26[00:15:30] <jmcnaught> swift110: according to the arch wiki
in Firefox's about:config there should be a key for
media.ffmpeg.vaapi.enabled which I do not have in buster:
replaced-url
27[00:15:45] *** Quits: Christian75 (~Christian@replaced-ip) (Remote host closed the connection)
28[00:15:58] <jmcnaught> swift110: so you might be out of luck
unless you upgrade to testing and start using Wayland
29[00:16:23] <H-var_> hey ratrace, I don't know, man... I
just installed the latest kernel and nvidia too, but my games still
won't run
30[00:16:25] <swift110> jmcnaught, how do I access that key
31[00:16:35] <H-var_> are you running games on the latest
proton 5.13 ratrace?
32[00:16:48] <H-var_> or you are using earlier version?
65[00:25:38] <kevr> i --recv-keys on all three of them, but it
still gives me the error
66[00:26:13] <kevr> says the repo is not signed?
67[00:26:56] <jmcnaught> kevr: that is strange. Do you have the
debian-archive-keyring package installed? Can you make a paste of
your /etc/apt/sources.list ?
68[00:28:06] <H-var_> thanks guys, I'll go pretend like I
tried to do something for a day or two, and then come back with the
same questions
71[00:28:37] *** Quits: Deyaa (uid190709@replaced-ip) (Quit: Connection closed for inactivity)
72[00:28:43] <sney> also check your system clock, that can
cause gpg/ssl errors if it's off
73[00:29:23] <kevr> i did, it's on
74[00:29:35] <kevr> (synced up with my other computers times)
75[00:29:38] <kevr> using ntp
76[00:30:44] <kevr> you know what, i'm sorry. it's
debian, but it's raspbian; they may be enforcing a different
set of gpg keys and supply a different keyring by default
77[00:32:13] <jmcnaught> kevr: this is why we do not support
raspbian in this channel, because it causes confusion and we do not
know what changes they have made.
78[00:32:30] <jmcnaught> !based on debian
79[00:32:30] <dpkg> Your distribution may be based on and have
software in common with Debian, but it is not Debian. We don't
and cannot know what changes were made by your distribution (compare
replaced-url
80[00:32:55] <kevr> can i not manually add the debian keys into
my keyring somehow?
110[00:58:43] <behappycat> thanks, and yes, if i do
/usr/bin/ping it works, also the which ping command is pointing to
/home/usr/.local/bin/ping and sudo which ping to /usr/bin/ping
111[00:59:02] <behappycat> is there a easy way to fix this?
248[01:59:39] <Nnavd> none of that is really relevant to what im
doing though, I'm just trying to run a bash script as a user
without input - ill see if I can make the sudoers do it properly
249[02:00:02] <hop> this is… wrong
250[02:00:30] <Nnavd> im not saying this is good practice, im
just trying to fix something fast
251[02:00:57] <hop> /maaaybe/ setpriv would be more appropriate,
but i'm still not sure what the actual issue is
252[02:01:12] <hop> you don't fix anything, is what
i'm saying
254[02:01:36] <jmcnaught> A daemon running in a docker container
spawns child processes and you want the child processes to run as a
different user than the parent?
255[02:02:02] <hop> that would be what i hoped for, but it
didn't sound like it
263[02:06:58] *** Quits: c077ee (uid471137@replaced-ip) (Quit: Connection closed for inactivity)
264[02:11:42] *** Quits: YWH_1 (~foo_drive@replaced-ip) (Remote host closed the connection)
265[02:12:44] <themill> ignoring the queries about the actual
design, the implementation of that would be via a NOPASSWD config
for that specific command for that specific original user
350[03:45:52] <Aurora_v_kosmose> How would one go about
recreating arm imagines themselves? Or alternatively, is there any
way to validate arm images anywhere?
383[04:05:54] <jmcnaught> f-a: it is subjective, but
FrankenDebian is usually a result of mixing releases (e.g.
stable+testing), mixing distros (debian+ubuntu), or using PPAs and
other repos that are not built specifically for Debian.
384[04:06:59] <jmcnaught> f-a: if a third party repo only
installs a handful of packages and important stuff like libc6 do not
get replaced, it is probably fine.
385[04:07:32] *** Quits: leorat (~leorat@replaced-ip) (Remote host closed the connection)
389[04:09:15] <jmcnaught> f-a: that said, I do what I can do
keep my sources.list pure Debian stable. I use virtual machines for
a lot of stuff, sometimes containers or chroots. It depends on what
the software is I'm trying to run.
392[04:10:23] <f-a> I see, and which guides you to pick a vm or
a chroot or a container?
393[04:12:14] *** Quits: torbo (~user@replaced-ip) (Remote host closed the connection)
394[04:13:06] <jmcnaught> Does the program need a GUI, or access
to audio? A VM might be best in that case. Unless the program
requires 3D acceleration. If it is a server daemon, a container is
probably fine. I have also run GUI programs from a chroot using
schroot, though not recently.
395[04:13:08] *** Quits: ledeni (~ledeni@replaced-ip) (Remote host closed the connection)
396[04:15:12] <jmcnaught> f-a: maybe for this case PlayOnLinux
would be useful? I have not used it, but it seems to manage custom
Wine versions on a per-program basis.
397[04:15:18] <jmcnaught> ,i playonlinux
398[04:15:29] <judd> Package playonlinux (contrib/otherosfs,
optional) in buster/amd64: front-end for Wine. Version: 4.3.4-1;
Size: 933.6k; Installed: 2920k; Homepage:
replaced-url
403[04:19:57] <cef> stupid q time from me: trying to spin up an
x32 port chroot and debootstrap errored out. looks like it's
complaining about systemd-timesyncd. Any way to recover and continue
from this point?
