Re: iscsi support in Jessie

On 10/16/15 08:06, Harald Dunkel wrote: > Hi folks, > > Now I have to install a new iscsi target (using Jessie, hopefully). > Which iscsi solution would you recommend? > PS: Here is what I found so far: * iSCSI Enterprise Target (http://sourceforge.net/projects/iscsitarget/

iscsi support in Jessie

Hi folks, Some years ago I have setup an iscsi target using targetcli 2.0 on Wheezy. Actually it works pretty well, but there were some serious upgrade problems to 2.1 and 3.0, making targetcli go away for Jessie. See #764005 and #751226. I lost confidence in a newer version. Now I have to

Re: iscsi support in Jessie

Hi Reco, On 10/16/15 08:17, Reco wrote: > > tgt works for me in Jessie. I would not call it that user-friendly, though. > Not bad. I have missed this one. Searching for tgt I stumbled over istgt. (http://shell.peach.ne.jp/aoyama/archives/3122). Thanx very much Harri

Re: Can't startx as normal user

If you are using startx/xinit: Try installing xserver-xorg-legacy. I had the same problem. Good luck Harri

howto avoid "apt-get update" going guru?

Hi folks, this morning I found "apt-get update" getting stuck due to an unresponsive host: # cat /etc/apt/sources.list deb http://ftp.debian.org/debian sid main contrib non-free deb-src http://ftp.debian.org/debian sid main contrib non-free # apt-get update Err:1

how to deploy common ssh_config and sshd_config settings on all hosts?

Hi folks, Problem: Deploying a custom ssh authentication scheme common to all Debian hosts in the lan appears to be apita, esp. since the next openssh upgrade might put the default config files upside down again. What would you consider best practice to keep your ssh hosts (>300) in sync wrt the

how to override a conffile (not using dpkg-divert)?

Hi folks, https://www.debian.org/doc/debian-policy/ap-pkg-diversions.html says "Do not attempt to divert a conffile, as dpkg does not handle it well." So I wonder what would you suggest to override a conffile (e.g. /etc/ssh/sshd_conf and /etc/ssh/ssh_conf) from another package depending upon

Re: how to deploy common ssh_config and sshd_config settings on all hosts?

Hi Andy, On 02/02/17 11:17, Andy Smith wrote: > > Also through the use of override config files that are included into > the main config file, you can avoid being prompted about changes to > the main config file. For sshd the config directive is "Include". > Are you sure about this?

Re: how to deploy common ssh_config and sshd_config settings on all hosts?

Hi Andy, On 02/02/17 17:43, Andy Smith wrote: > Hi Harald, > > On Thu, Feb 02, 2017 at 02:50:09PM +0100, Harald Dunkel wrote: >> >> Exactly. The central place in my case is a debian source package. It >> provides binary meta-packages referencing other packages

Re: how to compute predictable network interface names?

On 02/23/2017 04:25 PM, Christian Seiler wrote: > > There's a policy which are going to be preferred. man 5 systemd.link > tells you what the options are and /lib/systemd/network/99-default.link > tells you what the default setting is (the first successful one is > used). Of course I stumbled

Re: how to compute predictable network interface names?

On 02/24/2017 10:10 AM, Harald Dunkel wrote: > > Now I got confused: Who is responsible for renaming the NIC names? > Is this a systemd feature, is this the job of udev, or are the NICs > renamed by the kernel very early at boot time? Shouldn't I get the > same predictabl

Re: how to compute predictable network interface names?

On 02/16/2017 12:47 PM, Christian Seiler wrote: > > On a system with predictable names running? Or on a system > pre-upgrade? > Its more "pre-installation". I boot a USB stick and run my own installer (using debootstrap or creating a clone). The NIC name is needed to setup

how to compute predictable network interface names?

Hi folks, I understand that the predictable nic names can be turned off using net.ifnames=0 on the kernel command line, but I wonder if there is a shell script to actually predict the "enpYsZ" from the old style "ethX" initially assigned by the kernel? Something like %

Re: how to override a conffile (not using dpkg-divert)?

