date:20170723

Ken Heard composed on 2017-07-23 23:20 (UTC-0400):

> All your suggestions require that I be able to boot the computer and
> log on as root from a tty, but as already explained I cannot do that.
>  For rescue mode I need access to the original /etc directory.  I
> looked for a way to do that but could not find one.

Have you tried reading the rescue section of the manual?
https://www.debian.org/releases/stable/amd64/ch08s07.html.en

After booting the rescue media, you must mount the Stretch root filesystem if
the rescue startup didn't do that already for you. Figure out which one it must
be using 'fdisk -l'  or 'gdisk -l'. If it appears to be /dev/sda3, then do:

mount -t -o rw auto /dev/sda3 /mnt

If successful, the Stretch /etc/ will be found at /mnt/etc/.
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: Installed Stretch, but no command line

2017-07-23 Thread Ken Heard

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2017-07-23 19:08, Felix Miata wrote:
> Ken Heard composed on 2017-07-23 18:25 (UTC-0400):
> 
>> Felix Miata wrote:
> 
>>> Ken Heard composed on 2017-07-23 12:21 (UTC-0400):
> 
 Ctrl-alt-F1 shows the blank screen which appears at the end
 of the boot.  I think the problem is that what appears on
 opening tty2 to tty5 should appear in tty1 but for some
 reason does not -- instead the blank screen.
> 
>>> /etc/systemd/system/getty.target.wants/getty@tty1.service
>>> probably says
> 
>>> TTYVTDisallocate=yes
> 
>>> Changing to
> 
>>> TTYVTDisallocate=no
> 
>>> should on subsequent boots leave init messages on tty1, but 
>>> plymouth may need to be purged for that to happen.
> 
>> I tried that, but after I entered my /home password the boot
>> continued and then stopped.  After waiting fifteen minutes or so
>> I concluded that the machine hanged.
> 
> All my installations have that set to no, so it's very surprising
> to me that this could happen.
> 
>> I tried using the recovery mode from GRUB, but that hahged the
>> machine as well.  I then tried rescue mode from the installation
>> disk.  If it is possible to use that to put the Yes back, I could
>> not figure it out.
> 
>> What do I do now?
> 
> If you had made a copy before your edit it would be a simple matter
> to rename it. :-(
> 
> That said, that file is a plain text file. Any editor available in
> rescue mode can put it back once the Stretch / partition is
> mounted. Try nano first, which for most people is much more
> intuitive than traditional Linux editors like vi.
> 
> Something to try first: append plymouth.enable=0 to the kernel
> cmdline for an otherwise normal boot. Also try appending a 3, which
> should block startup of the GUI login manager, but also should make
> normal ttys 1-6 available.
> 
All your suggestions require that I be able to boot the computer and
log on as root from a tty, but as already explained I cannot do that.
 For rescue mode I need access to the original /etc directory.  I
looked for a way to do that but could not find one.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iEYEARECAAYFAll1Z4kACgkQlNlJzOkJmTcEBwCfVxnS23IHBAGapqU101rroo1x
kz8An0btbyvXRwRIgG5MM7P9EW6wap5s
=mJ6U
-END PGP SIGNATURE-

Re: video driver - new thread

D. R. Evans composed on 2017-07-23 17:52 (UTC-0600):

> D. R. Evans wrote:

>> I am 99+% sure that the proprietary driver is being used, because the screen
>> looks quite different during the boot sequence, and slightly different once I

> I have discovered that if I open a console after switching to the NVIDIA
> driver, the text is huge.

The NVidia driver /directly/ affects only Xorg, not the vttys.

That said, a very likely explanation for the huge text is that the proprietary
nvidia driver installation resulted in placement of the string nomodeset on the
kernel cmdline via a reconfiguration of /boot/grub/grub.cfg at the least and
probably also /etc/default/grub. Checking kernel cmdline content can be done
with 'cat /proc/cmdline' or inspecting the top few lines of the Xorg.0.log file.

A brief test here, without any installed proprietary anything, and with nothing
on the kernel cmdline to affect video modes anywhere, except for nomodeset,
shows the result of

ll /dev/fb*

to be

ls: cannot access /dev/fb*: No such file or directory.

and the vttys to be running in 80x25 ("giant") text mode. Translated, lack of
/dev/fb* means there is no framebuffer for the kernel to use to produce the
nominal default size 16 vtty text in a likable physical size using a mode
appropriate for a 1920x1200 display. As long as a proprietary driver needs
kernel modesetting disabled, then to have something other than 80x25 on the
vttys requires /something/ to select what configuration will be used via the
kernel cmdline.

To find the mode currently in use on a vtty, normally a simple

fbset

works.

> I tried this solution (for Arch; I saw some posts about Debian, but nothing
> that seemed to be a definitive solution):

> https://wiki.archlinux.org/index.php/GRUB/Tips_and_tricks#Setting_the_framebuffer_resolution

> and added the following two lines to the grub configuration file:

> GRUB_GFXMODE=1280x1024x16,1024x768,auto
> GRUB_GFXPAYLOAD_LINUX=keep

> that had the effect of making the font considerably better during booting, but
> I no longer saw a graphical login screen, and switching manually to the :0
> display with ctrl-alt-F7 just gave me a blank screen. (I chose the
> 1280x1024x16 number more or less at random, just to try it and see what it
> looked like.)

I wouldn't expect those lines to override X in Jessie. Which DM is installed,
GDM? SDDM? LightDM? KDM?

> So I have removed those two lines, and returned to having a massive console
> font (but a working desktop), but am wondering what the right way is in debian
> jessie to get a more reasonable size of font on the console while still having
> a desktop.
The cited URL has more to offer than what you reported. It shows a fallback to
deprecated vtty mode control via the vga= option, thus:

"GRUB_CMDLINE_LINUX_DEFAULT="quiet splash vga=792"

Testing Jessie here, vga=792 produces "undefined mode number". 791 produces 16
bit 1024x768, a much more agreeable text size than 80x25. 794 produces 16 bit
1280x1024, so smaller yet text. 1920x1200 is not possible via vga=, as it's
limited to VESA standard modes, none of which are widescreen.

> FWIW, my (KDE) desktop resolution is 1920x1200.

While David Wright's method of controlling text on the vttys is valid, it's a
lot simpler for people who don't use the vttys much to control their vtty modes
via kernel cmdline, thus Grub.
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: video driver - new thread

2017-07-23 Thread David Wright

On Sun 23 Jul 2017 at 17:52:19 (-0600), D. R. Evans wrote:
> D. R. Evans wrote on 07/22/2017 11:48 AM:
> 
> > I am 99+% sure that the proprietary driver is being used, because the screen
> > looks quite different during the boot sequence, and slightly different once 
> > I
> 
> I have discovered that if I open a console after switching to the NVIDIA
> driver, the text is huge.
> 
> I tried this solution (for Arch; I saw some posts about Debian, but nothing
> that seemed to be a definitive solution):
> 
> https://wiki.archlinux.org/index.php/GRUB/Tips_and_tricks#Setting_the_framebuffer_resolution
> 
> and added the following two lines to the grub configuration file:
> 
> GRUB_GFXMODE=1280x1024x16,1024x768,auto
> GRUB_GFXPAYLOAD_LINUX=keep
> 
> that had the effect of making the font considerably better during booting, but
> I no longer saw a graphical login screen, and switching manually to the :0
> display with ctrl-alt-F7 just gave me a blank screen. (I chose the
> 1280x1024x16 number more or less at random, just to try it and see what it
> looked like.)
> 
> So I have removed those two lines, and returned to having a massive console
> font (but a working desktop), but am wondering what the right way is in debian
> jessie to get a more reasonable size of font on the console while still having
> a desktop.

I use setfont. One advantage is that you can set different fonts
on different consoles. Having xfonts-terminus installed, I use

alias my-font-vast='setfont Lat15-Terminus32x16'
alias my-font-huge='setfont Lat15-Terminus28x14'
alias my-font-large='setfont Lat15-Terminus24x12'
alias my-font-medium='setfont Lat15-Terminus20x10'
alias my-font-small='setfont Lat15-Terminus14'
alias my-font-tiny='setfont Lat15-Terminus12x6'

and I have the bash function

my-font-usr-share-consolefonts

set up so that I can use command completion to remind me where
the fonts are. This function loads an arbitrary font (by file
completion) from that directory. The meat of the function is
local FILENAME="$(basename "$1")"; setfont "${FILENAME%%.*}"

Cheers,
David.

Re: dovecot-sieve upgrade overwrote configuration

2017-07-23 Thread Gene Heskett

On Sunday 23 July 2017 17:10:14 deb...@respiranto.de wrote:

> Hi,
>
> I use unattended-upgrades in order to keep my Debian stretch server up
> to date.
>
> This morning, an update for dovecot-sieve was installed among others.
> Previously, I had modified /etc/dovecot/conf.d/90-sieve.conf. During
> the update, the file was simply overridden by the (probably new)
> default configuration file, which I do not consider expected
> behaviour.
>
> In the log, I got via mail, I see:
>   Setting up dovecot-sieve (1:2.2.27-3+deb9u1) ...
>   Replacing config file /etc/dovecot/conf.d/90-sieve.conf with new
> version
>
> The respective file is not part of the package itself, rather it
> appears to be installed as specified in
> /var/lib/dpkg/info/dovecot-sieve.postinst, particularly by:
>   ucf --three-way /usr/share/dovecot/$conffile /etc/dovecot/$conffile
>   ucfr dovecot-sieve /etc/dovecot/$conffile
> where $conffile equals to `conf.d/90-sieve.conf'.
>
> Apparently, ucf is supposed to present some options to the user, none
> of which will obviously be chosen by unattended-upgrades. If the
> upgrade was to fail for this reason, unattended-upgrades would be
> supposed to run `dpkg --force-confold --configure -a' due to the
> default setting `Unattended-Upgrade::AutoFixInterruptedDpkg "true"'.
>
> Does somebody have an explanation or a future-proof solution for the
> depicted?
>
> I should probably note, that a 90-sieve.conf.ucf-dist appears to have
> been in place already before the recent upgrade.
>
> I somewhere found the idea to add
>   Dpkg::Options {
> "--force-confdef";
> "--force-confold";
>   }
> to 50-unattended-upgrades, however I doubt it applies to files not
> listed as conffiles.
>
>
> Greetings,
>  respiranto

I get bit that way occasionally, so in self-defense, I've been known
to "sudo chmod +i name-of-file", which makes such a file immutable.
If the update finds its hands tied, if it thinks its version is super 
important, then it can either log the squawk, email admin fussing about 
it, or just go away.  Most will not fuss, just leave a -distro or -new 
sitting beside the active file.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page

Re: video driver - new thread

2017-07-23 Thread D. R. Evans

D. R. Evans wrote on 07/22/2017 11:48 AM:

> I am 99+% sure that the proprietary driver is being used, because the screen
> looks quite different during the boot sequence, and slightly different once I

I have discovered that if I open a console after switching to the NVIDIA
driver, the text is huge.

