50[00:13:15] <pthreat> yeah took care of disabling it
51[00:13:30] <ratrace> ksk: utilities too? I kno it's
enabled in the kernel by default (wasn't in stretch)
52[00:13:33] *** Quits: nikow (~nikow@replaced-ip) (Remote host closed the connection)
53[00:13:51] <andyjpb> ksk: yeah. but as an upgrader I need to
install it manually
54[00:13:56] <andyjpb> so I figured I'd give it a go
55[00:14:04] <andyjpb> unless there were Reasons not ot
56[00:14:06] <andyjpb> to*
57[00:14:21] <ratrace> andyjpb: AA is a great tool if you know
how to use it. It lacks profiles so you're on your own to
develop them, or adjust existing ones for your use case.
58[00:14:39] <andyjpb> will the existing profiles do sensible
things?
65[00:15:16] <ksk> I think the profiles coming with debian per
default are rather conservative
66[00:15:17] <ratrace> andyjpb: you'll probably need to
tune them. I write my own policies and use only a handful from
installable profiles, and those need tuning for my use case
67[00:15:35] <andyjpb> I didn't install it on the colo box
yet because I already had enough trouble with Buster's TLS1.2
default and all the Outlook users
74[00:16:51] <ksk> of course you cannot use 0.9.8 anymore..
75[00:16:53] * ksk hides
76[00:17:24] <ksk> seems apparmor-utils is also installed by
default btw, apparmor suggests that package
77[00:17:36] <andyjpb> ratrace: it's the default in
openssl.cnf and there's an apt list-changes note to go with it
78[00:17:43] <andyjpb> exim and apache override it somehow
79[00:17:47] <andyjpb> cyrus takes it as is
80[00:18:09] <ratrace> andyjpb: but that's irrelevant.
individual daemons like apache or nginx, need to enable it AND make
it exlusive (disabling tlsv1 and 1.1, for that to be a problem)
92[00:20:33] <andyjpb> so... is pigz a drop-in replacement for
gzip or should I profile it with my workload first? The details in
the man page about how it does the parallelism suggest it'll
create slightly larger files
93[00:20:43] <andyjpb> ...are they decompressible with zcat and
gzip?
94[00:20:55] <ksk> andyjpb: they are.
95[00:21:34] <andyjpb> thanks
96[00:21:45] <ksk> we once replaced gzip with pigz for packing
huge numbers of mysql dumps, because of performance. we had no
issues as far as I know
109[00:24:05] <dpkg> Another happy customer leaves the building.
110[00:24:31] <andyjpb> in both Stretch and Buster security
repos I can't install the 4.19 kernel because my /boot is on a
FAT partition and it fails creating the symlink backup (Operation
not permitted)
111[00:24:51] <andyjpb> I have sucessfully installed the
backported 5.3 buster kernel to
112[00:24:51] <ratrace> ksk: TooSoon, the customer wants moar!
113[00:24:51] <andyjpb> tho
114[00:25:18] <andyjpb> I saw a debian bug about it for another
kernel version so will those packages get fixed in time or do I need
to report something?
115[00:25:52] <ksk> I did not know installing kernels on FAT32
was supported.
116[00:25:57] <ratrace> andyjpb: what symlink backup?
117[00:26:09] <andyjpb> ksk: /boot is FAT32 because UEFI
118[00:26:10] *** Dagger2 is now known as Dagger
119[00:26:29] <ksk> uh okay. one step forward, three steps back
:o
120[00:26:41] <andyjpb> ratrace: when the kernel package
installs it makes a symlink or a hardlink from the /boot/... kernel
file to /boot/...-bak or something
121[00:26:51] <ratrace> having /boot on FAT32 ain't
necessary tho, just a convenience to have single partition for both
ESP and /booz
122[00:26:54] <andyjpb> in the past the failure of this is
ignored and the package installs anyway
125[00:27:11] <andyjpb> and, indeed, dist-upgrading between
jessie, stretch and buster was fine
126[00:27:35] <andyjpb> but installing the current 4.9 / 4.19
kernels in stretch-security and buster-security doesn't work
127[00:27:37] <ratrace> andyjpb: I don't know about that,
but it does create symlinks from root ( / ). Also,
/etc/initramfs-tools/update-initramfs.conf has the configs for those
.baks
151[00:34:05] <gordonfish> Having trouble with a simple
syslog.d/iptables.conf; tried many variables, but no matter what, it
doesn't create the log file (/var/log/iptables.log) and still
logs to /var/log/rsyslog and /var/log/messages
157[00:35:14] <ksk> afx_: let me start with the second one: lets
assume we use windows - take a look at the world - how and when do
people get "hacked"? they do so if they do not upgrade
their systems to the latest version, and a known vulnerability gets
exploited
158[00:35:29] <gordonfish> I've even tried something as
simple as :msg, contains, "iptables"
-/var/log/iptables.log and restarted rsyslog and still it acts as if
/etc/rsyslog.d/iptables.conf wasn't there
160[00:35:41] <gordonfish> Anyone have any idea what I could
possibly be missing?
161[00:36:15] <ksk> if your usecase rather is "I want to
make my users feel safe, when they klick things" - then I
suggest using M$ defender - every other security/antivir software
has a baaad record of ADDING vulnerabilities to the system (because
the hook deep into the windows kernel)
162[00:36:18] <afx_> ksk: I agree , but still don't get
your point :) . I mean what has this to do with virustotal
163[00:36:37] <ratrace> gordonfish: afaik there is no
"iptables" string in stuff logged by iptables (the -j LOG
directives)
164[00:36:40] <ksk> ah, its not an antivir? :D
165[00:36:54] <ratrace> gordonfish: unless of course you put it
in theere
166[00:37:21] <ksk> afx_: okay then.. yes, I suppose you are
right with your assement about make install
168[00:37:43] <ksk> afx_: the question then would be, did the
previous make command run successfully?
169[00:38:13] <gordonfish> ratrace: I have a handful of iptables
-j LOG rules that all use a similar --log-prefix
"iptables[FOO]: "
170[00:38:15] <ksk> afx_: but why? there are like no viruses
targeting linux. also, we tend to not share executables in the linux
world
171[00:38:48] <ksk> of course an opened pdf, jpeg or whatever
could trigger a bug in the viewing softare - I doubt virustotal
would protect you from that, then.
