>> This said, it doesn't quite address my need: rather than say "only allow
>> SSH access to userfoo and userbar", I'd like to do "disallow non-GDM
>> access for userfoo and userbar".
> That would include the local Linux console?
I'd be OK with either choice for console logins. The original use
>> The original use case was to provide an account to my daughter who
>> was not (yet) able to remember a strong password. She wasn't going
>> to use a console login either.
> So a corner - and hopefully transitory ;-) - case.
Originally, yes, but I learned in the mean time to appreciate the
> This is different from what you originally said. By all means discuss this
> general problem with the developers - but please don't single ssh out and
> mess it up for a good many of the rest of us.
I think we're miscommunicating: I specifically don't want to single-out
SSH but instead I want
> Nope. Buy a $20 5-8 port ethernet switch. Very reliable. That's
> in the diagram above as "switch".
But it also means one more box. If you had one box before, that doubles
the number of boxes, and might also double the 24/7 power consumption.
Stefan
> The HDD is a Seagate 250GB 7200rpm, the SDD is a Samsung 250GB EVO 850.
> The total capacity matches exactly.
You mean they really have *exactly* the same number of blocs?
> dd if=/dev/sda of=/dev/sdb status=progress bs=4K
FWIW, after doing that, I'd recommend you look at the partition table,
> among others "same UUID" (I know, I know), so no need to change fstab.
Yuck! I recommend you stay away from UUIDs in your fstab. Instead name
your partitions. If you use LVM (which you should do anyway for all
kinds of other reasons) your volumes are already named anyway so there's
nothing
> using something like rsync, which means no duplicate UUIDs, you aren't
> spending time copying sectors that aren't referenced, the SSD gets
> fewer write cycles and it can be interrupted and resumed.
FWIW, copying files has its own form of overhead, so if the drive is
reasonably filled, it'll
> Basically anything that can run Debian and has two suitable
> ethernet ports will do. An old laptop? One of the shiny little
> Raspberry-Pi style devices? (Probably not the Pi itself; it only
> has one ethernet port.)
I use a BananaPi for that. It has 3 network interfaces:
- the ethernet one,
>> I'm looking for a decentralized instant message system (e.g. XMPP, SIP,
>> ...) where I can be sure that I receive all messages, even if I'm not
>> connected when the message is sent [ Obviously, I'll only receive them
>> when I'm back online. ]
> I believe that's called "electronic mail" or
> I'm not sure it's a "bug" in the "bug report" sense.
Sure looks like a bug to me (not being able to access the accept button
looks like a window manager bug, OTOH. At least with the
window-manager I use (ctwm), I have it configured such that I can move
a window from anywhere to anywhere by
>> I would like to hear some ideas on how to set various environment
>> variables (PATH, MANPATH, EDITOR etc.) in one place that would make them
>> effective everywhere. My "everywhere" means:
>> - X session started through lightdm and ~/.xsession script
>> - Linux console login (bash)
>> - user's
>> "shocked that anyone would want to design or use an
>> unreliable messaging system"
> Email is getting less and less reliable, so have you given up using it?? :-(
There's unreliable and there's unreliable.
In the XMPP world, the basic protocol will just send the message to the
> In Korea, all most people are using KakaoTalk (android app).
> If i am wrong, sorry, and let it go to off-topic.
It's not decentralized. IOW you're dependent on one central
server/company and everything goes through them, they get an insane
amount of data and power this way.
Stefan
>>> In Korea, all most people are using KakaoTalk (android app).
>>> If i am wrong, sorry, and let it go to off-topic.
>> It's not decentralized. IOW you're dependent on one central
>> server/company and everything goes through them, they get an insane
>> amount of data and power this way.
Of
> Free Software is diffcult to non-programmer such me.
This is a Debian discussion group. I think we all here agree that
there's no reason Free Software should be difficult for non-programmers.
Stefan
g system"
> This mention in previous E-Mails as well. E.g: <20160817192400.GB9964@alum>
> On Thu, Aug 25, 2016 at 6:00 PM, Stefan Monnier <monn...@iro.umontreal.ca>
> wrote:
>> > I think you looking for TOX!