Hi Don, On 02/08/17 23:36, Don Armstrong wrote: > > If this is a private package which you are using to enforce your local > configuration, just change the conffile in your postinst [possibly after > checking that the conffile hasn't been modified.] > This can become pretty difficult,

upgraded config files in /lib/systemd/system

Hi folks, short question about /lib/systemd/system: AFAICS the config files here are supposed to be overridden by local config files in /etc/systemd/system, using the same path, as described in systemd.unit(5) How can I make sure that there is a conflict dialog at upgrade time, if I have to

/etc/network/interfaces: create bridge without IP address?

Hi folks, how can I define a bridge in /etc/network/interfaces without assigning it an IP address and netmask? It is supposed to be IPv6 link-layer only. Regards Harri

Re: /etc/network/interfaces: create bridge without IP address?

On 12/29/2016 11:49 AM, Reco wrote: > > auto br0 > iface br0 inet6 auto > bridge-ports ... > bridge-maxwait 0 > > Please note that you have to specify *something* in 'bridge-ports' > stanza. > Thanx, I was too blind to see. Regards Harri

Re: how to compute predictable network interface names?

Hi Christian, On 02/24/17 12:43, Christian Seiler wrote: > > udev will then rename the device once it encounters it. > > In newer udev versions, it will use some (but not all) settings from > systemd.link files. The other settings are interpreted by > systemd.networkd. (And if you don't use

Re: upgraded config files in /lib/systemd/system

On 03/05/17 21:29, Michael Biebl wrote: > > Keep in mind, that in most cases you don't need to override the package > provided service file completely by making a full copy of it in > /etc/systemd/system > > You can extend/override individual bits via drop-in files (e.g. adding > additional

Re: upgraded config files in /lib/systemd/system

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 02/28/17 15:23, Dominique Dumont wrote: > > I don't understand why a change in /lib/systemd/system should trigger a > conflict warning. > A unit file provided by the package maintainer might introduce new dependencies, for example. Maybe an

howto restart a service in postinst script (Stretch and newer)

Hi folks, the Debian Policy Manual still talks about "run levels" and "init.d scripts" on https://www.debian.org/doc/debian-policy/ch-opersys.html#s-sysvinit . No word about systemd and others. What is the right way to restart a service from the postinst script for Stretch and newer? Reason

invoke-rc.d fails to restart?

Hi folks, I have the impression that sometimes invoke-rc.d fails to restart services with children, e.g. zabbix-agent, sssd or opensmtpd. The service and its children are stopped, but not started again. Looking at "simple" services (without children) there is no such problem. It appears to be

Re: memory.limit_in_bytes: systemd vs lxc

Hi Dejan, On Mon, 24 Jul 2017 09:43:30 +0200 Dejan Jocic <jode...@gmail.com> wrote: > On 24-07-17, Harald Dunkel wrote: > > > > Apparently systemd ignores the restricted memory. How can I tell > > systemd to keep the limits? > > > > > > Every he

memory.limit_in_bytes: systemd vs lxc

Hi folks, I have to restrict memory.limit_in_bytes to 16GByte for my LXC containers. Problem: The containers based on Stretch and systemd show % for i in $(find /sys/fs/cgroup/memory/lxc/lxc1 -name memory.limit_in_bytes); do \ echo $i $(cat $i) \ done | column -t

Re: howto restart a service in postinst script (Stretch and newer)

Hi Christian, On Sun, 6 Aug 2017 09:34:31 +0200 Christian Seiler wrote: > > For things that are only available on systemd (for example if you > have split the service additionally for systemd, while sysvinit is > still just a single script) you should use the code that is >

which display manager would you suggest for Stretch?