172[00:38:51] <afx_> ksk: still share files with windows users
too , so I don't want to spread viruses there :)
173[00:39:10] <gordonfish> ratrace: And I see them show up in
/var/log/syslog and /var/log/messages
174[00:39:27] <andyjpb> what's the difference between
seccomp-bpf and apparmor?
175[00:39:30] <gordonfish> And one of them occurs often
181[00:40:50] <ratrace> gordonfish: ah so you put it there.
I'd try to make that regex way simpler, just trigger on
"iptables" and see if that works, then slowly expand it
with detail.
183[00:41:16] <ksk> afx_: btw, its more then questionable that
you would need a software written in C, to upload stuff to a website
- red flags waving..
184[00:41:33] <ksk> (like, there is http, no? :P )
185[00:41:48] <ksk> afx_: is that is the command you execute
before make install, then yes.
192[00:42:18] <ratrace> andyjpb: AA is a LSM/MAC framework,
while bpf is a "packet" filtering laguage in the kernel,
with which one can express MAC policies, yes. for seccomp in this
case, which is syscall filtering
193[00:42:20] <gordonfish> ratrace: I've also tried :msg,
contains, "iptables"
194[00:42:42] <afx_> ksk: found the same issue here
replaced-url
195[00:42:57] <ksk> afx_: contact virustotal support then.
206[00:46:21] <ratrace> andyjpb: no. bpf is a language one can
express a MAC policy in. AA is a framework with predefined rules and
relationships and its own domain specific policy
"language"
207[00:46:49] <ratrace> they surely do overlap in functionality,
yes
208[00:46:56] <andyjpb> ratrace: thanks. so it's just the
granularity of that language that differs?
382[02:45:12] <maxrazer> I'm running unstable. I think
I've had very little bad packages. Chromium is having troubles
right now, but that really isn't a released product.
388[02:47:05] <maxrazer> So many have run Debian unstable for
years without problems. I have to remind the unstable is referring
to the updates schedule, not the operation stability.
402[02:49:43] <dpkg> Security updates in testing are delayed by
the normal testing migration *and* may be further delayed by missing
dependencies, etc. See
replaced-url
403[02:50:09] <Thienma> not problem but I see a lot of warnings
when I open pages. I see from the terminal.
404[02:50:22] <maxrazer> I ran testing for a while for the
delay. I think it may keep back grave bugs. apt-listbugs will abort
apt upgrade if it is installed.
405[02:50:48] <ksk> yeah, you should install apt-listbugs on
sid.
406[02:50:50] <maxrazer> Oh, I haven't tried checking the
terminal. There is also Vivaldi and Brave. Brave is good.
407[02:52:25] <maxrazer> I've got Vivaldi, Brave and Chrome
installed. I removed Chromium.
478[03:35:14] *** Quits: BenNZ (~Ben__@replaced-ip) (Quit: Everytime I think IQ's must have dropped recently, I
remember that this is the internet)
479[03:35:34] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
480[03:35:57] <Akuw> i found CRON[30201]: (root) CMD ( cd /
&& run-parts --report /etc/cron.hourly) in syslog but cant
see the cron jobs inside /etc/cron.d that were runned
544[04:06:25] *** Quits: Tom01_ (~tom@replaced-ip) (Remote host closed the connection)
545[04:06:31] *** Quits: un214 (~joshua@replaced-ip) (Remote host closed the connection)
546[04:08:09] <dislo> un214, I am looking to set debian up as an
ipv6 overlay endpoint so it would be running the radvd and
potentially a stateless dhcpv6 server
547[04:08:35] <dislo> I have pasted a non working interface file
here: P5x7wY3w6eDN%8j$8nC#6tYCA4*6MH%4^WdWj7FMe3qqKYCPK&
611[05:15:09] <rocketmagnet> hi everyone, what can i do to
prevent the error: "cannot connect to x server" when i try
to do: xinput map-to-output 12 HDMI-0 ?
612[05:17:28] *** Quits: tyranny12 (~blarg@replaced-ip) (Remote host closed the connection)
613[05:17:35] <rocketmagnet> i also get the error message when i
try it with sudo
673[06:26:14] <kintarowonders> I just want a GUI for my desktop
(not debian) that is good at easily seeing Debian log files incl
extra packages like say snort.
674[06:26:18] <kintarowonders> Something must be out there.
758[07:38:35] <golluq> I see. Alright, I'll check that out.
Thanks
759[07:39:01] *** debhelper sets mode: +l 1422
760[07:39:06] <annadane> if your real question is "can i
use a newer version of emacs than exists in stable", first keep
in mind debian does backport some features from minor point
versions, second, you can always just compile it yourself
761[07:39:13] <annadane> but no i wouldn't just add
unstable to your sources.list
762[07:39:37] <annadane> the only real changes in emacs AFAIK
are major ones, 24, 25, 26, not 26.1 26.2 26.3
763[07:39:47] <golluq> Allright. I'll try to compile my own
764[07:40:05] <golluq> Yeah, I have 24.5 currently and would
like to get 26ish
765[07:40:13] <annadane> well, 26 is in debian stable
766[07:40:35] <golluq> what, how come I have 24.5?
767[07:40:46] <annadane> are you on debian 10?
