8[00:01:51] <line17> karlpinc, now i want to clone my current
disk to new SSD. i just insert the disk without formatting and use
dd command for copying all bytes right? or should i format the drive
before formatting? and another question is should i decrypt first
(source) HDD before copying with dd?
9[00:01:57] <karlpinc> oxek: It also puts you marginally
closer to the bleeding edge. If you _really_ want stable-ness then
you omit *-updates. I've only ever had a problem once in 10 or
20 years, but....
10[00:02:15] <oxek> might as well not include buster-security
then
11[00:02:31] <oxek> and only update on point releases
15[00:05:28] <karlpinc> line17: Depends on if you want a
bit-for-bit copy or you want to move the data. dd does bit-for-bit.
Then, because the new disk is probably a different size, you need to
"do stuff" to use the extra space. You probably want to do
a logical copy. If you 1) encrypt the new disk with
"cryptsetup", then 2) add the (new encryped) disk as
physical volume with "pvcreate". You can 3) use lvm to
move the data content to the new disks, or
16[00:05:29] <karlpinc> just make new logical volumes and use
"cp" (or rsync) to copy the data.
27[00:08:26] <line17> karlpinc, clone means just cloning a
sheep. i want to copy all data (partitions, system, etc.) to new SSD
and i won't use old one anymore
29[00:10:26] <karlpinc> line17: Then use lvm, per above. You
don't even need to bring the system down. (But you will also
need a boot partition (? I think still, these days?) and will need
to install grub on the new ssd. I'm not really up on EFI and
what that means in terms of copying. (I poke it with a stick when I
need to.)
32[00:11:14] *** Quits: BenjiProd (~BenjiProd@replaced-ip) (Remote host closed the connection)
33[00:11:59] <rudi_s> line17: Just copy it with cat or dd. Lets
say the current disk is /dev/sda (with /dev/sda1, 2, ...) and the
new disk is /dev/sdb (should be without or only with a single
partition) then you can run cat /dev/sda > /dev/sdb
34[00:12:02] <karlpinc> line17: So (maybe) three partitions.
One for EFI, another for /boot and a third, encrypted, for your LVM
physical volume. (But I can't really speak to EFI and what sort
of copying is required for that. Someone here knows.)
35[00:12:20] <rudi_s> But be careful, if you target the wrong
disk your data is gone.
36[00:12:41] *** Quits: LucaTM (~LucaTM@replaced-ip) (Quit: To infinity and beyond...)
37[00:12:41] <rudi_s> karlpinc: See backlog, line17 wants to
clone the disk to move the data to larger SSD.
38[00:12:52] <karlpinc> rudi_s: Sure, but then, when his new
SSD is larger than the old he won't be able to use the extra
space. Fussing about will be required.
39[00:13:05] <rudi_s> karlpinc: Yes, also see backlog.
40[00:13:16] * karlpinc would prefer to have a single pv per physical
drive.
41[00:13:25] <rudi_s> karlpinc: That's the plan.
42[00:13:39] <tga> did anyone here manage to mount an
iphone/ipad?
43[00:13:45] <rudi_s> And important if you use LUKS because
otherwise booting becomes "interesting".
44[00:14:18] <oxek> tga: does it use MTP?
45[00:15:13] <tga> oxek: I'm not sure what it uses, I
don't think it's standard mtp
46[00:15:38] <line17> rudi_s, is this works for me?
replaced-url
47[00:17:37] <rudi_s> line17: Some steps are weird (for example
the unlock part) some are inefficient (dd is much slower than plain
cat) and some steps are missing because they don't use LVM, but
in theory it works like this.
48[00:18:40] <rudi_s> Btw. you should do this from a live cd or
rescue system so you don't have any disk activity during the
clone. If you do this from a regular running system you can get data
corruption because it can change while the copy is being made.
49[00:18:53] <line17> rudi_s, when i bought new SSD i will come
here and if you are available i want to make with you step by step.
otherwise i think i will destroy my data. is that ok for you?
55[00:21:28] <rudi_s> line17: Sure (if I'm online) - but
if you precisely state what you're planing to do you should be
able to get help from many people here.
59[00:24:08] <rudi_s> ;-) Btw. I recommend saving/re-reading
our conversation and trying to figure out the necessary commands for
your setup. This should should help understanding the whole setup
and migration plan.
65[00:28:49] <maxf> karlpinc: there was a dpkg warning about
those two packages during the apt upgrade
66[00:29:03] <maxf> dpkg: avertissement: dégradation
(« downgrade ») de openssl depuis
1.1.1j-1+0~20210301.25+debian10~1.gbp2578a0 vers 1.1.1d-0+deb10u6
67[00:29:03] <dpkg> maxf: You are person #1 to send an
unparseable request
102[00:53:09] <maxf> gpg signature from that repo became
suddenly invalid (I didn't change anything) and apt-upgrade
warned me it would downgrade openssl and libssl1.1
105[00:54:20] <maxf> Then I disabled the repo (I do not use php
on that server) and the next apt-upgrade didn't ask for
validation and downgraded the packages.
115[00:58:17] <themill> maxf: the error message about the key
explained that it was expired, not invalid, and the
packages.sury.org instructions explained how to update it
126[01:02:40] <maxf> themill: yes 'signature', not
key, my bad
127[01:03:32] <Caesar_NayKid> Got a question but it might be
more of a general linux question than debian specific. I did an
install before with a different distro and i think i had installed
everything during the install on an nvme m.2 drive and then put my
/home spanned on two other sata ssds.. that seemed to work fine. But
i guess for this new setup (which will be Debian) I
128[01:03:33] <Caesar_NayKid> want to keep an SSD separate and
dedicated to a VM.. how do i "set it up" properly? So if i
install debian on my SSD1 full install and just have it install all
the /hone /ext /bin etc all in that drive, When I partition SSD2
what the heck do i do to keep it separate? Im still very new to
Linux and Windows minded so im used to dos/windows just
129[01:03:33] <Caesar_NayKid> creating a partition and then it
gets a drive letter and that's how i access them separately..
any quick explanation or a link to somewhere that can help get my
head wrapped around this?
