62[00:31:30] <genr8_> What am i supposed to do if I want that
on buster ?
63[00:32:35] <JordiGH> ,ssd ima-evm-utils
64[00:32:39] <sney> ,checkbackport ima-evm-utils
65[00:32:40] <judd> Backporting package ima-evm-utils in
sid→buster/amd64: all build-dependencies satisfied using
buster.
66[00:32:48] <JordiGH> genr8_: Do a
67[00:32:48] <JordiGH> ,ssd
68[00:32:52] <sney> !ssb
69[00:32:52] <dpkg> First, check for a backport on
<debian-backports>. If unavailable: 1) Add a deb-src line for
sid (not a deb line!); ask me about <deb-src sid> 2) enable
debian-backports (see <bdo>) 3) apt update; apt install
build-essential; apt build-dep packagename 4) apt -b source
packagename 5) dpkg -i packagename-ver.deb To change compilation
options, see <package recompile>; for versions newer than sid
see <uupdate>.
73[00:33:52] <dpkg> backports.debian.org (formerly
backports.org) is an official repository of <backports> for
the current stable (see <buster backports>) and oldstable
(<stretch backports>) distributions, prepared by Debian
developers. Ask me about <backport caveat> and read
replaced-url
76[00:35:50] <genr8_> its not in the buster backports
77[00:36:00] <sney> genr8_: correct, now actually look at the
other factoids
78[00:36:08] <sney> they are instructions for how to backport
it yourself
79[00:37:19] <RadoS> ratrace, removing "quiet" makes
it display all the kernel messages, which I don't want to see,
but it also enables the systemd service startup messages?
81[00:37:48] <RadoS> Now, when 2 systems have both quiet set,
what else influences the output of systemd service startup?
82[00:38:30] <RadoS> ratrace, '?' -> '!'
83[00:38:59] <genr8_> Nice. i figured it out. thanks
84[00:39:01] *** debhelper sets mode: +l 1136
85[00:39:47] <genr8_> Can we get someone to backport
ima-evm-utils and libimaevm0 from sid to buster officially ? the
dependencies were easily satisfiable
86[00:40:18] <RadoS> ratrace, how to check for
"plymouth"?
87[00:40:56] <sney> genr8_: you can request it by emailing the
backports list,
replaced-url
88[00:41:26] <sney> genr8_: though if you are in a hurry
it's a better approach to try building it yourself
106[00:52:40] *** Quits: elpelado (~elpelado@replaced-ip) (Remote host closed the connection)
107[00:53:31] <derpadmin> hello all, the latest kernel
(vmlinuz-4.19.0-10-amd64) does not boot on my box... no big deal,
just reverted to vmlinuz-4.19.0-9-amd64 but I am wondering what can
be the issue, it went straight to kernel panic, cant mount root
volume
121[00:59:51] <sney> as long as you have enough room in /boot
you can have as many kernels installed as you want.
122[01:00:00] *** Quits: tagomago (~tagomago@replaced-ip) (Remote host closed the connection)
123[01:00:02] <derpadmin> boot is at 2%
124[01:00:21] <sney> apt will suggest to autoremove older
kernels that you aren't using, but you can 'apt-mark
manual' any package to keep it off the autoremove list
125[01:00:54] <sney> afaik only aptitude with autoremove
packages without you explicitly telling it to
167[01:20:30] *** Quits: fr1endly_gh0st (~fr1endly_@replaced-ip) (Remote host closed the connection)
168[01:21:14] <derpadmin> genr8_, I don't think so no
169[01:21:56] <derpadmin> I have 4 ssd disks, software raid 5
170[01:22:23] <eblip> test
171[01:22:33] <derpadmin> tried all of them, no joy
172[01:22:39] <derpadmin> kernel panic
173[01:22:56] <dvs> !test
174[01:22:57] <dpkg> Test failed.
175[01:23:23] <joepublic> failed successfully?
176[01:23:56] <sney> try following this to see where the boot
process actually fails, there are a few steps that seem instant on
modern hardware.
replaced-url
178[01:25:09] *** Quits: frostschutz (~frostschu@replaced-ip) (Remote host closed the connection)
179[01:25:26] <genr8_> yes check cat /proc/cmdline, and press
"e" on your grub-configuration or check
/boot/grub/grub.cfg to see if you have any weird options trying to
load for 10 and not 9
185[01:32:36] <genr8_> did you read the apt-get messages when
you installed the kernel package ? It should have run a bunch of
commands to re-generate the intramfs and grub and stuff
207[01:40:50] <genr8_> <derpadmin> cryptsetup: WARNING:
The initramfs image may not contain cryptsetup binaries <--- that
would be a real reason why it couldnt load. The question is why are
the binaries missing
208[01:41:05] <sney> assuming derpadmin's fs is encrypted
214[01:41:41] <derpadmin> yeah, it would have raised a flag
215[01:41:57] <derpadmin> let me try to reboot to
vmlinuz-4.19.0-10-amd64
216[01:42:04] <sney> check out the initramfs debug page I linked
earlier, the break=* argument can really narrow this down.
