Re: [DNG] WAIT_ONLINE_METHOD=none
Le 16/02/2019 à 23:42, Dr. Nikolaus Klepp a écrit : So openssh is blocked by random, which by some unknown reason takes ~ 30 seconds to start on 4.19 (in contrast to ~ 1 second o 4.9) I've read things about that in other lists. There's a new requirement to have a big enough amount of random numbers (they call this entropy, as an extension of the physical concept to computing), in some new random generator. openssh requires that to be able to start securely. The only workaround, IMHO is to find a way to not wait until openssh is ready to continue the start up. Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] WAIT_ONLINE_METHOD=none
Anno domini 2019 Sat, 16 Feb 23:23:23 +0100 Didier Kryn scripsit: > Le 16/02/2019 à 21:56, Dr. Nikolaus Klepp a écrit : > > I have tried "ifplugd" the last days, but that did not work especially > > well: It worked when starting without network and connecting within a hour > > or so, but it failed when connecting after several hours. > > Strange. Mostly worked fine for me, for at least a decade, I would say. > > Did you try 'dpkg-reconfigure ifplugd' ? Only ethernet interfaces > should be monitored by ifplugd, not the wifi interfaces, these are > monitored by wpa_supplicant, and therefore, must have an "auto" stanza > in the interfaces file. I had explictly defined "eth0" in /etc/default/idplugd and I went through all 3 possible combinations. I have not tried "dpkg-reconfigure ifplugd". The testmachine only has eth0, no wifi. > The issues I had in the past came from misunterstanding because > there was no warning that only Ethernet interfaces should be monitored > and that their "auto" stanzas should be removed from the interfaces file. I have removed that as you suggested. But I have news on the "openssh hangs on boot"-issue: kernel 4.9 (from ascii) works as expected. But kernel 4.19 from beowulf lets openssh hang on boot. Same computer, same config, just kernel changed. But this is different: 4.9: Feb 16 22:24:23 localhost kernel: [6.033782] Bluetooth: BNEP socket layer initialized Feb 16 22:24:24 localhost kernel: [6.978681] random: crng init done 4.19: Feb 16 22:09:14 localhost kernel: [5.062847] Bluetooth: BNEP socket layer initialized Feb 16 22:09:44 localhost kernel: [ 34.345896] random: crng init done So openssh is blocked by random, which by some unknown reason takes ~ 30 seconds to start on 4.19 (in contrast to ~ 1 second o 4.9) Any suggestions on how to proceed? Nik > > Didier > > > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] WAIT_ONLINE_METHOD=none
Le 16/02/2019 à 21:56, Dr. Nikolaus Klepp a écrit : I have tried "ifplugd" the last days, but that did not work especially well: It worked when starting without network and connecting within a hour or so, but it failed when connecting after several hours. Strange. Mostly worked fine for me, for at least a decade, I would say. Did you try 'dpkg-reconfigure ifplugd' ? Only ethernet interfaces should be monitored by ifplugd, not the wifi interfaces, these are monitored by wpa_supplicant, and therefore, must have an "auto" stanza in the interfaces file. The issues I had in the past came from misunterstanding because there was no warning that only Ethernet interfaces should be monitored and that their "auto" stanzas should be removed from the interfaces file. Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] WAIT_ONLINE_METHOD=none
hi Aitor! Anno domini 2019 Wed, 13 Feb 23:12:25 +0100 aitor_czr scripsit: > Hi, > > On 13/2/19 16:59, Dr. Nikolaus Klepp wrote: > >> If your ethernet cable can be either plugged or unplugged and you > >> want your system to react when you plug/unplug a cable in, then you need > >> a server to detect these changes and invoke ifup/ifdown accordingly. > >> This server can be ifplugd or netplug. > >> > >> In this situation you simply don't need and don't want neither > >> 'auto eth0' nor 'allow-hotplug eth0' stanzas in your interfaces file. > >> These are the stanzas which will make your OS hang at boot time and they > >> are simply useless. Just remove them. > >> > >> Didier > > Hi Didier! > > > > I followed your suggestion and installed "ifplugd". It would be nice if > > that was the default configuration for desktops:-) > > > > Thank you, > > Nik > > The backend of simple-netaid also can detect plug/unplug events without > any other server -neither ifplugd nor netplugd-, but there is still work > to do. > > I didn't work on it since september, though i have it in mind, of course. Is there a place to download "simple-netaid"? I have tried "ifplugd" the last days, but that did not work especially well: It worked when starting without network and connecting within a hour or so, but it failed when connecting after several hours. No I'm trying "netplug" ... Nik -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] xdm broken?
