Re: gzip and old files Partly Solved

[John Conover]

Might try "file rc.custom.gz" and make sure it says:

rc.custom.gz: gzip compressed data, was "rc.custom", last modified: ...

to look at rc.custom.gz's magic(5) header.

John

Martin McCormick writes:
> Greg Wooledge  writes:
> > Sounds unlikely.
> > 
> > > $ gzip -d rc.custom.gz
> > >
> > > gzip: rc.custom.gz: not in gzip format
> > 
> > Where did you get this file?
> 
> tomsrtbt-2.0.103
> 
>   Here's what happened:
> 
>   The rc.custom.gz file you posted is 961 bytes long.  My
> corrupt copy is also 961 bytes long and file describes it as
> data.
> 
> >  What does file(1) say about it?
> 
> $ file rc.custom.gz
> rc.custom.gz: data
> 
> >  How about
> > gzip --test?
> 
> $ gzip --test rc.custom.gz
> gzip: rc.custom.gz: not in gzip format
> 
> > I think it's more likely that your file is corrupt, than that gzip has
> > decided to become incompatible with itself.
> 
>   Fortunately, this turns out to be correct.
> 
>   The file you posted unzipped with gzip -d on my system
> with no issue at all.
> 
> The good file has a checksum of
> 10349 1
> 
> The bad version of the same file's checksum is
> 
> 13550 1.
> 
>   I mounted tomsrtbt.raw with 
> mount -o loop tomsrtbt.raw  /mnt
> and that rc.custom.gz also has a checksum of
> 10349 1
> 
>   The install.s script has one to put a blank floppy in to
> the drive and does dd if=tomsrtbt.raw of=/dev/fd0 with a record
> count and somehow, that original diskette passed all the tests,
> seems to boot right up and let me start a serial console on it
> without so much as a single error.
> 
>   There is enough of this that is enough different from
> today's world that I thought things were much worse than they
> turned out to be.  I am amazed that the corrupted disk worked at
> all.
> 
>   Thanks for clearing up the confusion.
> 
> Martin McCormick

-- 

John Conover, cono...@rahul.net, http://www.johncon.com/

gzip and old files Partly Solved

[Martin McCormick]

Greg Wooledge  writes:
> Sounds unlikely.
> 
> > $ gzip -d rc.custom.gz
> >
> > gzip: rc.custom.gz: not in gzip format
> 
> Where did you get this file?

tomsrtbt-2.0.103

Here's what happened:

The rc.custom.gz file you posted is 961 bytes long.  My
corrupt copy is also 961 bytes long and file describes it as
data.

>  What does file(1) say about it?

$ file rc.custom.gz
rc.custom.gz: data

>  How about
> gzip --test?

$ gzip --test rc.custom.gz
gzip: rc.custom.gz: not in gzip format

> I think it's more likely that your file is corrupt, than that gzip has
> decided to become incompatible with itself.

Fortunately, this turns out to be correct.

The file you posted unzipped with gzip -d on my system
with no issue at all.

The good file has a checksum of
10349 1

The bad version of the same file's checksum is

13550 1.

I mounted tomsrtbt.raw with 
mount -o loop tomsrtbt.raw  /mnt
and that rc.custom.gz also has a checksum of
10349 1

The install.s script has one to put a blank floppy in to
the drive and does dd if=tomsrtbt.raw of=/dev/fd0 with a record
count and somehow, that original diskette passed all the tests,
seems to boot right up and let me start a serial console on it
without so much as a single error.

There is enough of this that is enough different from
today's world that I thought things were much worse than they
turned out to be.  I am amazed that the corrupted disk worked at
all.

Thanks for clearing up the confusion.

Martin McCormick

DNS : pas de résolution en local

[Migrec]

Bonjour,

Depuis Buster, je n'ai plus de résolution DNS sur le serveur DHCP/DNS 
lui même et uniquement pour les adresses du réseau local. Depuis les 
clients, tout est ok.


# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by 
resolvconf(8)

# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.1
nameserver 192.168.0.2
search home homeg.lan

192.168.1.1 est ma box et 192.168.0.2 est mon serveur DNS/DHCP

# ping skeleton
ping: skeleton: Nom ou service inconnu

# dig skeleton

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> skeleton
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8304
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;skeleton.  IN  A

;; Query time: 1 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: mar. août 20 00:42:34 CEST 2019
;; MSG SIZE  rcvd: 26

Ça peut paraître logique car la box n'a pas connaissance de mon réseau 
local (elle est juste en liaison avec le serveur). Mais pourquoi l'échec 
de la résolution ne passe pas la main au serveur DNS local ?

Si j'inverse les 2 IP dans /etc/resolv.conf, ça fonctionne.

Une idée ?

--
Migrec

Re: Reprendre une migration échouée lors d'un apt- upgrade

[Migrec]

Le 19/08/2019 à 16:27, fab a écrit :


Oui. Mais comme j'ai abandonné la configuration de cacti, le paquet a 
été noté comme installé donc rien n'est proposé.


si tu utilises aptitude:

aptitude reinstall cacti


J'ai tenté et c'est effectivement passé. Les bases cacti ont bien été 
migrées. Il me reste juste un capteur de température qui n'est plus graphé.


Merci !
--
Migrec

Re: duckduckgo

[steef]

On 19-08-19 22:50, rhkra...@gmail.com wrote:

On Monday, August 19, 2019 04:17:26 PM steef wrote:

On 19-08-19 17:45, rhkra...@gmail.com wrote:

On Monday, August 19, 2019 08:27:57 AM steef wrote:

On 19-08-19 00:41, rhkra...@gmail.com wrote:



Is that the problem you are concerned about?


well, yes. because it is possible to avoid these sites for only one
session using duckduckgo. the next session one must again block out
these sites. that is cumbersome and annoying allthough i understand
that duckduckgo somehow must get paid for.


How do you block out those search results?  Do you put something in the
search that says something like "not:?


.well: on the right side on top of the duckduckgo page you see/find
four small lines. touch these and you see a row with further
possibilities. One of these possibilities is the english equivalent of
'overige instellingen'(dutch): something like 'remaining settings' click
on these 'settings' and you see another row  with advertenties (dutch)
advertisement i guess in english. click once on advertisement (or
whatever) to put them off ('uit' in dutch). if you put your browser off
and afterwards on again you must repeat this imho  tedious process to pue
them off again and so on. that's it and i hope i am clear enough.


Ahh, ok, I never knew that was there.  I turned it off on a DDG page, and then
clicked save.  I'll see if it works, and then see if it works again after I
restart Firefox -- but it may be a long time until I find out, as I keep my
browser up until it crashes (and sometimes have 1000 or more tabs open) --
usually I can recover those, but I prefer not to try it unless I have to.



i wish you good luck with that!

reg.,

steef

Re: Solution to "pathetic email complaints"

[Michael Stone]

On Mon, Aug 19, 2019 at 03:57:32PM -0500, Christopher Marlow wrote:

On 8/19/19 3:41 PM, Michael Stone wrote:
And, there are paid mail services which are nonetheless pretty 
terrible. All that using a paid mail service means is that you 
aren't using a free mail service.




I disagree... I like having my domain and email.. 


What does that have to do with whether there are bad paid services? 
Whether the service is free or paid, you need to evaluate whether it's 
meeting your needs and, if not, pick a different service. Just paying 
for it doesn't guarantee anything.


That said, owning a domain does at least make it easier to change 
providers--and I recommend doing so for just that reason--but that's a 
slightly different thing than just paying for an email address. It's 
also worth noting that it's increasingly difficult to implement reliable 
email service for a domain that isn't something like gmail.com (because 
third parties may randomly direct people to stop accepting mail from 
your domain) and smaller email providers may not have the resources to 
deal with the these issues.

Re: webmail and email from command line

[tomas]

On Mon, Aug 19, 2019 at 09:01:02PM +0100, Joe wrote:
> On Mon, 19 Aug 2019 17:19:58 +0200
>  wrote:
> 
> 
> > 
> > So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
> > only.
> > 
> 
> MS has used Active Directory in some form or other since Win2000, and
> AD is basically Kerberos plus LDAP. An AD 'domain' is basically a realm.
> 
> So yes, all their technical employees know about it.