>> > Visit TOX Project website:
>> > https://
y for the sender to know if the message has
been received, seems good enough.
Stefan
> On Tue, Aug 30, 2016 at 1:05 PM, Stefan Monnier <monn...@iro.umontreal.ca>
> wrote:
>> > You can't have all the best together.
>>
>> What does that mean, exactly? A
> I'm experimenting with TCP to see how long it takes to send a small amount
> of data from A to B. One would expect a latency of a few hundred
> milliseconds, but it's a few hundred microseconds instead. It is as if
> Nagle's algorithm has been disabled.
I suggest you re-read
> I'm not asking it to read my mind. I just want it not to
> remove any package I have manually installed.
FWIW, I really wish Debian could upgrade their package tools to follow
a model similar to Nix/Guix. Basically, I'd like to have a master
configuration file where I list the packages I want
> Can this be adjusted to allow me to install via apt-get this package?:
> https://packages.debian.org/wheezy/emacs23
> My fear is that if I monkey with sources.list I will trigger an unwanted
> dist-upgrade.
dist-upgrade doesn't happen automatically. So yes, you can add the
above and then do
>> > It's a pity that Aptitude is so poorly designed.
>> Just because it doesn't always work the way you want it doesn't mean it
>> should labeled "poorly designed".
> I'm not the only one to complain.
My point is that saying it's "poorly designed" is like calling the author
an idiot. So it's
> I think you looking for TOX!
> Visit TOX Project website:
> https://tox.chat
Thanks. That does look promising (although I don't see any mention of
reliable delivery),
Stefan
> On Sat, Aug 13, 2016 at 7:19 AM, Stefan Monnier <monn...@iro.umontreal.ca>
> w
> sequentially. When you're on a metered internet connection, with only
> a five-hour unmetered window in each 24, then making maximum use of
> the unmetered window is important.
In such a situation I think you'd want to use something like leafnode
and offlineimap.
Stefan
> It doesn't remove anything without your permission. It proposes
> a solution to the problem you present it with. You can reject that
> solution and have it try again.
FWIW, the way it presents the solution makes it hard to see what's
really going on. More specifically, the list of removed
>> Not really. Which version of psgmlx are you using?
>> What problem(s) did you encounter with it?
> Most of the details are on the deb-doc list now. Basically, emacs24 can't
> handle the old elisp in psgmlx, hence my need for an older version of emacs.
This "hence" is a bit hasty. Myself, I
> It's a pity that Aptitude is so poorly designed.
Just because it doesn't always work the way you want it doesn't mean it
should labeled "poorly designed".
Stefan
> I think (hope) the subject says it all.
Not really. Which version of psgmlx are you using?
What problem(s) did you encounter with it?
Stefan
> I need to boot into a hard drive diagnostic tool which is provided only as
> an ISO image by the manufacturer. Since my laptop does not have a CD drive,
> I hoped I could use a USB flash drive to run this tool from.
I would try `grub-imageboot`: put the .iso into /boot/images/ then
> Feel free to weight in ;-)
^^^
No idea where this `t` came from,
Stefan
>> > Futzing with partitions is the admin's job.
>> Could be, but it's not (g)parted's job to enforce these kinds of rules:
>> that's what Unix permissions (and Linux's capabilities) are for.
>> It's OK to add a warning and prompt the user to make sure he really
>> means to do that, but there's no
>2. Debian 8.6 w MATE run from LIVE DVD _displays_ the correct time
>3. Debian 8.6 w MATE installed from DVD 1 of 13 with aid of custom
> preseed.cfg
> _displays_ a time 5 hours earlier.
My guess: the Live DVD uses NTP so as not to depend on the hwclock
whereas your installs don't.
>>> 2. Debian 8.6 w MATE run from LIVE DVD _displays_ the correct time
>>> 3. Debian 8.6 w MATE installed from DVD 1 of 13 with aid of custom
>>> preseed.cfg
>>> _displays_ a time 5 hours earlier.
>> My guess: the Live DVD uses NTP so as not to depend on the hwclock
>> whereas your installs don't.
> I am an 86 year old Photoshop Guru and having trouble printing from PS
> in OS 10.12.
