64[01:13:01] *** Quits: JackK (~jack@replaced-ip) (Remote host closed the connection)
65[01:13:38] <lindylex> I am trying to build libpst-0.6.71 and
it depends on "libgd2-noxpm-dev" and
"libgd2-xpm-dev" these are not installable. It say i
should change the dependency to "libgd-dev" How do I do
this?
89[01:22:12] <ZeroBeholder> jelly: I may have the source and
target mixed up
90[01:22:34] <lindylex> This is the rror :
replaced-url
91[01:22:46] <jelly> not the syntax -- what would it
accomplish?
92[01:23:09] <lindylex> I ran this : apt-get build-dep libpst
93[01:23:15] <jelly> lindylex, is this your bug report?
94[01:23:29] <lindylex> And recieve this error :
builddeps:libpst : Depends: libgd2-noxpm-dev but it is not
installable or
95[01:23:30] <lindylex> libgd2-xpm-dev but it is not
installable
96[01:23:37] <ZeroBeholder> jelly: If the libraries are drop in
replacements it would allow him to get at the functionality even
though the name of the package isn't right.
97[01:23:44] <lindylex> That is not my bug report.
98[01:24:16] <jelly> lindylex, can you show the actual command
you ran and its full output?
99[01:24:56] <jelly> ZeroBeholder, and why would a single ln
command with a package _name_ of all things help with this?
109[01:27:32] <jelly> lindylex, which command precisely gives
you a segmentation fault?
110[01:27:58] <ZeroBeholder> jelly: I do it all the time with
python2 and python3 on the same system. I symlink python (no number)
to python3. Some of my scripts complain about 'python'
because on some machines it is linked to python2. But, the issue is
that it is named wrong and symlinking fixes that specific problem I
run into every once in a while.
126[01:34:12] <ZeroBeholder> --what it seems you are trying to
do is convert from a Windows format of emails stored in a single
file to a format more compatible with open source software.
127[01:34:29] <lindylex> Yes this is what I am doing.
128[01:34:54] <lindylex> I have a .pst file I am trying to
convert.
129[01:35:04] <lindylex> I get a segment error doing this.
130[01:35:07] <jelly> honestly you'll probably have better
results trying to open with libreoffice
131[01:35:19] <somiaj> ZeroBeholder: on debian you
shouldn't link /usr/bin/python to python3, as it could break
system upgrade/install/remove scripts. Point the script at the
correct version of python instead.
132[01:36:00] <lindylex> Jelly how do I open this with
Libreoffice?
140[01:38:20] <jelly> ignore the libreoffice suggestion then
141[01:38:40] <lindylex> Yes an Outlook backup file.
142[01:38:58] <ZeroBeholder> jelly: part of my thing is
migration off python 2.x. I clone the system and redo all the parts
that break. So, that is the desired outcome.
143[01:39:27] <ZeroBeholder> And the shebang is always three, no
particular reason besides that it should be there.
144[01:39:35] <ZeroBeholder> *three
145[01:39:43] <ZeroBeholder> *there
146[01:40:02] <ZeroBeholder> left pointer won't cooperate,
stupid finger
147[01:40:46] <lindylex> Is this not the source of readpst?
replaced-url
148[01:41:35] *** Quits: yonder (~yonder@replaced-ip) (Remote host closed the connection)
150[01:42:38] <jelly> if you want to build a newer upstream
version than what's in debian, look at
151[01:42:43] <jelly> !uupdate
152[01:42:43] <dpkg> uupdate (in the <devscripts> package)
upgrades a source code package from an upstream revision, or e.g. if
the newest foo in debian is 1.2, and upstream is at 1.4: apt-get
source foo; wget -nd
replaced-url
153[01:42:57] <jelly> !package rebuild
154[01:42:57] <dpkg> 1) Add a <deb-src> line for your
current release to your sources.list 2) aptitude update; aptitude
install build-essential devscripts fakeroot; aptitude -R build-dep
packagename 3) as any user, apt-get source packagename 4) cd
packagename-version/; ask me about <debian/rules>; 5)
dpkg-buildpackage -uc -us 6) as root, dpkg -i
../packagename-version.deb. Ask me about <debian/rules>,
<nocheck>, <nostrip>, <apt-get source>.
155[01:43:10] <ZeroBeholder> Debian is my favorite... it is my
goto distro. But, it is the stable distro-- it isn't the distro
for the latest and greatest (that is not proven to be good-- which
is the tradeoff). Have you considered doing just this one task with
Arch?
156[01:43:17] <jelly> also since you chose testing to begin
with,
157[01:43:21] <jelly> !debian-next
158[01:43:21] <dpkg> #debian-next is the channel for
testing/unstable support on the OFTC network (irc.oftc.net), *not*
on Freenode. If you get "Cannot join #debian-next (Channel is
invite only)." it means you did not read it's on
irc.oftc.net.
165[01:46:37] <ZeroBeholder> somiaj: part of my thing is
migration off python 2.x. I clone the system and redo all the parts
that break. So, that is the desired outcome.
166[01:47:21] <lindylex> jelly : what are we talking about? How
do I do this?
174[01:52:06] <jelly> lindylex, read what dpkg bot said about
package rebuild, grab debian's source that way, grab upstream
tarball, and use uupdate to make something like a debian tree with
newer version.
