33[00:49:08] <alexrelis[m]> Why is VLC included in the default
repositories in Debian, but not in the default repository in Fedora?
Does VLC use non-free codecs? Or is it a matter of paying royalties?
48[01:05:24] <somiaj> alexrelis[m]: vlc is debian main, so it
meets the DFSG, this of course means non-free codecs are not
included and royalities aren't being paid.
49[01:05:42] <somiaj> alexrelis[m]: though as for why fedora
doesn't include it, yea not a question for here.
50[01:05:47] <abrotman> alexrelis[m]: a quick google
didn't turn up much .. has it been part of previous releases?
51[01:05:57] <abrotman> or perhaps they're focused on
another player
52[01:06:17] <somiaj> could be just like debian, without
someone to volunteer their time to matain/package the software it
won't be included
57[01:09:49] <KNERD> abrotman: That's why you don't
use Goolag
58[01:10:45] <KNERD> I do beleive Debian labels
"non-free" as those apps/drives which are closed source
but free to use, which is why I wonder about the name itself
99[02:18:07] <somiaj> KNERD: debian has optional repos, contrib
is free software that depends on non-free software, and non-free is
software is software that debian can distribute free of charge, that
doesn't meet the DFSG
189[04:16:10] <somiaj> Seems to work here, but I didn't
test it too deeply. I didn't notice any bug reports similar to
what you describe (well I only saw one bugreport against the
package)
218[04:37:10] <solrize> hi i have a gigantic .7z archive with
about 500,000 files inside, all in a single directory and i'm
trying to extract it and the extraction gets slower and slower, i.e.
i wonder if directory operations on ext4 get slower with the number
of files in the dir. any idea, and is there anything i can do about
this, like maybe use a different fs?
219[04:37:30] <solrize> alternatively i can do some hacky thing
like keep moving files out of the target dir while the extraction is
in progress
220[04:37:40] <solrize> the extraction has some hours to go
probably :(
237[04:49:22] <alkisg> solrize: if you have ample disk space,
and you think that's specific to ext4, you could create a
huge/sparse loopback.btrfs or .zfs file, mount it, and extract there
238[04:49:51] <solrize> hmm that's an interesting idea, i
might try that, i can add another (virtual) disk on this box
239[04:50:01] <solrize> thanks
240[04:50:05] <alkisg> np
241[04:50:41] <alkisg> (since it's a virtual disk, you can
just format it with btrfs/zfs, no need for a loopback file)
243[04:51:47] <solrize> interesting idea. it's debian, is
zfs in the distro now?
244[04:52:11] <alkisg> No idea I haven't played with it.
Isn't the userspace one available everywhere?
245[04:52:41] <solrize> i dunno, i remember ages ago there was
some issue. also is btrfs good now? for a long time it was
considered a work in progress
246[04:53:17] <alkisg> Again not sure (using ext4 everywhere
:D), but I think that it's "stable enough, with minor
glitches"
247[04:53:26] <solrize> ah fair enough
248[04:53:51] <alkisg> !zfs
249[04:53:51] <dpkg> ZFS (originally Zettabyte File System) is a
file system / logical volume manager developed by Sun Microsystems
(replaced-url
250[04:53:55] <alkisg> !btrfs
251[04:53:55] <dpkg> Btrfs (B-tree file system) is a copy on
write filesystem for Linux, aimed at implementing advanced features
while focusing on fault tolerance, repair and easy administration.
Merged in mainline at Linux 2.6.29, utilities are packaged in
btrfs-tools.
replaced-url
252[04:54:01] <alkisg> Let's read the bot's wisdom...
:)
253[04:54:21] <solrize> well that's knowledge, but
it's not exactly wisdom ;)
256[04:58:37] <earendel> advancing. back to sea.
replaced-url
257[05:00:53] <earendel> you know the universe expanded from
some origin at a point to the size of an orange, at the _same_scale_
as from the size of the origin, to the observable size now?
260[05:02:26] <earendel> when i realized. i thought we might
really journey more into the micocosmos (if not via astral
chakras:p) .. i mean. all that adventure on that carpet!
283[05:27:53] <alkisg> solrize: in another case where the fs was
too strained, I found that running this command in another terminal
tab worked around the issue:
284[05:27:53] <alkisg> while sleep 1m; do sync; echo 3 >
/proc/sys/vm/drop_caches; done
298[05:44:21] <solrize> writing maybe 1GB a minute to the disk
which is an SSD
299[05:44:26] <warsoul> how i add this to my terminal
300[05:44:27] <warsoul> ?
301[05:45:30] <solrize> i've shut off the server for now,
am going to resize to a smaller VM and a bigger disk since i
don't feel like paying for a 4 core vm and using just 1 core ;)
311[05:50:40] *** Quits: werneta (~werneta@replaced-ip) (Remote host closed the connection)
312[05:52:01] <alkisg> solrize: it empties the kernel disk
cache; which means it doesn't lose any data at all, it's
safe; I've seen that in some cases, when the kernel disk cache
has many many entries, it can cause disk access to become 100 times
slower than it should
334[06:25:47] <MrHatter123> I just ran grub-install /dev/sda and
grub-install /dev/sdb on an mdadm RAID1 , but didn't run
update-grub aftwards, now I can't boot off either drive, what
is my quckest way to repair ?
335[06:26:11] <somiaj> !fixmbr
336[06:26:11] <dpkg> To reinstall <GRUB> boot to your
Debian install disk/live CD, switch to the other console (Alt-F2),
mount your root filesystem (mount -t ext4 /dev/whatever /target ;
mount --bind /dev /target/dev ; mount -t proc none /target/proc ;
mount -t sysfs none /target/sys), chroot into it (chroot /target),
run "mount /boot/efi" on EFI and "update-grub
&& grub-install /dev/whatever". See also <rescue
mode>, <dual boot guide>, <supergrub>.
337[06:26:29] <somiaj> MrHatter123: do you ahev access to a live
image or debian install image, that would be the easiest if you do.
338[06:28:51] <MrHatter123> somiaj, yes, thx, I will try this
off a knoppix disk
339[06:29:24] <MrHatter123> can i do this from a debian
installer ?
340[06:35:35] <MrHatter123> I am reading that I can boot into
rescue mode from the debian installer and reinstall grub there ?
341[06:37:57] *** Quits: Z4CHe (uid496478@replaced-ip) (Quit: Connection closed for inactivity)
364[07:11:00] *** Quits: Masterphi (~Masterphi@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
365[07:12:44] <somiaj> MrHatter123: you can do it from anything
you can boot a linux kernel form, the debian installer's rescue
mode autmoates a bit of the setup (mounting the filesystems and
chrooting).
