4[00:02:18] <oxek> what sort of other fonts do you need? Many
are already installed by default, if you installed things like
libreoffice, firefox, and other gui apps
5[00:03:38] *** Quits: YWH_1 (~foo_drive@replaced-ip) (Remote host closed the connection)
6[00:03:44] <fling> ok
7[00:04:10] *** Quits: madmattco (~kimjongil@replaced-ip) (Quit: sending nukes your way)
44[00:36:16] *** Quits: Mister00X (quassel@replaced-ip) (Quit: "I'll be back" — Arnold
Schwarzenegger)
45[00:43:00] <oxek> jhutchins: I'm still hurt that the
very expensive fonts I bought were not upgraded to whatever the new
format was, and they asked me to just buy them again for full price
46[00:43:21] <oxek> opentype or something of that sort
101[01:24:02] <truexfan81> whats the deal with sudo on debian
10? i've enabled the sudo group in /etc/sudoers and added my
user to the sudo group but when i try to sudo it says i'm not
in the sudoers file
102[01:24:37] <sney> log out and log back in
103[01:24:43] <truexfan81> did that
104[01:24:49] <truexfan81> even rebooted the entire vm
105[01:24:55] <sney> then you did something else wrong. pastebin
your sudoers file
114[01:28:59] <truexfan81> and i see i'm going to have to
make a few bash aliases for some of my preferred commands so i
don't have to type in the full path to sbin every time lol
148[01:59:34] <balleyne> I'm having a strange issue with a
server. It wouldn't boot. Would hang at "Cleaning
temporary files..." I eventually got it to boot by renaming
/tmp and creating a new empty /tmp and then it boot no problem. But
I still can't so much as ls the renamed /oldtmp
149[02:00:04] <balleyne> Any thoughts on how to explore
what's going on with a directory when ls won't even work?
(just hangs indefinitely it seems)
172[02:29:34] <cybercrypto> balleyne: Well... I would start with
knowing what is inside that mount point (perhaps too many files in
there causing ls to hang?)
173[02:30:53] <cybercrypto> balleyne: if that dir is used to
hold logs, do you know that? any file patterns like
application_name_time_stampyyyymmmddd.log? if known... you could try
ls a single file and check if returns something.
175[02:32:11] <cybercrypto> balleyne: besides that, you may want
to boot from rescue, single mode and check filesystem from other
tools... I am afraid you will need a bit of background about that
mount point, before moving forward.... Does ls works in any other
directories?
192[03:00:16] <dpkg> debsums is a utility that will check a
package's files against their checksums. The "-a"
argument will instruct it to also check configuration files:
"apt install debsums; debsums -a -s". Almost all packages
come with md5sums included in the package or apt will have generated
them for you; generate missing ones with "apt-get install
--reinstall `debsums -l`". Ask me about <md5sums>.
261[04:30:04] <avu> also if FSM forbids there is ever an exploit
in ssh that can be used without authorizing first, all ssh services
exposed on 22 will probably be exploited in a matter of hours
262[04:30:21] <avu> with another port, you may have a few hours
more to react unless you are explicitly targeted
267[04:36:08] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you
can get shot if you crack smiles and shit...)
268[04:38:01] *** debhelper sets mode: +l 1037
269[04:38:25] <somiaj> fail2ban is also nice
270[04:39:02] <sney> yeah, to clean up any stragglers
490[10:00:05] <tete_> anyone an idea how i could check if my pci
soundcard is broken? first i thought its the mainboard or the ssd.
now i removed the soundcard and everything seems to work, windows
boots again, debian does not behave strange anymore, but is there
some proof that was it? except installing the soundcard again and
see if those problems occur again. maybe some dmesg entries or so?
494[10:01:33] <wisbit> hi everyone, after seeing that
runc:[2:INIT] was using a lot of memory, I checked as suggested the
list of leaky mount points with this command for i in `ls
/proc/*/mountinfo`; do wc -l $i; done | sort -k 1 -n
495[10:02:05] <wisbit> it showed a very long list of
/proc/$$$/mountinfo ($$$ represents a number)
496[10:02:17] <wisbit> I don't really know what to do with
that.
497[10:02:31] <wisbit> is it a problem ? is it solvable ?
498[10:03:08] <ratrace> wisbit: is this debian or devuan?
499[10:03:12] <wisbit> debian
500[10:03:28] <wisbit> I have lots of dockers running on that
server, if that is relevant
501[10:05:24] <ratrace> well, not sure what you mean by
"leaky mount points", the proc mountinfo items list ....
mount information
502[10:05:51] <ratrace> what exactly is the _problem_ that you
have? runc process taking "a lot" of memory? How much? Out
of how much in total?
503[10:07:00] <wisbit> it's taking 200Mo, it's a the
top of the list of mem usage (now that docker and firefox are
shutdown)
505[10:07:36] <wisbit> also, weird thing is the list of
mountinfo, it refers to lots of apache and httpd processes, which
are not even supposed to be running. apache service is down
520[10:19:19] <wisbit> I am not very familiar with this. It
started by seeing this runc process in system monitor that was just
hanging there, not knowing it I had a read online which lead me to
what I mentioned earlier. Now, if that's not a big deal, than I
can just drop it and it's all well and done.
522[10:21:47] <ratrace> wisbit: 200 MB doesn't _sound_ like
big deal. open chromium and a few tabs and 2000MB it consumes
won't be a big deal because that's chromium. relatively
speaking.
623[11:11:20] <Franciman> jelly, the thing is that I am
compiling a commit in the middle of two releases
624[11:11:25] <Franciman> probably they introduced an error
625[11:11:35] <Franciman> and then fixed it
626[11:11:51] <Franciman> because I can successfully build 4.16
627[11:12:02] <Franciman> but the bug is introduced between 4.15
and 4.16
628[11:12:07] <Franciman> > I hate qualcomm
629[11:14:21] <jelly> !debootstrap
630[11:14:21] <dpkg> debootstrap can create a basic Debian
system from scratch, without apt/dpkg. Useful for installing in a
<chroot>. It is key to installing Debian GNU/Linux from a
Unix/Linux system.
replaced-url
631[11:14:38] <jelly> !schroot
632[11:14:39] <dpkg> schroot is an easy way of setting up a
<chroot> in a way that can be treated as a session. If
desired, modification to the chroot can be prevented using overlayfs
or LVM snapshots, making it very convenient for building packages or
simply running packages from other releases with minimal
containment. See
replaced-url
636[11:15:01] <dpkg> sbuild is, like, The 'sbuild'
package provides a way to build Debian packages within
<chroot> environments that are managed using the
<schroot> utility. Building within sbuild saves installing the
build-dependencies on your machine and also compiles in a clean
environment; sbuild is used on the Debian <buildd> network.
See
replaced-url
637[11:15:28] <jelly> I've seldom used any of the wrappers
for debootstrap. There might be better alternatives.
683[12:01:08] <ratrace> hegemoOn: when you run apt-get
noninteractively.... you need to tell it it's noninteractive
with an env DEBIAN_FRONTEND=noninteractive
706[12:11:52] <hegemoOn> inconsistency detected by ld.so
707[12:12:00] <hegemoOn> ratrace: they are
708[12:12:03] <zodd> is there a way (website) which can draw me
a picture what the effect (cascading) will be of installing a
certain (backported) package so I know upfront what consequences it
might have?
709[12:12:13] <hegemoOn> exactly the same iso with same setup
installation
710[12:12:24] <hegemoOn> same hardware and same installation
711[12:12:26] <ratrace> hegemoOn: clearly something IS different
about them
712[12:12:29] <hegemoOn> beside hiostname
713[12:12:51] <ratrace> hegemoOn: what is the action you're
performing and what is the exact error you receive
723[12:14:58] *** Quits: nicopok (~nicopok@replaced-ip) (Remote host closed the connection)
724[12:15:42] <zodd> casus: I would like to upgrade
chromium/chromedriver on a headless server running Buster to
facilitate some software. If I pick the versions from Bullseye I
might trigger a libc6 upgrade for instance which will enforce
upgrading a lot of other stuff causing a semi dist upgrade which I
do want to avoid
726[12:16:45] <ratrace> zodd: that's not the same as
installing backported packages per your original question,
that's mixing repos and that's seriously not recommended
unless you want BrokenThings
728[12:17:23] <ratrace> zodd: there is no tool that can predict
failures taht will happen. there is also no tool that can predict
dependency clashes based on mixing repos, unless you count apt
itself when you try to install something
730[12:17:35] <zodd> exactly. But backported packages can
introduce backported libc6. At least I have had some experiences of
that in the past. Do not want to go that road
731[12:18:00] <zodd> basically I am looking for a sandbox apt
752[12:23:20] <hegemoOn> one share, mounted on several clients
753[12:23:28] <ratrace> bottom line, if you have mixture of
wheel and locally compiled (with custom options, even if
-march=native) python modules, there may be clashe, yes. eitehr use
wheel or compile.
754[12:23:39] <hegemoOn> if i do an md5sum on exported file,
they are all the same
755[12:23:45] <ratrace> hegemoOn: which question, there's
several?
768[12:37:02] <hegemoOn> well, my interrogation, was about nfs,
and that suggested fact that nfs doesnt enforce constency of bits
across all clients sharing the same export
769[12:37:11] <hegemoOn> which is quite surprising
774[12:38:40] <jelly> zodd, backported packages from debian
backports will never introduce as significant changes as a new
libc6. and building chromium is a pain if you do it yourself, so
yes, testing or unstable in a container seems a reasonable approach
777[12:41:36] <ratrace> hegemoOn: but my point was, if you have
nfs mounts, from which you execute code, you effectively introduce a
variable in your setup. especially with python involved, and you
mention "users" and implying you don't have control
over which code they're running, and implying there may be
locally compiled modules, vs wheel based modules .... that's a
recipe for having setups that aren't identical
810[13:23:44] <queip> open software deliveres proper XMPP client
with functionality like "staying the hell connected to server
without manual intervention": no
811[13:23:51] <queip> why open software model failed us?