178[01:54:27] <jelly> ZeroBeholder, that's nice but maybe
avoid applying advice that works for your runtime scenarios or other
distros when people are asking about build-time issues on debian
195[02:12:07] <RandomGuyOnIrc> when I do "find . -type f
-name *py" It is only finding the files in the top directory.
Why is it not finding files in subdirectories?
196[02:13:07] <somiaj> RandomGuyOnIrc: you need to put the *py
in quotes so it doesn't expand by the shell
244[03:04:56] *** Quits: Poster|n (~poster@replaced-ip) (Quit: the clouds will part and the sky cracks open and god
himself will reach his fucking arm through just to push you down
just to hold you down stuck in this hole with the shit and the piss
and it's hard to believe it could come down to this back at the
begi)
245[03:05:39] <inthl> clamav has some issues recently discovered
that are supposed to be fixed, also according to
replaced-url
252[03:10:10] <inthl> rant, I mean, *should* it be there,
according to that sources.list entry? I am not sure where to look it
up actually whether there is a newer version on the debian server
256[03:10:46] <rant> it doesn't appear the fixes were made
in stretch to me
257[03:12:44] <inthl> stretch just has one minor version below
the current one. the issue is of high severity afaik, I really would
like to update this asap. so the error is at least not on my end?
258[03:13:07] <rant> not if your version matches the one on the
tracker
279[03:21:59] <inthl> I have never figured out the versioning
for debian here, that's why I am a little confused. I mean that
stuff appended after the main+minor verion. especially that +b1
here. nevertheless, I see no updates there, also the tracker states
it is vulnerable...but receives updates from -updates, ...however
there are none for this case
280[03:22:39] <inthl> so I wonder whether this is going to stay
permanently that way, or a patch will make it into stretch somewhat
later
281[03:23:21] <inthl> since stretch is considered stable,
I'd expect a patch there asap
430[07:25:55] <fasle> My journalctl output shows
"wpa_supplicant[668]: RRM: Ignoring radio measurement request:
Not RRM network" every 20 seconds. I tried to reduce
wpa_supplicant's verbosity in the systemd unit file, but this
message keeps coming up. Is there a different way to have this
message discarded automatically?
449[07:53:33] <justadude2> Im having trouble using airbase-ng.
as I tried to connect to the network I made, and I couldn't.
anybody know how to fix it? I think it has something to do with dhcp
590[10:17:19] <percY-> has anyone recently used a digital ocean
droplet with debian 9.3? I'm getting a strange output when
using adduser. sent invalidate(passwd) request, exiting, sent
invalidate(group) request, exiting. Not used to seeing this. Is it
normal?
591[10:17:19] *** Quits: mrr0butt (~mrr0butt@replaced-ip) (Remote host closed the connection)
597[10:19:48] <bernat> Hi. I have a Zotac ZBOX-ID18 with Intel
HD Graphics and hotplugging a HDMI TV doesn't work. The TV has
to be on when the computer boots because switching it on after the
computer boots won't detect it.
791[13:27:20] <BluesKaj> wonder if there's a secret to
installing the nvidia legacy 340 dkms driver without breaking my
system. Already tried on stretch 9.3 KDE/Plasma without success, and
already tried here on buster and it broke the system as well, so i
reinstalled to / and am running with the nouveau driver for now
which works, mostly. My gpu is a GeForce 210.
797[13:33:01] <BluesKaj> rant: yes, aamof I did on both OSs
798[13:33:05] <rant> BluesKaj: I just walked a new user through
this process the other night and the headers they installed with the
driver were not matching their kernel version because there was a
linux-image being kept back from upgrade
799[13:33:27] <BluesKaj> ahha
800[13:34:01] <rant> apparently some people forget to update and
upgrade after installing
806[13:37:05] <BluesKaj> I used the tut with the linux headers
and the non-free and contrib deb source to build the driver with
dkms and the result was failure after a reboot
811[13:39:32] <rant> it doesn't mention making sure
you've upgraded first.. just tells you to update after changing
sources
812[13:39:59] <rant> that can result in you getting latest
headers while still having an outdated kernel
813[13:42:43] <rant> BluesKaj: you'd need to enable ssh or
something to figure out whats going on.. if you dont see any nv,
noveau, or nvidia drivers loaded then thats probably the problem
825[13:51:48] <BluesKaj> rant the thing is the vt/tty was
available to remove the drivers and dkms etc and reinstall nouveau,
also there's no mention of installing nvidia-xconfig on Buster
so maybe I'm too far ahead of the curve because those fixes
still failed to work
827[13:52:25] <rant> lets say I install stable and I'm
using the first point release and end up with
fookernel-fooversion-debu1 then I apt-get update and install
fookernel-headers but theyre vooversion-debu3
828[13:52:44] <rant> those headers are not going to be
compatible because the version is different
846[14:07:19] <bitSt0rm> A funny thing is, my USB appears on the
pc-boot screen as one of those oldschool rectangular disks (not sure
what they are called inglish)
867[14:24:57] <rant> user0: where it gets hairy is the
overlapping terms when you're speaking of
resident/shared/virtual memory from a process standpoint
868[14:26:03] *** Quits: conta (~Thunderbi@replaced-ip) (Ping timeout: 268 seconds)
869[14:26:13] <user0> As noob as i am, i overlap everything in
IT
870[14:27:34] <user0> What override mean ? over write ?
