32[00:34:13] <jmcnaught> You see i3 in the output of
"systemctl status display-manager.service"? In the journal
lines at the bottom?
33[00:34:47] <horribleprogram> nope
34[00:34:57] <horribleprogram> wmname outputs i3
35[00:35:42] <horribleprogram> brb
36[00:35:44] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you
can get shot if you crack smiles and shit...)
134[02:45:59] <jmcnaught> alexrelis[m]: if the new UEFI system
also supports legacy BIOS or CSM booting then you could start by
taking an image of the old drive and copying it onto the new drive.
Then once you have it booting in legacy BIOS mode you can think
about converting to UEFI.
135[02:46:59] <jmcnaught> alexrelis[m]: converting to UEFI would
require booting from UEFI media such as a debian installer netinst
ISO using the rescue boot option (under advanced) which can give you
a shell in a chroot of the target system.
138[02:49:08] <alexrelis[m]> jmcnaught: would the new drive have
to have a MBR partition scheme? Or could I make it GPT from the
beginning and still boot in legacy mode?
139[02:49:28] <jmcnaught> alexrelis[m]: from there you would
need to make room for an ESP (EFI System Partition) to be mounted at
/boot/efi. Then you should be able to install grub-efi in the
chroot. I would not attempt any of this without a backup of course.
140[02:50:02] <jmcnaught> alexrelis[m]: I might be wrong but I
think that you can have an ESP on an MBR formatted drive, but that
is definitely something to check.
142[02:50:56] <jmcnaught> alexrelis[m]: maybe it makes more
sense to partition the new drive with GPT, and instead of copying an
image of the drive over, copying individual partitions.
143[02:52:55] <jmcnaught> That way you don't have to shrink
a partition to make room for /boot/efi
144[02:53:14] <quadrathoch2> alexisrelis[m] it is possible to
have an esp on mbr, that’s done so you can boot csm/uefi from
the same disk. You would still need to install grub twice
145[02:56:12] *** Quits: godane (~godane4@replaced-ip) (Remote host closed the connection)
148[02:57:49] <alexrelis[m]> jmcnaught: okay.. Now I'm
going to ask something a little more complicated. My old SSD is
non-lvm and encrypted / with LUKS 1. I want to make the new SSD lvm
with encrypted / with LUKS 2. How could I do this?
154[03:04:51] <alexrelis[m]> On second thought, it's fine
if I remain on LUKS 2. I read that GRUB on Debian stable can't
read LUKS2 encryptied partitions yet.
155[03:05:03] <jmcnaught> alexrelis[m]: well understand that my
experience is limited with LUKS creation outside of
debian-installer, but I would try this: partition new SSD with ext2
/boot, FAT32 /boot/efi, and the rest for encrypted volume. Possibly
leave 10% unallocated as over-provisioning…
156[03:05:12] <jmcnaught> alexrelis[m]: that's the reason
for separate /boot
158[03:07:44] <jmcnaught> alexrelis[m]: you would use
"cryptsetup luksFormat <device>" to make the
encrypted volume, then "pvcreate /dev/mapper/????_crypt",
then "vgcreate <volume group name>
/dev/mapper/????_crypt" to make your volume group.
160[03:08:47] <jmcnaught> alexrelis[m]: then you could use the
lvcreate command to make individual volumes for rootfs, swap, home
(to match the partitions on the old drive), then copy the old
drive's partitions to those LVM volumes
161[03:10:46] <jmcnaught> update /etc/fstab to reflect the
changes, then reboot into d-i's rescue chroot shell, install
grub-efi, run update-initramfs -u
162[03:11:05] <jmcnaught> alexrelis[m]: if that does not work
then at least you still have the old drive and its backup!
164[03:12:52] <jmcnaught> overall it might be simpler to do a
fresh install on the new SSD, let d-i guided partitioning set up
LUKS 2 and LVM for you, then reinstall packages and copy your files
from /home and /etc from the backup
165[03:13:03] <alexrelis[m]> jmcnaught: thank you so much.
167[03:15:52] <jmcnaught> alexrelis[m]: I did something similar
but much simpler this week. I migrated my buster UEFI LVM non-LUKS
from one SSD to another. For that I created /boot and /boot/efi on
the new drive, copied the files over, updated /etc/fstab, rebooted
into a d-i rescue chroot to run update-grub, and deleted the old
/boot and /boot/efi.
168[03:16:11] *** Quits: prints (~333@replaced-ip) (Quit: radio.theholyroger.com)
169[03:16:30] *** Quits: k4nz (~Thunderbi@replaced-ip) (Remote host closed the connection)
171[03:17:01] <jmcnaught> alexrelis[m]: after I confirmed that
booting worked I added the rest of the new SSD to my LVM volume
group and used "pvmove /dev/oldSSD /dev/newSSD" to move
all the logical volumes. Then I removed the old SSD from the volume
group, and I was done.
172[03:17:46] *** Joins: Prints (~333@replaced-ip)
188[03:30:23] <alexrelis[m]> jmcnaught: cool! I'm fine with
copying partitions and reinstalling grub, but my head starts to hurt
once I have to deal with LVM and encrypted boot all at the same time
haha.
192[03:34:54] <jmcnaught> alexrelis[m]: yeah it is a lot of
layers to think about all at once. I only bother with encryption on
my laptop since it is portable, and I just go with what the debian
installer sets up for me.
193[03:36:01] <jmcnaught> alexrelis[m]: good luck, I hope you
get it working.
201[03:51:15] <scrulO0se> Okay, I *know* I've seen apt
offer a merge option for config file conflicts... but it
doesn't offer it on my current Bullseye laptop and I can't
seem to find any reference anywhere that tells me how to enable
this. What am I missing?
262[05:53:29] <sgo11> Hi, I am using virt-manager for virtual
machines. But I don't use VM all the time. Actually I rarely
use them. But I found out the background services are auto started
at boot. How can I completely disable all VM related services at
boot? I'd rather enable them on demand when I use them. So far
I think I can `systemctl disable libvirt-guests` and `systemctl
disable libvirtd`. what else? Thanks a lot.