There was some sarcasm in my remark ;-)

Cheers
-- t


signature.asc
Description: Digital signature

Re: Solution to "pathetic email complaints"

[Christopher Marlow]

On 8/19/19 3:41 PM, Michael Stone wrote:
And, there are paid mail services which are nonetheless pretty 
terrible. All that using a paid mail service means is that you aren't 
using a free mail service.




I disagree... I like having my domain and email.. I just didn't like the 
way the free email accounts and some of their stupid rules and ways. I 
have had my domain since 2016 and I don't think I'd ever be able to go 
back to a free email address. Yes, I have free accounts but I just keep 
those around because I've had those accounts for years.


--
Thanks in advance!
Chris

ch...@cwm030.com

Re: Solution to "pathetic email complaints"

[Michael Stone]

On Mon, Aug 19, 2019 at 10:33:22PM +0200, Étienne Mollier wrote:

Besides, even when paying for your mail provider does not mean
Google won't read the mail received on the Gmail inbox of your


And, there are paid mail services which are nonetheless pretty terrible. 
All that using a paid mail service means is that you aren't using a free 
mail service.

Re: Solution to "pathetic email complaints"

[Étienne Mollier]

David Wright, on 2019-08-19:
> On Mon 19 Aug 2019 at 13:35:13 (-0500), Richard Owlett wrote:
> > TANSTAAFL, TINSTAAFL, TNSTAAFLetc ;/
> > I have a *PAID* email provider.
> > I have a *PAID* Usenet provider.
> >
> >
> > IOW
> >   *CHEAPSKATES LOSE*
> >
> >u get what you paid for
>
> It's reasonable to demand to know what you're giving in exchange for
> a free service. Many of these providers aren't exactly forthcoming
> about what that is. But I don't think you've advanced the discussion.

Besides, even when paying for your mail provider does not mean
Google won't read the mail received on the Gmail inbox of your
recipient.  We are all in the same boat, somehow.

Kind regards,
-- 
Étienne Mollier 
  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d
another guy paying for his email




signature.asc
Description: OpenPGP digital signature

Re: Solution to "pathetic email complaints"

[David Wright]

On Mon 19 Aug 2019 at 13:35:13 (-0500), Richard Owlett wrote:
> TANSTAAFL, TINSTAAFL, TNSTAAFLetc ;/
> I have a *PAID* email provider.
> I have a *PAID* Usenet provider.
> 
> 
> IOW
>   *CHEAPSKATES LOSE*
> 
>u get what you paid for

It's reasonable to demand to know what you're giving in exchange for
a free service. Many of these providers aren't exactly forthcoming
about what that is. But I don't think you've advanced the discussion.

Cheers,
David.

Re: duckduckgo

[steef]

On 19-08-19 17:45, rhkra...@gmail.com wrote:

On Monday, August 19, 2019 08:27:57 AM steef wrote:

On 19-08-19 00:41, rhkra...@gmail.com wrote:

On Sunday, August 18, 2019 05:27:07 PM steef wrote:

On 18-08-19 22:04, rhkra...@gmail.com wrote:

On Sunday, August 18, 2019 01:16:59 PM nektarios wrote:

--< snip >--


I have a similar setup as yours but am getting no popups from my
browser (firefox) and no ad blocker at all as I m using legit sites
that have income from ads. Why do you think the popups originate from
duckduckgo?


@steef,

Are you actually getting pop-up ads, or are you just seeing search
results that might be considered advertisements as they focus on a
particular company / product?

I don't get pop-ups, but some of the search results might be considered
ads, and, if so, I don't know what can be done about that.


.I get sometimes results that may be considered ads with the fonts
'ADV' added


Is that the problem you are concerned about?


well, yes. because it is possible to avoid these sites for only one session
using duckduckgo. the next session one must again block out these sites.
that is cumbersome and annoying allthough i understand that duckduckgo
somehow must get paid for.


How do you block out those search results?  Do you put something in the search
that says something like "not:?

