Re: [DNG] New Chimaera torrent file needs seeders.
On Sun, 11 Sep 2022 11:43:12 -0400 fsmithred via Dng wrote: > Please seed. Thanks. Hi to all. I have a headless backup machine (with about 2T spare capacity) that I'd be willing to use as a long-term seeding host, but I have no knowledge about how to do this securely, and it'd have to be managed via ssh. I have a couple of questions. 1) How do I get the client to continue to run after logging off? Is it as simple as a remote command: $ aria2c -V --seed-ratio=0.0 -d /home/devuan/torrent https://files.devuan.org/devuan_chimaera.torrent & exit or should I keep the ssh instance open on the local host to monitor what's going on? 2) Should the client be chrooted? 3) Any advice on a secure aria2.conf would be appreciated. Many thanks fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] chimaera to daedalus upgrade
Hello, In the middle of a dist-upgrade and got this error: Preparing to unpack .../nodejs_16.15.1+dfsg-1_amd64.deb ... Unpacking nodejs (16.15.1+dfsg-1) over (12.22.12~dfsg-1~deb11u1) ... dpkg: error processing archive /var/cache/apt/archives/nodejs_16.15.1+dfsg-1_amd64.deb (--unpack): trying to overwrite '/usr/share/systemtap/tapset/node.stp', which is also in package libnode72:amd64 12.22.12~dfsg-1~deb11u1 Errors were encountered while processing: /var/cache/apt/archives/nodejs_16.15.1+dfsg-1_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1) reluctant to just reboot and hope. Is this at all interesting or is is it simply artefactual? best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Delete default xfce4 shortcuts
Hello, Is there anyway to completely delete the influence of the xfce4 environment. I am continually frustrated in my attempts to install four keyboard shortcut in libreoffice. I'd like these four: ctrl+alt+up promote point ctrl+alt+right promote point and subpoints ctrl+alt+down demote point ctrl+alt+left demote point and subpoints However, even though I am working on a machine that has never seen xfce4 (primary installation of devuan server (chimaera) with subsequent addition of openbox, tint2 and menu, launched with startx), I am plagued by the xfce4 shortcut ctrl+alt+arrow = switch desktop Modifying my preferred set to a 'shift+alt+arrow' version is overridden by the default shift+alt+arrow = move window to workspace # apt-get --remove --purge xfce4 simply returns Package 'xfce4' is not installed, so not removed How can I identify and then remove a configuration file for a package that has never existed on a system but has somehow been installed and is overriding the custom shortcuts in Libreoffice? For the record, I have been plagued by this for several years; my response to date has been to give in and install xfce4, then modify the shortcut using the settings manager, but I'd like to keep this machine on a startx/openbox environment (on another machine (an i7), openbox uses 1% CPU and xfce4 13%). Many thanks fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Installation problems on Dell T7810 + PERC H310
Hello,
I am trying to install Devuan {Beowulf server (CD), Chimaera minimal
(USB)} on the above machine. It has a 100M EFI partition 1, W10
(partition 2, 116G, shrunk from 370G), [vacated free space for linux
after shrinking, ~250G], and a Windows recovery partition 5 (~520M). The
machine boots Windows 10 reliably with UEFI. I would like to keep the
W10 installation if possible.
However, despite two days of effort, I cannot get the machine to boot
linux from the hard drive. The first problem was not detecting disks
during installation, although after switching to legacy boot, the
installer found the disks; partitioning and installation then completed
as expected. The machine, however, failed to boot (no bootable image)
after this 'successful' installation. I grub-installed to the
'removable media path' as advised,, but I did use a 'targeted' not a
'generic' initrd; this last has not been a problem before.
I have disabled the RAID according to these instructions.
https://www.dell.com/community/PowerEdge-HDD-SCSI-RAID/Linux-installation-doesn-t-find-physical-disks-on-R320/td-p/7659439
The BIOS reports that there are no hard drives present, despite being
able to boot Windows. I have tried to add boot devices to the UEFI
menu, I can add the DVD drive, and boot from the Beowulf CD, which
then fails at the detect disks stage; I can add the USB, but it doesn't
launch the installer. I am also given a list of 3 or 4 entries (which
look like they might be partitions, although they are all identical),
although adding them causes either an 'Input not supported' error or
a 'no bootable device found'. I have changed the SATA controller from
RAID to AHCI. Is there anything that I've missed?
