"Thomas Schmitt" writes:
> Hi,
>
> Richmond wrote:
>> OK I got it booted and re-installed grub from debian. But I don't
>> know why it happened, I haven't changed any keys or done anything
>> except an opensuse update. I will ask the opensuse list
>
> I remember to have seen discussions
Hi,
Richmond wrote:
> OK I got it booted and re-installed grub from debian. But I don't know
> why it happened, I haven't changed any keys or done anything except an
> opensuse update. I will ask the opensuse list
I remember to have seen discussions about newly installed shim adding
names of
Marco Moock writes:
> Am 01.06.2024 um 20:01:43 Uhr schrieb Richmond:
>
>> Should I disable secure boot temporarily? will that allow booting?
>
> That should allow booting it.
>
> Have you changed anything at the keys in the EFI (maybe UEFI
> firmware update)?
OK I got it booted and
Am 01.06.2024 um 20:01:43 Uhr schrieb Richmond:
> Should I disable secure boot temporarily? will that allow booting?
That should allow booting it.
Have you changed anything at the keys in the EFI (maybe UEFI
firmware update)?
--
Gruß
Marco
Send unsolicited bulk mail to
On Mon, 15 Apr 2024 20:57:00 +0200
user7415 same wrote:
> I had a discussion in stack exchange related to the problem that is
> well explained here:
> https://unix.stackexchange.com/questions/774594/debian-12-all-of-sudden-my-usb3-lan-adapter-get-assigned-random-mac-address-ea
>
> For what I
On 2024-04-01, Michel Verdier wrote:
> On 2024-04-01, DdB wrote:
>
>>> A computer with a 6-core processor, 64 GB memory, and 9 drive bays/
>>> ports that cannot boot USB? That does not make sense.
>>
>> Why not?
>
> Perhaps because usb boot is available since a very long time
>
The OP informed
Am 01.04.2024 um 18:52 schrieb David Christensen:
> A bad USB flash drive would explain why you cannot boot the Debian
> installer. Please buy a good quality USB 3.0+ flash drive and try again.
A friend of mine just let me use an external CD-Drive with the netboot
image. This is already the
On 4/1/24 03:10, DdB wrote:
Am 01.04.2024 um 07:44 schrieb David Christensen:
Please post a console session that identifies the ISO you are using,
verifies the checksum, burns the ISO to a USB flash drive, and compares
the ISO against the flash drive.
Ok, in the meantime, i came to similar
On 2024-04-01, DdB wrote:
>> A computer with a 6-core processor, 64 GB memory, and 9 drive bays/
>> ports that cannot boot USB? That does not make sense.
>
> Why not?
Perhaps because usb boot is available since a very long time
> *should* is the correct word. The board being over 10 years old,
Am 01.04.2024 um 07:44 schrieb David Christensen:
>
>
> A computer with a 6-core processor, 64 GB memory, and 9 drive bays/
> ports that cannot boot USB? That does not make sense.
Why not?
>
>
> Please post a console session that identifies the ISO you are using,
> verifies the checksum,
On 3/31/24 02:18, DdB wrote:
Hello list,
i intend to create a huge backup server from some oldish hardware.
Hardware has been partly refurbished and offers 1 SSD + 8 HDD on a 6core
Intel with 64 GB RAM.
Already before assembling the hardware, grub was working from the SSD,
which got lvm
On Sun 31 Mar 2024 at 11:18:30 (+0200), DdB wrote:
> Already before assembling the hardware, grub was working from the SSD,
> which got lvm partitioning and is basically empty. As i have no working
> CD drive nor can this old machine boot from USB, i put an ISO for
> bookworm onto an lvm-LV.
On 31 Mar 2024 11:18 +0200, from debianl...@potentially-spam.de-bruyn.de (DdB):
> As i have no working
> CD drive nor can this old machine boot from USB, i put an ISO for
> bookworm onto an lvm-LV. Using grub, i can manually boot from that ISO
> and see the first installer screens. But after
DdB composed on 2024-03-31 11:18 (UTC+0200):
> Suggestions are welcome :-)
https://www.debian.org/CD/netinst/
All my installations use this NET method. What I usually do though is extract
linux and initrd.gz from it or directly from the mirrors and load them with Grub
rather than booting the
On Sun, Mar 31, 2024 at 11:18:30AM +0200, DdB wrote:
> Hello list,
>
> i intend to create a huge backup server from some oldish hardware.
> Hardware has been partly refurbished and offers 1 SSD + 8 HDD on a 6core
> Intel with 64 GB RAM.
> Already before assembling the hardware, grub was working
On 12/23/23 22:16, Timothy M Butterworth wrote:
On Sat, Dec 23, 2023 at 8:58 PM David Christensen wrote:
I believe Debian includes packages for various intrusion detection
systems. Does anyone have any comments or recommendations?
Debian has SNORT and Suricata. I use Suricata. It works well
On Sat, Dec 23, 2023 at 8:58 PM David Christensen
wrote:
> On 12/23/23 01:29, Tim Woodall wrote:
> > The fact that the OP is not sending a SYN+ACK (according to the
> > tcpdumps that I saw) means that this is already blackholed.[2]
> >
> > There are three options at this point:
> > 1. Ignore it
On 12/23/23 16:15, Dan Ritter wrote:
David Christensen wrote:
Does Debian and/or Linux support SYN cookies?
Yes.
Put
net.ipv4.tcp_syncookies=1
in an appropriate sysctl.d/ file.
To check on current settings:
sysctl -n net.ipv4.tcp_syncookies
It looks like SYN cookies are enabled by
David Christensen wrote:
> Does Debian and/or Linux support SYN cookies?
Yes.
Put
net.ipv4.tcp_syncookies=1
in an appropriate sysctl.d/ file.
To check on current settings:
sysctl -n net.ipv4.tcp_syncookies
Sent from my iPhone
> On Dec 23, 2023, at 4:53 PM, Tim Woodall wrote:
>
> On Sat, 23 Dec 2023, David Christensen wrote:
>> Sending a RST to a falsified IP address would make the sending host into an
>> attacker by proxy. Why do you suggest it?
>>
> Because the OP wants it to stop. And
On Sat, 23 Dec 2023, David Christensen wrote:
Sending a RST to a falsified IP address would make the sending host into an
attacker by proxy. Why do you suggest it?
Because the OP wants it to stop. And the OP is running a server on this
port that is clearly not responding properly or we'd at
On 12/23/23 01:29, Tim Woodall wrote:
The fact that the OP is not sending a SYN+ACK (according to the
tcpdumps that I saw) means that this is already blackholed.[2]
There are three options at this point:
1. Ignore it - my "EVILSYN[1]" blacklist is right at the top of my iptables
rules and drops
On Thu, 21 Dec 2023, David Christensen wrote:
Perhaps you could set up a DMZ, move services into the DMZ, and provide a
VPN connection to the DMZ for your Internet users. Then you could close all
of the incoming WAN ports except VPN.
It might be possible to put the VPN endpoint into a
On 12/21/23 04:00, Alain D D Williams wrote:
My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no good. It
is also eating my broadband allowance.
This does not show up in the Apache log files - the
On 12/21/23 07:45, Tim Woodall wrote:
On Thu, 21 Dec 2023, Alain D D Williams wrote:
My home PC is receiving, for hours at a time, 12-30 kB/s input
traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no
good. It
is also eating my broadband allowance.
This
Alain D D Williams wrote:
> On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:
>
> > Use a firewall and set it up correctly.
>
> That I have done.
>
> The issue is broadband usage - ie before it hits the firewall.
IIUC you have a residential system with an ISP connection with a
On 21/12/2023 15:11, Pocket wrote:
On 12/21/23 09:58, Alain D D Williams wrote:
[cut]
Use a firewall and set it up correctly.
Assuming a residential environment.
Firewall the router and server(s) as well as all the client machines.
I have nginx, dovecot and exim4 and other daemons running
On 12/21/23 13:04, Alain D D Williams wrote:
On Thu, Dec 21, 2023 at 11:39:40AM -0500, Pocket wrote:
On 12/21/23 10:50, Alain D D Williams wrote:
It is NOT a firewall issue.
If I am correct you don't want any thing from the outside to hit your web
server?
The words "web server" is
On Thu, Dec 21, 2023 at 11:39:40AM -0500, Pocket wrote:
>
> On 12/21/23 10:50, Alain D D Williams wrote:
> > It is NOT a firewall issue.
>
>
> If I am correct you don't want any thing from the outside to hit your web
> server?
The words "web server" is ambiguous. It can mean my machine, ie can
On 12/21/23 10:50, Alain D D Williams wrote:
On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:
All you should be seeing is scans which you can not prevent.
I am looking at incoming packets with tcpdump. This sees packets *before* they
are filtered by iptables.
What are you using for
On Thu, Dec 21, 2023 at 10:51 AM Alain D D Williams wrote:
>
> On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:
> [...]
> > Amazon AWS system. should not be able to hit your http server, unless you
> > want it to.
>
> How do I distinguish between wanted & unwanted connections. The only
On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:
> All you should be seeing is scans which you can not prevent.
I am looking at incoming packets with tcpdump. This sees packets *before* they
are filtered by iptables.
> What are you using for a firewall?
Something hand rolled. Reasonably
On 12/21/23 10:24, Alain D D Williams wrote:
On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:
Use a firewall and set it up correctly.
That I have done.
The issue is broadband usage - ie before it hits the firewall.
All you should be seeing is scans which you can not prevent.
What
On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:
> Use a firewall and set it up correctly.
That I have done.
The issue is broadband usage - ie before it hits the firewall.
> Assuming a residential environment.
>
> Firewall the router and server(s) as well as all the client machines.
>
On 12/21/23 09:58, Alain D D Williams wrote:
On Thu, Dec 21, 2023 at 01:39:53PM +, Andy Smith wrote:
Okay well 30KiB/s is only about 78GiB/month which isn't really a
lot. I think we're both in UK and it's been hard to find a domestic
Internet connection that you'd run a web server on that
On Thu, Dec 21, 2023 at 01:39:53PM +, Andy Smith wrote:
> Okay well 30KiB/s is only about 78GiB/month which isn't really a
> lot. I think we're both in UK and it's been hard to find a domestic
> Internet connection that you'd run a web server on that can't cope
> with 78G/mo. So ignoring it
On Thu, Dec 21, 2023 at 12:44:33PM +, Tim Woodall wrote:
> On Thu, 21 Dec 2023, Alain D D Williams wrote:
[...]
> You can try sending RST. That might make them give up.
And then, there's tarpit [1] . But then I'd make double-sure you aren't
hurting legitimate traffic.
Cheers
[1]
On 2023-12-21, Alain D D Williams wrote:
> Yes: I do run a web server at home, but there is only a little/personal stuff,
> it does not receive much real traffic, I do not want it to. Most of my web
> presence is hosted elsewhere.
If you open a port (80 or something else), not on your server but
Hello,
On Thu, Dec 21, 2023 at 01:10:59PM +, Alain D D Williams wrote:
> Yes: I do run a web server at home, but there is only a little/personal stuff,
> it does not receive much real traffic, I do not want it to. Most of my web
> presence is hosted elsewhere.
Okay well 30KiB/s is only about
On Thu, Dec 21, 2023 at 07:50:42AM -0500, Greg Wooledge wrote:
> If your home Internet service has an "allowance", you probably shouldn't
> run a web server on it.
Yes: I do run a web server at home, but there is only a little/personal stuff,
it does not receive much real traffic, I do not want
On Thu, Dec 21, 2023 at 12:00:55PM +, Alain D D Williams wrote:
> My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This
> is
> unsolicited. I do not know what it is trying to achieve but suspect no good.
> It
> is also eating my broadband allowance.
> 11:08:56.354303
On Dec 21, 2023, Alain D D Williams wrote:
> My home PC is receiving, for hours at a time, 12-30 kB/s input
> traffic. This is unsolicited. I do not know what it is trying to
> achieve but suspect no good. It is also eating my broadband
> allowance.
>
> Questions:
>
> • What is going on ?
Looks
On Thu, 21 Dec 2023, Alain D D Williams wrote:
My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no good. It
is also eating my broadband allowance.
This does not show up in the Apache log files -
Michael,
You are a star.
I dont know what I did before but I re-installed rsyslog and changed the
PrivateTmp to no
It works now.
I can see /tmp/server.log is now pushing syslog contents
Thank you very much.
On Mon, Nov 13, 2023 at 10:24 AM Michael Biebl wrote:
> Am 13.11.23 um 10:13 schrieb
Am 13.11.23 um 10:13 schrieb Bhasker C V:
I forgot to answer the question on why I am doing this
I am experimenting on a no-log system where there is no writes
what-so-ever to /var/log (except for mails) or systemd journal
(currently kept volatile)
/tmp/ is tmpfs mounted
Attached is the
I forgot to answer the question on why I am doing this
I am experimenting on a no-log system where there is no writes what-so-ever
to /var/log (except for mails) or systemd journal (currently kept volatile)
/tmp/ is tmpfs mounted
Attached is the rsyslog config as-it-is being used now.
On Sun,
Am 12.11.23 um 08:18 schrieb Bhasker C V:
Hi,
I have tried removing PrivateTmp=no in the rsyslog service file and it
still doesnt work
I assume you mean PrivateTmp=yes?
I have removed the service file which I had created too.
I found that when I run the daemon manually, it works well.
Hi,
I have tried removing PrivateTmp=no in the rsyslog service file and it
still doesnt work
I have removed the service file which I had created too.
I found that when I run the daemon manually, it works well. Hence I have
disabled rsyslog and I have put the daemon startup in my rc-local
But
The service file you posted is not a good idea. Please remove it again.
If moving the log file out of /tmp is not an option, please run
systemctl edit rsyslog.service
and disable PrivateTmp via
[Service]
PrivateTmp=no
OpenPGP_signature.asc
Description: OpenPGP digital signature
Thanks very much.
Adding bind path did not help. I found that if I run rsyslog from
command-line as unconfined_t, it works well. It is just the extra systemd
locks which fail
I have since written a simple systemd unit file to make rsyslog work and it
has started working
#
Am 08.11.2023 um 18:34:12 Uhr schrieb ARY SAYD SAULT:
> I am reaching out to you because the team and I need to analyze the
> evolution of Debian software over the years and correlate it with
> Lehman's laws.
The tracker gives you version information: https://tracker.debian.org/
On the archive
On 11/8/23 13:34, ARY SAYD SAULT wrote:
Dear Debian's Team,
I hope this email finds you well. My name is Ary I am a software
engineering student at Catholic University of Salvador. I am reaching
out to you because the team and I need to analyze the evolution of
Debian software over the years
On Wed, Nov 08, 2023 at 06:34:12PM -0300, ARY SAYD SAULT wrote:
> software over the years and correlate it with Lehman's laws. Obviously, for
> this type of work, we would not need to analyze all the software since its
> release, just the most recent versions.
On 2023-11-08 08:26 +, Bhasker C V wrote:
> I moved my syslog to a different location '/tmp/server.log'
A rather strange decision, since /tmp is usually pruned on reboot.
> This was working all fine until I moved to selinux in enforcing mode.
>
> I have tried putting selinux in permissive
On Wed, Oct 11, 2023 at 9:39 AM Rishikesh Kakade <1rishikaka...@gmail.com>
wrote:
> Hi!
>
> I am trying to upgrade my system from Debian 11 to Debian 12. When I run
> sudo apt full-upgrade,
>
> λ ~/ main* sudo apt full-upgrade
>
> Reading package lists... Done
> Building dependency tree... Done
>
On 11 Oct 2023 11:08 +0530, from 1rishikaka...@gmail.com (Rishikesh Kakade):
> I am trying to upgrade my system from Debian 11 to Debian 12.
Okay.
First things first: did you read through and follow the upgrade
preparation portions of the Bookworm release notes? Going straight for
`apt
On Wed, 2023-10-11 at 11:08 +0530, Rishikesh Kakade wrote:
> Hi!
>
> I am trying to upgrade my system from Debian 11 to Debian 12. When I
> run
> sudo apt full-upgrade,
Well, to start with what appears to be the obvious, did you begin with
`apt-get update' first?
The, `apt-get full-upgrade'.
On 9/22/23 10:34, Andrea Bolognani wrote:
> On Fri, Sep 22, 2023 at 06:33:06AM +0100, Bhasker C V wrote:
>> I finally fixed it.
>> The issue seems to be with the tpm-tis/cpu backend (wonder why it shows up
>> with a different error)
>> For the sake of community, I am attaching the new xml file so
On Fri, Sep 22, 2023 at 06:33:06AM +0100, Bhasker C V wrote:
> I finally fixed it.
> The issue seems to be with the tpm-tis/cpu backend (wonder why it shows up
> with a different error)
> For the sake of community, I am attaching the new xml file so that you can
> do forensics on what changed
>
I finally fixed it.
The issue seems to be with the tpm-tis/cpu backend (wonder why it shows up
with a different error)
For the sake of community, I am attaching the new xml file so that you can
do forensics on what changed
(I prettymuch did a virt-install --import --print-xml to redo the config
On Thu, Sep 21, 2023 at 10:50:07 +0100, Bhasker C V wrote:
> Attaching win11.xml
> Please note that this used to work fine. It is failing now on libvirt-
> 9.7.0-1
>
> On Thu, Sep 21, 2023 at 9:13 AM Peter Krempa wrote:
>
> > On Thu, Sep 21, 2023 at 09:05:43 +0100, Bhasker C V wrote:
> > >
Hi,
I have tried that too and that did not help either (i.e adding the format
type=gpt)
The output you requested
```
$ sudo qemu-img info --backing-chain /var/virt/WINDOWS/WIN11
image: /var/virt/WINDOWS/WIN11
file format: qcow2
virtual size: 60 GiB (64424509440 bytes)
disk size: 55.1 GiB
Attaching win11.xml
Please note that this used to work fine. It is failing now on libvirt-
9.7.0-1
On Thu, Sep 21, 2023 at 9:13 AM Peter Krempa wrote:
> On Thu, Sep 21, 2023 at 09:05:43 +0100, Bhasker C V wrote:
> > Adding libvirt mailing list
> > apologies for cross-posting
> > libvirt
On Thu, Sep 21, 2023 at 09:05:43 +0100, Bhasker C V wrote:
> Adding libvirt mailing list
> apologies for cross-posting
> libvirt version: 9.7.0-1
>
> On Thu, Sep 21, 2023 at 8:39 AM john doe wrote:
>
> > On 9/21/23 09:32, Bhasker C V wrote:
> > > I am getting an error with libivrt when I create
On Thu, Sep 21, 2023 at 09:05:43AM +0100, Bhasker C V wrote:
> Adding libvirt mailing list
> apologies for cross-posting
> libvirt version: 9.7.0-1
>
> On Thu, Sep 21, 2023 at 8:39 AM john doe wrote:
>
> > On 9/21/23 09:32, Bhasker C V wrote:
> > > I am getting an error with libivrt when I
Adding libvirt mailing list
apologies for cross-posting
libvirt version: 9.7.0-1
On Thu, Sep 21, 2023 at 8:39 AM john doe wrote:
> On 9/21/23 09:32, Bhasker C V wrote:
> > I am getting an error with libivrt when I create a VM
> >
> > ```
> > $ sudo virsh create ./win11.xml
> > error: Failed
On 9/21/23 09:32, Bhasker C V wrote:
I am getting an error with libivrt when I create a VM
```
$ sudo virsh create ./win11.xml
error: Failed to create domain from ./win11.xml
error: internal error: mishandled storage format 'none'
```
This is after I have done a dist-upgrade (was working
Additional info:
$ nvidia-detect
Detected NVIDIA GPUs:
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117M
[GeForce GTX 1650 Mobile / Max-Q] [10de:1f91] (rev a1)
Checking card: NVIDIA Corporation TU117M [GeForce GTX 1650 Mobile / Max-Q]
(rev a1)
Your card is supported by the
Mario Marietto wrote:
> I still have the old "Samsung / Google Nexus 10" tablet. I don't like
> Android. Any help to install Ubuntu instead of Android on this device is
> appreciated. Thanks.
First, this is a Debian list, not an Ubuntu list.
Second, as far as I know, there are proprietary
Errata corrige :
I still have the old "Samsung / Google Nexus 10" tablet. I don't like
Android. Any help to install Debian instead of Android on this device is
appreciated. Thanks.
On Sat, May 13, 2023 at 2:27 PM Mario Marietto
wrote:
> Hello.
>
> I still have the old "Samsung / Google Nexus
On 7/27/2022 1:51 PM, Erik Mathis wrote:
> I would look at the UEFI vs BIOS boot options in the "backup" server and
> compare it to the "broken" server and make sure they are the same. Also check
> for BIOS updates and such.
>
>
> -Erik-
>
>
> On Wed, Jul 27, 2022 at 7:59 AM tony wrote:
>
>
On 2022-08-02 05:17, David wrote:
And then use something like this:
https://www.newegg.com/sabrent-ec-dflt-dock/p/N82E16817366069
to connect disk "A" to machine "B".
StarTech external caddies/connectors seem OK.
mick
The second disk would need to be connected to the running linux in some
way either by a disk dock or a disk caddy such that the running linux
could find the second disk using lsblk and blkid. Once located, parted -a
optimal /dev/xxx and then print to show the partition table then quit on
/dev/xxx
On Tue, 2 Aug 2022 at 13:25, David Wright wrote:
> On Thu 28 Jul 2022 at 14:29:32 (+0100), tony van der Hoff wrote:
> > On 27/07/2022 16:07, Jude DaShiell wrote:
> > Thanks for your help. Sadly, I'm not getting very far with this. I
> > guess I'm not understanding your instructions too well:
> >
On Thu 28 Jul 2022 at 14:29:32 (+0100), tony van der Hoff wrote:
> Thanks for your help. Sadly, I'm not getting very far with this. I
> guess I'm not understanding your instructions too well:
>
> On 27/07/2022 16:07, Jude DaShiell wrote:
> > Have the running linux system on the machine. Run
On Fri, 29 Jul 2022 at 02:32, Jude DaShiell wrote:
>
> Then your new /etc/fstab record should
> look like:
> The email program split that line all
> of that should be on one line
> space-separated. hth.
> 3fe30767-f7d7-4e6d-b48e-f80eef2d4b71
> /dev/sda9 ext4 defaults,nofail 1 2
Although it does
Then your new /etc/fstab record should
look like:
The email program split that line all
of that should be on one line
space-separated. hth.
3fe30767-f7d7-4e6d-b48e-f80eef2d4b71
/dev/sda9 ext4 defaults,nofail 1 2
On Thu, 28 Jul 2022, tony van der Hoff wrote:
> Thanks for your help. Sadly, I'm
On Wed Jul 27 10:30:05 2022 tony wrote:
> I turned on my main home server after a few weeks absence, and got
> smoke from its power supply. Fortunately, I have a backup system,
> which does work; both are running Debian 10, so I swapped use to that
> machine. and am able to work with that, but
I would look at the UEFI vs BIOS boot options in the "backup" server and
compare it to the "broken" server and make sure they are the same. Also
check for BIOS updates and such.
-Erik-
On Wed, Jul 27, 2022 at 7:59 AM tony wrote:
> Hi,
>
> I turned on my main home server after a few weeks
tony composed on 2022-07-27 12:37 (UTC+0100):
> I turned on my main home server after a few weeks absence, and got
> smoke from its power supply. Fortunately, I have a backup system, which
> does work; both are running Debian 10, so I swapped use to that machine.
> and am able to work with that,
On 7/27/22 04:37, tony wrote:
Hi,
I turned on my main home server after a few weeks absence, and got
smoke from its power supply. Fortunately, I have a backup system, which
does work; both are running Debian 10, so I swapped use to that machine.
and am able to work with that, but some of the
On 7/27/22 08:02, tony wrote:
Hi,
I turned on my main home server after a few weeks absence, and got
smoke from its power supply. Fortunately, I have a backup system, which
does work; both are running Debian 10, so I swapped use to that machine.
and am able to work with that, but some of the
Have the running linux system on the machine. Run lsblk to locate the
name of the boot partition. Once you have the name run blkid and copy the
uuid for use in the end of /etc/fstab and put in the path to the boot
device, the disk format ext4, defaults,nofail 1 2 on an fstab entry.
Next, run
On Wed 11 May 2022 at 20:26:20 (+0200), to...@tuxteam.de wrote:
> On Wed, May 11, 2022 at 11:07:09AM -0500, David Wright wrote:
>
> [...]
>
> > But after two posts about background information on setuid shell
> > scripts, you now write "the worst antipattern is to misuse tech
> > to force people
On Wed, May 11, 2022 at 11:07:09AM -0500, David Wright wrote:
[...]
> But after two posts about background information on setuid shell
> scripts, you now write "the worst antipattern is to misuse tech
> to force people to follow some nonsensical rituals". Strong words.
Sorry if I was unclear.
On Wed 11 May 2022 at 07:05:47 (+0200), to...@tuxteam.de wrote:
> On Tue, May 10, 2022 at 10:08:20PM -0500, David Wright wrote:
> > On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
>
> [...]
>
> > IOW, though logging in to root by password is ok at the console,
> > it's not ok when
Charles Curley wrote:
> On Tue, 10 May 2022 11:08:23 -0500
> David Wright wrote:
>
> > That complicates unlocking partitions remotely because, even if you
> > can log in as root, you normally can't log in remotely as root.
>
> ??? I log in as root over SSH all the time.
Most sshd configs
On Tue, May 10, 2022 at 10:08:20PM -0500, David Wright wrote:
> On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
[...]
> IOW, though logging in to root by password is ok at the console,
> it's not ok when remote. ➀
I assume you know all that you can set "PermitRootLogin yes" in
On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
> On Tue, 10 May 2022 11:08:23 -0500
> David Wright wrote:
>
> > That complicates unlocking partitions remotely because, even if you
> > can log in as root, you normally can't log in remotely as root.
>
> ??? I log in as root over
On Tue, May 10, 2022 at 05:12:25PM -0600, Charles Curley wrote:
> David Wright wrote:
> > I use a special user called unlock, whose home directory is on
> > /var/local/, to unlock my /home partitions:
>
> Unlock? What does "unlock" mean in this context? It looks like a
> synonym for "mount". If
On Tue, 10 May 2022 11:08:23 -0500
David Wright wrote:
> That complicates unlocking partitions remotely because, even if you
> can log in as root, you normally can't log in remotely as root.
??? I log in as root over SSH all the time.
>
> I use a special user called unlock, whose home
On Tue 10 May 2022 at 13:02:41 (-0400), Greg Wooledge wrote:
> On Tue, May 10, 2022 at 11:08:23AM -0500, David Wright wrote:
[> > On Tue 10 May 2022 at 08:21:00 (-0600), Charles Curley wrote:]
> > > Why the aversion to doing things as root? Why not just run your scripts
> > > as root? This is
On Tue, May 10, 2022 at 11:08:23AM -0500, David Wright wrote:
> > On Tue, 10 May 2022 07:50:18 -0400 rhkra...@gmail.com wrote:
> > Why the aversion to doing things as root? Why not just run your scripts
> > as root? This is exactly the sort of thing that is reserved to root for
> > reasons of
On Tuesday, May 10, 2022 10:21:00 AM Charles Curley wrote:
> Why the aversion to doing things as root? Why not just run your scripts
> as root? This is exactly the sort of thing that is reserved to root for
> reasons of security.
I may think about that some more, but it is a general aversion to
On Tue 10 May 2022 at 08:21:00 (-0600), Charles Curley wrote:
> On Tue, 10 May 2022 07:50:18 -0400 rhkra...@gmail.com wrote:
>
> > Background: 8 years ago I wrote a set of scripts to help me mount and
> > unmount LUKS encrypted partitions as needed and as myself
> > () rather than as root.
>
>
On Tue, 10 May 2022 07:50:18 -0400
rhkra...@gmail.com wrote:
> Background: 8 years ago I wrote a set of scripts to help me mount and
> unmount LUKS encrypted partitions as needed and as myself
> () rather than as root.
Why the aversion to doing things as root? Why not just run your scripts
as
By the way, thanks to all who replied! One followup below.
On Tuesday, May 10, 2022 08:20:10 AM rhkra...@gmail.com wrote:
> Ok, thanks very much!
>
> That resolves that -- I do have another way of doing it (the c helper
> program), I just don't like it -- I'll probably continue to use that but
On Tue, May 10, 2022 at 07:58:39AM -0400, Greg Wooledge wrote:
> On Tue, May 10, 2022 at 07:50:18AM -0400, rhkra...@gmail.com wrote:
> > Aside: even though this is not a Debian specific question, I often use
> > debian-
> > user as my first resource in asking Linux questions.
>
> It's
(Intentionally top posting)
Ok, thanks very much!
That resolves that -- I do have another way of doing it (the c helper
program), I just don't like it -- I'll probably continue to use that but think
about alternatives.
On Tuesday, May 10, 2022 07:58:39 AM Greg Wooledge wrote:
> The Linux
On Tue, May 10, 2022 at 07:50:18AM -0400, rhkra...@gmail.com wrote:
> Aside: even though this is not a Debian specific question, I often use debian-
> user as my first resource in asking Linux questions.
>
> Background: 8 years ago I wrote a set of scripts to help me mount and unmount
> LUKS
1 - 100 of 6468 matches
Mail list logo