Ok thanks KatolaZ! Ozi On Sun, Feb 17, 2019 at 7:15 AM KatolaZ wrote: > On Sun, Feb 17, 2019 at 06:58:01AM +1100, Ozi Traveller via Dng wrote: > > Hi Alessandro > > > > Th existing install was working with slim. However after installing xdm > > startx run as a normal user wouldn't start, but it did run as root. > > > > Ozi, please have a look at the Ascii release notes: > > https://files.devuan.org/devuan_ascii/Release_notes.txt > > there is a section on X and how to run it from user. > > HTH > > KatolaZ > > -- > [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] > [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] > [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] > [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] > [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] xdm broken?
On Sun, Feb 17, 2019 at 06:58:01AM +1100, Ozi Traveller via Dng wrote: > Hi Alessandro > > Th existing install was working with slim. However after installing xdm > startx run as a normal user wouldn't start, but it did run as root. > Ozi, please have a look at the Ascii release notes: https://files.devuan.org/devuan_ascii/Release_notes.txt there is a section on X and how to run it from user. HTH KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] signature.asc Description: PGP signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] xdm broken?
Hi Alessandro Th existing install was working with slim. However after installing xdm startx run as a normal user wouldn't start, but it did run as root. Also I'm logged in on another console, and have jwm running and also pcmanfm. It looks like slim is still running though. ozi On Sun, Feb 17, 2019 at 4:52 AM Alessandro Selli wrote: > On 15/02/19 at 21:39, Ozi Traveller via Dng wrote: > > Hi > > I have installed xdm, and it starts when I boot up, but doesn't start > xorg when I login. > > > Please check that Xorg is installed. You should have the executable > /usr/bin/Xorg in place installed by package xserver-xorg-core. Then you > need a desktop environment/Window Manger that xdm can hande. wdm, which is > similar to xdm, has these defined in /etc/X11/wdm/wdm.wmlist: > DisplayManager*wdmWm: > default:openbox:openbox-session:startxfce4:xfce4-session:xfwm4 > > > Has anyone got this working? I would be interested to know how if anyone > has. > > ozi > > [image: VirtualBox_test-64_15_02_2019_07_11_44.png] > > > Please don't include a picture when a copy-and-paste would suffice. > > -- > Alessandro Selli > VOIP SIP: dhatarat...@ekiga.net > Chiave firma e cifratura PGP/GPG signing and encoding key: > BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE > > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Tips about eudev
Hi,
On 16/2/19 10:12, aitor_czr wrote:
Hi all,
The function:
kill_udevd() {
start-stop-daemon --stop --name udevd --user root --pidfile
/run/udev.pid
--remove-pidfile --oknodo --quiet --retry 5
}
located in debian/eudev.prerm throws the following error:
"... No udevd found running; none killed."
It should be replaced by:
kill_udevd() {
start-stop-daemon --stop --name udevd --user root --pidfile
/run/udev.pid \
--remove-pidfile --oknodo --quiet --retry 5
}
Note the missing symbol '\' in the first expresion.
Cheers,
Aitor.
(To be continued)
On the other hand, the udev hook and the init-top/udev and the
init-bottom/udev scripts located in /usr/share/initramfs-tools
belong to eudev, not to initramfs-tools. So, the initramfs-tools package
can exit in the system without eudev in the same way than it
already exists without any other device manager (for example, vdev);
therefore eudev should depend on initramfs-tools,
and not in the other way around, what is currently hapenning. This fact
forces to update the initrd files in eudev.postinst, that is:
update-initramfs -u -t -k all
Am i wrong at this point?
