281[00:29:17] <annadane> just thinking of the wine discussions
earlier and at other times, where someone wants to use wine from
winehq and people keep asking "why not just use
debian's", i get a lot better performance out of certain
games using winehq's newer wine versions; i do understand
debian's general philosophy of "but the old versions work
fine" but wanting newer wine is very legitimate
282[00:29:45] <somiaj> annadane: it totally depends on the
games/apps you run.
283[00:29:52] <annadane> people just have to understand that
libfaudio0 isn't in debian stable and they need to get it from
OBS
284[00:30:08] <somiaj> annadane: some games will workt he same
in both, some apps will, some apps will work better in older
versions of wine (this does happen), some work in newer
285[00:30:09] <shibboleth> anyone have a favorite software which
can manage old ipod/nanos (pre iphone)?
311[00:39:18] <johnfg> Here's what I did: mount
/dev/vg0/lvol3 /mnt/temp; 2nd: cp -R /var /mnt/temp; 3rd: mv var
var.old; 4th: edited /etc/fstab to add this line:
312[00:39:24] <pingfloyd> johnfg: why not allocate more PEs to
the LV that you're using for /?
356[01:12:42] <annadane> really serious fixes tend to get
fast-tracked
357[01:12:49] *** Quits: toli (~toli@replaced-ip) (Ping timeout: 264 seconds)
358[01:12:50] *** toli_ is now known as toli
359[01:13:03] <annadane> but for a desktop... it depends on your
threat model, and we do mostly recommend stable, but i feel one
should generally be ok
366[01:14:50] <annadane> it looks terrible on paper but i'm
not sure the h4x0r's will get you through some security hole,
automatically, if you run testing
378[01:20:27] <annadane> hierbat, for specific things, you can
generally just install the sid version to get immediate fixes,
though this may or may not involve apt pinning, i've never
really run any mixed systems
383[01:22:25] <hierbat> annadane: alas I have to be invited
384[01:22:48] <johnfg> I didn't get this before, when I
didn't copy things correctly: cp: cannot overwrite directory
'/mnt/temp/run' with non-directory. Should I be concerned?
385[01:22:48] <annadane> hierbat, oftc, not freenode
386[01:22:50] <somiaj> hierbat: in general people who want
stability and secuirty run stable.
387[01:23:07] <johnfg> somiaj: I'd acted too quickly to do
things the easy way you had mentioned.
388[01:23:35] *** Quits: ghost43 (~daer@replaced-ip) (Remote host closed the connection)
389[01:23:55] <dmnb> Hi, anyone have knowledge about tinyproxy?
392[01:24:32] <somiaj> hierbat: most of the issues are local
vulns, so if you aren't running any services or have multiple
users on the system, webbrowsers are the biggest thing to worry
about.
393[01:24:54] <somiaj> johnfg: are you trying to now cp -R
/var/* /mnt/tmp/?
462[02:20:13] *** Quits: torbo (~user@replaced-ip) (Remote host closed the connection)
463[02:20:22] <joepublic> that's not how facts work...
464[02:20:27] <randompleb> wsky, What's this nonsense. What
would someone do with your passwkrd? Do you have a public server
running on your machine? Do you have sensitivr data? Please dont
troll here
465[02:20:27] <wsky> that's what you think
466[02:20:55] <wsky> somehow there are people aware of my
personal data on a fresh debi9an instalation
503[02:28:56] <joepublic> debian might be at the hardware level?
say that again slowly
504[02:29:00] <inthl> I am NSA. what can I guys help you with?
505[02:29:17] <randompleb> heartbleed got overlooked because of
their internal memory allocation routines AFAIK
506[02:29:25] <annadane> heartbleed was openssl in general, not
specifically debian
507[02:29:45] <inthl> it got overlooked because noone noticed
and noone was mr. expert enough to review that stuff, everyone used
it for convenience.
508[02:29:46] <inthl> next?
509[02:29:58] <wsky> remember the original crypt and decrypt
from the original unix
510[02:30:09] <wsky> they let whole world use it only after they
cracked it
511[02:30:17] <inthl> what's the news?
512[02:30:35] <randompleb> Yes, why is this surprising?
Security's a process
513[02:30:37] <annadane> now, it is provably true thanks to
snowden that the nsa does try to weaken encryption, so i don't
doubt that they've tried general backdoors, but you're
making a specific claim about debian
514[02:30:39] <wsky> that any other linux system is same case
scenario
516[02:31:05] <randompleb> wsky, then what are you proposing we
should use?
517[02:31:08] <wsky> the security is ilusoric and linux distros
are honeypots attrackting people for security and exploiting them
even more than windows
518[02:31:25] <annadane> i promise you it's not more than
windows
519[02:31:30] <inthl> again, what's the news? the pentagon
employs 25.000 mathematicians, what do you think they are doing all
day long?
520[02:31:33] <annadane> open source is generally inherently
*more* secure
536[02:34:43] <inthl> a friendly hint from your nsa guys: do not
use the usual encryption stronger than 2048 bits - everything higher
makes it actually easier for the mathematicians to break
537[02:34:49] <annadane> debian has routinely very quickly
patched security holes
538[02:34:57] <annadane> so you're making specific claims
about the project
539[02:35:00] <annadane> you're not very convincing
540[02:35:23] <joepublic> a pastor, perhaps, or nurse?
541[02:35:26] <wsky> what you believe in is a mirage
542[02:35:51] <randompleb> wsky, where's the proof? Ive
been asking for it ever since you got here ..
543[02:36:51] <randompleb> On a side note, when is debian
getting support for luks2 /boot. Grub added the support in January.
544[02:37:01] <inthl> my dick is hard right now. theoretically I
could proof that. how about you? tell us something we don't
know about - that may or may not be a 0day
545[02:37:38] <joepublic> nice rhetorical skills.
546[02:37:40] <wsky> randompleb: can't proove that
557[02:39:28] <randompleb> wsky, Yes, I can too because I have
eyes
558[02:39:36] <joepublic> 1. Is the U.S. government busily
engaged in spying on its citizens, possibly including people here?
That is a yes. really no argument about that.
559[02:39:59] <joepublic> 2. Is any system fully secure?
That's a philosophical question, but its answer is
"probably not".
560[02:40:06] <wsky> joepublic: that's right
561[02:40:24] <inthl> let's face it, make it very short:
the nsa - less likely any other agency from outside us - can obtain
any information from you and the hardware you use. there is just one
condition: you have to be of interest, a target. assume that for
every country's leaders and politicians, lobby activists,
ceo's of every non-pussy revenue company
562[02:40:29] <inthl> linux or not.
563[02:40:37] <wsky> there is no possible way i was able to get
compromised in any known way to me yet i am compromised
564[02:40:39] <joepublic> 3. Does debian work in secret to hide
such disclosures? Again, easy answer. No. bugs.debian.org.
565[02:40:44] <annadane> conspiracy theorists who tend to be
correct, try to calmly explain to others their position, how they
arrived at their position, and what the general public is missing.
conspiracy theorists who are just crackpots speak in absolutes,
about how "i have eyes" and "i see what's around
me" and "what you believe in is a mirage"
566[02:40:55] <wsky> annadane lives in a wonderland
567[02:41:00] <inthl> the answer to my text is short: don't
be a target
568[02:41:02] <annadane> give your specific claims. we have no
idea who these "people on freenode" are who "have
your information"
569[02:41:03] <inthl> stay below the radar
570[02:41:05] <annadane> wsky, fuck you.
571[02:41:08] <wsky> <3
572[02:41:11] <annadane> i don't suffer fools.
573[02:41:27] <joepublic> heh you're doing it right now
574[02:41:43] <randompleb> wsky, Is it possible that I'm
talking to you is not real. And you'rebin a VM?
575[02:41:48] <inthl> guys, I just told you the conditions.
there's nothing more to summarize
576[02:41:50] <annadane> you haven't even specified how
you've been compromised, for all we know it has nothing to do
with debian
578[02:42:30] <joepublic> inthl, you are kind of wrong. With
automated widespread collection, you do not need to be a target at
all.
579[02:43:03] <randompleb> Yes, but automated data can be huge.
