.

--
Franco Martelli

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Chung Jonathan]

Dear Thomas Schmitt,

Yes, I think the local fix is the way to go. Probably even getting rid of the 
source of this, my manual GRPC install and replacing it with libgrpc++-dev. But 
that’s outside of this issue.

Yours,
Jonathan Chung

Am 02.04.2024 um 23:34 schrieb Thomas Schmitt :

Hi,

(You forgot to Cc: debian-user@lists.debian.org.
Consider to send your mail to the list address, too. I too would then
resend my following reply to the list.)

Chung  Jonathan wrote:
I do have libz.so.1.3,
since I manually compiled grpc on my machine and this also uses a newer
version of zlib appearently. [...]
Do you still think a bug report is worth it?

Rather not.

The original combination of pigz and zlib works in Debian 12. So it's
not a bug in that context.
The fact that it hampers upgrade to younger zlib is already addressed
by the version of pigz in "testing". So in the context of Debian 13 it
will be no bug either.

This leaves only the possibility to really ask for a backport for the
new feature that one can upgrade zlib before Debian offers it. But the
desired use case is near to the topic of "Frankendebian":
 https://wiki.debian.org/DontBreakDebian


If in urgent need for a fix, i expect that you would get more lucky by
patching the "stable" pigz package for your local use according to
 https://wiki.debian.org/BuildingTutorial
(patching is done in
 https://wiki.debian.org/BuildingTutorial#Edit_the_source_code
and as usual in Debian, there are more ways than this one to do it ...)


Have a nice day :)

Thomas

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Chung Jonathan]

Dear Franco Martelli, dear Thomas Schmitt,

Yes, /etc/debian_version reports 12.5. However, as I have the docker sources as 
external repository those might have introduced an update to zlib. I will try 
to narrow it down and then open a subsequent bug report - possibly on a clean 
VM too. 

The error first occurred as I installed a docker image. However, pigz --version 
also gave this error. 

Thank you for pointing me to the correct directions,

Jonathan Chung

> Am 02.04.2024 um 21:07 schrieb Franco Martelli :
> On 02/04/24 at 10:27, Jonathan Chung wrote:
>> Dear sir or madam,
>> I'm new with Debian bug reporting and thus need some help with that.
>> pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
>> upstream https://github.com/madler/pigz/issues/111
>> Installing the version from sid resolves the issue which is clearly not
>> optimal. I think the fix should be backported.
>> Can someone help me to file a bug report?
> 
> To file a bug report use "reportbug pigz" and answer the questions… but I use 
> regularly "pigz" in my backup scripts and I didn't notice nothing wrong ?_?
> My installed version is:
> 
> ~$ dpkg -l | grep pigz
> ii  pigz 2.6-1
>  amd64Parallel Implementation of GZip
> 
> I just tested it and I've nothing to report:
> 
> ~$ tar tf frankbck2.tgz --use-compress-program=pigz >/dev/null
> ~$ echo $?
> 0
> 
> Are you sure you are using Debian 12.5 ?
> 
> Kind regards.
> 
> --
> Franco Martelli

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Franco Martelli]

On 02/04/24 at 10:27, Jonathan Chung wrote:

Dear sir or madam,

I'm new with Debian bug reporting and thus need some help with that.
pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
upstream https://github.com/madler/pigz/issues/111

Installing the version from sid resolves the issue which is clearly not
optimal. I think the fix should be backported.

Can someone help me to file a bug report?



To file a bug report use "reportbug pigz" and answer the questions… but 
I use regularly "pigz" in my backup scripts and I didn't notice nothing 
wrong ?_?

My installed version is:

~$ dpkg -l | grep pigz
ii  pigz 2.6-1 
amd64Parallel Implementation of GZip


I just tested it and I've nothing to report:

~$ tar tf frankbck2.tgz --use-compress-program=pigz >/dev/null
~$ echo $?
0

Are you sure you are using Debian 12.5 ?

Kind regards.

--
Franco Martelli

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Charles Curley]

On Tue, 2 Apr 2024 10:27:33 +0200
Jonathan Chung  wrote:

> I'm new with Debian bug reporting and thus need some help with that.
> pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
> upstream https://github.com/madler/pigz/issues/111

Are you sure this is a bug and not a problem with your system? I am
also using pigz 2.6-1 on Debian 12.5, and I don't see it.

charles@hawk:~$ pigz --version
pigz 2.6
charles@hawk:~$ pre zlib pigz
pigz2.6-1   amd64
zlib1g  1:1.2.13.dfsg-1 amd64
zlib1g-dev  1:1.2.13.dfsg-1 amd64
charles@hawk:~$

What version of zlib are you running?

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Thomas Schmitt]

Hi,

Jonathan Chung wrote:
> > pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
> > upstream https://github.com/madler/pigz/issues/111
> > Installing the version from sid resolves the issue which is clearly not
> > optimal. I think the fix should be backported.
> > Can someone help me to file a bug report?

Michael Kjörling wrote:
> https://www.debian.org/Bugs/Reporting

This covers the question "how", but not "what".
So my two cents:

"Backported" is probably the wrong wish.
  https://backports.debian.org/Contribute/
says:
  "Backports are about additional features that are only offered in a
   new version, not a replacement for getting fixes into stable - use
   stable-updates for that."

That would probably mean to patch the existing pigz package in Debian 12
by the upstream remedy
  "Make pigz compatible with two-component zlib version numbers. "
  https://github.com/madler/pigz/commit/907ca0763be4547a9b0cce8c105721748814974

pigz.c:
@@ -1333,7 +1333,7 @@ local long zlib_vernum(void) {
}
ver++;
} while (left);
-   return left < 2 ? num << (left << 2) : -1;
+   return left < 3 ? num << (left << 2) : -1;
 }

 // -- check value combination routines for parallel calculation --


The new state can already be seen in
  https://sources.debian.org/src/pigz/2.8-1/pigz.c/#L1339
The old state is in
  https://sources.debian.org/src/pigz/2.6-1/pigz.c/#L1317
But there the "// -- check ..." comment is missing in favor of a line
  #ifndef NOTHREAD
So a patch proposal would need some minor hand work.


There remains the question, though, why you run into zlib-1.3 on a
Debian "stable" system where the zlib version is "1:1.2.13.dfsg-1":
  https://tracker.debian.org/pkg/zlib


Have a nice day :)

Thomas

Re: How to file a Debian bug report? was: Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Michael Kjörling]

On 2 Apr 2024 10:27 +0200, from jch...@student.ethz.ch (Jonathan Chung):
> Can someone help me to file a bug report?

https://www.debian.org/Bugs/Reporting

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Debian 12.5: pigz 2.6-1 fails with error message (Upstream issue 111)

[Jonathan Chung]

Dear sir or madam,

I'm new with Debian bug reporting and thus need some help with that.
pigz 2.6-1 on Debian 12.5 fails to execute due to a fixed bug on
upstream https://github.com/madler/pigz/issues/111

Installing the version from sid resolves the issue which is clearly not
optimal. I think the fix should be backported.

Can someone help me to file a bug report?

Re: 404 Not Found Error Problem

[Stephen P. Molnar]

On 03/06/2024 09:09 AM, Greg Wooledge wrote:

On Wed, Mar 06, 2024 at 08:21:11AM -0500, Stephen P. Molnar wrote:

Not Found

The requested URL was not found on this server.
Apache/2.4.57 (Debian) Server at abnormal.att.net Port 80

I've installed WebMO a number of times and have not encountered this
particular problem before.

Are you "abnormal.att.net"?  Or at least pretending to be that host
in your error messages?

Or is your web browser going to that host, when you expected it to go
to localhost or something?

When I went to abnormal.att.net there was an index.html in /var/www/html 
that opened with the message that the installation was correct and that 
the index.hml should be removed.


After I deleted the file WebMO opened!

Problem solved.

Many thanks for your reply.

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

Re: 404 Not Found Error Problem

[Greg Wooledge]

On Wed, Mar 06, 2024 at 08:21:11AM -0500, Stephen P. Molnar wrote:
> Not Found
> 
> The requested URL was not found on this server.
> Apache/2.4.57 (Debian) Server at abnormal.att.net Port 80
> 
> I've installed WebMO a number of times and have not encountered this
> particular problem before.

Are you "abnormal.att.net"?  Or at least pretending to be that host
in your error messages?

Or is your web browser going to that host, when you expected it to go
to localhost or something?

Re: 404 Not Found Error Problem

[Marco Moock]

Am 06.03.2024 schrieb "Stephen P. Molnar" :

> The requested URL was not found on this server.
> Apache/2.4.57 (Debian) Server at abnormal.att.net Port 80

Check the apache config.
What is the Webroot?

Is the file you are looking for available in the webroot?

404 Not Found Error Problem

[Stephen P. Molnar]

I am running a new installation of Bookworm and have encountered a 404 
Not Found error problem with WebMO (https://www.webmo.net):


Not Found

The requested URL was not found on this server.
Apache/2.4.57 (Debian) Server at abnormal.att.net Port 80

I've installed WebMO a number of times and have not encountered this 
particular problem before. There are complete installation instruction 
on the web page The installation process did not generate any warning or 
error messages. In fact a diagnose.html file is generated (attached) and 
shows no problems.


--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

<<< text/html; charset=UTF-8; name="diagnose.html": Unrecognized >>>

Re: “Secure Connection Failed” Error in Firefox

[Jeffrey Walton]

On Sun, Mar 3, 2024 at 2:02 PM Jeffrey Walton  wrote:
>
> On Sun, Mar 3, 2024 at 1:47 PM Marcelo Laia  wrote:
> >
> > Hello Debian users!
> >
> > When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox 
> > Android (on my smartphone), the site is accessed normally. However, when 
> > attempting to access this site on the desktop, Debian Firefox-ESR version 
> > 115.8.0esr (64-bit), the following error occurs:
> >
> > Secure Connection Failed
> > An error occurred during a connection to gontijoonibus.gontijo.com.br.
> > The page you are trying to view cannot be displayed because the 
> > authenticity of the received data could not be verified.
> > Please contact the website owners to inform them of this problem.
>
> According to OpenSSL and the default CA list on Ubuntu 22.04, the
> connection looks Ok. The problem appears to be more than a simple
> problem connecting.
>
> If I had to hazard a guess, I would start with the wildcard in the
> Common Name (CN) shown below. I know the CA/Browser Baseline
> Requirements changed recently, and CN is now a SHOULD NOT. Wildcards
> have been frowned upon but not forbidden. Maybe the browsers are
> moving against wildcards in the CN now.
>
> Note: tooling, like cURL, OpenSSL and Wget follow the IETF's Internet
> PKI (PKIX). Browsers follow the CA/Browsers Baseline Requirements (Web
> PKI). They mostly overlap, but they have a fair amount of differences
> once you accumulate some knowledge about them.
>
> And the IETF lawyers wrote a nasty letter to the W3C a couple of years
> ago because the W3C was publishing incompatible standards. See
> <https://www.ietf.org/media/documents/2023.01.26_Correspondence_IETF.pdf>.
> And from my observations, the CA/Browser Forums have been doing the
> same thing. So I would not be surprised if there's an incompatible
> change between PKIX and Web PKI.
>
> 
> $ echo -e 'GET / HTTP/1.1\r\n\r\n' | openssl s_client -connect
> gontijoonibus.gontijo.com.br:443 -servername
> gontijoonibus.gontijo.com.br
> CONNECTED(0003)
> depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
> verify return:1
> depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte
> TLS RSA CA G1
> verify return:1
> depth=0 CN = *.gontijo.com.br
> verify return:1
> ---
> Certificate chain
>  0 s:CN = *.gontijo.com.br
>i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA 
> G1
>a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
>v:NotBefore: May  9 00:00:00 2023 GMT; NotAfter: May  8 23:59:59 2024 GMT
>  1 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA 
> G1
>i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
>a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
>v:NotBefore: Nov  2 12:24:25 2017 GMT; NotAfter: Nov  2 12:24:25 2027 GMT
>  2 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
>i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
> Global Root G2
>a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
>v:NotBefore: Aug  1 12:00:00 2013 GMT; NotAfter: Jan 15 12:00:00 2038 GMT
> ---
> Server certificate
> -BEGIN CERTIFICATE-
> MIIGITCCBQmgAwIBAgIQB7Bs73IlM/884Dqb8/YZoTANBgkqhkiG9w0BAQsFADBe
> MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
> d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe
> Fw0yMzA1MDkwMDAwMDBaFw0yNDA1MDgyMzU5NTlaMBsxGTAXBgNVBAMMECouZ29u
> dGlqby5jb20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoYUM
> EjKsU7gHu5iZpkwZkwJGyMe1l5d1+YVUJLkB23vxGXxSRoYVOqhPR/sbvyue0FFA
> OwbKriu+XjXA/dCOC6hEX9UbvHK9i5YFaPbJIDkwZKuA3SltFSyJsuRNP7dpYEkY
> uxZ4pcLBtEAh9+im1g5l4ubrFDrxdr5Wvjne6viDyZ+40Alc+i1pirlymsD7k6tH
> 4bLaR+qopr6YqufzOkWlcodNbCnQ3TF1ZOVppwJDYvWaROQ8WcUC5c3v4TDYcXrq
> YasWMtN2GL+UwQL4Gc/q9slkpG1ML8lX50CwxhGAngjz8PdNq9ql+kHa9XfTx+5G
> DYrshriHimk9POppAgMBAAGjggMcMIIDGDAfBgNVHSMEGDAWgBSljP4yzOsPLNQZ
> xgi4ACSIXcPFtzAdBgNVHQ4EFgQUOgqjT5nVOc1VYZ8vm/Y80TI7UIEwKwYDVR0R
> BCQwIoIQKi5nb250aWpvLmNvbS5icoIOZ29udGlqby5jb20uYnIwDgYDVR0PAQH/
> BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
> MDCgLqAshipodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5j
> cmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3
> dy5kaWdpY2VydC5jb20vQ1BTMHAGCCsGAQUFBwEBBGQwYjAkBggrBgEFBQcwAYYY
> aHR0cDovL3N0YXR1cy50aGF3dGUuY29tMDoGCCsGAQUFBzAChi5odHRwOi8vY2Fj
> ZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAw
> ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8
> vOzew1FIWUZxH7WbAAABi