829[13:27:09] <queip> the entire reason for debian is that
software in repos, besides of being open source, should generally be
stable, e.g. provide most basic functions (Even if a bit old)
830[13:27:15] <jelly> why custom? Fix it and GIVE BACK the fix
to upstream
831[13:27:28] <jelly> queip, that's not what
"stable" means
832[13:27:28] <queip> jelly: so see you in 3-5 years?
834[13:27:49] <jelly> stable means: the set of issues is known
and does not change for the duration of the release
835[13:28:01] *** debhelper sets mode: +l 1071
836[13:28:07] <jelly> it doesn't mean the software is fit
for any particular purpose
837[13:28:18] <ratrace> that's even in the EULA
838[13:28:23] <jelly> ikr
839[13:28:27] <queip> jelly: that may be definition, but so
then, users of debian stable should not be expected to find in repo
software that works in it's most basic functions correctly,
like text IM client that can stay connected to server?
840[13:29:07] <jelly> queip, correct. If things are broken, the
best way forward is to help fixing them
842[13:29:29] <queip> so like "it's ok that is broken,
because 1) you can't sue us haha look into EULA and 2) you
should had fixed it 5 years ago lmao"?
843[13:29:51] <queip> ratrace: this bug is afaik among all
servers, in gajim
844[13:29:59] <jelly> queip, it's more like, if you
don't fix it now, it might still be crap in 3-5 from now and
we'll have the same conversation AGAIN
845[13:30:02] <ratrace> but proprietary software servers?
846[13:30:21] <queip> ratrace: *all* servers, including open
source server like ejabberd or whatever
847[13:30:35] <queip> it's bug in client only - it
doesn't automatically re-try reconnection if it is in
"Desyn" state
850[13:31:05] <jelly> the next best thing is to at least make
sure the bug is reported so others are aware
851[13:31:09] <queip> jelly: and the end result is still
apparently no one did
852[13:31:27] <jelly> queip, you're still thinking someone
ELSE is supposed to do it
853[13:31:32] <queip> yeah
854[13:31:38] <jelly> that's the core misunderstanding
855[13:31:46] <queip> I'm not building LFS here, I want to
use text chat
856[13:32:06] <jelly> queip, is the bug reported?
857[13:32:30] <queip> jelly: exactly. my observation is that it
failed to worked out, no one fixed it. yes even if technically
people can gloat "lol ur fault not fixing it"
858[13:33:07] <jelly> it's not gloating, it's stating
the fact
859[13:33:42] <jelly> with open source, you're at least
able to do something about other than reporting
860[13:33:56] <queip> lmao reported 13 years ago. but not sure
if it's the same exact bug, or other with same symptoms.
replaced-url
861[13:33:57] <jelly> with a closed source you're not able
to do that
864[13:34:31] <queip> jelly: yes I know how OS works, the point
is that this option allowed by OS is often not leading to good
software at all
865[13:34:56] <ratrace> here's the thing. the whole idea of
open source, libre source, GPL and similar licenses .... is that
it's ALL built and made and designed for programmers, not for
non-programming end users.
872[13:35:50] <queip> (and I think you are very wrong on that
user base limit there)
873[13:35:51] <jelly> if you can't fix it, pay someone who
can
874[13:35:59] <ratrace> queip: I never said there was a limit
875[13:36:08] <shtrb> ratrace, I would dissagree with your claim
, I know a 90 year old who happen to use FoSS tools for many years
for his day to dat usage
876[13:36:09] <ratrace> I said the entire idea of
"here's the source code" is aimed for programmers
877[13:36:21] <queip> ok then debian.org should warn about it?
878[13:36:27] <ratrace> shtrb: and again, I never said they
_cant_ do that
879[13:36:41] <jelly> queip, they do. It's basically in
every open source licence.
880[13:36:48] <queip> "Yeah the jokes are true, this is OS
for nerds only. You don't know C/C++/make/etc, then don't
expect good experience it's not designed for you"? I hope
that aint true ;)
881[13:36:53] <ratrace> shtrb: but a 90 year old NON programmer
has zero gains from GPLs statement that modifications should be
contributed back
882[13:37:17] <shtrb> ratrace, still better from being with MS
grip
883[13:37:30] <ratrace> not even for _nerds_ the entire premise,
initial idea, basement and foundation for the FOSS ecosystem is that
source is freely available for modifications and reuse
884[13:37:35] <ratrace> shtrb: oh definitely.
885[13:37:42] <queip> not saying that payable opensource is a
bad model, maybe there is some idea there
886[13:37:46] <ratrace> just saying: if you don't at least
report a bug, nobody's gonna fix it
887[13:38:14] <jelly> if you report it, that doesn't mean
too much, but at least other users can find it
888[13:38:16] <queip> fixing bugs is usually not fun at all and
therefore expensive
889[13:38:17] <shtrb> queip, I dissagree with your claim , there
are different tools, you can however pay (standard chagre can go as
low as 50 euro per hour of work and normally a decent dev would say
to you how much time it should take him )
890[13:38:34] <jelly> queip, it's fun if you like that sort
of thing.
891[13:38:56] <queip> jelly: looking at state of how buggy most
common programs are, it would seem it's not fun for many ;)
892[13:39:06] <shtrb> queip, it depends , I'm a dev and I
don't remember when ever I was a annoyed from fixing existing
bugs
893[13:39:15] <queip> no GOOD email client, no GOOD IM client
exists in debian, never had
894[13:39:34] <queip> btw video drivers are also a bane
895[13:39:36] <shtrb> queip, we don't get enough time to
fix stuff and priorities stuff , which is a different issue
896[13:39:37] <jelly> queip, how do you propose that situation
to change?
897[13:39:41] <queip> (which might be more of vendor fault)
898[13:39:59] <queip> shtrb: yeah but common good IM and good
email client
899[13:40:00] <shtrb> queip, mutt, kmail are very nice E-Mail
clients, there is a plato for good IM client
900[13:40:03] <ratrace> queip: frankly, no good email client
exists ANYWHERE. in MS, on Apple, on Android, on OSX ....
901[13:40:04] <queip> Im not asking for niche software here
902[13:40:17] <shtrb> queip, KTP and pidgin are extramly good
903[13:40:26] <queip> shtrb: kmail is totally messed up, though
yeah only one with proper features. if you can get it to work
904[13:40:34] <ratrace> queip: and I can tell you that as an MTA
admin for over 10 years who's seen her share of client side
bugs and problems with all the email programs
905[13:40:43] *** Quits: Jerrynicki (~niklas@replaced-ip) (Remote host closed the connection)
906[13:40:46] <queip> shtrb: pidgin has OMEMO encryption now?
attachments?
907[13:41:06] <shtrb> queip, that's not a definition for
"GOOD" , that have a specific feature you wish to get
908[13:41:11] <queip> ratrace: kmail bugs include inability to
work at all due to the akonadi things
909[13:41:17] <shtrb> OMEMO is a replacment , for existing and
working OTP
910[13:41:28] <queip> *OTR
911[13:41:41] <jelly> omemo and otr are not things your grandma
would care about
912[13:41:43] <shtrb> sorry OTR
913[13:41:44] <ratrace> shtrb: also this: I pad serious money
for some games. They still, to this day, have glitches and bugs
nobody fixed.
914[13:41:54] <queip> afaik omemo is superior; and otr in pidgin
had lots of problems regarding authenticating the fpr
915[13:42:01] <ratrace> AllSoftwareSucks(tm)
916[13:42:16] *** Joins: creat (~creat@replaced-ip)
917[13:42:23] <shtrb> queip, have you reported the bugs
regarding OTR in pidgin ?
918[13:42:26] <jelly> at least these days you can actually pay a
debian developer to fix things, over freexian
919[13:42:27] <queip> ratrace: well games mostly do not have
totally breaking bugs in most basic functions. unless it's like
F67 or Cyberpunk2077 ;)
920[13:42:34] <queip> *F76
921[13:43:02] <ratrace> queip: well _some_ games obviously do.
like _some_ email clients, _some_ xmpp clients, ... ;)
922[13:43:03] <shtrb> jelly, you can pay non DD too , to make it
into upstream
924[13:43:16] <queip> shtrb: some bugs I reported, almost always
they went unfixed so long I lost interested. but also seems other
reported failing it too, another thing not working as some would
envision, in foss community
925[13:43:39] <queip> ratrace: waiting for 1 good email, and 1
good im client in debian that will not break
926[13:43:52] <ratrace> queip: %s/in debian//
927[13:43:53] <jelly> queip, Debian merely shows that side of
software development in public
928[13:44:09] <jelly> "we don't hide bugs"
929[13:44:10] <queip> kmail -> akondai craps out. most other
client lacks functions. thunderbird broken external gpg (and lacks
functions anyway)
930[13:44:33] <queip> im -> gajim CAN'T AUTOCONNECT
(wtf). piding->otr has problems, and it's implementation of
it has more problems
939[13:46:08] <queip> maybe we like like "Debian but less
bugs"® that fixes most bugs but users pay yearly
subscription
940[13:46:13] <queip> this still can be foss btw
941[13:46:22] <jelly> queip, it's called a LTS
subscription.
942[13:46:27] <jelly> !lts
943[13:46:27] <dpkg> Debian Long Term Support (LTS) is a project
to extend the lifetime of all Debian stable releases to (at least) 5
years. Debian LTS is not handled by the Debian security team, but by
a separate group of volunteers and companies. Ask me about
<jessie-lts> and <stretch-lts> and see
replaced-url
944[13:46:46] <queip> jelly: these problems existed mostly in
Jessie too
945[13:46:55] <jelly> they don't fix "most" bugs,
but you can pay for the specific packages you need to work
954[13:48:03] <jelly> and I'm sure LTS people will be happy
to company's money to fix things in stable, too
955[13:48:15] <EdePopede> queip: long ago i couldn't play a
discworld game from CD ("copy" "protection", so
always keep it in the drive!) because the drive ran at full speed
during the endless intro which couldn't be omited and right
before it would have been done the drive decided to take a break to
cool down. which made the software crash instantly because the data
it waited for didn't arrive.
