Re: *Now* what is starting ssh-agent? — SOLVED
On Thu, 28 Jul 2022 14:51:04 -0300 Chris Mitchell wrote: > > On Thu 28 Jul 2022 at 10:35:07 (-0400), Greg Wooledge wrote: > > > Given the order of the processes shown in your session-8, it looks > > > like it might be an XFCE thing. Maybe start there? I can't help > > > you with that, though. > > Fair enough. Thanks for your insight up to this point! Found it! It was indeed very much "an XFCE thing". It's even a documented behaviour, if you know where to look: https://docs.xfce.org/xfce/xfce4-session/advanced#ssh_and_gpg_agents After creating the two xfconf entries per that page: xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled \ -n -t bool -s false xfconf-query -c xfce4-session -p /startup/gpg-agent/enabled \ -n -t bool -s false …and logging out and in again, no more rogue ssh-agent: $ pgrep -a ssh-agent 2903 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket $ systemctl --user status ssh-agent.service ● ssh-agent.service - SSH key agent Loaded: loaded (/etc/xdg/systemd/user/ssh-agent.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2022-07-28 15:15:13 ADT; 14min ago Main PID: 2903 (ssh-agent) Tasks: 1 (limit: 9302) Memory: 560.0K CPU: 5ms CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service └─2903 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket Victory! Thanks again to everybody who offered pointers. And I've added another entry in the list of "helpful" automatic stuff to disable when configuring a new desktop system. I'm starting to seriously consider that I might be happier with just a decent window manager after all. Cheers! -Chris
Re: *Now* what is starting ssh-agent?
On Thu, Jul 28, 2022 at 02:51:04PM -0300, Chris Mitchell wrote: > I don't appear to have a .xsession file at all: > > (Right after a "sudo updatedb") > $ locate .xsession > /home/chris/.xsession-errors > /home/chris/.xsession-errors.old > /home/chris/.xsession-startup-dump It's something you either create, or don't create. People who use startx are practically guaranteed to be the types who would create their own .xsession files. Desktop Environment users who login with a GUI Display Manager tend not to be be the types of people to create a .xsession file, but it's never guaranteed. > Hm. Okay, so now that those xterms are adoptees of PID 1, is there some > way you could discover that the now-deceased parents from which PID 1 > adopted them were instances of xtoolwait, if you didn't already know > that? Not via "ps" or any other standard tools, no. The kernel doesn't track "birth parents" like that. The only way you could figure it out is if something writes that PID in a log file, and you happen to find that log.
Re: *Now* what is starting ssh-agent?
On Thu, 28 Jul 2022 10:08:22 -0500 David Wright wrote: > On Thu 28 Jul 2022 at 10:35:07 (-0400), Greg Wooledge wrote: > I did much the same … > > > My .xsession file contains only this line concerning ssh-agent: > > > > hash ssh-agent 2>/dev/null && eval "$(ssh-agent -s)" I don't appear to have a .xsession file at all: (Right after a "sudo updatedb") $ locate .xsession /home/chris/.xsession-errors /home/chris/.xsession-errors.old /home/chris/.xsession-startup-dump > > Looking for related stuff: > > … > > /etc/X11/Xsession.options:use-ssh-agent > > > > So, I suppose Debian is starting this ssh-agent via its Xsession > > even though I have my own .xsession file which is starting my own > > instance of ssh-agent. > > > > I guess you've already disabled that one...? $ grep ssh-agent /etc/X11/Xsession.options no-use-ssh-agent > > Anyway, your login is completely different from mine (you're using > > lightdm, while I'm using a console login and startx), so you'll > > have to pursue your own investigation from here. > > > > Given the order of the processes shown in your session-8, it looks > > like it might be an XFCE thing. Maybe start there? I can't help > > you with that, though. Fair enough. Thanks for your insight up to this point! > I assume that some process above ssh-agent has died, unintentionally > or otherwise. > > > > Any ideas where I might look next? Anyone know if it's possible > > > to ask systemd what process "externally created" a process in a > > > .scope? > > I'm not sure what you mean by this, unless it's the (wrong) idea that > systemd "injected" the ssh-agent into your scope, evidenced by its > parent being PID 1. My scope is clearly generated merely by logging > in. Everything in it is mine, all mine … … > All the parent/child relationships are as you would expect, except > that each xterm was started by a deceased instance of xtoolwait > (for correct placement) and so are all adoptees of PID 1. Hm. Okay, so now that those xterms are adoptees of PID 1, is there some way you could discover that the now-deceased parents from which PID 1 adopted them were instances of xtoolwait, if you didn't already know that? I'm thinking that if I could get the name of the now-dead process that started the unwanted ssh-agent process and then died and left ssh-agent to be adopted by PID 1, that would likely be a helpful clue. But I'm teetering on the very edge of my comprehension of the system here, and I have no idea whether that piece of information still exists once said parent process has died, or how to retrieve it if so. > I'd like to see the contents of $STARTUP before it's exec'd by > /etc/X11/Xsession.d/99x11-common_start, because that's what > actually does the business. Right before the exec statement in that file, I've added the line: echo "$STARTUP" >> ~/.xsession-startup-dump After logging out and back in, that .xsession-startup-dump file contains one line: x-session-manager /usr/bin/x-session-manager is a link (via /etc/alternatives) to /usr/bin/startxfce4 Cheers! -Chris
Re: *Now* what is starting ssh-agent?
On Thu 28 Jul 2022 at 10:35:07 (-0400), Greg Wooledge wrote: > On Thu, Jul 28, 2022 at 10:34:50AM -0300, Chris Mitchell wrote: > > From the output of systemd-cgls I see that the rogue ssh-agent process > > is part of the .scope CGroup corresponding to my X login session. > > > > # systemctl status session-8.scope > > ● session-8.scope - Session 8 of User chris > > Loaded: loaded (/run/systemd/transient/session-8.scope; transient) > > Transient: yes > > Active: active (running) since Thu 2022-07-28 08:59:48 ADT; 25min > > ago Tasks: 254 > > Memory: 957.6M > > CPU: 2min 5.903s > > CGroup: /user.slice/user-1000.slice/session-8.scope > > ├─ 7588 lightdm --session-child 14 23 > > ├─ 7625 xfce4-session > > ├─ 7687 /usr/bin/ssh-agent -s > > etc. > > Looks like it's coming from login stuff, somehow. > > Curious, I looked at my own session. > > unicorn:~$ ps -ef | grep ssh-agent > greg 956 912 0 Jul09 ?00:00:04 /usr/bin/ssh-agent > /home/greg/.xsession > greg 968 1 0 Jul09 ?00:00:00 ssh-agent -s > greg 1510760 984 0 10:24 pts/200:00:00 grep ssh-agent > > unicorn:~$ systemctl status session-1.scope > ● session-1.scope - Session 1 of user greg > Loaded: loaded (/run/systemd/transient/session-1.scope; transient) > Transient: yes > Active: active (running) since Sat 2022-07-09 08:23:23 EDT; 2 weeks 5 > days> > Tasks: 1176 > Memory: 9.7G > CPU: 1w 5d 8h 51min 25.285s > CGroup: /user.slice/user-1000.slice/session-1.scope > ├─697 /bin/login -p -- > ├─856 -bash > ├─871 /bin/sh /usr/bin/startx > ├─893 xinit /etc/X11/xinit/xinitrc -- > /etc/X11/xinit/xserverrc> > ├─894 /usr/lib/xorg/Xorg -nolisten tcp :0 vt1 -keeptty -auth > /> > ├─912 /bin/bash /home/greg/.xsession > ├─956 /usr/bin/ssh-agent /home/greg/.xsession > ├─968 ssh-agent -s > ├─971 rxvt -font 7x13 -geometry 80x24+0+116 > [...] I did much the same … > My .xsession file contains only this line concerning ssh-agent: > > hash ssh-agent 2>/dev/null && eval "$(ssh-agent -s)" … but I don't do that. So my ssh-agent is still "properly" parented, rather than an adoptee of 1. > So... in my case... "ssh-agent -s" (PID 968) is the one I requested. What > is the *other* one, PID 956? It's a child of 912 (shown earlier), so > let's trace that back: > > unicorn:~$ ps -fp 912 > UID PIDPPID C STIME TTY TIME CMD > greg 912 893 0 Jul09 tty1 00:00:00 /bin/bash > /home/greg/.xsessi > unicorn:~$ ps -fp 893 > UID PIDPPID C STIME TTY TIME CMD > greg 893 871 0 Jul09 tty1 00:00:00 xinit > /etc/X11/xinit/xinitrc > > /etc/X11/xinit/xinitrc is a shell script that contains only one non-comment > line: > > . /etc/X11/Xsession > > Looking for related stuff: > > unicorn:~$ grep -r ssh-agent /etc/X11/Xsession* > /etc/X11/Xsession.d/90x11-common_ssh-agent:# $Id: 90x11-common_ssh-agent 305 > 2005-07-03 18:51:43Z dnusinow $ > /etc/X11/Xsession.d/90x11-common_ssh-agent:SSHAGENT=/usr/bin/ssh-agent > /etc/X11/Xsession.d/90x11-common_ssh-agent:if has_option use-ssh-agent; then > /etc/X11/Xsession.d/90x11-common_ssh-agent:if [ -f /usr/bin/ssh-add1 ] && > cmp -s $SSHAGENT /usr/bin/ssh-agent2; then > /etc/X11/Xsession.d/90x11-common_ssh-agent: # use ssh-agent2's > ssh-agent1 compatibility mode > /etc/X11/Xsession.options:use-ssh-agent > > So, I suppose Debian is starting this ssh-agent via its Xsession even > though I have my own .xsession file which is starting my own instance of > ssh-agent. > > I guess you've already disabled that one...? > > Anyway, your login is completely different from mine (you're using lightdm, > while I'm using a console login and startx), so you'll have to pursue your > own investigation from here. > > Given the order of the processes shown in your session-8, it looks like > it might be an XFCE thing. Maybe start there? I can't help you with > that, though. I assume that some process above ssh-agent has died, unintentionally or otherwise. > > Any ideas where I might look next? Anyone know if it's possible to ask > > systemd what process "externally created" a process in a .scope? I'm not sure what you mean by this, unless it's the (wrong) idea that systemd "injected" the ssh-agent into your scope, evidenced by its parent being PID 1. My scope is clearly generated merely by logging in. Everything in it is mine, all mine … … Control group /: -.slice ├─user.slice │ └─user-1000.slice │ ├─user@1000.service │ │ ├─app.slice │ │ │ ├─at-spi-dbus-bus.service │ │ │ │ ├─5409 /usr/libexec/at-spi-bus-launcher │ │ │ │ ├─5414 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2… │ │ │ │ └─5419 /usr/libexec/at-spi2
Re: *Now* what is starting ssh-agent?
On Thu, Jul 28, 2022 at 10:34:50AM -0300, Chris Mitchell wrote: > From the output of systemd-cgls I see that the rogue ssh-agent process > is part of the .scope CGroup corresponding to my X login session. > > # systemctl status session-8.scope > ● session-8.scope - Session 8 of User chris > Loaded: loaded (/run/systemd/transient/session-8.scope; transient) > Transient: yes > Active: active (running) since Thu 2022-07-28 08:59:48 ADT; 25min > ago Tasks: 254 > Memory: 957.6M > CPU: 2min 5.903s > CGroup: /user.slice/user-1000.slice/session-8.scope > ├─ 7588 lightdm --session-child 14 23 > ├─ 7625 xfce4-session > ├─ 7687 /usr/bin/ssh-agent -s > etc. Looks like it's coming from login stuff, somehow. Curious, I looked at my own session. unicorn:~$ ps -ef | grep ssh-agent greg 956 912 0 Jul09 ?00:00:04 /usr/bin/ssh-agent /home/greg/.xsession greg 968 1 0 Jul09 ?00:00:00 ssh-agent -s greg 1510760 984 0 10:24 pts/200:00:00 grep ssh-agent unicorn:~$ systemctl status session-1.scope ● session-1.scope - Session 1 of user greg Loaded: loaded (/run/systemd/transient/session-1.scope; transient) Transient: yes Active: active (running) since Sat 2022-07-09 08:23:23 EDT; 2 weeks 5 days> Tasks: 1176 Memory: 9.7G CPU: 1w 5d 8h 51min 25.285s CGroup: /user.slice/user-1000.slice/session-1.scope ├─697 /bin/login -p -- ├─856 -bash ├─871 /bin/sh /usr/bin/startx ├─893 xinit /etc/X11/xinit/xinitrc -- /etc/X11/xinit/xserverrc> ├─894 /usr/lib/xorg/Xorg -nolisten tcp :0 vt1 -keeptty -auth /> ├─912 /bin/bash /home/greg/.xsession ├─956 /usr/bin/ssh-agent /home/greg/.xsession ├─968 ssh-agent -s ├─971 rxvt -font 7x13 -geometry 80x24+0+116 [...] My .xsession file contains only this line concerning ssh-agent: hash ssh-agent 2>/dev/null && eval "$(ssh-agent -s)" So... in my case... "ssh-agent -s" (PID 968) is the one I requested. What is the *other* one, PID 956? It's a child of 912 (shown earlier), so let's trace that back: unicorn:~$ ps -fp 912 UID PIDPPID C STIME TTY TIME CMD greg 912 893 0 Jul09 tty1 00:00:00 /bin/bash /home/greg/.xsessi unicorn:~$ ps -fp 893 UID PIDPPID C STIME TTY TIME CMD greg 893 871 0 Jul09 tty1 00:00:00 xinit /etc/X11/xinit/xinitrc /etc/X11/xinit/xinitrc is a shell script that contains only one non-comment line: . /etc/X11/Xsession Looking for related stuff: unicorn:~$ grep -r ssh-agent /etc/X11/Xsession* /etc/X11/Xsession.d/90x11-common_ssh-agent:# $Id: 90x11-common_ssh-agent 305 2005-07-03 18:51:43Z dnusinow $ /etc/X11/Xsession.d/90x11-common_ssh-agent:SSHAGENT=/usr/bin/ssh-agent /etc/X11/Xsession.d/90x11-common_ssh-agent:if has_option use-ssh-agent; then /etc/X11/Xsession.d/90x11-common_ssh-agent:if [ -f /usr/bin/ssh-add1 ] && cmp -s $SSHAGENT /usr/bin/ssh-agent2; then /etc/X11/Xsession.d/90x11-common_ssh-agent: # use ssh-agent2's ssh-agent1 compatibility mode /etc/X11/Xsession.options:use-ssh-agent So, I suppose Debian is starting this ssh-agent via its Xsession even though I have my own .xsession file which is starting my own instance of ssh-agent. I guess you've already disabled that one...? Anyway, your login is completely different from mine (you're using lightdm, while I'm using a console login and startx), so you'll have to pursue your own investigation from here. Given the order of the processes shown in your session-8, it looks like it might be an XFCE thing. Maybe start there? I can't help you with that, though.
Re: *Now* what is starting ssh-agent?
Still picking away at this… The PIDs are, of course, a moving target, as every time I log out and back in to test a change, ssh-agent instances are getting shut down and new ones started. As of right now: * my systemd-managed ssh-agent is PID 3017 * the rogue ssh-agent is PID 7687 $ systemctl --user status ssh-agent.service ● ssh-agent.service - SSH key agent Loaded: loaded (/etc/xdg/systemd/user/ssh-agent.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2022-07-28 08:02:14 ADT; 1h 21min ago Main PID: 3017 (ssh-agent) Tasks: 1 (limit: 9302) Memory: 560.0K CPU: 5ms CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service └─3017 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket From the output of systemd-cgls I see that the rogue ssh-agent process is part of the .scope CGroup corresponding to my X login session. # systemctl status session-8.scope ● session-8.scope - Session 8 of User chris Loaded: loaded (/run/systemd/transient/session-8.scope; transient) Transient: yes Active: active (running) since Thu 2022-07-28 08:59:48 ADT; 25min ago Tasks: 254 Memory: 957.6M CPU: 2min 5.903s CGroup: /user.slice/user-1000.slice/session-8.scope ├─ 7588 lightdm --session-child 14 23 ├─ 7625 xfce4-session ├─ 7687 /usr/bin/ssh-agent -s etc. man systemd.scope(5) says: Scope units are not configured via unit configuration files, but are only created programmatically using the bus interfaces of systemd. […] Unlike service units, scope units manage externally created processes, and do not fork off processes on its own. By my reading, that seems to indicate that the rogue ssh-agent (PID 7687) is a direct child of systemd's system instance (PID 1) only because my XFCE4 session and all of its associated processes are running contained in a "scope" (to take advantage of systemd's resource management capabilities?), and this does not indicate that said ssh-agent is in any direct or relevant sense being managed by systemd. Can anyone confirm or correct my understanding here? Also, in the absence of more promising leads, I followed Tomas' advice and inserted "echo" statements at every decision point in 90x11-common_ssh-agent, which confirmed that the initial "if has_option" check is returning False and none of the code in that if block is being run. I'm convinced that Xsession is not the culprit. Any ideas where I might look next? Anyone know if it's possible to ask systemd what process "externally created" a process in a .scope? Cheers! -Chris
Re: *Now* what is starting ssh-agent?