.well: on the right side on top of the duckduckgo page you see/find four small lines. touch these and you see a row with further 
possibilities. One of these possibilities is the english equivalent of 'overige instellingen'(dutch): something like 'remaining settings' 
click on these 'settings' and you see another row  with advertenties (dutch) advertisement i guess in english. click once on advertisement 
(or whatever) to put them off ('uit' in dutch). if you put your browser off and afterwards on again you must repeat this imho  tedious 
process to pue them off again and so on. that's it and i hope i am clear enough.


cheers,

steef

Re: duckduckgo

[Celejar]

On Mon, 19 Aug 2019 20:50:05 +0100
Joe  wrote:

> On Mon, 19 Aug 2019 09:19:37 -0400
> Celejar  wrote:
> 
> > On Mon, 19 Aug 2019 10:23:44 +0200
> >  wrote:
> > 
> > > On Sun, Aug 18, 2019 at 06:26:20PM -0400, Celejar wrote:  
> > > > On Sun, 18 Aug 2019 22:52:07 +0200
> > > >  wrote:  
> > 
> > ...
> > 
> > > >I certainly need to use numerous sites
> > > > (bill paying, banking, etc.) that require JS to function.  
> > > 
> > > There's no clear-cut, generally valid thing here. I've the luck to
> > > live in a country (Germany) where an open protocol for banking
> > > exists (HBCI), and a free software implementing that protocol. So,
> > > thanks $DEITY, I just can do my bank things from the command line.
> > > There are other things (tax decl), where I've to use my browser,
> > > with javascript. This browser runs in a separate user session, with
> > > another user ID.  
> > 
> > Yes, I'm a bit jealous of you Europeans in this regard ;) 
> 
> In the UK, pretty much all retail sites that do some kind of product
> display need JS. I compromise in that I'll allow JS from the named site
> and other sites clearly related to it but not from anyone else.

I think the same is largely true in the US. E.g., a typical Newegg.com
page won't display product images unless JS is allowed from both
newegg.com and neweggimages.com

Celejar

Re: SLAPD_SENTINEL_FILE problem and openldap / slapds jessie changelog missing

[Andrei POPESCU]

On Lu, 19 aug 19, 15:15:03, Neo wrote:
> Hi Debian lovers
> 
> I struggle to find the current changelog for slapd/openldap.

Try 'apt changelog slapd'.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: webmail and email from command line

[Joe]

On Mon, 19 Aug 2019 17:19:58 +0200
 wrote:


> 
> So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
> only.
> 

MS has used Active Directory in some form or other since Win2000, and
AD is basically Kerberos plus LDAP. An AD 'domain' is basically a realm.

So yes, all their technical employees know about it.

-- 
Joe

Re: webmail and email from command line

[Joe]

On Mon, 19 Aug 2019 14:20:29 -0400
Celejar  wrote:

> On Mon, 19 Aug 2019 19:33:55 +0200
> Alessandro Vesely  wrote:
> 
> > On Mon 19/Aug/2019 18:05:57 +0200 Celejar wrote:  
> > > On Mon, 19 Aug 2019 17:21:40 +0200
> > >  wrote:
> > >   
> > >> On Mon, Aug 19, 2019 at 10:06:33AM -0400, Celejar wrote:
> > >>
> > >> [...]
> > >>  
> > >>> I'd love to run my own mail stack, and I think I could handle
> > >>> the software deployment reasonably well, but from everything
> > >>> I've read, the headaches required to make sure that major mail
> > >>> operators will actually accept my mail are more than I have
> > >>> time or patience for:  
> > >>
> > >> It's not /that/ bad. I'm doing it myself, and I'm a C programmer.
> > >> As a sysad I'm a catastrophe :-)  
> > > 
> > > As I've explained, I'm not scared of the basic software
> > > configuration and deployment. I have no patience, however, for
> > > constant monitoring to make sure I stay off blacklists, and
> > > dealing with all sorts of unspecified rules and conditions
> > > established by various organizations for them to accept my mail.  
> > 
> > 
> > The most difficult thing is obtaining an suitable Internet
> > connection.  
> 
> Quite so.

People in the land that invented the Internet often have remarkably
little choice in terms of Internet connection. Many people have only one
option. There are at least three ISPs in the UK which have 'good' IP
addresses and keep them that way.

