Re: foutgelopen update

[Gijs Hillenius]

On 10 February 2021 00:25 Geert Stappers, wrote:

> On Tue, Feb 09, 2021 at 10:04:22PM +0100, Jean-Marie van den Steenhoven wrote:
>> Hallo,
>> 
>> Bij de laatste update van mijn Debian omgeving (Buster 10.8) is er iets
>> misgegaan, waardoor Debian niet meer vanuit Grub opstart. (van
>> 4.19.0-13-amd64 naar 4.19.0-14-amd64)
>> 
>> Het probleem is dat in de boot dir initrd.img-4.19-0-14-amd ontbreekt en in
>> het Grub-script de stap 'laden van de initiele RAM-schijf...' ontbreekt (
>> /initrd '/initrd.img-4.19.0-14-amd64). Opstarten van versie 13 lukt nog wel.
>> 
>> Is er een procedure/tip om dit probleem op te lossen?
>> 
>> De bootdisk is bijna vol (geen ruimte meer voor een extra initrd.img) en
>> bevat versie 10 t/m 13.
>
>
> Opstarten van 13
> Versie 10 11 en 12 verwijderen  om ruimte op bootdisk te krijgen

dat ^^^ doe je middels

apt autoremove



> `apt install`  inderdaad zonder package naam, het idee is dat
> apt dan alles naloopt en herstelt wat hersteld moet worden.

Re: lists.debian.org has received bounces from you

[Camaleón]

El 2021-02-09 a las 19:09 -0600, Paynalton escribió:

> El mar, 9 feb 2021 a las 18:47, Francisco Cid ()
> escribió:
> >
> >
> > El mar., 9 feb. 2021 12:45, Debian Listmaster Team <
> > listmas...@lists.debian.org> escribió:
> >
> >> Dear subscriber,
> >>
> >> We've encountered some problems while sending listmail to your
> >> emailaddress francisco...@gmail.com.

(...)

> creo que tuvieron un problema con los certificados SSL por unos días y
> google les estuvo rechazando los mensajes.

Pues gracias por avisar. 
Yo también recibí ese mensaje y ya estaba cargando mis iras contra Gmail >:-)

Saludos,

-- 
Camaleón 

Re: question about installing debian or some linux system on an external hard drive

[Dan Ritter]

Semih Ozlem wrote: 
> Is it possible and sensible to install debian or a linux system to an
> external hard drive connected to a system via the usb port, while keeping
> the current hard drive on the machine unchanged?

As a temporary measure, this is reasonable. USB-connected drives
tend to be much less reliable than internal drives (SATA or
NVMe).

Your computer will need to support booting from that drive.
Almost all computers do support booting from USB disks.

> Where does one install grub2 and is grub2 to be installed before or after
> the installation of the auxiliary system on the external hard drive?

grub2 will generally be installed by the operating system
installer during the installation process. In this case you
would want grub2 installed on the MBR (master boot record) of
the external disk, and use the computer's BIOS or EFI to select
that disk at power-on time.

> What are the various options for disk partitioning and if one intends to
> use docker as well would this change disk partitioning in particular
> logical volume management?

Disks generally use either the MSDOS partition table or a GPT
partition table. The number and layout of partitions is a very
complex subject, but if you don't know what you are doing, it is 
reasonable to have a single-drive system have:

EFI (if needed)
swap 
root 

as a simplest case, or

EFI
swap
root
home

(which preserves home in the case of reinstalls)

Docker does not really affect this. 

Can you tell us more about the hardware and what you're planning
to do with it?

-dsr-

Re: Incorrect password Debian 10.8 after installation

[Erwan David]

Le 09/02/2021 à 22:54, David Christensen a écrit :

On 2021-02-09 00:54, to...@tuxteam.de wrote:

On Mon, Feb 08, 2021 at 11:32:11PM -0800, David Christensen wrote:

On 2021-02-08 23:22, Anssi Saari wrote:

David Christensen  writes:



2.  How do I insert a tab character with the GRUB editor?  (Pressing
 causes the editor to attempt command completion.)


I guess you don't? There doesn't seem to be much about the editor's
capabilities in the Grub manual.


Agreed.  The editor has a note that it supports some Emacs stuff.
Perhaps an Emacs user would know?


I don't know how far "some" reaches, but try -Q then 
(mnemonics: Q like "quote").


Nope.



Not Emacs-y, but worth a try would be -I


Ctrl+I -- nope

Ctrl+I, then  -- nope.


David




In shells, Ctrl+V before character inserts character without 
interpreting it. In Emacs Ctrl+Q has same effect, so tryingh Ctrl+V Tab 
and Ctrl+Q Tab might be worthwile.

question about installing debian or some linux system on an external hard drive

[Semih Ozlem]

Hi everyone,

Is it possible and sensible to install debian or a linux system to an
external hard drive connected to a system via the usb port, while keeping
the current hard drive on the machine unchanged?

Where does one install grub2 and is grub2 to be installed before or after
the installation of the auxiliary system on the external hard drive?

What are the various options for disk partitioning and if one intends to
use docker as well would this change disk partitioning in particular
logical volume management?

I have already viewed documents on debian website, but I am still unsure
about the definitive steps.

Thank you in advance.

debian does not boot

[Semih Ozlem]

Hi everyone,

Debian 10 system does not boot. It gets stuck at the blue screen with the
logo.

In the start options, when a recovery mode is selected, after entering
password root prompt appears. What steps should be taken after that to
recover system. Also there is no connection to internet and nmcli command
does not get any responses so internet connection can't be established to
run commands like apt --fix-broken install.

Any ideas?

Thank you in advance.

Re: iptables -Z option

[john doe]

On 2/9/2021 11:18 PM, Will Mengarini wrote:

Your issue looks like this bug, but I don't know how to fix it:
.

* Bonno Bloksma  [21-02/09=Tue 15:52 +]:

For years I have had a firewall script the sets and/or resets my
firewall rules.  [It starts near] the top with some lines that have
been there for ever.  After upgrading to buster I got an error
executing this script and I cannot find out why.  Using the extra echo
lines I have been able to pinpoint the error to the iptables -Z line

[...]
IPTABLES=/usr/sbin/iptables
echo flush
# Flush all rules in all chains and then delete all chains
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
for i in $chains; do $IPTABLES -t $i -F; done
for i in $chains; do $IPTABLES -t $i -X; done
echo counters
# Reset all counters for default chains
$IPTABLES -Z
echo "return traffic"
[...]

This will produce the following output.
flush
counters
iptables v1.8.2 (nf_tables):  RULE_REPLACE failed (Invalid argument): rule in 
chain INPUT
return traffic

Can anyone tell me why the re reset counter line fails


The backend is 'nftables' starting with Buster.

Maybe (1) could be of interest to you.


1)  https://wiki.debian.org/nftables#Reverting_to_legacy_xtables

--
John Doe

Re: lists.debian.org has received bounces from you

[Paynalton]

El mar, 9 feb 2021 a las 18:47, Francisco Cid ()
escribió:

>
>
> El mar., 9 feb. 2021 12:45, Debian Listmaster Team <
> listmas...@lists.debian.org> escribió:
>
>> Dear subscriber,
>>
>> We've encountered some problems while sending listmail to your
>> emailaddress francisco...@gmail.com.
>>
>> In the last seven days we've seen bounces for the following list:
>> * debian-user-spanish
>> 1 bounce out of 58 mails in 30 days (1%, kick-score is 80%)
>> (https://lists.debian.org/bounces/HVEhNT24tp77TQZZx54Khw)
>>
>> (The link above points to a copy of the latest bounce
>> and will be valid for seven days.)
>>
>> If the bounce-rate passes the kick-score, our bounce-detection will
>> forcibly
>> remove your subscription.
>>
>> Bounces happen from time to time when spam slips through our filters but
>> are
>> rejected by your mail provider.  If you are your own mail provider and use
>> 'Before-Queue Content filtering', you should whitelist bendel.debian.org
>> from
>> Content filtering.
>>
>> However: You can safely ignore this message (and you will not be
>> unsubscribed
>> :-) ) if your bounce rate remains low.
>>
>> For more information see https://wiki.debian.org/Teams/ListMaster/FAQ
>>
>> You are welcome to contact listmas...@lists.debian.org if you think this
>> message was sent in error.
>>
>> Sincerely,
>> The Listmaster Team
>> --
>> http://lists.debian.org
>>
>>
>> Saludos, es cierto este tipo de mensajes?
>
>
creo que tuvieron un problema con los certificados SSL por unos días y
google les estuvo rechazando los mensajes.

Re: lists.debian.org has received bounces from you

[Francisco Cid]

El mar., 9 feb. 2021 12:45, Debian Listmaster Team <
listmas...@lists.debian.org> escribió:

> Dear subscriber,
>
> We've encountered some problems while sending listmail to your
> emailaddress francisco...@gmail.com.
>
> In the last seven days we've seen bounces for the following list:
> * debian-user-spanish
> 1 bounce out of 58 mails in 30 days (1%, kick-score is 80%)
> (https://lists.debian.org/bounces/HVEhNT24tp77TQZZx54Khw)
>
> (The link above points to a copy of the latest bounce
> and will be valid for seven days.)
>
> If the bounce-rate passes the kick-score, our bounce-detection will
> forcibly
> remove your subscription.
>
> Bounces happen from time to time when spam slips through our filters but
> are
> rejected by your mail provider.  If you are your own mail provider and use
> 'Before-Queue Content filtering', you should whitelist bendel.debian.org
> from
> Content filtering.
>
> However: You can safely ignore this message (and you will not be
> unsubscribed
> :-) ) if your bounce rate remains low.
>
> For more information see https://wiki.debian.org/Teams/ListMaster/FAQ
>
> You are welcome to contact listmas...@lists.debian.org if you think this
> message was sent in error.
>
> Sincerely,
> The Listmaster Team
> --
> http://lists.debian.org
>
>
> Saludos, es cierto este tipo de mensajes?

Re: foutgelopen update

[Geert Stappers]

On Tue, Feb 09, 2021 at 10:04:22PM +0100, Jean-Marie van den Steenhoven wrote:
> Hallo,
> 
> Bij de laatste update van mijn Debian omgeving (Buster 10.8) is er iets
> misgegaan, waardoor Debian niet meer vanuit Grub opstart. (van
> 4.19.0-13-amd64 naar 4.19.0-14-amd64)
> 
> Het probleem is dat in de boot dir initrd.img-4.19-0-14-amd ontbreekt en in
> het Grub-script de stap 'laden van de initiele RAM-schijf...' ontbreekt (
> /initrd '/initrd.img-4.19.0-14-amd64). Opstarten van versie 13 lukt nog wel.
> 
> Is er een procedure/tip om dit probleem op te lossen?
> 
> De bootdisk is bijna vol (geen ruimte meer voor een extra initrd.img) en
> bevat versie 10 t/m 13.