366[07:13:11] <somiaj> MrHatter123: so yea, the knoppix would
have worked, some people like grml as it provides a nice resuce disk
for things
371[07:18:09] <unixbsd> there is a bug in live-boot, debian
cannot mount a UFS2 once initrd image launched. the ufs2 mount is
looking for a modules, but live-boot hasnt it into the modules.
Please fix the bug, kindly.
382[07:31:36] <solrize> i have this hacky file shuffling script
working so i'm gonna just let it run and it will split out the
files into 50 or so directories of 10,000 files each
386[07:32:23] <solrize> i made an xz tarball which gave almost
no compression, but 7zip compressed to about half the original size,
no idea what's going on with that
410[08:03:22] <nkuttler> Aurora_v_kosmose: can it be built with
debug symbols?
411[08:03:38] <nkuttler> !package recompile
412[08:03:38] <dpkg> 1) Add a <deb-src> line for your
current release to your sources.list 2) apt update; apt install
build-essential devscripts fakeroot; apt build-dep packagename 3) as
any user, apt-get source packagename 4) cd packagename-version/; ask
me about <debian/rules>; 5) dpkg-buildpackage -uc -us 6) as
root, apt install ../packagename-version.deb. Ask me about
<debian/rules>, <nocheck>, <nostrip>, <apt-get
source>.
413[08:04:06] <Aurora_v_kosmose> nkuttler: It's plain C, so
I'd assume it can.
414[08:05:50] <Aurora_v_kosmose> I'll try that a bit later,
sounds like it'll take longer than I can allocate just now.
415[08:06:57] *** Quits: maggotbrain (~maggotbra@replaced-ip) (Remote host closed the connection)
422[08:13:14] <jelly> Aurora_v_kosmose, if it comes from
debian.org repo
423[08:13:19] <jelly> !dbgsym
424[08:13:19] <dpkg> Packages that end in '*-dbgsym'
contain the symbols required for debugging executables and
libraries. The dbgsym packages are automatically generated packages
that are in a separate archive; add a line like "deb
replaced-url
425[08:13:53] <jelly> ^ those autogenerated -dgbsym are
replacing -dbg packages, and are in a separate repo now
435[08:28:02] <solrize> alkisg, squashfs lets you mount a 7zip
archive? interesting
436[08:28:41] <solrize> i'm after the high compression
mostly for archiving and distribution purposes.... if someone
downloads it they can unpack into some more convenient form
437[08:28:49] <solrize> i split it out to about 50 tarballs of
2GB or so each
438[08:28:53] <solrize> with 10000 files in each one
439[08:28:55] <alkisg> solrize: no, I thought you were
recompressing the 7z to xz, and I proposed .squashfs instead, which
you can loop-mount as it's a file system, not just an archive
440[08:29:19] <solrize> i guess i should read about that
445[08:30:19] <solrize> Aurora_v_kosmose, i would have thought
so, but 7z seems to compress a lot more. maybe i made some error.
i'll mess with it some more in the coming days
447[08:30:33] <Aurora_v_kosmose> Ah, might be an lzma vs lzma2
thing
448[08:30:44] <solrize> hmm not sure
449[08:31:14] <Aurora_v_kosmose> Huh. Seemingly not. Both seem
to implement it. Curious.
450[08:31:19] <solrize> 7za also uses multiple threads so
it's faster if you're only making one archive at a time
451[08:31:51] *** Quits: marko1325 (~Thunderbi@replaced-ip) (Remote host closed the connection)
452[08:32:04] <solrize> but once i get all this stuff in one
place i'll just do a bunch of separate archives in parallel
453[08:33:13] <solrize> any idea how tmpfs works? i.e. is it a
regular disk-like fs on a ramdisk? or is it more of an in-memory
structure, and particularly does it use hashing or whatever
454[08:34:57] <Aurora_v_kosmose> tmpfs usually has a set size.
455[08:35:01] <solrize> 7z is compressing a lot better than zip
456[08:35:12] <Aurora_v_kosmose> Its a ramdisk afaik
457[08:35:27] <solrize> yeah it's a ramdisk but can grow to
the size of memory, spill into swap etc
458[08:35:59] <solrize> in this case i have a 32gb machine and
the individual archives are 2gb each so tmpfs holds them nicely if i
only work on a few at a time
508[09:32:50] <unixbsd> hey guys I tried initrd with ufs.ko, all
is nicely working to support ufs2. But... please fix that bug into
live-boot. Live boot cannot in init premount mount the ufs
filesystem. please fix it ... I need tto boott my live from netbsd.
521[09:35:17] <unixbsd> I just need to boot mz
filesystem.squashfs from usf
522[09:35:19] <unixbsd> ufs
523[09:35:35] <ratrace> unixbsd: certainly you do. otherwise you
won't be able to login and do other things without extensively
modifying your os
524[09:35:51] <unixbsd> i run in ram
525[09:36:19] <unixbsd> you know: live-boot
526[09:36:21] <ratrace> the medium is irrelevant. many default
operations require writable rootfs. so you either have a broken
system or you have to extensively modify that
527[09:36:33] <unixbsd> you dont understand
528[09:37:02] <ratrace> sounds like you're desperately
trying to turn debian into freebsd. so why not just run freebsd. it
has linuxulator, you can run linux only programs, in most cases.
529[09:37:11] <unixbsd> I talk about a custom live
530[09:37:26] <ratrace> unixbsd: well whatever. your question
has been asnwered. no ufs.
531[09:37:39] <unixbsd> of course, there is ufs
532[09:37:55] <unixbsd> the bug fix is to be made into live-boot
533[09:37:56] <ratrace> yes, there exists the kernel module.
there does not exist userland support you'd expect.
534[09:38:11] <unixbsd> the kernel module is fine.
564[09:44:32] <ratrace> frojnd: backports is packages from
testing made available for stable. or more precisely from
debian-next to debian-stable. then from debian-stable to
debian-oldstable (stretch-backports)
565[09:44:57] <ratrace> frojnd: in case of Buster (Stable) you
can have the 5.10 kernel, if that fixes your problem, if you install
it from buster-backports repo.
566[09:45:03] <unixbsd> just recompile, you need bison and bc,
vanilla kernel is power and useful.