Re: “Secure Connection Failed” Error in Firefox

[Jeffrey Walton]

On Sun, Mar 3, 2024 at 1:47 PM Marcelo Laia  wrote:
>
> Hello Debian users!
>
> When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox 
> Android (on my smartphone), the site is accessed normally. However, when 
> attempting to access this site on the desktop, Debian Firefox-ESR version 
> 115.8.0esr (64-bit), the following error occurs:
>
> Secure Connection Failed
> An error occurred during a connection to gontijoonibus.gontijo.com.br.
> The page you are trying to view cannot be displayed because the authenticity 
> of the received data could not be verified.
> Please contact the website owners to inform them of this problem.

According to OpenSSL and the default CA list on Ubuntu 22.04, the
connection looks Ok. The problem appears to be more than a simple
problem connecting.

If I had to hazard a guess, I would start with the wildcard in the
Common Name (CN) shown below. I know the CA/Browser Baseline
Requirements changed recently, and CN is now a SHOULD NOT. Wildcards
have been frowned upon but not forbidden. Maybe the browsers are
moving against wildcards in the CN now.

Note: tooling, like cURL, OpenSSL and Wget follow the IETF's Internet
PKI (PKIX). Browsers follow the CA/Browsers Baseline Requirements (Web
PKI). They mostly overlap, but they have a fair amount of differences
once you accumulate some knowledge about them.

And the IETF lawyers wrote a nasty letter to the W3C a couple of years
ago because the W3C was publishing incompatible standards. See
<https://www.ietf.org/media/documents/2023.01.26_Correspondence_IETF.pdf>.
And from my observations, the CA/Browser Forums have been doing the
same thing. So I would not be surprised if there's an incompatible
change between PKIX and Web PKI.


$ echo -e 'GET / HTTP/1.1\r\n\r\n' | openssl s_client -connect
gontijoonibus.gontijo.com.br:443 -servername
gontijoonibus.gontijo.com.br
CONNECTED(0003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root G2
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte
TLS RSA CA G1
verify return:1
depth=0 CN = *.gontijo.com.br
verify return:1
---
Certificate chain
 0 s:CN = *.gontijo.com.br
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA G1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: May  9 00:00:00 2023 GMT; NotAfter: May  8 23:59:59 2024 GMT
 1 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte TLS RSA CA G1
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root G2
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Nov  2 12:24:25 2017 GMT; NotAfter: Nov  2 12:24:25 2027 GMT
 2 s:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root G2
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root G2
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Aug  1 12:00:00 2013 GMT; NotAfter: Jan 15 12:00:00 2038 GMT
---
Server certificate
-BEGIN CERTIFICATE-
MIIGITCCBQmgAwIBAgIQB7Bs73IlM/884Dqb8/YZoTANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe
Fw0yMzA1MDkwMDAwMDBaFw0yNDA1MDgyMzU5NTlaMBsxGTAXBgNVBAMMECouZ29u
dGlqby5jb20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoYUM
EjKsU7gHu5iZpkwZkwJGyMe1l5d1+YVUJLkB23vxGXxSRoYVOqhPR/sbvyue0FFA
OwbKriu+XjXA/dCOC6hEX9UbvHK9i5YFaPbJIDkwZKuA3SltFSyJsuRNP7dpYEkY
uxZ4pcLBtEAh9+im1g5l4ubrFDrxdr5Wvjne6viDyZ+40Alc+i1pirlymsD7k6tH
4bLaR+qopr6YqufzOkWlcodNbCnQ3TF1ZOVppwJDYvWaROQ8WcUC5c3v4TDYcXrq
YasWMtN2GL+UwQL4Gc/q9slkpG1ML8lX50CwxhGAngjz8PdNq9ql+kHa9XfTx+5G
DYrshriHimk9POppAgMBAAGjggMcMIIDGDAfBgNVHSMEGDAWgBSljP4yzOsPLNQZ
xgi4ACSIXcPFtzAdBgNVHQ4EFgQUOgqjT5nVOc1VYZ8vm/Y80TI7UIEwKwYDVR0R
BCQwIoIQKi5nb250aWpvLmNvbS5icoIOZ29udGlqby5jb20uYnIwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
MDCgLqAshipodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5j
cmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3
dy5kaWdpY2VydC5jb20vQ1BTMHAGCCsGAQUFBwEBBGQwYjAkBggrBgEFBQcwAYYY
aHR0cDovL3N0YXR1cy50aGF3dGUuY29tMDoGCCsGAQUFBzAChi5odHRwOi8vY2Fj
ZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAw
ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8
vOzew1FIWUZxH7WbAAABiABkUyYAAAQDAEcwRQIgfzcKflXhHpmu5GHg8S048cs8
vpP1gxpdWDsSoIW7iBICIQDMDeAMb6rf8XcdLAxVXeScb4DE6WI73WrxLuhijv7O
+gB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABiABkUyUAAAQD
AEcwRQIgP46qqZOnzi6Zp+F30GBTHY5LpCR9uL55MFTS+XnRsv0CIQDTC52xy9Gl
xzzDqltvAGVq10MgnLY9rIvZMccRsEVgEAB2ANq2v2s/tbYin5vCu1xr6HCRcWy7
UYSFNL2kPTBI1/urAAABiABkUvIAAAQDAEcwRQIgAtm8xShzPd6lmxA4dGyZzQKa
U6fmBbCDIkyqNnKgOtoCIQCx5g1X5GBvuqkBlQHIYeWQ4UB1tNEtYYN/z3D293Lf
LTANBgkqhkiG9w0BAQsFAAOCAQEARpS7/BX4uVMvOMGfTo92uZNMozhWJzE+5o+k
ARsyf8FPmTNjHs+Z6A+DWTQ/4AAJ+cRv9LJzHpXw4X/o3u6VF5+rma20q7eL

Re: “Secure Connection Failed” Error in Firefox

[Dan Ritter]

Marcelo Laia wrote: 
> Hello Debian users!
> 
> When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox 
> Android (on my smartphone), the site is accessed normally. However, when 
> attempting to access this site on the desktop, Debian Firefox-ESR version 
> 115.8.0esr (64-bit), the following error occurs:
>

https://www.ssllabs.com/ssltest/analyze.html?d=gontijoonibus.gontijo.com.br

shows that there are several IP addresses that could be serving
this, but only 206.41.74.19 seems to be responsive.

And then it doesn't serve any content.

I would say that there are deep problems going on, which have
nothing to do with the client and everything to do with the
server.

-dsr-

Re: “Secure Connection Failed” Error in Firefox

[Brad Rogers]

On Sun, 3 Mar 2024 12:26:20 -0300
Marcelo Laia  wrote:

Hello Marcelo,

>website https://gontijoonibus.gontijo.com.br/ on 

I get the same results as Greg - in several browsers.

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
I hope I live to relive the days gone by
Old Before I Die - Robbie Williams


pgpuwr_glqCXn.pgp
Description: OpenPGP digital signature

Re: “Secure Connection Failed” Error in Firefox

[Greg Wooledge]

On Sun, Mar 03, 2024 at 12:26:20PM -0300, Marcelo Laia wrote:
> When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox 
> Android (on my smartphone), the site is accessed normally. However, when 
> attempting to access this site on the desktop, Debian Firefox-ESR version 
> 115.8.0esr (64-bit), the following error occurs:
> 
> 
> Secure Connection Failed
> An error occurred during a connection to gontijoonibus.gontijo.com.br.
> The page you are trying to view cannot be displayed because the authenticity 
> of the received data could not be verified.
> Please contact the website owners to inform them of this problem.
> 
> Learn more…

For the record, Google Chrome gives:

This site can’t be reached

The webpage at https://gontijoonibus.gontijo.com.br/ might be temporarily
down or it may have moved permanently to a new web address.

ERR_HTTP2_PROTOCOL_ERROR

“Secure Connection Failed” Error in Firefox

[Marcelo Laia]

Hello Debian users!

When accessing the website https://gontijoonibus.gontijo.com.br/ on Firefox 
Android (on my smartphone), the site is accessed normally. However, when 
attempting to access this site on the desktop, Debian Firefox-ESR version 
115.8.0esr (64-bit), the following error occurs:


Secure Connection Failed
An error occurred during a connection to gontijoonibus.gontijo.com.br.
The page you are trying to view cannot be displayed because the authenticity of 
the received data could not be verified.
Please contact the website owners to inform them of this problem.

Learn more…


I have already changed the minimum accepted TLS protocol value from 3 to 1 in 
about:config, but this did not resolve the issue.

I have also deleted the ~/.mozilla folder and it was recreated, but without 
success.

How can I solve this problem?

Thank you so much!

--
Marcelo

Re: Error: Failed to start Apache2 service on boot

[Dan Ritter]

Stephen P. Molnar wrote: 
> 
> 
> On 03/01/2024 11:08 AM, Markus Schönhaber wrote:
> > 
> > [1] Look at /etc/apache2/mods-enabled/userdir.conf line 11
> > there you should see something like
> > [2] "ExecCG" which probably should read "ExecCGI" instead.
> > 
> That was the problem. Many thanks.

If you install etckeeper on this machine, you can check in
snapshots of every configuration change you make and the
packaging system makes, and then see precisely what changed and
when.

$ sudo apt install etckeeper

before each change:

$ sudo etckeeper commit [optional message to yourself]

when there's a problem:

$ sudo etckeeper vcs diff
will show you the difference between what you have now and what
you last stored


You can actually do just about anything you need to do on a
single user system with those two commands, but you have the
whole power of git available as well.

-dsr-

Re: Error: Failed to start Apache2 service on boot

[Stephen P. Molnar]

On 03/01/2024 11:08 AM, Markus Schönhaber wrote:

01.03.24, 16:36 +0100, Stephen P. Molnar:


I am running up to date Bookworm and get the 'Failed to start Apache2
service on boot' error message.

I searched Google and found
https://forums.debian.net/voew.top9c,php?t=14419s which didn't solve the
problem.

I then tried sudo systemctl status apache2.service resulting in:

× apache2.service - The Apache HTTP Server
  Loaded: loaded (/lib/systemd/system/apache2.service; enabled;
preset: enabled)
  Active: failed (Result: exit-code) since Fri 2024-03-01 10:14:07
EST; 20min ago
    Docs: https://httpd.apache.org/docs/2.4/
     Process: 4474 ExecStart=/usr/sbin/apachectl start (code=exited,
status=1/FAILURE)
     CPU: 41ms

Mar 01 10:14:07 AbNormal systemd[1]: Starting apache2.service - The
Apache HTTP Server...
Mar 01 10:14:07 AbNormal apachectl[4477]: AH00526: Syntax error on line
11 of /etc/apache2/mods-enabled/userdir.conf:

[1] ^^


Mar 01 10:14:07 AbNormal apachectl[4477]: Illegal option ExecCG

[2] ^^


Mar 01 10:14:07 AbNormal apachectl[4474]: Action 'start' failed.
Mar 01 10:14:07 AbNormal apachectl[4474]: The Apache error log may have
more information.
Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Control process
exited, code=exited, status=1/FAILURE
Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Failed with result
'exit-code'.
Mar 01 10:14:07 AbNormal systemd[1]: Failed to start apache2.service -
The Apache HTTP Server.

