pourquoi pas

[jacky lemoigne]

‌

Re: USB external hard drive -- mounting

[Mario Castelán Castro]

On 28/08/17 18:07, Ben Caradoc-Davies wrote:
> The above lines give me fixed mount points based on filesystem labels
> (LABEL), but UUID will also work. Device names are no good as they are
> by default dynamically assigned for USB storage devices.

To complement the information given by Ben Caradoc-Davies: One can
obtain the uuid with “ls -l /dev/disk/by-uuid/”.

I can not be of more help.

Regards.

-- 
Do not eat animals, respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan



signature.asc
Description: OpenPGP digital signature

Consulta sobre OpenVPN y Shorewall

[OddieX]

Estimados, hace tiempo me estoy volviendo loco y no puedo lograr hacer
que shorewall me filtre los clientes de OpenVPN!!

Les cuento como viene la cosa:

Tengo mi OpenVPN con la siguiente configuracion:

 server.cfg 
script-security 2
port 1194
proto udp
dev tun0
management localhost 7794
crl-verify /etc/openvpn/easy-rsa/keys/crl.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh2048.pem
plugin /usr/lib/openvpn/openvpn-auth-ldap.so auth/auth-ldap.conf
username-as-common-name
auth-user-pass-verify auth/auth.pl via-env
server 10.21.0.0 255.255.0.0
ifconfig 10.21.0.1 255.255.0.0
client-config-dir /etc/openvpn/ccd
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
comp-lzo
max-clients 200
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append  /var/log/openvpn/openvpn.log
verb 5
ping-restart 0


El archivo ccd de mi usuario es:

 marc.ccd 
ifconfig-push 10.21.44.85 10.21.44.86
push "route 192.168.0.0 255.255.255.0"
push "route 172.16.0.0 255.255.0.0"
push "route 192.168.254.0 255.255.255.0"


Hasta aqui todo bien, llego bien a la LOC (asi llame a mi red local en
shorewall) y a la DMZ.
Si pongo en las rules de shorewall:
DROP  vpn:10.21.44.85 dmz all
Me bloquea perfectamente!

Pero si pongo:
DROP vpn:10.21.44.85 loc all
No surte efecto, y de echo agregue info en todas las polices y no
tengo informacion de nada sobre ese IP en los logs!!!


En el shorewall lo tengo configurado asi:

 tunnels 
openvpnserver:1194  dmz0.0.0.0/0
###

 interfaces 
-tun0detect  tcpflags
#

 hosts 
vpn tun0:10.21.0.0/16
#

 zones 
vpn ipv4
#


Intente agregar un host que sea vpn44 con el rango de mi IP, ya que
uso multiples subnets porque uso la topology vieja de OpenVPN net30 y
me quedaba corto con los hosts, agregue las polices en DROP, reglas y
demas, y sigue pasando lo mismo!


Alguien sabe que puede ser lo que este sucediendo? Ya me estoy
comiendo la cabeza y no logro hacerlo funcionar!!!


Desde ya agradezco toda informacion que sea util!!!


Saludos!
MarC

Re: problema con script apt

[Juan Lavieri]

  
  



El 28-08-2017 a las 10:04 a.m., juan
  carlos rebate escribió:


  
  
  El 28/08/17 a las 05:12, Juan Lavieri escribió:
  
  

Hola.



El 27-08-2017 a las 04:07 p.m., juan carlos escribió:

buenas gente desde hace una semana para
  aca llevo recibiendo este error
  
  y no encuentro como resolverlo o si esto ocasiona algun fallo
  en los
  
  repos o si apesar del error puedo usar el sistema sin
  preocupaciones el
  
  error es
  
  
  Problem executing scripts APT::Update::Post-Invoke-Success 'if
  
  /usr/bin/test -w /var/cache/app-info -a -e
  /usr/bin/appstreamcli; then
  
  appstreamcli refresh > /dev/null; fi', E:Sub-process
  returned an error code
  
  
  eso pasa al hacer apt-get update alguien mas le pasa? gracias
  
  


Parece que eso se resuelve removiendo el paquete libappstream3


#apt-get remove libappstream3


Según lo comentan aquí:
https://askubuntu.com/questions/942895/e-problem-executing-scripts-aptupdatepost-invoke-success/943018

Otra solución la consigues aqui:
http://trastetes.blogspot.com/2016/02/solucion-al-error-e-then-appstreamcli.html
Te sugiero que revises esta primero a ver si te convence el
argumento.


Saludos.



-- 
Juan M Lavieri


Errar es de humanos, pero es mas humano culpar a los demás.

  
  no no me convence el argumento del blog, yo no uso ni una alpha ni
  beta ni testing uso una estable, llevo con esta imagen de sistema
  desde que salio y esto me lleva pasando desde hace un par de
  semanas, para mi el error tiene que estar en alguna descarga
  oculta que haga el sistema al hacer update, si elimino
  appstreamcli se actualizn los repos sin errores peo no se
  refrescan osea si uso el gstor o el apt-cache para buscar algo no
  encuentra nada pero si instala si se el nombre exacto del paquete
  osea apt-get install, por lo tanto de nuevo creo que se trata de
  alguna descarga oculta que se debe hacer mientras se usa update,
  si elimino libapptream3 no me deja usar update osea  se ejecuta
  pero no devuelve nada como si lo que  hiciera no diera resultado
  
  


Se me olvidó.

También sería buena idea consultar el BTS a ver si hay algo
reportado bajo circunstancias específicas que tal vez puedan afectar
particularete tu sistema.

Éxito.
-- 
Juan M Lavieri

Errar es de humanos, pero es mas humano culpar a los demás.
  

Re: problema con script apt

[Juan Lavieri]

  
  



El 28-08-2017 a las 10:04 a.m., juan
  carlos rebate escribió:


  
  
  El 28/08/17 a las 05:12, Juan Lavieri escribió:
  
  

Hola.



El 27-08-2017 a las 04:07 p.m., juan carlos escribió:

buenas gente desde hace una semana para
  aca llevo recibiendo este error
  
  y no encuentro como resolverlo o si esto ocasiona algun fallo
  en los
  
  repos o si apesar del error puedo usar el sistema sin
  preocupaciones el
  
  error es
  
  
  Problem executing scripts APT::Update::Post-Invoke-Success 'if
  
  /usr/bin/test -w /var/cache/app-info -a -e
  /usr/bin/appstreamcli; then
  
  appstreamcli refresh > /dev/null; fi', E:Sub-process
  returned an error code
  
  
  eso pasa al hacer apt-get update alguien mas le pasa? gracias
  
  


Parece que eso se resuelve removiendo el paquete libappstream3


#apt-get remove libappstream3


Según lo comentan aquí:
https://askubuntu.com/questions/942895/e-problem-executing-scripts-aptupdatepost-invoke-success/943018

Otra solución la consigues aqui:
http://trastetes.blogspot.com/2016/02/solucion-al-error-e-then-appstreamcli.html
Te sugiero que revises esta primero a ver si te convence el
argumento.


Saludos.



-- 
Juan M Lavieri


Errar es de humanos, pero es mas humano culpar a los demás.

  
  no no me convence el argumento del blog, yo no uso ni una alpha ni
  beta ni testing uso una estable, llevo con esta imagen de sistema
  desde que salio y esto me lleva pasando desde hace un par de
  semanas, para mi el error tiene que estar en alguna descarga
  oculta que haga el sistema al hacer update, si elimino
  appstreamcli se actualizn los repos sin errores peo no se
  refrescan osea si uso el gstor o el apt-cache para buscar algo no
  encuentra nada pero si instala si se el nombre exacto del paquete
  osea apt-get install, por lo tanto de nuevo creo que se trata de
  alguna descarga oculta que se debe hacer mientras se usa update,
  si elimino libapptream3 no me deja usar update osea  se ejecuta
  pero no devuelve nada como si lo que  hiciera no diera resultado
  
  


Bien, entonces intenta este enfoque.

Entra con la interfaz ncurses de aptitude

#aptitude

alli actualizas (tipea "u").  Si salen mensajes trata de ver se
difieren de los de apt y por favor postea la salida a la lista.  

Si aparecen paquetes rotos, trata de verlos uno a uno (tipea "b" -
de broken) y en cada uno de ellos ve si puedes resolver instalando,
eliminado o purgando (tipeando "+", "-" y "_" respectivamente). 
Aptitude es muy poderoso e inteligente en estos casos.

Si lo deseas puedes escribirme al privado sin problemas a ver si te
puedo ayudar ya que utilizo aptitude con frecuencia para estas
cosas.

Ante todo es bueno consultar la bitácora de apt para ver si como
piensas está sucediendo algo que se haya podido pasar por alto.

Saludos.

-- 
Juan M Lavieri

Errar es de humanos, pero es mas humano culpar a los demás.
  

Re: XFCE wm deadlocks on (other) console logout

[Zenaan Harkness]

On Mon, Aug 28, 2017 at 09:20:32AM -0400, Cindy-Sue Causey wrote:
> On 8/28/17, Zenaan Harkness  wrote:
> > I consistently get a deadlock of the XFCE window manager, immediately
> > after I logout of say Linux console 2, when e.g. XFCE is running on
> > console 1.
> >
> > Procedure to replicate:
> >
> > 1. login to console 1
> >
> > 2. start xfce
> >
> > 3. switch to console 2 (e.g. CTRL+ALT+F2)
> >
> > 4. loging to console 2
> >
> > 5. logout of console 2 (e.g. CTRL+D)
> >
> >
> > Notably, when I'm on console 2, either logged in or not, I can safely
> > use ALT+Left to go to console 1 and appears my XFCE desktop.
> >
> > Similarly using Ctrl+Alt+F1
> >
> > So I'm guessing some sort of unhandled race condition, but I'm at a
> > loss as to how to debug this.
> 
> 
> I may not be quite understanding, but I just played along from behind
> the lurk wall
> 
> I had a BUNCH of shtuff open at that second. I didn't think things
> through clearly, i.e. if mine locked up, I would have lost some
> shtuff...
> 
> As it was...
> 
> I got locked out... kinda sorta.
> 
> I CTRL+ALT+F2 logged in to where I was still in console. Typed a
> few "asdfasdfasdf" that obviously failed, and logged out.
> 
> I. CTRL+ALT+F1...
> 
> And there I sat at the login prompt.
> 
> As soon that happened, I had a memory recall of having been there,
> done there a couple months ago and never followed up on it. I didn't
> try logging in because part of that memory recall is that I might have
> lost some data on the last go-round with it.
> 
> I THOUGHT that F1 was the first console, is it not?

Indeed it is - by default, the first console is "1" (/dev/pts/1 ?)
and that's where I log in, then start xorg.


> Out of pure *panic*, I went down the row. F3, F4, F5..

CTRL+RightArrow and CTRL+LeftArrow also work for me to cycle around
the consoles.


> Mystery solved: F7 is the new F1 in my case.

In some setups, this is the case - I don't run a graphical login
manager such as lightdm.


> I started to ask if that helps in your case, but it sounds like you're
> already able to use CTRL+ALT+F1 as expected so *?*

Exactly - the keyboard gets locked up.

Although I recall sometimes X completely dies - at least, I've
experienced something similar to your case.


> Just thinking out loud.. :)

Thanks for sharing - appreciated of course :)

Re: XFCE wm deadlocks on (other) console logout

[Zenaan Harkness]

On Mon, Aug 28, 2017 at 09:02:29AM -0400, bw wrote:
> 
> 
> On Mon, 28 Aug 2017, Zenaan Harkness wrote:
> 
> > I consistently get a deadlock of the XFCE window manager, immediately
> > after I logout of say Linux console 2, when e.g. XFCE is running on
> > console 1.
> > 
> > Procedure to replicate:
> > 
> > 1. login to console 1
> > 
> > 2. start xfce
> > 
> > 3. switch to console 2 (e.g. CTRL+ALT+F2)
> > 
> > 4. loging to console 2
> > 
> > 5. logout of console 2 (e.g. CTRL+D)
> > 
> 
> 
> I have the same issue, using very minimal system with a wm.  Right now the 
> workaround I'm using is comment out the
> clear_console call in ~/.bash_logout
> 
> # ~/.bash_logout: executed by bash(1) when login shell exits.
> 
> # when leaving the console clear the screen to increase privacy
> 
> if [ "$SHLVL" = 1 ]; then
> /bin/true
> #[ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
> fi

Fantastic!! Thank you so much!

Reading the man page for clear_console makes it perfectly clear -
after "clearing the screen" it jumps immediately to another console
(evidently in this case console 1) and then tries to jump straight
back, which of course is going to interact rather badly with X! :)


> I'm also looking at the TTYVTDisallocate=yes line in
> /etc/systemd/system/getty.target.wants/getty@tty1.service -> 
> /lib/systemd/system/getty@.service
> 
> I haven't tried changing this, but it looks interesting.  You might find more 
> interesting things in these bug reports:
> 
> https://bugs.debian.org/805605
> https://bugs.debian.org/810660
> https://bugs.freedesktop.org/93164

Thank you!

Re: One-line password generator

[Zenaan Harkness]

On Mon, Aug 28, 2017 at 12:04:51PM +0200, Thomas Schmitt wrote:
> Hi,
> 
> Curt wrote:
> > Here's a fresh (20 July of this year) view by Theodore Ts'o:
> > https://lkml.org/lkml/2017/7/20/993
> 
> An opinion of substantial weight, indeed.
> 
> Nevertheless it would be more interesting to learn the reason why
> Linux did not simply make /dev/random behave like /dev/urandom long
> ago.

Because that would obfuscate the difference in nature between
the two.

AIUI /dev/random is simply the input feed to /dev/urandom and the
fact /dev/random is world readable is now an historic artifact, but
also quite possibly still useful in certain, very specific/ narrow,
circumstances.

The main problem is folks not knowing which one to use.

There are no shortcuts in the world of secure algorithms - that is,
if you want security/ secure software, you -must- know the nature of
your inputs, and /dev/random vs /dev/urandom provides this
(essential) distinction.


> And again, the argumentation of Theodore is that there is always
> enough entropy at hand.

Unclear wording. I would say Ted Ts'o is making sure that
/dev/urandom delivers on its API promise/ expectation, which is
really important, and great to know that Ts'o is on this!


> I understand that in this situation there is no difference
> between /dev/random and /dev/urandom.

No.

Here's Ted Ts'o (from above link):

  "I don't really care about /dev/random performance.  What's is
  **far** more important is that the entropy estimations behave
  correctly, across all of Linux's architectures, while the kernel is
  going through startup, before CRNG is declared initialized."

/dev/random performance/ api promise is "deliver truly random bits,
even if this is slow to do so, since we'll be using these bits in
absolutely critical places, such as seeding /dev/urandom"


> The difference appears only when the assumption of wealth is not
> fulfilled.

... parse fail


> Also one should note that Theodore uses the argument of a
> deprecated /dev/random as answer to a side note of his discussion
> partner, not as general statement.

But see his general statement above, which is almost the same thing
as "if you want performance, consider /dev/random deprecated", i.e.
he said "I don't really care about /dev/random performance."


> The main point of Stephan Müller is that the system could collect
> more entropy. The answer of Theodore is that it already collects
> more than enough and does not have to care about being drained by
> /dev/random because that draining is deprecated.

Exactly - don't use /dev/random, use /dev/urandom instead, as
designed, and as has been made publicly clear for ~10 years now.


> So one would have to ask him, whether this opinion does not hold
> under all circumstances or what else blocks him from just making
> both mechanisms equal.

Hopefully the above explains the principles involved.