Filtering that for valuable targets make sense
580[02:43:07] <joepublic> example of widespread automated
collection,
replaced-url
581[02:43:13] <inthl> well that's not the right conclusion.
the issue is that data, or mostly meta-data, is collected from
everyone - but it won't lead to any further investigation,
until you don't become a target
582[02:43:47] <inthl> this meta data just makes it way easier to
identify a target and get to him/her in case they become a target
583[02:43:52] <annadane> the NSA absolutely does spy on people
and does try to implement backdoors, but that's different from
saying that debian specifically is a honeypot
584[02:43:56] <inthl> stay below the radar.
585[02:44:10] <inthl> I use debian on all my hosts, there are
plenty
586[02:44:11] <joepublic> too late, I am a dues paying card
carrying libertarian party member
587[02:44:19] <inthl> I feel safer than with anything else - not
safe, but safer
588[02:44:31] <wsky> i felt safer on 98se
589[02:44:41] <annadane> and actually, if we wanted to make that
argument, debian isn't run by a company, it's a volunteer
effort, so if anything you'd think it's harder to exploit
590[02:44:43] <randompleb> lmao I should come here more often
591[02:44:45] <wsky> back in 00s
592[02:44:46] <joepublic> wsky, I can find you a 98se download
link if you like.
593[02:44:47] <inthl> i watched most porn with 92se
594[02:45:12] <inthl> the meta data collection was way less with
98se than it is today
595[02:45:39] <inthl> at that time, phone calls and voice to
text translation for bell atlantic and all the others was of
priority
596[02:46:12] <joepublic> sure, president, bomb, allah, local
terror cell, upcoming operation
597[02:46:14] <inthl> its peak was in the 80s I think
598[02:46:21] <inthl> blackbriar
599[02:46:33] <joepublic> we think it's really got legs.
600[02:47:23] <randompleb> Ive got three legs and the middle one
is gonna get buried in someone if buster doesnt get gcc docs soon
601[02:47:26] <inthl> don't forget treadstone, prism and
ubuntu
602[02:47:44] <joepublic> gcc docs are non-free. read them from
the upstream.
603[02:48:05] <inthl> you know, he is right in one thing
604[02:48:09] <randompleb> Yeah, but i think theyre available
from the backports too?
605[02:48:09] *** Quits: dftxbs3e (~dftxbs3e@replaced-ip) (Remote host closed the connection)
607[02:48:46] <inthl> ubuntu is a debian derivate, the most used
distro out there - hence a mass-metadata target. ubuntu takes too
much sources from debian without in-depth checks, so there you go.
debian is unsafe.
608[02:49:04] <annadane> windows is *so* trustworthy, how
microsoft forced everyone to update to windows 10 and several people
have concerns about their telemetry
609[02:49:09] <annadane> yeah, much more secure than debian
611[02:49:24] <inthl> dude I just told you, debian is not safe.
612[02:49:35] <inthl> I'm gonna switch to bsd
613[02:49:48] <joepublic> wait, didn't that heartbleed
thing come straight from OpenBSD?
614[02:49:52] <randompleb> No
615[02:49:55] <randompleb> it didnt
616[02:50:05] <inthl> who cares? considering that irc is
'not secure', i just became a target
617[02:50:10] <inthl> so it is over for me anyway
618[02:50:23] <randompleb> openbsd forked openssl into libressl
after the heartbleed incodent
619[02:50:23] <annadane> if you're going to make any
argument that debian is insecure then don't use "people on
freenode have my info" as an example and specifically without
being concrete about why you think it's the OS's fault
620[02:50:29] <joepublic> yeah you are chatting in the channel
where someone said bomb president allah
621[02:50:35] <wsky> i'm migrating to freebsd
622[02:50:38] <wsky> because fall
623[02:50:39] *** Quits: ghost43 (~daer@replaced-ip) (Remote host closed the connection)
624[02:51:00] <inthl> I'm megrating to windows 10, because
xhamster hardware video accelleration
625[02:51:02] <joepublic> please note that chatting from freebsd
is similarly unencrypted and nonsecure
626[02:51:10] <joepublic> please note that chatting from Windows
10 is similarly unencrypted and nonsecure
627[02:51:41] <randompleb> Genuine question, how come gcc docs
is non free?
628[02:51:44] <inthl> then novell netware it is. or that cisco
os. what could be more trustworthy than cisco?
629[02:51:52] <annadane> probably because of invariant sections
633[02:52:08] <annadane> i don't know for sure, but
it's gnu, 99% that's the reason why
634[02:53:16] <inthl> guys please let me work on my stuff. to
get more m0ney, because I want to become a real target. thanks
635[02:53:23] <annadane> but it should still be packaged in
debian at least, i'd be surprised if not
636[02:53:38] <randompleb> Also, on the topic of apparmor vs
selinux? i get that that selinux is complex. Was this the only
reason apparmor was chosen?
655[02:55:41] <joepublic> or just get the package from
packages.debian.org and install it
656[02:56:02] <annadane> *i* am cautious to typically only
install from main, but yeah, i can see where other users don't
bother checking
657[02:57:04] <tyzef> somiaj I struggle to mount the usb pen
dribe on net install. I had found the file, it's
/var/log/syslog
658[02:57:42] <randompleb> What format is the pendrive in?
659[02:57:49] <tyzef> normally I simply do : mount /dev/sdc /mnt
660[02:57:57] <tyzef> udb
661[02:58:09] *** zazagx is now known as zxwayland
662[02:58:19] <tyzef> format is udb
663[02:59:40] <annadane> the fact debian even separates things
judiciously into main contrib and non-free and by default is 100%
free software is a further argument against debian being a
honeypot... but whatever...
664[03:00:05] <joepublic> debian is a great platform for
building a honeypot, of course
665[03:00:11] <randompleb> udb? First time hearing that... Does
anyone here have any knowledge aboht thi
666[03:00:32] <joepublic> unless it's a type for
"usb", then no
671[03:02:08] <annadane> social contract? honeypot.
672[03:02:14] <annadane> excellent reputation since 1993?
honeypot.
673[03:02:23] <randompleb> Again, does anyone know why Debian
chose apparmor over selinux? I get that selinix is complex but that
cant be the only reason...
679[03:03:23] <annadane> there are specific reasons for not
selinux by default i just don't remember what they are
680[03:03:55] <silverballz> anyone find a machine code monitor
yet?
681[03:04:21] <annadane> i think one issue selinux has suffered
from is it becomes a little bit like Mandatory Access Control on
windows where *everything* asks for permission to run... but this is
going off memory, i don't really know
687[03:06:23] <randompleb> I see. thanks. also, radare2 got
removed earlier because the radare developers didnt support the
veraion shipped with debian.Any idea if it's coming back? I
know I can just compile it myself or get an appimage
690[03:08:35] <annadane> anecdotally, a comment from reddit:
"Personally, while SELinux may be useful in some corner cases,
its extra complexity makes it a non-starter for me. I'm more
likely to make a config mistake using SELinux than run into a
situation where SELinux is the better tool for the job. I've
used AppArmor and it works well, is a lot easier to set up and does
the job. For 99% of use cases AppArmor is probably going to be just
as useful, without all the
691[03:08:35] <annadane> headaches."
692[03:09:19] <tyzef> sorry randompleb, it's UDF
693[03:09:20] <annadane> plus yeah apparmor is integrated by
default as of debian 10 so that's a good reason to use it
701[03:13:14] <randompleb> thanks for the link. Will check it
out now. tyzef i beleve you need to specify the udf format with
"-t udf" when using the mount command. i may be wrong but
try it anyway
764[03:29:53] <tyzef> it show everything but my knowledge is to
low for me to explain it
765[03:30:09] <randompleb> Maybe because your wifi driver is non
free ? Debian installer doesnt contain non free firmware? Can this
be the reason or was it working
766[03:30:13] <randompleb> earlier?
767[03:30:13] <tyzef> i need to pastebin it
768[03:30:49] <tyzef> we suspect kernel issue
769[03:31:12] <randompleb> which laptop do you have?
770[03:31:19] <tyzef> eeepc
771[03:31:31] *** Slumlord_ is now known as Slumlord
794[03:41:10] <somiaj> there is the kernel the installer is
using, you could try to install that in your debian 10 and see if
the network card with it, if it does you have basically idenfieid
where this regresion occured
800[03:44:32] <tyzef> well I will give a try asap, it's
here near by 7am and I haven't yet slept, i take a nap, let you
know asap ! thank you all for your attention and help !