Unfortunately, I am not conversant in ancient Greek and wold very
appreciative of assistance.

Hm, to me it seems that the problem description in the log is written in
pretty plain English:

[1] Look at /etc/apache2/mods-enabled/userdir.conf line 11
there you should see something like
[2] "ExecCG" which probably should read "ExecCGI" instead.


That was the problem. Many thanks.

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

Re: Error: Failed to start Apache2 service on boot

[Markus Schönhaber]

01.03.24, 16:36 +0100, Stephen P. Molnar:

> I am running up to date Bookworm and get the 'Failed to start Apache2
> service on boot' error message.
> 
> I searched Google and found
> https://forums.debian.net/voew.top9c,php?t=14419s which didn't solve the
> problem.
> 
> I then tried sudo systemctl status apache2.service resulting in:
> 
> × apache2.service - The Apache HTTP Server
>  Loaded: loaded (/lib/systemd/system/apache2.service; enabled;
> preset: enabled)
>  Active: failed (Result: exit-code) since Fri 2024-03-01 10:14:07
> EST; 20min ago
>    Docs: https://httpd.apache.org/docs/2.4/
>     Process: 4474 ExecStart=/usr/sbin/apachectl start (code=exited,
> status=1/FAILURE)
>     CPU: 41ms
> 
> Mar 01 10:14:07 AbNormal systemd[1]: Starting apache2.service - The
> Apache HTTP Server...

> Mar 01 10:14:07 AbNormal apachectl[4477]: AH00526: Syntax error on line
> 11 of /etc/apache2/mods-enabled/userdir.conf:
[1] ^^

> Mar 01 10:14:07 AbNormal apachectl[4477]: Illegal option ExecCG
[2] ^^

> Mar 01 10:14:07 AbNormal apachectl[4474]: Action 'start' failed.
> Mar 01 10:14:07 AbNormal apachectl[4474]: The Apache error log may have
> more information.
> Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Control process
> exited, code=exited, status=1/FAILURE
> Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Failed with result
> 'exit-code'.
> Mar 01 10:14:07 AbNormal systemd[1]: Failed to start apache2.service -
> The Apache HTTP Server.
> 
> Unfortunately, I am not conversant in ancient Greek and wold very
> appreciative of assistance.
Hm, to me it seems that the problem description in the log is written in
pretty plain English:

[1] Look at /etc/apache2/mods-enabled/userdir.conf line 11
there you should see something like
[2] "ExecCG" which probably should read "ExecCGI" instead.

-- 
Regards
  mks

Error: Failed to start Apache2 service on boot

[Stephen P. Molnar]

I am running up to date Bookworm and get the 'Failed to start Apache2 
service on boot' error message.


I searched Google and found 
https://forums.debian.net/voew.top9c,php?t=14419s which didn't solve the 
problem.


I then tried sudo systemctl status apache2.service resulting in:

× apache2.service - The Apache HTTP Server
 Loaded: loaded (/lib/systemd/system/apache2.service; enabled; 
preset: enabled)
 Active: failed (Result: exit-code) since Fri 2024-03-01 10:14:07 
EST; 20min ago

   Docs: https://httpd.apache.org/docs/2.4/
    Process: 4474 ExecStart=/usr/sbin/apachectl start (code=exited, 
status=1/FAILURE)

    CPU: 41ms

Mar 01 10:14:07 AbNormal systemd[1]: Starting apache2.service - The 
Apache HTTP Server...
Mar 01 10:14:07 AbNormal apachectl[4477]: AH00526: Syntax error on line 
11 of /etc/apache2/mods-enabled/userdir.conf:

Mar 01 10:14:07 AbNormal apachectl[4477]: Illegal option ExecCG
Mar 01 10:14:07 AbNormal apachectl[4474]: Action 'start' failed.
Mar 01 10:14:07 AbNormal apachectl[4474]: The Apache error log may have 
more information.
Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Control process 
exited, code=exited, status=1/FAILURE
Mar 01 10:14:07 AbNormal systemd[1]: apache2.service: Failed with result 
'exit-code'.
Mar 01 10:14:07 AbNormal systemd[1]: Failed to start apache2.service - 
The Apache HTTP Server.


Unfortunately, I am not conversant in ancient Greek and wold very 
appreciative of assistance.


Thanks in advance.

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

timeshift error

[Gary L. Roach]

Hi all

I keep getting the following error when trying to use "timeshift 1". Ive 
tried reloading the software  but still get the same error.


** (process:4286): CRITICAL**: 12:39:19.897: 
gee_abstract_collection_get_size: ass

ertion 'self != NULL' failed
App config saved: /etc/timeshift/timeshift.json

I have used timeshift for some time with no problems. This error just 
started recently. Timeshift run with no argument works fine.


Any help will be appreciated.

Gary R

Re: 'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"

[Emanuel Berg]

>> In general, the first thing you should try is running
>> sensors-detect again, as root.
>
> Okay, I did that ('sudo sensors-detect') and answered with the
> default value to all questions, after that I did 'sensors -j'
> but it displayed the same error.
>
>> It is possible that your kernel is not loading some
>> particular sensor module which would be recommended by
>> sensors-detect.
>
> So I should reboot? Let's do that.

I rebooted but same :(

-- 
underground experts united
https://dataswamp.org/~incal

Re: 'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"

[Emanuel Berg]

Dan Ritter wrote:

> In general, the first thing you should try is running
> sensors-detect again, as root.

Okay, I did that ('sudo sensors-detect') and answered with the
default value to all questions, after that I did 'sensors -j'
but it displayed the same error.

> It is possible that your kernel is not loading some
> particular sensor module which would be recommended by
> sensors-detect.

So I should reboot? Let's do that.

-- 
underground experts united
https://dataswamp.org/~incal

Re: 'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"

[Dan Ritter]

Emanuel Berg wrote: 
> sensors(1) and in particular the command 'sensors -j' now
> reports
> 
>   ERROR: Can't get value of subfeature in0_input: Can't read
>   ERROR: Can't get value of subfeature in1_input: Can't read
> 
> for the CPU and GPU temperatures.
> 
> This previously worked so I don't know why it doesn't all of
> a sudden. Some sysfs driver issue? Or hardware
> malfunction? Unlikely?

In general, the first thing you should try is running
sensors-detect again, as root.

It is possible that your kernel is not loading some particular
sensor module which would be recommended by sensors-detect.

Depending on the hardware, there can also be BIOS or equivalent
features which turn on or off various sensors.

-dsr-

'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"

[Emanuel Berg]

sensors(1) and in particular the command 'sensors -j' now
reports

  ERROR: Can't get value of subfeature in0_input: Can't read
  ERROR: Can't get value of subfeature in1_input: Can't read

for the CPU and GPU temperatures.

This previously worked so I don't know why it doesn't all of
a sudden. Some sysfs driver issue? Or hardware
malfunction? Unlikely?

Don't really know what "I changed" for this to happen, since
I didn't use the command for some time and possibly quite
a few things might have happened since then. But I remember
well that it worked at some point.

Here is what strace says:

  https://dataswamp.org/~incal/error/sensors-j.txt

TIA

-- 
underground experts united
https://dataswamp.org/~incal

Re: Determining which file is at a given LBA offset; was: HDD error: Current_Pending_Sector

[Andy Smith]

Hi,

On Tue, Feb 20, 2024 at 07:53:38PM -0500, Default User wrote:
> Note: I occurs to me that another idea would be to simply delete all
> files from the "bad" drive, then rsync everything fresh from the "good"
> drive back onto the "bad" drive.  

You can do it in one step with rsync --delete … which will delete
anything that doesn't exist on the source.

> IIUC, that would the cause the "bad" sector to be retired, and replaced
> by a "good" sector. 

Yes, a lot of the time a new write is successful and when it's not
it will be remapped. As long as the remapped sector count doesn't
keep going up I'd be fairly comfortable in continuing to use the
drive (assuming backups exist) s while longer.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Determining which file is at a given LBA offset; was: HDD error: Current_Pending_Sector

[Default User]

On Tue, 2024-02-20 at 21:36 +, Michael Kjörling wrote:
> On 20 Feb 2024 12:51 -0500, from hunguponcont...@gmail.com (Default
> User):
> > But since the sector already can not be read, How can it be re-
> > written
> > to a "good" sector?
> 
> Generally, it can't. It will be remapped if necessary when something
> else is written to that sector.
> 
> 
> > If I knew which file (if any) is using the bad sector, I could try
> > just
> > deleting that file from the "bad" drive, then copy the same file
> > over
> > from the "Good" drive, at which time the bad sector "should" be
> > retired, and replaced by a good sector.
> 
> Assuming ext[234]fs, it looks like you can use tune2fs, udisks and
> debugfs to determine the pathname to the file at a given LBA offset.
> See
> http://www.randomnoun.com/wp/2013/09/12/determining-the-file-at-a-specific-vmdk-offset/
> 



Hi, Michael!

I forgot to say that the filesystem of the "bad" drive is a single
partition, formatted as ext4. And the sector and block sizes both seem
to be 512b.

Per sudo fdisk -l /dev/sdb:


Disk /dev/sdb: 3.64 TiB, 4000752599040 bytes, 7813969920 sectors
Disk model: My Passport 2627
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: ----

Device StartEndSectors  Size Type
/dev/sdb1   2048 7813967871 7813965824  3.6T Linux filesystem
-

Regarding: 
>. . . it looks like you can use tune2fs, udisks and
>debugfs to determine the pathname to the file at a given LBA offset.
>See 
>http://www.randomnoun.com/wp/2013/09/12/determining-the-file-at-a-specific-vmdk-offset/
>that could be a little above my current level of competence. But I
>will try to read up on it.

Note: I occurs to me that another idea would be to simply delete all
files from the "bad" drive, then rsync everything fresh from the "good"
drive back onto the "bad" drive.  

IIUC, that would the cause the "bad" sector to be retired, and replaced
by a "good" sector. 

That might be easier than everything else mentioned so far. 

Re: HDD error: Current_Pending_Sector

[David]

On Tue, 20 Feb 2024 at 17:51, Default User  wrote:
>
> Hi guys!

Hi to all readers,

> Now it "works", BUT . . .  I ran:
>
> sudo smartctl --test=long /dev/sdb on it,
>
> and it reports a Current_Pending_Sector error, at LBA 325904690.

[...]

> According to sudo smartctl --test=long /dev/sdb,
> there is one Current_Pending_Sector error.
>
> I have done some research online, which seems to say that the error
> will remain until there is an an attempt to write to the bad sector
> (block).  Then it will be "re-mapped", and presumably taken out of
> service.
>
> But since the sector already can not be read, How can it be re-written
> to a "good" sector?
>
> If I knew which file (if any) is using the bad sector, I could try just
> deleting that file from the "bad" drive, then copy the same file over
> from the "Good" drive, at which time the bad sector "should" be
> retired, and replaced by a good sector.
>
> Or, as a more "brute force" solution, I could either simply format the
> bad drive, or do:

[...]

> Any suggestions?

Maybe this document will guide you to a preferred solution:
  https://www.smartmontools.org/wiki/BadBlockHowto

Re: Determining which file is at a given LBA offset; was: HDD error: Current_Pending_Sector

[Michael Kjörling]

On 20 Feb 2024 12:51 -0500, from hunguponcont...@gmail.com (Default User):
> But since the sector already can not be read, How can it be re-written
> to a "good" sector?

Generally, it can't. It will be remapped if necessary when something
else is written to that sector.


> If I knew which file (if any) is using the bad sector, I could try just
> deleting that file from the "bad" drive, then copy the same file over
> from the "Good" drive, at which time the bad sector "should" be
> retired, and replaced by a good sector.

Assuming ext[234]fs, it looks like you can use tune2fs, udisks and
debugfs to determine the pathname to the file at a given LBA offset.
See 
http://www.randomnoun.com/wp/2013/09/12/determining-the-file-at-a-specific-vmdk-offset/

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: HDD error: Current_Pending_Sector

[David Christensen]

On 2/20/24 09:51, Default User wrote:

Hi guys!

I am running Debian 12 Stable, up to date, on a low-spec Dell Inspiron
15 3000 Model 3511. Firmware is also up to date.

I have a 4 Gb Western Digital external usb SATA HDD, Model WDC
WD40NDZW-11A8JS1.  It has only one partition, formatted as ext4. The
filesystem is labeled MSD00012.

Every night, I use rsync to copy all contents of a (theoretically)
identical drive, which has filesystem label MSD00014, to the drive with
MSD00012.

Two nights ago, I could not do the copy correctly.  Apparently, as a
safety measure, MSD00012 was automatically re-mounted as read only, due
to a filesystem error.