956[13:48:16] <queip> company?
957[13:48:45] <themill> I did hear of people who would love to
be paid to maintain Qt/KDE stuff.
958[13:48:48] <jelly> queip, yes. well maybe you can sponsor
250EUR/month from your own pocket
959[13:48:51] <EdePopede> and this was a *commercial* product
with a bug that would not have been necessary at all if someone
wouldn't have hacked it with a "who cares" attitude.
960[13:49:08] <queip> jelly: but why are we talking about
commercial user, what about desktop users
965[13:50:28] <jelly> queip, either you wait for a DD to fix it,
and we know that usually does not work, or you fix it, or you pay
someone. The context that "you pay someone" and that can
be done via LTS.
966[13:51:11] <EdePopede> too much code for too few devs
967[13:51:22] <jelly> tanstaafl
968[13:51:40] <EdePopede> that's like a construction worker
trying to feed his 8 children 100 years ago.
969[13:51:45] <jelly> open source != free bugless lunch
970[13:52:15] <queip> how about project where users (and heaving
in mind also regular home users) pay like dunno 10-30$/year
subscription , in return they get more support and especially it
funds prioritization of fixing bugs they are affected by
972[13:52:57] <jelly> queip, you need at least $80 for an hour
of dev work, and that's cheap
973[13:53:07] <queip> plot twist: the payment is more where no
important bugs exist, less is buggy. e.g. 50$/y, but if some amount
of basic programs are boken then only 30$, if more then 10$, and if
things are very bad then they don't pay that year if still
unfixed
974[13:53:46] <EdePopede> jelly: just imagine only half of the
people investing their time and skills into some project which is
just 1% different would instead work on whatever their code had been
forked from
975[13:53:58] <queip> jelly: fyi almost no C/C++/Java/Pythin
developer earns that much in Poland, usually x3-x6 less. just a
tidbit
976[13:54:36] <jelly> queip, the DDs working on LTS get
80EUR/hour, and they're in all kinds of countries
977[13:55:05] <queip> wow I would be probably richest developer
in my (major) town
978[13:55:19] <queip> anyway. yeah it just depends on number of
uers
979[13:55:21] <queip> *users
980[13:55:35] <jelly> queip, if you're getting paid $12/hr,
and are able to triage and backport security fixes, consider working
for LTS. They are asking for more people.
981[13:55:50] <EdePopede> jelly: not only devs, that's true
for a lot of jobs when it comes to eastern europe. without them
prices for asparagus, strawberries and a lot of other agricultural
products would just explode, and most of old people being on their
own would have to chance to get anyone for daycare.
982[13:56:12] <jelly> EdePopede, I know, I live there.
983[13:56:43] <EdePopede> err. was an answer to queip this time,
no idea where your nick appeared from xD
985[13:56:55] <queip> I bet reconnect bug is <1000$
986[13:57:03] <queip> bounties might be one idea
987[13:57:20] <queip> but a downside of this exact approach is
that it almost incentives to create bugs, at some point
988[13:57:23] <EdePopede> the good thing in software is
it's done a single time and if it is successful then !next
989[13:57:38] <shtrb> queip, you overestime charging values
990[13:57:48] <jelly> EdePopede, unless you have a cesspool like
openssl
991[13:57:51] <EdePopede> devs creating bugs just to be able to
fix them later? ey, they're not firefighters :P
992[13:58:16] <queip> EdePopede: "at some point". more
like "why spend x3 more time and write more UTs and fuzzers and
shit"
993[13:58:28] <queip> "at most this will result in getting
LESS money for my friend"
994[13:58:46] <jelly> fuzzers are finding more bugs in eg. linux
kernel than devs can fix.
995[13:59:02] <queip> when you pay for code remaining bug-free,
it is motivation to use most productive approach, tests, UTs, all
996[13:59:24] <queip> jelly: security and quality of Linux is
another can of worms, maybe one day
997[13:59:24] <jelly> there's hardly a reason to
deliberately introduce new ones, when 70% are accidentally
introduces anyway
998[14:00:02] <EdePopede> *nod* it's easy to blow
air/liquids into a pipe and find out some gets lost somewhere than
to find the hole (even in that exact situation)
1001[14:01:38] <EdePopede> also some things were considered fine
when it all started (linux, bsd, unix), but aren't today
anymore. SUID root (think beep), fingerd, the world is an evil
place.
1002[14:02:16] <queip> decision maker of default on beep in linux
bash should anyway be pushed to lava source block. in minecraft
1003[14:03:22] <queip> only hw developers ending beeper presence
in PCs ended that blunder
1004[14:04:43] <EdePopede> because i looked at Discord again last
week (suid chrome-sandbox) i also checked my system for them. there
are a couple left, i really would like some other approach. the
graphics i've seen showing how (iirc) pkexec works looked good.
the critical stuff is done by privileged code which tells userland
code to do something and gets it back to the user code requesting
it.
1081[14:58:38] <queip> tinga: "You may submit bugs against
the list archives using the lists.debian.org pseudo-package or
contact the maintainer at listmaster@lists.debian.org. "
1082[14:58:57] <queip> (in footer)
1083[14:59:01] <tinga> OK I'll mail them. Thanks
1084[14:59:11] <jelly> tinga, I see four messages in
replaced-url
1085[14:59:12] <EdePopede> tinga, looks ok here?
replaced-url
1086[14:59:35] <queip> indeed I see 4 msgs there
1087[15:00:06] <tinga> It just endlessly spins for me
("transferring data from lists.debian.org")
1088[15:00:30] <jelly> try to quite your web browser and open it
again :-D
1116[15:11:37] <tinga> Works fine if I disable LocalCDN add-on.
1117[15:11:43] <tinga> OK, got it solved.
1118[15:12:41] <tinga> (Well, at least in as far as it's a
compatibility issue with that. Odd since I'm also using uBlock
Origin with js off and I thought LocalCDN only stores js.)
1135[15:23:42] <Enissay> Using terminal SFTP to upload a file, it
works fine, but if I interrupt the transfer then relaunch again, it
gives me: `remote open("/myDir/myFile.deb"): Permission
denied`
1170[15:56:55] <Enissay> ratrace: there is a small file yes.
Normally it should either replace or resume. I get the same error
when adding resume flag `put -a myfile.deb`
1171[15:57:12] <ratrace> Enissay: and what's ownership and
permission on that file?
1186[16:01:30] <ratrace> Enissay: Unlesss .... you really _are_
using SFTP ( openssh's sftp(1) ) .. is taht the case?
1187[16:02:04] *** Quits: konrados (~konrados@replaced-ip) (Remote host closed the connection)
1188[16:02:11] <ratrace> (openssh's or some other
openssh-ftp client)
1189[16:02:49] <twobitsprite> bullseye really doesn't have a
/usr/bin/{or whatever}/python? and update-alternatives doesn't
have alternatives for "python"?
1193[16:03:31] *** Quits: amunak (~amunak@replaced-ip) (Remote host closed the connection)
1194[16:03:40] <twobitsprite> do I really need to just make a
symlink in /usr/local/python or something to run python scripts?
1195[16:03:51] <twobitsprite> I feel like I must be missing
something
1196[16:04:28] <ratrace> interesting problem. I wonder if
bullseye's idea of keeping python2.7 around means it's not
switching `python` to `python3` just yet
1204[16:06:18] <twobitsprite> imMute: interesting...
python-minimal has no installation candidate, but it does list
replacements: python-is-python3 python-is-python2 python2-minimal
1205[16:06:25] <imMute> odd that it would show up in that
search...
1206[16:06:29] <ratrace> but ... there'y python2.7-minimal
1218[16:09:26] <cws> twobitsprite: My suggestion would be to use
'env'.
1219[16:09:26] <twobitsprite> I get that python3 threw a spanner
in the works for everyone... I'm just surprised Debian
doesn't have some "python" executable in the path,
and doesn't seem to have update-alternatives support...
1220[16:09:36] <cws> #!/usr/bin/env python2 or /usr/bin/env
python3
1221[16:09:47] <twobitsprite> cws: env doesn't fix this. in
fact, the script I'm trying to run is using env
1222[16:09:49] <imMute> twobitsprite: it also looks like if you
upgrade from an older release that had python2.7 installed, you get
pyton-is-python2 automatically. and I'm guessing that Debian
either upgraded all their scripts or made the #! explicit
1223[16:10:01] <nkuttler> changing the system default python
would probably break lots of stuff
1225[16:10:41] <ratrace> actually, that `python` means python2
exclusively, is mandated by a PEP. now with 2 being EOL'd
there's another PEP that _allows_ `python` to mean `python3`
1227[16:11:23] <twobitsprite> I thought the convention going
forward was to always assume "python" is python 2.x and if
your script was written for python 3, to explicitly call
"#!...python3"
1228[16:11:24] <ratrace> so the question _I_ am interested in is,
does Bullseye implement the switch of `python` to mean `python3`, or
does it still keep it to mean 2
1229[16:11:30] *** Quits: nicopok2 (~nicopok@replaced-ip) (Remote host closed the connection)
1236[16:12:18] <ratrace> twobitsprite: unless you install
python2-minimal
1237[16:12:36] <twobitsprite> ratrace: you mean,
python-is-python2
1238[16:12:54] <ratrace> and you shouldn't really. py2 in
Bullseye is only there to support some important dependencies that
couldn't be migrated in time. it's a dead python.
unpatched. bereft of life. it's an ex python.