217[01:42:05] <derpadmin> read something about regression
218[01:42:25] <derpadmin> sney : will bookmark and do this next
219[01:42:39] <sney> if you can take a picture of the error on
your screen that can help too
220[01:42:49] *** Quits: derpadmin (~derpadmin@replaced-ip) (Remote host closed the connection)
221[01:43:17] <genr8_> also, you can try with
"verbose" on the grub entry, before you push enter to
boot, push "e" and add verbose to the end of that boot
entry with the UUID
257[01:57:15] <genr8_> why did my grub configuration start
adding "security=tomoyo quiet" to my boot cmd lines
258[01:57:45] <genr8_> I dont want tomoyo right now and i
definitely don't want quiet being forced on... I tried checking
my grub.d files, i cant figure out where its coming from
259[01:58:43] <genr8_> oh im dumb. Its not in /etc/grub.d, its
in /etc/default/grub
309[02:51:21] *** nickola1243 is now known as S3xyL1nux
310[02:51:23] <nvz> after the mountpoint is the options, the
fstype goes before
311[02:51:28] <nvz> erm
312[02:51:36] <nvz> after the fstype is the options rather
313[02:52:48] <nvz> for a homedir if not defaults you probably
at least want auto
314[02:55:55] <Joit> so you mean leave the options blank and
only set the permissions at he fiesystem
315[02:56:24] <nvz> no
316[02:56:30] <nvz> you cannot leave any fields blank
317[02:56:38] <nvz> you can in some cases put none
318[02:57:01] <nvz> what I am saying is that you can just use
"defaults" and set your permissions on the dir of the
filesystem
319[02:57:50] <nvz> if you put none, the filesystem will not
even be mounted at all
320[02:58:19] <Joit> welli had that before, defaults, then seems
i had to add rw, because the xserver didnt start anymore with the
user acc, nly at root
321[02:58:22] <nvz> if you leave it blank it will think the next
field is the options
322[02:58:38] <nvz> yes, the permissions at the filesystem level
were root permissions
323[02:58:54] <nvz> you have to use chmod and chown to
manipulate the permissions of the filesystem
324[02:58:54] <Joit> mm not really, i did chown it before
368[03:14:05] <Joit> hmm, i had to mirror my hdd, had about the
same, but got permission problems with defaults, no i set to
owner,rw, and it seems works better
378[03:16:34] <Joit> but anyway, thanks, at last, i see, what it
is set at normal
379[03:16:53] <sponix2ipfw> My ipt users home directory
permissions
380[03:17:43] <genr8_> Theres a lot of stuff related to EFI
Secureboot and Locking the Kernel Down. and I just started dabbling
in this stuff called IMA / EVM which signs ALL the files on your
drive and some other thing called SMACK that sets security xattrs on
all your files (but i havent figured out how exactly those work yet)
383[03:19:47] <Joit> i chowned my home also before to user rw-
other r, because i have dual boot and a linux reader at windows,
what didnt work anymore with defaults at fstab
384[03:20:18] <Joit> so i assume, something was not proper set
up the way it should be
385[03:20:44] <Joit> it did not even find the user dir anymore
386[03:21:17] <genr8_> i also went through and found any options
I dont need that could be used as attack vectors and disabled them.
Like that EFI_SSDT and ACPI_CONFIG_FS thing . I found out theres an
exploit in the wild for that already. That will make it into the
default 10.6 kernel changes tomorrow for everyone
387[03:21:23] <Joit> now i am only puzzeling between user, owner
or defaults,rw but not sure, wich one is ok
388[03:21:55] <nvz> NEITHER is OK
389[03:22:09] <Joit> ha ha. owner is for now1!!1!
390[03:22:09] <nvz> you do NOT need rw, you do NOT need user,
you do NOT need owner
391[03:22:23] <nvz> owner only means someone who has permissions
to the disk can mount it
392[03:22:29] *** pk_ is now known as pkx
393[03:23:03] <nvz> only root or members of the disk group have
permissions to the disk
395[03:23:23] <nvz> it has absolutely nothing what so !%!#*%
ever to do with who can access it
396[03:24:08] <nvz> only who can _MOUNT_ it
397[03:24:11] <genr8_> I found out theres an
"apparmor-profiles-extra" package with about 5-6 new
programs. It would be cool if we had more AppArmor profiles for
everything
399[03:24:16] <Joit> well, but right now, it seems it depends
how the fstab is set, that the filesystem works better, not sure
why, and i understand, what you mean
400[03:24:20] <nvz> and you probably want it _AUTO_ mounted
409[03:25:20] <somiaj> genr8_: they are slowly being added, and
with apparmor being more default the SELinux, I would expect to see
more apparmor profiles before selinux. Though at some level this are
often best to create (or modify) to fit your risk model.
410[03:26:06] <nvz> rw is a _default_ option, it occurs
automatically when you set "defaults"
411[03:26:07] <genr8_> yeah. I wanna see some more SystemD
security profiles too.
412[03:26:33] <nvz> if you'd stop arguing about nonsense
maybe you can get at what is actually the problem
414[03:28:09] <genr8_> I wish more people were into it, its kind
of 1 level above me, creating my own will be a massive job. I also
like the idea of basic auditing like auditd and IDS change alert
systems like tripwire
417[03:29:46] <Joit> well nvz, its not arguing about nonsense,
it is, what did happen. I SET IT TO DEFAULT and it didnt work. Seems
you only DID NOT GET IT. and if this is to hard to discuss for you,
then please stop and Thank you for your sugesstions. No more need fr
you to bother, when you only can talk "nonsense" by
yourself
418[03:30:13] <nvz> first off its not default, its defaults
421[03:30:27] <nvz> clearly based on our conversation I can tell
you are not a native english speaker
422[03:30:36] <nvz> which is likely part of the problem
423[03:31:02] <Joit> NVZ I DO NOT FUCKING CARE. you can skip
your grammar moaning, it s not objectiv, its more like a dumb excuse
from you for your ..
424[03:31:04] <Joit> crap
425[03:31:40] <Joit> it was defaults, if i repat it here without
the s, it doesnt mean it was in fstab like that, man man man
426[03:32:05] <Joit> i have some backups commentes, and its
definetly defaults, but your only fk problem is, how i spell it in
here?
427[03:32:12] <Joit> you are a waste, really
428[03:32:21] <gry> sorry mate it makes it more difficult to
understand you
429[03:32:54] <gry> i suspect nvz doesn't appreciate being
yelled at, you could say instead "sorry nvz i lack energy today
and this problem is so frustrating, i'll try to be as clear as
i can"
430[03:33:08] <Joit> gry he complains about how i write my mount
point at fstab here, if i write defaults, or default, and thinks,
then it must be wrong in my fstab
431[03:33:28] <Joit> i hope so, he is not really a help, when he
cant stay straigth
432[03:33:39] <gry> when people suggest me to tie shoelaces when
i'm asking about broken glasses, i tie shoelaces and say
"look, the problem is still there"
433[03:33:45] <gry> seems easier than to convince them to change
their mind
434[03:34:33] <Joit> i said that, i said, what is the /home
usually set at at fstab, and said also, i had to mirror my hdd, and
after that, my home didnt really work anymore
435[03:34:36] <nvz> I don't care if he comes here and yells
at me directly.. what bothers me is they are seriously screwing up
their system based on silly assumptions and will likely continue to
ask for support here in the future and this misunderstanding will
only waste the time of voluneer supporters in the future because its
not being addressed now
436[03:35:08] <Joit> man man, i only did want to know, what the
standrad entry for home at fstab looks like
437[03:35:24] <nvz> it just says default
438[03:35:29] <Joit> and sponix answered it well, he gave an
example from his one
457[03:40:41] <nvz> I suggest you revisit what is actually
happening.. verifying your assumptions.. the mount command without
options will show what actually took place
468[03:42:59] <Joit> well, yes, it worked before 2 days alll
with defaults. Then i did repair my dual boot from windows, means, i
loaded a windows rescue cd, fixed the boot, whateer it did, and
voila, linux had the permission problem
469[03:43:57] <nvz> idk it sounded to me like you were accessing
the linux volume from windows
470[03:44:06] <nvz> in something you said earlier
471[03:44:16] <Joit> i still can not really figure out, what did
happen, and home is 650 gb. not sure, where i really can look, only
chown it and chmod it
472[03:44:23] <nvz> which means your windows system
could've corrupted the filesystem when you have an issue with
windows and needed to repair it
473[03:44:50] <Joit> yes, well, i tried to read it, its a
program called linux reader, but it dont makes changes only read it
475[03:45:32] <nvz> yeah.. and I go down chimneys all over the
world in a night delivering toys to children
476[03:45:34] <Joit> so far i know, windows doesnt access linux
partitions
477[03:45:45] <nvz> no, not natively
478[03:46:03] <Joit> well, i set the permission afterwrds again,
did not start windows anymore, but still the error occurs
479[03:46:32] <nvz> to my knowledge you have not shown any
actual errors, or actual information from your system
480[03:46:43] <nvz> all I've seen is stuff that makes
absolutley no sense at all
481[03:46:56] <sponix2ipfw> Joit: you could boot from Debian
live USB and fsck that partition and then mount it and see if root
can view it properly
482[03:46:57] <gry> Joit: what error is it?