Hi folks, since kdm is not in anymore I wonder which display manager to consider for Stretch? No assumption about the desktop environment should be made. The local Debian users are free to choose. Of course I saw https://wiki.debian.org/DisplayManager, but it appears to be out-of-date. And it

bzflag is slow since nvidia-graphics-drivers 390.59-1

Hi folks, after the upgrade of nvidia-graphics-drivers to version 390.59-1 bzflag seems to use mesa instead of the nvidia libs. Running dpkg-reconfigure glx-alternative-nvidia doesn't help. Other games (e.g. tuxracer) are fine, so I wonder WTH? I haven't found the problem yet. Every

/lib/lsb/init-functions on LXC servers

Hi folks, I see a weird effect of pidofproc (defined in /lib/lsb/init-functions): If there is no local daemon with a given search path running, then it returns the PIDs the daemons running in the LXC containers. AFAICT this affects the startup scripts of apache2 opensmtpd

Re: /lib/lsb/init-functions on LXC servers

Hi Reco, you mean this is a known issue??? Harri

Re: /lib/lsb/init-functions on LXC servers

Hi Reco, On 02/14/18 14:55, Reco wrote: True. There's one tiny bit though - try pidof -o %PPID -x /usr/sbin/sshd and watch it output several pids as well. Yes, indeed. If pidofproc would rely upon the pidfile only, then there is no reason to call pidof. And you don't have to spawn yet

Re: /lib/lsb/init-functions on LXC servers

Hi Reco, wrt "pgrep --ns 1 -f /usr/sbin/sshd": The executable path simply doesn't tell if this is the right service to stop. If I run 2 services in parallel (e.g. for different network interfaces), then this approach is already broken. Sample: # pgrep --ns 1 -f /usr/sbin/sshd 12602 # ps -ef |

Debian got too fat?

Hi folks, would you mind to take a look at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888743 The fix is pretty easy. Whats really bugging me is that nobody dares to touch the complex code of lsb-base. IMHO this is a clear indication that Debian lost the blessed path other Unixes

Re: Debian got too fat?

Hi Reco, On 7/15/18 1:44 PM, Reco wrote: Hi. On Sun, Jul 15, 2018 at 12:16:20PM +0200, Harald Dunkel wrote: Hi folks, would you mind to take a look at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888743 The fix is pretty easy. But does not address all the cornercases

Re: Debian got too fat?

On 7/16/18 10:45 AM, Jonathan Dowland wrote: My suggestion is unless you are prepared to adopt and maintain lsb-base, (as Didier has made clear he wants to orphan it), find an alternative tool to achieve what you want. I am already running my private lsb-base package for several months. The

anybody maintaining lxc and lxd in Debian?

Hi folks, is anybody maintaining lxc in Debian? I have the impression that it has been orphaned. And I don't dare to hope for #768073 anymore. Does everybody interested in virtualization use Ubuntu now? Regards Harri

Re: anybody maintaining lxc and lxd in Debian?

On 7/10/18 12:36 PM, Jonathan Dowland wrote: > On Fri, Jul 06, 2018 at 09:56:58AM +0200, Harald Dunkel wrote: >> is anybody maintaining lxc in Debian? I have the impression that >> it has been orphaned. And I don't dare to hope for #768073 anymore. > > Ah yes I'd fo

Re: how to view config file changes without running an upgrade?

On 03/21/18 17:18, Greg Wooledge wrote: On Wed, Mar 21, 2018 at 04:46:16PM +0100, Harald Dunkel wrote: Its pretty painful to resolve config file conflicts in (lets say) dovecot at upgrade time, putting EMail access for +200 users at risk. I have to check in advance. Resolving config file

how to view config file changes without running an upgrade?

Hi folks, How can I view the diffs between my local modified config file (maybe modified 2 years ago) and the maintainer's config file included in the currently installed package or in a pending package upgrade? I would like to review my diffs, before running "apt upgrade". I am a big fan of

Re: how to view config file changes without running an upgrade?

PS: Please note that there are 2 "branches" of config file we work with: - the "orig" config files included in the *.deb file - the local config files active on the server Both branches might change over time, so manually backing up a config file to *.orig at first time modification doesn't

Re: how to view config file changes without running an upgrade?

On 03/21/18 12:44, The Wanderer wrote: On 2018-03-21 at 04:13, Harald Dunkel wrote: So... are you entirely sure that you even need to check it *before* initiating the upgrade? The mid-upgrade prompt might be enough. Yes, I am sure. Its pretty painful to resolve config file conflicts

libressl in Buster?