768[07:41:46] <golluq> ah, no. debian 9.1 :-D
769[07:41:52] <golluq> maybe upgrade debian first
770[07:41:54] <golluq> :-D
771[07:42:01] <golluq> using wsl you see
772[07:42:12] <annadane> up to you - you have full support until
a year after debian 10's release
773[07:42:17] <annadane> oh, wsl
774[07:42:21] <annadane> well then i have no idea
775[07:42:47] <golluq> I am okey with the #debian support :)
776[07:43:40] <annadane> anyway, tl;dr on compiling software,
download the source from the website (gnu in this case), build your
dependencies (either through apt build-dep or by consulting the
README in the documentation), extract the source to some folder and
read the documentation, it will involve some steps like ./configure
and make
777[07:44:08] <annadane> i have NO idea about wsl, though
778[07:44:49] <annadane> emacs may also be availble in flatpak
or appimage form, which may be easier
779[07:44:56] <annadane> i know for sure it's in flatpak
780[07:45:11] <golluq> well, I am not astranged to compiling
software. It's just messy with big ones that comes with
hundreds of other stuff
781[07:45:13] <annadane> which if you're on stretch, you
need to get that from stretch-backports
828[08:55:15] <Lope> anyone know how to disable the beeper on a
UPS with NUT? when I get the UPS status, it says
"ups.beeper.status: enabled" I'm using nutdrv_qx
driver with vendor MEC? I've tried `upscmd -u foo -p bar
myups@blah:1234 beeper.disable` and have also tried
ups.beeper.disable but it said ERR CMD-NOT-SUPPORTED
850[09:08:44] <ryan42_> is someone willing to help me
troubleshoot an encrypted / lvm issue
851[09:08:51] <ryan42_> i'm about at my wits end with this
852[09:09:55] <gugu> or sorry I meant dist-upgrade v upgrade
853[09:10:14] <rudi_s> man apt-get?
854[09:10:36] <gugu> ya think I have also websearch but its the
translation
855[09:10:41] <tomreyn> ryan42_: post your configuration and the
problems you encounter, as well as a summary of what you did so far
in an attempt to solve it on the pastebin, then ask again
856[09:10:43] <rudi_s> upgrade won't remove existing
packages, dist-upgrade does
857[09:11:37] <tomreyn> ryan42_: ...providing both the commands
you run and the full output they produce.
858[09:11:48] <ryan42_> tomreyn: this is basically what is
wrong: <replaced-url
861[09:12:48] <ryan42_> update-initramfs isn't putting
cryptsetup on the initramfs image because it doesn't seem to
think it needs it, probably realted to the rootvg not found in
crypttab error
862[09:13:10] <gugu> If you want things to "just
work", you probably want apt-get dist-upgrade to ensure
dependencies are resolved.
863[09:13:48] <gugu> rudi_s, what packages might be removed ?
865[09:14:29] <gugu> what might happen if "dependencies are
Not resolved" ?
866[09:14:37] <rudi_s> gugu: Packages which conflict with new
ones in the new Debian release, it all depends on which packages you
have installed
867[09:14:38] <ryan42_> on a clean install with working LVM
setup, /etc/fstab and /etc/crypttab are both set up like mine and it
works. mine used to work. i'm not sure what caused it to stop.
if I change sdb5_crypt to chewbacca-vg it makes initramfs not throw
the error and it *does* put cryptsetup on my initramfs image, but it
doesn't boot correctly. I have to manually bring the VGs up in
the busybox initramfs shell to make it
868[09:14:44] <ryan42_> boot
869[09:15:13] <rudi_s> It depends, you must read the list of
removed packages carefully on a dist-upgrade, it can remove more
than you expect
870[09:16:07] *** Quits: subfj (subfj@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
871[09:16:19] <rudi_s> The recommended workflow is to run
"upgrade" first (to update most packages) followed by
"dist-upgrade" (to update the rest, possibly removing
packages in the process).
872[09:16:49] <rudi_s> But you only need that when upgrading
from e.g. Stretch to Buster. For security and stable updates just
"upgrade" is enough.
873[09:17:52] *** Quits: tyranny12 (~blarg@replaced-ip) (Quit: No Ping reply in 180 seconds.)
874[09:18:16] <gugu> rudi_s, ok guess I don't need to know
881[09:20:20] <tomreyn> ryan42_: hmm crypttab looks fine, can
you post pvs;vgs;lvs ?
882[09:20:22] <gugu> what it means
883[09:21:01] <ryan42_> tomreyn: thanks for looking. here are
those commands:
replaced-url
884[09:21:11] <rudi_s> gugu: What means what? Did you read what
I wrote, did you check the man pages, etc.? What are you missing?
885[09:21:50] <gugu> anyway, a more complicated issue I have I
had to disable secure boot because the modprobe method didn't
work to get the wireguard VPN up
886[09:22:05] <gugu> now it does work, but the instructions say
A chance exists that the Secure Boot feature is blocking the
unsigned WireGuard kernel module. In this case, you might consider
either disabling the Secure Boot feature or signing the WireGuard
module to raise the trust level.
887[09:22:15] <ryan42_> tomreyn: oye, here's an oddity. on
my problem system... # ls -l /dev/mapper :: chewbacca-vg ->
../dm-0
888[09:22:31] <ryan42_> on my cleaninstall test system: #ls -l
/dev/mapper :: sda5_crypt -> ../dm-0
889[09:22:32] <rudi_s> gugu: Which instructions?
890[09:22:33] <gugu> so am wondering how to " sign the wg
module "
891[09:22:43] <ryan42_> the symlink to dm-0 differs. i have no
idea what would have changed that
895[09:23:40] <gugu> I could just abandon the CLI wireguard
method and re-enable secure boot, and use their application instead
896[09:24:13] <rudi_s> Btw. the default secure-boot on is not
really useful anyway (the initrd is not protected giving an attacker
arbitrary user-level code execution even with secureboot enabled).
901[09:25:07] <tomreyn> ryan42_: do you have, on the
"broken" system, a symlink /dev/mapper/sda5_crypt ,
though? and where does it point to?
902[09:25:17] <rudi_s> gugu: Yes, of course; because with
secure-boot only signed kernel modules are loaded, which wg is not.
903[09:25:28] <ryan42_> tomreyn: no that doens't exist
904[09:25:46] <ryan42_> but pvs shows /dev/mapper/chewbacca-vg
on the brokeen box and /dev/mapper/sda5_crypt on the working,
cleaninstalled one
905[09:26:02] <gugu> well if secureboot isn't adding
anything , guess I just leave it off
906[09:26:34] <tomreyn> ryan42_: hmm it should exist since the
encrypted device (/dev/sda5) was cryptsetup luksOpen'ed
907[09:26:51] <ryan42_> i think the problem with this is that
wehn i broughtthe system up "by hand" i decrypted the disk
as chewbacca-vg instead of sdb5_crypt (oops)
908[09:27:00] <gugu> ?