I tried this solution (for Arch; I saw some posts about Debian, but nothing
that seemed to be a definitive solution):

https://wiki.archlinux.org/index.php/GRUB/Tips_and_tricks#Setting_the_framebuffer_resolution

and added the following two lines to the grub configuration file:

GRUB_GFXMODE=1280x1024x16,1024x768,auto
GRUB_GFXPAYLOAD_LINUX=keep

that had the effect of making the font considerably better during booting, but
I no longer saw a graphical login screen, and switching manually to the :0
display with ctrl-alt-F7 just gave me a blank screen. (I chose the
1280x1024x16 number more or less at random, just to try it and see what it
looked like.)

So I have removed those two lines, and returned to having a massive console
font (but a working desktop), but am wondering what the right way is in debian
jessie to get a more reasonable size of font on the console while still having
a desktop.

FWIW, my (KDE) desktop resolution is 1920x1200.

And if I execute
  hwinfo --framebuffer
I get:



root@homebrew:/home/n7dr# hwinfo --framebuffer
02: None 00.0: 11001 VESA Framebuffer
  [Created at bios.459]
  Unique ID: rdCR.jdAEt395qn6
  Hardware Class: framebuffer
  Model: "NVIDIA GK208 Board - 2131"
  Vendor: "NVIDIA Corporation"
  Device: "GK208 Board - 2131"
  SubVendor: "NVIDIA"
  SubDevice:
  Revision: "Chip Rev"
  Memory Size: 14 MB
  Memory Range: 0xe900-0xe9df (rw)
  Mode 0x0300: 640x400 (+640), 8 bits
  Mode 0x0301: 640x480 (+640), 8 bits
  Mode 0x0303: 800x600 (+800), 8 bits
  Mode 0x0305: 1024x768 (+1024), 8 bits
  Mode 0x0307: 1280x1024 (+1280), 8 bits
  Mode 0x030e: 320x200 (+640), 16 bits
  Mode 0x030f: 320x200 (+1280), 24 bits
  Mode 0x0311: 640x480 (+1280), 16 bits
  Mode 0x0312: 640x480 (+2560), 24 bits
  Mode 0x0314: 800x600 (+1600), 16 bits
  Mode 0x0315: 800x600 (+3200), 24 bits
  Mode 0x0317: 1024x768 (+2048), 16 bits
  Mode 0x0318: 1024x768 (+4096), 24 bits
  Mode 0x031a: 1280x1024 (+2560), 16 bits
  Mode 0x031b: 1280x1024 (+5120), 24 bits
  Mode 0x0330: 320x200 (+320), 8 bits
  Mode 0x0331: 320x400 (+320), 8 bits
  Mode 0x0332: 320x400 (+640), 16 bits
  Mode 0x0333: 320x400 (+1280), 24 bits
  Mode 0x0334: 320x240 (+320), 8 bits
  Mode 0x0335: 320x240 (+640), 16 bits
  Mode 0x0336: 320x240 (+1280), 24 bits
  Mode 0x033d: 640x400 (+1280), 16 bits
  Mode 0x033e: 640x400 (+2560), 24 bits
  Mode 0x0345: 1600x1200 (+1600), 8 bits
  Mode 0x0346: 1600x1200 (+3200), 16 bits
  Mode 0x034a: 1600x1200 (+6400), 24 bits
  Config Status: cfg=new, avail=yes, need=no, active=unknown
root@homebrew:/home/n7dr#



  Doc

-- 
Web:  http://enginehousebooks.com/drevans



signature.asc
Description: OpenPGP digital signature

Re: Installed Stretch, but no command line

Ken Heard composed on 2017-07-23 18:25 (UTC-0400):

> Felix Miata wrote:

>> Ken Heard composed on 2017-07-23 12:21 (UTC-0400):

>>> Ctrl-alt-F1 shows the blank screen which appears at the end of
>>> the boot.  I think the problem is that what appears on opening
>>> tty2 to tty5 should appear in tty1 but for some reason does not
>>> -- instead the blank screen.

>> /etc/systemd/system/getty.target.wants/getty@tty1.service probably
>> says

>> TTYVTDisallocate=yes

>> Changing to

>> TTYVTDisallocate=no

>> should on subsequent boots leave init messages on tty1, but
>> plymouth may need to be purged for that to happen.

> I tried that, but after I entered my /home password the boot continued
> and then stopped.  After waiting fifteen minutes or so I concluded
> that the machine hanged.

All my installations have that set to no, so it's very surprising to me that
this could happen.

> I tried using the recovery mode from GRUB, but that hahged the machine
> as well.  I then tried rescue mode from the installation disk.  If it
> is possible to use that to put the Yes back, I could not figure it out.

> What do I do now?

If you had made a copy before your edit it would be a simple matter to rename
it. :-(

That said, that file is a plain text file. Any editor available in rescue mode
can put it back once the Stretch / partition is mounted. Try nano first, which
for most people is much more intuitive than traditional Linux editors like vi.

Something to try first: append plymouth.enable=0 to the kernel cmdline for an
otherwise normal boot. Also try appending a 3, which should block startup of the
GUI login manager, but also should make normal ttys 1-6 available.
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: debian 6 download)

2017-07-23 Thread Fungi4All

> From: go...@oles.biz
> On 07/23/2017 05:21 AM, Georgi Naplatanov wrote:
>> On 07/23/2017 05:04 AM, Ben Caradoc-Davies wrote:
>>> On 23/07/17 04:56, arshad mahmood wrote:
 Hi do you know how I can down load debian 6 server is free to download
 load or will I need to buy it through a vendor regards
>>>
>>> Debian 6 (squeeze) images are free to download but have been moved to
>>> the archives.
>>>
>>> Media images are in the cdimage archive:
>>> http://cdimage.debian.org/cdimage/archive/
>>>
>>> Packages are on archive.debian.org:
>>> http://archive.debian.org/debian/dists/
>>>
>>> Debian 9 (stretch) has been released. Have you considered using this
>>> newer, supported release?
>>>
>>
>> There is a list with supported Debian releases including LTS and Debian
>> 7 is oldest supported release.
>>
>> https://wiki.debian.org/LTS
>>
>> Kind regards
>>
> Hi Arshad,
> if you have no restriction for Debian 6 only then you can try CentOS 6.
> CentOS 6 has similar packages" version to Debian 6 and it"s still supported.
> Kind regards
> Georgi

If it is systemd you are trying to avoid and you start with 6 the upgrade to 7
is safe. It works like a cheetah and it still gets all security upgrades till 
late '18
If you make the mistake and go to Jessie from there, either you accept
systemd or you will be broken, but you can always upgrade from 7 to
Devuan.
To tell my honest story from bouncing around and trying stuff, Manjaro OpenRC
for me seems bulletproof. I am writing now from a tortured ManjOpenrc with
kernels up to 4.12.2 and it is solid.
My experience with Debian trying to avoid systemd has send it down the tubes
of my respect. I hate to admit it, but I gave it one hell of a try and it 
failed me.

Re: Installed Stretch, but no command line

2017-07-23 Thread Ken Heard

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2017-07-23 16:12, Felix Miata wrote:
> Ken Heard composed on 2017-07-23 12:21 (UTC-0400):
> 
>> Ctrl-alt-F1 shows the blank screen which appears at the end of
>> the boot.  I think the problem is that what appears on opening
>> tty2 to tty5 should appear in tty1 but for some reason does not
>> -- instead the blank screen.
> /etc/systemd/system/getty.target.wants/getty@tty1.service probably
> says
> 
> TTYVTDisallocate=yes
> 
> Changing to
> 
> TTYVTDisallocate=no
> 
> should on subsequent boots leave init messages on tty1, but
> plymouth may need to be purged for that to happen.

I tried that, but after I entered my /home password the boot continued
and then stopped.  After waiting fifteen minutes or so I concluded
that the machine hanged.

I tried using the recovery mode from GRUB, but that hahged the machine
as well.  I then tried rescue mode from the installation disk.  If it
is possible to use that to put the Yes back, I could not figure it out.

What do I do now?

Ken

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iEUEARECAAYFAll1IkwACgkQlNlJzOkJmTdyUACfR77Krz5cbuUvDQVRsr1wosfR
9H8AmMfXIjk7JFrg2i8J6TrSM4xNkik=
=HXHr
-END PGP SIGNATURE-

Re: debian 6 download)

2017-07-23 Thread Georgi Naplatanov

On 07/23/2017 05:21 AM, Georgi Naplatanov wrote:
> On 07/23/2017 05:04 AM, Ben Caradoc-Davies wrote:
>> On 23/07/17 04:56, arshad mahmood wrote:
>>> Hi do you know how I can down load debian 6 server is free to download
>>> load or will I need to buy it through  a vendor regards
>>
>> Debian 6 (squeeze) images are free to download but have been moved to
>> the archives.
>>
>> Media images are in the cdimage archive:
>> http://cdimage.debian.org/cdimage/archive/
>>
>> Packages are on archive.debian.org:
>> http://archive.debian.org/debian/dists/
>>
>> Debian 9 (stretch) has been released. Have you considered using this
>> newer, supported release?
>>
> 
> There is a list with supported Debian releases including LTS and Debian
> 7 is oldest supported release.
> 
> https://wiki.debian.org/LTS
> 
> Kind regards
> 

Hi Arshad,

if you have no restriction for Debian 6 only then you can try CentOS 6.
CentOS 6 has similar packages' version to Debian 6 and it's still supported.

Kind regards
Georgi

dovecot-sieve upgrade overwrote configuration

2017-07-23 Thread deb023

Hi,

I use unattended-upgrades in order to keep my Debian stretch server up
to date.

This morning, an update for dovecot-sieve was installed among others.
Previously, I had modified /etc/dovecot/conf.d/90-sieve.conf. During the
update, the file was simply overridden by the (probably new) default
configuration file, which I do not consider expected behaviour.

In the log, I got via mail, I see:
  Setting up dovecot-sieve (1:2.2.27-3+deb9u1) ...
  Replacing config file /etc/dovecot/conf.d/90-sieve.conf with new version

The respective file is not part of the package itself, rather it appears
to be installed as specified in
/var/lib/dpkg/info/dovecot-sieve.postinst, particularly by:
  ucf --three-way /usr/share/dovecot/$conffile /etc/dovecot/$conffile
  ucfr dovecot-sieve /etc/dovecot/$conffile
where $conffile equals to `conf.d/90-sieve.conf'.

Apparently, ucf is supposed to present some options to the user, none of
which will obviously be chosen by unattended-upgrades. If the upgrade
was to fail for this reason, unattended-upgrades would be supposed to
run `dpkg --force-confold --configure -a' due to the default setting
`Unattended-Upgrade::AutoFixInterruptedDpkg "true"'.