483[03:48:08] <Joit> gry i could not start xserver anymore with
the user, only with root. also, i made a backround picture at
lightdm, what never worked at fstab defaults. now i set to owner,
and the backround picture works. but mainly its the problem to
statrt xserver
484[03:48:28] <Joit> sponix i did that also, fsck runs all times
fin
485[03:48:30] <Joit> fine
486[03:48:33] <gry> oh! that sounds a bit inconvenient
487[03:48:34] <nvz> the xserver isn't supposed to be able
to be started as root
488[03:48:39] <nvz> erm as a user
489[03:48:55] <nvz> Joit: have you upgraded from an old debian
release recently?
490[03:48:57] <gry> what happens when you log in with lightdm?
what does it do instead of logging you in?
491[03:49:01] <nvz> when all this started happening
492[03:49:15] <Joit> no, its a fresh installation, no upgrade
493[03:50:19] <Joit> gry it drops me back to the login window,
xserver doesnt start
494[03:50:27] <sponix2ipfw> Joit: you need to rm the Xauthority
dot file in your user's home directory
495[03:50:48] <Joit> when i then alt-F2 to antother console, and
startx, it works for a user without root
496[03:50:58] <sponix2ipfw> Joit: then the user can use X again
498[03:51:50] <Joit> it did load xfce, then i could connect also
at alt-f7, then alt-f2 back to the other console, end the session,
and still running it at alt-f7 ... to confuse now anythin g:p
499[03:52:18] <sponix2ipfw> Joit: running X as root or with sudo
breaks that file
500[03:52:25] <gry> Joit: follow sponix2ipfw's suggestion,
then try to log in with lightdm
501[03:52:46] <gry> Joit: remove the .Xauthority from your home
directory, exit all X sessions, then log in with lightdm only
502[03:52:48] <Joit> sponix i did that a couple of times, before
this "fix windows startup" it worked by that, after that,
it didnt work anymore, to only delete .Xauth and .ICE*
503[03:53:10] <gry> Joit: didn't get that, please rephrase
504[03:53:14] <Joit> i had to delete both, not only Xauthority
508[03:54:30] *** Quits: ledeni (~ledeni@replaced-ip) (Remote host closed the connection)
509[03:55:02] <Joit> gry i first could start the xserver with
deleting .Xauthorithy, then, (because i have windows at an other
hdd, what didnt work anymore after the mirror the hdd) after fixing
windows startup, it did not work anymore to only delete .Xauth, the
xserver still did not start
511[03:58:29] <gry> Joit: did you remove .xsession-error* ? did
it start working after that ? if not, pastebin output of 'ls
-la $HOME', maybe
512[03:58:31] <Joit> i am looking through my xsessions-error
now, but seems is updated
513[03:59:17] <Joit> i think i did not remove it, but i cleaned
also the tmp, like some suggested at some postings
514[03:59:30] <Joit> at last the x-reltated stuff
515[03:59:57] <gry> Joit: okay
516[04:00:10] <gry> Joit: you may wish to remove the
*xsession-error* files, and check for the issue
517[04:00:12] <Joit> right now, my xsession-errors is from the
last 2 hours, where all worked
518[04:00:33] <gry> Joit: it doesn't matter what time it
was; we want that file to be gone completely because of permissions
issues
519[04:00:34] <Joit> but i have my fstab set to owner,rw
520[04:00:51] <gry> Joit: if you don't want to remove it,
move it to ~/myxsession-errors.old, or something, please
521[04:01:41] <Joit> well, i ont care, its at the trashfolder
now
522[04:01:48] <Joit> i know, it weill be re-created
523[04:02:15] <gry> Joit: also it is important that you quit all
Xorg sessions before starting to log in again, otherwise it may be
running as a wrong user or mess up the permissions again
524[04:03:14] <Joit> so, you now think, set the /home back to
defaults at fstab and reboot and all should work ?
525[04:04:24] *** Quits: ChiLLabiS (~jimmy@replaced-ip) (Disconnected by services)
526[04:04:38] <gry> Joit: I'm not an expert with fstab, but
I think this may be a good plan
527[04:05:02] <Joit> yeah, i can set it back manually anyway, if
it wil not work
528[04:05:10] <nvz> I can assure you that the fstab has
absolutely nothing what-so-ever to do with this issue
529[04:06:05] <Joit> nvz, the only thing what is weird for me,
is, after i changed this lines at fstab, and did nothing else, the
xserver worked again, also this backround image at lightdm
530[04:06:08] <nvz> especially since according to what you told
us, the only thing you actually did was change who can mount the
filesystem
531[04:06:36] <nvz> thats all you realize that you've done
532[04:06:45] <nvz> you probably also rebooted which in turn did
a number of things
533[04:06:45] <Joit> nvz i couldnt really figure that out also
by myself, because that would be my logic too
534[04:06:59] <nvz> it probably checked the filesystem again, it
logged out, it restarted services..