265[05:55:05] <jmcnaught> sgo11: libvirt-guests is a service
that runs at shutdown to stop any guests that are still running, it
is not persistent so you might as well enable that one again.
266[05:55:28] <petn-randall> sgo11: IMHO there's not much
benefit of disabling them. If you don't use them, they'll
idle and the memory will be swapped out.
267[05:56:52] <jmcnaught> sgo11: "systemctl status
libvirtd.service" here reports only 59.8 MB of memory used. I
agree with pétn-randall.
268[05:56:53] <t3st3r> maybe that's why I use just plain
qemu from command line: brings no enterprise grade
"goodies" on my head
269[06:01:11] <sgo11> Thank you all for the replies. I am
running a persistent live system on an external USB drive.
That's why I think I should disable anything which are not
requried to speed up the system. Do you still suggest those services
running in a live system on external USB drive? Thanks.
270[06:01:59] <sgo11> I even plan to execute `virsh net-destroy
default`. Not sure how much resources that virtual netowrk will use
on startup and running system.
272[06:04:47] <jmcnaught> sgo11: after running "virsh
net-start default" libvirtd.service is now using 61.7MB of
memory (from 59.8MB before)… unless your machine is memory
starved I would not worry about micro-managing services and just let
the kernel handle things.
276[06:07:18] <sgo11> jmcnaught: so all these services will only
use memory in general. Won't they make any overhead on CPU?
(Sorry that I am not sure if my English makes sense or not.) Cheers.
277[06:08:50] <jmcnaught> sgo11: libvirtd does not constantly
consume CPU while it is idle. Libvirtd does not consume very much
CPU when a virtual machine is running either, the qemu process is
what uses the CPU.
278[06:09:38] <sgo11> jmcnaught: got it. Thanks a lot. :)
279[06:10:36] <jmcnaught> sgo11: run the "top"
command, and sort by CPU usage by pressing capital P, q to quit.
While top is running you can see which programs are using CPU.
280[06:11:35] <sgo11> jmcnaught: yeah, I was just afraid it
would use CPU when I don't pay attention sometimes randomly. :)
I am just too suspicious
283[06:15:13] <jmcnaught> sgo11: when libvirtd is running the
default network (or similar ones) it is just running an instance or
two of dnsmasq which is very tiny. dnsmasq is the DHCP server and
DNS forwarder in a lot of Linux based consumer routers, even old
ones with 4MB of RAM. Your computer can probably handle it running
all the time if it is capable of running virtual machines.
304[06:46:37] *** rgdgnfnfgh is now known as S3xyL1nux
305[06:47:35] <brachamh> longest uptime yet for my home server:
24 days, 15 hours. just an old desktop with non-ecc ram, etc, so
i'm impressed. just today started having some usb device errors
which seem to show that the usb controller is having trouble. going
to reboot to see if it is the extended uptime that's causing
issues.
321[07:02:38] <jmcnaught> The command in the !termbin factoid
does not need cat, it can be done with "nc termbin.com 9999
< /path/to/file" but I suppose it does demonstrate piping.
340[07:46:12] <brachamh> apparently i have more issues...docker
seems to continually be trying to pull images for some reason. it
was all working properly.
341[07:49:06] *** Quits: monkwitdafunk (uid238811@replaced-ip) (Quit: Connection closed for inactivity)
363[08:21:09] <brachamh> is that a sign my mainboard is failing?
364[08:24:12] <jelly> it is more likely you have a quirky usb
device, like a cheap printer, than a mainboard issue
365[08:24:25] <brachamh> i haven't changed a thing
366[08:25:48] <jelly> and those usb errors might have been
happening before, have you read these logs before last boot?
367[08:25:56] *** Quits: torbo (~user@replaced-ip) (Remote host closed the connection)
368[08:26:28] <brachamh> i haven't checked the logs for a
while, but the errors were showing up on the terminal screen as they
happened before i rebooted
369[08:26:49] <jelly> you can probably ignore those since the
printer seems to manage to connect after a try or three
370[08:27:17] <brachamh> just today. was on that same system for
a while yesterday as well and no errors. you figure it is the
printer?
375[08:30:17] <jelly> but if everything works, ignore it. Or
connect the printer to a different port, reboot again and see if
both the errors and the printer usb numbers change in dmesg log
376[08:31:04] <brachamh> mainboard ethernet is pci, right?
412[08:52:56] <jelly> brachamh: ah see, now it's usb 4-1,
before it was usb 5-7
413[08:53:38] <brachamh> i have both the printer and the
keyboard plugged into their original ports
414[08:53:49] <jelly> brachamh: that's... weird, then :-)
415[08:54:46] <epitamizor> as long as the port is working for
mouse/printer etc. it seems to be software bug or false positive
416[08:55:16] <brachamh> yeah. i gotta get this docker issue
figured out though for now...i use my containers daily, but i
can't have docker continually attempting to pull images
417[08:55:38] <brachamh> epitamizor, ok. still weird.
418[08:57:17] <epitamizor> brachamh, its probably some resource
contention or readiness issue, as that only occurs during boot, so
the resource may generate that until it gets initialized
420[08:59:17] <brachamh> epitamizor: no there were same/similar
usb errors showing up while i was using the system earlier. it had
been up for 24 days at that point.
421[09:00:20] <brachamh> hadn't had any errors until today.
422[09:01:11] <epitamizor> was any usb device removed or plugged
in?
423[09:01:28] <brachamh> nope. home server, nothing has changed
for months
424[09:01:49] <brachamh> only reason it had been rebooted 24
days ago is the power flashed lol
425[09:02:09] <epitamizor> lol that will definitely screw up
systems
426[09:02:19] <jelly> brachamh: honestly I see errors like these
regularly on my desktops, with usb sound cards, usb hubs on monitors
427[09:02:25] <epitamizor> probably fried some components
428[09:03:09] <brachamh> well, not sure it was a flash...it was
an abnormality. so an issue showed up 24 days later?