909[09:27:10] <tomreyn> ryan42_: yes, that's what it sounds
like
910[09:27:19] <rudi_s> I didn't say nothing; it's just
that it cannot protect more in the default setup.
911[09:27:24] <ryan42_> i still don't know what broke it
coming up automatically, but let me fix that first before I keep
trying to figure it out
912[09:28:33] *** Quits: we6jbo (~we6jbo@replaced-ip) (Remote host closed the connection)
913[09:28:37] <tomreyn> ryan42_: have you tried replacing , in
/etc/fstab, the /dev/mapper/chewbacca--vg-root device path (or
actually all device paths) by its (their) UUID(s)?
914[09:29:05] <tomreyn> it's what i usually do, and it can
work around such problems.
915[09:29:19] <ryan42_> not yet, rebooting and bringint it up as
sdb5_crypt and i'll try that
916[09:29:39] <rudi_s> That sounds like a bad advice. The
/dev/chewbacca-vg/root paths are much easier to read and understand
they work just fine.
917[09:29:59] <tomreyn> rudi_s: POV i guess
918[09:30:12] <gugu> rudi_s, so it's worth using secure
boot vs not using it even in 'the default setup' ?
919[09:30:23] <rudi_s> I haven't followed your discussion
completely, but I'd suggest booting into a live-cd (e.g. Debian
installer) and try to fix it from there. I noticed all kinds of
weird behavior when renaming VG/LVs. etc.
920[09:30:58] <ryan42_> rudi_s: i am doing such now to get back
into teh system. still not sure what broke it as i did not try to
rename anything
921[09:31:05] <tomreyn> there was no mention of renaming devices
922[09:31:06] <rudi_s> tomreyn: Well, compare
"/dev/foo/bar" with
"UUID=b0e2f04f-d805-45b1-89a4-bd0e89a7c712"
923[09:31:42] <tomreyn> rudi_s: though if you renamed devices,
UUIDs would surely help, since they don't require updating
924[09:31:57] <rudi_s> Anyway, I'd not fall back to weird
hacks and instead use a live-cd to fix it.
925[09:32:12] <ryan42_> rudi_s: i can use a livecd to fix it and
it works
926[09:32:22] <rudi_s> That's true, but not the related to
the issues I mentioned
927[09:32:29] <ryan42_> update-initramfs is fine, no errors
928[09:32:35] <boeg> Whats the "standard" notification
mechanism on debian and how do I get firefox to use it? Right now it
looks like it uses it's own horrible notifications that
don't float on my tiling wm
937[09:36:14] <ryan42_> insanity. this time it booted and I can
update-initramfs
938[09:37:05] *** Joins: conta (~Thunderbi@replaced-ip)
939[09:37:08] <ryan42_> is there any way to eliminate the
references to "sdb5_crypt" -- i am wondering if with all
the storage controllers in this machine it is not iterating the
devices consistently
999[10:44:18] <Night_Elf> Hello. I wonder, is it normal that
when resizing an ext4 partition on a USB stick, from 32MB to be
30GB, it is taking almost one hour to do? I am using gparted for
this.
1000[10:44:28] *** Quits: conta (~Thunderbi@replaced-ip) (Quit: conta)
1039[11:14:22] *** Quits: nexgen (~nexgen@replaced-ip) (Remote host closed the connection)
1040[11:14:46] <oiaohm> Night_Elf: resigning a partition can be
horrible complex and can upset USB stick block storage. When I say
block storage I mean the way the flash is where it can really only
delete like 256kb block of data at a time.
1043[11:16:43] <oiaohm> Night_Elf: Please note 256kb block is on
the small side for flash storage you can have 4meg blocks. If
resizing a partition results in fragmented blocks that the usb flash
controller is operating and its now having to compact those blocks
while you are attempt to write to the flash drive you end up with a
write speed of absolute snail.
1044[11:17:13] <Night_Elf> oiaohm: So then saving the data,
deleting the small partition that doesn't fill the disk,
recreate a new bigger one, and restore the data that was saved, this
seems to be the best aproach.
1045[11:17:45] <oiaohm> Night_Elf: baisclaly some cases it can be
faster to copy the complete data off. Delete the complete partition
perform a trim command on drive to clear old data then create new
partition and copy the data back on.
1046[11:18:25] <oiaohm> We can expect this kind of hell with SMR
harddrives as well at times just on a level of even worse.
1089[11:56:29] <Night_Elf> oiaohm: So then, I compared the
outputs of "tune2fs -l /dev/sdd2" in both cases. When the
partition was after the resizing, and when the partition was
recreated again new. Several things are different. Inode counts,
block sizes, etc. I suppose that that is what made the difference.
And it really is a very obvious difference.
1126[12:25:20] <oiaohm> Night_Elf: basically a lot of those
changes are most likely going to be spread over blocks in the flash
storage and can result in the flash storage to have to defrag blocks
that is hell slow it if has to to that many times.
1127[12:25:44] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
1132[12:27:32] <Night_Elf> oiaohm: With the resizing, I was
getting response times like... "touch somefile" to
complete after 3 seconds. Unmounting the fileystsem after performing
a sync, would take 30sec.
1133[12:28:06] <Night_Elf> Now it seems to behave like more
normal and what I'd expect it.
1157[12:36:41] <Night_Elf> Bushmaster: This can be helpful for
you.
replaced-url
1158[12:37:12] <Bushmaster> Thanks Night_Elf I need to transfer
files from my Debian machine to windows 10, let me see I can
implement it
1159[12:38:03] <Night_Elf> Bushmaster: If you're on the same
lan, why not just use windows share (samba/smb) for that ?
1160[12:38:35] <oiaohm> Night_Elf: you will not want to mix up
and buy a SMR harddrive when you want a old school CMR harddrive(the
harddrive type we have used for last few decades)
1161[12:38:39] <Bushmaster> yes same LAN but my Debian has SSH
Night_Elf
1162[12:39:36] <oiaohm> Bushmaster: You may not need to install
sshd on windows if you are wanting to transfer and you are logging
in on windows todo it.