If for any reason you want high speed "hardware/ physical random"
number stream, then you will have to go for a HRNG, and as Ted points
out in the above link, there are many drivers for these in the kernel
already - in other words, EVERY use case is abundantly provided for
by the Linux kernel.

Causing /dev/random to be the same as /dev/urandom would only make
sense if the current /dev/random implementation were made completely
private i.e. "internal to the kernel and not accessible by userspace"
- then /dev/random could simply be a symlink to /dev/urandom - but
there are disadvantages to doing this, not the least of which would
be certain very specific yet limited use cases for which the existing
/dev/random is an essential dependency!


> (Normally i would dare to approach him. But i guess he is already
> annoyed by the topic and man page reading cowards like me.)


  Confront the man page!
  And Wikipedia too ...
  Then write, your Haiku :)


> Have a nice day :)

You too, and a Haiku new.

Re: USB external hard drive -- mounting

[Ben Caradoc-Davies]

On 29/08/17 12:19, James H. H. Lampert wrote:
First, I was able to relabel the drive as a suitably generic 
"ExternalHD," and when I unplugged it and plugged it back in, it mounted 
(albeit still under a user-specific, auto-created mount point) as that 
label.
With the drive automounted, I did a "umount" on it, created a mount 
point for it (directly in /media, and available to everybody, for now, 
at least), and then did a "mount" at the new mount point. It mounted 
successfully in that user-neutral location, and is available to any 
signed-on user.


Permissions are likely to be main problem for multiuser access. 
User-private groups, the sgid bit, and careful selection of umask may help.


Of course, if I then unmount it, pull the plug, and plug it back in, 
without an fstab entry, it auto-mounts to a created mount point in the 
user's subdirectory of /media, but at least the mount point I created 
doesn't go bye-bye, so that's a start.


Good. This is the expected behaviour for media with labels.

I have not tried this but a udev rule might be your next step:
https://www.axllent.org/docs/view/auto-mounting-usb-storage/

There is also a thing called udisks, but I have not used that either.

Kind regards,

--
Ben Caradoc-Davies 
Director
Transient Software Limited 
New Zealand

Re: USB external hard drive -- mounting

[James H. H. Lampert]

On 8/28/17, 4:07 PM, Ben Caradoc-Davies wrote:


I am not sure about the background automounting, but I get consistent
mount points and mount settings with entries like these in /etc/fstab:

LABEL=Backup/media/backup   ext4
noatime,noauto,user,errors=remount-ro   0   0

. . .

The above lines give me fixed mount points based on filesystem labels
(LABEL). . .


That got me started on an idea, even before I undertake anything with 
fstab. Thanks, Mr. Caradoc-Davies.


First, I was able to relabel the drive as a suitably generic 
"ExternalHD," and when I unplugged it and plugged it back in, it mounted 
(albeit still under a user-specific, auto-created mount point) as that 
label.


With the drive automounted, I did a "umount" on it, created a mount 
point for it (directly in /media, and available to everybody, for now, 
at least), and then did a "mount" at the new mount point. It mounted 
successfully in that user-neutral location, and is available to any 
signed-on user.


Of course, if I then unmount it, pull the plug, and plug it back in, 
without an fstab entry, it auto-mounts to a created mount point in the 
user's subdirectory of /media, but at least the mount point I created 
doesn't go bye-bye, so that's a start.


But I still need all the help I can get understanding this.

--
JHHL

Re: USB external hard drive -- mounting

[Ben Caradoc-Davies]

On 29/08/17 09:25, James H. H. Lampert wrote:
Can anybody advise me on how to set this thing up so that if it's 
plugged in, it will mount, to a consistent mountpoint, whether anybody's 
signed on to Gnome or not?


I am not sure about the background automounting, but I get consistent 
mount points and mount settings with entries like these in /etc/fstab:


LABEL=Backup/media/backup   ext4 
noatime,noauto,user,errors=remount-ro   0   0
LABEL=Thumb /media/thumbvfat 
noatime,noauto,user,uid=1000,gid=1000,umask=007,utf8,flush  0   0


The noauto and hardcoded uid/gid might not work for you, but they could 
be a starting point. Perhaps noauto to stop automounting plus a udev 
rule? I have not tried this.


The above lines give me fixed mount points based on filesystem labels 
(LABEL), but UUID will also work. Device names are no good as they are 
by default dynamically assigned for USB storage devices.


Kind regards,

--
Ben Caradoc-Davies 
Director
Transient Software Limited 
New Zealand

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

[Tom Browder]

On Mon, Aug 28, 2017 at 15:54 Joe  wrote:
...

I confess to no specific knowledge here, but I suspect none of the
> firewall front-ends will accommodate an arbitrary iptables ruleset, as
> the front-ends impose their own structure which would almost certainly
> conflict.
>

Unfortunately, ufw doesn't have a safety net.

However, I did keep a valid ssh connection in a separate window to ensure I
could still login after I enabled ufw. That's still a dangerous way but my
fallback is my server is with a company who can assist in a reboot and ssh
access again if necessary.

Alexander's idea is a good one, and I really should have taken his advice.
However, all worked out well, fortunately.

Thanks, Joe.

-Tom

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

[Tom Browder]

On Mon, Aug 28, 2017 at 15:49 Alexander V. Makartsev 
wrote:

> Smart way to do it is to setup a cron job to run shell script that will
> flush (or restore to default working ruleset) iptables rules every 10
> minutes.


Thanks, Alexander.

-Tom

Re: [Multiarch] armhf on arm64 is not working

[Hitec Adam Cecile]

Hi,

I'm actually running arm64, not amd64 ;-)

Le 28 août 2017 23:25:56 GMT+02:00, Reco  a écrit :
>   Hi.
>
>On Mon, 28 Aug 2017 22:50:17 +0200
>Adam Cécile  wrote:
>
>> Hello,
>> 
>> 
>> I'm trying to set up armhf on arm64 stretch but it does not work:
>> 
>> 
>> file /tmp/bash/bin/bash
>> 
>> /tmp/bash/bin/bash: ELF 32-bit LSB executable, ARM, EABI5 version 1 
>> (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for
>
>> GNU/Linux 3.2.0,
>BuildID[sha1]=e3aedef3dd05738b73e7756ddb9be88dd0f9a8ce, 
>> stripped
>> 
>> 
>>   ldd /tmp/bash/bin/bash
>> 
>>  not a dynamic executable
>
>That's supposed to happen. Try 'objdump -p' instead.
>
>
>> /tmp/bash/bin/bash
>> 
>> -bash: /tmp/bash/bin/bash: cannot execute binary file: Exec format
>error
>
>And that is supposed to happen too.
>
>
>> Any idea about what's wrong ? Everything looks ok to me. Is it
>possible 
>> to be kernel related ?
>
>In a way that's kernel related.
>
>What multiarch is - it's an ability to co-install libraries from
>different architectures (for cross-compilation usually).
>What multiarch is not - it's not an ability to use foreign architecture
>libraries to run foreign architecture binaries.
>
>The reason being - an executable binary contains CPU instructions that
>are suited to CPU of designated architecture only. In your example it's
>armv5. Your CPU is amd64 and its unable to interpret those - it can
>only
>understand i386 and amd64 instruction sets.
>
>Due to this Linux kernel (any reasonable OS kernel that I dealt with,
>in
>fact) refuses to acknowledge that foreign architecture binaries could
>be
>executed at all. Hence 'Exec format error' from the direct execution
>and 'not a dynamic executable' from ldd (which is special form of
>binary execution anyway).
>
>
>There's a way around this limitation, and it involves CPU instruction
>translation via qemu-user. Assuming that you have 'qemu-user-static'
>installed, this should work:
>
>qemu-arm-static /tmp/bash/bin/bash
>
>Reco

-- 
Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma 
brièveté.

Re: [Multiarch] armhf on arm64 is not working

[Sven Hartge]

Reco  wrote:

> The reason being - an executable binary contains CPU instructions that
> are suited to CPU of designated architecture only. In your example it's
> armv5. Your CPU is amd64 and its unable to interpret those - it can only
> understand i386 and amd64 instruction sets.

No, he is talking about ARM64, the 64bit variant von ARM.

S°

-- 
Sigmentation fault. Core dumped.

Re: problema con script apt

[juan carlos rebate]

El 28/08/17 a las 16:26, Felix Perez escribió:

El 28 de agosto de 2017, 11:04, juan carlos rebate
 escribió:


El 28/08/17 a las 05:12, Juan Lavieri escribió:


Hola.


El 27-08-2017 a las 04:07 p.m., juan carlos escribió:

buenas gente desde hace una semana para aca llevo recibiendo este error
y no encuentro como resolverlo o si esto ocasiona algun fallo en los
repos o si apesar del error puedo usar el sistema sin preocupaciones el
error es

Problem executing scripts APT::Update::Post-Invoke-Success 'if
/usr/bin/test -w /var/cache/app-info -a -e /usr/bin/appstreamcli; then
appstreamcli refresh > /dev/null; fi', E:Sub-process returned an error
code

eso pasa al hacer apt-get update alguien mas le pasa? gracias


Parece que eso se resuelve removiendo el paquete libappstream3

#apt-get remove libappstream3

Según lo comentan aquí:
https://askubuntu.com/questions/942895/e-problem-executing-scripts-aptupdatepost-invoke-success/943018

Otra solución la consigues aqui:
http://trastetes.blogspot.com/2016/02/solucion-al-error-e-then-appstreamcli.html
Te sugiero que revises esta primero a ver si te convence el argumento.

Saludos.


--
Juan M Lavieri

Errar es de humanos, pero es mas humano culpar a los demás.

no no me convence el argumento del blog, yo no uso ni una alpha ni beta ni
testing uso una estable, llevo con esta imagen de sistema desde que salio y
esto me lleva pasando desde hace un par de semanas, para mi el error tiene
que estar en alguna descarga oculta que haga el sistema al hacer update, si
elimino appstreamcli se actualizn los repos sin errores peo no se refrescan
osea si uso el gstor o el apt-cache para buscar algo no encuentra nada pero
si instala si se el nombre exacto del paquete osea apt-get install, por lo
tanto de nuevo creo que se trata de alguna descarga oculta que se debe hacer
mientras se usa update, si elimino libapptream3 no me deja usar update osea
se ejecuta pero no devuelve nada como si lo que  hiciera no diera resultado


Probaste la solución propuesta?


las soluciones de eliminar el appstreamcli y o libappstream3? esas 
soluciones? si las probe y explico las consecuencias en el correo anterior

Re: [Multiarch] armhf on arm64 is not working

[Reco]

Hi.

On Mon, 28 Aug 2017 22:50:17 +0200
Adam Cécile  wrote:

> Hello,
> 
> 
> I'm trying to set up armhf on arm64 stretch but it does not work:
> 
> 
> file /tmp/bash/bin/bash
> 
> /tmp/bash/bin/bash: ELF 32-bit LSB executable, ARM, EABI5 version 1 
> (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for 
> GNU/Linux 3.2.0, BuildID[sha1]=e3aedef3dd05738b73e7756ddb9be88dd0f9a8ce, 
> stripped
> 
> 
>   ldd /tmp/bash/bin/bash
> 
>  not a dynamic executable

That's supposed to happen. Try 'objdump -p' instead.


> /tmp/bash/bin/bash
> 
> -bash: /tmp/bash/bin/bash: cannot execute binary file: Exec format error

And that is supposed to happen too.


> Any idea about what's wrong ? Everything looks ok to me. Is it possible 
> to be kernel related ?

In a way that's kernel related.

What multiarch is - it's an ability to co-install libraries from
different architectures (for cross-compilation usually).
What multiarch is not - it's not an ability to use foreign architecture
libraries to run foreign architecture binaries.

The reason being - an executable binary contains CPU instructions that
are suited to CPU of designated architecture only. In your example it's
armv5. Your CPU is amd64 and its unable to interpret those - it can only
understand i386 and amd64 instruction sets.

Due to this Linux kernel (any reasonable OS kernel that I dealt with, in
fact) refuses to acknowledge that foreign architecture binaries could be
executed at all. Hence 'Exec format error' from the direct execution
and 'not a dynamic executable' from ldd (which is special form of
binary execution anyway).


There's a way around this limitation, and it involves CPU instruction
translation via qemu-user. Assuming that you have 'qemu-user-static'
installed, this should work:

qemu-arm-static /tmp/bash/bin/bash

Reco

USB external hard drive -- mounting

[James H. H. Lampert]

Greetings:

I'm in the process of setting up a new server, running Debian Jessie 
8.9, replacing a Windows Server 2003 box (the same physical hardware).


One of the functions of this server is to automatically (via a script 
run from cron) back up data (mostly on other servers, via FTP and SCP) 
from other servers in the network, to a USB external hard drive.


I was pleasantly shocked when the NTFS-formatted USB drive auto-mounted 
as read/write, as soon as I plugged it in, without my having to apt-get 
anything.


So far, I've got one of these auto-backup scripts working, after a 
fashion. But there are problems: because the external drive is currently 
auto-mounted, (1) the location of the drive in the file system is 
dependent on what user was signed on to the Gnome desktop when it 
auto-mounted, and (2) if no user signs on to the Gnome desktop, it 
doesn't get mounted anywhere.


In addition, it mounts as "/media//Seagate Expansion Drive". Not 
only is this a bit of a mouthful when specifying a pathname in a script, 
and dependent on what user is signed on when it auto-mounts; it's also 
dependent on that physical drive (or another self-identifying the same), 
which would make swapping it out for a new drive potentially problematic.


And when it is unmounted, the mountpoint goes away.

I can't even determine *what* is doing the auto-mounting, and the more I 
read, the more confused I get: I see automount; I see usbmount; I see 
pmount; I've barely figured out how to see what packages are installed, 
and nothing jumps out at me as being what's auto-mounting the drive.


Can anybody advise me on how to set this thing up so that if it's 
plugged in, it will mount, to a consistent mountpoint, whether anybody's 
signed on to Gnome or not? And when it's inevitably replaced, its 
replacement will continue to do so?


--
James H. H. Lampert

[Multiarch] armhf on arm64 is not working

[Adam Cécile]

Hello,


I'm trying to set up armhf on arm64 stretch but it does not work:


file /tmp/bash/bin/bash

/tmp/bash/bin/bash: ELF 32-bit LSB executable, ARM, EABI5 version 1 
(SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for 
GNU/Linux 3.2.0, BuildID[sha1]=e3aedef3dd05738b73e7756ddb9be88dd0f9a8ce, 
stripped



 ldd /tmp/bash/bin/bash

not a dynamic executable


/tmp/bash/bin/bash

-bash: /tmp/bash/bin/bash: cannot execute binary file: Exec format error


dpkg -S /lib/ld-linux-armhf.so.3

libc6:armhf: /lib/ld-linux-armhf.so.3


Any idea about what's wrong ? Everything looks ok to me. Is it possible 
to be kernel related ?



Thanks in advance, Regards.