429[09:03:18] <jelly> brachamh: if all the usb ports still
appear to work, ignore it. You might want to see if USB3 devices
still work with usb3 speeds. Neither a keyboard nor a printer will
exercise that.
435[09:03:53] <brachamh> i simply did a full shutdown instead of
a reboot.
436[09:04:18] <brachamh> the network card connected immediately
like i'm used to, and so far no usb errors
437[09:04:40] <jelly> epitamizor: any yet, many usb devices are
quirky and linux kernels expose all sorts of transient crap
438[09:05:19] <brachamh> jelly, i don't think this thing
has usb3. it's about ten years old.
439[09:05:36] <brachamh> and yes, after the shutdown and
restart, no errors
440[09:05:47] <epitamizor> until 24days...
441[09:06:18] <brachamh> i'd rebooted nearly ten times in
the last hour or two, and the errors persisted
442[09:07:01] <brachamh> if i have to shut down this old thing
every three weeks or so to "clear" it, that's not bad
at all, IMO. it's just an old desktop with non-ecc ram, etc
457[09:17:06] <brachamh> oh, that's right, there is an sd
card reader. never used it though. honestly didn't realize it
was plugged in...this thing has a whole bunch of usb ports on the
top and front of the case, and i don't think the board supports
all of them, IIRC
462[09:20:18] <brachamh> oh yeah, device 4 is the card reader
463[09:20:25] <kristijonas> Hello, could someone help me
configure DNS over TLS (DoT) on current stable? kind of got confused
with all these systemd-resolved, unbound and knot configuration.
469[09:25:07] <brachamh> jelly, thanks for your help! now i just
need to figure out that docker issue. tomorrow though. i think
i'm heading to bed. 2.30am is late enough lol
483[09:37:32] <kristijonas> quadrathoch2, should I get rid of
unbound? I installed it, as well as knot, but didn't manage to
properly configure those.
484[09:38:20] <quadrathoch2> kristijonas I would just use the
things which come by default. but you can use the others if you
want. but no idea how to set those up (i'm pretty sure unbound
is a full dns server, so not the right tool for a client)
500[09:44:40] <kristijonas> quadrathoch2, alright, I will give
it a try! but I'll have to re-enable the systemd-resolved,
right after editing the config file, right?
501[09:45:02] <quadrathoch2> kristijonas reenable? did you
disable it?
507[09:47:27] <jelly> Jmabsd: <quadrathoch2> Jmabsd
doesn't sound like it does, as qemu-kvm isn't build for
power9 <judd> No package named 'qemu-kvm' was found
in ppc64el. <jelly> that will kill the "out of the
box" requirement pretty decisively
508[09:47:47] <Jmabsd> Weird
509[09:47:56] <Jmabsd> jelly,quadrathoch2: so weird - for RHEL
they have it
510[09:48:00] <quadrathoch2> kristijonas oO systemd-resolved is
used as default since 16.10 or something like that
511[09:48:04] <Jmabsd> Debian should def have this, why would
only RHEL do ????
512[09:48:15] <quadrathoch2> Jmabsd because they earn money with
it
513[09:48:18] <jelly> Jmabsd: it's not weird at all, RHEL
has enterprise customers
514[09:48:36] <jelly> quadrathoch2: 16.10 is not a Debian :-)
515[09:48:46] <quadrathoch2> argh, you are right, doh
516[09:49:03] <quadrathoch2> i thought i was in #ubuntu
517[09:49:27] <jelly> np
518[09:49:34] * arahael sprinkles some holy water over the room,
especially in the direction of quadrathoch2.
519[09:49:42] <genr8_> bah. major security patch on libproxy1v5
for buffer overflow, 2 CVEs. (almost everything auto-uses that lib
too)
522[09:50:02] <jelly> arahael: Ubuntu is not a curse word!
523[09:50:09] <quadrathoch2> kristijonas yep then you would need
to enable it xD
524[09:50:19] *** Parts: psyvenrix (~someDrong@replaced-ip) ("leaving due to ethics")
525[09:50:23] <arahael> jelly: Heh, but confusing it with debian
is almost one! ;)
526[09:51:02] <jelly> kristijonas: honestly I'd trust
unbound more than resolved, but if you have resolved by default you
might as well try and see if it works for you
527[09:51:19] * jelly has never done DoT with either, it's just a
gut feeling
528[09:51:51] <quadrathoch2> jelly, as I never used unbound,
_shrug_
529[09:52:04] <quadrathoch2> but isn't unbound a full
fledged dns server? not a client?
530[09:52:15] <Jmabsd> quadrathoch2: do you believe KVM-QEMU for
Power9 can be built and made to work easy?
531[09:52:33] <quadrathoch2> Jmabsd idk, as I never had a power9
machine
532[09:52:57] <jelly> quadrathoch2: it's a recursor server.
533[09:53:44] <kristijonas> jelly, yea, i believe unbound and or
knot would be something more secure. but i'll first try with
systemd-resolved, once I figure how to enable it
534[09:53:45] <jelly> I think debian packaging has integration
with resolvconf and adds nameserver 127.0.0.1 to /etc/resolv.conf
535[09:53:45] <quadrathoch2> Jmabsd as suse also has a version,
I guess you could look into both buildconfigs and figure something
out
537[09:54:02] <Jmabsd> quadrathoch2: oh there's a
#debianppc channel, great
538[09:54:43] <jelly> Jmabsd: but be patient with small
channels, it may take days to get an answer
539[09:55:46] <Jmabsd> quadrathoch2: "Works fine as a KVM
host via virt-manager (tested with Debian 10 as the guest)."
replaced-url
540[09:57:52] <jelly> that doesn't say which distor they
used as host
541[09:58:02] <quadrathoch2> Jmabsd so it sounds like it should
be reletively easy to get it compiled, i assume so, as redhat+suse
are working on it and earn money with it.