535[04:07:03] <gry> let's see what happens after your
reboot
536[04:07:34] <gry> you can go to tty and check that
*xsession-error* and *Xauthority* files are absent before you log in
to lightdm
544[04:12:30] <Joit> sponix well gladly, i have all the datas
now from my old hdd (It did make some weird noises) its only, that
the home dont work well anymore
545[04:12:55] <sponix2ipfw> Joit: if you honestly want me to
explain that. You will have to wait until I get home to a real
keyboard lol
548[04:13:46] <sponix2ipfw> Should be home in less than 30
minutes
549[04:13:47] <Joit> no, its ok, sponix haha, i am ok, when i
only know a normal entry at fstab for my /home, and to be save, that
nothing else goes wrong in the future
563[04:22:29] <Joit> ok back, and seems all works normal again.
just lightdm dont work with the backround picture i made but it
seems thats a problem of lightdm
596[04:56:56] *** Quits: Numero-6 (~Numero-6@replaced-ip) (Quit: << - Qui etes vous ? - Je suis le nouveau numero 2 -
Qui est le numero 1 ? - Vous etes le numero 6 - Je ne suis pas un
numero ! Je suis un homme libre!! >>)
609[05:16:10] <genr8_> thats super weird. I rebooted the new
kernel and I had no video, I checked on them in /lib/modules/ and
they werent there.... then i rebooted, and they ARE here, dated
prior to me rebooting
617[05:27:17] <genr8_> my best guess it they were busy
recompiling when I went to restart the first time (it did take an
extremely long time), and they got put in /tmp or something... then
they didnt exist in the /lib/modules dir when I booted the new
kernel, but they were like 99% built. then when I booted back into
my old kernel, they got placed in the right dir with the old date
618[05:29:53] <genr8_> I still have no idea what service was
called to get them auto-built
619[05:32:09] <somiaj> I think your guess is wrong, they
won't auto-build, dkms builds are triggered when you install
kernels
620[05:32:27] <somiaj> an upgrae won't complete (and be
stuck in a configure state) if the modules weren't built
621[05:32:29] <genr8_> why wasnt it visible ?
622[05:32:59] <somiaj> I am not gonna guess on that, but there
could have been some other issue.
623[05:33:08] <somiaj> and just rebooting won't magically
build the missing modules
688[07:38:22] <genr8_> the Nvidia module is a DKMS module, which
I rebuilt for the new kernel, so that should work. The VBoxDrv one
is the host driver that came from Virtualbox, which I have no idea
how it got built
689[07:39:22] <nvz> your source/headers didnt exactly match the
running kernel
690[07:39:40] <somiaj> well unknown symbols make it sounds like
it wasn't properly compiled for or compadable with the kernel
you are using.
698[07:47:39] <nvz> bottom line is, you screwed up either
compiling your kernel or supplying the right source/headers for
building your 3rd part modules
699[07:47:54] <genr8_> the kernel is missing the symbols is what
it is. I think because I stripped the symbols out first, before it
knew these modules would need them.
700[07:48:56] <genr8_> CONFIG_TRIM_UNUSED_KSYMS=y
701[07:49:08] <nvz> heh
702[07:49:15] <nvz> thats only one of the 3 problems I see
703[07:49:16] <genr8_> and the modules were out of tree, so it
didnt know them.
704[07:49:27] <genr8_> 3 ?
705[07:49:41] <nvz> yes you are only seeing the symbols issue
cause its the most repeated
706[07:49:58] <nvz> you are ignoring the disagree about symbol
module layout, and verification failed
707[07:50:06] <nvz> these are 3 seperate issues
708[07:50:19] <nvz> one has to do with module signing
709[07:50:24] <nvz> one has to do with module versioning
710[07:50:26] <genr8_> i forgot to sign one. i fixed that.
711[07:50:35] <nvz> and the other has to do with the symbols you
stripped
712[07:50:40] <genr8_> thats 2 issues
713[07:50:50] *** Quits: yuta (~pi@replaced-ip) (Quit: WeeChat 2.9)
733[07:54:58] <genr8_> no im wrong on that aspect also. it must
disagree for some other reason
734[07:55:00] <somiaj> What kernel contains an in-tree vbox
module? This has always been a thrid party module. Also what kernel
are you compling and why.
735[07:55:02] <nvz> I'm just givin ya my two cents worth..
I saw three issues, I told ya about all I know about it.. heh.. used
to compile kernels all the time, bought books on it and crap.. but
that was ages ago.. I've only took a run at modern kernel
once..
736[07:55:21] <somiaj> also I don't really see what this
has to do with debian, you are compiling a custom kernel, why not
just use the one from debian stable?
737[07:55:31] <nvz> the 2.x kernels I used to mess with and the
3.x-5.x kernels are a whole different ballgame :P
738[07:56:15] <genr8_> im using the debian kernel and the tools
739[07:56:24] <nvz> I havent had time to keep up.. the 5.x
kernel I made worked but I fudged a few things :P
740[07:56:51] <nvz> last kernel I compiled before that was a 2.6
one so :D
742[07:57:01] <somiaj> genr8_: you must be doing something
strange then, since the debian kernel does contain the symbols
needed for both vbox and nvidia
743[07:57:31] <genr8_> i said i used this to strip them,
CONFIG_TRIM_UNUSED_KSYMS=y , before it knew about the extra modules
759[08:01:56] <nvz> well I'd bought O'reilly's
Understanding The Linux Kernel back in the day.. and it was pretty
amazing.. but they can't keep up with the development.. so
unfortunately there isnt such a comprehensive read I know of that is
current
760[08:02:22] <nvz> I think the one I bought was for the 2.4
kernel and by time I groked it, 2.6 was stable
761[08:02:57] <nvz> and 2.6 was like a totally different
animal.. things had drastically changed
762[08:03:57] <nvz> my first go around with 5.x blew my mind all
over again.. heh
863[09:54:47] <nvz> you make packages either for a specific arch
or for "all"
864[09:54:57] <nvz> if the package isnt arch specific
865[09:55:10] <nvz> i.e. documentation or headers or something
866[09:55:35] <nvz> if its compiled, then its either one or the
other
867[09:55:58] <jumijoze> ywow mit
höhenmeteréinblendungen
868[09:56:09] <nvz> !pl
869[09:56:10] <dpkg> Na kanale #debian rozmawiamy po angielsku;
jesli chcesz lub wolisz mowic po polsku, wejdz na kanal #debian-pl
na irc.freenode.net - debian-user-polish@lists.debian.org
870[09:56:45] * nvz makes a wild guess
871[09:57:06] <tomreyn> -de would have been correct, if with a
french accent aigu
872[09:57:10] *** Quits: yonder (~yonder@replaced-ip) (Remote host closed the connection)
873[09:57:30] <nvz> yeah wasnt enough there for me to go on..
nick sounded polish
874[09:58:26] <nvz> something north-central europe
879[09:59:29] <dpkg> Deutschsprachige Hilfe bekommt ihr in
#debian.de (auf irc.oftc.net, irc.freenode.net oder irc.belwue.de) -
debian-user-german@lists.debian.org
903[10:15:56] <nvz> yeah well either way I dont think it was
much more than an accident.. and was german.. cause lookin closer at
the tranwreck that is compound words in german, I see meterein
(meters)
905[10:16:45] <n4dir> wow mit höhenmetereinblendung is
german.
