2[00:04:56] <sponix> jhutchins: I find even doing very little
still is better than folks that go out of their way to ruin the
default securities built in :P
45[00:59:48] <abff_> I've used /etc/default/keyboard to
add an xkb-styled option so that my capslock and escape key are
swapped on boot. It works fine in X but the change doesn't
happen automatically in console I need to run setupcon every reboot
to force the change to happen. I thought setupcon was run
automatically at boot, what's going on?
68[01:34:40] <crucify_me> hi I'm having trouble with a
repl for haskell called ghci. the cursor jumps up off the prompt
line when backspacing or deleting right to left. someone suggested
to change the charsets? anyone kindly help me do that ?
69[01:35:04] <crucify_me> someone *on the haskell chatroom
101[02:12:28] <genr8_> ive had that happen when the terminal
window is the wrong size. resizing it to be less wide or something
else and then typing "reset" on the terminal fixed it.
188[04:06:10] <crane> i installed it not yet. i though it would
get installed then with the next apt upgrade?
189[04:06:42] <dvs> crane: nope, you need to expicitly install
packages from backports. And you should ONLY install the packages
you need.
190[04:07:14] <jmcnaught> crane: remove the custom pinning,
follow the instructions on the link above. Use "apt -t
buster-backports <package>" to install packages from
backports, they'll also be updated from backports once you have
installed that package from there.
210[04:10:52] <maplambda> I installed my HP printer with CUPS
and enabled sharing so I can now print on any device in my house.
CUPS is installed on my laptop. is my laptop actually acting as a
server right now? im curious abut the mechanism by which im able to
discover the printer from other devices that arent my laptop like my
cell phone. I dont even have to do anything on my cell phone it just
recognizes the printer now how does it do this?
211[04:10:53] <queip> will Debian manage to offer a good email
client? perhaps before we start building Mars bases
212[04:11:37] * dvs likes Thunderbird
213[04:12:22] <queip> dvs: they destroyed gpg support, and
provide own, stupid, inhouse implementation that does things badly
214[04:12:43] <jmcnaught> Evolution is okay, I use it.
215[04:14:05] <queip> jmcnaught: it's written in C
216[04:14:17] <dvs> ???
217[04:14:36] <jmcnaught> maplambda: it is probably avahi doing
mDNS aka zeroconf
235[04:20:52] <themill> If you're using security concerns
as a reason to avoid things because they're written in C, then
you've completely missed the point. You shouldn't go near
anything that uses QtWebEngine, which is basically everything Qt/KDE
236[04:21:14] <queip> themill: if rendering UI then all elements
are usually well-defined
237[04:21:24] <genr8_> yeah all those KDE libraries are
ridiculous.
238[04:21:29] <queip> of course rendering attached HTML should
be disabled
239[04:21:39] <genr8_> look at the dependencies
replaced-url
240[04:21:54] <themill> genr8_: dependencies are not an issue
241[04:22:06] <genr8_> exponential increase in attack surface
242[04:22:08] <themill> queip: this is not only about html
messages
243[04:22:24] <themill> this is *any* untrusted data
244[04:22:46] <queip> genr8_: like which dep? besides akonadi
245[04:23:15] <genr8_> anything with KDE in the name
246[04:23:50] <queip> genr8_: because? what about anything with
G in a name
247[04:23:59] <genr8_> i agree.
248[04:23:59] <themill> genr8_: you'd prefer that they
didn't use libraries and instead made their own versions of
each and absolutely every bit of functionality?
262[04:28:47] <genr8_> well you have fun in your quest to save
the world from C. but ditching it entirely is not possible. the best
you can do is fix whats broken and use static analysis and
sanitizers
266[04:35:37] <genr8_> personally, i'd be much more
concerned about a "house of cards" scenario of multiple
abstraction layers added on and built off of but never actually
investigated.
267[04:36:31] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
268[04:36:33] <jmcnaught> What is covered by security support is
also a factor. webkit2gtk is covered, qtwebkit and khtml are not.
269[04:37:29] <genr8_> yeah. or multiple points of failure being
added through dependency trees ballooning out of control to where
you have dead code or unmaintained code
271[04:40:06] <pagetelegram> having trouble mounting what should
be a raw server image. fdisk -lu doesnt display any offset info.
Does 1984hosting use a special format? Need to mount to assess logs
for suspect intrusion. My key got compromised and was locked out of
SSH,sFTP ports refused etc. Trying to just grab the logs in /var.
293[05:06:44] <genr8_> theres always the chance it was
compressed or encrypted. you could chop off the first few kilobytes
and hexedit to scan for clues
294[05:07:53] <mtlsw> genr8_, I think you're tumbling on
hypotheticals... that's not helpful information
295[05:08:10] <genr8_> by all means take over then.
306[05:29:02] <genr8_> you mean you found a valid filesystem
header and interpreted those bits ?
307[05:32:46] <genr8_> read this and see if you've
overlooked a certain command
replaced-url
308[05:34:11] <pagetelegram> hd -n xxxx -c image.img gives me
some basic insight yea.
309[05:36:37] <pagetelegram> I did try all those options;
thinking about the header output stating dirty bit etc. I have not
used hex displays since I was a tween. So I don't know what os
headers look like.
310[05:37:00] <mtlsw> pagetelegram, I came-in at 23:58, what is
this you're working on?
311[05:37:15] <mtlsw> pagetelegram, (a stored copy of a disk?)
312[05:37:44] <pagetelegram> 1984hosting VPS image...trying to
mount/read...fdisk -ul displays no partition info.
313[05:38:06] <pagetelegram> Need to see /var/logs to assess
intrusion concern.
314[05:38:13] <mtlsw> pagetelegram, a template or a copy of your
storage?
315[05:38:21] <pagetelegram> full 25gb image
316[05:38:27] *** Quits: puke (~vroom@replaced-ip) (Remote host closed the connection)
317[05:38:51] <mtlsw> pagetelegram, you should be using
"aide" -- it does integrity checks -- it can use off-site
database comparisons between two different stored folders (and again
off-site)
318[05:39:16] <mtlsw> pagetelegram, basically you do a hash
checksum of all files on the system before the intrusion..
319[05:39:24] <mtlsw> pagetelegram, and store that in an aide
database..
320[05:39:25] *** Quits: trysten (~user@replaced-ip) (Remote host closed the connection)
321[05:40:10] <pagetelegram> Good moving forward. Thank you.
322[05:40:19] <mtlsw> pagetelegram, the only way I can think of
detecting any unwanted changes is to compare it with a known-safe
system of the same distribution files from another VM.
323[05:40:39] <mtlsw> pagetelegram, and then do a
cross-comparison of the hashes between the two --- have same
packages installed, etc..
324[05:41:17] <firespeaker> is there currently an issue with the
kernel headers on unstable? trying to compile nvidia drivers from
debian and straight from nvidia both result in an error about the
kernel configuration being invalid:
replaced-url
325[05:41:28] <mtlsw> pagetelegram, you can possibly do that
with using aide as well. Make an aide-database in one VM, and then
compare it to the suspected VM's storage
326[05:41:42] <pagetelegram> I hosted my mail server on the VPS.
I shut down server when noticed SSH sFTP ports refused. Then
relaunched VPS for a 6 hours until I noticed postfix was restarted.
That's when I got paranoid.