542[09:58:13] <quadrathoch2> jelly which he was looking for?
610[10:40:37] <epitamizor> git is a content revision program
611[10:40:48] <shtrb> I know :)
612[10:41:13] <genr8_> whats wrong with git
613[10:41:22] <epitamizor> user error maybe?
614[10:41:28] <shtrb> genr8_, maybe I'm using a canon to
kill a fly each time
615[10:42:02] <shtrb> I'm using git, but I took git in the
first place because I'm custom to git , and maybe it was the
wrong tool
616[10:42:33] <epitamizor> you still havent said anything
specific on why its not adequate
617[10:43:24] <shtrb> I'm asking if there are better tools
than that and better approached, It's good for me , but maybe
there are better tools which i'm not aware of that solve
problems I just take for granted
661[11:16:23] <jelly> > You should not buy one and expect it
to compare favourably with x86 or a Raptor system. [...] On the
other hand, there's a good chance this will be another truly
open system
709[12:09:50] <keithweisshar> why does Windows show most of the
bootable installer usb as unallocated except the first partition
with the efi folder after writing raw iso-hybrid image to usb
710[12:10:01] *** Quits: dselect (~dselect@replaced-ip) (Quit: ouch... that hurt)
711[12:10:26] *** Quits: psych094 (~Thunderbi@replaced-ip) (Quit: Hope to be back soon! 👋)
808[13:56:56] <timwis> Hey all, I'm running a third party
script that runs apt-get install. Is there a way to make those
--quiet without modifying the script? E.g. by env var or `set`
command of some sort?
809[13:58:48] <genr8_> redirect to > /dev/null ?
810[13:59:04] <ratrace> Deyaa: pastebin your vsftpd.conf please
831[14:05:59] <mzajc> is there a way to force an executable to
launch with additional environment variables in a clean way?
I'm currently facing issues where I have to set
QT_QUICK_BACKEND to 'software' to fix issues with some kde
programs on nvidia drivers, while some other programs require the
same variable to be set to 'hardware'. I'm currently
using the unclean approach of replacing the executable with a
shellscript that adds the variables and then launches the actual
832[14:06:01] <mzajc> executable, which is located somewhere
else, but that hinders updates
854[14:11:48] <ratrace> mzajc: so you need env specifically for
the entire shell itself but not for its children processes?
855[14:11:58] <mzajc> yes, precisely
856[14:12:14] <mzajc> although I don't think processes are
launched as children of plasmashell on kde
857[14:12:55] <genr8_> i have a great idea. fork and recompile.
ez........
858[14:12:57] <mzajc> specifically systemsettings5 has issues
when QT_QUICK_BACKEND is set to hardware. it does have a desktop
file, but that desktop file isn't used then you launch it
indirectly, eg. from an applet
859[14:13:13] <ratrace> there should be a definition of how the
shell is started by the DM somewhere in /etc , and there you cna
prepent the env command with your vars, to the exec line
860[14:13:17] <mzajc> genr8_: I would, but again, I'm
trying to not hinder updates here
861[14:13:34] <mzajc> let's see about /etc..
862[14:13:46] <ratrace> ah wait... /usr/share/xsessions/ and
it's maybe a .desktop launcher?
863[14:14:18] <mzajc> yes, that's a lot closer!
864[14:14:25] <mzajc> the executable is /usr/bin/startplasma-x11
865[14:16:41] <ratrace> mzajc: is there a .desktop for it in
/usr/share/sessions ?
883[14:23:13] <mzajc> nope, no go. x did absolutely not like me
changing the Exec value
884[14:23:31] <mzajc> had to jump into a vt to fix it
885[14:24:41] <ratrace> how did you change it exactly? and
it's not X that cares about it, but the DM
886[14:25:13] <genr8_> ratrace, why do you want the
"env"
887[14:26:08] <ratrace> genr8_: ?
888[14:26:24] <mzajc> actually, I skipped the env because I
thought it wasn't required, since it works on regular desktop
files
889[14:26:31] <mzajc> let me try it with env real quick
890[14:26:33] <genr8_> thats what im asking
891[14:26:36] <genr8_> the env command, why
892[14:26:38] <ratrace> no I don't think that Exec is a
shell context
893[14:26:47] <ratrace> genr8_: because I don't think Exec
is a shell context
894[14:27:17] <mzajc> it sure is from plasma's perspective,
but I guess that it might not be from DM's
895[14:27:46] <ratrace> running things like `FOO=bar somecommand
` is a shell construct specifically. otherwies you need to
explicitely call the env command with arguments of variables and
what to call next in that context
897[14:27:57] <ratrace> mzajc: it's launched by the DM,
898[14:28:25] <ratrace> the DM uses the Exec line to launch the
session. afaik that Exec context is NOT a shell context, meaning you
need explicit call to env(1)
899[14:29:47] <ratrace> mzajc: "it sure is from
plasma's perspective" nope. The "shell" here I
mean is things like bash, or dash, or csh.... not the "plasma
shell" which has nothing to do with the command line shells.
900[14:30:10] <mzajc> ratrace: no, that's not what I meant
901[14:30:41] <mzajc> when you launch a program using a desktop
file from plasma, it launches it in a shell, meaning that the env
can be skipped
913[14:34:02] <mzajc> I suppose I could just wait for a nvidia
driver update since this is a pretty minor issue
914[14:34:17] <ratrace> mzajc: maybe you can try this then.
alter your PATH (via ~/.xsessionrc or similar, not a ~/<shell
rc>) to source your ~/bin/ first, then you put teh commands you
want to override with custom scripts that set env, in ~/bin/
915[14:34:53] <ratrace> but .... no, that probably wouldn't
work as launchers are typically supplying full paths .... welp....
out of ideas.
924[14:40:16] <ratrace> mzajc: how many programs require the
other value for that env? maybe you can override _their_ launchers?