Opstarten van 13
Versie 10 11 en 12 verwijderen  om ruimte op bootdisk te krijgen
`apt install`  inderdaad zonder package naam, het idee is dat
apt dan alles naloopt en herstelt wat hersteld moet worden.


 
> Als dit probleem hier niet thuis hoort ik dat graag van jullie.
> Met zoeken op internet heb ik hier geen oplossing voor kunnen vinden.

"Reply to list" dan komt het op Internet


Groeten
Geert Stappers
-- 
Silence is hard to parse

Re: Incorrect password Debian 10.8 after installation

[David Christensen]

On 2021-02-09 07:35, David Wright wrote:

On Mon 08 Feb 2021 at 18:26:22 (-0800), David Christensen wrote:

On 2021-02-08 15:15, David Wright wrote:

On Mon 08 Feb 2021 at 13:02:21 (-0800), David Christensen wrote:

On 2021-02-08 00:40, Marco Möller wrote:


You could bypass any password request during boot to the console
and then fix it by setting the desired password newly. The boot
parameter for bypassing all password request an right away
becoming logged in as user root is:
       init=/sbin/sulogin --force


That is interesting.  But, how does the reader *use* that information[?] ...




My WAG (untested):

1.  Power up the computer.
2.  The GRUB menu should be displayed:

 *Debian GNU/Linux
  Advanced options for Debian GNU/Linux

3.  Press the down arrow key to highlight "Advanced options for Debian
GNU/Linux".  Press  to select it.


If you're heading for sulogin, I'm not sure it matters which line you
pick, as it means s(ingle)u(se)rlogin.


Testing confirms that I can edit either boot entry and get the same result.



4.  A second GRUB menu should be displayed (the OP should have a newer
kernel):


Yes, you warned us you're using stretch.


 *Debian GNU/Linux, with Linux 4.9.0-9-amd64
  Debian GNU/Linux, with Linux 4.9.0-9-amd64 (recovery mode)

5.  Press the down arrow key to select the "... (recovery mode)" boot
entry.  Press 'e' to edit it.

6.  The GRUB editor should start and display the contents of the
selected boot entry.  Look for the line that begins with 'linux'.  Use
the cursor keys to move the insertion point to the end of that line
and add the following kernel boot parameters:

 init=/sbin/sulogin --force

7.  "Press Ctrl+x or F10 to boot".

Is the above correct?


Yes. 


Testing confirms the above steps.



AIUI --force deals with the case where there is no root
password/the root account is locked.


Testing confirms that if there is a valid root password, it must be 
entered to obtain a root shell.




2.  How do I insert a tab character with the GRUB editor?  (Pressing
 causes the editor to attempt command completion.)


I think Greg's guess was good. You don't need tabs or any other cosmetics.


Testing confirms that leading tabs are not required in a GRUB boot entry.



3.  Will changes made to a boot entry with the GRUB editor persist for
subsequent boots?


No.


Testing confirms that changes made to a boot entry via the GRUB editor 
do not persist beyond one boot.



David

Re: Allow only selected USB

[Bhasker C V]

Fantastic ! thanks a ton ! thanks !  exactly what i was looking for


On Tue, Feb 9, 2021 at 7:43 PM  wrote:

> Hi,
>
> 9 févr. 2021, 19:44 de mailingl...@darac.org.uk:
>
> > Certainly. >
> https://www.kernel.org/doc/html/latest/usb/authorization.html
> >
> + https://usbguard.github.io based on it.
>
> Best regards,
> l0f4r0
>
>

Re: Incorrect password Debian 10.8 after installation

[Stefan Monnier]

> I don't know how far "some" reaches, but try -Q then 
> (mnemonics: Q like "quote").
>
> Not Emacs-y, but worth a try would be -I

You can also try `C-v` instead of `C-q` to quote the next key (not sure
where this comes from, but it works in bash and zsh, IIUC), i.e. use
`C-v TAB` to insert a TAB character.


Stefan "who can't be bothered to reboot to try it out"

Re: iptables -Z option

[Will Mengarini]

Your issue looks like this bug, but I don't know how to fix it:
.

* Bonno Bloksma  [21-02/09=Tue 15:52 +]:
> For years I have had a firewall script the sets and/or resets my
> firewall rules.  [It starts near] the top with some lines that have
> been there for ever.  After upgrading to buster I got an error
> executing this script and I cannot find out why.  Using the extra echo
> lines I have been able to pinpoint the error to the iptables -Z line
>
> [...]
> IPTABLES=/usr/sbin/iptables
> echo flush
> # Flush all rules in all chains and then delete all chains
> chains=`cat /proc/net/ip_tables_names 2>/dev/null`
> for i in $chains; do $IPTABLES -t $i -F; done
> for i in $chains; do $IPTABLES -t $i -X; done
> echo counters
> # Reset all counters for default chains
> $IPTABLES -Z
> echo "return traffic"
> [...]
> 
> This will produce the following output.
> flush
> counters
> iptables v1.8.2 (nf_tables):  RULE_REPLACE failed (Invalid argument): rule in 
> chain INPUT
> return traffic
> 
> Can anyone tell me why the re reset counter line fails
> with a reference to the INPUT chain?  There is loads of
> documentation about iptables but nothing about the -Z option.
>
> I have my iptables rules in a separate script that I can test and
> if I ever shut myself out I can simply restart the machine and
> the default / previous ruleset will load and all will be up and
> running again.  I'd like to keep that way of setting things up,
> it makes it easy to test a new set of rules and debug typo's.

Re: sshfs has fubared mount

[Gene Heskett]

On Tuesday 09 February 2021 16:00:23 David Christensen wrote:

> On 2021-02-09 05:15, Gene Heskett wrote:
> > On Tuesday 09 February 2021 02:29:02 David Christensen wrote:
> >> On 2021-02-08 21:01, Gene Heskett wrote:
> >>> Greetings all;
> >>>
> >>> I have sshfs setup so I can move files around between this box and
> >>> 4 others, 3 of which are now running buster.  Works only for the
> >>> user, me.
> >>
> >> I have previously installed my public SSH key from the local
> >> computer 'tinkywinky' to the remote computer 'po' with
> >> ssh-copy-id(1):
> >
> > Don't recall doing this, plz describe>
>
> I initially created an SSH keypair with a passphrase using
> ssh-keygen(1).  If a villian gets my SSH keypair, he also has to get
> my SSH passphrase to access the computers and accounts where I have
> installed the SSH public key.
>
>
> When I open a terminal, I run ssh-agent(1) and ssh-add(1) to manage my
> SSH keys.  I enter my passphrase once, and ssh-agent(1) will provide
> it to SSH-aware software for me:
>
> 2021-02-09 12:32:30 dpchrist@tinkywinky ~
> $ ssh-agent bash -l
>
> 2021-02-09 12:32:32 dpchrist@tinkywinky ~
> $ ssh-add
> Enter passphrase for /home/dpchrist/.ssh/id_rsa:
> Identity added: /home/dpchrist/.ssh/id_rsa
> (/home/dpchrist/.ssh/id_rsa)
>
>
> If I remove my SSH public key from po, I can demonstrate
> ssh-copy-id(1). ssh-agent(1) will provide my SSH passphrase, but I
> will need to enter the password for the account on the remote host:
>
> 2021-02-09 12:12:02 dpchrist@tinkywinky ~
> $ ssh-copy-id po
> /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s),
> to filter out any that are already installed
> /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you
> are prompted now it is to install the new keys
> dpchrist@po's password:
>
> Number of key(s) added: 1
>
> Now try logging into the machine, with:   "ssh 'po'"
> and check to make sure that only the key(s) you wanted were added.
>
>
> I can now login in to 'po' using ssh(1).  ssh-agent(1) will provide my
> passphrase.  I do not need to enter my SSH passphrase or my remote
> account password:
>
> 2021-02-09 12:12:10 dpchrist@tinkywinky ~
> $ ssh po
> Linux po 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1 (2019-04-12) x86_64
> Last login: Tue Feb  9 12:10:11 2021 from 192.168.5.74
>
> 2021-02-09 12:12:12 dpchrist@po ~
> $
>
>
> Similarly, scp(1), rsync(1), and others will operate without requiring
> passphrases or passwords.  This is especially useful for scripts,
> cron(8) jobs, etc..
>
> >> I created an fstab(5) entry on the local machine for mounting the
> >> remote root directory with my unprivileged account.  Note the
> >> options:
> >>
> >> 2021-02-08 22:37:51 dpchrist@tinkywinky ~
> >> $ grep 'po:/' /etc/fstab | perl -pe 's/\t+/ /g'
> >> po:/ /po fuse.sshfs ro,noauto,user 0 0
> >
> > I've never had any of this below in my fstab, haven't needed it for
> > the other 4 machines.
>
> fstab(1) is the canonical location for mount information.  By putting
> it there, standard tools will know where to find it.
>
> >> I created a mount point and I set the owner and group to match my
> >> unprivileged account.  The directory is empty:
> >>
> >> 2021-02-08 22:39:38 dpchrist@tinkywinky ~
> >> $ ls -la /po
> >> total 8
> >> drwxr-xr-x  2 dpchrist dpchrist 4096 Jan 21 13:32 .
> >> drwxr-xr-x 27 root root 4096 Jan 21 13:32 ..
> >
> > Matches mine. Difference is that I put all those mountpoints in the
> > /sshnet subdir gene@coyote:~$ ls -la /sshnet/
> > total 36
> > drwxr-xr-x  9 gene gene 4096 Feb  9 07:37 .
> > drwxr-xr-x 28 root root 4096 Dec 12 03:44 ..
> > drwxr-xr-x  1 root root 4096 Feb  4 15:59 GO704
> > drwxr-xr-x  2 root root 4096 Feb  8 10:10 Hardinge1
> > drwxr-xr-x  1 root root 4096 Feb  3 14:16 lathe
> > drwxr-xr-x  2 root root 4096 Apr 25  2019 redpitaya
> > drwxr-xr-x  1 root root 4096 Feb  1 04:46 rpi4
> > drwxr-xr-x  1 root root 4096 Feb  4 15:43 sixty40
> > drwxr-xr-x  2 root root 4096 May  2  2019 vna
>
> Assuming that command was run when /sshnet/Hardingel was not mounted
> (see below), the owner and group of Hardingel is root:root, not
> gene:gene.
>
> On 2021-02-09 07:05, David Wright wrote:
>  > Change the ownership of Hardinge1.
>
> Yes, that is the correct solution.
>
>
> We were all confused by a feature of mount(1) -- mounting a remote
> filesystem changes the owner and group of the mount point on the local
> machine while the remote filesystem is mounted:
>
> 2021-02-09 12:13:43 dpchrist@tinkywinky ~
> $ mount | grep '/po'
>
> 2021-02-09 12:23:26 dpchrist@tinkywinky ~
> $ ls -ld /po
> drwxr-xr-x 2 dpchrist dpchrist 4096 Jan 21 13:32 /po
>
> 2021-02-09 12:23:29 dpchrist@tinkywinky ~
> $ mount /po
>
> 2021-02-09 12:24:14 dpchrist@tinkywinky ~
> $ mount | grep '/po'
> po:/ on /po type fuse.sshfs
> (ro,nosuid,nodev,noexec,relatime,user_id=13250,group_id=13250,user=dpc
>hrist)
>
> 2021-02-09 12:24:17 dpchrist@tinkywinky ~
> $ ls -ld /po
> drwxr-xr-x 1 root root 4096 Aug 30 18:09 /po
>
>
> 

Re: Incorrect password Debian 10.8 after installation

[David]

On Wed, 10 Feb 2021 at 08:57, David Christensen
 wrote:
> On 2021-02-09 04:42, Greg Wooledge wrote:
> > On Mon, Feb 08, 2021 at 06:26:22PM -0800, David Christensen wrote:

> >> 2.  How do I insert a tab character with the GRUB editor?  (Pressing 
> >> causes the editor to attempt command completion.)