On Wed, 27 Jul 2022 11:04:49 +0200 Michael Biebl wrote: > Can you post the output of > systemd-cgls First, for context: $ systemd-cgls --user-unit ssh-agent.service Unit ssh-agent.service (/user.slice/user-1000.slice/user@1000.service/app.slice> └─3166 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket That is my custom "global" user ssh-agent.service, not the rogue ssh-agent. The rogue ssh-agent is also started: $ env | grep -i ssh SSH_AUTH_SOCK=/tmp/ssh-XX3Q3EAs/agent.3302 SSH_AGENT_PID=3303 The full output of # systemd-cgls is over 200 lines, and paste.debian.net rejected it with the message "do not spam", so here we go: https://pastebin.com/68wWRnyb Cheers! -Chris
Re: *Now* what is starting ssh-agent?
Jul. 26, 2022 17:00:46 Greg Wooledge : > On Tue, Jul 26, 2022 at 03:40:48PM -0300, Chris Mitchell wrote: >> Here's my service file: >> >> $ cat /etc/systemd/user/ssh-agent.service > > According to systemd.unit(5) this directory is for "User units created > by the administrator". Yup, that's me! In practice, it means units placed there are user units that are available to all users on the system, so they can start/stop/enable/disable/… their own instances of those units via "systemctl --user" commands (or root can do the same for all users at once with "systemctl --global). A unit in this directory will supersede a same-named unit in /usr/lib/systemd/user, and may in turn be superseded on a user-by-user basis via their respective ~/.config/systemd/user directories. > PID 1 is the system instance of systemd. Not a user instance. > The ssh-agent with PID 3011 is being started by the system instance, > so it is a system unit. It's not your locally defined user unit. Oh, yes. I should have realized that. Weird that the system instance would be configured to start an ssh-agent at all, but I'll definitely look there next. > Things you should look at next, I suppose: > > systemctl status ssh-agent > systemctl --user status ssh-agent The --user one shows that my custom "global" user unit at /etc/systemd/user is up and running as expected, which I can verify by manually changing SSH_AUTH_SOCK to point to the socket specified there and accessing the agent. If the *system* systemd instance is actually launching an ssh-agent and injecting corresponding env-vars into my regular user environment, that is deeply strange, and I'm reasonably sure I haven't done anything that could cause that outcome. # systemctl status ssh-agent.service Unit ssh-agent.service could not be found. # systemctl list-units --all *ssh* UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. > Starting an ssh-agent via systemd is completely outside of my > experience, though, and I don't really understand why you'd attempt > it. It's not clear to me *at all* how you would communicate the > environment variables from the ssh-agent invocation over to the > user's login session. My setup is to have each user's "user" systemd instance manage their ssh-agent (which is also how the Bookworm package handles it, though with some differences in the implementation details). Being a long-running daemon type process that provides a service to other processes, ssh-agent struck me as an ideal candidate for being handled by the service manager. The only environment variable that remains relevant now that systemd handles the process control stuff is SSH_AUTH_SOCK, and because I specify a consistent socket location, I can set that statically for all login sessions, the same way you would go about adding a custom location to PATH or whatever. Advantages include: * hands-on learning experience with systemd, which is clearly here to stay, * make ssh-agent start, and behave consistently, regardless of what DE I use, or no DE, or no X or Wayland or graphical anything, * any user who has a non-zero number of active login sessions gets exactly one ssh-agent process, regardless of what "type" of session(s) For example: if I log in to XFCE4, load a few ssh keys into my ssh-agent, and something causes X to hang, I swap to VT1 and log in there. Systemd no-ops my ssh-agent.service because it's already running, and access to ssh-agent works right there in VT1, including the already-loaded keys. Now I restart lightdm, which kills the session that started my ssh-agent.service, but because I still have a non-zero number of active login sessions (VT1), systemd keeps that service running. Then I can swap back to the lightdm greeter and log in to XFCE4, or KDE, or Enlightenment, or whatever, and my ssh-agent is already up and ready with the keys I loaded earlier. Just for fun, if I want to make ssh-agent socket-activated for every user on the system instead of auto-started at login, I can drop a ~5 line ssh-agent.socket file in /etc/systemd/user/ alongside the ssh-agent.service file, systemctl --global disable the .service unit and enable the .socket unit instead, and that's it. I've been using this "global" systemd user unit to manage ssh-agent for a couple of years now, and it's just about perfect… except when some legacy workaround comes along and clobbers things. Cheers! -Chris
Re: *Now* what is starting ssh-agent?
On Wed, Jul 27, 2022 at 09:08:59AM -0300, Chris Mitchell wrote: > On Tue, 26 Jul 2022 21:54:18 +0200 > Erwan David wrote: > > > ssh-agent is usually started by your session manager. I do not know > > wether all DE use this, but you can find it in > > > > /etc/X11/Xsession.d/90x11-common_ssh-agent > > True. The snippet in that file is nested in a conditional, though: > if has_option use-ssh-agent; then > … > > If I'm not mistaken, disabling "use_ssh_agent" in > /etc/X11/Xsession.options causes that conditional to fail, so > /etc/X11/Xsession.d/90x11-common_ssh-agent will do nothing. That all sounds correct, and matches up with your earlier message stating that ssh-agent is a direct child of systemd PID 1. It's not being started by Xsession. We really need to see the systemd diagnostics that have been requested by multiple people, now.
Re: *Now* what is starting ssh-agent?
On Wed, Jul 27, 2022 at 09:08:59AM -0300, Chris Mitchell wrote:
> On Tue, 26 Jul 2022 21:54:18 +0200
> Erwan David wrote:
>
> > ssh-agent is usually started by your session manager. I do not know
> > wether all DE use this, but you can find it in
> >
> > /etc/X11/Xsession.d/90x11-common_ssh-agent
>
> True. The snippet in that file is nested in a conditional, though:
> if has_option use-ssh-agent; then
> …
>
> If I'm not mistaken, disabling "use_ssh_agent" in
> /etc/X11/Xsession.options causes that conditional to fail, so
> /etc/X11/Xsession.d/90x11-common_ssh-agent will do nothing.
>
> man Xsession(5) uses the wording "If the line ‘use-ssh-agent’ is
> present in Xsession.options", but man Xsession.options(5) says "All of
> the above options are enabled by default" and instructs to disable
> them by prefixing the option with "no-". Prior experience suggests that
> commenting the line out *is* sufficient to disable it,
It isn't, see below.
>but just to be
> sure I have uncommented the line and changed it to "no-use-ssh-agent".
> Even after a reboot, this has made no difference to the situation.
I think it doesn't work as you think it does. Obviously, has_option
is a shell function. It is defined in /etc/X11/Xsession:
has_option() {
# Ensure that a later no-foo overrides an earlier foo
if [ "$(echo "$OPTIONS" | grep -Eo "^(no-)?$1\>" | tail -n 1)" = "$1" ];
then
return 0
else
return 1
fi
}
Why prefixing things with `no-' doesn't help you I can't say either.
Since this is all shell script, I'd insert some code in your
90x11-common_ssh-agent to clarify the situation. E.g. some little
thing echoing hello to some file in /tmp at strategic places.
Then you know whether to continue chasing that one or looking elsewhere.
Cheers
--
t
signature.asc
Description: PGP signature
Re: *Now* what is starting ssh-agent?
On Tue, 26 Jul 2022 21:54:18 +0200 Erwan David wrote: > ssh-agent is usually started by your session manager. I do not know > wether all DE use this, but you can find it in > > /etc/X11/Xsession.d/90x11-common_ssh-agent True. The snippet in that file is nested in a conditional, though: if has_option use-ssh-agent; then … If I'm not mistaken, disabling "use_ssh_agent" in /etc/X11/Xsession.options causes that conditional to fail, so /etc/X11/Xsession.d/90x11-common_ssh-agent will do nothing. man Xsession(5) uses the wording "If the line ‘use-ssh-agent’ is present in Xsession.options", but man Xsession.options(5) says "All of the above options are enabled by default" and instructs to disable them by prefixing the option with "no-". Prior experience suggests that commenting the line out *is* sufficient to disable it, but just to be sure I have uncommented the line and changed it to "no-use-ssh-agent". Even after a reboot, this has made no difference to the situation. $ grep -i ssh ~/.xsession-errors returns no results, and that file *does* have entries showing other environment variables being set via dbus-update-activation-environment. I suppose I could try commenting out the whole snippet in /etc/X11/Xsession.d/90x11-common_ssh-agent, or moving the file away, but at this point I'm reasonably confident Xsession is not the culprit. Thanks for the lead, though. I know a bit more about how Xsession works now than I did yesterday. Cheers! -Chris
Re: *Now* what is starting ssh-agent?
Can you post the output of systemd-cgls OpenPGP_signature Description: OpenPGP digital signature
Re: *Now* what is starting ssh-agent?
On Tue, Jul 26, 2022 at 03:40:48PM -0300, Chris Mitchell wrote: > Here's my service file: > > $ cat /etc/systemd/user/ssh-agent.service According to systemd.unit(5) this directory is for "User units created by the administrator". > Here's what I know so far: > > $ env | grep -i ssh > SSH_AUTH_SOCK=/tmp/ssh-XXZAaNOY/agent.3010 > SSH_AGENT_PID=3011 > > $ ps ax | grep 3011 > 3011 ?Ss 0:00 /usr/bin/ssh-agent -s > > $ pstree -ps 3011 > systemd(1)───ssh-agent(3011) PID 1 is the system instance of systemd. Not a user instance. The ssh-agent with PID 3011 is being started by the system instance, so it is a system unit. It's not your locally defined user unit. Things you should look at next, I suppose: systemctl status ssh-agent systemctl --user status ssh-agent Starting an ssh-agent via systemd is completely outside of my experience, though, and I don't really understand why you'd attempt it. It's not clear to me *at all* how you would communicate the environment variables from the ssh-agent invocation over to the user's login session.
Re: *Now* what is starting ssh-agent?
Le 26/07/2022 à 20:40, Chris Mitchell a écrit : Hi all, I have my own systemd "user" .service unit that I like to use to start ssh-agent the way I want it started, which works fine… except for the neverending game of whack-a-mole tracking down and disabling various legacy workarounds that go ahead and start ssh-agent unasked (or emulate it, poorly, like gnome-keyring) and clobber my SSH_AUTH_SOCK env-var. ssh-agent is usually started by your session manager. I do not know wether all DE use this, but you can find it in /etc/X11/Xsession.d/90x11-common_ssh-agent
*Now* what is starting ssh-agent?
Hi all, I have my own systemd "user" .service unit that I like to use to start ssh-agent the way I want it started, which works fine… except for the neverending game of whack-a-mole tracking down and disabling various legacy workarounds that go ahead and start ssh-agent unasked (or emulate it, poorly, like gnome-keyring) and clobber my SSH_AUTH_SOCK env-var. Here's my service file: $ cat /etc/systemd/user/ssh-agent.service [Unit] Description=SSH key agent [Service] Type=exec # %t resolves to XDG_RUNTIME_DIR; see SPECIFIERS section in systemd.unit(5) ExecStart=/usr/bin/ssh-agent -D -a "%t/ssh-agent.socket" [Install] WantedBy=default.target Sure enough, on a current laptop running Bookworm, even though I have that service enabled and running, and I've gone through my list of things to disable, there's a superfluous ssh-agent process running with the default randomized socket location, and SSH_AUTH_SOCK has been clobbered to point at that. Here's what I know so far: $ env | grep -i ssh SSH_AUTH_SOCK=/tmp/ssh-XXZAaNOY/agent.3010 SSH_AGENT_PID=3011 $ ps ax | grep 3011 3011 ?Ss 0:00 /usr/bin/ssh-agent -s $ pstree -ps 3011 systemd(1)───ssh-agent(3011) Here I get confused. The path shown by ps rules out the possibility that it's some other utility pretending to be ssh-agent. Unless I'm mistaken, that pstree result indicates that this ssh-agent process was started by systemd, but: $ grep -rl ssh-agent /usr/lib/systemd/ /usr/lib/systemd/user-environment-generators/90gpg-agent /usr/lib/systemd/user/gpg-agent-ssh.socket /usr/lib/systemd/user/ssh-agent.service Even though gpg-agent is running, I think it can be ignored because: * it wouldn't show up in ps as "/usr/bin/ssh-agent", * that environment generator only sets the SSH_AUTH_SOCK env-var if "enable-ssh-support" is enabled per "gpgconf --list-options gpg-agent", which it is not, and * Those two ssh-related env-vars don't match gpg-agent's PID or ssh-agent-socket path. And /usr/lib/systemd/user/ssh-agent.service is not the culprit, because: * /etc/systemd/user/ssh-agent.service has a higher priority, which causes systemd to ignore the one under /usr/lib/, and * /usr/lib/systemd/user/ssh-agent.service uses the socket location "$XDG_RUNTIME_DIR/openssh_agent" Continuing the search: $ grep -rl ssh-agent /etc/systemd/ Returns one hit, which is my custom service file as shown above $ grep -rl ssh-agent ~/.config/systemd/ Returns nothing, unsurprisingly. Things that are already disabled: * gnome-keyring is not installed * /etc/X11/Xsession.options option use-ssh-agent is commented out * XFCE4's "Application Autostart" config has no entry for ssh-agent * XFCE4's "Launch GNOME services on startup" is disabled (If enabled, this option launches gnome-keyring if available, which by default would emulate ssh-agent and clobber the env-var) * $ grep -rl ssh-agent ~/.config/autostart/ returns nothing, as expected Anyone got any idea where I should look next to identify what's actually starting that rogue ssh-agent process & clobbering my env-var, and prevent it from doing so? Cheers! -Chris PS. Please keep all replies on-list, thanks!
Re: Hardware failure?: Now what? Is this worth pursuing?
On Tue, 23 Mar 2021 22:03:08 +0100 Sven Hartge wrote: > Other than that: Intel has acknowledged the defect as an official > erro^Werratum and documented it. So "case closed" in that regard. Agreed. Thanks. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Hardware failure?: Now what? Is this worth pursuing?
Charles Curley wrote: > On Mon, 22 Mar 2021 13:52:27 -0600 Charles Curley > wrote: >> I ran an amd64 VM for 24 hours, and no errors. I just fired up a 486 >> VM, and no errors. I will let that run 24 hours and see what that >> does. >> >> The i386 VM is "qemu32". I see a kvm32 in my list of options. I may >> try that as well. > I ran the VM as qemu32 for a few seconds, and got 7 more errors. I > then switched the VM to "kvm32". I have been running that for about an > hour and seen 27 more errors. Still, that strikes me as pretty > conclusive. > Is this even worth pursuing? Only as an amusing part-trick: "Look here folks, I can create an MCE on demand." Other than that: Intel has acknowledged the defect as an official erro^Werratum and documented it. So "case closed" in that regard. Grüße, Sven. -- Sigmentation fault. Core dumped.
Re: Hardware failure?: Now what? Is this worth pursuing?
On Mon, 22 Mar 2021 13:52:27 -0600 Charles Curley wrote: > I ran an amd64 VM for 24 hours, and no errors. I just fired up a 486 > VM, and no errors. I will let that run 24 hours and see what that > does. > > The i386 VM is "qemu32". I see a kvm32 in my list of options. I may > try that as well. I ran the VM as qemu32 for a few seconds, and got 7 more errors. I then switched the VM to "kvm32". I have been running that for about an hour and seen 27 more errors. Still, that strikes me as pretty conclusive. Is this even worth pursuing? -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Hardware failure?: Now what?
On Sat, 20 Mar 2021 20:09:24 -0600 Charles Curley wrote: > I have a number of amd64 VMs, and I do not recall seeing this error > before. If I can run those without this error, that will narrow things > down to the i386 VM, and that may be worth a bug report. I ran an amd64 VM for 24 hours, and no errors. I just fired up a 486 VM, and no errors. I will let that run 24 hours and see what that does. The i386 VM is "qemu32". I see a kvm32 in my list of options. I may try that as well. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Hardware failure?: Now what?
Charles Curley wrote: > > The board is an ASUS H97M-E, bios date 05/15/2015. Processor is > Intel(R) Core(TM) i7-4790S CPU @ 3.20GHz, with eight processors. > > Now what? 4 cores, 8 threads. As others are pointing out, this could be thermal. Clean the fan, consider replacing the power supply, consider removing the heatsink and cleaning it then re-applying thermal paste. If the problem recurs and it isn't thermal, you can replace the CPU. i7-5775C or another i7-4790S will go for about $200; a used i7-4770K will be nearly unnoticeably faster for about $180. -dsr-
Re: Hardware failure?: Now what?