925[14:40:25] <mzajc> nevermind, looks like I found exactly
where it's started from: "At least on Debian 5, the
autostart of plasmashell is specified by
/etc/xdg/autostart/org.kde.plasmashell.desktop, which does have the
X-KDE-autostart-phase=0 set."
926[14:41:06] <mzajc> currently the default QT_QUICK_BACKEND is
hardware, but I can override that to software in /etc/profile
927[14:41:33] <mzajc> from what I can tell the only program that
doesn't work with hardware is systemsettings5, and the only
program that doesn't work with software is plasmashell
961[15:20:49] <brenlae> hello, installed debian 10.6 last night,
got it all configured, very pleased - came from ubuntu, needed
something that uses less RAM and is more stable
967[15:22:31] <shtrb> Eryn_1983_FL, you probably can setup it to
listen on a local interface only (if you actually need it )
968[15:23:33] <nevivurn> Eryn_1983_FL: if you don't have a
firewall set up to block access + if access to glances allows bad
people to do bad stuff, yes.
1012[15:56:27] *** Quits: os_ (~Usama@replaced-ip) (Remote host closed the connection)
1013[15:56:48] <Na_Klar> I got a spammer attack on my mailserver.
I blocked the subnet on my mailserver but I wanted to block it from
iptables so that my mailserver logfiles don't get flodded. I
iptables -A INPUT -s xx.xx.xx.xx/16 -j DROP, but the IP still
reaches my mailserver. why is that?
1017[16:00:25] <LtL> Na_Klar: use iptables -I INPUT
1018[16:00:47] <GNU\colossus> Na_Klar, many possibilities. your
rule could be ineffective due to an ealrier rule making that traffic
hit ACCEPT right away, for instance. you'll have to provide the
full ruleset for anyone to tell.
1019[16:00:57] <jelly> Na_Klar: show your complete iptables
rules, use iptables-save or at least iptables -S
1022[16:01:11] <jelly> Na_Klar: please to not change or hide
info.
1023[16:02:35] <Na_Klar> ah okay, I didn't consider
conflicting rules ... and with -A I appended on the chain. Will -I
avoid appending? Like a "stand-alone" rule?
1026[16:03:30] <GNU\colossus> -I will INSERT (at the beginning of
the chain)
1027[16:03:44] <jelly> there's no such thing as a standalone
rule, but you can add one at any point in a chain, ... -I chainname
1 ... would add at the beginning, before other rules
1028[16:03:49] <Na_Klar> yes, got that
1029[16:03:53] <GNU\colossus> (this is the moment you start
reading the docs, btw ;))
1030[16:04:04] <Na_Klar> thanks, that explains it most likely.
1031[16:04:09] <jelly> -I chain requires a number after chain
name
1032[16:04:21] <Na_Klar> yes, default seems to be "1"
1033[16:04:44] <jelly> there used to be no default, maybe that
changed recently
1035[16:05:00] <Na_Klar> dunno .. but thanks for pointing out
1036[16:05:41] <jelly> for me "recently" might be
"since iptables replaced ipchains" :-)
1037[16:05:58] <GNU\colossus> :)
1038[16:06:37] <Agiofws> i have copied a debian installer iso to
a usb stick cp foo.iso /dev/sdh it seems that there are 2 kind of
installers one for a eufi gpt partition system and one for legasy
mode bios ? my problem is that when i boot from the stick i get the
installers options but what ever i select it freezes, i have
disabled fast and secure boot do you have any suggestions thank you
1039[16:07:26] <jelly> Agiofws: the same installer does both bios
and uefi.
1040[16:07:29] <Agiofws> i'm trying to install linux on a
laptop
1041[16:08:10] <Na_Klar> setting the rule on top of the chain
works as expected. thanks. will the spammer get an instant block
reaction or will he have to timeout his request? (this I would wish
him)
1042[16:08:29] <Agiofws> why does it freeze? anything i can try ?
its an amd 4500u gpu may sometihng to do with intergrated graphics ?
1044[16:09:15] <jelly> Agiofws: hard to say, but assuming
there's an issue with graphics you might try to use the
installer image with firmware, if you're not using that already
1045[16:09:20] <jelly> !firmware images
1046[16:09:21] <dpkg> There are <live> system and
<netinst> and DVD images containing non-free Debian
<firmware> packages available from
replaced-url
1047[16:10:02] <Agiofws> i tried booting on another pc and
booting via legash mode partition from the usb installer it worked
1087[16:26:45] <Stonefruit> I downloaded a jar file and a
directory of its dependencies. I'd like to be able to call the
jar file from the command line, from any directory. how do I do
this? from googling it seems I should put it in /usr/share/java, but
I ) can't seem to invoke any of the jar files there if I'm
not in the directory, and 2) each jar file has a tar file associated
with it, which I don't understand fully. I don't know
anything about java.
1088[16:27:44] <lnxslck> Stonefruit: maybe thats where you need
to start
1089[16:27:47] <lnxslck> learn about Java
1090[16:28:20] <lnxslck> as for the other part, you need to place
the binary location on your PATH, or put the binary on an existing
PATH location
1105[16:37:04] <Stonefruit> I downloaded a jar file and a
directory which keeps its dependencies. if I am in the directory
with the jar file, I can invoke it as $ java -jar astral.5.7.4.jar
-options filename
1106[16:37:38] <Stonefruit> if I'm outside of the directory,
I can invoke it by putting in the full path. but I'd like to
just type "$ astral -options filename" and have it work
1107[16:37:57] <lnxslck> build a script that does what you want
1108[16:38:04] <lnxslck> and place that in your PATH
1109[16:38:19] <EdePopede> didn't use too many java
programs, but the few came with a wrapper script or recommended
creating one with some settings for the env or doing sth with the
memory. and these went into $PATH then, the jars all stayed
$somewhere.
1110[16:39:11] <lnxslck> a script should get you there
1111[16:39:20] <Stonefruit> right, that makes sense
1112[16:39:32] <EdePopede> Stonefruit: no idea if java has a list
of directories where it looks for jar files, but using a path
(relative or absolute) should work. i'd still prefer the
wrapper script. it's safe and flexible.