> > Why would you want to?

> 1.  Tabs may be required (e.g. make(1)).

> 2.  To exercise my OCD.  ;-)

You seem to be conceptualising the grub editor as a file editor.
It is not a file editor.
Its edits are ephemeral, it has no ability to save any edits made.

It is an interactive tool which allows modifying the next boot by
allowing temporary changes to what grub has just read from the
its configuration file, before proceeding.

In that context, the Tab key is useless so it has been repurposed
to provide command completion.

Re: Incorrect password Debian 10.8 after installation

[David Christensen]

On 2021-02-09 04:42, Greg Wooledge wrote:

On Mon, Feb 08, 2021 at 06:26:22PM -0800, David Christensen wrote:

 *Debian GNU/Linux, with Linux 4.9.0-9-amd64
  Debian GNU/Linux, with Linux 4.9.0-9-amd64 (recovery mode)

5.  Press the down arrow key to select the "... (recovery mode)" boot entry.
Press 'e' to edit it.

[...]



2.  How do I insert a tab character with the GRUB editor?  (Pressing 
causes the editor to attempt command completion.)


Why would you want to?


1.  Tabs may be required (e.g. make(1)).

2.  To exercise my OCD.  ;-)


David

Re: Incorrect password Debian 10.8 after installation

[David Christensen]

On 2021-02-09 00:54, to...@tuxteam.de wrote:

On Mon, Feb 08, 2021 at 11:32:11PM -0800, David Christensen wrote:

On 2021-02-08 23:22, Anssi Saari wrote:

David Christensen  writes:



2.  How do I insert a tab character with the GRUB editor?  (Pressing
 causes the editor to attempt command completion.)


I guess you don't? There doesn't seem to be much about the editor's
capabilities in the Grub manual.


Agreed.  The editor has a note that it supports some Emacs stuff.
Perhaps an Emacs user would know?


I don't know how far "some" reaches, but try -Q then 
(mnemonics: Q like "quote").


Nope.



Not Emacs-y, but worth a try would be -I


Ctrl+I -- nope

Ctrl+I, then  -- nope.


David

iptables -Z option

[Bonno Bloksma]

Hi,

For years I have had a firewall script the sets and/or resets my firewall 
rules. Is starts of near the top with some lines that have been there for ever.
After upgrading to buster I got an error executing this script and I cannot 
find out why. Using the extra echo lines I have been able to pinpoint the error 
to the iptables -Z line

[...]
IPTABLES=/usr/sbin/iptables
echo flush
# Flush all rules in all chains and then delete all chains
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
for i in $chains; do $IPTABLES -t $i -F; done
for i in $chains; do $IPTABLES -t $i -X; done
echo counters
# Reset all counters for default chains
$IPTABLES -Z
echo "return traffic"
[...]

This will produce the following output.
flush
counters
iptables v1.8.2 (nf_tables):  RULE_REPLACE failed (Invalid argument): rule in 
chain INPUT
return traffic

Can anyone tell me why the re reset counter line fails with a reference to the 
INPUT chain? There is loads of documentation about iptables but nothing about 
the -Z option.
I have my iptables rules in a separate script that I can test and if I ever 
shut myself out I can simply restart the machine and the default / previous 
ruleset will load and all will be up and running again. I'd like to keep that 
way of setting things up, it makes it easy to test a new set of rules and debug 
typo's.

Bonno Bloksma

Re: Any hams here? Is there a program that lets me use a mouse as a CW paddle?

[Kent West]

http://goshen.acu.edu/westk/KCARC/MorseKeyer.html

On Tue, Feb 9, 2021 at 3:17 PM Kent West  wrote:

> Years ago I wrote a *very* rudimentary html document that allows you to
> use the left and right arrows for dits and dahs. It doesn't work well, but
> it might give you an idea for rolling your own.
>
>
> On Tue, Feb 9, 2021 at 3:11 PM Andrew M.A. Cater 
> wrote:
>
>> On Tue, Feb 09, 2021 at 09:37:50AM +, Ottavio Caruso wrote:
>> > Hi,
>> >
>> > I'm looking for a program (if there is no Debian binary, I'm willing to
>> > compile from sources) that:
>> >
>> > 1) emulates a iambic paddle using the left/right buttons of the mouse to
>> > send dits and dahs for training purposes;
>> >
>> > 2) (optional) could also be used to pilot a transceiver.
>> >
>> > Thanks.
>> >
>> > --
>> > Ottavio Caruso
>> >
>>
>> Have a look at things like cwcp and the general programs in the ham radio
>> category?
>>
>> Andy C.
>>
>>
>>
>
> --
> Kent West<")))><
> Westing Peacefully - http://kentwest.blogspot.com
>


-- 
Kent West<")))><
Westing Peacefully - http://kentwest.blogspot.com

Re: Any hams here? Is there a program that lets me use a mouse as a CW paddle?

[Kent West]

Years ago I wrote a *very* rudimentary html document that allows you to use
the left and right arrows for dits and dahs. It doesn't work well, but it
might give you an idea for rolling your own.


On Tue, Feb 9, 2021 at 3:11 PM Andrew M.A. Cater 
wrote:

> On Tue, Feb 09, 2021 at 09:37:50AM +, Ottavio Caruso wrote:
> > Hi,
> >
> > I'm looking for a program (if there is no Debian binary, I'm willing to
> > compile from sources) that:
> >
> > 1) emulates a iambic paddle using the left/right buttons of the mouse to
> > send dits and dahs for training purposes;
> >
> > 2) (optional) could also be used to pilot a transceiver.
> >
> > Thanks.
> >
> > --
> > Ottavio Caruso
> >
>
> Have a look at things like cwcp and the general programs in the ham radio
> category?
>
> Andy C.
>
>
>

-- 
Kent West<")))><
Westing Peacefully - http://kentwest.blogspot.com
Title: My Morse Code Keyer



 
  Welcome to Kent's Web-based Morse Code Keyer!
  Press the left arrow key for a dah, and the right arrow key for a dit.

  

Re: Any hams here? Is there a program that lets me use a mouse as a CW paddle?

[Andrew M.A. Cater]

On Tue, Feb 09, 2021 at 09:37:50AM +, Ottavio Caruso wrote:
> Hi,
> 
> I'm looking for a program (if there is no Debian binary, I'm willing to
> compile from sources) that:
> 
> 1) emulates a iambic paddle using the left/right buttons of the mouse to
> send dits and dahs for training purposes;
> 
> 2) (optional) could also be used to pilot a transceiver.
> 
> Thanks.
> 
> -- 
> Ottavio Caruso
> 

Have a look at things like cwcp and the general programs in the ham radio 
category?

Andy C.
 

foutgelopen update

[Jean-Marie van den Steenhoven]

Hallo,

Bij de laatste update van mijn Debian omgeving (Buster 10.8) is er iets 
misgegaan, waardoor Debian niet meer vanuit Grub opstart. (van 
4.19.0-13-amd64 naar 4.19.0-14-amd64)


Het probleem is dat in de boot dir initrd.img-4.19-0-14-amd ontbreekt en 
in het Grub-script de stap 'laden van de initiele RAM-schijf...' 
ontbreekt ( /initrd '/initrd.img-4.19.0-14-amd64). Opstarten van versie 
13 lukt nog wel.


Is er een procedure/tip om dit probleem op te lossen?

De bootdisk is bijna vol (geen ruimte meer voor een extra initrd.img) en 
bevat versie 10 t/m 13.


Als dit probleem hier niet thuis hoort ik dat graag van jullie. Met 
zoeken op internet heb ik hier geen oplossing voor kunnen vinden.


groet,

Jean-Marie

Re: sshfs has fubared mount

[David Christensen]

On 2021-02-09 05:15, Gene Heskett wrote:

On Tuesday 09 February 2021 02:29:02 David Christensen wrote:


On 2021-02-08 21:01, Gene Heskett wrote:

Greetings all;

I have sshfs setup so I can move files around between this box and 4
others, 3 of which are now running buster.  Works only for the user,
me.



I have previously installed my public SSH key from the local computer
'tinkywinky' to the remote computer 'po' with ssh-copy-id(1):


Don't recall doing this, plz describe>



I initially created an SSH keypair with a passphrase using 
ssh-keygen(1).  If a villian gets my SSH keypair, he also has to get my 
SSH passphrase to access the computers and accounts where I have 
installed the SSH public key.



When I open a terminal, I run ssh-agent(1) and ssh-add(1) to manage my 
SSH keys.  I enter my passphrase once, and ssh-agent(1) will provide it 
to SSH-aware software for me:


2021-02-09 12:32:30 dpchrist@tinkywinky ~
$ ssh-agent bash -l

2021-02-09 12:32:32 dpchrist@tinkywinky ~
$ ssh-add
Enter passphrase for /home/dpchrist/.ssh/id_rsa:
Identity added: /home/dpchrist/.ssh/id_rsa (/home/dpchrist/.ssh/id_rsa)


If I remove my SSH public key from po, I can demonstrate ssh-copy-id(1). 
 ssh-agent(1) will provide my SSH passphrase, but I will need to enter 
the password for the account on the remote host:


2021-02-09 12:12:02 dpchrist@tinkywinky ~
$ ssh-copy-id po
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to 
filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you 
are prompted now it is to install the new keys

dpchrist@po's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'po'"
and check to make sure that only the key(s) you wanted were added.


I can now login in to 'po' using ssh(1).  ssh-agent(1) will provide my 
passphrase.  I do not need to enter my SSH passphrase or my remote 
account password:


2021-02-09 12:12:10 dpchrist@tinkywinky ~
$ ssh po
Linux po 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1 (2019-04-12) x86_64
Last login: Tue Feb  9 12:10:11 2021 from 192.168.5.74

2021-02-09 12:12:12 dpchrist@po ~
$


Similarly, scp(1), rsync(1), and others will operate without requiring 
passphrases or passwords.  This is especially useful for scripts, 
cron(8) jobs, etc..