Hi, On Sat, Mar 20, 2021 at 02:29:25PM -0600, Charles Curley wrote: > MCE events: > 1 2021-03-20 13:58:30 -0600 error: Internal parity error, mcg mcgstatus=0, > mci Corrected_error Error_enabled, mcgcap=0x0c09, > status=0x904f0005, tsc=0xf442c87fda, walltime=0x605653e5, > cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 This could be a RAM error, but it could also be a memory error for the cache inside the CPU, so a CPU error. But it could also be a spurious CPU bug: https://trick77.com/qemu-on-haswell-causes-spurious-mce-events/ Are you running qemu or KVM or some other kind of virtualisation? If yes and if there doesn't appear to be any actual instability then it may be spurious. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: Hardware failure?: Now what?
Charles Curley wrote: > Mar 20 13:58:29 hawk rasdaemon[892]: Calling ras_mc_event_opendb() > Mar 20 13:58:29 hawk rasdaemon[892]: cpu 03:rasdaemon: mce_record store: > 0x55c124c9b148 > Mar 20 13:58:29 hawk kernel: [ 300.407406] mce: [Hardware Error]: Machine > check events logged > Mar 20 13:58:29 hawk kernel: [ 300.407410] mce: [Hardware Error]: CPU 3: > Machine Check: 0 Bank 0: 904f0005 > Mar 20 13:58:29 hawk kernel: [ 300.407411] mce: [Hardware Error]: TSC > f442c87fda > Mar 20 13:58:29 hawk kernel: [ 300.407413] mce: [Hardware Error]: PROCESSOR > 0:306c3 TIME 1616270309 SOCKET 0 APIC 6 microcode 19 > Mar 20 13:58:29 hawk rasdaemon[892]: rasdaemon: register inserted at db > 1 2021-03-20 13:58:30 -0600 error: Internal parity error, mcg mcgstatus=0, > mci Corrected_error Error_enabled, mcgcap=0x0c09, > status=0x904f0005, tsc=0xf442c87fda, walltime=0x605653e5, > cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 > 2 2021-03-20 14:07:07 -0600 error: Internal parity error, mcg mcgstatus=0, > mci Corrected_error Error_enabled, mcgcap=0x0c09, > status=0x904f0005, tsc=0x274d9e61020, walltime=0x605655ea, > cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 > 3 2021-03-20 14:07:07 -0600 error: Internal parity error, mcg mcgstatus=0, > mci Corrected_error Error_enabled, mcgcap=0x0c09, > status=0x904f0005, tsc=0x27517a5dacb, walltime=0x605655eb, > cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 > 4 2021-03-20 14:10:34 -0600 error: Internal parity error, mcg mcgstatus=0, > mci Corrected_error Error_enabled, mcgcap=0x0c09, > status=0x904f0005, tsc=0x30ea8517bee, walltime=0x605656b9, > cpuid=0x000306c3 > If I read that correctly, CPU 3 is seeing and correcting internal parity > errors. Correct. > The board is an ASUS H97M-E, bios date 05/15/2015. Processor is > Intel(R) Core(TM) i7-4790S CPU @ 3.20GHz, with eight processors. > Now what? Nothing really. Check if there is a BIOS/Firmware update available. Check if the voltages are set correctly in the BIOS/Firmware. (Usually by loading the defaults and setting everything to "auto".) Check temperature of the CPU. Check if the latest intel-microcode package from Debian is installed (3.20201118.1~deb10u1 at the moment) or grab the newest one from testing (3.20210216.1). Try running mprime95 in test mode for some time to see if it complains and if errors occur more often when under load. Also run memtest86+ for some time to verify the correctness of your RAM. In the end, if the error is something in one of the caches inside the CPU, there is nothing really you can do. Grüße, Sven. -- Sigmentation fault. Core dumped.
Hardware failure?: Now what?
My syslog is reporting things like: Mar 20 13:58:29 hawk rasdaemon[892]: Calling ras_mc_event_opendb() Mar 20 13:58:29 hawk rasdaemon[892]: cpu 03:rasdaemon: mce_record store: 0x55c124c9b148 Mar 20 13:58:29 hawk kernel: [ 300.407406] mce: [Hardware Error]: Machine check events logged Mar 20 13:58:29 hawk kernel: [ 300.407410] mce: [Hardware Error]: CPU 3: Machine Check: 0 Bank 0: 904f0005 Mar 20 13:58:29 hawk kernel: [ 300.407411] mce: [Hardware Error]: TSC f442c87fda Mar 20 13:58:29 hawk kernel: [ 300.407413] mce: [Hardware Error]: PROCESSOR 0:306c3 TIME 1616270309 SOCKET 0 APIC 6 microcode 19 Mar 20 13:58:29 hawk rasdaemon[892]: rasdaemon: register inserted at db root@hawk:/crc/back# ras-mc-ctl --errors No Memory errors. No PCIe AER errors. No Extlog errors. MCE events: 1 2021-03-20 13:58:30 -0600 error: Internal parity error, mcg mcgstatus=0, mci Corrected_error Error_enabled, mcgcap=0x0c09, status=0x904f0005, tsc=0xf442c87fda, walltime=0x605653e5, cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 2 2021-03-20 14:07:07 -0600 error: Internal parity error, mcg mcgstatus=0, mci Corrected_error Error_enabled, mcgcap=0x0c09, status=0x904f0005, tsc=0x274d9e61020, walltime=0x605655ea, cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 3 2021-03-20 14:07:07 -0600 error: Internal parity error, mcg mcgstatus=0, mci Corrected_error Error_enabled, mcgcap=0x0c09, status=0x904f0005, tsc=0x27517a5dacb, walltime=0x605655eb, cpu=0x0003, cpuid=0x000306c3, apicid=0x0006 4 2021-03-20 14:10:34 -0600 error: Internal parity error, mcg mcgstatus=0, mci Corrected_error Error_enabled, mcgcap=0x0c09, status=0x904f0005, tsc=0x30ea8517bee, walltime=0x605656b9, cpuid=0x000306c3 root@hawk:/crc/back# If I read that correctly, CPU 3 is seeing and correcting internal parity errors. The board is an ASUS H97M-E, bios date 05/15/2015. Processor is Intel(R) Core(TM) i7-4790S CPU @ 3.20GHz, with eight processors. Now what? -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
Uninstall it, re-install apache2, restore your working web server configuration, and block the troublesome web scrapers using iptables or similar instead.
Re: installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
On Tue, Nov 05, 2019 at 06:40:35AM -0500, Gene Heskett wrote: > On Tuesday 05 November 2019 05:02:41 mick crane wrote: > > > On 2019-11-04 21:14, Gene Heskett wrote: > > > Greetings; > > > > > > I guess the subject says it all. > > > > does this not work ? > > https://nginx.org/en/docs/beginners_guide.html > > Yes, that works! And it also links to let me read the rest of the docs. > > Thank you very much. > > But where do I create this /data/www directory chain? Or can I reuse the > existing /var/www/html/gene created for apache2? You should be able to reuse that. Cheers -- t signature.asc Description: Digital signature
Re: installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
On Tuesday 05 November 2019 05:02:41 mick crane wrote: > On 2019-11-04 21:14, Gene Heskett wrote: > > Greetings; > > > > I guess the subject says it all. > > does this not work ? > https://nginx.org/en/docs/beginners_guide.html Yes, that works! And it also links to let me read the rest of the docs. Thank you very much. But where do I create this /data/www directory chain? Or can I reuse the existing /var/www/html/gene created for apache2? Thanks, & Cheers, Gene Heskett
Re: installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
On 2019-11-04 21:14, Gene Heskett wrote: Greetings; I guess the subject says it all. does this not work ? https://nginx.org/en/docs/beginners_guide.html -- Key ID4BFEBB31
Re: installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
On Mon 04 Nov 2019 at 16:14:17 -0500, Gene Heskett wrote: > I guess the subject says it all. Any other user submitting a mail like this to the list would be slated. And quite correctly. As usual, you've cocked up somewhere. -- Brian.
installed nginx, now what? Need srartup tut, nginx site won't let me download any docs.
Greetings; I guess the subject says it all. Thanks all. Cheers, Gene Heskett
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 20150402_1142-0500, David Wright wrote: > Quoting Paul E Condon (pecon...@mesanetworks.net): > > I read the prior discussion as taking for granted the idea that one > > must have only one method of identifying individual partitions, > ^^^ ^^ > If you're referring to my post (which you quoted), then the opposite > is true. The opening paragraphs argues against LABELs as a panacea, > but later ones (and another posting in this thread) reveal that I use > them routinely in what are the right circumstances for me. > > (With top-posting, it can be difficult to tell precisely what you're > commenting on.) It applied to the whole conversation. At least that > was my intent. > > and > > that that method must be the latest to have arrived on the scene. For > > example, if everyone else in the world accepts your idea that > > LABEL=sda1 on the partition that was /dev/sda1 when Debian was > > installed is something that should *not*be*done*, *then* I can be very > > confident that my disk will not cause problems *because*of*an*identity* > > *clash*. > > That may be true for you personally, but your idea scales up to just > one computer. I have several. So do many others. Any time your LABEL is > "correct", it's redundant, and when it's made "incorrect" by changing > circumstances, it's confusing. > > > The whole scenario is false anyway. Who would let a disk > > arrives at his facility in the hands of a stranger be *mount*ed > > without first putting it in a USB disk carrier and using some system > > tools to take a look at what is recorded on it? And why would I offer > > my disk to anyone without *telling* them how it is labeled? > > Facility? Stranger? In my post I suggested that any one person, who > had taken your advice and LABELled their root partition as "sda1", > might take said drive out of that computer and put it into another one > of theirs, whereupon /dev/disk/by-label will have an entry like this: > > /dev/disk/by-label: > total 0 > lrwxrwxrwx 1 root root 10 Mar 31 13:44 sda1 -> ../../sdb1 > > Confusing, unnecessary, avoidable. To me, very informative of a situation that badly needs fixing by other means. > > > I see the argument here, mine as well as yours, as a clash of wildly > > imaginative false scenarios. > > Summarising: names/labels are important. Advising sda1 as a LABEL is > not a good idea. > > If you want a reference, take a look at RFC1178, page 2: > "Don't overload other terms already in common use." Like, for instance, 'window' ? When was the first use of the word, window, in English according to the OED? How many years was it in common use as referring to a common architectural feature of human habitations? And earlier than OED, there is Dr. Johnson's Dictionary of the English Language, which provides a definition of 'window' that was current in 1755, over two centuries before the UNIX epoch. And then there's Humpty Dumpty's Rule for the definition of any word to consider. ;-) Cheers, and Peace, -- Paul E Condon pecon...@mesanetworks.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150403011255.gc3...@big.lan.gnu
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
Quoting Paul E Condon (pecon...@mesanetworks.net): > I read the prior discussion as taking for granted the idea that one > must have only one method of identifying individual partitions, If you're referring to my post (which you quoted), then the opposite is true. The opening paragraphs argues against LABELs as a panacea, but later ones (and another posting in this thread) reveal that I use them routinely in what are the right circumstances for me. (With top-posting, it can be difficult to tell precisely what you're commenting on.) > and > that that method must be the latest to have arrived on the scene. For > example, if everyone else in the world accepts your idea that > LABEL=sda1 on the partition that was /dev/sda1 when Debian was > installed is something that should *not*be*done*, *then* I can be very > confident that my disk will not cause problems *because*of*an*identity* > *clash*. That may be true for you personally, but your idea scales up to just one computer. I have several. So do many others. Any time your LABEL is "correct", it's redundant, and when it's made "incorrect" by changing circumstances, it's confusing. > The whole scenario is false anyway. Who would let a disk > arrives at his facility in the hands of a stranger be *mount*ed > without first putting it in a USB disk carrier and using some system > tools to take a look at what is recorded on it? And why would I offer > my disk to anyone without *telling* them how it is labeled? Facility? Stranger? In my post I suggested that any one person, who had taken your advice and LABELled their root partition as "sda1", might take said drive out of that computer and put it into another one of theirs, whereupon /dev/disk/by-label will have an entry like this: /dev/disk/by-label: total 0 lrwxrwxrwx 1 root root 10 Mar 31 13:44 sda1 -> ../../sdb1 Confusing, unnecessary, avoidable. > I see the argument here, mine as well as yours, as a clash of wildly > imaginative false scenarios. Summarising: names/labels are important. Advising sda1 as a LABEL is not a good idea. If you want a reference, take a look at RFC1178, page 2: "Don't overload other terms already in common use." Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150402164232.ga10...@alum.home
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 04/01/2015 11:45 PM, David Wright wrote: > Quoting ~Stack~ (i.am.st...@gmail.com): >> On 04/01/2015 03:27 PM, David Wright wrote: >>> I don't recall seeing you post what you actually put into >>> /etc/crypttab to test PARTUUID, only the erroneous earlier versions >>> where you were still using swap's UUID. >> >> Fair enough. Completely plausible I did something wrong as I haven't >> used PARTUUID's in my /etc/crypttab before. >> >> >> # blkid | grep sda3 >> /dev/sda3: PARTUUID="0003efe2-03" >> >> # grep swap /etc/crypttab >> # swap works. >> #sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 >> /dev/urandom cipher=aes-xts-plain64,size=256,swap >> # swap doesn't work. >> sda3_crypt PARTUUID=0003efe2-03 /dev/urandom >> cipher=aes-xts-plain64,size=256,swap > > How about trying > > sda3_crypt /dev/disk/by-partuuid/0003efe2-03 /dev/urandom > cipher=aes-xts-plain64,size=256,swap Same thing. Systemd.fsck runs on boot and takes ~2 minutes before timing out. Swap is not mounted. :-/ Thanks for the suggestion! signature.asc Description: OpenPGP digital signature
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
Quoting ~Stack~ (i.am.st...@gmail.com): > On 04/01/2015 03:27 PM, David Wright wrote: > > I don't recall seeing you post what you actually put into > > /etc/crypttab to test PARTUUID, only the erroneous earlier versions > > where you were still using swap's UUID. > > Fair enough. Completely plausible I did something wrong as I haven't > used PARTUUID's in my /etc/crypttab before. > > > # blkid | grep sda3 > /dev/sda3: PARTUUID="0003efe2-03" > > # grep swap /etc/crypttab > # swap works. > #sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 > /dev/urandom cipher=aes-xts-plain64,size=256,swap > # swap doesn't work. > sda3_crypt PARTUUID=0003efe2-03 /dev/urandom > cipher=aes-xts-plain64,size=256,swap How about trying sda3_crypt /dev/disk/by-partuuid/0003efe2-03 /dev/urandom cipher=aes-xts-plain64,size=256,swap Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150402044544.gd24...@alum.home
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
I read the prior discussion as taking for granted the idea that one must have only one method of identifying individual partitions, and that that method must be the latest to have arrived on the scene. For example, if everyone else in the world accepts your idea that LABEL=sda1 on the partition that was /dev/sda1 when Debian was installed is something that should *not*be*done*, *then* I can be very confident that my disk will not cause problems *because*of*an*identity* *clash*. The whole scenario is false anyway. Who would let a disk arrives at his facility in the hands of a stranger be *mount*ed without first putting it in a USB disk carrier and using some system tools to take a look at what is recorded on it? And why would I offer my disk to anyone without *telling* them how it is labeled? I see the argument here, mine as well as yours, as a clash of wildly imaginative false scenarios. Peace. On 20150401_1619-0500, David Wright wrote: > Quoting Paul E Condon (pecon...@mesanetworks.net): > > > You can also use disk LABEL=. As implemented, the LABEL is actually > > applied to individual partition. As long as every partition has a > > different LABEL values there is no ambiguity. You only need to have > > unique values for partitions that you feel you will be mounting and > > umounting. Partitions with no LABEL value set never get compared by > > LABEL value. > > That may be a problem for anyone using wheezy as it only appears to > have UUIDs and LABELs, and not PARTUUIDs and PARTLABELs available. > As discussed, only PARTXXXs are persistent. (If ever I let the Debian > installer loose on my labelled swap partition, I have to relabel it > afterwards.) > > > The system has always insisted on setting a unique UUID > > value on every partition. Its done that way because of a design > > decision of Debian developers. > > The world has decided that, not just DDs. > > > But it has a tiny flaw that you can > > avoid by using LABEL values, which YOU can be sure are unique because > > you didn't do repeats, whereas UUIDs are randomly generated and there > > is a tiny, but non-zero chance of repeats for UUIDs. > > Oh, please. "Assuming uniform probability for simplicity, the > probability of one duplicate would be about 50% if every person on > earth as of 2014 owned 600 million GUIDs." (Wikipedia) > > What if you're running a disk farm of several thousand drives? > No, LABELs don't scale well. > > > If I read your message above, you are having trouble understanding how > > to use the UUID/PARTUUID system for identifying partitions on disks. > > I suggest that you don't need to use it, and if you don't use it you > > don't need to understand it. > > That's ok until Debian does something behind your back that catches > you out. For example, GRUB uses UUIDs, whereas I prefer LABELs. But I > have to understand what GRUB/Debian Installer/Upgrade is doing so I > can mitigate the effects. > > > I was once troubled by a similar situation when Debian first started to > > use UUID, until I realized that for some disks, I had no intention > > of ever changing the partion structure that was put there initially. > > Hm. Never say never. Yes. > > > For disks that I did have some special use and some ideas about how > > that special use might change in the future, I put LABEL=... on their > > partitions and used LABEL= paradigm to identify the partitions. This > > is what I do with all my external drives. And I put sticker on the > > outside of the drive enclosure with the LABEL= value written with a > > ball point pen on it. It is my personal responsibility to myself that > > I never put the same LABEL= value on two different disks. > > I agree. All my disks, internal and external are named and labelled > just so. But I have so few, and all in different rôles. If I had lots, > I wouldn't bother. > > > You can even > > put a LABEL= value on the root system disk that is always /dev/sda1 > > during installation. I suggest that you use LABEL=sda1. > > Bad idea. The names should not be loaded with extra meaning. My > partition labelling *is* overloaded: mama01, 02 ... but I'm prepared > to live with the necessary constraints: creating them in the correct > order, and not resizing/creating new partitions afterwards unless I > make a clean sweep of it. > > What if you/(s)he were to take a disk labelled sda1 and put it in > another computer to clone/recover/whatever it. Now it sits in a box > where there's a /dev/sda1 and a /dev/sdb1 but the latter is called > sda1. A recipe for disaster. > > > As I see it, the only benefit that you the user get from using the > > UUID/PARTUUID system is that if some Linux user is browsing through > > the internals of what is written on your disk, he may wonder where > > you got the software to do that and treat you with a little more > > respect. Let me assure you, you are not Rodney Dangerfield > > Eh? A very wild scenario, not to be taken seriously > > Cheers, > David. > >