Aitor.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] iptables forced obsolescence over upgrade
On 16/02/19 at 11:26, chillfan--- via Dng wrote: > And of course I don't need nft Yes, you do. For some reason you don't *want* it, but that's a different matter. -- Alessandro Selli VOIP SIP: dhatarat...@ekiga.net Chiave firma e cifratura PGP/GPG signing and encoding key: BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] xdm broken?
On 15/02/19 at 21:39, Ozi Traveller via Dng wrote: > Hi > > I have installed xdm, and it starts when I boot up, but doesn't start > xorg when I login. Please check that Xorg is installed. You should have the executable /usr/bin/Xorg in place installed by package xserver-xorg-core. Then you need a desktop environment/Window Manger that xdm can hande. wdm, which is similar to xdm, has these defined in /etc/X11/wdm/wdm.wmlist: DisplayManager*wdmWm: default:openbox:openbox-session:startxfce4:xfce4-session:xfwm4 > Has anyone got this working? I would be interested to know how if > anyone has. > > ozi > > VirtualBox_test-64_15_02_2019_07_11_44.png Please don't include a picture when a copy-and-paste would suffice. -- Alessandro Selli VOIP SIP: dhatarat...@ekiga.net Chiave firma e cifratura PGP/GPG signing and encoding key: BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] iptables forced obsolescence over upgrade
Imo this is nowhere near a pleasant way to do things for users. It would have been much better to just provide a separate iptables nft package by default during the install, as they really haven't given iptables the axe yet. publickey - chillfan@protonmail.com - 0xB179B25B.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] iptables forced obsolescence over upgrade
So it turns out if you have the proper nft support (nft + compat module probably) in your kernel then iptables will continue to work. The ifup failure looks like this: iptables-restore/1.8.2 Failed to initialize nft: Protocol not supported run-parts: /etc/network/if-pre-up.d/iptables exited with return code 1 ifup: failed to bring up eth0 So the script in if-pre-up.d is not working because it returns 1 instead of 0. Maybe this behaviour is the best since otherwise someone would be left without a firewall or other feature and not know about it. Better to just change scripts to point to /usr/sbin/iptables-legacy-restore for now. Cheers, chillfan ‐‐‐ Original Message ‐‐‐ On Saturday, February 16, 2019 10:26 AM, wrote: > Yeah, although the nft wiki seems to suggest it will replace iptables they > seem to be coexisting at the moment. > > The problem with iptables is it expects you to have nft support. A quick find > command shows some changes in the provided binaries. > > /sbin/iptables-save > /sbin/iptables > /sbin/iptables-restore > /usr/sbin/iptables-save > /usr/sbin/iptables-nft-save > /usr/sbin/iptables-legacy-restore > /usr/sbin/iptables > /usr/sbin/iptables-legacy > /usr/sbin/iptables-nft-restore > /usr/sbin/iptables-restore > /usr/sbin/iptables-legacy-save > /usr/sbin/iptables-apply > /usr/sbin/iptables-nft > > Running /sbin/iptables gives: > > iptables/1.8.2 Failed to initialize nft: Protocol not supported > > And of course I don't need nft so it's not built into my kernel. For the sake > of testing I will check what happens when you do have nft support as I'm sure > the stock kernel has. > > The usual setup for restoring iptables is to place the script in > /etc/network/if-pre-up.d/iptables and restore the rules from a config file > somewhere in /etc. Maybe the quirk here is ifupdown expects if-pre-up.d > scripts to run succesfully before bringing up the interface. > > Cheers, > > chillfan > > ‐‐‐ Original Message ‐‐‐ > On Saturday, February 16, 2019 8:38 AM, KatolaZ kato...@freaknet.org wrote: > > > chillfan, I have several beowulf machines and all use iptables, and > > none of them has had that issue. Maybe I have not apt-get updated > > recently. Could it just be a quirk of if-up? Shall we try to track > > the issue down? > > On another note: before a useless ranftul flame gets started, please > > note that as chillfan said iptables is not going away from the Linux > > kernel. > > My2Cents > > KatolaZ > > > > [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] > > [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] > > [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] > > [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] > > [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] publickey - chillfan@protonmail.com - 0xB179B25B.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] iptables forced obsolescence over upgrade