I created an fstab(5) entry on the local machine for mounting the
remote root directory with my unprivileged account.  Note the options: 


2021-02-08 22:37:51 dpchrist@tinkywinky ~
$ grep 'po:/' /etc/fstab | perl -pe 's/\t+/ /g'
po:/ /po fuse.sshfs ro,noauto,user 0 0


I've never had any of this below in my fstab, haven't needed it for the
other 4 machines.



fstab(1) is the canonical location for mount information.  By putting it 
there, standard tools will know where to find it.




I created a mount point and I set the owner and group to match my
unprivileged account.  The directory is empty:

2021-02-08 22:39:38 dpchrist@tinkywinky ~
$ ls -la /po
total 8
drwxr-xr-x  2 dpchrist dpchrist 4096 Jan 21 13:32 .
drwxr-xr-x 27 root root 4096 Jan 21 13:32 ..


Matches mine. Difference is that I put all those mountpoints in the /sshnet 
subdir
gene@coyote:~$ ls -la /sshnet/
total 36
drwxr-xr-x  9 gene gene 4096 Feb  9 07:37 .
drwxr-xr-x 28 root root 4096 Dec 12 03:44 ..
drwxr-xr-x  1 root root 4096 Feb  4 15:59 GO704
drwxr-xr-x  2 root root 4096 Feb  8 10:10 Hardinge1
drwxr-xr-x  1 root root 4096 Feb  3 14:16 lathe
drwxr-xr-x  2 root root 4096 Apr 25  2019 redpitaya
drwxr-xr-x  1 root root 4096 Feb  1 04:46 rpi4
drwxr-xr-x  1 root root 4096 Feb  4 15:43 sixty40
drwxr-xr-x  2 root root 4096 May  2  2019 vna



Assuming that command was run when /sshnet/Hardingel was not mounted 
(see below), the owner and group of Hardingel is root:root, not gene:gene.



On 2021-02-09 07:05, David Wright wrote:
> Change the ownership of Hardinge1.

Yes, that is the correct solution.


We were all confused by a feature of mount(1) -- mounting a remote 
filesystem changes the owner and group of the mount point on the local 
machine while the remote filesystem is mounted:


2021-02-09 12:13:43 dpchrist@tinkywinky ~
$ mount | grep '/po'

2021-02-09 12:23:26 dpchrist@tinkywinky ~
$ ls -ld /po
drwxr-xr-x 2 dpchrist dpchrist 4096 Jan 21 13:32 /po

2021-02-09 12:23:29 dpchrist@tinkywinky ~
$ mount /po

2021-02-09 12:24:14 dpchrist@tinkywinky ~
$ mount | grep '/po'
po:/ on /po type fuse.sshfs 
(ro,nosuid,nodev,noexec,relatime,user_id=13250,group_id=13250,user=dpchrist)


2021-02-09 12:24:17 dpchrist@tinkywinky ~
$ ls -ld /po
drwxr-xr-x 1 root root 4096 Aug 30 18:09 /po


The owner and group are restored when the filesystem is unmounted:

2021-02-09 12:24:21 dpchrist@tinkywinky ~
$ fusermount -u /po

2021-02-09 12:25:45 dpchrist@tinkywinky ~
$ ls -ld /po
drwxr-xr-x 2 dpchrist dpchrist 4096 Jan 21 13:32 /po


Finally, you might want to make the 'mount-machines' script idempotent:

https://en.wikipedia.org/wiki/Idempotent


E.g. add a 

Re: Cable HDMI sin sonido en notebook Lenovo G480

[Marcelo Eduardo Giordano]

On 8/2/21 23:52, Germán Avendaño Ramírez wrote:

On Mon, Feb 08, 2021 at 07:06:48PM -0300, Marcelo Eduardo Giordano wrote:

Queridos amigos:

Tengo una notebook Lenovo G480 con Debian 10 xcfe la cual mediante un cable
HDMI la conecto al televisor, pero curiosamente se ve la imagen pero no se
escucha el sonido el televisor, pero si en la notebook, lo que me trae
algunos problemas a la hora de escuchar.

He probado si el problema es el cable, usando el mismo con otros
dispositivos y veo que el mismo funciona a la perfección.

Quisiera saber si alguien puede darme alguna idea o solución a este problema

También se me ocurrió, no se que les parece, instalar debian 11 a ver si el
problema se soluciona.

Espero sus opiniones

Hola Marcelo, si instaló xfce4 por defecto, debe tener instalada la
aplicación pavucontrol. Desde ésta puede activar el sonido para HDMI,
desde la pestaña configuración.

Atentamente

Hola amigos. Ya solucioné mi problema. Tal cual lo relatado por varias 
personas era una cuestión muy simple de configuración del PulseAudio. 
Mas fácil imposible.


Aprovecho para contarle dos historias muy simple sobre Debian. Una es la 
mía, que soy Contador Público, siempre me gustó la computación en 
general y me convertí en fanático de Linux, después de haber pasado 
algún tiempo aprendiendo y buscando (no mucho).


La mejor es historia es la de mi esposa. Ella fue siempre usuaria de 
Windows. Cuando nos casamos siempre venía con su Windows "roto": 
problemas de virus, pantallas azules, etc etc. Cuando le dije que le iba 
a instalar linux no le gustó mucho, segurametne por ese acostumbramiento 
que tenemos a las "cosas windows". Pero pronto se acostubró y ahora no 
lo cambia por nada. Inclusive se siente orgullosa ante sus amigas de 
usar un sistema operativo distinto que sus amigas ignoran.


Saludos a todos y viva DEBIAN!

Re: Sid, upgrade kernel casse mon Wifi

[Étienne Mollier]

Bonsoir Jérôme,

jerome moliere, on 2021-02-08 18:12:11 +0100:
> Dans les logs du kernel on voit qu'il y a un souci de chargement du
> firmware:
> sudo dmesg|grep -i iwlwifi

Les numéros de version ci-après :

> [4.769596] iwlwifi :00:14.3: minimum version required: (efault)198
 
> [4.769643] iwlwifi :00:14.3: maximum version supported: (efault)143
  
sont précédés de la mention "(efault)".  Pour une raison ou pour
une autre, le pilote tente d'accèder à une address invalide[1]
pour indiquer les numéros de version de micrologiciel supportés
par le pilote, d'où le résultat confus.

[1] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/core-api/printk-formats.rst#n68

> [4.769684] iwlwifi :00:14.3: check git://
> git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git
> [4.769744] iwlwifi :00:14.3: Couldn't request the fw
> [4.783252] iwlwifi: probe of :00:14.3 failed with error -2
[...]
> Que puis je faire ?
> Depuis ma carte wifi est invisible sur toutes les distros avec des kernels
> differents j'ai tente plusieurs livecd mais elle est tjs aux abonnes
> absents...

Si le problème est indépendant des distributions, apparaissant
ailleurs que dans Debian et ses distributions dérivées, alors ça
vaudrait peut-être le coup d'ouvrir un rapport de bogue sur
le bugzilla en amont[2].

Éventuellement, ça pourrait valoir le coup de tester avec un
système d'exploitation et un noyau entièrement différent (BSD,
MS Windows), si c'est possible bien entendu, juste pour
s'assurer que ce n'est pas la carte wifi qui a rendu l'âme.

[2] https://bugzilla.kernel.org/

Bonne soirée,
-- 
Étienne Mollier 
Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
Sent from /dev/pts/2, please excuse my verbosity.


signature.asc
Description: PGP signature

Re: Cable HDMI sin sonido en notebook Lenovo G480

[Alexey Martinez]

Saludos al grupo estoy de acuerdo con la respuesta que menciona sobre la
instalación de driver yo estoy muy serca de ese problema o me sucede algo
similar se ve pero no se olle tengo una tarjeta nvidia estoy a la espera
que me descargen los driver de dicha tarjeta ya que los recomendados en el
repositorio de debian 10 no funcionaron correctamente.

El mar., 9 de febrero de 2021 2:42 a. m., Camaleón 
escribió:

> El 2021-02-08 a las 19:06 -0300, Marcelo Eduardo Giordano escribió:
>
> > Tengo una notebook Lenovo G480 con Debian 10 xcfe la cual mediante un
> cable
> > HDMI la conecto al televisor, pero curiosamente se ve la imagen pero no
> se
> > escucha el sonido el televisor, pero si en la notebook, lo que me trae
> > algunos problemas a la hora de escuchar.
>
> (...)
>
> Además de las buenas ideas que te han comentado, sería conveniente que
> comprobaras si elcontroladora de la tarjeta de sonido reconoce cotas
> las salidas, mediante la orden:
>
> aplay -l (si tienes ALSA)
> pactl list sources (si usas Pulseaudio)
>
> Manda a la lista lo que obtienes tras ejecutarlo.
>
> > También se me ocurrió, no se que les parece, instalar debian 11 a ver si
> el
> > problema se soluciona.
>
> Se me antoja precipitado. Si se trata de un problema de configuración
> podrás solucionarlo como te han comentado, seleccionado el HDMI como
> salida de audio. Si se trata de un problema del controlador de sonido,
> entonces sí podrías barajar esa opción.
>
> Saludos,
>
> --
> Camaleón
>
>

Re: Allow only selected USB

[l0f4r0]

Hi,

9 févr. 2021, 19:44 de mailingl...@darac.org.uk:

> Certainly. > https://www.kernel.org/doc/html/latest/usb/authorization.html
>
+ https://usbguard.github.io based on it.

Best regards,
l0f4r0

Re: Allow only selected USB

[Darac Marjal]

On 09/02/2021 18:38, Bhasker C V wrote:
> Hi all,
>
> I know it is very useful that linux auto-detects a USB device when
> plugged in. However I am trying to build a server which employs deny
> first rule. That is, I don't want linux kernel to detect any USB
> device even if plugged in except those listed with a Vendor/device ID
> in a file (perhaps stored somewhere securely in the server).
>
> Is this possible ? I tried to skim though internet but could not find
> any useful information except some pages reporting how to disable USB
> storage.
>
> Please could someone help me with some pointers ?
Certainly. https://www.kernel.org/doc/html/latest/usb/authorization.html



OpenPGP_signature
Description: OpenPGP digital signature

Allow only selected USB

[Bhasker C V]

Hi all,

I know it is very useful that linux auto-detects a USB device when 
plugged in. However I am trying to build a server which employs deny 
first rule. That is, I don't want linux kernel to detect any USB device 
even if plugged in except those listed with a Vendor/device ID in a file 
(perhaps stored somewhere securely in the server).


Is this possible ? I tried to skim though internet but could not find 
any useful information except some pages reporting how to disable USB 
storage.


Please could someone help me with some pointers ?

--
Bhasker C V
Secure Mails: http://keys.gnupg.net/pks/lookup?op=get=0x4D05FEEC54E47413
Registered Linux User: #306349

Re: fer un dibuix (era Re: LXC / Netplan / Bridge-vpn)

[roger . sicart]

Bones,

Osti tu qui embolic xD

Si ho he entès bé, vols que els contenidors de COL  surtin a Internet a través 
de l'IP publica del servidor, és a dir IPC. I el mateix per als contenidors del 
servidor ALL, a través de l'IP IPA.