This is a newly-purchased, refurbished machine, and so I don't really
want to open the case, just in case something is broken (although I
can't think what) and under warrenty (unlikely). But as a last resort,
what would happen if I removed the RAID card and connected the two
drives as SATA? Would the BIOS then manage this automagically? Is there
a master (independent) BIOS image stored on the motherboard, with a
lesser one on the controller, and configured independently via the F12 menu.
Many thanks, sorry for the amount of text
fraser
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] nvidia-persistenced can't be installed
On Thu, 30 Dec 2021 15:26:51 -0500 Haines Brown wrote: > When I try to do an upgrade, I'm told nvidia-persistenced is not > configured. When I reinstall it I get: > > ... > Need to get 0 B of archives. After unpacking 0 B will be used. > Setting up nvidia-persistenced (460.32.03-1) ... > Starting NVIDIA Persistence Daemon > nvidia-persistenced failed to initialize. Check syslog for more > details. invoke-rc.d: initscript nvidia-persistenced, action "start" > failed. dpkg: error processing package nvidia-persistenced > (--configure): installed nvidia-persistenced package > post-installation script subprocess returned error exit status 1 > Errors were encountered while processing: nvidia-persistenced > E: Sub-process /usr/bin/dpkg returned an error code (1) > Setting up nvidia-persistenced (460.32.03-1) ... > Starting NVIDIA Persistence Daemon > nvidia-persistenced failed to initialize. Check syslog for more > details. invoke-rc.d: initscript nvidia-persistenced, action "start" > failed. dpkg: error processing package nvidia-persistenced > (--configure): installed nvidia-persistenced package > post-installation script subprocess returned error exit status 1 > Errors were encountered while processing: nvidia-persistenced > > I'm runing Chimaera with fluxbox but no desktop environment. I > reinstalled xord and fluxbox. Syslog does not report an error. > > $ lspci -nn | egrep -i "3d|display|vga" > 00:02.0 VGA compatible controller [0300]: Intel Corporation > RocketLake-S GT1 [UHD Graphics 750] [8086:4c8a] (rev 04) 00:17.0 SATA > controller [0106]: Intel Corporation Device [8086:43d2] (rev 11) > > I ran # apt install -f > > I ran # aptitude reinstall nvidia-persistenced > E: Internal Error, No file name for nvidia-persistenced:amd64 > > Help would be much appreciated. I have had several instances of this problem. I posted a workaround https://lists.dyne.org/lurker/message/20210122.105344.eab549d1.en.html I have been doing this for over a year every time it crops up: the list of affected packages has grown since that post, and the workaround seems to be without consequences. Perhaps someone who knows stuff could comment. There is mention of this issue here: https://stackoverflow.com/questions/11274290/why-is-my-debian-postinst-script-not-being-run Best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Simple-netaid 1-0 released
On Sat, 20 Nov 2021 12:47:24 +0100 aitor wrote: > Hi all, > > I've just uploaded the packages of simple-netaid (libnetaid + snetaid > + simple-netaid-cdk) to the repository of gnuinos chimaera. If you > want to install them in devuan, Very nice tool. So far doing everything I expected it to do, and doing it reliably and quickly. Thank you. fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Remote power management
Hi, This feels like a damnfool question, but I don't seem able to find an appropriate solution. The situation: careless staff leaving desktops logged on, open tabs in browsers, monitors left on etc.etc. First solution: cron job: '/sbin/shutdown -r now' run daily at 7pm But this reboots to a live console login (no dm installed) and I haven't yet found a way to remotely configure the power management; all the solutions seem to merge to one where X is already running (or eliminating human error!). The situation is complicated by the need to subsequently disable power management and screensaver so that online video (tutoring) doesn't get interrupted once X and xfce are manually launched. So here is my damnfool question: How can I manually turn any monitors off remotely if they are not running X? The computers are all running Chimaera. Sorry for such an elementary question, but it's eluded me. fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Failure of dpkg postinst/prerm scripts was Re: cups in ceres: Correction