Re: Resign me from your lists

[Cindy-Sue Causey]

On 8/28/17, Gene Heskett  wrote:
> On Monday 28 August 2017 10:22:48 Cindy-Sue Causey wrote:
>
>> On 8/28/17, Gene Heskett  wrote:
>> >> On 28/08/17 01:09, Reco wrote:
>> >> > X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone
>> >> > that's on the list. Like this: [...]
>> >
>> > I just looked at my copy, it did not contain that string in
>> > x-spam-status.
>>
>> I'm in usual in-the-moment cognitive gear where something doesn't
>> occur to me unless it's triggered by something else absolutely and
>> directly related.
>>
>> Like you running yours in secondary response after it first came up.
>> Only then did it occur to me to test drive mine.
>>
>> They're definitely not all the same in case anyone has them backed up
>> and not yet deleted.
>>
>> Cindy :)
>
> There could easily be differences in the option list spamd is using that
> would/could/should cause this miss-match. I am not using some of the
> more "exotic" filters available as it seemed they caused more FP's than
> it was worth feeding them back into sa-learn --ham. This particular
> thing did look like it might be good to raise its score by say 4 points,
> but I haven't a clue which of the extras is able to pronounce this odd
> category. So I just hit the red x when I see one, and poof, its no
> longer using space on my HD. Something that IMO, should have been caught
> before it was broadcast to the whole of the English speaking list
> subscribers. But I didn't write the rules, I just reserve the right to
> bitch. :-)


*grin*

I just had some more come in. A very short one, a VERY long one, one
completely non-existent, and one last one that was something about
"forged mua mozilla"..

The one I was basing my observation on earlier turned out to be OOPS.
It was someone we knew. The fact that there is so much difference
there still stands out.

It's an interesting distraction today. I've known about headers since
late 1990's, but this is the first time I've truly stopped and looked
at that part of them. Prior to today, that was the stuff that kept
cognitively getting in the way of whatever I was really seeking there.
:)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: Dnsmasq cache local

[Debian Forever]

2017-08-28 22:47 GMT+02:00 Debian Forever :
> Hola buenas, estoy montandome un dnsmasq en local para cachear las
> peticiones DNS de un servidor DNS ajeno.
>
> La idea es, mi ordenador hace una petición DNS que no está registrada
> en mi Dnsmasq local, pero hace un forward y lo envía al servidor DNS
> ajeno (antes mencionado). De tal forma, que la próxima vez que vuelva
> a consultar esa dirección DNS, ya la tenga cacheada y no haga falta
> pedirla al servidor DNS ajeno.
>
> Tengo esta configuración:
>
> listen-address=127.0.0.1
> port=53
> bind-interfaces
> user=dnsmasq
> log-facility=/var/log/dnsmasq.log
> log-queries
> dns-forward-max=150
> cache-size=0 (ilimitada)
> server=192.168.0.33
>
> Pero en los logs veo, que no cache nada en local, que siempre va a
> preguntar las entradas DNS hacia el servidor 192.168.0.33:
>
> dnsmasq[5067]: query[A] www.google.es from 127.0.0.1
> dnsmasq[5067]: forwarded www.google.es to 192.168.0.33
>
> Qué estoy haciendo mal?? Estoy mirando información pero no encuentro nada...
>
> Gracias por adelantado.


Acabo de leer esto:

-c, --cache-size=
Set the size of dnsmasq's cache. The default is 150 names. Setting the
cache size to zero disables caching.

Pero incluso dandole un valor, se comporta igual...

Alguna idea??

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

[Joe]

On Mon, 28 Aug 2017 20:01:54 +
Tom Browder  wrote:

> Installing and enabling ufw sounds easy, but how is the existing set
> of iptables rules treated?  I want to use ufw on a remote server and
> losing ssh would be disastrous!
> 

I confess to no specific knowledge here, but I suspect none of the
firewall front-ends will accommodate an arbitrary iptables ruleset, as
the front-ends impose their own structure which would almost certainly
conflict.

I tried two or three front-ends some years ago, but they were not suited
to my needs, and I've stayed with a custom iptables script. However,
all of them must allow some safe and relatively sane way to activate a
ruleset while guaranteeing one or more types of access. Many servers are
administered remotely.

In this situation, I'd set up a skeleton test server in a local VM, and
confirm that I understood how to do this before trying it for real.
Even then I might set up a brute-force-and-ignorance reversion to the
original state in a cron job timed for ten minutes later if not
cancelled. And I'd still worry... how far do you have to travel if it
goes wrong?

-- 
Joe

Re: How can I enable ufw firewall tool with an existing set of iptables rules?

[Alexander V. Makartsev]

Smart way to do it is to setup a cron job to run shell script that will
flush (or restore to default working ruleset) iptables rules every 10
minutes.
With this approach, even if you mess up your iptables rules and loose
ssh, you can simply wait for 10 minutes and reconnect to ssh.
Take your time and check that cron job is working correctly and if it
is, continue with ufw\iptables setup or correct mistakes.


On 29.08.2017 01:01, Tom Browder wrote:
> Installing and enabling ufw sounds easy, but how is the existing set
> of iptables rules treated?  I want to use ufw on a remote server and
> losing ssh would be disastrous!
>
> Thanks.
>
> -Tom
>

Dnsmasq cache local

[Debian Forever]

Hola buenas, estoy montandome un dnsmasq en local para cachear las
peticiones DNS de un servidor DNS ajeno.

La idea es, mi ordenador hace una petición DNS que no está registrada
en mi Dnsmasq local, pero hace un forward y lo envía al servidor DNS
ajeno (antes mencionado). De tal forma, que la próxima vez que vuelva
a consultar esa dirección DNS, ya la tenga cacheada y no haga falta
pedirla al servidor DNS ajeno.

Tengo esta configuración:

listen-address=127.0.0.1
port=53
bind-interfaces
user=dnsmasq
log-facility=/var/log/dnsmasq.log
log-queries
dns-forward-max=150
cache-size=0 (ilimitada)
server=192.168.0.33

Pero en los logs veo, que no cache nada en local, que siempre va a
preguntar las entradas DNS hacia el servidor 192.168.0.33:

dnsmasq[5067]: query[A] www.google.es from 127.0.0.1
dnsmasq[5067]: forwarded www.google.es to 192.168.0.33

Qué estoy haciendo mal?? Estoy mirando información pero no encuentro nada...

Gracias por adelantado.

Re: Laptop randomly reboots

[Sam Smith]

On 06/13/2017 02:27 PM, Sam Smith wrote:

On 05/12/2017 03:38 PM, Sam Smith wrote:

On 01/20/2017 08:04 PM, Sam Smith wrote:

I'll try to keep this short. I bought a used Lenovo T520 back in May. It
had the motherboard with nvidia GPU. Because it sucks power and doesn't
really have good suspend/resume support, I bought a used mother board
off of ebay that only had intel integrated graphics and I swapped it
out. All was well and I had installed in it 8gb +4gb of ram.

It ran like that for about 8 weeks before I bought an 8gb stick and
stuck that in, so then I had 8gb + 8gb of ram. After about 6 weeks of
running like, it randomly rebooted overnight. I shrugged it off and
thought maybe the power went out or something (even though it had a
battery in it). But then about 2 weeks later it did it again..and then
two weeks after that. So I pulled out the new 8gb stick I had put in and
let it run with just one 8gb stick. It ran like that for about 10 weeks
without a problem. I put the old 4gb stick in just for fun, bringing it
back to the original 8gb + 4gb configuration. But about 2 weeks later it
rebooted again. At that point I bought a matched 16gb kit (8gb + 8gb)
from new egg that seemed to come recommended from google searching for
compatible ram for this model. But just a couple of days ago (about 3
weeks after installing it), it rebooted by itself.

I am kind of at a loss here now. I can buy another motherboard and swap
it out again, but that takes a few hours and I don't feel like doing it.
The cooling and thermal stuff is all good on the laptop,I've ran prime95
and video encoding for hours and it is fine (temps stay below 80* at
least, normal usage is 40-55*). I've also ran memtest for a few hours.

What I find weird is that the machine suddenly reboots. At least a few
years ago, ram issues would just lead to a kernel panic screen. But with
this, the machine is just like someone pulled the plug and rebooted it.
I started to wonder if there is some built in watchdog somewhere that
will reboot the machine if it hangs, but I can't tell? Other than that,
if this is the kernel that is rebooting the machine, is there any way I
can get it to dump some info somewhere before it fully reboots? Before I
go through the pain of swapping the board again, I'd just like to really
know that this is a hardware issue and not the kernel detecting
something and just choosing to reboot...

Thanks for any info,

Sam



Just an update. My uptime is now 80 days and I haven't had any random
reboots. The only thing I did was pull in the latest apt-get updates
(which took me from Jessie 6.6 to 6.7 I think, but also installed a
newer xorg-intel driver from backports). I also read somewhere that
there were some "issues" with having the hardware virtualization
extensions enabled in BIOS (can't remember what the issues were) so I
disabled those after running the apt-get upgrade and rebooting.

Never gone this long without a reboot so I guess perhaps I'm good. But
if this was indeed a software caused reboot, I'd like to know what
setting I need to change so that debian would just hang at a kernel
panic screen (or something similar) instead of just an instant dump and
reboot leaving me thinking that it is hardware issues (which it may
still be)


Regards,
Samuel Smith




Guess I spoke too soon. About 10 days after I posted the above, the 
laptop randomly rebooted. :sigh:






And for my hopefully final update. I upgraded from jessie to stretch 
and about 2 weeks after that I got a random reboot. Figured that ruled 
out any software issue. Went ahead and bought a new board off of ebay 
and judging by the lack of a serial number in the bios screen, I'd say 
it was from an old stock pile destined for RMA warranty repairs. 
Nonetheless, after a month of swapping the board, I've not had any 
further problems.

Troca de senha AD Microsoft via web

[Christiano Liberato]

Pessoal,

alguém tem aí o LDAP Tool Box Project funcionando na troca de senhas do AD
da Microsoft?
Estou tentando implementar mas não vai de jeito nenhum. Dá sempre erro
dizendo que não acha o usuario no LDAP.

How can I enable ufw firewall tool with an existing set of iptables rules?

[Tom Browder]

Installing and enabling ufw sounds easy, but how is the existing set of
iptables rules treated?  I want to use ufw on a remote server and losing
ssh would be disastrous!

Thanks.

-Tom

Re: Alias - Erreur pour recharger .bashrc

[G2PC]

Le 28/08/2017 à 19:42, Étienne Mollier a écrit :
> G2PC, le 2017-08-28 :
>> Mon shell est zsh.
>>
>> [...]
>>
>> Recharger .bashrc avec la commande source ~/.bashrc
>>
>> J'ai une erreur avec mon .bashrc
>> source ~/.bashrc
>> /home/root/.bashrc:16: command not found: shopt
>> /home/root/.bashrc:24: command not found: shopt
>> /home/root/.bashrc:122: command not found: shopt
>> /usr/share/bash-completion/bash_completion:51: command not found: shopt
>> /usr/share/bash-completion/bash_completion:57: command not found: complete
>> /usr/share/bash-completion/bash_completion:62: command not found: complete
>> /usr/share/bash-completion/bash_completion:65: command not found: complete
>> /usr/share/bash-completion/bash_completion:68: command not found: complete
>> /usr/share/bash-completion/bash_completion:71: command not found: complete
>> /usr/share/bash-completion/bash_completion:74: command not found: complete
>> /usr/share/bash-completion/bash_completion:77: command not found: complete
>> /usr/share/bash-completion/bash_completion:80: command not found: complete
>> /usr/share/bash-completion/bash_completion:83: command not found: complete
>> /usr/share/bash-completion/bash_completion:86: command not found: complete
>> /usr/share/bash-completion/bash_completion:89: command not found: complete
>> /usr/share/bash-completion/bash_completion:92: command not found: complete
>> /usr/share/bash-completion/bash_completion:314: parse error near `\n'
>> \[\e]0;\u@\h 
>> \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\h\[\033[01;34m\] \W 
>> \$\[\033[00m\]
> G2PC, le 2017-08-28, un peu plus tard :
>> Par contre, je ne sais pas si cette erreur de .bashrc est
>> normale et si je dois quand même la corrigée. Je part du
>> principe que, je n'ai pas à m'en occuper, puisque j'utilise
>> zsh.
> Bonsoir,
>
> Si ça peut vous rassurer, l'erreur est tout à fait normale en
> sourçant ce fichier ~/.bashrc avec le shell Zsh à la place de
> Bash.  Vous n'avez à priori rien à corriger, à moins bien sûr que
> des bugs ne se soient cachés ailleurs dans le script.  ;-)
Merci pour ta précision car c'était une question que je me suis posé. Je
m'étais dit aussi, que, c'est zsh qui interrogeait le bashrc et que cela
devait créer les erreurs.
J'ai peut être tout de même une erreur de syntaxe dans le bashrc, mais,
comme j'utilise zsh, je ne me pose pas plus de question, pour le moment,
concernant le fichier bashrc, qui doit déjà bien être documenté.
>
> La commande `shopt`, de l'erreur « command not found: shopt »,
> est une "builtin" : une commande intégrée et propre à Bash.  Vous
> pouvez trouver sa description dans le manuel de `bash`, section
> "builtins", dont voici un extrait :
>
>>   shopt: shopt [-pqsu] [-o] [optname ...]
>>   Set and unset shell options.
> Cette commande n'existe pas en Zsh, d'où l'erreur.
>
>
> Si j'en crois la page de manuel de `zshbuiltins`, la commande à
> peu près équivalente serait `setopt` :
>
>>   setopt [ {+|-}options | {+|-}o option_name ] [  -m  ]  [
>>   name ... ]
>>  Set the options for the shell.  All options spec‐
>>  ified either with flags or by name are set.
> La syntaxe diffère pas mal, ainsi que les options supportées,
> mais c'est l'intérêt de pouvoir choisir des shells différents.
>
> Même remarque pour la "builtin" `complete`, de l'erreur « command
> not found: complete », servant à définir les autocompletions via
> la touche Tab, elle est propre à Bash.  Toujours dans la section
> "builtins" du manuel, vous trouverez plus de détails à son sujet.
>
> L'équivalent en Zsh est... décrit dans trois pages de manuel :
> - zshcompwid
> - zshcompsys
> - zshcompctl
>
> Ça donne une assez bonne idée de la granularité avec laquelle on
> peut configurer son shell en Zsh.  :-)
>
> À plus,
Encore merci pour le complément d'information et les mots clé pour
accéder au manuel.
a + Bonne soirée.

Re: Resign me from your lists

[Thomas Schmitt]

Hi,

Reco wrote:
> Due to the way GMail is broken I don't see any vaild headers in my own
> replies to the list of course.

Yours is

  X-Spam-Status: No, score=-11.9 required=4.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VERIFIED,FREEMAIL_FROM,LDOSUBSCRIBER,LDO_WHITELIST,
RCVD_IN_DNSWL_LOW autolearn=unavailable autolearn_force=no version=3.4.0

Let's not forget that at least one of our subscribers does not send his
mails from the subscribed address. So no LDOSUBSCRIBER is in his spam header

  X-Spam-Status: No, score=-5.0 required=4.0 
tests=HEADER_FROM_DIFFERENT_DOMAINS,
LDO_WHITELIST,RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no
version=3.4.0


BTW: We are probably not the fake "From:" but rather fake "To:" or "Cc:"
of the original mails. At least this is what i saw in quoted headers if
they were in the reply text.


Have a nice day :)

Thomas

Re: Resign me from your lists

[Reco]

Hi.

On Mon, 28 Aug 2017 09:20:16 -0400
Gene Heskett  wrote:

> On Monday 28 August 2017 09:11:01 Mario Castelán Castro wrote:
> 
> > On 28/08/17 01:09, Reco wrote:
> > > Mario Castelán Castro  wrote:
> > >> I have to admit that I do not know what specific header you are
> > >> talking about.
> > >>
> > >> I was not aware that this mailing list was used in “From:”
> > >> spoofing.
> > >
> > > X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone
> > > that's on the list. Like this: [...]
> 
> I just looked at my copy, it did not contain that string in 
> x-spam-status.

A list archive id would be helpful.