1139[17:02:18] *** Quits: milkt (~debian@replaced-ip) (Remote host closed the connection)
1140[17:04:58] <jelly> d3y44: figure out which user is used for
anonymous ftp. Make a subdirectory for uploads. Make it writable for
that user, or their primary group.
1152[17:13:17] <alexrelis[m]> I am soon to be getting a laptop
with a Ryzen 7 4700U CPU with integrated graphics. I have installed
`firmware-amd-graphics` and `linux-image-amd64`. Do I need anything
else to get the computer working on Buster? I heard from somewhere
that I needed the latest mesa.
1153[17:14:10] <otisolsen70> I have a partition layout that is
something like this: [/][/home][/boot][/usr][unallocated] Now, I
have a lot of unallocated space and no space left on /home. So I
want to grow /home. How can I do that? Can I move /usr and /boot to
the end of unallocated space and then grow /home?
1172[17:18:57] <alexrelis[m]> otisolsen70: you can use anything
really. I would simply use the Debian live or non-free Debian live
if you need wireless drivers.
1184[17:22:35] <jelly> otisolsen70: I'd recommend
reinstalling or making a backup of the complete linux installation,
then reformatting with just /boot and a single LUKS and LVM on top.
1185[17:22:59] <otisolsen70> jelly, the other partitions are for
Windows 10 (dual boot)
1186[17:23:04] <jelly> leave the efi and non-linux partitions
as-is
1187[17:23:32] <otisolsen70> The reason for the separate /usr was
that I initially ran out of space on /, so I added /usr on a
separate partition.
1188[17:23:47] <jelly> using LVM would have helped with that
1213[17:33:23] <otisolsen70> I use zsh as my primary shell
1214[17:33:25] <n4dir> iirc i wanted to chroot to do something,
that is, i had to chroot, and i ran in having first to find out how
to to chroot from zsh to bash. Or such. Too long.
1218[17:33:52] *** nsegkos is now known as nksegos
1219[17:34:25] <otisolsen70> I have never experienced problems
chrooting in zsh. But if there are problems, isnt it possible to
just do "exec bash" ?
1220[17:34:46] *** Quits: conta (Thunderbir@replaced-ip) (Quit: conta)
1221[17:35:04] <n4dir> i forgot, but what i would usually do with
eyes closed i first had to google. Which is not what i want when
troubleshooting something completely different
1238[18:05:32] <hansol> can easly be updated debain to next
release ?
1239[18:05:48] <hansol> !update
1240[18:05:48] <dpkg> [update] `aptitude update' grabs the
Packages.gz files from their sources and refreshes the available
packages. Use before an aptitude upgrade or before looking for stuff
with apt-cache search. See also <updates>.
1267[18:27:00] <brachamh> so this morning i also figured out what
docker container was attempting multiple pulls. auto updater
ouroboros. so it's stopped for now until i can figure out how
to make everything work like it's supposed to, not just so it
works lol
1296[18:55:04] <uniqdom> Hello, while in bash, autocomplete
appends / to folders if you press <TAB>, but you need to press
<TAB> twice if the folder is a symlink. Is that correct or is
just a misbehavior in my system?
1301[18:57:24] <uniqdom> cd /home/user/fold<TAB> -> cd
/home/user/folder/, cd /home/user/symlinked-fold<TAB> -> cd
/home/user/symlinked-folder, cd
/home/user/symlinked-fold<TAB><TAB> -> cd
/home/user/symlinked-folder/
1302[18:57:53] <jelly> that smells like a feature, ask in #bash ?
1337[19:17:24] <jelly> EugenA: what is that and do you need it?
1338[19:18:35] <EugenA> i'm trying to get working debian on
single board computer Odroid N2
1339[19:18:48] <EugenA> it has arm cpu
1340[19:19:13] <jhutchins> !arm
1341[19:19:14] <dpkg> Advanced RISC Machine (ARM) is a processor
architecture. The Debian arm port was deprecated at 5.0
"Lenny" with official support dropped at 6.0
"Squeeze", ask me about <armel> for the replacement
port. See also <armhf>.
replaced-url
1342[19:19:31] <EugenA> distro i'm using had already all
that sources...
1352[19:28:43] <EugenA> well, I'm running linux now
1353[19:29:12] <EugenA> arch linux?
1354[19:29:45] <ratrace> You're in #debian. What do you
think?
1355[19:29:54] <jelly> EugenA: can you pastebin the output of
"apt-key export 96C5830639B8AE9C" but on an actual text
pastebin like paste.debian.net
1356[19:31:35] <EugenA> >Advanced RISC Machine (ARM) is a
processor architecture. The Debian arm port was deprecated at 5.0
"Lenny" with official support dropped at 6.0
"Squeeze"
1358[19:32:03] <EugenA> I still can see this
replaced-url
1359[19:32:16] <EugenA> so it is not deprecated?
1360[19:32:38] <ratrace> arm64 != arm
1361[19:33:38] <jelly> !arm
1362[19:33:39] <dpkg> Advanced RISC Machine (ARM) is a processor
architecture. The Debian arm port was deprecated at 5.0
"Lenny" with official support dropped at 6.0
"Squeeze", ask me about <armel> for the replacement
port. See also <armhf>.
replaced-url
1363[19:33:48] <jelly> silly me
1364[19:33:56] <jelly> !armhr
1365[19:33:59] <jelly> !armhf
1366[19:33:59] <dpkg> armhf is a port of Debian requiring a
floating-point unit (FPU) found in modern <ARM> hardware. It
explicitly targets version 7 of the ARM architecture (i.e. not the
Raspberry Pi), using the hard-float version of the ARM EABI. The
armhf architecture was introduced at Debian 7.0 "Wheezy".
replaced-url
1388[19:44:18] <dpkg> A command-line tool to send data to a
<pastebin>. To paste e.g. your sources.list do "apt-get
install pastebinit; pastebinit /etc/apt/sources.list"; to paste
the output of a program do e.g. "dmesg 2>&1 |
pastebinit". For a list of pastebin sites do "pastebinit
-l". See also <pastebinit config>, <nopaste>.