567[09:45:10] <ratrace> no, don't do that
568[09:45:31] <frojnd> ratrace: I would only install new kernel
if it won't mess with my current stuff
569[09:45:40] <ratrace> you should compile your kernel if, and
only if: a) you know how to, b) you know WHY you have to
570[09:45:42] <frojnd> Or is better to just switch to backport
571[09:46:11] <frojnd> ratrace: no I don't know. Because I
don't know if this will solve the dreaded messages I'm
seeing
573[09:46:30] <ratrace> frojnd: afaik there was an issue with
ZFS not supporting 5.10 but zfs from backports is 2.x.x now so if
you use ZFS you can have the support. If you use nvidia, that might
also requrie a bump to backports, but you should be running nvidia
from backports anyway, if you use nvidia proprietary
574[09:46:30] <frojnd> But thank you for suggestions on how to
upgrade kernel
575[09:46:47] <frojnd> I have amd cpu
576[09:46:51] <frojnd> And I don't have GPU
577[09:46:53] <ratrace> frojnd: that was to mean do NOT compile
the kernel if you don't know how or why. you can easily just
install 5.10 from backports
578[09:47:19] <ratrace> frojnd: any other DKMS driver that would
require a check for 5.10 compatibility?
579[09:47:56] <unixbsd> for FILESYSTEM in squashfs ext2 ext3
ext4 xfs jffs2 dir
580[09:47:56] <frojnd> ratrace: no I don't think so
581[09:48:01] <unixbsd> ok I got the bug
582[09:48:10] <unixbsd> I will fix it myself man
583[09:48:18] <unixbsd> man, debian needs really my help
590[09:49:00] <frojnd> ratrace: so I enable backports repository
update and install 5.10 or it will install automatically after
enabling backports repository?
591[09:49:08] <ratrace> frojnd: then it should be safe to
upgrade the kernel. you can always revert, mind you. assuming
that's a local system you have access to the grub menu and can
select previous kernel if things break.
592[09:49:14] <shtrb> frojnd, you need to manually install what
you like
593[09:49:37] <frojnd> ratrace: no that's a VPS somewhere
far far away
594[09:49:39] <shtrb> frojnd, before installing make sure your
boot have enough disk space
595[09:49:49] <ratrace> frojnd: after enabling the backports
repo you need to use -t for apt, and for _install_ only. do not use
-t for upgrade! unless you know you want to upgrade ALL the
packages.
596[09:50:02] <ratrace> frojnd: so in this case apt install -t
buster-backports linux-image-amd64
597[09:50:20] *** Quits: obengdako (~obengdako@replaced-ip) (Quit: This computer has gone to sleep)
598[09:50:30] <ratrace> frojnd: ah yes, VPS ... but it has
virtual console so you should have access to grub?
599[09:50:39] <frojnd> ratrace: yeah I believe so
600[09:50:54] <shtrb> ratrace, why not to even setup a apt
preferences to prevent auto select from newer packages ?
603[09:51:48] <shtrb> ratrace, I was under the impression that a
package would be selected if it has higher version number ...
604[09:51:50] <ratrace> `apt upgrade` wihtout forcing -t
buster-backports will not upgrade existing packages to their
versions from backports
605[09:52:48] <ratrace> `apt upgrade` will continue to upgrade
packages installed from backports with newer versions from
backports, without using -t buster-backports
607[09:53:02] <frojnd> Ok so 1) Add backports repo 2) run apt
install -t buster-backports linux-image-amd64 3) then how to
normally upgrade whole system without backports
608[09:53:10] <ratrace> just `apt upgrade`
609[09:53:13] <frojnd> Ok
610[09:53:29] <ratrace> frojnd: it WILL upgrade that kernel from
backports, when a new one arrives to backports
613[09:55:01] <ratrace> unixbsd: that's awesome, really.
you demand we do free work for you and you're not willing to
contribute the free work you did, for someone else who might need
that feature. you win ten internets, and two RMS awards.
614[09:55:30] <ratrace> but no harm really. I think you're
maybe the only user on the planet who wants ufs in initramfs for a
debian live system :)
615[09:57:16] <oxek> huh? initramfs has a filesystem in it?
616[09:57:49] <ratrace> oxek: well yes, it has kernel modules
and userland support for each filesystem mountable as rootfs
617[09:58:14] <oxek> I think I expressed myself wrong
619[09:58:39] <frojnd> Did I correctly add repo to the
/etc/apt/sources.list ?
replaced-url
620[09:58:52] <oxek> yes, initramfs contains support for
mounting other filesystems, but does it have a filesystem itself? I
thought it's just a bunch of files concatenated.
621[09:58:59] <oxek> or something as simple as that
622[09:59:29] <ratrace> frojnd: you already have it enabled it
seems, third deb line from the top
623[09:59:36] <frojnd> After running update I get warnings:
replaced-url
624[09:59:57] <ratrace> frojnd: right because you already had it
enabled
635[10:05:12] <ratrace> frojnd: if it happens again, then my bet
would be on the host being overwhelmed and not being able to give
sufficient time slices to the guest kernel
637[10:06:13] <ratrace> frojnd: you can also see this via
"steal" time in top . and if you have some kind of server
monitoring ala munin or zabbix, it probably picks up that statistic
as well
638[10:07:20] *** Quits: matrixbot_bartab (~matrixbot@replaced-ip) (Quit: Bridge terminating on SIGTERM)
644[10:14:40] <Trieste> Hi, I have this weird issue where when
my system boots up, my apps (in docker) claim that they can't
connect to postgres ("connection refused"), but it's
enough just to `systemctl restart postgresql`. Any idea why could
that be? What could change by a simple restart? Or is this more of a
#postgresql question?
652[10:24:13] <Trieste> humm, well it said "active
(exited)", but it does so now as well... And there is a
"Started PostgreSQL RDBMS." line around 6am today, *but* a
line that says "postgresql.service: Succeeded." only
appears around 10:12 when I issued the restart, which is confusing
655[10:26:10] <ratrace> Trieste: postgresql.service is just a
dependency "meta" service. look up
postgresql@11-main.service and related journal entries
656[10:26:11] <Trieste> and postgresql's own logs
don't seem to indicate anything off either
replaced-url
663[10:28:34] <ratrace> Trieste: actually those logs are a bit
telling
664[10:29:02] <Trieste> yup it is :) I think I know enough now,
thanks for the nudge
665[10:29:07] <ratrace> after the events of 06hr CEST, you have
a shutdown request at 10:12, meaning the server WAS active, and I
assume that's teh "restart" you issued then?
667[10:29:42] <ratrace> but look at the events of 06hr,
it's struggling to listen on localhost .... that's dumb
docker. terrible piece of softwrae. who knows what else it breaks
and borks
668[10:29:55] <Trieste> yep, but more importantly there's a
"could not bind IPv4 address "172.17.0.1": Cannot
assign requested address" - I assume because postgresql starts
sooner than the network initializes
669[10:30:05] <ratrace> and you have a WAL redo! that's...
just.... wow :) I'd burn all that with nuclear fire.
670[10:30:13] <Trieste> docker is dumb :(
671[10:30:21] <Trieste> err, what's a WAL redo?