801[03:44:36] <dvs> Hey oh!
802[03:45:26] <johnfg> somiaj: Did you see anything else wrong
with the way I went about moving/mounting /var? When I rebooted,
there were problems, even though /var was mounted. Not sure what it
was. I had to boot in recovery mode to get things back.
803[03:45:56] <somiaj> the only thing I noticed is why your mew
mount point had a /var/var
804[03:46:01] <somiaj> oh you were using -R, one second.
805[03:46:39] <somiaj> yea, you probably need to use -a, so
permissions and symlinks are preservered, I wasn't paying that
close attention, just trying to answer your /var/var/ mostly
806[03:46:50] *** Quits: ecbrown (~user@replaced-ip) (Remote host closed the connection)
807[03:46:50] <johnfg> Right, and I did your correction.
826[03:59:19] <ectospasm> I prefer `rsync -av` over `cp -Ra`
because if the operation stops for whatever reason, you can pick up
where you left off instead of copying files that have already been
copied.
877[05:43:41] <brieweb> I upgraded to Debian buster on my server
and Xen upgraded to Xen 4.11, but it won't boot. I was able to
go back and boot Xen 4.8 from grub
878[05:43:44] <brieweb> any tips?
879[05:44:21] <brieweb> I see three things that load on the
screen. loading kernel, loading xen, and then loading ramdisk.
Nothing else appears and it just hangs
924[06:41:23] <somiaj> brieweb: usually vendor services are in
/lib/systemd/system, so those might be local edits using systemctl
edit service, or somethting similar. You could see if moving those
out of the way (for a backup) helps things
925[06:41:58] <somiaj> and by vendor, debian supplied services,
(though postinstall scripts may add links in /etc/systemd
926[06:43:25] <brieweb> funny thing is I upgraded to xen-4.11,
yet I did not do an autoremove and it doesn't have any scripts
there
927[06:43:37] <brieweb> but, I will try moving them out of the
way
928[06:43:49] <brieweb> I should look at the release notes for
xen-4.11
930[06:44:58] <somiaj> I don't know xen so can't
really help there, I just know that the standard for how debian
packages should be putting their service files in /lib/systemd not
/etc
931[06:45:05] <somiaj> but local overrides will be in /etc
946[07:21:56] <brieweb> I deleted the two files
/etc/systemd/xenconsoled.service and
/etc/systemd/system/xenconsoled.service and it still brings it up
when I boot into Xen 4.8. Xen 4.11 still won't boot though. I
also loaded the intel-microcode
947[07:22:11] <brieweb> I could always reinstall the hypervisor.
948[07:22:20] <somiaj> brieweb: well wihtout the files in /etc,
it will use the files in /lib
949[07:22:29] <somiaj> you can mask the service if you
don't want it to be brought up at all
950[07:22:36] <brieweb> ok
951[07:23:14] <brieweb> I wonder if somehow it stops the xen
4.11 from booting?
981[07:44:06] <somiaj> you may have to manually change the
pinning for certain repos for these edge cases where version number
or upping the pinning of a single repo with -t doens't work.
But according to the man page, it appears you can't list more
than one repo
982[07:45:01] <velix> Okay, no problem then. I'll play
around with it. Thanks for your ideas.
983[07:45:07] <somiaj> from the man page "In short, this
option lets you have simple control .." I think it assuming if
you need more complicated control you would actually use pinning
1100[10:48:13] <ansimita> invra: looks like you have to compile
(the latest release) from source with a rustc newer than one
that's provided for buster
1104[10:49:08] <invra> ansimita: do you know a bit awesomewm? how
would i make it so i can launch for example synaptic? i need some
kind of gksu or something?
1105[10:49:46] <ansimita> invra: unfortunately I am not familiar
with awesomewm
1175[12:03:12] *** Quits: Ericounet (~Eric@replaced-ip) (Quit: Je m'en vais ...)
1176[12:04:07] <algun> Hey. How come there’s no Android
Studio in the repo? What’s against DFSG about it (except
perhaps the binary that Google builds)?
1221[12:46:26] <algun> petn-randall: surely you are not
suggesting Debian users are disinterested in Android development?
Android Studio is the very primary tool for it.
1222[12:46:53] <algun> I would say it depends on the interest in
packaging and mintenance.
1342[14:25:52] <velix> Anyone with an idea, why
`/etc/skel/.bashrc` only allows `color_prompt=yes` for
`xterm-color`? `xterm-256color` is a legit setting, but gets ignored
here.
1354[14:42:20] <petn-randall> Lope: What does the /foo.sh do?
I've just recently had a similar problem and noticed that the
network* targets are more complex than you'd think.
1355[14:42:57] <Lope> petn-randall, weird, it seems to not start
on a fresh boot, but starts after a reboot...
1357[14:44:48] <Lope> petn-randall, it does all sorts of stuff
that I need to do to init the server.
1358[14:45:19] <Lope> petn-randall, I could separate it into
stuff that can happen before network, which is 99% of it. and stuff
that can happen after network.
1359[14:45:29] <Lope> but that doesn't fix it if it
doesn't run the stuff after network.
1360[14:45:46] <Lope> doesn't solve the problem, just 99%
solves it.
1361[14:46:05] <Lope> (just saying in theory, I've not tried
this)
1362[14:46:37] <petn-randall> Lope: Thing is, after
"network" can mean very different things.
1363[14:47:50] <petn-randall> Lope: After=network.target does not
mean it'll run when a working internet connection is up.
1364[14:49:07] <petn-randall> That's why I'm asking for
details on the script.
1365[14:49:23] <Lope> petn-randall, the only network thing i need
is to mount a nfs
1366[14:49:38] <Lope> but I put all kinds of crap in this script
which changes over time
1367[14:49:53] <Lope> so i would like it to generally run when
the network is operational
1368[14:50:11] <Lope> petn-randall, seems like a simple enough
desire?
1369[14:50:49] <petn-randall> Lope: Then you need
"After=network-online.target" in the [Unit] section, and
"WantedBy=network-online.target" in the [Install] section.
1370[14:51:01] <petn-randall> And you'll risk it never
running when the network config fails.
1371[14:51:33] <Lope> petn-randall, does network online mean that
it has a working internet connection?
1372[14:51:38] <petn-randall> yes
1373[14:51:40] <Lope> or just that the port is active?
1374[14:51:51] <Lope> I just want port is active, because
it's a NFS lan thing
1375[14:52:01] <Lope> I still want it to work even if the
internet is down.
1391[15:02:26] <annadane> is there a reason why thunar isn't
keeping my file association for .jar, as java -jar? and i can't
find it in the mime type editor either so i can't edit it like
that
1392[15:02:51] <petn-randall> Lope: Also one pitfall I noticed
during testing is that just updating your unit file is not enough.
You need to run `systemctl reenable <unit>` for it to update
the symlinks from the [Install] section.
1393[15:04:38] <Lope> petn-randall, thanks for your help bud. I
unfortunately had 2 services with the same name on different
servers, and they had different Before and After conditions. the one
that was having issues had some rather impossible conditions.
1395[15:05:06] <Lope> petn-randall, what happens if you say
Before and then list services that don't exist (have not been
installed/setup yet) would that prevent startup?
1396[15:06:20] <petn-randall> Lope: Not sure. If there's an
After= condition that doesn't exist I'd expect it not to
start, though.