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 04/01/2015 03:27 PM, David Wright wrote: > I don't recall seeing you post what you actually put into > /etc/crypttab to test PARTUUID, only the erroneous earlier versions > where you were still using swap's UUID. Fair enough. Completely plausible I did something wrong as I haven't used PARTUUID's in my /etc/crypttab before. # blkid | grep sda3 /dev/sda3: PARTUUID="0003efe2-03" # grep swap /etc/crypttab # swap works. #sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 /dev/urandom cipher=aes-xts-plain64,size=256,swap # swap doesn't work. sda3_crypt PARTUUID=0003efe2-03 /dev/urandom cipher=aes-xts-plain64,size=256,swap signature.asc Description: OpenPGP digital signature
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
Quoting Paul E Condon (pecon...@mesanetworks.net): > You can also use disk LABEL=. As implemented, the LABEL is actually > applied to individual partition. As long as every partition has a > different LABEL values there is no ambiguity. You only need to have > unique values for partitions that you feel you will be mounting and > umounting. Partitions with no LABEL value set never get compared by > LABEL value. That may be a problem for anyone using wheezy as it only appears to have UUIDs and LABELs, and not PARTUUIDs and PARTLABELs available. As discussed, only PARTXXXs are persistent. (If ever I let the Debian installer loose on my labelled swap partition, I have to relabel it afterwards.) > The system has always insisted on setting a unique UUID > value on every partition. Its done that way because of a design > decision of Debian developers. The world has decided that, not just DDs. > But it has a tiny flaw that you can > avoid by using LABEL values, which YOU can be sure are unique because > you didn't do repeats, whereas UUIDs are randomly generated and there > is a tiny, but non-zero chance of repeats for UUIDs. Oh, please. "Assuming uniform probability for simplicity, the probability of one duplicate would be about 50% if every person on earth as of 2014 owned 600 million GUIDs." (Wikipedia) What if you're running a disk farm of several thousand drives? No, LABELs don't scale well. > If I read your message above, you are having trouble understanding how > to use the UUID/PARTUUID system for identifying partitions on disks. > I suggest that you don't need to use it, and if you don't use it you > don't need to understand it. That's ok until Debian does something behind your back that catches you out. For example, GRUB uses UUIDs, whereas I prefer LABELs. But I have to understand what GRUB/Debian Installer/Upgrade is doing so I can mitigate the effects. > I was once troubled by a similar situation when Debian first started to > use UUID, until I realized that for some disks, I had no intention > of ever changing the partion structure that was put there initially. Hm. Never say never. > For disks that I did have some special use and some ideas about how > that special use might change in the future, I put LABEL=... on their > partitions and used LABEL= paradigm to identify the partitions. This > is what I do with all my external drives. And I put sticker on the > outside of the drive enclosure with the LABEL= value written with a > ball point pen on it. It is my personal responsibility to myself that > I never put the same LABEL= value on two different disks. I agree. All my disks, internal and external are named and labelled just so. But I have so few, and all in different rôles. If I had lots, I wouldn't bother. > You can even > put a LABEL= value on the root system disk that is always /dev/sda1 > during installation. I suggest that you use LABEL=sda1. Bad idea. The names should not be loaded with extra meaning. My partition labelling *is* overloaded: mama01, 02 ... but I'm prepared to live with the necessary constraints: creating them in the correct order, and not resizing/creating new partitions afterwards unless I make a clean sweep of it. What if you/(s)he were to take a disk labelled sda1 and put it in another computer to clone/recover/whatever it. Now it sits in a box where there's a /dev/sda1 and a /dev/sdb1 but the latter is called sda1. A recipe for disaster. > As I see it, the only benefit that you the user get from using the > UUID/PARTUUID system is that if some Linux user is browsing through > the internals of what is written on your disk, he may wonder where > you got the software to do that and treat you with a little more > respect. Let me assure you, you are not Rodney Dangerfield Eh? Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150401211903.gb21...@alum.home
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
Quoting ~Stack~ (i.am.st...@gmail.com): > On 03/29/2015 07:06 AM, Sven Hartge wrote: > > ~Stack~ wrote: > > > >> One more question if you don't mind: I understand why the encrypted > >> partition UUID is going to change every time, but the physical > >> partition UUID for my /dev/sda3 shouldn't change though. If they are > >> the same systemd.fsck shouldn't have a problem with the physical > >> partition UUID of /dev/sda3, but yet it does (at least for me). So > >> what is the difference between the UUID pointing to /dev/sda3 and the > >> /dev/disk/by-id pointing to /dev/sda3? > > > > Please provide an example of such an UUID and the way you obtained it. > > Greetings Sven, > > So something odd has happened... > > # blkid |grep sda3 > /dev/sda3: PARTUUID="0003efe2-03" > /dev/mapper/sda3_crypt: UUID="f4aad427-3462-4dcf-a40d-617e90a7b1cb" > TYPE="swap" > > # grep sda3 /etc/crypttab > sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 > /dev/urandom cipher=aes-xts-plain64,size=256,swap > > That "PARTUUID" is odd because it used to be a UUID...huh...really not > sure what happened...but I have a guess (below)... I can't work out why your blkid | grep produces so little output. Here's some of mine: wheezy: /dev/sda1: LABEL="gina01" UUID="a854f3b7-4ba1-4fa3-8d43-c150169c91a6" TYPE="ext4" /dev/sda4: LABEL="gina04" UUID="32e87272-a109-46ba-8914-c0b5374cb32e" TYPE="swap" /dev/sdb2: LABEL="mama02" UUID="2013-1105" TYPE="vfat" /dev/sdb4: LABEL="mama04" UUID="8561eb12-3ee8-42e1-a5c7-6d36fea217d3" SEC_TYPE="ext2" TYPE="ext3" jessie: /dev/sda1: LABEL="john01" UUID="53515dcb-96fb-4c28-b456-1efbd1fdac38" TYPE="ext3" PARTUUID="c889c889-01" /dev/sda4: LABEL="john04" UUID="876c1170-c64f-4fdf-aae2-a20e9c4a26f6" TYPE="swap" PARTUUID="c889c889-04" /dev/sdb1: PARTLABEL="EFI" PARTUUID="d01dcc00-c77d-4e35-81d9-6ffc12536839" /dev/sdb2: LABEL="mama02" UUID="2013-1105" TYPE="vfat" PARTLABEL="FAT32" PARTUUID="4123d2d5-b471-405e-90ed-76afea329c13" /dev/sdb4: LABEL="mama04" UUID="8561eb12-3ee8-42e1-a5c7-6d36fea217d3" TYPE="ext3" PARTLABEL="m04" PARTUUID="5fabaa67-6f04-4d59-b797-e6fee7f4d454" I don't suppose it's relevant in your case that wheezy is blind to PARTxxx unlike jessie, so sdb1 doesn't even appear. I prefer the output from /run/udev/data because, though much more voluminous, the labelling is better: S:disk/by-id/ata-ST3000DM001-1E6166_Z1F3FX1E-part4 S:disk/by-id/wwn-0x5000c500642bbfd3-part4 S:disk/by-label/mama04 S:disk/by-partlabel/m04 S:disk/by-partuuid/5fabaa67-6f04-4d59-b797-e6fee7f4d454 S:disk/by-path/pci-:00:1d.7-usb-0:5:1.0-scsi-0:0:0:0-part4 S:disk/by-uuid/8561eb12-3ee8-42e1-a5c7-6d36fea217d3 E:ID_FS_LABEL=mama04 E:ID_FS_TYPE=ext3 E:ID_FS_USAGE=filesystem E:ID_FS_UUID=8561eb12-3ee8-42e1-a5c7-6d36fea217d3 E:ID_PART_ENTRY_TYPE=0fc63daf-8483-4772-8e79-3d69d8477de4 E:ID_PART_ENTRY_UUID=5fabaa67-6f04-4d59-b797-e6fee7f4d454 E:ID_PART_TABLE_TYPE=gpt E:ID_PART_TABLE_UUID=35365a04-6978-4588-9fbe-75c8f3263aba Unlike, say, sba4 and mama04 where the difference is obvious, UUIDs all look alike with a quick glance. > Thus, I would want to point to the partition PARTUUID because (as you > pointed out to me earlier) the swap filesystem is going to change every > time due to urandom and thus the UUID should be changing on every > boot...blkid is probably seeing that this is a ever changing swap > partition and just returning the PARTUUID for me. I don't think it's blkid's prerogative to interpret the information, but just to present it. > But putting that PARTUUID in my /etc/crypttab didn't work and I ended up > with the systemd.fsck timing out and not mounting swap. Hrm. I don't recall seeing you post what you actually put into /etc/crypttab to test PARTUUID, only the erroneous earlier versions where you were still using swap's UUID. Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150401202758.ga21...@alum.home
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 20150331_1923-0500, ~Stack~ wrote: > On 03/29/2015 07:06 AM, Sven Hartge wrote: > > ~Stack~ wrote: > > > >> One more question if you don't mind: I understand why the encrypted > >> partition UUID is going to change every time, but the physical > >> partition UUID for my /dev/sda3 shouldn't change though. If they are > >> the same systemd.fsck shouldn't have a problem with the physical > >> partition UUID of /dev/sda3, but yet it does (at least for me). So > >> what is the difference between the UUID pointing to /dev/sda3 and the > >> /dev/disk/by-id pointing to /dev/sda3? > > > > Please provide an example of such an UUID and the way you obtained it. > > Greetings Sven, > > So something odd has happened... > > # blkid |grep sda3 > /dev/sda3: PARTUUID="0003efe2-03" > /dev/mapper/sda3_crypt: UUID="f4aad427-3462-4dcf-a40d-617e90a7b1cb" > TYPE="swap" > > # grep sda3 /etc/crypttab > sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 > /dev/urandom cipher=aes-xts-plain64,size=256,swap > > That "PARTUUID" is odd because it used to be a UUID...huh...really not > sure what happened...but I have a guess (below)... > > But on my not-yet-updated-to-an-OS-with-systemd boxes they are either > configured for keys or use the UUID from blkid and that UUID is what is > in /etc/crypttab. In my first email this > "UUID=ef2496cd-ca4d-43aa-8c90-dba084029f6e" was taken from blkid. > Clearly that is no longer the case and would explain why UUID doesn't > work. :-) > > So off I went to read about UUID vs PARTUUID. Short notes: > UUID == filesystem > PARTUUID == partition > > Thus, I would want to point to the partition PARTUUID because (as you > pointed out to me earlier) the swap filesystem is going to change every > time due to urandom and thus the UUID should be changing on every > boot...blkid is probably seeing that this is a ever changing swap > partition and just returning the PARTUUID for me. > > But putting that PARTUUID in my /etc/crypttab didn't work and I ended up > with the systemd.fsck timing out and not mounting swap. Hrm. > > Well, I guess the disk-by-id works so I will just use that for now. ~Stack~, You can also use disk LABEL=. As implemented, the LABEL is actually applied to individual partition. As long as every partition has a different LABEL values there is no ambiguity. You only need to have unique values for partitions that you feel you will be mounting and umounting. Partitions with no LABEL value set never get compared by LABEL value. The system has always insisted on setting a unique UUID value on every partition. Its done that way because of a design decision of Debian developers. But it has a tiny flaw that you can avoid by using LABEL values, which YOU can be sure are unique because you didn't do repeats, whereas UUIDs are randomly generated and there is a tiny, but non-zero chance of repeats for UUIDs. > > Thanks again! I have learned a ton about cryptab, swap, UUID/PARTUUID, > and the boot process. :-) > > ~Stack~ ~Stack~, If I read your message above, you are having trouble understanding how to use the UUID/PARTUUID system for identifying partitions on disks. I suggest that you don't need to use it, and if you don't use it you don't need to understand it. It can be there because it has been put there during the initalization of Debian, and it won't hurt anything until you try to use it and make a mistake in trying to use it. I was once troubled by a similar situation when Debian first started to use UUID, until I realized that for some disks, I had no intention of ever changing the partion structure that was put there initially. For disks that I did have some special use and some ideas about how that special use might change in the future, I put LABEL=... on their partitions and used LABEL= paradigm to identify the partitions. This is what I do with all my external drives. And I put sticker on the outside of the drive enclosure with the LABEL= value written with a ball point pen on it. It is my personal responsibility to myself that I never put the same LABEL= value on two different disks. You can even put a LABEL= value on the root system disk that is always /dev/sda1 during installation. I suggest that you use LABEL=sda1. LABEL= settings can be any string of alphnumeric characters <= sixteen long. As I see it, the only benefit that you the user get from using the UUID/PARTUUID system is that if some Linux user is browsing through the internals of what is written on your disk, he may wonder where you got the software to do that and treat you with a little more respect. Let me assure you, you are not Rodney Dangerfield -- Paul E Condon pecon...@mesanetworks.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150401051932.ga31...@big.lan.gnu
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 03/29/2015 07:06 AM, Sven Hartge wrote: > ~Stack~ wrote: > >> One more question if you don't mind: I understand why the encrypted >> partition UUID is going to change every time, but the physical >> partition UUID for my /dev/sda3 shouldn't change though. If they are >> the same systemd.fsck shouldn't have a problem with the physical >> partition UUID of /dev/sda3, but yet it does (at least for me). So >> what is the difference between the UUID pointing to /dev/sda3 and the >> /dev/disk/by-id pointing to /dev/sda3? > > Please provide an example of such an UUID and the way you obtained it. Greetings Sven, So something odd has happened... # blkid |grep sda3 /dev/sda3: PARTUUID="0003efe2-03" /dev/mapper/sda3_crypt: UUID="f4aad427-3462-4dcf-a40d-617e90a7b1cb" TYPE="swap" # grep sda3 /etc/crypttab sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 /dev/urandom cipher=aes-xts-plain64,size=256,swap That "PARTUUID" is odd because it used to be a UUID...huh...really not sure what happened...but I have a guess (below)... But on my not-yet-updated-to-an-OS-with-systemd boxes they are either configured for keys or use the UUID from blkid and that UUID is what is in /etc/crypttab. In my first email this "UUID=ef2496cd-ca4d-43aa-8c90-dba084029f6e" was taken from blkid. Clearly that is no longer the case and would explain why UUID doesn't work. :-) So off I went to read about UUID vs PARTUUID. Short notes: UUID == filesystem PARTUUID == partition Thus, I would want to point to the partition PARTUUID because (as you pointed out to me earlier) the swap filesystem is going to change every time due to urandom and thus the UUID should be changing on every boot...blkid is probably seeing that this is a ever changing swap partition and just returning the PARTUUID for me. But putting that PARTUUID in my /etc/crypttab didn't work and I ended up with the systemd.fsck timing out and not mounting swap. Hrm. Well, I guess the disk-by-id works so I will just use that for now. Thanks again! I have learned a ton about cryptab, swap, UUID/PARTUUID, and the boot process. :-) ~Stack~ signature.asc Description: OpenPGP digital signature
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
~Stack~ wrote: > One more question if you don't mind: I understand why the encrypted > partition UUID is going to change every time, but the physical > partition UUID for my /dev/sda3 shouldn't change though. If they are > the same systemd.fsck shouldn't have a problem with the physical > partition UUID of /dev/sda3, but yet it does (at least for me). So > what is the difference between the UUID pointing to /dev/sda3 and the > /dev/disk/by-id pointing to /dev/sda3? Please provide an example of such an UUID and the way you obtained it. S° -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5bgbenvjj...@mids.svenhartge.de
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 03/28/2015 06:45 PM, Sven Hartge wrote: > ~Stack~ wrote: > >> In another post on this thread you asked where I got that UUID from. >> That question fits in well here so I am just going to dump it all >> here. :-) > >> I just checked a number of my systems with blkid and the UUID's I am >> using are indeed the physical /dev/sdx# UUID's.. All of the bizarre >> behavior totally make sense in those layers you described if the LUKS >> swap UUID is auto generated and different every boot. > > If you use a static key and not /dev/urandom you can reuse the > swap-space that is already present. But that defeats the purpose of > encrypting the swap-space; you _want_ to forget the key and recreate the > encryption layer on every boot so that there is no chance of any > information leak from previous runs. > >> But at the same time, I am still not sure as to why systemd.fsck has >> issues with the UUID of the partition but is OK with the >> /dev/disk/by-id/pointer. > > UUID=... uses the UUID of the filesystem or swap-space on a partition, > _not_ the ID of the partition itself. That is totally different ID. > > Note that you have /dev/disk/by-id (which is the physical ID of the > device, partition, device map or md-RAID-set) while /dev/disk/by-uuid is > the UUID of whatever filesystem is on any device. > > You can only use the physical ones in /etc/crypttab. > > I guess by using the wrong (UU)ID the automatic dependency solvers of > systemd create a deadlock while trying to activate the correct units in > the correct order to do what you told it. This then turns into a fine > demonstration of computer sciences GIGO principle: Garbage In - Garbage Out. > > Of course, systemd could be a bit nicer and tell you if there is > something totally wrong, but maybe none of the authors has yet stumbled > upon this problem because they _know_ it does not work and hence never > tried it and never built any safe-guards into systemd to fail in a nicer > way. Thanks for the explanation. I now understand the results of a lot of my experiments today. It makes a lot more sense and I understand they garbage aspect of pointing to the swap file system (which changes) instead of the physical partition for swap. One more question if you don't mind: I understand why the encrypted partition UUID is going to change every time, but the physical partition UUID for my /dev/sda3 shouldn't change though. If they are the same systemd.fsck shouldn't have a problem with the physical partition UUID of /dev/sda3, but yet it does (at least for me). So what is the difference between the UUID pointing to /dev/sda3 and the /dev/disk/by-id pointing to /dev/sda3? Thanks Sven! You have been a great help in me understanding this better! signature.asc Description: OpenPGP digital signature