On Tue, 1 Dec 2020 13:56:15 + fraser kendall wrote: > On Tue, 1 Dec 2020 13:35:48 + > fraser kendall wrote: > > Correction: [...] > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postinst > /var/lib/dpkg/info/printer-driver-cups-pdf.postinst.bad > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postrm > /var/lib/dpkg/info/printer-driver-cups-pdf.postrm.bad > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.prerm > /var/lib/dpkg/info/printer-driver-cups-pdf.prerm.bad > #dpkg -r printer-driver-cups-pdf Replying to my own post. This is a reproducible problem/workaround that has affected several packages in some of my various beowulf deployments; these have included initramfs-tools initramfs-tools-core htcondor nginx-full printer-driver-cups-pdf I am posting this for information: there is clearly something about the preinst/prerm/postinst/postrm script(s) that is causing problems during dpkg operation. The workaround is the same in each case: rename the offending script and run dpkg again. I recognise that this family of scripts are very similar, but lacking the skills to pinpoint the problem, the best I can offer is to hand the observation over to the list for any interested parties who would like to take a look. Best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] cups in ceres: Correction
On Tue, 1 Dec 2020 13:35:48 + fraser kendall wrote: Correction: > Workaround from > https://askubuntu.com/questions/1069702/dpkg-error-processing-package-install-info > > #mv /var/lib/dpkg/info/install-info.postinst > /var/lib/dpkg/info/install-info.postinst.bad > #mv /var/lib/dpkg/info/install-info.postrm > /var/lib/dpkg/info/install-info.postrm.bad > #mv /var/lib/dpkg/info/install-info.prerm > /var/lib/dpkg/info/install-info.prerm.bad > #dpkg -r printer-driver-cups-pdf > Should be: #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postinst /var/lib/dpkg/info/printer-driver-cups-pdf.postinst.bad #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postrm /var/lib/dpkg/info/printer-driver-cups-pdf.postrm.bad #mv /var/lib/dpkg/info/printer-driver-cups-pdf.prerm /var/lib/dpkg/info/printer-driver-cups-pdf.prerm.bad #dpkg -r printer-driver-cups-pdf Sorry for that. f ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] cups in ceres
On Tue, 1 Dec 2020 03:23:11 +0100 Arnt Karlsen wrote: > On Mon, 30 Nov 2020 11:39:37 +, Le wrote in message > <20201130113937.6da5d2fa@cruncher>: > > > Hello, > > > > I'm getting a circular problem upgrading cups in ceres. I've been > > tackling this for a week or so. I need two root terminals open: > > one to apt-get and the other to top + kill apt-get and dpkg. > > ..snip PITA details > Given up trying to find an answer. Not due to apparmor. Workaround from https://askubuntu.com/questions/1069702/dpkg-error-processing-package-install-info #mv /var/lib/dpkg/info/install-info.postinst /var/lib/dpkg/info/install-info.postinst.bad #mv /var/lib/dpkg/info/install-info.postrm /var/lib/dpkg/info/install-info.postrm.bad #mv /var/lib/dpkg/info/install-info.prerm /var/lib/dpkg/info/install-info.prerm.bad #dpkg -r printer-driver-cups-pdf seems to restore apt-get functionality. Posting for the record. Best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] wicd in ceres; was Re: Danger: Debian POSIX hostility
On Thu, 5 Nov 2020 10:04:37 -0500 Hendrik Boom wrote: > On Wed, Nov 04, 2020 at 01:38:26PM +0000, fraser kendall wrote: > > On Fri, 18 Sep 2020 21:07:11 +0200 > > Florian Zieboll wrote: > > > > > On Fri, 18 Sep 2020 12:44:21 +0100 > > > Le Loft wrote: > > > > > > > wicd just > > > > doesn't work > > > > > > > > > Did you check the WiFi adapter's device name in the Wicd config? I > > > remember that it took some time to figure out that it in fact > > > works very well, when I played with it the first time. > > > > Hi, > > > > Thanks for your reply. Sorry it's taken me so long to respond. I > > have been trying to get wicd to work in ceres, but it doesn't > > install due to a missing dependency (python-gobject-2). However, I > > can get it installed and working as you describe if I include > > beowulf repos in the apt sources (but not chimaera sources) without > > any trouble. > > Does "but not chimaera sources" mean you haven't tried chimaera, or > that you have and it didn't work? > The latter: I tried to install it using just ceres, then added chimaera and chimaera-updates to no avail. removing chimaera and chimaera-updates, then adding beowulf, beowulf-security, and beowulf-updates did the trick. f ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] wicd in ceres; was Re: Danger: Debian POSIX hostility
On Fri, 18 Sep 2020 21:07:11 +0200 Florian Zieboll wrote: > On Fri, 18 Sep 2020 12:44:21 +0100 > Le Loft wrote: > > > wicd just > > doesn't work > > > Did you check the WiFi adapter's device name in the Wicd config? I > remember that it took some time to figure out that it in fact works > very well, when I played with it the first time. Hi, Thanks for your reply. Sorry it's taken me so long to respond. I have been trying to get wicd to work in ceres, but it doesn't install due to a missing dependency (python-gobject-2). However, I can get it installed and working as you describe if I include beowulf repos in the apt sources (but not chimaera sources) without any trouble. Thanks fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Clarification please