871[14:27:39] <rant> user0: from a process standpoing Virtual
memory VIRT, is everything the process has mapped, this includes
ram, swam, video ram, etc..
872[14:28:18] <user0> rant will try to not forget that
873[14:28:36] <rant> where resident is its actual locked ram
size and shared is things like cache that it's willing to give
up if other processes need it
881[14:31:29] <rakor> Hey there... What is the best setting (in
host and guest) if I want to have usefull graphics when making a VM
in KVM (using virt manager). Host and Guest are both Linux.
882[14:31:55] <rakor> With defaults I get bad resolution and I
don't find a usefull guide
884[14:32:00] <user0> I have a system hypervisor and i need
activate mail notification for alerts. In alerts settings they asks
me if i want override syscontact email i said yes and give another
email address.
904[14:38:54] <rant> override in that context is more like an
overlay/overlap than a circumvent.. its to substitute an alternative
more than bypassing it altogether which is what circumvent means,
like sliding a card between the bolt of a door to get around using
the key
930[14:52:56] <rant> google is your best hope if you were lookin
for something to read your mind.. cause what I said is how to do
it.. if you need more help than that you've gotta be more
specific
931[14:53:34] *** Quits: cdown (~cdown@replaced-ip) (Remote host closed the connection)
932[14:53:51] <FraJah> So i want to setup a VPS for developing
WP websites, so would need some kind of guide of that. I run debian
9.3
951[15:12:39] <daishun> if I type: "ln -s linkme
~/Desktop/linkmelink" and then go to my desktop and click on
"linkmelink" it says "target linkme doesn't
exist". What am I doing wrong?
1088[17:20:58] *** Quits: mossman (~mossman@replaced-ip) (Remote host closed the connection)
1089[17:21:00] <ix__> so I've compiled a kernel but it will
not boot, something about crc32c missing, which is odd, as I've
used the same .config file as another working kernel
1145[17:41:15] <diveyez> plop1342: netcat is amazing
1146[17:41:22] <diveyez> nc localhost 22
1147[17:41:26] <diveyez> heh
1148[17:41:37] <shtrb> sh0kx, no two different tools
(debbootstrap allow you to install using bootstraping) while d-i
(debian-installer) is a very simple tool to install debian without
any hassle
1165[17:46:13] <diveyez> -bash: echo: No such file or directory
1166[17:46:16] <diveyez> That didnt work lol
1167[17:46:17] <sh0kx> so I think this is the problem. I am
encrypting the boot partition so I can't reboot the machine. I
need first to install debian on my root partition. Then I will need
to create the boot partition and after that I can restart.
1206[17:53:42] <diveyez> Thats how networking works
1207[17:53:43] <plop1342> yeah
1208[17:53:45] <diveyez> lol
1209[17:54:02] <plop1342> diveyez: before adding layers of
encryption etc. i need to understand how basic things work
1210[17:54:14] <plop1342> then it'll be easy to undersstand
how to add a security layer on top
1211[17:54:33] <plop1342> sh0kx: open port and redirect traffic,
how?
1212[17:54:37] <diveyez> openvpn -> netcat his ip and ports
with the file to send with the -w in netcat
1213[17:54:39] <plop1342> on the NAT's configuration?
1214[17:55:23] <plop1342> i'd like to do it without port
forwarding / without NAT configuration
1215[17:55:30] <plop1342> I read it's possible to do it
without (with hole punching?)
1216[17:55:39] *** Quits: lessless (~lessless@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1217[17:56:11] <sh0kx> you have to establish some sort of tunnel
if you want to avoid configuring NAT side
1218[17:56:25] <diveyez> Just do the file send like he said, I
would personally use php for that though, it needs to be a web page
to hit his web in a way he can process it
1219[17:56:47] <diveyez> He can tail the logs and see it
1238[17:59:56] <shtrb> plop1342, pwnat (and UDP hole punching)
works to avoid NAT by opening holes , you can also check DCC to see
understand the globals
1240[18:00:25] <sh0kx> if you are behind a router that is doing
NAT, your machine will never be seen directly from outside, unless
you put your machine in a DMZ and expose directly your services to
the world
1241[18:01:04] <sh0kx> for that you need port redirect. When a
connection hit your router at a specific port he will do the work
for you to redirect that connection to the same specific port on
your machine
1242[18:01:45] <plop1342> sh0kx: if I send a packet to IP
123.123.123.123, then my router will temporarily know that I'm
ok to __receive__ bytes from this IP too, right?
1243[18:02:12] <plop1342> Thus it will create an authorization to
receive data from this IP, that will be autoatmically redirect by
router to my computer, is that right?
1244[18:02:13] <sh0kx> for a particular TCP session, yes
1262[18:05:50] <sh0kx> you should start from TCP/IP stack to
understand
1263[18:05:52] <plop1342> i was just hoping it's possible to
send bytes from computer A to computer B without 3rd party server,
without messing with config
1266[18:06:07] <plop1342> that's what I wanted to do by
doing it
1267[18:06:07] <plop1342> :)
1268[18:06:32] <tds> the key issue is that your NAT won't
know what to do on either side with the incoming packets, unless you
do fancy nat traversal tricks
1269[18:06:39] <sh0kx> simple answer: you can't if
you're behind a router that is doing NAT
1270[18:06:43] <tds> (or you manually tell it to forward certain
ports)
1271[18:06:57] <plop1342> but chownat claims it's possible?