Suposo que ja has verificat les rutes per fer que els paquets que han d'anar 
cap a Internet surtin pel bon dispositiu de xarxa ?

Si fas DNAT per al trafic entrant que s'ha de dirigir cap als contenidors, pot 
ser que et falti alguna regla SNAT per al trafic que surt dels contenidors cap 
a Internet.

Docker fa manipulacions d'aquests tipus a la configuració iptables, potser pots 
trobar algo a la documentació que parli d'aquest tema.

Sort!
--

R. Sicart

Le 9 février 2021 12:04:08 GMT+01:00, Daniel  a 
écrit :
>Al final he utilitzat dia per fer l'esquema ràpid que estic més
>acostumat.
>
>A Fwhaus estan les IPs públiques i el servidor Openvpn de cada bridge.
>
>Cada servidor té una IP pública per accedir via ssh, però els 
>contenidors interns fan servir fwhaus com gateway.
>
>N'hi ha una excepció que a Col, a la IP IPC tinc dirigit el port 80 a
>un 
>contenidor concret, i en principi funciona sense problemes.
>
>Fins aquí, cap problema i porta anys funcionant.
>
>Ara hem donat d'alta a un datacenter, el servidor ALL, i els
>contenidors 
>segueixen enrutant cap a fwhaus sense problemes, excepte que va 
>espectacularment lent (n'hi ha uns milers de km entre ells).
>
>Llavors volia fer que els sistemes que estan a Col, surtin directament,
>
>sense passar per fwhaus. He provat posar un contenidor que faci de fw o
>
>directament amb el tallafocs del node, redirigir els ports que
>necessito 
>(igual que ho tinc a l'altre servidor sense problemes)
>
>En els dos casos, el problema que em trobo que no aconsegueixo que 
>arribin els paquets als contenidors. Veig amb el tcpdump que si que 
>arriben a la IP pública IPA, però, amb la mateixa configuració que tinc
>
>a l'altre servidor, no arriba res.
>
>Potser es alguna configuració diferent del nou datacenter?
>
>
>?!¿?¿!
>
>Perdoneu el rotllo, suposo que m'estic saltant alguna cosa evident,
>però 
>ara mateix no se per on cercar l'error,
>
>Daniel
>
>
>
>
>El 6/2/21 a les 1:06, Alex Muntada ha escrit:
>> Hola Daniel
>>
>>> La idea de fer un dibuix es bona, així potser entendre jo el
>>> muntatge que tinc!
>> Una forma molt fàcil de fer-ho és amb mermaid-js[1]. Hi ha un
>> editor en línia[2] per si ho vols provar i, a més a més, es poden
>> incrustar documents mermaid dins dels blocs de codi del markdown
>> del gitlab i similars:
>>
>> ```mermaid
>> sequenceDiagram
>>  Client ->>+ Servidor : ping
>>  Servidor ->>+ Client : pong
>> ```
>>
>> Salut,
>> Alex
>>
>>   [1] https://mermaid-js.github.io/mermaid/#/flowchart
>>   [2] https://mermaid-js.github.io/mermaid-live-editor/
>>
>> --
>>⢀⣴⠾⠻⢶⣦⠀
>>⣾⠁⢠⠒⠀⣿⡁   Alex Muntada 
>>⢿⡄⠘⠷⠚⠋   Debian Developer  log.alexm.org
>>⠈⠳⣄
>>

konsole: clic sur une url se transforme en lien file

[steve]

Bonsoir,

Sur bullseye à jour.

J'ai un drôle comportement depuis quelques temps dans Konsole sous
KDE/Plasma.

echo "https://www.debian.org; > test.txt
cat test.txt
https://www.debian.org

Je clique avec la souris pour ouvrir cette url dans firefox. Firefox
s'ouvre mais pas avec l'url voulue mais 


file:///home/steve/.cache/kioexec/krun/287612_0/unnamed

Avec https://www.debian.org/intro/philosophy, j'obtiens

file:///home/steve/.cache/kioexec/krun/288327_0/philosophy

Dans les 2 cas, une page du site de debian s'affiche mais incomplète.

Qu'est-ce qui se passe ?

Merci d'avance pour vos lumières.

Steve

Re: sshfs has fubared mount

[Gene Heskett]

On Tuesday 09 February 2021 10:52:02 Anssi Saari wrote:

> Gene Heskett  writes:
> > fusermount: user has no write access to mountpoint /sshnet/Hardinge1
> > which is
> > ls -la /sshnet/ (on this machine)
> > total 84
> > drwxr-xr-x  9 gene gene  4096 Feb  8 10:10 .
> > drwxr-xr-x 28 root root  4096 Dec 12 03:44 ..
> > drwxr-xr-x  1 root root  4096 Feb  4 15:59 GO704
> > drwxr-xr-x  2 root root  4096 Feb  8 10:10 Hardinge1
> > drwxr-xr-x  1 root root  4096 Feb  3 14:16 lathe
> > drwxr-xr-x  2 root root  4096 Apr 25  2019 redpitaya
> > drwxr-xr-x  1 root root  4096 Feb  1 04:46 rpi4
> > drwxr-xr-x  1 root root  4096 Feb  4 15:43 sixty40
> > drwxr-xr-x  2 root root  4096 May  2  2019 vna
>
> With a little testing mounting with sshfs needs write access to the
> mount point so it's not possible to mount to your /sshnet/Hardinge1
> since you don't have write permission, only root does. So you need to
> add write permissions to your mount point /sshnet/Hardinge1.
>
> Now, if you're saying you can mount to sixty40, lathe, GO704, rpi4
> without write permissions then I'm baffled. You seem to indicate the
> listing shows that those directories are currently mounted in which
> case the mount point permissions are not shown?

See my reply to David. All those mounts are to the root of the 
filesystems on the other machines, and that then accounted for the fact 
I was seeing root:root for the already mounted systems.  A point that if 
I ever knew it, I've since forgotten since the other entries are now 
many years old.  Relatively short term memory isn't so good at 86 yo.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Incorrect password Debian 10.8 after installation

[Anssi Saari]

 writes:

> I don't know how far "some" reaches, but try -Q then 
> (mnemonics: Q like "quote").
>
> Not Emacs-y, but worth a try would be -I

Neither worked, although I only tried in grub-emu. But it should work
the same as Grub.

Re: Sobre ffmpeg. (offtopic)

[Gonzalo Rivero]

El lun, 08-02-2021 a las 02:41 +, Eduardo Jorge Gil Michelena
escribió:
>  A ver...
> LINUX jamás ha tenido buenos programas para manejar/editar videos.
> Te(...)fmpeg: incluye una herramienta de línea de comandos para
> convertir
> audio o video de un formato a otro... o sea te rompes la cabeza
> tratando de usar linea de comandos que para algunos "nerds" será muy
> "cool" pero... para otros como YO que lidié con líneas de comandos
> desde que comencé (1974) en esto de la informática NOS TIENE
> PODRIDOS, CANSADOS... es un incordio.
> 
> 
solo decir que no me imagino al pasante nuevo de youtube cargando
videos con el mouse en ese formatfactory o cualquier programa con GUI
para convertirlo a todas las resoluciones y compresiones que manejan y
todo eso en tiempo real. Ni siquiera al becario de netflix que tendrá
un ritmo de subida de videos mas lento que youtube.
Si me puedo imaginar comandos y parámetros, que alguien escribió algnua
vez y vio que era bueno, para hacer esto en automático.
¿a que apunto?, no se trata de ser nerd o cool, sino de ser mas
eficiente y tratar de usar la mejor herramienta -libre o no- según la
tarea.
Incluso a veces es hasta mas fácil y rápdio escribir el comando que
hacerlo con un montón de clicks de mouse, tal vez toma mas tiempo
aprenderlo, pero a la media ni siquiera a la larga es mas fácil

Need Help

[griffineng]

Please see attached.


message1
Description: Binary data

Re: sshfs has fubared mount

[Anssi Saari]

Gene Heskett  writes:

> fusermount: user has no write access to mountpoint /sshnet/Hardinge1
> which is
> ls -la /sshnet/ (on this machine)
> total 84
> drwxr-xr-x  9 gene gene  4096 Feb  8 10:10 .
> drwxr-xr-x 28 root root  4096 Dec 12 03:44 ..
> drwxr-xr-x  1 root root  4096 Feb  4 15:59 GO704
> drwxr-xr-x  2 root root  4096 Feb  8 10:10 Hardinge1
> drwxr-xr-x  1 root root  4096 Feb  3 14:16 lathe
> drwxr-xr-x  2 root root  4096 Apr 25  2019 redpitaya
> drwxr-xr-x  1 root root  4096 Feb  1 04:46 rpi4
> drwxr-xr-x  1 root root  4096 Feb  4 15:43 sixty40
> drwxr-xr-x  2 root root  4096 May  2  2019 vna

With a little testing mounting with sshfs needs write access to the
mount point so it's not possible to mount to your /sshnet/Hardinge1
since you don't have write permission, only root does. So you need to
add write permissions to your mount point /sshnet/Hardinge1.

Now, if you're saying you can mount to sixty40, lathe, GO704, rpi4
without write permissions then I'm baffled. You seem to indicate the
listing shows that those directories are currently mounted in which case
the mount point permissions are not shown?