1166[12:40:12] <Night_Elf> Bushmaster: To what I know, from a DE
you can access remote shares by having something like:
smb//ip.of.remote.machine/sharename
1167[12:40:46] <Night_Elf> smb:// that was
1168[12:40:55] <Bushmaster> oiaohm, I tried by typing ssh
username@local IP and it wont go
1169[12:40:56] *** Quits: thelastjedi (~quassel@replaced-ip) (Remote host closed the connection)
1170[12:41:17] <Night_Elf> oiaohm: they don't work well with
one another ?
1171[12:41:40] <Night_Elf> I mean, if you have both kinds in the
same box ?
1173[12:42:31] <oiaohm> Night_Elf: they will work with each other
in the same box. But SMR have a very particular peformance patternt.
They are not a drive that is friendly to random read/write.
1179[12:45:11] <oiaohm> Night_Elf: flash storage like USB/ssd
drives are able to hide the downsides most of the time due block
sizes not really being that large. These SMR zoned harddrives you
can be look at 100meg as a single block.
1180[12:45:42] <oiaohm> Night_Elf: add slower speed of harddrive
pain level is in a completely different world.
1181[12:45:45] <Bushmaster> Night_Elf, and oiaohm them links ask
me to go to seetings and apps etc cant even locate any of these in
widows machine, windows is very idisorganized and annoying
1182[12:47:15] <Night_Elf> Bushmaster: Your need is to access
from the debian machine and towards the windows10 machine? If you
are on the same lan, then why not just go the other way around? From
the windows10 access the debian, and transfer what you need
1183[12:47:33] <oiaohm> Bushmaster: I do not have a single
windows machine where I am to look in windows.
1184[12:48:04] <oiaohm> Bushmaster: I was crossing fingers that
those instructions still worked.
1185[12:48:27] <Bushmaster> oiaohm, i found it but it says
Uninstall meaning it is already installed
1200[12:53:19] <Bushmaster> thats cool Night_Elf thanks and
thanks oiaohm too
1201[12:54:28] <Night_Elf> Bushmaster: Ah. Didn't know that
windows10 provided a ssh command. Maybe it has also the
'scp' which is to copy files. But then again, with
mobaxterm it's easier and you can use the embedded sftp browser
in a drag-and-drop fashion.
1205[12:55:56] <Bushmaster> Night_Elf, MS DOS taken the ssh
username@local IP to let me get into Debian yes now I am looking at
Netowrk in File Manager in Windows that I can enable then I can do
the transfer in GUI
1206[12:56:19] <Ede|Popede> Bushmaster: maybe the easiest way:
fire up a tiny httpd on your debian (websh or the one integrated in
python), copy your files into its webroot, if there are many, zip
them for convenience, download from win10, unpack. done.
1207[12:57:53] <Night_Elf> In my opinion, installing mobaxterm is
the most full featured option. You get an entire cygwin/mingw with
it, bash and some unixlike environment, an X server for remote
lanuching gui applications. But then different people, different
tastes
1208[12:58:46] <Ede|Popede> gotta look at it some day when
i'm done with some other things (that includes reimplanting the
system disk into the windows pc)
1209[12:59:04] <Bushmaster> Night_Elf, and Ede|Popede I just
opened the private network option in windows file manager and it now
allowing me to see all my machiens, including minidlna set up in my
mint machine
1210[13:01:09] <Ede|Popede> i stopped using their built-in fm
when i discovered total commander. unluckily all the linux DEs
decided to implement its approach, the only usable fm i found so far
is double commander.
1216[13:04:50] <Ede|Popede> Night_Elf: it's just that i
found it far easier to do such things on linux than on windows.
there you never know what awaits you behind the next corner. even
the language they use in their so called help... may (also) be a
matter of translation, but half of the time i had no clue what they
were talking about.
1224[13:12:45] <Ede|Popede> Bushmaster, as i said... must have
even been before XP when i stopped using it. only how they managed
to hide all the settings to make it show ALL the files... they had a
nice start with fileman.exe, but that was only meant to get rid of
norton commander. and i do remember i had some network related
problem on it, couldn't figure out how to solve it. had a look
at linux (i think i was running SuSE at that time) and it took me
minutes after reading
1225[13:12:45] <Ede|Popede> some manpages and maybe a HOWTO.
1228[13:16:26] <Bushmaster> Ede|Popede, I hate windows, and i
wish I can get rid of it from my machine but them ass*holes want me
to use it for Proctoral Setting for Online Exams with school where I
am taking some online course
1229[13:17:37] <Bushmaster> I mean amazing bast*ards like Bill
Gates make such a loose OS and makes billions by fooling customers
most of course are damn fool anyway
1230[13:18:31] <Night_Elf> lol
1231[13:20:55] <Bushmaster> in my opinion windows is sh*it, its
slow, extremely resource intensive for no reasons, and full with
issues, its a OS I think for people who use it for word document and
sh*it like that
1232[13:20:59] *** Quits: Ganonk (r00t@replaced-ip) (Remote host closed the connection)
1236[13:24:59] <Ede|Popede> one of my first such experiences: was
looking for some text in a couple of files (actually more than just
a few). FIND missed some though it wasn't even a complicated
REGEX (not that it would have known how to handle it anyway). booted
debian, tried it from there. not only it found what i was looking
for, it was even faster.
1237[13:25:44] <Ede|Popede> and then i was getting curious and
did some other cross-OS tests. even simple file listing was faster
on the DOS disk from debian.
1238[13:25:48] *** Quits: golluq (~kalo@replaced-ip) (Quit: Lost terminal)
1239[13:25:49] <Bushmaster> the problem with windows is it knows
the market behavior, it knows how to con people and how to keep
people ignorant
1240[13:26:31] <Bushmaster> and Bill Gates is the Mastermind
conning people globally for three decades ...
1242[13:27:39] <Ede|Popede> Bushmaster: they had to tell people
that windows wouldn't run smooth on other DOSes. and achieved
this by making it crash on DR-DOS. that's what made me laugh
when they claimed recently that google would serve worse code when
visited with edge. now it was them on the other side of the fence...