1299[18:12:49] <tds> hmm, I don't quite understand how
chownat works though, since I'd have thought that NAT on both
sides would end up rewriting ports and you can't tell the
mapped port on either side
1300[18:13:33] <alkisg> There are many tools that do hole
punching or upnp for p2p file transfer, one just needs to see if the
tool he uses support it
1306[18:17:02] <velix> Hi, I want to hire a freelancer (e. g. on
freelancer. com) to create a Debian package for me. The tool has
been available in the repository for years, but I would like to have
a simplified version of it, in which I can include the source code
from the GIT. I'm not a beginner, but making Debian packages is
a bit complicated. What is a reasonable price I could offer for such
an undertaking?
1318[18:25:30] <rmk0> sh0kx: sorry, i meant where is the
installer hiding on the live CD?
1319[18:25:55] <rmk0> i have the live CD booted in virtualbox.
i've done some manual installs with debootstrap and the like,
but i'm trying to find the actual graphical installer
1320[18:26:02] <sh0kx> when you boot the CD/USB stick you should
have an option to run installer
1330[18:28:10] <rmk0> ah yeah, there we go. there's a
"Graphical Debian Installer" in the grub menu. i assumed
you could run it from the live desktop itself, but evidently not
1331[18:28:21] <rmk0> thanks!
1332[18:28:46] <user0> Hey, how can i backup a vps through ssh
i'm going with ssh user@host "dd if=/dev/sda " | dd
of=/Users/user0/host.dd but if i broke my host and want to restore
to clean install will i am able to restore without rescue mode ?
1342[18:34:00] <sh0kx> anyway if you are reaching the system via
SSH and the partition that you want to restore is the one with the
root file system you will nevere be able to do it if not connecting
through other mean
1343[18:34:04] <user0> i have sda1 and sda2 only
1344[18:34:46] <user0> and swap i think
1345[18:34:56] <user0> / and swap
1346[18:34:59] <sh0kx> you don't need to back swap
1347[18:35:21] <sh0kx> you need only root and others if you have,
which is not your case
1348[18:36:29] <sh0kx> anyway you can later mount locally that
backup
1349[18:36:37] <sh0kx> and copy folders/files need it
1350[18:36:47] <sh0kx> maybe you can write a bash script to do
this for you
1352[18:38:27] <user0> In fact, i have a debian with mail server
nginx configured with website etc ... and i want to do a
dist-upgrade to proxmox-ve this is why am scared about this update
and so i do a backup what do you think about this ?
1353[18:38:38] <user0> I dont want to broke my actual debian if
possible
1354[18:38:56] *** Quits: dutchfish (~wil@replaced-ip) (Quit: Splash, leaving the bowl)
1355[18:40:29] <sh0kx> I don't think upgrading pxmox will do
any harm
1356[18:40:42] <sh0kx> but for sure doing a backup is recommended
1389[19:04:06] <psih0man> hello. I'm trying to install
tor-browser by following the official Wiki, on an new debian 9
installation, but it fails as described here:
replaced-url
1427[19:20:45] <reber> I mean is it mandatory to have a database
to get it run ?
1428[19:20:56] <nkuttler> reber: it doesn't use a database
1429[19:21:00] <reber> ok cool
1430[19:21:46] <somiaj> rsync can be made into a backup solution,
it kinda depends on use case though, but unless you want to fully
design your backup system use something besides rsync.
1431[19:22:03] <reber> nkuttler, I don't understand what you
said about bork : backup should be pulled, not pushed. Afaik borg
pulled, isn't it ?
1432[19:22:11] <reber> s/bork/borg
1433[19:22:24] *** Quits: iGullyGuy (uid233645@replaced-ip) (Quit: Connection closed for inactivity)
1434[19:22:28] <nkuttler> reber: maybe i didn't work with it
long enough, but i only read about pushing backups
1435[19:22:43] <nkuttler> but apparently i'll have to deploy
it at work soon..
1436[19:23:13] <nkuttler> reber: borg lets users encrypt their
backups for example, because they push them
1437[19:23:33] <nkuttler> ofc that's also flawed imo,
because if users can't backup their own data, how do they back
up their private keys..
1444[19:25:52] <nkuttler> reber: there are different ways to set
it up. i just let backuppc ssh into the machines and use rsync over
ssh. pretty easy to set up
1449[19:27:28] <nkuttler> reber: you should probably get more
opinions, most of the tools you listed have their own channels
1450[19:27:36] *** Quits: ArlequInOut (~DaVinciCo@replaced-ip) (Remote host closed the connection)
1451[19:28:25] <reber> nkuttler, yes I know and that's a
wide question. All the tools I listed seems to be valuable but the
need really time to try them each after another ... :(
1472[19:32:41] <nkuttler> reber: can you point me to the docs for
that?