432[04:38:17] *** Quits: randombit (~randombit@replaced-ip) (Remote host closed the connection)
433[04:38:50] <zerocool> hi ya'll, i have a networking
question. i typically use /etc/network/interfaces to bring
interfaces up for me but when i make changes i find it highly
unrelable to use systemctl restart networking to tear things down
and bring them backup. is there a "proper" way to do this?
434[04:39:21] <ectospasm> zerocool: ifup/ifdown doesn't
work for you?
435[04:39:43] <ectospasm> So, if you've modified a network
interface: ifdown <iface> && ifup <iface>
436[04:39:59] <zerocool> ectospasm: if i bridge to a vlan can i
name it in /etc/network/interfaces and ifup br0.104, for instance?
437[04:40:05] <zerocool> if that's the bridge that i
defined there
438[04:40:27] <ectospasm> I believe so, I have a VLAN interface
in my /etc/network/interfaces
439[04:41:07] <ectospasm> Now, my Wifi adapter in that machine
still gets a static IP address, but it's no longer set in
/etc/network/interfaces
445[04:42:26] <zerocool> well here's another question...
somewhat related. do i need to have an IP address on a vlan bridge
in order to use it... for vm's
446[04:42:45] <zerocool> or can i just bridge and set it `iface
br0.104 inet manual`
447[04:43:10] <ectospasm> I can't answer that, I usually
don't use a bridge interface.
448[04:43:45] <zerocool> hmm... well i'll try to define the
vlan in interfaces and ifup it after, if that works I will be very
happy.
449[04:44:04] <ectospasm> Oh, maybe I do. Looks like VirtualBox
creates its own bridge interface (vboxnet0, which does not have an
IP address on the host)
467[04:57:26] *** Quits: temple48 (~temple48@replaced-ip) (Remote host closed the connection)
468[04:58:22] <cef> ok.. so figured it out the chroot issue. had
to go into the chroot, dpkg -i all the .deb files in
/var/cache/apt/archives/ except systemd/systemd-timesyncd, then once
that was done (still broken at that point) I had to run 'apt
--fix-broken install' within the chroot
485[05:30:09] <lifostack> hi all running x86_64 debian here on a
dual boot win10/debian disk... separate partitions for /,/home,swap
... wondering what i should do when i run out of space in / or /home
486[05:30:21] <lifostack> is it better to put these partitions
on separate disks?
487[05:30:33] <lifostack> specifically root and home partitions?
488[05:30:50] <ectospasm> lifostack: are you using LVM or a more
advanced filesystem than ext4?
489[05:31:08] <lifostack> i am using ext4
490[05:31:15] <lifostack> but i can remember if i setup
encryption or not
491[05:31:18] <ectospasm> lifostack: have you thought of using
LVM?
492[05:31:26] <ectospasm> LVM isn't encryption.
493[05:31:37] <lifostack> i think i tried to use LVM in the
past, i think i encrypted it and lost the key and decided against
using LVM again
494[05:32:19] <lifostack> oh thats right i couldnt use LVM
because i had windows 10 on a partition and LVM wanted to erase the
disk
495[05:32:31] <lifostack> i do use LVM on installs that dont
dual boot windows though
496[05:32:44] <ectospasm> Logical Volume Management. Set up
disks/partitions as physical volumes (PVs), set up Volume Groups
(VGs) with those PVs, set up Logical Volumes (LVs) in those VGs,
then you can add disks/partitions and grow your ext4 filesystem once
you've added disks/partitions.
497[05:32:46] <lifostack> but i dont "know" what im
doing i typically let linux automate the process for me
498[05:33:14] <ectospasm> lifostack: You should be able to use
LVM without disturbing your Win10 installation, just use different
partitions as PVs.
499[05:33:29] <ectospasm> And don't add your Win10
partition as a PV
500[05:33:56] <lifostack> oh ok
501[05:34:02] <ectospasm> I don't know if the Debian
installer will do that for you automatically
502[05:34:02] <lifostack> how can i check if these are LVM
partitions?
503[05:34:05] <lifostack> fdisk -l?
504[05:34:15] <ectospasm> You'd probably need to manually
partition your disk to preserve Win10.
505[05:34:19] <lifostack> yeah the auto part of the installer
wouldnt do that for me
506[05:34:31] <lifostack> but it was no biggie i was just trying
to get up and running as fast as possible
507[05:34:48] <lifostack> when i do a full install on a non dual
boot disk i'll go full LVM or try the manual partitioning like
you suggeste
511[05:35:58] <lifostack> yeah looks like these are simple MBR
partitions one extended where all 3 of my linux partitions live
512[05:36:56] <lifostack> does LVM work with MBR or GPT? or is
it its own thing?
513[05:37:12] <ectospasm> LVM is agnostic to the partitioning
scheme, you can use either.
514[05:37:20] <lifostack> oh ok
515[05:37:31] <lifostack> hence volume mgmt
516[05:37:39] <lifostack> i think im starting to get my head
around it
517[05:38:15] <lifostack> so basically when i go to make the
increase in disk space whether that be a larger disk with larger
partitions or multiple disks with partitions on each, it would be a
good time to go ahead and migrate over to LVM on a manually
partitioned disk?
518[05:38:55] <ectospasm> Only thing to really watch out with
LVM is mixing different types of disks. Having HDDs and SDDs in the
same VG may give mixed/uneven performance for your LVs in that VG.