1243[13:27:45] <Night_Elf> Most of the things in today's
world, are not famous because of true merit, but because they have a
heavy advertisment backup
1244[13:27:46] <Bushmaster> this bastards run the media, TV and
people watch windows and get brain washed
1246[13:29:00] <Bushmaster> I fully agree Night_Elf I mean that
Bast*ard must have millions of dollars PR (Public Relation)
investments
1247[13:29:16] <Bushmaster> with his crap OS
1248[13:29:50] <Ede|Popede> Night_Elf: i think there was
something on the 36c3 about recognition of non-existing patterns.
people will believe everything if you tell them often and subtle
enough. there's also a psychologist implanting memories of
crimes into people's brains, and after some session they
believe it.
1249[13:29:52] <Bushmaster> the thing that annoy me most is
people believe in Microsoft products
1250[13:29:53] <Night_Elf> I suppose it is true for many things
as well, not only the os-es. Database scene is more or less the
same.
1251[13:30:43] <Bushmaster> I just hope one day windows perish
1253[13:31:03] <Ede|Popede> it works in all areas where they can
make money, that includes everything you can spend money on. product
A is better then product B because, well... it is.
1255[13:31:40] <Bushmaster> the thing that makes me angry is all
these capitalist bastards force people to use windows, think of all
these schools, dictating me to use windows
1256[13:32:02] <Night_Elf> That's a bit hard to happen
Bushmaster. You forget how many users are there who just need to
hear they have made a good choice. And the marketers around them do
just that. And also more, they believe in "if you pay for it,
then it surely must be good"
1257[13:32:15] <Ede|Popede> one of the nice features of FOSS, you
can't get bankrupt as long as you have enough developers going
on with their efforts. so there's no need for lies.
1258[13:33:07] <Bushmaster> Ede|Popede, FOSS products are heavily
tested cos so many developers screening the codes, unlike windows
product, they have their own assholes and nothing else
1259[13:33:14] <Ede|Popede> Night_Elf: as a warlord would you
trust more a mercenary or a fanatic? ;)
1260[13:33:54] <Ede|Popede> and then the mobile market clearly
goes to google and apple i guess.
1261[13:33:59] <Night_Elf> hehe
1262[13:34:24] <Bushmaster> i have never used apple its same shit
like windows
1266[13:36:16] <Night_Elf> Personally I only use windows to play
those 2-3 games I still care to play once in a while. A couple of
hours of starcraft in the weekends, some Alien Isolation before
going to sleep.... and that's it
1267[13:36:35] <Ede|Popede> at least they had a GUI long before
M$. granted, the IBM PC wasn't a real highend machine in those
days. and there already were some WMs around in the unix world.
1269[13:39:12] <Ede|Popede> actually there were some nice ideas
in its early days, like the specification of equalness regarding
input methods. mouse, keyboard, menus, buttons, it all should work.
they've long forgotten about such things, and with them all the
linux desktops trying to mimic windows and apple. just because
"people are used to it".
1270[13:40:28] <Ede|Popede> Night_Elf: yeah, wintel is the
breadbox of the 21st century :D
1333[14:23:34] <Doxin> diogenes_: I'm rather sure I've
only got win10 and debian installed, not win10, win7, and debian.
The win7 bootloader might've stuck around somehow but I'd
still rather have it not show up
1346[14:27:16] <diogenes_> that's a question for ##windows.
1347[14:27:49] <diogenes_> but if you ask it there they gonna ban
you.
1348[14:28:05] <Doxin> diogenes_: well that's not exactly a
good solution either then :P
1349[14:28:35] <convulatr> Delete the leftover files in the EFI
fat32 partition and EFI entries?
1350[14:29:09] <diogenes_> Doxin, try to remove the entry with
grub-customizer.
1351[14:29:27] <vlt> Hello. I want to create an environment in
which I can run live-build while offline. #debian-live recommended
to try "a full archive mirror or possibly a fully populated apt
cache". What does that mean? Where to start? Any help?
1352[14:29:37] <Doxin> diogenes_: gimme a sec to apt-get that...
1353[14:30:42] <convulatr> lol
1354[14:31:32] *** Quits: uniqdom (~uniqdom@replaced-ip) (Remote host closed the connection)
1379[14:40:31] <vlt> (Customising and) creating the Debian iso
running the `live-build` scripts works perfectly fine but utilises a
network connection to (repeatedly) download stuff.
1384[14:43:06] <deadrom> used to have a Thinkpad T series which
worked a charm for suspend/resume. can't say the same for a
Dell mobile Workstation. forgets all monitors and peripherals on
resume so I have to run a xrandr script after each resume to have my
screens back in shape. now I'd like to go away from a laptop
and eye a regular PC rather. in terms of suspend/resume, wise
decision? PC = random hardware brought together, laptop = mostly
fixed hardware set with
1385[14:43:06] <diogenes_> vlt, one of the methods that come to
mind is to use a standard Debian iso which includes the basic
packages only, chroot into it, add all the packages you want and
re-build the iso.
1386[14:43:07] <deadrom> power management being key.
1398[14:49:54] <vlt> That sounds like a lot of work to be done
that lb already does for me by creating a (scriptable) configuration
for my live ISOs. Maybe providing a full archive mirror locally is
the way to go.
1445[15:26:23] <Stoot> HI guys, I cannot find much about thew
mini.iso nbet installer The netISO itself still seems to get a lot
of files from the ISO itself
1446[15:26:41] <abrotman> Stoot: what are you trying to do?
1447[15:26:56] <Stoot> abrotman fast install over idrac
1449[15:27:13] <abrotman> Stoot: the netinst has the base number
of packages to get a working install, the mini requires the internet
or some other package source
1450[15:27:16] <Stoot> and much as I can grabbed from the
internets
1453[15:27:27] <dpkg> mini.iso is a super small ISO that utilizes
the <netboot> images to fetch <d-i> and all components
over the network. Only contains a boot loader, kernel and initrd,
typically ~20MB. Start at
replaced-url
1472[15:33:10] <abrotman> if you have functional internet from
the target, the netinst will get any packages that are newer from
the internet source. Otherwise it will use what's on the ISO.
1473[15:33:59] <abrotman> if you want muck about with tftp and
pxeboot and blah blah blah, use the mini
1478[15:38:13] *** Quits: MenschZwoNull (~MenschZwo@replaced-ip) (Remote host closed the connection)
1479[15:38:58] <Stoot> yeah OK, I just need this install for some
dell upgrade shit
1480[15:39:02] <Stoot> going to try the mini :)
1481[15:39:10] <Stoot> am already trying actually ;)
1482[15:39:11] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you
can get shot if you crack smiles and shit...)