1239[16:12:57] <twobitsprite> ratrace: but that's my point,
a lot of scripts assume there is a "python" on the path,
and usually it's assumed that's python2
1240[16:13:00] <ratrace> twobitsprite: I mean python2-minimal
1241[16:13:05] <ratrace> which pulls in python2.7-minimal
1242[16:13:36] <ratrace> twobitsprite: yes, a lot of scripts
expect `python` to mean 2
1243[16:13:38] <twobitsprite> ratrace: I thought someone said
python2-minimal provides a "python2" executable, but not a
"python" executable
1244[16:14:02] <twobitsprite> (I haven't verified, because I
installed python-is-python2)
1245[16:14:10] <ratrace> cws's suggestion to use env is the
best scripts can really do
1246[16:14:28] <twobitsprite> env doesn't fix it though
1247[16:14:36] <twobitsprite> you still need to know the
executable name
1248[16:14:44] <twobitsprite> "#!/usr/bin/env python"
still breaks
1249[16:15:00] <ratrace> ah yes, I confused the bins ...
python2{.7}-minimal installs /usr/bin/python2.7
1250[16:15:26] <twobitsprite> and I just checked,
1251[16:15:34] <twobitsprite> I already had python2-minimal
install
1255[16:16:27] <twobitsprite> and I know the "Right
Thing(TM)" is for scripts to call "python2" or
"python3", but a lot of existing scripts just call
"python" (either as "#!/usr/bin/python" or
"#!/usr/bin/env python")
1257[16:17:16] <twobitsprite> I just worry that bullseye is going
to cause a lot of unexpected breakage when people start using it in
production
1258[16:17:31] <karlpinc> FWIW, a history of what the python
people suggest "python" runs:
replaced-url
1259[16:17:44] <imMute> twobitsprite: those scripts will need to
be updated. you can't expect to just move
scripts/programs/processes forward without needing to update them
once in a while.
1261[16:18:33] <ratrace> twobitsprite: it won't break
packaged scripts. the idea is to have them properly reference the
python they need, otherwise it's a massive bug that can be
easily fixed
1262[16:18:42] <twobitsprite> imMute: /usr/bin/perl is still
perl5
1267[16:19:42] <twobitsprite> *shrug* whatever, break
people's shit, I'm just saying I think it's a bad
decision that's going to make a lot of people mad at Debian
1268[16:20:33] <imMute> twobitsprite: not the same thing. python3
is the next version of python. perl6 is not the successor to perl5
(despite the name)
1292[16:31:28] <imMute> twobitsprite: extremely easy! 'sudo
apt install python-is-python2' or upgrade from a system where
python 2 is already installed.
1293[16:31:36] <ratrace> twobitsprite: but there's no more
python2 for regular use. the package in bullseye is special and not
recommended to install or use manually
1294[16:31:52] <ratrace> there shouldn't even been python2
in bullseye, but here we are....
1295[16:32:01] <cws> python2 is EOL, if you're still using
it, stop, if you have stuff that uses it, update it.
1296[16:32:23] <cws> Its not pigheaded, its reality.
1297[16:34:05] <ayekat> distros aren't (and shouldn't
be) responsible for maintaining dead stuff
1318[16:52:17] <ratrace> twobitsprite: this has nothing to do
with "neckbeardery" (ass uming you mean hardened unix
veteranism bordering luddism :) )
1319[16:52:37] <ratrace> python2 == EOL. dead. is no more.
it's an ex python. bereft of life.
1320[16:52:59] <cws> ratrace++ for monty python python
1321[16:53:04] <ratrace> the only reason there's traces of
it in Bullseye is that some important packages still depend on it,
so it's a dependency, one that is DEAD, will not receive any
updates and NOBODY should use it.
1322[16:53:08] <ratrace> cws: :)
1323[16:53:36] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
1326[16:54:01] <TheBigK02> booting old kernel helped... but what
changed
1327[16:54:02] <ratrace> so if lack of /usr/bin/python breaks
someone's python2 script in second half of 2021, that has
nothing to do with debian.
1328[16:54:42] <ratrace> also, Debian would be quite within
rights and PEP recommendations if /usr/bin/python symlinked to
python3. that'd still break somoene's old, unpatched
broken python2 script that expects `python` to be 2.x
1338[17:00:27] <Enissay> ratrace: I am not sure, not my server,
how to check that ?
1339[17:02:04] <jhutchins> TheBigK02: It might give us some
insight if we knew what release you're running, and which
specific kernels are your "old" and "new".
1340[17:02:51] <ratrace> Enissay: well you know what client
you're using.
1341[17:03:40] <ratrace> Enissay: is it openssh-ftp, like
sftp(1), or perhaps Filezilla set up wiht openssh keys, or is it
literally FTP, the one listening on port 21
1373[17:22:13] <shtrb> Enissay, I used it for a while you need to
check what the server is listening on (what mode) , an interupted
connection has a timeout of a few minutes for which you will not be
able to erase or overwrite the file (until the server disconnect the
previous connection )
1377[17:23:48] <shtrb> The easiest way to debug , is to connect
using sftp and send ls (to see if you are even allowed to list it)
and rm for that file and see if you have a permission to drop it.
1389[17:25:11] <ratrace> and I have a nagging suspicion here,
that s/he isn't using "proftpd" user for SFTP, and
there's a clash of uploading via FTP(S) and SFTP because FTP(S)
files are owned by proftpd
1390[17:25:13] <shtrb> I think he might be using Filezilla Client
but a different server (which would explain the proftpd)
1401[17:29:11] <ratrace> shtrb: I am asking if proftpd support
openssh-ftp protocol, aka SFTP. I know proftpd does FTP(S) (FTP over
TLS/SSL) .. but does it also do openssh-sftp ?
1406[17:29:57] <ratrace> okay. so the question is here, which
user is SFTP tried as, and is there a clash between that
user's, and uploads via FTPS which would be proftp unless
configured wiht a uid map
1427[17:32:43] *** Quits: szorfein (~daggoth@replaced-ip) (Remote host closed the connection)
1428[17:32:47] <ratrace> maybe this is too much yak shaving,
compared to the original problem. uploading a file, interrupting,
then resuming would result with permission deined.
1436[17:34:38] <shtrb> If you disconnect mid download , and
reconnect after one second you will not be able to continue because
the file handle is still open
1437[17:34:44] <shtrb> *mid upload
1438[17:35:06] <ratrace> ah, and open in exclusive access mode or
something. possible, yes. that'd explain this definitely.
1439[17:35:09] <ratrace> Enissay: ^^^^
1440[17:35:59] <shtrb> My common workaround for this is to try to
manually to erase the file, if I can't it's this annoying
issue and I just need to wait for a few minutes for it to free the
file
1441[17:36:23] <shtrb> as long it's in TIMEWAIT state you
can't do anything
1453[17:45:18] <jvwjgames> I am wondering why my laptop is going
slow with Linux I have 4 gigs of RAM a Intel i3 processor and 2TB of
HDD storage
1454[17:45:45] <Enissay> even after disconnecting and connecting
again, the file still cannot be resumed/overriten. I see this in log
`OPEN command for '/myFile.deb' blocked by
'STOR' handler`
1455[17:45:56] <greycat> 4 GB is considered a bit low if you run
a web browser
1456[17:46:14] <jvwjgames> Even installing was slow
1457[17:46:46] <jvwjgames> My laptop doesn't use even a gig
of RAM due to the lightweight version of desktop I am using
1462[17:48:57] <jelly> jvwjgames, if your workload isn't
bottlenecked by RAM, replacing HDD with SSD would probably be the
next best thing to improve general responsiveness
1463[17:50:27] <jvwjgames> Ok thanks
1464[17:50:38] <jvwjgames> Also the laptop is a Sony Vaio
1465[17:51:09] <jelly> cpu model. Not laptop brand.
1466[17:51:21] <shtrb> Enissay, STORE command is exactly what I
mentioned before
1467[17:51:26] <jvwjgames> Oh sorry
1468[17:51:39] <jelly> grep model.name /proc/cpuinfo | head -n1
1469[17:52:38] <shtrb> ratrace, but WHY ?!
1470[17:52:48] <jelly> core2duo or older will feel sluggish in
general, they don't have enough L2/L3 cache of the modern
software builds
1471[17:53:16] <jvwjgames> Intel Core I3 M 370 @2.40Ghz
1472[17:54:01] <jelly> i3-370M
1473[17:54:12] <jvwjgames> Yes
1474[17:54:14] *** Quits: kfvn (~weechat@replaced-ip) (Remote host closed the connection)
1475[17:54:35] <shtrb> Enissay, STOR just mean the client is
still sending data , if in reality you had disconnected it mean the
server didn't drop the inernal handle
1492[17:57:28] <ratrace> shtrb: because on the server I have a
megaton of transient connections (we host millions of images) that
saturate the conntrack with dead items
1493[17:57:57] <ratrace> in 2021 there's really no
legitimate case where a server would _need_ to take more than 15
secodns to respond to the fin/finack dance
1509[18:03:23] <jvwjgames> jelly: did you get the picture
1510[18:03:45] <imMute> ratrace: isn't TIMEWAIT only
relevant when the connection is not cleanly closed? AFAIU, cleanly
closed connections do not enter those wait states...
1519[18:06:10] <Enissay> shtrb: netstat doesnt show my conection,
I mean a lot of empty lines; Using `ftpwho`, I could see my
connection which disappears immediately after logout
1520[18:06:17] <ratrace> imMute: but the stack uses TIMEWAIT to
wait a bit more for any residual packets belonging to the session to
settle down
1521[18:07:09] <ratrace> remember the stack only validates TCP
state based on serial number. it reassembles out of order packets
but doesn't keep track of potential retransmissions and whether
they've caused extraneous packets
1523[18:07:20] <jvwjgames> It is Kali but it's still based
on Debian if this laptop is going to continue to go slow even if I
change out the HDD to a SDD that's going to suck because I just
barely bought this laptop 💻 from a pawn shop
1542[18:19:44] <jelly> jvwjgames, well there's no obvious
reason for "slow" but we don't know what kali people
have changed and can't help with that OS
1589[18:47:05] <cybercrypto> johnfg: What do you mean? Normally
when you develop an application you may want to structure it to
react to debug level as a configurable parameter.... Please,
elaborate your question and clarify what you are looking.
1590[18:47:19] <greycat> you read the man page for the daemon,
find out how to make it more verbose, and then edit the unit file
1591[18:47:45] <greycat> (by which I mean you either make a copy
of the whole unit file in /etc/ and edit the copy, or you use a
drop-in snippet in a .d directory)
1603[18:52:45] <rangergord> ratrace: as a Ubuntu user I liked it.
