Re: Ter info: FileZilla

[Richard Lucassen]

On Fri, 5 Jul 2024 10:23:34 +0200
Rob van der Putten  wrote:

> > Nee, ook met anonymous heb je dat idiote protocol. Weg met die
> > troep. Gebruik voor anonymous downloads gewoon http of https en
> > voor uploads sftp. Ik weet niet of je ntp server goed staat maar we
> > leven in 2024, check het even :-)
> 
> Binnen tig µs;
> http://www.sput.nl/ntpstats/sput/
> En volgens de zelfde logica, zou je eigenlijk ook niet moeten
> ademhalen, want word ook al heel lang gedaan.

Ademhalen gaat via een goed werkend protocol lijkt me ;-)

> Zelf ben ik overigens geen fan van FTP, maar soms is er niets anders 
> beschikbaar. Zo doet mijn oude TV settopbox niet veel anders.
> Indien beschikbaar is sshfs wel aardig. Je kan dan remote spul lokaal 
> mounten.

Ik weet het, handig maar ik gebruik het nauwelijks.

R.

-- 
richard lucassen
http://contact.xaq.nl/

Re: Ter info: FileZilla

[Rob van der Putten]

Hoi


On 05/07/2024 00:06, Richard Lucassen wrote:


On Thu, 4 Jul 2024 17:28:21 +0200
Rob van der Putten  wrote:


Verbazingwekkend dat er nog steeds ftp gebruikt wordt. Ik zou zo
snel mogelijk overgaan op ssh/sftp.


Voor anonymous FTP is het natuurlijk geen probleem.


Nee, ook met anonymous heb je dat idiote protocol. Weg met die troep.
Gebruik voor anonymous downloads gewoon http of https en voor uploads
sftp. Ik weet niet of je ntp server goed staat maar we leven in
2024, check het even :-)


Binnen tig µs;
http://www.sput.nl/ntpstats/sput/
En volgens de zelfde logica, zou je eigenlijk ook niet moeten ademhalen, 
want word ook al heel lang gedaan.


Zelf ben ik overigens geen fan van FTP, maar soms is er niets anders 
beschikbaar. Zo doet mijn oude TV settopbox niet veel anders.
Indien beschikbaar is sshfs wel aardig. Je kan dan remote spul lokaal 
mounten.



Vr.Gr,
Rob

Re: Ter info: FileZilla

[Richard Lucassen]

On Thu, 4 Jul 2024 17:28:21 +0200
Rob van der Putten  wrote:

> > Verbazingwekkend dat er nog steeds ftp gebruikt wordt. Ik zou zo
> > snel mogelijk overgaan op ssh/sftp.
> 
> Voor anonymous FTP is het natuurlijk geen probleem.

Nee, ook met anonymous heb je dat idiote protocol. Weg met die troep.
Gebruik voor anonymous downloads gewoon http of https en voor uploads
sftp. Ik weet niet of je ntp server goed staat maar we leven in
2024, check het even :-)

-- 
richard lucassen
http://contact.xaq.nl/

Re: Ter info: FileZilla

[Rob van der Putten]

Hoi


On 04/07/2024 10:34, Arjen Bax wrote:


Verbazingwekkend dat er nog steeds ftp gebruikt wordt. Ik zou zo snel
mogelijk overgaan op ssh/sftp.


Voor anonymous FTP is het natuurlijk geen probleem.


Vriendelijke groet / Kind regards / Vennlig hilsen,
Arjen Bax

Op di 18 jun 2024 om 11:57 schreef Sjoerd :


Op 11 mei schreef Richard Lucassen:

Op 11 mei schreef Sjoerd:


Wat je nu ziet gebeuren, is dat FileZilla eerst contact probeert te
maken via het IPv6-adres. Na ruim 2 minuten geeft-ie het op, en dan
wordt overgegaan naar het IPv4-adres, waarna de verbinding vlot tot
stand komt. Maar als je dan iets wilt uploaden, wordt opnieuw eerst
het IPv6-adres geprobeerd, en herhaalt deze toestand zich.


Zet voor de betreffende host alleen het ipv4 adres in de hosts file (die
bestaat onder windows ook, dan forceer je de boel naar ipv4.


Afgelopen nacht was er weer een modem-update van KPN, maar hierna deed
IPv4 het ook al niet meer.
Een oplossing vond ik uiteindelijk op het KPN-forum.
In het modem is iets aan het beveiligingsniveau te wijzigen, waarna de
verbinding het weer doet.

"Na modem-update geen FTP meer"
https://forum.kpn.com/modems-123/na-modem-update-geen-ftp-meer-615273




Vr.Gr,
Rob

Re: Ter info: FileZilla

[Arjen Bax]

Verbazingwekkend dat er nog steeds ftp gebruikt wordt. Ik zou zo snel
mogelijk overgaan op ssh/sftp.

Vriendelijke groet / Kind regards / Vennlig hilsen,
Arjen Bax

Op di 18 jun 2024 om 11:57 schreef Sjoerd :
>
> Op 11 mei schreef Richard Lucassen:
> > Op 11 mei schreef Sjoerd:
> >
> > > Wat je nu ziet gebeuren, is dat FileZilla eerst contact probeert te
> > > maken via het IPv6-adres. Na ruim 2 minuten geeft-ie het op, en dan
> > > wordt overgegaan naar het IPv4-adres, waarna de verbinding vlot tot
> > > stand komt. Maar als je dan iets wilt uploaden, wordt opnieuw eerst
> > > het IPv6-adres geprobeerd, en herhaalt deze toestand zich.
> >
> > Zet voor de betreffende host alleen het ipv4 adres in de hosts file (die
> > bestaat onder windows ook, dan forceer je de boel naar ipv4.
>
> Afgelopen nacht was er weer een modem-update van KPN, maar hierna deed
> IPv4 het ook al niet meer.
> Een oplossing vond ik uiteindelijk op het KPN-forum.
> In het modem is iets aan het beveiligingsniveau te wijzigen, waarna de
> verbinding het weer doet.
>
> "Na modem-update geen FTP meer"
> https://forum.kpn.com/modems-123/na-modem-update-geen-ftp-meer-615273
>

info Eclipse STS et Wayland

[Jean-Michel OLTRA]

Bonjour,

Pour info, si ça peut servir à quelqu'un, un jour.

J'ai cherché un bon moment ce qui pouvait avoir annulé le rendu de la javadoc
dans Eclipse STS.

La solution est là :
https://stackoverflow.com/questions/75836319/sts-eclipse-does-not-render-the-javadoc-preview-at-javadoc-view

Je suis en testing, et il y a du avoir une mise à jour relative à Wayland,
et je n'ai pas fait le rapprochement.

-- 
jm

Re: Ter info: FileZilla

[Sjoerd]

Op 11 mei schreef Richard Lucassen:
> Op 11 mei schreef Sjoerd:
> 
> > Wat je nu ziet gebeuren, is dat FileZilla eerst contact probeert te
> > maken via het IPv6-adres. Na ruim 2 minuten geeft-ie het op, en dan
> > wordt overgegaan naar het IPv4-adres, waarna de verbinding vlot tot
> > stand komt. Maar als je dan iets wilt uploaden, wordt opnieuw eerst
> > het IPv6-adres geprobeerd, en herhaalt deze toestand zich.
> 
> Zet voor de betreffende host alleen het ipv4 adres in de hosts file (die
> bestaat onder windows ook, dan forceer je de boel naar ipv4.

Afgelopen nacht was er weer een modem-update van KPN, maar hierna deed
IPv4 het ook al niet meer.
Een oplossing vond ik uiteindelijk op het KPN-forum.
In het modem is iets aan het beveiligingsniveau te wijzigen, waarna de
verbinding het weer doet.

"Na modem-update geen FTP meer"
https://forum.kpn.com/modems-123/na-modem-update-geen-ftp-meer-615273

Re: info vs. man

[Max Nikulin]

On 12/06/2024 01:00, Greg Wooledge wrote:

On 11/06/2024 06:45, Greg Wooledge wrote:

Should you ever feel a need to read the longer version of the
documentation, it's in GNU info pages.  So you would need to type
the command "info coreutils date" to get to it.  And then you'd need
to figure out the user interface of the "info" program, which is not
intuitive unless you happen to be an emacs power user already.

[...]

I also provided a reference to the info page, and a command that would
bring that up, should the need ever arise.  More importantly, I revealed
that info pages *exist* and *are a thing* that they need to know about.
It's planting a seed for the future.


I misunderstood your intention and I am sorry for that. I found your 
words quite discouraging in respect to "info", perhaps it is just 
language barrier.


Info is quite important. While e.g. "man bash" and "info bash" documents 
are quite similar, there is no man equivalent for "info grub".


Your variant of info command is quite specific. I like that "info" 
allows partial match of node name and it may be a separate argument. 
Unfortunately tkinfo and the Emacs function require another style (info 
"(coreutils) date invocation"). Every coreutils man page has it in the 
"SEE ALSO" section.


I do not mind that users almost certainly familiar with basic pager UI 
and using of "info" requires some knowledge. In this particular case UI 
does not differ


- info "(coreutils) date invocation"
- /week [Enter]

P.S. Perhaps Emacs developers teach users how to fish as well. From my 
point of view the following path described in "emacs --help" is 
unnecessary long:



Run M-x info RET m emacs RET m emacs invocation RET inside Emacs to
read the main documentation for these command-line arguments.

Re: info vs. man (was: Re: date for week)

[Greg Wooledge]

On Tue, Jun 11, 2024 at 11:22:17PM +0700, Max Nikulin wrote:
> On 11/06/2024 06:45, Greg Wooledge wrote:
> > Should you ever feel a need to read the longer version of the
> > documentation, it's in GNU info pages.  So you would need to type
> > the command "info coreutils date" to get to it.  And then you'd need
> > to figure out the user interface of the "info" program, which is not
> > intuitive unless you happen to be an emacs power user already.
> 
> Emacs power users can type
> M-x info RET
> or
> M-: (info "(coreutils) date conversion specifiers") RET
> or at least
> emacs -f info-standalone '(coreutils) date conversion specifiers'
> 
> I do not mind that info browsers have usability issues. For beginners I
> would recommend tkinfo instead of terminal "info". I have not tried pinfo.
> 
> Texinfo, unlike man, has a notion of hyperlink. In the case of man it is
> just formatting that suggests that some part of text is a reference to
> another document or another section.

See, this is all fine -- you've searched for the appropriate section, and
you've generated a cryptic command that someone else could type inside
emacs to get to that same section.  I'm sure there's an "info" equivalent
that can be done from a shell without invoking emacs.

None of that's useful to a person who wants to search for that information
in the first place without consulting an expert who's already done the
work.

What I was trying to do in my reply was "teach them how to fish" -- to
show them how to bring up the man page themselves, and look for basic
information like "how do I get the name of the day of the week, instead
of the numeric index of the day of the week" without having to bother
an international mailing list.

So, I gave basic instructions for how to bring up the man page, and a
hint about searching for a key word related to their question.  I even
provided a small piece of the man page, which happens to include the
answer they're looking for, because I'm also a pessimist who knows
that they probably won't look it up themselves, and may become angry
if we don't spoon-feed them the actual answer.

I also provided a reference to the info page, and a command that would
bring that up, should the need ever arise.  More importantly, I revealed
that info pages *exist* and *are a thing* that they need to know about.
It's planting a seed for the future.

info vs. man (was: Re: date for week)

[Max Nikulin]

On 11/06/2024 06:45, Greg Wooledge wrote:

Should you ever feel a need to read the longer version of the
documentation, it's in GNU info pages.  So you would need to type
the command "info coreutils date" to get to it.  And then you'd need
to figure out the user interface of the "info" program, which is not
intuitive unless you happen to be an emacs power user already.


Emacs power users can type
M-x info RET
or
M-: (info "(coreutils) date conversion specifiers") RET
or at least
emacs -f info-standalone '(coreutils) date conversion specifiers'

I do not mind that info browsers have usability issues. For beginners I 
would recommend tkinfo instead of terminal "info". I have not tried pinfo.


Texinfo, unlike man, has a notion of hyperlink. In the case of man it is 
just formatting that suggests that some part of text is a reference to 
another document or another section. It was created for "online" version 
of printed manuals. Info is more convenient for navigation in long 
document and makes it easier to specify a particular section. In the 
case of man it requires some tricks like


man -P 'less -p %a' date

Re: Ter info: FileZilla

[Richard Lucassen]

On Sat, 11 May 2024 11:49:12 +0200
Sjoerd  wrote:

> Wat je nu ziet gebeuren, is dat FileZilla eerst contact probeert te
> maken via het IPv6-adres. Na ruim 2 minuten geeft-ie het op, en dan
> wordt overgegaan naar het IPv4-adres, waarna de verbinding vlot tot
> stand komt. Maar als je dan iets wilt uploaden, wordt opnieuw eerst
> het IPv6-adres geprobeerd, en herhaalt deze toestand zich.

Zet voor de betreffende host alleen het ipv4 adres in de hosts file (die
bestaat onder windows ook, dan forceer je de boel naar ipv4.

HTH,

R.

-- 
richard lucassen
http://contact.xaq.nl/

Ter info: FileZilla

[Sjoerd]

Voor het eerst in maanden kijk ik weer eens in deze lijst, ik zit
tegenwoordig op openSUSE.
Maar dat FTP met FileZilla zo moeizaam gaat, dat speelt nog steeds, en ik
kan er meer over vertellen.