906[10:17:12] <nvz> I only had a brief intro to german like 25
years ago.. and been avoiding it ever since due to crap like that..
it horrifies me the way they run words together like that
907[10:17:15] <flayer> n4dir, which is why it must be defended,
even if it ruled unjustly over the rest of it for centuries
908[10:18:09] <ratrace> "tiny peninsula".... and yet
the craddle of human civilization as we know it :) btw, slightly
tiny, like the peninsula, bit offtopic :)
909[10:18:25] <n4dir> nvz: it is the language of soldiers.
Arthur C. Doyle points out the horrible german language in
"bohemien". In a funny way, but he is not wrong
910[10:18:58] <n4dir> yeah, i will stop with offtopic. sorry. I
got a hang for it ...
945[11:07:01] <Lope> Debian host and guest VM. I pause the
guest, then I suspend the host. Then some time later I resume the
host, and then resume the guest. The guest time is wrong for quite a
long time.
946[11:07:11] <Lope> How can I force the guest to update
it's time?
947[11:07:25] <n4dir> ntpq or such
948[11:07:26] <ratrace> use a ntp sync daemon
949[11:07:45] <willow_> systemd time
950[11:07:56] <Lope> I don't have any ntp installed on the
guest. Should I install it?
960[11:17:20] <ratrace> Lope: I thought maybe with kvm-clock
paravirtualized hwclock one wouldn't need an ntpd in the guest,
and that may be the case, but from what I read online there still
exists a problem with exactly your use case: suspending and resuming
guests.
962[11:18:32] <ratrace> so either use an ntpd or try scheduling
`hwclock -s` on resume somehow in the guest, and libvirt should have
its own functions for that like "guest-set-time" but I
have very little experience with libvirt, I prefer qemu directly
975[11:37:29] <RadoS> So, with "quiet" on A it's
no kernel and no services, but with "quiet" on B it
suppresses only kernel but keeps services showing.
976[11:38:27] <RadoS> How to track this further? How to check
for plymouth?
985[11:53:28] <ratrace> removing "quiet" will show
both kernel and systemd output, yes. I don't know if you can
show one and not the other. plymouth is a package, check it with
`dpkg -l plymouth` and see if it's installed. should be,
it's default. it's used for boot splash graphics and
related.
986[11:53:53] <ratrace> "splash" kernel command line
controls that part. I don't know if debian has any default
plymouth splash graphics like ubuntu has.
987[11:53:55] *** Quits: Lope (~lope@replaced-ip) (Remote host closed the connection)
1034[12:48:18] <ratrace> that or any other form of auto upgrades
with no admin oversight
1035[12:48:46] <oxek> yeah, you make a good point
1036[12:49:44] <oxek> I know it's wishful thinking, it would
be nice if the release date was announced in advance and coordinated
with making release notes available
1037[12:49:57] <ratrace> oxek: it is, subscribe to the announces
mailing list
1038[12:51:02] <oxek> ratrace: don't see anything
replaced-url
1039[12:51:17] <oxek> I mean, I don't see anything about
10.6
1090[13:42:17] <tomreyn> a preseed file is a way for automating
debian installations, and i think you mean to ask about the conteXt.
;-)
1091[13:43:28] <tomreyn> i know this, but not how to debug or
even lint preseed files.
1092[13:47:05] <Mazhive> tomreyn your right preseed.cfg files are
for automated installs using any media a preseed.cfg file has all
the answers lined up for thee install to - proceed - a install
without user interaction.
1123[14:24:59] <Mazhive> right now i am using a pxe server to
automate install. a install normaly takes about 1 hours not every
other changes and add packages included that takes at least another
hour so automating it would take about 30 minutes , the amount of
time can greatly reduce to do a install
1124[14:26:59] *** Quits: Tobbi (~Tobbi@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1182[15:25:21] <reith> Hi. I'm packaging a software that
before has been installed without package manager. Is there a
mechanism in debian to mark a package conflicts with some files and
prompts user to remove those files? This package doesn't
install files in same path as before.. so i look for a mechanism to
delete (ask user and if he allowed delete file otherwise fail packge
installation) file in path_a while my package
1183[15:25:27] <reith> installs that file in path_b.
1184[15:25:55] <n4dir> codedmart: i just followed that guide and
it seems to include everything.
1187[15:27:29] <n4dir> as far i see it doesn't include what
the debian installer offers via tasksel at the end: choosing to
install a GUI and a bit more (cups and such)
1233[15:38:09] <hmuller> reith: probably cleaner to offer user an
uninstall script to remove an application not installed with package
manager first, and then install the package
1236[15:39:39] <reith> hmuller: that works but should handle
package installation failure too.. I'm thinking to install
those files by package (so user will be prompted for insalling
package) and delete those in configure stage.. going to test that
1249[15:47:06] <reith> that's strange.. i didnt'
install file `a` but in maintainer script removed that and it
succeed.. should't package be limited to delete just files it
created?
1251[15:50:07] <reith> (never gonna install a package from
unofficial repo without reading postinst)
1252[15:51:51] <tomreyn> dpkg makes the assumption that if it is
used, then only dpkg is used for package / software management, and
thus it does no harm by overwriting existing files which are not
part of another installed debian package.
1253[15:51:52] <dpkg> tomreyn: what are you talking about?
1258[15:54:04] <reith> tomreyn: well, that's a very sane
assumption.. but i guess i can even delete files installed by
another package in my package's postinst. haven't tried
though
1262[15:59:04] <reith> (just tried and i can delete all files,
installed by user or installed by another package in postinst.
learned maintainer scripts can be evil)
1273[16:04:39] <oxek> NetTerminalGene: you said so earlier, and
were advised to ask for your money back
1274[16:04:45] <asterismo_l> i'm trying to install debian in
a raid1 array of IDE disks (old PC) and after installing grub and
rebooting, the system throws a grub rescue
1275[16:05:10] <asterismo_l> error file
'/boot/grub/i386-pc/normal.mod' not found
1308[16:24:10] <tomreyn> reith: yes, files created in postinst
aren't tracked, and postinst can do anything root can. so
don't install packages from untrusted sources
1309[16:24:48] <asterismo_l> i partition the disks to have two
partitions each, the same
1383[17:07:50] <blaztek74> Why did my Debian version number in
/etc/debian_version change from 10.5 to 10.6 when I did an `apt
upgrade` today? While during the upgrade, the output displayed the
version change.
1390[17:11:11] <blaztek74> thank you! I didn't realize the
point release. Yes, I saw the kernel change and rebooted. I was only
confused because the Debian.org still has the 10.5 links for
download.