523[05:42:33] <lifostack> hmm still having a hard time figuring
out just what kind of partitions these are "disks" is just
saying they are linux partitions
524[05:42:56] <lifostack> Partitioning says MBR
525[05:43:12] <ectospasm> fdisk -l doesn't tell you what
filesystem is on them.
526[05:43:17] *** Quits: cstls (~guy@replaced-ip) (Quit: Lost terminal)
527[05:43:27] <lifostack> ext 4 on both linux partitions / and
/home and swap on /swap
529[05:43:38] <lifostack> what file systems are used on LVM?
530[05:43:48] <ectospasm> Any Linux filesystem will show Linux
as the partition type.
531[05:44:32] <ectospasm> lifostack: any filesystem you want,
there's no restriction. You can even put NTFS on them if
you're so inclined. Good luck getting Windows to recognize
them, though!
532[05:45:03] <lifostack> heh!
533[05:45:51] <ectospasm> I don't use LVM everywhere, it
adds a layer of abstraction I rarely need.
534[05:46:26] <ectospasm> Like on this laptop, I just have one
BIG Btrfs volume, and use subvolumes for snapshots and backup
purposes.
535[05:46:36] <ectospasm> I can't remember if my Debian
router has LVM set up.
654[08:37:13] <another> see the answers in #ffmpeg
655[08:38:12] <sgo11> another: yeah, I am asking there. Thanks.
656[08:39:20] <jmcnaught> !package recompile
657[08:39:20] <dpkg> 1) Add a <deb-src> line for your
current release to your sources.list 2) apt update; apt install
build-essential devscripts fakeroot; apt build-dep packagename 3) as
any user, apt-get source packagename 4) cd packagename-version/; ask
me about <debian/rules>; 5) dpkg-buildpackage -uc -us 6) as
root, apt install ../packagename-version.deb. Ask me about
<debian/rules>, <nocheck>, <nostrip>, <apt-get
source>.
692[09:15:34] <gamrix> Hi, its possible to stop the automatic
"apt update" in Debian Buster ? I stopped/disabled/masked
all the apt-daily-*.timer/service. In
/usr/lib/apt/apt.systemd.daily, i put AutoAptEnable to 0 but my
server still do an apt update... And i didn't see how in the
syslog. The 2 last packages were "libldap-2.4.2" and
"libldap-common". Thanks
693[09:18:23] *** Quits: cfoch (uid153227@replaced-ip) (Quit: Connection closed for inactivity)
721[09:32:42] <gamrix> In apt.conf.d, i have the default
00CDMountPoint / 00trustcdrom / 01autoremove / 01autoremove-kernels
/ 20listchanges / 70debconf. I just put a 00aptproxy because i have
an aptcacherng in the network.
722[09:32:50] <ratrace> gamrix: how did you disable the timer?
723[09:33:27] <gamrix> Discover, it's not only with
graphical server ?
725[09:34:00] <borrougagnou> Hello, I would like to know,
someone has already push something on DockerHub ?
726[09:34:03] <ratrace> ho kay, a chatbot.....
727[09:35:11] <gamrix> ratrace: stop and disable with systemctl
stop/disable apt-daily-upgrade.timer. And if i check with
"systemctl list-timers", i didn't see it
729[09:35:40] <ratrace> gamrix: okay, then next question, how do
you know it runs?
730[09:35:51] <Montresor> Got packagekit? Have
package-update-indicator installed? There's too many things
that could be updating the cache, geeez.
731[09:36:15] <shtrb> gamrix, yes , discover is a user interface
app
732[09:37:16] <gamrix> ratrace: with a job, i do this command
"apt list --upgradable" every day at the same hour to see
when new packages are available and check the logs.
733[09:37:40] <gamrix> This is a server, no user interface
734[09:38:18] <jmcnaught> According to the comments in
/usr/lib/apt/apt.systemd.daily if you set
'APT::Periodic::Enable "0";' in a file in
/etc/apt/apt.conf.d/ it will not do anything.
735[09:38:27] <ratrace> gamrix: and you see new things but you
never run apt update?
736[09:38:37] <shtrb> jmcnaught, that's why I sent him
there
737[09:39:04] <shtrb> ratrace, that's the default config on
some new installation in buster , very usefull in my opnion
743[09:40:47] <shtrb> I don't know about his situation , I
actually have also a problem with cron and timers yesterday (and I
had offended jelly by that) so I just don't know
744[09:40:59] <shtrb> ratrace, you see the process :)
745[09:41:40] <shtrb> and sorry to jelly again for that
748[09:42:18] <ratrace> and I'm asking in order to
determine _what_ started it. if you can see the process, maybe you
can also see the parent. Or if something is in the logs. gamrix
never said how they're noticing it running
749[09:42:26] *** Quits: Darcidride (~Darcidrid@replaced-ip) (Remote host closed the connection)
750[09:43:16] <gamrix> In /usr/lib/apt/apt.systemd.daily. I only
changed one line : AutoAptEnable=0
751[09:43:22] <ratrace> there's the timer and its service
by default. there's apt-compat daily cron that just exits on a
systemd system (is a fallback cron for no systemd for timers).
752[09:43:52] <ratrace> gamrix: that's just the binary run
by the timer and cron. if you disable (and stop!) the timer, it
should not run. can you verify with systemctl list-timers ?
753[09:43:53] <gamrix> The apt-daily services are masked
754[09:44:03] <gamrix> sure
755[09:44:31] <gamrix> I only have 3 timers,
systemd-tmpfiles-clear.timer / logrotate.timer / man-db.timer
756[09:45:30] <ratrace> gamrix: right, and if you run journalctl
-u apt-daily.service, you'll see there's no logs for it
running after the change?