Your e-mail I'm replying to - [1] - has this:

X-Spam-Status: No, score=-11.0 required=4.0
tests=LDOSUBSCRIBER,LDO_WHITELIST, RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD
autolearn=unavailable autolearn_force=no version=3.4.0


Due to the way GMail is broken I don't see any vaild headers in my own
replies to the list of course.

Reco

[1]
https://lists.debian.org/msgid-search/201708280920.16632.ghesk...@shentel.net

Re: Resign me from your lists

[Gene Heskett]

On Monday 28 August 2017 10:22:48 Cindy-Sue Causey wrote:

> On 8/28/17, Gene Heskett  wrote:
> >> On 28/08/17 01:09, Reco wrote:
> >> > X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone
> >> > that's on the list. Like this: [...]
> >
> > I just looked at my copy, it did not contain that string in
> > x-spam-status.
>
> I'm in usual in-the-moment cognitive gear where something doesn't
> occur to me unless it's triggered by something else absolutely and
> directly related.
>
> Like you running yours in secondary response after it first came up.
> Only then did it occur to me to test drive mine.
>
> They're definitely not all the same in case anyone has them backed up
> and not yet deleted.
>
> Cindy :)

There could easily be differences in the option list spamd is using that 
would/could/should cause this miss-match. I am not using some of the 
more "exotic" filters available as it seemed they caused more FP's than 
it was worth feeding them back into sa-learn --ham. This particular 
thing did look like it might be good to raise its score by say 4 points, 
but I haven't a clue which of the extras is able to pronounce this odd 
category. So I just hit the red x when I see one, and poof, its no 
longer using space on my HD. Something that IMO, should have been caught 
before it was broadcast to the whole of the English speaking list 
subscribers. But I didn't write the rules, I just reserve the right to 
bitch. :-)

Cheers Cindy, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Alias - Erreur pour recharger .bashrc

[Étienne Mollier]

G2PC, le 2017-08-28 :
> Mon shell est zsh.
>
> [...]
>
> Recharger .bashrc avec la commande source ~/.bashrc
>
> J'ai une erreur avec mon .bashrc
> source ~/.bashrc
> /home/root/.bashrc:16: command not found: shopt
> /home/root/.bashrc:24: command not found: shopt
> /home/root/.bashrc:122: command not found: shopt
> /usr/share/bash-completion/bash_completion:51: command not found: shopt
> /usr/share/bash-completion/bash_completion:57: command not found: complete
> /usr/share/bash-completion/bash_completion:62: command not found: complete
> /usr/share/bash-completion/bash_completion:65: command not found: complete
> /usr/share/bash-completion/bash_completion:68: command not found: complete
> /usr/share/bash-completion/bash_completion:71: command not found: complete
> /usr/share/bash-completion/bash_completion:74: command not found: complete
> /usr/share/bash-completion/bash_completion:77: command not found: complete
> /usr/share/bash-completion/bash_completion:80: command not found: complete
> /usr/share/bash-completion/bash_completion:83: command not found: complete
> /usr/share/bash-completion/bash_completion:86: command not found: complete
> /usr/share/bash-completion/bash_completion:89: command not found: complete
> /usr/share/bash-completion/bash_completion:92: command not found: complete
> /usr/share/bash-completion/bash_completion:314: parse error near `\n'
> \[\e]0;\u@\h 
> \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\h\[\033[01;34m\] \W 
> \$\[\033[00m\]

G2PC, le 2017-08-28, un peu plus tard :
> Par contre, je ne sais pas si cette erreur de .bashrc est
> normale et si je dois quand même la corrigée. Je part du
> principe que, je n'ai pas à m'en occuper, puisque j'utilise
> zsh.

Bonsoir,

Si ça peut vous rassurer, l'erreur est tout à fait normale en
sourçant ce fichier ~/.bashrc avec le shell Zsh à la place de
Bash.  Vous n'avez à priori rien à corriger, à moins bien sûr que
des bugs ne se soient cachés ailleurs dans le script.  ;-)

La commande `shopt`, de l'erreur « command not found: shopt »,
est une "builtin" : une commande intégrée et propre à Bash.  Vous
pouvez trouver sa description dans le manuel de `bash`, section
"builtins", dont voici un extrait :

>   shopt: shopt [-pqsu] [-o] [optname ...]
>   Set and unset shell options.

Cette commande n'existe pas en Zsh, d'où l'erreur.


Si j'en crois la page de manuel de `zshbuiltins`, la commande à
peu près équivalente serait `setopt` :

>   setopt [ {+|-}options | {+|-}o option_name ] [  -m  ]  [
>   name ... ]
>  Set the options for the shell.  All options spec‐
>  ified either with flags or by name are set.

La syntaxe diffère pas mal, ainsi que les options supportées,
mais c'est l'intérêt de pouvoir choisir des shells différents.

Même remarque pour la "builtin" `complete`, de l'erreur « command
not found: complete », servant à définir les autocompletions via
la touche Tab, elle est propre à Bash.  Toujours dans la section
"builtins" du manuel, vous trouverez plus de détails à son sujet.

L'équivalent en Zsh est... décrit dans trois pages de manuel :
- zshcompwid
- zshcompsys
- zshcompctl

Ça donne une assez bonne idée de la granularité avec laquelle on
peut configurer son shell en Zsh.  :-)

À plus,
-- 
Étienne Mollier 

Re: SQL Server no Debian

[Sinval Júnior]

Microsoft fazendo de tudo para tentar levar a galera. Não imaginava que
tinham até um source.

Ao encaminhar esta mensagem, por favor:
1 - Apague meu endereço eletrônico;
2 - Encaminhe como Cópia Oculta (Cco ou BCc) aos seus destinatários.
Dificulte assim a disseminação de vírus, spams e banners.

#=+
#!/usr/bin/env python
nome = 'Sinval Júnior'
email = 'sinvalju arroba gmail ponto com'
print nome
print email
#==+

Em 27 de agosto de 2017 11:37, Leonardo Rocha 
escreveu:

> Olá Sérgio, agradeço. Vou tentar esse primeiro link. O segundo, do portal
> GSTI não funciona com o Debian 9. Segundo consta no site foi testado com a
> versão 8.7. tentei com máquina virtual e realmente apresenta problema.
>
>
> Enviado por BlueMail 
> Em 27 de ago de 2017, em 08:32, "Sérgio Abrantes Junior" <
> sergioabran...@gmail.com> escreveu:
>>
>> Olá,
>>
>> Achei alguma coisa sobre:
>>
>> https://linux-tips.com/t/installing-microsoft-sql-
>> server-on-debian-linux/476
>>
>> https://www.portalgsti.com.br/2017/01/instalando-o-sql-
>> server-no-debian-em-17-passos.html
>>
>> Até!
>>
>> Sérgio Abrantes
>>
>> Em 27 de agosto de 2017 03:35, Rodolfo  escreveu:
>>
>>> Precisa ser o SQL Server? Porque sei que tem o MariaDB(mysql) e
>>> PostgreSQL.
>>>
>>> Em 26 de agosto de 2017 20:09, Leonardo S. S. da Rocha <
>>> leonardo...@gmail.com> escreveu:
>>>
 Pessoal, boa noite! alguém já instalou o SQL Server no Debian 9?
 Encontrei um artigo falando sobre essa instalação na versão 8.7 mas nada
 ainda sobre a instalação na versão 9. Estou com um cenário na universidade
 precisando dessas ferramentas. Na verdade hoje está rodando sobre Ubuntu
 16.04 mas quero tirar o Ubuntu e colocar o Debian. Alguém pode sugerir
 algo?

 --
 Atenciosamente,
 (Best regards),


 Leonardo Rocha
 about.me/leonardo.rocha




  Enviado com Mailtrack
 

>>>
>>>
>>

Re: Resign me from your lists

[Mario Castelán Castro]

On 28/08/17 09:18, Fungi4All wrote:
> Are  you suggesting someone should read 4856 pages of manuals
> before they install Debian, let alone ask a "dumb question"?

No, you can learn as you need it. I know that manuals are long and
tedious. I do not expect you to read it all before asking, but I expect
you to check the table of contents and index for your question before
asking.

> How about I pop that barrel of depleted uranium open and dump it to
> the pond?

By the way, uranium is minimally radioactive. The main risk of nuclear
energy is that the fission products in spent fuel leak.

-- 
Do not eat animals, respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan



signature.asc
Description: OpenPGP digital signature

Re: problema con script apt

[Felix Perez]

El 28 de agosto de 2017, 11:04, juan carlos rebate
 escribió:
>
>
> El 28/08/17 a las 05:12, Juan Lavieri escribió:
>
>>
>> Hola.
>>
>>
>> El 27-08-2017 a las 04:07 p.m., juan carlos escribió:
>>>
>>> buenas gente desde hace una semana para aca llevo recibiendo este error
>>> y no encuentro como resolverlo o si esto ocasiona algun fallo en los
>>> repos o si apesar del error puedo usar el sistema sin preocupaciones el
>>> error es
>>>
>>> Problem executing scripts APT::Update::Post-Invoke-Success 'if
>>> /usr/bin/test -w /var/cache/app-info -a -e /usr/bin/appstreamcli; then
>>> appstreamcli refresh > /dev/null; fi', E:Sub-process returned an error
>>> code
>>>
>>> eso pasa al hacer apt-get update alguien mas le pasa? gracias
>>>
>>
>> Parece que eso se resuelve removiendo el paquete libappstream3
>>
>> #apt-get remove libappstream3
>>
>> Según lo comentan aquí:
>> https://askubuntu.com/questions/942895/e-problem-executing-scripts-aptupdatepost-invoke-success/943018
>>
>> Otra solución la consigues aqui:
>> http://trastetes.blogspot.com/2016/02/solucion-al-error-e-then-appstreamcli.html
>> Te sugiero que revises esta primero a ver si te convence el argumento.
>>
>> Saludos.
>>
>>
>> --
>> Juan M Lavieri
>>
>> Errar es de humanos, pero es mas humano culpar a los demás.
>
> no no me convence el argumento del blog, yo no uso ni una alpha ni beta ni
> testing uso una estable, llevo con esta imagen de sistema desde que salio y
> esto me lleva pasando desde hace un par de semanas, para mi el error tiene
> que estar en alguna descarga oculta que haga el sistema al hacer update, si
> elimino appstreamcli se actualizn los repos sin errores peo no se refrescan
> osea si uso el gstor o el apt-cache para buscar algo no encuentra nada pero
> si instala si se el nombre exacto del paquete osea apt-get install, por lo
> tanto de nuevo creo que se trata de alguna descarga oculta que se debe hacer
> mientras se usa update, si elimino libapptream3 no me deja usar update osea
> se ejecuta pero no devuelve nada como si lo que  hiciera no diera resultado
>

Probaste la solución propuesta?


-- 
usuario linux  #274354
normas de la lista:  http://wiki.debian.org/es/NormasLista
como hacer preguntas inteligentes:
http://www.sindominio.net/ayuda/preguntas-inteligentes.html

Re: Resign me from your lists

[Mario Castelán Castro]

On 27/08/17 18:15, Ben Finney wrote:
> Mario Castelán Castro  writes:
> 
>> I assumed originally that this was a person who subscribed then
>> realized he did not want to be subscribed and decided to complain to
>> the list about that.
> 
> Even on that assumption, there is no call to insult the person. No-one
> is born knowing how to operate a mailing list subscription, please allow
> people to learn without implying they are inferior.

The problem is not ignorant people per se, but people who is ignorant of
what they ought to know (given the knowledge requirements of the
activities they choose to do).

If a lay man in the street does not know what radioactive decay heat is,
I would not see a problem, but if a manager of a nuclear power plant
does not know, then I would call him incompetent and the word “stupid”
is more than deserved. I think you will agree with this.

Likewise, somebody either writing or criticizing cryptography
recommendations should be competent in the relevant theory.

-- 
Do not eat animals, respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan



signature.asc
Description: OpenPGP digital signature

Re: Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[Olivier Langella]

Bonjour Jean-Paul,

comme suggéré par Daniel Huhardeaux, nous utilisons "x2go".
C'est très efficace, le gros avantage étant que x2go utilise le 
protocole "nx" qui rend les sessions graphiques distantes beaucoup moins 
gourmandes en bande passante.


Le client Windows s'installe facilement. Tout passe par ssh (plus de 
sécurité aussi).


Le bureau LXDE fonctionne très bien avec x2go.

Bonne soirée
Olivier


Le 28/08/2017 à 15:54, daniel huhardeaux a écrit :

Le 28/08/2017 à 15:40, G2PC a écrit :


Le 28/08/2017 à 15:03, Jean-Paul Bouchet a écrit :


On 28/08/2017 13:09, daniel huhardeaux wrote:

Le 28/08/2017 à 11:14, Jean-Paul Bouchet a écrit :

Bonjour,

Bonjour


La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy
donnait entière satisfaction. La migration, effectuée l'an dernier,
de ce serveur vers Jessie a cassé cette fonctionnalité et je n'ai
pas réussi à la réinstaller. Je viens de migrer le serveur de Jessie
vers Stretch et de tenter à nouveau d'utiliser gdm3, xdmcp et gnome
pour disposer d'un bureau graphique sur la console système et
surtout sur les postes Windows de notre réseau local (avec Cygwin/X).

J'ai adressé à la liste debian-user un courriel décrivant les
problèmes que nous rencontrons
(https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le
sujet vous intéresse ...

Mon message dans cette liste francophone a surtout pour objectif de
savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque
part, sur un serveur utilisant une version Stretch ou Jessie de
Debian en mode systemd (multi-user, PAM). Un témoignage me
permettrait de me rassurer sur le bien-fondé de ma recherche d'une
erreur de paramétrage dans la configuration de notre serveur. Merci
de préciser si l'installation de Stretch ou de Jessie résulte d'un
'dist-upgrade' ou d'une installation 'de novo'.

Peut-être utilisez-vous d'autres solutions gratuites pour permettre
l'accès des utilisateurs de Microsoft Windows aux ressources d'un
serveur Debian via un bureau graphique ?

Je ne comprends pas le sens de cette phrase: l'accès via un bureau
graphique? Les postes Windows peuvent monter un disque réseau qui est
sous Linux via SAMBA par ex.


Par bureau graphique (graphical desktop), je veux dire que le poste
Windows lance une application émulant un serveur X et gérant notamment
l'écran, le clavier et la souris du poste Windows. Une fois ce serveur
X opérationnel, le serveur Debian affiche sur l'écran du poste Windows
le client de connexion qui permet de s'identifier (greeter), puis,  si
l'authentification réussit,  ouvre une session comprenant un
gestionnaire de fenêtres (window manager) comme Gnome, KDE, Xfce et
utilisant les ressources du serveur Debian (CPU, mémoire, disques,
applications). L'application gdm3 (version 3 de GNOME Display Manager)
du serveur Debian communique avec les différents serveurs X des postes
Windows pour assurer ces services.


Bernard m'a montré ceci :
https://www.visionduweb.eu/forum/serveurs/1852-introduction-a-l-export-display#2467


ou VNC ou x2go ou nomachine



--
Olivier Langella
http://pappso.inra.fr/bioinfo
Génétique Quantitative et Évolution - Le Moulon
INRA - Université Paris-Sud - CNRS - AgroParisTech
Ferme du Moulon
91190 Gif-sur-Yvette, France
Tel : 01.69.33.23.68  Fax : 01.69.33.23.40
JID : olivier.lange...@u-psud.fr

Re: Resign me from your lists

[Mario Castelán Castro]

On 28/08/17 01:09, Reco wrote:
> Mario Castelán Castro  wrote:
>> I have to admit that I do not know what specific header you are talking
>> about.
>>
>> I was not aware that this mailing list was used in “From:” spoofing.
> 
> X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone that's
> on the list. Like this: [...]