Hi folks, apparently the new OpenSMTPD 6.4 depends upon libressl (see https://www.opensmtpd.org/announces/release-6.4.0.txt), so I wonder what will become of #754513? Is there a chance to get libressl (optionally) into Buster? Is there a naming conflict? Every insightful comment is highly

Re: libressl in Buster?

On 11/1/18 4:16 PM, Reco wrote: > > It's rather a short release cycle and a lack of feature parity with > openssl. > I don't see a short release cycle as a bad feature. Its a sign of active and agile development. Openssl has a bad reputation for introducing security problems, partly due to its

Re: libressl in Buster?

On 11/3/18 4:42 PM, Reco wrote: > Hi. > > On Sat, Nov 03, 2018 at 03:37:06PM +0100, Harald Dunkel wrote: >> >> I don't see a short release cycle as a bad feature. Its a sign of >> active and agile development. > > And in Debian stable that also me

Re: "missing pubkey" for buster-security

Hi Ansgar, I highly appreciate your detailed response. I had not expected that the keyserver is restricted to developer keys. Thanx very much Harri

"missing pubkey" for buster-security

Hi folks, I am running a local mirror of the security.debian.org repository for in-house use. It seems to be available for Buster as well, except that there is an error message ERROR: Condition '7638D0442B90D010' not fulfilled for

who is verifying proposed-updates ?

Hi folks, how good is test coverage of proposed-updates? Its pretty unknown (IMHO), so I wonder if there are numbers from the popularity contest? Regards Harri

who is verifying proposed-updates ?

Hi folks, how good is test coverage of proposed-updates? This repository is pretty much unknown (IMHO), so I wonder if there are numbers from the popularity contest? Regards Harri

who is verifying proposed-updates ?

Hi folks, how good is test coverage of proposed-updates? This repository is pretty much unknown (IMHO), so I wonder if there are numbers from the popularity contest? Regards Harri

Re: who is verifying proposed-updates ?

PS: Sorry for sending this thrice. I did not receive a copy due to some misconfiguration. Harri

IPv6 prefix delegation: avahi-daemon vs dhcpcd vs kernel

Hi folks, question about IPv6 support in sid: Whose job is it to bother about the IPv6 addresses dynamically bound to eth0? AFAIU the kernel sees the prefix delegation on eth0, sets the old IPv6 address to "deprecated" and registers the new one. How comes that avahi daemon and dhcpcd and

Re: how to disable gdm3 via systemctl?

On 2020-01-13 10:52, john doe wrote: What about 'systemctl disable gdm'? Doesn't work, either. "systemctl status gdm" claims that gdm is masked (or disabled), but nevertheless it *is* started. root@usbpc:~# systemctl status gdm * gdm.service - GNOME Display Manager Loaded: loaded

how to disable gdm3 via systemctl?

Hi folks, what is the recommended procedure to disable gmd3 using systemctl in Buster? "systemctl mask gdm" does not work as advertised. The "masked" seems to be ignored. Every helpful hint is highly appreciated Harri

Re: how to disable gdm3 via systemctl?

On 2020-01-13 10:58, john doe wrote: https://wiki.debian.org/GDM#systemd PS: Changing the default target is not an option (but it works, AFAICT). Regards Harri

Re: how to disable gdm3 via systemctl?

Hi Andrei, On 2020-01-13 23:40, Andrei POPESCU wrote:> > Display Managers are handled a little bit different than "regular" > services, since only one can run at a time (if you have several > installed), but at least one should be running (to not leave a > potentially inexperienced user in front

how to rescue lxc?