1414[15:33:00] <pileofstraw> I thought perhaps I had solved my
problem of random infrequent hard lockups in 300 deployed NUC7i5BNK
machines by discovering that the nonfree firmware had not been
deployed, so I puppetized it out to all the machines
1415[15:33:04] <pileofstraw> and 2 more have since locked up
1416[15:33:11] <pileofstraw> crushing my soul like peanut shells
1417[15:34:08] <pileofstraw> wondering if anyone has any ideas on
finding the source of a hard lockup given that zero logs are
generated and it requires an in-person hard reset to fix
1422[15:36:36] <Agiofws> i've stumbled upon a package
inconsistancy trying to install wine on debian buster it all ends
down to a package that is not supported in buster anymore and i
don't know how to go about it
1423[15:36:38] *** Quits: overlaws (~overlaws@replaced-ip) (Remote host closed the connection)
1433[15:42:31] <dpkg> [Basic Apt* Troubleshooting]. To diagnose
your problem, we need ALL OF THE FOLLOWING information: 1. complete
output of your apt-get/apt/aptitude run (including the command used)
2. output from "apt-cache policy pkg1 pkg2..." for ALL
packages mentioned ANYWHERE in the problem, and 3. "apt-cache
policy". Use
replaced-url
1434[15:42:42] <petn-randall> Agiofws: Can you provide all of the
above in a single paste? ^^^
1435[15:42:43] <Agiofws> can anyone tell me why wine in buster
depends on libunistring0:i386 while that package is not supported in
buster?
1436[15:43:31] <Agiofws> petn-randall, ok than you i'll try
to provide
1449[15:50:04] <rozenglass> overlaws: xfce-terminal is developed
by the xfce project, but you can run any other terminal emulator
while using xfce. The arch-wiki contains a big list, many of which
are available debian
replaced-url
1454[15:52:01] <rozenglass> overlaws: although, many terminal
emulators are not as user-friendly as xfce-terminal, so it might be
worth trying to solve the issues you have with the xfce-terminal
1464[15:57:32] <EdePopede> debtags are better than sliced bread!
1465[15:58:21] <petn-randall> Agiofws: I'd remove the wine
repos you have there, remove any wine packages, and then just
install regular wine from Debian.
1466[15:59:09] <Agiofws> in sources.list ?
1467[15:59:26] <petn-randall> Agiofws: Yes, and in
/etc/apt/sources.list.d/*
1468[16:00:51] <rozenglass> EdePopede: I tried the debtags web UI
before recommending the arch-wiki, but searching for x11::terminal,
found results like a backgammon game and an xrdp client, and obvious
things missing, like konsole and rxvt-unicode
1481[16:07:32] <EdePopede> rozenglass: the correct combination
can be tricky sometimes, and unluckily there are also a lot of
packages missing some tags or not using it at all
1482[16:09:56] <EdePopede> rozenglass: usually i request some
packages i remember and then look what they have in common ;)
1506[16:22:30] <Agiofws> petn-randall, if i go down the rabbit
hole trying to install wine32 it also ends up to libunistring0:i386
commenting out the external repos
1552[17:09:32] <pileofstraw> i would love if there was a guide to
untangle the insanely complicated nature of having the right intel
drivers installed on Buster
1553[17:09:40] <pileofstraw> Haven't felt like this much of
an idiot in...at least hours
1558[17:11:45] <braingain> pileofstraw: most of intel stuff is
already supported by the kernel. theres a microcode package but
other than that.. what kind of drivers do you want to install?
1559[17:12:54] <pileofstraw> I am running a kaby lake system and
asking in #intel-gfx, the answer to "should I be running
something more involved than stock 4.19 kernel with
firmware-misc-nonfree" was "Oh my yes."
1561[17:13:19] <pileofstraw> Also whether to run
xserver-xorg-video-intel vs xserver-xorg-core
1562[17:13:25] <pileofstraw> i just feel lost!
1563[17:13:56] <joepublic> did the "oh my yes" people
recommend anything specific? If not, nothing to install
1564[17:14:28] <braingain> kaby lake is '2017ish.. is your
screen black tho?
1565[17:16:33] <pileofstraw> the central problem I am trying to
solve is random intermittent hard lockups requiring a physical reset
with no logging of any kind
1566[17:16:55] <pileofstraw> Screen is not black, it locks up
with content showing in X. In fact the time and date show, so I can
see when it happens.
1567[17:17:46] <pileofstraw> I kind of just have nothing to go
on. I discovered these machines didn't have the
firmware-misc-nonfree package so I put it on all 300 machines, but
the lockups continue.
1568[17:17:47] <lwp> pileofstraw, xserver-xorg-video-intel
depends on xserver-xorg-core, so if you need the -intel package, you
will be running both
1569[17:17:53] *** Quits: ecbrown (~user@replaced-ip) (Remote host closed the connection)
1570[17:18:22] <lwp> ,i xserver-xorg-video-intel
1571[17:18:23] <judd> Package xserver-xorg-video-intel (x11,
optional) in buster/amd64: X.Org X server -- Intel i8xx, i9xx
display driver. Version: 2:2.99.917+git20180925-2; Size: 1606.2k;
Installed: 3202k; Homepage:
replaced-url
1572[17:18:32] <tomreyn> pileofstraw: did you run a different
kernel version and / or debian (or other linux distro, or even other
OS) on this system fine previously (and how long ago was that)?
1574[17:19:03] <pileofstraw> tomreyn: these were previously
running stretch and I remote dist-upgraded them to solve a
possibly-related problem with a totally different system.
1575[17:19:08] <pileofstraw> that problem is documented here:
1576[17:19:52] *** Quits: DEB-alain (~DEB-alain@replaced-ip) (Remote host closed the connection)
1579[17:20:23] <pileofstraw> Moving to Buster stopped this
specific lockup from happening, but now it seems to just lock up
after boot and when X is running
1580[17:20:33] <tomreyn> so you're saying you release
upgraded multiple systems with the same hardware configurations from
stretch to buster, because a different system than the one freezing
on buster experienced these lockups previously?
1581[17:21:19] <pileofstraw> Of the 300 systems I have involved
here, 1-3 of them lock up every day. So far over the course of this
dozens of them have locked up.
1582[17:21:29] <pileofstraw> So I hypothesized this problem was
common to all of the identical systems.
1585[17:21:50] <pileofstraw> it's not fun and very expensive
and very humbling.
1586[17:22:37] <braingain> my Kaby Lake Mac also hangs up from
time to time 1/14 days
1587[17:22:53] <tomreyn> hmm that's not very reproducible,
but at least it is.
1588[17:23:11] <lwp> pileofstraw, I don't know the answer to
your question about uninstalling
1589[17:23:34] <pileofstraw> So the problem described in the
above stackexchange I managed to reproduce by putting 9 of these
machines on a bench and cron-rebooting them every 2 minutes as it
happened during soft reboots
1590[17:23:43] <pileofstraw> And it would take about 24h before
all 9 would be crashed.
1596[17:24:38] <pileofstraw> I am looking into getting systemd to
persist its journal across all 300 machines, in case there is a slim
chance I get a crumb of logging in systemd that I'm not
currently getting in the traditional /var/log files
1597[17:24:47] <pileofstraw> but I feel like that'll be 15
hours of work to learn nothing
1598[17:24:58] <tomreyn> i assume firmwares are all up to date?
1599[17:25:35] <joepublic> pileofstraw, is this helpful
information?
replaced-url
1600[17:25:46] <rozenglass> pileofstraw: there are two intel
video drivers as far as I understand, the xserver-xorg-video-intel
one, and a built-in one in core. If you install the *-intel one,
then it is used by default. If you uninstall it, then the built-in
one is used instead. The built-in driver is the recommended one in
most cases.
1603[17:26:37] <pileofstraw> tomreyn: the most recent thing I did
was puppet-deploy firmware-misc-nonfree to all the machines, dmesg
was definitely reporting that it was probably missing firmware while
loading the i915 kernel module
1604[17:26:38] *** Quits: frgo_ (~frgo@replaced-ip) (Remote host closed the connection)
1605[17:26:42] <pileofstraw> but since then I've had more
machines lock up.
1609[17:27:44] <tomreyn> unfortunately intel linux drivers are
discomposing lately, not just the gpu ones. and then there are the
rapid less tested microcode updates.
1610[17:27:49] <tomreyn> had you tried dis_ucode_ldr ?