757[09:46:54] <gamrix> yes, "No entries"
758[09:47:38] <ratrace> gamrix: so then that's not running
759[09:47:55] <ratrace> so now, how do you know something is
still updating apt?
761[09:48:55] <gamrix> It's not the aptcacher server,
it's only a proxy server so if i didn't run and apt update
or upgrade, it's not it ? I don't understand because i
have no entry in the syslog about apt... or a cron...
762[09:49:24] <ratrace> that doesn't answer my question
763[09:49:42] <gamrix> Because i have a job which check
"apt list --upgradable" every day. And at 7 pm friday, no
packages, at 7pm saturday, 2 packages
799[10:04:15] *** Quits: gtweryh (~govext@replaced-ip) (Remote host closed the connection)
800[10:05:38] <borrougagnou> Hello, I repost my question, I
would like to know, someone has already push something on DockerHub
?
801[10:06:37] <ratrace> you should specify the actual problem
you're having, preferably related to Debian
802[10:06:41] <ratrace> !anyone
803[10:06:41] <dpkg> Please do not ask if anyone can help you,
knows 'something' or uses 'some_program'.
Instead, ask your real question. (If the real question _was_
"does anyone use 'some_program'?" ask me about
<popcon> instead.) See <ask> <ask to ask>
<polls> <search> <sicco> <smart questions>.
806[10:08:54] <borrougagnou> okay, so I created dockerfile, I
publish this dockerfile in public repository, I can build without
problem in debian, but when I try to build using DockerHub... how
say... nothing... no information
842[10:44:54] <ratrace> anyway your service file is broken, so
you should consult the documentation and/or the developers, on
requirements for the service and how to configure it properly on
Debian Stable
843[10:45:07] *** Quits: lesless (~lessless@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
848[10:47:50] <ratrace> I'm betting your ExecStart is
wrong, you either don't have python3 or the module is not
properly installed
849[10:48:31] <ratrace> and since installing python modules in
the root repository is a no-no, you better set up a virtualenv for
it, and alter StartExec to use the virtualenv. But that's pure
speculation here, dunno what you actually did :)
877[11:06:01] <pitch> ratrace. i did not use pip as root.
radicale is placed in the .local/FOO of the user radicale
878[11:06:13] <ksk> and I was like "okay nice, most
projects I lookat nowadays even suggest you create a seperate
virtualenv in user context.." ;)
879[11:06:38] <ratrace> pitch: then you need to alter ExecStart
to use proper python path for the module
880[11:06:45] <pitch> i heard abouit the virtual en v stuff a
lot, but i dont know what it is nor does
881[11:07:01] <ratrace> pitch: this is REALLY best done with
virtualenv, as then you can ExecStart =
/path/to/your/virtualenv/bin/python3 -m radicale
882[11:07:10] <ksk> pitch: its "all python components on a
per project basis under $Home/foo"
883[11:07:23] <ratrace> pitch: welp, building your own software
and integrating with the distro requires alotta knowledge. it's
beyond simple help on irc.
884[11:07:36] <pitch> but i can just run /usr/bin/env python3 -m
radicale
885[11:07:42] <ksk> So you can change the projects dependencies
(stuff pulled in via pip) without effecting the system, or other
projects
886[11:07:47] <pitch> and i t seems to work.
887[11:09:40] <ksk> If you are hosting anything but a PoC
"seems to work" should not be the standard you measure
success with.
888[11:10:13] <fireba11> :-D
889[11:10:25] <ratrace> pitch: as the user runing the service?
890[11:10:49] <fireba11> ksk: and then take care your PoC
doesn't creep into production ;-)
891[11:10:53] <ratrace> your problem is that python3 you execute
via env, doesn't see the module
892[11:11:01] <pitch> okay
893[11:11:12] <pitch> now thats an information i can work with
894[11:11:39] <pitch> i was out of this game for a long time,
since 200* at least
895[11:11:52] <pitch> now i try to get my own infra up and
running
896[11:12:50] <ratrace> pitch: do yourself a favor and install
radicale in virtualenv, alert yyour service ExecStart to run the
python3 bin inside the virtualenv
897[11:13:00] <ratrace> your future self will thank you later,
many times.
902[11:16:14] <pitch> ratrace: any pointer to a sane doc for
virtualenv?>
903[11:17:02] <ratrace> I don't know any specifically to
recommend.
904[11:17:19] <pitch> thank you anyways
905[11:17:35] <ratrace> maybe someone in #python has a link. but
otherwise, just google and see how it's set up. it's very
easy.
906[11:17:44] <pitch> alrighty
907[11:18:11] <ratrace> it's just a directory where python
binary is installed and modified to consider that directory
it's whole world. all the modules go there, everything packages
do and install go there, like a chroot, but isn't realyl
chroot.
918[11:42:08] *** Quits: Adbray (~Adbray@replaced-ip) (Quit: Ah! By Brain!)
919[11:44:31] <ratrace> RadoS: your cause is lost to begin with.
the whole reason to "convert" users is to show them the
power of FOSS and all the diversity in the ecosyste, not just
replicate their existing paradigms with a different kernel.
926[11:46:12] <Haohmaru> they might find KolourPaint useful tho
;P~
927[11:47:26] <genr8_> id say its a lost cause for other
reasons. you cant expect to successfully convert other people unless
you first try it yourself
928[11:47:39] <RadoS> ratrace, I know what you mean, but
we're talking about families without own hardware yet, who in
the need for "homeschooling" get some free hardware, and
should get some free software with it. Unfortunately are the school
teachers trained only in windows, so if I leave that to them, it
will all become windows.