672[10:30:30] <ratrace> Trieste: yes, sooner than the namespaces
makes 127.0.0.1 available
673[10:30:32] <Trieste> and why should I be worried
674[10:30:57] <ratrace> Trieste: Write Ahead Log. lines 20-22.
it means postgres detected corruption and is replying logs last
found in the WAL
675[10:31:04] <Trieste> ratrace, *172.0.0.1
676[10:31:15] <ratrace> this happens when it's shut down
abruptly, ungracefully, mid transaction, ala power-loss or other
such events
677[10:31:25] <ratrace> Trieste: oooh yeah, 172!
678[10:31:34] <Trieste> ratrace, oh I see, well that's to
be expected unfortunately, the system was killed by my VPS provider
who had an outage
680[10:32:37] <Trieste> well one last thing, do postgresql logs
like that just not go into journald (by default?) or am I looking in
the wrong place again
681[10:33:05] <ratrace> Trieste: so anyway, seems like that
172... address was not found and bound to. but it is for the 10hr
CEST restart
682[10:33:31] <ratrace> I am assuming that your original issue,
"connection refused" used that (172) subnet?
683[10:33:41] <Trieste> exactly
684[10:34:08] <ratrace> Trieste: by default on Debian, postgres
is configured for a log in
/var/log/postgresql/postgresql-<cluster version>.log
685[10:34:17] <ratrace> "11-main" is the cluster
version by default on debian
686[10:34:23] <ratrace> on *buster
687[10:34:32] *** Quits: kakaka (~koniu@replaced-ip) (Remote host closed the connection)
688[10:35:03] <ratrace> Trieste: but the journal will have
issues pertaining to (re)starting the service itself, so it's
really two logs that are of interest
971[16:14:50] <ratrace> if something's outdated based on a
_number_ in version, doesn't mean a thing. if your agile
(cr)app is updating every 12 hours, bumping versions, you'll
get pretty far between two debian releases
992[16:19:55] <fakuve> I go an check , I cannot do a symbolic
link to there
993[16:19:55] <mtn> j5v1: change your dns there
994[16:20:03] <ratrace> j5v1: eh... gnome removed that too it
seems.... they keep removing useful functions from release to
release. pretty soon all that'll remain is the
"Activities" button and nothing else.
995[16:20:04] <greycat> well, if you don't have a program
called 'node' in your PATH, then that is what will happen.
996[16:20:26] *** Scotty_Trees is now known as Scotty_Mines
997[16:20:42] <oxek> the activities button will be removed as
well
1049[16:25:21] <oxek> j5v1: why not just use dnscrypt-proxy and
be done with all this nonsense?
1050[16:25:28] <fakuve> ratrace: cause I'm using some
software that is actually not running properly
1051[16:25:36] <ratrace> j5v1: yes, somewhat. ask googls for
details
1052[16:25:43] <fakuve> I need the last version, don't know
why Debian is outdated about that
1053[16:25:56] <j5v1> oxek, im fine doing that as well, just dont
know how to set that up
1054[16:26:04] <greycat> !sns
1055[16:26:04] <dpkg> Shiny New Shit Syndrome is a serious
disorder, which usually breaks out into an epidemic every time
something new is released. If you have SNS, ask me about
<backports> and <ssb>; these are better options than
upgrading to <testing> because it is a <moving target>.
1056[16:26:05] <ratrace> fakuve: what specifically from the
latest version? I ask because some users often think they need
"latest" but they don't really.
1057[16:26:07] <greycat> *plonk*
1058[16:26:12] <oxek> j5v1: the github repo has all the info you
need
1059[16:26:20] <ratrace> except, of course, because newer is
shinier :)
1060[16:26:24] <j5v1> fakuve, debian is inteneded to be stable.
to get the latest version you need to binary the binary from their
site
1061[16:26:38] <j5v1> go to the nodejs site and they have
precompiled binaries
1062[16:26:42] <imMute> fakuve: if you want the latest software
all the time, then Debian might not be your best bet...
1063[16:27:03] <ratrace> fakuve: so my question here is, if
you're 100% certain that a newer version contains something you
really need, then the effort is justified. otehrwise it is not and
you're jumping through hoops unnecessarily
1064[16:27:05] <fakuve> Well I love Debian so far didn't
have any problem with packages
1065[16:27:12] <fakuve> appart of ZFS , and now this
1083[16:29:57] <j5v1> fakuve, just use windows if you dont want
to do things the unix way, theres nothing wrong with doing
development on windows if its easier for you to set up. node is
cross platform
1084[16:29:57] <greycat> I wouldn't go down that road,
personally.
1085[16:29:59] <imMute> fakuve: but you can't make
/usr/bin/env/node a symlink because /usr/bin/env already exists, but
as a file, not a directory
1086[16:30:15] <j5v1> same with most of the node development
tools (such as vscode)
1089[16:30:33] <greycat> imMute: the bigger issue here is he
clearly has NO CLUE WHATSOEVER how unix scripts and shebangs work,
which is just mortifying in a developer
1090[16:30:35] <ratrace> env just returns stuff from PATH anyway
so....
1104[16:32:03] <greycat> imMute: well, they came in here, gave
the error message, I told 'em it means they don't have
node in their PATH, and ... that should have been all they needed to
hear. It wasn't, apparently.
1105[16:32:20] <j5v1> if you just want to develope node programs,
and dont want to set up the path variables or deal with juggling
multiple versions and path variables, you can use mac or windows
1106[16:32:33] <fakuve> j5v1: Dont talk to me like that
1107[16:32:41] <ratrace> or debian and `apt install` it once and
for all
1108[16:32:46] <greycat> But instead of heeding what they were
told, they somehow COMPLETELY twisted the message around in their
head, didn't LOOK at the file system or anyuthing, and just
ASSUMED it meant they were supposed to have a file named
/usr/bin/env/node which makes NO sense at all
1109[16:32:50] <fakuve> j5v1: if you are not ready to be in a
freenode channel support then /exit
1110[16:32:51] <greycat> So god damned frustrating.
1111[16:33:13] <imMute> greycat: I agree - that's the
refusal to learn part I referenced.
1112[16:33:37] <j5v1> it is good support advice though, you
should choose whichever tech gets the job done most easily
1113[16:33:53] <ratrace> wait 'till someone recommends to
curl | sudo bash the latest nvm for bootstrapping.....
1114[16:33:54] <j5v1> you dont have to use linux to program in
node
1115[16:34:02] <j5v1> its cross platform
1116[16:34:18] <jelly> fakuve, if you install stuff using npm,
you're outside the OS packaging system; setting up PATH and
other environment may have to be different from packaged stuff and
possibly manual
1117[16:34:30] <j5v1> if youre building web apps, in some ways
youre better off doing this on windows or mac
1118[16:34:39] <ratrace> j5v1: the what
1119[16:34:44] <j5v1> since youll want to test using the lastest
versions of chrome on those platforms
1120[16:34:45] <fakuve> j5v1: shut the fuck up man
1121[16:34:53] <fakuve> you are talking shit
1122[16:35:06] <jelly> fakuve, mind the language tho, and focus
on the technical issue
1123[16:35:17] <fakuve> jelly: well this guy is attacking me
1124[16:35:26] <fakuve> Is there any mod in the channel?