-- 
Joe

Re: duckduckgo

[Joe]

On Mon, 19 Aug 2019 09:19:37 -0400
Celejar  wrote:

> On Mon, 19 Aug 2019 10:23:44 +0200
>  wrote:
> 
> > On Sun, Aug 18, 2019 at 06:26:20PM -0400, Celejar wrote:  
> > > On Sun, 18 Aug 2019 22:52:07 +0200
> > >  wrote:  
> 
> ...
> 
> > >I certainly need to use numerous sites
> > > (bill paying, banking, etc.) that require JS to function.  
> > 
> > There's no clear-cut, generally valid thing here. I've the luck to
> > live in a country (Germany) where an open protocol for banking
> > exists (HBCI), and a free software implementing that protocol. So,
> > thanks $DEITY, I just can do my bank things from the command line.
> > There are other things (tax decl), where I've to use my browser,
> > with javascript. This browser runs in a separate user session, with
> > another user ID.  
> 
> Yes, I'm a bit jealous of you Europeans in this regard ;) 

In the UK, pretty much all retail sites that do some kind of product
display need JS. I compromise in that I'll allow JS from the named site
and other sites clearly related to it but not from anyone else.

I'm sort of learning Laravel at the moment, but most of the tutorials
connected with Laravel itself contain lots of JS. Third party tutorials
are more likely to be JS-free. It appears that sites that are
mobile-friendly generally do so by including third-party JS.

-- 
Joe

Re: Compiling Linux with "bdver2" gcc optimization option

[Étienne Mollier]

Franco Martelli, on 2019-08-19:
> I was thinking to submit a bug report against gcc-8 package. Now that I
> have a work around, "bdver1" compiles without warnings, I can say
> enough, what do you think about?

I don't know, to me it sounds more like little bugs on kernel
side, patches silencing warnings from Gcc, one way or another,
happen quite often on that side.  See Linux 5.2.9 changelog,
there are a few ones there:

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.9

Since there is no official support for x86 architecture specific
build targets (other than the ones listed in Kconfig), chances
are the bug report would end up in "wontfix" state.  But you can
always give it a try; perhaps an actual break is lurking there,
waiting to happen in production.

Gcc-8 on its side is just trying its best to help one to develop
better code.  Its heuristics may not apply very well on kernel
object code however.  If you can reproduce this issue and
identify it as a false positive with a sample code, that is
another story of course.

Cheers,
-- 
Étienne Mollier 
  5ab1 4edf 63bb ccff 8b54  2fa9 59da 56fe fff3 882d




signature.asc
Description: OpenPGP digital signature

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

Hi.

On Mon, Aug 19, 2019 at 10:08:10PM +0300, Andrei POPESCU wrote:
> On Lu, 19 aug 19, 09:54:08, john doe wrote:
> > Hi Rico, thanks for your answer.
> > On 8/19/2019 9:37 AM, Reco wrote:
> > > On Mon, Aug 19, 2019 at 09:25:56AM +0200, john doe wrote:
> > >>
> > >> Here is the requested output from a test server:
> > >>
> > >> $ apt purge dbus -s
> > > <...>
> > >>   dbus* libpam-systemd*
> > >
> > > So, dbus is not needed there.
> > >
> > 
> > Okay, one more question, can you give me an example where dbus is
> > required on a non-desktop env or is cups requiring dbus?
> 
> I believe libpam-systemd (Depends: dbus) is necessary if you need 
> systemd user instances.

I'm genuinely interested in a usecase of these on *a server*.

Reco

Re: dbus-deamon avoiding reboot after upgrade

[Andrei POPESCU]

On Lu, 19 aug 19, 09:54:08, john doe wrote:
> Hi Rico, thanks for your answer.
> On 8/19/2019 9:37 AM, Reco wrote:
> > On Mon, Aug 19, 2019 at 09:25:56AM +0200, john doe wrote:
> >>
> >> Here is the requested output from a test server:
> >>
> >> $ apt purge dbus -s
> > <...>
> >>   dbus* libpam-systemd*
> >
> > So, dbus is not needed there.
> >
> 
> Okay, one more question, can you give me an example where dbus is
> required on a non-desktop env or is cups requiring dbus?