327[05:42:04] <pagetelegram> oh good idea
328[05:42:25] <mtlsw> pagetelegram, you should be using
something with fail2ban which does iptables-updates and blocks
ip's based on login failure
329[05:42:50] <mtlsw> pagetelegram, (you can also limit new SYN
connections with iptables/nft)
330[05:43:01] <mtlsw> pagetelegram, ^ that too can slow-down any
attacks.
331[05:43:13] <pagetelegram> I use key file only....no root
password. My key must have been compromised.
333[05:43:52] <mtlsw> pagetelegram, you should learn from this
-- you are always 100% attack (everybody is) -- as soon as you put
anything online, there's already scans within seconds..
338[05:46:34] <pagetelegram> I am learning from this. Thank you.
I'm stump'd though how my key would be compromised. I only
keep it on one thumb drive. And only one other person has my
keys...someone I trust/confide. So I lean more towards a zeroday
thing which maybe why 1984hosting has my VPS controls locked.
339[05:47:19] <mtlsw> pagetelegram, I have no idea if it really
is compromised. -- but your ssh can be providing password-or-key
login if your sshd is not set to disable passwords
340[05:47:58] <pagetelegram> VPS has no passwords set for
login...only one key at the time...keys changed since.
341[05:48:48] <pagetelegram> oh just reread.
342[05:49:35] <pagetelegram> I don't understand...I use
putty to ssh in.
343[05:50:27] <pagetelegram> No matter, I have been unable to
SSH or sFTP in connection refused with old/new keys.
344[05:50:50] <pagetelegram> as if someone went in and blocked
usual port access
345[05:51:40] <pagetelegram> It seems my provider is on to
it...they locked controls and been in communication with them over
this issue this last week. They however office works when I'm
asleep :/
346[05:51:55] <mtlsw> pagetelegram, the webportal is also
locked?
347[05:52:16] <mtlsw> pagetelegram, usually cloud providers have
a web-portal front to things --- you might have
"newsletters" from there.
348[05:52:21] <pagetelegram> just the VPS controls. I cannot
stop , restart or start the VPS
349[05:53:03] <pagetelegram> I have 5 of them and they all
locked down even the ones' that are not suspect compromise. As
such the one hosting codebas.org is still running, however I cannot
control the state from the panel.
350[05:53:58] <pagetelegram> Nor can I make image backups atm.
So either the provider is locking everything of mine or everyone or
this is their servers respsonding to an intrustion they do not know
about.
351[05:54:55] <mtlsw> pagetelegram, maybe because they're
in iceland, that everything is now getting frozen for the winter
tehehe
352[05:54:59] <mtlsw> pagetelegram, oops my bad XD
353[05:55:06] <mtlsw> pagetelegram, they're a /22 network
354[05:55:38] <mtlsw> pagetelegram, what do you use on it? just
wp?
355[05:55:42] <pagetelegram> lol I have to wait another 2 hours
before they start answering their emails. Its getting late for me.
356[05:57:28] <pagetelegram> A lot of different server
softwares, mostly flat straight old html; postfix, stuff I
can't recall name of atm. Most projects involved in research
fraud and expose corruption.
357[05:57:54] *** Quits: auk (auk@replaced-ip) (Quit: Leaving)
358[05:58:13] <pagetelegram> I don't like wp; I tried wp
years ago and an attack in 2017 pushed me to go flat and plain jane
html.
359[05:59:02] <mtlsw> pagetelegram, jc
360[05:59:05] <pagetelegram> tho not everything I use was
flat...mysql stuff too. Got a text file somewhere of my entire
layout of servers and softwares; be willing to share privately.
361[05:59:29] <mtlsw> pagetelegram, you should of known better
if you're blogging on that.. you're more suspectible for
being ridiculed by whoever who can be trying something.
362[06:00:56] <mtlsw> pagetelegram, never trust your Caller-ID
these days.
363[06:01:10] <mtlsw> pagetelegram, be sure to have(next time)
include in your list of not-to's.
365[06:01:28] <pagetelegram> Studies on benford's law in
different systems including elections and such; I am compelled to
publish....and plans to study exotic RF abuses I am compelled to get
out. I am not surprised; just trying to learn as I meet these
challenges.
371[06:05:51] <pagetelegram> In 2017 the logs originating of
hack from China, tho as you say can't trust Caller-IDs...shared
host at the time sftp attempts about 100,000 pings.
372[06:06:12] <pagetelegram> that's why I moved to VPS.
373[06:06:38] <pagetelegram> I like 1984 bc they don't
restrict what softwares/ports you install
374[06:08:46] <mtlsw> there's "ghost server" --
an alternataive to WP for doing writing. There's
ghost-providers that can maintain the site/updates for you.
375[06:09:04] <mtlsw> if you're kind of tired of doing the
administration. But that cost a few extra bucks..
380[06:17:35] <pagetelegram> I will explore the federated p2p
route to see if that has an answer. Though limited to reach and a
lot of it is prejudged even I prejudge the onions as being a toxic
place.
381[06:18:37] <pagetelegram> I few friends pointed me in that
direction as a general solution against information being taking
down.
382[06:18:42] <mtlsw> pagetelegram, what do you think about the
new ms-edge-dev chromium-based browser released a few days ago? can
that be trusted? lol
384[06:20:16] <pagetelegram> I have a hard time keeping up on
anything; and I use chrome not knowing all it's faults. I am
busy in too many things. This happens when I', in process of
moving to a new apartment. Staying up just tonight so I can converse
with 1984 folk
385[06:21:58] <genr8_> even if its safe now, its a trojan horse
by being complacent to allow microsoft to infiltrate linux with its
compromising tendrils
386[06:22:10] <mtlsw> pagetelegram, the announcement was made
several months ago, it is making on linux news sites
387[06:22:27] <mtlsw> pagetelegram, some people worry it may
have privacy-invasion telemetry
388[06:22:40] <pagetelegram> nice try... ); as the old IBM OS/2
adage Up and Running, not Up and Coming....
389[06:22:59] <pagetelegram> not good
390[06:23:10] <pagetelegram> I always have bashed SM
391[06:23:11] <pagetelegram> MS
392[06:23:35] <genr8_> no good can come from it. just say no.
393[06:24:12] <pagetelegram> I use Windows for my Adobe needs
only. If Adobe moves to Linux I can so easily kiss Windows goodbye
for good.
394[06:24:43] <Azrael_-> ever tried adobe with wine?
395[06:24:44] <genr8_> i wouldnt hold your breath
396[06:25:05] *** Quits: kupi (uid212005@replaced-ip) (Quit: Connection closed for inactivity)
403[06:26:26] <Azrael_-> thought the api of wine was already
that "complete" and flexible to support basically
everything and wouldn't need specific modifications for every
program
404[06:26:39] <genr8_> adobe knows full well what they're
doing is keeping people locked into windows, and likely the only
thing stopping many people from switching. these corporations stick
together
405[06:27:16] <pagetelegram> Adobe Premiere access to CODAs etc
I don't think is supported. idk haven't tested stuff with
Winehq since about 5 years.
406[06:27:35] <genr8_> Wine is a win32 api only.
407[06:27:44] <Azrael_-> i have no real experience, i'm
just curious about it
408[06:27:55] *** brachamh_ is now known as bracham
409[06:27:55] <pagetelegram> That's a door slam
410[06:28:38] <pagetelegram> If it's anywhere near the
maturity of ReactOS I won't consider it. Good for Notepad and
maybe Wordpad :P
411[06:28:56] <genr8_> Notepad++ works too :)
412[06:29:24] <pagetelegram> haha only adobe notepad++ and
universal extractor is all I got installed on the system
419[06:34:42] <genr8_> This is why Adobe will never allow it.
replaced-url
420[06:35:44] <pagetelegram> They still port to OS/X/Darwin?