Re: sshfs has fubared mount

[Gene Heskett]

On Tuesday 09 February 2021 10:05:34 David Wright wrote:

> On Tue 09 Feb 2021 at 00:01:03 (-0500), Gene Heskett wrote:
> > I have sshfs setup so I can move files around between this box and 4
> > others, 3 of which are now running buster.  Works only for the user,
> > me.
> >
> > Same install medium, a usb key, has installed buster to a 5th
> > machine, which is identical to two of the other 4.
> >
> > But the mount permissions are inverted, only root can mount this 5th
> > machine.  ssh -Y aliasname works normally, and I am logged into this
> > 5th machine fron a konsole as me, user 1000.
> >
> > Only I can execute these 4 lines of a script in my bin directory
> > #!/bin/bash
> > sshfs g...@sixty40.coyote.den:/ /sshnet/sixty40
> > sshfs gene@lathe:/  /sshnet/lathe
> > sshfs gene@GO704:/  /sshnet/GO704
> > sshfs pi@rpi4:/ /sshnet/rpi4
> >
> > but only root can execute this last line
> >
> > sshfs gene@Hardinge1:/  /sshnet/Hardinge1
> >
> > generating this error when I run this script as me.
> > gene@coyote:~$ bin/mount-machines
> > fuse: mountpoint is not empty
> > fuse: if you are sure this is safe, use the 'nonempty' mount option
> > fuse: mountpoint is not empty
> > fuse: if you are sure this is safe, use the 'nonempty' mount option
> > fuse: mountpoint is not empty
> > fuse: if you are sure this is safe, use the 'nonempty' mount option
> > fuse: mountpoint is not empty
> > fuse: if you are sure this is safe, use the 'nonempty' mount option
> >
> > The above mounts have already been done, and the onwership and perms
> > of /sshnet/Hardinge1 are identical to the other 4 above
> >
> > fusermount: user has no write access to mountpoint /sshnet/Hardinge1
>
> That's correct, isn't it?
>
> > which is
> > ls -la /sshnet/ (on this machine)
> > total 84
> > drwxr-xr-x  9 gene gene  4096 Feb  8 10:10 .
> > drwxr-xr-x 28 root root  4096 Dec 12 03:44 ..
> > drwxr-xr-x  1 root root  4096 Feb  4 15:59 GO704
> > drwxr-xr-x  2 root root  4096 Feb  8 10:10 Hardinge1
>
> ↑
>
> Root has write permission on that mount point, but not gene.
>
> > drwxr-xr-x  1 root root  4096 Feb  3 14:16 lathe
>
> 
>
> You say this mount point has already been mounted on, so that won't
> be the ownership of the mount point, but of what's mounted on it.
>
> > drwxr-xr-x  2 root root  4096 Apr 25  2019 redpitaya
> > drwxr-xr-x  1 root root  4096 Feb  1 04:46 rpi4
> > drwxr-xr-x  1 root root  4096 Feb  4 15:43 sixty40
> > drwxr-xr-x  2 root root  4096 May  2  2019 vna
> >
> > How do I fix this? I do not want a root perms holder to have access.
> > Anything I need to do to any of thse machines that needs root, can
> > be done with sudo from a normal login as the first user.
>
> Change the ownership of Hardinge1.
>
> Cheers,
> David.

And that was indeed the magic twanger, David, many thanks.

I was not aware that the perms ls -la was showing me were the perms of 
the mountED path.  Subtle diff, and apparently not documented 
sufficiently enough to get my attention.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Incorrect password Debian 10.8 after installation

[David Wright]

On Mon 08 Feb 2021 at 18:26:22 (-0800), David Christensen wrote:
> On 2021-02-08 15:15, David Wright wrote:
> > On Mon 08 Feb 2021 at 13:02:21 (-0800), David Christensen wrote:
> > > On 2021-02-08 00:40, Marco Möller wrote:
> > > 
> > > > You could bypass any password request during boot to the console
> > > > and then fix it by setting the desired password newly. The boot
> > > > parameter for bypassing all password request an right away
> > > > becoming logged in as user root is:
> > > >       init=/sbin/sulogin --force
> > > 
> > > That is interesting.  But, how does the reader *use* that information[?] 
> > > ...
> 
> > > Booting a Stretch system, I see a menu:
> > > 
> > >  GNU GRUB  version 2.02~beta3-5+deb9u2
> > > 
> > >  *Debian GNU/Linux
> > >   Advanced options for Debian GNU/Linux
> 
> > > If I press 'e', it (GRUB?) appears to bring up an editor window that
> > > contains a bunch of content that looks relevant.  The last few lines
> > > are:
> > > 
> > >  
> > >  echo'Loading Linux 4.9.0-9-amd64 ...'
> > >  linux   /vmlinuz-4.9.0-9-amd64 root=UUID=... ro noresume
> > >  echo'Loading initial ramdisk ...'
> > >  initrd  /initrd.img-4.9.0-9-amd64
> > 
> > … and that's the menu version of the commands outlined in 5.3.2.
> 
> > Yes, [add the suggested parameters]to the linux line: it's a kernel 
> > parameter.
> 
> > > Where is this documented?
> > 
> > I always go to
> > 
> > https://www.kernel.org/doc/html/v4.15/admin-guide/kernel-parameters.html
> > 
> > (where v4.15 could be different).
> > 
> >  init=   [KNL]
> >Format: 
> >Run specified binary instead of /sbin/init as init process.
> > 
> > where KNL confirms it's a Kernel parameter. The introduction shows:
> > 
> >  BUGS=   Relates to possible processor bugs on the said processor.
> >  KNL Is a kernel start-up parameter.
> >  BOOTIs a boot loader parameter.
> 
> Thank you for the information.  :-)
> But, it still does not answer the question -- how does the reader
> *use* the suggested "boot parameter"?
> 
> My WAG (untested):
> 
> 1.  Power up the computer.
> 2.  The GRUB menu should be displayed:
> 
> *Debian GNU/Linux
>  Advanced options for Debian GNU/Linux
> 
> 3.  Press the down arrow key to highlight "Advanced options for Debian
> GNU/Linux".  Press  to select it.

If you're heading for sulogin, I'm not sure it matters which line you
pick, as it means s(ingle)u(se)rlogin.

> 4.  A second GRUB menu should be displayed (the OP should have a newer
> kernel):

Yes, you warned us you're using stretch.

> *Debian GNU/Linux, with Linux 4.9.0-9-amd64
>  Debian GNU/Linux, with Linux 4.9.0-9-amd64 (recovery mode)
> 
> 5.  Press the down arrow key to select the "... (recovery mode)" boot
> entry.  Press 'e' to edit it.
> 
> 6.  The GRUB editor should start and display the contents of the
> selected boot entry.  Look for the line that begins with 'linux'.  Use
> the cursor keys to move the insertion point to the end of that line
> and add the following kernel boot parameters:
> 
> init=/sbin/sulogin --force
> 
> 7.  "Press Ctrl+x or F10 to boot".
> 
> Is the above correct?

Yes. AIUI --force deals with the case where there is no root
password/the root account is locked. But my understanding might be
faulty as I always set a root password in decades-old tradition.
As a result, I'm always prompted for a password. To reset *that*,
I'd either boot up my other system on the disk, or boot from a
stick/CD.

> Questions:
> 
> 1.  How do I make a copy of a boot entry?  (So that I can edit the
> copy and keep the original.)
> 
> 2.  How do I insert a tab character with the GRUB editor?  (Pressing
>  causes the editor to attempt command completion.)

I think Greg's guess was good. You don't need tabs or any other cosmetics.

> 3.  Will changes made to a boot entry with the GRUB editor persist for
> subsequent boots?

No. Just write down what you change, so that you can fold it in to your
Grub configuration later if it worked.

Cheers,
David.

Re: sshfs has fubared mount

[David Wright]

On Tue 09 Feb 2021 at 00:01:03 (-0500), Gene Heskett wrote:
> I have sshfs setup so I can move files around between this box and 4 
> others, 3 of which are now running buster.  Works only for the user, me.
> 
> Same install medium, a usb key, has installed buster to a 5th machine, 
> which is identical to two of the other 4.
> 
> But the mount permissions are inverted, only root can mount this 5th 
> machine.  ssh -Y aliasname works normally, and I am logged into this 5th 
> machine fron a konsole as me, user 1000.
> 
> Only I can execute these 4 lines of a script in my bin directory
> #!/bin/bash
> sshfs g...@sixty40.coyote.den:/ /sshnet/sixty40
> sshfs gene@lathe:/  /sshnet/lathe
> sshfs gene@GO704:/  /sshnet/GO704
> sshfs pi@rpi4:/   /sshnet/rpi4
> 
> but only root can execute this last line
> 
> sshfs gene@Hardinge1://sshnet/Hardinge1
> 
> generating this error when I run this script as me.
> gene@coyote:~$ bin/mount-machines
> fuse: mountpoint is not empty
> fuse: if you are sure this is safe, use the 'nonempty' mount option
> fuse: mountpoint is not empty
> fuse: if you are sure this is safe, use the 'nonempty' mount option
> fuse: mountpoint is not empty
> fuse: if you are sure this is safe, use the 'nonempty' mount option
> fuse: mountpoint is not empty
> fuse: if you are sure this is safe, use the 'nonempty' mount option
> 
> The above mounts have already been done, and the onwership and perms 
> of /sshnet/Hardinge1 are identical to the other 4 above
> 
> fusermount: user has no write access to mountpoint /sshnet/Hardinge1

That's correct, isn't it?

> which is
> ls -la /sshnet/ (on this machine)
> total 84
> drwxr-xr-x  9 gene gene  4096 Feb  8 10:10 .
> drwxr-xr-x 28 root root  4096 Dec 12 03:44 ..
> drwxr-xr-x  1 root root  4096 Feb  4 15:59 GO704
> drwxr-xr-x  2 root root  4096 Feb  8 10:10 Hardinge1

↑

Root has write permission on that mount point, but not gene.

> drwxr-xr-x  1 root root  4096 Feb  3 14:16 lathe



You say this mount point has already been mounted on, so that won't
be the ownership of the mount point, but of what's mounted on it.

> drwxr-xr-x  2 root root  4096 Apr 25  2019 redpitaya
> drwxr-xr-x  1 root root  4096 Feb  1 04:46 rpi4
> drwxr-xr-x  1 root root  4096 Feb  4 15:43 sixty40
> drwxr-xr-x  2 root root  4096 May  2  2019 vna
> 
> How do I fix this? I do not want a root perms holder to have access.
> Anything I need to do to any of thse machines that needs root, can be 
> done with sudo from a normal login as the first user.

Change the ownership of Hardinge1.

Cheers,
David.

Re: sshfs has fubared mount

[tomas]

On Tue, Feb 09, 2021 at 08:37:12AM -0500, Gene Heskett wrote:

[...]

> > Sorry. I can't relate this mail's subject, your longer description
> > and the error messages you show.

[...]

> Those 4 messages aren't reallly germain to this [...]
> [...] So those are smoke in this instance.

I see.

> The final line of that bash script:
> sshfs gene@Hardinge1:/  /sshnet/Hardinge1
> generates this response:
> fusermount: user has no write access to mountpoint /sshnet/Hardinge1
> 
> yet its ownership and attributes are identical to all the others that 
> Just Work.

Hm. Tied up in video call ATM. Perhaps later.