Het blijkt dat iedereen bij wie FileZilla slecht werkt, KPN als provider
heeft. Na een update bij KPN werkt de FTP-verbinding via het IPv6-adres
ineens niet meer.
Voorzover ik kan zien, is die update begin dit jaar in het noorden van het
land begonnen, en breidde die zich in de loop van een paar maanden verder
naar het zuiden uit.

De time-out in FileZilla staat standaard op 20 seconden.
Deze dien je eerst uit te zetten of langer te maken.
Edit > Settings > Connection > Timeout

Wat je nu ziet gebeuren, is dat FileZilla eerst contact probeert te maken
via het IPv6-adres. Na ruim 2 minuten geeft-ie het op, en dan wordt
overgegaan naar het IPv4-adres, waarna de verbinding vlot tot stand komt.
Maar als je dan iets wilt uploaden, wordt opnieuw eerst het IPv6-adres
geprobeerd, en herhaalt deze toestand zich.

Bij gFTP zie je hetzelfde gebeuren, alleen is gFTP er veel sneller achter
dat het via het IPv6-adres niet gaat, en gaat hij dus al snel over op het
IPv4-adres.

In het forum van mijn webhoster (Vimexx) heeft iemand hierover contact
gehad met de helpdesk. Hem werd geadviseerd om IPv6 in het modem uit te
zetten. Niet zo'n best advies, als je het mij vraagt. Eigenlijk zouden ze
het in overleg met KPN op moeten zien te lossen.

Maar een andere, en wellicht handiger, voorlopige oplossing is om in
FileZilla in plaats van de host het IPv4-adres van die host in te vullen.
Het werkt dan weer als een tierelier.
Dat IPv4-adres is uit de logs van Filezilla op te maken, of anders,
wellicht nog handiger:

$ nslookup ftp.domein.nl

Kan voorzover ik weet ook in Windows, met dit commando:

NSLOOKUP ftp.domein.nl

Re: filesystem info

[tomas]

On Mon, Mar 25, 2024 at 11:05:44AM -0400, Cindy Sue Causey wrote:

[...]

> apt-cache search kernel filesystem doc
> 
> Which brought up two docs appropriate for my own Trixie setup: linux-doc-6.5
> and linux-doc-6.6. The description for 6.6 is:
> 
> Description-en: Linux kernel specific documentation for version 6.6

[...]

That's a good one, thanks :-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: filesystem info

[Cindy Sue Causey]

On Sun, Mar 24, 2024 at 11:42 PM Sirius  wrote:
>
> In days of yore (Sun, 24 Mar 2024), fxkl4...@protonmail.com thus quoth:
> > when i type mount i see many different filesystem names
> >
> > sysfs, proc, udev, devpts, tmpfs, securityfs, cgroup2, pstore, none,
> > systemd-1, hugetlbfs, mqueue, debugfs, tracefs, sunrpc, fusectl, configfs
> > binfmt_misc, portal
> >
> > is there "simple" documentation to explain what these are
> >
>
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/Documentation/filesystems?h=v6.8.1
>
> The Linux Kernel sources have a Documentation tree that documents many
> aspects and features of the kernel. There may be a kernel-doc package you
> can install that should put that documentation right onto your system in
> /usr/share/doc/kernel/.
>
> Do note: reading the docs about /proc and /sys (procfs and sysfs
> respectively) may give ideas - write those ideas down if you decide to try
> them out so you have a record of what you might have done on the system.
> It can be relatively easy to unintentionally cause bad performance by
> poking around with those settings.

That suggestion inspired an apt-cache search:

apt-cache search kernel filesystem doc

Which brought up two docs appropriate for my own Trixie setup: linux-doc-6.5
and linux-doc-6.6. The description for 6.6 is:

Description-en: Linux kernel specific documentation for version 6.6
 This package provides the various README files and HTML documentation for
 the Linux kernel version 6.6.  Plenty of information, including the
 descriptions of various kernel subsystems, filesystems, driver-specific
 notes and the like.  An index to the documentation is installed as
 /usr/share/doc/linux-doc-6.6/html/index.html.

Sounds pretty good, in fact just downloaded for myself. For those who
haven't found them yet, you can also install various Debian centric handbooks
using similar searches, e.g. for "admin". Empowered users, yada-yada!

Cindy :)

PS Apologies for potential email formatting glitches. Boogeyman Gmail
finally forced its dynamic'y version on us text folks. Standard line
length options are
"indisposed". I had to manually hack them down to size. FAIL.
-
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA
* runs with birdseed *

Re: filesystem info

[Sirius]

In days of yore (Sun, 24 Mar 2024), fxkl4...@protonmail.com thus quoth: 
> when i type mount i see many different filesystem names
> 
> sysfs, proc, udev, devpts, tmpfs, securityfs, cgroup2, pstore, none,
> systemd-1, hugetlbfs, mqueue, debugfs, tracefs, sunrpc, fusectl, configfs
> binfmt_misc, portal
> 
> is there "simple" documentation to explain what these are
> 

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/Documentation/filesystems?h=v6.8.1

The Linux Kernel sources have a Documentation tree that documents many
aspects and features of the kernel. There may be a kernel-doc package you
can install that should put that documentation right onto your system in
/usr/share/doc/kernel/.

Do note: reading the docs about /proc and /sys (procfs and sysfs
respectively) may give ideas - write those ideas down if you decide to try
them out so you have a record of what you might have done on the system.
It can be relatively easy to unintentionally cause bad performance by
poking around with those settings.

Happy learning!

-- 
Kind regards,

/S

Re: filesystem info

[Marco Moock]

Am 24.03.2024 um 13:19:54 Uhr schrieb fxkl4...@protonmail.com:

> sysfs, proc, udev, devpts, tmpfs, securityfs, cgroup2, pstore, none,
> systemd-1, hugetlbfs, mqueue, debugfs, tracefs, sunrpc, fusectl,
> configfs binfmt_misc, portal

Use
apropos sysfs to find manpages relevant.
Be ware that only the manpages will be searched that are installed on
your system, so maybe have a look at https://manpages.debian.org/ or
search that site with your preferred search engine.

-- 
Gruß
Marco

Send unsolicited bulk mail to 1711282794mu...@cartoonies.org

Re: filesystem info

[Michael Kjörling]

On 24 Mar 2024 13:19 +, from fxkl4...@protonmail.com:
> when i type mount i see many different filesystem names
> 
> sysfs, proc, udev, devpts, tmpfs, securityfs, cgroup2, pstore, none,
> systemd-1, hugetlbfs, mqueue, debugfs, tracefs, sunrpc, fusectl, configfs
> binfmt_misc, portal
> 
> is there "simple" documentation to explain what these are

Not sure if that's what you're looking for, but have you looked at the
filesystems(5) man page?

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

filesystem info

[fxkl47BF]

when i type mount i see many different filesystem names

sysfs, proc, udev, devpts, tmpfs, securityfs, cgroup2, pstore, none,
systemd-1, hugetlbfs, mqueue, debugfs, tracefs, sunrpc, fusectl, configfs
binfmt_misc, portal

is there "simple" documentation to explain what these are

Bug#910970: Info received (flameshot: does not work on debian buster under wayland)

[Debian Bug Tracking System]

Thank you for the additional information you have supplied regarding
this Bug report.

This is an automatically generated reply to let you know your message
has been received.

Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due course.

Your message has been sent to the package maintainer(s):
 Boyuan Yang 

If you wish to submit further information on this problem, please
send it to 910...@bugs.debian.org.

Please do not send mail to ow...@bugs.debian.org unless you wish
to report a problem with the Bug-tracking system.

-- 
910970: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910970
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Re: obtenir les manpages sous forme info

[didier gaumet]

merci pour les infos :-)

Re: obtenir les manpages sous forme info

[Gabriel Moreau]

Salut,

il y a des outils de conversion du format info vers les formats man et 
www (onfo2man et info2www) mais je ne suis pas au courant d'utilitaires 
de conversion dans l'autre sens. Ceci dit d'après ce que je comprends le 
format info est en fait un format Texinfo donc il ya peut-être dans 
l'écosystème Tex quelque chose qui fait ce que tu désires (je n'en sais 
rien, je ne connais pas du tout Tex)


Texinfo est un écosystème parallèle à TeX qui sait produire du format 
HTML, XML, INFO... en plus du PDF et du DVI. Pour ces deux derniers, il 
utilise la moulinette TeX, pour le reste, c'est la moulinette makeinfo 
qui fait le job. TeX n'a jamais été conçu et modifié pour faire du HTML...


https://en.wikipedia.org/wiki/Texinfo

Il a toujours été dommage que makeinfo ne fabrique de format MAN. Quand 
on voit le MAN de Bash, il y a de nombreuses pages INFO qui sont plus 
courtes et plus simples !


Texinfo est un peu en fin de vie, ayant été fait dans les années 80, il 
a répondu à une problématique utile à ces moments là d'avoir du texte 
formaté avec lien hypertexte. Il n'a jamais réussi à remplacer vraiment 
les pages man qui je dois le dire sont souvent bien plus pratique à lire.


A+

gaby
--
Gabriel Moreau - IR CNRShttp://www.legi.grenoble-inp.fr
LEGI (UMR 5519) Laboratoire des Ecoulements Geophysiques et Industriels
Domaine Universitaire, CS 40700, 38041 Grenoble Cedex 9, France
mailto:gabriel.mor...@legi.grenoble-inp.fr  tel:+33.476.825.015



smime.p7s
Description: Signature cryptographique S/MIME

Re: obtenir les manpages sous forme info

[Jean-Pierre Giraud]

Bonjour,
Le mardi 16 mai 2023 à 09:27 +0200, Francois Mescam a écrit :
> Je ne connais que la conversion inverse avec le paquet info2man ou
> alors 
> la mise en html des man avec man2html.
> Désolé cela ne répond pas à la question posée.
> Francois Mescam
> 
> Le 15/05/2023 à 22:07, Bernard Schoenacker a écrit :
> > Bonjour,
> > Je recherche le nom du paquet qui intègre les pages sous
> > forme info...
> > Désolé, mais j'ai un trou de mémoire
> > merci pour votre aimable attention
> > Bien à vous
> > Bernard
Je crois que Texinfo devrait faire l'affaire. Voici le descriptif du
fichier dans Debian
Avec Texinfo, vous pouvez créer un document destiné à être imprimé avec
toutes les caractéristiques d'un livre, incluant chapitres, sections,
références croisées et index. À partir de ce même fichier source, vous
pouvez aussi créer un fichier « Info » avec des nœuds, des menus, des
références croisées et un index.

Amicalement,
jipege


signature.asc
Description: This is a digitally signed message part

Re: obtenir les manpages sous forme info

[Francois Mescam]

Je ne connais que la conversion inverse avec le paquet info2man ou alors 
la mise en html des man avec man2html.


Désolé cela ne répond pas à la question posée.

Francois Mescam

Le 15/05/2023 à 22:07, Bernard Schoenacker a écrit :

Bonjour,

Je recherche le nom du paquet qui intègre les pages sous
forme info...

Désolé, mais j'ai un trou de mémoire

merci pour votre aimable attention

Bien à vous

Bernard

Re: obtenir les manpages sous forme info

[didier gaumet]

Le 15/05/2023 à 22:07, Bernard Schoenacker a écrit :

Bonjour,

Je recherche le nom du paquet qui intègre les pages sous
forme info...

[...]

il y a un paquet install-info qui offre les pages info de certains 
utilitaires mais je ne pense pas que cela comprenne toutes les pages man.


il y a des outils de conversion du format info vers les formats man et 
www (onfo2man et info2www) mais je ne suis pas au courant d'utilitaires 
de conversion dans l'autre sens. Ceci dit d'après ce que je comprends le 
format info est en fait un format Texinfo donc il ya peut-être dans 
l'écosystème Tex quelque chose qui fait ce que tu désires (je n'en sais 
rien, je ne connais pas du tout Tex)


Par curiosité, tiens-nous au courant

obtenir les manpages sous forme info

[Bernard Schoenacker]

Bonjour,

Je recherche le nom du paquet qui intègre les pages sous 
forme info...

Désolé, mais j'ai un trou de mémoire

merci pour votre aimable attention

Bien à vous

Bernard

Re: is nft running? how do I get info?

[David Wright]

On Tue 25 Apr 2023 at 15:21:50 (+), Bonno Bloksma wrote:
> I consider not having nftable enabled by default in bookworm a bug, let me 
> explain why...
> 
> >> It seems the bookworm release comes with NO firewall solution enabled !
> >> Iptables is no longer installed by default 
> >> The nft service is NOT enabled by default.
> 
> > It seems like you missed reading the Release Notes:
> > 
> >   §2.2.6 Network filtering based on nftables framework by default
> 
> Ok, I was "talking" about bookworm, these are the release notes for Buster, 
> not even Bullseye. I was not interested in nft at that time and probably 
> glanced over it. 
> I can understand nft not being enabled by default in Buster, we still had a 
> fully functional iptables at that point, I guess most of us still used it at 
> that time.

Those (ie you) were the people for whom the Release Notes were written.

> > and the reference there to https://wiki.debian.org/nftables which has its § 
> > "nftables in Debian the easy way".
> This still talks about installing nftables, that is also very old.
> 
> But yes, I must have missed it because I never enabled the nftables "service".