Yeah, although the nft wiki seems to suggest it will replace iptables they seem to be coexisting at the moment. The problem with iptables is it expects you to have nft support. A quick find command shows some changes in the provided binaries. /sbin/iptables-save /sbin/iptables /sbin/iptables-restore /usr/sbin/iptables-save /usr/sbin/iptables-nft-save /usr/sbin/iptables-legacy-restore /usr/sbin/iptables /usr/sbin/iptables-legacy /usr/sbin/iptables-nft-restore /usr/sbin/iptables-restore /usr/sbin/iptables-legacy-save /usr/sbin/iptables-apply /usr/sbin/iptables-nft Running /sbin/iptables gives: iptables/1.8.2 Failed to initialize nft: Protocol not supported And of course I don't need nft so it's not built into my kernel. For the sake of testing I will check what happens when you do have nft support as I'm sure the stock kernel has. The usual setup for restoring iptables is to place the script in /etc/network/if-pre-up.d/iptables and restore the rules from a config file somewhere in /etc. Maybe the quirk here is ifupdown expects if-pre-up.d scripts to run succesfully before bringing up the interface. Cheers, chillfan ‐‐‐ Original Message ‐‐‐ On Saturday, February 16, 2019 8:38 AM, KatolaZ wrote: > chillfan, I have several beowulf machines and all use iptables, and > none of them has had that issue. Maybe I have not apt-get updated > recently. Could it just be a quirk of if-up? Shall we try to track > the issue down? > > On another note: before a useless ranftul flame gets started, please > note that as chillfan said iptables is not going away from the Linux > kernel. > > My2Cents > > KatolaZ > > - > > [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] > [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] > [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] > [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] > [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] publickey - chillfan@protonmail.com - 0xB179B25B.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Tips about eudev
Hi all,
The function:
kill_udevd() {
start-stop-daemon --stop --name udevd --user root --pidfile
/run/udev.pid
--remove-pidfile --oknodo --quiet --retry 5
}
located in debian/eudev.prerm throws the following error:
"... No udevd found running; none killed."
It should be replaced by:
kill_udevd() {
start-stop-daemon --stop --name udevd --user root --pidfile
/run/udev.pid \
--remove-pidfile --oknodo --quiet --retry 5
}
Note the missing symbol '\' in the first expresion.
Cheers,
Aitor.
(To be continued)
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] iptables forced obsolescence over upgrade
On Fri, Feb 15, 2019 at 11:25:36PM +, chillfan--- via Dng wrote: > Of the most stupid thing to happen over an upgrade.. Debian have forcibly > broken a security feature. Which is to say, don't expect your firewall to > still be functioning when you upgrade to Buster. And expect it to cause > network failure. > > Short story, I upgraded an ascii system to Beowulf since Buster is now > entering soft freeze if Debian have kept to their timetable. But surprise of > all surprises, my network isn't working. > > Why? Because I restore my _iptables_ rules when bringing up interfaces. > Apparently you must now use nftables and this was causing the ifupdown > scripts to fail failure because the if-up script returns a failure. > > As far as I can see iptables is now called 'iptables-legacy' and 'iptables' > actually uses nft. But btw, iptables is not deprecated in the kernel at all. > > nft is very counter intuitive and nowhere near as simple as iptables, > actually I'd need a day off and then some to learn it. Before someone thinks > it it yes I know about the conversion tool but that's useless when you know > something sucks and you just don't want it to begin with. > chillfan, I have several beowulf machines and all use iptables, and none of them has had that issue. Maybe I have not apt-get updated recently. Could it just be a quirk of if-up? Shall we try to track the issue down? On another note: before a useless ranftul flame gets started, please note that as chillfan said iptables is not going away from the Linux kernel. My2Cents KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] signature.asc Description: PGP signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