933[11:48:58] <ratrace> RadoS: which is not bad per se. I quit
recommending linux to people long time ago because it created more
problems, more frustration and more time lost for everyone, UNLESS
the person truly wanted the paradigm shift and get into FOSS.
934[11:49:08] <Haohmaru> you can install multiple DEs and each
user can select what DE session he wants at the login screen
937[11:49:15] <RadoS> Now one of the teachers showed willingness
to learn new ways, for a pitch demo I'd like to show him that
it "doesn't hurt" by being too different from
look&feel. The philosophy & all the love can follow later.
938[11:49:25] <fireba11> RadoS: i know the reality looks
different, but everyone being able to reasonably use a computer
should be fine with any normal linux desktop without any
windows-like themes ...
939[11:49:32] <genr8_> ratrace, exactly
940[11:49:38] <genr8_> you can lead a horse to water but you
cant make him drink
941[11:49:46] <fireba11> RadoS: good look with that project :-D
942[11:50:12] <ratrace> RadoS: you have to show them the FULL
shebang then. package management, config files, terminal, problems
when you open MS word files and convert to LibreOffice. Inability to
run Skype and similar programs. ....
943[11:50:22] <RadoS> genr8_, that's where I _am_ now: the
horse is willing, just needs a chance to take a sip.
944[11:50:37] <genr8_> yeah theyre gonna be like "wheres
skype, wheres adobe, how do i download exes?
946[11:50:46] <RadoS> ratrace, that's all no show-stopper,
skye etc exists for linux.
947[11:50:57] <fireba11> we once had a local school lacking
funds for updating their PCs and the local linux user group offered
to set up a linux network for free so they only had to pay for
hardware (so their budget would work) and maintain it for a year
untill they get used to it and they decided against it -_-
948[11:51:04] <genr8_> they still have to figure it out
949[11:51:10] <Haohmaru> RadoS i wouldn't wanna use it ;P~
950[11:51:33] <Haohmaru> proprietary crapware
951[11:51:43] <RadoS> Haohmaru, me neither, but I can show them
alternatives. Once they get the taste of it, they might live it on
on their own.
957[11:53:04] <RadoS> I'm no newb to _that_ business. ;-)
958[11:53:20] <genr8_> then you're a masochist
959[11:53:24] * RadoS knows.
960[11:53:48] <ratrace> RadoS: then give them KDE. looks like
windows, and also doesn't really, so gives them enough to go
"ooh, what can this button do", and discover the
configurability hell of FOSS :) trial by fire :)
961[11:53:58] <RadoS> Yet I guess it will make me happier than
to work for a commercial company working mainly with M$.
962[11:54:14] <Haohmaru> kde x_x
963[11:54:28] * ratrace installs Crapdows on all Haohmaru machines.
964[11:54:40] <Haohmaru> ratrace i already have crapdows
965[11:54:59] <Haohmaru> if you want to cause damage to me, say
crapdows10 specifically
1006[12:07:36] <Haohmaru> the solution is evolution
1007[12:08:30] <ratrace> there is no answer. desktop linux is
terribad. all of us that DO use it and like it, made a lot of
compromises and dismissed a lot of sour grapes to do so :)
1008[12:08:59] <Haohmaru> pls, it's not terrible
1009[12:09:08] <ratrace> hell, even Ubuntu that was once the
synonym for desktop linux, is turning away and going into containers
and servers.
1020[12:11:23] <ratrace> j/k, wasn't fired, but they were
annoyed I couldn't slack with the rest of the team
1021[12:11:40] <ratrace> I actualyl tried the slack snap but that
didn't work and I refused to spend more than 93 seconds on
debugging it.
1022[12:12:01] <Haohmaru> here i'm forced to use this viber
crapware
1023[12:12:04] <ratrace> the "uh I'm on linux" got
me few months ago when I was interviewing for a job with another
company.
1024[12:12:07] <Haohmaru> using it on crapdows only
1025[12:12:20] <ratrace> they wanted microsoft Teams. they
needed. I had to use that for remote interview. had to install on my
phone.
1026[12:12:31] <Haohmaru> eww
1027[12:13:08] <ratrace> I tried to move family to linux.
reverted one machine back to windows aftre multiple issues with hdmi
and double monitors.
1028[12:13:33] <ratrace> reverted another when the user kept
complaining there's no microsoft office and they REALLY really
cannot use LibreOffice
1029[12:13:58] <Haohmaru> okay, f*ck M$
1030[12:14:02] <Haohmaru> >:/
1031[12:14:05] <ratrace> the third wanted some obscure windows
only program I couldn't get to run via wine, and I just
resigned, it was too much effort for zERO gain
1032[12:15:05] <ratrace> I myself, a veteran of lee nuks, have a
Crapdows10 VM set up with GPU passthrough for those rare cases
Proton ain't 'nuff.
1034[12:15:34] <Haohmaru> yeah, it's a personal choice.. i
personally am horrified of where crapdows is going (it already went
beyond what i can tollerate at crapdows10, and it looks like
it's gonna keep getting worse), i also personally am tired of
dealing with viruses and sh*t
1049[12:21:57] <ratrace> do you even have a choice these days? I
heard a lot of horror stories of unsactioned, unallowed, upgrades
from, say, w7 to w10, with computers left on overnight :)
1064[12:25:55] <ratrace> but if the hardware is old....