130[01:04:45] <Caesar_NayKid> Or another chat if i should go
there, I'll move over to join that
132[01:07:06] <sney> Caesar_NayKid: all of this is covered in
the debian handbook link that you got earlier. IRC support is better
for practical, right now stuff, not "what should I do next
week/month/year when I actually have the computer" questions
133[01:07:29] *** Quits: forgotmynick (uid24625@replaced-ip) (Quit: Connection closed for inactivity)
134[01:08:01] *** debhelper sets mode: +l 942
135[01:08:46] <Caesar_NayKid> Ok thanks.
136[01:10:48] <sney> the easiest way to make sure your second
disk is used for the vm guest would be to mount it as
/var/lib/libvirt. it's possible to use the whole device
directly, but afaik not something you can set up with the
virt-manager gui.
137[01:11:35] <sney> in general, where windows would have you do
everything 1 way, linux has more options than you can count. and
there is no single "best" way to accomplish anything. so,
read the manual, and try stuff.
144[01:20:45] <jack2019> sney, I am trying to install a guest
kvm via virt install and all ok, until when try to configure the
network via dchp or manual. cannot connect to br0.
240[03:02:07] <cluelessperson> Ooze, it entirely depends on what
you use the system for. /var/ is generally used for storing system
level application data. system logs, system service logs, system
service data.
371[05:33:15] <asterismo> hi, i just deleted with shift+del a
whole folder of an external drive that is encrypted with cryptsetup
luks, can i recover it with testdisk?
372[05:34:25] <SponiX> asterismo: I would say the odds are very
slim
373[05:34:39] *** Quits: Olipro (~Olipro@replaced-ip) (Quit: Don't flap your BGP at me sonny)
374[05:34:48] <Ede|Popede> would testdisk even see anything else
than a blob?
375[05:34:51] <asterismo> the drive is not being used
440[06:14:53] <isapgswell> isapgswell how to enable backports?
441[06:15:01] <isapgswell> sponix how to enable backports?
442[06:15:15] <SponiX> !backports
443[06:15:15] <dpkg> A backport is a package from a newer Debian
branch, compiled from source for an older branch to avoid dependency
and <ABI> complications.
replaced-url
444[06:16:33] <isapgswell> sponix where can i download debian
unstable?
445[06:16:50] <isapgswell> sponix or testing
446[06:16:58] <isapgswell> sponix live distro
447[06:18:08] <SponiX> isapgswell: go to backports.debian.org
and read there a bit
448[06:18:41] <SponiX> isapgswell: you don't need to jump
to testing or sid to install a few backports to Buster
449[06:18:59] <jmcnaught> 5.8.0-45-generic sounds like a Ubuntu
kernel to me
450[06:19:18] <isapgswell> jmcnaught yes
451[06:19:22] <isapgswell> sponix ok
452[06:20:07] <SponiX> WTF would he have an Ubuntu kernel on a
Debian install ?
453[06:20:25] <SponiX> jmcnaught: good catch though :)
459[06:20:54] <isapgswell> sponix lol the opose sounds good
460[06:21:13] <isapgswell> sponix debian kernel into ubuntu
distro
461[06:21:34] <SponiX> !frankendebian
462[06:21:34] <dpkg> When you get random packages from random
repositories, mix multiple releases of Debian, or mix Debian and
derived distributions, you have a mess. There's no way anyone
can support this "distribution of Frankenstein" and
#debian certainly doesn't want to even try. Ask me about
<reinstall>
586[09:40:17] <martinus__> I have a question about apt. I
upgraded the package 'openssl' with 'apt install
openssl' and observed that it doesn't upgrade
'libssl1.1' automatically. It seems that libssl already
satisfy the dependency on the new 'openssl' package. But
it feels a bit misleading because I guess libssl should be upgraded
as well.
587[09:41:37] <jelly> martinus__, you ought to keep the whole
system patched up, not just specific packages
588[09:41:54] <martinus__> jelly: ok but that's not an
answer ;)
599[09:46:12] <jelly> martinus__, the answer to "how do I
keep all bits of openssl patched" is "change your workflow
and keep EVERYTHING patched". This may not be what you asked,
but it is what your installation very likely needs
600[09:47:04] <jelly> martinus__, it is unfortunate that
"packages" in a DSA really means "source
packages"
601[09:48:15] <jelly> listing all the different binary packages
for all the different architectures would probably make the DSA a
lot longer
602[09:48:24] <martinus__> but extremely more clear
603[09:48:39] <martinus__> just by adding something about it
604[09:48:53] <martinus__> even the "source" keyword
605[09:49:58] <martinus__> but right, it's written "We
recommend that you upgrade your openssl packages."