1125[16:35:29] <ratrace> latest version of chrome is available on
debian. now, if you want to be sarcasming and suggesting somoene is
not "ready" for linux, the arguments are wrong.
1126[16:35:29] <oxek> "attacking"
1127[16:35:35] *** ChanServ sets mode: +o jelly
1128[16:35:36] <j5v1> ive literally not attacked you in any way
1141[16:36:28] <fakuve> That is not good , to start with
1142[16:36:30] <jelly> "use tool X" is not an attack,
even when X is window
1143[16:36:33] <jelly> windows*
1144[16:36:41] <fakuve> you sending me to use windows
1145[16:36:54] <jelly> bad tech advice are not attacks.
1146[16:36:58] <greycat> I wouldn't advocate using Windows
either, but that's just me.
1147[16:36:59] <j5v1> look for a book to improve on the
fundamentals of linux and unix, that will help a lot
1148[16:37:22] <fakuve> jelly: is this guy your friend?
1149[16:37:34] <fakuve> I just cant stand someone talking this
1150[16:37:40] <fakuve> and getting away with it
1151[16:37:44] <jelly> fakuve, that's _your_ problem, not
ours
1152[16:37:57] <fakuve> You let this people give advice in your
channel?
1153[16:37:58] <jelly> keep it to tech stuff, please
1154[16:38:10] <fakuve> instead of keeping it friendly?
1155[16:38:21] <fakuve> Fair enough
1156[16:38:27] <ratrace> the drama is just one apt install away
from resolving itself.
1157[16:38:31] <imMute> fakuve: j5v1 might be rough in the
delivery, but he's right that you have a decent amount of
"foundational" linux learning to do still. suggesting you
use some other OS if it's more familiar to you is valid.
1158[16:38:47] *** ChanServ sets mode: -o jelly
1159[16:38:52] <greycat> When one sees an error message of the
form "/usr/bin/env: 'zagnut': No such file or
directory", it means "a program called /usr/bin/env was
looking for zagnug and did not find it". More to the point,
with /usr/bin/env *specifically*, there's a 99% chance it means
you ran a script that had "#!/usr/bin/env zagnut" as its
shebang line. It means you're supposed to have a program called
zagnut somewhere in
1160[16:38:58] <greycat> your PATH.
1161[16:39:25] <ratrace> aye
1162[16:39:35] <greycat> The immediate diagnostic step that you
take is to run "type zagnut" to see whether you do, in
fact, have a program by that name in your PATH.
1163[16:40:02] <greycat> Or else you remember "Oops, I
forgot I had to install zagnut first. Let me go do that."
1164[16:40:20] <j5v1> fakuve, try this command if you are having
PATH issues:
1165[16:40:26] <ratrace> enter "which type" abbott
& costello confusion
1173[16:41:19] <greycat> j5v1: that is not the best place to
change PATH, but I understand why you're taking the
easy-but-wrong answer with this kind of querent.
1174[16:41:22] <ratrace> I'd prefer greycat's method of
symlinking to ~/bin/
1175[16:41:42] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
1176[16:41:47] <j5v1> yes, the symlink would be the most optimal
approach
1177[16:42:05] <ratrace> also, ~/.bashrc only affects the bash
shell. there may be tools that want node on the PATH ousside of a
shell
1178[16:42:26] <oxek> greycat: is it possible that /usr/bin/env
does not find 'zagnut', but `type zagnut` does?
1179[16:42:51] <j5v1> ratrace, good point
1180[16:42:57] <greycat> The most likely cause for *that* would
be that you ran the type command in a different shell from the one
where you ran the script that gave the error.
1181[16:43:30] <oxek> yeah, that came to me as the only
explanation for such behavior
1182[16:43:46] <greycat> (E.g. the script is actually invoked by
some Desktop Environment launcher doohicky and not an interactive
shell, and they have different PATHs)
1190[16:48:22] <fakuve> The solution was to `sudo apt install
nodejs` , and then use the package which is a version
"manager" `nvm install node` this will update `node -v`
from the Stone Age ish v10.24 to a more decent v16.1.0
1192[16:50:37] <fakuve> Some people code or use `JS` some people
do it in `C` . Some people have a better understanding of `linux`
some others are a bit more noobs . But no need to send someone to
`Windows` and `VS-code` for prejudging . Don't think you
are semi-gods of Computers
1193[16:50:53] <fakuve> We are here to help the noob
1194[16:51:26] <ratrace> "16:38 < ratrace> the drama
is just one apt install away from resolving itself."
1200[16:54:35] <ratrace> fakuve: also, "the noob"
refuses to understand that debian version is not "stone
age" really and numbers per se don't mean anything
1204[16:57:27] <j5v1> version 1.0 to 10.0 took about 10 years,
while 10.0 to 16.0 took about 2. versions numbers get very bloated
for mature projects to convince people the tech has changed
dramatically when it really hasnt
1205[16:57:35] <j5v1> for nodejs
1206[16:58:31] <ratrace> precisely. especially for
"agile" development models that bump a version every two
hours, probably even have `git commit` in a crontab
1213[17:00:53] <j5v1> its sad really how bad version number bloat
has gotten. firefox went from version 1.0 to 3.0 in 4 years, and
then 3.0 to around 90.0 in around 12 years
1255[17:21:29] <dpkg> OFTC is the Open and Free Technology
Community, a support/collaboration service. They have an IRC
network: irc.oftc.net. You may (or may not) be connected to
OFTC's network.
replaced-url
1256[17:21:47] <somiaj> !oftc move
1257[17:21:47] <dpkg> irc.debian.org moved to OFTC on June 4th
2006, see
replaced-url
1264[17:25:31] <greycat> sounds like it *didn't* succeed
1265[17:25:34] <coc0nut> unixbsd, i think youre more likely to
get your question answered in this channel :p been on both this one
and oftc #debian and the oftc channel is pretty quiet
1266[17:26:14] <arkalpha> isn't that "apt pinning"
when it does that? not sure
1267[17:26:47] <greycat> pinning just breaks the whole system,
doesn't cause a single version of a single package to be
reinstalled repeatedly
1272[17:27:51] <greycat> jblack: what Debian release, what
package, what version of the package, and what does apt actually
*say* when this error happens?