1473[19:32:45] <reber> yes course
1474[19:32:53] <dtux> (wondering about firefox and 817954)
1475[19:32:56] <somiaj> dtux: during this phase of the release,
packages migrate into testing that will be considered for teh
release. Once testing freezes, packages that have rc bugs (or depend
on packages that have rc bugs) will be removed.
1478[19:33:27] <somiaj> dtux: note there is a time frame for
matainers to fix rc bugs, but if they don't get fixed in time,
they are removed.
1479[19:34:43] <somiaj> dtux: if what you really meant was
stretch-backports. Once a package is in testing, a matainer could
choose to make a backport, but this depends on package/matainer.
1481[19:35:09] <SuperTramp83> psih0man: installation? No such
thing is needed. Go on the torproject website, download the tar, get
the signing key, the .asc and use gpg to verify the tar, extract it
and run the executable.
1482[19:35:43] <dtux> why cant debian support firefox for
stable/testing?
1495[19:37:22] <somiaj> anyways, I think firefox has an issue
with that debian likes to ensure that all software it distrubites in
main can be built with tools in main, and I don't think rust is
yet fully in debian.
1496[19:37:45] <somiaj> Though since it is firefox, they may find
a way to provide a binary even if it can't be fully built.
1497[19:37:46] <rant> themill: specifically judd is responding in
/msg but not in the channel.. its here just not triggering.
1498[19:38:12] <psih0man> SuperTramp83, there is a
torbrowser-launcher in backports that is recommended:
replaced-url
1499[19:38:16] <somiaj> rant: judd isn't in the channel, so
won't be able to respond. Some join issue with the bot (maybe
hit a netsplit and coudln't get in)
1500[19:38:38] <rant> ah.. wel last night it was here.. I
tab-completed it by name
1501[19:38:52] <somiaj> yea, currently not, hence maybe a
netsplit issue
1502[19:39:10] <dtux> somiaj: i see... no bug tracking that?
1503[19:39:22] <reber> nkuttler, for the moment I just tried borg
from local to local repositories, then I think you're right,
the only alternative would be to sshfs directories and then do
backup :/ Not a solution really :/ :
replaced-url
1504[19:39:36] <somiaj> dtux: bug tracker on the rust thing? I
think it will be a RFP bug or something like that to get rust into
debian.
1505[19:40:02] <reber> In this example the backup is pushed
you're right
1506[19:40:16] <SuperTramp83> psih0man: what is recommended is
you use the TorBB without improvising and without changing the
slightest bit of it. Go on the official website and read 'want
tor to work?'
1507[19:40:19] <somiaj> dtux: as for if they will provided
firefox binaries that are built with tools outside of debian,
unsure. The debian build system really isn't setup for this, my
hope is they figure out how to get rust into debian (and I'm
unsure on any progress)
1518[19:42:16] <SuperTramp83> psih0man: building your own TorBB
1519[19:42:24] <pozeidonaptic> hello
1520[19:42:28] <dtux> somiaj: got it, thank you! so, seems like
ff may end up in testing eventually... if rust gets added
1521[19:42:38] <rant> psih0man: the tor folks don't
recommend packaging their browser.. they want you to keep it up to
date and obtain and verify it yourself directly from upstream
1523[19:42:59] <somiaj> dtux: I'm sure there is push to get
firefox into testing and then stable (the new esr in a few months
will require rust to build)
1524[19:43:14] <somiaj> dtux: I'm not sure on any work, or
how they are going to fully handel the rust siutation.
1525[19:43:14] <SuperTramp83> rant: also being it same for
everyone it takes care of fingerprinting, an actual issue
1527[19:44:48] <psih0man> SuperTramp83, the linked article does
not improvise anything. it is a download automation using apt. it
only installs a launcher and using that, it downloads the browser,
verifies it and unpacks it, just like I would manually. Debian is
not the only distro having this automation in place
1528[19:45:36] <sh0kx> when I launch from a live Debian system:
debootstrap --arch=amd64 stretch /mnt/
1529[19:45:42] <sh0kx> it will install also the kernel?
1532[19:46:15] <SuperTramp83> psih0man: I see. You can do that
manually in less than 3 minutes :)
1533[19:46:24] <somiaj> sh0kx: you could add options to force it
to install the kernel during the debootstrap process, but you would
still have to also install grub and configure/install it from inside
a chroot after the debootstrap
1537[19:47:06] <sh0kx> so --include linux-image-amd64 will do the
job to install same kernel as the live system have?
1538[19:47:33] <somiaj> sh0kx: it sitll won't make it
bootable, I don't think there is a way to avoid having to
chroot into the install and make it bootable.
1540[19:48:14] <sh0kx> For now I need only the kernel, then I
will set up the bootloader
1541[19:48:27] <sh0kx> but to work the kernel image should match
the one on the live system
1542[19:48:38] <sh0kx> because I will generate grub configuration
from the live system
1543[19:49:13] <somiaj> sh0kx: that meta package will pull in the
most recent kernel. If your live system has an older kernel it may
not match.
1544[19:49:47] <somiaj> example, I don't thik the 9.3 live
system has the new kpi (for meltdown) kernel in it, and you'll
have to wait for 9.4 for that.
1545[19:49:48] <sh0kx> I freshly donwload it today (live cd
image)
1546[19:50:10] <sh0kx> somiaj: really??