Hi folks, according to https://tracker.debian.org/pkg/lxc lxc is in bad shape. I would love to help. How can I help? I already filed a patch for #966998, verified lxc 4.0.4 (#969229) and (meaning no offense, but) #961584 looks like a home-made problem to me. Anyway, lxc 4.0.4 is supposed to fix

aptitude problem with control file (in stretch)

Hi folks, I've got a problem with upgrading a private package in Stretch. The control file says: Package: sample-lxc Architecture: all Depends: ${misc:Depends} , cgmanager | systemd , debootstrap , lxc ,

Re: aptitude problem with control file (in stretch)

On 8/5/20 6:29 PM, Sven Joachim wrote: I am not sure I understand what you actually want to do, though. I am maintaining a set of meta packages, referencing the packages to install on my hosts. To avoid having separate meta packages for each new Debian version I have to use conditional

/dev/fd is missing, how comes?

Hi folks, after booting my desktop PC this morning it seems that /dev/fd is missing. This breaks dkms. How comes? Which tool/package/service was supposed to create the symlink for /dev/fd? Every insightful comment is highly appreciated Harri

Re: aptitude problem with control file (in stretch)

On 8/5/20 11:03 AM, Sven Joachim wrote: I am surprised to read that, considering that your installed lxc version does not actually fulfill the dependency. Note the epoch. $ dpkg --compare-versions 1:2.0.11-1~xgo90+1 lt 3 || echo 'Got it!' Got it! Maintaining the sample-lxc package I have

Re: ssl handshake problem with bugs.debian.org?

On 2020-07-27 11:17, Sven Hartge wrote: Debian uses their own CA to sign this certificate, which is fine for SMTP, which normally only uses opportunistic encryption. But if the client SMTP-Server is set to *verify* the certificate, it will fail. Certificate verification is optional on my

ssl handshake problem with bugs.debian.org?

Hi folks, I've got a ssl handshake problem with bugs.debian.org on sending an EMail. My mta (OpenBSD 6.7, i.e. libressl) in the office says in its logfile : Jul 27 10:23:37 gate5a smtpd[67056]: d4df9298d18e1596 mta connecting address=smtp://209.87.16.39:25 host=buxtehude.debian.org Jul 27

Re: ssl handshake problem with bugs.debian.org?

On 2020-07-27 13:49, Sven Hartge wrote: Does your MTA present a client certificate? Maybe buxtehude does not like that? Yes, it has a certificate. Whether buxtehude likes it I cannot say, but it looks OK to me. Its a wildcard certificate, though: Certificate: Data: Version: 3

Tora 3 for Bullsey?

Hi folks, how comes there is not Tora for Bullseye? Regards Harri

Re: spectre-meltdown-checker: Hash Sum mismatch

Hi folks, On 2/19/21 2:47 PM, Harald Dunkel wrote: I already cleared the cache of apt-cacher-ng, but the problem comes back. What would you suggest how to proceed? Mystery solved: apt-cacher-ng used /var/cache/apt-cacher-ng instead of /export/cache/apt-cacher-ng I had configured some time

spectre-meltdown-checker: Hash Sum mismatch

Hi folks, aptitude shows E: Failed to fetch http://deb.debian.org/debian/pool/main/s/spectre-meltdown-checker/spectre-meltdown-checker_0.42-1_all.deb: Hash Sum mismatch Hashes of expected file: - SHA256:a5b777497c860a51ce1f1fd888f727531ea60be625ffe6787aebf12823177e2f -

You are required to change your password immediately (administrator enforced).

After the most recent update of a host running sid there was a password change dialog: You are required to change your password immediately (administrator enforced). You are required to change your password immediately (administrator enforced). That would be me, but I cannot remember having set

ifupdown lost at upgrade time to bullseye

Hi folks, how comes ifupdown is dropped at upgrade time to bullseye, leaving the (headless) system without network connection while the upgrade is not completed yet, and breaking network on the next reboot? Regards Harri

Re: You are required to change your password immediately (administrator enforced).

On 8/17/21 21:55, Sven Joachim wrote: On 2021-08-17 19:59 +0200, Harald Dunkel wrote: How can I make sure I don't have to change passwords on 400+ hosts? Do not run sid on 400+ hosts. Do not run testing either, especially in the first months after a release. Of course not. But sid

Re: how to forbid debhelper to modify /home ?