Does somebody have an explanation or a future-proof solution for the
depicted?

I should probably note, that a 90-sieve.conf.ucf-dist appears to have
been in place already before the recent upgrade.

I somewhere found the idea to add
  Dpkg::Options {
"--force-confdef";
"--force-confold";
  }
to 50-unattended-upgrades, however I doubt it applies to files not
listed as conffiles.


Greetings,
 respiranto

Re: Firewalld

On Sun, Jul 23, 2017 at 14:17 Reco  wrote:

> Hi.
>
> On Sun, 23 Jul 2017 17:29:54 +
> Tom Browder  wrote:
>
> > Webmin uses firewalld to manage firewalls. Is there any reason not to use
> > webmin for my servers' firewall management?
>
> I'll bite.
>
> First things first, CVE-2016-5410 and [1]. [1] comes with this
> beautiful tag attached:

Thanks, Reco!

Okay, so I'll pick firehol for the firewall.

Do you have any thoughts about what to use in place of webmin?  I looked at
IPSConfig but it doesn't support Postgresql.

I can do most anything manually, but am getting older and would like some
help for forgetfulness and laziness, i.e., a good and reliable GUI for
administering my remote servers would be nice.

Thanks again for your help.

-Tom

Re: Can "PulseAudio Volume Control" devs be redeemed?

2017-07-23 Thread Martin Read


On 23/07/17 16:48, Curt wrote:

Except that the default 500x400 geometry is the same in Jessie and
Wheezy and seems sufficient since nobody appears to be having any
problems seeing all 5 tabs but Erik.


There seem to be some other changes to the upstream glade file between 
version 2.0 and version 3.0, which have some indirect effect on the 
window geometry. Both versions have a nominal default width of 500, yet 
in the version in Debian 8 the window would come up wider than that on 
my system (as noted, it would write a window width of 780 into its 
configuration file).


In Debian 9, it comes up at 500x400 and only three of the tabs are 
immediately visible, but there are small arrows at either end of the tab 
bar, letting you move right and left along it - which is not a 
particularly obvious feature if you're not expecting it.

Re: Installed Stretch, but no command line

Ken Heard composed on 2017-07-23 12:21 (UTC-0400):

> Ctrl-alt-F1 shows the blank screen which appears at the end of the
> boot.  I think the problem is that what appears on opening tty2 to
> tty5 should appear in tty1 but for some reason does not -- instead the
> blank screen.
 /etc/systemd/system/getty.target.wants/getty@tty1.service probably says

TTYVTDisallocate=yes

Changing to

TTYVTDisallocate=no

should on subsequent boots leave init messages on tty1, but plymouth may need to
be purged for that to happen.
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread andre_debian

On Sunday 23 July 2017 20:48:56 Ph. Gras wrote:
> Pas faux André :
> > Avec php 7, des codes php ne fonctionnent plus,
> > méfiance avant de basculer, il faut avant les modifier,
> > sinon le site Web fonctionnera bien mal.

> J'ai un Wordpress et un phpBB qui doivent tourner dessus,
> apparemment c'est bon d'après ce que j'ai lu sur le Web…
> Ph. Gras

Les CMS ont dû en tenir compte, mais pour les sites maison...

Il faut mettre dans "php.ini", error = on,
et le site affiche les codes php devenus obsolètes.

Sur mon site perso, j'ai préféré pour l'instant revenir à php5,
en attendant le courage de les modifier,
Les upgrade, c'est bien, mais que de boulot ensuite :-)

André

Re: Firewalld

2017-07-23 Thread Reco

Hi.

On Sun, 23 Jul 2017 17:29:54 +
Tom Browder  wrote:

> Webmin uses firewalld to manage firewalls. Is there any reason not to use
> webmin for my servers' firewall management?

I'll bite.

First things first, CVE-2016-5410 and [1]. [1] comes with this
beautiful tag attached:

Upstream told me that they know that the lockdown feature is not secure
and they wouldn't know how to fix it, except for removing the feature
completely.

Second, [2] states that *popular* iptables frontends are ufw, shorewall
and fwbuilder. That means someone's actually using them, finding bugs,
fixing them, etc.

And last, but not least, [3]. There you have it all. Remote code
execution. Directory traversal. XSS. Authentication bypass.

tl;dr version - friends do not let friends to use webmin and/or
firewalld.

Reco

[1] http://seclists.org/oss-sec/2017/q3/139
[2] https://wiki.debian.org/Firewalls
[3] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=webmin

Re: cups

2017-07-23 Thread Pol Hallen


Hi Brian

>For the testing client, post the output of
>lpoptions -p e460dn

lpoptions -p E460DN.fuckaround.org
copies=1 device-uri=ipp://10.10.10.1/printers/E460DN finishings=3 
job-cancel-after=10800 job-hold-until=no-hold job-priority=50 
job-sheets=none,none marker-change-time=1500823547 
marker-colors=#00,none,none marker-levels=-1,100,-1 
marker-names='Toner\ nero,Unit?\ di\ fusione,Kit\ manutenzione' 
marker-types=toner,other,other number-up=1 
printer-commands=AutoConfigure,Clean,PrintSelfTestPage 
printer-info=E460DN.fuckaround.org printer-is-accepting-jobs=true 
printer-is-shared=false printer-is-temporary=false printer-location 
printer-make-and-model='Lexmark E460dn Foomatic/Postscript' 
printer-state=3 printer-state-change-time=1500823572 
printer-state-reasons=none printer-type=10530844 
printer-uri-supported=ipp://localhost/printers/E460DN.fuckaround.org


>and the content of /etc/cups/printers.conf.


UUID urn:uuid:93096773-7e23-3138-6562-d82e1935b64f
AuthInfoRequired none
Info E460DN.fuckaround.org
MakeModel Lexmark E460dn Foomatic/Postscript
DeviceURI ipp://10.10.10.1/printers/E460DN
State Idle
StateTime 1500823572
ConfigTime 1500823259
Type 8433692
Accepting Yes
Shared No
JobSheets none none
QuotaPeriod 0
PageLimit 0
KLimit 0
OpPolicy default
ErrorPolicy retry-job
Attribute marker-colors \#00,none,none
Attribute marker-levels -1,100,-1
Attribute marker-names Toner nero,Unit? di fusione,Kit manutenzione
Attribute marker-types toner,other,other
Attribute marker-change-time 1500823547


>time pdf2ps 789K_PDF output.ps

time pdf2ps 158.pdf 158.ps

real0m3.482s
user0m3.164s
sys 0m0.312s

>Post the screen display and the output of 'ls -l output.ps'

ls -l 158.ps
-rw-r--r-- 1 max max 12180217 Jul 23 20:14 158.ps

> same file using debian stable, on server jobs I see 1043K and works

>Post the outputs of
>ls -l /etc/cups/ppd

-rw-r- 1 root lp 10364 Jul 23 17:20 E460DN.fuckaround.org.ppd
-rw-r- 1 root lp 10372 Jul 23 17:20 E460DN.fuckaround.org.ppd.O

lpoptions -p 

from the stable client machine.

>Is it jessie, stretch or testing on the server?

I making test with 2 servers: one it's old-old stable, another with 
old-stable server (same situation: from debian stable everything works)


lpstat -d E460DN
E460DN-2544 max9726976   Sun 23 Jul 2017 
08:30:00 PM CEST


that's the problem: 9726976

when I print from stable debian, on cups server file size is correct: 760832

lpstat -d E460DN
system default destination: E460DN.fuckaround.org_via_VNC_from_misha
E460DN-2547 psycheye760832   Sun 23 Jul 2017 
09:05:57 PM CEST


thanks!

Pol

Re: Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread Ph. Gras

Pas faux André :

> Avec php 7, des codes php ne fonctionnent plus,
> méfiance avant de basculer, il faut avant les modifier,
> sinon le site Web fonctionnera bien mal.
> 

J'ai un Wordpress et un phpBB qui doivent tourner dessus,
apparemment c'est bon d'après ce que j'ai lu sur le Web…

Ph. Gras

Re: Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread andre_debian

Avec php 7, des codes php ne fonctionnent plus,
méfiance avant de basculer, il faut avant les modifier,
sinon le site Web fonctionnera bien mal.

Re: Les cyber menaces basculent vers Linux et les serveurs Web

2017-07-23 Thread andre_debian

On Sunday 23 July 2017 18:55:09 maderios wrote:
> On 07/23/2017 12:01 PM, Thierry Bugier Pineau wrote:
> >> Un antivirus pour Linux? C'est la première blague du jour...

> J'ai bien écrit "Un antivirus pour Linux"  et non "pour windows".
> Il existe un bon antivirus libre pour windows à installer sur linux,
> clamav, mais on ne l'utilise que pour windows afin de ne pas transmettre
> (par mail) des virus sur les machines windows qui sont génétiquement
> vérolables à souhaits, même le dernier windows 10.
> En plus de 17 ans d'utilisation de linux, je n'ai jamais vu un système
> linux altéré par un virus, idem pour les linuxiens que je connais.
> Quelque soit le système, le plus dangereux des malwares, c'est la
> négligence de l'utilisateur censé maintenir son système.

Tous ces articles d'anti-virus "nécessaires" sous Linux profusent ,
dès qu'il y a des cyberattaques de virus via Windows bien relatés dans les 
médias.
Je dois me tromper, Microsoft qui veut garder ses parts de marchés,
les fabricants d'AV, ont tout intérêt à répandre leur fiel sur Linux.

Avec son cloud Azure, Microsoft a réalisé un énorme chiffre d'affaires :
http://www.zdnet.fr/actualites/linux-toujours-plus-utilise-sur-microsoft-azure-39838684.htm
Il semble qu'i y ait de l'opensource dans ce cloud qui fonctionne aussi sous 
Linux.

Cela fait des lustres qu'on nous dit :
"il y aura autant de virus sous Linux que sous Windows,
le jour ou les pirates décideront de fabriquer des AV pour Linux".
Si ils ne le font pas, c'est que Linux occupe une trop petite part de marché.
(oui, mais des particuliers).

Pourtant, aujourd'hui, plus de 50% des serveurs professionnels
sont sous Linux, donc les pirates ont tout intérêt à s'y intéresser.

En 20 ans de Linux, je n'ai jamais eu un virus.

Bonne soirée,

André

Re: how to make sure that gnome check available updates to system

2017-07-23 Thread Dejan Jocic

On 23-07-17, Karol Szkudlarek wrote:
> Hello,
> I am using GNOME and Debian 9 on my laptop and in the software-properties-gtk 
> program I selected daily updates and display message immediately.
> Laptop is used dual boot mode and I would like to be sure (for security 
> reasons) that Gnome checks automatic available updates properly.
> Is it some log file to verify if checking was performed and when?
> I would like to not to perform manual apt-get update. I have not installed 
> cron-apt.
> Regards,
> 
> Karol Szkudlarek

If you want those updates to be automatic, you should change that
display message immediately to download and install automatically.
As for checking logs, you can check under these:

/var/log/unattended-upgrades/unattended-upgrades.log

/var/log/dpkg.log

With automatic updates enabled, all actions performed will end up there.
Well, in /var/log/dpkg.log other actions, like manually installing
packages will be recorded too, but you will be able to see performed
actions. If you would like to be informed about automatic upgrades with
mail, you will have to edit file:

/etc/apt/apt.conf.d/50unattended-upgrades

and find and uncomment line //Unattended-Upgrade::Mail "root";

Hope that this helps.