421[06:35:50] <mtlsw> flash is supposed to end in support this
year
422[06:35:57] <pagetelegram> That is good news ^
423[06:36:07] <pagetelegram> The next update will be an
uninstaller.
424[06:36:08] <mtlsw> its old news, it's just taken a few
years to come to this point lol
425[06:36:12] <mtlsw> hahaha
426[06:36:22] <genr8_> at some point, Microsoft was even
contemplating buying Adobe outright for 138-260 billion dollars.
replaced-url
427[06:36:46] <alex11> it may strictly be good from a security
standpoint but unless there's a functional replacement so much
of the early web will be lost in losing flash
435[06:38:29] <genr8_> oh apparently they planned for this and
invented a "NewGrounds Player" native windows app.
replaced-url
436[06:41:27] <pagetelegram> I doubt they be flash diehards
keeping this dead horse alive for too long. It's not worth
it....I am just happy to see this means no more flash ads eating up
system resources.
437[06:42:19] <alex11> yeah now we just have electron
482[07:30:33] <markuman> Hi. I got an EC2 instance with debian
buster. It says, that all packages are up to date. it installed
python 3.7.3-1. but in a docker file of debian buster, it installs
3.7.3-2
483[07:30:48] <markuman> what do I need to do to get it on the
ec2 instance?
484[07:31:13] <markuman> I already copied the apt source.list
from docker buster into the instance. after apt update, nothing
changed
518[07:51:47] <themill> as I said, python3.7-minimal ≠
python3-minimal. python3.7-minimal is the package that is vulnerable
to the CVE and you've upgraded it
519[07:52:18] <jelly> markuman: could that aws inspector thing
be buggy and checking the wrong package
520[07:52:34] <markuman> jelly: I guess yes
521[07:53:09] *** Quits: Space_Man (~Space_Man@replaced-ip) (Remote host closed the connection)
522[07:53:18] <markuman> hmm we got buisness support. I will
create an issue
545[08:12:24] <jelly> alex11: if the disk is already formatted
GPT, and you have enough space to make an efi boot partition if
missing, it ought to be doable
546[08:12:53] <alex11> is there a way to check what it's
formatted as?
705[10:26:30] <iamjfk11> Quoting Wayland FAQIs Wayland network
transparent / does it support remote rendering?
706[10:26:30] <iamjfk11> No, that is outside the scope of
Wayland. To support remote rendering you need to define a rendering
API, which is something I've been very careful to avoid doing.
The reason Wayland is so simple and feasible at all is that I'm
sidestepping this big task and pushing it to the clients. It's
an interesting challenge, a very big task and it's hard to get
right, but essentially orthogonal to what Wayland tries to achieve.
707[10:26:30] <iamjfk11> This doesn't mean that remote
rendering won't be possible with Wayland, it just means that
you will have to put a remote rendering server on top of Wayland.
One such server could be the X.org server, but other options include
an RDP server, a VNC server or somebody could even invent their own
new remote rendering model. Which is a feature when you think about
it; layering X.org on top of Wayland has very little overhead, but
708[10:26:30] <iamjfk11> the other types of remote rendering
servers no longer requires X.org, and experimenting with new
protocols is easier.
709[10:26:30] <iamjfk11> It is also possible to put a remoting
protocol into a wayland compositor, either a standalone remoting
compositor or as a part of a full desktop compositor. This will let
us forward native Wayland applications. The standalone compositor
could let you log into a server and run an application back on your
desktop. Building the forwarding into the desktop compositor could
let you export or share a window on the fly with a re
710[10:26:30] *** iamjfk11 was kicked by debhelper (flood)
737[10:59:48] <Lope> hey guys, I've got 2 PC's running
linux kernel 5.8. Connected on a LAN via 1GbE full duplex. Ethtool
shows both are 1000Mbps full duplex. Both PC's use a bridge on
their ethernet interface. Previously speeds were good. I've
recently changed my network setup a bit. I renamed interfaces with
udev and used network-manager to create the bridges instead of
/etc/network/interfaces. Now for some weird reason with iperf UDP I
get 104MiB/s in one direction, but
738[10:59:48] <Lope> 2MiB/s in the other direction!!! Any ideas
what could be wrong?
739[11:01:05] <Lope> I'm going to fire up a 3rd PC and test
against that to see which of these 2 has the problem.
761[11:23:12] <Lope> my network-manager configs are identical
between the 2 of the PC's same kernel, same debian, same
everything. Only different realtek chipset :/
788[11:43:03] <queip> akonadi-backend-mysql is uninstalled, and
yet still akonadi uses mysql backend
789[11:43:31] <queip> wtf?
790[11:46:30] <Lope> so on the PC that was struggling to send
data out of it's realcrap, I mean realtek chipset after I
changed from /etc/network/interfaces to network-manager. Even
stopping network-manager, deleting the bridge and using the eth
directly, I still could only send at 2MiB/s with iperf. So I
disabled network-manager, blacklisted the eth interface in
NetworkManager.conf and got the bridge configured again in
/etc/network/interfaces. rebooted. I re-tested and now
791[11:46:31] <Lope> the PC can send at 114MiB/s again. So
weird. Network-Manager broke the realcrap.
792[11:50:13] <Lope> Interestingly my laptop also has a realcrap
chipset, but it has *different* issues. network-manager works fine
with my laptop's eth. However last time I ran the laptop as a
server (2 years ago), it's eth goes down after like 2 weeks and
the only way to bring it back is power cycling it. The fix for that
interestingly was hard locking it to 1000Mbps full duplex (disable
auto negotiation) and that fixed it. Realcrap
793[11:51:50] <ratrace> Lope: 1) why are you even using NM for
all that? 2) btw, you don't need udev rules to change iface
name, you can do it with NM, interfaces, networkd, ...
794[11:52:05] <Lope> geez. I just had a *SIMPLE* idea to rename
some network interfaces and change some IP's and ports and
whatever, and add a few extra bridges etc. It's taken me a full
1.5 days to get everything done and working properly. Insane.
795[11:52:07] <ratrace> Lope: 3) are you missing firmware for
the nic?
796[11:52:29] <Lope> ratrace, I thought udev was the recommended
way to do it?
797[11:52:33] <ratrace> Lope: that's called Yak Shaving.
Wellcome to the world of Yak Shavers :)
798[11:52:54] <ratrace> Lope: "recommended"? neither
yes or no, it's just one way.
799[11:52:57] <Lope> ratrace, I've got the r8168-dkms
firmware package 8.048.03-1~bpo10+1
800[11:53:23] <Lope> ratrace, yak shaving? hahahah not familiar
with that.
801[11:53:33] <ratrace> Lope: I have no idea what that package
does. but you can check if the kernel wants firmware and is missing
it, dmesg | grep -i firmware
802[11:54:38] <ratrace> Lope: yak shaving is when you take a
seemingly simple task and then you realize you ALSO have to do tasks
B and C ..... and then B.1 and B.2 and C.1 and then B.2.1, and
etc.... down the rabit hole of "oh, shi! this too!"
803[11:54:40] <Lope> ratrace, just a spectre notice and ACPI:
[Firmware Bug]: BIOS _OSI(Linux) query ignored
804[11:54:59] <ratrace> Lope: then the kernel isn't missing
firmware files
805[11:55:10] <Lope> haha yeah. yak shaving. What a lot of fun.