1273[17:27:57] <jblack> one thing that we see (and there is some
funkiness going on I haven't mentioned), is that the same
package version is listed more than once in teh version table for
apt policy for the package
1281[17:30:25] <greycat> And you forgot to bump the version
number in your locally built package. That's why. Apt considers
foo-1.2 from an official repo to be better than foo-1.2 that you
built. So make yours foo=1.2+me or something.
1282[17:30:52] *** Quits: ecsim (~Thunderbi@replaced-ip) (Remote host closed the connection)
1292[17:37:05] *** Quits: ecsim (~Thunderbi@replaced-ip) (Remote host closed the connection)
1293[17:37:18] <Peyam> I have usb port on my screen. my screen is
connected to a hp dockingstation. using debian my keyboard that was
connected to the usb port on my screen no longer worked
1324[17:55:43] <cluna> Hi Peyam, in the terminal if you execute
dmesg -c and after connect keyboard and execute dmesg, you can see
if keyboard is detected
1334[18:08:22] *** rustbuck1 is now known as rustbuckett
1335[18:08:49] <sappheiros> the 'dict' package had no
entry for 'schola'. Would you recommend a better
dictionary? or something I can do to increase its scope?
1336[18:08:52] *** Quits: catman370 (~catman@replaced-ip) (Quit: See you later..)
1337[18:09:03] <sappheiros> (i tried 'dict schola' in
uxterm after installing the package)
1347[18:11:05] <sappheiros> ah, i guess I should install that one
also -- is that the equivalent of Apple having info about their OS
included in their Dictionary app?
1348[18:11:08] <greycat> that's the first one in the
Suggests: for dictd
1349[18:12:05] <sappheiros> oh, it appears dict and dictd are
different >_<
1350[18:12:21] *** Quits: MrFixIt (~Sam@replaced-ip) (Remote host closed the connection)
1356[18:15:43] <sappheiros> Is there a place that logs package
installation history so you can review changes you've made
since installing Debian10 to a fresh hard drive?
1357[18:17:30] *** Quits: securethemews (~securethe@replaced-ip) (Remote host closed the connection)
1399[19:03:36] <alexrelis[m]> sney: Wow. Then this guy made up a
flat out lie.
1400[19:03:37] <somiaj> you could (though I don't see what
you would gain outside of confusion) put an appimage inside a .deb,
though this would be only for personal use and app images do not
meat debian policy.
1401[19:03:52] <sney> why would someone do that, just go on the
internet and tell lies
1402[19:04:05] <alexrelis[m]> sney: lol
1403[19:04:16] <alexrelis[m]> One of those AppImage diehards.
1406[19:05:50] <alexrelis[m]> My concern was that there is no way
to centrally update them, and then I read from the person that you
can do it via apt or dnf. If apt ever includes this functionality
though (and if there was some AppArmor or SElinux hardening
involved), I would be inclined to support it over flatpak.
1407[19:06:41] <alexrelis[m]> Only because such a thing would
integrate so well with existing setups. I could imagine someone
being overwhelmed with choices as to what format they should install
things in.
1409[19:08:13] <somiaj> maybe one day some decent way to build
distro indepdenent packages will be created, but in the end most
will not be offically supported by debian.
1410[19:08:29] <somiaj> alexrelis[m]: why not use snap or flatpak
which already contains tools for this?
1414[19:09:23] <maxrazer> Part of the reason I like Debian over
Ubuntu is the not using snaps.
1415[19:09:56] <maxrazer> Debian unstable or arch makes a good
desktop setup. I think FreeBSD is good for server; BTW.
1416[19:10:08] <alexrelis[m]> somiaj: I use flatpak for things
like Element that need to be updated consistently. But just recently
a friend of mine is interested in using GNU/Linux and now I have to
explain to him all of these software distribution methods.
1418[19:10:51] <somiaj> Yea, this is partly one of the reasons
desktop software on linux is always a pain, there really isn't
a good (imo) way for developers to develope packages that cover all
linux distros. And it isn't reasonable for a developer to have
to make a package for each distro out there.
1419[19:11:05] <maxrazer> I think something in the BSD world
allows you to download delta data only for package upgrades.
1420[19:11:08] <alexrelis[m]> But I see the appeal if it was done
by apt. You can add trusted third party "AppImage" repos
without having to worry about dependency conflicts and they update
every time you run `apt update && apt full-upgrade`.
1421[19:11:35] <somiaj> alexrelis[m]: apt will never do this
feature, apt is meant for downloading and install .deb packages
only.
1422[19:12:14] <maxrazer> App images will probably just be
treated like downloading an executable without any image or package.
Just put it somewhere and link it in how you like.
1423[19:12:45] <maxrazer> If you build from source or download an
executable sometimes it has no image or package. It just works.
1424[19:12:48] <alexrelis[m]> somiaj: Maybe the original team
won't do it, but a fork of apt could. I don't think
it's impossible.
1425[19:12:54] <somiaj> Yea, it is more the windows method, which
unless the appimage contains a way to upgrade it inplace, you have
to go download the new version once it was released.
1426[19:13:16] <alexrelis[m]> somiaj: But that's my point.
1427[19:13:23] <somiaj> alexrelis[m]: I really hope no one forks
apt for this, apt is a front end to dpkg, it is designed and meant
to install .deb packages.
1429[19:13:42] <maxrazer> I've seen .deb packages where the
application notifies you in the application that there is a newer
version and you click the link and it takes you to the software
website and you download the new .deb package. That works pretty
well.
1430[19:13:50] <alexrelis[m]> If it integrated with apt, then you
can centrally update AppImages without having the user install the
executable every time.
1431[19:14:05] <alexrelis[m]> maxrazer: It works well, but
it's a pain.
1432[19:14:25] <maxrazer> I think app-image is just used for
people who don't quite have the ability to make packages,
people who are on the edge of support.
1433[19:14:54] <maxrazer> That is generally a small number of
people/projects I think. Most get some way to make packages. I
don't know how, but people who develop a lot seem to figure it
out.
1434[19:15:20] <maxrazer> I think there is that open build system
that Suse has.
1435[19:15:23] <somiaj> maxrazer: not quite, some upstream just
don't want to have to create packages for each and every linux
distro. Having a central method is nice.
1436[19:15:45] <maxrazer> What about that Suse open build system?
If I understand it helps automate building packages for all the
distros.
1438[19:16:32] <maxrazer> I see a lot with just .deb or .rpm,
which tends to cover things. Then arch will have an in-house
solution.
1439[19:16:34] <somiaj> Haven't looked into that, and maybe
one day some standard method will be used. Though I think
snap/flatpak are more in line of a good method vs appimages.
1440[19:16:59] <maxrazer> Arch can pretty much convert .deb to
their format. If you release .deb and .rpm that covers just about
everything.