Re: Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread Ph. Gras

Merci :-)
> 
> Depuis la version 5.5.0, PHP contient un gestionnaire d'opcache.
> 
> http://fr.php.net/manual/fr/intro.opcache.php

en fait, j'ai installé un paquet exprès pour ça :
Réception de:67 http://debian.mirrors.ovh.net/debian stretch/main amd64 
php7.0-opcache amd64 7.0.19-1 [77,2 kB]

Sélection du paquet php7.0-opcache précédemment désélectionné.
Préparation du dépaquetage de .../21-php7.0-opcache_7.0.19-1_amd64.deb ...
Dépaquetage de php7.0-opcache (7.0.19-1) ...

> 
> Il est configurable dans le fichier php.ini

OK :

Creating config file /etc/php/7.0/mods-available/readline.ini with new version
Paramétrage de php7.0-xsl (7.0.19-1) ...
Paramétrage de php7.0-opcache (7.0.19-1) ...


> 
> http://fr.php.net/manual/fr/opcache.configuration.php

J'y prêterai attention.

Ph. Gras

how to make sure that gnome check available updates to system

2017-07-23 Thread Karol Szkudlarek

Hello,
I am using GNOME and Debian 9 on my laptop and in the software-properties-gtk 
program I selected daily updates and display message immediately.
Laptop is used dual boot mode and I would like to be sure (for security 
reasons) that Gnome checks automatic available updates properly.
Is it some log file to verify if checking was performed and when?
I would like to not to perform manual apt-get update. I have not installed 
cron-apt.
Regards,

Karol Szkudlarek

Intel Skylake/Kaby Lake Hyper-threading bug update

2017-07-23 Thread Henrique de Moraes Holschuh

TL;DR: Intel has issued public microcode updates in 2017-07-07, fixing
the hyper-threading errata on every affected processor. These updates
have been included in the stable and oldstable point releases from
2017-07-22.

The microcode updates in the "intel-microcode" packages with the base
version of 3.20170707.1 fix the hyper-threading defect on every known-
affected Intel processor, including Kaby Lake and all variants of
Skylake.

Updated intel-microcode packages are already available for oldstable,
stable, testing, unstable, jessie-backports-sloppy and
stretch-backports.

For more details and instructions, please refer to:
https://wiki.debian.org/Microcode

FAQ about the "hyper-threading defect":

Q. Does the Intel "microcode update" that fixes the defect remove
hyper-threading support?

A. The updated microcode *fixes* hyper-threading, it does *not* remove
hyper-threading support.

Upgraded microcode information related to these errata:

Skylake D0/R0 (mobile/desktop), signatures 0x406e3, 0x506e3:
Known to be fixed in microcode revision 0xb9/0xba and later. Public fix
available in linux microcode 20170511 and later.

Skylake H0 (server/HEDT/X-series), signature 0x50654:
Known to be fixed in microcode revision 0x222 and later, and it
might have been fixed since revision 0x21a. Public fix available in
linux microcode 20170707 and later.

Kaby Lake H0/B0 (mobile/desktop), signatures 0x806e9, 0x906e9 (pf mask 0x22):
Known to be fixed in microcode revision 0x5d/0x5e and later. Public fix
available in linux microcode 20170707 and later.

Kaby Lake X-series, signature 0x906e9 (pf mask 0x08):
These processors are *NOT* affected when installed in a *supported*
motherboard configuration (i.e. one that had its firmware updated to be
compatible with Kaby Lake X-series). The launch production microcode
already has the fix (believed to be microcode revision 0x5d or later
based on the processor flags mask).

Kaby Lake Y0: signature 0x806ea:
Known to be fixed in microcode revision 0x65/0x66 and later, and it
might have been fixed since revision 0x5d/0x5e. Public fix available in
linux microcode 20170707 and later.

References from the original advisory:

https://caml.inria.fr/mantis/view.php?id=7452
http://metadata.ftp-master.debian.org/changelogs/non-free/i/intel-microcode/unstable_changelog
https://www.intel.com/content/www/us/en/processors/core/desktop-6th-gen-core-family-spec-update.html
https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html
https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html
https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v5-spec-update.html
https://www.intel.com/content/www/us/en/products/processors/core/6th-gen-x-series-spec-update.html

New references:

The two new references below contain material that was not known to the
Debian maintainers or to the Debian project:

https://medium.com/ahrefs/skylake-bug-a-detective-story-ab1ad2beddcd
http://gallium.inria.fr/blog/intel-skylake-bug/

--
Henrique Holschuh

Re: Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread Frédéric MASSOT


Le 23/07/2017 à 19:30, Ph. Gras a écrit :

Bonsoir à toutes et à tous,

avec la nouvelle version de Debian, on est vivement suggéré d'installer PHP 7,
et c'est donc avec discipline que je vais m'orienter vers cette solution :-(

J'ai retrouvé mes extensions PHP favorites dans le cache d'apt, mais hélas, j'ai
la douloureuse impression que mes bons vieux opcode ont évolué aussi et ont
souvent migré dans des dépôts exotiques…

Sur quel opcode avez-vous porté votre choix avec PHP 7 ?


Depuis la version 5.5.0, PHP contient un gestionnaire d'opcache.

http://fr.php.net/manual/fr/intro.opcache.php

Il est configurable dans le fichier php.ini

http://fr.php.net/manual/fr/opcache.configuration.php

--
==
|  FRÉDÉRIC MASSOT   |
| http://www.juliana-multimedia.com  |
|   mailto:frede...@juliana-multimedia.com   |
| +33.(0)2.97.54.77.94  +33.(0)6.67.19.95.69 |
===Debian=GNU/Linux===

Re: Tracker-store (encore !)

2017-07-23 Thread pmenier


Le 23/07/2017 à 17:51, David BERCOT a écrit :

Bonjour,

J'ai à nouveau un problème avec le système d'indexation et le processus
tracker-store qui occupe 100% de la CPU.

Précédemment, j'ai bien lancé tracker-preferences en root et avec mon
user en demandant de ne rien indexer.
En parallèle, j'ai ajouté, dans
"/etc/xdg/autostart/tracker-store.desktop", la ligne "hidden=true".

Mais rien n'y fait ! Je tue le process en ligne de commande et, à chaque
redémarrage, il revient dès que mon ordinateur n'est plus utilisé.

J'ai fait diverses recherches mais je ne trouve rien d'autre comme
"option", sachant que je ne peux désinstaller le package tracker dont
dépendent gnome-core* gnome-documents* gnome-music* gnome-photos*, etc.

Auriez-vous une idée ?
Avez-vous le même comportement ?

Merci.

David.



Salut
Et si tu dégageais le lien /etc/xdg/autostart/tracker-store.desktop ?

pm

Quel opcode PHP pour Debian Stretch ?

2017-07-23 Thread Ph. Gras

Bonsoir à toutes et à tous,

avec la nouvelle version de Debian, on est vivement suggéré d'installer PHP 7,
et c'est donc avec discipline que je vais m'orienter vers cette solution :-(

J'ai retrouvé mes extensions PHP favorites dans le cache d'apt, mais hélas, j'ai
la douloureuse impression que mes bons vieux opcode ont évolué aussi et ont
souvent migré dans des dépôts exotiques…

Sur quel opcode avez-vous porté votre choix avec PHP 7 ?

Merci pour vos réponses et vos avis éclairés,

Ph. Gras

Firewalld

Webmin uses firewalld to manage firewalls. Is there any reason not to use
webmin for my servers' firewall management?

Thanks.

-Tom

Epson iScan Tool for Stretch (PATCH)

2017-07-23 Thread deloptes


In case someone is interested.
Here is a patch for Epson's iScan for Stretch (libjpeg and libpng16)

http://deloptes.org/patches/iscan-2.30.3.debian9.patch

regards

Re: Les cyber menaces basculent vers Linux et les serveurs Web

2017-07-23 Thread maderios


On 07/23/2017 12:01 PM, Thierry Bugier Pineau wrote:


Un antivirus pour Linux? C'est la première blague du jour...



Pour moi, non c'est sérieux :)

Si je m'en réfère au grand, puissant (et plein d'autres superlatifs)
Wikipedia, voilà ce que je trouve :
https://fr.wikipedia.org/wiki/Liste_des_malwares_Linux
'Cette liste est une ébauche concernant un logiciel libre et la sécurité 
informatique'

Hum, article pas sourcé et écrit avec quelles compétences?



On y trouve une petite liste de virus, et d'antivirus également pour
notre OS préféré (peu importe la saveur).



J'ai bien écrit "Un antivirus pour Linux"  et non "pour windows".
Il existe un bon antivirus libre pour windows à installer sur linux, 
clamav, mais on ne l'utilise que pour windows afin de ne pas transmettre 
(par mail) des virus sur les machines windows qui sont génétiquement 
vérolables à souhaits, même le dernier windows 10.
En plus de 17 ans d'utilisation de linux, je n'ai jamais vu un système 
linux altéré par un virus, idem pour les linuxiens que je connais.
Quelque soit le système, le plus dangereux des malwares, c'est la 
négligence de l'utilisateur censé maintenir son système.


--
Maderios

Re: Installed Stretch, but no command line

2017-07-23 Thread Ken Heard

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2017-07-23 07:43, songbird wrote:
> Ken Heard wrote:
>> 
>> Just finished installing Stretch, using a RAID1, LVM and
>> encryption for home (passkey) and swap (random key).  It is at
>> the moment a basic installation with X-server-Xorg, but no DE
>> yet.
> 
> if you use the control-alt F1 - F? sequence do you get a login
> prompt?  (check F7 and F8 too)

I should have thought of that, but when I wrote my original post I was
tired and frustrated.  Thanks for the reminder.

This morning I did as you suggested.  Yes, ctrl-alt-F2 to F6 does open
a console where I can log in one of them as my user and in another as
root.  So far I seem to be able to execute all the commands I need to
or want to in both.

For example, in my user I was able to run startx, which prodices a
bluish hue screen with the Debian swirl. I can't go any further
because I do not have a desktop environment yet.  My next step is to
install one and see what happens.

Ctrl-alt-F7 and F8 open nothing, not surprising as F7 and above are
normally reserved for graphical user interfaces (GUI), which I have
not yet installed.