806[11:55:30] <Lope> Now I'm starting to (just barely)
understand why people are scared of changing their setup when
it's "working"
807[11:55:39] <ratrace> some also call that "System
Administration". I guess the Yak's name is
"System" :)
808[11:55:44] <Lope> They shout with much fear and desperation
to not change "It's working!!!"
809[11:55:56] <iamjfk11> queip "dpkg -l akonadi*"
810[11:56:00] <Lope> with subtext "(don't ask me to
change anything)"
811[11:56:08] <ratrace> Lope: now do that with remote server and
_nothing_ but an ssh connection
813[11:56:31] <Lope> ratrace, yeah, I'm scared as shit of
changing things about the network or initramfs etc remotely.
814[11:56:35] <ratrace> Lope: well barely nothing, if you
can't reconnect, you can ask the hostnig company to provide you
with keyboard-video-mouse in a few hours :)
815[11:56:55] <Lope> I generally setup a local system
that's identical to it and test on that before messing with the
remote.
816[11:57:05] <queip> iamjfk11: akonadiconsole 4:18.08.3-1 amd64
; rc akonadi-backend-mysql ; ii akonadi-backend-postgresql ; un
akonadi-backend-sqlite and yet akonadi uses mysql right now, even
though uninstalled, wtf?
817[11:57:05] <Lope> One mistake and it's gone.
818[11:57:24] <Lope> ratrace, yeah, that's loads of fun.
819[11:57:45] <Lope> Then you have to hope your old notes of
what the 100 character FDE key is, is right for that server.
820[11:58:00] <Lope> it's so fun typing 100 pseudorandom
shit manually into a POS terminal.
821[11:58:01] <iamjfk11> dpkg -l mysql-*
822[11:58:01] <dpkg> No packages found matching mysql-*
823[11:58:12] <Lope> and then it says "incorrect"
hahahaha
825[11:58:30] <fling> Why is my iceweasel got replaced by
firefox?
826[11:58:36] <fling> Should not it be icecat instead?
827[11:59:36] <ratrace> ff replaced iceweasel long time ago
828[12:00:05] <ratrace> iceweasel was just ff with different
name due to license. everything else is the same as with ff now (ie.
the patches and changes that forced FF to be renamed in debian)
927[13:37:27] <hmuller> epitamizor: if you can't select all
the lines you need in the terminal/terminal multiplexer, then you
will have to use something similar to what I posted above
928[13:37:27] *** cdown_ is now known as cdown
929[13:37:37] <jelly> epitamizor: if what you need is still
completely on screen, you can use "gpm" to copy it and
paste elsewhere
930[13:38:09] <jelly> but again, you need gpm installed and
running already to have mouse support on console
931[13:38:55] <jelly> epitamizor: if your program is meant to
run forever as a service, consider writing a systemd service for it
instead, and let systemd log the output
954[13:51:39] <impermanence> sorry I haven't used debian in
forever: if I'm updating and I want to avoid a manual `-y` do I
need to sudo apt-get update -y?
955[13:52:32] <impermanence> seems like not
956[13:52:34] <nkuttler> impermanence: you probably mean
upgrade, not update?
1013[14:21:13] <queip> <lurchi_> Then use something with
does not confuse stable with stale ..
1014[14:21:16] <queip> he does have a point
1015[14:22:17] <greycat> !stable
1016[14:22:17] <dpkg> [stable] The status of a Debian release
when no packages will be added or version-bumped, and changes will
only fix security issues and critical bugs. Packages can be removed
in rare circumstances. The current stable version of Debian is
Buster (10.x); ask me about <releases>. Security bugs are
fixed in stable by backporting the fix to the stable version (ask me
about <security backports>).
replaced-url
1030[14:31:58] <queip> <lurchi_> nobody here will fix the 3
year old stuff debian is distributing. Make sure it is reproducible
with a current version, and then write a bug report
1031[14:32:26] <CrystalMath> so backport that one package
1032[14:32:41] <CrystalMath> the point of debian stable is that
MOST old packages are actually better
1033[14:32:50] <CrystalMath> on rare occasions, this is not the
case
1048[14:36:46] <EdePopede> so you prefer entering text in
something KDE instead of a terminal emulator. sounds legit.
1049[14:36:51] <queip> hmuller: to send and receive emails, gpg
encrypted&signed, with attachments. kind of like outlook express
did 20 years ago (minus the bugs etc)
1095[14:43:19] <EdePopede> so what email client does windows have
which would be fine for you?
1096[14:43:27] <CrystalMath> well i agree with you, i don't
think there can be a GUI client which doesn't suck
1097[14:43:30] <CrystalMath> maybe evolution?
1098[14:43:36] <queip> you need to import private pgp keys into
thunderbird. no support for smartcard reads, for gpg config, for gpg
WoT and trust list
1099[14:44:00] <queip> EdePopede: TheBat was fine
1100[14:44:06] <EdePopede> "was"?
1101[14:44:13] <hmuller> queip: that's your opinion. debian
hasn't failed. you mentioned windows (20 years ago) and that
would be WinXP
1102[14:44:16] <queip> not using windows much now, EdePopede
1103[14:44:21] <EdePopede> doesn't sound like something to
be used in the future
1137[14:50:24] <EdePopede> it needs developers to do it
1138[14:50:45] <Tenkawa> without the bug reports its
"never" going to be fixed
1139[14:50:49] <queip> maybe debian should be more rolling
1140[14:51:04] <queip> maybe also upstreams should prepare stable
branches and keep patching them per debian requests
1141[14:51:08] <EdePopede> and with software around something
networking, if it's browser, irc client, or mail client,
there's some relevant RFCs and maybe some other standards
1142[14:51:13] <EdePopede> no
1143[14:51:16] <EdePopede> !stable
1144[14:51:16] <dpkg> [stable] The status of a Debian release
when no packages will be added or version-bumped, and changes will
only fix security issues and critical bugs. Packages can be removed
in rare circumstances. The current stable version of Debian is
Buster (10.x); ask me about <releases>. Security bugs are
fixed in stable by backporting the fix to the stable version (ask me
about <security backports>).
replaced-url
1145[14:51:23] <Tenkawa> this is just pure software development
definition
1146[14:51:23] <EdePopede> there are enough rolling distros
1147[14:51:34] <queip> EdePopede: not that much rolling
1148[14:51:41] <Tenkawa> you need to need to know the problems to
fix them
1149[14:51:44] <queip> just fixing bugs that really make stuff
sucks
1156[14:53:15] <EdePopede> one of the things distro maintainers
are running into
1157[14:53:46] <EdePopede> <queip> maybe also upstreams
should prepare stable branches and keep patching them per debian
requests <--- debian and all the other distros?
1158[14:53:58] <EdePopede> what about redhat?
1159[14:54:18] <queip> btw, what is this god damn key to unlock
keyring (probably from Gnome) in gpg pinentry
1160[14:54:30] *** Quits: jpe (~jp@replaced-ip) (Remote host closed the connection)
1164[14:56:33] <queip> <CarlSchwan-M> We maintain a stable
branch for Plasma and Debian is not even using it...
1165[14:57:12] <queip> maybe upstreams should try more to release
LTS branches, and Debian should use them when ever possible,
collaborate with their devels, and always backport into stable when
there are *bugfixes* in LTS?