I used the gnome-disks utility to unmount and then remount it. It was
remounted as read-write.

Now it "works", BUT . . .  I ran:

sudo smartctl --test=long /dev/sdb on it,

and it reports a Current_Pending_Sector error, at LBA 325904690.


From sudo smartctl --all /dev/sdb > backup_drive_b_test.txt:




smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.1.0-18-amd64] (local
build)
Copyright (C) 2002-22, Bruce Allen, Christian Franke,
www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family: Western Digital Elements / My Passport (USB, AF)
Device Model: WDC WD40NDZW-11A8JS1
Serial Number:WD-
LU WWN Device Id: 5 0014ee 269112168
Firmware Version: 01.01A01
User Capacity:4,000,753,475,584 bytes [4.00 TB]
Sector Sizes: 512 bytes logical, 4096 bytes physical
Rotation Rate:5400 rpm
Form Factor:  2.5 inches
TRIM Command: Available, deterministic
Device is:In smartctl database 7.3/5319
ATA Version is:   ACS-3 T13/2161-D revision 5
SATA Version is:  SATA 3.1, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:Tue Feb 20 11:32:04 2024 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x00) Offline data collection
activity
was never started.
Auto Offline Data Collection:
Disabled.
Self-test execution status:  ( 121) The previous self-test
completed having
the read element of the test
failed.
Total time to complete Offline
data collection:(12240) seconds.
Offline data collection
capabilities:(0x1b) SMART execute Offline
immediate.
Auto Offline data collection
on/off support.
Suspend Offline collection
upon new
command.
Offline surface scan
supported.
Self-test supported.
No Conveyance Self-test
supported.
No Selective Self-test
supported.
SMART capabilities:(0x0003) Saves SMART data before
entering
power-saving mode.
Supports SMART auto save
timer.
Error logging capability:    (0x01) Error logging supported.
General Purpose Logging
supported.
Short self-test routine
recommended polling time:(   2) minutes.
Extended self-test routine
recommended polling time:(  24) minutes.
SCT capabilities:  (0x30b5) SCT Status supported.
SCT Feature Control supported.
SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME  FLAG VALUE WORST THRESH TYPE
UPDATED  WHEN_FAILED RAW_VALUE
   1 Raw_Read_Error_Rate 0x002f   200   198   051Pre-fail
Always   -   41
   3 Spin_Up_Time0x0027   253   253   021Pre-fail
Always   -   4741
   4 Start_Stop_Count0x0032   099   099   000Old_age
Always   -   1175
   5 Reallocated_Sector_Ct   0x0033   200   200   140Pre-fail
Always   -   0
   7 Seek_Error_Rate 0x002e   200   200   000Old_age
Always   -   0
   9 Power_On_Hours  0x0032   099   099   000Old_age
Always   -   1311
  10 Spin_Retry_Count0x0032   100   100   000Old_age
Always   -   0
  11 Calibration_Retry_Count 0x0032   100   100   000Old_age
Always   -   0
  12 Power_Cycle_Count   0x0032   100   100   000Old_age
Always   -   693
192 Power-Off_Retract_Count 0x0032   200   200   000Old_age
Always   -   23
193 Load_Cycle_Count0x0032   199   199   000Old_age
Always   -   3045
194 Temperature_Celsius 0x0022   114   102   0

HDD error: Current_Pending_Sector

[Default User]

Hi guys! 

I am running Debian 12 Stable, up to date, on a low-spec Dell Inspiron
15 3000 Model 3511. Firmware is also up to date.

I have a 4 Gb Western Digital external usb SATA HDD, Model WDC
WD40NDZW-11A8JS1.  It has only one partition, formatted as ext4. The
filesystem is labeled MSD00012. 

Every night, I use rsync to copy all contents of a (theoretically)
identical drive, which has filesystem label MSD00014, to the drive with
MSD00012. 

Two nights ago, I could not do the copy correctly.  Apparently, as a
safety measure, MSD00012 was automatically re-mounted as read only, due
to a filesystem error.  

I used the gnome-disks utility to unmount and then remount it. It was
remounted as read-write. 

Now it "works", BUT . . .  I ran: 

sudo smartctl --test=long /dev/sdb on it, 

and it reports a Current_Pending_Sector error, at LBA 325904690. 

>From sudo smartctl --all /dev/sdb > backup_drive_b_test.txt:



smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.1.0-18-amd64] (local
build)
Copyright (C) 2002-22, Bruce Allen, Christian Franke,
www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family: Western Digital Elements / My Passport (USB, AF)
Device Model: WDC WD40NDZW-11A8JS1
Serial Number:WD-
LU WWN Device Id: 5 0014ee 269112168
Firmware Version: 01.01A01
User Capacity:4,000,753,475,584 bytes [4.00 TB]
Sector Sizes: 512 bytes logical, 4096 bytes physical
Rotation Rate:5400 rpm
Form Factor:  2.5 inches
TRIM Command: Available, deterministic
Device is:In smartctl database 7.3/5319
ATA Version is:   ACS-3 T13/2161-D revision 5
SATA Version is:  SATA 3.1, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:Tue Feb 20 11:32:04 2024 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x00) Offline data collection
activity
was never started.
Auto Offline Data Collection:
Disabled.
Self-test execution status:  ( 121) The previous self-test
completed having
the read element of the test
failed.
Total time to complete Offline 
data collection:(12240) seconds.
Offline data collection
capabilities:(0x1b) SMART execute Offline
immediate.
Auto Offline data collection
on/off support.
Suspend Offline collection
upon new
command.
Offline surface scan
supported.
Self-test supported.
No Conveyance Self-test
supported.
No Selective Self-test
supported.
SMART capabilities:(0x0003) Saves SMART data before
entering
power-saving mode.
Supports SMART auto save
timer.
Error logging capability:(0x01) Error logging supported.
General Purpose Logging
supported.
Short self-test routine 
recommended polling time:(   2) minutes.
Extended self-test routine
recommended polling time:(  24) minutes.
SCT capabilities:  (0x30b5) SCT Status supported.
SCT Feature Control supported.
SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME  FLAG VALUE WORST THRESH TYPE 
UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate 0x002f   200   198   051Pre-fail 
Always   -   41
  3 Spin_Up_Time0x0027   253   253   021Pre-fail 
Always   -   4741
  4 Start_Stop_Count0x0032   099   099   000Old_age  
Always   -   1175
  5 Reallocated_Sector_Ct   0x0033   200   200   140Pre-fail 
Always   -   0
  7 Seek_Error_Rate 0x002e   200   200   000Old_age  
Always   -   0
  9 Power_On_Hours  0x0032   099   099   000Old_age  
Always   -   1311
 10 Spin_Retry_Count0x0032   100   100   000Old_age  
Always   -   0
 11 Calibration_Retry_Count 0x0032   100   100   000Old_age  
Always   -   0
 12 Power_Cycle_Count   0x0032   100   100   000Old_age  
Always   -   693
192 Power-Off_Retract_Count 0x0032   200   200   000Old_age  
Always   -   23
193 Load_Cycle_Count0x0032   199   199   000Old_age  
Always   -   3045
194 Temperature_Celsius 0x0022   114   102   000

Re: grub-pc error when upgrading from buster to bullseye

[John Boxall]

On 2024-02-12 15:14, Greg Wooledge wrote:


According to

it uses debconf's database.  That page includes instructions for viewing
the device and changing it.



I had just started looking into the grub-pc package before I saw this. 
I'll be able to test this out sometime tomorrow.



I can't verify this on my machine, because mine uses UEFI.



Will advise. Thank you Greg!

--
Regards,

John Boxall

Re: grub-pc error when upgrading from buster to bullseye

[Greg Wooledge]

On Mon, Feb 12, 2024 at 09:04:01PM +0100, Thomas Schmitt wrote:
> Hi,
> 
> John Boxall wrote:
> > I am aware that the label and uuid (drive and partition) are replicated on
> > the cloned drive, but I can't find the model number (in text format) stored
> > anywhere on the drive.
> 
> Maybe the grub-pc package takes its configuration from a different drive
> which is attached to the system ?

According to

it uses debconf's database.  That page includes instructions for viewing
the device and changing it.

I can't verify this on my machine, because mine uses UEFI.

Re: grub-pc error when upgrading from buster to bullseye

[Thomas Schmitt]

Hi,

John Boxall wrote:
> I am aware that the label and uuid (drive and partition) are replicated on
> the cloned drive, but I can't find the model number (in text format) stored
> anywhere on the drive.

Maybe the grub-pc package takes its configuration from a different drive
which is attached to the system ?

Somewhat wayward idea:
Does the initrd contain the inappropirate address ?
(I don't see much connection between initrd and grub-pc. But initrd is a
classic hideout for obsolete paths after modification of boot procedures.)


Have a nice day :)

Thomas

Re: grub-pc error when upgrading from buster to bullseye

[John Boxall]

On 2024-02-12 09:34, Thomas Schmitt wrote:


The disk/by-id file names are made up from hardware properties.
I believe to see in the name at least: Manufacturer, Model, Serial Number.

So you will have to find the configuration file which knows that
/dev/disk/by-id address and change it either to the new hardware id or
to a /dev/disk/by-uuid address, which refers to the cloned disk content.


Have a nice day :)

Thomas



Thank you Thomas. That is what I am trying to find as I have searched 
for both the SSD drive model number and the WWN on the cloned HDD but 
can't find anything.


I am aware that the label and uuid (drive and partition) are replicated 
on the cloned drive, but I can't find the model number (in text format) 
stored anywhere on the drive.


I will keep looking.

--
Regards,

John Boxall

Re: grub-pc error when upgrading from buster to bullseye

[Thomas Schmitt]

Hi,

John Boxall wrote:
>   Setting up grub-pc (2.06-3~deb11u6) ...
>   /dev/disk/by-id/ata-WDC_WDS100T2B0A-00SM50_21185R801540 does not
> exist, so cannot grub-install to it!
> What is confusing to me is that the error indicates the source SDD even
> though I have updated the boot images and installed grub on the cloned HDD.

The disk/by-id file names are made up from hardware properties.
I believe to see in the name at least: Manufacturer, Model, Serial Number.

So you will have to find the configuration file which knows that
/dev/disk/by-id address and change it either to the new hardware id or
to a /dev/disk/by-uuid address, which refers to the cloned disk content.


Have a nice day :)

Thomas

grub-pc error when upgrading from buster to bullseye

[John Boxall]

I am attempting to upgrade my laptop (Thinkpad X230) from buster to 
bullseye and have run into the error below. In order to ensure that all 
goes well and not to lose all of the tweaks I have added over time, I am 
performing the upgrade first on a cloned HDD (via "dd") of the working SDD.


apt-get -y upgrade --without-new-pkgs

Setting up grub-pc (2.06-3~deb11u6) ...
/dev/disk/by-id/ata-WDC_WDS100T2B0A-00SM50_21185R801540 does not
  exist, so cannot grub-install to it!
You must correct your GRUB install devices before proceeding:

DEBIAN_FRONTEND=dialog dpkg --configure grub-pc
dpkg --configure -a
dpkg: error processing package grub-pc (--configure):
installed grub-pc package post-installation script subprocess
 returned error exit status 1


All of the latest updates for buster have been applied before starting 
the process (below).


apt-get update;apt-get -y upgrade;apt-get -y dist-upgrade;

#shutdown, boot Debian live

#clone working SSD drive to an HDD  

#boot cloned drive

#login and open terminal session

#su to root

update-initramfs -u -k all

grub-install --recheck /dev/sda

apt-get update;apt-get -y upgrade;apt-get -y dist-upgrade;

#modify /etc/apt/source.list to point to bullseye
#modify all /etc/apt/source.list.d/* files to point to bullseye

apt-get update;apt-get -y upgrade --without-new-pkgs;

Running the recommended dpkg commands brings up the dialog to install 
grub and does complete successfully so that I can then run

"apt-get -y dist-upgrade", which also runs successfully.

What is confusing to me is that the error indicates the source SDD even 
though I have updated the boot images and installed grub on the cloned HDD.


Is there some other configuration file that needs to be updated/removed 
so that the grub-pc install works without intervention?