1547[19:50:22] <somiaj> if in the live system run uname -a to
check
1548[19:50:34] <somiaj> but yes, the 9.3 release happened before
meltdown was made public and patched.
1569[19:56:53] <somiaj> woudln't that be something that
would be easier to do after the install? I don't see why you
can just mount --bind /dev, /proc, etc and just do this all fomr
inside the chroot.
1572[19:57:56] <sh0kx> then I will bind those so I can chroot in
it
1573[19:58:26] <stemid> hey I'm kinda sick of
unattended-upgrades causing issues on servers due to filled up
/boot. clearly I'm missing something in the setup. so how do
you guys use unattended-upgrades? my theory is that I need to reboot
weekly (for example) and @reboot run apt-get autoremove. but I have
to ask what others do.
1574[19:58:50] <sh0kx> you mean to not use debootstrap, bind
directly /dev, /proc and other and go in chroot
1575[19:58:55] <sh0kx> ?
1576[19:59:09] <somiaj> stemid: what version of debian are you
running?
1583[20:00:30] <stemid> unless the package unattended-upgrades
mentions something in its docs that fixes it, this is an issue that
affects every release I've tried.
1585[20:00:35] <somiaj> sh0kx: no I mean once you debootstrap,
just chroot into the install after the deboot strap and both install
the kernel and generate the grub config from there, then it will use
the chroots kernel info (not live systems). I dont really see why
they have to match.
1586[20:00:51] *** Quits: ompaul (~ompaul@replaced-ip) (Quit: and zebedee said its time for other stuff)
1587[20:00:58] <somiaj> stemid: Is your /boot just really small,
stable kernels dont' change that often, or is it just years and
years of old kernels piling up?
1588[20:01:15] <somiaj> I guess there have been 2 abi changes
since stretches release, but that is only 3 kernels.
1589[20:01:18] <stemid> somiaj: not years, have you not used
unattended-upgrades? you seem to be fishing for information.
1590[20:01:20] <sh0kx> somiaj: thanks, I will try this road
1591[20:01:20] *** Joins: conta (~Thunderbi@replaced-ip)
1602[20:03:51] <somiaj> stemid: I understand that, but there have
only been three kernel packages in stretch since the release,
4.9.0-3-arch, 4.9.0-4-arch, and 4.9.0-5-arch. Your original idea is
the best I know of though, make sure you reboot and run autoremove
regurally so you don't ever have more than 3 of those kernels.
1607[20:04:46] <somiaj> that is why I asked about backports,
those kernels change a lot, but in stable, I guess I don't see
why they are piling up that quickly. I do agree they will pile up
over time if you don't reboot, run autoremove.
1608[20:05:21] <stemid> ok thanks.
1609[20:05:24] <coruja> one can use needrestart to set reboots
automatically when needed and make apt autoremove after reboot
1610[20:05:58] <stemid> awesome, I'll look at that.
1611[20:06:10] <somiaj> stemid: my systems currently have 2 or 3
kernels in /boot. And autoremove is setup by default to keep one old
kernel around. YOu can change that behavior of you need.
1612[20:06:26] <somiaj> (I noticed I have a few machines I need
to run autoremove on due this check)
1613[20:06:28] <stemid> somiaj: you mean by apt config?
1614[20:06:58] <somiaj> yea, there is some config setting that
controls this behavior for kernels and autoremove, to ensure you
have at least one kernel back for saftey
1618[20:08:06] <somiaj> stemid: note these new kernel packages
only change during abi changes in the kernel (such as adding the kpi
extensions). Not all kernel upgrades will create a new kernel
package.
1626[20:12:21] <octet> added stretch-backports, apt installed
torbrowser, and opened the launcher to Download and install it. But
it just says "Installing" and isn't moving. It has
been 10+mins
1642[20:22:28] <dpkg> Proxmox Virtual Environment (Proxmox VE) is
a GNU/Linux distribution <based on Debian>, providing a
virtualization platform with <LXC> and <KVM>. It is not
supported in #debian. There's an unofficial
proxmox channel on Freenode. For official venues, see
##replaced-url
1666[20:34:26] <tds> user0: what's the difference between
the two files?
1667[20:34:29] *** Quits: conta (~Thunderbi@replaced-ip) (Ping timeout: 256 seconds)
1668[20:35:19] <user0> one file have mistakes
1669[20:36:13] <user0> i looked up with D then press q screen bug
then CTRL + C nothin then Y + enter then it start install now i have
dpkg apt problem
1679[20:40:11] <sh0kx> somiaj: I am in chroot and I am
configuring locales. I have done the bind for /dev, /proc and /sys
and I have installed base system with debootstrap without using any
include option (Debian stretch)
1696[20:43:39] *** Quits: darkhanb (~textual@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1697[20:43:49] <fearnothing> I get the error
"x86_64-linux-gnu-gcc: error:
/usr/share/dpkg/no-pie-compile.specs: No such file or
directory"
1698[20:44:11] <somiaj> Kobaz: you can edit the systemd unit file
with 'systemctl -e gdm', and then look up how to configure
what it does when it shuts down. You would have to look up the
systemd unit syntax for this.
1699[20:44:19] <fearnothing> googling says I need to install
libdpkg-perl, but when I try that, I get "dpkg-dev : Breaks:
debhelper (< 10.10.1~) but 9.20150101+deb8u2 is to be
installed"
1700[20:44:50] <fearnothing> now what?