That's what I thought. But it's only old because this was all
documented two releases ago.

> What I am talking about now is that iptables is gone (by default).

Yes, they wrote "nftables provides a full replacement for iptables", …
"This change is in line with what other major Linux distributions are doing".
And the wiki: "the iptables utility may not be installed in a system by 
default."

If you were an iptables user, you'd have found in NEWS.Debian:

  "iptables is no longer Priority: important. This means it is not
  installed by default in every system. It has been replaced by nftables"

and there was advice on tools for converting iptables into nftables
configurations, spelled out in README.Debian.

> There is also a default nftables.conf file, but ... it is almost useless and 
> even misleading because it never gets used.
> And unless you make an obvious error and NOT expect your service(s) to work 
> why would you be surprised when the (non existing) firewall enables the 
> services to work as they should?

AFAICT all your complaints are answered in the wiki and the iptables
documentation, and changes really ought not to come as a surprise.

> In all the 20+ years I have been writing firewalls I have always written them 
> by starting from a closed firewall to open just the right services/ports. I 
> would never test if something worked for which I never opened the 
> corresponding port, why would I? I would test if something worked for which I 
> had supposedly opened the correct network port.
> Also in those days with ipchains and iptables there were scripts and if there 
> was an error I would see it when testing the script. 
> 
> If I test the /etc/nftables.conf file as a script it will even work 
> flawlessly with no errors. I can even use the nft list ruleset command 
> afterwards to see I have a working firewall.
> Unfortunately that works only until the next reboot, but why would I think so?
> 
> Why, now that we are at bookworm, is the nftables service not enabled by 
> default? With a default ruleset that pretty much leaves it all open but is a 
> starting point.
> If we do not want that, then at least the default config should contain a 
> warning about first enabling the service or scripting something to have it 
> working (after a reboot).
> 
> I think this is the first time I have come across something in Debian that 
> after being installed by default does nothing, even when provided with a 
> valid config file at the proper location.
> I consider that a bug.

Debates have raged in the past about whether services should be
started automatically just because they have been installed.
My recollection is that is was unix old-timers who maintained that
they ought not to be. And …

> Here is something similar.
> Consider opening your door with a key. Every time you open the door with the 
> key it opens. All is well, you bought the cylinder and key for the lock at a 
> very good locksmith. You told him you had been installing cylinders In doors 
> for years and you were able to insert this cylinder in the door.
> Until sometime later you find out the door never locks, it is always open, 
> that is why you could always enter.
> It turns out you first need to enable the cylinder before it did something 
> useful with the key provided.
> That was something completely new, you never heard of it before, neither do I 
> though. ;-)

And the opposing view, a more likely scenario: you have new locks
fitted. Unfortunately, the first time you go out, you pocket your
keys as usual and walk out, closing the door behind you. Later you
find you hadn't yet fitted the new key onto your keyring…

Cheers,
David.

Re: is nft running? how do I get info?

[songbird]

Bonno Bloksma wrote:
...
> Why, now that we are at bookworm, is the nftables service not enabled by 
> default? With a default ruleset that pretty much leaves it all open but is a 
> starting point.
> If we do not want that, then at least the default config should contain a 
> warning about first enabling the service or scripting something to have it 
> working (after a reboot).
>
> I think this is the first time I have come across something in Debian that 
> after being installed by default does nothing, even when provided with a 
> valid config file at the proper location.
> I consider that a bug.
>
> Here is something similar.
> Consider opening your door with a key. Every time you open the door with the 
> key it opens. All is well, you bought the cylinder and key for the lock at a 
> very good locksmith. You told him you had been installing cylinders In doors 
> for years and you were able to insert this cylinder in the door.
> Until sometime later you find out the door never locks, it is always open, 
> that is why you could always enter.
> It turns out you first need to enable the cylinder before it did something 
> useful with the key provided.
> That was something completely new, you never heard of it before, neither do I 
> though. ;-)
>
> Bonno Bloksma

  not everyone wants a firewall installed on their system
(non-desktop users or embedded systems being two examples
that easily come to mind).

  i think for most desktop installs there should be a minimal
firewall installed but then you get into the issue of which one?

  personally i run ufw.


  songbird

RE: is nft running? how do I get info?

[Bonno Bloksma]

Hi David and others,

I consider not having nftable enabled by default in bookworm a bug, let me 
explain why...


>> It seems the bookworm release comes with NO firewall solution enabled !
>> Iptables is no longer installed by default 
>> The nft service is NOT enabled by default.

> It seems like you missed reading the Release Notes:
> 
>   §2.2.6 Network filtering based on nftables framework by default

Ok, I was "talking" about bookworm, these are the release notes for Buster, not 
even Bullseye. I was not interested in nft at that time and probably glanced 
over it. 
I can understand nft not being enabled by default in Buster, we still had a 
fully functional iptables at that point, I guess most of us still used it at 
that time.

> and the reference there to https://wiki.debian.org/nftables which has its § 
> "nftables in Debian the easy way".
This still talks about installing nftables, that is also very old.

But yes, I must have missed it because I never enabled the nftables "service".

What I am talking about now is that iptables is gone (by default). There is 
also a default nftables.conf file, but ... it is almost useless and even 
misleading because it never gets used.
And unless you make an obvious error and NOT expect your service(s) to work why 
would you be surprised when the (non existing) firewall enables the services to 
work as they should?

In all the 20+ years I have been writing firewalls I have always written them 
by starting from a closed firewall to open just the right services/ports. I 
would never test if something worked for which I never opened the corresponding 
port, why would I? I would test if something worked for which I had supposedly 
opened the correct network port.
Also in those days with ipchains and iptables there were scripts and if there 
was an error I would see it when testing the script. 

If I test the /etc/nftables.conf file as a script it will even work flawlessly 
with no errors. I can even use the nft list ruleset command afterwards to see I 
have a working firewall.
Unfortunately that works only until the next reboot, but why would I think so?

Why, now that we are at bookworm, is the nftables service not enabled by 
default? With a default ruleset that pretty much leaves it all open but is a 
starting point.
If we do not want that, then at least the default config should contain a 
warning about first enabling the service or scripting something to have it 
working (after a reboot).

I think this is the first time I have come across something in Debian that 
after being installed by default does nothing, even when provided with a valid 
config file at the proper location.
I consider that a bug.

Here is something similar.
Consider opening your door with a key. Every time you open the door with the 
key it opens. All is well, you bought the cylinder and key for the lock at a 
very good locksmith. You told him you had been installing cylinders In doors 
for years and you were able to insert this cylinder in the door.
Until sometime later you find out the door never locks, it is always open, that 
is why you could always enter.
It turns out you first need to enable the cylinder before it did something 
useful with the key provided.
That was something completely new, you never heard of it before, neither do I 
though. ;-)

Bonno Bloksma

Re: is nft running? how do I get info?

[David Wright]

On Tue 25 Apr 2023 at 08:59:23 (+), Bonno Bloksma wrote:
> 
> Did I discover a bug in the bookwork release? I think we can argue both for 
> and against but I am calling it a bug.
> 
> It seems the bookworm release comes with NO firewall solution enabled !
> Iptables is no longer installed by default
> The nft service is NOT enabled by default.
> 
> After searching some more I found "Enable and start the nftables service by":
> sudo systemctl enable nftables 
> sudo systemctl start nftables.
> Looking at the sudo stuff it must have been written for Ubuntu. And indeed, I 
> now have a nft service that will by default load the /etc/nftables.conf file 
> :-)
> The start command in itself is not needed, it just starts the firewall right 
> away.
> 
> I do NOT understand why it is not enabled by default with the default config 
> as it is.
> The firewall in itself is open enough that it does not block stuff, but it 
> does allow someone to build upon or to replace it with a proper firewall.
> 
> There probably was a discussion about it sometime in the past and this is 
> what "they" came up with.
> Still, I think there should be a better way, have a default (semi) open 
> firewall and have it enabled by default. 
> 
> Now all I need to do is go to my existing Buster installs and enable the 
> firewall. It seems after I changed the iptables script to a nft config I have 
> been running my buster machines with a proper nft config that NEVER got 
> loaded. :-(

It seems like you missed reading the Release Notes:

  §2.2.6 Network filtering based on nftables framework by default

and the reference there to https://wiki.debian.org/nftables
which has its § "nftables in Debian the easy way".

Cheers,
David.

Re: is nft running? how do I get info?

[Greg Wooledge]

On Tue, Apr 25, 2023 at 02:11:45PM +0500, Stanislav Vlasov wrote:
> And, if you use 'su' command, please use it right:
> su -

There are many "right" ways to elevate privileges.  See
 for more options.

Re: is nft running? how do I get info?

[Anssi Saari]

Bonno Bloksma  writes:

> Also trying command completion with the nft, or even nf, show no
> results. Using just the n for completion gives just the networking
> service.

It seems others covered your other issues so I'll just comment on this.

Maybe your command completion is just bad? I can't complete service
names either, with bash. In zsh completion works out of the box and
that's one reason I use it, instead of bash.

RE: is nft running? how do I get info?

[Bonno Bloksma]

Hi All,

Did I discover a bug in the bookwork release? I think we can argue both for and 
against but I am calling it a bug.

It seems the bookworm release comes with NO firewall solution enabled !
Iptables is no longer installed by default
The nft service is NOT enabled by default.

After searching some more I found "Enable and start the nftables service by":
sudo systemctl enable nftables 
sudo systemctl start nftables.
Looking at the sudo stuff it must have been written for Ubuntu. And indeed, I 
now have a nft service that will by default load the /etc/nftables.conf file :-)
The start command in itself is not needed, it just starts the firewall right 
away.

I do NOT understand why it is not enabled by default with the default config as 
it is.
The firewall in itself is open enough that it does not block stuff, but it does 
allow someone to build upon or to replace it with a proper firewall.

There probably was a discussion about it sometime in the past and this is what 
"they" came up with.
Still, I think there should be a better way, have a default (semi) open 
firewall and have it enabled by default. 

Now all I need to do is go to my existing Buster installs and enable the 
firewall. It seems after I changed the iptables script to a nft config I have 
been running my buster machines with a proper nft config that NEVER got loaded. 
:-(

Bonno Bloksma

RE: is nft running? how do I get info?

[Bonno Bloksma]

Hi Dan,

>> I thought I understood it all and as far as I know I have a working config. 
>> But just trying to get a listing of the running config shows NOTHING.
>> linbookwormtest:~# nft list ruleset
>> linbookwormtest:~#
> 
> That says that you have no firewall set up.
That was my conclusion as well. :-(

> All Linux kernel firewalls are implemented via nft, even if you are using 
> iptables or ufw or some other system.
Ok.

> Try this:
> 
> $ lsmod | grep nft

Well I get :
linbookwormtest:~# lsmod | grep nft
linbookwormtest:~#

Another NOTHING. And yes, lsmod itself does list the loaded modules.

> It's not a matter of running, it's a matter of whether rules have been loaded.
Probably not, but why not?

> Now whether I have those SSH lines enabled or disable them makes no 
> difference, I can still logon using ssh. :-(
> 
> How, how do I continue? It isn't even working on a clean install of Debian 
> bookworm with the default config file.

> Try:
> # nft -f /etc/nftables.conf
> # nft list ruleset

Ok, that works. Now I get a firewall listing. So the config never gets loaded. 
Weird.

> I suspect you just don't have anything loading the rules.
But... should that not be system when it sees a executable nftables.conf file? 
That is de default Debian setup in which I have npt changed anything.
If that does not work then the Debian default does not work. I do not trhink 
there will be a lot of people who want to START by creating system service 
files just to get the firewall up and running each time.

With the old stuff I knew I had to execute a script loading the rules, that was 
normal. 
With nft everything is build in and the config file is executable. Why ?

Bonno

Re: is nft running? how do I get info?

[Christoph Brinkhaus]

Am Tue, Apr 25, 2023 at 07:58:56AM + schrieb Bonno Bloksma:
Hi Bonno,

> Hi Anssi,
> 
> >> There is nothing in the journal about nft
> >> linbookwormtest:~#journalctl -t nft -- Journal begins at Mon
> >> 2023-03-27 13:07:50 CEST, ends at Mon 2023-04-24 12:18:07 CEST.
> >> -- -- No entries --
> 
> > Debian's nftables package includes a systemd service to run
> > nftables. You might want to run systemctl status nftables first
> > and then enable and to start the service.
> Unfortunately nft is not a service. Trying the service command with
> nft gives an error.  linbookwormtest:~# service nft status Unit
> nft.service could not be found.  linbookwormtest:~#

The service is named nftables. This is the name which must be applied
to enable the service and for digging in the logs. nft is used to
manage the filter. Please see 
https://www.debian.org/doc/manuals/debian-handbook/sect.firewall-packet-filtering.en.html

Just as a reference the output from my system:


# systemctl status nftables
● nftables.service - nftables
Loaded: loaded (/lib/systemd/system/nftables.service; enabled; vendor preset: 
enabled)
Active: active (exited) since Tue 2023-04-25 10:28:37 CEST; 26min ago
Docs: man:nft(8)
http://wiki.nftables.org
Process: 226 ExecStart=/usr/sbin/nft -f /etc/nftables.conf (code=exited, 
status=0/SUCCESS)
Main PID: 226 (code=exited,
status=0/SUCCESS)
CPU: 11ms

Apr 25 10:28:37 lenovo systemd[1]: Finished nftables.
Warning: journal has been rotated since unit was started, output may be
incomplete.