I didn't have to leanr networkd or NetworkManager (I only knew
ifupdown) , just one configuration frontend that works regardless of
backend
1604[18:52:58] <ratrace> rangergord: but it only supports one
backend, so....
1605[18:53:17] <rangergord> really? on Ubuntu Server it works
with networkd, and on Ubuntu desktop it works with NM
1606[18:53:40] <ratrace> rangergord: you can't configure NM
with options you can use for networkd, ... or can you?
1608[18:54:57] <rangergord> I don't know. But I'm
pretty sure it's meant to, otherwise what's the point?.
Anecdotally, the basics I know (set a static IP, DNS server,
gateway, etc) worked on a Ubuntu Server system as well as on desktop
despite using networkd and NM respectively.
1610[18:56:11] <rangergord> It would be a shame if netplan on
Debian didn't do that too. I'm gonna be using Debian more
and more, was hoping I could just use Netplan.
1628[18:58:46] <ratrace> maybe things changed recently, last time
I tried that it failed misreably, only networkd was properly
configurable
1629[18:59:02] <ratrace> anyhoo.... I _sincerely_ hope that
canonical NIH crapware doesn't become dfault in debian.
1630[18:59:09] <rangergord> for someone who ONLY knows ifupdown
(/etc/network/interfaces), and who only intends to use Ubuntu and
Debian, netplan is a better time investment than learning
NM/networkd, right?
1631[18:59:22] <rangergord> I got pretty productive in 30 minutes
of reading netplan
1632[18:59:25] <cws> ratrace: oh get off it, jesus. netplan is a
great tool.
1633[18:59:27] <rangergord> but I'm a very basic user
1639[18:59:49] <ratrace> rangergord: it's installable in
bullseye
1640[19:00:00] <ratrace> cws: I do. it's shite NIHware
1641[19:00:21] <cws> ratrace: right, coming from the one who
doesn't even know its functional capabilities
1642[19:00:23] <ratrace> if someone wants it, it's there to
install and use. but becoming default? nope.
1643[19:00:25] <cws> ratrace: piss off
1644[19:00:30] <ratrace> blow me, retardo
1645[19:00:46] <rangergord> ratrace: that's not really what
it is. It doesn't replace networkd/NM, it just provides a
unified way of configuring either of them. Should cover us for the
next decade or so before networkd absorbs NM.
1649[19:01:24] <ratrace> rangergord: I know, it's yaml
config that then orchestrates specific backend
1650[19:01:29] <ratrace> "one Yaml to rule them all"
1651[19:02:21] <cws> still waiting for a technical justification
of why its bad
1652[19:02:36] <cws> gonna be waiting a long time, i think
1653[19:02:49] <rangergord> ratrace: just hates Canonical :P
1654[19:02:52] <cws> "waaah canonical waaah"
1655[19:02:53] <ratrace> it's redundant. it does nothing but
translate yaml to ini
1656[19:03:14] <cws> or nm configs, but you don't seem to be
well versed in that half
1657[19:03:49] <ratrace> so what if I'm not? I don't
use NM, it's not a secret.
1658[19:03:53] <rangergord> I'm happy learning different
tools that do different things. But never happy learning 2
time-consuming equivalent ways of doing the same thing.
1672[19:05:59] <ratrace> if you want to use THAT to berate me
because I said netplan.io stinks, go ahead. but that really makes
YOU a canonical fanboi who can't stand someone disliking or
hating their NIH crapware
1673[19:05:59] <rangergord> cws: I dont know what those are, but
glad it supports advanced scenarios
1675[19:06:29] <rangergord> ratrace: if a lone, fiercely
independent and free Debian developer of color had made it, would
you still be ragging on it?
1676[19:06:58] <ratrace> rangergord: yes. becuase it doesn't
do anything useful. it's Yet Another Abstraction layer that
hides specifics of each backend.
1677[19:07:08] <cws> Don't expect an intellectually honest
answer.
1678[19:07:20] <ratrace> however, DD wouldn't dream of doing
nonsense like that, so that doesn't matter
1679[19:08:08] <jelly> rangergord, see that xkcd about standards.
1680[19:08:11] <rangergord> allright, fair enough. Let's
agree to disagree :)
1681[19:08:36] <ratrace> rangergord: you _are_ of course free to
use it if you like it. it's packaged, installable, and I never
said anything against _that_ part.
1682[19:08:42] <rangergord> cws: do you know if Netplan lets you
see the backend-specific configuration files it created from the
yaml?
1696[19:11:20] <ratrace> has no reason to be build time dep.
netplan.io _literally_ just translates yaml to ini and then triggers
the backend into reconfiguring
1697[19:11:33] <rangergord> avu: idk why they dropped Unity. I
like it better than Gnome. I still have to use Ubuntu 16.04 for an
old toolchain and it's nicer than Gnome on Buster and CentOS 8.
1698[19:11:36] <cws> oh, sure enough. I often see netplan pulled
in by cloud-init, but i guess that's not a hard dependency.
1700[19:12:09] <jelly> ratrace, I kind of agree with Canonical in
not having to rely on systemd-networkd APIs and providing their own
wrapper they can actually trust to be stable
1701[19:12:19] <jelly> systemd isn't good with stable APIs
1702[19:12:35] <ratrace> jelly: yah, that's called NIH.
literally you just described NIH :)
1703[19:13:02] <rangergord> NIH implies no real value added.
jelly just mentioned one value it adds, API stability.
1704[19:13:07] <jelly> and if some upstream explicitely says they
won't keep API stable, then you want to NIH
1705[19:13:21] <cws> "netplan try" is worth it on its
own.
1710[19:14:38] <jelly> but if RH wants to play that way, well.
1711[19:14:53] <ratrace> RH opted for NM everywhere
1712[19:15:40] <ratrace> which means they think NM API is stable
enough to support across the product line they have. which makes
netplan.io even less needed.
1713[19:15:41] <rangergord> cws: I just learned about cloud-init
from you now. What makes it so widely adopted? Who's adopting
it? In which situations? I see their website but I'm trying to
think how someone like me might use it, would help if I knew
concrete scenarios. Is this like Docker, for when the host system
isn't installed yet?
1714[19:16:18] <cws> Nearly every cloud provider or cloud infra
uses it. OpenStack, AWS, GCE, OVH, Hetzner, and I could go on.
1715[19:16:25] <jelly> it's simple and easy enough
1718[19:16:55] <cws> Every VM deployed gets a config dumped on it
via cloud-init. Can be as minimal as "create this user,"
or as complex as... well, it can get VERY complex.
1719[19:17:00] <jelly> I'd use it on private cloud if VMware
supported it better
1738[19:20:53] <ratrace> technically you can use ansible to do
the same task cloud-init does, localhost
1739[19:21:05] <cws> Terraform uses cloud-init to do some of its
early-stage config.
1740[19:21:05] <jelly> ratrace, that also requires OS _and_
ansible to magically be installed first
1741[19:21:20] <ratrace> so you can say that cloud-init is a
subset of ansible functionality, aimed to be run locally, on boot.
ansible is aimed to manage multiple distributed hosts
1742[19:21:44] <rangergord> so it's OS provisioning
(cloud-init, Terraform) on cloud providers, vs
configuration/management of a live OS (Ansible)
1751[19:22:33] <rangergord> "While terraform is used to
setup the virtual hardware resources, cloud-init is used to
initialize the OS level configuration including: user accounts, ssh
login keys, packages, and networking."
1764[19:26:40] <rangergord> those are more like Ansible, in that
they need a running system. These cloud tools are for tasks like
"tell Amazon to create a VM with 6GB of RAM running Debian 10,
user bob, network blah blah, then boot it". Then you would
follow up with the Ansible/Saltstack/Chef/Puppet (I think)
1766[19:27:05] <rangergord> unless those 4 also support cloud
provisioning, in which case I give up
1767[19:27:10] <ratrace> rangergord: you can do the same with
ansible, saltstack, ... you just need a plugin for AWS APIs
1768[19:27:14] <ratrace> which afaik exist
1769[19:27:15] <rangergord> haha
1770[19:28:04] <ratrace> rangergord: cloud-init, while useful, is
definitely not the only tool that can do that task. it only depends
what you want, what you already have in your network, etc...
1773[19:28:37] <ratrace> personally, I use saltstack for all
deployments now, including provisioning and thre's a
bootstrapping agent included in VM images so when they fire up, they
autoconfigure from the master settings
1877[20:58:35] <alandipert> fantastic! just got buster installed,
loving it. playing with lxc - very cool
1878[20:58:53] <greycat> !i386
1879[20:58:53] <dpkg> Debian's i386 port is for some subset
of the 32-bit x86 instruction set as has grown organically over the
years. From Debian 6 Squeeze onwards, only 586 machines and newer
are supported, while from Debian 9 Stretch, only 686 processors will
be supported. See
replaced-url
1925[21:15:44] <ratrace> EdePopede: I mean why would you run sudo
after gksudo'ing something ... or if I misunderstood, what do
you mean with gksudo -> sudo -> xterm -> bash?
1930[21:16:14] <ratrace> but you're already in a term... why
gksudo xterm?
1931[21:16:15] <somiaj> More and more it is getting harder to run
things in xorg (as root) from a terminal even if you have DISPLAY
set correctly, partly because the enviorment is clobbered.
1932[21:16:21] <EdePopede> blame the gksudo team for doing it so
1936[21:16:51] <EdePopede> i'm really waiting for something
as easy as windows has with "run as..."
1937[21:17:03] <rangergord> sney: well, the libraries seem to
support 386, but both qt4-qmake and qt4-qmake:i386 install to
/usr/bin/qmake. In my case I want to work on both a 32-bit and
64-bit Qt app. Guess this won't be a trivial matter.