1701[20:44:59] <somiaj> fearnothing: sounds like you are mixing
release, you need to invesgiate the broken packages further
1704[20:45:02] <dpkg> In order to troubleshoot your problem with
apt-get, apt or aptitude we need ALL OF THE FOLLOWING information:
1. complete output of your apt-get/apt/aptitude run (including the
command used) 2. output from "apt-cache policy pkg1
pkg2..." for ALL packages mentioned ANYWHERE in the problem,
and 3. "apt-cache policy". Use
replaced-url
1705[20:45:10] <Kobaz> somiaj: invalid option -e
1706[20:46:21] *** Quits: Meavo (~Meavo@replaced-ip) (Remote host closed the connection)
1707[20:46:23] <somiaj> Kobaz: sorry, just 'systemctl edit
gdm'
1708[20:47:07] <octet> my tor installation has been like this for
30 mins:
replaced-url
1717[20:54:31] <fearnothing> here is the output requested somiaj:
replaced-url
1718[20:54:56] <klys> ,v pve-firewall
1719[20:56:13] <somiaj> fearnothing: there is more info the bot
asked for, but I see enough there to see you are mixing jessie
packages and testing packages which will break your system.
1720[20:56:50] <somiaj> fearnothing: we don't really support
mixing. At this point you ahve to manually track down the dependency
issues between the testing and jessie packages you have. And
unforntually you can't just fully upgrade to testing because
you ahve skipped the stretch release.
1723[20:58:48] <oct2pus> Does the Lubuntu team contribute to the
debian releases of lxde/lxqt? I was searching to see for gtk3
versions of pcmanfm and i found they have a bunch of files with an
additional '-debian' added to it on their launchpad
1724[21:00:20] <fearnothing> great. I was having to use testing
because neither jessie nor stretch had the version of the package
that I needed at the time
1725[21:00:52] <fearnothing> presumably attempting to upgrade to
stretch won't work either?
1736[21:08:40] <somiaj> fearnothing: at this point I don't
know what is the best advise. If you have only a few packages from
testing, track them down, manually downgrade, and then look into
either backporting that package. Once you downgrade to jessie you
could upgrade to stretch if you wanted to. Read the release notes
1737[21:08:44] <somiaj> !partial downgrade
1738[21:08:45] <dpkg> This may or may not work for you, but if
you've got nothing to lose then try it: (a) change sources.list
(b) aptitude update (c) aptitude and then search for the upgraded
packages, hit enter on them, select the correct version (d) do the
same for libc6 (e) search for broken packages by pressing
"b" and then fix them in the same way (f) once you have no
more broken packages, hit 'g'. See <not available>.
1739[21:09:34] <somiaj> Note, it is hard to know what artifacts
could be left after doing somethign like this. Depending on how much
mixing you have done, a backup/resintall is sometimes the fastest
approach.
1740[21:11:51] *** Quits: misty5 (~pokemongi@replaced-ip) (Remote host closed the connection)
1760[21:18:32] <somiaj> CrazySophy: it only gets updated in
stretch when tehre are known security holes that the newer versions
fix.
1761[21:18:44] <somiaj> CrazySophy: stretch should be frozen, but
browsers are an exception.
1762[21:19:02] <somiaj> The alternative is just get google-chrome
from google.
1763[21:20:55] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
1764[21:21:58] <CrazySophy> somiaj: i heard chromium 64 (and
chrome too) have spectre bugfxes
1765[21:22:54] <annadane> i want to say if you put it in /opt or
something then you'll get updates from upstream, but i'm
not certain
1766[21:24:24] <somiaj> CrazySophy: then they will make their way
into stable. It does take a little bit of work, and usually they hit
multiple issues at once to limit the upgrades in stretch.
1767[21:24:44] <CrazySophy> just a other question, does debian
update everything with security updates?
1768[21:25:08] *** Quits: dionysus69 (~Thunderbi@replaced-ip) (Remote host closed the connection)
1769[21:26:39] <somiaj> stable is a frozen system which means the
only updates that should come into it are security and grave bug
fixes. Security fixes come when they are ready through security
sources, and the rest come through point releases.
1770[21:27:13] <somiaj> The browsers just have so many problems,
that debian security cannot backport fixes to the frozen version,
and thus has to supply newer versions as the 'fix'
1771[21:27:56] *** Quits: c0ncealed (c0ncealed@replaced-ip) (Remote host closed the connection)
1772[21:28:03] <CrazySophy> what with the browser engines like
webkit?
1786[21:32:24] <somiaj> Chromium and firefox get full security
support, If you look at the history of DSA's you'll see
these addressed quite often. And yes, all other browsers do not
recive security support.
1788[21:32:46] <CrazySophy> browser updates are useless if the
engines never gets updated
1789[21:33:05] <somiaj> did you read that, 'Chromium - while
built upon the Webkit codebase - is a leaf package, which will be
kept up-to-date by rebuilding the current Chromium releases for
stable."
1790[21:33:24] <CrazySophy> i dont understand this line
completely.
1791[21:33:52] <somiaj> in short chromium has webkit built into
its sources (it doesn't link to webkit), which means it gets
security support.