Source system info:

user:~$ uname -a
Linux laptop 4.19.0-26-amd64 #1 SMP Debian 4.19.304-1 (2024-01-09) 
x86_64 GNU/Linux


user:~$ cat /etc/debian_version
10.13

user:~$ lscpu
Architecture:x86_64
CPU op-mode(s):  32-bit, 64-bit
Byte Order:  Little Endian
Address sizes:   36 bits physical, 48 bits virtual
CPU(s):  4
On-line CPU(s) list: 0-3
Thread(s) per core:  2
Core(s) per socket:  2
Socket(s):   1
NUMA node(s):1
Vendor ID:   GenuineIntel
CPU family:  6
Model:   58
Model name:  Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Stepping:9
CPU MHz: 1202.696
CPU max MHz: 3600.
CPU min MHz: 1200.
BogoMIPS:5786.44
Virtualization:  VT-x
L1d cache:   32K
L1i cache:   32K
L2 cache:256K
L3 cache:4096K
NUMA node0 CPU(s):   0-3
Flags:   fpu vme de pse tsc msr pae mce cx8 apic sep mtrr 
pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe 
syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl 
xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor 
ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic 
popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm cpuid_fault 
epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid 
fsgsbase smep erms xsaveopt dtherm ida arat pln pts md_clear flush_l1d



--
Regards,

John Boxall

Re: Debian 12.5 upgrade error

[piorunz]

On 12/02/2024 05:45, piorunz wrote:


Anyone affected should make sure to upgrade nvidia-kernel-dkms package
once new version become available.


Sorry, the package in question is nvidia-graphics-drivers, that's the 
one being fixed.


--
With kindest regards, Piotr.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
⠈⠳⣄

Re: Debian 12.5 upgrade error

[piorunz]

On 11/02/2024 12:48, Teemu Likonen wrote:

* 2024-02-11 14:13:51+0200, Alexis Grigoriou wrote:


  I have encountered an error upgrading to 12.5 from 12.4 regarding the
nvidia-driver and linux-image 6.1.0.18. The error is:


Very likely this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063656

Not your fault.


This bug number may be a duplicate of
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062932, which has
already been fixed and will be pushed to stable soon if not already.
Anyone affected should make sure to upgrade nvidia-kernel-dkms package
once new version become available.

--
With kindest regards, Piotr.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
⠈⠳⣄

Re: Debian 12.5 upgrade error

[piorunz]

On 11/02/2024 12:13, Alexis Grigoriou wrote:

  I have encountered an error upgrading to 12.5 from 12.4 regarding the
nvidia-driver and linux-image 6.1.0.18. The error is:

env NV_VERBOSE=1 make -j8 modules KERNEL_UNAME=6.1.0-18-
amd64(bad exit status: 2)

I get that error twice.
After the upgrade I get a non-bootable 6.1.0-18 image.
Doing some fiddling, I got a bootable 6.1.0-18 image but no GUI.

I removed linux-image and linux-headers 6.1.0.-18 an I now have
6.1.0.-17 working.

Has anyone else encounter this issue?



I think this is related to this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062932

It's already being fixed:
"We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP
archive."

--
With kindest regards, Piotr.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
⠈⠳⣄

Re: Debian 12.5 upgrade error

[황병희]

On Sun, 2024-02-11 at 19:14 +0200, Alexis Grigoriou wrote:
> On Sun, 2024-02-11 at 21:37 +0900, Byunghee HWANG (황병희) wrote:
> > Hellow Alexis,
> > 
> > 
> > What command did you type exactly?
> > 
> > In normal cases, i do like this:
> > 
> > 
> > sudo su -
> > apt update
> > apt upgrade
> > 
> > 
> I logged on as root on tty1
> /etc/init.d/lightdm stop
> apt update
> apt upgrade
> 
> I always do minor and major version updates on a tty with no GUI
> running.


Oh... you are better than me, then you would be good to follow
<87le7rw4j1@iki.fi>'s opinion... IMHO.


Sincerely, Byunghee

-- 
^고맙습니다 _布德天下_ 감사합니다_^))//


signature.asc
Description: This is a digitally signed message part

Re: Debian 12.5 upgrade error

[Alexis Grigoriou]

On Sun, 2024-02-11 at 21:37 +0900, Byunghee HWANG (황병희) wrote:
> Hellow Alexis,
> 
> 
> What command did you type exactly?
> 
> In normal cases, i do like this:
> 
> 
> sudo su -
> apt update
> apt upgrade
> 
> 
I logged on as root on tty1
/etc/init.d/lightdm stop
apt update
apt upgrade

I always do minor and major version updates on a tty with no GUI
running.

Re: Debian 12.5 upgrade error

[Teemu Likonen]

* 2024-02-11 14:13:51+0200, Alexis Grigoriou wrote:

>  I have encountered an error upgrading to 12.5 from 12.4 regarding the
> nvidia-driver and linux-image 6.1.0.18. The error is:

Very likely this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063656

Not your fault.

-- 
/// Teemu Likonen - .-.. https://www.iki.fi/tlikonen/
// OpenPGP: 6965F03973F0D4CA22B9410F0F2CAE0E07608462


signature.asc
Description: PGP signature

Re: Debian 12.5 upgrade error

[황병희]

Hellow Alexis,

On Sun, 2024-02-11 at 14:13 +0200, Alexis Grigoriou wrote:
>  I have encountered an error upgrading to 12.5 from 12.4 regarding
> the
> nvidia-driver and linux-image 6.1.0.18. The error is:
> 
> env NV_VERBOSE=1 make -j8 modules KERNEL_UNAME=6.1.0-18-
> amd64(bad exit status: 2)
> 
> I get that error twice.
> After the upgrade I get a non-bootable 6.1.0-18 image.
> Doing some fiddling, I got a bootable 6.1.0-18 image but no GUI.
> 
> I removed linux-image and linux-headers 6.1.0.-18 an I now have 
> 6.1.0.-17 working.
> 
> Has anyone else encounter this issue?

What command did you type exactly?

In normal cases, i do like this:


sudo su -
apt update
apt upgrade



Sincerely, Byunghee

-- 
^고맙습니다 _布德天下_ 감사합니다_^))//


signature.asc
Description: This is a digitally signed message part

Debian 12.5 upgrade error

[Alexis Grigoriou]

 I have encountered an error upgrading to 12.5 from 12.4 regarding the
nvidia-driver and linux-image 6.1.0.18. The error is:

env NV_VERBOSE=1 make -j8 modules KERNEL_UNAME=6.1.0-18-
amd64(bad exit status: 2)

I get that error twice.
After the upgrade I get a non-bootable 6.1.0-18 image.
Doing some fiddling, I got a bootable 6.1.0-18 image but no GUI.

I removed linux-image and linux-headers 6.1.0.-18 an I now have 
6.1.0.-17 working.

Has anyone else encounter this issue?

Re: please, help to get the image write done, due to an error. Thank you!

[Steve McIntyre]

Moving this to the debian-user list and setting reply-to accordingly...

On Fri, Feb 09, 2024 at 12:25:15PM +, guido mezzalana wrote:
>Hello
>
>First of all I wish to thank you all Debian's Team! To still enjoy a free OS:)
>
>I am running Ubuntu XFCE and I am using the Disk Image Write to get your lates
>Debian 12.4.1 XFCE on my USB. Unfortunately after a few try I get always an
>error and so I cannot get the job done. I do have a Lenovo X200 which comes
>without DVD writer.

Ummm. What image exactly are you trying to write, and how?

We don't have any images labelled with version 12.4.1. Where did you
get this image from?

What exact errors is the image writer program reporting? Without that
information it's very difficult to help you.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: SOLVED: Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Charles Curley]

On Wed, 24 Jan 2024 07:33:59 +
Tixy  wrote:

> On Tue, 2024-01-23 at 13:34 -0700, Charles Curley wrote:
>  [...]  
> 
> As you've already found out, that's not the latest one, and if I'm not
> mistaken is the one that introduce a wifi bug [1], so that could
> explain it getting stuck in the wifi stuff during shutdown.
> 
> You would probably be OK with the latest Debian 6.1 kernel if you
> don't explicitly want the 6.5 one from backports.
> 
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057969
> 

That does indeed sound like the problem I had. Thank you. I think I've
spent enough time on this issue, so I'll stick with the backported
kernel(s) until the next Debian is released (13). Or until something
else goes wrong.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: SOLVED: Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Tixy]

On Tue, 2024-01-23 at 13:34 -0700, Charles Curley wrote:
> I went to shut down the machine, and it got stuck trying to shut down
> wpa_supplicant and Network Manager. Ten minutes into the shutdown, I
> finally pulled the plug. A few reboots and shutdowns later, I decided
> to try another kernel. I had recently installed Bookworm from the 12.0
> netinst CD image, so I had the 12.0 kernel, linux-image-6.1.0-9-amd64,
> 6.1.27-1, as my fall-back kernel. I rebooted to that, and was able to
> shut down and boot in quick order.
> 
> So I purged the newer kernel, inux-image-6.1.0-15-amd64, leaving the
> older one in place.

As you've already found out, that's not the latest one, and if I'm not
mistaken is the one that introduce a wifi bug [1], so that could
explain it getting stuck in the wifi stuff during shutdown.

You would probably be OK with the latest Debian 6.1 kernel if you don't
explicitly want the 6.5 one from backports.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057969

-- 
Tixy

Re: SOLVED: Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Charles Curley]

On Wed, 24 Jan 2024 09:25:58 +0700
Max Nikulin  wrote:

> On 24/01/2024 03:34, Charles Curley wrote:
> > So I purged the newer kernel, inux-image-6.1.0-15-amd64  
> 
> The current kernel is linux-image-6.1.0-17-amd64
> 
> Perhaps you have not restored your sources.list or apt preferences
> after the accidents with kernel bugs. Check that nothing extra is
> added and nothing is missed in
> 
>  apt policy
> 

Good catch, thank you. I found the problem. sources.list had two src
lines commented out because the installer couldn't verify them. I have
rectified that problem.


-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: SOLVED: Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Max Nikulin]

On 24/01/2024 03:34, Charles Curley wrote:

So I purged the newer kernel, inux-image-6.1.0-15-amd64


The current kernel is linux-image-6.1.0-17-amd64

Perhaps you have not restored your sources.list or apt preferences after 
the accidents with kernel bugs. Check that nothing extra is added and 
nothing is missed in


apt policy

SOLVED: Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Charles Curley]

On Sat, 13 Jan 2024 10:19:48 -0700
Charles Curley  wrote:

> I have just installed Bookworm on my ancient Lenovo T520 (2011),
> replacing Bullseye. I suspect the problem is somewhere in the video
> driver chain. Any thoughts on how to proceed further with this?
> 
> Upon trying to run chromium, I get:
> 
> charles@jhegaala:~$ chromium &
> [2] 33609
> charles@jhegaala:~$ libva error:
> /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed
> 
> charles@jhegaala:~$

I seem to have solved this problem, entirely by accident.

I went to shut down the machine, and it got stuck trying to shut down
wpa_supplicant and Network Manager. Ten minutes into the shutdown, I
finally pulled the plug. A few reboots and shutdowns later, I decided
to try another kernel. I had recently installed Bookworm from the 12.0
netinst CD image, so I had the 12.0 kernel, linux-image-6.1.0-9-amd64,
6.1.27-1, as my fall-back kernel. I rebooted to that, and was able to
shut down and boot in quick order.

So I purged the newer kernel, inux-image-6.1.0-15-amd64, leaving the
older one in place. I then set up for bookworm backports, and installed
a kernel from backports, linux-image-6.5.0-0.deb12.4-amd64,
6.5.10-1~bpo12+1. Not only does than kernel give me snappy boot and
shutdown, but chromium runs, and show videos. I still get the libva
error message, but chromium runs anyway.

All of which leads me to suspect that the error message was a soviet
herring, as Max Nikulin  suggested elsewhere in
this thread.


-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Max Nikulin]

On 19/01/2024 04:08, Charles Curley wrote:

charles@jhegaala:~$ chromium chrome://gpu
libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed
^C
Killed
charles@jhegaala:~$

I did a killall -9 in another window to kill it.


Does it happen in the case of a new system user and a new chromium 
profile to ensure settings close to defaults?


Is it possible to create a new tab in the chromium window?

Re: NUT and Eaton UPS produce a lot of error messages

[Dan Ritter]

Stefan Schumacher wrote: 
> Hello
> 
> I recently bought a small UPS by Eaton in order to prevent my
> btrfs-fileserver (running Debian 12 Bookworm, which is also the source
> of my nut-installation) from shutting down abruptly while writing
> something important during a power loss. I have found very good
> documentation on how to set up the UPS and the services on the server
> connected to it. Unfortunately it's in German
> (https://techbotch.org/blog/ups-setup/index.html) which is not a
> problem for me but possibly for others trying to understand my set-up.