1536[16:30:08] <blscoe> I am trying to test my webserver and I
like to know what is the limit of request that my server support. I
installer apache-utils and I would like to know if anybody know a
test that can show me this limit? Thanks!
1569[17:08:56] <unborn> hi guys.. I came across one of my laptops
here which runs debian 7.7. I am going to upgrade to 10 however best
way to do it would be by fresh re-install and full setup OR just
update repos in list and then distro upgrade etc...? I have bash
script which will install and setup all my software according my
needs but would love to hear which way is actually the best. thanks.
1571[17:12:05] <petn-randall> unborn: You'd have to upgrade
it like this: 7.7 -> 8 -> 9 -> 10. So you'd need 3
dist-upgrades, reading the release notes and fixing up config on the
way. So I'd say it's easier and cleaner to reinstall.
1572[17:12:35] <petn-randall> unborn: Given that it's been 3
releases, your script will likely need fixing, too, since package
names might have changed, or gone altogether.
1573[17:13:00] <unborn> petn-randall: thank you very much.. I
thought so it would be easier.. just starting downloading the iso.
1577[17:15:30] *** Quits: czesmir (~stefan@replaced-ip) (Quit: Lost terminal)
1578[17:16:19] <unborn> petn-randall: I updating my
postinstall.sh every time I do upgrade to newer release - on all
other machines I run 10 its just this laptop (I am currently
visiting my mom on Slovakia where I visit once a year only and that
laptop is used as 'smart tv box').. I will do fresh
install then git clone my stuff and run it.. it should be all fine.
Thank you very much for advice.
1606[17:35:25] <diogenes_> wow guys, free 5G internet, is it
true?
replaced-url
1607[17:36:41] <un214> so it looks like all of my systemd issues
reduce to two roots
1608[17:37:17] <un214> 1: if a device exists in /dev/mapper
it's already ready but systemd tries to wait for a notification
that it's ready. This makes no more sense than waiting for a
/dev/loop device to be ready.
1609[17:37:57] <un214> 2: systemd can't figure out to move
wait for network into the background after 4 or 5 seconds but would
rather hang indefinitely
1631[17:47:22] <petn-randall> ifup is only doing what you're
asking from it; you might want to remove that line or configure the
interfaces statically if you want to boot it when the DHCP server is
down.
1632[17:47:43] <un214> man page says: "Lines beginning with
the word "auto" are used to identify the physical
interfaces to be brought up when ifup is run with the -a option.
"
1633[17:48:10] <un214> what it should do is keep retrying dhcp in
the background until it comes up, but not block boot in the meantime
1653[17:55:16] <un214> oh I get it. It's bound to the
console on sysvinit so ^C will bail it out, and dhclient
doesn't notice
1654[17:56:47] <petn-randall> Yeah. So your options are either to
configure it statically, or use network-manager, or override some of
the systemd unit bits to make it not wait (not recommended).
1657[17:57:20] <CuteAlien> Hello. I just noticed kdiff3 is pretty
badly broken in debian 10 stable (fails to diff any directories).
The bug is likely this one:
replaced-url
1695[18:13:18] <petn-randall> ifup sometimes did that, which
would end with a rogue dhclient running and overwriting your
/etc/resolv.conf on the next lease update (a.k.a "when you
least expect it").
1723[18:24:50] <petn-randall> a) it does matter, a lot b) how is
this an issue of systemd if your disks aren't up?
1724[18:25:20] <un214> it's impossible for the disks to not
be up by that point
1725[18:25:38] <petn-randall> Ok, is this a HW raid, or is this
mdadm?
1726[18:26:34] <un214> it's a motherboard raid; mostly SW
but there's some actual hardware assistance to handle state
recovery on power loss
1727[18:26:55] <gordonfish> ratrace: I feel rather dumb. It does
work with contains, it was startswith that wasn't working due
to the [12345.6789] style tag prefixed to each msg, and the regex
didn't work because two fold:
1728[18:27:10] <gordonfish> 1) Missing some backslashes for regex
metacharacters, and 2) Not taking into account that rsyslog confs
treat double quoted strings like in C/perl/etc, where \\ needs to be
used rather than just \ (eg, "\\(capgroup\\)" instead of
"\(group\)" like in sed and such.
1729[18:27:25] <gordonfish> )
1730[18:27:41] <petn-randall> un214: Then show us the config of
your sw raid.
1731[18:28:08] <petn-randall> un214: Or rather, show us the
actual error that systemd allegedly chokes on.
1759[18:36:10] <InvisibleRasta> hello guys i just installed
debian with debootstrap from archlinux on a btrfs subvolume...
everything is working fine, internet and so on. i am just wondering
why when i go to edit fstab it says its unconfigured...
1788[18:49:33] *** Quits: dzc (~user@replaced-ip) (Remote host closed the connection)
1789[18:49:37] <InvisibleRasta> sorry
1790[18:49:42] <InvisibleRasta> i got disconnected i think
1791[18:49:59] <InvisibleRasta> digdilem: petn-randall did you
guys say anything i missed?
1792[18:50:44] <digdilem> InvisibleRasta, read up on systemd
mount points. Systemd actually converts anything in fstab to a mount
point, but it doesn't need to
1868[19:22:27] <f-a> in my alsamixer "capture" screen I
see "Mic boost", "capture", "digital",
"internal mic boost", where do I get infos on what are
those?
1871[19:25:38] <Guest58> I have buster. Out of nowhere I decided
it would be nice to try i3 gaps. Since there is no package for it I
said "let's just try this all in one" script from
github
1872[19:25:49] <boeg> anyone here using the fonts-font-awesome
package and have an idea why some (a lot) of the free icons
aren't working and just showing like chinese characters and
stuff like that?
1873[19:26:34] <Guest58> Result : my machine was completely
destroyed, it changed my sources.list to old stuff and installed a
bunch of new stuff which lead to breaking my machine
1874[19:27:08] <Guest58> So right now I am just reinstalling all
packages
1875[19:27:18] <Guest58> Hope it fixes it
1876[19:27:43] <Guest58> @boeg I have experienced that yes
1910[19:42:12] <petn-randall> Guest58: If you don't want to
do that, the install guide has several other options.