On Tue, 3 Nov 2020 02:50:37 -0500 Steve Litt wrote: > On Thu, 29 Oct 2020 16:53:43 + > g4sra via Dng wrote: > > > On 29/10/2020 13:44, Michael Neuffer wrote: > > > On 10/29/20 2:27 PM, d...@d404.nl wrote: > > --snip-- > > >> To ease the maintenance of those servers i intend to migrate them > > >> to docker containers. I wonder people on this list have > > >> experience on this subject? > > > > > > > > > You might want to take a look at this project: > > > > > > https://github.com/mailserver2/mailserver > > > > Please correct me if I am mistaken, I thought 'unbound' was tied to > > 'systemd creep' nowadays and have been avoiding it for that reason > > alone. I want to avoid creating a dependency on something I don't > > already have only to need to purge it next year ... > > I'm as anti-systemd as the next guy, but I use unbound on a constant, > everyday basis. Let me explain... > > Here are two lines from my unbound.conf: > > == > # Guard against future default changes: no systemd ever! > use-systemd: no > == > > As far as I can see, if I had set use-systemd to "yes", unbound would > have reported its success in starting in the systemd approved way, and > would not have backgrounded itself. So if you use sysvinit, you just > say use-systemd: no and whatever option that makes it background > itself. If you use runit or s6, say systemd: no and whatever makes it > NOT background itself. > > So basically, there's a little, probably completely separate part of > unbound with minimal linkage, that if told to, will send out a > systemd-approved "I am functional now" message. But as far as I know, > unbound uses no systemd facilities and would only require or suggest > systemd as a result of a systemd-infected distro configuring unbound > that way. Not sure if it is relevant or not, but during a dist-upgrade to ceres today, got the following notification: unbound (1.11.0-1) unstable; urgency=medium The default Debian config file shipped in the unbound package has changed from using the "include:" directive to using the "include-toplevel:" directive in order to include the config file fragments in /etc/unbound/unbound.conf.d/*.conf into the unbound configuration. The "include-toplevel:" directive has been newly introduced in unbound 1.11.0 and it requires that any included config file fragment begin its own clause (e.g., "server:"). The existing "include:" directive that was used in previous Debian releases of the unbound package only performed textual inclusion, and it was possible to construct a set of config file fragments that depended on the presence or ordering of specific config file fragments in order to parse correctly. For instance, a config file fragment could have specified an option that can only appear in the "server:" clause, and rely on a previously included config file fragment to begin that clause. This behavior is no longer allowed by the use of the "include-toplevel:" directive because it is not robust against config file fragments being added, removed, or reordered. If you are upgrading the unbound package and you have installed any config file fragments into /etc/unbound/unbound.conf.d/ you should check that each config file fragment begins its own clause (e.g., "server:") and update each config file fragment as necessary to be compatible with the behavior of the "include-toplevel:" directive. If needed, the previous behavior can be restored by changing the following line in /etc/unbound/unbound.conf: include-toplevel: "/etc/unbound/unbound.conf.d/*.conf" to its previous setting: include: "/etc/unbound/unbound.conf.d/*.conf" -- Robert Edmonds Sun, 09 Aug 2020 19:39:01 -0400 Best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Xorg stopped working after upgrade to Beowulf
On Tue, 22 Sep 2020 07:43:42 -0700 Marc Shapiro via Dng wrote: > I do use startx from a terminal login Me too, and usually without problems. However, I have always had to add needs_root_rights=yes to /etc/X11/Xwrapper.config And lately I cannot startx on three beowulf/xfce4 desktops, I have to startxfce4 (and the panel's not that stable either). Best wishes fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Iceweasel-uxp from Hyperbola GNU/Linux