 
> The problem is the dozens of errors the systemctl status messages
> show. I bought the UPS to increase reliability and now I don't know if
> the service is working in case of an emergency. How can I fix this ?
> Should I try to contact the Package Maintainer? Are there alternatives
> I could use or is nut the gold standard?
> 
> ● nut-server.service - Network UPS Tools - power devices information server
> Loaded: loaded (/lib/systemd/system/nut-server.service; enabled;
> preset: enabled)
> Active: active (running) since Fri 2024-01-19 05:17:03 CET; 5s ago
> Main PID: 1303 (upsd)
> Tasks: 1 (limit: 38253)
> Memory: 640.0K
> CPU: 3ms
> CGroup: /system.slice/nut-server.service
> └─1303 /lib/nut/upsd -F
> Jan 19 05:17:03 servername nut-server[1303]: fopen /run/nut/upsd.pid:
> No such file or directory
> Jan 19 05:17:03 servername nut-server[1303]: Could not find PID file
> '/run/nut/upsd.pid' to see if previous upsd instance is already
> running!
> Jan 19 05:17:03 servername nut-server[1303]: listening on 127.0.0.1 port 3493
> Jan 19 05:17:03 servername nut-server[1303]: listening on ::1 port 3493
> Jan 19 05:17:03 servername upsd[1303]: listening on 127.0.0.1 port 3493
> Jan 19 05:17:03 servername upsd[1303]: listening on ::1 port 3493
> Jan 19 05:17:03 servername nut-server[1303]: Connected to UPS [Eaton]:
> usbhid-ups-Eaton
> Jan 19 05:17:03 servername upsd[1303]: Connected to UPS [Eaton]:
> usbhid-ups-Eaton
> Jan 19 05:17:03 servername upsd[1303]: Running as foreground process,
> not saving a PID file
> Jan 19 05:17:03 servername nut-server[1303]: Running as foreground
> process, not saving a PID file


So far, we aren't seeing any errors at all. This is just startup
logging.


> ● nut-monitor.service - Network UPS Tools - power device monitor and
> shutdown controller
> Loaded: loaded (/lib/systemd/system/nut-monitor.service; enabled;
> preset: enabled)
> Active: active (running) since Fri 2024-01-19 03:37:28 CET; 1h 41min ago
> Main PID: 847 (upsmon)
> Tasks: 2 (limit: 38253)
> Memory: 3.4M
> CPU: 338ms
> CGroup: /system.slice/nut-monitor.service
> ├─847 /lib/nut/upsmon -F
> └─849 /lib/nut/upsmon -F
> Jan 19 03:43:08 servername nut-monitor[849]: UPS Eaton@localhost on battery
> Jan 19 03:43:09 servername nut-monitor[916]: Network UPS Tools upsmon 2.8.0
> Jan 19 03:43:33 servername nut-monitor[849]: UPS Eaton@localhost on line power
> Jan 19 03:43:34 servername nut-monitor[920]: Network UPS Tools upsmon 2.8.0

The UPS decided to activate, then decided to go back to the
line. This might be a power fluctuation -- quite possibly an
undervoltage so brief that nothing else in the house noticed.


> Jan 19 05:17:04 servername nut-monitor[849]: Poll UPS
> [Eaton@localhost] failed - Write error: Broken pipe
> Jan 19 05:17:04 servername nut-monitor[849]: Communications with UPS
> Eaton@localhost lost
> Jan 19 05:17:04 servername nut-monitor[1305]: Network UPS Tools upsmon 2.8.0
> Jan 19 05:17:09 servername nut-monitor[849]: Login on UPS
> [Eaton@localhost] failed - got [ERR ACCESS-DENIED]
> Jan 19 05:17:14 servername nut-monitor[849]: Communications with UPS
> Eaton@localhost established
> Jan 19 05:17:14 servername nut-monitor[1312]: Network UPS Tools upsmon 2.8.0

That, however, is lost-and-regained communication with the UPS. It might be
a bad USB cable, a reset of the UPS's controller, a USB
controller issue... 

Does it happen repeatedly?

Does it ever not re-connect?

-dsr-

Re: Mariadb error

[Alexander V. Makartsev]

On 19.01.2024 13:46, Gift Rain wrote:

Good day,

I'm running Debian 11 and getting error "Failed to start MariaDB 
10.5.12 database server.


Your MySQL database server doesn't start for some reason. Is there 
anything helpful in the output?


   $ sudo journalctl --no-pager -x --unit mariadb.service

You can use Debian "pastebin" site [1] to send the output if it is long.

What happened before failure? Was it system crash? System upgrade 
attempt? Anything else?




My emails are not working. Another error on my logs is :

"warning:proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf 
<http://sender_bcc_maps_user.cf> lookup error for"


Postfix uses mysql database to lookup necessary information and since it 
is not running so does postfix.



[1] https://paste.debian.net/
--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Mariadb error

[Gift Rain]

Good day,

I'm running Debian 11 and getting error "Failed to start MariaDB 10.5.12
database server.

My emails are not working. Another error on my logs is :

"warning:proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf lookup
error for"

Please help,

Gift

NUT and Eaton UPS produce a lot of error messages

[Stefan Schumacher]

Hello

I recently bought a small UPS by Eaton in order to prevent my
btrfs-fileserver (running Debian 12 Bookworm, which is also the source
of my nut-installation) from shutting down abruptly while writing
something important during a power loss. I have found very good
documentation on how to set up the UPS and the services on the server
connected to it. Unfortunately it's in German
(https://techbotch.org/blog/ups-setup/index.html) which is not a
problem for me but possibly for others trying to understand my set-up.

I will now describe the steps I took and the configuration options I
set and then post the errors of nut-monitor and nut server. I hope
someone can help fix the underlying problem behind these error
messages.

lsusb shows the UPS:
Bus 001 Device 003: ID 0463: MGE UPS Systems UPS

So I made this changes to ups.conf
[Eaton]
driver = usbhid-ups
port = auto
vendorid = 0463
pollfreq = 30

In nut.conf I set mode=standalone.

And finally I added these lines to upsd.users:
[upsmon]
password = 
actions = SET
instcmds = ALL

I did a live test, plugged the cord and waited until the server shut
down at 20%. Worked fine.
Upsc also works - I can query my UPS for specific parameters or show them all.

The problem is the dozens of errors the systemctl status messages
show. I bought the UPS to increase reliability and now I don't know if
the service is working in case of an emergency. How can I fix this ?
Should I try to contact the Package Maintainer? Are there alternatives
I could use or is nut the gold standard?

● nut-server.service - Network UPS Tools - power devices information server
Loaded: loaded (/lib/systemd/system/nut-server.service; enabled;
preset: enabled)
Active: active (running) since Fri 2024-01-19 05:17:03 CET; 5s ago
Main PID: 1303 (upsd)
Tasks: 1 (limit: 38253)
Memory: 640.0K
CPU: 3ms
CGroup: /system.slice/nut-server.service
└─1303 /lib/nut/upsd -F
Jan 19 05:17:03 servername nut-server[1303]: fopen /run/nut/upsd.pid:
No such file or directory
Jan 19 05:17:03 servername nut-server[1303]: Could not find PID file
'/run/nut/upsd.pid' to see if previous upsd instance is already
running!
Jan 19 05:17:03 servername nut-server[1303]: listening on 127.0.0.1 port 3493
Jan 19 05:17:03 servername nut-server[1303]: listening on ::1 port 3493
Jan 19 05:17:03 servername upsd[1303]: listening on 127.0.0.1 port 3493
Jan 19 05:17:03 servername upsd[1303]: listening on ::1 port 3493
Jan 19 05:17:03 servername nut-server[1303]: Connected to UPS [Eaton]:
usbhid-ups-Eaton
Jan 19 05:17:03 servername upsd[1303]: Connected to UPS [Eaton]:
usbhid-ups-Eaton
Jan 19 05:17:03 servername upsd[1303]: Running as foreground process,
not saving a PID file
Jan 19 05:17:03 servername nut-server[1303]: Running as foreground
process, not saving a PID file

● nut-monitor.service - Network UPS Tools - power device monitor and
shutdown controller
Loaded: loaded (/lib/systemd/system/nut-monitor.service; enabled;
preset: enabled)
Active: active (running) since Fri 2024-01-19 03:37:28 CET; 1h 41min ago
Main PID: 847 (upsmon)
Tasks: 2 (limit: 38253)
Memory: 3.4M
CPU: 338ms
CGroup: /system.slice/nut-monitor.service
├─847 /lib/nut/upsmon -F
└─849 /lib/nut/upsmon -F
Jan 19 03:43:08 servername nut-monitor[849]: UPS Eaton@localhost on battery
Jan 19 03:43:09 servername nut-monitor[916]: Network UPS Tools upsmon 2.8.0
Jan 19 03:43:33 servername nut-monitor[849]: UPS Eaton@localhost on line power
Jan 19 03:43:34 servername nut-monitor[920]: Network UPS Tools upsmon 2.8.0
Jan 19 05:17:04 servername nut-monitor[849]: Poll UPS
[Eaton@localhost] failed - Write error: Broken pipe
Jan 19 05:17:04 servername nut-monitor[849]: Communications with UPS
Eaton@localhost lost
Jan 19 05:17:04 servername nut-monitor[1305]: Network UPS Tools upsmon 2.8.0
Jan 19 05:17:09 servername nut-monitor[849]: Login on UPS
[Eaton@localhost] failed - got [ERR ACCESS-DENIED]
Jan 19 05:17:14 servername nut-monitor[849]: Communications with UPS
Eaton@localhost established
Jan 19 05:17:14 servername nut-monitor[1312]: Network UPS Tools upsmon 2.8.0


Yours sincerely
Stefan Malte Schumacher

Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Max Nikulin]

On 19/01/2024 04:08, Charles Curley wrote:

On Fri, 19 Jan 2024 00:02:44 +0700
Max Nikulin wrote:


Have you faced real issues namely with hardware acceleration?


Other than this, not that I know of.


I do not think the message concerning iHD is related to any real issue. 
I see "oops" in the subject, but perhaps it is caused by something else. 
I recall another thread


SOLVED [was: Chromium under Xfce/bookworm anyone?] Wed, 13 Sep 2023 
20:11:08 +0200

https://lists.debian.org/msgid-search/zqh7peojdoudu...@tuxteam.de


iHD driver is tied first, but your graphics card is too old for it,
so i965 loaded next. I am unsure if it is possible to suppress
attempt to load iHD and so to avoid an error message e.g. by setting
some environment variable.


I see nothing in chromium's rather minimal man page. I also tried
several command line switches in
https://peter.sh/experiments/chromium-command-line-switches/, to no
avail.


The same message is reported by vainfo, so it is not specific to 
chromium. I have not tried a recipe given in


https://wiki.debian.org/HardwareVideoAcceleration#VA-API

Driver selection can be overridden by setting the environment variable
LIBVA_DRIVER_NAME to a specific driver, e.g., LIBVA_DRIVER_NAME=i965 (to
use the driver from i965-va-driver on Bullseye) or LIBVA_DRIVER_NAME=iHD
(to use the driver from intel-media-va-driver on Debian 10/Buster). See
EnvironmentVariables for more details on how to set this environment
variable system-wide or per user.

Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Charles Curley]

On Fri, 19 Jan 2024 00:02:44 +0700
Max Nikulin  wrote:

> On 14/01/2024 00:19, Charles Curley wrote:
>  [...]  
> 
>  [...]  
> 
> Have you faced real issues namely with hardware acceleration?

Other than this, not that I know of.

> 
> iHD driver is tied first, but your graphics card is too old for it,
> so i965 loaded next. I am unsure if it is possible to suppress
> attempt to load iHD and so to avoid an error message e.g. by setting
> some environment variable.

I see nothing in chromium's rather minimal man page. I also tried
several command line switches in
https://peter.sh/experiments/chromium-command-line-switches/, to no
avail.

> 
> chrome://gpu may provide more info.
> 

Alas, chromium never gets far enough to deliver useful information.

charles@jhegaala:~$ chromium chrome://gpu
libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed
^C
Killed
charles@jhegaala:~$ 

I did a killall -9 in another window to kill it.

There are no crash reports.

I looked in the two bug report sites mentioned in the man page for
chromium, and did not see anything that looked relevant.

I tried removing intel-media-va-driver |
intel-media-va-driver-non-free, which required removing va-driver-all.
No go. chromium just sits there as a background process, and I have to
kill it.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Max Nikulin]

On 14/01/2024 00:19, Charles Curley wrote:

charles@jhegaala:~$ chromium &
[2] 33609
charles@jhegaala:~$ libva error:
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed



charles@jhegaala:~$ vainfo
libva info: VA-API version 1.17.0
libva info: Trying to open
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so libva info: Found init
function __vaDriverInit_1_17 libva error:
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed libva info:
va_openDriver() returns 1 libva info: Trying to open
/usr/lib/x86_64-linux-gnu/dri/i965_drv_video.so libva info: Found init
function __vaDriverInit_1_8 libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.17 (libva 2.12.0)
vainfo: Driver version: Intel i965 driver for Intel(R) Sandybridge


Have you faced real issues namely with hardware acceleration?

iHD driver is tied first, but your graphics card is too old for it, so 
i965 loaded next. I am unsure if it is possible to suppress attempt to 
load iHD and so to avoid an error message e.g. by setting some 
environment variable.


chrome://gpu may provide more info.