1166[14:57:38] *** Quits: lesless (~lessless@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1172[15:05:41] <jelly> queip: so you're volunteering to
backport Qt5, plasma, and plasma apps into debian, whilst making
sure no other Qt app breaks, that's what I'm hearing?
1177[15:09:46] <EdePopede> maybe upstream needs more developers?
1178[15:11:13] <crane> if i install the meta package
"linux-image-amd64" from backports. shouldn't the
meta package "linux-headers-amd64" also resolve to
backports?
1179[15:11:44] <crane> or do i also have to point explicit to
backports here?
1265[16:50:47] <dpkg> Steam is a proprietary content delivery and
management application for PC software with Linux support. Packaged
in <non-free>; amd64 users are required to enable
<multiarch> and install the steam:i386 package. For help with
upstream issues, ask #steamlug on irc.freenode.net.
replaced-url
1267[16:51:23] <pmart> idk it's packaged in a funny way
(uses subset of valve deb as packaging source). I was thinking maybe
the purpose is to make less of a mess in system by redirecting
installation to homedir
1268[16:51:44] <greycat> *shrug*
1269[16:51:51] <ksk> One could argue it removes the need to
download a .deb file - why not..
1270[16:52:10] <queip> jelly: no. I think that paradigm is
broken. I might write bug reports, maybe test. Maybe donate a bit.
But this needs to be organized.
1272[16:52:36] <queip> jelly: so far it seems that not much
progress can be done since most upstream refuses to work with
debian, since debian uses too old version "oh we probably fixed
that years ago"
1273[16:53:17] <queip> perhaps we need upstreams to agree with
major "stable" distros, like debian, to together maintain
such LTS versions
1274[16:53:30] <queip> because now we can't even agree on
what version to work on
1276[16:54:54] <queip> jelly: kmail as provided in debian stable
seems to be unusable. what if I even confirm it works fine in new
kde? perhaps debian stable should allow updating stable with new
versions if current versions or very unrealiable and often unusable
1277[16:54:57] *** Joins: conta (~Thunderbi@replaced-ip)
1292[17:00:00] <queip> a version so that debian users can
contribut meaningful bug reports that upstream will be interested
in, instead of throwing them all away "stop using debian Stale,
lol"
1293[17:00:11] <ksk> queip: an upstream project want first of all
develop its software, on their on terms. I can only imagine they
would not like, for example having to follow some debian-whatever
guidelines.
1294[17:00:18] <queip> and which when fixed debian might consider
upgrading in stable version even for non-security bug fixes
1297[17:00:48] <ksk> queip: its a poliy thing: Stable in debian
means basicly "not changing". Switch to another distro, if
that does not fit your needs ;)
1298[17:01:07] <queip> sure but "can you please choose a
stable version, and keep it maintained for like 4 years plz" is
pretty common and reasonable suggesion not something done only
"for debian"
1299[17:01:22] <queip> just minimal bug fixes of serious bug
1300[17:01:26] <pmart> So the version of steam package really
means initial version. I wasn't expecting that since it's
in non-free section and there is no mention of self-update in
description. It behaves a bit like packages in contrib really.
1301[17:01:32] <ksk> if you buy software from a company, yes you
could argue.
1302[17:01:44] <ksk> if you use OSS software, you cant really
tell if any of the maintainers is around next month..
1309[17:03:35] <queip> this is kind of done with firefox-esr
right?
1310[17:04:37] <ksk> I think so, yes. But as stated Firefox has
enough manpower to release an ESR version in the first place. Many
small project dont, or even just dont want to do so.
1311[17:06:45] <queip> for one, we should imo fix god damned
akonadi postgresql (if it turns out that it instead mysql fixes
kmail bugs)
1312[17:06:54] <shtrb> queip, I'm 100% that for the proper
fee your bug might get fixed , or via a "funding" (in the
past there had been a way to donate X euro to an organization that
it will transfer that donation to devs to fix stuff)
1313[17:07:11] <queip> one would think that uninstalling
akonadi-backend-mysql and installing -pgsql will make your programs
use it, but no. the migration function is missing. it fails silently
1314[17:07:28] <shtrb> queip, if at irc you don't get
answers , please try the mailing lists.
1317[17:08:02] <azeem_> queip: migrating a mysql db to postgres
isn't trivial usually
1318[17:08:11] <shtrb> queip, there had been an option in the
past in akonadiconsole (? i think) , but that feature had been
deprecated, you can edit the .rc file manually to start with pg
1320[17:08:51] <queip> azeem_: at least make it fail loudly. we
detected you switched to pgsql. Should we save backup of mysql, and
start with fresh db (all your akonadi local emails, contacts,
alarms, will be eleted for the current user $user, backup will
existin in $path to possibly restore if needed)
1321[17:08:59] <queip> azeem_: maybe one day write migration
function too
1322[17:09:19] <shtrb> queip, it's probably there already ,
just no UI option now
1323[17:09:28] <azeem_> queip: are you saying Debian should do
that, or KDE?
1324[17:09:28] <shtrb> did you ask at #kde / #akonadi ?
1325[17:09:35] <queip> shtrb: yeap just did that. I will see if
pgsql makes kmail work correctly (this bug takes days to show up)
1326[17:09:46] <queip> shtrb: yes, they told me to ask debian
about their stale versions. xd
1327[17:09:59] <azeem_> I mean, packages are installed globally,
and they usually are not supposed to deal with user data
1328[17:10:01] <queip> (well kde-devel; kde is quiet, akonadi is
ghost)
1329[17:10:04] <shtrb> stable version , not stale , our version
is slitghly older
1330[17:10:38] <queip> shtrb: well it's a joke. but yeah
developer will consider anyone using more than few months back a
problem
1331[17:10:42] <shtrb> and the ubuntu bug that had refrenced
might actually be on a newer version than buster have
1332[17:11:12] <shtrb> I'm a dev , and I don't , each
dev has it's own quirks
1344[17:15:13] <ksk> Imho the drawbacks would kill Debian, but
you are free to have your own opinion :)
1345[17:15:51] <ksk> I can only encourage you to switch something
else, if Debian does not fit your needs, there are many distros with
different aproaches out there.
1347[17:16:28] *** Quits: chele (~chele@replaced-ip) (Remote host closed the connection)
1348[17:16:45] <shtrb> or better , try to fix the actual bug
1349[17:17:00] <ksk> 16:13 < queip> we don't we use
stable branch of Plasm provided by KDE for stable debian? -- because
Debian Testing will become the next Stable release, and it needs to
decide which versions to use, before the "freeze".
1374[17:38:04] <queip> what is the stupid keyring and why
applications want me to unlock it? how to nuke it? why debian allows
such bad ideas that no one asks for, and that lack clear option to
disable them, explanation, nor even show their name
1375[17:38:30] <shtrb> you wish to have pgp encyption or not ?
1377[17:38:50] <queip> shtrb: it's not pgp encryption
1378[17:38:56] <ratrace> if you want encrypted password store in
chromium, for example, you either have a keyring, or you don't
have encrypted passwords
1379[17:39:01] *** debhelper sets mode: +l 1197
1380[17:39:04] <queip> afair it is that stupid gnome's
master password thing
1381[17:39:13] <ratrace> yes
1382[17:39:19] <queip> that asks for some password, that user
never sets, what the hell
1383[17:39:24] *** azeem_ is now known as azeem
1384[17:39:30] <shtrb> queip, you would be requested to unlock a
keyring , if you had setup pgp encryption addon but an agent is not
running already
1385[17:39:56] <queip> shtrb: what "keyring" in the
world is it talking about, and what password?