1065[12:26:04] <Haohmaru> yeah.. i'm more looking into using
debian for it.. i installed a DAW that enabled some kernel thing
that would give more priority to audio stuff or something
1066[12:26:19] <Haohmaru> it's a core2duo with 4GB of ram
1075[12:30:02] <Haohmaru> eventually the cons of crapdows will
make more people look for alternatives
1076[12:30:14] <Haohmaru> call it evolution
1077[12:30:27] *** Quits: ss2 (~user@replaced-ip) (Remote host closed the connection)
1078[12:30:31] <Haohmaru> linux just has to keep getting better
1079[12:30:40] <Haohmaru> "just" ;P~
1080[12:30:41] <genr8_> just having it being on the same LAN is
problematic. ive been trying to tell people about this. this
specific attack was released/disclosed the other day from this
important guy, but its not exactly new.
replaced-url
1081[12:31:00] <jelly> shtrb: I don't remember anything
offensive!
1085[12:32:42] <genr8_> rather than give a damn, everyone wants
to deny special attacks are real cause "oh thats just
theoretical" until they get hit by it themselves.
1086[12:32:49] <Haohmaru> genr8_ you mean having an old crapdows
on the same LAN?
1094[12:34:34] <genr8_> well just trust that theres ways into a
LAN behind a router when one computer is visiting webpages in a
browser and another vulnerable one is on the LAN
1095[12:35:37] <Haohmaru> i have no doubt that there are ways.. i
just don't understand that particular picture
1096[12:36:13] <Haohmaru> i've noticed here at $job that
very rarely, when i connect to freenode - the identd server happens
to work o_O
1097[12:36:29] <Haohmaru> which shouldn't be possible, in
theory
1098[12:36:56] <Haohmaru> happens like a few times per year
1117[12:56:38] <shtrb> genr8_, I doubt it can attack internal
machine if they also have *their own properly setup firewalls* , no
one should rely on router firewall to defened their laptops/
servers. it's a multi level defense
1118[12:57:14] <oiaohm> shtrb: Its not that simple.
1119[12:57:15] <genr8_> windows tho.
1120[12:57:41] <oiaohm> web browser people need to be able to use
it to access internet and access like network connected printers for
status.
1121[12:58:13] <Haohmaru> shtrb what can i do.. i get a fiber
cable to the room and they put their router on it (the ISP)
1122[12:58:16] <oiaohm> So exploit in browser even with correctly
setup firewalls can be problem if you have like inscure printer.
1123[12:58:37] <shtrb> oiaohm, they should be using local cups ,
which work against your central cups server (WHICH should be defened
by a proper firewall and radius , and be in it's own internet
less network)
1124[12:58:47] <ratrace> treating LAN as hostile has been advised
by the infosec industry for years now
1125[12:58:50] <shtrb> Haohmaru, put a sane router behind it
1126[12:58:52] <genr8_> people should be doing a lot of things.
1127[12:59:13] <genr8_> ratrace, we should keep repeating it
1148[13:04:24] <Haohmaru> so my browser can, via visiting a
random page, get the router confused and then redirect TCP/UDP
packets to the machine that should've been blocked otherwise?
1149[13:04:29] <shtrb> tramplefoot, you mean a compiler or really
interiter for C like CSH and Cscript ?
1150[13:04:36] <oiaohm> shtrb: I have a list of 200 universal
radius server passwords. That opens up 400 different comerical
closed source radius server protected networks.
1151[13:04:42] <shtrb> Haohmaru, that is a feature , not a bug ,
yes
1164[13:06:22] <Haohmaru> i guess you shouldn't have a silly
user/root password and ssh server on it
1165[13:06:28] <oiaohm> shtrb: two of the universal passwords is
a string that causes the server to reset to default out box
passwords then you use the default ones.
1166[13:06:39] <Haohmaru> technically, you should never have
silly passwords
1167[13:06:54] <computa_mike> Hi - I'm running a Debian 10
image under docker (well - it's the php 7.2-apache image from
PHP). I can't install php7.3-curl - get the following error :replaced-url
1168[13:07:04] <oiaohm> shtrb: of course that double as it ddos
the network and lets you in.
1169[13:07:26] <shtrb> Haohmaru, passwords are useless , you
should be using passpharses that change , based on at least three
languages
1170[13:07:31] <computa_mike> but I can see the package in there
if I run apt search php7-*...
1266[14:48:43] <Fayn> hi. I have debian 10 server with mariadb
10.5 (which was installed from mariadb mirror). config files show
that process is being run as 'mysql' user and
'root' user is used for administration through unix socket
1268[14:49:30] <Fayn> but there is /etc/mysql/debian.cnf which
has mentions about debian-sys-maint user and that user doesn't
exist in my mariadb installation
1269[14:49:52] <Fayn> is it required for some debian specific
functions, or just some deprecated user which is not needed anymore?
1274[14:55:43] <jelly> Fayn: it's used with Debian's
packaging of mariadb server. If you had debian's 10.3 before,
did not purge all of it, and installed 10.5 from upstream's
repo, you might have leftover config
1310[15:37:48] <TuxCrazy> hello... what's the difference
between liquorix kernel and xanmod kernel? Can both of these be
installed on Debian?
1311[15:38:41] <ratrace> they're not packaged regularly so
it's a DIY work and if you break it, you get to keep the
pieces.
1312[15:38:47] <jelly> TuxCrazy: best ask liquorix and xanmod
people?
1313[15:39:07] <ratrace> that said I think I've seen a few
people here claiming to run xanmod in their debians
1314[15:39:08] <jelly> in general, you can use most generic
kernel builds on debian
1315[15:39:18] <jelly> or you can build your own
1316[15:39:21] <jelly> and use it
1317[15:39:51] <jelly> let's see if the bot knows anything
1318[15:39:53] <TuxCrazy> how about the security on xanmod or
liquorix vis a vis the default one available on debian?