I believe libpam-systemd (Depends: dbus) is necessary if you need 
systemd user instances.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Compiling Linux with "bdver2" gcc optimization option

[Franco Martelli]

I was thinking to submit a bug report against gcc-8 package. Now that I
have a work around, "bdver1" compiles without warnings, I can say
enough, what do you think about?
Best regards

-- 
Franco Martelli

Re: Solution to "pathetic email complaints"

[Michael Howard]

On 19/08/2019 19:35, Richard Owlett wrote:

TANSTAAFL, TINSTAAFL, TNSTAAFL    etc ;/
I have a *PAID* email provider.
I have a *PAID* Usenet provider.


IOW
  *CHEAPSKATES LOSE*

   u get what you paid for





Er, glad you got that off your chest!

--
Mike Howard

Solution to "pathetic email complaints"

[Richard Owlett]

TANSTAAFL, TINSTAAFL, TNSTAAFLetc ;/
I have a *PAID* email provider.
I have a *PAID* Usenet provider.


IOW
  *CHEAPSKATES LOSE*

   u get what you paid for

Re: webmail and email from command line

[Celejar]

On Mon, 19 Aug 2019 19:33:55 +0200
Alessandro Vesely  wrote:

> On Mon 19/Aug/2019 18:05:57 +0200 Celejar wrote:
> > On Mon, 19 Aug 2019 17:21:40 +0200
> >  wrote:
> > 
> >> On Mon, Aug 19, 2019 at 10:06:33AM -0400, Celejar wrote:
> >>
> >> [...]
> >>
> >>> I'd love to run my own mail stack, and I think I could handle the
> >>> software deployment reasonably well, but from everything I've read,
> >>> the headaches required to make sure that major mail operators will
> >>> actually accept my mail are more than I have time or patience for:
> >>
> >> It's not /that/ bad. I'm doing it myself, and I'm a C programmer.
> >> As a sysad I'm a catastrophe :-)
> > 
> > As I've explained, I'm not scared of the basic software configuration
> > and deployment. I have no patience, however, for constant monitoring to
> > make sure I stay off blacklists, and dealing with all sorts of
> > unspecified rules and conditions established by various organizations
> > for them to accept my mail.
> 
> 
> The most difficult thing is obtaining an suitable Internet connection.

Quite so.

Celejar

Re: gzip and old files

[Greg Wooledge]

On Mon, Aug 19, 2019 at 08:03:42PM +0200, Hans wrote:
> Isn't it "gunzip rc.custom.gz"???

That's identical to gzip -d rc.custom.gz.

Re: gzip and old files

[Hans]

Isn't it "gunzip rc.custom.gz"???

Best

Hans
> I cannot reproduce that with gzip 1.9-3, it decompresses the file just
> fine.  Is your rc.custom.gz identical to what I have and what is
> attached?
> 
> Cheers,
>Sven



signature.asc
Description: This is a digitally signed message part.

Re: gzip and old files

[Sven Joachim]

On 2019-08-19 12:39 -0500, Martin McCormick wrote:

>   I am trying to unzip rc.custom.gz from tomsrtbt so I can
> give it a serial console. All you need do is modify /etc/inittab
> and add a line defining one of the serial ports as a console
> login.
>
>   Normally, this is trivial and one should just give the
> command
>
> gzip -d rc.custom.gz
>
> and, assuming /etc/inittab becomes accessible, edit it and gzip
> it back up and replace the old rc.custom.gz with the new one.
>
>   The problem is that in 2002, gzip apparently worked
> differently so if you use modern gzip on it, it just complains
>
> $ gzip -d rc.custom.gz
>
> gzip: rc.custom.gz: not in gzip format

I cannot reproduce that with gzip 1.9-3, it decompresses the file just
fine.  Is your rc.custom.gz identical to what I have and what is
attached?

Cheers,
   Sven



rc.custom.gz
Description: application/gzip

Re: Why do UID values of system users matter?