I see. Thanks for the information.

-- 
Do not eat animals, respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan



signature.asc
Description: OpenPGP digital signature

Re: Resign me from your lists

[Cindy-Sue Causey]

On 8/28/17, Gene Heskett  wrote:
>
>> On 28/08/17 01:09, Reco wrote:
>> >
>> > X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone
>> > that's on the list. Like this: [...]
>
> I just looked at my copy, it did not contain that string in
> x-spam-status.


I'm in usual in-the-moment cognitive gear where something doesn't
occur to me unless it's triggered by something else absolutely and
directly related.

Like you running yours in secondary response after it first came up.
Only then did it occur to me to test drive mine.

They're definitely not all the same in case anyone has them backed up
and not yet deleted.

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* Elsie: A 1958 3/4 ton Studebaker Transtar pickup truck with 3 on the
tree. Was lottery image invoking to see this name in spam simultaneous
to 2nd piece that used my name *

Re: Resign me from your lists

[Fungi4All]

From: marioxcc...@yandex.com

> To: debian-user@lists.debian.org
>
> On 27/08/17 18:15, Ben Finney wrote:
>> Mario Castelán Castro  writes:
>>
>>> I assumed originally that this was a person who subscribed then
>>> realized he did not want to be subscribed and decided to complain to
>>> the list about that.
>>
>> Even on that assumption, there is no call to insult the person. No-one
>> is born knowing how to operate a mailing list subscription, please allow
>> people to learn without implying they are inferior.
>
> The problem is not ignorant people per se, but people who is ignorant of
> what they ought to know (given the knowledge requirements of the
> activities they choose to do).
>
> If a lay man in the street does not know what radioactive decay heat is,
> I would not see a problem, but if a manager of a nuclear power plant
> does not know, then I would call him incompetent and the word “stupid”
> is more than deserved. I think you will agree with this.
>
> Likewise, somebody either writing or criticizing cryptography
> recommendations should be competent in the relevant theory.

Are you both on the same subject or are you using reference without
noting it?  From the OP we have either spam or someone who tried
debian and its list and gave up.  What on earth are you talking about?
Managing a nuclear plant?  Did you wake up one day and thought of
giving it a try?  Did you win the lottery and bought one to play with?  And
you dare mention a complex mathematical problem, as cryptography,
when you are drawing parallels between trying a "free" operating system
on a "P"C, with managing the world's most potentially hazardous energy
conversion system, that could affect the lives of millions, if not billions of
earthlings for more than a century?
How do you do this?  You quit your village's McDonald's and apply for
managing a plant?  The hell with the manager, it is the persons working
in the control room that should know what the hell they are doing.  But
if your pc explodes I don't think the northern half of the pacific will generate
monster mutants for a century.

Are  you suggesting someone should read 4856 pages of manuals
before they install Debian, let alone ask a "dumb question"?  All I know
is you have a consumer, dissatisfied with a $100 windoze license from
years ago, and giving something free a try.  Because another $100 will
not get this old (4year old pc) much of a chance to revive.
Look mommy, no DrWatson!
How about I pop that barrel of depleted uranium open and dump it to
the pond?
Yeaaaeee!!!

Re: problema con script apt

[juan carlos rebate]

El 28/08/17 a las 05:12, Juan Lavieri escribió:


Hola.


El 27-08-2017 a las 04:07 p.m., juan carlos escribió:

buenas gente desde hace una semana para aca llevo recibiendo este error
y no encuentro como resolverlo o si esto ocasiona algun fallo en los
repos o si apesar del error puedo usar el sistema sin preocupaciones el
error es

Problem executing scripts APT::Update::Post-Invoke-Success 'if
/usr/bin/test -w /var/cache/app-info -a -e /usr/bin/appstreamcli; then
appstreamcli refresh > /dev/null; fi', E:Sub-process returned an 
error code


eso pasa al hacer apt-get update alguien mas le pasa? gracias



Parece que eso se resuelve removiendo el paquete libappstream3

#apt-get remove libappstream3

Según lo comentan aquí: 
https://askubuntu.com/questions/942895/e-problem-executing-scripts-aptupdatepost-invoke-success/943018


Otra solución la consigues aqui: 
http://trastetes.blogspot.com/2016/02/solucion-al-error-e-then-appstreamcli.html 
Te sugiero que revises esta primero a ver si te convence el argumento.


Saludos.


--
Juan M Lavieri

Errar es de humanos, pero es mas humano culpar a los demás.
no no me convence el argumento del blog, yo no uso ni una alpha ni beta 
ni testing uso una estable, llevo con esta imagen de sistema desde que 
salio y esto me lleva pasando desde hace un par de semanas, para mi el 
error tiene que estar en alguna descarga oculta que haga el sistema al 
hacer update, si elimino appstreamcli se actualizn los repos sin errores 
peo no se refrescan osea si uso el gstor o el apt-cache para buscar algo 
no encuentra nada pero si instala si se el nombre exacto del paquete 
osea apt-get install, por lo tanto de nuevo creo que se trata de alguna 
descarga oculta que se debe hacer mientras se usa update, si elimino 
libapptream3 no me deja usar update osea  se ejecuta pero no devuelve 
nada como si lo que  hiciera no diera resultado

Re: Parler est comme jouer au tennis avec des réceptions et envois de la balle Pauline

[Phil Dobbin]

On 28/08/17 12:42, ranet.boua...@free.fr wrote:

>  c qui

Hi.

This the Debian User list for English speakers.

You can find the French variant here:



Cheers

  Phil.


-- 
"For 50 years it was like being chained to an idiot"
Kingsley Amis on his loss of libido when he turned fifty



signature.asc
Description: OpenPGP digital signature

Re: Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[daniel huhardeaux]

Le 28/08/2017 à 15:40, G2PC a écrit :


Le 28/08/2017 à 15:03, Jean-Paul Bouchet a écrit :


On 28/08/2017 13:09, daniel huhardeaux wrote:

Le 28/08/2017 à 11:14, Jean-Paul Bouchet a écrit :

Bonjour,

Bonjour


La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy
donnait entière satisfaction. La migration, effectuée l'an dernier,
de ce serveur vers Jessie a cassé cette fonctionnalité et je n'ai
pas réussi à la réinstaller. Je viens de migrer le serveur de Jessie
vers Stretch et de tenter à nouveau d'utiliser gdm3, xdmcp et gnome
pour disposer d'un bureau graphique sur la console système et
surtout sur les postes Windows de notre réseau local (avec Cygwin/X).

J'ai adressé à la liste debian-user un courriel décrivant les
problèmes que nous rencontrons
(https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le
sujet vous intéresse ...

Mon message dans cette liste francophone a surtout pour objectif de
savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque
part, sur un serveur utilisant une version Stretch ou Jessie de
Debian en mode systemd (multi-user, PAM). Un témoignage me
permettrait de me rassurer sur le bien-fondé de ma recherche d'une
erreur de paramétrage dans la configuration de notre serveur. Merci
de préciser si l'installation de Stretch ou de Jessie résulte d'un
'dist-upgrade' ou d'une installation 'de novo'.

Peut-être utilisez-vous d'autres solutions gratuites pour permettre
l'accès des utilisateurs de Microsoft Windows aux ressources d'un
serveur Debian via un bureau graphique ?

Je ne comprends pas le sens de cette phrase: l'accès via un bureau
graphique? Les postes Windows peuvent monter un disque réseau qui est
sous Linux via SAMBA par ex.


Par bureau graphique (graphical desktop), je veux dire que le poste
Windows lance une application émulant un serveur X et gérant notamment
l'écran, le clavier et la souris du poste Windows. Une fois ce serveur
X opérationnel, le serveur Debian affiche sur l'écran du poste Windows
le client de connexion qui permet de s'identifier (greeter), puis,  si
l'authentification réussit,  ouvre une session comprenant un
gestionnaire de fenêtres (window manager) comme Gnome, KDE, Xfce et
utilisant les ressources du serveur Debian (CPU, mémoire, disques,
applications). L'application gdm3 (version 3 de GNOME Display Manager)
du serveur Debian communique avec les différents serveurs X des postes
Windows pour assurer ces services.


Bernard m'a montré ceci :
https://www.visionduweb.eu/forum/serveurs/1852-introduction-a-l-export-display#2467


ou VNC ou x2go ou nomachine

--
Daniel

Re: Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[G2PC]

Le 28/08/2017 à 15:03, Jean-Paul Bouchet a écrit :
>
>
> On 28/08/2017 13:09, daniel huhardeaux wrote:
>> Le 28/08/2017 à 11:14, Jean-Paul Bouchet a écrit :
>>> Bonjour,
>>
>> Bonjour
>>
>>>
>>> La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy
>>> donnait entière satisfaction. La migration, effectuée l'an dernier,
>>> de ce serveur vers Jessie a cassé cette fonctionnalité et je n'ai
>>> pas réussi à la réinstaller. Je viens de migrer le serveur de Jessie
>>> vers Stretch et de tenter à nouveau d'utiliser gdm3, xdmcp et gnome
>>> pour disposer d'un bureau graphique sur la console système et
>>> surtout sur les postes Windows de notre réseau local (avec Cygwin/X).
>>>
>>> J'ai adressé à la liste debian-user un courriel décrivant les
>>> problèmes que nous rencontrons
>>> (https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le
>>> sujet vous intéresse ...
>>>
>>> Mon message dans cette liste francophone a surtout pour objectif de
>>> savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque
>>> part, sur un serveur utilisant une version Stretch ou Jessie de
>>> Debian en mode systemd (multi-user, PAM). Un témoignage me
>>> permettrait de me rassurer sur le bien-fondé de ma recherche d'une
>>> erreur de paramétrage dans la configuration de notre serveur. Merci
>>> de préciser si l'installation de Stretch ou de Jessie résulte d'un
>>> 'dist-upgrade' ou d'une installation 'de novo'.
>>>
>>> Peut-être utilisez-vous d'autres solutions gratuites pour permettre
>>> l'accès des utilisateurs de Microsoft Windows aux ressources d'un
>>> serveur Debian via un bureau graphique ?
>>
>> Je ne comprends pas le sens de cette phrase: l'accès via un bureau
>> graphique? Les postes Windows peuvent monter un disque réseau qui est
>> sous Linux via SAMBA par ex.
>>
> Par bureau graphique (graphical desktop), je veux dire que le poste
> Windows lance une application émulant un serveur X et gérant notamment
> l'écran, le clavier et la souris du poste Windows. Une fois ce serveur
> X opérationnel, le serveur Debian affiche sur l'écran du poste Windows
> le client de connexion qui permet de s'identifier (greeter), puis,  si
> l'authentification réussit,  ouvre une session comprenant un
> gestionnaire de fenêtres (window manager) comme Gnome, KDE, Xfce et
> utilisant les ressources du serveur Debian (CPU, mémoire, disques,
> applications). L'application gdm3 (version 3 de GNOME Display Manager)
> du serveur Debian communique avec les différents serveurs X des postes
> Windows pour assurer ces services.
>
Bernard m'a montré ceci :
https://www.visionduweb.eu/forum/serveurs/1852-introduction-a-l-export-display#2467

Linux Burgare - Öl Stockholm September 2017

[Luna Jernberg]

Vi är några nördar som lyssnar på Linuxpodden som tänkte ses 1:a
September nu på Fredag vid 18:00 på Pitchers Mariatorget och käka
eller dricka öl eller båda följ med om ni är sugna:
https://linuxpodden.nu/2017/08/spontanmote-i-stockholm/

Re: Alias - Erreur pour recharger .bashrc

[G2PC]

Le 28/08/2017 à 15:14, Francois Lafont a écrit :
> Bonjour,
>
> On 08/28/2017 03:02 PM, G2PC wrote:
>
>> Pouvez vous m'aider pour .bashrc ? J'ai ajouté des alias, mais,
>> je n'arrive pas à recharger le .bashrc Mon shell est zsh.
> Sauf erreur, le .bashrc, comme son nom l'indique, c'est pour
> shell bash. Si tu utilises zsh, alors il doit y avoir sans
> doute un autre fichier de conf, j'imagine que ça doit se
> trouver dans le man (ne connaissant pas vraiment zsh, je ne
> me risque pas à t'en dire plus).
>
> À+

Merci de ta réponse rapide.

Effectivement, j'ai posté un peu vite, car, je ne me sentais pas forcément à 
l'aise, avec le bashrc et le zsh mais, j'ai trouvé la réponse plus rapidement 
que prévu :

Noter que le shell par défaut de Debian s'appelle bash, mais qu'il en
 existe d'autres, selon les usages (zsh, csh, ...), pour lesquels le 
fonctionnement est légèrement différent.

Attention ! J'utilise zsh, et, zsh utilise ~/.zshrc et non pas ~/.bashrc.

Enlever les alias ajoutés dans .bashrc puisqu'il ne recharge pas, et, ajouter 
les alias dans .zshrc

Recharger .zshrc avec la commande |source ~/.zshrc|

Les alias sont maintenant fonctionnels.


Par contre, je ne sais pas si cette erreur de .bashrc est normale et si je dois 
quand même la corrigée. Je part du principe que, je n'ai pas à m'en occuper, 
puisque j'utilise zsh.

Source : 
https://www.visionduweb.eu/wiki/index.php?title=Utiliser_des_commandes_shell_avec_le_terminal#Exemples_pour_des_alias_avec_apt-get

[Résolu]

Re: XFCE wm deadlocks on (other) console logout

[Cindy-Sue Causey]

On 8/28/17, Zenaan Harkness  wrote:
> I consistently get a deadlock of the XFCE window manager, immediately
> after I logout of say Linux console 2, when e.g. XFCE is running on
> console 1.
>
> Procedure to replicate:
>
> 1. login to console 1
>
> 2. start xfce
>
> 3. switch to console 2 (e.g. CTRL+ALT+F2)
>
> 4. loging to console 2
>
> 5. logout of console 2 (e.g. CTRL+D)
>
>
> Notably, when I'm on console 2, either logged in or not, I can safely
> use ALT+Left to go to console 1 and appears my XFCE desktop.
>
> Similarly using Ctrl+Alt+F1
>
> So I'm guessing some sort of unhandled race condition, but I'm at a
> loss as to how to debug this.


I may not be quite understanding, but I just played along from behind
the lurk wall

I had a BUNCH of shtuff open at that second. I didn't think things
through clearly, i.e. if mine locked up, I would have lost some
shtuff...

As it was...

I got locked out... kinda sorta.

I CTRL+ALT+F2 logged in to where I was still in console. Typed a
few "asdfasdfasdf" that obviously failed, and logged out.

I. CTRL+ALT+F1...

And there I sat at the login prompt.

As soon that happened, I had a memory recall of having been there,
done there a couple months ago and never followed up on it. I didn't
try logging in because part of that memory recall is that I might have
lost some data on the last go-round with it.

I THOUGHT that F1 was the first console, is it not?

Out of pure *panic*, I went down the row. F3, F4, F5..

Mystery solved: F7 is the new F1 in my case.

I started to ask if that helps in your case, but it sounds like you're
already able to use CTRL+ALT+F1 as expected so *?*

Just thinking out loud.. :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: Resign me from your lists

[Gene Heskett]

On Monday 28 August 2017 09:11:01 Mario Castelán Castro wrote:

> On 28/08/17 01:09, Reco wrote:
> > Mario Castelán Castro  wrote:
> >> I have to admit that I do not know what specific header you are
> >> talking about.
> >>
> >> I was not aware that this mailing list was used in “From:”
> >> spoofing.
> >
> > X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone
> > that's on the list. Like this: [...]