Cheers
 - t


signature.asc
Description: Digital signature

Re: sshfs has fubared mount

[Gene Heskett]

On Tuesday 09 February 2021 04:11:10 to...@tuxteam.de wrote:

> On Tue, Feb 09, 2021 at 12:01:03AM -0500, Gene Heskett wrote:
> > Greetings all;
> >
> > I have sshfs setup so I can move files around between this box and 4
> > others, 3 of which are now running buster.  Works only for the user,
> > me.
> >
> > Same install medium, a usb key, has installed buster to a 5th
> > machine, which is identical to two of the other 4.
> >
> > But the mount permissions are inverted, only root can mount this 5th
> > machine.  ssh -Y aliasname works normally, and I am logged into this
> > 5th machine fron a konsole as me, user 1000.
> >
> > Only I can execute these 4 lines of a script in my bin directory
> > #!/bin/bash
> > sshfs g...@sixty40.coyote.den:/ /sshnet/sixty40
> > sshfs gene@lathe:/  /sshnet/lathe
> > sshfs gene@GO704:/  /sshnet/GO704
> > sshfs pi@rpi4:/ /sshnet/rpi4
> >
> > but only root can execute this last line
> >
> > sshfs gene@Hardinge1:/  /sshnet/Hardinge1
> >
> > generating this error when I run this script as me.
> > gene@coyote:~$ bin/mount-machines
> > fuse: mountpoint is not empty
> > fuse: if you are sure this is safe, use the 'nonempty' mount option
>
> [rest deleted]
>
> Sorry. I can't relate this mail's subject, your longer description
> and the error messages you show.
>
> Mount is complaining that the directory where you mount the file
> systems "to" (aka "mountpoint") has stuff in it and refusing to
> do its job (unless you force it, with an extra option).
>
> My hunch is that either something is already mounted there, or
> that something got copied to those directories (while they were
> not mounted to) by accident.
>
> I'm counting exactly four like error messages, corresponding to
> the four mount commands in your script above. Whatever conclusions
> that leads us to.
>
Those 4 messages aren't reallly germain to this, they are mounts refusal 
to redo a mount already done by many invocations of the 
~/bin/mount-machines as I attempt to solve this. I only showed those for 
completeness. So those are smoke in this instance.

The final line of that bash script:
sshfs gene@Hardinge1:/  /sshnet/Hardinge1
generates this response:
fusermount: user has no write access to mountpoint /sshnet/Hardinge1

yet its ownership and attributes are identical to all the others that 
Just Work.

Thanks Tomas

 > Cheers
>  - t


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Login automatique et gestion écran de veille en verrouillage (Buster/openbox) problème mate-screensaver ?

[Sébastien NOBILI]

Le 2021-02-09 14:14, Sébastien NOBILI a écrit :

J'ai mis en place le même fonctionnement sur mon système. J'utilise
nodm et i3-lock.


Précision utile, xautolock est impliqué aussi pour verrouiller 
automatiquement.


Sébastien

Re: Login automatique et gestion écran de veille en verrouillage (Buster/openbox) problème mate-screensaver ?

[Sébastien NOBILI]

Bonjour,

Le 2021-02-09 12:14, Grégory Bulot a écrit :

Mon pc boot sous cryptsetup (/boot inclus), je suis le seul utilisateur
du poste.

Je me suis dis : a quoi ça sert d'ajouter la saisie du login sous
lightdm dans ce genre de situation !


Je réponds un peu à coté car je n'ai aucune expérience avec 
mate-screensaver.


J'ai mis en place le même fonctionnement sur mon système. J'utilise nodm 
et i3-lock.

Ça fonctionne très bien, l'extinction de l'écran également.

Sébastien

Re: sshfs has fubared mount

[Gene Heskett]

On Tuesday 09 February 2021 02:29:02 David Christensen wrote:

> On 2021-02-08 21:01, Gene Heskett wrote:
> > Greetings all;
> >
> > I have sshfs setup so I can move files around between this box and 4
> > others, 3 of which are now running buster.  Works only for the user,
> > me.
>
> My Debian machines are Stretch, but I would expect that the basics of
> sshfs(1) have not changed on Buster (?).

So would I since the same install media was used to install the 3 wintel
boxes, the 4th is an rpi4b running raspbian buster. And it Just Works too.
>
> My username 'dpchrist', UID, groupname 'dpchrist', and GID are the
> same on all of my machines.

ditto
>
> I have previously installed my public SSH key from the local computer
> 'tinkywinky' to the remote computer 'po' with ssh-copy-id(1):

Don't recall doing this, plz describe>
>
> sshd_config(5) is the same on both computers:
>
> 2021-02-08 23:20:06 dpchrist@tinkywinky ~
> $ grep -v '#' /etc/ssh/sshd_config | grep .
> ChallengeResponseAuthentication no
> UsePAM yes
> X11Forwarding yes
> PrintMotd no
> AcceptEnv LANG LC_*
> Subsystem sftp/usr/lib/openssh/sftp-server
>
> 2021-02-08 23:19:53 dpchrist@po ~
> $ grep -v '#' /etc/ssh/sshd_config | grep .
> ChallengeResponseAuthentication no
> UsePAM yes
> X11Forwarding yes
> PrintMotd no
> AcceptEnv LANG LC_*
> Subsystem sftp/usr/lib/openssh/sftp-server
>
>
> If you modify sshd_config(5) on either machine, be sure to restart
> sshd(8).
>
>
> ssh_config(5) is the same on both computers:
>
> 2021-02-08 23:20:59 dpchrist@tinkywinky ~
> $ grep -v '#' /etc/ssh/ssh_config | grep .
> Host *
> ForwardAgent yes
>  SendEnv LANG LC_*
>  HashKnownHosts yes
>  GSSAPIAuthentication yes
>
> 2021-02-08 23:19:57 dpchrist@po ~
> $ grep -v '#' /etc/ssh/ssh_config | grep .
> Host *
> ForwardAgent yes
>  SendEnv LANG LC_*
>  HashKnownHosts yes
>  GSSAPIAuthentication yes
>
>
> I created an fstab(5) entry on the local machine for mounting the
> remote root directory with my unprivileged account.  Note the options:

I've never had any of this below in my fstab, haven't needed it for the
other 4 machines.

> 2021-02-08 22:37:51 dpchrist@tinkywinky ~
> $ grep 'po:/' /etc/fstab | perl -pe 's/\t+/ /g'
> po:/ /po fuse.sshfs ro,noauto,user 0 0
>
>
> I created a mount point and I set the owner and group to match my
> unprivileged account.  The directory is empty:
>
> 2021-02-08 22:39:38 dpchrist@tinkywinky ~
> $ ls -la /po
> total 8
> drwxr-xr-x  2 dpchrist dpchrist 4096 Jan 21 13:32 .
> drwxr-xr-x 27 root root 4096 Jan 21 13:32 ..

Matches mine. Difference is that I put all those mountpoints in the /sshnet 
subdir
gene@coyote:~$ ls -la /sshnet/
total 36
drwxr-xr-x  9 gene gene 4096 Feb  9 07:37 .
drwxr-xr-x 28 root root 4096 Dec 12 03:44 ..
drwxr-xr-x  1 root root 4096 Feb  4 15:59 GO704
drwxr-xr-x  2 root root 4096 Feb  8 10:10 Hardinge1
drwxr-xr-x  1 root root 4096 Feb  3 14:16 lathe
drwxr-xr-x  2 root root 4096 Apr 25  2019 redpitaya
drwxr-xr-x  1 root root 4096 Feb  1 04:46 rpi4
drwxr-xr-x  1 root root 4096 Feb  4 15:43 sixty40
drwxr-xr-x  2 root root 4096 May  2  2019 vna

The 2 extra mountpoints are for a vector network analyser when it was 
setup for testing, I am a retired broadcast engineer whose been known
to tune an AM stations tower now and then. Doing that right usually involves a
dead chicken and other bits of black art. :) But using a vna instead 
of a 75 yo General Radio rf bridge, makes it 100x faster.  The vna 
draws a smith chart in seconds.

> I use mount(8) to mount the remote filesystem:
>
> 2021-02-08 22:42:15 dpchrist@tinkywinky ~
> $ mount /po

Where I'm using sshfs, not mount.

> 2021-02-08 22:42:32 dpchrist@tinkywinky ~
> $ mount | grep '/po'
> po:/ on /po type fuse.sshfs
> (ro,nosuid,nodev,noexec,relatime,user_id=redacted,group_id=redacted,us
>er=dpchrist)
>
> 2021-02-08 23:15:47 dpchrist@tinkywinky ~
> $ ls -ld /po/home/dpchrist
> drwxr-xr-x 1 dpchrist dpchrist 4096 Feb  8 15:02 /po/home/dpchrist
>
>
> RTFM sshfs(1) is wrong regarding unmounting:
>
> 2021-02-08 23:15:38 dpchrist@tinkywinky ~
> $ man sshfs | grep -B 4 umount
> mounting
> sshfs [user@]host:[dir] mountpoint [options]
>
> unmounting
> umount mountpoint
>
> 2021-02-08 22:50:21 dpchrist@tinkywinky ~
> $ umount /po
> umount: /po: Permission denied
>
>
> Old-school fusermount(1) works:
>
> 2021-02-08 22:51:57 dpchrist@tinkywinky ~
> $ fusermount -u /po
>
And mount by itself, lists this at the end of a long list
on ths machine:

fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
g...@sixty40.coyote.den:/ on /sshnet/sixty40 type fuse.sshfs 
(rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
pi@rpi4:/ on /sshnet/rpi4 type fuse.sshfs 
(rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
gene@lathe:/ on /sshnet/lathe type fuse.sshfs 
(rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)
gene@GO704:/ on /sshnet/GO704 type fuse.sshfs 

Rebuilding Debian Live gnome image fails

[Matthijs]

Hi all,

I'm trying to build a custom Debian live USB image. To do so, I start 
trying to rebuild an original non-modified live image - specifically 
from 
"https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid;, 
the debian-live-10.8.0-amd64-gnome.iso image.


Following the Debian Live manual on using a predefined 
configuration(https://live-team.pages.debian.net/live-manual/html/live-manual/managing-a-configuration.en.html#333):

$ mkdir live-images && cd live-images
$ lb config --config 
https://salsa.debian.org/live-team/live-images.git::debian

$ cd images/standard
$ sudo lb build

...this works and I get an ISO image in that directory.

But, instead doing this:
$ mkdir live-images && cd live-images
$ lb config --config 
https://salsa.debian.org/live-team/live-images.git::debian

$ cd images/gnome-desktop
$ sudo lb build
(note the change in the 'cd' command)
...this does NOT work. The build command starts doing a lot of work, 
fetching & installing stuff, but then simply stops at this point 
(copy/paste of ~17 lines of build.log):


v
The following NEW packages will be installed:
  dctrl-tools
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 104 kB of archives.
After this operation, 413 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 dctrl-tools amd64 
2.24-2+b1 [104 kB]

Fetched 104 kB in 0s (1481 kB/s)
Selecting previously unselected package dctrl-tools.
(Reading database ... 9125 files and directories currently installed.)
Preparing to unpack .../dctrl-tools_2.24-2+b1_amd64.deb ...
Unpacking dctrl-tools (2.24-2+b1) ...
Setting up dctrl-tools (2.24-2+b1) ...
P: Begin unmounting filesystems...
P: Saving caches...
Reading package lists...
Building dependency tree...
Reading state information...
^^^

No further output, it just quits. Same for cinnamon-desktop, kde-desktop 
and lxde-desktop. Comparing build.log from gnome-desktop with standard 
doesn't give me a clue to why it stops.


In case it is relevant: I'm building on a Debian Buster 10.8 AMD64 
machine, without any desktop (headless machine with ssh access only).


Anyone here with a suggestion how to make "lb build" work for a 
gnome-desktop Debian config?