[David Wright]

On Mon 19 Aug 2019 at 09:17:21 (-0400), Greg Wooledge wrote:
> On Fri, Aug 16, 2019 at 11:03:48PM -0400, Kenneth Parker wrote:
> > >From looking at an Ubuntu 16.04 System I administer, User "man" (uid 6) is,
> > apparently the owner of /var/cache/man, which appears to be an area for
> > translating man pages.  Who creates this User?
> 
> I don't know about Ubuntu, because this is debian-user.  In Debian,
> the preinst script for the base-passwd package will create a bunch
> of system users if /etc/passwd is not present, and groups if /etc/group
> is not present.
> 
> See /var/lib/dpkg/info/base-passwd.preinst for details.
> 
> One might ponder under what conditions, exactly, this script would be
> executed while these files are not yet present.  I don't know the inner
> workings of the debian-installer, so I'm not sure whether this is just
> a safety net, or an expected part of a normal system installation.

base-passwd is the first package installed at "Install the base system"
which follows "Partition disks", so it would normally expect to be
installed into an empty partition. I should add, though, that it gets
re-unpacked, re-installed and set up a few seconds later, when about
a score of other packages have been set up. I would assume a preinst
script would run on the first occurrence.

What's odd to me is that the base-passwd preinst file has two Here
documents which duplicate its /usr/share/base-passwd/*master files.
Perhaps ok for files that only change on a time-scale of decades, but
I wonder why the /etc versions are not just copied from the masters.

Cheers,
David.

Re: gzip and old files

[Greg Wooledge]

On Mon, Aug 19, 2019 at 12:39:47PM -0500, Martin McCormick wrote:
>   The problem is that in 2002, gzip apparently worked
> differently so if you use modern gzip on it, it just complains

Sounds unlikely.

> $ gzip -d rc.custom.gz
> 
> gzip: rc.custom.gz: not in gzip format

Where did you get this file?  What does file(1) say about it?  How about
gzip --test?

I think it's more likely that your file is corrupt, than that gzip has
decided to become incompatible with itself.

gzip and old files

[Martin McCormick]

I am trying to unzip rc.custom.gz from tomsrtbt so I can
give it a serial console. All you need do is modify /etc/inittab
and add a line defining one of the serial ports as a console
login. 

Normally, this is trivial and one should just give the
command

gzip -d rc.custom.gz

and, assuming /etc/inittab becomes accessible, edit it and gzip
it back up and replace the old rc.custom.gz with the new one.

The problem is that in 2002, gzip apparently worked
differently so if you use modern gzip on it, it just complains

$ gzip -d rc.custom.gz

gzip: rc.custom.gz: not in gzip format

I tried tar zxf as some suggested in searches of
discussion lists so the problem is most likely related to
different libraries used back then compared with ones we have now.

For those who may not know, tomsrtbt is a clever bit of
obsolete technology that crams an incredible amount of Linux on
to a 1.7 MB floppy.  That is actually a standard 1.4 MB floppy
which is formatted with the sectors squeezed more tightly
together, giving you 82 tracks and 21 sectors per track as well
as a warning that it could harm your floppy drive although most
just work fine without complaint.

Is there a reasonable way to uncompress this archive?

The documentation written with tomsrtbt contains a line
stating,

Of course, you have to uncompress rc.custom with gzip -d
to edit anything within, but the impression I get is that this
command worked back then.

He also mentioned all the tools on the disk worked
against libc5 so one probably needs a $LOAD_LIBRARY_PATH pointing
to a working version of that lib.

I got a serial console going on tomsrtbt by booting it
up, going in to /etc/inittab and adding a serial tty which
one must activate by kill -HUP 1.  It worked but I would like to
make a disk that just starts that way.

Any good ideas are appreciated.

If I could find the right rock to turn over, I might find
a libc5 to wakeup what's already on the disk.

This is certainly not urgent but I feel like this is a
good training session if nothing else.

Most of the standard unix utilities like ls, mount cd and
a bunch more are there and work properly as nearly as I can tell.