1911[19:42:43] <unborn> Guest58: yes you can do it - if you know
what are you doing also if you installed your linux on separate
partitions, yes you can do it, if you have no idea what I am saying
then back up your important data and do fresh install..
1912[19:42:51] <petn-randall> But I'm going to say that
creating a usb drive is the simplest option, as that's like
just two things to do.
1916[19:47:42] <zodd> every time I reboot the opendkim service
did not start. If I start it manually afterward it works fine. How
can I analyse the cause?
1917[19:47:42] <petn-randall> Guest58: Lesson learned: Don't
run scripts from the internet as root without understanding what
they do. Your system being broken is probably the most benign error
you can get from it.
1922[19:51:03] *** Quits: Ericounet (~Eric@replaced-ip) (Quit: Je m'en vais ...)
1923[19:52:51] <petn-randall> zodd: If you're running
systemd you can check with 'systemctl status opendkim' why
it failed, and also check the logs with 'journalctl -u
opendkim'.
1924[19:53:17] *** Quits: tyranny12 (~blarg@replaced-ip) (Remote host closed the connection)
1954[20:05:28] <petn-randall> zodd: Yes, but it failed to start
for a different reason. "Start request repeated too
quickly" is just the symptom, that's systemd trying to
restart it after it failed starting.
1968[20:14:00] <boeg> I tought `apt upgrade *package*` would just
upgrade the package but apparently not. Now that i've upgraded
my whole system to `unstable`, is there a way to downgrade to
`stable`?
1983[20:23:28] <boeg> also the package fonts-font-awesome has
version 5.0.10+really4.7.0~dfsg-1 - does that mean it's
font-awesome 4 or 5? Because lots of font-awesome 5 icons
aren't working so i guess its font-awesome 4 ?
1990[20:28:51] <namll`> is there any tool recommendations for
screen calibration tools? just got a new screen replacment for my
laptop and the whites seem off.
2020[20:49:14] <petn-randall> boeg: 5.0.10+really4.7.0~dfsg-1
means it's really 4.7.0, you'll have to look into the
changelogs why it's named that way.
2041[21:02:29] <nulltrading> hello, how could i set the default
screen brightness upon reboot? it seems i need root privileges to
cat /sys/class/backlight/brightness.
2050[21:06:37] <diogenes_> afaik rc.local has been dropped long
ago.
2051[21:06:50] <diogenes_> i might be wrong.
2052[21:07:15] <diogenes_> !rc.local
2053[21:07:15] <dpkg> /etc/rc.local may be used to run simple
commands at boot time. It exists by default in jessie or older; in
stretch you need to create it. Don't forget the <shebang>
and be sure to chmod 755 it. rc.local is considered a hack, a
stopgap, or a temporary band-aid; see <systemd>
2104[21:44:24] *** Quits: annadane (~annadane@replaced-ip) (Remote host closed the connection)
2105[21:45:10] <dob1> I have a file pattern, like foobar*.txt and
a string s, in a directory I have to find recursively all the files
that names is like the filename pattern that they don't
contains the string s
2106[21:47:40] <ksk> you mean like the filename pattern, but also
exclude every file name containing s?
2107[21:47:44] *** Quits: nulltrad` (~user@replaced-ip) (Remote host closed the connection)
2108[21:47:59] <ksk> or is s related to the content?
2109[21:48:00] <dob1> ksk, yes
2110[21:48:05] <dob1> ksk, it's related to content
2111[21:48:42] <dob1> if filename is like filepattern and s is in
file content then exclude it
2112[21:49:12] *** Quits: nolan_ (~nolan_@replaced-ip) (Remote host closed the connection)
2113[21:49:20] <dob1> I was thinking to combine find and grep -v,
but I don't know how to do it. maybe I can try a little python
script
2164[22:29:49] <CaptainShell> so I'm wondering why is it
that you have to go to the 3rd or even higher DVD to get some
packages like hexedit or a command like strings but Knoppix manages
to put most of the small useful utilities on a single DVD?
2165[22:30:07] <lupine> people still use the DVDs?
2166[22:30:22] <lupine> presumably the ordering differs
2185[22:43:40] <jhutchins> CaptainShell: Debian is over 50,000
packages, closer to 70k I think. Everything has to go somewhere.
2186[22:43:54] <CaptainShell> yeah
2187[22:44:20] <nulltrading> I am running a service for
wpa_supplicant that connects to the network, the only issue is i
have to run dhclient every time on reboot. I tried to append
/sbin/dhclient to the end of the ExecStart command like so,
ExecStart=/sbin/wpa_supplicant
-c/etc/wpa_supplicant/wpa_supplicant-%I.conf -Dnl80211,wext -i%I
&& /sbin/dhclient %I, but it doesnt seem to run on restart.
do i need a seperate service for dhclient that is ran after
2200[22:47:34] <vetru> Interesting issue: I just used wget to
retrieve a file from github raw. The file saved... but then I cannot
even list it with ls -al. Any further attempt to create a file with
that same name recieves "Permission Denied" i am root
user.
2201[22:47:40] <vetru> "disapearing file" etc
2202[22:47:50] <vetru> really odd. Any ideas would be <3
2203[22:48:09] <lupine> sure, the question is about extra
packages though
2204[22:48:26] <nulltrading> jhutchins: /etc/network/interfaces
is default, been using /etc/wpa_supplicant/wpa_supplicant
2205[22:49:14] <jhutchins> nulltrading: I'm not familiar
with that, but you should be able to set it to use dhclient for the
address.
2235[23:03:25] <mihi> vetru, any weird characters in the filename
(and yes, leading - is also a weird character in that context as it
will be interpreted as option usually)
2302[23:41:55] *** Quits: grumble (~grumble@replaced-ip) (Quit: People who can't distinguish between etymology and
entomology bug me in ways I cannot put into words.)
2319[23:55:18] <BenLue> I try to install zsh and the theme
agnoster on my machine (Debian Buster) all the time. zsh runs so far
and is also configured. I don't see the symbols :/ can anyone
help me?
replaced-url