1611[17:27:54] *** Quits: uniqdom (~uniqdom@replaced-ip) (Remote host closed the connection)
1612[17:28:17] <tomreyn> that'd make them fall back to the
ucode that's embedded in the mainboard firmware
("BIOS")
1613[17:29:36] <pileofstraw> tomreyn: from here
replaced-url
1620[17:30:42] <pileofstraw> joepublic: so far this is very up my
alley and I wish I had found this sooner, thank you
1621[17:30:56] <tomreyn> hmm you're right, the ucodes are
less likely to be the cause of the new lockup, but more likely of
the old ones (locking up during initrd load)
1634[17:35:43] <pileofstraw> rozenglass: thank you for this
explanation, I will remove xserver-xorg-video-intel from all these
machines (after testing)
1635[17:35:44] <tomreyn> i915 is the kernel module, xorg drivers
are 2d drivers for X, they are orthogonal, can't be directly
compared
1641[17:38:45] <tomreyn> pstore is handy on uefi systems, and
this should be uefi systems
1642[17:38:54] <pileofstraw> definitely uefi
1643[17:39:01] *** debhelper sets mode: +l 1258
1644[17:39:38] <pileofstraw> tomreyn: the i915 vs xorg driver
delineation is one of the things i am finding so confusing, i need a
better primer on how these components interrelate
1645[17:40:24] <pileofstraw> not only that but i keep reading
that i should be using mesa
1650[17:44:12] <tomreyn> mesa is the generic open source graphics
stack. you are using it whenever you use intel or amd gpus with open
source kernel drivers.
1653[17:45:09] <rozenglass> pileofstraw: mesa is basically an
opengl implementation for 3D accelerated graphics. Unless you are
using Nvidia proprietary drivers, then you are most likely using
mesa.
1654[17:45:11] <tomreyn> mesa is needed for 3d graphics
acceleration
1661[17:48:06] <tomreyn> there also vulkan, though, to makes
things even more complicated for you ;)
1662[17:48:07] <johnfg> Just wanted to say thanks to those who
helped me out yesterday. I've got /var moved to another logical
volume, and the system is running properly. Just needed to correct a
few mistakes.
1663[17:48:21] <rozenglass> pileofstraw: honestly, I think
getting xorg and general journal logs from the previous locked boot
is most likely your best chance by now.
1684[18:04:51] <quarterback> I'm getting messages in debian
to install security updates everyday. Is it really necessary? Can I
just turn the message off? I have nftables intalled. It seems like
the system is secure.
1694[18:07:42] <quarterback> I must have used a testing
repository in debian somewhere.
1695[18:08:39] <quarterback> How do I enable equalizer in pulse
effects? All other options can be modified but the equalizer option
is not highlighted.
1697[18:08:52] <pileofstraw> rozenglass: final syslog messages on
this particular machine are dhclient trying to DHCP on its wifi
interface (which I am not using) and not getting anything
1699[18:09:21] <pileofstraw> Then the next line is Apr 29, 7:17pm
when our tech was on site
1700[18:09:23] <somiaj> quarterback: Installing the security
updates is suggested. It is often only one or two packages per
update, and only targeted fixes to fix the security issues. These
are all documented in the DSA annoucments.
1702[18:09:41] <rozenglass> pileofstraw: If you have syslog from
previous boots, then I don't think persisting journald will you
much more, as far as my experience they're almost identical on
debian
1703[18:09:46] <quarterback> somiaj, I will take a look at that.
Thanks.
1704[18:09:51] <pileofstraw> that is what I was afraid of.
1705[18:11:31] <rozenglass> pileofstraw: and the kern.log? do you
have it from before the lockdown? what's near the end of it?
1724[18:21:19] <rozenglass> pileofstraw: do you have Xorg logs?
1725[18:21:35] <pileofstraw> xorg by default stores this boot and
the last boot, I think. So nope.
1726[18:21:43] <pileofstraw> but I will when my tech reboots the
2 that are currently locked up, ugh.
1727[18:21:59] <oxek> Should I install pylint using `apt install
pylint` or `pip install pylint`? I don't really understand the
distinction.
1728[18:22:57] <rozenglass> pileofstraw: if you are using debian
9+ then the Xserver can be run without root, and depending on how
it's run the logs might be in the user's home
(~/.local/share/xorg) instead of /var/log
1730[18:23:18] <somiaj> oxek: you should install the debian
packages if you want it on your debian system.
1731[18:23:37] <somiaj> oxek: the difference is pylint packaged
by debian is teted to work with debian, pylint from pip will install
the latest version, which isn't fully tested.
1735[18:24:05] *** Quits: beardface (~bearface@replaced-ip) (Remote host closed the connection)
1736[18:24:15] <oxek> ah, so whenever I have the option, I should
use debian version?
1737[18:24:22] <oxek> and use pip for any venv?
1738[18:24:28] <rozenglass> oxek: `apt` is the official Debian
package manager, `pip` is a python-specific package manager. `pip`
is better used when developing python packages generally
1739[18:25:11] <rozenglass> oxek: yes, when you have the option
it's best to use the debian version
1740[18:25:47] <somiaj> oxek: it depends on your use case, I
woudln't use pip on your debian system. I would create a
virtual enviorment if you need to install stuff either not in
debian, or of different versions
1741[18:26:41] <oxek> My usecase is setting up vscode and wanting
some linter.
1742[18:26:51] <oxek> So I guess pylint using apt it is
1743[18:26:51] <somiaj> getting in the habbit of using pip
outside a debian system could lead to other issues depending on what
you install with it
1744[18:27:32] <oxek> is it possible to use the debian versions
of packages in the virtual environemnts?
1745[18:27:38] <somiaj> which is the main reason for virtual
enviroments, to be able to isolate all the python libaries/programs
you need for a specific action and have it be independent of your
main system.
1749[18:29:19] <rozenglass> oxek: Just don't use any global
installation method using language-specific package managers
(don't ever type sudo before them) I've had awful breakage
back in the day because of that XD
1753[18:31:03] <rozenglass> oxek: what I would sometimes do, is
modify the config of the language-specifc package manager to install
into my home directory instead of on a system-level. Then you can
add the installation path to your $PATH environment variable, and
you'd be able to use the binary tools almost like any other
debian-specific package.
1754[18:31:34] <somiaj> rozenglass: that is the whole point of
the python virtual enviroments I keep mentioning, you can install
things there (they can be owned by a user or root) and be completely
independent of the system.
1755[18:31:52] <pileofstraw> ok actionables: 1) check fresh xorg
post-crash logging, 2) make X use the intel i915 driver, 3) update
intel microcode
1756[18:31:53] <oxek> I'm just starting with this, so I
don't yet understand fully what you wrote, but I am making a
note of it. Thanks for trying to help.
1757[18:31:57] <pileofstraw> x 300 and then wait.
1758[18:32:26] <somiaj> pileofstraw: do you really want to use
the i915 driver, most suggest using the modesetting driver these
days (which talks to the kms i915 module)
1759[18:32:34] <oxek> I already know to not blindly use sudo when
something doesn't work
1760[18:32:42] <somiaj> the xorg-video-intel really isn't
needed and the modesetting driver is prefered is my understanding
1761[18:33:07] <somiaj> pileofstraw: also some intel cards need
firmware, firmware-misc-nonfree I think is the package that has it
1763[18:34:12] <rozenglass> somiaj: I haven't used any
python virtual envs, so I'm not sure, can you call binaries
inside the env from outside the env? Would it be safe to set a $PATH
into the insides of a virtual env? I had the impression that the
applications that create and handle the envs do other things to set
it up.
1764[18:35:41] <somiaj> rozenglass: I would look them up, the
whole point of them is to be able to have multiple enviorments with
different versions of python packages, compeltely independent of the
system
1766[18:36:26] <annadane> yes you can call virtualenv binaries
outside of it, it just has to be in your path
1767[18:36:27] <rozenglass> pileofstraw: 1) yup, that might be
helpful, 2) I'm not sure what you mean here, do you want to
re-install the xorg-video-intel drivers? 3) okay :)
1768[18:36:28] <oxek> to verify, I probably am never gonna need
or want multiple independent versions of pylint, so installing it
using apt should be what I want, yes?
1769[18:36:52] <pileofstraw> Got it, so rather than i915,
uninstall xserver-xorg-video-intel on all machines.