Thanks!
Matthijs

Re: Looking for where to file a bug

[Greg Wooledge]

On Tue, Feb 09, 2021 at 08:31:05AM +0100, Sven Hartge wrote:
> Joshua Brickel  wrote:
> > The following packages have unmet dependencies:
> >  gsettings-desktop-schemas : Breaks: mutter (< 3.31.4) but 3.30.2-9~deb10u1
> > is to be installed
> > E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused
> > by held packages.

Try installing mutter directly and see what happens.  Or try installing
gsettings-desktop-schemas directly.  Or both together in one apt command.

Also make sure you didn't pin or hold anything.

> But you seem to have Buster in your sources.list (as seen by the version
> 3.30.2-9~deb10u1). Remove those lines and try again.

Keeping the buster lines should be safe, and shouldn't cause any errors
as long as there's also a newer version of the relevant package in the
bullseye lines.

Re: Incorrect password Debian 10.8 after installation

[Greg Wooledge]

On Mon, Feb 08, 2021 at 06:26:22PM -0800, David Christensen wrote:
> *Debian GNU/Linux, with Linux 4.9.0-9-amd64
>  Debian GNU/Linux, with Linux 4.9.0-9-amd64 (recovery mode)
> 
> 5.  Press the down arrow key to select the "... (recovery mode)" boot entry.
> Press 'e' to edit it.
[...]

> 1.  How do I make a copy of a boot entry?  (So that I can edit the copy and
> keep the original.)

The changes you make to the GRUB boot entry are one time only.  They're
not saved anywhere; they're only passed to the current instance of the
kernel.

> 2.  How do I insert a tab character with the GRUB editor?  (Pressing 
> causes the editor to attempt command completion.)

Why would you want to?

My best guess is that you think you want to because you think you're
making a permanent change that you'll have to look at again in the
future and you want it to be pretty.  This is not the case.  All you're
doing is adding some new words to a list of parameter words.

> 3.  Will changes made to a boot entry with the GRUB editor persist for
> subsequent boots?

No.

Re: Any hams here? Is there a program that lets me use a mouse as a CW paddle?

[Richard Owlett]

On 02/09/2021 03:37 AM, Ottavio Caruso wrote:

Hi,

I'm looking for a program (if there is no Debian binary, I'm willing to 
compile from sources) that:


1) emulates a iambic paddle using the left/right buttons of the mouse to 
send dits and dahs for training purposes;


2) (optional) could also be used to pilot a transceiver.

Thanks.



Sorry, I can't answer the question.
You might try https://lists.debian.org/debian-hams/ .
HTH

RE: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP withreserved IPs on wlan0?

[Michael Grant]

I have used openwrt, but not recent version of it.  I have been using Ubiquiti 
EdgeRouters running the stock EdgeOS.  Very solid routers.  I even have one 
sitting up in a tree in a Tupperware container in the snowy mountains!

I recently discovered that EdgeOS is based on Debian and you can install Debian 
packages on them.

Michael Grant

Login automatique et gestion écran de veille en verrouillage (Buster/openbox) problème mate-screensaver ?

[Grégory Bulot]

Bonjour,

Mon pc boot sous cryptsetup (/boot inclus), je suis le seul utilisateur
du poste.

Je me suis dis : a quoi ça sert d'ajouter la saisie du login sous
lightdm dans ce genre de situation ! j'ai donc modifié  

/etc/lightdm/lightdm.conf
 [Seat:*]
 autologin-user=[MOI]
 autologin-user-timeout=5
 display-setup-script=/usr/bin/setxkbmap fr oss  
# il était là, je le laisse

ça fonctionne !
Le problème est pour l'écran de veille  il ne demande plus le mot de
passe pour déverrouiller l'écran !

L'écran de veille est lancé via ~/.config/openbox/autostart 
mate-screensaver &

Y-a-t-il un paramètre que j'aurais oublié ou est-ce mate-screensaver
qui pose problème ?


J'ai choisi mate-screensaver car xscreensaver ne met pas en veille les
écrans (sur mon système) 



En Hors sujet : si je me déconnecte et que je retourne sur lightdm,
existe-t-il une astuce pour qu'il ne refasse pas le login automatique ?

Re: fer un dibuix (era Re: LXC / Netplan / Bridge-vpn)

[Daniel]

Al final he utilitzat dia per fer l'esquema ràpid que estic més acostumat.

A Fwhaus estan les IPs públiques i el servidor Openvpn de cada bridge.

Cada servidor té una IP pública per accedir via ssh, però els 
contenidors interns fan servir fwhaus com gateway.


N'hi ha una excepció que a Col, a la IP IPC tinc dirigit el port 80 a un 
contenidor concret, i en principi funciona sense problemes.


Fins aquí, cap problema i porta anys funcionant.

Ara hem donat d'alta a un datacenter, el servidor ALL, i els contenidors 
segueixen enrutant cap a fwhaus sense problemes, excepte que va 
espectacularment lent (n'hi ha uns milers de km entre ells).


Llavors volia fer que els sistemes que estan a Col, surtin directament, 
sense passar per fwhaus. He provat posar un contenidor que faci de fw o 
directament amb el tallafocs del node, redirigir els ports que necessito 
(igual que ho tinc a l'altre servidor sense problemes)


En els dos casos, el problema que em trobo que no aconsegueixo que 
arribin els paquets als contenidors. Veig amb el tcpdump que si que 
arriben a la IP pública IPA, però, amb la mateixa configuració que tinc 
a l'altre servidor, no arriba res.


Potser es alguna configuració diferent del nou datacenter?


?!¿?¿!

Perdoneu el rotllo, suposo que m'estic saltant alguna cosa evident, però 
ara mateix no se per on cercar l'error,


Daniel




El 6/2/21 a les 1:06, Alex Muntada ha escrit:

Hola Daniel


La idea de fer un dibuix es bona, així potser entendre jo el
muntatge que tinc!

Una forma molt fàcil de fer-ho és amb mermaid-js[1]. Hi ha un
editor en línia[2] per si ho vols provar i, a més a més, es poden
incrustar documents mermaid dins dels blocs de codi del markdown
del gitlab i similars:

```mermaid
sequenceDiagram
 Client ->>+ Servidor : ping
 Servidor ->>+ Client : pong
```

Salut,
Alex

  [1] https://mermaid-js.github.io/mermaid/#/flowchart
  [2] https://mermaid-js.github.io/mermaid-live-editor/

--
   ⢀⣴⠾⠻⢶⣦⠀
   ⣾⠁⢠⠒⠀⣿⡁   Alex Muntada 
   ⢿⡄⠘⠷⠚⠋   Debian Developer  log.alexm.org
   ⠈⠳⣄

Re: sshfs has fubared mount

[tomas]

On Tue, Feb 09, 2021 at 12:01:03AM -0500, Gene Heskett wrote:
> Greetings all;
> 
> I have sshfs setup so I can move files around between this box and 4 
> others, 3 of which are now running buster.  Works only for the user, me.
> 
> Same install medium, a usb key, has installed buster to a 5th machine, 
> which is identical to two of the other 4.
> 
> But the mount permissions are inverted, only root can mount this 5th 
> machine.  ssh -Y aliasname works normally, and I am logged into this 5th 
> machine fron a konsole as me, user 1000.
> 
> Only I can execute these 4 lines of a script in my bin directory
> #!/bin/bash
> sshfs g...@sixty40.coyote.den:/ /sshnet/sixty40
> sshfs gene@lathe:/  /sshnet/lathe
> sshfs gene@GO704:/  /sshnet/GO704
> sshfs pi@rpi4:/   /sshnet/rpi4
> 
> but only root can execute this last line
> 
> sshfs gene@Hardinge1://sshnet/Hardinge1
> 
> generating this error when I run this script as me.
> gene@coyote:~$ bin/mount-machines
> fuse: mountpoint is not empty
> fuse: if you are sure this is safe, use the 'nonempty' mount option

[rest deleted]

Sorry. I can't relate this mail's subject, your longer description
and the error messages you show.

Mount is complaining that the directory where you mount the file
systems "to" (aka "mountpoint") has stuff in it and refusing to
do its job (unless you force it, with an extra option).

My hunch is that either something is already mounted there, or
that something got copied to those directories (while they were
not mounted to) by accident.

I'm counting exactly four like error messages, corresponding to
the four mount commands in your script above. Whatever conclusions
that leads us to.

Cheers
 - t


signature.asc
Description: Digital signature

Re: Incorrect password Debian 10.8 after installation

[tomas]

On Mon, Feb 08, 2021 at 11:32:11PM -0800, David Christensen wrote:
> On 2021-02-08 23:22, Anssi Saari wrote:
> >David Christensen  writes:
> >
> >>Questions:
> >>
> >>1.  How do I make a copy of a boot entry?  (So that I can edit the
> >>copy and keep the original.)
> >
> >In Grub, you don't really need to since changes are not saved. For
> >permanent changes then in Linux edit the various files in /etc/grub.d
> >and regenerate /boot/grub/grub.cfg via running update-grub.
> 
> Okay.
> 
> 
> >>2.  How do I insert a tab character with the GRUB editor?  (Pressing
> >> causes the editor to attempt command completion.)
> >
> >I guess you don't? There doesn't seem to be much about the editor's
> >capabilities in the Grub manual.
> 
> Agreed.  The editor has a note that it supports some Emacs stuff.
> Perhaps an Emacs user would know?

I don't know how far "some" reaches, but try -Q then 
(mnemonics: Q like "quote").

Not Emacs-y, but worth a try would be -I

Failing that, we'll have to use the source :)

Cheers
 - t


signature.asc
Description: Digital signature

Lignes directrices pour un nouveau projet

[Pierre Musso]

Bonjour,
 
Les entreprises scandinaves à la recherche de spécialistes en informatique 
utilisent ce que l'on appelle le nearshoring, valorisant fortement les 
compétences des développeurs polonais, l'un des meilleurs développeurs au monde.
 
La Pologne est devenue un Tech-Hub pour l'Europe. La Scandinavie a investi plus 
de 11 milliards d'euros en Pologne au cours de la dernière décennie, où de plus 
en plus d'entreprises à capitaux scandinaves recherchent des spécialistes de 
l'industrie informatique.
 
Notre équipe de 400 professionnels du logiciel comprend des analystes 
commerciaux, des développeurs front-end, des développeurs back-end, des 
concepteurs UX, des chefs de projet, des ingénieurs Full-Stack, des ingénieurs 
DevOps et des testeurs.
 
Nous livrons des projets agiles utilisant PHP, C #, Java, .Net, Python, Q 
pour des clients mondiaux comme ING Group, Santander, Discovery, Asseco, Volvo 
et Generali. Jusqu'à présent, nous avons acquis une expertise de l'industrie 
dans les services financiers, la fabrication, le commerce électronique, les 
médias et sommes prêts à utiliser ces connaissances pour développer nos 
activités.
 
Pouvons-nous explorer ensemble vos besoins actuels en matière de développement 
logiciel?

 
Cordialement,
Pierre Musso