I just looked at my copy, it did not contain that string in 
x-spam-status.
>
> I see. Thanks for the information.


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: One-line password generator

[Thomas Schmitt]

Hi,

i wrote:
> > I understand that in this situation there is no difference
> > between /dev/random and /dev/urandom.
> > The difference appears only when the assumption of wealth is not fulfilled.

Andy Smith wrote:
> It cannot be "not fulfilled" except in the very early boot sequence.

Well, then there remains few difference to discuss.


Have a nice day :)

Thomas

Re: Alias - Erreur pour recharger .bashrc

[Francois Lafont]

Bonjour,

On 08/28/2017 03:02 PM, G2PC wrote:

> Pouvez vous m'aider pour .bashrc ? J'ai ajouté des alias, mais,
> je n'arrive pas à recharger le .bashrc Mon shell est zsh.

Sauf erreur, le .bashrc, comme son nom l'indique, c'est pour
shell bash. Si tu utilises zsh, alors il doit y avoir sans
doute un autre fichier de conf, j'imagine que ça doit se
trouver dans le man (ne connaissant pas vraiment zsh, je ne
me risque pas à t'en dire plus).

À+

-- 
François Lafont

Re: Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[Jean-Paul Bouchet]

On 28/08/2017 13:09, daniel huhardeaux wrote:

Le 28/08/2017 à 11:14, Jean-Paul Bouchet a écrit :

Bonjour,


Bonjour



La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy 
donnait entière satisfaction. La migration, effectuée l'an dernier, 
de ce serveur vers Jessie a cassé cette fonctionnalité et je n'ai pas 
réussi à la réinstaller. Je viens de migrer le serveur de Jessie vers 
Stretch et de tenter à nouveau d'utiliser gdm3, xdmcp et gnome pour 
disposer d'un bureau graphique sur la console système et surtout sur 
les postes Windows de notre réseau local (avec Cygwin/X).


J'ai adressé à la liste debian-user un courriel décrivant les 
problèmes que nous rencontrons 
(https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le 
sujet vous intéresse ...


Mon message dans cette liste francophone a surtout pour objectif de 
savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque 
part, sur un serveur utilisant une version Stretch ou Jessie de 
Debian en mode systemd (multi-user, PAM). Un témoignage me 
permettrait de me rassurer sur le bien-fondé de ma recherche d'une 
erreur de paramétrage dans la configuration de notre serveur. Merci 
de préciser si l'installation de Stretch ou de Jessie résulte d'un 
'dist-upgrade' ou d'une installation 'de novo'.


Peut-être utilisez-vous d'autres solutions gratuites pour permettre 
l'accès des utilisateurs de Microsoft Windows aux ressources d'un 
serveur Debian via un bureau graphique ?


Je ne comprends pas le sens de cette phrase: l'accès via un bureau 
graphique? Les postes Windows peuvent monter un disque réseau qui est 
sous Linux via SAMBA par ex.


Par bureau graphique (graphical desktop), je veux dire que le poste 
Windows lance une application émulant un serveur X et gérant notamment 
l'écran, le clavier et la souris du poste Windows. Une fois ce serveur X 
opérationnel, le serveur Debian affiche sur l'écran du poste Windows le 
client de connexion qui permet de s'identifier (greeter), puis,  si 
l'authentification réussit,  ouvre une session comprenant un 
gestionnaire de fenêtres (window manager) comme Gnome, KDE, Xfce et 
utilisant les ressources du serveur Debian (CPU, mémoire, disques, 
applications). L'application gdm3 (version 3 de GNOME Display Manager) 
du serveur Debian communique avec les différents serveurs X des postes 
Windows pour assurer ces services.

Re: Create virtual ethernet devices on Debian 9 stretch ?

[Reco]

Hi.

On Mon, Aug 28, 2017 at 02:52:48PM +1000, Zenaan Harkness wrote:
> "Right now" my aim is to run virt-manager or qemu, with kvm
> underneath, with a host-only virtual network to which I shall connect
> two virtual machines, and the host machine, and run some nfs or samba
> thing to share folders between all 3.

This is doable. Not 'simple' as libvirt (the thing underneath
virt-manager) is trying to do too much at once, but 'doable'. 


> My requisite is to have a sense of full control over my virtual
> networking - this means setup and tear down primarily via
> /etc/network/interfaces unless some other mechanism were more highly
> recommended
> - this means not relying on say the virt-manager gui

In e/n/i lingua you need something like this (bridge-utils package is
required):

auto br0
iface br0 inet static
address …
netmask …
bridge_ports regex vnet[0-9]+
bridge_stp off
bridge_maxwait 0

Meaning that:

1) You setup a conventional Linux brigde interface which *must* include
libvirt-created network interfaces only (provided they exist on upping
the bridge).

2) Said bridge is configured with static IP address for simplicity.

3) The bridge has STP disabled as it's highly unlikely you'll need to
connect two such bridges on two hosts.

4) Finally, there's no need to wait for slave interfaces to appear in
such bridge.

What you *do not* need to do when using libvirt is to muck with iptables
(host-only network does not require it) or create tap/tun interfaces
manually. You only need to explain each 'virtual domain' (aka 'virtual
machine') that they should use br0 as a 'bridge' interface, not a
'network' one.


> However, I'd also like to learn how to use the virt-manager gui to
> create a single "host-only virtual network" instance for a virtual
> machine (or two :)

You'll need to feed libvirt XML that's similar to the following (note
that 'forward' is absent), which I took directly from
libvirt-daemon-system package:


  default
  
  

  

  


Not only libvirt will create a bridge called virbr0, but it also will
start dnsmasq on it (to serve DNS and DHCP requests) and it will throw
in some iptables rules on the top of heap.

While I can easily write how to feed such XML to libvirt by virsh, I'm
feeling difficulty to describe which buttons should be pressed in
virt-manager to achieve the same result ☺.
It should be straightforward and userfriendly, at least that's what
upstream is promising us.


> Here are the examples/ snippets I've gleaned in the last few months:
> 
> ## temporary ssh vpn:
> iface tun0 inet static
> …

Unsuitable for host-only network, neat idea though


> # Simple case; man bridge-utils-interfaces(5)
> # Bridge interface to make VMs bridge to specific networks
> auto br0
> iface br0 inet dhcp
> …

See above.


> # Not so simple; virtual switch with host as gateway
> # See http://debian-handbook.info/browse/stable/sect.virtualization.html
> # Virtual interface
> auto tap0
> iface tap0 inet manual
>   vde2-switch -t tap0
> …

libvirt did not support vde2 last time I checked.


> # Bridge for containers
> auto br0
> iface br0 inet static
>   bridge-ports tap0
>   address 10.0.0.1
>   netmask 255.255.255.0
> …

Almost hit it, but libvirt likes to call network interfaces 'vnet' not
'tap'.


> # See http://wiki.debian.org/QEMU#Host_and_guests_on_same_network
> auto br0
> iface br0 inet dhcp
>pre-up ip tuntap add dev tap0 mode tap user 
> …

Neat, but redundant with libvirt.


> # qemu/kvm host only or private/ internal network:
> #  - it's a form of "bridge" network - apt-get install bridge-utils
> #  - ho0 is the (random) name chosen for this bridge device,
> #e.g. "hostonly0" might be a better memory jog
> #  - 10.13.13.1 is the (random) host address for this network
> auto ho0
> iface ho0 inet static
>address 10.13.13.1
>netmask 255.255.255.0
>pre-up  brctl addbr ho0
>post-down   brctl delbr ho0

Ditto.

Reco

Re: Hardware compatible

[Narcis Garcia]

El 28/08/17 a les 14:15, Ernest Adrogué ha escrit:
> 2017-07-31, 20:03 (+0200); Santi Moreno escriu:
>> Hola,
>> vull montar un pc per casa a peces i volia preguntar si conegueu alguna
>> relació de hardware compatible 100% amb linux o marques que
>> contribueixen amb el software lliure i que donen les màximes
>> prestacions.
> 
> No puc parlar de Wifi perquè no el faig servir.  Pels processadors
> gràfics AMD pots mirar pots mirar el grau de support existent per als
> diferents xips en aquesta plana:
> 
> https://wiki.freedesktop.org/xorg/RadeonFeature/
> 
> Intel pel que tinc entès també té bon suport, però no conec cap llista
> com la de AMD.  En qualsevol cas jo evitaria Nvidia a qualsevol preu, ja
> que no són gaire donats a proporcionar informació sobre el seu maquinari
> perquè es puguin escriure drivers lliures.
> 

Jo per Wifi tinc repetides males experiències amb Conceptronic, però
d'això fa temps i no sé ara com està la cosa.

Alias - Erreur pour recharger .bashrc

[G2PC]

Bonjour, Pouvez vous m'aider pour .bashrc ? J'ai ajouté des alias, mais,
je n'arrive pas à recharger le .bashrc Mon shell est zsh. Exemples pour
des alias avec apt-get

alias search='apt-cache search'
alias show='apt-cache show'
alias install='sudo apt-get install'
alias remove='sudo apt-get remove'
alias update='sudo apt-get update'
alias upgrade='sudo apt-get upgrade'

Utiliser ensuite la commande update && upgrade pour lancer une mise à jour.

Recharger .bashrc avec la commande |source ~/.bashrc|

J'ai une erreur avec mon .bashrc

source ~/.bashrc
/home/root/.bashrc:16: command not found: shopt
/home/root/.bashrc:24: command not found: shopt
/home/root/.bashrc:122: command not found: shopt
/usr/share/bash-completion/bash_completion:51: command not found: shopt
/usr/share/bash-completion/bash_completion:57: command not found: complete
/usr/share/bash-completion/bash_completion:62: command not found: complete
/usr/share/bash-completion/bash_completion:65: command not found: complete
/usr/share/bash-completion/bash_completion:68: command not found: complete
/usr/share/bash-completion/bash_completion:71: command not found: complete
/usr/share/bash-completion/bash_completion:74: command not found: complete
/usr/share/bash-completion/bash_completion:77: command not found: complete
/usr/share/bash-completion/bash_completion:80: command not found: complete
/usr/share/bash-completion/bash_completion:83: command not found: complete
/usr/share/bash-completion/bash_completion:86: command not found: complete
/usr/share/bash-completion/bash_completion:89: command not found: complete
/usr/share/bash-completion/bash_completion:92: command not found: complete
/usr/share/bash-completion/bash_completion:314: parse error near `\n'
\[\e]0;\u@\h 
\w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\h\[\033[01;34m\] \W 
\$\[\033[00m\]


Source : 
https://www.visionduweb.eu/wiki/index.php?title=Utiliser_des_commandes_shell_avec_le_terminal#Exemples_pour_des_alias_avec_apt-get

Re: Hardware compatible

[Ernest Adrogué]

2017-07-31, 20:03 (+0200); Santi Moreno escriu:
> Hola,
> vull montar un pc per casa a peces i volia preguntar si conegueu alguna
> relació de hardware compatible 100% amb linux o marques que
> contribueixen amb el software lliure i que donen les màximes
> prestacions.

No puc parlar de Wifi perquè no el faig servir.  Pels processadors
gràfics AMD pots mirar pots mirar el grau de support existent per als
diferents xips en aquesta plana:

https://wiki.freedesktop.org/xorg/RadeonFeature/

Intel pel que tinc entès també té bon suport, però no conec cap llista
com la de AMD.  En qualsevol cas jo evitaria Nvidia a qualsevol preu, ja
que no són gaire donats a proporcionar informació sobre el seu maquinari
perquè es puguin escriure drivers lliures.

Re: Parler est comme jouer au tennis avec des réceptions et envois de la balle Pauline

[ranet . bouamer]

 c qui

Re: ralentissement ssh -X

[Thierry Bugier Pineau]

Bonjour

Personnellement cA fait peut être 10 ans que j'utilise le protocole NX. A ce 
jour avec x2go. Il élimine beaucoup de trafic inutile rendant X peut efficace 
en réseau.

Il y a aussi xpra avec winswitch dans les dépôts officiels, mais je n'arrive 
pas toujours à le faire fonctionner bien que ce soit très intéressant en terme 
de fonctionnalité.  

Le 28 août 2017 10:49:30 GMT+02:00, Thierry Despeyroux 
 a écrit :
>En fait dès qu'il y a un curseur vidéo ça devient impossible, snif
>
>Le Mon, 28 Aug 2017 10:08:12 +0200,
>Thierry Despeyroux  a écrit :
>
>> Je viens de supprimer l'accélération matériel et le défilement doux,
>> ça améliore un peu en effet, mais j'ai l'impression que ce n'est pas
>> au même niveau qu'avant.
>> 
>> Merci beaucoup quand même
>> 
>> Thierry
>> 
>> Le Mon, 28 Aug 2017 09:52:37 +0200,
>> Grégory Reinbold  a écrit :
>> 
>> > Bonjour,
>> > 
>> > Tu as essayé activer/désactiver l'accélération matérielle dans ton 
>> > navigateur ?
>> > 
>> > 
>> > On 08/28/2017 09:33 AM, Thierry Despeyroux wrote:  
>> > > Bonjour,
>> > >
>> > > j'avais l'habitude dans les versions précédentes de Debian de me
>> > > connecter par ssh -X à mon portable pro depuis ma station perso,
>> > > et tout marchait nikel. Sauf pour les videos dans firefox, je ne
>> > > remarquais aucun ralentissement notable par rapport à aller
>> > > directement sur l'écran du portable.
>> > >
>> > > Depuis que je suis passé à Debian 9 (sur les 2 machines) le
>> > > ralentissement est devenu insupportable...
>> > >
>> > > Avez-vous une idée du côté où il faut que je regarde ?
>> > >
>> > > Bonne journée à tous
>> > >
>> > > Thierry Despeyroux
>> > >
>> >   
>> 

-- 
Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma 
brièveté.

Re: One-line password generator

[Andy Smith]

Hello,

On Mon, Aug 28, 2017 at 12:04:51PM +0200, Thomas Schmitt wrote:
> And again, the argumentation of Theodore is that there is always enough
> entropy at hand. I understand that in this situation there is no difference
> between /dev/random and /dev/urandom.
> The difference appears only when the assumption of wealth is not fulfilled.

It cannot be "not fulfilled" except in the very early boot sequence.
The ChaCha20 PRNG in Linux only needs about 256 bits of entropy to
then generate as much as you like from that point forwards. Some
data is saved on shutdown to /var/lib/urandom/random-seed and very
early on is fed back in to seed the PRNG. It's only in the small
window between boot and feeding in that data where the PRNG might
not have enough entropy.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Hardware compatible

[Eduard Selma]

El 31/07/17 a les 20:03, Santi Moreno ha escrit:

Hola,
vull montar un pc per casa a peces i volia preguntar si conegueu alguna
relació de hardware compatible 100% amb linux o marques que
contribueixen amb el software lliure i que donen les màximes
prestacions.


- Veig que va de targes de xarxa (juntament amb les gràfiques un dels 
possibles problemes a GNU/Linux).


Jo tinc al PC d'escriptori aquestes:

Realtek RTL8111/8168/8411 (Gigabit RJ-45)
Ralink  RT2561/RT61 (Sense fils)

i al de la meva dona, una equivalent:

Realtek  RTL8111/8168/8411 (Gigabit RJ-45)

Totes dues són encastades a la placa mare (són diferents, una MSI i una 
Asus).