1389[19:44:26] <EugenA> jelly: yes, this is the key :
replaced-url
1390[19:44:55] <jelly> EugenA: what does "dpkg
--print-architecture" say on that system? I can't
reproduce with i386 or amd64...
1391[19:45:34] <EugenA> it says "arm64"
1392[19:45:39] <jelly> good
1393[19:46:08] <EugenA> system is running on new microSD card..
bought yesterday
1405[19:55:00] <jelly> EugenA: I can't reproduce, you have
found a bug but it's possible the bug is only exposed because
of a corrupted download. I'd like to see that download because
the bug may have security implications. How large is the apt lists
dir on that machine? "du /var/lib/apt/lists"
1406[19:55:45] *** Quits: underdogs (~underdogs@replaced-ip) (Quit: IRCNow and Forever!)
1407[19:56:24] <jelly> EugenA: also, which version of apt? dpkg
-l apt |tail -n1
1427[20:02:35] <incal> hello guys, how can I show a file in the
terminal, like with less, only with no interface, just the file, and
the program won't exit, just show the file until killed? TIA
1438[20:09:10] <incal> no, I want to do a cool screenshot with
one tmux pane only showing what's int the file, not the less
interface and not the shell prompt...
1442[20:10:45] <ratrace> incal: "show a file in terminal
[...] not the shell prompt" :: you should really explain that
1443[20:10:49] <ratrace> also:
1444[20:10:51] <ratrace> !xy
1445[20:10:52] <dpkg> Slow down for a bit! Are you sure that you
need to jump through that particular hoop to achieve your goal? We
suspect you don't, so why don't you back up a bit and tell
us about the overall objective... We know that people often falsely
diagnose problems because they are too close to them -- it's
easy to miss that there is a better way to proceed. See
replaced-url
1446[20:11:30] <ratrace> but trying to decypher what you mean
literally ..... cat <somefile > ; sleep 999999
1451[20:12:16] <dpkg> Slow down for a bit! Are you sure that you
need to jump through that particular hoop to achieve your goal? We
suspect you don't, so why don't you back up a bit and tell
us about the overall objective... We know that people often falsely
diagnose problems because they are too close to them -- it's
easy to miss that there is a better way to proceed. See
replaced-url
1452[20:12:21] <incal> !xy
1453[20:12:24] <incal> ha
1454[20:12:26] <incal> sorry
1455[20:12:35] <sney> o_o
1456[20:12:48] <incal> just wanted to check your bot was into the
game
1470[20:17:00] <ratrace> I think I get it no... incal wanted to
"censor" their prompt, and show us a tmux screenie.
....... use gimp next time to 'shop the pic :)
1471[20:17:04] <ratrace> *now
1472[20:17:12] <jhutchins> print it out and tape it over the
screen.
1473[20:17:25] <ratrace> that too =)
1474[20:17:53] <incal> ha you jesters :)
1475[20:17:59] <ratrace> some srs haxx0ring in that screen!
1494[20:36:04] <jelly> EugenA: and I suspect you either had a
corrupted download, or the repo was broken at some point in the past
but isn't right now
1495[20:37:15] <jelly> EugenA: still, I added arm64, added all
the mdrjr repos, got apt 1.8.2 and still couldn't reproduce...
so apparently the repo is okay now. Or we're not accessing the
same repo.
1497[20:38:21] <jelly> I do have some arm64 capable hardware but
it's not running Debian right now
1498[20:39:52] <jelly> EugenA: I suspect your immediate issue
will be solved by "rm /var/lib/apt/lists/partial/*.*
/var/lib/apt/lists/*mdrjr*" and doing an apt update afterwards.
1502[20:42:55] <wisbit> quick quesiton about apache on debian
(httpd channel told me "we don't support broken debian
scripts in #httpd hahaha)
1503[20:42:57] <wisbit> the a2en function basically just copy the
files into the enabled folders, a2diss removes it, and apache looks
only in the "enabled" folder? am I correct ?
1504[20:43:13] <sney> wisbit: it creates symlinks, but otherwise
yes
1506[20:44:51] <wisbit> sney, cheers for that answers, it's
crazy that when first appoaching the whole apache2 system, I got
completely lost, but after dabbling with it, it's actually
quite simple, but man ...
1554[21:17:04] <jmcnaught> siiky: on there is a Debian stable
release (like Debian 10 "buster") the versions of packages
remain the same. They get security fixes backported to them. Only a
few exceptions are made for complicated and important packages like
firefox-esr. Every couple of years there is a new Debian stable
release with newer versions of packages.
1566[21:28:00] <wisbit> apache on debian question: is there a
conflict, or redundancy, between ssl.conf in mods-eabled and a
ssl-params.conf that I made (in conf-available) and loaded ? they
seem to contain similar information SSLCypherSuite, SSLProtocols ...
1584[21:39:12] <jmcnaught> wisbit: I guess if you are hosting
multiple sites it makes more sense to put configuration common to
all virtual hosts into a global server config in conf-enabled/
1593[21:42:09] <EdePopede> the files are in *-available and
debian's tool creates links in *-enabled. but they are
'Include'd by the default directive anyway.
1596[21:45:39] <SerajewelKS> ratrace: hmm odd, i can't get
it to see any GPT disks as bootable. going to try DOS/MBR.
1597[21:46:07] <wisbit> my question was that there is a conf file
related to ssl in the mods-enabled folder and I wondered what it was
about since I also have a ssl conf file in conf-available
1600[21:47:16] <sney> wisbit: the one in mods-enabled is for
enabling mod_ssl itself. any configuration in there is probably
intended as sane defaults.
1607[21:50:57] <ratrace> SerajewelKS: where did you install grub?
disk or partition?