On Thu, 10 Sep 2020 12:51:29 +0200 Antony Stone wrote: > On Thursday 10 September 2020 at 12:39:17, Haines Brown wrote: > > > This is wonderful news to a user of Palemoon/basilisk. However > > installing it failed because of my ignorance: > > > > $ sudo apt-get install ./iceweasel-uxp-dev > > Reading package lists... Done > > E: Unsupported file ./iceweasel-uxp-dev given on commandline > > > > $ sudo apt-get > > install ./iceweasel-uxp-dev_2.9-1~3.0gnuinos1_amd64.deb > > Try "dpkg -i" > > > Antony. > I managed it with: dpkg -i ./iceweasel-uxp_2.9-1~3.0gnuinos1_amd64.deb apt-get install -f But 1) I cannot login to my router using user/password (although I can with the same user/password on firefox) 2) I can't find the noscript addon referred to (about:addons) Pleased with the browser otherwise, feels quick after firefox, chromium, chrome Thanks Aitor fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Restricting processes to X% of CPU and Y% of RAM.
On Wed, 26 Aug 2020 18:33:10 +1000 onefang wrote: >cpulimit looks like it might work. cpulimit works well for me: I use it to stop an old but busy machine overheating when scanning a 45G rolling backup with clamav; although it takes 19 hours to do it at 25%, it's solid and stable. fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Upgrade to Beowulf: iptables
On Mon, 20 Jul 2020 21:10:08 -0400 Hendrik Boom wrote: > And did iptables work after the whole upgrade was finished? Yes. My existing ruleset was replaced with the default (permissive) ruleset; thus by definition, iptables worked as intended by the developers. However, as a manual iptables-restore command was required to restore the previous protective ruleset, my considered answer is 'no'. > Did it still work as you intended? No. There is a warning that there are two rulesets in place, the restored set (protective) and a second one, an 'iptables-legacy' ruleset. Both rulesets are the same. Installation of the iptables-persistent package installs rulesets from empty locations. # apt-get update && apt-get install iptables-persistent [...] The following additional packages will be installed: netfilter-persistent The following NEW packages will be installed: iptables-persistent netfilter-persistent [...] TUI menu item offering to save existing ruleset but the [Yes] [No] option has been disabled [...] Loading netfilter rules...run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables start Warning: skipping IPv4 (no rules to load) run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables start Warning: skipping IPv6 (no rules to load) done. The debian wiki gives the following 2 commands for setting up iptables-persistent which I understood to be required for the saved rules to be loaded at boot iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6 I have no confidence that installing iptables-persistent, will enforce the protective ruleset on reboot. I have added four lines to the eth0 entry in /etc/network/interfaces pre-up iptables-restore < /etc/network/iptables.rules pre-up ip6tables-restore < /etc/network/ip6tables.rules pre-up iptables -L pre-up ip6tables -L Issuing #ifdown eth0 && ifup eth0 confirms that they should be. However, this is a workaround. We are offered an option to preserve existing versions of several files during an upgrade that tries to replace them. The option is therefore readily available to avoid replacing an existing iptables* ruleset. Another option might be to deploy iptables-apply to rollback any changes to an existing ruleset by default (i.e. in the absence of confirmation) as part of the upgrade. Best wishes fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Upgrade to Beowulf: iptables
On Mon, 20 Jul 2020 19:46:16 +0200 Ludovic Bellière wrote: > Running processes aren't stopped (restarted) until the new binaries > are available, so your machine was still behind a firewall if rules > were applied before the upgrade. iptables, ip6tables, and other > alternatives serves as interface to the Netfilter packet filtering > framework found in the kernel, the absence of such commands does not > make the kernel unsafe. Thank you for the clarification; it has been both instructive and helpful. However, as the replacement of the existing (protective) ruleset with a default (permissive) ruleset is immediate: the dist-upgrade process is effectively issuing the command #iptables -P INPUT ACCEPT && iptables -F INPUT. Thus, it is not an absence of such commands, it is an active issuing of permissive commands to replace the existing protective ruleset in the kernel. The firewall is effectively being disabled with immediate effect and will remain so until a protective ruleset is applied and enforced. That is still essentially my concern. Best wishes fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Upgrade to Beowulf: iptables