> Also trying command completion with the nft, or even nf, show no
> results. Using just the n for completion gives just the networking
> service.
> 
> > I wonder how you used iptables? I always used a script for that
> > but I had to run it too for changes...
> I allways had a script too. I had it hooked in
> /etc/network/interfaces via either a pre-up or post-up rule
> depending if there was a fixed ip or a dhcp line in the interfaces
> file.
> 
> A default Debian install has an executable /etc/nftables.conf file.
This configuration is started by systemd with 
nft -f /etc/nftables.conf. The default file does no filtering at all.

> If nothing is looking at that file then what is the "normal" wat to
> start the firewall?  Do I hook it up via one of the old /etc/init.d/
> scripts? Do I create a script in one of the /etc/rc?.d/ directories?
> I am pretty sure they don't expect every novice to start writing
> systemd service files? I don't even know where they are, I never
> touch them, too much can go wrong by not understanding how it all
> connects.  If I install dhcp it comes with default config files. If
> I change them then THAT config gets loaded.
> 
> If Debian does NOTHING with that nft config file then why is it
> there?  Is this a bug? 
Please enable the firewall by # systemctl enable nftables.service.
Then it should work.

Kind regards,
Christoph
-- 
Ist die Katze gesund
schmeckt sie dem Hund.


signature.asc
Description: PGP signature

Re: is nft running? how do I get info?

[Stanislav Vlasov]

вт, 25 апр. 2023 г. в 13:32, Bonno Bloksma :
> > Debian's nftables package includes a systemd service to run nftables. You 
> > might want to run systemctl status nftables first and then enable and to 
> > start the service.
> Unfortunately nft is not a service. Trying the service command with nft gives 
> an error.
> linbookwormtest:~# service nft status
> Unit nft.service could not be found.
> linbookwormtest:~#

$ sudo systemctl status nftables.service
● nftables.service - nftables
 Loaded: loaded (/lib/systemd/system/nftables.service; disabled;
vendor preset: enabled)
 Active: inactive (dead)
   Docs: man:nft(8)
 http://wiki.nftables.org

This is not true service, but only loader for /etc/nftables.conf rules
at boot, if enabled.

> Also trying command completion with the nft, or even nf, show no results. 
> Using just the n for completion gives just the networking service.

nftables: /usr/sbin/nft
This is package, which can be installed or not.
And, if you use 'su' command, please use it right:
su -

> > I wonder how you used iptables? I always used a script for that but I had 
> > to run it too for changes...
> I allways had a script too. I had it hooked in /etc/network/interfaces via 
> either a pre-up or post-up rule depending if there was a fixed ip or a dhcp 
> line in the interfaces file.

> A default Debian install has an executable /etc/nftables.conf file. If 
> nothing is looking at that file then what is the "normal" wat to start the 
> firewall?

see above

> Do I hook it up via one of the old /etc/init.d/ scripts? Do I create a script 
> in one of the /etc/rc?.d/ directories?

No. You may write some scripts in /etc/network subdirs, if you REALLY
need custom rules at interface up or down.

> Is this a bug?

No. But docs need to be read.
/usr/share/doc/nftables/README.Debian - good starting point.

-- 
Stanislav

RE: is nft running? how do I get info?

[Bonno Bloksma]

Hi Anssi,

>> There is nothing in the journal about nft 
>> linbookwormtest:~#journalctl -t nft
>> -- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 
>> 2023-04-24 12:18:07 CEST. --
>> -- No entries --

> Debian's nftables package includes a systemd service to run nftables. You 
> might want to run systemctl status nftables first and then enable and to 
> start the service.
Unfortunately nft is not a service. Trying the service command with nft gives 
an error.
linbookwormtest:~# service nft status
Unit nft.service could not be found.
linbookwormtest:~#

Also trying command completion with the nft, or even nf, show no results. Using 
just the n for completion gives just the networking service.

> I wonder how you used iptables? I always used a script for that but I had to 
> run it too for changes...
I allways had a script too. I had it hooked in /etc/network/interfaces via 
either a pre-up or post-up rule depending if there was a fixed ip or a dhcp 
line in the interfaces file.

A default Debian install has an executable /etc/nftables.conf file. If nothing 
is looking at that file then what is the "normal" wat to start the firewall? 
Do I hook it up via one of the old /etc/init.d/ scripts? Do I create a script 
in one of the /etc/rc?.d/ directories?
I am pretty sure they don't expect every novice to start writing systemd 
service files? I don't even know where they are, I never touch them, too much 
can go wrong by not understanding how it all connects.
If I install dhcp it comes with default config files. If I change them then 
THAT config gets loaded.

If Debian does NOTHING with that nft config file then why is it there?
Is this a bug? 

Bonno Bloksma

Re: is nft running? how do I get info?

[Anssi Saari]

Bonno Bloksma  writes:

> Hi,
>
> After years of using ipchains and later iptables as firewall I am now trying 
> to use nft. :-)
>
> I thought I understood it all and as far as I know I have a working config. 
> But just trying to get a listing of the running config shows NOTHING.
> linbookwormtest:~# nft list ruleset
> linbookwormtest:~#
>
> There is nothing in the journal about nft
> linbookwormtest:~# journalctl -t nft
> -- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 2023-04-24 
> 12:18:07 CEST. --
> -- No entries --

Debian's nftables package includes a systemd service to run
nftables. You might want to run systemctl status nftables first and
then enable and to start the service.

I wonder how you used iptables? I always used a script for that but I
had to run it too for changes...

Re: is nft running? how do I get info?

[Dan Ritter]

Bonno Bloksma wrote: 
> Hi,
> 
> After years of using ipchains and later iptables as firewall I am now trying 
> to use nft. :-)
> 
> I thought I understood it all and as far as I know I have a working config. 
> But just trying to get a listing of the running config shows NOTHING.
> linbookwormtest:~# nft list ruleset
> linbookwormtest:~#

That says that you have no firewall set up.

All Linux kernel firewalls are implemented via nft, even if you are
using iptables or ufw or some other system.

> 
> There is nothing in the journal about nft
> linbookwormtest:~# journalctl -t nft
> -- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 2023-04-24 
> 12:18:07 CEST. --
> -- No entries --

Try this:

$ lsmod | grep nft

I get:

nft_chain_nat  16384  3
nf_nat 57344  2 nft_chain_nat,xt_MASQUERADE
nft_compat 20480  25
x_tables   53248  13
xt_conntrack,nft_compat,xt_multiport,xt_state,xt_tcpudp,xt_tcpmss,xt_addrtype,xt_CHECKSUM,xt_recent,xt_set,ipt_REJECT,xt_MASQUERADE,ip6t_REJECT
nft_counter16384  52
nf_tables 253952  153
nft_compat,nft_counter,nft_chain_nat
nfnetlink  20480  5
nft_compat,nf_conntrack_netlink,nf_tables,ip_set


> So nothing, not even a warning or an error. So how do I know if nft is 
> running at all? I am guessing it does NOT run because.
> Even using just the default ruleset in /etc/nftables.conf shows nothing in 
> the logs. It should at least show something right?

It's not a matter of running, it's a matter of whether rules
have been loaded.


> Now whether I have those SSH lines enabled or disable them makes no 
> difference, I can still logon using ssh. :-(
> 
> How, how do I continue? It isn't even working on a clean install of Debian 
> bookworm with the default config file.


Try:

# nft -f /etc/nftables.conf
# nft list ruleset


I suspect you just don't have anything loading the rules.

-dsr-

is nft running? how do I get info?

[Bonno Bloksma]

Hi,

After years of using ipchains and later iptables as firewall I am now trying to 
use nft. :-)

I thought I understood it all and as far as I know I have a working config. But 
just trying to get a listing of the running config shows NOTHING.
linbookwormtest:~# nft list ruleset
linbookwormtest:~#

There is nothing in the journal about nft
linbookwormtest:~# journalctl -t nft
-- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 2023-04-24 
12:18:07 CEST. --
-- No entries --

And on an older server where I still have rsyslog installed there is also 
nothing in syslog. But that is no surprise when the journal database has 
nothing. ;-)

So nothing, not even a warning or an error. So how do I know if nft is running 
at all? I am guessing it does NOT run because.
Even using just the default ruleset in /etc/nftables.conf shows nothing in the 
logs. It should at least show something right?

But even more telling... in my modified ruleset I have:

--
...
table inet firewall {

chain inbound_ipv4 {
# accepting ping (icmp-echo-request) for diagnostic purposes, within a 
certain rate limit:
icmp type echo-request limit rate 5/second accept
}
chain inbound_ipv6 {
# accept neighbour discovery otherwise connectivity breaks
#
icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert 
} accept

# accepting ping (icmpv6-echo-request) for diagnostic purposes,  within 
a certain rate limit:
# icmpv6 type echo-request limit rate 5/second accept
}

chain inbound {
# By default, drop all traffic unless it meets a filter criteria 
specified by the rules that follow below.
type filter hook input priority 0; policy drop;

# Allow traffic from established and related packets, drop invalid
ct state vmap { established : accept, related : accept, invalid : drop }
# Allow loopback traffic.
iifname lo accept

# Jump to chain according to layer 3 protocol using a verdict map
meta protocol vmap { ip : jump inbound_ipv4, ip6 : jump inbound_ipv6 }

# Allow SSH on port TCP/22 for IPv4 and IPv6.
tcp dport { 22 } accept
...
--

Now whether I have those SSH lines enabled or disable them makes no difference, 
I can still logon using ssh. :-(

How, how do I continue? It isn't even working on a clean install of Debian 
bookworm with the default config file.

Bonno Bloksma

Re: which X11 app can show wifi info

[David Wright]

On Wed 15 Jun 2022 at 11:16:40 (+0200), Vincent Lefevre wrote:
> On 2022-06-15 00:19:54 -0500, David Wright wrote:
> > On Wed 15 Jun 2022 at 03:30:53 (+0200), Vincent Lefevre wrote:
> > > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > > No issues with iwlist and nmcli.
> > > > 
> > > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > > when run as root.
> > > 
> > > For security reasons, I don't want to run them as root.
> > 
> > Then don't run them? You can put  wpa_cli status  into sudoers
> > so that it will only run with that command.
> > 
> > > The iwlist and nmcli utilities don't need root to work correctly.
> > 
> > Run them then?
> 
> The OP wanted an X11 app,

I'm aware of that, and I did say that I didn't know of one.

I only use wpasupplicant on one machine that has a flaky wifi, which
doesn't get on well with iwd. (It's a 2004-vintage laptop.) I
configure/check/debug the wifi at the console. Waiting for X to drag
itself into existence before checking out the wifi would be a big
time waster. So I don't install wpagui, don't know what it does,
don't know how it does it.

> while iwlist and nmcli are just command-line
> utilities (though one may want to write a script to show information
> in an X11 app, a text terminal or something else?). But my remark was
> mainly: the iwlist and nmcli utilities can get the information as a
> normal user, so there is a major limitation in wpa_gui and wpa_cli.

Yes, thanks for the wishlist bug.

When the demise of wicd became apparent (wicd hides the need to know
anything about wpasupplicant), I looked around for a replacement, and
came across:

https://lwn.net/Articles/770991/

That article put a damper on my reading up on anything about
wpasupplicant for the time being. I've found iwd works nicely
in bullseye, but don't bother with the buster version (which
is way back in the iwd development cycle).

Cheers,
David.

Re: which X11 app can show wifi info

[Brian]

On Wed 15 Jun 2022 at 13:38:06 +0200, Vincent Lefevre wrote:

> On 2022-06-15 12:14:19 +0100, Brian wrote:
> > On Wed 15 Jun 2022 at 12:45:23 +0200, Vincent Lefevre wrote:
> > 
> > > On 2022-06-15 10:32:58 +0100, Brian wrote:
> > > > On Wed 15 Jun 2022 at 11:16:40 +0200, Vincent Lefevre wrote:
> > > > > The OP wanted an X11 app, while iwlist and nmcli are just command-line
> > > > > utilities (though one may want to write a script to show information
> > > > > in an X11 app, a text terminal or something else?). But my remark was
> > > > > mainly: the iwlist and nmcli utilities can get the information as a
> > > > > normal user, so there is a major limitation in wpa_gui and wpa_cli.
> > > > 
> > > > This limitation does not exist. wpa_gui and wpa_cli are both capable
> > > > of being run as a mormal user.
> > > 
> > > So, why do I get a "Could not connect to wpa_supplicant" error
> > > with the default configuration?
> > 
> > Because wpa_supplicant is not aware of GROUP=netdev. See my other
> > post in this thread.
> 
> So, that's a limitation. There is no such limitation with other tools
> (iwconfig, nmcli, and in the past, wicd), which work as a normal user
> without needing anything special.

So, we will have it as a limitation. However, it is long-standing and
wpa_gui has efficiently managed connections here for a non-root user
for some time, which is all I ask of it. I can live with it.

Maybe wpa_cli and wpa_gui will eventually become dbus-aware.

-- 
Brian.