Ctrl-alt-F1 shows the blank screen which appears at the end of the
boot.  I think the problem is that what appears on opening tty2 to
tty5 should appear in tty1 but for some reason does not -- instead the
blank screen.
> 
>> As part of the boot it accepts my /home password, but I do not
>> get the command line. I end up with a blue-grey screen. No input
>> from mouse or keyboard is accepted.  To close the computer I have
>> to use the power switch.
> 
> oh, this doesn't sound good, but since you don't describe your
> keyboard or mouse type i'm not sure if you need to change something
> in the bios or what for them to show up.  check the bios if you
> have settings that might help.  use a different keyboard and/or
> mouse to check that something shows up.

Keyboard is fine; it has worked on another computer,  I have nothing
yet installed which uses the mouse.

> your X setup may need adjusting.  check /var/log/Xorg.0.log and
> X*.log.old  if you have no log files install rsyslog.

Probably not necessary, but I shall see after the DE is installed.

>> I can open it in recovery mode, and after I enter the root
>> password I can get the command line as root. But I don't know
>> what to do next to effect a rescue.  From the root command line I
>> can however close the computer properly with "shutdown -h now".
>> 
>> I did notice when the computer was booting normally -- not in
>> rescue mode -- the following lines loop many times until the
>> computer gives up:
>> 
>> Running /scripts/local-block Failed to connect to lvmetad Failed
>> to find logical volume SOL1/swap_crypt
>> 
>> According to several posts on line, this behaviour is a nuisance
>> but not fatal.  As some people suggested on line I tried to get
>> rid of this nuisance by changing in /etc/lvm/lvm.conf
>> use_lvmetad=1 to =0, but to no effect.
>> 
>> If I have to I can live with the nuisance, but I cannot live
>> without the command line.
>> 
> i do know that at times some partitions are set up but may not be
> found due to various issues.  i make life simpler by using volume
> labels and adjusting /etc/fstab to use those instead of UUIDs.

Probably a good idea; I shall try it.

> the problem i had was that the reformat of the swap partition got
> rid of my label.  so now if i do anything that touches the swap
> partition i reset the label.

Regards, Ken


-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iEYEARECAAYFAll0zREACgkQlNlJzOkJmTekcgCfeFjlPRPXaxhhJq4TPwvLfl6K
0WwAmwb+xo26JnNg0/j4m40IL+ZJe7Hn
=2QF1
-END PGP SIGNATURE-

Re: Linus Torvalds: 'siento que ya no puedo confiar en el sistema de inicio'

2017-07-23 Thread Ricard Pradell

Hola,

Algú em pot referir una web o similar on pugui documentar-me sobre systemd
i veure les diferències amb altres inits? si pot ser complerta i
autocontinguda, millor (que no hagi de consultar 5000 altres llocs, que em
foto gran i manta)

Gràcies

El dia 21 de juliol de 2017 a les 12:48, Jordi Funollet <
funol...@fastmail.fm> ha escrit:

> On Fri, Jul 21, 2017, at 12:09 PM, Narcis Garcia wrote:
>
> > Em vaig gastar una pasta en llibres per LPIC, i potser ja els haig de
> > museitzar.
>
> https://www.safaribooksonline.com/
>
> La majoria de llibres tècnics ja no els compro, els llogo.
>
> --
> Jordi Funollet Pujol
> http://www.linkedin.com/in/jordifunollet
>
>

Re: cups

2017-07-23 Thread Brian

On Sat 22 Jul 2017 at 14:55:19 +0200, Pol Hallen wrote:

> Hello and thanks to all :)
> 
> >Impossible to say in your situation without knowing the printer make
> it's a lexmark e460dn: I tried also ppd from lexmark website and many from
> foomatic, etc
> I tried the ppd from a debian stable installation (where there printers
> runs) but same problem

The PPD is probably not the problem; The Debian one should be good enough
to use.

> >Please post the outputs of 'lpstat -t' and 'lpoptions -p  on
> >the client. ( is the printer the PDF is sent to).
> 
> device for E460DN: ipp://192.168.1.100/printers/E460DN
> E460DN accepting requests since Sat 22 Jul 2017 02:50:39 PM CEST
> printer E460DN now printing E460DN-2253.  enabled since Sat 22 Jul 2017
> 02:50:39 PM CEST
> E460DN-2253 max 282624   Sat 22 Jul 2017 02:50:39 PM
> CEST

Looks ok. The size of the file being processed is 282624, so you are
sending the 300K PDF. However, it looks like you are processing twice:
once on the client and again on the server. This is not recommended. It
works for you because the client produces PostScript (the e460dn is a
PostScript printer) and the server will accept and process PostScript.

For the testing client, post the output of

  lpoptions -p e460dn

and the content of /etc/cups/printers.conf.

> >> From client I print (ie: a 300Kb of pdf), in log cups server I see that 
> >> file
> >>size about 4/5Mb (why?),
> >
> >Impossible to say because we do not know how you printed on the client.
> >The 4/5MB was obtained from http://localhost:631/jobs?which_jobs=all on
> >the server?
> 
> file size of pdf is 789K: printing from debian testing, on server jobs I see
> 13Mb

The testing client is producing the 13MB PostScript file, probably with
Ghostscript. For very complex PDFs the processing time can be long and
the file size large. We might get some idea of time and size with

  time pdf2ps 789K_PDF output.ps

Post the screen display and the output of 'ls -l output.ps'

> same file using debian stable, on server jobs I see 1043K and works

It does not appear the stable client is doing processing of the input
PDF in the same way as the stable client. 1043K is not much bigger than
789K and could be due to the printing application used. (An application
such as Evince does not send the original file to the server but a new
one that it produces).

Post the outputs of

  ls -l /etc/cups/ppd

and

  lpoptions -p 

from the stable client machine.

> >What happens when the PDF is printed from the server with lp?
> 
> same situation

Is it jessie, stretch or testing on the server? Is it possible to
provide links to the two PDFs you mention?

-- 
Brian.

Re: Random hanging with stretch when laptop is connected to AC

2017-07-23 Thread Bas Zoutendijk

Dear Debian Users,

On Thu 20 Jul 2017 at 10:43:15 +0200, Sebastiaan L. Zoutendijk wrote:
> Since I upgraded from jessie to stretch at the start of this month, I am 
> experiencing random hangs when my laptop (Clevo W950JU barebone) is connected 
> to AC. The screen freezes and if sound was playing it is repeated in a 
> 2-second loop. The system does not recover from this and does not respond to 
> any key, a short press of the power button, or SysRq commands. I have to shut 
> it down with a long press of the power button, which has caused considerable 
> filesystem damage over the past weeks. Nothing is written to the systemd 
> journal at the time of the hang, not even at log level 7.

Since the last message  I have consulted a friend and we  came up with a
few more  options.  Booting the still-installed  jessie-backports kernel
did not solve the issue,  neither did downgrading systemd to the version
in jessie.  When I booted  with systemd.unit=multi-user.target I noticed
that this  issue does not  happen in a  non-graphical environment.  With
the  idea that  the issue  might  be  X-  or  graphics-related,  I first
downgraded xorg and its input and  video drivers to the jessie versions,
but that did not solve  it,  neither did additionally downgrading libdrm
and mesa.

Instead of continuing to downgrade random packages, I tried to restore a
back-up  of  my  /  filesystem  from  before  the  upgrade  to  stretch.
Unfortunately my  back-up program seems  to have forgotten  a few files,
which turned out to include some very essential system files.  I managed
to restore part  of the damage from  a chroot on a  live system,  but it
turned out to be beyond my capabilities to fix.

I have since  returned to my jessie installation  and managed to recover
/home by restoring from the back-up  and rescuing missing files from the
damaged filesystem.  I will undo the downgrades in a moment as they were
ineffective.

So I am back to square one.  For the time being I will keep running this
system with acpi=off.  I might try a fresh install later.

Yours faithfully,

Bas Zoutendijk

-- 
Sebastiaan L. Zoutendijk | slzoutend...@gmail.com

Tracker-store (encore !)

2017-07-23 Thread David BERCOT

Bonjour,

J'ai à nouveau un problème avec le système d'indexation et le processus
tracker-store qui occupe 100% de la CPU.

Précédemment, j'ai bien lancé tracker-preferences en root et avec mon
user en demandant de ne rien indexer.
En parallèle, j'ai ajouté, dans
"/etc/xdg/autostart/tracker-store.desktop", la ligne "hidden=true".

Mais rien n'y fait ! Je tue le process en ligne de commande et, à chaque
redémarrage, il revient dès que mon ordinateur n'est plus utilisé.

J'ai fait diverses recherches mais je ne trouve rien d'autre comme
"option", sachant que je ne peux désinstaller le package tracker dont
dépendent gnome-core* gnome-documents* gnome-music* gnome-photos*, etc.

Auriez-vous une idée ?
Avez-vous le même comportement ?

Merci.

David.

Re: Can "PulseAudio Volume Control" devs be redeemed?

2017-07-23 Thread Curt

On 2017-07-23, Curt  wrote:
>
> I took the scientific route and downloaded the deb for Stretch
> (amd64, my particular sauce) and unpacked it (dpkg -x
> pavucontrol_3.0-3.1_amd64.deb _directory_) and indeed the default
> geometry for the window is set in pavucontrol.glade at 500x400
> (width/height) just as Erik claimed.
>

Except that the default 500x400 geometry is the same in Jessie and
Wheezy and seems sufficient since nobody appears to be having any
problems seeing all 5 tabs but Erik.

-- 
“We’ll sit around talking about the good old days, when we wished that we were 
dead.”
--Samuel Beckett, speculating on the nature of the afterlife.

Re: Can "PulseAudio Volume Control" devs be redeemed?

2017-07-23 Thread Curt

On 2017-07-23, Cindy-Sue Causey  wrote:
> On 7/22/17, Curt  wrote:
>> On 2017-07-22, Ric Moore  wrote:
>>> On 07/22/2017 12:51 AM, Erik Christiansen wrote:
>>>
 There is no rational explanation for failing to make all 5 tabs visible.
>>>
>>> No idea what your problem is, I have always been able to see the tabs.
>>> Ric
>>>
>>
>> Me neither. I've got all five. Ordinary display size here.
>>
>> I've read that the HDMI output on the Udoo depends on the S/PDIF control
>> and
>> installing pulseaudio mutes it. Maybe that has something to do with "The
>> Mysterious Case of the Hidden Tabs."
>
>
> I have 2 to 5 depending on the size of the window. Instead of all five
> reflexively changing size relative to the window size, they do what
> the main Xfce4 desktop toolbar does, for example. They become silently
> hidden behind a drop-down arrow. Or in the case of PulseAudio, a
> drop-left AND drop-right arrow. :)
>

I took the scientific route and downloaded the deb for Stretch
(amd64, my particular sauce) and unpacked it (dpkg -x
pavucontrol_3.0-3.1_amd64.deb _directory_) and indeed the default
geometry for the window is set in pavucontrol.glade at 500x400
(width/height) just as Erik claimed.