682[11:04:09] <ratrace> wait until it trickles down, or ask at:
683[11:04:10] <ratrace> !debian-next
684[11:04:11] <dpkg> #debian-next is the channel for
testing/unstable support on the OFTC network (irc.oftc.net), *not*
on freenode. If you get "Cannot join #debian-next (Channel is
invite only)." it means you did not read it's on
irc.oftc.net. See also
replaced-url
685[11:04:20] <oxek> !experimental
686[11:04:20] <dpkg> experimental is the bleeding edge of Debian
Development. Packages here have been deemed
unfit/DANGEROUS/untrustworthy/etc for release by the maintainer
responsible for them. DO NOT INSTALL PACKAGES FROM EXPERIMENTAL
WITHOUT KNOWING EXACTLY WHY AND WHAT YOU ARE DOING. #debian does
_not_ support experimental. For an actual description, see section
4.6.4.3 of the Developer's Reference.
replaced-url
687[11:04:45] <flrnd> btravis76: if you're in a hurry with
gnome 40, you'd have better chances with something like Fedora
or a rolling distro
688[11:04:59] <jelly> but is it in experimental because
it's horribly broken, or is it there because sid is slushy
689[11:05:14] <oxek> it's gnome, so it's always
horribly broken :p
724[11:07:58] <btravis76> Am going to run Bulleyes Debian
725[11:08:01] *** debhelper sets mode: +l 964
726[11:08:19] <ratrace> in star trek discovery, last season,
they (plural) used they (singular) fora a character, and it was
confusing, couldn't tell whom they (plural) are talking about.
we need a new word.
730[11:09:11] <btravis76> but am switching to debain gnome in a
little while
731[11:09:18] <btravis76> wish me luck
732[11:09:37] <TheBigK02> i feel like on desktop i need those
half year releases... i like new shiny things :D
733[11:09:39] <ratrace> switchign to debian to use latest
possible software sounds .... terribly, terribly mistaken :)
734[11:09:53] <TheBigK02> i can live with a little broken from
time to time ;)
735[11:10:13] <btravis76> ratrace : Not a nooby lol
736[11:10:17] <oxek> !sns
737[11:10:17] <dpkg> Shiny New Shit Syndrome is a serious
disorder, which usually breaks out into an epidemic every time
something new is released. If you have SNS, ask me about
<backports> and <ssb>; these are better options than
upgrading to <testing> because it is a <moving target>.
738[11:10:26] <btravis76> Been using linux almost 8 years
739[11:10:34] <ratrace> unless you mean: I'm gonna switch
to debian and wait until the traditional debian's stability
policy approves gnome 40 as stable enough for .... Stable.
740[11:10:54] <btravis76> ratrace : Nailed it
741[11:10:56] <ratrace> that's perfectly fine tho. get used
to debian and all its awesomeness until 40 trickles down ;)
742[11:11:34] <oxek> who knows, maybe gtk4 & gnome 40 will
be made available only for paying customers under a different
license
743[11:11:39] <oxek> hence not available in debian
744[11:11:59] <TheBigK02> but i love debian on servers... cant
wait for release.. then i can finally get rid of that apt-pinning i
did for some packages... :p
745[11:12:01] <ratrace> don't give them (Red Hat) ideas!
746[11:12:19] <flrnd> in my opinion, (and this explains why I
like debian) having the latest and greatest is overrated. Sometime
is true that having X feature or improvement is nice, but after
nearle 2 decades using linux, I just want a system that works, and
don't care about having all the shinny toys
749[11:13:19] <TheBigK02> its not only that... i like to use
fancy hardware... for example my sennheiser earbuds wouldnt work if
i woudlnt have switched from 20.04 to 20.10
750[11:13:28] <ratrace> flrnd: after nearly 2 decades of using
linux, I still want to !sns sometimes :) but ye, mostly, especially
on servers, I want JustWorks(tm)
751[11:13:43] <ksk> also, nothing wrong with installing
"shiny foo" from upstream most of times, if your
company/workflow/esoterics needs it.
752[11:13:53] <ratrace> true
753[11:13:58] <TheBigK02> and also AMD gets quite some tweaks
here and there with newer kernel and so on....
754[11:14:07] <ksk> (Id not recommend installing latest Gnome
from upstream, maybe :D )
755[11:14:31] <TheBigK02> another thing was a bug in KDE which
couldnt handle proxy autodiscovery file... there are quite some
reasons for me...
756[11:14:59] *** Quits: tzf (~tyzef@replaced-ip) (Remote host closed the connection)
757[11:15:00] <ratrace> there's gnome in snaps right? so
one can try without danger of polluting/destroying the rest of the
system. just "snap remove" if it doesn't work or
breaks too horibly
758[11:15:13] <btravis76> wonder if gnome 40 is on
debian-live-testing-amd64-gnome+nonfree.iso Date 2021-03-29 08:01
3.1G
759[11:15:14] <flrnd> then sid is better alternative as daily
driver than stable
760[11:15:35] <rk4> reminds me...time to reboot and see how my
shiny 5.11 kpkg goes!
761[11:15:35] <CommunistWolf> sigh
762[11:15:41] <ratrace> btravis76: nope, that's testing
(upcoming Bullseye at the moment)
768[11:16:21] <flrnd> with testing in hard freeze, not sure when
gnome 40 will enter in sid
769[11:16:47] <ratrace> summer/autumn 2021
770[11:17:16] <TheBigK02> from the looks ... gnome is to me some
weird mix between macos and windows8... but i never used gnome... so
... im probably wrong
771[11:17:37] *** Quits: cdown (~cdown@replaced-ip) (Remote host closed the connection)
772[11:17:38] <flrnd> as a Mac user, it's a copycat wannabe
xD
773[11:18:04] <ratrace> huh even snaps have 3.38 as latest ....
THAT speaks volumes
774[11:18:06] *** Quits: kakaka (~koniu@replaced-ip) (Remote host closed the connection)
775[11:18:44] <btravis76> Just going to install
debian-live-10.9.0-amd64-cinnamon+nonfree.iso
776[11:19:01] <btravis76> an wait until I see a video hit on a
review of debian gnome 40
777[11:19:06] <TheBigK02> what is ur opinion on snap... for my
part... i didnt get used to it yet... i try to avoid it for the most
part
778[11:19:08] <flrnd> I teach design at the university.