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
~Stack~ wrote: > In another post on this thread you asked where I got that UUID from. > That question fits in well here so I am just going to dump it all > here. :-) > I just checked a number of my systems with blkid and the UUID's I am > using are indeed the physical /dev/sdx# UUID's.. All of the bizarre > behavior totally make sense in those layers you described if the LUKS > swap UUID is auto generated and different every boot. If you use a static key and not /dev/urandom you can reuse the swap-space that is already present. But that defeats the purpose of encrypting the swap-space; you _want_ to forget the key and recreate the encryption layer on every boot so that there is no chance of any information leak from previous runs. > But at the same time, I am still not sure as to why systemd.fsck has > issues with the UUID of the partition but is OK with the > /dev/disk/by-id/pointer. UUID=... uses the UUID of the filesystem or swap-space on a partition, _not_ the ID of the partition itself. That is totally different ID. Note that you have /dev/disk/by-id (which is the physical ID of the device, partition, device map or md-RAID-set) while /dev/disk/by-uuid is the UUID of whatever filesystem is on any device. You can only use the physical ones in /etc/crypttab. I guess by using the wrong (UU)ID the automatic dependency solvers of systemd create a deadlock while trying to activate the correct units in the correct order to do what you told it. This then turns into a fine demonstration of computer sciences GIGO principle: Garbage In - Garbage Out. Of course, systemd could be a bit nicer and tell you if there is something totally wrong, but maybe none of the authors has yet stumbled upon this problem because they _know_ it does not work and hence never tried it and never built any safe-guards into systemd to fail in a nicer way. Grüße, Sven. -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/4bga2r0jj...@mids.svenhartge.de
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 03/28/2015 03:37 PM, Sven Hartge wrote: > ~Stack~ wrote: [snip] >> In my /dev/disk/by-id/ directory I have both "dm-name-sda3_crypt" and >> "dm-uuid-CRYPT-PLAIN-sda3_crypt" which point to "../../dm-1". I can >> not use either of those in my /etc/crypttab because then I get the >> systemd.fsck problem again. > > Those device nodes only appear _after_ /etc/crypttab has been parsed. By > using them inside the crypttab, you create a chicken-and-egg problem. Oh. Then yeah, that does explain some things...quite a bit actually. >> Maybe that was the problem with the UUID?? > > I guess, you used the UUID of the swap inside the crypted device. But this > UUID changes on every boot, so it is of no use. Huh. More thoughts on that below. >> However, I also have "ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3" and >> "wwn-0x10001354922489237504x-part3" that point to "../../sda3". Both of >> those will boot correctly and mount swap. Here is my update that works: >> >> sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 >> /dev/urandom cipher=aes-xts-plain64,size=256,swap >> > > Of course. /etc/crypttab needs the device on which to create the crypted > device mapping. > >> So my guess, if I understand this correctly, is that if I use the >> encrypted container, systemd.fsck freaks out, tries to and fails to >> mount, then just ignores swap altogether. However, if I tell LUKS to >> encrypt the actual partition, that somehow means systemd.fsck is happy >> with it. So bizarre. > > No, not bizzare at all, quite logic if one thinks about what layer is > put on top of what other layer. > > You have /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 at the > bottom. On top of that, you get /dev/mapper/sda3_crypt. And on top of > that you get your swap-space. OK. So that actually does explain a lot. In another post on this thread you asked where I got that UUID from. That question fits in well here so I am just going to dump it all here. :-) I just checked a number of my systems with blkid and the UUID's I am using are indeed the physical /dev/sdx# UUID's.. All of the bizarre behavior totally make sense in those layers you described if the LUKS swap UUID is auto generated and different every boot. On the older Wheezy systems I also show a UUID for the LUKS swap device but I am not using that one. I rebooted a host and it did change. I have finally joined two previously disconnected thoughts in my brain and learned something today! :-) But at the same time, I am still not sure as to why systemd.fsck has issues with the UUID of the partition but is OK with the /dev/disk/by-id/pointer. Is this the correct way of doing it? (EG: have I been doing it wrong this whole time by using the physical partitions UUID? Should I update my other not-yet-updated-to-Jessie hosts to use /dev/disk/by-id?) Thanks for clarifying this! I do appreciate it. ~Stack~ signature.asc Description: OpenPGP digital signature
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
~Stack~ wrote: > On 03/28/2015 02:15 PM, David Wright wrote: Quoting ~Stack~ > (i.am.st...@gmail.com): >>> $ grep swap /etc/crypttab >>> # causes systemd to fsck swap >>> #sda3_crypt UUID=ef2496cd-ca4d-43aa-8c90-dba084029f6e /dev/urandom >>> cipher=aes-xts-plain64,size=256,swap >>> # systemd doesn't fsck swap >>> sda3_crypt /dev/sda3 /dev/urandom cipher=aes-xts-plain64,size=256,swap >> >> That cure looks retrograde to me because it throws away the uniqueness >> of UUIDs. What if /dev/sda3 changes, for whatever reason. >> >> A systemd 216 man page for crypttab says: >>"WARNING: Using the swap option will destroy the contents of the >>named partition during every boot, so make sure the underlying >>block device is specified correctly." >> >> Could you not try using a /dev/disk/by-foo/... entry instead and see >> if that works? (I don't recognise the particular one Sven uses.) > OGood catch! That completely blitzed my mind. I knew there was a > reason for the UUID's! :-) > In my /dev/disk/by-id/ directory I have both "dm-name-sda3_crypt" and > "dm-uuid-CRYPT-PLAIN-sda3_crypt" which point to "../../dm-1". I can > not use either of those in my /etc/crypttab because then I get the > systemd.fsck problem again. Those device nodes only appear _after_ /etc/crypttab has been parsed. By using them inside the crypttab, you create a chicken-and-egg problem. > Maybe that was the problem with the UUID?? I guess, you used the UUID of the swap inside the crypted device. But this UUID changes on every boot, so it is of no use. > However, I also have "ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3" and > "wwn-0x10001354922489237504x-part3" that point to "../../sda3". Both of > those will boot correctly and mount swap. Here is my update that works: > > sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 > /dev/urandom cipher=aes-xts-plain64,size=256,swap > Of course. /etc/crypttab needs the device on which to create the crypted device mapping. > So my guess, if I understand this correctly, is that if I use the > encrypted container, systemd.fsck freaks out, tries to and fails to > mount, then just ignores swap altogether. However, if I tell LUKS to > encrypt the actual partition, that somehow means systemd.fsck is happy > with it. So bizarre. No, not bizzare at all, quite logic if one thinks about what layer is put on top of what other layer. You have /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 at the bottom. On top of that, you get /dev/mapper/sda3_crypt. And on top of that you get your swap-space. Grüße, Sven. -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/3bg9o3djj...@mids.svenhartge.de
Re: [solved securely now??] What is the correct way to set encrypted swap with systemd?
On 03/28/2015 02:15 PM, David Wright wrote: > Quoting ~Stack~ (i.am.st...@gmail.com): [snip] >> $ grep swap /etc/crypttab >> # causes systemd to fsck swap >> #sda3_crypt UUID=ef2496cd-ca4d-43aa-8c90-dba084029f6e /dev/urandom >> cipher=aes-xts-plain64,size=256,swap >> # systemd doesn't fsck swap >> sda3_crypt /dev/sda3 /dev/urandom cipher=aes-xts-plain64,size=256,swap > > That cure looks retrograde to me because it throws away the uniqueness > of UUIDs. What if /dev/sda3 changes, for whatever reason. > > A systemd 216 man page for crypttab says: >"WARNING: Using the swap option will destroy the contents of the >named partition during every boot, so make sure the underlying >block device is specified correctly." > > Could you not try using a /dev/disk/by-foo/... entry instead and see > if that works? (I don't recognise the particular one Sven uses.) OGood catch! That completely blitzed my mind. I knew there was a reason for the UUID's! :-) In my /dev/disk/by-id/ directory I have both "dm-name-sda3_crypt" and "dm-uuid-CRYPT-PLAIN-sda3_crypt" which point to "../../dm-1". I can not use either of those in my /etc/crypttab because then I get the systemd.fsck problem again. Maybe that was the problem with the UUID?? However, I also have "ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3" and "wwn-0x10001354922489237504x-part3" that point to "../../sda3". Both of those will boot correctly and mount swap. Here is my update that works: sda3_crypt /dev/disk/by-id/ata-TOSHIBA_MK3259GSXP_42K5CE0TT-part3 /dev/urandom cipher=aes-xts-plain64,size=256,swap So my guess, if I understand this correctly, is that if I use the encrypted container, systemd.fsck freaks out, tries to and fails to mount, then just ignores swap altogether. However, if I tell LUKS to encrypt the actual partition, that somehow means systemd.fsck is happy with it. So bizarre. Thanks for pointing that out David! ~Stack~ signature.asc Description: OpenPGP digital signature
Re: Spamassassin Upgraded, Now What?
David Baron wrote: > Ever since my 64-bit fresh install adventure, various things simple are not > working, no idea why. If you have done a fresh install then you will need to tell us what you have done. We won't know unless you give details. > I no longer get logcheck emails, for example. Saying "no longer" implies that it worked previously. But you said you did a fresh installation. At the point that you do a fresh installation then there is not any "before". Life of the machine begins at installation time. Nothing on the machine exists before that time. There is no before. Do you get any email? What MTA are you using? How is emailed delivered to you? Are you reading it locally or remotely? What MUA are you using to read the mail? What errors exist in the /var/log/syslog? It will take more than twenty questions to get all of the information. Best if you simply start at the beginning and proceed through from there. > The other one, also maybe around exim4, root, involves spamassasin. How are you running spamassassin? There are many ways to run spamassassin. Each way is uniquely different. > That upgraded a couple of days ago Upgrade? You said fresh install. Was it a fresh install or an upgrade? > and lo and behold, I began having the spam > stuff actually marked so I could make a kmail filter to dispose of it, could > also change my procmailrc to do the same, that is, if the spam would get > placed as specified there. Details are needed. Our ability to mind read is limited. > However, the day after, the spam was no longer carrying the marks. Manually > starting the daemon did not restore them. > > No idea why it stopped working or how to get it going once again. My car stopped working today too. It used to work. But then I sold it and bought another car. But it isn't working now. I have no idea what is wrong. What do you think is wrong with it? If you don't have any idea what is wrong with my car and wonder how would you possibly know with such little information then that is exactly where we are with your problems too. Please read through your message again. Note specifically what details you give us. Ask yourself this question. Is there enough information there for anyone to be able to help you? I think you will agree that if you don't give any details then it is isn't any way for anyone else to help you either. Start small. Work on the smallest piece of the problem you can isolate. Bob signature.asc Description: Digital signature
Spamassassin Upgraded, Now What?
Ever since my 64-bit fresh install adventure, various things simple are not working, no idea why. I no longer get logcheck emails, for example. The other one, also maybe around exim4, root, involves spamassasin. That upgraded a couple of days ago and lo and behold, I began having the spam stuff actually marked so I could make a kmail filter to dispose of it, could also change my procmailrc to do the same, that is, if the spam would get placed as specified there. However, the day after, the spam was no longer carrying the marks. Manually starting the daemon did not restore them. No idea why it stopped working or how to get it going once again. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5985032.taKLfBKVkr@dovidhalevi
Re: installed cups-pdf package; now what?
On Sun 23 Jun 2013 at 23:39:30 -0700, Dan B. wrote: > Where are the instructions for what to do after installing the cups-pdf > package, to have the virtual to-PDF printer appear (e.g. in "lpstat -a" > output) and be able to print to PDF? > > The files /usr/share/doc/cups-pdf/... don't seem to have any such > instructions. > > (I tried using the CUPS administration tool at http://localhost:631/admin, > but it's unclear how to proceed (e.g., what Make and Model would I use).) lpstat should show the PDF print queue when issued on the machine which cups-pdf has been installed to. For other machines on the network you have to share it. This can be done from the web interface by modifying the printer from 'Administration'. The PPD is under 'Generic'. Or service cups stop and edit /etc/cups/printers.conf to have 'Shared Yes'. And then service cups start -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130624124350.GA12108@desktop
installed cups-pdf package; now what?
Where are the instructions for what to do after installing the cups-pdf package, to have the virtual to-PDF printer appear (e.g. in "lpstat -a" output) and be able to print to PDF? The files /usr/share/doc/cups-pdf/... don't seem to have any such instructions. (I tried using the CUPS administration tool at http://localhost:631/admin, but it's unclear how to proceed (e.g., what Make and Model would I use).) Thanks, Daniel -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51c7e9a2.9060...@kempt.net
Re: Hauppauge Nova-T USB stick -- now what?
On 16/04/12 16:55, Sian Mountbatten wrote: On 16/04/12 16:50, Rob Owens wrote: On Mon, Apr 16, 2012 at 04:13:36PM +0100, Sian Mountbatten wrote: On 16/04/12 15:00, Dom wrote: On 16/04/12 13:02, Sian Mountbatten wrote: Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: -- ... [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 - I have a number of questions:- 1. With NO remote control, how do I control the device? With great easy. The remote control is configured as an input device and mapped to predefined key presses - pressing "1" on the remote is the same as pressing "1" on your keyboard. It doesn't control the device directly. Under what circumstances does "1" on my keyboard correspond to "1" on a remote? When the remote is treated as an IR keyboard by the driver, which is either done by the native driver or by the lirc package. I can start up any app (xterm for example) and press "1" on my remote and a 1 appears in the app. Unfortunately I don't have the USB stick that you have, and don't know which Debian release you're running (I'm on Wheezy/testing), so I can't test your particular situation. I have liblircclient0 installed Description: infra-red remote control support - client library LIRC stands for 'Linux Infra-red Remote Control'. . This package provides a library with functions to support remote controls via LIRC in programs such as xawtv. I believe the relevant lines from my dmesg are: [6.509665] IR MCE Keyboard/mouse protocol handler initialized [6.573084] lirc_dev: IR Remote Control driver registered, major 251 [ -- Dom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8d926d.5040...@rpdom.net
Re: Hauppauge Nova-T USB stick -- now what?
On 16/04/12 16:50, Rob Owens wrote: On Mon, Apr 16, 2012 at 04:13:36PM +0100, Sian Mountbatten wrote: On 16/04/12 15:00, Dom wrote: On 16/04/12 13:02, Sian Mountbatten wrote: Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: -- ... [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 - I have a number of questions:- 1. With NO remote control, how do I control the device? With great easy. The remote control is configured as an input device and mapped to predefined key presses - pressing "1" on the remote is the same as pressing "1" on your keyboard. It doesn't control the device directly. Under what circumstances does "1" on my keyboard correspond to "1" on a remote? I've tried me-tv, which just hangs, mplayer, which cannot be configured correctly, vlc and kaffeine. So far, no joy. No TV at all. What am I doing wrong? What device is created for the usb stick? Is it /dev/video0? Check out the permissions and make sure your user has access to it. Are you a member of the "video" group? Yes, I am a member of the video group. I've checked /dev and there is no video0 or any other video device. The kernel does not mention any device. Regards -- Sian Mountbatten Algol 68 specialist -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/jmhfdn$6dj$1...@speranza.aioe.org
Re: Hauppauge Nova-T USB stick -- now what?