1386[17:40:20] <queip> the question for the passphrase to use GPG
key is a separate question, and that one is fine
1393[17:42:28] <queip> I *guess* kmail spawns gpg's
gnome-pinentery, and that pinentry asks me for gnome's keyring
password. the problem is that I never set any such password so I can
not enter it
1394[17:42:34] <ratrace> KDE Wallet is KDE's version of the
keyring
1395[17:42:57] <ratrace> queip: it asks for gnome's or gnupg
keyring?
1396[17:43:05] <queip> ratrace: that's what I want to know
1397[17:43:23] *** Quits: nobyk (~nobyk@replaced-ip) (Remote host closed the connection)
1401[17:44:15] <queip> fist it asks for gnupg password, that part
is OK and it works fine
1402[17:45:12] <queip> next it also asks idiotically for
"password to unlock keyring" without explaining what
keyring it wants. it should (1) explain wth is that and (2) tell me
where to configure this password. also I never set up this password
so it probably instead should ask me to create such password
1404[17:46:36] <vizzy> i changed from stable to testing but
cannot full-upgrade (>1000 packages held back after doing upgrade
and not updated but this is why i did that) ... now it tells me
somthing about libc6 breaks libgcc-8-dev or somehting weird - how to
fix?
1405[17:46:43] <vizzy> ho to force upgrade to testing?
1406[17:46:56] <greycat> !debian-next
1407[17:46:56] <dpkg> #debian-next is the channel for
testing/unstable support on the OFTC network (irc.oftc.net), *not*
on freenode. If you get "Cannot join #debian-next (Channel is
invite only)." it means you did not read it's on
irc.oftc.net. See also
replaced-url
1408[17:47:36] <vizzy> and yet another irc network.... ok
1409[17:47:51] <vizzy> maybe i wait 24h and try again... a bit
unstable for "testing"
1410[17:48:18] <flayer> tbh it sounds like you'd better off
on stable
1411[17:48:49] <vizzy> i want testing to fix this very annoying
kde bug with blackscreen after resume, which sucks a lot
1426[17:53:20] <pmart> queip: it asks for kwallet keyring
password. gnome and kde use two different backends for storing
secrets. things work out of the box (unlocking automatically during
login) usually. maybe try to re-login?
1427[17:53:23] <vizzy> oh cool, lde has no more configurable
screensavers? at least not after install kde-full
1428[17:53:59] <vizzy> oh, its called fancy pancy< screen
locking
1429[17:54:08] <queip> pmart: I never configured such password.
It looks really like a gnome application. The dialog that asks for
KWallet password is different
1430[17:54:23] <vizzy> and no screensavers available? ouch
1431[17:58:39] <vizzy> ha! got it. its not damn plasma, its its
screenlocker that didnt work by default, not letting me in again
after activating, what a sucker
1438[18:04:19] <pmart> queip: the default keyring/wallet uses
your login password and unlocking should happen during login
provided PAM modules are setup properly
1439[18:05:08] <pmart> Anyway consider using gnome softwere
rather than kde since xfce closer to gnome
1440[18:06:15] <pmart> If you mix and match from different
desktops don't expect everything to work flawless
1441[18:06:46] <queip> pmart: what do you mean with mix and
match?
1442[18:06:56] <queip> I just use kmail program. I do not
"mix and match" anything
1485[18:20:45] <RoyK> greycat: unable to install it from
backports contribs as well - I guess I'll stick to googling. I
wish people for once would agree on at least something as important
as gcc
1498[18:26:50] <gpunk> if "man" pages are not
"free", just activate non-free repo in your debian then
update and install
1499[18:27:07] <greycat> gpunk: gcc-doc is not in buster at all,
is the issue here.
1500[18:27:23] <gpunk> even with non-free and contrib activated ?
1501[18:27:30] <gpunk> have you done "apt update" ?
1502[18:27:45] <greycat> charking: that matches what I have on
buster amd64. Even the datestamp. So I guess the man pages
themselves might be corrupt/missing?
1511[18:30:18] <gpunk> i will deactivate backports for you and
redo the query
1512[18:31:08] <crestfallen> hi on buster I'm having trouble
with gnome-terminal: while backspacing or deleting in the ghci repl
the cursor leaps off the line and behaves strangely. I checked the
keyboard settings and reset them to default (they were already set
default). any suggestions?
1532[18:42:19] <charking> I don't have a $LESS or $PAGER
variable in my environment
1533[18:42:59] <greycat> does less work if you invoke it directly
with a file?
1534[18:43:09] <charking> This line of the man -d output looks
weird:
1535[18:43:13] <charking> Setting LESS to -ix8RmPm Manual page
find(1) ?ltline %lt?L/%L.:byte %bB?s/%s..?e (END):?pB %pB\%.. (press
h for help or q to quit)$PM Manual page find(1) ?ltline
%lt?L/%L.:byte %bB?s/%s..?e (END):?pB %pB\%.. (press h for help or q
to quit)$
1536[18:43:34] <gpunk> my man works
1537[18:43:35] <charking> greycat: yes, 'less foo.txt'
works
1557[18:47:18] <charking> greycat: do you get that weird
"Setting LESS to" line like I do if you use man -d?
I'm wondering if man is overriding less with something bogus?
1558[18:47:32] <greycat> I do not, but I have LESS and PAGER
variables...
1595[19:14:18] <fabbo> dpkg -l lists installed and removed
packages, is there a way to list the installed ones only
1596[19:14:18] <dpkg> No packages found matching lists installed
and removed packages, is there a way to list the installed ones only
1597[19:14:50] <FightingFalcon> My host send me an email today,
stating that my ip address is sending POST and GET requests to
several IP addresses. How could i detect this?
1604[19:19:43] <greycat> (1) how do you know it's a legit
email, not just phishing/spam, (2) what is "your ip" and
how does it differ from an ordinary end user machine, (3) what does
it actually say, (4) why is the fact that you are "sending
requests" significant?
1605[19:20:11] <greycat> Context would help.
1606[19:22:09] *** Quits: bocaneri (sauvin@replaced-ip) (Remote host closed the connection)
1608[19:22:23] <FightingFalcon> I dunno, they just sent me an
email saying that another hos sent them an abuse email. showing logs
1609[19:22:27] <ratrace> fabbo: | grep '^ii'
1610[19:22:41] <ratrace> FightingFalcon: there were 4 questions
in there
1611[19:25:47] <shtrb> FightingFalcon, check if your server
doesn't have suscious outgoing activity , there are several
well known garbage software that is sometime installed on
vaulnerable servers to attack others
1612[19:26:03] <FightingFalcon> shtrb, how do i check?
1613[19:26:11] <greycat> so "my ip" is a server, not a
desktop machine? that was one of the things I asked...
1614[19:26:33] <shtrb> I'm assuming your ip is a fixed ip ,
and a server
1615[19:26:56] <greycat> *sigh*
1616[19:27:15] <shtrb> did I say something wrong ? sorry if I had
, I did not wish to offended you or anyone else
1618[19:27:19] <greycat> I get so freaking sick of people who
REFUSE to provide BASIC INFORMATION and just sit there being a help
vampire until someone makes a lucky guess.
1619[19:27:26] <ratrace> indeed
1620[19:27:28] <greycat> shtrb: no, you're fine.