No m'han donat mai cap problema en Wheezy, Jessie ni ara amb Stretch.

Els processadors són AMD com els respectius controladors gràfics, que 
tampoc em donen cap problema amb el controlador lliure Radeon. Amb els 
darrers nuclis de Linux, la velocitat és prou bona i em sembla que ja no 
hi ha necessitat d'usar els controladors privatius Catalyst (fglrx).


Els meus 5 cèntims.

--
Eduard Selma i Bargalló.
-
Aquest missatge s'ha enviat des d'un sistema Linux
i no és probable que contingui programari maliciós.

Re: Debian pre installed

[Dejan Jocic]

On 28-08-17, Banks Mawson wrote:
> Hello,
> I,am hoping you can help me. I,am looking to buy a new laptop,
> But would like Debian 9 pre-installed on it. 
> Can you please tell me where  I can get one from.
> Tried installing it on Lenovo r61i but to no avail.   
>   Hope you can help.  
> Regards
>Banks Mawson
> Isle of Man
> 
> Sent from Mail for Windows 10
> 

Here is page that you might find helpful:

https://www.debian.org/distrib/pre-installed

Aside from that, there are many laptops on which you can install and use
Debian 9 without problem. From personal experience, you can always pick
Dell that comes with pre-installed Ubuntu on it. Debian will install on
it too, though you will probably need non-free firmware for most of
those ( not problem at all if you use install image with non-free
firmware ). Also it is worth checking these links:

http://linux-laptop.net/

https://system76.com/laptops

http://zareason.com/Laptops/

Re: Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[daniel huhardeaux]

Le 28/08/2017 à 11:14, Jean-Paul Bouchet a écrit :

Bonjour,


Bonjour



La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy 
donnait entière satisfaction. La migration, effectuée l'an dernier, de 
ce serveur vers Jessie a cassé cette fonctionnalité et je n'ai pas 
réussi à la réinstaller. Je viens de migrer le serveur de Jessie vers 
Stretch et de tenter à nouveau d'utiliser gdm3, xdmcp et gnome pour 
disposer d'un bureau graphique sur la console système et surtout sur 
les postes Windows de notre réseau local (avec Cygwin/X).


J'ai adressé à la liste debian-user un courriel décrivant les 
problèmes que nous rencontrons 
(https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le 
sujet vous intéresse ...


Mon message dans cette liste francophone a surtout pour objectif de 
savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque 
part, sur un serveur utilisant une version Stretch ou Jessie de Debian 
en mode systemd (multi-user, PAM). Un témoignage me permettrait de me 
rassurer sur le bien-fondé de ma recherche d'une erreur de paramétrage 
dans la configuration de notre serveur. Merci de préciser si 
l'installation de Stretch ou de Jessie résulte d'un 'dist-upgrade' ou 
d'une installation 'de novo'.


Peut-être utilisez-vous d'autres solutions gratuites pour permettre 
l'accès des utilisateurs de Microsoft Windows aux ressources d'un 
serveur Debian via un bureau graphique ?


Je ne comprends pas le sens de cette phrase: l'accès via un bureau 
graphique? Les postes Windows peuvent monter un disque réseau qui est 
sous Linux via SAMBA par ex.


--
Daniel

Debian pre installed

[Banks Mawson]

Hello,
I,am hoping you can help me. I,am looking to buy a new laptop,
But would like Debian 9 pre-installed on it. 
Can you please tell me where  I can get one from.
Tried installing it on Lenovo r61i but to no avail. 
  Hope you can help.
Regards
   Banks Mawson
Isle of Man

Sent from Mail for Windows 10

Re: obsolete wiki

[rhkramer]

On Monday, August 28, 2017 04:55:11 AM Jonathan de Boyne Pollard wrote:
> rhkra...@gmail.com:
> > Well, even a vague note on the page something like:
> > 
> > "Some of this seems to be out of date with the advent of systemd and
> > its adoption in Debian starting with version n.n ().
> > If you can contribute anything more to this story, please do."
> > 
> > ...would be a start.
> 
> That sort of editing, sticking little sentences in without regard to the
> article as a whole, or even the immediately surrounding paragraphs, is
> very prevalent at Wikipedia and is one of the major causes of pages
> degrading over time. It does not work well.

Do you have an alternate suggestion / solution?  More specifically, say for 
someone not (well-)versed in the subject matter of the page, who comes to the 
page, reads it, then attempts to use the information contained in the page but 
it doesn't work for him (for reasons which he believes to be related to wrong 
/ outdated information on the page, what would you suggest he do?

Nothing?  Leave the same pitfall for the next reader, or

At least warn that "there be dragons here"?

Ideally if that person (or some other future reader of the warning about 
dragons) learns a little bit more, (ideally) that person would add the 
additional information he learns.

But, what would you suggest he do?

Re: XFCE wm deadlocks on (other) console logout

[Liam O'Toole]

On 2017-08-28, Zenaan Harkness  wrote:
> I consistently get a deadlock of the XFCE window manager, immediately
> after I logout of say Linux console 2, when e.g. XFCE is running on
> console 1.
>
> Procedure to replicate:
>
> 1. login to console 1
>
> 2. start xfce
>
> 3. switch to console 2 (e.g. CTRL+ALT+F2)
>
> 4. loging to console 2
>
> 5. logout of console 2 (e.g. CTRL+D)
>
>
> Notably, when I'm on console 2, either logged in or not, I can safely
> use ALT+Left to go to console 1 and appears my XFCE desktop.
>
> Similarly using Ctrl+Alt+F1
>
> So I'm guessing some sort of unhandled race condition, but I'm at a
> loss as to how to debug this.

I suspect a deadlock of the graphics driver rather then the window
manager. Some drivers don't handle console switching very well. Can you
reproduce the problem with a different window manager?

-- 

Liam

Re: One-line password generator

[Thomas Schmitt]

Hi,

Curt wrote:
> Here's a fresh (20 July of this year) view by Theodore Ts'o:
> https://lkml.org/lkml/2017/7/20/993

An opinion of substantial weight, indeed.

Nevertheless it would be more interesting to learn the reason why Linux
did not simply make /dev/random behave like /dev/urandom long ago.

And again, the argumentation of Theodore is that there is always enough
entropy at hand. I understand that in this situation there is no difference
between /dev/random and /dev/urandom.
The difference appears only when the assumption of wealth is not fulfilled.

Also one should note that Theodore uses the argument of a deprecated
/dev/random as answer to a side note of his discussion partner, not as
general statement.
The main point of Stephan Müller is that the system could collect more
entropy. The answer of Theodore is that it already collects more than
enough and does not have to care about being drained by /dev/random because
that draining is deprecated.

So one would have to ask him, whether this opinion does not hold under all
circumstances or what else blocks him from just making both mechanisms
equal. (Normally i would dare to approach him. But i guess he is already
annoyed by the topic and man page reading cowards like me.)


Have a nice day :)

Thomas

Re: One-line password generator

[Curt]

On 2017-08-28, Thomas Schmitt  wrote:
>
> But i myself have two use cases for (pseudo-)random numbers:
> - Small but hard secrets which i need for security purposes.
> - 3 times 25 GB of random stream to surely shake up the bits on a BD-RE
>   medium which previously contained embarassing data.

Here's a fresh (20 July of this year) view by Theodore Ts'o:

https://lkml.org/lkml/2017/7/20/993
 
 Practically no one uses /dev/random.  It's essentially a deprecated
 interface; the primary interfaces that have been recommended for well
 over a decade is /dev/urandom, and now, getrandom(2).  We only need
 384 bits of randomness every 5 minutes to reseed the CRNG, and that's
 plenty even given the very conservative entropy estimation currently
 being used.

> The first purpose is still assigned to /dev/random, according to the
> new man pages (at least if one is committed by one's first name to be
> a disbeliever).
>
> The second one is not a job for /dev/urandom either. It does not even
> need a strong seed, because the data do not have to be secret. In fact
> they are intended to be readable instead of the original data which i
> want to destroy.
>
>
> Have a nice day :)
>
> Thomas
>
>


-- 
"The purpose of art is to lay bare the questions that have been hidden by the 
answers."
— James Baldwin

history questions about how changelog.gz and changelog.Debian.gz came about.

[shirish शिरीष]

Dear all,   

Please CC me if anybody has an answer to below as I'm not subscribed
to either of the mailing lists due to the volume both ML generate.

I like the way Debian gives various changelogs . For instance for most
packages it has -

changelog.gz - This is the upstream changelog giving details of the
differences between any two versions or at times even point versions.
Nowadays usually distilled from $ git shortlog or whatever equivalent
command in whatever vcs is being used.

changelog.Debian.gz - This talks about changes/improvements done to
the packaging.  Some of the common changes include changes in the
packaging team/uploader, changes to the standards versions, Updating
build-depends, any patches which fixes some issue in Debian which has
not been accepted by upstream, any changes to either debian/rules or
debian/control which might be notable and the uploader feels that they
need to be mentioned in the changelog (notable).

While I'm pretty happy with the way Debian organizes this thing, was
this idea of having separate changelogs to lessen confusion born at
Debian or some other GNU/Linux distribution. If so, where and when
this idea was born, implemented before Debian ?

In short, was Debian the first distribution to use the concept to
apply for third-party software.

-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A  2C2F 9F3D C7A4 E1C4 D2D8

Echec de gdm3 à ouvrir une session X sur la console et sur les serveurs X utilisant xdmcp (Stretch 9.1)

[Jean-Paul Bouchet]

Bonjour,

La solution gdm3/xdmcp/gnome installée sur notre serveur Wheezy donnait 
entière satisfaction. La migration, effectuée l'an dernier, de ce 
serveur vers Jessie a cassé cette fonctionnalité et je n'ai pas réussi à 
la réinstaller. Je viens de migrer le serveur de Jessie vers Stretch et 
de tenter à nouveau d'utiliser gdm3, xdmcp et gnome pour disposer d'un 
bureau graphique sur la console système et surtout sur les postes 
Windows de notre réseau local (avec Cygwin/X).


J'ai adressé à la liste debian-user un courriel décrivant les problèmes 
que nous rencontrons 
(https://lists.debian.org/debian-user/2017/08/msg01465.html). Si le 
sujet vous intéresse ...


Mon message dans cette liste francophone a surtout pour objectif de 
savoir si la solution gdm3/xdmcp/gnome est opérationnelle quelque part, 
sur un serveur utilisant une version Stretch ou Jessie de Debian en mode 
systemd (multi-user, PAM). Un témoignage me permettrait de me rassurer 
sur le bien-fondé de ma recherche d'une erreur de paramétrage dans la 
configuration de notre serveur. Merci de préciser si l'installation de 
Stretch ou de Jessie résulte d'un 'dist-upgrade' ou d'une installation 
'de novo'.


Peut-être utilisez-vous d'autres solutions gratuites pour permettre 
l'accès des utilisateurs de Microsoft Windows aux ressources d'un 
serveur Debian via un bureau graphique ?


Vos conseils, suggestions et témoignages sont les bienvenus.

Jean-Paul

Re: obsolete wiki

[Jonathan de Boyne Pollard]

rhkra...@gmail.com:


Well, even a vague note on the page something like:

"Some of this seems to be out of date with the advent of systemd and 
its adoption in Debian starting with version n.n (). 
If you can contribute anything more to this story, please do."


...would be a start.

That sort of editing, sticking little sentences in without regard to the 
article as a whole, or even the immediately surrounding paragraphs, is 
very prevalent at Wikipedia and is one of the major causes of pages 
degrading over time. It does not work well.


https://unix.stackexchange.com/questions/388427/ at Stack Exchange is an 
example of the effect of such things. The relevant wiki page was 
annotated with precisely that sort of thing, 
https://wiki.debian.org/motd?action=diff=15=16, placing a 
paragraph at the top that said that the rest of the page was out of date 
as of Debian 7. You can see from the Stack Exchange question the 
confusion that this causes for readers. Ironically, the wiki page 
answers the question in a single sentence. But the answer for what 
Debian does nowadays is buried for the reader under a morass of what 
Debian used to do, and did not get seen at all, resulting in the person 
coming to Stack Exchange in the first place.

Re: ralentissement ssh -X

[Thierry Despeyroux]

En fait dès qu'il y a un curseur vidéo ça devient impossible, snif

Le Mon, 28 Aug 2017 10:08:12 +0200,
Thierry Despeyroux  a écrit :

> Je viens de supprimer l'accélération matériel et le défilement doux,
> ça améliore un peu en effet, mais j'ai l'impression que ce n'est pas
> au même niveau qu'avant.
> 
> Merci beaucoup quand même
> 
> Thierry
> 
> Le Mon, 28 Aug 2017 09:52:37 +0200,
> Grégory Reinbold  a écrit :
> 
> > Bonjour,
> > 
> > Tu as essayé activer/désactiver l'accélération matérielle dans ton 
> > navigateur ?
> > 
> > 
> > On 08/28/2017 09:33 AM, Thierry Despeyroux wrote:  
> > > Bonjour,
> > >
> > > j'avais l'habitude dans les versions précédentes de Debian de me
> > > connecter par ssh -X à mon portable pro depuis ma station perso,
> > > et tout marchait nikel. Sauf pour les videos dans firefox, je ne
> > > remarquais aucun ralentissement notable par rapport à aller
> > > directement sur l'écran du portable.
> > >
> > > Depuis que je suis passé à Debian 9 (sur les 2 machines) le
> > > ralentissement est devenu insupportable...
> > >
> > > Avez-vous une idée du côté où il faut que je regarde ?
> > >
> > > Bonne journée à tous
> > >
> > > Thierry Despeyroux
> > >
> >   
> 

No ifconfig

[Jonathan de Boyne Pollard]

Eike Lantzsch:


Yes, I ask myself why this isn't possible on Linux:

ifconfig enp3s0 inet alias 192.168.12.206 netmask 255.255.255.0

while it is perfectly possible on OpenBSD (with the correct device of 
course).



It's possible if you spell it |inet add| instead of |inet alias|.  (-:

Re: How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?

[Sven Hartge]

Zenaan Harkness  wrote:
> On Fri, Aug 25, 2017 at 05:45:17PM +0200, Sven Hartge wrote:

>> You don't. Commands like "service networking restart" have been
>> deprecated and partially non-functioning since at least Wheezy,
>> because of the internal limit of ifupdown itself.

> So to do text-config based networking, what's
> "The Recommended Way (TM)(R)(C)"?

Your question is unclear, unfortunately.

S°

-- 
Sigmentation fault. Core dumped.

No ifconfig

[Jonathan de Boyne Pollard]

Christian Seiler:

From my personal experience, the following two things are features I'm 
actually using regularly and that don't work with it:


1.

IPv6 doesn't really work properly (as explained elsewhere by other
people in this thread)

2.

Can't add multiple IP addresses to the same interface and (worse)
even if multiple IP addresses are assigned to the same interfaces
it only shows the primary address

(2) is really bad, especially the part where it does not show all of 
the IPs that were assigned by other tools, for example NetworkManager, 
or Debian's own |ifupdown| via |/etc/network/interfaces|.