On Mon, Apr 16, 2012 at 04:13:36PM +0100, Sian Mountbatten wrote: > On 16/04/12 15:00, Dom wrote: > >On 16/04/12 13:02, Sian Mountbatten wrote: > >>Dear All > >> > >>This morning I received a second-hand USB stick which consisted of > >>the stick > >>a USB extension cable plus USB plug/socket > >>a mini antenna > >>No instructions of any sort. > >> > >>I plugged the USB stick into a USB slot on the front of the computer and > >>checked dmesg which gave the following: > >>-- > > > ... > >>[67244.676831] dvb-usb: schedule remote query interval to 50 msecs. > >>[67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized > >>and connected. > >>[67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 > >>- > >> > >>I have a number of questions:- > >>1. With NO remote control, how do I control the device? > > > >With great easy. The remote control is configured as an input device and > >mapped to predefined key presses - pressing "1" on the remote is the > >same as pressing "1" on your keyboard. It doesn't control the device > >directly. > > I've tried me-tv, which just hangs, mplayer, which cannot be > configured correctly, > vlc and kaffeine. So far, no joy. No TV at all. What am I doing wrong? > What device is created for the usb stick? Is it /dev/video0? Check out the permissions and make sure your user has access to it. Are you a member of the "video" group? -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120416154122.gb22...@aurora.owens.net
Re: Hauppauge Nova-T USB stick -- now what?
On Mon, Apr 16, 2012 at 03:14:24PM +0100, Sian Mountbatten wrote: > > xbmc does not have any TV input: it does not recognise the Nova-T as > input. Futhermore, I do not understand MythTV setup. I have not been > able to install the mythtv MySQL initial file because I'm denied access > to the MySQL database. > As others have already said, MythTV is overkill for just watching TV, but: The MythTV package needs to create a database called "mythconverg". In order to do that, it needs to know the MySQL root password. It may be blank by default. If you don't know the password, you can reset it if you have system root privileges. You'll have to google for that, because I don't remember how to do it... -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120416153936.ga22...@aurora.owens.net
Re: Hauppauge Nova-T USB stick -- now what?
On 16/04/12 15:00, Dom wrote: On 16/04/12 13:02, Sian Mountbatten wrote: Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: -- > ... [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 - I have a number of questions:- 1. With NO remote control, how do I control the device? With great easy. The remote control is configured as an input device and mapped to predefined key presses - pressing "1" on the remote is the same as pressing "1" on your keyboard. It doesn't control the device directly. I've tried me-tv, which just hangs, mplayer, which cannot be configured correctly, vlc and kaffeine. So far, no joy. No TV at all. What am I doing wrong? I've never used the remote that came with my DVB-T card until this morning, and I've been using that card happily for over 5 years. 2. What do I have to do to get TV reception? This is a good question. I use MythTV, which recognises my card (and should be fine with your stick, as the kernel presents it properly), but that is a bit over the top for just watching TV. 3. Do I have to buy any more hardware? eg, should I buy the device new so that I get all the relevant h/w? You shouldn't need any other hardware, although I'd recommend connecting to a proper antenna, as those little ones don't have good reception. I have removed the mini-antenna and plugged the USB stick into an amplified indoor aerial. Unfortunately, I have no software which recognises the device apart from the kernel which loads the proper firmware. Can anybody give me some simple instructions for getting TV reception? I'm quite happy using the CLI. What I need is some guide on how to get TV reception. Sincerely -- Sian Mountbatten Algol 68 specialist -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/jmhcuv$v71$1...@speranza.aioe.org
Re: Hauppauge Nova-T USB stick -- now what?
Sian Mountbatten wrote: > On 16/04/12 14:20, Indulekha wrote: >> on the first try: >> >> http://www.linuxtv.org/wiki/index.php/Hauppauge_WinTV-NOVA-T-Stick > Yes, I've read that web page, but it does not help me. > I've tried Kaffeine and VLC, but neither of them produces any TV input. > Kaffeine does have the option for digital TV, but I have not been able > to get any TV data. > > xbmc does not have any TV input: it does not recognise the Nova-T as > input. Futhermore, I do not understand MythTV setup. I have not been > able to install the mythtv MySQL initial file because I'm denied access > to the MySQL database. > > This is all very confusing. In the first instance, I'd simply like to > watch TV on my Linux PC without sophisticated DVR functions. Can anybody > help me? > I've heard people say good things about tvtime, which you can install from the debian repos... Sorry I'm not more knowledgeable on this issue. In fact, somewhere around here I have a tv tuner usb stick (forget which one, but it might be the same one) which I never really tried to get working. I hooked it up with winXP for testing purposes once, and quickly realized there's really nothing on I want to watch, so it just sits here somewhere Probably I should give it to someone who will use it. :) -- ❤ ♫ ❤ ♫ ❤ ♫ ❤ Indulekha -- ❤ ♫ ❤ ♫ ❤ ♫ ❤ Indulekha -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120416145910.GA17920@radhesyama
Re: Hauppauge Nova-T USB stick -- now what?
On 16/04/12 14:20, Indulekha wrote: In linux.debian.user, you wrote: Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: --8< snip snip>8 As you can see, the Nova-T stick was recognised by the kernel and an IR Remote Control driver registered. Unfortunately, I have not received a remote control. I have a number of questions:- 1. With NO remote control, how do I control the device? 2. What do I have to do to get TV reception? 3. Do I have to buy any more hardware? eg, should I buy the device new so that I get all the relevant h/w? Any help would be appreciated. I have no experience with the Nova-T, but google found this on the first try: http://www.linuxtv.org/wiki/index.php/Hauppauge_WinTV-NOVA-T-Stick Yes, I've read that web page, but it does not help me. I've tried Kaffeine and VLC, but neither of them produces any TV input. Kaffeine does have the option for digital TV, but I have not been able to get any TV data. xbmc does not have any TV input: it does not recognise the Nova-T as input. Futhermore, I do not understand MythTV setup. I have not been able to install the mythtv MySQL initial file because I'm denied access to the MySQL database. This is all very confusing. In the first instance, I'd simply like to watch TV on my Linux PC without sophisticated DVR functions. Can anybody help me? Regards -- Sian Mountbatten -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8c2940.2060...@fastmail.co.uk
Re: Hauppauge Nova-T USB stick -- now what?
On 16/04/12 13:02, Sian Mountbatten wrote: Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: -- > ... [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 - As you can see, the Nova-T stick was recognised by the kernel and an IR Remote Control driver registered. Unfortunately, I have not received a remote control. I have a number of questions:- 1. With NO remote control, how do I control the device? With great easy. The remote control is configured as an input device and mapped to predefined key presses - pressing "1" on the remote is the same as pressing "1" on your keyboard. It doesn't control the device directly. I've never used the remote that came with my DVB-T card until this morning, and I've been using that card happily for over 5 years. 2. What do I have to do to get TV reception? This is a good question. I use MythTV, which recognises my card (and should be fine with your stick, as the kernel presents it properly), but that is a bit over the top for just watching TV. mplayer supports playing TV from such devices, but I haven't tried this and don't know how to set up the tuning. 3. Do I have to buy any more hardware? eg, should I buy the device new so that I get all the relevant h/w? You shouldn't need any other hardware, although I'd recommend connecting to a proper antenna, as those little ones don't have good reception. -- Dom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8c23e4.2080...@rpdom.net
Re: Hauppauge Nova-T USB stick -- now what?
In linux.debian.user, you wrote: > Dear All > > This morning I received a second-hand USB stick which consisted of > the stick > a USB extension cable plus USB plug/socket > a mini antenna > No instructions of any sort. > > I plugged the USB stick into a USB slot on the front of the computer and > checked dmesg which gave the following: --8< snip snip >8 > As you can see, the Nova-T stick was recognised by the kernel and an IR > Remote Control driver registered. Unfortunately, I have not received a > remote control. > > I have a number of questions:- >1. With NO remote control, how do I control the device? >2. What do I have to do to get TV reception? >3. Do I have to buy any more hardware? eg, should I buy the device > new so that I get all the relevant h/w? > > Any help would be appreciated. > I have no experience with the Nova-T, but google found this on the first try: http://www.linuxtv.org/wiki/index.php/Hauppauge_WinTV-NOVA-T-Stick Good luck! -- ❤ ♫ ❤ ♫ ❤ ♫ ❤ Indulekha -- ❤ ♫ ❤ ♫ ❤ ♫ ❤ Indulekha -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120416125546.GA16222@radhesyama
Re: Hauppauge Nova-T USB stick -- now what?
16.04.2012 14:02, Sian Mountbatten: [...] > As you can see, the Nova-T stick was recognised by the kernel and an IR > Remote Control driver registered. Unfortunately, I have not received a > remote control. > > I have a number of questions:- >1. With NO remote control, how do I control the device? For example by using an GUI application (see 2.). >2. What do I have to do to get TV reception? There are GUI applications for watching TV, for example Me-TV, kaffeine etc. Pick one that suits your needs. >3. Do I have to buy any more hardware? eg, should I buy the device > new so that I get all the relevant h/w? I have never used the remote that came with my stick - therefore my answer would be "no". But it obviously depends on your needs/preferences. BTW: Of course, there is no necessity to use GUI applications like Me-TV or the like, since there also are command line tools or big media center systems like MythTV or VDR, but using a stand alone GUI app is probably the easiest way to get started. BTW2: http://www.linuxtv.org -- Regards mks -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f8c1419.9000...@list-post.mks-mail.de
Hauppauge Nova-T USB stick -- now what?
Dear All This morning I received a second-hand USB stick which consisted of the stick a USB extension cable plus USB plug/socket a mini antenna No instructions of any sort. I plugged the USB stick into a USB slot on the front of the computer and checked dmesg which gave the following: -- [67243.029868] usb 1-1.5: new high-speed USB device number 5 using ehci_hcd [67243.115981] usb 1-1.5: New USB device found, idVendor=2040, idProduct=7060 [67243.115986] usb 1-1.5: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [67243.115989] usb 1-1.5: Product: Nova-T Stick [67243.115992] usb 1-1.5: Manufacturer: Hauppauge [67243.115994] usb 1-1.5: SerialNumber: 4027795686 [67243.135118] IR NEC protocol handler initialized [67243.136390] IR RC5(x) protocol handler initialized [67243.137898] IR RC6 protocol handler initialized [67243.138694] dvb-usb: found a 'Hauppauge Nova-T Stick' in cold state, will try to load a firmware[67243.029868] usb 1-1.5: new high-speed USB device number 5 using ehci_hcd [67243.115981] usb 1-1.5: New USB device found, idVendor=2040, idProduct=7060 [67243.115986] usb 1-1.5: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [67243.115989] usb 1-1.5: Product: Nova-T Stick [67243.115992] usb 1-1.5: Manufacturer: Hauppauge [67243.115994] usb 1-1.5: SerialNumber: 4027795686 [67243.135118] IR NEC protocol handler initialized [67243.136390] IR RC5(x) protocol handler initialized [67243.137898] IR RC6 protocol handler initialized [67243.138694] dvb-usb: found a 'Hauppauge Nova-T Stick' in cold state, will try to load a firmware [67243.139087] IR JVC protocol handler initialized [67243.140086] IR Sony protocol handler initialized [67243.141760] IR SANYO protocol handler initialized [67243.141870] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [67243.143254] IR MCE Keyboard/mouse protocol handler initialized [67243.144560] lirc_dev: IR Remote Control driver registered, major 251 [67243.144814] IR LIRC bridge handler initialized [67243.343476] dib0700: firmware started successfully. [67243.843682] dvb-usb: found a 'Hauppauge Nova-T Stick' in warm state. [67243.843735] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [67243.843900] DVB: registering new adapter (Hauppauge Nova-T Stick) [67244.169854] DVB: registering adapter 0 frontend 0 (DiBcom 7000PC)... [67244.176862] MT2060: successfully identified (IF1 = 1220) [67244.676288] Registered IR keymap rc-dib0700-rc5 [67244.676430] input: IR-receiver inside an USB DVB receiver as /devices/pci:00/:00:1a.0/usb1/1-1/1-1.5/rc/rc0/input6 [67244.676614] rc0: IR-receiver inside an USB DVB receiver as /devices/pci:00/:00:1a.0/usb1/1-1/1-1.5/rc/rc0 [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 ~$ [67243.139087] IR JVC protocol handler initialized [67243.140086] IR Sony protocol handler initialized [67243.141760] IR SANYO protocol handler initialized [67243.141870] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [67243.143254] IR MCE Keyboard/mouse protocol handler initialized [67243.144560] lirc_dev: IR Remote Control driver registered, major 251 [67243.144814] IR LIRC bridge handler initialized [67243.343476] dib0700: firmware started successfully. [67243.843682] dvb-usb: found a 'Hauppauge Nova-T Stick' in warm state. [67243.843735] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [67243.843900] DVB: registering new adapter (Hauppauge Nova-T Stick) [67244.169854] DVB: registering adapter 0 frontend 0 (DiBcom 7000PC)... [67244.176862] MT2060: successfully identified (IF1 = 1220) [67244.676288] Registered IR keymap rc-dib0700-rc5 [67244.676430] input: IR-receiver inside an USB DVB receiver as /devices/pci:00/:00:1a.0/usb1/1-1/1-1.5/rc/rc0/input6 [67244.676614] rc0: IR-receiver inside an USB DVB receiver as /devices/pci:00/:00:1a.0/usb1/1-1/1-1.5/rc/rc0 [67244.676831] dvb-usb: schedule remote query interval to 50 msecs. [67244.676835] dvb-usb: Hauppauge Nova-T Stick successfully initialized and connected. [67244.676971] usbcore: registered new interface driver dvb_usb_dib0700 - As you can see, the Nova-T stick was recognised by the kernel and an IR Remote Control driver registered. Unfortunately, I have not received a remote control. I have a number of questions:- 1. With NO remote control, how do I control the device? 2. What do I have to do to get TV reception? 3. Do I have to buy any more hardware? eg, should I buy the device new so that I get all the relevant h/w? Any help would be appreciated. Sincerely -- Sian Mountbatten -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject
Re: was getting disk failure errors, repaired the sectors, now what?
On Wed, Jun 30, 2010 at 05:34:22PM -0400, H.S. wrote: > > So now I know that my backups most probably are not trustworthy, the > ones from the last four or so days. No problem. I do rolling backups > using cron and rsync. But what I do now? Now you buy at least two new disks, preferably some that are rated for 24/7, set them up as a RAID-1 (or RAID-5) with mdadm and copy your data onto the RAID as best as you can. NEVER keep data on a single disk only. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100702110941.gk8...@yun.yagibdah.de
Re: was getting disk failure errors, repaired the sectors, now what?
On Jo, 01 iul 10, 18:42:26, H.S. wrote: > > Okay, did all these, but that set of file not found errors upon console > login is still there. They are probably gone. If you want to try to repair the system (versus reinstalling from scratch) you can just reinstall each package containing the missing files (dpkg -S or apt-file can help). You might need the --force-confmiss option to dpkg. Regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic signature.asc Description: Digital signature
Re: was getting disk failure errors, repaired the sectors, now what?
On 01/07/10 09:43 AM, H.S. wrote: > On 01/07/10 03:34 AM, Andrei Popescu wrote: >> >> Don't you have some method of checking the integrity of you backups? >> (http://www.taobackup.com/integrity.html) >> >> It is considered that a modern drive developing bad sectors visible to >> the system[1] is not to be trusted. >> >> [1] drives are remapping bad sectors internally, until they run out of >> spare sectors. >> >> >> This looks like filesystem corruption, did you fsck the drive/partition? >> > > All good points. I haven't tried these ... which I will do now. > Okay, did all these, but that set of file not found errors upon console login is still there. -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/i0j5ki$s9...@dough.gmane.org
Re: was getting disk failure errors, repaired the sectors, now what?
On 01/07/10 03:34 AM, Andrei Popescu wrote: > > Don't you have some method of checking the integrity of you backups? > (http://www.taobackup.com/integrity.html) > > It is considered that a modern drive developing bad sectors visible to > the system[1] is not to be trusted. > > [1] drives are remapping bad sectors internally, until they run out of > spare sectors. > > > This looks like filesystem corruption, did you fsck the drive/partition? > All good points. I haven't tried these ... which I will do now. Thanks! -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/i0i622$6l...@dough.gmane.org
Re: was getting disk failure errors, repaired the sectors, now what?