1608[21:51:09] <SerajewelKS> ratrace: disk, with 1MB bios boot
partition at the start of the disk
1609[21:51:23] <ratrace> SerajewelKS: also is the bios grub
partition marked as such? granted, you couldn't even install it
without that, and without it loudly complaining
1610[21:51:34] <SerajewelKS> yes it was
1611[21:51:43] <EugenA> jelly: still cannot do apt update
1612[21:51:50] <ratrace> otherwise pretty sure qemu-kvm can boot
virtual or physical disks in gpt layout. I got a bunch VMs doing
that.
1613[21:51:59] *** Quits: Jerrynicki (~niklas@replaced-ip) (Remote host closed the connection)
1614[21:52:10] <SerajewelKS> weird. i was getting the standard
"no bootable devices"
1615[21:52:15] <EugenA> I think I'll try to rewrite img to
my sdcard
1616[21:52:24] <ratrace> SerajewelKS: could be you're using
wrong params for qemu-system?
1627[21:55:36] <wisbit> jmcnaught: YES thanks a lot mate,
that's exactly what I was struggling with,
1628[21:55:37] <SerajewelKS> i did specify a physical+logical
sector size of 4096 instead of 512, perhaps that is throwing qemu
off (GPT layout depends on sector size)
1629[21:55:51] <SerajewelKS> maybe the qemu code that parses GPT
assumes a sector size of 512?
1630[21:56:16] <jmcnaught> wisbit: you can read
/etc/apache2/apache2.conf to see the order of the IncludeOptional
directives that are used.
1631[22:00:26] <SerajewelKS> hmm DOS/MBR won't boot either
1632[22:00:39] <SerajewelKS> really suspicious the sector size is
the issue
1645[22:03:29] <ratrace> SerajewelKS: mind you, the sector size
is irrelevant for the pmbr and the bios_grub, it only matters for
the filesystem where /boot resides, and that surely is not a
problem, whether it's 512n/e or 4k
1646[22:03:44] <jmcnaught> jak2000: read the list of packages
proposed for removal very carefully before agreeing to it.
1647[22:03:58] <ratrace> SerajewelKS: I never forced any sector
size in qemu params tho
1650[22:05:11] <SerajewelKS> ratrace: i'm going to try again
with 512 logical / 4096 physical, unless you spot any problems here
1651[22:05:36] <SerajewelKS> this same config works with only one
drive, using a file instead of an LV, and omitting the sector size
options
1652[22:06:15] <SerajewelKS> multiple drives should not matter
(grub is installed to all), qemu really doesn't give a rip
about device vs. file (and live environment can see the disks), the
only other thing changed is the sector size so that's why
i'm suspicious
1654[22:07:15] <SerajewelKS> oh the old config also had
discard=unmap on the -drive line
1655[22:07:23] <SerajewelKS> (the raw file was sparse)
1656[22:07:34] <ratrace> SerajewelKS: try removing
logical_block_size and physical_block_size from the options
1657[22:08:14] <SerajewelKS> when i booted with that the reported
sizes were 512/512 which does not match the underlying hardware
(which is 512 / 4096)
1658[22:08:49] <ratrace> not sure the hypervisor needs to concern
itself with that
1661[22:09:19] <SerajewelKS> the guest may make poor choices if
it doesn't see the 4096-byte logical sector size though, no?
1662[22:09:22] <ratrace> never saw any tuning recommendation use
it, and I never used that myself, could easily saturate sata3
drives, both in bandwidth and iops
1663[22:09:56] <SerajewelKS> i guess i am throwing luks with
--sector-size 4096 on top, so the luks layer should take care of
enforcing 4k I/O
1664[22:10:03] <ratrace> yes
1665[22:10:11] <ratrace> also, use writeback cache for best perf
1666[22:10:14] <SerajewelKS> it just seems weird that qemu
wouldn't be able to handle booting unless the sector size is
512
1667[22:10:41] <SerajewelKS> writeback is not crash-safe though?
1679[22:13:23] <ratrace> I suspect bios_grub is not 1M/4K
aligned. if its 512b aligned and you tried to force 4k and the
offset doesn't happen to be at a factor of 4k.... it's
gonna error out like this
1680[22:13:37] <SerajewelKS> yeah fdisk is 1M-aligning everything
if i don't change the start sector
1681[22:13:46] <ratrace> SerajewelKS: $1M question: 1M or 1MiB :)
1696[22:21:44] <SerajewelKS> man i hate luks sometimes
1697[22:22:12] <SerajewelKS> it requires a container be an exact
multiple of the sector size. it can't just _not use_ any
trailing space like any other sane container.
1698[22:22:38] <SerajewelKS> (another reason 4096-byte physical
sectors are nice)
1701[22:24:02] <jak2000> my debian sleep.. how to remove the
sleep mode?
1702[22:24:25] <SnakesAndStuff> what is the correct method for
Debian 10 to set preferred_lft 0 on an address to prevent new
communications to use it as a source address?
1703[22:24:35] <SnakesAndStuff> preferably somwhow to add it to
/etc/network/interfaces?
1704[22:25:04] <SnakesAndStuff> Right now the source address
being used is the last added (which if I undertand is a tie breaker
when there is same scope)
1706[22:25:29] <SnakesAndStuff> But I'd like to be able to
have it start up as depricated to prevent it from being used... But
I still need it enabled because my VPS uses it internally....
1754[23:08:13] <pfred1> OK this is bizarre I just made my
directories and put some files into them and now Configure Paths has
all of those places in it
1758[23:11:27] <pfred1> what kind of sorcery is this?
1759[23:12:58] <ratrace> what is "Configure Paths"
1760[23:13:29] <SerajewelKS> ratrace: boots with 512 logical and
4096 physical sector size. qemu must not be able to parse partition
tables properly when the logical sector size is 4k.
1768[23:18:29] <SerajewelKS> my guess is that it's hardcoded
to use a 512 byte sector size regardless so the offsets in the
partition table as qemu uses them are wrong, so it doesn't find
anything bootable. or something like that.