1938[21:17:09] <EdePopede> right click, open the dialog, select
the user, done
1939[21:17:58] <EdePopede> i can login as every user with an
account in text mode, but in a DE it's a rabbit hole to open a
root terminal
1940[21:18:27] <ratrace> EdePopede: and funny thing is, such a
program would be dead easy to write. based on pkexec/polkit for
permission delegation
1941[21:19:25] <EdePopede> for a kernel developer maybe, but not
for 99% of the users in the wild
1942[21:19:26] <ratrace> meanwhile, I never found it too
difficult to start a term and run su -l.
1943[21:19:36] <EdePopede> isn't su dead?
1944[21:19:41] <somiaj> no, su is not dead
1945[21:19:43] <ratrace> no?
1946[21:20:06] <EdePopede> i thought "use sudo, not su"
was debian policy for years
1947[21:20:33] <ratrace> sudo -i or su -l effectively do the same
thing
1948[21:20:45] <EdePopede> it was odd when i first encountered it
on some knoppix disc years ago, but i got used to it
1949[21:21:37] <aminvakil> ratrace: isn't one of them
require user password and other one root password?
1950[21:21:38] <EdePopede> anyway, is there a reason to keep a
user shell below the root shell?
1951[21:21:58] <cws> aminvakil: by default, yes.
1952[21:22:16] <EdePopede> or could i have xterm start bash under
root account doing some kind of auth?
1953[21:22:17] <aminvakil> ah, "effectively do the same
thing" sure, they just do it differently
1954[21:22:34] *** Quits: mezzo (~mezzo@replaced-ip) (Quit: leaving)
1958[21:23:15] <cws> aminvakil: in its default invocation, sudo
does something rather different. sudo allows you to run a single
command under the context of a different user. su, in its default
invocation, spawns a full new shell as the target user. By default,
the target user in both cases is root.
1959[21:23:16] <EdePopede> ah, so gksu is just a frontend to
su/sudo
1964[21:23:54] <somiaj> anyways, I think the issue is it is
probably a bad idea to have a general tool that allows easy use to
run abitary binaries as root (sudo with ALL permissions is even
considered bad)
1965[21:24:05] <aminvakil> cws: yep, thanks for explanation.
1966[21:24:06] <somiaj> that and they keep changing which tools
are best used for privlage essiclation on the desktop
1967[21:24:35] <EdePopede> tbh i even have a bad feeling with the
cached passwords for sudo
1968[21:24:38] <ratrace> cws: no there's no such difference
between sudo -i and su -l . both spawn a shell in full login
context. and both can run a specific command, and as another user.
sudo, however, has an entire language for expressing sudoer contexts
and permissions
1970[21:24:46] <somiaj> EdePopede: I thought gksu was removed
from debian a few release ago in favor of polkit (which debian still
use, but policykit is now the standard)
1971[21:24:52] <cws> ratrace: what part of "default
invocation" exceeded your ability to comprehend?
1975[21:25:08] <EdePopede> some blackhat tool would just have to
sit in the background and wait for me to use it and then get a root
shell.
1976[21:25:16] <ratrace> cws: still wrong in this comparison
example
1977[21:25:27] <jhutchins> aminvakil: There have always been
philosophical differences about whether to use su - (root shell) or
sudo commands. It really depends on your environment and what
you're trying to "secure" it from.
1978[21:25:28] <EdePopede> somiaj: on 9, but don't ask me
for the codename
1979[21:25:30] <ratrace> somiaj: yes, one requires root password,
the other your user's
1982[21:25:59] <EdePopede> somiaj: also has polkit but it seems i
never got behind it. or it was just new, who knows.
1983[21:26:02] <cws> ratrace: Jesus, you are just a font of
foolishness today.
1984[21:26:10] <somiaj> EdePopede: Sometimes it is just helpful
to get use to more standard tools, I personally use sudo which is
fairly independent and works to easily get root shells or run things
as root.
1988[21:26:29] <cws> If you're specifying options after the
command, its not the default invocation. I don't know how this
is so hard to comprehend.
1989[21:26:32] <jhutchins> EdePopede: It wouldn't matter if
an attacker got the root password or the password of a user that had
sudo access.
1990[21:27:07] <EdePopede> somiaj: yeah, i don't need it too
often with a root terminal open, but it really is convenient
(besides tabbing sbin entries)
1991[21:27:46] <EdePopede> jhutchins: does a keylogger work
without root access?
1992[21:27:56] <jhutchins> The main advantage of sudo is it
allows you to give specific users root permissions for _some_
commands, and log the commands.
1993[21:28:04] <somiaj> EdePopede: but when it comes to desktops,
each desktop might do things a bit different, xfce being more light
weight might not have all of this configured using polkit as a full
featured DE such as gnome/kde you might have things more configured
1994[21:28:34] <cws> jhutchins: I don't even use sudo to
grant root access to stuff. I use it to grant a shell or execute
certain commands as other non-root accounts, like a service account.
1995[21:28:38] <somiaj> same thing is true for those who use just
simple wm, in the gui world, there is a lot of variety, so unless
you are using some very big destkop, you may not have everything
easily setup though the gui
1996[21:28:45] <rangergord> jhutchins: for 99.9% of people it
just means "that word I gotta type before my command to make it
work"
1997[21:29:05] <greycat> cws: setpriv(1)
1998[21:29:07] <aminvakil> EdePopede: you can add /sbin to your
$PATH and you would be fine with "tabbing sbin entries"
1999[21:29:09] <EdePopede> wah gnome. a mostrosity. already the
gtk bits firefox comes with piss me off. and i dropped kde together
with suse years ago, iirc i didn't even make it to 4.
2000[21:29:40] <somiaj> EdePopede: sure but part of what you get
with a monstrosity is a more full featured DE, that you don't
have to additonally configure.
2003[21:29:49] <jhutchins> aminvakil: You do not need to add sbin
to your path, you need to use the correct format of the command.
2004[21:29:50] <rangergord> EdePopede: modern KDE is great.
It's like the Windows of Linux.
2005[21:30:10] <jhutchins> rangergord: I would not consider that
a positive endorsement.
2006[21:30:13] <EdePopede> aminvakil: sure, but i prefer to keep
things genuine. like i removed the predefined command aliases in
hexchat (some oddities are hardcoded unfortunately).
2007[21:30:16] <cws> greycat: never messed with that too much -
i'll check it out.
2008[21:30:24] <somiaj> EdePopede: though my advise is often
learn more core tools like su/sudo gives one a bit more freedom and
less requirements.
2009[21:30:25] <rangergord> jhutchins: that's cause
you're the gentoo of #debian
2010[21:30:35] <EdePopede> rangergord: why, did they remove all
the tweaks? ;)
2011[21:31:00] <aminvakil> jhutchins: not all binaries are
included in /usr/bin and /bin iirc (in debian buster at least)
2012[21:31:14] <EdePopede> somiaj: definitely. i only would like
to avoid 5 levels of commands to just get a root shell :/
2015[21:31:50] <rangergord> aminvakil: not even basic stuff like
usermod. So to get tab completion on "sudo usermod
<whatever", you gotta edit your bashrc and add sbin to PATH
2016[21:31:59] <rangergord> one of the QoL things that surprised
me when I came from Ubuntu
2017[21:32:00] <aminvakil> so for tab completion to work with
binaries in /sbin, that needs to be added to $PATH, right?
2018[21:32:05] <greycat> su and sudo are both designed to create
a new session with new privileges, for extended interactive use, so
they call PAM, they have whole PAM configs, they jump through all
kinds of hoops, log all kinds of stuff... you don't want that
when you're launching a daemon
2019[21:33:16] *** Quits: odnes (~odnes@replaced-ip) (Remote host closed the connection)
2020[21:33:23] *** Quits: jvwjgames (uid290762@replaced-ip) (Quit: Connection closed for inactivity)
2021[21:33:28] <jhutchins> aminvakil: The default paths are
configured the way they are for good reasons. If you use the correct
tools they work just fine.
2024[21:33:48] <jhutchins> If you're writing scripts, you
should ALWAYS use explicit full paths.
2025[21:33:50] <aminvakil> ah, now i see what you meant
2026[21:33:56] <greycat> jhutchins: NO.
2027[21:34:08] <greycat> That is the opposite of what you should
do.
2028[21:34:14] <aminvakil> i'm pretty sure debian has its
own reasons on what to include and not to include in $PATH by
default
2029[21:34:25] <greycat> !buster su
2030[21:34:25] <dpkg> In buster, su no longer overrides PATH by
default, requiring that you use "su -" or "su
-l" for login shells (which is not really a new thing at
all...). See
replaced-url
2031[21:34:36] <jhutchins> greycat: it's a policy
that's served me well across multiple operating systems.
2032[21:34:42] <greycat> aminvakil: you might think that, but it
would be unrealistically optimistic
2033[21:34:50] <aminvakil> greycat: :)
2034[21:35:05] <jelly> aminvakil, sometimes those reasons are
cargo-culted and debian is VERY VERY slow at changing default
settings
2035[21:35:24] <aminvakil> that doesn't suit me, so changing
.bashrc is one of first things i do when i install a new debian
2036[21:35:35] <jelly> and that's just fine.
2037[21:35:40] <greycat> Expected.
2038[21:35:45] <jelly> ping used to be in a sbin dir for a long
time
2040[21:36:01] <ratrace> because it was suid. now it grew fcaps
2041[21:36:14] <ratrace> and is no longer a ticking bomb
2042[21:36:20] <aminvakil> that's what i was trying to tell
EdePopede, but when jhutchins stated that "You do not need to
add sbin to your path, you need to use the correct format of the
command", i thought there is something that i'm missing
2043[21:36:25] <jelly> that's not a reason to keep it in
sbin
2044[21:36:39] <greycat> aminvakil: jhutchins is on crack today.
2047[21:37:17] <greycat> If you followed jhutchins's
strategy and used /sbin/ping in your scripts, then when ping moved
out of /sbin, all your scripts just broke.
2048[21:37:29] <jhutchins> greycat: I assume you're sayng NO
for portability to systems with different file locations.