> So I found Gutenprint and downloaded the latest version for my Epson
> 4880. But what do I do now?
First things first: install Debian.
Stefan
> My only slight worry is following the above instructions the partition
> created on the stick was marked as "Linux". Really? Is that OK?
The partition type is very rarely used (it's kind of an announce of
the *purpose* of this partition, but the partition's content is always
the one that
> It's a 4GB stick and I am thinking of using all the space in a single
> partition.
Assuming the USB stick is at /dev/sdb I'd do:
% fdisk /dev/sdb
o
n RET RET RET RET
w
q
% mkfs.vfat /dev/sdb1
This has always worked well for me, for Windows and Mac OS X.
[ IIUC using
> Can anybody share any comments or links about this topic?
> - quiet (fanless), low-power and low cost hardware suitable for Gigabit
> routing and maybe use as a NAS too. It would also be useful to have
> fibre support in the router and avoid using a media convertor.
I don't know what you
>> LVM has bitten me more than once in the past and I will not use it
>> again. In both situations it spanned more than one disk and one of the
>> disks failed - leaving you with unrecoverable data.
> I don't think I've ever used it like that, and probably wouldn't. At
> least not unless the
>>> I once read that it was possible to swap to a named file, rather
>>> than a swap partition. Is that possible with Jessie?
Of course, it's possible. But if you setup a system from scratch I'd
highly recommend you put "everything" into an LVM volume group so you
can then use an LVM volume for
AFAICT, the latest amd64 kernel in Debian x86 testing is still 3.16
(i.e. the one from Debian stable).
Any idea why there's no newer one?
Stefan
>> AFAICT, the latest amd64 kernel in Debian x86 testing is still 3.16
>> (i.e. the one from Debian stable).
>> Any idea why there's no newer one?
> Since linux 4.0, the -amd64 kernel flavor is no longer built on i386:
Hmm... that's what I thought.
> To install the -amd64 kernel via multiarch,
> But somehow would like to fix the unmute, not unmuting speaker channel
> and don't know where to look.
If/when you do find out, please report here: I've had similar problems
on my laptops but could never figure out how those things are expected
to work nor how to change their behavior.
> This is what is called the Kernel-ABI. All modules compiled for
> "3.16.0-4-amd64" will be compatible with all kernels providing this.
I had kind of figured that out, but one thing still puzzles me: why
isn't it "3.16-4-amd64"? I mean, all those versions seem to always have
a ".0" which is
ls making and applying those decisions and that
might be part of the problem (at least that has been the case for the
LCD brightness management which has historically been handled at all
kinds of places with various successes at avoiding conflicts between
them).
Stefan
> On Mon, 9 Jan 2017, St
I have a headless machine connected to an ad-hoc network here.
I have the network setup in /etc/network/interface and it is brought up
fine at boot, but after suspend/resume the connection is lost until
I manually do ifdown+ifup.
I guess I could add the ifdown+ifup to /etc/pm/sleep.d, but I was
> apt-mark showmanual gives you the complement of apt-mark showauto.
> The second paragraph of apt-mark's description explains what's meant
> by "auto". So "manual" doesn't mean what you appear to assume it does,
> that you were involved in manually selecting it for installation. It
> just
>> Is there something better? Like a predefined way to just say that when
>> `usb0` appears, it should be added to `br0` (and ideally, this would
>> also `ifup` the `br0` interface if it's not up yet).
> Not with /etc/network/interfaces and ifupdown, but udev can do all that.
Interesting. Any
>> Interesting. Any hint how?
> It would be too long to explain here, but this page seems to cover the
> basics of what you need:
> http://packetpushers.net/udev/
I don't see any mechanism in there that will bring up an interface or
add it to a bridge, nor bring up the bridge.
As I said, I
> AIUI you save 100% "more power" with hibernate; the machine is
> powered off.
FWIW I've seen cases where the power brick consumes *more* when the
machine is off than when it's suspended (and in my experience there's
usually little difference between the two; the largest difference I've
seen is
> To speedup obtaining a lease you should probably restart dhclient on
> usb0 addition/removal.