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-15 13:59:44 +0300, Reco wrote:
> On Wed, Jun 15, 2022 at 11:33:00AM +0200, Vincent Lefevre wrote:
> > On 2022-06-15 09:43:50 +0300, Reco wrote:
> > > First example they provide in wpa_supplicant.conf(5) shows the way to
> > > use wpa_cli sensibly without being root.
> > > One just needs to define a group for wpa_supplicant's control
> > > socket, like this:
> > > 
> > > ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
> > 
> > This is either overkill (with a security risk, e.g. if this can allow
> > the user to become root),
> 
> It cannot allow that, barring the security bugs in wpa_supplicant.
> It does give the user full control over a wpa_supplicant process though
> (i.e. associate with arbitrary AP, terminate the process, etc).

OK. I suppose that this should be the goal if the user is in the
netdev group (I hope that if the user can terminate the process,
then he can also restart it).

> > or Debian should have done that by default.
> 
> That's my option too, but wpasupplicant package does not provide
> wpa_supplicant.conf by default.
> README.Debian should mention that bit of configuration probably.

Well, the wpasupplicant package could provide a default config file
(most packages do). I've just submitted a wishlist bug:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012844

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-15 12:14:19 +0100, Brian wrote:
> On Wed 15 Jun 2022 at 12:45:23 +0200, Vincent Lefevre wrote:
> 
> > On 2022-06-15 10:32:58 +0100, Brian wrote:
> > > On Wed 15 Jun 2022 at 11:16:40 +0200, Vincent Lefevre wrote:
> > > > The OP wanted an X11 app, while iwlist and nmcli are just command-line
> > > > utilities (though one may want to write a script to show information
> > > > in an X11 app, a text terminal or something else?). But my remark was
> > > > mainly: the iwlist and nmcli utilities can get the information as a
> > > > normal user, so there is a major limitation in wpa_gui and wpa_cli.
> > > 
> > > This limitation does not exist. wpa_gui and wpa_cli are both capable
> > > of being run as a mormal user.
> > 
> > So, why do I get a "Could not connect to wpa_supplicant" error
> > with the default configuration?
> 
> Because wpa_supplicant is not aware of GROUP=netdev. See my other
> post in this thread.

So, that's a limitation. There is no such limitation with other tools
(iwconfig, nmcli, and in the past, wicd), which work as a normal user
without needing anything special.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Reco]

On Wed, Jun 15, 2022 at 11:33:00AM +0200, Vincent Lefevre wrote:
> On 2022-06-15 09:43:50 +0300, Reco wrote:
> > Hi.
> > 
> > On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote:
> > > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > > No issues with iwlist and nmcli.
> > > > 
> > > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > > when run as root.
> > > 
> > > For security reasons, I don't want to run them as root.
> > 
> > First example they provide in wpa_supplicant.conf(5) shows the way to
> > use wpa_cli sensibly without being root.
> > One just needs to define a group for wpa_supplicant's control socket, like 
> > this:
> > 
> > ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
> 
> This is either overkill (with a security risk, e.g. if this can allow
> the user to become root),

It cannot allow that, barring the security bugs in wpa_supplicant.
It does give the user full control over a wpa_supplicant process though
(i.e. associate with arbitrary AP, terminate the process, etc).


> or Debian should have done that by default.

That's my option too, but wpasupplicant package does not provide
wpa_supplicant.conf by default.
README.Debian should mention that bit of configuration probably.


> > > The iwlist and nmcli utilities don't need root to work correctly.
> > 
> > I don't know about iwlist, but nmcli uses dbus to communicate with
> > NetworkManager. From the security standpoint, such approach clearly
> > loses to the simple unix socket communication restricted by natural
> > POSIX permissions.
> 
> Actually, that's iwconfig that gives interesting information, such
> as the current ESSID, and it doesn't need to be run as root either.

So is "iw dev ... info", which uses "modern" communication via
AF_NETLINK socket.

Reco

Re: which X11 app can show wifi info

[Brian]

On Wed 15 Jun 2022 at 12:45:23 +0200, Vincent Lefevre wrote:

> On 2022-06-15 10:32:58 +0100, Brian wrote:
> > On Wed 15 Jun 2022 at 11:16:40 +0200, Vincent Lefevre wrote:
> > > The OP wanted an X11 app, while iwlist and nmcli are just command-line
> > > utilities (though one may want to write a script to show information
> > > in an X11 app, a text terminal or something else?). But my remark was
> > > mainly: the iwlist and nmcli utilities can get the information as a
> > > normal user, so there is a major limitation in wpa_gui and wpa_cli.
> > 
> > This limitation does not exist. wpa_gui and wpa_cli are both capable
> > of being run as a mormal user.
> 
> So, why do I get a "Could not connect to wpa_supplicant" error
> with the default configuration?

Because wpa_supplicant is not aware of GROUP=netdev. See my other
post in this thread.

-- 
Brian.

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-15 10:32:58 +0100, Brian wrote:
> On Wed 15 Jun 2022 at 11:16:40 +0200, Vincent Lefevre wrote:
> > The OP wanted an X11 app, while iwlist and nmcli are just command-line
> > utilities (though one may want to write a script to show information
> > in an X11 app, a text terminal or something else?). But my remark was
> > mainly: the iwlist and nmcli utilities can get the information as a
> > normal user, so there is a major limitation in wpa_gui and wpa_cli.
> 
> This limitation does not exist. wpa_gui and wpa_cli are both capable
> of being run as a mormal user.

So, why do I get a "Could not connect to wpa_supplicant" error
with the default configuration?

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-15 09:43:50 +0300, Reco wrote:
>   Hi.
> 
> On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote:
> > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > No issues with iwlist and nmcli.
> > > 
> > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > when run as root.
> > 
> > For security reasons, I don't want to run them as root.
> 
> First example they provide in wpa_supplicant.conf(5) shows the way to
> use wpa_cli sensibly without being root.
> One just needs to define a group for wpa_supplicant's control socket, like 
> this:
> 
> ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev

This is either overkill (with a security risk, e.g. if this can allow
the user to become root), or Debian should have done that by default.

> Add a user to a netdev group and you're set.

I'm already in the netdev group (this was done automatically at Debian
installation time).

> > The iwlist and nmcli utilities don't need root to work correctly.
> 
> I don't know about iwlist, but nmcli uses dbus to communicate with
> NetworkManager. From the security standpoint, such approach clearly
> loses to the simple unix socket communication restricted by natural
> POSIX permissions.

Actually, that's iwconfig that gives interesting information, such
as the current ESSID, and it doesn't need to be run as root either.
According to strace, it uses a socket and various SIOCGIW* ioctl
calls, e.g. SIOCGIWESSID. I suppose that this is a bit like

http://papermint-designs.com/dmo-blog/2016-08-how-to-get-the-essid-of-the-wifi-network-you-are-connected-to-

(the author also used strace on iwconfig to find the method).

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Brian]

On Wed 15 Jun 2022 at 11:16:40 +0200, Vincent Lefevre wrote:

> On 2022-06-15 00:19:54 -0500, David Wright wrote:
> > On Wed 15 Jun 2022 at 03:30:53 (+0200), Vincent Lefevre wrote:
> > > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > > No issues with iwlist and nmcli.
> > > > 
> > > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > > when run as root.
> > > 
> > > For security reasons, I don't want to run them as root.
> > 
> > Then don't run them? You can put  wpa_cli status  into sudoers
> > so that it will only run with that command.
> > 
> > > The iwlist and nmcli utilities don't need root to work correctly.
> > 
> > Run them then?
> 
> The OP wanted an X11 app, while iwlist and nmcli are just command-line
> utilities (though one may want to write a script to show information
> in an X11 app, a text terminal or something else?). But my remark was
> mainly: the iwlist and nmcli utilities can get the information as a
> normal user, so there is a major limitation in wpa_gui and wpa_cli.

This limitation does not exist. wpa_gui and wpa_cli are both capable
of being run as a mormal user.

-- 
Brian.

Re: which X11 app can show wifi info

[Brian]

On Wed 15 Jun 2022 at 09:43:50 +0300, Reco wrote:

>   Hi.
> 
> On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote:
> > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > No issues with iwlist and nmcli.
> > > 
> > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > when run as root.
> > 
> > For security reasons, I don't want to run them as root.
> 
> First example they provide in wpa_supplicant.conf(5) shows the way to
> use wpa_cli sensibly without being root.

The wpasupplicant documentation also provides a useful README.Debian.

> One just needs to define a group for wpa_supplicant's control socket, like 
> this:
> 
> ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
> 
> Add a user to a netdev group and you're set.

That is the first step but is not quite sufficient. The supplicant
needs to be made aware that the user is in the netdev group. Un my
/e/n/i:

  # The id_str.
  iface home inet dhcp

  # The id_str. 
  # iface home inet static
  #  address 192.168.7.55/24
  #  gateway 192.168.7.1

  allow-hotplug wlx74ea3a93adab
iface wlx74ea3a93adab inet manual
wpa-roam /etc/wpa_supplicant/wpasupplicant.conf

In /etc/wpa_supplicant/wpasupplicant.conf:

  ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev

  network={
  ssid="MI5_Listening_Station_#666"
  psk="Secure"
  proto=WPA
  id_str="home"
  } 
  
> > The iwlist and nmcli utilities don't need root to work correctly.
> 
> I don't know about iwlist, but nmcli uses dbus to communicate with
> NetworkManager. From the security standpoint, such approach clearly
> loses to the simple unix socket communication restricted by natural
> POSIX permissions.

The wpa_supplicant daemon runs with dbus capability.

-- 
Brian.

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-15 00:19:54 -0500, David Wright wrote:
> On Wed 15 Jun 2022 at 03:30:53 (+0200), Vincent Lefevre wrote:
> > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > No issues with iwlist and nmcli.
> > > 
> > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > when run as root.
> > 
> > For security reasons, I don't want to run them as root.
> 
> Then don't run them? You can put  wpa_cli status  into sudoers
> so that it will only run with that command.
> 
> > The iwlist and nmcli utilities don't need root to work correctly.
> 
> Run them then?

The OP wanted an X11 app, while iwlist and nmcli are just command-line
utilities (though one may want to write a script to show information
in an X11 app, a text terminal or something else?). But my remark was
mainly: the iwlist and nmcli utilities can get the information as a
normal user, so there is a major limitation in wpa_gui and wpa_cli.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Reco]

Hi.

On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote:
> On 2022-06-14 15:43:40 +0100, Brian wrote:
> > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > No issues with iwlist and nmcli.
> > 
> > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > when run as root.
> 
> For security reasons, I don't want to run them as root.

First example they provide in wpa_supplicant.conf(5) shows the way to
use wpa_cli sensibly without being root.
One just needs to define a group for wpa_supplicant's control socket, like this:

ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev

Add a user to a netdev group and you're set.

> The iwlist and nmcli utilities don't need root to work correctly.

I don't know about iwlist, but nmcli uses dbus to communicate with
NetworkManager. From the security standpoint, such approach clearly
loses to the simple unix socket communication restricted by natural
POSIX permissions.

Reco

Re: which X11 app can show wifi info

[David Wright]

On Wed 15 Jun 2022 at 03:30:53 (+0200), Vincent Lefevre wrote:
> On 2022-06-14 15:43:40 +0100, Brian wrote:
> > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > No issues with iwlist and nmcli.
> > 
> > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > when run as root.
> 
> For security reasons, I don't want to run them as root.

Then don't run them? You can put  wpa_cli status  into sudoers
so that it will only run with that command.

> The iwlist and nmcli utilities don't need root to work correctly.

Run them then? I wasn't aware that iwlist would tell the OP
which AP is the connected one.

I presume nmcli is something to do with NetworkManager, which
I've never installed. But, as I wrote earlier, "I would have
thought that the program by which you connect would be able
to show you all the information it, by definition, knows about
the connection that it set up."

For most machines, I now use iwd, like Celejar.

Cheers,
David.

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-14 15:43:40 +0100, Brian wrote:
> On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > No issues with iwlist and nmcli.
> 
> /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> when run as root.

For security reasons, I don't want to run them as root.
The iwlist and nmcli utilities don't need root to work correctly.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Brian]

On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:

> On 2022-06-11 19:10:09 +0800, lou wrote:
> > On 6/11/22 7:00 PM, Brian wrote:
> > > 
> > > You are associating with a wireless access point. You must be using
> > > wpasupplicant. Have you tried installing wpagui?
> > 
> > Thanks, wpagui seems to work for me.
> 
> wpagui doesn't work at all for me. It doesn't show any adapter.
> But wpa_cli doesn't work either:
> 
> Could not connect to wpa_supplicant: (nil) - re-trying
> 
> while "systemctl status wpa_supplicant.service" says that the service
> is running.
> 
> No issues with iwlist and nmcli.

/usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
when run as root.

-- 
Brian.

Re: which X11 app can show wifi info

[Vincent Lefevre]

On 2022-06-11 19:10:09 +0800, lou wrote:
> On 6/11/22 7:00 PM, Brian wrote:
> > 
> > You are associating with a wireless access point. You must be using
> > wpasupplicant. Have you tried installing wpagui?
> 
> Thanks, wpagui seems to work for me.

wpagui doesn't work at all for me. It doesn't show any adapter.
But wpa_cli doesn't work either:

Could not connect to wpa_supplicant: (nil) - re-trying

while "systemctl status wpa_supplicant.service" says that the service
is running.