1441[19:17:17] <somiaj> since they already provide some central
repository tools to install/upgrade/manage the packages from a
central source rather just download manually.
1442[19:18:23] <maxrazer> Even if the packages are .deb they
won't necessarily be in the Debian repository.
1443[19:18:32] <alexrelis[m]> somiaj:
1444[19:18:32] <alexrelis[m]> > Though I think snap/flatpak
are more in line of a good method vs appimages.
1445[19:18:32] <alexrelis[m]> A good method because you can
centrally update them. But if AppImages integrated with apt or dnf
with proper hardening then you gotta admit, that would be cool.
1446[19:18:32] <somiaj> maxrazer: it is a bit more complicated
than that if you want to actually follow policy and use shared
libaries instead of static linked.
1447[19:18:46] <alexrelis[m]> And no, I'm not saying that
AppImages should be in the official Debian repos.
1448[19:18:57] <alexrelis[m]> I'm talking in the context of
third party repos that developers ca nmake.
1449[19:19:27] <maxrazer> I guess you would have to start adding
a lot of repositories sources. At times I have added a lot of those.
It isn't as many as the PPA's though. They do that a lot.
1450[19:19:44] <somiaj> alexrelis[m]: again this isn't going
to happen, hence why snap/flatpak was created. People using
appimages should use snap/flatpak if they want to make use of some
central repo and upgrading capibilities
1451[19:20:15] <maxrazer> I generally find that if a software is
open source and widely used it will end up with a package maintainer
and in the Debian repo. If not Debian then it will be in Arch and
using Arch is an option.
1452[19:20:18] <somiaj> personally I don't see anything
inheritally better about appimages vs snaps or flatpak's, they
are all trying to solve a similar problem.
1453[19:20:55] <alexrelis[m]> Sure, but then they have to deal
with running three commands, and you have to deal with the confusion
that a user may have as to which method they should install a
program.
1454[19:21:03] <maxrazer> I like Appimages because they are
separate from the management systems. They are more similar to just
downloading a binary executable.
1455[19:21:15] <alexrelis[m]> But anyways, I believe this is
going in circles, so I'll stop.
1456[19:21:50] <maxrazer> I download binary executable or build
from source all the time. I just put it in a home directory and then
put a script in my path which links to that.
1459[19:24:06] <maxrazer> I use /usr/local/bin/ for scripts which
will then point to /opt/ or /home/username/bin
1460[19:25:05] <greycat> I wouldn't point from /usr/local to
/home/someone/ -- that's backwards. You're exposing your
private work-in-progress stuff to the wider system.
1461[19:25:27] <greycat> /usr/local/bin to /opt/foo/bin is fine,
though
1462[19:26:25] <maxrazer> I checked and right now I don't
have anything in /home/username/bin or that folder. I have done that
in the past.
1463[19:27:02] <maxrazer> Ok, I'll try to keep with that and
use opt.
1465[19:31:30] <maxrazer> It looks like packages put the script
in /usr/bin and I put scripts in /usr/local/bin
1466[19:31:41] <maxrazer> And they all point to
/opt/appname/executable
1467[19:32:20] <maxrazer> I used to add to the $PATH, but
realized I could use /usr/local/bin and use the current $PATH
1468[19:33:29] <greycat> scripts don't point to things; they
either wrap them (and you'd need an actual change of some kind
to justify a wrapper), or you just make a symlink
1469[19:33:48] <maxrazer> Well, they make a call to something.
1470[19:34:01] <maxrazer> You don't want to call that point.
1471[19:34:17] <greycat> so you have /usr/local/bin/foo = exec
/opt/foo/bin/foo "$@" ? That's a waste. Just use a
symlink instead.
1473[19:34:42] <maxrazer> You know I debated using a bash script
vs. symlink and did use symlinks at one time.
1474[19:35:10] <maxrazer> What I found was that bash scripts
allowed more flexibility at least for some applications because I
wanted to call that executable with specific arguments.
1475[19:35:24] <maxrazer> So, I just started using bash scripts
for everything.
1476[19:35:41] <greycat> If you're adding an argument, then
yeah, the wrapper script is perfect.
1487[19:38:37] <maxrazer> But I found out some years ago that I
couldn't add arguments on the command line to my bash script. I
kind of expected it to just work.
1496[19:47:49] *** Quits: Grldfrdom (uid391113@replaced-ip) (Quit: Connection closed for inactivity)
1497[19:48:14] <greycat> rowbee: the 5.x kernels use a much
larger PID space
1498[19:48:30] <rowbee> yeah i got kernel.pid_max = 4194304
1499[19:48:39] <greycat> uname -r
1500[19:48:48] <rowbee> 5.8.16
1501[19:49:01] <greycat> so, yeah, that's not a Debian
kernel...
1502[19:49:24] <rowbee> i built it with a few patches for my
weird hardware, but i got it from apt source linux-image-amd64
1503[19:49:35] <greycat> But the official Debian kernels
(buster-backports or bullseye) have the same enlarged PID space.
1504[19:49:41] <rowbee> gotchu
1505[19:49:53] <rowbee> thanks for the answer
1506[19:50:21] <maxrazer> You are right to point out the quotes I
was forgetting them actually on the "$@" and probably
thought you were using them for the message only. But they are
there. I think I would probably remember if I started to type the
script though due to context.
1507[19:51:10] <maxrazer> Or, maybe not.
1508[19:52:06] <greycat> Then the reminder was perhaps helpful.
1514[19:56:28] <wald0> im trying to send a bug to debian using
the reportbug cli tool but my gmail fails to connect, how i can send
it (the saved report) using my gmail interface now?
1517[19:59:17] <wald0> well, let me try to just send it to the
details included in the log file
1518[19:59:41] <wald0> question: what is a recommended friendly /
fast tool for reporting bugs to debian ?
1519[20:01:05] <lpancescu> hi, how can i remove packages
installed a few days ago via apt build-dep?
1520[20:02:34] <mentor> lpancescu: They can be removed as any
other package
1521[20:03:01] <lpancescu> wald0: the only tool for reporting
bugs in debian (that i know of) is reportbug - not necessarily
friendly, and you normally need to be able to send email from that
system
1547[20:30:40] <lpancescu> mentor: i managed to find the log in
/var/log/apt/history.log, with a little vim editing i could get a
package list. apparently mk-build-deps -i is the better way, as it
creates a new package depending on the packages you wanted, and
which you can lter remove to remove all
1548[20:30:45] <lpancescu> thanks
1549[20:34:54] <longshot> What's the difference between
linux-image amd64 and amd64-unsigned packages?
1550[20:35:25] <towo`> the unsigned ones would not boot with
secureboot
1554[20:35:57] <longshot> Is there any time that would be
preferred?