On 9/3/21 11:40, Erwan David wrote: I would do this the other way (but not eay tpo migrate) : add your users in another directory (/srv/home or something else) where you mpount your remote home directory, and keep system using /home. I agree, but unfortunately this is not an option.

Re: how to forbid debhelper to modify /home ?

On 9/3/21 13:57, Roberto C. Sánchez wrote: That sounds like potentially buggy behavior. Can you give a specific example? ntp (Debian) sane (Debian) gitlab-runner (not Debian) zabbix-agent (not Debian) Apparently the postinst scripts of ntp and sane have been

how to forbid debhelper to modify /home ?

Hi folks, how can I tell the debhelper scripts to not install home directories for system services in /home (managed on a remote host in my environment), but to use /var/lib instead? I know I can block dpkg using apparmor, but this would break many postinst scripts, at least for 3rd-party

git FTBFS ?

Hi folks, trying to build git 2.34.0-1 for bullseye I get 2 segfaults (see #991214). Apparently they pop up during the built-in tests, so I wonder if this is a FTBFS? If this is nothing to worry about, how comes that these segfaults are not caught like the others? Regards Harri

how comes bug reports are processed after 10 minutes?

Hi folks, apparently it takes about 10 minutes between filing a bug report (no attachments) and sending the confirmation EMail. Thats quite a long time. Imagine you have to forward Debian's bug number to your own in-house BTS. There are about 10^6 bug reports in Debian's BTS. Maybe 1% is

ca-certificates: DST_Root_CA_X3.crt expired, so why is it still included in Bullseye?

Hi folks, apparently /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt expired last year: % openssl x509 -in /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt -noout -dates notBefore=Sep 30 21:12:19 2000 GMT notAfter=Sep 30 14:01:15 2021 GMT I wonder why it is still included in

Re: Debian 10 --> 11 on Dell R740: network interfaces renamed

On 2022-06-14 01:48:16, David Wright wrote: Perhaps calling the new interface naming scheme "predictable" is somewhat overselling it, but "persistent" (a better choice IMHO) was already in use, both in the way quoted above, and as one of the choices for MAC address generation. The changed

how to get rid of anacron?

Hi folks, I do not like my cron jobs in /etc/cron.daily being ignored or delayed for some obfuscated reasons, so I wonder what is the recommended alternative to anacron with propper logging by default? Will systemd take care? Regards Harri

Debian 10 --> 11 on Dell R740: network interfaces renamed

Hi folks, after the upgrade to Debian 11 some network interfaces in my Dell R740 got renamed. Before: # lshw -class network -short H/W path Device Class Description /0/2/0eno1network

Re: Debian 10 --> 11 on Dell R740: network interfaces renamed

If I have to hardwire the interface names to their Mac address as you suggested, then I don't see a significant difference to the old-style /etc/udev/rules.d/70-persistent-net.rules we had till Debian 10, except that the former was auto-generated and easier to modify. Regards Harri

closing Bullseye bugs pointing to a fix in Unstable?

Hi folks, what is Debian's policy wrt bugs reported for a package in Stable (e.g. some daemon eating up 100% CPU)? Looking at the "Closes:" feature for debian/changelog I have the impression that a fix in Unstable is seen to be sufficient "to get rid" of the bug report. Surely "Closes:" is very

Focus on python 3.9 instead of 3.9.2 for Bullseye?

Hi folks, Would it be possible to ignore the micro version number of python 3.9 and get 3.9.12 for Bullseye? Hiding 3.9.12 in Bookworm is useless. I doubt that the users running Testing or Sid are scared of python 3.10. Regards Harri

Re: Network manager: activating VPN in GNOME remote session doesn't work, but in KDE remote session (xrdp)

Hi BM if your VPN is IPsec, then you might want to examine charon's output via journalctl. Probably openvpn, wireguard and others can be found there, too. Another thing to try is to establish the VPN connection using nmcli in a terminal window, e.g. nmcli con up "VPN name" Maybe you

openexr-viewers in Bookworm?