1792[21:34:26] <CrazySophy> ok, cool, and for firefox?
1793[21:34:39] <CrazySophy> how can i check if i have webkit
installed as seperate package?
1796[21:35:24] <somiaj> firefox-esr is kept uptodate in the same
way as chromium to provide security support. The packages dont'
hit as soon as the upstream releases, but they do upgrade quite
often in relation to address the security issues (not new version
issues).
1800[21:35:57] <CrazySophy> a friend told me debian is very
unsecure because they don't update the other browser, but using
google told me there even arent any updates on the upstream
websites, last updates are from 2012 or 2011. its not debians fault,
right?
1801[21:36:13] *** Lupinity is now known as Sauvin
1806[21:37:26] <CrazySophy> libwebkit2gtk-4.0-37 is webkit,
right?
1807[21:37:45] <somiaj> If someone is using a webkit based
browser to browse the internet, then yes that would be less secure
than using chromium or firefox, but the internals of debian are not
connecting to the web using webkit browsers.
1808[21:37:59] <somiaj> so having webkit installed desont'
mean your system is insecure.
1814[21:39:24] <somiaj> a lot of secuirity is how the user uses
the system. But I would not consider debian more insecure than other
distros because the security team doesn't update webkit CVE
issues.
1816[21:39:36] <CrazySophy> so firefox-esr and chromium has
webkit compiled in and since the browser are getting updates i am
secure?
1817[21:39:40] <sh0kx> I am configuring GRUB to effectively load
everything correctly. My setup is an USB stick with two partition:
sdb1 with ESP /boot/efi and sdb2 with a LUCKS container /boot
1819[21:40:18] <somiaj> CrazySophy: as secure as one can be.
Firefox and chormium are fully supported by debian security.
1820[21:40:32] <CrazySophy> is webkit compiled in?
1821[21:40:56] <CrazySophy> you say its seperated
1822[21:40:58] <sh0kx> and an hard drive with one partition,
which is an LVM on LUKS at /dev/sdc1 where / root is
1823[21:41:19] <sh0kx> so basically wither the /boot and / are
encrypted
1824[21:42:25] <sh0kx> I have mounted the EFI partition in
/mnt/boot/efi, the boot in /mnt/boot and the root on /mnt/ . Then I
chrooted inside with all /dev etc.
1825[21:43:10] <CrazySophy> somiaj: thank you for answering my
questions and helping me. i hope chromium 64 will be in stretch
soon. thank you!
1887[22:20:33] <vktec> annadane: If I'm not mistaken, that
shows uninstalled reverse dependencies too
1888[22:20:39] <Howie69> kidnextdoor: what do you mean? The
compiler itself?
1889[22:21:01] <Howie69> kidnextdoor: If you're on a amd64
machine, you have a 64 bit gcc
1890[22:21:02] <kidnextdoor> yes, i want to build 64 bits
programs
1891[22:21:19] <kidnextdoor> ok ok thank you
1892[22:21:40] <kidnextdoor> is there any minimal gcc install or
i should install build-essentials?
1893[22:21:45] <Howie69> kidnextdoor: The Makefile handles that
usually. You can compile to whatever processor you want. It's
called cross compiling, but by default it compiles for the system
you are on
1894[22:21:58] <Howie69> build-essentials
1895[22:22:05] <kidnextdoor> im using an IDE
1896[22:22:12] <kidnextdoor> that already do that for me
1897[22:22:30] <Howie69> Which IDE? Most just call gcc to do it
for them anyway
1898[22:22:36] <kidnextdoor> so there no minimal gcc install?
1899[22:22:48] <Howie69> you CAN just install gcc
1900[22:22:54] <Howie69> but then you need a linker
1901[22:22:58] <kidnextdoor> yeah, thats the point of IDE, save
time
1937[22:35:07] <somiaj> sh0kx: you installed the grub-efi package
for efi correct? Also pay attention to both grub-install and
update-grub (they do different things)
1938[22:35:23] <kidnextdoor> do i have to share my code if i
build a program in debian?
1940[22:36:25] <somiaj> kidnextdoor: that can depend. But in
general building a program in debian does not bind that code to the
DSFG. If you use/base your code off of software in debian, you are
bound to what ever license comes with that software.
2003[23:43:26] <jhutchins> kidnextdoor: For most of the OS
licenses, if you _distribute_ your program to other people, you are
required to make the source code available to them under similar
terms.
2004[23:44:04] <jhutchins> kidnextdoor: That's just if you
use the OS code though, if you use the OS tools to build entirely
new code you can do whatever you want with it.
2005[23:44:14] <kidnextdoor> just by using devian i have to open
source?
2006[23:44:26] <kidnextdoor> ah
2007[23:44:37] <kidnextdoor> i dont plan to use any code from the
OS
2008[23:44:49] <jhutchins> kidnextdoor: Only if you include
Debian libraries or anything else that comes from Debian, and only
if you distribute it.
2009[23:45:20] <kidnextdoor> ok thank you
2010[23:45:48] <jhutchins> kidnextdoor: That's just an
amateur explanation, not a legal opinion. If you're doing
anything commercial, be sure to get real professional advice.
2015[23:47:43] <jhutchins> kidnextdoor: Most of us here think OS
is a good idea and makes your code better and safer. You get free QC
from a larger team.