I have upgraded several machines to Beowulf over the last few months. It has only once been problematic, but that was probably due to student error. However, there is an ongoing issue with the upgrade to iptables-nft so before starting the upgrade I opened a separate terminal and issued # watch iptables -L. I expected to see the existing tables overwritten with the default (ACCEPT everything and anything) and was ready to issue a prompt # iptables-restore < /existing/rule/set However, what I was not prepared for was to see that, during the download process and before the upgraded iptables package was installed, the 'watching' terminal suddenly report that the iptables command couldn't be found. It was over 5 minutes before the watching terminal reported the expected 'upgraded' ruleset. I have two questions. 1) Does this mean that during the upgrade process to Beowulf, there is a minutes-long window during which the machine has no firewall at all? 2) Is this sufficiently alarming as to constitute a bug? Best wishes fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Deleted qemu image
On Thu, 16 Jul 2020 11:35:20 +0100 fraser kendall wrote: Many, many thanks to everyone for their invaluable posts. The image has been restored and is now running on two identical machines. I'll post below for the record, but wanted to put my thanks at the top of the list. The file was retrieved and restored on the critical machine without any loss of service or uptime; the rescue process was seamless. So, thanks to everyone for these most excellent advices. Again and again. > I have just done the stupidest thing. I was freeing up (rm -rf) space > on what I thought was a storage directory (/srv), but I have now just > discovered that it contained a critical qemu image. The image is a W7 > VM and is still running; it appears unaffected. The /srv partition > is the largest on this machine and the testdisk recovery image of this > partition (~170G) is too large to fit anywhere on the hard drive. [cut] > Best option: 1) can I retrieve the deleted qcow image from a running > instance of that image? Yes. 1) open root terminals: a,b,c,d a) # find /proc | grep w7 note pid of deleted file and keep terminal open for reference and b) # tail -c +0 -f /proc/[pid]/fd/xxx > /srv/qemu-w7-tailed (keeps second instance of file in /proc) and c) # rsync -a /proc/[pid]/fd/xxx /srv/qemu-w7-rsync and/or d) # cp /proc/[pid]/fd/xxx /srv/qemu-w7-cp 2) copy the 'tailed; image to an appropriate second machine copy the original qemu-system commands for the deleted image and issue them for the 'tailed' image on the second machine confirm that the 'tailed' image is a working clone of the original when *completely* satisfied it is working as expected 3) close the original instance on the first machine (Point of no return!) issue the same qemu-system commands for the 'tailed' image on the first machine and confirm it is a working clone of the original When fully satisfied all is in order, the clone on the second machine can be closed and archived as a backup the rsync and cp versions are redundant > Fall back option: 2) does anyone know if a new installation of the > (Dell) W7 iso will still activate now that W7 is EOL? No. It won't even install. The installation arrests after windows files are unpacked: qemu enters a terminal 'pause'. > > I know that option 2 (writing to disk) will reduce the possibility of > a testdisk recovery. So, here's Q3: can i squeeze the second W7 VM > into a 6G qcow image (remaining free space in /home)? No. the cloned image is 23G. Many thanks again fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Deleted qemu image
I have just done the stupidest thing. I was freeing up (rm -rf) space on what I thought was a storage directory (/srv), but I have now just discovered that it contained a critical qemu image. The image is a W7 VM and is still running; it appears unaffected. The /srv partition is the largest on this machine and the testdisk recovery image of this partition (~170G) is too large to fit anywhere on the hard drive. This machine is mission critical. I cannot take it offline for another 6 hours, and I'll need to have it back up asap, (within an hour) so I need to plan my attack. So some very naive questions. Best option: 1) can I retrieve the deleted qcow image from a running instance of that image? Fall back option: 2) does anyone know if a new installation of the (Dell) W7 iso will still activate now that W7 is EOL? I know that option 2 (writing to disk) will reduce the possibility of a testdisk recovery. So, here's Q3: can i squeeze the second W7 VM into a 6G qcow image (remaining free space in /home)? I'm not going to do anything for a while, except think. And hide from the boss. All help would be appreciated. fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Hidden "Chrome Web Store Payments" menu entry...