1621[19:30:02] <shtrb> FightingFalcon, start by following
replaced-url
1622[19:30:29] <ratrace> that's a load of assumption there
tho
1623[19:30:48] <ratrace> who said it was compromised? the context
greycat asked for would _really_ help here
1628[19:32:14] <ratrace> but to answer the question of "how
to find which process is making POST requests" (which
wasn't asked, but is close to what _I_ am assuming is the
actual question), you use tcpdump and/or lsof to find the ports and
with lsof the pid of the port owner. an auditctl rule woudl also
help
1629[19:33:24] *** Quits: fabbo (~rialneim@replaced-ip) (Remote host closed the connection)
1661[20:02:03] <TuxBlackEdo> I am having some problems installing
debian 10 through PXE, for some odd reason the installer keeps
exiting, when I switch to a console and type /sbin/debain-installer
manually the install proceeds as normally, what could this be?
replaced-url
1669[20:07:54] <zerocool> if you make fat stacks then that
applies :)
1670[20:08:25] <tulpa> hello, new debian user here. I just ran
systemctl status and it says my system is degraded. This message is
in red in the output: ● systemd-modules-load.service loaded failed
failed Load Kernel Modules
1671[20:08:36] <tulpa> How should I go about troubleshooting this
issue?
1688[20:21:36] <firespeaker> the current combination of nvidia
driver version and kernel source version in sid fails to compile. an
older kernel or newer nvidia version is needed to make it work
1689[20:21:58] <sney> firespeaker: yes, this is a known issue.
nvidia estimates a driver release next month
1690[20:22:03] <sney> !debian-next
1691[20:22:03] <dpkg> #debian-next is the channel for
testing/unstable support on the OFTC network (irc.oftc.net), *not*
on freenode. If you get "Cannot join #debian-next (Channel is
invite only)." it means you did not read it's on
irc.oftc.net. See also
replaced-url
1692[20:22:14] <sney> please take future sid/testing issues to ^
1693[20:22:19] <ratrace> ,v linux-image-amd64
1694[20:22:23] <firespeaker> aha
1695[20:22:33] <greycat> we are still juddless
1696[20:22:37] <ratrace> blast!
1697[20:22:51] <jelly> are we now
1698[20:22:53] <ratrace> okay, 5.9 is in sid
1699[20:23:01] <ratrace> yeah nvidia hasn't released yet for
5.9 and won't for a while
1700[20:23:01] <greycat> the bot is online, just not in #debian
1701[20:23:06] <greycat> it responds to /msg
1702[20:23:15] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
1703[20:23:33] <firespeaker> ratrace: the "short-lived"
version works on debian though
1705[20:23:56] <sney> it's a new change for 5.9 in how
non-gpl modules are allowed to interact with the rest of the kernel.
oracle fixed this for virtualbox-dkms pretty quickly, so it's
safe to assume nvidia won't be far behind
1709[20:24:54] <ratrace> sney: a certain Finn and a middle finger
come to mind :)
1710[20:24:57] <firespeaker> sney: nvidia did fix it
1711[20:25:08] <firespeaker> sney: unstable just has an older
version of the driver
1712[20:25:43] <jelly> greycat: there seems to be no easy
race-less way to ask freenode ircd and services not to let you into
any channels before the client is identified
1713[20:26:05] <greycat> Yeah, I had an issue with greybot too,
after we made #bash +r.
1714[20:26:15] <ratrace> firespeaker: what version of it? I
can't find any info online that they fixed it
1715[20:26:18] <greycat> I just hard-coded the steps at bot
startup, assuming that I will only have to identify one time.
1716[20:26:31] <firespeaker> ratrace: well 455.* compiles for me
on 5.9.0
1723[20:31:54] <ratrace> weird. 455.28 was released _Before_
nvidia made the statement about it not being yet ready for the
changes in 5.9
1724[20:32:03] <sney> 455 is in experimental. there's no
mention of a kernel compatibility fix in the changelog, and the
driver was released on sept 17th, so that's... yeah
1725[20:32:28] <sney> ah, apparently it builds but is missing a
lot of features.
1726[20:32:43] <ratrace> right, can't be it compiles unless
the changes in the kernel are patched out
1739[20:41:57] <ratrace> 'twas fixed fast because it blocked
the point release bump .. one of those rare things wehre the
upstream pulls down political patches mid-LTS and breaks our toys
1740[20:42:20] <ratrace> (pulls down = backports from mainline to
LTS)
1741[20:46:40] <karlpinc> I am working on my ssh-fu. In
~/.ssh/config the difference between %n and %h is dependent on the
workings of CanonicalizeHostname, yes?
1760[20:55:58] <f8e4> how to copy a file up with ssh?
1761[20:56:05] <f8e4> scp still
1762[20:56:10] <f8e4> or rather other?
1763[20:56:13] <another> sftp
1764[20:56:15] <greycat> !scp
1765[20:56:15] <dpkg> scp is Secure Copy, part of the ssh suite,
and a very handy program. The client program is in the
openssh-client package and it just uses the ssh server at the other
end so you don't need to install anything special on the server
(openssh-server package). Install <scponly> or <rssh> to
restrict commands to scp users. More information: <sftp>,
<sshfs>.
1791[21:02:08] <greycat> I've only used sshfs a handful of
times. From what I gather on IRC, some people have issues with it on
longer duration mounts, or over unreliable networks.
1792[21:02:38] <n4dir> ah, might be. I only do it in the local
home network, also not for that long
1793[21:03:19] <ratrace> yeah, sshfs is best used with autofs
1795[21:05:22] <bariscant> Hello everyone, I have a debian
networking question. I have 1 gateway server and 2 client servers. I
assigned fixed IP to one of them, from gateway's dhcp config. I
need to set fixed ip to the other server. But I want to accomplish
that from client itself. What would be the best way for that?
1796[21:06:41] <ratrace> bariscant: regular static IP
configuration . just make sure you use an adress in the range
ousside of dhcp's domain
1797[21:06:48] <greycat> if you want to set a static IP on a
machine, just put it in /etc/network/interfaces
1804[21:10:02] <bariscant> greycat: I have done that actually.
However, after restarting networking service, host could not assing
an IP to itself and I locked out. Shouldn't dhcp client respect
static ip definition under the /etc/network/interfaces file? Or is
there any other configuration that needs to be done?
1805[21:10:09] *** Quits: isostatic (uid224824@replaced-ip) (Quit: Connection closed for inactivity)
1806[21:10:36] <ratrace> bariscant: you don't run a
dhcpclient along with static network configuration, you can't
even with interfaces(5)
1807[21:10:38] <greycat> If the machine has one network
interface, and you want to set a static IP on it, you do not ALSO
configure it to run dhcp. That makes no sense.
1808[21:11:32] <greycat> A given interface should only be
configured in one way. Pick one -- static /e/n/i, DHCP from /e/n/i,
network-manager, etc.
1809[21:12:04] <ratrace> (systemd-networkd, ...)
1810[21:12:11] <greycat> that falls under the etc.
1811[21:12:44] <ratrace> someone port netplan.io! :)
1814[21:13:52] <bariscant> greycat: Yes host has only one
interface which originally configured with dhcp. I want to change it
so that it uses static ip.