Chromium oops: libva error: /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so

[Charles Curley]

I have just installed Bookworm on my ancient Lenovo T520 (2011),
replacing Bullseye. I suspect the problem is somewhere in the video
driver chain. Any thoughts on how to proceed further with this?

Upon trying to run chromium, I get:

charles@jhegaala:~$ chromium &
[2] 33609
charles@jhegaala:~$ libva error:
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed

charles@jhegaala:~$ ps
PID TTY  TIME CMD
  32502 pts/800:00:00 bash
  32506 pts/800:00:04 emacs
  33609 pts/800:00:00 chromium
  33630 pts/800:00:00 chromium
  33631 pts/800:00:00 chromium
  33633 pts/800:00:00 chromium
  33656 pts/800:00:00 chromium
  33657 pts/800:00:00 chromium
  33688 pts/800:00:00 ps
charles@jhegaala:~$ killall -9 chromium
charles@jhegaala:~$ 
[2]+  Killed  chromium
charles@jhegaala:~$ ps
PID TTY  TIME CMD
  32502 pts/800:00:00 bash
  32506 pts/800:00:04 emacs
  33695 pts/800:00:00 ps
charles@jhegaala:~$ vainfo
libva info: VA-API version 1.17.0
libva info: Trying to open
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so libva info: Found init
function __vaDriverInit_1_17 libva error:
/usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so init failed libva info:
va_openDriver() returns 1 libva info: Trying to open
/usr/lib/x86_64-linux-gnu/dri/i965_drv_video.so libva info: Found init
function __vaDriverInit_1_8 libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.17 (libva 2.12.0)
vainfo: Driver version: Intel i965 driver for Intel(R) Sandybridge
Mobile - 2.4.1 vainfo: Supported profile and entrypoints
  VAProfileMPEG2Simple: VAEntrypointVLD
  VAProfileMPEG2Main  : VAEntrypointVLD
  VAProfileH264ConstrainedBaseline: VAEntrypointVLD
  VAProfileH264ConstrainedBaseline: VAEntrypointEncSlice
  VAProfileH264Main   : VAEntrypointVLD
  VAProfileH264Main   : VAEntrypointEncSlice
  VAProfileH264High   : VAEntrypointVLD
  VAProfileH264High   : VAEntrypointEncSlice
  VAProfileH264StereoHigh : VAEntrypointVLD
  VAProfileVC1Simple  : VAEntrypointVLD
  VAProfileVC1Main: VAEntrypointVLD
  VAProfileVC1Advanced: VAEntrypointVLD
  VAProfileNone   : VAEntrypointVideoProc
charles@jhegaala:~$ 

Display is:

root@jhegaala:~# lspci -vs 2.0
00:02.0 VGA compatible controller: Intel Corporation 2nd Generation
Core Processor Family Integrated Graphics Controller (rev 09) (prog-if
00 [VGA controller]) Subsystem: Lenovo ThinkPad T520 Flags: bus master,
fast devsel, latency 0, IRQ 28, IOMMU group 0 Memory at f000
(64-bit, non-prefetchable) [size=4M] Memory at e000 (64-bit,
prefetchable) [size=256M] I/O ports at 6000 [size=64]
Expansion ROM at 000c [virtual] [disabled] [size=128K]
Capabilities: [90] MSI: Enable+ Count=1/1 Maskable- 64bit-
Capabilities: [d0] Power Management version 2
Capabilities: [a4] PCI Advanced Features
Kernel driver in use: i915
Kernel modules: i915

root@jhegaala:~# grep 'model name' /proc/cpuinfo 
model name  : Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
model name  : Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
model name  : Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
model name  : Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
root@jhegaala:~# 



-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)

[Dan Purgert]

On Jan 12, 2024, Vincent Lefevre wrote:
> In one of my new machines, I have a DVD+/-RW drive. There were
> no issues on January 8 and 9. But today, I'm getting
> 
>   ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)
> 
> errors at boot time.
> [...]
> 
> Any idea?

It's an I/O error between the SATA controller and whatever device when
the controller is asking it to identify its capabilities.

Could be as simple as a loose cable (or bad cable / port).



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)

[Vincent Lefevre]

In one of my new machines, I have a DVD+/-RW drive. There were
no issues on January 8 and 9. But today, I'm getting

  ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)

errors at boot time.

Excerpts of the journal concerning ata6:

journalctl-9:Jan 08 11:23:19 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 54
journalctl-9:Jan 08 11:23:19 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-9:Jan 08 11:23:19 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-9:Jan 08 11:23:19 disset kernel: ata6.00: configured for UDMA/133

journalctl-8:Jan 08 12:07:02 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 55
journalctl-8:Jan 08 12:07:02 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-8:Jan 08 12:07:02 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-8:Jan 08 12:07:02 disset kernel: ata6.00: configured for UDMA/133

journalctl-7:Jan 08 12:51:28 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 54
journalctl-7:Jan 08 12:51:28 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-7:Jan 08 12:51:28 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-7:Jan 08 12:51:28 disset kernel: ata6.00: configured for UDMA/133

journalctl-6:Jan 08 13:01:44 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 55
journalctl-6:Jan 08 13:01:44 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-6:Jan 08 13:01:44 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-6:Jan 08 13:01:44 disset kernel: ata6.00: configured for UDMA/133

journalctl-5:Jan 08 13:25:26 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 54
journalctl-5:Jan 08 13:25:26 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-5:Jan 08 13:25:26 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-5:Jan 08 13:25:26 disset kernel: ata6.00: configured for UDMA/133

journalctl-4:Jan 08 15:18:10 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 55
journalctl-4:Jan 08 15:18:10 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-4:Jan 08 15:18:10 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-4:Jan 08 15:18:10 disset kernel: ata6.00: configured for UDMA/133

journalctl-3:Jan 09 10:18:31 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 54
journalctl-3:Jan 09 10:18:31 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-3:Jan 09 10:18:31 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-3:Jan 09 10:18:31 disset kernel: ata6.00: configured for UDMA/133

journalctl-2:Jan 12 16:29:55 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 55
journalctl-2:Jan 12 16:29:55 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: ATAPI: PLDS DVD+/-RW 
DU-8A5LH, 6D1M, max UDMA/133
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: revalidation failed 
(errno=-5)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: revalidation failed 
(errno=-5)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: revalidation failed 
(errno=-5)
journalctl-2:Jan 12 16:29:55 disset kernel: ata6.00: disable device
journalctl-2:Jan 12 16:29:55 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)

journalctl-1:Jan 12 16:52:07 disset kernel: ata6: SATA max UDMA/133 abar 
m2048@0x88643000 port 0x88643380 irq 55
journalctl-1:Jan 12 16:52:07 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-1:Jan 12 16:52:07 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-1:Jan 12 16:52:07 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-1:Jan 12 16:52:07 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-1:Jan 12 16:52:07 disset kernel: ata6: SATA link up 1.5 Gbps 
(SStatus 113 SControl 300)
journalctl-1:Jan 12 16:52:07 disset kernel: ata6.00: failed to IDENTIFY (I/O 
error, err_mask=0x100)
journalctl-1:Jan 12 16

Re: Perl module installation via CPAN and signature error

[Vincent Lefevre]

With strace, I could see the command that was executed:

  gpg --verify --batch --no-tty -q --logger-fd=1 
--keyserver=hkp://pool.sks-keyservers.net:11371

on a temporary file, but almost equivalent to the CHECKSUMS file.

Now, I can try that directly:

qaa:~> gpg --verify --batch --no-tty -q --logger-fd=1 
--keyserver=hkp://pool.sks-keyservers.net:11371 
/home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/CHECKSUMS
gpg: Signature made 2023-12-17T16:29:09 CET
gpg:using RSA key 77576125A905F1BA
gpg: Good signature from "PAUSE Batch Signing Key 2024 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2023 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2003 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2005 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2007 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2009 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2015 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2017 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2019 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2021 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2022 " 
[unknown]
gpg: aka "PAUSE Batch Signing Key 2011 " 
[unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:  There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2E66 557A B97C 19C7 91AF  8E20 328D A867 450F 89EC
 Subkey fingerprint: D785 7544 389C 919D 8E6D  ABBA 7757 6125 A905 F1BA

but

zira:~> gpg --verify --batch --no-tty -q --logger-fd=1 
--keyserver=hkp://pool.sks-keyservers.net:11371 
/home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/CHECKSUMS
gpg: Signature made 2023-12-17T16:29:09 CET
gpg:using RSA key 77576125A905F1BA
gpg: Can't check signature: No public key

I can notice a difference between these two machines:

qaa:~> gpg --with-subkey-fingerprint -k 2E66557AB97C19C791AF8E20328DA867450F89EC
pub   dsa1024 2003-02-03 [SC] [expires: 2024-07-01]
  2E66557AB97C19C791AF8E20328DA867450F89EC
uid   [ unknown] PAUSE Batch Signing Key 2024 
uid   [ unknown] PAUSE Batch Signing Key 2023 
uid   [ unknown] PAUSE Batch Signing Key 2003 
uid   [ unknown] PAUSE Batch Signing Key 2005 
uid   [ unknown] PAUSE Batch Signing Key 2007 
uid   [ unknown] PAUSE Batch Signing Key 2009 
uid   [ unknown] PAUSE Batch Signing Key 2015 
uid   [ unknown] PAUSE Batch Signing Key 2017 
uid   [ unknown] PAUSE Batch Signing Key 2019 
uid   [ unknown] PAUSE Batch Signing Key 2021 
uid   [ unknown] PAUSE Batch Signing Key 2022 
uid   [ unknown] PAUSE Batch Signing Key 2011 
sub   elg2048 2023-07-01 [E] [expires: 2024-07-01]
  4CA09107D9A3E6E61960A61C41C01F6387982F09
sub   rsa4096 2023-07-01 [S] [expires: 2024-07-01]
  D7857544389C919D8E6DABBA77576125A905F1BA

zira:~> gpg --with-subkey-fingerprint -k 
2E66557AB97C19C791AF8E20328DA867450F89EC
pub   dsa1024 2003-02-03 [SC] [expired: 2023-07-01]
  2E66557AB97C19C791AF8E20328DA867450F89EC
uid   [ expired] PAUSE Batch Signing Key 2023 
uid   [ expired] PAUSE Batch Signing Key 2003 
uid   [ expired] PAUSE Batch Signing Key 2005 
uid   [ expired] PAUSE Batch Signing Key 2007 
uid   [ expired] PAUSE Batch Signing Key 2009 
uid   [ expired] PAUSE Batch Signing Key 2011 
uid   [ expired] PAUSE Batch Signing Key 2015 
uid   [ expired] PAUSE Batch Signing Key 2017 
uid   [ expired] PAUSE Batch Signing Key 2022 
uid   [ expired] PAUSE Batch Signing Key 2019 
uid   [ expired] PAUSE Batch Signing Key 2021 

i.e. the subkeys are missing. Why?

Note that on zira, doing

  gpg --recv-keys 2E66557AB97C19C791AF8E20328DA867450F89EC

again doesn't change anything.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Perl module installation via CPAN and signature error

[Vincent Lefevre]

Hi,

I have 2 Debian/unstable machines on the same network, with the
same .cpan/CPAN/MyConfig.pm file.