On Mon, 9 Dec 2019 15:24:05 +0900 Simon Walter wrote: > ...in at least KDE in Jessie. > > /usr/lib/chromium/chromium "--profile-directory=Profile 1" > --app-id=XXX > > I use Chromium for development testing. > # dpkg --get-selections | grep chromium > chromiuminstall > > I have never installed Chrome. > > I suppose this is from upstream. Does anyone about this? I thought > maybe other privacy conscious users would like to know. It seems like > the exact thing that the Chromium package maintainer would remove or > document. > I am also anxious about the latest build of chromium: I cannot stop chromium from opening pdf files automatically. It defaults to opening them in libreoffice draw, and after uninstalling draw, GIMP. My default pdf reader is xpdf and I can open any pdfs using either gimp or xpdf from within xfe once they have been downloaded. The toggle switch in chromiums settings/advanced/content works for the choice of opening pdf files or downloading them, but opens them automatically whichever option is selected. Furthermore, the option to uninstall the extension (chrome://extensions) chromium pdf reader is permanently 'on' and greyed out, and I cannot 'find' the folder anywhere in my system that the extension reports as its ID in order to delete it. I have not seen this behaviour before. Many thanks fraser > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] How stable Is beowulf? How to upgrade from ascii?
On Thu, 7 Nov 2019 13:13:38 +0100 Bernard Rosset via Dng wrote: > - Even though I use scripts to automatically save/restore ip(6)tables > rules on up/down, I ended up having my rules cleared through initial > reboots. No precise idea on why. > I suggest you always keep a manual save of them somewhere. Beowulf/Buster has moved from iptables to nftables. You can still use iptables* with iptables-legacy*, but you'll need to edit your scripts to reflect this. The option to save existing rules is part of the upgrade but assumes that the existing rules haven't already been overwritten with the default 'allow anything and everything'. I use a second root terminal to check the current ruleset before making the decision to accept; I also check that the correct ruleset has been applied after the first few reboots and any updates just to be sure. Regards fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] DSA (Beowulf) Patch missing
- Debian Security Advisory DSA-4519-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 08, 2019 https://www.debian.org/security/faq - - Package: libreoffice CVE ID : CVE-2019-9854 It was discovered that the code fixes for LibreOffice to address CVE-2019-9852 were not complete. Additional information can be found at https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ For the oldstable distribution (stretch), this problem has been fixed in version 1:5.2.7-1+deb9u11. For the stable distribution (buster), this problem has been fixed in version 1:6.1.5-3+deb10u4. # apt-get update && apt-cache policy libreoffice Hit:1 http://pkgmaster.devuan.org/merged ascii InRelease Hit:3 http://pkgmaster.devuan.org/merged beowulf InRelease Hit:4 http://pkgmaster.devuan.org/merged ascii-updates InRelease Hit:5 http://pkgmaster.devuan.org/merged beowulf-updates InRelease Hit:6 http://pkgmaster.devuan.org/merged ascii-security InRelease Hit:7 http://pkgmaster.devuan.org/merged beowulf-security InRelease Hit:2 http://packages.roundr.devuan.org/devuan experimental InRelease Hit:8 http://pkgmaster.devuan.org/merged ascii-proposed-updates InRelease Hit:9 http://pkgmaster.devuan.org/merged beowulf-proposed-updates Reading package lists... Done libreoffice: Installed: 1:6.1.5-3+deb10u3 Candidate: 1:6.1.5-3+deb10u3 Version table: *** 1:6.1.5-3+deb10u3 500 500 http://pkgmaster.devuan.org/merged beowulf/main amd64 Packages 500 http://pkgmaster.devuan.org/merged beowulf-security/main amd64 Packages 100 /var/lib/dpkg/status 1:5.2.7-1+deb9u11 500 500 http://pkgmaster.devuan.org/merged ascii-security/main amd64 Packages 1:5.2.7-1+deb9u10 500 500 http://pkgmaster.devuan.org/merged ascii/main amd64 Packages Regards, leloft -- When you reach the end of your rope... Tie a knot and hang on! ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] ascii kernel