1391[17:11:47] <LtL> blaztek74: i'm sure the links will be
updated soon.
1401[17:23:16] <sk313t0n> I wanna install ascii-xfr on a debian
system, but it's not in the repo, and I can't find any
download links for it. Does anyone know anything about it?
1403[17:26:57] <n4dir> sk313t0n: apt-file search, which i
don't know well, gives me minicom. Doing apt-cache show minicom
it doesn't seem to make much sense to me, but you might want to
have a look
1404[17:28:27] <codedmart> Alright so I ran through debootstrap
and got everthing all good. I already have a bootloader
(systemd-boot) and mount /dev/sda1 as boot. I setup /dev/sda3 with
luks. I installed cryptsetup-initramfs, and setup a /etc/crypttab.
But still not able to boot properly.
1429[17:45:18] <throwthecheese> I have an issue with Stunnel
1430[17:45:37] <throwthecheese> It won't start with the
configuration my univ provided
1431[17:45:57] <deego> On one of my newer machines, I saw this
warning: "repository ... changed its value ... to 10.6".
But, I don't see this on any of the others - the ones that have
been around for a long time, and have been dist-upgraded through
several major releases. Is there some config option I need to tweak
on the latter?
1432[17:46:19] <deego> this was during an "apt update"
1436[17:47:51] <codedmart> I am chroot'ed into my debian
install `bash: initramfs-update: command not found` Shouldn't
that be there? I checked in `/usr/sbin` as well, but it isn't
there either.
1456[17:52:37] <codedmart> Oh I see I was using the wrong
command.
1457[17:53:28] <throwthecheese> And it looks like that my
university network requires SSL3+ since if I manage to start stunnel
without errors, my university network blocks me outright instead of
requesting authentication
1458[17:54:19] <LtL> deego: for what it's worth, point
releases don't require dist-upgrade. A simple apt update
&& apt upgrade will suffice.
1459[17:54:42] <deego> yes
1460[17:54:54] <deego> i mentioned dist-upgrade about major
releases
1473[18:01:40] <deego> there's a -d in my upgrade in the
crontab. does unattended-upgrades provide a -d option?
1474[18:01:51] <reith> another question about maintainer scripts.
i see postrm is pre-populated by dh_installsystemd. i want to change
this script, can i still have pre-populated script beside my
customization?
1490[18:07:01] <hansh> can someone tell the paste.debian.net
maintainer than when pasting this
replaced-url
1491[18:07:01] <hansh> " filter?
1492[18:07:43] <hansh> because that guy NEVER responds to me.
think i got spam-filter-false-positive reports from friggin 2016
that is still waiting for a response from > formorer@debian.org
1605[20:00:00] <NetTerminalGene> debian keeps us vulnerable
1606[20:00:01] <oxek> for firefox 78esr to be released to stable,
it needs to be built on debian-stable. It was not possible to build
it on debian-stable until debian 10.6, which has been released
today.
1607[20:00:24] <oxek> the upgrades have not happened yet for a
lot of machines
1608[20:00:28] <sney> it also only hit testing yesterday.
replaced-url
1609[20:00:49] <oxek> NetTerminalGene: so expect firefox 78esr
sometime next week probably
1610[20:01:02] <oxek> plus the CVEs fixed in 78esr are not
critical
1611[20:01:02] <NetTerminalGene> oxek: why do they needed 10.6?
1612[20:01:12] <oxek> NetTerminalGene: newer versions of rust
1633[20:10:24] <NetTerminalGene> oxek: issues are in firefox
code. for example, it doesn't show tracking list selection. it
supposed to show that option
1634[20:11:07] <NetTerminalGene> and their tracking protection
doesn't work sometimes
1635[20:11:16] <oxek> Disable the built-in firefox tracking
protection and use ublock origin like everyone else
1636[20:11:19] <NetTerminalGene> there is no such issue on
debian's firefox
1657[20:17:23] <oxek> and a combination of linux, firefox, and
especially esr version which is behind the regular release?
It's not very realistic it will be targetted.
1658[20:17:42] <ratrace> I remember when it was over 30% and it
seemed like it'd "take back the web" .... but then
chrome appeared
1660[20:18:13] <oxek> mozilla became complacent far before chrome
appeared
1661[20:18:27] <aaro> well the chromium situation in debian
isn't any better
1662[20:18:52] <oxek> I remember doing lots of benchmarks,
profiling, identifying problematic areas and giving suggestions for
improvements, along with code snippets - and being ignored for years
1663[20:18:53] <ratrace> oxek: I wouldn't be surprised with
a highly targeted attack against debian sysadmins running FF.
smiliar attacks already happened in the past (not against debian per
se, but server admins)
1664[20:19:37] <oxek> ratrace: you are correct, I am not denying
that.
1665[20:19:41] <NetTerminalGene> should we use chromium?
1666[20:19:58] <oxek> NetTerminalGene: we should just not use the
web
1667[20:20:02] <hmuller> ^^^
1668[20:20:05] <aaro> at least with firefox you have the mozilla
binaries
1669[20:20:06] <ratrace> I use firefox, and I have a nice, very
strict apparmor profile on it
1670[20:20:27] <hmuller> sigh, I still need to properly use
apparmor
1700[20:27:33] <oxek> it's a problem with the user
primarily, the browser second
1701[20:27:34] <ratrace> adblockers aren't 100% efficient,
and majority of people don't run with them.
1702[20:27:47] <sponix2ipfw> But I like sketchy websites
1703[20:28:03] <oxek> didn't google say it's now a
little bit over 50% of users that have adblockers?
1704[20:28:05] <ratrace> even I don't run with them. the
only extension in that regard I have is PrivacyBadger and
CookieAutoDelete, and a DNS blacklist I assembled over the years
1723[20:36:50] <EdePopede> oxek: for a long time ad servers have
been a problem, maybe they still are. as long as nobody cares where
the ads displayed on their sites really come from it won't
stop.
1724[20:37:17] <oxek> most websites should not exist anyway
1728[20:38:28] <oxek> I have a rule that on my personal machines
I only visit websites I donate money to, have a subscription to, or
they have a different revenue model (such as selling something)
1739[20:42:55] <EdePopede> i've been using a vanilla profile
right now for some weeks, i think it is even worse than when i
started using noscript
1740[20:43:29] <oxek> it's a pity that umatrix is no longer
being developed
1741[20:43:38] <EdePopede> oxek: the one at the top, full-width
with the download link? it's blue-ish ;)
1742[20:43:59] <EdePopede> i think green has a bad reputation
because of sf.net
1743[20:45:21] <EdePopede> personally i don't even care
about ads in general, i grew up with them in journals and partially
on tv. but the web counterpart is just not acceptable.