Right, that's basically the issue. I know I can write all this with
enough post-up scripting in /etc/network/interfaces (or even udev
.rules files), but I was hoping there was something already
I have a bridge interface `br0` which usually contains jut `eth0` but
occasionally also needs to contain `usb0`, which is an ethernet-dongle
kind of thing.
How do I setup /etc/network/interfaces for that?
Currently, I just setup everything "manually": `br0` is setup `static`,
and `usb0` is setup
> But, it all changes if you replace conventional bridge with
> openvswitch, which *can* add new interfaces (ports as they call it) to
> its own bridges dynamically *and* it can be configured via interfaces(5).
Interesting. Would it work if the IP address of the bridge is acquired
dynamically
> Just wondering if anybody on here has acquired something like the
> following (basically a computer on a stick / pendrive) and tried
> loading Debian (or any Linux) on it?
> Have you found any that aren't preloaded with Windows?
Not sure what "computer on a stick" you're thinking of.
All the
> Maybe it's a problem with the battery?
Sounds very much like it.
Try another battery in the same laptop (or the same battery in another
laptop) to confirm.
Stefan
> Could i identify the environment by inspecting the file system (for
> example)? (I imagine the answer there must be 'no', because different
> users could have different environments but necessarily share the same
> file system, but maybe i'm making some unjustified assumptions?)
That's right.
>> > Having been there and done that, I can assure you that having a
>> > live snapshot system -- rsnapshot or btrfs/zfs native tools --
>> > is more fun and less work for everyone.
I looked at rsnapshot but its behavior is poor when you have lots of
directories with lots of tiny files.
It'd
> 1. a search and replace which can include a "newline" in new string.
> 2. display/edit 2 files simultaneously *side by side*
Really?
I find it hard to believe that there could be editors out there which
don't satisfy both of those.
Of course, I'd recommend Emacs, but really: *any* editor
> Note: I still want to keep experimental in my sources.list for the
> cases where I *explicitly* request experimental packages.
I keep these extra thingies commented out in my sources.list and
whenever I want to explicitly request some package from them,
I uncomment the line, redo the `update`
> It'd probably be fairly easy to come up with a backup system based on Git
> (probably not good for whole-system backups, but likely workable for
> homedir backups), but I haven't come across such a thing yet.
Well, for the reference I've now found `bup` which isn't using Git
directly but uses
I tried "aptitude install Thursday" and that failed miserably.
Then I tried with `apt-get`: same result.
The worst part is that I get the same kinds of failures when I try
"aptitude install this Thursday" or "aptitude install next Thursday".
Stefan "confused about this Debian thing"
> I would like a backup tool that does not bring a million dependencies with
> MBs of files. Something that works on server without X Windows and can
> send backup to an externally attached USB drive. Nothing fancy. No
> network infrastructure. Incremental backups would be greatly
> I have a need to sort lists of URLs and associated titles formatted as
> follows:
>
>* [[][]]
>
> e.g [[http://www.google.com][Google search]]
>
> I'd like to get a simple sort routine to do that.
In my quick test,
sort -t '[' -k 4
seemed to do the trick,
Stefan
> Yes for VM it is possible only if you use ESX server and licensed VM Ware
Then better use Free Software, such as kvm, VirtualBox, ...
Stefan
>> There are the so called snapshots, which you can make and then include in
>> your back up. No need to down the VM.
[...]
> I may be wrong but I don't think snapshots can be scheduled, but rather
> must be initiated
I have no idea what that means. The way it normally works is that you
have a
>> However, the virtual hard disk is a pretty large size. My method
>> compresses it further so that the size of the backup is much smaller.
> Have a look at "borg". It is ideal to backup VMs (or anything using
> large files with only marginal changes inside) and I have been using it
> for my
> "Unti recently" because there now is a way to do data retention, but:
> "bup only has experimental support for pruning old backups."
Indeed, it's a relatively new feature, but it's been working fine in
my tests.
Stefan
> This is the 4-in-1 card reader; the one you want you are trying to boot
> from. As indicted by /dev/mmcblk0p1 it is on the PCI bus. 'lspci' should
> display the chip used; one from Ricoh?