Therefore I declare his rant warranted.

;-) 

(If ever rants are really warranted.)

Maybe this constrained default geometry could be considered a bug that
should be reported to the proper authorities.

-- 
“We’ll sit around talking about the good old days, when we wished that we were 
dead.”
--Samuel Beckett, speculating on the nature of the afterlife.

Re: Distro redeemable with this fix. [Was: Can "PulseAudio Volume Control" devs be redeemed?]

2017-07-23 Thread Cindy-Sue Causey

On 7/23/17, Erik Christiansen  wrote:
> On 23.07.17 13:33, Martin Read wrote:
>> The shared data file describing the default window structure of
>> pavucontrol
>> is /usr/share/pavucontrol/pavucontrol.glade. The corresponding file in
>> the
>> pavucontrol-2.0 (found in Debian jessie) and pavucontrol-3.0 (found in
>> Debian stretch) source trees as downloadable from packages.debian.org
>> appears to have no obviously window-size-affecting changes between the
>> two
>> versions.
>
> Grateful thanks for taking the trouble to find the culprit file. A quick
> look in /usr/share/pavucontrol/pavucontrol.glade reveals the problem, at
> lines 694 and 695:
>
>500
>400
>
> FIX: Change default_width to (minimally) 700 for all 5 tabs to display.
>  (600 displays but 4, 500 displays only 3, as we well know by now.)
>  N.B. A width of 800 may be needed for Martin's case, though.
>
>> pavucontrol also reads the human-readable configuration file
>> /home/USERNAME/.config/pavucontrol.ini to determine what the preferred
>> window size for user USERNAME is. If this file is not present, it is
>> created
>> afresh and the default startup geometry is written to it. On my Debian
>> jessie system, this geometry is 780x400 (which, in the context of the
>> rest
>> of my system configuration, is adequate to make the existence of all five
>> tabs apparent).
>
> On the new 9.0.0 install, it is also 500x400 in ~/.config/pavucontrol.ini,
> and that presents only 3 tabs, as we have discussed. It confirms that
> the window size is as configured at installation - not influenced by any
> user action.
>
>> I haven't upgraded to stretch, because I haven't yet been in the mood to
>> spend an hour or more with my computer switched on but effectively
>> unusable
>> while I perform the upgrade, so I can't comment on the default geometry
>> presented by pavucontrol in stretch.
>
> Understood - I'll refrain from mentioning how old the Debian version on
> this host is. It's all the futzing to put back the 101 bits and pieces
> which provide the familiar environment that sporadically interrupts the
> next few days.
>
> Thank you for providing the means of diagnosis, and thereby the fix.


I just responded to the other part of this thread. Another "fix" might
be that the tabs are "trained" to shrink down in size reflexively
relative to the software package's window size, be it two feet wide..
or teeny tiny tablet :)

A fix like this would fal under #usability.. #accessibility (ref: cognition).

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: Can "PulseAudio Volume Control" devs be redeemed?

2017-07-23 Thread Cindy-Sue Causey

On 7/22/17, Curt  wrote:
> On 2017-07-22, Ric Moore  wrote:
>> On 07/22/2017 12:51 AM, Erik Christiansen wrote:
>>
>>> There is no rational explanation for failing to make all 5 tabs visible.
>>
>> No idea what your problem is, I have always been able to see the tabs.
>> Ric
>>
>
> Me neither. I've got all five. Ordinary display size here.
>
> I've read that the HDMI output on the Udoo depends on the S/PDIF control
> and
> installing pulseaudio mutes it. Maybe that has something to do with "The
> Mysterious Case of the Hidden Tabs."

I have 2 to 5 depending on the size of the window. Instead of all five
reflexively changing size relative to the window size, they do what
the main Xfce4 desktop toolbar does, for example. They become silently
hidden behind a drop-down arrow. Or in the case of PulseAudio, a
drop-left AND drop-right arrow. :)

Neither one is 100% *cognitively friendly*, but no, I don't know of an
alternative that would improve the experience.

Well, no, wait Yes, in fact I do know of an alternative. It would
help if the buttons continued to shrink down reflexively so that all
could fit in *visibly* together.

No, not everyone would like that. That part could be addressed by a
wish list item that asks for a  preference menu toggle switch to turn
that type of feature on and off. :)

My own personal experience is just a fact of #Life related to second
by second memory loss issues. To this very day after YEARS of the
same, I'll STILL lose at least a few seconds *EVERY SINGLE DAY*
wondering where any given window's "button" wandered off to on that
top desktop wide toolbar. That "button" will be there, I will just
have forgotten YET AGAIN to see if a "drop-down" button  hasn't very
quietly and *necessarily* appeared to the far right (in my particular
Xfce4 use case).

Just thinking out loud :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

(solved) Re: how to let a user use X window

Thank Eduardo M KALINOWSKI!

I enter startx and can start X window now.

On 7/23/17, Eduardo M KALINOWSKI  wrote:
>
> Reading the release notes is always a good idea before updating the
> version (be it with an in-place upgrade or new install).
>
> Could be related to this:
>
> https://www.debian.org/releases/stable/amd64/release-notes/ch-whats-new.en.html#x-no-longer-requires-root
>
> --
> Eduardo M KALINOWSKI
> edua...@kalinowski.com.br
>
>

Distro redeemable with this fix. [Was: Can "PulseAudio Volume Control" devs be redeemed?]

2017-07-23 Thread Erik Christiansen

On 23.07.17 13:33, Martin Read wrote:
> The shared data file describing the default window structure of pavucontrol
> is /usr/share/pavucontrol/pavucontrol.glade. The corresponding file in the
> pavucontrol-2.0 (found in Debian jessie) and pavucontrol-3.0 (found in
> Debian stretch) source trees as downloadable from packages.debian.org
> appears to have no obviously window-size-affecting changes between the two
> versions.

Grateful thanks for taking the trouble to find the culprit file. A quick
look in /usr/share/pavucontrol/pavucontrol.glade reveals the problem, at
lines 694 and 695:

   500
   400

FIX: Change default_width to (minimally) 700 for all 5 tabs to display.
 (600 displays but 4, 500 displays only 3, as we well know by now.)
 N.B. A width of 800 may be needed for Martin's case, though.

> pavucontrol also reads the human-readable configuration file
> /home/USERNAME/.config/pavucontrol.ini to determine what the preferred
> window size for user USERNAME is. If this file is not present, it is created
> afresh and the default startup geometry is written to it. On my Debian
> jessie system, this geometry is 780x400 (which, in the context of the rest
> of my system configuration, is adequate to make the existence of all five
> tabs apparent).

On the new 9.0.0 install, it is also 500x400 in ~/.config/pavucontrol.ini,
and that presents only 3 tabs, as we have discussed. It confirms that
the window size is as configured at installation - not influenced by any
user action.

> I haven't upgraded to stretch, because I haven't yet been in the mood to
> spend an hour or more with my computer switched on but effectively unusable
> while I perform the upgrade, so I can't comment on the default geometry
> presented by pavucontrol in stretch.

Understood - I'll refrain from mentioning how old the Debian version on
this host is. It's all the futzing to put back the 101 bits and pieces
which provide the familiar environment that sporadically interrupts the
next few days. 

Thank you for providing the means of diagnosis, and thereby the fix.

Erik

P.S. How can ~/.config/pavucontrol.ini, be undisturbed, when I had to
enlarge the window to access the config tab, and that overwrites on
closure? A pristine instance lay minimised and forgotten at the bottom
of the screen, and was closed after the one with the increased window
size, thus restoring the distro default.

Re: Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?

On Sun, Jul 23, 2017 at 07:13 Lck Ras  wrote:

> On 07/23/2017 08:55 PM, Tom Browder wrote:
> > I would like to remove all bind9 packages from servers running bind9
> > and install the latest bind9 from source.
> >
> > Two questions, please:
> >
> > 1.  Will there be any adverse consequences from the substitution if I
> > install with --prefix=/usr/local?
> >
> > 2.  Same question as 1 but for installation into --prefix=usr?
>
> I wouldn't recommend installing int into /usr, since it might conflict
> with other files installed by the package manager.
>
> Installing it into /usr/local probably won't create any new problems
> (apart from ones inherent with installing stuff manually). Some of the
> extra stuff like the systemd units and integration with other packages
> may not be included.
>
> On another note, it's not really recommended to install stuff like that.
> https://wiki.debian.org/DontBreakDebian but I assume you know what
> you're doing.
>
Thanks, Lck, that's certainly good advice, and a good link!

I do plan to chroot the binds, so I trust all will work well.

Thanks again.

-Tom

Re: Can "PulseAudio Volume Control" devs be redeemed?

2017-07-23 Thread Martin Read


On 22/07/17 13:20, Erik Christiansen wrote:

What we need to do is examine whether the Debian 9.0.0 distro-smith last
had it shrunken, and it is therefore in that condition in the distro.
If we knew what config file contains the menu gumpf, that could perhaps
be revealed, and minimise the need for speculation and supposition.


The shared data file describing the default window structure of 
pavucontrol is /usr/share/pavucontrol/pavucontrol.glade. The 
corresponding file in the pavucontrol-2.0 (found in Debian jessie) and 
pavucontrol-3.0 (found in Debian stretch) source trees as downloadable 
from packages.debian.org appears to have no obviously 
window-size-affecting changes between the two versions.


pavucontrol also reads the human-readable configuration file 
/home/USERNAME/.config/pavucontrol.ini to determine what the preferred 
window size for user USERNAME is. If this file is not present, it is 
created afresh and the default startup geometry is written to it. On my 
Debian jessie system, this geometry is 780x400 (which, in the context of 
the rest of my system configuration, is adequate to make the existence 
of all five tabs apparent).


I haven't upgraded to stretch, because I haven't yet been in the mood to 
spend an hour or more with my computer switched on but effectively 
unusable while I perform the upgrade, so I can't comment on the default 
geometry presented by pavucontrol in stretch.

Re: (solved)Re: why network install so slow?

2017-07-23 Thread Cindy-Sue Causey

On 7/23/17, Long Wind  wrote:
> china upgrade firewall
>
> i change to ftp.cn.debian.org, it's very quick
>
> it's china's government
> it's president xi

That's good you were able to fix it. A country's government
interfering actually did cross my mind. We're an international list
here. We never know what kind of "censorship" or other interference,
e.g. even eavesdropping, that our fellow list members might be
experiencing at any given moment.

Am writing now to add on something else that also crossed my mind last
night. In my case, I've poked around in not one but two vpn (virtual
private network) [concepts] on my newest setup. I started tinkering a
little with those about a week ago and am *pretty sure* I've disabled
them, but I won't swear to it, grin.

*In my case*, the browser based vpn VERY MUCH slowed things down
immediately. It was so slow that I toggled it right back off, but
things haven't felt 100% back at the previous state ever since.