I've seen "this" behaviour a lot in students trying
to reinvent the wheel in the name of being creative. GNOME suffers a
lot from that. A few (real) UI/UX designers wouldn't hurt the
project
779[11:19:13] <ratrace> btravis76: some say don't use
"live" ISO for installation
780[11:19:19] <jelly> ratrace, only that Canonical is not crazy
enough to try 40 yet, or that packaging needs work
812[11:27:43] *** Quits: cdown (~cdown@replaced-ip) (Remote host closed the connection)
813[11:28:14] <btravis76> flrnd : So your telling me there a
chance
814[11:29:53] <flrnd> I'm telling you that the dock on
Ubuntu has the exact functionality that dash 2 dock. The only
difference are aesthetics (to match visually speacking the old Unity
dock)
815[11:30:34] <flrnd> dash 2 dock will be more OSX-like, but the
functionality is the same
819[11:31:32] <btravis76> love the dock in ubuntu that why am
asking lol
820[11:31:47] <flrnd> :sigh:
821[11:32:08] <flrnd> btravis76: I don't know how :(
822[11:32:20] <btravis76> but when debain release gnome 40 am
going to be quite about it
823[11:32:26] <btravis76> flrnd that ok
824[11:33:39] <btravis76> don't worry I understanding what
you said on your first answer is not possible just trying to make
you laugh on the dumber movie " SO YOU TELLING ME THERE A
CHANCE " LMAO :') :') :')
923[13:03:42] <dob1> I am not sure how to negate this if bash
condition if /bin/mountpoint -q "${mount2}" &&
/bin/mountpoint -q "${backup_mount}"; then
945[13:26:39] <ratrace> ! must be part of [ . [ is actually
/bin/[ it's literally an executable that ... hacks.... its way
into bash syntax to mimick a conditional syntactical sugar
964[13:35:18] <ratrace> okay who is the dpkg wrangler here ....
this dumb idiot bot MUST be told to obey only specific regexes. I
just accidentally created a factoid (which I cleared in privmsg with
the idiot dpkg)
990[13:48:48] <ratrace> my only gripe here is that teh bot
triggers on regexes and phrases that CAN be used in conversation
that have nothing to do with the bot
992[13:49:03] <oxek> I think the whole debian ecosystem attracts
a certain kind of user that's not as likely to be uncivilized
as in some other places on the internet
993[13:49:19] <ratrace> the dpkg -l | grep thingy is, as can be
seen here, a normal poart of convo, but if you start the sentence
with dpkg, even without !, it triggers, which it SHOULD NOT
994[13:49:20] <Ede|Popede> yep, sometimes there's a
reaction on false positives
995[13:49:31] <ratrace> teh bot must trigger on very specific,
explicit, unaccidental, regex.
1095[15:05:26] <MrTrick> I've got a slow script. It works,
just takes so long that it slows down the work.
1096[15:05:26] <MrTrick> Is there any tool good for watching it
run, and coming back with metrics like how much TOTAL time it spent
waiting for cpu, memory, disk, network?
1097[15:06:29] <MrTrick> (`top` et al are great for monitoring
instant state of an ongoing process, I'm looking for
accumulated state of one cycle of the script)
1098[15:07:24] <hejux> MrTrick: time /path/to/your/script
1112[15:20:29] <jelly> MrTrick, you wouldn't, but a script
is a script, and calls other commands. You would look at which
commands took the time and draw conclusions.
1115[15:21:25] <MrTrick> in the *other* direction it's
easier. If network is slow, then db is the bottleneck, etc.
1116[15:21:31] <jelly> no ready-made tool that I know of to track
all the threads and tell you which ones are waiting and when
1117[15:21:57] <MrTrick> Not even single thread? :-D
1118[15:22:07] <hejux> MrTrick: turn on the debug option of the
script and run it
1119[15:22:37] <jelly> MrTrick, show me a script that's
single threaded and does not call other commands, and I'll tell
you that's not a script, it's a program
1173[15:38:37] <dpkg> cat /etc/debian_version (or lsb_release
-sc). Or check /etc/apt/sources.list. If unsure about the
distribution, $ cat /etc/{*version*,*release*,*issue*} should grab
almost all distributions.
1197[15:41:54] <fltrz> ever given loads of thanks :)
1198[15:42:17] <hejux> i don't like this way, seperate the
packages with bin/dev/doc
1199[15:42:26] <fltrz> my ancient as pharaoh version of debian
can hobble along
1200[15:42:48] <hejux> debian 8 is still covered?
1201[15:42:53] *** Quits: Repox (~textual@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1202[15:43:28] <ratrace> fltrz: we sometimes hve questions for
wheezy, and I swear someone asked about sarge few weeks ago. so
jessie ain't that ancient :)
1203[15:43:37] <greycat> !jessie lts
1204[15:43:43] <hejux> The Debian Long Term Support (LTS) Team
hereby announces that Debian 8 jessie support has reached its
end-of-life on June 30, 2020
1208[15:43:54] <dpkg> Security support for Debian 8
"Jessie" from the Debian Security Team ended on
2018-05-17. The amd64, i386, armel and armhf architectures received
additional long term support (<LTS>) via
<jessie/updates> until June 30, 2020 for a 5 year lifetime
total. jessie-lts is no longer supported. Ask me about
<jessie->stretch> and <stretch->buster>. See
replaced-url
1210[15:44:57] <fltrz> yes, but don't worry about security,
whoever compromised my system turned it into a honeypot anyway, its
like bacteria, we live in symbiosis
1211[15:44:58] *** redcaptrickster is now known as redcaptrickster-
1212[15:45:11] *** Quits: redcaptrickster- (~redcaptri@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1213[15:46:00] <fltrz> just happy to still be able to fetch the
libicu-dev fecal transplant
1227[15:48:42] <jelly> and ELTS costs a pretty penny. If your
company can't afford a couple thousand euros a year, UPGRADE
1228[15:48:58] <jelly> !elts
1229[15:48:58] <dpkg> Limited commercial support for jessie
exists in form of Extended LTS, see
replaced-url
1230[15:49:06] <ratrace> holy cow
1231[15:49:12] <jelly> I probably need to update that.