No issues with iwlist and nmcli.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: which X11 app can show wifi info

[Celejar]

On Sat, 11 Jun 2022 12:00:35 +0100
Brian  wrote:

> On Sat 11 Jun 2022 at 18:08:24 +0800, lou wrote:
> 
> > On 6/11/22 4:57 PM, Brian wrote:
> > 
> > > You may want wpagui, a graphical frontend for wpasupplicant.
> > 
> > > Use of Qt apps does not involve installing KDE.
> > 
> > 
> > Thanks, but i use ifup/ifdown (not wpasupplicant) to manage network
> > connection.
> 
> You are associating with a wireless access point. You must be using
> wpasupplicant. Have you tried installing wpagui?

JFTR, wpasupplicant is no longer required for WiFi - I use iwd.

-- 
Celejar

Re: which X11 app can show wifi info

[lou]

Thank David Wright!

"wpa_cli status" is handy for me

Re: which X11 app can show wifi info

[lou]

On 6/11/22 7:00 PM, Brian wrote:


You are associating with a wireless access point. You must be using
wpasupplicant. Have you tried installing wpagui?



Thanks, wpagui seems to work for me.

Re: which X11 app can show wifi info

[Brian]

On Sat 11 Jun 2022 at 18:08:24 +0800, lou wrote:

> On 6/11/22 4:57 PM, Brian wrote:
> 
> > You may want wpagui, a graphical frontend for wpasupplicant.
> 
> > Use of Qt apps does not involve installing KDE.
> 
> 
> Thanks, but i use ifup/ifdown (not wpasupplicant) to manage network
> connection.

You are associating with a wireless access point. You must be using
wpasupplicant. Have you tried installing wpagui?

-- 
Brian.

Re: which X11 app can show wifi info

[lou]

On 6/11/22 4:57 PM, Brian wrote:


You may want wpagui, a graphical frontend for wpasupplicant.



Use of Qt apps does not involve installing KDE.



Thanks, but i use ifup/ifdown (not wpasupplicant) to manage network 
connection.

Re: which X11 app can show wifi info

[Brian]

On Fri 10 Jun 2022 at 08:05:12 +0800, lou wrote:

> i want a small app that show wifi info, including  connected network name
> (wpa-ssid)

You may want wpagui, a graphical frontend for wpasupplicant.
 
> hopefully it doesn't depend on qt as i don't use kde ( i use twm for buster)

Use of Qt apps does not involve installing KDE.

-- 
Brian.

Re: which X11 app can show wifi info

[David Wright]

On Fri 10 Jun 2022 at 22:02:11 (-0400), a wrote:
> Sorry, David Wright, i receive your mail late because mail provider
> blocks or deletes your mail without informing me
> 
> i use ifup/ifdown to manage wifi connection

That suggest that wpa_supplicant is actually managing the connection.

> i prefer small app for X Window

I don't know of an app to do that. This command should tell you
what you need to know:

# wpa_cli status

That shoud give you the SSID, the MACs at each end, and so on.

> i might  be unable to receive your future mail
> 
> reply to list so that i might use list archives to read your reply

All my posts go solely to the list.

Cheers,
David.

Re: which X11 app can show wifi info

[a]

Sorry, David Wright, i receive your mail late because mail provider 
blocks or deletes your mail without informing me


i use ifup/ifdown to manage wifi connection

i prefer small app for X Window

i might  be unable to receive your future mail

reply to list so that i might use list archives to read your reply

Re: which X11 app can show wifi info

[Eric S Fraga]

On Friday, 10 Jun 2022 at 06:33, a wrote:
> nm-applet seems to be part of gnome

I guess it does; I never checked as it runs fine with stumpwm but I
probably have gnome dependencies installed.  Sorry for the noise.

-- 
Eric S Fraga via gnus (Emacs 29.0.50 2022-06-07) on Debian 11.3

Re: which X11 app can show wifi info

[a]

On 6/10/22 5:49 AM, Eric S Fraga wrote:

On Friday, 10 Jun 2022 at 08:05, lou wrote:

i want a small app that show wifi info, including  connected network
name (wpa-ssid)

nm-applet works for me.  It doesn't show the network explicitly unless
you hover the mouse over the little icon so I don't know if this would
suit your needs.



Thanks!
nm-applet seems to be part of gnome
it doesn't work for me

Re: which X11 app can show wifi info

[Eric S Fraga]

On Friday, 10 Jun 2022 at 08:05, lou wrote:
> i want a small app that show wifi info, including  connected network
> name (wpa-ssid)

nm-applet works for me.  It doesn't show the network explicitly unless
you hover the mouse over the little icon so I don't know if this would
suit your needs.

-- 
Eric S Fraga via gnus (Emacs 29.0.50 2022-06-07) on Debian 11.3

Re: which X11 app can show wifi info

[lou]

On 6/10/22 4:12 PM, Stanislav Vlasov wrote:

пт, 10 июн. 2022 г. в 05:12, lou :

i want a small app that show wifi info, including  connected network
name (wpa-ssid)

You may try gkrellm with gkrellmwireless plugin
I don't use it some years, so it may be wrong answer.


hopefully it doesn't depend on qt as i don't use kde ( i use twm for buster)

It is DE-independed.



Thanks!

i try "gkrellm --plugin /usr/lib/gkrellm2/wireless.so"

it doesn't work as i have hoped for

Re: which X11 app can show wifi info

[Stanislav Vlasov]

пт, 10 июн. 2022 г. в 05:12, lou :
> i want a small app that show wifi info, including  connected network
> name (wpa-ssid)

You may try gkrellm with gkrellmwireless plugin
I don't use it some years, so it may be wrong answer.

> hopefully it doesn't depend on qt as i don't use kde ( i use twm for buster)

It is DE-independed.

-- 
Stanislav

Re: which X11 app can show wifi info

[David Wright]

On Fri 10 Jun 2022 at 08:05:12 (+0800), lou wrote:
> i want a small app that show wifi info, including  connected network
> name (wpa-ssid)
> 
> hopefully it doesn't depend on qt as i don't use kde ( i use twm for buster)

I would have thought that the program by which you connect would be
able to show you all the information it, by definition, knows about
the connection that it set up. For example, with iwd:

$ systemctl status iwd.service 
● iwd.service - Wireless service
 Loaded: loaded (/etc/systemd/system/iwd.service; enabled; vendor preset: 
enabled)
 Active: active (running) since Thu 2022-06-09 18:17:35 CDT; 3h 11min ago
   Main PID: 520 (iwd)
  Tasks: 1 (limit: 19018)
 Memory: 1.9M
CPU: 742ms
 CGroup: /system.slice/iwd.service
 └─520 /usr/libexec/iwd -d

Jun 09 21:28:18 ahost iwd[520]: src/scan.c:scan_notify() Scan notification New 
Scan Results(34)
Jun 09 21:28:18 ahost iwd[520]: src/netdev.c:netdev_link_notify() event 16 on 
ifindex 3
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_callback() get_scan_callback
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_callback() get_scan_callback
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_callback() get_scan_callback
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_callback() get_scan_callback
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_callback() get_scan_callback
Jun 09 21:28:18 ahost iwd[520]: src/scan.c:get_scan_done() get_scan_done
Jun 09 21:28:18 ahost iwd[520]: src/station.c:station_roam_failed() 3
Jun 09 21:28:18 ahost iwd[520]: src/wiphy.c:wiphy_radio_work_done() Work item 
224 done
$ 

$ iwctl station wlan0 show
 Station: wlan0

  Settable  PropertyValue  

Scanningno
State   connected
Connected network   Cascade5G  
ConnectedBss33:55:77:99:bb:dd   
Frequency   5765
SecurityWPA2-Personal   
RSSI-70  dBm
AverageRSSI -70  dBm
RxMode  802.11n 
RxMCS   11  
TxMode  802.11n 
TxMCS   12  
TxBitrate   18   Kbit/s
RxBitrate   108000   Kbit/s

$ 

Is that the sort of information you want?

Cheers,
David.

which X11 app can show wifi info

[lou]

i want a small app that show wifi info, including  connected network 
name (wpa-ssid)


hopefully it doesn't depend on qt as i don't use kde ( i use twm for buster)

Thanks!

for info: Sid ssh 8.8p1 may break some Java client like Rundeck

[Patrice Duroux]

Hi,

After upgrading the openssh-server to 8.8p1 has broken a client instance of
Rundeck (3.4.4) that runs some SSH commands. Downgrading to 8.7p1 using
Debian Snapshots solved this.
Don't know if there is a «better» way to notify users about this.

Thanks!
Patrice

Bug#694068: Info received (wireless fail after stretch^H^H^H^H^H^H^Hbuster^H^H^H^H^H^Hbullseye installation)

[Debian Bug Tracking System]

Thank you for the additional information you have supplied regarding
this Bug report.

This is an automatically generated reply to let you know your message
has been received.

Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due course.

Your message has been sent to the package maintainer(s):
 Debian Install System Team 

If you wish to submit further information on this problem, please
send it to 694...@bugs.debian.org.

Please do not send mail to ow...@bugs.debian.org unless you wish
to report a problem with the Bug-tracking system.

-- 
694068: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694068
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Re: where to find wifi card info in linux-doc

[David Wright]

On Mon 29 Nov 2021 at 01:50:24 (-0500), lou wrote:
> 
> Thank David, you have better memory than i
> 
> my memory is poor because of insomnia

Extracted from the Guix Reference Manual:

§ 3.2 Hardware Considerations

GNU Guix focuses on respecting the user’s computing freedom. It builds
around the kernel Linux-libre, which means that only hardware for
which free software drivers and firmware exist is supported. Nowadays,
a wide range of off-the-shelf hardware is supported on
GNU/Linux-libre—from keyboards to graphics cards to scanners and
Ethernet controllers.  Unfortunately, there are still areas where
hardware vendors deny users control over their own computing, and such
hardware is not supported on Guix System.

   One of the main areas where free drivers or firmware are lacking is
WiFi devices. WiFi devices known to work include those using Atheros
chips (AR9271 and AR7010), which corresponds to the ath9k Linux-libre
driver, and those using Broadcom/AirForce chips (BCM43xx with
Wireless-Core Revision 5), which corresponds to the b43-open
Linux-libre driver. Free firmware exists for both and is available
out-of-the-box on Guix System, as part of %base-firmware (see Section
10.2 [operating-system Reference], page 193).

   The Free Software Foundation (https://www.fsf.org/) runs Respects
Your Freedom (https://www.fsf.org/ryf) (RYF), a certification
program for hardware products that respect your freedom and your
privacy and ensure that you have control over your device. We
encourage you to check the list of RYF-certified devices.

   Another useful resource is the H-Node (https://www.h-node.org/)
web site. It contains a catalog of hardware devices with information
about their support in GNU/Linux.

Cheers,
David.

Re: where to find wifi card info in linux-doc

[lou]

Thank David, you have better memory than i

my memory is poor because of insomnia

Re: where to find wifi card info in linux-doc

[David Wright]

On Fri 26 Nov 2021 at 17:03:37 (+0100), Christian Britz wrote:
> Stefan Monnier wrote:
> 
> > AFAICT most of the files in `linux-doc/Documentation`  are compressed,
> > so you'd need to use `zgrep`.
> 
> This actually works recursively with the zgrep command from the zutils
> package, thank you!
> 
> The installation of it throws interesting warnings on testing...
> 
> [...]
> dpkg-divert: warning: diverting file '/bin/zgrep' from an Essential
> package with rename is dangerous, use --no-rename
> dpkg-divert: warning: diverting file '/usr/share/man/man1/zgrep.1.gz'
> from an Essential package with rename is dangerous, use --no-rename
> [...]

You see this merely because a file like /bin/zgrep is essential, but
it's going to be renamed to /bin/zgrep.gzip so that the zutils version
can replace it. Without the diversion, zutils would violate the rule
that the same file can't be installed from more than one package.

It's exceptional enough for you to be warned that it's happening,
but particularly because the default behaviour will be changing
at some point. Anyway, it's expected behaviour.

Cheers,
David.

Re: where to find wifi card info in linux-doc

[David Wright]

On Sun 28 Nov 2021 at 21:43:04 (-0500), lou wrote:
> Thank David!
> 
> i want info about wifi adapters supported by kernel without using
> non-free firmware.
> 
> i haven't been able to find such info in linux-doc
> 
> yes, search for such info isn't easy, i give up
> 
> many web pages have stories of linux users' success with wifi adapter
> but they might use non-free firmware

On Debian, perhaps start at
https://wiki.debian.org/WiFi

You might also look at the Guix website as I don't think they
support non-free firmware at all.

> BTW both opensuse and fedora include non-free firmware in their
> official images
> 
> they r so serious about open source that they don't include mp3 player
> (you have to use 3rd party repositories)
> 
> i think debian shall re-consider its policy on non-free firmware

You brought this up in October. Please reread the thread.

Cheers,
David.