1784[18:40:12] <somiaj> pileofstraw: if you have the modesetting
driver, it should be used by default, so having
xserver-xorg-video-intel installed won't matter. You can check
the Xorg.0.log to see what driver is actually used, and provide a
small xorg.conf.d/ snippit to force one over the other. There might
be rare cases the intel driver works better, but most things aer
switching to the generic modesetting driver and using kms
1785[18:40:18] <somiaj> standards, vs a single driver per gpu
manufacture
1786[18:40:19] <rozenglass> pileofstraw: 300 machines sound like
fun :) what do you use them for if you don't mind me asking
1788[18:44:04] <rozenglass> somiaj: I don't know about the
latest debian versions, but at some point early when the modsetting
driver was newly being advertised, I clearly remember installing the
-intel driver and it automatically taking precedence (reintroducing
my screen-trearing issues). So checking the logs to confirm which
one is loaded is probably good. uninstalling the -intel driver is
100% guaranteed to not have it loaded :P
1790[18:45:43] <somiaj> rozenglass: which is why I said you can
check the Xorg.0.log file to see what driver is being loaded, and
use an xorg.conf.d/ snippit to configure what one is used.
1791[18:46:05] <somiaj> personally I like having both installed,
so I can compare the two, as somtimes the intel driver does work
better, but less and less as times go on
1814[19:06:58] <pileofstraw> based on this xorg log it looks like
it is already using modesetting
1815[19:07:24] <pileofstraw> So I have no idea what best practice
is at this point. If it's already using the generic modesetting
driver and locking up, I guess I need to change something.
1816[19:07:41] *** Quits: klokken (~klokken@replaced-ip) (Remote host closed the connection)
1854[19:19:14] <Azathoth2533> Yes. It is linked in mine as well.
But I mean to remove /var/run.
1855[19:19:31] <oxek> somiaj: yeah I was confused by the guide on
the pylint website where it just called it pylint
1856[19:19:55] <somiaj> Azathoth2533: what would you gain from
that? The only way to do that is to ensure that all software that
uses /run to store data uses /run and not /var/run, and due to this
link not all software could be updated.
1859[19:21:08] <somiaj> I personally don't see what removing
a link will achive, besides possibly breaking software that
didn't move from /var/run to /run as standards evolved
1860[19:21:18] <Azathoth2533> I have installed bedrock on top of
debian. And it appears it only needs one of them.
1862[19:22:05] <paradigm> Azathoth2533: Bedrock should create
that symlink for you
1863[19:22:10] <Azathoth2533> I am instructed to keep one of them
and then repair the system.
1864[19:22:35] <somiaj> you only have one of them, the link is
just to ensure that software that is still using /var/run puts
everyting in /run (a single location)
1869[19:23:35] <paradigm> Azathoth2533: On my Bedrock+Debian box,
/var/run is a symlink to /run, which is a directory. That's
probably what you want to mimic.
1870[19:24:44] <paradigm> I'm guessing your system somehow
has both /var/run and /run as real directories; I have no idea how
that happened. Presumably you can remove the directory at /var/run
and make it a symlink to /run (or just remove /var/run and reboot,
in which case Bedrock should create that symlink)
1876[19:26:55] <somiaj> for a running system you may want to copy
/var/run to /run frist before turining it to a link (or do this form
a live system where the data in /var/run may not affect a running
program)
1877[19:27:31] <somiaj> and yes if /var/run is not a link,
something is setup incorrectly, the link is what makes everything
use a central location
1887[19:30:22] <paradigm> For Azathoth2533's purpose,
Bedrock is kind of like a chroot manager, and he's got debian
in a chroot; it's not wholly unfitting. But yes, #bedrock
probably would have been a better place to ask.
1888[19:30:35] <oxek> I suppose debian can be the starting point
for bedrock
1892[19:32:45] <Azathoth2533> Removing /var/run and rebooting did
not work.
1893[19:33:04] <somiaj> ahh okay, yea we support the actual
container/chroot, though in this case something happened on the
creation level if it isn't creating it to debian's
standards.
1894[19:33:19] <somiaj> Azathoth2533: you needed to make /var/run
a link to /run, my guess is software creates that directory if it
didn't exist
1895[19:34:33] <paradigm> Bedrock just uses debootstrap to set it
up. I can't reproduce a difficulty there, it works fine for me.
1898[19:35:53] <Azathoth2533> @somiaj I have both of them
present. And they do contain similar files. How do I symlink
/var/run to /run? Or see if it already is?
1916[19:43:37] <Azathoth2533> It worked. I think I transitioned
from /var/run to /run from the output.
1917[19:43:49] <pileofstraw> After reading a lot about
intel-microcode I am going to install it on 300 machines and see if
that gives me some stability. I think thats the best I got right
now.
1918[19:43:58] <pileofstraw> my cpu is listed on the microcode
update guidance
1919[19:44:14] <somiaj> Azathoth2533: yup, what the link does is
make it so /run and /var/run are effiectivally the same location,
but applications can use either.
1920[19:44:26] <somiaj> pileofstraw: are these really new
machines?
1921[19:44:39] <somiaj> pileofstraw: also 300 machines, is this a
lab, wondering why you are using xorg on so many machines?
1922[19:45:35] <somiaj> pileofstraw: note you may also want to
see if a firmware update for the machines is available, you probably
can't deploy this, but firmware updates will contain new
microcodes, and maybe other fixes to the firmware fo the machines
1923[19:45:54] <somiaj> (by firmware I mean what use to be called
bios, you get from the manifacture)
1924[19:46:22] <pileofstraw> I'm sure they have Intel
"bios" updates as they've been in the field for quite
a while. To do that would involve recalling them.
1925[19:46:38] <pileofstraw> They are all NUC7i5BNK machines, not
a lab. they are deployed across Canada.
1926[19:46:43] <pileofstraw> digital signage machines
1927[19:47:33] <pileofstraw> So some were purchased recently, in
the last six or nine months, but this particular model was launched
Q1 2017
1928[19:48:15] <somiaj> ahh yea, unless you have local
tech's firwmare updates will be not possible. microcode will
address cpu issues, but you could have other issues.
1929[19:48:17] *** pyre is now known as pyre_
1930[19:48:51] <pileofstraw> other issues that the microcode will
not address, or do you mean that a microcode update will cause other
issues?
1931[19:49:02] <somiaj> If you have some of them locally you
could see and try firmware updates, and if that works maybe think
about how to get a local tech to slowly upgrade them. Hopefully the
microcode works. You could also try backport kernel/firmware, but I
would avoid this if you can for security issues.
1932[19:49:04] <pileofstraw> fwiw these machines have a variety
of bios versions on them.
1933[19:49:15] <Azathoth2533> @somiaj I am again asked to remove
one of the directories. Is there any way I can remove /var/run
entirely?
1934[19:49:23] <somiaj> pileofstraw: the micorcode update will
only affect the cpus, if there were other firmware issues (acpi,
etc) you can't do this user land.
1935[19:49:26] *** Quits: Zardoz (~Zardoz@replaced-ip) (Remote host closed the connection)
1936[19:49:41] <somiaj> Azathoth2533: why? There is no point, you
only have one directory and one linke.
1937[19:50:26] <somiaj> Azathoth2533: some software still uses
/var/run, what the link does is ensure that such software stores its
run data in /run, I see no reason you need to remove that link, the
link takes up basically 0 space, and allows applications to use
/var/run to put data in /run without rebuilding the softweare
1938[19:50:33] <Azathoth2533> @somiaj Why am I notified at init
to keep only one of them.
1939[19:51:18] <somiaj> I don't know, on debian there is a
link, and I have never seen the message you ahve seen.
1940[19:51:24] <somiaj> Azathoth2533: what is the output of
'ls -ld /var/log'
1941[19:51:35] <somiaj> arg 'ls -ld /var/un'
1942[19:51:36] <pileofstraw> somiaj: makes perfect sense. Short
of recalling them all or spending a hundred tech hours I will have
to take whatever fixes I can get. I just wish this was more
reproducible.
1943[19:51:37] <somiaj> arg 'ls -ld /var/run'
1944[19:52:07] <somiaj> pileofstraw: yea, I would start with the
microcode and help. Why is xorg running on these machines? do people
actually locally use xorg at all?
1945[19:53:43] <oxek> on a similar note, anyone know if debian
has a plan to change the mountpoint of /boot/efi to simply /efi?
1952[19:54:58] <pileofstraw> nothing is used locally on these
machines, they are all remotely installed in signs. I feel my
phrasing will be wrong but X is what's showing our ad stack on
the attached LCD displays
1953[19:55:01] <somiaj> Azathoth2533: I dont think you can delete
that directory and then ln -fs /run /var/, while the system is
running nativelly.