1232[15:49:19] <ratrace> I'd rather say if you _need_ that
ancient software and can't upgrade, you should really be paying
up to Red Hat
1233[15:49:29] <fltrz> its no longer erroring on the include, but
its seeing undefined references, but thats just probably me needing
to figure out the compiler flags
1234[15:49:39] <jelly> ratrace, why would you pay effin Red Hat
when you can keep using Debian
1235[15:49:47] <jelly> and pay Debian devs.
1236[15:50:14] <ratrace> because debian (E)LTS has nowhere near
the guarantees of RH, even paid.
1243[15:51:20] <jelly> I'd rather pay a tiny .fr company
with DDs than IBM
1244[15:51:23] <jelly> YMMV!
1245[15:51:38] <greycat> but if that doesn't work, read the
man page for whatever function you're using, and ideally it
will tell you which libraries to link
1246[15:51:48] <jelly> all of those are about equally able to
backport CVEs
1247[15:51:55] <ratrace> frankly, I wouldn't. y'all can
hate on RH but one thing is certain: they do majorty of work in the
kernel, most of ecosystem and most of vulns are found by them.
1248[15:52:13] <hejux> greycat: is not a bot
1249[15:52:20] <ratrace> I don't use RH because I and my use
cases, even the enterprise ones, do not need that level of
guarantees.
1253[15:52:53] <jelly> I don't believe RH offers anything
significantly better than Freexian
1254[15:52:54] <hejux> never get out dated
1255[15:53:12] <ratrace> hejux: what's that got to do, got
to do, with anything I'm saying?
1256[15:53:32] <hejux> sorry i'm drunk
1257[15:53:32] <jelly> ratrace, except the bits of the code
they're actually upstream for. Like device-mapper, LVM, some
parts for the kernel, some parts of glibc
1259[15:53:53] <ratrace> some parts of gnome, some parts of NM,
some parts of systemd, some parts of ..... frigin entrie ecosystem
:)
1260[15:54:30] <jelly> ratrace, I honestly trust debian kernel
people to do a better job of backporting stuff into 4.9 or 4.19 than
RH keeping 3.10 safe
1261[15:54:46] <fltrz> hmm -Licu isn't fixing it, but I
better stop pestering you, now its just a C/C++ gcc problem
1262[15:55:20] <ratrace> jelly: with majority of corporate kernel
dev coming from RH, I'd be confidend they know what
they're doing. The _are_ the Linux Kernel (tm)(r) developers.
1298[16:11:54] <ratrace> the context here is about code that ends
up in kernel.org and thus used by the entire ecosystem. Sure,
there's untold numbers of people who write kernel code for
their own personal use that nobody else uses. there's also
canonical with custom "SAUCE" patches that are ubuntu
specific and not _yet_ upstreamed. I am not aware of DDs doing that
except maybe occasionally, exceptionally, if even that.
1308[16:21:10] <ratrace> frankly, I wouldn't. simply by
seeing and comparing where CVEs originate, who's mostly
reporting them and how fast are fixes coming down in RH land vs
Debian land.
1353[17:05:20] <jak2020> i try send a file with scp command: 695M
Feb 6 06:03 debian-10.8.0-amd64-xfce-CD-1.iso but los the
connection, then how to complete the upload file? thanks
1354[17:06:13] <greycat> use rsync instead
1355[17:06:14] <imMute> jak2020: run the command again. scp is
not resumable.
1364[17:11:40] <greycat> use rsync instead, and it will pick up
where scp stopped
1365[17:11:55] <greycat> if "ftp" is a directory, put a
slash after it
1366[17:12:22] <imMute> does anyone know if there's a way to
tell SSH to not store a host key for a specific host in known_hosts?
I have a device that changes the SSH host key every time it reboots
and having to delete known_hosts all the time sucks.
1367[17:12:39] <jak2020> yes is a directory ok thanks
1381[17:19:09] *** Quits: ax56234 (~NickServ@replaced-ip) (Remote host closed the connection)
1382[17:20:41] *** Quits: kakaka (~koniu@replaced-ip) (Remote host closed the connection)
1383[17:20:50] <jak2020> ok, actually: 15,171,584 2% 191.64kB/s
1:02:03 if i interrpt with ctrl+C and start gain would start on 2%
right?
1384[17:21:01] <oxek> interesting, I never realized rsync has to
exist on both sides. I thought if it exists only on the sending
side, it just acts as a sort of network cp.
1387[17:21:19] <ratrace> jak2020: rsync doesn't literally
resume. it does delta transfer check so it'd start from 0,
realize there's delta chunks already present, and skip them
1388[17:21:49] <ratrace> essentially the same (transfers only
what's missing), but nitpicky important distinction
1421[17:46:00] <dob1> in a script I am using ssh heredoc to
execute some commands, in the heredoc part I am setting a variable,
this will live just for the time the script is executed, right?
(it's a password so I want to be sure)
1430[17:47:30] <dob1> greycat, can you explain please?
1431[17:47:55] <greycat> If this password is for ssh, use key
auth instead. If this password is for sudo, ssh in as the CORRECT
USER instead, or configure sudo not to require a password. If the
password is for mysql, well, uh, talk to #mysql or upgrade to a
better database.