Anyway, just throwing VPNs out there, both browser based and stand
alone software, as another conscious point to check off one's Internet
speed debug checklist if anyone happens to come across this thread in
the archives. :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: Hibernate in stretch

2017-07-23 Thread solitone

On Sunday, 23 July 2017 09:30:30 CEST Hans wrote:
> I do not want to mourne or cause any anger, and I do not expect it to be
> fixed at all. Remember, people do this in theire spare and free time, so we
> cannot expect, to be it fixed at all.

Well, great things have been developed in this spare and free time, so if it's 
not fixed yet the reason it's very difficult I would say.

My bug has been marked duplilcate of another, already solved. Here's the 
patch:
https://patchwork.freedesktop.org/patch/111587

How can I understand what kernel version contains this patch?
-- 
⢀⣴⠾⠻⢶⣦⠀ 
⣾⠁⢠⠒⠀⣿⡁Sent from my brain using neurons fueled by glucose.
⢿⡄⠘⠷⠚⠋⠀ 
⠈⠳⣄

Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?

I would like to remove all bind9 packages from servers running bind9
and install the latest bind9 from source.

Two questions, please:

1.  Will there be any adverse consequences from the substitution if I
install with --prefix=/usr/local?

2.  Same question as 1 but for installation into --prefix=usr?

Thanks.

With warmest regards,

-Tom

Re: Installed Stretch, but no command line

2017-07-23 Thread songbird

Ken Heard wrote:
>
> Just finished installing Stretch, using a RAID1, LVM and encryotion
> for home (passkey) and .  It is ant the moment a basic installation
> with X-server-Xorg, but no DE yet.

  if you use the control-alt F1 - F? sequence do you
get a login prompt?  (check F7 and F8 too)

> As part of the boot it accepts my
> /home password, but I do not get the command line. I end up with a
> blue-grey screen. No input from mouse or keyboard is accepted.  To
> close the computer I have to use the power switch.

  oh, this doesn't sound good, but since you don't
describe your keyboard or mouse type i'm not sure
if you need to change something in the bios or what
for them to show up.  check the bios if you have
settings that might help.  use a different keyboard
and/or mouse to check that something shows up.

  your X setup may need adjusting.  check /var/log/Xorg.0.log
and X*.log.old  if you have no log files install rsyslog.

> I can open it in recovery mode, and after I enter the root password I
> can get the command line as root. But I don't know what to do next to
> effect a rescue.  From the root command line I can however close the
> computer properly with "shutdown -h now".
>
> I did notice when the computer was booting normally -- not in rescue
> mode -- the following lines loop many times until the computer gives up:
>
> Running /scripts/local-block
> Failed to connect to lvmetad
> Failed to find logical volume SOL1/swap_crypt
>
> According to several posts on line, this behaviour is a nuisance but
> not fatal.  As some people suggested on line I tried to get rid of
> this nuisance by changing in /etc/lvm/lvm.conf use_lvmetad=1 to =0,
> but to no effect.
>
> If I have to I can live with the nuisance, but I cannot live without
> the command line.
>
> Help please, anyone.
>
> Regards, Ken

  those are what i can think of.  i'm not familiar with
LVM at all.

  i do know that at times some partitions are set up but
may not be found due to various issues.  i make life
simpler by using volume labels and adjusting /etc/fstab to
use those instead of UUIDs.

  the problem i had was that the reformat of the swap
partition got rid of my label.  so now if i do anything
that touches the swap partition i reset the label.

  songbird

Re: how to let a user use X window

2017-07-23 Thread Eduardo M KALINOWSKI

On 23-07-2017 07:17, Long Wind wrote:
> only root can use X window in stretch??
>
> how to let user use it?

Reading the release notes is always a good idea before updating the
version (be it with an in-place upgrade or new install).

Could be related to this:

https://www.debian.org/releases/stable/amd64/release-notes/ch-whats-new.en.html#x-no-longer-requires-root

-- 
Eduardo M KALINOWSKI
edua...@kalinowski.com.br

Re: Les cyber menaces basculent vers Linux et les serveurs Web

2017-07-23 Thread Pierre Malard

Hola,

Il est tout de même bon de noter qu’un seul de ces systèmes est véritablement 
open-source (ClamAV). Personnellement, j’ai installé ClamAV sur tous nos 
serveurs offrant des espaces accédés par Windows (Mail, nuage, partages SMB, …) 
mais uniquement pour ne pas favorisé la propagation de virus … Windows. Par 
contre, en ce qui concerne les postes individuels sous *nix, je n’en vois pas 
très bien l’utilité ni les bienfaits. En effet, à la l’usage, ces produits, au 
mieux, ne protègent que des signatures de virus … Windows, au pire, étant assez 
mal écrits et devant s’intercaler à un niveau assez bas du système, 
ralentissent sensiblement la machine. Enfin, contrairement à ce que laisse 
entendre le flou du discours commercial, ils ne protègent en rien des autres 
types d’attaques dont un poste *nix pourrait être l’objet. Celles-ci sont 
majoritairement basées sur les failles de sécurité du système et d’éventuels 
déni de service ou écrits pour perturber l’utilisation des navigateurs 
(malwares). Dans ce cas, comme précisé plus avant, seule une bonne hygiène 
d’utilisation, des mises à jour régulières et des solutions de protection 
réseau globales (LAN MZ) peuvent y remédier.

Par ailleurs, si j’insiste sur le côté non libre massif des solutions c’est 
justement à cause du discours lénifiant et incantatoire de leurs sites qui fait 
plutôt penser à de la pub qu’à autre chose. En la matière, le seul open-source 
est beaucoup plus clair, il ne protège que des virus Windows et uniquement ça.

PS:
C’est un vieux marronnier quand même que ce sujet ;-)

> Le 23 juil. 2017 à 12:01, Thierry Bugier Pineau  a écrit :
> 
> Le dimanche 23 juillet 2017 à 10:38 +0200, maderios a écrit :
>> On 07/23/2017 10:14 AM, fred wrote:
>> 
>>> Quand on fait le nécessaire avant que les problèmes n'apparaissent
>>> et
>>> pour réduire leur impact s'ils arrivent, on a déjà fait une part
>>> importante du boulot et on fait du préventif. Par contre, il est
>>> illusoire de penser que l'environnement GNU/Linux est totalement à
>>> l'abri des virus. Une fois qu'on a ça en tête et qu'on a fait le
>>> nécessaire en amont, on peut alors choisir ou non de mettre un
>>> antivirus
>>> sur ses machines.
>> 
>> Un antivirus pour Linux? C'est la première blague du jour...
>> 
> 
> Pour moi, non c'est sérieux :)
> 
> Si je m'en réfère au grand, puissant (et plein d'autres superlatifs)
> Wikipedia, voilà ce que je trouve :
> https://fr.wikipedia.org/wiki/Liste_des_malwares_Linux
> 
> On y trouve une petite liste de virus, et d'antivirus également pour
> notre OS préféré (peu importe la saveur).
> 
> Et la lutte contre la propagation de virus pour windows passe aussi par
> la traque de virus sur les machines linux car un serveur linux peut
> être un porteur sain (serveur SMB/CIFS sous Samba hébergeant des
> fichiers infectés.. pour windows). D'ailleurs c'est dit aussi dans
> l'article que je viens de citer.
> 
> Enfin, l'idée d'avoir un antivirus sur un système linux utilisé comme
> poste de travail (ou de jeu) ne me choque pas: pourquoi pas, si ça
> permet de protéger (un peu mieux) le novice, ou même lutilsiateur
> averti qui ne sait pas tout, ou même l'expert qui a fait une "boulette"
> ?
> 
> Une sécurité efficace, à mon avis, passe par une série de mesures,
> opérant à différents niveaux:
> - le matériel (au niveau CPU, firmwares, peut être même le chipset)
> - l'OS lui même
> - les logiciels
> - l'interface chaise / clavier
> - le réseau
> 
> 

--
Pierre Malard

À propos de nos chers économistes :
«Les habiles, dans notre siècle, se sont décernés a eux-mêmes la
qualification d’homme d’état. [...] ces politiques, ingénieux
a mettre aux fictions profitables un masque de nécessité.»
 Victor Hugo : “Les misérables”, La pléiade, Gallimard, P. 843

   |\  _,,,---,,_
   /,`.-'`'-.  ;-;;,_
  |,4-  ) )-,_. ,\ (  `'-'
 '---''(_/--'  `-'\_)   πr

perl -e '$_=q#: 3|\ 5_,3-3,2_: 3/,`.'"'"'`'"'"' 5-.  ;-;;,_:  |,A-  ) )-,_. ,\ 
(  `'"'"'-'"'"': '"'"'-3'"'"'2(_/--'"'"'  `-'"'"'\_): 
24πr::#;y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
- --> Ce message n’engage que son auteur <--

signature.asc
Description: Message signed with OpenPGP

Re: how to let a user use X window

i log in as root and root can start X window

On 7/23/17, Jude DaShiell  wrote:
> x11-fonts may not be on your system yet.  adding that package may make
> X11 happier.  At a guess I think what happened here is because X11 is
> missing its fonts first it generates many warnings and eventually
> generates a fatal error.  If you use grep to search log files for fatal
> and error and warning you can learn lots and fix many things.
> dmesg|grep -i warning and dmesg|grep -i error when run through less can
> be informative.
>

Re: how to let a user use X window

2017-07-23 Thread Jude DaShiell

x11-fonts may not be on your system yet.  adding that package may make 
X11 happier.  At a guess I think what happened here is because X11 is 
missing its fonts first it generates many warnings and eventually 
generates a fatal error.  If you use grep to search log files for fatal 
and error and warning you can learn lots and fix many things. 
dmesg|grep -i warning and dmesg|grep -i error when run through less can 
be informative.