1954[19:55:21] <pileofstraw> we're using X as the window
manager to output ads.
1955[19:55:43] <somiaj> pileofstraw: ahh I see, I was just
courious why you were running xorg and hoping you could just remove
it, but that makes sense.
1961[19:57:30] <somiaj> Azathoth2533: oh yea, you ran my
misstyped command, that is better, yea /var/run -> /run is a
link, I do not know why you are being told to remove one. You want
that link there.
1962[19:57:34] <pileofstraw> somiaj: not until i get our
ascii-based ad platform finished =)
1965[19:58:23] <somiaj> pileofstraw: well hopefully the microcode
helps, and these are intel machines not some arm device? Anyways, I
am not use to such hardware, so I can't really be of much more
help
1971[20:00:25] <somiaj> pileofstraw: you do have
firmware-misc-nonfree installed to right?
1972[20:00:58] <somiaj> anyways if microcode doesn't help,
you could try the firmware/kernel from backports, but I would try to
stick witht he stock kernel if at all possible.
1973[20:01:16] <pileofstraw> Yes, on Thursday I rolled that out
to every machine, and was crushed when a few crashed Friday and
today.
1974[20:01:36] <somiaj> assuming you did reboot after the
install?
1975[20:01:43] <pileofstraw> Every machine reboots every night,
yeah
1977[20:02:14] <pileofstraw> I should state openly that I am not
even positive this crash is due to video. I just cannot think of
many things that would hard-lock a debian system and produce
absolutely no logging output.
1978[20:02:24] <johnjay> is there a relatively bugfree way to
start something on graphical login?
1979[20:02:27] <pileofstraw> that leads me to think its something
low level
1991[20:04:52] <somiaj> johnjay: do you want this to run on the
display manager? even .xsessionrc won't run until the user
logins
1992[20:05:19] <somiaj> pileofstraw: depends on the crash, but
kernelpanics dont' often log, and some crashes are just a hard
freeze, not all are kernel panics
1994[20:05:31] <paradigm> Azathoth2533: to be clear, that message
you're seeing when booting is from Bedrock, not Debian. If you
successfully made /var/run a symlink to run and you're still
seeing that message, the issue may be on Bedrock's end, and
#bedrock would be a more suitable place to ask.
1995[20:06:06] <pileofstraw> fair. yeah this one hard locks on
whatever X is showing at that instant, and openSSH (and presumably
all networking) dies
1997[20:06:19] <somiaj> pileofstraw: the fact that this is
happening on multiple machines, i would almost suggest check the
memeory, random lockups/freezes can be due to bad memeory.
1999[20:06:40] <somiaj> but I would highly doubt all the machines
have the same bad memeory
2000[20:06:58] <pileofstraw> I have run memtest86+ on multiple
machines, which is of limited use
2001[20:07:25] <pileofstraw> i'm not sure if you saw the
stackexchange link I posted but when I was diagnosing the boot issue
I also changed memory and could still reproduce it.
2002[20:07:31] <pileofstraw> but maybe that's unrelated.
2005[20:08:26] <somiaj> well I'm not sure what is best,
maybe 1) try micrcocode, 2) get a single machine locally, update
firmware. If it is firmware, you are just gonna have to figure out
how to get a tech to each system.
2006[20:08:27] *** Quits: Ericounet (~Eric@replaced-ip) (Remote host closed the connection)
2009[20:08:59] <somiaj> The only other thing you may want to try
is build a custom kernel and disable features you are not using.
2010[20:09:16] <somiaj> though this really isn't needed in
this day and age, but it is something you could test on a local
machine just to try to help diagnose things
2042[20:36:37] <pileofstraw> deploy enough machines and
we'll get hit with everything that hits the industry, I suppose
2043[20:36:57] <rozenglass> yeah :)
2044[20:38:46] <rozenglass> pileofstraw: sorry I haven't
looked at your xorg logs because pastebin is blocked in the country
I'm in, and I don't have the laptop with tor/bridges/vpn
on hand
2045[20:40:40] <johnjay> somiaj: ah i didn't know the
distinction. i want it to run after i login
2046[20:40:48] <johnjay> so putting something in .xsessionrc
makes Xorg run it for everybody?
2074[20:51:39] <frikinz> then use bridges. I host a hidden one
for that purpose.
2075[20:51:40] <rozenglass> wikipedia was blocked for more than
two years, and only recently the constitutional court declared the
block unconstitutional, and so it was unblocked
2076[20:52:13] <rozenglass> frikinz: I do use bridges when I need
to :)
2077[20:52:33] <frikinz> Good. That motivates me to keep on
hosting that
2078[20:52:42] <rozenglass> pileofstraw: so, according to the
logs you have Iris Plus Graphics
2079[20:53:57] <oxek> why don't people use paste.debian.net
in #debian...
2081[20:54:12] <annadane> they want to be different, i guess
2082[20:54:26] <ratrace> it's broken, often marks as spam
something that isn't, and prevents posting
2083[20:54:29] <rozenglass> frikinz: thanks for hosting it :) in
extreme cases like during the military coupe attempt, only such
efforts helped us know what the heck was going on. With planes
flying everywhere, explosions, and firefights breaking all over the
place, it's very awful to not know what's going on.
2084[20:54:51] <rozenglass> pileofstraw: I found this
replaced-url
2085[20:54:52] <annadane> p.d.n is broken? really?
2086[20:55:11] <oxek> I haven't been able to use
pastebin.com in years due to blocking, but pdn never failed me
2087[20:55:51] <annadane> i know p.d.n says you have to insert at
least two line breaks for small pastes, but...
2088[20:55:55] <frikinz> rozenglass: yeah I've been in such
countries and I've been fighting censorship for like 20 years.
Good luck
2089[20:56:34] <rozenglass> frikinz: I'm actually from Syria
originally, so Turkey is a breath of fresh air for me :)
2090[20:56:54] <rozenglass> pileofstraw: and
replaced-url
2107[21:01:30] <somiaj> oh haha, yea that site (.net) is
community run, can be slow and goes down. termbin.com is a nice one
to use and easy from the command line
2108[21:01:33] <somiaj> !termbin
2109[21:01:34] <dpkg> well, termbin is you can paste to
termbin.com from terminal via: cat /path/to/file | nc termbin.com
9999
2113[21:02:54] <jmcnaught> surely dpkg means 'nc termbin.com
9999 < /path/to/file'
2114[21:03:00] <jhutchins> !gpm
2115[21:03:00] <dpkg> gpm (General Purpose Mouse) is a package
for use of the mouse in a Linux (text-only) console. Install it,
then use left button to select text, middle or right button to
paste. In some applications (such as elinks), you have to hold down
Shift in order to cut or paste, otherwise the application itself
interprets the mouse clicks.
replaced-url
2116[21:03:53] <somiaj> what about echo or any other ways get
info
2117[21:04:26] <somiaj> so piping is nice, but the example there
is like nails to a chalkboard for all those who don't like to
cat a file into less or grep
2179[21:46:59] <pileofstraw> Well logging into a machine via SSH
and running hardinfo I get a pile of output but it gets to GPu
Drawing and just ends.
2180[21:47:05] <pileofstraw> which makes sense as its likely
dependant on X
2181[21:47:31] <pileofstraw> so running export DISPLAY=:0 first
seems to cause it to run properly in X instead of in the ssh session
2182[21:48:01] <pileofstraw> and I'm just left with a blank
line that will accept keyboard input (so it's not locked up)
and presumably all sorts of fun draw-y things are happening in X
2189[21:51:37] <rozenglass> pileofstraw: whoops, yes, those
issues are about a different architecture. If it was not
reproducible in the way described in the issue, then trying the
workarounds is probably not worth it
2190[21:51:55] <lwp> pileofstraw, can you use ssh -X when you
connect ?
2191[21:52:16] <rozenglass> pileofstraw: I have to go sleep now,
sorry I couldn't be of more help
2192[21:52:23] <somiaj> though ssh -X might not trigger gpu
issues on the host
2193[21:53:11] <pileofstraw> rozenglass: I appreciate the help
you have given, thanks so much!