1434[17:49:28] *** Quits: akp55 (~akp55@replaced-ip) (Remote host closed the connection)
1435[17:49:29] <dob1> greycat, it is not ssh password neither
sudo one, it is the restic password that I use to run the backup on
remote host so on heredoc part of ssh connection I have
RESTIC_PASSWORD="somep password"
1436[17:50:01] <greycat> so the password is written in the clear,
in the script
1437[17:50:13] <dob1> greycat, yes but not on remote host
1443[17:51:00] <dob1> greycat, the alternative si to create like
enfs/gocryptfs directory on remote host and put inside it a file
with the password.. no other idea
1444[17:51:25] <jelly> how do you even pronounce
räträcé
1478[18:14:54] <graytron> imMute: since you don't care about
security you could try setting IgnoreUserKnownHosts to
"yes" in /etc/ssh/sshd_config (see "man
sshd_config"). im pretty sure there used to be a similar client
side option which allowed one to ignore the known_hosts file, but
that doesn't seem to be the case anymore.
1482[18:16:22] <greycat> it's amazing how hard people will
work to shoot themselves in the foot
1483[18:16:46] <graytron> oh yes
1484[18:16:48] *** Quits: fearnothing (~fearnothi@replaced-ip) (Remote host closed the connection)
1485[18:17:13] <jelly> on the other hand, people now have usage
scenarios that ssh authors may not have thought of, and ssh is the
default remote login tool
1488[18:17:32] <jelly> even if "remote" means
"container running on the same machine"
1489[18:18:05] <graytron> imMute: maybe just ssh to
"ssh-keygen -R host-name ; ssh-keygen -R host-ip ; ssh"
1490[18:18:48] <graytron> imMute: i mean, add an alias
"ssh-keygen -R host-name ; ssh-keygen -R host-ip ; ssh"
1491[18:20:46] <imMute> graytron: the client and server are not
on the same system. why would a client listen to a server that says
"nah, you don't need to verify me" ?
1506[18:25:57] <qubit> What's the policy around bug fixes
into stable? Bug #930839 was filed and closed as 'fixed'
with fix in unstable back in 2019, but nothing in Buster stable.
Should this fix be getting released to stable?
1508[18:26:03] <jelly> "... cloud-init initializes with
random host keys, as it should," who knows
1509[18:26:24] <jelly> qubit, was the bug labeled as Found: in
version in stable
1510[18:27:35] <qubit> I'm not seeing that exact text, but
it says "Found in version ifupdown2/1.2.5-1" and 1.2.5-1
is the current version in stable
1511[18:27:40] <greycat> In *general*, bugs in stable are not
fixed. Ever. Exceptions occur if the bug is security related, or
considered serious enough to warrant a change in a point release.
1512[18:27:54] <jelly> debian developers often close bugs only in
unstable, you need to poke them extra and say that the fix is useful
in stable
1513[18:27:55] <qubit> ahh, ok. so I'd have to manually
backport?
1514[18:28:30] <jelly> it's annoying but solves issues that
are introduced when a fix for A breaks B
1515[18:29:36] <ratrace> "In *general*, bugs in stable are
not fixed." let that sink in. must be dumbest policy ever to
graze FOSS....
1521[18:32:06] <jelly> with Debian, you can quickly find the
public bug report and know a) something is, in fact broken, and b)
easily find the fix if you really need it
1534[18:39:45] <ratrace> oxek: you're assuming a bugfix
changes the workflow
1535[18:39:55] *** Quits: TomyWork (~TomyLobo@replaced-ip) (Remote host closed the connection)
1536[18:40:08] <ratrace> jelly: I wouldn't count regressions
as an argument against bugfixes. there's sometimes|often
regressions in DSAs as well
1537[18:40:34] <oxek> ratrace: there's always that one
person who has the weirdest workflow
1538[18:40:52] <ratrace> oxek: and that also applies to security
fixes
1539[18:41:08] <ratrace> or political changes....
1540[18:41:18] <oxek> political changes?
1541[18:41:27] <ratrace> changes in code caused by politics
1542[18:41:31] <somiaj> So limiting the fixes to only the most
important cases, security and grave bugs is the compormised debian
has taken on their mostly frozen releases.
1543[18:42:33] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
1544[18:42:41] <oxek> I'm still looking for a distro that is
like debian, but backports security AND bugfixes, without
introducing new features. Probably doesn't exist.
1549[18:44:18] <imMute> oxek: CentOS is free is it not?
1550[18:44:28] <ratrace> oracle is too
1551[18:44:30] <oxek> CentOS is "dead" if we're to
believe the doomsayers
1552[18:44:37] <somiaj> Yea, it takes a lot of man power and help
from devs to nicely backport only the fix needed and sometimes this
is just not possible, hence compremises.
1553[18:45:02] <ratrace> somiaj: which is why I'm surprised
debian wouldn't (back)port bug fixes that don't have CVE
attached
1554[18:45:38] <ratrace> then again there's taht freezing
period where even CVE tagged changes don't trickle down...
1555[18:45:45] <somiaj> it depends on the bug, point releases
contain multiple bug fixes
1587[19:16:29] <pvoigt> One of my Buster machines does not show
the available 10.9 point release for upgrade. With the same package
sources serveral other machines can be upgraded from 10.8 to 10.9.
Any idea how to fix this?
1591[19:17:05] <dpkg> A suitable /etc/apt/sources.list for
"Buster" has the lines: "deb
replaced-url
1592[19:17:16] <oxek> the deb.debian.org one definitely has 10.9
1593[19:17:24] <Schwarzbaer> Hi. Any recommendations for a
program to go through an image collection and tag the images?