Re: where to find wifi card info in linux-doc

[lou]

Thank David!

i want info about wifi adapters supported by kernel without using 
non-free firmware.


i haven't been able to find such info in linux-doc

yes, search for such info isn't easy, i give up

many web pages have stories of linux users' success with wifi adapter

but they might use non-free firmware

BTW both opensuse and fedora include non-free firmware in their official 
images


they r so serious about open source that they don't include mp3 player 
(you have to use 3rd party repositories)


i think debian shall re-consider its policy on non-free firmware

Re: where to find wifi card info in linux-doc

[David Wright]

On Fri 26 Nov 2021 at 21:12:25 (-0500), lou wrote:
> 
> On 11/26/21 11:08 AM, Christian Britz wrote:
> > Christian Britz wrote:
> > > This actually works recursively with the zgrep command from the zutils
> > > package, thank you!
> > And still it doesn't find the file mentioned by deloptes, amazing! :-D
> 
> Thanks to all that reply!
> 
> WUSB-Design-overview.txt is available in linux doc 4.9, not in 5.10

If it /were/ available, is that what you're after (judging from the
contents of 4.9)? Your original question was about wifi cards, then
corrected to adapters. Generally, the kernel docs deal with chipsets,
and are fairly uninterested in which hardware they are embedded.

This can be frustrating when you want to purchase a suitable device,
as even the same model name (on the box) can have different chipsets
inside from one instance to another, particularly with cheap ones.

So it might help to clarify from which viewpoint you seek the info,
and any particular cards/adapters/chipsets involved.

Cheers,
David.

Re: where to find wifi card info in linux-doc

[lou]

On 11/26/21 11:08 AM, Christian Britz wrote:

Christian Britz wrote:

This actually works recursively with the zgrep command from the zutils
package, thank you!

And still it doesn't find the file mentioned by deloptes, amazing! :-D




Thanks to all that reply!

WUSB-Design-overview.txt is available in linux doc 4.9, not in 5.10

Re: where to find wifi card info in linux-doc

[Christian Britz]

Christian Britz wrote:
> This actually works recursively with the zgrep command from the zutils
> package, thank you!

And still it doesn't find the file mentioned by deloptes, amazing! :-D

Re: where to find wifi card info in linux-doc

[Christian Britz]

(Sorry for replying to the personal adress first...)

Stefan Monnier wrote:

> AFAICT most of the files in `linux-doc/Documentation`  are compressed,
> so you'd need to use `zgrep`.

This actually works recursively with the zgrep command from the zutils
package, thank you!

The installation of it throws interesting warnings on testing...

[...]
dpkg-divert: warning: diverting file '/bin/zgrep' from an Essential
package with rename is dangerous, use --no-rename
dpkg-divert: warning: diverting file '/usr/share/man/man1/zgrep.1.gz'
from an Essential package with rename is dangerous, use --no-rename
[...]

Re: where to find wifi card info in linux-doc

[deloptes]

Christian Britz wrote:


>> I think you are looking for usb/WUSB-Design-overview.txt which I found
>> with
>> 
>> grep -r -i wireless usb/
> 
> How did you do this exactly? I installed package linux-dox like lou and
> issued grep -i -r wireless /usr/share/doc/linux-doc/Documentation/ ,
> without any results.

It is always better to use the original source
cd linux-4.19.190/Documentation
grep -r -i wireless .

sorry for not mentioning that and I wonder how it is possible that the
Documentation directory has different content
and notice -i wireless (means ignore case for wireless) , while -r is to do
recursive grep

-- 
FCD6 3719 0FFB F1BF 38EA 4727 5348 5F1F DCFE BCB0

Re: where to find wifi card info in linux-doc

[Christian Britz]

On 26.11.21 at 09:56 deloptes wrote:
> lou wrote:
> 
>> sorry, i use wrong word
>>
>> i mean wifi adapter, not wifi card
>>
>> in Chinese, it's called wireless card, though it's really USB wifi adapter
> 
> I think you are looking for usb/WUSB-Design-overview.txt which I found with
> 
> grep -r -i wireless usb/

How did you do this exactly? I installed package linux-dox like lou and
issued grep -i -r wireless /usr/share/doc/linux-doc/Documentation/ ,
without any results.

Re: where to find wifi card info in linux-doc

[Thomas Pircher]

lou wrote:

i want info about wifi cards supported by kernel


The kernel wiki has a good list of supported chips:
https://wireless.wiki.kernel.org/en/users/drivers

Thomas

Re: where to find wifi card info in linux-doc

[deloptes]

lou wrote:

> sorry, i use wrong word
> 
> i mean wifi adapter, not wifi card
> 
> in Chinese, it's called wireless card, though it's really USB wifi adapter

I think you are looking for usb/WUSB-Design-overview.txt which I found with

grep -r -i wireless usb/

otherwise

grep -r -i wireless .

points to different aspects ABI, Netowrking, USB drivers etc.


-- 
FCD6 3719 0FFB F1BF 38EA 4727 5348 5F1F DCFE BCB0

Re: where to find wifi card info in linux-doc

[lou]

sorry, i use wrong word

i mean wifi adapter, not wifi card

in Chinese, it's called wireless card, though it's really USB wifi adapter

where to find wifi card info in linux-doc

[lou]

i've installed linux-doc for bullseye

 i browse /usr/share/doc/linux-doc, but can't find info about wifi card

i want info about wifi cards supported by kernel

Thanks!

Fw: [caliu-info] Recordatori pel DLP

[Joan]

Començament del missatge reenviat:

Data: Thu, 16 Sep 2021 10:47:07 +
Des de: "Rafael Carreras" (via caliu-info Mailing List)
 A: caliu-info
 Títol: [caliu-info] Recordatori pel DLP


Bon dia Caliu.

Aquest és un recordatori del Dia de la Llibertat del Programari que
celebrarem dissabte.

https://gitlab.com/caliu-cat/esdeveniments/-/wikis/Dia-de-la-Llibertat-del-Programari-2021

Ens hi veiem!
Salut!

Rafael Carreras
https://mastodont.cat/@rcarreras
[https://mastodont.cat/@caliu](https://mastodont.cat/@rcarreras)

-- 
Joan Cervan i Andreu
http://personal.calbasi.net

"El meu paper no és transformar el món ni l'home sinó, potser, el de
ser útil, des del meu lloc, als pocs valors sense els quals un món no
val la pena viure'l" A. Camus

i pels que teniu fe:
"Déu no és la Veritat, la Veritat és Déu"
Gandhi

"Donar exemple no és la principal manera de influir sobre els altres;
es la única manera" Albert Einstein

“Lluitarem contra el fort mentre siguem febles i contra nosaltres
mateixos quan siguem forts” Lluís Maria Xirinacs
Bon dia Caliu.Aquest és un recordatori del Dia de la Llibertat del Programari que celebrarem dissabte.https://gitlab.com/caliu-cat/esdeveniments/-/wikis/Dia-de-la-Llibertat-del-Programari-2021Ens hi veiem!Salut!Rafael Carrerashttps://mastodont.cat/@rcarrerashttps://mastodont.cat/@caliu
---
To unsubscribe: <mailto:caliu-info-unsubscr...@lists.riseup.net>
List help: <https://riseup.net/lists>

Re: [caliu-info] Filmin i Chromium... (i Netflix)

[Joan]

Per acabar-vos de fer 5 cèntims:

- al portàtil puc veure Filmin amb la darrera versió de firefox
  instal·lada via snap:

"sudo snap install firefox
snap run firefox"

I per la raspberry amb Raspberry OS, se m'ha acudit:

a) mirar de fer un pinning al repo de Debian Sid, o Ubuntu, amb
prioritat baixa, només per agafar la darrera versió de Firefox

b) canviar la Raspberry OS per una Manjaro (també podria ser una
Ubuntu), per tenir, llavors si, la darrera versió del software.

-- 
Joan Cervan i Andreu
http://personal.calbasi.net

"El meu paper no és transformar el món ni l'home sinó, potser, el de
ser útil, des del meu lloc, als pocs valors sense els quals un món no
val la pena viure'l" A. Camus

i pels que teniu fe:
"Déu no és la Veritat, la Veritat és Déu"
Gandhi

"Donar exemple no és la principal manera de influir sobre els altres;
es la única manera" Albert Einstein

“Lluitarem contra el fort mentre siguem febles i contra nosaltres
mateixos quan siguem forts” Lluís Maria Xirinacs


El Thu, 9 Sep 2021 07:16:44 +0200
Joan  va escriure:

> Sembla que el problema podria ser del tema dels drets digitals...
> Google ha actualitzat el seu programari Widedine i ha trencat alguna
> cosa a linux:
> 
> https://www.linuxadictos.com/por-si-no-te-habias-enterado-como-yo-la-raspberry-pi-ya-soporta-oficialmente-el-contenido-drm-y-se-acaba-de-romper.html
> 
> Jo de moment, en un PC, puc usar el Firefox (a Filmin no, que son molt
> senyors, però a Netflix si). Però a la Raspberry està temporalment
> trencat, el tema.
> 



-- 
Joan Cervan i Andreu
http://personal.calbasi.net

"El meu paper no és transformar el món ni l'home sinó, potser, el de
ser útil, des del meu lloc, als pocs valors sense els quals un món no
val la pena viure'l" A. Camus

i pels que teniu fe:
"Déu no és la Veritat, la Veritat és Déu"
Gandhi

"Donar exemple no és la principal manera de influir sobre els altres;
es la única manera" Albert Einstein

“Lluitarem contra el fort mentre siguem febles i contra nosaltres
mateixos quan siguem forts” Lluís Maria Xirinacs

Re: [caliu-info] Filmin i Chromium... (i Netflix)

[Joan]

Sembla que el problema podria ser del tema dels drets digitals...
Google ha actualitzat el seu programari Widedine i ha trencat alguna
cosa a linux:

https://www.linuxadictos.com/por-si-no-te-habias-enterado-como-yo-la-raspberry-pi-ya-soporta-oficialmente-el-contenido-drm-y-se-acaba-de-romper.html

Jo de moment, en un PC, puc usar el Firefox (a Filmin no, que son molt
senyors, però a Netflix si). Però a la Raspberry està temporalment
trencat, el tema.

-- 
Joan Cervan i Andreu
http://personal.calbasi.net

"El meu paper no és transformar el món ni l'home sinó, potser, el de
ser útil, des del meu lloc, als pocs valors sense els quals un món no
val la pena viure'l" A. Camus

i pels que teniu fe:
"Déu no és la Veritat, la Veritat és Déu"
Gandhi

"Donar exemple no és la principal manera de influir sobre els altres;
es la única manera" Albert Einstein

“Lluitarem contra el fort mentre siguem febles i contra nosaltres
mateixos quan siguem forts” Lluís Maria Xirinacs


El Thu, 9 Sep 2021 00:10:36 +0200
jam  va escriure:

> On 9/7/21 8:57 PM, Joan wrote:
> > Es veu que només suporten Chrome > 91.  
> 
> També m'interessa el tema de Filmin, entenc que Chromium també
> funcionarà?
> 
> Vagi bé,
> 
> Julio
> 
> 
> 
> >
> > Pd.: m'han recomanat que em compri una Chromecast :-(
> >
> >
> > ---
> > To unsubscribe: <mailto:caliu-info-unsubscr...@lists.riseup.net>
> > List help: <https://riseup.net/lists>  



-- 
Joan Cervan i Andreu
http://personal.calbasi.net

"El meu paper no és transformar el món ni l'home sinó, potser, el de
ser útil, des del meu lloc, als pocs valors sense els quals un món no
val la pena viure'l" A. Camus

i pels que teniu fe:
"Déu no és la Veritat, la Veritat és Déu"
Gandhi

"Donar exemple no és la principal manera de influir sobre els altres;
es la única manera" Albert Einstein

“Lluitarem contra el fort mentre siguem febles i contra nosaltres
mateixos quan siguem forts” Lluís Maria Xirinacs

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Marco Möller]

On 05.08.21 00:01, Andrew M.A. Cater wrote:

debian-user is a mailing list provided for support for Debian users,
and to facilitate discussion on relevant topics.

Some guidelines which may help explain how the list works:

* The language on this mailing list is English. There may be other mailing
   lists that are language-specific for example debian-user-french

* It is common for users to be redirected here from other lists - for example,
   from debian-project. It is also common for people to be posting here when
   English is not their primary language. Please be considerate.

* The list is a Debian communication forum. As such, it is subject to both
   the Debian mailing list Code of Conduct and the main Debian Code of Conduct

  https://www.debian.org/MailingLists/#codeofconduct
  https://www.debian.org/code_of_conduct

* This is a fairly busy mailing list and you may have to wait for an
   answer - please be patient. Please post answers back to the list so
   others can benefit; private conversations don't benefit people who
   may be following along on the list or reading the archives later.

* Help and advice on this list is provided by volunteers in their own time.
   It is common for there to be different opinions or answers provided.

  * Please try to stay on topic. Arguments for the sake of it are not
welcome here. Partisan political / religious / cultural arguments
do not belong here either. Debian's community is world wide; don't
assume others will agree with your views or need to read them on a
Debian list.


Just that it really becomes as clear as possible, maybe add or merge 
right here with the same indent as the last above cited paragraph more 
advise with words which are similarly mentioned elsewhere but also would 
be of benefit to the mailing list(s):


* Be respectful and polite. If you write in an unpleasant manner, 
people won't feel motivated to work with you. Don't feel attacked by 
criticizing words, seriously consider the possibility that you haven't 
been attacked and instead got suggested a correction. Also consider that 
disagreement might not have to be discussed and might not help to solve 
the technical issue treated in the thread. If you feel attacked then be 
the better person and ignore it - instead of feeding conflict. Convince 
people with results, rather than words.




Always stay in good spirits!
Marco

PS: above words are partly based on statements extracted from
https://forums.debian.net/viewtopic.php?f=20=149781
https://people.debian.org/~enrico/dcg/
My English or wording might need to be improved!