2049[21:37:30] <aminvakil> greycat: :), well maybe they're
fine typing /sbin/command each and every time :P
2050[21:37:38] <jelly> ratrace, in fact, setuid explicitely,
deliberatly allows non-root to do things. It's useless for a
root-owned binary that is meant only to be run by root
2051[21:37:39] <EdePopede> i think i've also read something
around full path or not in the context of env shebangs. only
can't remember what.
2052[21:37:44] <greycat> jhutchins: even across debian releases
2053[21:37:47] <jelly> you know all that anyway
2054[21:38:16] <greycat> EdePopede: you may be thinking of
#!/bin/bash vs. #!/usr/bin/env bash
2055[21:38:22] <jhutchins> greycat: Maintain your shit, no
problems.
2056[21:38:43] <jhutchins> Read the changelogs.
2057[21:38:46] <EdePopede> greycat: not sure, is there also
something with the usage of env's path?
2058[21:38:49] <greycat> jhutchins: or do it correctly in the
first place and then you won't have to "maintain" it
every release
2059[21:39:15] <jelly> even "ip" used to be in /sbin
2060[21:39:29] <greycat> ifconfig still is
2061[21:39:34] <aminvakil> now i
2062[21:39:53] <jelly> and /usr may or may not exist or be a
symlink or whatever
2063[21:40:03] <aminvakil> now i'm getting what jelly and
greycat meant about "debian has its own reasons" i've
said before ...
2070[21:43:09] <ratrace> it's dumb any way you look at it.
zfs and zpool for example. essential for boot process? may be. but
also tools that are executed for informative reasons and don't
even require root
2077[21:44:32] <greycat> the distinction between bin and sbin is
the latter contains tools that are "designed to be used almost
exclusively by sysadmins"
2078[21:44:51] <greycat> whether they abort without root privs,
or not
2079[21:45:33] <greycat> "essential for booting" is
what separates /usr from /
2080[21:45:46] <ratrace> well, "essential for booting"
is what hier(7) says about sbin
2081[21:45:48] <greycat> because traditionally the /usr file
system may not be available early in boot
2084[21:46:11] <ratrace> which may or may not be reasonable in
2021. personally the "sysadmin" criteria also is weak
distinction
2085[21:47:17] <ratrace> some people (me included) just cram sbin
in the regular path because there's really no security
boundaryd there. just an annoyance where you need to use full path
to access the tools as non-root (and not using su/sudo)
2094[21:51:22] <greycat> I haven't really done any research
on the issue to see whether it would cause problems. I have no
objection to it on interface grounds.
2095[21:51:38] *** Lord_of_Life_ is now known as Lord_of_Life
2096[21:52:38] <EdePopede> don't forget that the 4 *bin
directories also do some sorting. having everything in a single
directory would create a horror scenario for every new user who
doesn't learn linux in a 6 month course.
2098[21:53:08] <aminvakil> fwiw it's been almost 8 years
since arch has done this,
replaced-url
2099[21:53:33] <jelly> well, another 8 years and debian might
catch up
2100[21:54:24] <jelly> we did have ifconfig by default for like
18 years after ip was declared replacement
2101[21:54:52] <ratrace> EdePopede: I'm not sure sorting is
relevant. and if there's clashes in naming ... well...
that'd be terrible as putting sbin onto PATH with bin is not
unusual for distros
2102[21:55:47] <EdePopede> ratrace: i'm glad i don't
touch linux in 2021 for the first time, but did so in the 90s
already. debian was 2 CDs back then instead of 16 DVDs.
2103[21:56:11] <ratrace> jhutchins did have a point with full
paths. not using full paths is what apparently caused this little
laughable gem:
replaced-url
2104[21:56:23] <EdePopede> and one of the tasks to understand and
know what it can do and actually does was to look at the programs i
could start.
2106[21:57:26] <ratrace> having been a *nix beginner once too,
I'm sure that wouldn't've made a difference too me.
it'd all be overwhelming one way or another :)
2107[21:57:26] <EdePopede> do a basic ham install, list the
binaries and remove everything from coreurils, bsdutils, util-linux.
(no X for the moment). how much would be left?
2109[21:58:08] <ratrace> I learned my *nix on gentoo and LFS. so
minimal {s}bin/ would really make no difference
2110[21:58:24] <EdePopede> the functionality of the default tools
was definitely. i used grep to filter some entries from some files
on the DOS partition, because MS FIND was just too stupid to do what
it was told to :P
2111[21:59:24] <ratrace> my first contact with *nix was a VAX
machine, but I got more involved with unix with BSD at uni. early
1990s.
2114[22:00:56] <EdePopede> LFS? all i had access to was what i
could buy in a kiosk or bookshop. and not all of them had linux
available. we have 2 in town which are part of publishing companies
(also in town) and another one mostly specialized on medicine, but
also had a nice niche with computer related topics.
2115[22:01:06] <EdePopede> lucky you!
2116[22:01:15] <ratrace> it wasn't until I ditched windows
in mid 2000s and started digging through gentoo and LFS, where I
learned the guts of linux and how it all works together
2117[22:01:43] <EdePopede> i always wished i could get my hands
on a real vt100 just to understand wtf this is with the textronik
window in xterm
2131[22:06:30] <EdePopede> ratrace: whas it the version with that
odd interface thingy in the corners?
2132[22:06:55] <HelloShitty> ratrace, What you mean? I'm
using my login right now
2133[22:07:23] <imMute> HelloShitty: when logrotate runs as root
~ likely refers to root's home dir, not your user's.
2134[22:07:26] <HelloShitty> You mean because I ran it with sudo?
2135[22:07:47] <HelloShitty> hum, ok but logrotate is not
"recognized" if I don't use sudo
2136[22:08:03] <greycat> if you use ~ in a sudo command, the
question is which shell does the tilde expansion, and what the value
of HOME is at that moment
2137[22:08:05] <imMute> HelloShitty: that's because
it's in a path that is not in your $PATH. like /usr/sbin/
2147[22:09:24] <EdePopede> ratrace: suse had it as preview in the
last version i used. 3.99pre or something, didn't even work as
propagated and was just odd.
2150[22:10:33] <EdePopede> ratrace: but some time later i
installed debian/kde4 on the computer of a guy who managed to drag
his radio from the firefox bookmark into a submenu and called me the
next day to fix it xD
2151[22:10:51] <ratrace> heh
2152[22:10:53] <EdePopede> the rest of the time i had nothing to
do with it, "it just worked"™
2154[22:11:19] <ratrace> KDE4 got a lot of flak because it
changed a lot of things badly
2155[22:11:32] <ratrace> things got better with plasma
2156[22:11:46] <jelly> HelloShitty, logrotate has a design issue
that basically makes it rotate each file once a day and not more
often, even if you call it more often
2157[22:11:50] *** Quits: sandeepsureshpan (uid194925@replaced-ip) (Quit: Connection closed for inactivity)
2160[22:12:22] <EdePopede> not the naming, such changes (as with
firefox) always confuse me and i usually don't get it sorted
into the known versioning scheme. Java2 also was similar iirc.
2161[22:13:03] <HelloShitty> jelly, even if you have seetings
like maxsize and the file grows bigger than that in less than a day?
2162[22:13:04] <ratrace> well "Plasma" changed the
versioning too.. it's basically 5.x but separated components
and the versioning is now all over the place
2217[22:24:48] *** Quits: szorfein (~daggoth@replaced-ip) (Remote host closed the connection)
2218[22:24:56] <ratrace> right right. so signal the whatever
daemon is creating that
2219[22:25:29] <HelloShitty> signal? Meaning that I need to
restart the application?
2220[22:25:33] <ratrace> logrotate(8) has pre or postrotate
commands you can use to do that, with examples
2221[22:26:03] <ratrace> HelloShitty: depends how the daemon is
written. nginx, for example, will use the HUP signal to reopen logs
2222[22:26:27] <HelloShitty> I have no idea what you are talking
about. :\
2223[22:26:28] <ratrace> a daemon must be written to handle a
signal (or some other way to "signal" it to reopen logs)
2224[22:26:45] <HelloShitty> Can I check that somehow?
2225[22:27:07] <ratrace> HelloShitty: it's simple. rotating
logfiles messes up teh file handle. whichever daemon had it open to
write into it, must be made to reopen the logfile
2227[22:27:19] <ratrace> HelloShitty: you can look into the
documentation or source code of the daemon that's writing the
logfile
2228[22:27:42] <HelloShitty> jeezzz
2229[22:28:02] <ratrace> well rotating logfiles and having
facilities to handle that is common with *nix daemons.
2230[22:28:23] <ratrace> if someone wrote whatever daemon
you're using, without that in mind.... well.... file a bug
report. or simply restart/reload the app
2246[22:31:28] <ratrace> HelloShitty: but really, you should look
into docs or source of the daemon. if it is not designed to handle
logfile rotation (via signal(2) or some other API), your only otehr
option is to restart it
2247[22:31:50] <HelloShitty> ok, will ask on their dev channel
2250[22:32:40] <ratrace> HelloShitty: another option, see if
using "copytruncate" logrotate.conf directive helps
2251[22:33:12] <ratrace> it truncates the same file in place
after creating a copy, instead of moving teh file and thus messing
up file handles. BUT it may cause log corruption
2275[22:39:14] <ratrace> also, steam has the ability to run
external games. maybe, just maybe, it does so with its own runtime
libc, in which case it could work
2276[22:39:22] <ratrace> darsie: and then steam has its own
runtime and libc
2277[22:39:39] <ratrace> and I see the game is certified to run
on linux. which means it _will_ run on debian's installation of
steam
2278[22:40:17] <ratrace> steam comes with its own runtime
environment and doesn't depend on silly distro differences and
lib versions.
2279[22:40:27] <darsie> A friend said buying on gog is good cause
it doesn't use DRM.
2280[22:40:59] <ratrace> well you got the options now. choose
whichever one you want.
2294[22:46:32] <ratrace> greycat: yes, steam "runtime"
is based on ubuntu 12.04. it's not as dirty as it sounds,
though, it's contained in a single directory
2312[23:00:49] <ratrace> EdePopede: what do you mean?