1319[15:39:56] <jelly> !xanmod
1320[15:39:56] <dpkg> XanMod is a general-purpose Linux kernel
distribution with custom settings and new features. Built to provide
a stable, responsive and smooth desktop experience.
replaced-url
1321[15:40:01] <jelly> !liquorix
1322[15:40:01] <dpkg> Zen is :)(:, or a school of Mahayana
Buddhism, or the Zen kernel: a variant of the Linux kernel optimized
for desktop systems, including code not present in mainline.
Liquorix kernel image packages (replaced-url
1323[15:41:05] <jelly> TuxCrazy: we don't know how other
vendors deal with security issues. Debian kernel security issues can
be tracked like any other package's, in the
1324[15:41:08] <jelly> !tracker of doom
1325[15:41:09] <dpkg> The Tracker of Doom is a vulnerability
database maintained by the Debian security team, viewable at
replaced-url
1326[15:41:22] <ratrace> TuxCrazy: they're probably less
secure based on the fact that they do custom modifications much
fewer people are testing and running, raising probability of new
bugs unique to those modifications.
1327[15:41:58] <jelly> they might track upstream better and gain
some fixes that way, who knows
1328[15:41:59] <TuxCrazy> debian based MX linux makes available
on it, the liquorix kernel also.
1329[15:42:22] <jelly> the main point to take away from this is
probably "we don't know"
1330[15:42:58] <TuxCrazy> ok
1331[15:43:33] <TuxCrazy> btw, do the point releases of Debian
stable provide newer version of packages?
1333[15:44:16] <TuxCrazy> how does the system of point releases
of debian work vis a vis that of ubuntu lts?
1334[15:44:43] <ratrace> apples and oranges
1335[15:45:18] <ratrace> and in debian, some packages might be
bumped in version, especially the kernel, on debian point releases.
1336[15:45:38] *** Quits: SergioCabral (~SergioCab@replaced-ip) (Quit: I left, Guys. To send a hello chat@sergiocabral.com)
1337[15:45:57] <ratrace> the kernel is almost always rebased to
newer point release in the same (LTS) branch, but other packages
rarely; when it happens it's due to security fix that's
unfeasible to backport
1371[15:54:59] <oznt> Hi, I've been desperately trying to
get GPG forwarding to work over SSH . Both of my machines have the
same version of GPG and SSH. Can someone maybe help ?
replaced-url
1372[15:55:35] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
1428[16:15:34] <queip> oznt: maybe it is preferred to copying
keys, but I wouldn't recommend either copying keys, or giving
access to using them via agent, away from the main computer that has
them
1429[16:16:28] <queip> oznt: what will that actually achieved? if
target computer is malicious, and you forwarded agent into it, it
can sign any message using your keys right?
1430[16:16:37] <hop> no
1431[16:17:21] <oznt> queip, I thought that was not the case.
1432[16:17:29] <oznt> hop, I hope you are right :-)
1464[16:28:28] <queip> hop: if it is some kind of text, inside
ssh terminal, then it might be displayed by 2. If it fires up GUI on
1 then it's better. If you have hardware wallet attached to 1
then that's nice
1468[16:31:00] <hop> but you were still arguing in the general
based on old advice, where an unprotected ssh-key was fowarded to
untrusted machines without restrictions
1469[16:31:04] <codedmart> What is the best way to track down
memory leak/consumption? I am on buster running gnome. I have had my
machine running for 12 days now. Closing all applications and
restarting gnome shell still shows memory usage of 22GB with no
other applications running.
1503[16:50:11] <oznt> hop, there is not much to start right? ssh
remote; gpg --decrypt, should work IMO. But I am getting that same
error: Inappropriate ioctl for device
1525[16:59:37] <oznt> hop, on the localmachine I have
/run/user/1000/gnupg/S.gpg-agent.extra on the remote
/run/user/1000/gnupg/S.gpg-agent (the log of ssh says too:debug1:
remote forward success for: listen
/run/user/1000/gnupg/S.gpg-agent:-2, connect
/run/user/1000/gnupg/S.gpg-agent.extra:-2)
1598[17:33:25] <JyZyXEL> i'm eager to see firefox/chromium
eat up the 64 GB on my next desktop
1599[17:33:31] <jelly> chat apps are not doing much better
1600[17:34:00] <twobitsprite> just re-installed debian on an old
desktop and I'm having a display issue. every couple of
minutes, the display flashes something different for about a frame
or so. it's hard to tell what it is, but I think it's the
desktop background. any idea how to troubleshoot this?
1601[17:34:01] <jelly> considering many of those are electron (=
chromium)
1639[17:47:10] <codedmart> OK I only have gnome running, srain
irc and some terminals. free -m shows `Mem: 128823 22162 70793 520
35866 104921` and then top and capital M the first line is `27006
codedma+ 20 0 7023296 296248 117492 S 1.7 0.2 1:25.25 gnome-shell`
1642[17:49:29] <jelly> codedmart: so everything below it uses
less than 300M
1643[17:49:50] <jelly> maybe you just have lots of stuff going on
1644[17:50:03] <invizus> I followed several guides on internet
how to create serial console iso, but cannot make debian 10 boot
into serial console. is there some special trick?
1645[17:50:18] <invizus> it always boots into graphical mode
1646[17:50:34] <codedmart> jelly but it isn't this way when
I reboot.
1649[17:51:35] <codedmart> In htop gnome-hell is listed a ton of
times and each line shows 288M in the RES column.
1650[17:51:42] <codedmart> gnome-shell not hell :).