On one of them, I get no errors:

qaa:~> cpan -i XML::RPC
CPAN: HTTP::Tiny loaded ok (v0.086)
CPAN: Net::SSLeay loaded ok (v1.92)
CPAN: IO::Socket::SSL loaded ok (v2.084)
Fetching with HTTP::Tiny:
https://cpan.org/authors/01mailrc.txt.gz
Reading '/home/vinc17/.cpan/sources/authors/01mailrc.txt.gz'
CPAN: Compress::Zlib loaded ok (v2.204)
DONE
Fetching with HTTP::Tiny:
https://cpan.org/modules/02packages.details.txt.gz
Reading '/home/vinc17/.cpan/sources/modules/02packages.details.txt.gz'
  Database was generated on Thu, 11 Jan 2024 21:54:02 GMT
CPAN: HTTP::Date loaded ok (v6.06)
DONE
Fetching with HTTP::Tiny:
https://cpan.org/modules/03modlist.data.gz
Reading '/home/vinc17/.cpan/sources/modules/03modlist.data.gz'
DONE
Writing /home/vinc17/.cpan/Metadata
Running install for module 'XML::RPC'
Fetching with HTTP::Tiny:
https://cpan.org/authors/id/C/CA/CAVAC/XML-RPC-2.tar.gz
CPAN: Digest::SHA loaded ok (v6.04)
Fetching with HTTP::Tiny:
https://cpan.org/authors/id/C/CA/CAVAC/CHECKSUMS
CPAN: Module::Signature loaded ok (v0.88)
WARNING: This key is not certified with a trusted signature!
Primary key fingerprint: 2E66 557A B97C 19C7 91AF  8E20 328D A867 450F 89EC
Signature for /home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/CHECKSUMS ok
Checksum for /home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/XML-RPC-2.tar.gz 
ok
Package came without SIGNATURE

CPAN: YAML loaded ok (v1.31)
[...]
  CAVAC/XML-RPC-2.tar.gz
  /bin/make install  -- OK

But on the other one (an older machine), I get an error:

zira:~> cpan -i XML::RPC
CPAN: HTTP::Tiny loaded ok (v0.086)
CPAN: Net::SSLeay loaded ok (v1.92)
CPAN: IO::Socket::SSL loaded ok (v2.084)
Fetching with HTTP::Tiny:
https://cpan.org/authors/01mailrc.txt.gz
Reading '/home/vinc17/.cpan/sources/authors/01mailrc.txt.gz'
CPAN: Compress::Zlib loaded ok (v2.206)
DONE
Fetching with HTTP::Tiny:
https://cpan.org/modules/02packages.details.txt.gz
Reading '/home/vinc17/.cpan/sources/modules/02packages.details.txt.gz'
  Database was generated on Thu, 11 Jan 2024 21:54:02 GMT
CPAN: HTTP::Date loaded ok (v6.06)
DONE
Fetching with HTTP::Tiny:
https://cpan.org/modules/03modlist.data.gz
Reading '/home/vinc17/.cpan/sources/modules/03modlist.data.gz'
DONE
Writing /home/vinc17/.cpan/Metadata
Running install for module 'XML::RPC'
Fetching with HTTP::Tiny:
https://cpan.org/authors/id/C/CA/CAVAC/XML-RPC-2.tar.gz
CPAN: Digest::SHA loaded ok (v6.04)
Fetching with HTTP::Tiny:
https://cpan.org/authors/id/C/CA/CAVAC/CHECKSUMS
CPAN: Module::Signature loaded ok (v0.88)
gpg: Signature made 2023-12-17T16:29:09 CET
gpg:using RSA key 77576125A905F1BA
gpg: Can't check signature: No public key

Signature for file /home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/CHECKSUMS 
could not be verified for an unknown reason. Distribution id = 
C/CA/CAVAC/XML-RPC-2.tar.gz
CPAN_USERID  CAVAC (Rene Schickbauer )
CALLED_FOR   XML::RPC
CHECKSUM_STATUS 
CONTAINSMODS XML::RPC
UPLOAD_DATE  2022-03-09
incommandcolor 1
localfile
/home/vinc17/.cpan/sources/authors/id/C/CA/CAVAC/XML-RPC-2.tar.gz
mandatory1
negative_prefs_cache 0
prefsHASH(0x55eef7851f20)
reqtype  c

Module::Signature verification returned value 0E0

The manual says for this case: Cannot verify the
OpenPGP signature, maybe due to the lack of a network connection to
the key server, or if neither gnupg nor Crypt::OpenPGP exists on the
system. You probably want to analyse the situation and if you cannot
fix it you will have to decide whether you want to stop this session
or you want to turn off signature verification. The latter would be
done with the command 'o conf init check_sigs'



Note that every public key given by "gpg --list-public-keys" on qaa
are on zira too.

Where does the problem come from?

-- 
Vincent Lefèvre  - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: cups error -- SOLVED

[Russell L. Harris]

On Mon, Dec 25, 2023 at 09:36:44PM -0500, Stefan Monnier wrote:

I copied the file to another computer in the LAN, ran LaTeX and dvips,
and sent it to the same printer,  but the file hung at the same spot.


Any chance you can use `pdflatex` instead of `latex + dvips`?
Have you tried to manually convert the PS to PDF before sending to
the printer? or to convert straight from DVI to PDF?
Nowadays PS is becoming a curiosity, so you may have better luck with
PDF (there's a chance the problem is unrelated, of course).


The PDF file produced with pdflatex hung at the same point as did the
PS file produced with dvips.

The PDF file produced with dvipdfm printed the entire file properly.

Many thanks!

RLH

Re: cups error

[Russell L. Harris]

On Mon, Dec 25, 2023 at 09:36:44PM -0500, Stefan Monnier wrote:

I copied the file to another computer in the LAN, ran LaTeX and dvips,
and sent it to the same printer,  but the file hung at the same spot.


Any chance you can use `pdflatex` instead of `latex + dvips`?
Have you tried to manually convert the PS to PDF before sending to
the printer? or to convert straight from DVI to PDF?
Nowadays PS is becoming a curiosity, so you may have better luck with
PDF (there's a chance the problem is unrelated, of course).


Thanks for the suggestion.  I am a dinosaur; I have been running
Debian since A.D.2000, and I have done things pretty much as I was
taught by the guru who got me running.  Are you saying that I can
print to a printer which does not have PostScript?  (All of my
printers, which now are quite old, have PostScript.)

P.S.  I remember using LPR and the switch to LPRNG, and then the
switch to CUPS.  And now driverless CUPS.

RLH

Re: cups error

[Stefan Monnier]

> I copied the file to another computer in the LAN, ran LaTeX and dvips,
> and sent it to the same printer,  but the file hung at the same spot.

Any chance you can use `pdflatex` instead of `latex + dvips`?
Have you tried to manually convert the PS to PDF before sending to
the printer? or to convert straight from DVI to PDF?
Nowadays PS is becoming a curiosity, so you may have better luck with
PDF (there's a chance the problem is unrelated, of course).


Stefan

cups error

[Russell L. Harris]

On a desktop debian 12.2 amd64 system with
HP_LaserJet_P3010_Series_48E436 (ethernet), LaTeX documents composed
with Emacs frequently print only up to a certain point (it varies with
the document), and CUPS prints the error message:

  ERROR: typecheck OFFENDING COMMAND: known

xdvi displays the document perfectly in its entirety.

I copied the file to another computer in the LAN, ran LaTeX and dvips,
and sent it to the same printer,  but the file hung at the same spot.

One time I was able to recover by cutting the section at which
printing hung and pasting from another document.

I have searched the Web but have not found a solution.

RLH

Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Vincent Lefevre]

On 2023-12-14 14:04:08 -0500, Greg Wooledge wrote:
> On Thu, Dec 14, 2023 at 05:14:28PM +0100, Vincent Lefevre wrote:
> > I have the latest version!!! I recall that this is a Debian/unstable
> > machine, which I upgrade regularly. So, everytime I get such an error,
> > I have the latest client.
> 
> Just for the record, saying you have the "latest" version of something
> is unhelpful.  This goes double when you're on a testing or unstable
> system.  We don't know how long ago you updated, or what mirrors you're
> using, or what errors might have occurred the last time you updated,
> or whether you have a locally installed version of "ssh" in your PATH
> before /usr/bin/ssh, or... anything.  Anything at all.
> 
> When asking for help, it's best to give all of the relevant details up
> front.  Start by saying you're on Debian unstable.  Then give the
> installed package version (as printed by "dpkg -l openssh-client")
> and the output of "ssh -V".

As I've said in my message: I've upgraded to openssh-client 1:9.5p1-2.

The versions up to 9.4 were fine, i.e. I got a detailed error message.

> Since this is a problem with ssh, which uses a client/server architecture,
> giving the version of the server's sshd would also help.

openssh-server 1:7.9p1-10+deb10u3

but I don't think this is useful.

> Finally, if you've customized something that's relevant, be sure to
> include that.  For the ssh client, customizations are done in the
> /etc/ssh/ssh_config and ~/.ssh/config files.  Anything you've changed
> or added there would be important to disclose.

At the time of the test:

IdentitiesOnly yes
TCPKeepAlive no
ControlPath /tmp/ssh-%h-%p-%r
SendEnv LANG LC_*
ProxyCommand none
StrictHostKeyChecking yes

(and the last change was "KeepAlive no" → "TCPKeepAlive no"
in June 2022).

> If you've customized anything on the server end (i.e. in
> /etc/ssh/sshd_config) then you should disclose that as well.

Note that I am not the admin of the server. I can see that
MaxStartups was changed to "MaxStartups 20:30:120". But the
last change was done in June.

-- 
Vincent Lefèvre  - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Greg Wooledge]

On Thu, Dec 14, 2023 at 05:14:28PM +0100, Vincent Lefevre wrote:
> I have the latest version!!! I recall that this is a Debian/unstable
> machine, which I upgrade regularly. So, everytime I get such an error,
> I have the latest client.

Just for the record, saying you have the "latest" version of something
is unhelpful.  This goes double when you're on a testing or unstable
system.  We don't know how long ago you updated, or what mirrors you're
using, or what errors might have occurred the last time you updated,
or whether you have a locally installed version of "ssh" in your PATH
before /usr/bin/ssh, or... anything.  Anything at all.

When asking for help, it's best to give all of the relevant details up
front.  Start by saying you're on Debian unstable.  Then give the
installed package version (as printed by "dpkg -l openssh-client")
and the output of "ssh -V".

After that, describe the problem, and give whatever diagnostic information
you've managed to gather so far.  This might include the output of
"ssh -v myuser@myhost" for example.  The ssh client doesn't generally
write information to log files, but for *other* kinds of problems,
copying the relevant pieces of log files (or journalctl output, etc.)
would probably help.

Since this is a problem with ssh, which uses a client/server architecture,
giving the version of the server's sshd would also help.

Finally, if you've customized something that's relevant, be sure to
include that.  For the ssh client, customizations are done in the
/etc/ssh/ssh_config and ~/.ssh/config files.  Anything you've changed
or added there would be important to disclose.  If you've customized
anything on the server end (i.e. in /etc/ssh/sshd_config) then you
should disclose that as well.

Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Klaus Singvogel]

Vincent Lefevre wrote:
> I have the latest version!!! I recall that this is a Debian/unstable
> machine, which I upgrade regularly. So, everytime I get such an error,
> I have the latest client.
> 
> Note also that this is an error that occurs randomly.

Then I'm sorry, that I can't help you more on this topic.
The given information is not enough to debug, and I'd never seen any other 
connection failure cases.

My advice is, even it's annoying to see a lot of verbose output on your 
terminal, that you can use options "-vvv" in your ssh call, like: ssh -vvv 
user@host date

As you have as well good as bad connections, try to compare that output from 
both types of ssh connections.

Best regards,
Klaus.
-- 
Klaus Singvogel
GnuPG-Key-ID: 1024R/5068792D  1994-06-27

Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Vincent Lefevre]

On 2023-12-14 17:03:10 +0100, Klaus Singvogel wrote:
> Vincent Lefevre wrote:
> > Since 2 years (from early 2022 to 2023-11-26), I've got recurrent
> > errors like
> > 
> > kex_exchange_identification: read: Connection reset by peer
> > Connection reset by x.x.x.x port 22
> 
> This sounds most likely that your SSH client (program at your local
> machine) has an outdated SSH implementation. Try to update this
> program first.

I have the latest version!!! I recall that this is a Debian/unstable
machine, which I upgrade regularly. So, everytime I get such an error,
I have the latest client.

Note also that this is an error that occurs randomly.

-- 
Vincent Lefèvre  - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Klaus Singvogel]

Vincent Lefevre wrote:
> Since 2 years (from early 2022 to 2023-11-26), I've got recurrent
> errors like
> 
> kex_exchange_identification: read: Connection reset by peer
> Connection reset by x.x.x.x port 22

This sounds most likely that your SSH client (program at your local machine) 
has an outdated SSH implementation. Try to update this program first.

Best regards,
Klaus.
-- 
Klaus Singvogel
GnuPG-Key-ID: 1024R/5068792D  1994-06-27

openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

[Vincent Lefevre]

Since 2 years (from early 2022 to 2023-11-26), I've got recurrent
errors like

kex_exchange_identification: read: Connection reset by peer
Connection reset by x.x.x.x port 22

or

kex_exchange_identification: Connection closed by remote host
Connection closed by x.x.x.x port 22

But yesterday, the errors just became

Connection closed by x.x.x.x port 22

though I suspect that this is exactly the same issue.

The sshd server and its config have not changed. Only the client has
changed: I upgraded to openssh-client 1:9.5p1-2 on 2023-11-27 (this
is a Debian/unstable machine).

Is there any explanation of such a change?

Has anyone noticed a similar change (for those who get such errors)?

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)