On Mi, 30 iun 10, 17:34:22, H.S. wrote: > So now I know that my backups most probably are not trustworthy, the > ones from the last four or so days. No problem. I do rolling backups > using cron and rsync. But what I do now? Do I just delete the backups > from the last four days and resume regular ones? Don't you have some method of checking the integrity of you backups? (http://www.taobackup.com/integrity.html) > How risky is the > partition even though the manufacturer's diagnostic utility reports no > errors now. It is considered that a modern drive developing bad sectors visible to the system[1] is not to be trusted. [1] drives are remapping bad sectors internally, until they run out of spare sectors. > Another thing, I get this when I log in to a console, what is it all about? > #-# > Last login: Wed Jun 30 17:23:40 EDT 2010 from localhost on pts/9 > /etc/update-motd.d/20-cpu-checker: line 3: > /usr/lib/update-notifier/update-motd-cpu-checker: No such file or directory > /etc/update-motd.d/20-cpu-checker: line 3: exec: > /usr/lib/update-notifier/update-motd-cpu-checker: cannot execute: No > such file > or directory > run-parts: /etc/update-motd.d/20-cpu-checker exited with return code 126 > /etc/update-motd.d/90-updates-available: line 3: > /usr/lib/update-notifier/update-motd-updates-available: No such file or > directory > /etc/update-motd.d/90-updates-available: line 3: exec: > /usr/lib/update-notifier/update-motd-updates-available: cannot execute: > No such file or directory > run-parts: /etc/update-motd.d/90-updates-available exited with return > code 126 > /etc/update-motd.d/98-reboot-required: line 3: > /usr/lib/update-notifier/update-motd-reboot-required: No such file or > directory > /etc/update-motd.d/98-reboot-required: line 3: exec: > /usr/lib/update-notifier/update-motd-reboot-required: cannot execute: No > such file or directory > run-parts: /etc/update-motd.d/98-reboot-required exited with return code 126 This looks like filesystem corruption, did you fsck the drive/partition? Regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic signature.asc Description: Digital signature
was getting disk failure errors, repaired the sectors, now what?
I noticed that when I rebooted my machine earlier today, it would not load the kernel and it was giving some "media error" messages. I did various basic hardware debugging and ended up with my hard disk's manufacturer's diagnostic utility telling me that there were bad sectors on the drive. This was from a Windows 7 machine. But it would not repair the disk. Searched some more and realized I should try it from a boot disk (as opposed to from within Windows) created from the diagnostic utility. So I did that, rebooted in DR DOS and ran the test again. This time the test reported errors but also repaired them. Now, I checked my logs from last few days and it seems like the problem started only 3 or 4 days ago (the errors are given further below). The problem appears to be in /dev/sdb3. The good news is that I do regular backups of my /home (don't care about the system files, I can always reinstall it), so I wasn't worried about losing any data (the OS and /home partitions are on sda). The bad news is that my backups are on /deb/sdb3 :( So now I know that my backups most probably are not trustworthy, the ones from the last four or so days. No problem. I do rolling backups using cron and rsync. But what I do now? Do I just delete the backups from the last four days and resume regular ones? How risky is the partition even though the manufacturer's diagnostic utility reports no errors now. Another thing, I get this when I log in to a console, what is it all about? #-# Last login: Wed Jun 30 17:23:40 EDT 2010 from localhost on pts/9 /etc/update-motd.d/20-cpu-checker: line 3: /usr/lib/update-notifier/update-motd-cpu-checker: No such file or directory /etc/update-motd.d/20-cpu-checker: line 3: exec: /usr/lib/update-notifier/update-motd-cpu-checker: cannot execute: No such file or directory run-parts: /etc/update-motd.d/20-cpu-checker exited with return code 126 /etc/update-motd.d/90-updates-available: line 3: /usr/lib/update-notifier/update-motd-updates-available: No such file or directory /etc/update-motd.d/90-updates-available: line 3: exec: /usr/lib/update-notifier/update-motd-updates-available: cannot execute: No such file or directory run-parts: /etc/update-motd.d/90-updates-available exited with return code 126 /etc/update-motd.d/98-reboot-required: line 3: /usr/lib/update-notifier/update-motd-reboot-required: No such file or directory /etc/update-motd.d/98-reboot-required: line 3: exec: /usr/lib/update-notifier/update-motd-reboot-required: cannot execute: No such file or directory run-parts: /etc/update-motd.d/98-reboot-required exited with return code 126 Linux red 2.6.32-100601-red-1394 #1 Tue Jun 1 00:13:15 EDT 2010 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. You have mail. #-# The errors from the log are given below. #-# Jun 28 10:30:01 red /USR/SBIN/CRON[11462]: (CRON) error (grandchild #11463 failed with exit status 5) Jun 28 10:30:01 red kernel: [210131.012427] sd 0:0:1:0: [sdb] Unhandled error code Jun 28 10:30:01 red kernel: [210131.012436] sd 0:0:1:0: [sdb] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK Jun 28 10:30:01 red kernel: [210131.012444] sd 0:0:1:0: [sdb] CDB: Read(10): 28 00 09 6d 24 54 00 00 08 00 Jun 28 10:30:01 red kernel: [210131.012459] end_request: I/O error, dev sdb, sector 158147668 Jun 28 10:30:01 red kernel: [210131.012489] EXT3-fs error (device sdb3): ext3_get_inode_loc: unable to read inode block - inode=2894305, block=5799941 Jun 28 10:51:48 red -- MARK -- Jun 28 11:08:26 red smartd[1577]: Device: /dev/sda [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 98 to 96 Jun 28 11:17:02 red /USR/SBIN/CRON[11544]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Jun 28 11:31:48 red -- MARK -- Jun 28 11:51:48 red -- MARK -- Jun 28 11:55:46 red kernel: [215276.064441] sd 0:0:1:0: [sdb] Unhandled error code Jun 28 11:55:46 red kernel: [215276.064450] sd 0:0:1:0: [sdb] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK Jun 28 11:55:46 red kernel: [215276.064458] sd 0:0:1:0: [sdb] CDB: Read(10): 28 00 00 06 12 6f 00 00 08 00 Jun 28 11:55:46 red kernel: [215276.064473] end_request: I/O error, dev sdb, sector 397935 Jun 28 11:55:46 red kernel: [215276.064497] EXT3-fs error (device sdb5): ext3_find_entry: reading directory #2 offset 0 Jun 28 11:55:46 red kernel: [215276.064553] sd 0:0:1:0: [sdb] Unhandled error code Jun 28 11:55:46 red kernel: [215276.064557] sd 0:0:1:0: [sdb] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK Jun 28 11:55:46 red kernel: [215276.064563] sd 0:0:1:0: [sdb] CDB: Write(10): 2a 00 00 05 e2 57 00 0
Re: I just installed OpenNTP. Now what?
Hi there, On Tue, 28 Aug 2007 Amit Uttamchandani wrote: > So just installed OpenNTP on a shiny new etch system. The daemon is started > during startup but now what? How do I know that my clock is being > synchronized? Look at the messages in /var/log/daemon.log > I checked the config and there are debian ntp servers listed. You should really use servers that are local to you, this minimizes network delays and gives you a better time. A good choice might be pool.XX.ntp.org where XX is your two-letter country code. Most people will not have to worry about the quality of the time service, it's adequate for almost all purposes. On some servers I've messed around with adjtimex just to see what can be done (and quite a bit can be done) but I've never really needed to do it. Here's my /etc/openntpd/ntpd.conf: 8<--- server 0.uk.pool.ntp.org server 1.uk.pool.ntp.org server 2.uk.pool.ntp.org server 3.uk.pool.ntp.org 8<--- Check out the ntp Website for more information. -- 73, Ged. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: I just installed OpenNTP. Now what?
On Aug 28, 2007, at 12:07 PM, Amit Uttamchandani wrote: Hey guys, So just installed OpenNTP on a shiny new etch system. The daemon is started during startup but now what? How do I know that my clock is being synchronized? I checked the config and there are debian ntp servers listed. So is that it? Or am I missing something here. It should work out of the box. If you want to see what's going on, run 'ntpq' and type 'pe' at the prompt. This will give you a list of peers and how your clock compares to them. If NTP has been up for a while, you'll see a * next to one system. This is the one your computer has chosen as its primary time source. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I just installed OpenNTP. Now what?
Hey guys, So just installed OpenNTP on a shiny new etch system. The daemon is started during startup but now what? How do I know that my clock is being synchronized? I checked the config and there are debian ntp servers listed. So is that it? Or am I missing something here. Thanks, Amit -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Built openvz kernel (2.6.18-3). Now what? (more)
>>Bootup does NOT panic but produces a slew of undefined symbols. Cannot trap >>these but symbols of form UB_ seems most common (there are others). >>This kernel does not use an initrd so maybe I need to compile in some of the >>openvz stuff? Which ones? >Made one with the latest patch from Sid. Still has slew of undefined symbols. >The most common are ub_sock and some related to it, cited in many places. >This time, it got past all of that (before I stopped it). Then there are error >messages from the ext3 journal module: smp ... used with io_scheduling and a >lot of hex data, with printk # messages surpressed. This is repeated so I >stopped it. >The ub_sock stuff may be from one module that needs be compiled in (I had >similar problems with alsa till I compiled in the soundcore--I should not >have needed to do so but ...) >The journaling stuff may be related to stuff in the .config. >Any ideas? The offending module is net/unix.ko (used nohup when making kernel so had the complete compilation output). This is missing the symbols. Tried compiling with "cqp" rather then "anticipating" scheduling (saw something about this somewhere about openvz). Still got the io_scheduling error messages. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Built openvz kernel (2.6.18-3). Now what? (more)
>Bootup does NOT panic but produces a slew of undefined symbols. Cannot trap >these but symbols of form UB_ seems most common (there are others). >This kernel does not use an initrd so maybe I need to compile in some of the >openvz stuff? Which ones? Made one with the latest patch from Sid. Still has slew of undefined symbols. The most common are ub_sock and some related to it, cited in many places. This time, it got past all of that (before I stopped it). Then there are error messages from the ext3 journal module: smp ... used with io_scheduling and a lot of hex data, with printk # messages surpressed. This is repeated so I stopped it. The ub_sock stuff may be from one module that needs be compiled in (I had similar problems with alsa till I compiled in the soundcore--I should not have needed to do so but ...) The journaling stuff may be related to stuff in the .config. Any ideas? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Built openvz kernel (2.6.18-3). Now what?
Bootup does NOT panic but produces a slew of undefined symbols. Cannot trap these but symbols of form UB_ seems most common (there are others). This kernel does not use an initrd so maybe I need to compile in some of the openvz stuff? Which ones? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Tiger reports suspicious file - now what?
I just installed tiger. One of the logfiles (check_rootkit.out.1) says: # Performing check for rookits... # Running chkrootkit (/usr/sbin/chkrootkit) to perform further checks... --ALERT-- [rootkit005a] Chkrootkit has found a file which seems to be infected because of a rootkit --ALERT-- [rootkit009a] A rootkit seems to be installed in the system I ran chkrootkit (2 different versions) manually. Nothing bad showed up so I don't understand the message. Can I safely take this to be a false positive? Anthony -- Anthony Campbell - [EMAIL PROTECTED] Microsoft-free zone - Using Linux Gnu-Debian http://www.acampbell.org.uk (blog, book reviews, on-line books and sceptical articles) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Okay. "debootstrap sid" worked and I can chroot. Now what?
On Mon, Dec 13, 2004 at 11:01:56PM -0500, William Ballard wrote: > I've run "debootstrap sid" (it spewed an ungodly number of warnings and > failed to configure many packages, but it essentially worked) and I can > chroot into it. > > Now what? Is there a way to run the rest of debian-installer inside of > it to finish properly configuring the system? No need. Just chroot in, setup APT, and use whatever package tool you prefer to install what you need. Some more info is available here: http://www.debian.org/doc/manuals/reference/ch-tips.en.html#s-chroot -- For every sprinkle I find, I shall kill you! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Okay. "debootstrap sid" worked and I can chroot. Now what?
I've run "debootstrap sid" (it spewed an ungodly number of warnings and failed to configure many packages, but it essentially worked) and I can chroot into it. Now what? Is there a way to run the rest of debian-installer inside of it to finish properly configuring the system? The ultimate goal is to install a subset of sid in this chroot environment and then use bootcd to make a livecd from it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: now what was that font package I changed options in?
Hello H. S. (<[EMAIL PROTECTED]>) wrote: > 2 or 3 days ago when I updated my Sarge box, there was a package which > asked me what kind of display I had so that it could help with the > font rendering on it. The dpkg-reconfigure that ran during > installation/upgrade of that package asked for one one of the three > choices: automatically(IIRC or something like this), LCD, and an > option for cathode ray tube display. fontconfig best regards Andreas Janssen -- Andreas Janssen <[EMAIL PROTECTED]> PGP-Key-ID: 0xDC801674 ICQ #17079270 Registered Linux User #267976 http://www.andreas-janssen.de/debian-tipps-sarge.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: now what was that font package I changed options in?
On Fri, 12 Nov 2004 14:57:40 -0500, H. S. <[EMAIL PROTECTED]> wrote: > > 2 or 3 days ago when I updated my Sarge box, there was a package which > asked me what kind of display I had so that it could help with the font > rendering on it. The dpkg-reconfigure that ran during > installation/upgrade of that package asked for one one of the three > choices: automatically(IIRC or something like this), LCD, and an option > for cathode ray tube display. > > Now for the life of me I can't remember which package that was. I want > to change the choice at that place. Can anyone help me with this? > IIRC "fontconfig" asks about LCD, don't recall if is mentioned CRT... Andrea -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
now what was that font package I changed options in?
2 or 3 days ago when I updated my Sarge box, there was a package which asked me what kind of display I had so that it could help with the font rendering on it. The dpkg-reconfigure that ran during installation/upgrade of that package asked for one one of the three choices: automatically(IIRC or something like this), LCD, and an option for cathode ray tube display. Now for the life of me I can't remember which package that was. I want to change the choice at that place. Can anyone help me with this? thanks, ->HS -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: apt-get upgrade downloaded kernel source now what?
--- bob parker <[EMAIL PROTECTED]> wrote: > The update / upgrade downloaded kernel-source-2.4.18 2.4.18-14.3 > > What is the debian way to compile this kernel? I checked out man apt-get > but > it's not clear to me. You'll want to install the packages: build-essential kernel-package and _read_ the following: http://www.hantslug.org.uk/cgi-bin/wiki.pl?LinuxHints/KernelCompiling HTH, -- Thomas Adam = "The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net " We'll just save up your sins, Thomas, and punish you for all of them at once when you get better. The experience will probably kill you. :)" -- Benjamin A. Okopnik (Linux Gazette Technical Editor) ___ALL-NEW Yahoo! Messenger - so many all-new ways to express yourself http://uk.messenger.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: apt-get upgrade downloaded kernel source now what?
On Fri, 9 Jul 2004 01:53:20 +1000 bob parker <[EMAIL PROTECTED]> wrote: > The update / upgrade downloaded kernel-source-2.4.18 2.4.18-14.3 > > What is the debian way to compile this kernel? I checked out man > apt-get but it's not clear to me. Here's a great tutorial for compiling kernels the "Debian" way: http://newbiedoc.sourceforge.net/system/kernel-pkg.html.en HTH, Jacob -- GnuPG Key: 1024D/16377135 Random .signature #52: The relative speed of a computer, regardless of CPU architecture, is inversely proportional to the number of Microsoft products installed. pgpbfjWDkDsYK.pgp Description: PGP signature
apt-get upgrade downloaded kernel source now what?
The update / upgrade downloaded kernel-source-2.4.18 2.4.18-14.3 What is the debian way to compile this kernel? I checked out man apt-get but it's not clear to me. Thanks Bob Parker -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: power co's website uses vbscript, now what?
> $ apt-cache show gb > doesn't sound like part of a browser. Indeed; moreover, gb has also been dead upstream for a year or two now. It's only hanging around in debian until a better VB alternative comes along. b. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
power co's website uses vbscript, now what?
My electric company has entered the paperless age, but with "vbscript", https://wapp8.taipower.com.tw . Any hope of me clicking further without departing Debian? $ apt-cache show gb doesn't sound like part of a browser. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: dpkg return "directory not empty so not removed" -- now what?
H. S. wrote: > When dpkg return that a particular directory was not empty and so was > removed, but is to be done with that offending directory? As an example, > what should I do in this case: > > The following packages will be REMOVED: >mozilla-tabextensions* > The following NEW packages will be installed: >mozilla-xft > dpkg - warning: while removing mozilla-tabextensions, directory > `/usr/lib/mozilla-firefox' not empty so not removed. > dpkg - warning: while removing mozilla-tabextensions, directory > `/etc/mozilla-extensions' not empty so not removed. In this case - nothing. Those directories hold plugins, extensions, etc. to Mozilla and Mozilla Firefox. Since you only removed one extension and not the entire browser, there's no need to remove those directories. Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
dpkg return "directory not empty so not removed" -- now what?