Hi folks, I wonder why openexr-viewers hasn't made it into Bookworm, yet? The bug tracker mentions just an ancient SIGSEGV (opened in 2010). ? https://packages.debian.org/source/sid/openexr-viewers Regards Harri

apache2: fix the regressions introduced by security upgrade in Bullseye?

Hi folks, AFAIU apache2 2.4.56-1 has been included in Bullseye to mitigate CVE-2023-27522 and CVE-2023-25690 (both some mod_proxy issue with high severity). Good thing. Unfortunately this introduced 2 regressions for mod_rewrite and http2, see

Re: apache2: fix the regressions introduced by security upgrade in Bullseye?

On 2023-04-03 14:49:16, Vincent Lefevre wrote: What about apache2 2.4.56-2? This version is not in Bullseye. Only 2.4.56-1, introducing the regressions.

Re: openexr-viewers in Bookworm?

Found it, it doesn't build (#1017547). Its been filed against the source package. Regards Harri

Re: override logrotate.timer from another package?

Hi Tim, On 2023-07-04 19:35:35, Tim Woodall wrote: On Tue, 4 Jul 2023, Harald Dunkel wrote: I'm not exactly clear what you're doing but I guess you're creating a package that provides the config file? Yes, together with other things (other config files, package depen- dencies, etc

Re: override logrotate.timer from another package?

On 2023-07-04 14:36:19, Charles Curley wrote: No. All changes the local administrator makes should go under /etc/systemd because you risk updates over-writing things in /lib/systemd and elsewhere. As for dh_installsystemd, the first paragraph of the man page for it says,

override logrotate.timer from another package?

Hi folks, what is the recommended way to override logrotate.timer from a metapackage to get hourly logfile rotation (depending on size and age of the logfile, as usual)? I had added etc/systemd/system/logrotate.timer.d/hourly.conf to the package install file, but at upgrade time it

which dput/method to chose for automatic uploads via cron?

Hi folks, which dput/method would you suggest for uploading packages to a private repo via ssh? By now I tried - dput/rsyncfails to upload files in a reproducible sequence, breaking inoticoming on the receiver side - dput/scp "permission denied", ssh_config_options

how to downgrade nvidia-graphics-drivers packages?

Hi folks, Looking at a set of installed binary packages built from the same source package, I would like to keep the version numbers consistent. There might be exceptions, but in general you won't like to mix unstable and experimental binary packages from the nvidia-graphics-drivers, for

Re: Upgrade to 12.3 fails due to missing nvidia firmware package

On 2023-12-06 15:55:58, Michael Kjörling wrote: Which ones? ftp.de.debian.org ftp2.de.debian.org deb.debian.org That package is in the non-free-firmware component; are you bringing that in? https://packages.debian.org/bookworm/firmware-nvidia-gsp There is still the old version

Upgrade to 12.3 fails due to missing nvidia firmware package

Hi folks, I have tried to upgrade to 12.3, but apparently the dependencies of the new nvidia-kernel-dkms version cannot be fulfilled. firmware-nvidia-gsp (= 525.147.05) is missing. I tried several repositories. Hopefully I am not too blind to find the bug report (the new version fixes a CVE, ie

which keyring to install to access jessie archive?

Hi folks, apparently the jessie archive repository is still alive, but if I try to update the package list there is an error message W: GPG error: http://archive.debian.org/debian jessie Release: The following signatures couldn't be verified because the public key is not

Re: Upgrade to 12.3 fails due to missing nvidia firmware package

On 2023-12-06 17:20:16, Sven Joachim wrote: Maintainer uploads to (old)stable are staged in proposed-updates, so you would have to enable bookworm-proposed-updates to install the new version of firmware-nvidia-gsp. I missed the non-free-firmware for bookworm-updates and

packages.debian.org seems to be down

Hi folks, is it just me, or is https://packages.debian.org/ down? I had a similar problem yesterday morning. Regards Harri

distribution archives became unusable

Hi folks, the repositories listed on https://www.debian.org/distrib/archive have been signed using expired keys. Unfortunately this page doesn't deal with this problem. Do you think this could be improved? Regards Harri