1594[19:17:25] <greycat> !deb.debian.org
1595[19:17:25] <dpkg> deb.debian.org is a mirror network that is
backed by international content delivery networks and for most
users, this is the most reliable <mirror> to use in the
<sources.list>. From Debian 9 "Stretch" onwards, apt
queries SRV records in DNS which then send it off to a CDN. Older
apt will get an HTTP redirect from deb.debian.org to the same CDNs.
See
replaced-url
1596[19:18:01] <oxek> the CDNs at deb.debian.org are 100%
synchronized at all times, as far as I know
1597[19:18:03] <pvoigt> greycat, oxek: Thanks, will try that
mirror.
1598[19:18:12] <oxek> it's not like the old httpredir one
1599[19:18:39] <greycat> "100% synchronized at all
times" sounds like a fond wish, but it might be close enough in
practice
1605[19:19:33] <oxek> last I asked about this, that's what I
was told. They only make the new versions visible once all the
servers have been synchronized
1606[19:19:48] <oxek> apparently something would break if that
was not the case
1628[19:28:20] <oxek> they probably shouldn't have been
running PHP on their git server :D
1629[19:28:26] <pvoigt> oxek: yes, apt updates sent ahead.
1630[19:29:18] <oxek> these supply chain attacks will be getting
more frequent I guess
1631[19:29:20] <genr8_> Its DNS. its always DNS.
1632[19:29:51] <oxek> pvoigt: `apt policy base-files` on the
affected machine? Unless you already fixed everything.
1633[19:31:14] <ratrace> oxek: the REAL fun here is that
they're all fleeing to GH. So now we have one, central repo
ecosystem to hack and then all the repos there will be totally pwnt.
holy grail for supply chain attacks. Thanks, PHP, you're just
dancing to their tune.
1634[19:31:54] <oxek> I think they just admitted they don't
have the manpower/skills to handle security on their servers, so
github is probably a better choice for them
1635[19:32:25] <oxek> It a choice between knowing your servers
can be easily hacked, and knowing that it would likely take much
more effort to hack github
1636[19:32:26] <pvoigt> base-files:
1637[19:32:28] <pvoigt> Installed: 10.3+deb10u8
1638[19:32:30] <pvoigt> Candidate: 10.3+deb10u8
1639[19:32:32] <pvoigt> Version table:
1640[19:32:34] <pvoigt> *** 10.3+deb10u8 500
1641[19:32:34] *** pvoigt was kicked by debhelper (flood)
1642[19:32:49] <imMute> ratrace: signed commits mitigates the
problem of your hosting infra getting hacked.
1643[19:33:05] <oxek> hmm, I should probably always add a somment
saying not to paste it directly in here but intead use some paste
service
1655[19:49:11] <pvoigt> oxek: apt update took several minutes. I
looks like the new mirror
replaced-url
1656[19:50:41] <oxek> not much for me to do. You chose the
"best" mirror deb.debian.org and ran a successful `apt
update` which refreshed the contents of all local cache files.
1665[19:54:01] <pvoigt> Well, I have rebuild libsane from source
several month ago due to a configuration error in the Debian
provided package. I am no quite sure about the exact error but I
thing it was a long black line on the scanned image.
1703[20:27:55] <pvoigt> oxek: OK, so I did not learn what went
wrong with apt. Btw: Machine rebooted smoothly into 10.9. Thanks for
your advice and feedback.
1760[20:55:53] <oxek> wine is not windows, hence it would fall
under the category of "system modifications that change how the
game runs"
1761[20:55:53] <Mathisen> i doubt proton is breaching any ToS. it
is valves own stuff.
1762[20:55:54] <Ede|Popede> i've never seen a game stating
"to be used on windows [$vers] only"
1763[20:56:11] <Mathisen> and proton would not work without wine
1764[20:56:21] <Ede|Popede> oxek, this would also be true for
other windows versions
1765[20:56:22] <oxek> I've definitely seen games where
unless you run on windows, you get banned because anticheat
doesn't work or detects system modifications
1766[20:56:45] <Mathisen> thats diffrent
1767[20:56:51] <Ede|Popede> this kind of crap is one reason
i'll never get a steam account
1768[20:56:55] <oxek> Ede|Popede: same
1769[20:57:21] <Ede|Popede> and if it does not *work* because of
this than i'd blame the anticheat stuff
1770[20:57:22] <oxek> unless the game explicitly supports linux,
and is sold separately without needing steam, I'm not getting
that game
1771[20:57:37] <oxek> (I haven't played a game ever since
steam came out...)
1772[20:58:03] <oxek> well ok, I tried minetest
1773[20:58:21] <oxek> oh and openarena
1774[20:58:34] *** Quits: catman370 (~catman@replaced-ip) (Quit: See you later..)
1775[20:58:37] <Ede|Popede> with my hardware i'm staying
behind for natural reasons *g* but i pay for it, i want to HAVE
something, not just "you may login to your account as long as
we're fine with it"
1812[21:07:32] <dpkg> Shiny New Shit Syndrome is a serious
disorder, which usually breaks out into an epidemic every time
something new is released. If you have SNS, ask me about
<backports> and <ssb>; these are better options than
upgrading to <testing> because it is a <moving target>.
1813[21:07:37] <Ede|Popede> not my world xD
1814[21:07:45] <oxek> that's fair xD
1815[21:09:16] <flrnd> so, one of the sns synthoms is "I use
arch btw", right?