2313[23:01:13] <EdePopede> for example histappend is ignored. it
is off but it appends at quit
2314[23:01:53] <EdePopede> and then changing HISTCONTROL to
ignoreboth:erasedups works as expected only after another command is
executed and then the HISTCONTROL is set again
2315[23:02:42] <EdePopede> which is fine for a running shell but
because of the behaviour at quit it still dumps its content on top
of HISTFILE
2320[23:03:44] <EdePopede> 1 history -c && grep -vE
"^(#|$)" ~/conf/bash/HISTORY > $HISTFILE &&
history -r
2321[23:03:58] <EdePopede> that's my solution for this
machine, rebuild it from a clean source on request
2322[23:05:18] <greycat> What's the bug number?
2323[23:06:37] <EdePopede> i had the pleasure to see this live
again on the other PC because i fixed some startup values, fixed it,
then history -w, then opened it later in a terminal and all was fine
first. now even some of the entries i only used before logging into
X are doubled.
2324[23:06:57] <EdePopede> greycat: what bug number?
2325[23:07:17] <greycat> of your bug, which you've rambled
on about at length
2326[23:07:53] <EdePopede> what you call rambling was answering a
question. which usually is considered good behaviour.
2328[23:08:49] <oxek> EdePopede: I "fixed" that bash
issue by using zsh for interactive sessions (and running bash when
needed).
2329[23:08:57] <oxek> bash has really annoying handling of
history
2330[23:09:06] <EdePopede> besides that i would not even know
where to report it and even if i'd have to create a new account
every time
2331[23:09:25] <oxek> erasedups does not work the way you'd
expect in bash
2332[23:09:27] <oxek> and that's by design
2333[23:09:41] *** Quits: wintersky (uid453465@replaced-ip) (Quit: Connection closed for inactivity)
2334[23:10:25] <EdePopede> oxek: i wanted to look at zsh, also
csh years ago, but with bash being the default shell even 2 decades
ago i preferred to stay with one instead juggling with 3 of them
2335[23:11:02] <oxek> EdePopede: you don't need to switch,
you can run bash from zsh whenever you want
2336[23:11:04] <EdePopede> oh it does. only not when i set the
variable initially, could see it again right now.
2337[23:11:08] <oxek> but for interactive use, zsh is superior
2338[23:11:18] <greycat> !bts
2339[23:11:18] <dpkg> Bug Tracking System for Debian packages,
replaced-url
2340[23:11:21] <oxek> I don't know anything about csh
2341[23:11:42] <EdePopede> oxek: i prefer to stay with ONE tool
of a kind until i'm using it on a pro level
2342[23:12:22] <EdePopede> lost enough time trying to find a text
editor, a mail client, etc.. which fit my needs.
2343[23:12:25] <ratrace> I liked csh a lot, but hated the fact
you couldn't do things like for loops on the single line
2344[23:13:05] <EdePopede> you can learn spanish and russian at
the same time, but just don't try it with spanish, portuguese
and italian. won't work for most people.
2346[23:13:25] <oxek> EdePopede: in that case, I can only tell
you that this behavior you're observing in bash is annoying,
and is by design, and will not change
2348[23:14:21] <oxek> also, in case you end up with any mac
devices, they have zsh by default now, so zsh might be useful to
know
2349[23:14:58] *** Parts: audrey (~audrey@replaced-ip) ("«La genezaj amaskrioj por la gastoj de Lot reeÄ¥as en
nian propran tempon: ili estas same niaj krioj, nia sangosoifo; kaj
ili estos la krioj, la soifo de niaj posteuloj.»")
2350[23:15:32] <greycat> EdePopede: there's also
replaced-url
2352[23:15:59] <greycat> but if you have been in #debian for god
knows how many years and don't even know how the bug system
works, I don't have high hopes for you
2369[23:20:48] <oxek> bugs are always being stomped on, and new
bugs are being developed all the time as well :)
2370[23:21:04] <ratrace> Would You Like to Know More? :)
2371[23:21:06] <EdePopede> greycat: nice solutions, only just the
opposite of what i need. so i have to first run 3 commands from
history after login to get it working as i want it, then before
logout i better set HISTFILE= or to some unique name - or maybe even
from the beginning, so bash has no chance to write to the file.
tested this already, works pretty good. i only have to manually copy
commands i want to keep around for later
2372[23:21:06] <EdePopede> manually into the master file,
that's all.
2373[23:21:10] <oxek> ratrace: nice one :)
2374[23:21:16] <ratrace> ;)
2375[23:21:41] <EdePopede> oxek: mac? never.
2376[23:22:00] <oxek> EdePopede: you might get a "free"
mac machine for work
2377[23:22:25] <EdePopede> won't happen.
2378[23:22:42] <darsie> dpkg bullseye has this dead link:
replaced-url
2379[23:22:42] <dpkg> darsie: You are person #1 to send an
unparseable request
2386[23:23:44] *** Quits: tux-kenobi (~tux-kenob@replaced-ip) (Remote host closed the connection)
2387[23:24:22] <oxek> should we remove the comma from the
factoid?
2388[23:24:29] <EdePopede> oxek: i may switch to ARM something in
the future because Wintel and IME and all the crap, something where
debian will run, but i definitely won't buy a poisoned fruit.
2390[23:24:50] <cws> oh my lord, can we get past the vendor
bashing please? it stopped being cool 20 years ago
2391[23:25:00] <EdePopede> even if it's a raspi or something
similar, it's fine.
2392[23:25:43] <EdePopede> i have my reasons, it ain't
bashing. at least not for most people.
2393[23:26:26] <cws> if you can't make a statement without
leaning on edge-lord stuff like "poisoned fruit,"
you're not discussing, you're bashing.
2394[23:26:56] <EdePopede> seems you missed the news for many
years. right to repair, walled garden, nothing?
2395[23:27:18] <cws> Okay, those are actual statements. Welcome
to a fact-based discussion, its nice to have you with us.
2396[23:27:33] <EdePopede> there's a reason why i ditched XP
for Linux on this PC, at it was not only its annoying behaviour.
2397[23:27:48] <sney> darsie: IME bullseye is fine as a
desktop/laptop in its current state. haven't updated any
webservers yet, but I'd imagine it's similarly usable for
that. for best results, don't upgrade unless you are familiar
enough with debian tools to unbreak any problems that may arise.
2398[23:28:00] <cws> ps macs aren't walled gardens, and if
someone told you that, you should question their knowledge on the
subject
2399[23:28:26] <darsie> sney: thx. I want it as desktop and play
Surviving Mars.
2400[23:28:59] <darsie> Not sure if I'm familiar enough for
unbreaking. I'll bother you if the need arises ;).
2401[23:29:22] <sney> well, bother #debian-next on OFTC (note,
right now you are on freenode) - that's the official testing
support channel
2402[23:29:35] <darsie> interesting.
2403[23:29:35] <sney> I am there along with a few hundred others
2404[23:29:40] <darsie> ok
2405[23:30:32] <oxek> is the oftc channel active though?
2406[23:30:56] *** Quits: Christian75 (~Christian@replaced-ip) (Remote host closed the connection)
2424[23:41:01] <EdePopede> added something to Grub, but it had no
effect
2425[23:41:13] <EdePopede> does it have an option for this
setting?
2426[23:43:34] <oxek> EdePopede: what are you trying to achieve?
2427[23:43:51] <ratrace> EdePopede: looking at initramfs-tools
scripts, there doesn't seem to be a cmdline option used by
"keymap" and setupcon(1)
2428[23:44:12] <EdePopede> to have a proper environment after
start. everything works only the charset stays on latin1
2429[23:44:24] <ratrace> the keymap hook is placing setupcon(1)
into initramfs, but that uses teh configured
/etc/defaults/console-setup file which is also copied.
2430[23:45:11] <EdePopede> ratrace: i just add some options to
the grub entry. odd enough that i'm using the localized one and
still so many things must be set.
2433[23:46:23] <oxek> I'd be surprised if adding something
to grub entry would modify charmaps/locales
2434[23:46:38] <KNERD> I set up a web site on apache. I see the
ownership is "root" but there is no access issues with the
site. SHouldn't that be "replaced-url
2435[23:47:04] <oxek> modifying /etc/default/console-setup
CHARMAP works here, just verified by running setupcon afterwards and
switching to the linux console
2436[23:47:05] <cws> KNERD: its actually best if the content of
the site is not owned by
replaced-url
2437[23:47:05] <darsie> Is it ok to upgrade to bullseye from
xorg?
2438[23:47:35] <oxek> darsie: really a question for #debian-next
on irc.oftc.net
2439[23:47:40] <darsie> k
2440[23:48:57] <KNERD> cws: oh okay. thanks. I need to have a non
root user to have writable access to a folder. I guess I need to
change that to
replaced-url
2456[23:54:00] <ratrace> KNERD: WP also has a cli tool you can
use for upgrades.
2457[23:55:48] <KNERD> ratrace: but I need to have the user have
write access to that web root directory. I don't know of any
other way than by making it a part of a group so it can install the
module by FTO
2458[23:56:19] <KNERD> I am trying to get a module installed and
it wants FTP
2459[23:56:37] <KNERD> unless the cli allows for module install
from it
2460[23:57:13] <ratrace> the cli tool allows all administration
be done, module installation, upgrades
2462[23:57:42] <ratrace> that way you can separate running user
from PHP files owner, which increases security a LOT. most intrusion
vectors I've seen with WP was modification of own PHP files
2463[23:57:56] *** Quits: b1anc (~user@replaced-ip) (Remote host closed the connection)
2464[23:58:02] <KNERD> but to get the WP installed
2465[23:58:05] <ratrace> then you designate specific directories
where WP may write content/cache to, but still not be able to modify
its PHP files
2467[23:58:31] <ratrace> HOWEVER ... if you require the WP Admin
UI be used, then the runnin user must be able to modify its own PHP
files, yes. that's the worst you can do with WP