On Sun, 23 Jul 2017, Long Wind wrote:


Date: Sun, 23 Jul 2017 06:17:41
From: Long Wind 
To: debian-user 
Subject: how to let a user use X window
Resent-Date: Sun, 23 Jul 2017 10:26:35 + (UTC)
Resent-From: debian-user@lists.debian.org

only root can use X window in stretch??

how to let user use it?

below is X log:

[  1548.947]
X.Org X Server 1.19.2
Release Date: 2017-03-02
[  1548.947] X Protocol Version 11, Revision 0
[  1548.947] Build Operating System: Linux 4.9.0-3-amd64 i686 Debian
[  1548.948] Current Operating System: Linux debian 4.9.0-3-686-pae #1
SMP Debian 4.9.30-2 (2017-06-12) i686
[  1548.948] Kernel command line:
BOOT_IMAGE=/boot/vmlinuz-4.9.0-3-686-pae root=/dev/sda2 ro quiet
net.ifnames=0
[  1548.948] Build Date: 07 July 2017  06:13:53AM
[  1548.948] xorg-server 2:1.19.2-1+deb9u1 (https://www.debian.org/support)
[  1548.948] Current version of pixman: 0.34.0
[  1548.948]Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[  1548.948] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[  1548.949] (==) Log file: "/home/zhou/.local/share/xorg/Xorg.0.log",
Time: Sun Jul 23 06:05:18 2017
[  1548.950] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[  1548.950] (==) No Layout section.  Using the first Screen section.
[  1548.950] (==) No screen section available. Using defaults.
[  1548.950] (**) |-->Screen "Default Screen Section" (0)
[  1548.950] (**) |   |-->Monitor ""
[  1548.950] (==) No monitor specified for screen "Default Screen Section".
Using a default monitor configuration.
[  1548.950] (==) Automatically adding devices
[  1548.950] (==) Automatically enabling devices
[  1548.950] (==) Automatically adding GPU devices
[  1548.950] (==) Max clients allowed: 256, resource mask: 0x1f
[  1548.950] (WW) The directory "/usr/share/fonts/X11/cyrillic" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/100dpi/" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/75dpi/" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/Type1" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.951] (WW) The directory "/usr/share/fonts/X11/100dpi" does not exist.
[  1548.951]Entry deleted from font path.
[  1548.951] (WW) The directory "/usr/share/fonts/X11/75dpi" does not exist.
[  1548.951]Entry deleted from font path.
[  1548.951] (==) FontPath set to:
/usr/share/fonts/X11/misc,
built-ins
[  1548.951] (==) ModulePath set to "/usr/lib/xorg/modules"
[  1548.951] (II) The server relies on udev to provide the list of
input devices.
If no devices become available, reconfigure udev or disable 
AutoAddDevices.
[  1548.951] (II) Loader magic: 0x80280720
[  1548.951] (II) Module ABI versions:
[  1548.951]X.Org ANSI C Emulation: 0.4
[  1548.951]X.Org Video Driver: 23.0
[  1548.951]X.Org XInput driver : 24.1
[  1548.951]X.Org Server Extension : 10.0
[  1548.954] (II) systemd-logind: took control of session
/org/freedesktop/login1/session/_35
[  1548.955] (II) xfree86: Adding drm device (/dev/dri/card0)
[  1548.956] (II) systemd-logind: got fd for /dev/dri/card0 226:0 fd 11 paused 0
[  1548.958] (--) PCI:*(0:0:2:0) 8086:2572:17aa:300a rev 2, Mem @
0xe800/134217728, 0xf020/524288, I/O @ 0xc000/8, BIOS @
0x/131072
[  1548.958] (--) PCI: (0:1:1:0) 109e:0350:: rev 18, Mem @
0xf010/4096
[  1548.958] (II) LoadModule: "glx"
[  1548.958] (II) Loading /usr/lib/xorg/modules/extensions/libglx.so
[  1548.961] (II) Module glx: vendor="X.Org Foundation"
[  1548.961]compiled for 1.19.2, module version = 1.0.0
[  1548.961]ABI class: X.Org Server Extension, version 10.0
[  1548.961] (==) Matched intel as autoconfigured driver 0
[  1548.961] (==) Matched intel as autoconfigured driver 1
[  1548.961] (==) Matched modesetting as autoconfigured driver 2
[  1548.961] (==) Matched fbdev as autoconfigured driver 3
[  1548.961] (==) Matched vesa as autoconfigured driver 4
[  1548.961] (==) Assigned the driver to the xf86ConfigLayout
[  1548.961] (II) LoadModule: "intel"
[  1548.961] (II) Loading

how to let a user use X window

only root can use X window in stretch??

how to let user use it?

below is X log:

[  1548.947]
X.Org X Server 1.19.2
Release Date: 2017-03-02
[  1548.947] X Protocol Version 11, Revision 0
[  1548.947] Build Operating System: Linux 4.9.0-3-amd64 i686 Debian
[  1548.948] Current Operating System: Linux debian 4.9.0-3-686-pae #1
SMP Debian 4.9.30-2 (2017-06-12) i686
[  1548.948] Kernel command line:
BOOT_IMAGE=/boot/vmlinuz-4.9.0-3-686-pae root=/dev/sda2 ro quiet
net.ifnames=0
[  1548.948] Build Date: 07 July 2017  06:13:53AM
[  1548.948] xorg-server 2:1.19.2-1+deb9u1 (https://www.debian.org/support)
[  1548.948] Current version of pixman: 0.34.0
[  1548.948]Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[  1548.948] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[  1548.949] (==) Log file: "/home/zhou/.local/share/xorg/Xorg.0.log",
Time: Sun Jul 23 06:05:18 2017
[  1548.950] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[  1548.950] (==) No Layout section.  Using the first Screen section.
[  1548.950] (==) No screen section available. Using defaults.
[  1548.950] (**) |-->Screen "Default Screen Section" (0)
[  1548.950] (**) |   |-->Monitor ""
[  1548.950] (==) No monitor specified for screen "Default Screen Section".
Using a default monitor configuration.
[  1548.950] (==) Automatically adding devices
[  1548.950] (==) Automatically enabling devices
[  1548.950] (==) Automatically adding GPU devices
[  1548.950] (==) Max clients allowed: 256, resource mask: 0x1f
[  1548.950] (WW) The directory "/usr/share/fonts/X11/cyrillic" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/100dpi/" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/75dpi/" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.950] (WW) The directory "/usr/share/fonts/X11/Type1" does not exist.
[  1548.950]Entry deleted from font path.
[  1548.951] (WW) The directory "/usr/share/fonts/X11/100dpi" does not exist.
[  1548.951]Entry deleted from font path.
[  1548.951] (WW) The directory "/usr/share/fonts/X11/75dpi" does not exist.
[  1548.951]Entry deleted from font path.
[  1548.951] (==) FontPath set to:
/usr/share/fonts/X11/misc,
built-ins
[  1548.951] (==) ModulePath set to "/usr/lib/xorg/modules"
[  1548.951] (II) The server relies on udev to provide the list of
input devices.
If no devices become available, reconfigure udev or disable 
AutoAddDevices.
[  1548.951] (II) Loader magic: 0x80280720
[  1548.951] (II) Module ABI versions:
[  1548.951]X.Org ANSI C Emulation: 0.4
[  1548.951]X.Org Video Driver: 23.0
[  1548.951]X.Org XInput driver : 24.1
[  1548.951]X.Org Server Extension : 10.0
[  1548.954] (II) systemd-logind: took control of session
/org/freedesktop/login1/session/_35
[  1548.955] (II) xfree86: Adding drm device (/dev/dri/card0)
[  1548.956] (II) systemd-logind: got fd for /dev/dri/card0 226:0 fd 11 paused 0
[  1548.958] (--) PCI:*(0:0:2:0) 8086:2572:17aa:300a rev 2, Mem @
0xe800/134217728, 0xf020/524288, I/O @ 0xc000/8, BIOS @
0x/131072
[  1548.958] (--) PCI: (0:1:1:0) 109e:0350:: rev 18, Mem @
0xf010/4096
[  1548.958] (II) LoadModule: "glx"
[  1548.958] (II) Loading /usr/lib/xorg/modules/extensions/libglx.so
[  1548.961] (II) Module glx: vendor="X.Org Foundation"
[  1548.961]compiled for 1.19.2, module version = 1.0.0
[  1548.961]ABI class: X.Org Server Extension, version 10.0
[  1548.961] (==) Matched intel as autoconfigured driver 0
[  1548.961] (==) Matched intel as autoconfigured driver 1
[  1548.961] (==) Matched modesetting as autoconfigured driver 2
[  1548.961] (==) Matched fbdev as autoconfigured driver 3
[  1548.961] (==) Matched vesa as autoconfigured driver 4
[  1548.961] (==) Assigned the driver to the xf86ConfigLayout
[  1548.961] (II) LoadModule: "intel"
[  1548.961] (II) Loading /usr/lib/xorg/modules/drivers/intel_drv.so
[  1548.962] (II) Module intel: vendor="X.Org Foundation"
[  1548.962]compiled for 1.19.0, module version = 2.99.917
[  1548.962]Module class: X.Org Video Driver
[  1548.962]ABI class: X.Org Video Driver, version 23.0
[  1548.962] (II) LoadModule: "modesetting"
[  1548.962] (II) Loading /usr/lib/xorg/modules/drivers/modesetting_drv.so
[  1548.962] (II) Module modesetting: vendor="X.Org Foundation"
[  1548.962]compiled for 1.19.2, module version = 1.19.2
[  1548.962]Module class: X.Org Video Driver
[  1548.962]ABI class: X.Org Video Driver, version 23.0
[  1548.962] (II) LoadModule: "fbdev"
[  1548.962] (WW) Warning, couldn't open module fbdev
[  1548.962] (II) UnloadModule: "fbdev"
[

(solved)Re: why network install so slow?

china upgrade firewall

i change to ftp.cn.debian.org, it's very quick

it's china's government
it's president xi

Re: Les cyber menaces basculent vers Linux et les serveurs Web

2017-07-23 Thread Thierry Bugier Pineau

Le dimanche 23 juillet 2017 à 10:38 +0200, maderios a écrit :
> On 07/23/2017 10:14 AM, fred wrote:
> 
> > Quand on fait le nécessaire avant que les problèmes n'apparaissent
> > et
> > pour réduire leur impact s'ils arrivent, on a déjà fait une part
> > importante du boulot et on fait du préventif. Par contre, il est
> > illusoire de penser que l'environnement GNU/Linux est totalement à
> > l'abri des virus. Une fois qu'on a ça en tête et qu'on a fait le
> > nécessaire en amont, on peut alors choisir ou non de mettre un
> > antivirus
> > sur ses machines.
> 
> Un antivirus pour Linux? C'est la première blague du jour...
> 

Pour moi, non c'est sérieux :)

Si je m'en réfère au grand, puissant (et plein d'autres superlatifs)
Wikipedia, voilà ce que je trouve :
https://fr.wikipedia.org/wiki/Liste_des_malwares_Linux

On y trouve une petite liste de virus, et d'antivirus également pour
notre OS préféré (peu importe la saveur).

Et la lutte contre la propagation de virus pour windows passe aussi par
la traque de virus sur les machines linux car un serveur linux peut
être un porteur sain (serveur SMB/CIFS sous Samba hébergeant des
fichiers infectés.. pour windows). D'ailleurs c'est dit aussi dans
l'article que je viens de citer.

Enfin, l'idée d'avoir un antivirus sur un système linux utilisé comme
poste de travail (ou de jeu) ne me choque pas: pourquoi pas, si ça
permet de protéger (un peu mieux) le novice, ou même lutilsiateur
averti qui ne sait pas tout, ou même l'expert qui a fait une "boulette"
?

Une sécurité efficace, à mon avis, passe par une série de mesures,
opérant à différents niveaux:
- le matériel (au niveau CPU, firmwares, peut être même le chipset)
- l'OS lui même
- les logiciels
- l'interface chaise / clavier
- le réseau

Re: why network install so slow?