1744[20:45:22] <archaeopter> Hey! Does somebody know how i can
fix this weather widget?
1745[20:45:29] <EdePopede> "this"
1746[20:45:35] <archaeopter> Error loading QML file:
file:///home/mg/.local/share/plasma/plasmoids/org.kde.weatherWidget/contents/ui/main.qml:113:5:
Type YrNo
unavailablefile:///home/mg/.local/share/plasma/plasmoids/org.kde.weatherWidget/contents/ui/providers/YrNo.qml:18:1:
module "QtQuick.XmlListModel" is not installed
1751[20:45:50] <dpkg> The enter key is not a substitute for
punctuation. Hitting enter unnecessarily makes it difficult to
follow what you are saying. Consider using ',', '.
', ';', '...', '---', or
':' instead. If you hit enter too often, you will be
autokicked by debhelper for flooding the channel.
1760[20:47:25] <oxek> EdePopede: blue, green, can't tell
difference. I mean this one:
replaced-url
1761[20:47:26] <EdePopede> > We, the 'Publisher',
and a select group of trusted partners, known as
'Vendors', need your consent for data-processing purposes
1770[20:52:08] <EdePopede> archaeopter: anyway, i have no idea
where this missing module would have to come from. maybe the kde
folks know more
1771[20:52:14] <ratrace> oxek: I already use FF container tabs to
maintain sites I do want persistence with, like work related etc...
cookieautodelete + private mode for the rest
1796[21:03:54] <archaeopter> It is, they even have a banner
saying so, its fockin ded
1797[21:04:04] <ratrace> EdePopede: I just *HAD* to look it up :)
1798[21:04:15] <EdePopede> hrhr :)
1799[21:04:23] <ratrace> okurrrr
1800[21:05:34] <EdePopede> archaeopter: well, irc. join, ask,
wait. may get 5 answers in the first 10 seconds, may have to wait
for hours. the population size also isn't necessarily a
reliable source for the activity of a channel
1801[21:06:03] <archaeopter> Ye, ill wait an hour and guess will
have to find a worse widget, ugh
1833[21:19:48] <oxek> debian release easter egg, if you try
downloading the iso, and append -easteregg to the download URL, it
actually downloads ubuntu
1834[21:19:51] <sney> EdePopede: I don't remember ever
seeing something like that, but my memory is not reliable, and I
could imagine it being somewhere
1852[21:26:58] <oxek> and of course the 'easter egg'
bug in sl
replaced-url
1853[21:28:07] <sney> for whatever reason, I'm more likely
to do it when there's a little bit of terminal lag, like
managing a remote server via putty on windows. I've seen the
train that way a few times by accident
1876[21:37:34] <ratrace> that would break the "stable"
promise of LTS
1877[21:37:37] <oxek> search for scrollback there
1878[21:37:49] <oxek> hence my surprise
1879[21:37:50] <ratrace> WHAT!!!
1880[21:37:56] <sponix> I am going to test this theory in a
second
1881[21:38:23] <ratrace> (╯°□°)╯︵ ┻━┻
1882[21:38:31] <oxek> ratrace: ?
1883[21:38:37] <ratrace> they backported it?!!?
1884[21:38:46] <oxek> sponix is verifying it now
1885[21:38:51] <oxek> it does not work on my system anymore
1886[21:38:55] <sponix> oxek: VM done updating to 10.6 with the
latest 4.19 kernel -- So I need to go to a REAL tty correct -- Not
just a terminal in X ?
1887[21:39:05] <oxek> sponix: yes, real tty
1888[21:39:10] <Lvl4Sword> ┬─┬ ノ( ゜-゜ノ)
1889[21:40:17] <ratrace> lemme test it too
1890[21:41:32] <oxek> a 30 year old feature... just gone...
without any big announcement from debian
1891[21:42:12] <ratrace> on linux that nobody uses on desktops
and everyone uses on servers where console reigns.......
1892[21:42:13] <sponix> oxek: what systemd command is it to drop
from X to a real console -- I need that for my VM because I
don't know how to send ctrl+alt+F1 lol
1893[21:42:35] <oxek> sponix: don't know systemd command,
but maybe chvt will work
1894[21:43:15] <n4dir> systemctl stop
<name-of-display-mangager> ; might be worth a shot, but i
wouldn't bet
1895[21:43:32] <sponix> oxek: Yeah, its true -- I have 0
scrollback buffer in the real TTY
1923[21:47:34] <oxek> I only found out about this because after
upgrade, the graphical interface did not start up so I had to go to
a tty
1924[21:48:37] <imMute> the scrollback disappeared when switching
between VTs for a while anyway
1925[21:48:43] <ratrace> I ran upgrade tests on VMs before
tonight's plan to upgrade all the servers but now..... now I no
longer care, let it rot. I'll be planning a switch to a less
joke of an OS. and no, not just because of this, this is just final
straw that broke the crapux camel back
1926[21:49:05] <oxek> I genuinely feel sad for scrollback, it has
been with me for such a long time
1927[21:49:21] <oxek> I did not mean to make you angry ratrace
1928[21:49:26] <ratrace> I knew this was coming in future
kernels, but I never thought they'd backport such a big, huge
change for SERVER CENTRIC OS like Linux!
1931[21:49:55] <ratrace> oxek: you did not! GKH and/or
whoever's the maintainer for backports did! This ain't his
first time, last time I fumed for his political backports to subvert
ZFS
1932[21:50:02] <imMute> ratrace: you never thought they'd
backport a security fix (even if the "fix" is to just
remove the feature outright) ????
1933[21:50:30] <ratrace> imMute: knowing how many fixes are NOT
backported, yes, I actually did not thing they'd go ahead and
break LTS like this
1934[21:51:05] <imMute> it's not broken. you just can't
scrollback in the VT anymore.
1935[21:51:06] <ratrace> is not the fix tho. the cve fix did not
require removing the whole functionality
1936[21:51:14] <imMute> which you couldn't do when switching
between VTs anyway.
1938[21:51:27] <imMute> and you can get the feature back by using
something like tmux or screen if you really really need it.
1939[21:52:04] <ratrace> imMute: I guess you don't
understand the real issue here
1940[21:52:07] <imMute> you're right, they could have fixed
it without removing the feature. but no one stepped up to do that
work (presumably because no one cares enough about the feature). so
Linux patched the hole by removing the feature.