2205[22:01:32] <tyzef_> so two problem I see here... of course me
first, I may had simply fixed the matter with that command from the
beginning means 1 week ago... the other possibility, it really come
from the kernel
2207[22:02:04] <somiaj> tyzef_: you could also use
snapshot.debian.org to install all the kerneles between the one that
worked and the current one, identify the exact kernel that the
regression occurs and report a bug.
2258[22:20:35] <gswan> Hey can anyone tell me what xen and or
libvirt is? Ive used qemu to emulate arm devices on my x86 machine
and kvm to emulate x86 machines, but i dont know what those other
ones do.
2259[22:21:03] <somiaj> tyzef_: you should see debian, and then
another option right below it, you go down, select that option, and
all the other kenernels you have installed should become avaialbe to
choose.
2260[22:21:49] <somiaj> gswan: qemu-kvm are often used together,
qemu is full software emulation of different hardware, kvm uses the
hardware emulation features of modern cpus, so even with using kvm,
one often uses parts of qemu for network enumlation and what not.
2263[22:22:31] <somiaj> gswan: xen is a completely different
model of emulation, xen uses the hardware emulation (simlar to kvm)
but does things in a container, so all instances using xen share the
same kernel, while with kvm they emulate the whole hardware and have
indvidual kernels.
2264[22:23:03] <somiaj> gswan: xen has some preformance increases
because of the shared kernel, but other issues (you must use the
same arch as the host, you must use a container that is compadable
with the host's kernel, etc)
2268[22:24:10] <somiaj> gswan: libvirt is a libary, or collection
of tools that allow you to manage virutal machines. libvirt can work
with qemu-kvm (what I use it for), it can also work with with
virtualbox, and might even work with xen (unsure here). libvirt
gives tools like virsh and virt-manager to make manging virtual
machines easier than calling qemu or kvm directly with all the
different comand line options you may need
2269[22:24:16] <somiaj> for a particuarl vm.
2270[22:24:27] *** Quits: rabbitear_g (~rabbitear@replaced-ip) (Remote host closed the connection)
2281[22:27:17] <somiaj> tyzef_: if not, run update-grub
2282[22:28:44] <gswan> OK so i get QEMU, KVM, libvirt, but what
do yoj mean that xen shares kernels? LIke it can use just 1 single
kernel for, say 3 vms?
2283[22:28:58] <somiaj> gswan: lxc and docker are other container
like methods, they are a bit different from xen, but function
similarly in that you use containers and share the kernel.
2284[22:29:08] <somiaj> gswan: do you know what a chroot (or bsd
jail is)?
2288[22:29:44] <gswan> so is it just like docker, but it emulates
the whole root filesystem?
2289[22:29:55] <somiaj> gswan: xen is a very advanced
chroot/jail, in which all instances share the hosts kernel, but have
their own userspace (so one container can't access anotehrs
infromation)
2290[22:30:38] <somiaj> gswan: there are differences between xen
and docker, but similar in that xen provides containers, though it
is from my understand more powerful than docker or lxc, in how
isolated and independent the containers are. I don't use either
so I only know the vague basics.
2291[22:30:55] <somiaj> xen's containers are way closer to a
full vm than a docker conatiner
2312[22:42:41] <tyzef_> still no choice in grub...
2313[22:42:44] <somiaj> tyzef_: you should follow a bit closer, I
don't need to check every thing. You need to boot of the newer
kernel to test it. If you don't see it in grub run
'update-grub' as I said.
2314[22:42:58] <somiaj> oh wait, you did run update-grub
2321[22:44:40] <rekishi> I have a dumb question concerning issues
in UL, I recently purchased a new(to me) server, the previous owner
had no performance issues, and it will UL/DL full speed inside the
network and DL fullspeed from outside the network but throttles the
hell out of outbound traffic, initially I noticed a dying drive so I
replaced the OS drive, but the issue persists and doesnt persist
when using Kubuntu
2330[22:48:27] <somiaj> tyzef_: oh wait, I see, does the wireless
card work with that kernel? That is the newest kernel, and not the
one from the netinstaller.
2359[22:58:37] <Gigglebyte> rekishi> Supposed to be
2360[22:58:38] <sney> you can download the zoom deb from their
website and use it on buster. as you said, it's proprietary so
it's not distributed by debian
2361[22:59:20] <rekishi> any ideas on whats throttling my UL?
2362[22:59:22] <sney> there is a f/oss program called jitsi that
does the same thing. it's not currently in debian either but I
think the process is ongoing to get it uploaded.
2363[22:59:54] <sney> rekishi: is that bare metal or a VM?
2366[23:00:06] *** Quits: dastier (~dastier@replaced-ip) (Remote host closed the connection)
2367[23:00:25] <sney> hmm. what network hardware?
2368[23:00:30] <rekishi> whats REALLY weird, is that the old OS
drive and the new OS drives were WD Blacks, and a WD blue was
beating it
2369[23:00:47] <rekishi> but since there wasnt an issue before i
dont think its a hard drive issue
2370[23:01:13] <Gigglebyte> is zoom meeting in the repos? I see a
Zoom something, but realize proprietary software is not in the
repository.
2371[23:01:26] <sney> Gigglebyte: I already answered your
question. please read.
2372[23:01:50] <rekishi> Gigglebyte:
2373[23:01:54] <rekishi> fug
2374[23:02:29] <tyzef_> somiaj, does the problem had been because
i changed something as well, before in my wifi router password, ther
was some ! and ? and I now had removed them...
2375[23:02:31] <Gigglebyte> sney> the file on zoom's
website doesn't work, and it looks like the filename has been
changed, or isn't correct.
2376[23:02:46] <sney> !doesnt work
2377[23:02:46] <dpkg> "Doesn't work" is a vague
statement. Does it sit on the couch all day long? Does it
procrastinate doing the dishes? Does it beg on the street for
change? Please be specific! Define 'it' and what it
isn't doing. Give us more details so we can help you without
needing to ask basic questions like "what's the error
message?". Ask me about <smart questions>, <sicco>
and <errors>.
2378[23:03:15] <sney> that said, I use the zoom deb on my buster
laptop and it's fine, and support for 3rd party software is not
offered in this channel anyway
2380[23:05:33] <rekishi> sney: so far this is what testing I have
done, 1. changed ports 2. changed OS drives 3. Changed distros. What
I found was that changing ports did nothing (shocker since theyre
the same NIC) changing the drives did nothing (5Mb to 7Mb) and
changing distros alleviated the issue. howevever the distro test was
without going back and setting up all the services that run on my
buster box.
2381[23:05:56] *** Quits: gswan (~gswan@replaced-ip) (Quit: Lost terminal)
2382[23:05:57] <rekishi> the major network hogs on the debian box
rn are transmission, apache, ssh
2383[23:06:05] <sney> rekishi: what network hardware is it?
I've seen bnx2 have some weird behavior with MTU configuration
2384[23:06:53] <rekishi> its a SFP+ card with a SFP+ to RJ45
adapter, its something on an inventec board
2389[23:11:38] <sney> still, I'd look at the MTU size.
having it set too large can result in fragmentation and/or a lot of
transmission retries, which manifests as reduced speed
2415[23:24:08] <cyveris> I'm aware; that also wasn't
really my question. I know that they CAN. I'm interested in
what IS.
2416[23:24:09] <rekishi> stopping them changed nothing, and they
were running before on the old metal with no issues
2417[23:24:23] <cyveris> Well, something is causing them to send
a ton of traffic outbound.
2418[23:24:47] <cyveris> How are you measuring their activity,
network-wise?
2419[23:24:56] <cyveris> At the firewall, or elsewhere?
2420[23:25:42] <rekishi> its an assumption theyre hogging
bandwidth, however the only way I am testing UL is using
speedtest-cli which is still telling only 3.5Mb up
2421[23:26:06] <rekishi> previously I tested bias by having a
friend DL from my box but had similar results
2440[23:36:45] <jaakkos> I wanted to use Property= [Match] rule
with systemd, which was introduced in v.243. Buster backports has
244.3-1~bpo10+1, and /usr/share/doc/systemd/NEWS.gz lists this
feature; it's documented here
replaced-url
2441[23:37:18] <jaakkos> However, it's missing from
'man 5 systemd.link', and the feature is not recognized by
systemd. I wonder what's up with that.