When dpkg return that a particular directory was not empty and so was removed, but is to be done with that offending directory? As an example, what should I do in this case: The following packages will be REMOVED: mozilla-tabextensions* The following NEW packages will be installed: mozilla-xft 0 upgraded, 1 newly installed, 1 to remove and 1 not upgraded. Need to get 199kB of archives. After unpacking 198kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 ftp://ftp3.nrc.ca testing/main mozilla-xft 2:1.6-5 [199kB] Fetched 199kB in 1s (127kB/s) (Reading database ... 152154 files and directories currently installed.) Removing mozilla-tabextensions ... Updating mozilla chrome registry...done. Purging configuration files for mozilla-tabextensions ... dpkg - warning: while removing mozilla-tabextensions, directory `/usr/lib/mozilla-firefox' not empty so not removed. dpkg - warning: while removing mozilla-tabextensions, directory `/etc/mozilla-extensions' not empty so not removed. (Reading database ... 152130 files and directories currently installed.) Unpacking mozilla-xft (from .../mozilla-xft_2%3a1.6-5_i386.deb) ... Adding `diversion of /usr/lib/mozilla/components/libgfx_gtk.so to /usr/lib/mozilla/components/libgfx_gtk.so.pure by mozilla-xft' Setting up mozilla-xft (1.6-5) ... Updating mozilla chrome registry...done. Do you want to erase any previously downloaded .deb files? [Y/n] Press enter to continue. running dpkg --pending --configure ... running dpkg --pending --remove ... Thanks, ->HS -- (Remove all underscores,_if any_, from my email address to get the correct one. Apologies for the inconvenience, but this is to reduce spam.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Base system is installed (I think), now what?
Hi, Joubin. On Fri, Jan 02, 2004 at 11:11:34PM -0800, Joubin Moshrefzadeh wrote: > to go with). Anyway, I have a bootable system now, but am lost as to what to > do next. I suppose you are familiar with Unix. Start with aptitude(8), to see which programs are there in Debian. Set up your shell or X environment or both. And start playing with it: it's installed, so it's ready--no big deal ;-) > a) what do I do to ensure what is installed on the system is up to date / > updated? Have /etc/apt/sources.list set up properly, then run apt-get update && apt-get -y dist-upgrade > b) how do I get the kernel to recognize the second processor on my machine? Install one of those shipped with Debian. apt-cache search kernel-image should give you the idea which to chose. > c) can someone please explain the difference between the different flavors > of Debian (potato, woody, sarge, I think) and which is suited for what? Read http://www.debian.org/releases/ Cheers, Jan. -- Jan Minar "Please don't CC me, I'm subscribed." x 7 pgp0.pgp Description: PGP signature
Base system is installed (I think), now what?
Hi all, I'm interested in setting up a server box. I've got an old IBM PC Server 330 and I've installed Debian on it. I didn't mess with dselect, but I think I just went with the desktop choice in tasksel (not knowing what other option to go with). Anyway, I have a bootable system now, but am lost as to what to do next. a) what do I do to ensure what is installed on the system is up to date / updated? b) how do I get the kernel to recognize the second processor on my machine? c) can someone please explain the difference between the different flavors of Debian (potato, woody, sarge, I think) and which is suited for what? thanks, Joubin. <>
Re: sqwebmail -- now what?
will trillich <[EMAIL PROTECTED]> wrote: > > so i need to get an imap server up and running*, and... then > what? how do i get sqwebmail to display my incoming email > online? > > with acmemail i browse to server/cgi-bin/acme/acmemail.cgi and > there i get a log in form via cgi scripts served up by apache. > what's the incantation for sqwebmail? (and the documentation > that explains it?) > > *which will be a whole new story, i'm sure... :( Hi, You can rest easy as sqwebmail doesn't actually require a working imap installation, it works directly with the user's Maildir. (Although it uses a slightly modified courier Maildir format instead of djb's standard Maildir). You will need to have configured your MTA to deliver to Maildirs instead of mboxes. You can generate the initial Maildir with /usr/bin/maildirmake (or maildirmake.courier). Just to check I turned off my imap server, and it worked fine :) For me, sqwebmail was placed straight away into /usr/lib/cgi-bin/sqwebmail. I had a look in /var/lib/dpkg/info/sqwebmail.postinst, and it appears that the file is only copied to the cgi-bin directory if you choose yes to the setuid function. (As someone else mentioned already I think). Here's the fragment from the file: db_get sqwebmail/install-suid if [ "$RET" = "true" ]; then cp -p /usr/lib/courier/courier/webmail/webmail /usr/lib/cgi-bin/ sqwebmail chmod 4555 /usr/lib/cgi-bin/sqwebmail chmod 4555 /usr/lib/courier/authlib/changepwd/authdaemon.passwd fi So, looks to me like your executable is hiding in /usr/lib/courier/courier/webmail/webmail :) Perhaps it will be easiest to just do a dpkg-reconfigure. David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sqwebmail -- now what?
On Wed, Nov 20, 2002 at 12:22:58AM -0500, Stephen Gran wrote: > > okay, i've got sqwebmail installed: > > > > # apt-get install sqwebmail > > > > and i ran through the /usr/share/doc/sqwebmail info... > > > > so where do i look to find out how to get it to be my webmail > > (html) imap/pop3 interface? > > > > always a newbie (but sometimes more than others), > > sqwebmail is part of the courier source - I found it very easy to set up > when I ran it alongside the courier POP/IMAP servers. Note that for > courier to be happy, you have to have exim deliver to ~/Maildir/ > (Maildir format in $HOME). Also, there is an obnoxious question at > install time (do you want to run this SUID? or somesuch) - should > actually note that if you don't want to, sqwebmail will not run on a > stock install. so i need to get an imap server up and running*, and... then what? how do i get sqwebmail to display my incoming email online? with acmemail i browse to server/cgi-bin/acme/acmemail.cgi and there i get a log in form via cgi scripts served up by apache. what's the incantation for sqwebmail? (and the documentation that explains it?) *which will be a whole new story, i'm sure... :( -- I use Debian/GNU Linux version 2.2; Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown DEBIAN NEWBIE TIP #36 from Sean Quinlan <[EMAIL PROTECTED]> : Looking to CHANGE THE DEFAULT LS COLORS? It's simple: first, dircolors -p >~/.dircolors and then edit the results to suit your tastes; finally, insert eval `dircolors -b ~/.dircolors` in your ~/.bashrc. Next time you log in (or source ~/.bashrc) your new colors will take effect. Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: sqwebmail -- now what?
This one time, at band camp, will trillich said: > > okay, i've got sqwebmail installed: > > > > # apt-get install sqwebmail > > > > and i ran through the /usr/share/doc/sqwebmail info... > > > > so where do i look to find out how to get it to be my webmail > > (html) imap/pop3 interface? > > > > always a newbie (but sometimes more than others), > > so maybe i need to install an imap server to get SQWebMail going > as well? or not? there are 'security issues' documents and > 'calendaring' docs, but where's the more elemental 'how to get > it going in the first place' docs? sqwebmail is part of the courier source - I found it very easy to set up when I ran it alongside the courier POP/IMAP servers. Note that for courier to be happy, you have to have exim deliver to ~/Maildir/ (Maildir format in $HOME). Also, there is an obnoxious question at install time (do you want to run this SUID? or somesuch) - should actually note that if you don't want to, sqwebmail will not run on a stock install. -- -- |Stephen Gran | Computers are like air conditioners. Both| |[EMAIL PROTECTED] | stop working, if you open windows. -- Adam | |http://www.lobefin.net/~steve | Heath | | | | -- msg14092/pgp0.pgp Description: PGP signature
Re: sqwebmail -- now what?
> -Original Message- > From: will trillich [mailto:[EMAIL PROTECTED]] > Subject: sqwebmail -- now what? > > okay, i've got sqwebmail installed: > > # apt-get install sqwebmail > > and i ran through the /usr/share/doc/sqwebmail info... > > so where do i look to find out how to get it to be my webmail > (html) imap/pop3 interface? > > always a newbie (but sometimes more than others), > > -- will trillich On Tue, Nov 19, 2002 at 07:37:59PM -, Mikael Jirari wrote: > :) > > I had the same problem ... > > I you just want to test a webmail, try squirrelmail, it installed quite > straightly. > > You have to implement an imap server thought. so maybe i need to install an imap server to get SQWebMail going as well? or not? there are 'security issues' documents and 'calendaring' docs, but where's the more elemental 'how to get it going in the first place' docs? -- I use Debian/GNU Linux version 2.2; Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown DEBIAN NEWBIE TIP #86 from USM Bish <[EMAIL PROTECTED]> : Tired of looking at the black and white? Make it a WHITE ON BLUE CONSOLE by adding the following to your .bashrc setterm -background blue -store setterm -foreground white -store See "man setterm". Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: sqwebmail -- now what?
Title: RE: sqwebmail -- now what? :) I had the same problem ... I you just want to test a webmail, try squirrelmail, it installed quite straightly. You have to implement an imap server thought. Bye -Original Message- From: will trillich [mailto:[EMAIL PROTECTED]] Sent: 19 November 2002 18:08 To: [EMAIL PROTECTED] Subject: sqwebmail -- now what? okay, i've got sqwebmail installed: # apt-get install sqwebmail and i ran through the /usr/share/doc/sqwebmail info... so where do i look to find out how to get it to be my webmail (html) imap/pop3 interface? always a newbie (but sometimes more than others), -- will trillich p.s. i am using acmemail at the moment via cgi-bin scripts, and it's beginning to fall down a lot. but at least i could figure out how to get apache to access it... (where's sparkle, by the way?) but the lights aren't coming on for sqwebmail yet. -- I use Debian/GNU Linux version 2.2; Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown DEBIAN NEWBIE TIP #16 from Will Trillich <[EMAIL PROTECTED]> : Why are *.rpm (RED HAT PACKAGES) considered spawn of Satan? Because the Debian package system is a lot more sophisticated than the one Red Hat uses; lots more inter-dependency information is built in to a *.deb package. If you bypass that with an *.rpm file, you're taking chances with your system. Try to "apt-get install " packages if possible. (Also check out the "alien" package if you must.) Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
sqwebmail -- now what?
okay, i've got sqwebmail installed: # apt-get install sqwebmail and i ran through the /usr/share/doc/sqwebmail info... so where do i look to find out how to get it to be my webmail (html) imap/pop3 interface? always a newbie (but sometimes more than others), -- will trillich p.s. i am using acmemail at the moment via cgi-bin scripts, and it's beginning to fall down a lot. but at least i could figure out how to get apache to access it... (where's sparkle, by the way?) but the lights aren't coming on for sqwebmail yet. -- I use Debian/GNU Linux version 2.2; Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown DEBIAN NEWBIE TIP #16 from Will Trillich <[EMAIL PROTECTED]> : Why are *.rpm (RED HAT PACKAGES) considered spawn of Satan? Because the Debian package system is a lot more sophisticated than the one Red Hat uses; lots more inter-dependency information is built in to a *.deb package. If you bypass that with an *.rpm file, you're taking chances with your system. Try to "apt-get install " packages if possible. (Also check out the "alien" package if you must.) Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
* Ibrahim Shaame ([EMAIL PROTECTED]) [020131 23:18]: > --- "Karsten M. Self" wrote: > > There's a short FAQ on GNU/Linux X display manager > > disabling you may > > find useful, at: > > > http://kmself.home.netcom.com/Linux/FAQs/xdm-disable.html > > > > Thank you. > > I think before sending him to FAQ you could have given > him a quick answer and then refer him to the URL. The Perhaps. Or maybe this just happens to be a question that Karsten is asked frequently. So much so that he found it worthwhile to be able to answer the question *really* well one time and point people to his really nice explanation instead of giving six thousand quick half-answers. Apart from that, let me slip in a bit of my own pedagogical theory: giving someone a list of commands teaches a newbie nothing. It doesn't help them understand why the system was behaving differently than he wanted, and it doesn't help them diagnose or solve the next problem. It's the same old "give a man a fish" story. > To answer the question: > I don't know how it is with debian, but in > slackware you go and edit the file /etc/rc.d/rc.local, This is not how it is in debian. Rather than answer the OP's question, you confuse the issue further. He's not going to find an /etc/rc.d/rc.local on his debian system. Karsten's answer was far better than yours. Also, to point out my own hipocrisy before anyone else does: another thing that turns newbies off from joining our side is the number of opinionated a-holes making such a big deal out of every little thing. I don't mean to be so rude -- just wanted to stand up for someone who's always been very helpful around here and doesn't need to be told how to help. good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume/ -- "I disapprove of what you say, but I will defend to the death your right to say it." --Beatrice Hall, The Friends of Voltaire, 1906 pgpqSmj1WL33m.pgp Description: PGP signature
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
On Thursday 31 January 2002 11:15 pm, Ibrahim Shaame wrote: > I think before sending him to FAQ you could have given > him a quick answer and then refer him to the URL. The > most discouraging thing in Linux for a beginner is to > start going through thousands of pages of man, FAQs > and HOWTOs which are long in first place, and > difficult to understand for a new convert. hey karsten, them's fightin' words.
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
I think before sending him to FAQ you could have given him a quick answer and then refer him to the URL. The most discouraging thing in Linux for a beginner is to start going through thousands of pages of man, FAQs and HOWTOs which are long in first place, and difficult to understand for a new convert. To answer the question: I don't know how it is with debian, but in slackware you go and edit the file /etc/rc.d/rc.local, comment out (put #) at the beginning of the line which has the name xdm (or kdm or gdm, depending whether you use raw xdm, KDE or Gnome display managers). This way next time you boot your machine it will bring you to a prompt similar to DO$, where you can log in with your user name and password. To start X you will type startx at the prompt (after logging in of course!) To go out of X you either go out through the procedure of your window manager (you should have a menu item for logging out) or you press Ctrl + Alt + Backspace. Regards Ibrahim --- "Karsten M. Self" wrote: > on Thu, Jan 31, 2002 at 09:33 PM +1300, Alan > Shrimpton ([EMAIL PROTECTED]) wrote: > > Okay now X starts atomatically but I rather it > not. I know it was my fault > > because I said yes to have it as default.. Now, > how can I change back. > > Also once running how do I stop it? > > There's a short FAQ on GNU/Linux X display manager > disabling you may > find useful, at: > > > http://kmself.home.netcom.com/Linux/FAQs/xdm-disable.html > > Thank you. > > > -- > Karsten M. Self > http://kmself.home.netcom.com/ > What part of "Gestalt" don't you understand? > Home of the brave > http://gestalt-system.sourceforge.net/ >Land of the free > We freed Dmitry! Boycott Adobe! Repeal the DMCA! > http://www.freesklyarov.org > Geek for Hire > http://kmself.home.netcom.com/resume.html > > ATTACHMENT part 2 application/pgp-signature __ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
on Thu, Jan 31, 2002 at 09:33 PM +1300, Alan Shrimpton ([EMAIL PROTECTED]) wrote: > Okay now X starts atomatically but I rather it not. I know it was my fault > because I said yes to have it as default.. Now, how can I change back. > Also once running how do I stop it? There's a short FAQ on GNU/Linux X display manager disabling you may find useful, at: http://kmself.home.netcom.com/Linux/FAQs/xdm-disable.html Thank you. -- Karsten M. Self http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? Home of the brave http://gestalt-system.sourceforge.net/Land of the free We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html pgpOEjxZGVGUX.pgp Description: PGP signature
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
On Fri, 2002-02-01 at 01:30, benfoley wrote: > depending on whether it starts from xdm, gdm, or kdm, you can run > > update-rc.d remove > > when you reboot, you'll have a console prompt. to run x from there, use > startx. No need to reboot. Just go to a console (Alt-Ctrl F1) and do as root '/etc/init.d/?dm stop' (with ? = x, k, or g) -- I did not vote for the Austrian government
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
On Thursday 31 January 2002 12:33 am, Alan Shrimpton wrote: > Okay now X starts atomatically but I rather it not. I know it was my fault > because I said yes to have it as default.. Now, how can I change back. > Also once running how do I stop it? > [snip] depending on whether it starts from xdm, gdm, or kdm, you can run update-rc.d remove when you reboot, you'll have a console prompt. to run x from there, use startx.
Re: Netscape4, Mozilla - Now what is X? - How to stop X?
Okay now X starts atomatically but I rather it not. I know it was my fault because I said yes to have it as default.. Now, how can I change back. Also once running how do I stop it? Cheers Al - Original Message - From: Alan Shrimpton <[EMAIL PROTECTED]> To: Paul 'Baloo' Johnson <[EMAIL PROTECTED]> Cc: Sent: Sunday, January 27, 2002 7:26 PM Subject: Re: Netscape4, Mozilla - Now what is X? > Stupid I am. I have heard the letter X being used alot but I don't know > what it is. Doubt I have the package downloaded. > > What is X? > How do you run it in case I have it? > > Cheers Al Newbie > > - Original Message - > From: Paul 'Baloo' Johnson <[EMAIL PROTECTED]> > To: Alan Shrimpton <[EMAIL PROTECTED]> > Cc: > Sent: Saturday, January 26, 2002 4:37 AM > Subject: Re: Netscape4, Mozilla > > > > On Sat, 26 Jan 2002, Alan Shrimpton wrote: > > > > > I obviously didn't have mozilla after all. I have installed it now but > when > > > I type mozilla & and hit enter I get the message. No DISPLAY is set. Is > > > there somewhere I can read up on this or may be someone can help? > > > > Make sure you're in X. Failing that, make sure you are trying to run it > > as the same user that X is running as. > > > > -- > > Baloo > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