1651[17:51:47] <hop> i would not be surprised if gnomeshell
indeed had a leak. you said you restarted gnomeshell? sounds like
you didn't /really/ restart it
1664[17:56:48] <codedmart> Hmm... is my system just not releasing
the memory? I logged out. Switched to console, stop gdm service then
checked htop. The top line showed 188M, and was something with
systemd. There were not many processes running.
1683[18:09:08] *** Quits: Deyaa (uid190709@replaced-ip) (Quit: Connection closed for inactivity)
1684[18:10:34] <jelly> codedmart: hard to say. On an idle GUI
system with noone logged in I wouldn't expect more than around
1 GB used and even that's a stretch
1685[18:10:57] <codedmart> jelly Yes that is what it is when I
login from a fresh reboot.
1686[18:11:16] <codedmart> This is on a 12 day running system.
1687[18:11:35] <codedmart> I use multiple browsers, programs,
etc.
1700[18:21:40] <codedmart> Yeah I use some electron apps. I am
just trying to understand if I close all those why still the high
consumption. Or percieved consumption.
1701[18:22:06] <queip> eletron "apps" are one of signs
that IT went in the wrong direction
1704[18:23:03] <jelly> queip: well, it makes things easier for
developers, and maybe paying developers well enough is a constraint
on different people than people that have to buy more RAM
1705[18:24:01] <jelly> codedmart: another thing to try: what if
you log out of GUI, and also restart gdm service (and X server with
it)?
1742[18:46:49] <twobitsprite> ok, so I have this weird issue with
firefox where when I'm watching youtube videos, every couple of
minutes the screen will flicker and show my wallpaper for a frame or
two. I've tried running ff in safe mode and it still happens. I
have a GeForce GT 730. any ideas on how to troubleshoot?
1762[18:58:47] <karlpinc> greycat: FYI. It looks like, unless
python2 gets to stay in bullseye, that the moinmoin wiki is not
going to be in the next stable. This because moin2 (python3) is very
likely not going to be ready.
1777[19:15:13] <greycat> karlpinc: I'm using upstream
moinmoin, not Debian's, and I'm also stuck on Debian 9
forever, because the kernel isn't new enough for buster's
libc.
1785[19:22:26] <ectospasm> sounds like you either have a
FrankenDebian, or you need to learn how to use backports.
1786[19:22:26] *** Quits: darunesh_ (~darunesh@replaced-ip) (Remote host closed the connection)
1787[19:23:52] <greycat> Me? No. it's a VPS running an
OpenVZ kernel, version 2.6. Can't run Debian 10. So I'm
running Debian 9. I use upstream's packages for some stuff, and
I have backported nginx and libssl so I can have TLS 1.3.
1788[19:24:48] <ectospasm> Ah, that makes sense. I never liked
being on an OpenVZ host, so I switched providers.
1789[19:25:05] <ectospasm> I had one provider that half the
documentation was in German, so I had to drop them.
1855[20:58:04] <shtrb> no , I'm connected. each machine got
it's own ips , I just can wrap my head what is the prefix that
I was given
1856[20:59:46] <shtrb> I can see that the first 64 bit are the
same for each machine , but the router got a different prefix from
the machines (only shares first 32 bit) , so I'm trying to
understand how and what it is
1857[20:59:52] <shtrb> sorry for such a intellectually chalenged
question
1877[21:20:03] <imMute> that sounds like how IPv6 is supposed to
be handled for home networks. the router itself uses one subnet to
talk to the ISP equipment. then it uses DHCP-PD to request a subnet
for the LAN side. those two networks may have some common prefix,
but it's not required
1894[21:40:46] <Fayn> i tried setting binlog to none but new node
still won't join a cluster (galera ip's are configured to
include new node and 10.2 node only)
1895[21:41:04] <Fayn> It complains InnoDB: Upgrade after a crash
is not supported. This redo log was created before MariaDB 10.2.2.
1896[21:42:17] <Fayn> already tried deleting ib_logfiles on new
node but that doesn't help (galera syncs files, but then shows
that error and quits)
1905[21:52:02] <Fayn> i think it's possible to at least
update all existing nodes to 10.2, but it's unclear how to
solve this sync problem, in other words how to upgrade log file
version in galera
1906[21:53:30] <jhutchins> Fayn: I think you need to run the
upgrade script on each node with replication stopped, then resume as
you would for a drop-out.
1907[21:54:06] <Fayn> did that for one node and it succeeded
1908[21:54:18] <Fayn> the issue is new nodes cannot join
1909[21:54:42] <Fayn> but i try to upgrade multiple versions one
by one, maybe it works...
1917[22:14:28] <Fayn> ok, i just read you can upgrade one node to
10.5 and then others can be upgraded to 10.5 directly, as they sync
sst from that node
1961[23:00:44] <lifostack> hi all, i was able not so long ago to
record my desktop using a hot key combo... i've forgotten what
that is can someone remind me?
1962[23:01:00] <lifostack> i did not need to install any extra
software there was something already installed in my debian buster
distro that allowed me to just "start recording"
1964[23:02:25] <lifostack> there was a record/stop/play button
that would appear in my taskbar near the icons on the right
1965[23:02:49] <sney> which desktop env?
1966[23:02:59] <lifostack> gnome
1967[23:03:21] <lifostack> ah it looks liek CTRL+ALT+SHFT+R
1968[23:03:31] <phogg> I don't know what GNOME might have
set up by default but if you can't figure it out you can always
bind any hotkey you like to invoking recordmydesktop
1969[23:03:49] <lifostack> its not a debian buster thing its a
gnome thing
1970[23:03:53] <lifostack> apparently
1971[23:03:55] <sney> indeed
1972[23:04:29] <lifostack> thx, gnome jogged my noggin