Re: debian-user list info and guidelines (FAQ) - posted monthly

[tomas]

On Fri, Aug 06, 2021 at 06:57:11PM -0400, Polyna-Maude Racicot-Summerside wrote:
> Hi,
> 
> On 2021-08-06 4:24 p.m., Jonathan Dowland wrote:
> > On Fri, Aug 06, 2021 at 12:25:52PM -0400, Polyna-Maude
> > Racicot-Summerside wrote:
> >> Actually, the message you sent would have been sent only to yourself in
> >> the reply if I wouldn't have took the time to add the mailing list as CC.
> > 
> > OK, let's explore why.
> > 
> > According to your User-Agent header, you are using the MUA Thunderbird.
> > 
> > According to the description you just wrote about the behaviour of
> > replying, it would NOT have replied to the list, but directly to Tomas.

:-)

(but see below)

> The "reply list" button was exactly in my face.
> Just discovered it's existence.
> 
> I'll now use this one.

To be honest I get that wrong from time to time, too (not Thunderbird,
but Mutt, so it's not a button, but a keyboard shortcut, but the
functionalities are roughly equivalent).

Mutt gives me a second chance, because I /see/ the headers the mail
is going to be sent with right there in my edit buffer, but sometimes
fatigue and muscle memory take over.

Alas, and apologies. Nobody's perfect :)

Cheers
 - t


signature.asc
Description: Digital signature

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-06 4:24 p.m., Jonathan Dowland wrote:
> On Fri, Aug 06, 2021 at 12:25:52PM -0400, Polyna-Maude
> Racicot-Summerside wrote:
>> Actually, the message you sent would have been sent only to yourself in
>> the reply if I wouldn't have took the time to add the mailing list as CC.
> 
> OK, let's explore why.
> 
> According to your User-Agent header, you are using the MUA Thunderbird.
> 
> According to the description you just wrote about the behaviour of
> replying, it would NOT have replied to the list, but directly to Tomas.
> 
> That's because you have hit Thunderbird's "Reply" button (or keyboard
> shortcut, or menu entry), which is defined as "reply to sender".
> 
> Thunderbird has a separate "reply to list" function. By default, you can
> see it in the list of actions if you right-click a list mail, or if you
> hit the keys CTRL + Shift + L. I *think* the "Reply all" button that
> normally appears turns into a "reply list" button, when the mail in
> question is a list message.
> 
The "reply list" button was exactly in my face.
Just discovered it's existence.

I'll now use this one.

> You need to be using the separate "reply to list" function to send a
> reply to the correct place.
> 
> In my opinion, it's awkward that there's a separate function and you
> have to remember to use it in some circumstances but not others. That's
> the default behaviour in my chosen MUA too (neomutt). However, I
> reconfigured neomutt so I had a single button to hit that always does
> the right thing. Perhaps, Thunderbird can be similarly configured to be
> more convenient in this regard. I don't know.
> 
> There's one more caveat worth mentioning here, and it's to do with mail
> server stuff, rather than client. In some circumstances, such as when
I need to take some time to configure my own mail server as I'm now
using one rented on shared hosting.

I need a week-end off to do so. Been planning this for the last month.

But I'll probably use something like procmail and fetchmail, or another
list of similar tools.

I have one message where user on the list gave me pretty good hints on
how to get something functional.
But this take time to setup.

> somebody hits "reply all" or CCs you on a mail you get via a list
> anyway, you can get two copies of the mail. Since only one copy came via
> the list, only one copy has the List-* headers, and so Thunderbird's
> "reply to list" function will only work for the list copy. Worse, some
> mail server back-ends (for example Gmail, Exchange) de-duplicated copies
> of mail. Therefore, the one copy you might have (despite having been
> sent two) may not be the list copy either. If that affects you, all I
> can suggest is looking for a better mail provider. But, we can all help
> each other by not CCing people when replying to them on-list. Which is
> why I have that in my mail signature.
> 
> 
Thanks

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Thomas Schmitt]

Hi,

Brian wrote:
> Have I missed out? Is there a mind reading package in Debian 11.

  apt-file search telepathy | wc -l

reports thousands of occurences.


Have a nice day :)

Thomas

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Jonathan Dowland]

On Fri, Aug 06, 2021 at 12:25:52PM -0400, Polyna-Maude Racicot-Summerside wrote:

Actually, the message you sent would have been sent only to yourself in
the reply if I wouldn't have took the time to add the mailing list as CC.


OK, let's explore why.

According to your User-Agent header, you are using the MUA Thunderbird.

According to the description you just wrote about the behaviour of
replying, it would NOT have replied to the list, but directly to Tomas.

That's because you have hit Thunderbird's "Reply" button (or keyboard
shortcut, or menu entry), which is defined as "reply to sender".

Thunderbird has a separate "reply to list" function. By default, you can
see it in the list of actions if you right-click a list mail, or if you
hit the keys CTRL + Shift + L. I *think* the "Reply all" button that
normally appears turns into a "reply list" button, when the mail in
question is a list message.

You need to be using the separate "reply to list" function to send a
reply to the correct place.

In my opinion, it's awkward that there's a separate function and you
have to remember to use it in some circumstances but not others. That's
the default behaviour in my chosen MUA too (neomutt). However, I
reconfigured neomutt so I had a single button to hit that always does
the right thing. Perhaps, Thunderbird can be similarly configured to be
more convenient in this regard. I don't know.

There's one more caveat worth mentioning here, and it's to do with mail
server stuff, rather than client. In some circumstances, such as when
somebody hits "reply all" or CCs you on a mail you get via a list
anyway, you can get two copies of the mail. Since only one copy came via
the list, only one copy has the List-* headers, and so Thunderbird's
"reply to list" function will only work for the list copy. Worse, some
mail server back-ends (for example Gmail, Exchange) de-duplicated copies
of mail. Therefore, the one copy you might have (despite having been
sent two) may not be the list copy either. If that affects you, all I
can suggest is looking for a better mail provider. But, we can all help
each other by not CCing people when replying to them on-list. Which is
why I have that in my mail signature.


--
Please do not CC me for listmail.

  Jonathan Dowland
✎j...@debian.org
   https://jmtd.net

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Jonathan Dowland]

On Fri, Aug 06, 2021 at 12:39:59PM -0400, Polyna-Maude Racicot-Summerside wrote:

No it's not the opposite problem.
If the list become moderated or at least controlled in some way then it
would prevent outsider (people not registered on the mailing list) from
send mail onto the list.


Except, we do control the list, by banning people. Banned people cannot
send mail to the list.


Now even if you ban someone, it just need that they create another
address and send a message for it to appear on the list.


Yes that is true. But it is not what is happening.

What is happening (well, what happened once... I don't know if it's more
common) is that someone who cannot post to the list, got their content
onto the list, by an innocent bystander (you) accidentally quoting their
off-list, private mail, onto the list.
 
Moderating the list would not prevent that, because you would presumably

be subscribed and able to post.  (If by "moderating" you mean "only list
subscribers can post to the list").


Rendering banning pretty much useless for preventing people from writing
stupidity.


Despite the fact that yes, people can circumvent address-based bans, the
current approach is working remarkably effectively, IMHO.

We *do* moderate some Debian lists. I am a volunteer moderator for one
of them (although, I haven't participated in moderation for months.)


--
Please do not CC me for listmail.

  Jonathan Dowland
✎j...@debian.org
   https://jmtd.net

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Brian]

On Fri 06 Aug 2021 at 12:31:01 -0400, Polyna-Maude Racicot-Summerside wrote:

[...]

> If you can read my mind then you'd know that it's not what I was thinking.
> 
> If you can't read my mind, then maybe it's better to keep quiet than to
> say stuff you don't have a damn clue about.

Have I missed out? Is there a mind reading package in Debian 11.

> On my dumb GUI mail client, I don't see the whole header unless I do ask
> to do so.
> 
> I didn't see no where something saying that it was needed to use a
> specific mail client or take the time to interpret the headers.
> 
> So I'll go with a hint.
> 
> If someone bothers you, then simply use the "block" possibility and send
> their mail to the SPAM folder of your mail client.

Ah. An arguing with me is futile advocate.

[...]

> > Of course, a banned person can try to sneak in by cc-ing to the list.
> > A group reply is then all it's needed.
> > 
> > "Apply some judgement" seems, as always, to be the right thing.
> > 
> > Cheers
> >  - t

mutt shows me this is the post you responded to. You made no comment
on it but went off on a tangent.

-- 
Brian.

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-06 9:43 a.m., Jonathan Dowland wrote:
> On Fri, Aug 06, 2021 at 06:54:53AM -0400, Polyna-Maude
> Racicot-Summerside wrote:
>> Maybe this is obvious for you, but for myself, I don't take note of
>> who's "on the list" and "who's not". So if someone reply to me regarding
>> a message that was posted on the list, there's pretty good chance that
>> I'll reply "on the list".
> 
> It's not obvious to me, but I take the time to be careful about replying
> to the right place. I make use of decent mail tools configured properly
> to aid me in this, because to do otherwise is a serious breach of
> netiquette.
> 
> In short: if the mail was delivered from the list, it will have the
> correct List-* headers, and a decent, properly-configured MUA will do
> the right thing.
> 
> If your MUA doesn't help you with this, feel free to ask for advice
> about decent MUAs, right here on this list!
> 
>> This list is "unmoderated" and if better access control is needed then
>> maybe it would be time to change how it works. For example, limiting
>> posting to people registered would be a pretty good idea.
> 
> This is more or less the opposite problem to the one we are discussing,
> namely, people who *cannot* post to the list, who are not doing so.
> Moderation isn't going to make any difference to this case.
> 
No it's not the opposite problem.
If the list become moderated or at least controlled in some way then it
would prevent outsider (people not registered on the mailing list) from
send mail onto the list.

Now even if you ban someone, it just need that they create another
address and send a message for it to appear on the list.

Rendering banning pretty much useless for preventing people from writing
stupidity. And that is mostly the reason for banning people, based on
what they write (preventing people from getting the mailing list send to
them is irrelevant as they'll be able to look on the web).
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-06 8:20 a.m., to...@tuxteam.de wrote:
> On Fri, Aug 06, 2021 at 07:33:04AM -0400, The Wanderer wrote:
>> On 2021-08-06 at 07:28, to...@tuxteam.de wrote:
>>
>>> On Fri, Aug 06, 2021 at 06:54:53AM -0400, Polyna-Maude
>>> Racicot-Summerside wrote:
>>>
 Hi,
>>>
>>> [...]
>>>
 Maybe this is obvious for you, but for myself, I don't take note
 of who's "on the list" and "who's not" [...]
>>>
>>> Easy: if the message comes from the list, reply goes to the list. 
>>> Your MUA should be able to help you with that, if it's worth its 
>>> salt.
>>
>> I get enough accidental direct replies (proportionally speaking, anyway)
>> that I don't consider this practical. There are too many times when a
>> reply that was sent privately *should* have gone via the list, and so
>> the reply to that should go in turn back to the list.
> 
> Definitely. I don't get it perfectly every time, either. I only took
> issue with Polina's stance, which could be read as "it's not even
> worth trying".
> 
If you can read my mind then you'd know that it's not what I was thinking.

If you can't read my mind, then maybe it's better to keep quiet than to
say stuff you don't have a damn clue about.

On my dumb GUI mail client, I don't see the whole header unless I do ask
to do so.

I didn't see no where something saying that it was needed to use a
specific mail client or take the time to interpret the headers.

So I'll go with a hint.

If someone bothers you, then simply use the "block" possibility and send
their mail to the SPAM folder of your mail client.

Like you already said, if it's worth the salt, it will do so.

>> (Which in turn happens because of the whole Reply-To-header argument
>> thing, and everything around it which I don't want to spark off again
>> now...)
> 
> :-)
> 
>> That said, there are definitely times when it's clear whether a direct
>> reply was unintentional vs. not, and outside of special circumstances
>> the ones intentionally sent off-list should be kept that way without
>> mutual agreement.
> 
> Of course, a banned person can try to sneak in by cc-ing to the list.
> A group reply is then all it's needed.
> 
> "Apply some judgement" seems, as always, to be the right thing.
> 
> Cheers
>  - t
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: debian-user list info and guidelines (FAQ) - posted monthly

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-06 7:28 a.m., to...@tuxteam.de wrote:
> On Fri, Aug 06, 2021 at 06:54:53AM -0400, Polyna-Maude Racicot-Summerside 
> wrote:
>> Hi,
> 
> [...]
> 
>> Maybe this is obvious for you, but for myself, I don't take note of
>> who's "on the list" and "who's not" [...]
> 
> Easy: if the message comes from the list, reply goes to the list.
> Your MUA should be able to help you with that, if it's worth its
> salt.
> 
Actually, the message you sent would have been sent only to yourself in
the reply if I wouldn't have took the time to add the mailing list as CC.

> [...]
> 
>> We are far from the percentage of SPAM a usual mailbox may get...
> 
> This is because there are "real people" working hard at it. For free.
> 
> (May I use the opportunity to say a big THANK YOU to them?)
> 
I will also add a big THANK YOU to all of them too, and to all the
fellow user on this mailing list who help out making this community
vibrant. (And much more friendly than other distribution / commercial OS).

> Cheers
>  - t
> 
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature