How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
I want to install Debian 5.0.5 over my Ubuntu 10.04.1 OS. I will reformat partitions /boot and / but want to keep the other partitions which are now using the ext4 file system. Will that work? I read that 4.0 (lenny) doesn't support ext4 but it's available in testing. I see that the ext4 package is on the 5.0.5 distro but that doesn't necessarily mean it will be used routinely. Can anyone say for sure what will happen during installation with an existing ext4 partition to be retained? Thanks. -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=aac_mjkzzen1qdoiv3fzlfqntgdh8lz3nz...@mail.gmail.com
Re: How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
On Wed, Aug 25, 2010 at 06:52, Rodney D. Myers rod_my...@fastmail.fm wrote: On 8/25/10 7:49 AM, Tom Browder wrote: ... Can anyone say for sure what will happen during installation with an existing ext4 partition to be retained? ... What other partitions? I'll assume /home, and anything else? I have three disks with the partition setup as follows (mount points are shown): d1 (4 partitions): /boot - ext2# will reformat / - ext3 # will reformat /usr/local - ext4 # keep swap # will reformat keep: d2 (1 partition): /disk2 - ext4 d3 (1 partition): /disk3 - ext4 Normally with other distros I would use manual disk setup during installation and use the labels I have on the partitions to assign the mount points. I assume I can probably get away with ignoring disks 2 and 3 and set them up later, so I'm not concerned about them so much during installation. In a pinch I can probably do the same with the /usr/local partition on disk 1. But I would like to avoid those actions if I can. Note that I have a people directory under /usr/local instead of /home since that's the way I learned under Irix many years ago and so it's for historical reasons as they say. Thanks, Rodney. -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=nlceqqskse+x+8+byqk64dd_8i5caurvsa...@mail.gmail.com
Re: How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
On Wed, Aug 25, 2010 at 07:20, Rodney D. Myers rod_my...@fastmail.fm wrote: On 8/25/10 8:14 AM, Tom Browder wrote: On Wed, Aug 25, 2010 at 06:52, Rodney D. Myers rod_my...@fastmail.fm wrote: On 8/25/10 7:49 AM, Tom Browder wrote: ... Can anyone say for sure what will happen during installation with an existing ext4 partition to be retained? When installing, and the experts will correct me if I'm wring ;-) , use the expert system when doing the drive formatting. In there, you can mark each partition as keep, ignore, format, etc. Also in there, you can assign each partition a mount point as well. That sounds good. So I shouldn't have any problems with 5.0.5 supporting existing ext4 partitions. Thanks, Rodney. -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktikgjnzpqo1vdoehlcrted2q_nwq1mnw=v-yn...@mail.gmail.com
Re: How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
On Wed, Aug 25, 2010 at 07:44, Alain Baeckeroot alain.baecker...@laposte.net wrote: Le 25/08/2010 à 14:31, Tom Browder a écrit : On Wed, Aug 25, 2010 at 07:20, Rodney D. Myers rod_my...@fastmail.fm wrote: On 8/25/10 8:14 AM, Tom Browder wrote: On Wed, Aug 25, 2010 at 06:52, Rodney D. Myers rod_my...@fastmail.fm wrote: On 8/25/10 7:49 AM, Tom Browder wrote: ... Can anyone say for sure what will happen during installation with an existing ext4 partition to be retained? Lenny does not support ext4 for /boot (maybe / too), but it can manage ext4 for other partitions. https://ext4.wiki.kernel.org/index.php/Ext4_Howto#For_people_who_are_running_Debian http://wiki.debian.org/Ext4 For sure there is a backported kernel with ext4 support, it works flawlessly for me. http://backports.org/ http://packages.debian.org/lenny-backports/kernel/linux-image-2.6-686 Good info, Alain, thanks! -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinxhber0hvf+xmolz9mr0fn-tkjphoohzjwg...@mail.gmail.com
Re: How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
On Wed, Aug 25, 2010 at 08:22, Jochen Schulz m...@well-adjusted.de wrote: Tom Browder: On Wed, Aug 25, 2010 at 07:44, Alain Baeckeroot Lenny does not support ext4 for /boot (maybe / too), but it can manage ext4 for other partitions. https://ext4.wiki.kernel.org/index.php/Ext4_Howto#For_people_who_are_running_Debian http://wiki.debian.org/Ext4 For sure there is a backported kernel with ext4 support, it works flawlessly for me. http://backports.org/ http://packages.debian.org/lenny-backports/kernel/linux-image-2.6-686 Good info, Alain, thanks! In order to be able to at least mount existing ext4 filesystems during installation, you canalso try Kenshi Muto's d-i: http://kmuto.jp/debian/d-i/ These are regular images, just with a more recent kernel. And Kenshi is a DD, in case you care. Hm, thanks, but using those sounds like an installation using advanced procedures I'm not experienced with. Are we talking about a place in the installation where it might ask if you have other images or such on another medium (such as another CD or DVD)? I assume that is detailed in the inst docs, but I've never done it before. Thanks, Jochen. -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktin1qhhn6s12mflnrjkmddg3eqtpgzzkizrtm...@mail.gmail.com
Re: How to Retain an Existing Ext4 Partition with a Debian 5.0.5 DVD Installation?
On Wed, Aug 25, 2010 at 09:14, Jochen Schulz m...@well-adjusted.de wrote: Tom Browder: On Wed, Aug 25, 2010 at 08:22, Jochen Schulz m...@well-adjusted.de wrote: In order to be able to at least mount existing ext4 filesystems during installation, you canalso try Kenshi Muto's d-i: http://kmuto.jp/debian/d-i/ These are regular images, just with a more recent kernel. And Kenshi is a DD, in case you care. Hm, thanks, but using those sounds like an installation using advanced procedures I'm not experienced with. No, as I said: it is the regular Debian installer which comes with a more recent kernel. Are we talking about a place in the installation where it might ask if you have other images or such on another medium (such as another CD or DVD)? No, these are separate images. You download, burn and boot from them just like with any other d-i image. Oh! Thanks, I'll try that then. I'll report results later on this thread. -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinwyrwvp-zmcjiombjgdxcjcko7z4do7tli6...@mail.gmail.com
Re: Mixing apt-get and aptitude
On Wed, Aug 25, 2010 at 19:23, Aaron Toponce aaron.topo...@gmail.com wrote: On 08/25/2010 01:09 PM, T o n g wrote: I used to use either apt-get or aptitude to install packages. Is it OK to do so? Yes. However, aptitude is a much more powerful program. Check my blog post on the many reasons to use aptitude over apt: http://pthree.org/2007/08/12/aptitude-vs-apt-get/ Excellent! Thanks. Aside, can you post another blog (or another thread here) about why you use both Ubuntu and Debian? I assume Debian for a stable server host and Ubuntu for a more up-to-date desktop host, but I may be wrong. Thanks. -Tom Niceville, FL USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktim6xfpdev_9oat1cb4tb-6hzvuuvae=b2qip...@mail.gmail.com
Re: Mixing apt-get and aptitude
On Thu, Aug 26, 2010 at 10:59, Aaron Toponce aaron.topo...@gmail.com wrote: On Thu, Aug 26, 2010 at 08:51:29AM -0500, Tom Browder wrote: Aside, can you post another blog (or another thread here) about why you use both Ubuntu and Debian? http://pthree.org/2009/02/19/server-migration-from-ubuntu-804-to-debian-50/ ... Thanks, Aaron, case well stated! -Tom Tom Browder Niceville, FL USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktikzgy21u3kfyy5-m0a0jujyquhajzhxdjg7m...@mail.gmail.com
What is Recommend CLI Package Manager Tool for Newb?
I have to say I'm getting confused. I'm in the middle of setting up my first Debian server (which used to be Ubuntu). I will be administering it remotely and would like to use the best tool for the job. Now I read conflicting opinions from experienced people about apt-*, aptitude, and wajit. Is there a consensus? Thanks. -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinvcpmg3jxvw02ahgteaskzzk8exxjp65i3a...@mail.gmail.com
New Debian Server: Add/Remove Applications Hangs, Blocks Other GUI Apps
On my freshly installed Lenny 5.0.5 box. I have my network working enough to get new packages, browse, and ssh to other hosts, but i am having trouble with some administrative GUI apps. When I try to use the Add/Remove Applications it chugs for a while, then, after I enter the password, it opens. Then it says the list of apps is out of date, asks if it can be updated, grays out and it hangs and I can't kill it without logging out and back in. And while it's hanging, I can't use Synaptic Package Manager or the root terminal. After I log out and back in, I can use Synaptic Package Manager and the root terminal okay. As the doctor said when the man complained when it hurt after some action, don' t do that. And I could do the same, but I want to do that. Any ideas? Thanks. -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktimw560fclbpyr5vnwkzyntja3rbk1t9w7p9k...@mail.gmail.com
Re: New Debian Server: Add/Remove Applications Hangs, Blocks Other GUI Apps
On Sun, Aug 29, 2010 at 03:44, Bob Proulx b...@proulx.com wrote: ... Bob, thanks for answering. I can't give detailed reply tight now, but I will later. Regards, -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinudqdfkhgrhwhjaz2sa2y-vpebedycqwwg1...@mail.gmail.com
Re: New Debian Server: Add/Remove Applications Hangs, Blocks Other GUI Apps
On Sun, Aug 29, 2010 at 03:44, Bob Proulx b...@proulx.com wrote: Tom Browder wrote: ... When I try to use the Add/Remove Applications it chugs for a while, you are using a GUI wrapper around apt. Because it is a wrapper there may be errors that you are not seeing. Let me recommend that you run apt from the command line so that you can see any errors that are being produced. Okay, will do. What are the contents of your /etc/apt/sources.list file? $ cat /etc/apt/sources.list deb http://ftp.us.debian.org/debian/ lenny main deb-src http://ftp.us.debian.org/debian/ lenny main deb http://security.debian.org/ lenny/updates main deb-src http://security.debian.org/ lenny/updates main deb http://volatile.debian.org/debian-volatile lenny/volatile main deb-src http://volatile.debian.org/debian-volatile lenny/volatile main I worry that you may have something incorrect there. If not then run an update from the command line and report what it says. Hopefully it will work with no errors. But if not it should tell you why it is failing. # apt-get update That works. No out-of-date programs indicated. If that works then you can upgrade. # apt-get upgrade That works--it upgraded OpenOffice. And while it's hanging, I can't use Synaptic Package Manager or the root terminal. Your phrase or the root terminal confuses me. That's was an app on the menus just like terminal except it was owned by root. All of the issues look like a problem with granting privileges. I have added my user name to the sudoers file and am not using anything but CLI now--my new Debian server is now headless. Thanks, Bob. Regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktikke8gkd9joa7cnwmkrhjrmwmacbpykvtxxk...@mail.gmail.com
Re: New Debian Server: Add/Remove Applications Hangs, Blocks Other GUI Apps
On Mon, Aug 30, 2010 at 10:59, Bob Proulx b...@proulx.com wrote: ... I have no idea what is happening in that subsystem. I never use it. Good luck! Thanks, Bob. Regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=nbvpklq21tni98dgack6wbxl+fy=ssipxa...@mail.gmail.com
How to determine packages added after installation?
Is there any way to get a list of the default packages used for an initial installation from CD? I looked at my 10.04.1 CD and could find only a limited set of packages (*.deb) under ./pool, and that is obviously not all that were installed. My purpose is so that I can ensure a co-worker has the same package setup as I so our environments are identical. I know I can do this by comparing his installed package list versus mine. but it would be easier if I could just tell him what I added after a default installation. A Date-installed: record in the package list file (/var/lib/dpkg/status) would be helpful for compiling such a list (and maybe a How-installed: record). Thanks, -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=g3rh9ovqoy23q+oa-z5zcwsf8llym+o0rk...@mail.gmail.com
Using unstable for certain packages
Is it possible to fine tune the package sources so as to use unstable only for certain packages? Best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFMGiz_v+WfSymepzCsuWaA=_=uy3X_4apZ=trhpbzu0u+6...@mail.gmail.com
Re: Using unstable for certain packages
On Fri, Apr 12, 2013 at 6:38 AM, Morel Bérenger berenger.mo...@neutralite.org wrote: Le Ven 12 avril 2013 13:33, Tom Browder a écrit : Is it possible to fine tune the package sources so as to use unstable only for certain packages? ... The technique is named apt-pinning, you can find some documentation here: http://wiki.debian.org/AptPreferences On Fri, Apr 12, 2013 at 6:38 AM, Lars Noodén lars.noo...@gmail.com wrote: ... If the package you want is not in backports, then you could try apt-pinning: http://wiki.debian.org/AptPreferences Thanks, Morel and Lars! Best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cafmgiz_gmo_mjxj3vm5bwccp7xklcpx8ql1qbyvq4osjyiz...@mail.gmail.com
Re: Using unstable for certain packages
On Fri, Apr 12, 2013 at 6:59 AM, Alex Mestiashvili alexander.mestiashv...@biotec.tu-dresden.de wrote: On 04/12/2013 01:33 PM, Tom Browder wrote: Is it possible to fine tune the package sources so as to use unstable only for certain packages? ... You can try it, but in most cases it is not a good idea. Most of the packages have dependencies which are not available in stable or testing and if you try to get all of them, than after some time your system will be a mix of unstable and stable/testing I suggest to get the source packages instead and rebuild them for your environment. Sounds like good advice, Alex--a happy medium between ad hoc local updates and a probably more controlled build and local install. I shall look into how to do that. Best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFMGiz9bXVd9LbCHCvj+b1PnnU=-1y8u7lpk6wnnkf0aqsz...@mail.gmail.com
Re: How to partition a 3TB disk?
On Mon, May 20, 2013 at 8:28 PM, David Christensen dpchr...@holgerdanske.com wrote: On 05/20/13 17:20, Rick Thomas wrote: I just purchased a 3TB disk -- my first of that size. I'm trying to partition it. I want one huge ext4 filesystem. But fdisk ... Install parted and read the man page for the mklabel command with the David is right on track, but gparted may be easier. See: http://gparted.sourceforge.net/index.php Best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cafmgiz_vjltvzge8k+fkdkwadbqec4cvva6wvpmdftnq6pk...@mail.gmail.com
Wheezy (Deb 7.1) Windows Focus?
I just installed Deb 7.1 on Oracle VM and it's much better than my first experience with 7.0. However. I cannot find out how to get the cursor focus to be in the active window as in Deb 6+. Can anyone help? Thanks so much, and best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cafmgiz9qrsun3xwpqdyooupprwr2fmpg-x3qbjn38mgylfj...@mail.gmail.com
Re: Wheezy (Deb 7.1) Windows Focus?
On Thu, Jun 27, 2013 at 6:37 AM, Tom Browder tom.brow...@gmail.com wrote: I just installed Deb 7.1 on Oracle VM and it's much better than my first experience with 7.0. However. I cannot find out how to get the cursor focus to be in the active window as in Deb 6+. I forgot to say I'm using the Gnome Classic desktop. -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFMGiz-22Px4XSDrj_Z=3-cxarzt+mic3aybb2mysevq-j8...@mail.gmail.com
Re: Wheezy (Deb 7.1) Windows Focus?
On Tue, Jul 2, 2013 at 10:46 AM, Selim T. Erdogan se...@alumni.cs.utexas.edu wrote: Tom Browder, 27.06.2013: On Thu, Jun 27, 2013 at 6:37 AM, Tom Browder tom.brow...@gmail.com wrote: first experience with 7.0. However. I cannot find out how to get the cursor focus to be in the active window as in Deb 6+. I forgot to say I'm using the Gnome Classic desktop. In the Applications menu, go to System Tools and choose dconf Editor. (You might need to install the dconf-tools package.) In dconf editor, choose org-gnome-desktop-wm-preferences and edit focus-mode. The names have changed (it's now the Configuration Editor) but i did a find on focus and found where to change the setting--not as convenient as before, but it works! Thanks much, Selim, and best regards, -Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFMGiz9O9oFvErXtYtXKDqP=chwbk2mrrahqgcrrcwgc3bk...@mail.gmail.com
Debian security: need recipe for blocking root ssh access AND all ssh password access
I have several remote Debian 7 servers and would like to secure it in the following manner: 1. root will not be allowed any external access (access is only via a user becoming root while logged in) 2. after initial setup, no ssh access will be allowed via a password I have seen much documentation on securing such a host, but I don't want to be an expert--I just need a recipe. Many thanks. Best regards, -Tom
Re: Debian security: need recipe for blocking root ssh access AND all ssh password access
On Wed, Feb 17, 2016 at 8:23 AM, Peter Ludikovskywrote: > -BEGIN PGP SIGNED MESSAGE- ... Thanks, Peter. Do you agree with Darac's solution? Best, -Tom
Re: Debian security: need recipe for blocking root ssh access AND all ssh password access
On Wed, Feb 17, 2016 at 8:24 AM, Darac Marjal <mailingl...@darac.org.uk> wrote: > On Wed, Feb 17, 2016 at 08:08:26AM -0600, Tom Browder wrote: >> >> I have several remote Debian 7 servers and would like to secure it in >> the following manner: ... I can follow that! Thanks so much, Darac. Best, -Tom
Re: Debian security: need recipe for blocking root ssh access AND all ssh password access
On Wed, Feb 17, 2016 at 9:33 AM, Jeremy T. Bousewrote: > Setting SSH "PermitRoot no" and "PasswordAuthentication no" are good > starts... I'd also check that "ChallengeResponseAuthentication no" is set as > well as some PAM modules will utilize it and be able to get around passwords > being entered as well as "UsePAM no" Okay. > I do agree locking the root password isn't advisable. As I use > configuration management/automation to handle my servers I simply set the > root password to generated password that only I know the algorithm to > reproduce it when I need to, Can you give more details on the process (at least generally)? > but enable sudoers for all other 'root' access. Can one use that method and restrict use of "sudo su?" > I also go further by utilizing Duo Security as a MFA for SSH logins to > my servers for accounts authorized to log in. Hm, so you do allow some accounts password access? Thanks, Jeremy! Best, -Tom
Re: Debian security: need recipe for blocking root ssh access AND all ssh password access
On Wed, Feb 17, 2016 at 4:02 PM, Jeremy T. Bouse <jeremy.bo...@undergrid.net> wrote: > On 2/17/2016 3:31 PM, Tom Browder wrote: >> On Wed, Feb 17, 2016 at 9:33 AM, Jeremy T. Bouse >> <jeremy.bo...@undergrid.net> wrote: ... >>> I do agree locking the root password isn't advisable. As I use >>> configuration management/automation to handle my servers I simply set the >>> root password to generated password that only I know the algorithm to >>> reproduce it when I need to, >> Can you give more details on the process (at least generally)? ... Thanks so much, Jeremy! -Tom
Best use of program 'debfoster' to back-up package lists and packages?
I am in the process of reinstalling Debian 8 after my desktop died, and want to make sure I keep a list of packages installed. Following various debian threads I'm going to do this: # dpkg --get-selections "*" > /backup/dpkg-get/selections # apt-key exportall > /backup/repositories.keys and after the new installation do this: # apt-key add /backup/repositories.keys # apt-get update # dpkg --set-selections < $d/dpkg-get/selections # apt-get dselect-upgrade Questions: 1. Any problems with the above procedures? 2. I just now found out about program 'debfoster'. How can I integrate it into the back-up/restore process above? Thanks. Best regards, -Tom
Debian 8 fresh install, lost MATE desktop (lightdm) after first reboot, cannot recover graphical login
Yesterday, after a week with my new Debian 8 desktop running Mate, I did an "aptitude update" and somehow upgraded "fglrx-control" among other things (I have no idea if that was the genesis of my problem, but later I found some nvidia packages installed wile I have an Intel graphics device). I merrily continued to work until I had to shutdown to go to my Linux group meeting. There I booted up my laptop (he first reboot after the intial install) and could not get a graphical display! I have fooled with it all day to no avail. I discovered just now that I can get an X program to display from a remote login into the laptop, but nothing on the physical laptop. I have tried reinstalling MATE as well as xfce to no avail. When booting I get a flash of a message saying: [FAILED] Failed to start Light Display Manager. See 'systemctl status lightdm.service' for details. When I execute "systemctl status lightdm.service" I get: # systemctl status lightdm.service * lightdm.service - Light Display Manager Loaded: loaded (/lib/systemd/system/lightdm.service; enabled) Active: failed (Result: start-limit) since Tue 2016-04-05 14:31:51 CDT; 3min 19s ago Docs: man:lightdm(1) Process: 833 ExecStart=/usr/sbin/lightdm (code=exited, status=1/FAILURE) Process: 829 ExecStartPre=/bin/sh -c [ "$(cat /etc/X11/default-display-manager 2>/dev/null)" = "/usr/sbin/lightdm" ] (code=exited, status=0/SUCCESS) Main PID: 833 (code=exited, status=1/FAILURE) Apr 05 14:31:51 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 14:31:51 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 14:31:51 juvat2 systemd[1]: lightdm.service start request repeated too quickly, refusing to start. Apr 05 14:31:51 juvat2 systemd[1]: Failed to start Light Display Manager. Apr 05 14:31:51 juvat2 systemd[1]: Unit lightdm.service entered failed state. I will reinstall Debian 8 from scratch if necessary, but that would be a real pain, so I would appreciate any hints. Thanks. Best regards, -Tom
Fwd: Debian 8 fresh install, lost MATE desktop (lightdm) after first reboot, cannot recover graphical login
I just realized I didn't post my reply to the list. -Tom -- Forwarded message -- From: *Tom Browder* <tom.brow...@gmail.com> Date: Tuesday, April 5, 2016 Subject: Debian 8 fresh install, lost MATE desktop (lightdm) after first reboot, cannot recover graphical login To: arian <deb...@semioptimal.net> On Tue, Apr 5, 2016 at 5:26 PM, arian <deb...@semioptimal.net <javascript:;>> wrote: > please retrieve the actual logs from > # journalctl -u lightdm Output of "journalctl -u lightdm" follows: # journalctl -u lightdm -- Logs begin at Tue 2016-04-05 16:50:35 CDT, end at Tue 2016-04-05 17:51:15 CDT. -- Apr 05 16:50:46 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 16:50:46 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 16:50:47 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 16:50:47 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 16:50:47 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 16:50:47 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 16:50:48 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 16:50:48 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 16:50:48 juvat2 systemd[1]: lightdm.service: main process exited, code=exited, status=1/FAILURE Apr 05 16:50:48 juvat2 systemd[1]: Unit lightdm.service entered failed state. Apr 05 16:50:48 juvat2 systemd[1]: lightdm.service start request repeated too quickly, refusing to start. Apr 05 16:50:48 juvat2 systemd[1]: Failed to start Light Display Manager. Apr 05 16:50:48 juvat2 systemd[1]: Unit lightdm.service entered failed state Thanks, arian. Best, -Tom
Re: Linux CLI gnuplot-ish program to do maps?
On Sun, Mar 20, 2016 at 6:14 PM, Emanuel Bergwrote: > Is there a Linux CLI gnuplot-ish program to do maps? ... Take a look at the BRL-CAD DSP tutorial here: http://brlcad.org/wiki/DSP Is that anywhere near what you want? Best regards, -Tom
Re: Upgrade Deb 7 to 8, GNOME Flashback, terminal windows not saved: any way to save?
On Tuesday, March 22, 2016, Lisi Reiszwrote: ... > Sorry, I should get to the end before I respond! That's okay, Lisi, I do that, too, especially when trying to work e-mail with a tablet. And this gives me a chance to elucidate on my situation. I have liked and used Debian for at least 10 years (after 10+ years with Yggdrasil, Redhat, Fedora), but, as GNOME 2 was giving way to GMOE 3 (ugh), I tried some of the Debian-like distros like Mint but didn't like them. Finally, default Deb 8 I thought was the end for me, but Mate has allowed me to keep my old desktop the way I want it and still keep using a current Debian, so I am happy for now. SHAMELESS PLUG: Please keep MATE as part of Deb 9..*!! BTW, so far I have upgraded two hosts remotely and they went pretty much flawlessly (I have used in-place upgrade on one server successfully since Deb 5, and the upgrade process keeps getting better and better). I still have to upgrade my two laptops, but I'm going to wait until I'm completely happy with the other two machines. Best regards, -Tom
Re: x86_64 vs i386
On Mon, Mar 21, 2016 at 7:39 PM, John Haslerwrote: > Tom Broder writes: >> I just upgraded to Deb 8 (Jessie), 64bit, and tried Chromium but it >> didn't work for me. Downloaded Chrome from Google and it works fine. > > That doesn't mean it isn't 32 bit. Debian has multiarch support. The file downloaded from Google's Chrome site is: google-chrome-stable_current_amd64.deb -Tom
Re: New Deb 8 and no sshd access from other hosts
On Fri, Mar 25, 2016 at 12:12 PM, Tom Browder <tom.brow...@gmail.com> wrote: > I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. ... > that my laptop host's entries in the remote host's known_hosts are of > type "EDCSA" while the remote host's entries in the laptop's That should have been "ECDSA."
Re: Upgrade Deb 7 to 8, GNOME Flashback, terminal windows not saved: any way to save?
On Mon, Mar 21, 2016 at 11:45 AM, Sven Arvidsson <s...@whiz.se> wrote: > On Mon, 2016-03-21 at 11:26 -0400, Tom Browder wrote: >> I just upgraded and am disappointed that, even though browser >> instances can be saved between login sessions, terminal windows >> apparently can't. >> >> I have used the gconf editor and found setting: >> >> apps | gnome-session | options | auto_save_session >> >> which is checked, but the terminals still disappear after logging out >> and logging back in. >> >> Is there any way to recover that most valuable feature of the old >> GNOME desktop? > > AFAICT, Nope. > > See https://bugzilla.gnome.org/show_bug.cgi?id=704676 I remember that now. So is there any way to drop back to using GNOME Classic as in Deb 7? If not, are there any other reasonable, debian-packaged, desktop environments that provide auto-saved terminals? So sad, UI design following faddish, short-lived form over function, just like the fashion industry: the emperor has no clothes! Best regards, -Tom
Re: Upgrade Deb 7 to 8, GNOME Flashback, terminal windows not saved: any way to save?
On Mon, Mar 21, 2016 at 12:21 PM, Tom Browder <tom.brow...@gmail.com> wrote: > On Mon, Mar 21, 2016 at 11:45 AM, Sven Arvidsson <s...@whiz.se> wrote: >> On Mon, 2016-03-21 at 11:26 -0400, Tom Browder wrote: >>> I just upgraded and am disappointed that, even though browser >>> instances can be saved between login sessions, terminal windows >>> apparently can't. ... > If not, are there any other reasonable, debian-packaged, desktop > environments that provide auto-saved terminals? Ah, it looks like I can try MATE. -Tom
[SOLVED] Re: Upgrade Deb 7 to 8, GNOME Flashback, terminal windows not saved: any way to save?
On Mon, Mar 21, 2016 at 12:26 PM, Tom Browder <tom.brow...@gmail.com> wrote: > On Mon, Mar 21, 2016 at 12:21 PM, Tom Browder <tom.brow...@gmail.com> wrote: >> On Mon, Mar 21, 2016 at 11:45 AM, Sven Arvidsson <s...@whiz.se> wrote: >>> On Mon, 2016-03-21 at 11:26 -0400, Tom Browder wrote: >>>> I just upgraded and am disappointed that, even though browser >>>> instances can be saved between login sessions, terminal windows >>>> apparently can't. > ... >> If not, are there any other reasonable, debian-packaged, desktop >> environments that provide auto-saved terminals? > > Ah, it looks like I can try MATE. Okay, I can live with MATE (so far), consider my question SOLVED. Best regards, -Tom
Upgrade Deb 7 to 8, GNOME Flashback, terminal windows not saved: any way to save?
I just upgraded and am disappointed that, even though browser instances can be saved between login sessions, terminal windows apparently can't. I have used the gconf editor and found setting: apps | gnome-session | options | auto_save_session which is checked, but the terminals still disappear after logging out and logging back in. Is there any way to recover that most valuable feature of the old GNOME desktop? Thanks. Best regards, -Tom
Re: New firefox isn't working
On Friday, March 25, 2016, Gene Heskettwrote: > Greetings all; > ... > Is this my fault, or firefox? If my fault, how do I fix it? I can't help you at the moment, Gene, I have pretty much boycotted Firefox. But I want you to know I enjoyed your web site and totally concur with your opinions--may God save our nation! If I were a Facebook user I would "like" your post. Cheers from another old-timer! -Tom
Re: New Deb 8 and no sshd access from other hosts [SOLVED]
On Saturday, March 26, 2016, Andrew McGlashan < andrew.mcglas...@affinityvision.com.au <javascript:_e(%7B%7D,'cvml','andrew.mcglas...@affinityvision.com.au');>> wrote: > > On 27/03/2016 4:08 AM, Tom Browder wrote: > > On Fri, Mar 25, 2016 at 12:12 PM, Tom Browder <tom.brow...@gmail.com> > wrote: ... > > I found this wonderful resource: > > > > http://www.unixlore.net/articles/troubleshooting-ssh-connections.html > > That was a JIT find (just in time) only written up 26th March, 2016. JIT, indeed! I hadn't noticed the date! I give my thanks to the author(s). (I haven't found any attribution there yet.) > Once you have everything good, make sure that you change StrictModes > back to default. Thanks, Andrew. I did but forgot to say so. > I usually restrict with known IP addresses (static ones) and sometimes > with users having to be in a specific group that allows ssh. Also, > authorized keys enforced instead of passwords. At the moment I'm the sole user, although I'm considering giving limited access to a few folks later. How do you manage the server while traveling--some kind of personal VPN? Best regards, -Tom
Re: New Deb 8 and no sshd access from other hosts [SOLVED]
On Fri, Mar 25, 2016 at 12:12 PM, Tom Browder <tom.brow...@gmail.com> wrote: > I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. > > I can now ssh into the existing remote servers but cannot ssh into my > laptop from them (as a normal user)--I always get asked for a > password. So the remote servers recognize my old Deb 7 keys, but > apparently my laptop doesn't recognize the other servers' keys. ... I found this wonderful resource: http://www.unixlore.net/articles/troubleshooting-ssh-connections.html which helped me solve the problem. First, in file '/etc/ssh/sshd_config', I changed the line StrictModes yes to this StrictModes no and restarted the ssh server. As root: # invoke-rc.d ssh restart Then I attempted the ssh login and it worked! Base on the comments from jvp, I looked closer at my home directory on the laptop and, sure enough, the permissions were too loose (first I have ever heard of that, but then again I haven't looked at 'man ssh' in many years). Note that I have for all the years after ssh came along been setting the .ssh permissions correctly, but I've never run into a problem with the home directory. In fact, when I was working at our office on site (up until the end of 2008), we commonly allowed read access between user directories but ssh still worked. But after setting the home directory permissions to 00700 and restarting ssh, the login still didn't work! Then I looked at the resource page where it showed how to debug the whole ssh login session. I used two terminal windows stacked one above the other. In the top window, on the laptop (local host) I became root and executed the following: # /usr/sbin/sshd -d -p and in the lower window I logged into the remote host and, as my normal user self, executed the following: $ ssh -vv -p jv2 where 'jv2' is the host name of my laptop. Then, in the upper widow, I saw the problem. Directory '/usr/local', under which my .ssh directory is actually located, was reported to have bad permissions: Authentication refused: bad ownership or modes for directory /usr/local I checked and they were, surprisingly: # ls -ld /usr/local drwxrwsr-x 31 root staff 4096 Mar 24 07:37 /usr/local I don't know how that happened, but it must have happened during the upgrade two days ago when I continued to use my original partition mounted as '/usr/local' which was not supposed to have been touched. Anyway, as root, I fixed the permissions back to what I think is correct: # chmod 00755 /usr/local # ls -ld /usr/local drwxr-xr-x 31 root staff 4096 Mar 24 07:37 /usr/local restarted the ssh server, and the login worked as advertised--whew! Thanks to all who offered help. Best regards, -Tom
Re: New Deb 8 and no sshd access from other hosts
On Fri, Mar 25, 2016 at 12:38 PM, David Wright <deb...@lionunicorn.co.uk> wrote: > On Fri 25 Mar 2016 at 12:12:44 (-0500), Tom Browder wrote: >> I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. >> >> I can now ssh into the existing remote servers but cannot ssh into my >> laptop from them (as a normal user)--I always get asked for a >> password. So the remote servers recognize my old Deb 7 keys, but >> apparently my laptop doesn't recognize the other servers' keys. ... >> Can anyone suggest where to look next? > > What you lost on your laptop is ~/.ssh/authorized_keys which would > have had the public keys from your ~/.ssh/ on each of the remote hosts. No, the authorized_keys are still there. Thanks. -Tom
Re: New Deb 8 and no sshd access from other hosts
On Fri, Mar 25, 2016 at 12:33 PM, Jörg-Volker Peetzwrote: > I'd first check file permissions in your .ssh directory (see man ssh). > If they are o.k., I'd call ssh with one or more -v switches. On, duh, forgot about the '-v' option--I'll work with that and report back. Thanks, jvp! -Tom
New Deb 8 and no sshd access from other hosts
I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. I can now ssh into the existing remote servers but cannot ssh into my laptop from them (as a normal user)--I always get asked for a password. So the remote servers recognize my old Deb 7 keys, but apparently my laptop doesn't recognize the other servers' keys. I have compared files: /etc/ssh/ssh_conf /etc/ssh/sshd_conf /etc/pam.d/ssh/sshd between the laptop and the remote server and can see no significant difference for a normal user. I can also see the host names in the .ssh/known_hosts file. I do see that my laptop host's entries in the remote host's known_hosts are of type "EDCSA" while the remote host's entries in the laptop's known_hosts file are of type "RSA." Can anyone suggest where to look next? Thanks. Best regards, -Tom
Re: New Deb 8 and no sshd access from other hosts
On Saturday, March 26, 2016, David Wright <deb...@lionunicorn.co.uk> wrote: > > A bit early for [SOLVED], I think. I respectively disagree, David. > On Sat 26 Mar 2016 at 12:08:37 (-0500), Tom Browder wrote: > > On Fri, Mar 25, 2016 at 12:12 PM, Tom Browder <tom.brow...@gmail.com> wrote: > > > I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. ... > > Not such a wonderful resource if it is so easily misunderstood. The > idea is to fix the permissions, not make your installation less secure. I agree. > > Base on the comments from jvp, I looked closer at my home directory on > > the laptop and, sure enough, the permissions were too loose (first I ... > > Then, in the upper widow, I saw the problem. Directory '/usr/local', > > under which my .ssh directory is actually located, was reported to > > have bad permissions: > > > > Authentication refused: bad ownership or modes for directory /usr/local ...> > > > I checked and they were, surprisingly: > > > > # ls -ld /usr/local > > drwxrwsr-x 31 root staff 4096 Mar 24 07:37 /usr/local > > > > I don't know how that happened, but it must have happened during the > > upgrade two days ago when I continued to use my original partition > > mounted as '/usr/local' which was not supposed to have been touched. ... > I don't know what happened long before that! When did /usr/local > become your home directory? See below. > > Anyway, as root, I fixed the permissions back to what I think is correct: > > > > # chmod 00755 /usr/local > > # ls -ld /usr/local > > drwxr-xr-x 31 root staff 4096 Mar 24 07:37 /usr/local > > So now the system is degraded a bit more. The correct permissions, in > fact the entire contents, are: ... Who says those permissions are correct? I checked the file system standard which says that /usr/local is optional. I provide my own /usr/local partion which I save when reinstalling a new OS and see no reason to provide setuid or setgid for it. When I first started administering Unix systems on SGI in 1993, the user home directories were in /usr/local/people and I kept using that as I transitioned the hosts under my control to Linux systems in 1994. Over the years on my own systems I have found it convenient to keep home system resource directories and files (.bashrc, .profile, .bash_aliase, .xemacs, .ssh, etc.) in a version-controlled, personal directory under /usr/local. I then soft link those back to whatever the newly installed system sets as my home directory. It has worked fine until the Debian 8 install set the permissions as noted which interfered with strict ssh. Anyway, all is well now. Thanks, David. Best regards, -Tom
Re: x86_64 vs i386
On Mon, Mar 21, 2016 at 6:23 PM, Lisi Reiszwrote: > On Monday 21 March 2016 15:11:36 Stefan Monnier wrote: >> > to Google Chrome, which has indeed "thrown i386 machines under the bus", >> > and >> >> What do you mean by that? >> There won't be any new versions of Debian's i386 version of the >> chromium package? I just upgraded to Deb 8 (Jessie), 64bit, and tried Chromium but it didn't work for me. Downloaded Chrome from Google and it works fine. Best regards, -Tom
Re: Can you help me figure out why I can't get Grub to install from a standard CD .iso?
I used the Mate DVD (8.4) with the non-free packages for a fresh install on my Dell 6500 laptop. The initial installation went fine. Then I powered down and went to give a presentation and could not get it to boot into the graphical desktop. I reinstalled again and had the same failure. In a final (and successful, whew!) atttempt I used the regular x64 netinst CD, selected Mate as my only desktop, and all has been well since (fingers still crossed but loosening by the day). Note the Debian website says the special DVDs don't get as much testing, so I suspect my laptop might have found a bug. Unfortunately I don't have ensough data to confirm that. HTH Best regards, -Tom P.S. I love the Mate desktop as it is. Please don't add any more bells and whistles from the pop culture, just maintain it in the choice of desktops for the normal Debian distribution.
Re: Beginning of the End for Wheezy [sigh!]
On Sunday, April 17, 2016, Renaud OLGIATIwrote: > On Sun, 17 Apr 2016 11:48:16 + > Mark Fletcher > wrote: > > > It seems the emotions, even now, are running too high to be simply about > > "if it ain't broke don't fix it". What am I missing? > > You are missing that the change to systemd makes most of the knowledge > patiently acquired over the years running and caring for a Linux system has > suddenly become unusable Note I initially felt the same way, but the new system seemed to use my LSB-formatted init scripts just fine. Best regards, -Tom
Re: Next gotcha
On Saturday, July 23, 2016, Gene Heskettwrote: > On Saturday 23 July 2016 18:00:30 David Wright wrote: > > On Sat 23 Jul 2016 at 16:20:12 (-0400), Gene Heskett wrote: > > > On Saturday 23 July 2016 14:15:09 David Wright wrote: > > > > On Sat 23 Jul 2016 at 13:13:27 (-0400), Gene Heskett wrote: > > > > > On Saturday 23 July 2016 08:01:37 deloptes wrote: > > > > > > About your query. I prefer using Xfig in cases (probably) like I used xfig for many years and it did the job very well, but now I use Inkscape (inkscape.org) and love it. The online docs are not as good as I would like, but there is a soft-bound book available which is well worth the price if you do much vector image work. Inkscape is available in packages for both Deb 7 and Deb 8 (and I'm pretty sure it was available before that). Best regards, -Tom
Re: Networking: unable to get multi-homed host working in Debian 8
On Wed, Aug 10, 2016 at 7:13 AM, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote: > Le 10/08/2016 à 13:22, Tom Browder a écrit : >> >> >> Ping from the test host itself to its primary first alias IP: >> >> PING 192.168.0.18 (192.168.0.18) 56(84) bytes of data. >>> >>> From 192.168.0.17 icmp_seq=1 Destination Host Unreachable > > > It really looks like the secondary address is not configured on the host. > Did you check with "ip -4 addr" ? $ ip -4 addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 inet 192.168.0.17/24 brd 192.168.0.255 scope global eth0 valid_lft forever preferred_lft forever Is there confusion in my Debian 8 between networking setting methods (ip ves ifconfig)? I'm in the dark and just following docs and helpful folks like you! Best, -Tom
Networking: unable to get multi-homed host working in Debian 8
I have read the current Debian networking docs on the subject (https://wiki.debian.org/NetworkConfiguration#iproute2_method). I want to use at least two IPv4 static addresses on the same physical NIC. Following examples I have tried this in my "/etc/network/interfaces" file: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 192.168.0.17 netmask 255.255.255.0 gateway 192.168.0.1 dns-nameservers 208.67.222.222 208.67.220.220 # add new IPv4 devices up ip addr add 192.168.0.18/24 dev $IFACE label $IFACE:0 down ip addr del 192.168.0.18/24 dev $IFACE label $IFACE:0 up ip addr add 192.168.0.19/24 dev $IFACE label $IFACE:1 down ip addr del 192.168.0.19/24 dev $IFACE label $IFACE:1 Then, as root, I executed "service networking restart" and all looked well until I logged in to another host and tried to ping the new IP and got no good ping. Has anyone any ideas about what I am doing wrong? I have installed the vlan and iproute2 packages and removed the iproute package. Do I need to do something about kernel modules? I saw nothing in the doc about that, but I seem to remember having to fool with that in the old days. . Thanks for any help. Best regards, -Tom
Re: Networking: unable to get multi-homed host working in Debian 8
On Tue, Aug 9, 2016 at 8:16 PM, Tom Browder <tom.brow...@gmail.com> wrote: > I have read the current Debian networking docs on the subject > (https://wiki.debian.org/NetworkConfiguration#iproute2_method). I > want to use at least two IPv4 static addresses on the same physical > NIC. Following examples I have tried this in my > "/etc/network/interfaces" file: ... I have now had success on my test host running Debian on my local network. Below is a working "/etc/network/interfaces" file, but there are some warnings, notes, and caveats for its use. Note also the file is IDENTICAL to the one I asked about originally. I went down a rabbit hole because the "service networking restart" command locked me out of my test host and I couldn't get back in locally because I had an KVM failure I didn't know about. Just today I got all working again. 1. WARNING: The following command, mentioned in the some networking docs (like the one mentioned by my server hosting company!!!), caused a system lock-up and loss of all network contact external to or internal from the host: # service networking restart. However, a subsequent reboot worked. That might be impossible or expensive to do if you do not have direct access (i.e., non-network) access to the host. 2. CAUTION: I have not tried all the various if* or ip commands on the test host. Your mileage may vary. The "/etc/network/interfaces" file: === # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 192.168.0.17 netmask 255.255.255.0 gateway 192.168.0.1 dns-nameservers 208.67.222.222 208.67.220.220 up ip addr add 192.168.0.18/24 dev $IFACE label $IFACE:0 down ip addr del 192.168.0.18/24 dev $IFACE label $IFACE:0 up ip addr add 192.168.0.19/24 dev $IFACE label $IFACE:1 down ip addr del 192.168.0.19/24 dev $IFACE label $IFACE:1 RESULTS === Running "sbin/ifconfig" on the test host (with two NICs: one used and one unused, and the two new alias IPv4s) yields: eth0 Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.17 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::21d:7dff:feaa:fa7b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:735 errors:0 dropped:0 overruns:0 frame:0 TX packets:749 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:82025 (80.1 KiB) TX bytes:101457 (99.0 KiB) eth0:0Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.18 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:1Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.19 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth1 Link encap:Ethernet HWaddr 00:15:e9:81:14:b4 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:123 errors:0 dropped:0 overruns:0 frame:0 TX packets:123 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:49276 (48.1 KiB) TX bytes:49276 (48.1 KiB) I can ssh into the test host using all three IPv4s. NOTES = RECOMMENDATIONS Test network changes on a host that you have direct access to Thanks for the help Pascal, and I hope this will help someone else. Best regards, -Tom
Networking: unable to get multi-homed host working in Debian 8 [SOLVED]
-- Forwarded message -- From: Tom Browder <tom.brow...@gmail.com> Date: Fri, Aug 12, 2016 at 9:23 AM Subject: Re: Networking: unable to get multi-homed host working in Debian 8 To: "debian-user@lists.debian.org" <debian-user@lists.debian.org> On Tue, Aug 9, 2016 at 8:16 PM, Tom Browder <tom.brow...@gmail.com> wrote: > I have read the current Debian networking docs on the subject > (https://wiki.debian.org/NetworkConfiguration#iproute2_method). I > want to use at least two IPv4 static addresses on the same physical > NIC. Following examples I have tried this in my > "/etc/network/interfaces" file: ... I have now had success on my test host running Debian on my local network. Below is a working "/etc/network/interfaces" file, but there are some warnings, notes, and caveats for its use. Note also the file is IDENTICAL to the one I asked about originally. I went down a rabbit hole because the "service networking restart" command locked me out of my test host and I couldn't get back in locally because I had an KVM failure I didn't know about. Just today I got all working again. 1. WARNING: The following command, mentioned in the some networking docs (like the one mentioned by my server hosting company!!!), caused a system lock-up and loss of all network contact external to or internal from the host: # service networking restart. However, a subsequent reboot worked. That might be impossible or expensive to do if you do not have direct access (i.e., non-network) access to the host. 2. CAUTION: I have not tried all the various if* or ip commands on the test host. Your mileage may vary. The "/etc/network/interfaces" file: === # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 192.168.0.17 netmask 255.255.255.0 gateway 192.168.0.1 dns-nameservers 208.67.222.222 208.67.220.220 up ip addr add 192.168.0.18/24 dev $IFACE label $IFACE:0 down ip addr del 192.168.0.18/24 dev $IFACE label $IFACE:0 up ip addr add 192.168.0.19/24 dev $IFACE label $IFACE:1 down ip addr del 192.168.0.19/24 dev $IFACE label $IFACE:1 RESULTS === Running "sbin/ifconfig" on the test host (with two NICs: one used and one unused, and the two new alias IPv4s) yields: eth0 Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.17 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::21d:7dff:feaa:fa7b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:735 errors:0 dropped:0 overruns:0 frame:0 TX packets:749 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:82025 (80.1 KiB) TX bytes:101457 (99.0 KiB) eth0:0Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.18 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:1Link encap:Ethernet HWaddr 00:1d:7d:aa:fa:7b inet addr:192.168.0.19 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth1 Link encap:Ethernet HWaddr 00:15:e9:81:14:b4 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:123 errors:0 dropped:0 overruns:0 frame:0 TX packets:123 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:49276 (48.1 KiB) TX bytes:49276 (48.1 KiB) I can ssh into the test host using all three IPv4s. NOTES = RECOMMENDATIONS Test network changes on a host that you have direct access to Thanks for the help Pascal, and I hope this will help someone else. Best regards, -Tom
Re: Networking: unable to get multi-homed host working in Debian 8
On Wednesday, August 10, 2016, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote: > > Le 10/08/2016 à 03:16, Tom Browder a écrit : >> >> Then, as root, I executed "service networking restart" and all looked >> well until I logged in to another host and tried to ping the new IP >> and got no good ping. > > Can you elaborate "all looked well" and "no good ping" ? > Commands, results ? Thanks for the reply, Pascal. Ping from another host to the test host (bigtom): PING bigtom.tombrowder.com (192.168.0.17) 56(84) bytes of data. 64 bytes from bigtom.tombrowder.com (192.168.0.17): icmp_seq=1 ttl=64 time=3.05 ms 64 bytes from bigtom.tombrowder.com (192.168.0.17): icmp_seq=2 ttl=64 time=3.14 ms Then a ping to the primary IP: PING 192.168.0.17 (192.168.0.17) 56(84) bytes of data. 64 bytes from 192.168.0.17: icmp_seq=1 ttl=64 time=3.07 ms 64 bytes from 192.168.0.17: icmp_seq=2 ttl=64 time=3.00 ms Then a ping to the secondary IP (first alias): PING 192.168.0.18 (192.168.0.18) 56(84) bytes of data. >From 192.168.0.35 icmp_seq=1 Destination Host Unreachable >From 192.168.0.35 icmp_seq=2 Destination Host Unreachable > What's the result of ping to these addresses from the host itself ? I didn't think of that. Ping from the test host itself to its host name: PING bigtom.tombrowder.com (127.0.1.1) 56(84) bytes of data. 64 bytes from bigtom.tombrowder.com (127.0.1.1): icmp_seq=1 ttl=64 time=0.019 ms 64 bytes from bigtom.tombrowder.com (127.0.1.1): icmp_seq=2 ttl=64 time=0.011 ms Ping from the test host itself to its primary IP: PING 192.168.0.17 (192.168.0.17) 56(84) bytes of data. 64 bytes from 192.168.0.17: icmp_seq=1 ttl=64 time=0.020 ms 64 bytes from 192.168.0.17: icmp_seq=2 ttl=64 time=0.013 ms Ping from the test host itself to its primary first alias IP: PING 192.168.0.18 (192.168.0.18) 56(84) bytes of data. >From 192.168.0.17 icmp_seq=1 Destination Host Unreachable >From 192.168.0.17 icmp_seq=2 Destination Host Unreachable Thanks again for your help. Best regards, -Tom
Need USB Wireless Adaptor for Dell Inspiron 11 2-in-1?
I have the Dell laptop and I was able to load Deb 8 on it via a netinst, but the Dell 1800 wireless drops contact with the internet often. Sometimes a reboot will work but not every time. Three questions, please: 1. What specific model of USB wireless ethernet adaptor does anyone recommend that has worked for them out of the box? 2. What specific model of USB wired ethernet adaptor does anyone recommend that has worked for them out of the box? 3. If anyone has used jessie backports to fix a Dell Wireless 1800 problem, can you list the backport packages needed? Thanks so much. Best regards, -Tom
Re: Need USB Wireless Adaptor for Dell Inspiron 11 2-in-1?
On Fri, Mar 24, 2017 at 07:56 Recowrote: > Hi. ... > Thanks very much, Reco! Best regards, -Tom
Re: Need USB Wireless Adaptor for Dell Inspiron 11 2-in-1?
On Fri, Mar 24, 2017 at 17:11 Ben Caradoc-Davies <b...@transient.nz> wrote: > > On 25/03/17 01:40, Tom Browder wrote: > > 1. What specific model of USB wireless ethernet adaptor does anyone > > recommend that has worked for them out of the box? > > TP-Link TL-WN722N: > http://www.tp-link.com/us/products/details/cat-5520_TL-WN722N.html Thanks, Ben. I would have bought that but I didn't have your rec at the time. Based on reviews, etc., at Amazon, I bought the Panda Ultra 150Mbps Wireless N USB Adapter. It will arrive next week and I hope it works! Best regards, -Tom
Re: Need USB Wireless Adaptor for Dell Inspiron 11 2-in-1?
On Sat, Mar 25, 2017 at 04:15 deloptes <delop...@gmail.com> wrote: > Tom Browder wrote: > > Dell 1800 > What is this Dell 1800 - what is the wireless card model and driver? > In the subject you ay Dell Inspiron 11, which has DW1707. > https://wikidevi.com/wiki/Dell_Wireless_1707_(DW1707) The Dell Wireless 1800 is what Dell calls the wireless network adapter in the Dell 11 Inspiron 3000 2-in-one laptop. There are actually at least three sub-models of the 11 and mine (3157, service tag FGYN52) has the DW1800, part number KJTH7, which uses the Debian package firmware-realtek. I did try to use the latest kernel from jessie-backports but the reboot failed and I started over after I found a USB wired ethernet adaptor in my parts box (a Cable Matters 202023 which claims it works with all OSs) and it works great. The wireless still is unreliable but, in the meantime, I have taken Reco's advice and bought an Ralink RT5370 which I trust will solve the problem when it arrives. I too have used a couple of Dell Latitudes for a total of eight years and have had no trouble with them, but its wired/wireless adapter is different from the 11. Thanks. Best regards, -Tom
Re: Need USB Wireless Adaptor for Dell Inspiron 11 2-in-1?
On Sat, Mar 25, 2017 at 2:33 PM, Dougwrote: ... > Perhaps you can find an interface card that will > physically interface ... > While I was trying to get the Inspiron wireless to work, I bought a little > USB gadget that was > very small, and while it did work, it had almost no range. The internal wifi > cards attach to > antenna wires that run up behind the screen, and this gives much better > range. > > One more thing: I have a machine that has a Broadcom chip in it, and I have > dual-booted > Mint 17 LTS on that machine, and Mint is smart enough to find the right > software for the > Broadcom, and Mint works out of the box on that machine. And Mint is a nice > distro. Try it! I have tried it, and I'm not a fan. But thanks for the suggestions, Doug. To your point about limited range with a small add-on, Ben suggested a USB ethernet device that has an antenna, and I'll try it if the small one I ordered doesn't work. Best regards
Re: If Linux Is About Choice, Why Then ...
On Mon, Apr 3, 2017 at 7:28 AM, Brad Rogerswrote: > On Mon, 3 Apr 2017 05:06:22 -0700 > Rick Thomas wrote: > > Hello Rick, > >> There *are* choices. > > Indeed. Debian also have choices(1). They made them. Inevitably, some > people were going to get annoyed about it. > > (1) Many seem to have forgotten they're entitled to make choices as well. Well, that's why I left Ubuntu when they insisted on constant changing of desktops. But I kind of understand why systemd, but I wish I could find a good cookbook description of how to add or modify a new process. Thanks. Best regards, -Tom
Re: Suitable text editor [NOT word processor] or workaround?
On Sat, Apr 1, 2017 at 14:36 Fredwrote: > On 04/01/2017 09:24 AM, Richard Owlett wrote: > > On 04/01/2017 10:55 AM, cbannis...@slingshot.co.nz wrote: > >> On Thu, Mar 16, 2017 at 06:38:52AM -0500, Richard Owlett wrote: > >>> The two files are nearly identical and need them displayed > >>> simultaneously > >>> for instant visual comparison. Opening one of the files read only > >>> would be > >>> acceptable but not preferable. Try diffuse. -Tom
Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?
I would like to remove all bind9 packages from servers running bind9 and install the latest bind9 from source. Two questions, please: 1. Will there be any adverse consequences from the substitution if I install with --prefix=/usr/local? 2. Same question as 1 but for installation into --prefix=usr? Thanks. With warmest regards, -Tom
Re: Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?
On Sun, Jul 23, 2017 at 07:13 Lck Ras <likco...@riseup.net> wrote: > On 07/23/2017 08:55 PM, Tom Browder wrote: > > I would like to remove all bind9 packages from servers running bind9 > > and install the latest bind9 from source. > > > > Two questions, please: > > > > 1. Will there be any adverse consequences from the substitution if I > > install with --prefix=/usr/local? > > > > 2. Same question as 1 but for installation into --prefix=usr? > > I wouldn't recommend installing int into /usr, since it might conflict > with other files installed by the package manager. > > Installing it into /usr/local probably won't create any new problems > (apart from ones inherent with installing stuff manually). Some of the > extra stuff like the systemd units and integration with other packages > may not be included. > > On another note, it's not really recommended to install stuff like that. > https://wiki.debian.org/DontBreakDebian but I assume you know what > you're doing. > Thanks, Lck, that's certainly good advice, and a good link! I do plan to chroot the binds, so I trust all will work well. Thanks again. -Tom
Firewalld
Webmin uses firewalld to manage firewalls. Is there any reason not to use webmin for my servers' firewall management? Thanks. -Tom
Re: Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?
On Mon, Jul 24, 2017 at 8:23 AM, Greg Wooledge <wool...@eeg.ccf.org> wrote: > On Sun, Jul 23, 2017 at 06:55:09AM -0500, Tom Browder wrote: >> I would like to remove all bind9 packages from servers running bind9 >> and install the latest bind9 from source. > > Because you want to satisfy internal audits that don't understand how > Debian security patching works, right? Right? Right. OK. Greg, I appreciate your advice, and I would love to stay with the debian packages. However, I also want to be able to use a debian installation a long time and I see lots of changes on dns resource records. Also, I don't like to rush into debian version updates, so I fear the package bind9 might slip behind current standards. I don't mind source updates--I already do that with openssl, apache, postfix, and mailman. Your bind9 service file is greatly appreciated. Thanks. -Tom
Re: Firewalld
On Sun, Jul 23, 2017 at 14:17 Reco <recovery...@gmail.com> wrote: > Hi. > > On Sun, 23 Jul 2017 17:29:54 +0000 > Tom Browder <tom.brow...@gmail.com> wrote: > > > Webmin uses firewalld to manage firewalls. Is there any reason not to use > > webmin for my servers' firewall management? > > I'll bite. > > First things first, CVE-2016-5410 and [1]. [1] comes with this > beautiful tag attached: Thanks, Reco! Okay, so I'll pick firehol for the firewall. Do you have any thoughts about what to use in place of webmin? I looked at IPSConfig but it doesn't support Postgresql. I can do most anything manually, but am getting older and would like some help for forgetfulness and laziness, i.e., a good and reliable GUI for administering my remote servers would be nice. Thanks again for your help. -Tom
Re: Bind 9: consequences of completely removind all bind9 packages on jessie and stretch)?
On Mon, Jul 24, 2017 at 11:57 AM, Sven Hartge <s...@svenhartge.de> wrote: > Tom Browder <tom.brow...@gmail.com> wrote: ... >> Greg, I appreciate your advice, and I would love to stay with the >> debian packages. However, I also want to be able to use a debian >> installation a long time and I see lots of changes on dns resource >> records. Also, I don't like to rush into debian version updates, so I >> fear the package bind9 might slip behind current standards. > > It is trivially easy to backport the bind9-package from Stretch to > Jessie (just change the dependency on libssl1.0-dev to libssl-dev). > > I have been doing the same for some time (needed support for the CAA > record). Thanks, Sven--good advice. -Tom
Re: Jessie networking with multiple IPs (IPv and IPv6), single physical NIC
On Wed, Jul 26, 2017 at 2:11 PM, Sven Hartge <s...@svenhartge.de> wrote: > Georgi Naplatanov <go...@oles.biz> wrote: >> On 07/26/2017 09:22 PM, Sven Hartge wrote: >>> Tom Browder <tom.brow...@gmail.com> wrote: >>> You don't need those up/down parts, you can add additional blocks for >>> eth0: >>> >>> auto eth0 >>> iface eth0 inet static >>> address 142.54.186.2 >>> netmask 255.255.255.248 >>> gateway 142.54.186.1 >>> dns-nameservers 192.187.107.16 69.30.209.16 >>> > > Since Wheezy you can have multiple "iface eth0 ..." blocks in > /e/n/interface without problems. So can the above be simplified by leaving out the repeated info like dns-nameservers, gateway, and netmask to give something like: #= iface eth0 inet static address 142.54.186.2 netmask 255.255.255.248 gateway 142.54.186.1 dns-nameservers 192.187.107.16 69.30.209.16 iface eth0 inet static address 142.54.186.3 iface eth0 inet static address 142.54.186.4 iface eth0 inet static address 142.54.186.5 iface eth0 inet static address 142.54.186.6 iface eth0 inet6 static address 2604:4300:a:95::2 netmask ::::: gateway 2604:4300:a:95::1 dns-nameservers 192.187.107.16 69.30.209.16 iface eth0 inet6 static address 2604:4300:a:95::3 iface eth0 inet6 static address 2604:4300:a:95::4 iface eth0 inet6 static address 2604:4300:a:95::5 iface eth0 inet6 static address 2604:4300:a:95::6 #= Thanks, Sven! -Tom
Jessie networking with multiple IPs (IPv and IPv6), single physical NIC
Last year I successfully modified /etc/network/interfaces on my remote debian 8 server to handle multiple IPv4 addresses on a single NIC, and now I want to add its IPv6 capability. But, before I do, I would like to show you my proposed new interfaces file for comment and to make sure I don't break my server: My hosting service has provisioned my server with the following IP address information: dns-nameservers 192.187.107.16 69.30.209.16 IPv4: === Gateway: 142.54.186.1 Subnet Mask: 255.255.255.248 assigned 142.54.186.2/29 which results in five addresses: 142.54.186.2 142.54.186.3 142.54.186.4 142.54.186.5 142.54.186.6 IPv6: === Gateway: 2604:4300:a:95::1 Subnet Mask: ::::: assigned 2604:4300:a:95::2/64 and I will use the following five addresses: 2604:4300:a:95::2 2604:4300:a:95::3 2604:4300:a:95::4 2604:4300:a:95::5 2604:4300:a:95::6 The proposed /etc/network/interfaces file: # begin = iface eth0 inet static address 142.54.186.2 netmask 255.255.255.248 gateway 142.54.186.1 dns-nameservers 192.187.107.16 69.30.209.16 # add new IPv4 devices up addr add 142.54.186.3/29 dev $IFACE label $IFACE:0 down addr del 142.54.186.3/29 dev $IFACE label $IFACE:0 up addr add 142.54.186.4/29 dev $IFACE label $IFACE:1 down addr del 142.54.186.4/29 dev $IFACE label $IFACE:1 up addr add 142.54.186.5/29 dev $IFACE label $IFACE:2 down addr del 142.54.186.5/29 dev $IFACE label $IFACE:2 up addr add 142.54.186.6/29 dev $IFACE label $IFACE:3 down addr del 142.54.186.6/29 dev $IFACE label $IFACE:3 iface eth0 inet6 static address 2604:4300:a:95::2 netmask ::::: gateway 2604:4300:a:95::1 dns-nameservers 192.187.107.16 69.30.209.16 # add new IPv4 devices up addr add 2604:4300:a:95::3/64 dev $IFACE label $IFACE:4 down addr del 2604:4300:a:95::3/64 dev $IFACE label $IFACE:4 up addr add 2604:4300:a:95::4/64 dev $IFACE label $IFACE:5 down addr del 2604:4300:a:95::4/64 dev $IFACE label $IFACE:5 up addr add 2604:4300:a:95::5/64 dev $IFACE label $IFACE:6 down addr del 2604:4300:a:95::5/64 dev $IFACE label $IFACE:6 up addr add 2604:4300:a:95::6/64 dev $IFACE label $IFACE:7 down addr del 2604:4300:a:95::6/64 dev $IFACE label $IFACE:7 # end = Thanks for your help. Best regards, -Tom
Re: Jessie networking with multiple IPs (IPv and IPv6), single physical NIC
On Wed, Jul 26, 2017 at 3:43 PM, Sven Hartge <s...@svenhartge.de> wrote: > Tom Browder <tom.brow...@gmail.com> wrote: >> On Wed, Jul 26, 2017 at 2:11 PM, Sven Hartge <s...@svenhartge.de> wrote: > >> So can the above be simplified by leaving out the repeated info like >> dns-nameservers, gateway, and netmask to give something like: > >> #= >> iface eth0 inet static >> address 142.54.186.2 >> netmask 255.255.255.248 >> gateway 142.54.186.1 >> dns-nameservers 192.187.107.16 69.30.209.16 >> iface eth0 inet static >> address 142.54.186.3 >> iface eth0 inet static >> address 142.54.186.4 >> iface eth0 inet static >> address 142.54.186.5 >> iface eth0 inet static >> address 142.54.186.6 > > I do believe you need the "netmask" option, but the rest is just needed > once. But from reading interfaces(5) I think you further simplify by > writing: > > , > | auto eth0 > | iface eth0 inet static > | address 142.54.186.2/29 > | gateway 142.54.186.1 > | dns-nameservers 192.187.107.16 69.30.209.16 > | iface eth0 inet static > | address 142.54.186.3/29 > | iface eth0 inet static > | address 142.54.186.4/29 > | iface eth0 inet static > | address 142.54.186.5/29 > | iface eth0 inet static > | address 142.54.186.6/29 > ` Okay, sounds good: I don't need to duplicate anything, then. I admire your reading of man 5 interfaces. I find it very hard to understand since the pieces seem so disconnected, and, as usual, man pages are short on real examples. I'm ready to try the new file and I'll report results later. Thanks so much Sven. Best regards, -Tom BTW, my wife and I and two friends had a very nice time visiting Denmark in May while on a cruise in the Baltic celebrating our 50th wedding anniversary. Our ship, Holland-America's ms Rotterdam, visited Copenhagen and Arhus and we enjoyed them very much--especially Arhus.
Re: Jessie networking with multiple IPs (IPv and IPv6), single physical NIC
On Wed, Jul 26, 2017 at 5:42 PM, Tom Browder <tom.brow...@gmail.com> wrote: > On Wed, Jul 26, 2017 at 3:43 PM, Sven Hartge <s...@svenhartge.de> wrote: ... >> , >> | auto eth0 >> | iface eth0 inet static >> | address 142.54.186.2/29 >> | gateway 142.54.186.1 >> | dns-nameservers 192.187.107.16 69.30.209.16 >> | iface eth0 inet static >> | address 142.54.186.3/29 >> ` Oops, I just looked at the ENTIRE active file and I forgot some lines at the top: #== # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 142.54.186.2 ... #== At any rate, I'm going to try the file (suitably modified) on a spare, local server I have before going live remotely. -Tom
Re: Jessie networking with multiple IPs (IPv and IPv6), single physical NIC
On Mon, Jul 31, 2017 at 11:18 Curtwrote: ... > Are you not confounding the de and dk domain suffixes, because I believe > Sven is 'de' (Germany). You are certainly correct and I should have caught my error before sending. My apologies for any offended sensibilities. 50th wedding anniversary. Do they give out medals for that? No, but we got lots of congratulations for staying the course and remaining friends! -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 9:42 AM, Tom Browder <tom.brow...@gmail.com> wrote: > I got a postfix.service file from a postfix developer and installed it in > /etc/systemd/system as the docs mention. > > I then moved the /etc/init.d/postfix file away, reloaded the systemd daemon, > and did: > > # systemctl start postfix > # systemctl status postfix > > and got several lines basically saying posfix.service was disabled. The exact message is: * postfix.service - Postfix Mail Transport Agent Loaded: loaded (/etc/systemd/system/postfix.service; disabled) Active: active (running) since Fri 2017-08-18 04:51:33 CDT; 2 days ago CGroup: /system.slice/postfix.service |- 1505 /usr/lib/postfix/master |- 9515 pickup -l -t unix -u -c `-19868 qmgr -l -t unix -u The contents of the postfix.service file are; [Unit] Description=Postfix Mail Transport Agent Conflicts=sendmail.service exim4.service ConditionPathExists=/etc/postfix/main.cf [Service] Type=oneshot RemainAfterExit=yes ExecStart=/bin/true ExecReload=/bin/true [Install] WantedBy=multi-user.target Thanks. -Tom ju
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 11:41 AM, Nicolas George <geo...@nsup.org> wrote: > Le tridi 3 fructidor, an CCXXV, Tom Browder a écrit : >> So "disabled" is normal? > > Indeed. See: > > https://docs.fedoraproject.org/en-US/Fedora/15/html/Deployment_Guide/ch-Services_and_Daemons.html#s3-services-configuration-enabling I do see, this systemctl world is new to me, but I am learning thanks to your help. Best, -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 12:30 Sven Hartge <s...@svenhartge.de> wrote: > Tom Browder <tom.brow...@gmail.com> wrote: > > > The contents of the postfix.service file are; > ... > > That unit file does effectivly nothing. It just starts "/bin/true" and > exits. > > What it *not* does is starting postfix in any way. ... > . > Are you sure you only got this one unit file from the postfix developer? I thought I did, but I'm still searching for the source. Back when I get more info. -Tom
Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
I got a postfix.service file from a postfix developer and installed it in /etc/systemd/system as the docs mention. I then moved the /etc/init.d/postfix file away, reloaded the systemd daemon, and did: # systemctl start postfix # systemctl status postfix and got several lines basically saying posfix.service was disabled. I have looked for instructions on replacing init.d scripts with systemd scripts and found the ones about writing service files, converting inin.d scripts, placing the new service files, but haven't yet found how to turn the old lsb system off for one service. Thanks for any help. With warmest regards, -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 10:17 Nicolas George <geo...@nsup.org> wrote: > Le tridi 3 fructidor, an CCXXV, Tom Browder a écrit : > > > # systemctl start postfix > > > # systemctl status postfix > > > > > > and got several lines basically saying posfix.service was disabled. > > > The exact message is: > > > > * postfix.service - Postfix Mail Transport Agent > >Loaded: loaded (/etc/systemd/system/postfix.service; disabled) ... > Looks like Postfix is running correctly. So "disabled" is normal? Note that "systemctl start" is transient. If you want to make it start > automatically at boot, you have to use "systemctl enable". Thanks, Nicolas. Best, -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 10:17 AM, Nicolas George <geo...@nsup.org> wrote: > Le tridi 3 fructidor, an CCXXV, Tom Browder a écrit : >> > # systemctl start postfix >> > # systemctl status postfix >> > >> > and got several lines basically saying posfix.service was disabled. > >> The exact message is: >> >> * postfix.service - Postfix Mail Transport Agent >>Loaded: loaded (/etc/systemd/system/postfix.service; disabled) >>Active: active (running) since Fri 2017-08-18 04:51:33 CDT; 2 days ago >>CGroup: /system.slice/postfix.service >>|- 1505 /usr/lib/postfix/master >>|- 9515 pickup -l -t unix -u -c >>`-19868 qmgr -l -t unix -u > > Looks like Postfix is running correctly. > > Note that "systemctl start" is transient. If you want to make it start > automatically at boot, you have to use "systemctl enable". Okay, I did: # mv /etc/init.d/postfix /etc/init.d/postfix.orig # cp postfix.service /etc/systemd # systemctl enable postfix # systemctl daemon-reload # systemctl stop postfix # systemctl start postfix # systemctl status postfix * postfix.service - Postfix Mail Transport Agent Loaded: loaded (/etc/systemd/system/postfix.service; enabled) Active: active (exited) since Sun 2017-08-20 11:25:02 CDT; 1min 37s ago Process: 524 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 524 (code=exited, status=0/SUCCESS) CGroup: /system.slice/postfix.service And all looks good! Thanks, Nicolas. Best regards, -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Sun, Aug 20, 2017 at 12:30 Sven Hartge <s...@svenhartge.de> wrote: > Tom Browder <tom.brow...@gmail.com> wrote: > > > The contents of the postfix.service file are; > ... > That unit file does effectivly nothing. It just starts "/bin/true" and > exits. > > What it *not* does is starting postfix in any way. > > This looks like there should be some other unit files which start the > other daemons belonging to postfix which depend on this unit file, so > you could easily start and stop everything with one command. > > Are you sure you only got this one unit file from the postfix developer? No, I got it from a package installation of postfix on Debian 9. So the question I have is how does it all work? There is no init.d, but there seems to be some convoluted handling that I haven't figured out yet. Surely some expert can write a postfix.service file that drives postfix commands. Any clues? Thanks. -Tom
Postresql: need a way to initiate a database with a test user
I get the following error when trying to create a table with psql: psql: FATAL: Peer authentication failed for user "sql92" The spawned command 'psql -f ./t/t.sql -U sql92' exited unsuccessfully (exit code: 2) The sql file has two create table commands. I had already created the user 'sql92' with password = '' and createdb privileges. Is there any way to create a user that can be used outside an open database connection in a script? Thanks. Best regards, -Tom
Re: Postresql: need a way to initiate a database with a test user
On Fri, Sep 15, 2017 at 08:03 Tom Browder <tom.brow...@gmail.com> wrote: > I get the following error when trying to create a table with psql: > Re: OP subject: s/Postresql/PostgreSQL/ -Tom
Re: Systemd: Error when replacing postfix LSB init with postfix.service on Debian 8 (jessie)
On Mon, Aug 21, 2017 at 02:36 Sven Hartge <s...@svenhartge.de> wrote: > Tom Browder <tom.brow...@gmail.com> wrote: > > On Sun, Aug 20, 2017 at 12:30 Sven Hartge <s...@svenhartge.de> wrote: > > > So the question I have is how does it all work? There is no init.d, > > but there seems to be some convoluted handling that I haven't figured > > out yet. Surely some expert can write a postfix.service file that > > drives postfix commands. ... > Question: Why do you want to manually replace the init-script from > postfix in Jessie with a systemd.unit? What do you want to accomplish by > doing so (other than creating a possible broken system)? I thought I needed to be able to create service files since the init.d system is going away. Postfix seems simple enough that its service file would also be simple. I see I am wrong and I will let sleeping dogs lie. Thanks, Sven. -Tom
How can I enable ufw firewall tool with an existing set of iptables rules?
Installing and enabling ufw sounds easy, but how is the existing set of iptables rules treated? I want to use ufw on a remote server and losing ssh would be disastrous! Thanks. -Tom
Re: How can I enable ufw firewall tool with an existing set of iptables rules?
On Mon, Aug 28, 2017 at 15:49 Alexander V. Makartsevwrote: > Smart way to do it is to setup a cron job to run shell script that will > flush (or restore to default working ruleset) iptables rules every 10 > minutes. Thanks, Alexander. -Tom
Re: How can I enable ufw firewall tool with an existing set of iptables rules?
On Mon, Aug 28, 2017 at 15:54 Joewrote: ... I confess to no specific knowledge here, but I suspect none of the > firewall front-ends will accommodate an arbitrary iptables ruleset, as > the front-ends impose their own structure which would almost certainly > conflict. > Unfortunately, ufw doesn't have a safety net. However, I did keep a valid ssh connection in a separate window to ensure I could still login after I enabled ufw. That's still a dangerous way but my fallback is my server is with a company who can assist in a reboot and ssh access again if necessary. Alexander's idea is a good one, and I really should have taken his advice. However, all worked out well, fortunately. Thanks, Joe. -Tom
How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?
I am currently defining my devices like this in file /etc/network/interfaces: #= # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 142.54.186.2 netmask 255.255.255.248 gateway 142.54.186.1 dns-nameservers 192.187.107.16 69.30.209.16 # added alias IPv4s: up ip addr add 142.54.186.3/29 dev $IFACE label $IFACE:0 down ip addr del 142.54.186.3/29 dev $IFACE label $IFACE:0 up ip addr add 142.54.186.4/29 dev $IFACE label $IFACE:1 down ip addr del 142.54.186.4/29 dev $IFACE label $IFACE:1 up ip addr add 142.54.186.5/29 dev $IFACE label $IFACE:2 down ip addr del 142.54.186.5/29 dev $IFACE label $IFACE:2 up ip addr add 142.54.186.6/29 dev $IFACE label $IFACE:3 down ip addr del 142.54.186.6/29 dev $IFACE label $IFACE:3 #= I would like to add a large chunk (say 20) of my IPv6 addresses, too. Although not yet implemented (for fear of messing my remote host up), the following has been recommended: #= # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 auto etho iface eth0 inet static address 142.54.186.2 netmask 255.255.255.248 gateway 142.54.186.1 dns-nameservers 192.187.107.16 69.30.209.16 iface eth0 inet static address 142.54.186.3 iface eth0 inet static address 142.54.186.4 iface eth0 inet static address 142.54.186.5 iface eth0 inet static address 142.54.186.6 iface eth0 inet6 static address 2604:4300:a:95::2 netmask ::::: gateway 2604:4300:a:95::1 dns-nameservers 192.187.107.16 69.30.209.16 iface eth0 inet6 static address 2604:4300:a:95::3 iface eth0 inet6 static address 2604:4300:a:95::4 iface eth0 inet6 static address 2604:4300:a:95::5 iface eth0 inet6 static address 2604:4300:a:95::6 #= FYI, here is a chunk of the output of "dmesg | grep -i eth": #= [0.898483] e1000e :09:00.0 eth0: (PCI Express:2.5GT/s:Width x4) 00:1e:68:2e:df:be [0.898486] e1000e :09:00.0 eth0: Intel(R) PRO/1000 Network Connection [0.898564] e1000e :09:00.0 eth0: MAC: 5, PHY: 5, PBA No: FF-0FF [9.525606] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready [ 11.846375] e1000e: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx [ 11.846877] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready #= So how does one do the same thing with "modern" tools? Thanks. -Tom
Re: How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?
On Fri, Aug 25, 2017 at 09:26 Sven Hartge <s...@svenhartge.de> wrote: > > Tom Browder <tom.brow...@gmail.com> wrote: > > Before we start: > > "virtual ethernet devices" are something totally different than you are > doing here. You just want to put multiple IP addresses on one interface. > > "virtual ethernet devices" are for example used with virtualization or > docker, to connect an isolated VM or container through the host to the > network. > > > Although not yet implemented (for fear of messing my remote host up), > > the following has been recommended: ... > > # The primary network interface > > allow-hotplug eth0 > > auto eth > > One of "allow-hotplug" or "auto", not both Any preference for either line? > And you have a typo there, it should read "auto eth0". Good catch on the typo! > > iface eth0 inet6 static > > address 2604:4300:a:95::2 > > netmask ::::: > > gateway 2604:4300:a:95::1 > > dns-nameservers 192.187.107.16 69.30.209.16 > > No need to duplicate the nameservers. Also this line only gets used if > you use the package "resolvconf". On servers with static IP > configuration I usually get rid of this mechanism and set the > nameservers myself in /etc/resolv.conf Ah! That's good advice. > > iface eth0 inet6 static > > address 2604:4300:a:95::6 > > Yes, everything is fine. > > Side note: I'd truly randomize the IPv6 addresses, so the subnet is not > as easily scannable from the outside. Also good advice. Thanks, Sven, very helpful. Can you recommend a good modern book on networking? > > So how does one do the same thing with "modern" tools? > > I don't understand the question. Do you mean "systemd-networkd"? I'm indirectly referencing a long-running thread on this list about using ifconfig versus "modern" tools for viewing the current interfaces setup. And just how does one restart the new interfaces with systemctl? If I mess something up, is there any way to ssh into the remote system? Thanks very much for all your help! Best, -Tom
Re: How does one create virtual ethernet devices with modern tools on Debian 8 (jessie)?
On Fri, Aug 25, 2017 at 10:09 AM, Greg Wooledgewrote: >> On Fri, Aug 25, 2017 at 09:26 Sven Hartge wrote: >> > One of "allow-hotplug" or "auto", not both >> >> Any preference for either line? > > Use "auto" if the network interface is a permanent one, and "allow-hotplug" > if it's a transient one (removable, whatever). > > Interfaces configured as "auto" will be respected by systemd's > "network-online.target", meaning any service that you configure to > wait for network-online will wait for all "auto" interfaces to be > brought up. It will not wait for "allow-hotplug" interfaces. That's very helpful. Sounds like it's the "auto" for my situation. Thanks much, Greg. Best, -Tom
Recommended editor for novice programmers?
My Linux user group is setting up one desktop computer and one laptop computer for lending to our local library as an educational resource for folks who want to explore what Linux is all about. We are using Debian 9 for now. I am open to any suggestions for standard packages we should add. I have already installed gcc and friends as well as Scilab, R, Perl 6, and some other stuff, including emacs. I would especially appreciate other ideas for programming editors for novice programmers. Thanks. Best regards, -Tom
Re: Recommended editor for novice programmers?
On Sun, Sep 3, 2017 at 05:03 Byung-Hee HWANG (황병희, 黃炳熙) <soyeo...@doraji.xyz> wrote: > In Article < > cafmgiz_yn+qa52wb2nfhphv6g2thj-azjisu1xznytv8hui...@mail.gmail.com>, > Tom Browder <tom.brow...@gmail.com> writes: > > > My Linux user group is setting up one desktop computer [...] Thanks for all the helpful suggestions, everyone! Best regards, -Tom
Re: If not "newbie" then ????
On Sun, Jul 22, 2018 at 05:26 Eric S Fraga wrote: > I'd say "old skool" (affectionately) would do. ;-) Sounds like there are a lot of fellow travelers here. If you lean more towards loving programming as I do (started in FORTRAN IV in 1961), you might check out the new world of Perl 6 (https://perl6.org) and join a nice group of people who will appreciate your help in fixing bugs, improving documentation, and leaving a legacy 100-year programming language for your descendants. Best regards, -Tom
Re: Recommendation for Virtual Machine and Instructions to set it up?
On Thu, Dec 6, 2018 at 10:12 AM wrote: > > Background: > > I'm involved with having some software written and then testing it. > > The software won't run on either my Wheezy or Jessie systems -- it appears to > be an outdated libstdc++ that is the problem. Before I go the VM route, I would try installing the latest clang or gcc on the host you use normally. Rather than chasing OS's, you need to get that software more portable IMHO. Best regards, -Tom
Multiple host names for a single server?
I would like to use a single server for multiple remote services including mail, bind dns, OpenStreep tiles, etcs., all with different subdomain names but sharing the same server and IP. For example: mail.example.com ns1.example.com tiles.example.com ... I know I can define them with individual A records (with the same IP) with my domain host provider, but will that cause problems conflicting with a single physical hostname of, say, "pluto.example2.net"? In other words, is the physical hostname of any server of any importance except for logged in users? Thanks. -Tom
Re: Multiple host names for a single server?
On Mon, Jan 7, 2019 at 10:20 AM Greg Wooledge wrote: ... > The primary purpose of the actual hostname is for you to be able to > identify *which* computer is having a problem. E.g. if you receive an > email from a machine identifying itself as "www.yourdomain" but you have > three such web servers operating as a round robin, then you will have > to put in some work to figure out which of the three it came from. > > But if the email comes from a machine which self-identifies as > "www1.yourdomain", then you have a better idea where to fix the issue. Thanks, Greg. -Tom
Re: Multiple host names for a single server?
On Mon, Jan 7, 2019 at 10:33 AM Joe wrote: ... > In general you're right, it's just a matter of multiple A records. In > the case of a mail server, the A record used for mail must have a > complementary PTR record at your ISP, but this is not a matter of > whether your mail server works, but whether other mail servers will > accept mail from it. Thanks, Joe. -Tom
Re: Multiple host names for a single server?
On Mon, Jan 7, 2019 at 10:24 AM john doe wrote: ... > Any reasons why you can't use 'cname' record? Um, you're right, I should be able to use that now that ACME v2 lets us use wild cards. Thanks, "John." -Tom
Re: Multiple host names for a single server?
On Mon, Jan 7, 2019 at 12:26 PM Kushal Kumaran wrote: > Tom Browder writes: > > On Mon, Jan 7, 2019 at 10:24 AM john doe wrote: > > ... > >> Any reasons why you can't use 'cname' record? > > > > Um, you're right, I should be able to use that now that ACME v2 lets > > us use wild cards. > > Could you elaborate why the ability to create wildcard SSL certificates > matters for the CNAME-vs-A decision? They look orthogonal to me. Hm, I think you're correct, Kushal. I was thinking about my crude domain management tools and got careless in my OP. Thanks for pointing that out! -Tom
Re: Multiple host names for a single server?
On Mon, Jan 7, 2019 at 4:11 PM Andy Smith wrote:> Hi Tom, > On Mon, Jan 07, 2019 at 11:42:28AM -0600, Tom Browder wrote: > > On Mon, Jan 7, 2019 at 10:24 AM john doe wrote: > > > Any reasons why you can't use 'cname' record? > > > > Um, you're right > > Though do note that the right hand side of MX and NS records should > not point to a CNAME alias (RFC 2181 ง10.3)น. Your examples included > "mail" and "ns1" which often feature in MX and NS records. ... > น Thought they often end up working anyway, contrary to RFCs. Thanks, Andy. This has always been a confusing area for me. When I get a "practice" mail and dns setup ready I will check back here with specifics and see what all respondents think. Best regards, -Tom
Acess Devian 9 laptop by another devica via wifi
I travel often with a hefty laptop running Debian 9 and like to do casual programming on it remotely via a terminal app (Termius) on an iPad. In many situations I am able to access the laptop when on a wireless LAN by getting its IP address with "sudo ifconfig" and simply using that address in Termius to ssh in to the laptop. However, someteimes that does not work until I edit the wireless connection and declare it public. And in still other cases I cannot access the laptop at all. Is there any reliable way to either (1) always connect via the LAN or (2) make the laptop broadcast its own LAN so I can login to it wirelessly from the iPad? Thanks. With warmest regards, -Tom
Re: Acess Devian 9 laptop by another devica via wifi
> > Is there any reliable way to either (1) always connect via the LAN or (2) > > make the laptop broadcast its own LAN so I can login to it wirelessly from > > the iPad? ... > It is unclear to me if you have one internal network (network behind > your laptop) or if both the Ipad and the laptop are connected to the > wireless infrastructure of the guest (hotel airport ...). Both are connected to the same wireless LAN. Thanks. -Tom
Re: Acess Devian 9 laptop by another devica via wifi
On Sat, Mar 23, 2019 at 5:12 AM Tom Browder wrote: > > > > Is there any reliable way to either (1) always connect via the LAN or (2) > > > make the laptop broadcast its own LAN so I can login to it wirelessly from > > > the iPad? Solved!! I tried using my iPhjone as a personal hotspot and connected the laptop AND iPad to it and I can ssh into the laptop with no problems. -Tom