>
> GRUB doesn't see anything on this bus (it has no drivers for the device),
> so booting from it is not
> I have a very annoying problem. I can't write to my usb drives (fat32,
> ntfs, etc.) without root permissions. How can I fix this?
How did you mount it? I usually mount those with `pmount`.
Stefan
> That eases problems for Debian servers, I don't see an advantage to me.
Given that there is an advantage (for Debian servers), the question
isn't if there's an advantage to you, but instead if there's
a *dis*advantage to you (or others).
Stefan
>> Of course it all depends on what you mean by "booting from". AFAICT in
>> Leandro's situation, he's loading Grub from some other disk (probably
>> the main HDD or SSD), so he's already "not booting from the SD card" in
>> this sense.
> By "booting from" I mean everything which is needed to
>> Now "import" is quite another kettle of fish: it's part of the
>> ImageMagick suite (not much to do with X, actually), which has the
>> (questionable) tradition of calling its things "display", "convert",
>> "identify", "compare"... or even "conjure"). Now ImageMagick is so
>> useful that
> The weakest link in most chains of Data protection is the person that
> has access to it.
And rather than breaking knuckles, sometimes it's more ...elegant.. to
just fool/seduce the target,
Stefan
> I'm interested in investigating cumulative data to/from the internet for
> selected interval ranging from an hour to a week.
> My only connection is a device connected thru a USB port.
> My web search turned up only discussion of measuring throughput RATE.
> Suggestion of keyword(s) for search?
> I had the same situation with my Sandisc Exreme thumb drive before! Here
> heparin reports TRIM too, and fstrim failed too. At that time I thought
> that the problem is the thumb drive controller.
hdparm's report mostly comes directly from the drive within the
enclosure. So all it says is that
> I have had Debian up on my Xiamo smartphone. I believe it uses the existing
> kernel. Had a xwindows as well but did not like the interface. In the end,
> question was what to do with it.
One of the first things I do with a Debian install on those devices:
run an sshd daemon which lets me
> If you want a smartphone but don't want a smartphone, it sounds to me
> as if you want a smartphone with no SIM card. It's possible that this
Indeed. I was looking for a "modern walkman" and the best and cheapest
option nowadays is to get a smartphone for that (and simply not use the
phone
> It has an antenna. A sharp knife or some conductive tape or adhesive
> and Bob's your uncle.
Hmm... I thought the antenna on those devices nowadays are physically
just traces printed on a PCB. They're not necessarily very easy to find
AFAIK (hell, just opening the device such that you can
> Disabling the radio in a smartphone should be easy.
^^
As a moral imperative, I agree. In practice it seems to be harder than
... it should
Stefan
> Yes. Still the open question remains: why is it being changed although
> the "immutable" attriibute was set?
I'm not sufficiently familiar with the "immutable" attribute to answer
that, sorry.
Stefan
>> I just gave you a solution to your underlying problem, which *uses* the
>> infrastructure rather than fighting it. I won't force you to use it, tho.
> I thought the canonical method which was discussed in the
Depends on "method to do what?".
A static resolv.conf is basically a concept from
> I am not willing to accept
And what are you going to do about that? Sue us? Sue Debian Inc. ?
> that there is no way to identify what is going on that is causing
> resolv.conf to change.
BTW, maybe one way to identify the culprit is:
- install resolvconf [ I know it sounds bad, but bear
>> Also the solution I showed has the advantage that when he stops his
>> bind deamon, he still gets his host names resolved (via the
>> DHCP-provided DNS server).
> Even for shop.coyote.den?
Of course: for all host names he cares to use.
And obviously, his DHCP-provided DNS server will answer
> If Debian developers who are responsible for resolvconf are reading this,
> and if they actually CARE about making things work correctly and sensibly,
> then here is yet another proposal: give us a way to QUICKLY and EASILY
> and RELIABLY tell resolvconf "never do anything".
`resolvconf` only
>> With such a setup, your host should correctly use your local `bind`
>> server, and if you ever stop your `bind` server it should start using
>> your ISP's server instead. And when you restart your `bind` server, it
>> will switch back to using that.
> That is not at all what I am trying to
> My /etc/resolv.conf looks like this:
> domain example.com
> search example.com.