1555[20:37:15] <longshot> Like if you don't have secureboot
or it's disabled it would just ignore the signature, right?
I'm not thinking of any cases where you would explicitly need
the signature to be absent.
1556[20:37:20] <lpancescu> not really, as the signed kernels will
boot on every system, while the unsigned won't
1573[21:00:05] * greycat wonders why google-chrome-stable is showing a
green (Update :) in the upper right corner but there're no new
packages in the Google repo when I apt-get update.
1574[21:03:14] <somiaj> greycat: have you restarted
google-chrome-stable since you installed the most recent package?
1575[21:03:36] <somiaj> I only know that with chromium, that
green arrow appears if the binary on the machine doesn't match
the one that is running.
1576[21:04:25] *** Quits: polymorphisme (~Thunderbi@replaced-ip) (Remote host closed the connection)
1579[21:06:03] <greycat> I'm ... not 100% sure. I know I
upgraded and then downgraded and then re-upgraded on Tuesday,
because Peacock stopped working then, and I was trying to pinpoint
why. I thought I restarted under the re-upgraded version.
1580[21:06:48] <greycat> Hmm, OK. Help shows .93 and dpkg -l
shows .212.
1583[21:11:38] <somiaj> and I think chromium only notitce the
difference between running version and binary on the machine if you
run the new binary and then it opens up a tab/window using the
current running binary. So it won't notice right away if the
binary version has changed or not.
1584[21:12:15] <greycat> Yeah, I restarted this thing two days
ago and it didn't notice until now.
1585[21:12:17] <somiaj> I assume google-chrome does something
similar.
1671[22:13:51] <zathras> On Buster + xfce4 I see Chromium haveing
issues with printing. Often but not always (!) the printer does not
get recognized. How can I analyze and fix this please?
1672[22:14:05] <Thete> dang, I really didn't want to have to
use ubuntu, thanks guys
1692[22:36:12] <deadrom> hi. when sharing with samba , I try to
access the share from win10 or another deb10 machine and they both
don't let me, wrong password. I set the password with smbpasswd
for that user. what could be wrong?
1693[22:36:14] *** Quits: kristijonas (~kristijon@replaced-ip) (Remote host closed the connection)
1699[22:42:03] <wald0> lpancescu: thats the big problem, what if
people cannot send emails from this computer? (most of people?),
debian will not receive bugs?
1707[22:44:43] <lpancescu> wald0: i didn't design the
system, many debian tools were continuously developed, but show
their age. i don't find ubuntu's launchpad better
1714[22:46:34] <mutante> if you can use any SMTP server.. then
the users should be able to mail, no?
1715[22:46:38] <lpancescu> wald0: i think you can generate a text
file that you can paste. but confuring exim4 or postfix as a
satellite, to only send emails is not *that* complicated, debconf
helps
1716[22:47:06] <lpancescu> configuring^
1717[22:47:19] <sney> or generate the bug report, stick it on
some removable media, and email it to submit@bugs.debian.org the
same way you'd send any other mail
1718[22:47:24] <sney> it is just text output
1719[22:47:29] <mutante> wald0: the example there shows how to
use gmail to mail out with reportbug
1720[22:47:58] <mutante> basically the users have to run
reportbug --configure
1730[22:52:59] <lpancescu> it's about usability, i think.
you can click a form, or you can rtfm about the tags recongnized by
bugs.d.o. to mark bugs as duplicates, signal you provided a patch,
mark it as a security issuem, as duplicate, etc.
1731[22:53:09] *** Quits: wallacer (~quassel@replaced-ip) (Quit: No Ping reply in 180 seconds.)
1732[22:53:11] <greycat> I'd say those are questions with
very different answers across the range of humans.
1751[23:04:14] <lpancescu> greycat: for headless servers, you are
very likely right - would prefer email-based over using bugzilla
from lynx
1752[23:06:06] <ratrace> why would you even want to report bug
from a server...
1753[23:08:04] <ratrace> why is your server even allowing free
roaming through shells, running browsers (sic!) or having the
ability to send an email unless it's an MX server itself
1757[23:12:26] <lpancescu> if it's a web server, you
probably want wordpress to be able send emails, and shells are not a
problem if you only offer ssh to root and https for users
1759[23:14:50] <ratrace> which means your server is not locked
down and you're DoingItWrong(tm)
1760[23:15:04] <doubletwist> so 2 mostly stock debian buster
systems. Same /etc/apparmor.d/usr.sbin.ntpd, both in enforce mode.
One ntp works fine, the other it fails unless I set it to compain
mode. Why?
1761[23:16:03] <ratrace> doubletwist: pretty sure the audit trail
tells you why
1762[23:16:12] <ratrace> the denial is literally in the logs
1789[23:35:03] <ratrace> doubletwist: welp, looking through the
profile I can't see where the problem is. it permits network
dgram ops, so that denial makes no sense...
1790[23:35:42] *** Quits: sappheiros (~sappheiro@replaced-ip) (Quit: please pray for me)
1791[23:36:25] <ratrace> doubletwist: unless it requires more
specific rule. what if you edited /etc/apparmor.d/usr.sbin.ntpd and
added network inet dgram, network inet6 dgram, right below
"network dgram" on line 31 ?
1801[23:42:23] <doubletwist> hrm, would sssd or a difference in
nsswitch.conf affect that? That's one of the few differences
between the boxes. One is using sssd for AD auth and the other
isn't, so nsswitch.conf is different (only adding
'sss' to the passwd/shadow/group/service/netgroup entries
1802[23:43:10] *** Quits: lavendereyes (~lavendere@replaced-ip) (Remote host closed the connection)
1803[23:43:13] <doubletwist> I wouldn't expect so but
(shrug)
1805[23:43:43] <ratrace> I wouldn't either. that denial is
about dgram sendmsg, which should be permitted by namesrvice
abstraction's "network..." stanzas
1808[23:44:36] <ratrace> dunno. stock apparmor profiles are
atrocious and in many cases too wide open. I prefer writing my own,
but unfortunately for this case, I don't use ntpd and I
don't have one for it
1811[23:48:21] <deadrom> expanded raid5 set from 3 disks to 4,
went fine, but xfs_growfs /mnt/array does nothing. the manpage says
needs to be run on the mount point, but says data size unchanged,
skipping
1813[23:49:35] <deadrom> I tried xfs_growfs -d , no difference, I
tired -d /dev/md0p1 , that says "no XFS filesystem on
md0p1" (which is bogus, the fs at md0p1 mounts fine, but with
the old size
1818[23:51:37] <deadrom> now here it I think this suggest to run
xfs_growfs on /dev/md0 instead, but I am hesitant as it contrdicts
the manpage.
replaced-url