1941[21:52:35] <ratrace> the real issue is boiling for the past
few years with political and other breaking backports to LTS kernels
1942[21:52:37] <oxek> imMute: the real issue is changing behavior
of a stable (meaning "does not change") release
1943[21:52:59] <ratrace> there is no "LTS" kernel.
it's all made up crap. nobody should be running anythin but
latest mainline and kernel devs themselves are saying that. RIP
linux.
1944[21:52:59] <oxek> and without any big announcements from
debian
1945[21:53:01] <imMute> oxek: you'd rather they not backport
security fixes then?
1946[21:53:22] <oxek> I too run some stuff on servers where my
only access is IPMI, and don't have tmux there
1947[21:53:41] <oxek> imMute: they already don't backports
lots of security fixes, because they would break userspace.
1948[21:53:49] <codedmart> I could use some luks help. I am
installing debian from arch. I have it all installed, but I
can't get the initramfs to update with the crypt info. I keep
getting `cryptsetup: ERROR: Couldn't resolve device
/dev/mapper/crypt`. I am chroot'ed in from my arch install.
1949[21:54:09] <ratrace> the "security" implication of
CVE-2020-14390 is riduculous compared to actual bugs that exist and
are NOT YET patched
1950[21:54:36] <ratrace> cdown: the crypto device must match what
you wrote in /etc/crypttab
1952[21:55:41] <ratrace> cdown: or in other words, when you
chroot, you must open the LUKS container with the same name that you
had in crypttab. by default it's sdx_crypt where x is the
actual device partition number
1953[21:55:54] <ratrace> (iirc)
1954[21:56:12] *** Quits: maggotbrain (~maggotbra@replaced-ip) (Remote host closed the connection)
1955[21:56:14] <codedmart> ratrace does that matter if I opened
it from arch? It does match.
1956[21:56:31] <ratrace> codedmart: the host distro is
irrelevant, just the mapper name must be the same
1957[21:56:58] <ratrace> re-check because by that message
it's not. /dev/mapper/crypt is not what the installer would
write in crypttab by itself
1963[21:57:44] <ska> Is it safe to use Snap on debian?
1964[21:58:01] <EdePopede> promises some fun, there seems to be a
lot of public hardware running on it
1965[21:58:25] <ratrace> ska: you mean snaps? snapd containers?
1966[21:58:31] <codedmart> ratrace I opened in arch `sudo
cryptsetup open /dev/sda3 crypt` then mounted btrfs subvolumes and
chroot'ed into debian. /etc/crypttab has `crypt UUID=...
luks,discard`
2003[22:04:18] <ratrace> you actually need /dev and /proc for
initramfs, but it's best to have them all. bind -t proc proc
/mnt/chroot/proc ; bind -R /dev /mnt/chroot/dev ; bind -R /sys
/mnt/chroot/sys ; chroot /mnt/chroot ; source /etc/profile ; export
PS1="(chroot) $PS1"
2004[22:04:39] <ratrace> codedmart: assuming /mnt/chroot is where
you mounted the rootfs, and source + export are optional, run in the
chroot shell
2008[22:06:45] <ratrace> (you can also use systemd-nspawn ; as
chroot in some cases tends to break the system integration through
/proc so you have to reboot the host after you exit the chroot,
because it's broken)
2009[22:06:55] <ratrace> *systemd integration
2010[22:07:01] *** Quits: eventhorizon5 (~smuxi@replaced-ip) (Remote host closed the connection)
2046[22:22:08] <codedmart> OK that seems better. I am only
getting warnings now on update-initramfs. But I am still getting
dropped into initramfs when booting saying it can't find device
/dev/mapper/crypt.
2047[22:22:46] <ratrace> codedmart: paste the warnings somewhere
please
2051[22:28:00] <codedmart> So is it reading from the host as
well? vgcrypt is my arch lvm luks?
2052[22:28:08] <ratrace> codedmart: you're missing the
"key" column between UUID and luks,discard. use none if
you don't have any special key devices or keyscripts
2053[22:28:35] <ratrace> like this: crypt
UUID=b62db806-97f0-43bc-a401-fd61f5e02e30 none luks,discard
2054[22:28:48] <ratrace> also, consider using fstrim.service
instead of discard
2055[22:29:24] <codedmart> Great let me try this. Really
appreciate all the help.
2056[22:29:39] <ratrace> codedmart: that vgcrypt btw... where
does it fit in the mount tree for debian?
2057[22:30:12] <ratrace> the way this works is that initramfs
hooks are looking at mountpoints and then back through mappers to
the device they're on. so if vgcrypt is mentioned, it must mean
it's needed by the rootfs somehow
2058[22:30:15] <codedmart> Oh it was mounted I suppose when I
mounted /dev since I have that in my arch tree.
2059[22:30:46] <ratrace> well I'm not sure if there would be
a warning like that unless the device was referenced in the
mountpoint of the rootfs or something else in fstab
2062[22:31:46] <codedmart> Hmm... it is not in my debian fstab.
2063[22:31:51] <tomreyn> ratrace: the 'discard' option
in /etc/crypttab (interpreted by cryptsetup) has a different meaning
than the 'discard' file system mount option in e.g.
/etc/fstab
2064[22:32:47] <tomreyn> (this is in response to "consider
using fstrim.service instead of discard")
2065[22:32:49] <ratrace> tomreyn: I know. it just passes through
from the filesystem. but I'm assuming then the rootfs is
mounted with discard too
2066[22:33:56] <tomreyn> ratrace: hmm, i wouldn't
immediately assume this as a result of seeing the discard option set
in /etc/crypttab
2067[22:34:46] <tomreyn> (since you'd also need it to make
fstrim.service work)
2068[22:34:59] <ratrace> hrm, point.
2069[22:35:20] *** Quits: czesmir (~stefan@replaced-ip) (Quit: Lost terminal)
2070[22:35:24] <ratrace> so.... "consider using the
fstrim.service instead of mounting the filesystem with discard
option"
2082[22:43:26] <codedmart> ratrace Thanks again! Success, now I
just need to find the right firmware for my wifi card. Then start
transfering setting, getting things setup. So I can have a more
stable system.
2083[22:43:59] <willow_> for i in /dev/ /dev/pts /proc /sys ; do
mount -B $i /mnt/$i ; done
2085[22:44:55] <ratrace> you're missing /dev/shm and
submounts in /sys :)
2086[22:45:34] <ratrace> ideally, using systemd-nspawn does it
all, but you just have to --bind or --bind-ro /dev explicitly as
it's otherwise private /dev in the namespace
2087[22:46:09] <ratrace> (and it's recursive bind too, so
that covers submounts)
2133[23:11:27] <hmuller> I use systemd-nspawn for all my
container needs, for multi-partition images I use kpartx then do the
mounts manually, then load up in systemd-nspawn