> nameserver 127.0.0.1
Here's how I'd do it:
- install resolvconf
- move the resolv.conf config you use with bind to somewhere else, like
/etc/resolv.conf.bind
- arrange for the script which starts your `bind`
> That said, there are other statements that are odd:
Not sure what you find odd about them:
> "I really can’t recommend strongly enough that you do not attempt
> to mix UEFI-native and BIOS-compatible booting of
> permanently-installed operating systems on the same computer, and
>
>>I have the following error when activate flyspell-mode (with hunspell
>>set as the default dictionnary):
>>
>>"Error enabling Flyspell mode:
>>(UTF-8)"
>>
>>My flyspell configuration (below) worked flawless for years.
>
> No one is affected by this bug in debian sid?
> I tried different ways to
> Yes, documentation of firmware is almost unknown in my experience
> (since probably 30 years ago). That's why I took the least invasive
It's documented to the extent that it says "implements UEFI" and that
UEFI is documented.
>> Same here (basically for the same reason: the behavior of the
> [*] backup, umount/swapoff, resize2fs/mkswap, mount/swapon, (unlikely but
> possibly: restore)
lvextend --resizefs ...
will work without you needing to unmount the file-system.
Stefan
> Curious .. Why do I get two of every posting. What setting do I need to
> change.. Thanks Jerry
Search for the "Skip every other posting" option.
Stefan
Alberto Luaces writes:
> Joe writes:
>
>> On the assumption that you are using a router of some kind, your public
>> IP address will be that of the router WAN port (cable, ADSL, etc.) and
>> there will be a method of determining that by connecting to the router
>> as an
> I spend some time yesterday on IRC (#emacs) and it seems it is a bug
> related to the language (French). Another french user was affected but
> didn't find a solution. The problem is still present when starting
> emacs with the `-q` option.
Then I recommend you file a bug about it,
> I have what is essentially a "USB->Serial" - "Serial->USB" Cable.
> Ethernet is *NOT* involved - though there are topological similarities.
I don't have factual knowledge of what you have, indeed, but you said:
I have purchased a USB Host-Host cable based on the PL-25A1 chipset.
While
> Which strikes me as a bug, not a feature. I'm not familiar with the USB
> specification but it seems to me that sharing USB ports, speakers,
> microphones, network ports, etc. should all be possible. While one host, the
> hypervisor, may control the actual port, others should be able to
>
> That's your perspective (as someone who's stated that you have no experience
> at this). From the perspective of the people who tried to help you, you've
> chosen an obscure solution rather than a well-tested and well-documented
> solution for no apparent reason. (ROFL?) From the perspective of
>> [...] Wall, in the wrong hands
>> can be quite a nuisance so that's the sort of power one must be
>> careful about. In this case, it doesn't really matter since I am
>> the only user.
> It has since been superseded by Javascript, web page popups and
>
> I have two computers with USB ports.
> I wish them to communicate as simply as mid-20th-century computers did.
What kind of "communicate" do you need there?
The "way back machine" to simulate a "null modem" serial cable exists,
as you've seen, but it's rarely the best solution for nowadays's
> If none of that are options, you can resort to using an "ethernet
> dongle" on both sides and an ethernet cable between the two.
[ If one of the two computers has a free ethernet port, you can of
course also such a dongle on the other computer. ]
BTW, those ethernet dongles can be found
>> In some cases one of the two computers's USB port is an "OTG" port,
>> meaning that it can act either as "master" or not, in which case you can
>> just use a regular USB cable (and usually you then configure the OTG
>> side to pretend it's a network card, so it ends up looking to the
>>
> The one choice you have is that one of both sides takes a step
> back and plays "gadget" (the jargon term, somewhat unfortunate
> as search engine fodder). There seems to be something out there
> for that, e.g. [2].
The gadget API is the programming API offered by the kernel for the OTG
ports:
> I used it at my previous job, and it works fine. Bonus: it has Debian
> packages, and it is Free Software.
I only see packages for the client side.
Is there a Debian package for the server side (like there used to be
for owncloud)?
Stefan
501 - 600 of 1488 matches
Mail list logo