1815[21:14:31] *** Quits: Night-Shade (~TimF@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1816[21:14:44] <greycat> so you comment out the line that says
"iface enp2s0 inet dhcp" and replace it with "iface
enp2s0 inet static" and then under that, a line for address and
a line for gateway
1817[21:14:50] *** Condor__ is now known as Condor
1818[21:14:54] <greycat> replace enp2s0 with your interface name
1821[21:17:29] <fireba11> since the topic is on networking
already ... how should a config for a second interface using the
same network segment look like? (ipv4 and v6) ... haven't been
able to find a example
1822[21:17:52] <greycat> you shouldn't *have* two interfaces
on the same numeric network
1847[21:22:42] <bariscant> greycat & ratrace: only lines
interfaces file has is loopback device. Like I said I added
"iface ens6 inet static" and followed by address,
broadcast, netmask, gw address.
1848[21:23:08] <ratrace> broadcast and netmask are no longer
needed, write the addr in CIDR notation instead
1850[21:23:18] <greycat> broadcast is legacy, and netmask is
usually just a /24 or /whatever on the address
1851[21:23:22] <ratrace> you really need only the
"address" and "gateway" items
1852[21:23:47] <greycat> did you forget the "auto
ens6"?
1853[21:25:09] <fireba11> almost locked myself out of the box
yesterday trying to configure the second interface since i just
copied config and then later noticed i now had 2 ipv4 gateways :-D
luckily that does not brak ipv6 so i could still log in and fix it
1854[21:25:11] <bariscant> greycat: that is not present in the
config actually.
1856[21:25:22] <greycat> that would be a big problem
1857[21:25:34] <greycat> unless you were planning to bring it up
manually every time
1858[21:26:15] *** Quits: IsThatAPlanet (~dawgy@replaced-ip) (Remote host closed the connection)
1859[21:26:56] <ratrace> fireba11: use config automation and a VM
to test out stuffs before prod
1860[21:26:57] <bariscant> greycat: so the problem was eventhough
my config was correct, because I forgot to add auto ens6 line my
interface never was up after resetting networking.
1871[21:30:56] <ratrace> I guess I misread "turn" as a
typo or something, lol
1872[21:31:00] <ratrace> no idea what tha is
1873[21:31:12] <fireba11> and i need to use a common port to
increase the chances of our customers being able to reach it. if
their internet wasn't looked down i would not need the turn
server at all
1877[21:34:11] <greycat> "With WebRTC, you can add real-time
communication capabilities to your application" ... "For
most WebRTC applications to function a server is required for
relaying the traffic between peers, since a direct socket is often
not possible between the clients" ... "The term stands for
Traversal Using Relay NAT"
1878[21:34:47] <greycat> so it has something to do with what we
used to call peer-to-peer communications, but somehow the word
"web" is involved
1879[21:34:52] *** Quits: greatgatsby (~greatgats@replaced-ip) (Remote host closed the connection)
1882[21:35:58] <fireba11> it alos helps with clients that got udp
outgoing blocked since they can send tcp to turn server and that
connects properly via udp to the server then. am using it for a
bigbluebutton videoconferencing server, we got clients that
can't get out of their network in reasonable ways, lol
1883[21:36:03] <imMute> greycat: because if it's not
"Over HTTP" then it doesn't exist /s
1982[22:48:54] <karlpinc> RoyK: You have to follow the
instructions at backports.debian.org to install the gcc docs. _And_
you have to enable the non-free section of the repo. For reasons I
didn't lookup the docs are simply not in buster itself.
1984[22:49:45] <azeem> it's the FSF's GFDL
documentation license which has immutable sections that Debian
considers incompatible with the DFSG
1985[22:52:51] <greycat> All I know is gcc-doc was removed from
testing during buster's freeze, and never made it back in. I
don't know the details of why.
1986[22:54:16] <nkuttler> if it was for licensing it could just
have been moved to non-free, like other fsf docs
1998[23:07:32] <abff> can someone help me out with console-setup?
I have made a change to /etc/default/keyboard that is persistent in
X but does not work in tty until I run setupcon after boot.
I've tried to use setupcon --save but it doesn't fix it.
1999[23:07:58] <abff> Can I just rm the cached scripts in
/etc/console-setup?
2007[23:15:24] *** Quits: fb_ (~freebench@replaced-ip) (Remote host closed the connection)
2008[23:15:25] <sney> abff: cache stuff is typically safe to
delete, though I'm not familiar with that one in particular.
maybe move the files elsewhere and see what happens
2009[23:15:34] *** Quits: randombit00 (~randombit@replaced-ip) (Remote host closed the connection)
2023[23:24:00] <foul_owl> I'm having a problem with alsa.
Trying to measure latency in ardour, the latency is not consistent,
and can vary by up to 30 ms
2024[23:24:29] <foul_owl> I'm not looking for low latency,
but consistent latency
2025[23:24:50] <foul_owl> Ideally not varying by 1 sample, if
that is even possible
2026[23:24:58] <ratrace> no guarantees with 250Hz voluntarily
preemptible kernel
2029[23:25:22] *** Quits: prodnec (~govext@replaced-ip) (Remote host closed the connection)
2030[23:26:22] <foul_owl> How does anyone use Linux for audio?
And how do people use Windows for audio without a new kernel?
2031[23:26:32] <sney> !rt
2032[23:26:32] <dpkg> The PREEMPT_RT (linux-rt) realtime patch
set allows for nearly all of the Linux kernel to be preempted, which
may help achieve better low-latency behavior in some environments.
Since August 2011, the Debian Kernel Team produce binary packages
including this patch set, for the amd64 (linux-image-rt-amd64
metapackage) and i386 (linux-image-rt-686-pae metapackage)
architectures.
replaced-url
2033[23:26:43] <foul_owl> I don't need realtime audio
2034[23:26:51] <foul_owl> I don't care if the latency is 10
seconds
2035[23:26:56] <ratrace> foul_owl: typically with the kernel
optimized for that
2036[23:26:58] <foul_owl> As long as its *always* 10 seconds
2037[23:27:15] <ratrace> consistency and ability for low latency
come hand in hand
2038[23:27:25] <foul_owl> Ahhhhh ok
2039[23:27:32] *** randombit00 is now known as randombit
2040[23:27:33] <foul_owl> I thought it would be a tradeoff, my
bad
2050[23:29:40] <abff> sney: I moved the cached scripts and reran
setupcon --save but after reboot the change is still not persistent
2051[23:29:50] <ratrace> in audio, the "latency" is
about emptying the rather short audio buffers asap. if the kernel is
tied elsewhere, eg. in IO, or in a critical non-preemptible section,
your audio thread wil starve
2052[23:30:22] <abff> sney: they did get remade too, so its not
the cache that's overwritting my desired changes
2053[23:30:30] <foul_owl> My apologies, let me explain my issue
2093[23:49:09] <ratrace> yeah, I see, it's not...
replaced-url
2094[23:49:10] <JordiGH> Wonder if I'll have any luck using
a canon digital camera as a webcam.
2095[23:49:26] <genr8_> im going to recompile it myself from
source but it makes hardly any sense, when we have the library (not
by default perhaps?) libseccomp2
2097[23:51:03] <ratrace> genr8_: I'm still wondering why not
all pacakges are built with relro either
2098[23:51:24] <n4dir> foul_owl: you could ask in #ardour, in
#opensourcemusicians or in #lau. Assuming here will not lead
anywhere, not saying here is "wrong".
2099[23:51:25] <genr8_> ugh
2100[23:51:44] <H-var> (I haven't logged into windows for 31
days now)
2109[23:54:11] <ratrace> eh was just browsing through those bugs
2110[23:54:13] <genr8_> That seems wise. I'll leave the bug
open though so I'm reminded to enable seccomp after the
10-buster release. <-- guess we should ping him to remind him