Hi Devs, Got myself in a bit of a pickle. Upgraded two machines (#2 and #1) from jessie to ascii, got two different kernels (#2 got v3.16 and #1 got v4.9) from the (.gb.mirror and .auto.mirror respectively) sources, both machines ran into issues with boinc (https://dev1galaxy.org/viewtopic.php?id=1139), subsequently some or all results from machine#1 running kernel 4.9 were rejected from the project as 'Errors'. Problems with boinccmd not yet resolved (?MySQL and localhost), but downgrading boinc (and libboinc7) from 7.6.33 (ascii) to 7.4.23 (jessie) got the boinc-client working normally on machine #2. However, the v4.9 kernel on machine #1 does not load the connection tracking modules (as from v4.7), and (?so) my iptables ruleset was ineffective, the host key got changed and I got (ssh) locked out of machine #1 .From the console, I found auth.log had been wiped, and configurations had been returned to default in /etc/pam.d/login, etc/pam.d/sshd, /etc/security/access.conf. I repartitioned and reinstalled jessie on machine #1. I have upgraded kernel 3.19 to linux-libre-4.1 on 5 of the 7 devuan machines (including machine#2 (ascii) and machine#1 (jessie) without apparent issues, but the LTS 4.1 is only supported until september 2017 and so i'd like to upgrade to the current LTS (4.9), but need to resolve the conntrack issue. I posted (https://dev1galaxy.org/viewtopic.php?id=1549) for advice but have not yet heard back. I have 2 specific questions: 1) Could someone please check that the default options (=keep existing config) in the ascii upgrade with respect to /etc/pam.d (and others) are being applied unless specifically overridden by user? 2) Which netfilter modules need to be loaded to restore the stateful firewall (and thus my existing iptables ruleset)? I can then upgrade the ascii machine to the native (v4.9) kernel. Sorry this post is so long, and hope that it's not inappropriate to post it on dng: if there is a problem with the pam.d in ascii in some environments, I judged it better to raise the issue here rather than on the public forum. Hope that's ok thanks fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Cannot update chromium
Hi, Sorry if this is the wrong list to post to. The security advisory from debian (Debian Security Advisory DSA-3926-1) refers to 23 issues. I cannot update chromium from apt-get. I cannot access the solution referred to in the bug report: https://bugs.devuan.org/db/24/24.html and the link (https://dev1galaxy.org/viewtopic.php?id=444) returns an error: An error was encountered Error: Unable to connect to PostgreSQL server. I have checked sources.list, reinstalled devuan-keyring, updated apt-key, but I am still not getting chromium listed as an update candidate. Several days ago, I had a failed apt-get update && apt-get upgrade operation due to unauthenticated packages, but I am not confident that the operation aborted successfully. I cannot load the ircs://irc.freenode.net/#devuan link: chromium asks to open xdg-open and then returns an untitled page, and so I am unable to post this on a more appropriate site. If this is problematic, I apologise. Any advice would be welcome: I am happy to subscribe to any appropriate lists to post this to. Many thanks for your efforts: I am running devuan on all seven machines at work and they all appear to be extremely stable, even under extreme loading. Best wishes fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