Your second point is a conflation of two things.  One is right, but the 
other is wrong.  Here is what actually happens.  Starting with this basis:



jdebp % ifconfig lo|head -n 4
loLink encap:Local Loopback
   inet addr:127.0.0.1  Mask:255.0.0.0
   inet6 addr: ::1/128 Scope:Host
   inet6 addr: ::2/128 Scope:Compat
jdebp % ip address show lo|fgrep -A 1 inet
 inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
 inet 127.53.53.1/8 scope host secondary lo:0
valid_lft forever preferred_lft forever
 inet6 ::2/128 scope global
valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
jdebp %


|ifconfig| cannot see additional addresses assigned by the likes of |ip| 
in its simplest fashion, as here:



jdebp % sudo ip address add 127.53.0.1 dev lo
jdebp % ifconfig lo|head -n 4
loLink encap:Local Loopback
   inet addr:127.0.0.1  Mask:255.0.0.0
   inet6 addr: ::1/128 Scope:Host
   inet6 addr: ::2/128 Scope:Compat
jdebp % ip address show lo|fgrep -A 1 inet
 inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
 inet 127.53.0.1/32 scope host lo
valid_lft forever preferred_lft forever
 inet 127.53.53.1/8 scope host secondary lo:0
valid_lft forever preferred_lft forever
 inet6 ::2/128 scope global
valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
jdebp %


But it most definitely /can/ assign multiple IP addresses to a single 
interface, and these will be reported as such by |ip| even though 
|ifconfig| shows them differently:



jdebp % sudo ifconfig lo inet add 127.53.0.2
jdebp % ifconfig lo|head -n 4
loLink encap:Local Loopback
   inet addr:127.0.0.1  Mask:255.0.0.0
   inet6 addr: ::1/128 Scope:Host
   inet6 addr: ::2/128 Scope:Compat
jdebp % ifconfig lo:0|head -n 2
lo:0  Link encap:Local Loopback
   inet addr:127.53.0.2  Mask:255.0.0.0
jdebp % ip address show lo|fgrep -A 1 inet
 inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
 inet 127.53.0.1/32 scope host lo
valid_lft forever preferred_lft forever
 inet 127.53.53.1/8 scope host secondary lo:0
valid_lft forever preferred_lft forever
 inet 127.53.0.2/8 scope host secondary lo:1
valid_lft forever preferred_lft forever
 inet6 ::2/128 scope global
valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
jdebp %


Moreover, one /can/ add multiple IP addresses to an interface with |ip| 
in such a way that |ifconfig| sees them, by assigning labels:



jdebp % sudo ip address del 127.53.0.1/32 dev lo
jdebp % sudo ip address add 127.53.0.1 dev lo label lo:2
jdebp % ifconfig lo:2|head -n 2
lo:2  Link encap:Local Loopback
   inet addr:127.53.0.1  Mask:255.255.255.255
jdebp %


One interesting tidbit in the aforegiven:  The network mask inference 
calculation differs. |ip| inferred 127.53.0.1/32 whereas |ifconfig| 
inferred 127.53.0.2/8.

Re: ralentissement ssh -X

[Thierry Despeyroux]

Je viens de supprimer l'accélération matériel et le défilement doux, ça
améliore un peu en effet, mais j'ai l'impression que ce n'est pas au
même niveau qu'avant.

Merci beaucoup quand même

Thierry

Le Mon, 28 Aug 2017 09:52:37 +0200,
Grégory Reinbold  a écrit :

> Bonjour,
> 
> Tu as essayé activer/désactiver l'accélération matérielle dans ton 
> navigateur ?
> 
> 
> On 08/28/2017 09:33 AM, Thierry Despeyroux wrote:
> > Bonjour,
> >
> > j'avais l'habitude dans les versions précédentes de Debian de me
> > connecter par ssh -X à mon portable pro depuis ma station perso, et
> > tout marchait nikel. Sauf pour les videos dans firefox, je ne
> > remarquais aucun ralentissement notable par rapport à aller
> > directement sur l'écran du portable.
> >
> > Depuis que je suis passé à Debian 9 (sur les 2 machines) le
> > ralentissement est devenu insupportable...
> >
> > Avez-vous une idée du côté où il faut que je regarde ?
> >
> > Bonne journée à tous
> >
> > Thierry Despeyroux
> >  
> 

Re: ralentissement ssh -X

[Grégory Reinbold]

Bonjour,

Tu as essayé activer/désactiver l'accélération matérielle dans ton 
navigateur ?



On 08/28/2017 09:33 AM, Thierry Despeyroux wrote:

Bonjour,

j'avais l'habitude dans les versions précédentes de Debian de me
connecter par ssh -X à mon portable pro depuis ma station perso, et tout
marchait nikel. Sauf pour les videos dans firefox, je ne remarquais
aucun ralentissement notable par rapport à aller directement sur
l'écran du portable.

Depuis que je suis passé à Debian 9 (sur les 2 machines) le
ralentissement est devenu insupportable...

Avez-vous une idée du côté où il faut que je regarde ?

Bonne journée à tous

Thierry Despeyroux



--
Grégory Reinbold

ralentissement ssh -X

[Thierry Despeyroux]

Bonjour,

j'avais l'habitude dans les versions précédentes de Debian de me
connecter par ssh -X à mon portable pro depuis ma station perso, et tout
marchait nikel. Sauf pour les videos dans firefox, je ne remarquais
aucun ralentissement notable par rapport à aller directement sur
l'écran du portable.

Depuis que je suis passé à Debian 9 (sur les 2 machines) le
ralentissement est devenu insupportable...

Avez-vous une idée du côté où il faut que je regarde ?

Bonne journée à tous

Thierry Despeyroux

Re: One-line password generator

[Thomas Schmitt]

Hi,

Andy Smith wrote:
> The relevant Linux man pages were
> recently updated to clarify that once seeded, /dev/urandom is
> sufficient for any use
> [...]
> https://bugzilla.kernel.org/show_bug.cgi?id=71211

Maybe there are stronger reasons to abandon /dev/random. But that thread
states as only other motivation besides "It's safe, stupid" this observation
of Laurent Georget:

  "[...] as long as you use /dev/urandom for cryptographic
   purposes only, you should be ok, because you will never need *a lot* of
   random data anyway in any sensible program."

But this also implies that /dev/random will not block because there is
always more entropy in the pool than can reasonably be drained.
Plausible under normal circumstances, but also easy to sabotage if you have
an account on that machine or can get people to running a program of yours.


>  and that /dev/random is a legacy interface

I can read this only from half of the new man pages which are referred
in the thread.

  http://man7.org/linux/man-pages/man7/random.7.html
does not call it legacy but still gives it a job:
  
  "Choice of random source
   Unless you are doing long-term key generation (and most likely not
   even then), you probably shouldn't be reading from the /dev/random
   device or employing getrandom(2) with the GRND_RANDOM flag."

We are discussing exactly this: Long-term key generation.

In 
  http://man7.org/linux/man-pages/man4/random.4.html
it is indeed labeled "legacy", but still with a job:

  "The /dev/random device is a legacy interface which dates back to a
   time where the cryptographic primitives used in the implementation of
   /dev/urandom were not widely trusted.  It will return random bytes
   only within the estimated number of bits of fresh noise in the
   entropy pool, blocking if necessary.  /dev/random is suitable for
   applications that need high quality randomness, and can afford
   indeterminate delays.

Again, this is the situation we discuss:
Non-expert trust and enough time to wait for the coward's random numbers.


So yes, the experts tend towards deeming obsolete the extra entropy test
and the consequential blocking.

But i myself have two use cases for (pseudo-)random numbers:
- Small but hard secrets which i need for security purposes.
- 3 times 25 GB of random stream to surely shake up the bits on a BD-RE
  medium which previously contained embarassing data.

The first purpose is still assigned to /dev/random, according to the
new man pages (at least if one is committed by one's first name to be
a disbeliever).

The second one is not a job for /dev/urandom either. It does not even
need a strong seed, because the data do not have to be secret. In fact
they are intended to be readable instead of the original data which i
want to destroy.


Have a nice day :)

Thomas

No ifconfig [Was: no /etc/inittab]

[Jonathan de Boyne Pollard]

Greg Wooledge:



wooledg:~$ ip link
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN mode 
DEFAULT group default qlen 1
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc pfifo_fast state UP 
mode DEFAULT group default qlen 1000
 link/ether a0:8c:fd:c3:89:e0 brd ff:ff:ff:ff:ff:ff

Parsing the interface names out of THAT is significantly harder.



In support of my earlier point that some /other/ people /did/ make 
modern |ifconfig| usable in such ways:

JdeBP % ifconfig -l
bge0 bge1 lo0 tun0
JdeBP %


Here's something from a script of mine:

list_available_network_interfaces() {
 case "`uname`" in
 Linux)  /bin/ls /sys/class/net ;;
 *)  ifconfig -l ;;
 esac
}


(Note that this is as loose as it is because I'm only targetting 
Linux-based operating systems and the BSDs so far here.  Also note that 
this breaks on OpenBSD which does not have the |-l| option to 
|ifconfig|.  Fixing that is on the to-do list.)

obsolete wiki (no /etc/inittab)

[Jonathan de Boyne Pollard]

Greg Wooledge:


Gene's copy/paste was crude, but his point was essentially valid:



No, it was not. I remind you of xyr point which was:


Gene Heskett:


So if you call it widely publicized it fails that definition AFAIAC.



That I pointed to 9 different copies, including copies on Debian's own 
manual pages WWW site for Debian Wheezy as well as in prominent 
locations for such information (including linux.die.net, man7.org, and 
Stack Exchange), out of the many more copies on the WWW of this 
information, should be ample demonstration that this is *indeed* widely 
publicized.  It has been so widely publicized that it has even managed 
to filter through into books, years since.  Christopher Negus's _Linux 
Bible_ points it out, for example, and that was published back in 2015.


Subsequent backpedalling on this claim of not being widely publicized 
has been to the effect that the wide dissemination of this information 
did not reach Gene Heskett, which is really not a criterion for being 
widely publicized, and that somehow, the manual pages that I pointed to 
were not "Wheezy approved", when clearly they are right there on 
Debian's own manual pages WWW site for Debian 7 (the string "wheezy" 
even being in the two URLs given).


The simple truth is that the several independent groups of people who 
all made these particular changes *did* document them and publicize 
them.  Sadly, there are things far more deserving of the "They didn't 
tell anyone about this!" accusation; the desuetude of /etc/inittab, 
which we've been warned about for over ten years, is not however one of 
them.

Aportacions generals de Systemd a GNU

[Narcis Garcia]

Ara escric en positiu.

Certament, el programari (més ben dit les convencions) sobre
inicialització i serveis estava més avançat que MS-DOS, però no massa.

La «invasió» de Systemd està servint per vàries coses:
- Apart de les dolentes, també aporta idees força bones sobre la
inicialització i gestió de serveis.
- Serveix d'important estímul per la resta de comunitat de GNU per tal
de revisar les demés solucions de programari.
- A Debian en particular li serveix per ésser percebuda com una
distribució més moderna, com els astronautes que experimenten amb nous
bolígrafs en comptes del llapis de tota la vida.
- A mig termini servirà de lliçó a la comunitat per adonar-se que sobre
el sistema operatiu GNU amb Linux hi ha interessos globals i, tot i que
els fonaments de la comunitat del programari lliure es varen fundar de
manera molt eficaç, les noves generacions potser no heretaran la mateixa
capacitat de control sobre aquesta «societat».

Re: problema con script apt

[AlexLikeRock]

Prueba con 

apt update





-- 
Sent from my Android device with K-9 Mail. .

obsolete wiki (was: no /etc/inittab)

[Jonathan de Boyne Pollard]

Felix Miata:

The problem with software documentation wikis is the people in best 
position to know what they should contain have no incentive to do the 
update work. To write useful docs requires knowledge what should be in 
them. That knowledge is mostly possessed by those writing and changing 
code, those who /caused/ the need to update docs.



Brian:


Knowledge is confined to those who know what they are doing? They are 
the ones in charge? It is not for us ordinary mortals to spread or 
interpret it? Some politians and priests are with you. Disseminating 
knowledge is only for the few.


That is a straw man, and very clearly (to at least this reader) not what 
M. Miata wrote at all.

Re: Resign me from your lists

[Reco]

Hi.

On Sun, 27 Aug 2017 15:02:30 -0500
Mario Castelán Castro  wrote:

> On 27/08/17 14:03, Reco wrote:
> > On Sun, 27 Aug 2017 11:17:09 -0500
> > Mario Castelán Castro  wrote:
> >> Then why did you subscribe to this mailing list in the first place?
> > 
> > He did not (e-mail headers show that clearly). He's probably yet another
> > victim of this month spam attack which fakes From header to be
> > 'debian-user@lists.debian.org'.
> 
> I have to admit that I do not know what specific header you are talking
> about.
> 
> I was not aware that this mailing list was used in “From:” spoofing.

X-Spam-Status contains LDOSUBSCRIBER for you, me, and everyone that's
on the list. Like this:

X-Spam-Status: No, score=-16.2 required=4.0
tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VERIFIED,FREEMAIL_FROM,LDOSUBSCRIBER,LDO_WHITELIST…

OP's e-mail has this:

X-Spam-Status: No, score=-0.9 required=4.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VERIFIED,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW
autolearn=no

Reco

Re: How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?

[Jonathan de Boyne Pollard]

Tom Browder:


   # added alias IPv4s:
   up   ip addr add 142.54.186.3/29 dev $IFACE label $IFACE:0
   down ip addr del 142.54.186.3/29 dev $IFACE label $IFACE:0


Ironically, the "modern tools" aspect is the thing that you are in fact 
aiming to eliminate here. |/etc/network/interfaces| is best treated as 
an entirely descriptive mechanism, with as little imperative stuff in it 
as can be arranged.  Here, you are getting rid of the imperative 
explicit invocations of the |ip| command, the "modern tool" as you 
mention, and replacing them with the descriptive "stanzas" that 
|/etc/network/interfaces| /already has/ as a mechanism for 
non-imperatively describing multiple IPv4/IPv6 addresses on a single 
|eth0| interface.


|ifup| and |ifdown| are best thought of as translators, as their manual 
page implies.  They take what is in |/etc/network/interfaces| and 
translate it into the necessary sequences of imperative commands for 
actually doing the job, which they run under the covers. Those 
underlying commands can include |bootpc|, |avahi-autoipd|, 
|settle-dad.sh|, |pon|, |poff|, |wvdial|, |dhclient|, |dhclient3|, 
|pump|, |udhcpc|, |dhcpd|, |kill|, |ip|, and (sic!) |ifconfig|, all 
invoked with various parameters calculated from the 
|/etc/network/interfaces| description.


They aren't the only translators for that file.  For example, here's 
what happens when one runs your proposed non-imperative 
|/etc/network/interfaces| (with the typing errors mentioned elsewhere 
cleaned up) through mine, which translates from that description 
 into 
(roughly) the |rc.conf| configuration format for FreeBSD/TrueOS 
:



JdeBP % sudo redo -C /etc/system-control/convert/ rc.conf
Password:
redo: INFO: rc.conf: Redone.
JdeBP % sed -ne '/etc.network.interfaces/,/sysrc:/p' 
/etc/system-control/convert/rc.conf
# Converted from /etc/network/interfaces:
network_interfaces="lo eth0 "
ifconfig_lo="AUTO inet  127.0.0.1 "
ifconfig_eth0="AUTO inet  142.54.186.2 netmask 255.255.255.248 gateway 142.54.186.1 
"
ifconfig_eth0_ipv6="inet6  2604:4300:a:95::2 netmask ::::: "
ifconfig_eth0_aliases="inet 142.54.186.3
inet 142.54.186.4
inet 142.54.186.5
inet 142.54.186.6
inet6 2604:4300:a:95::3
inet6 2604:4300:a:95::4
inet6 2604:4300:a:95::5
inet6 2604:4300:a:95::6"
# dump by sysrc:
JdeBP %