1819[21:10:05] *** Quits: idhugo__ (~idhugo@replaced-ip) (Remote host closed the connection)
1820[21:10:09] <Mathisen> thats kinda true
1821[21:11:15] <oxek> I can't dislike arch, because their
wiki is superior to anything else made by any other distro
1822[21:11:48] <sney> the SNS nerds always write the best
documentation. gotta appreciate them, even if you don't dive in
with them
1823[21:11:48] <oxek> and at the very least their wiki does not
403 me like the debian wiki does
1824[21:11:52] <Mathisen> the distro itself is not bad either
1825[21:12:31] <oxek> is it confession hour yet? ok, I'll
start: I never managed to install arch, I only ever used it in
premade containers or vm images.
1826[21:12:40] <flrnd> Nah, was a stupid bad joke
1827[21:14:11] <flrnd> and I agree with oxek, arch wiki is great
1828[21:14:35] <Mathisen> i used it as main dist for 3+ years
now. for my desktop that is, for my VPS machines or other stuff i
prefer debian.
1829[21:14:55] <NetTerminalGene> oxek: you need to be a teenage
to install arch
1868[21:25:31] <NetTerminalGene> oxek: it's better to find a
local installation guide i think. i installed like that. and
it's not that hard really
1869[21:26:06] <oxek> to be fair, a script like this would be
pretty neat for debian as well. I know debian has some preseed
functionality, but it doesn't let me setup the partitioning the
way I'd like.
1893[21:35:20] <oxek> I mean, it will work, and sudo will pick up
some defaults (if arch works like debian), you'll just miss
setup of secure_path and env_reset
1894[21:35:26] <oxek> which is pretty important but not critical
1895[21:35:36] <oxek> hmm, maybe it is critical, depending on
your security needs
1897[21:37:22] *** Quits: Nokaji (~Nokaji@replaced-ip) (Quit: "... when the freedom they wished for most was
freedom from responsibility then Athens ceased to be free and was
never free again.” ~ Edward Gibbon (1737-1794) - Decline and
Fall of the Roman Empire, 1909)
1898[21:39:19] *** Quits: Caesar_NayKid (~igloo@replaced-ip) (Remote host closed the connection)
1928[22:07:11] <Sia-> hi, postfix installed and everythin works
without getting mails from my domain to each other. for example from
wordpress@chawg.org to webmaster@chawg.org never reaching but if
change the receiver to gmail or any other works fine!
1951[22:28:58] <deadrom> deb10 server with nfs4 mount of a server
that is down at the moment. all file ops retry forever, a simple ls
on the mount point stalls the console. umount says "device is
busy" - impossble, it's shut down
1952[22:29:05] <deadrom> how do I get out of this?
1965[22:34:33] <genr8_> i know this is kind of like mindreading,
but if that doesnt exist, then who knows what am I actually after ?
The most minimal list of packages to get a system up and running
1987[22:41:39] <genr8_> does that sound right enough ?
1988[22:41:52] <jelly> genr8_, there's a different set of
packages to get a debootstrap chroot running, or to get a VM
running, or to get a bare metal server running
1994[22:43:01] <dpkg> debootstrap can create a basic Debian
system from scratch, without apt/dpkg. Useful for installing in a
<chroot>. It is key to installing Debian GNU/Linux from a
Unix/Linux system.
replaced-url
2000[22:44:15] <jelly> ramzy, that usually means either network
or name resoultion (dns) isn't set up properly, or you really
don't have internet connectivity
2053[23:06:09] <metbsd> i'm wondering,if stable is using
4.19, and 4.19 was released 2018 october, does this mean it
doesn't support well hardware after 2018 october?
2054[23:06:30] <ratrace> cws: for windows host? I know
there's drivers if win is guest.... but not if win is host
2055[23:07:00] <ratrace> (ie. redhat's virtio drivers for
windows guests, network and scsi disks)
2056[23:07:16] <ratrace> metbsd: more or less
2057[23:07:45] <cws> ratrace: OH, sorry, I thought we meant
guest.
2058[23:07:49] <petn-randall> metbsd: Only to a certain extent.
Intel for example gets their drivers merged into the kernel well
before their hardware gets sold. So an older kernel will support
their newer hardware.
2086[23:18:25] <petn-randall> metbsd: It's your choice, but
if anything on Debian doesn't work, I usually first try the
kernel from backports before anything else.
2093[23:20:08] <flrnd> unless we're talking son bledding
edge or rare hardware, if not work on debian won't work on
other distros (and the other way around=)
2096[23:20:40] <dpkg> A backport is a package from a newer Debian
branch, compiled from source for an older branch to avoid dependency
and <ABI> complications.
replaced-url
2097[23:20:56] <petn-randall> metbsd: ^^^ You install the kernel
from backports, if that's what your question is.
2098[23:21:06] <flrnd> some hardware vendors release firmware
updates for their laptops, others don't.
2102[23:22:01] <flrnd> I'd look for hardware issues, like
intel+nvidia dgpus, it all depends if you just want install and
forget (0 tinkerin) or you are willing to do some research
2103[23:22:16] <deadrom> 10 years ago when I build a media center
of all dists out there it was debian who properly supported the
intel hardware. not even ubuntu did. lasted for a decade.
2106[23:24:00] <deadrom> I hear some negativity recently about
nvidia on linux. it still stands for me that if you want things to
work in linux - go nvidia. was like that for me since... 2005? has
that changed?
2107[23:24:21] <flrnd> yeah, many years ago I participated on a
LAN party, I was in charge of an old proliant server (for a FTP to
share stuff on the lan party) and I ended installing debian woody on
that server after some fiascos
2118[23:26:51] <deadrom> oh, ye gods, an nvidia dev once
introduced me to the finer details of how they handle that. but
#nvidia is a good place for that *if* someone is around. got irc
bouncer? :)
2186[23:48:16] <genr8_> debootstrap and cdebootstrap select all
packages with Priority: required and Priority: important from the
Debian mirror by default.