Martin McCormick

Re: webmail and email from command line

[Alessandro Vesely]

On Mon 19/Aug/2019 18:05:57 +0200 Celejar wrote:
> On Mon, 19 Aug 2019 17:21:40 +0200
>  wrote:
> 
>> On Mon, Aug 19, 2019 at 10:06:33AM -0400, Celejar wrote:
>>
>> [...]
>>
>>> I'd love to run my own mail stack, and I think I could handle the
>>> software deployment reasonably well, but from everything I've read,
>>> the headaches required to make sure that major mail operators will
>>> actually accept my mail are more than I have time or patience for:
>>
>> It's not /that/ bad. I'm doing it myself, and I'm a C programmer.
>> As a sysad I'm a catastrophe :-)
> 
> As I've explained, I'm not scared of the basic software configuration
> and deployment. I have no patience, however, for constant monitoring to
> make sure I stay off blacklists, and dealing with all sorts of
> unspecified rules and conditions established by various organizations
> for them to accept my mail.


The most difficult thing is obtaining an suitable Internet connection.
 As an alternative, someone upstream suggested a hosting site.  I keep
forgetting how that would be better than Google.  I get quite a few
thank-you messages every day from DigitalOcean Security, Google Cloud
Platform, Amazon EC2, and similar providers to whom my server sends
abuse complaints automatically.  Sometimes I get notifications that
the relevant account was stroked.  What does go wrong there?

For one thing, among the eight support tools listed in the cited Ars
Technica howto there's no firewall.  Having the server /in the office/
and working at its console makes it much easier to see what's going
on.  I think that's what everybody should be doing.  It is a social
abuse that server connections cost so much more than residential ones,
and if I were a conspiracy theorist I would point my finger there.


Best
Ale

Why I mistrust bigcorps [was: webmail and email from command line]

[tomas]

[note: veering dangerously off-topic. If anyone kicks us out,
I'll accept without protesting]

On Mon, Aug 19, 2019 at 12:03:25PM -0400, Celejar wrote:
> On Mon, 19 Aug 2019 17:19:58 +0200
>  wrote:

[...]

> > Edited by D. Hardt, Microsoft. Hmmm.
> 
> Ad hominem.

rather ad corporationem. Mr. Hardt most probably is a nice guy
himself.


> > > Third-party applications are required to store the resource
> > >   owner's credentials for future use, typically a password in
> > >   clear-text.
> > 
> > So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
> > only.
> 
> Not sure what your point is here: how are the relative merits of
> OAuth and Kerberos [...]

The way you quoted rfc6749 made it seem that its way of handling
third-party authentication was unique. It is not. But for "normal"
mail business it isn't even necessary!

> > But I disgress: more interesting is this [1]:
> > 
> >"Eran Hammer resigned his role of lead author for the OAuth
> > 2.0 project, withdrew from the IETF working group, and removed
> > his name from the specification in July 2012. Hammer cited a
> > conflict between web and enterprise cultures as his reason
> > for leaving, noting that IETF is a community that is 'all
> > about enterprise use cases' and 'not capable of simple.'"
> 
> Not sure how this is relevant to our discussion.
> 
> > See also "decommoditizing protocols [2]
> 
> Relevance? Explain?

It is very much: it illustrates how bigcorps subvert standadrs
processes and use their leverage to influence perception ("not
secure" as a moniker for "not OAuth" or "not our way") to nudge
people.

> You're not addressing what I wrote: I cited the OAuth RFC's explanation
> for why something like OAuth is more secure than plain password
> authentication. You've thrown in all sorts of interesting history and
> ideology, but haven't directly addressed the points in the RFC.

OAuth may be "more secure for third-party website authentication",
that is what it was made for. It definitely isn't more secure
than "pasword authentication over a verified TLS link", and that's
how e.g. IMAP works. Heck, I'd venture that IMAPS is more secure,
because simpler (no third party).

> > > I was referring to the client side - Chrome / Chromium achieved
> > > dominance (particularly on the desktop) largely because they were
> > > widely recognized as being more performant than the alternatives.
> > 
> > Remember that Google is an advertising company?
> 
> Of course I remember, but you keep ignoring the technical points I'm
> making, and instead argue from ideology and innuendo. Do you or
> do you not agree that much of Chrome / Chromium's success for years was
> due to its technical merits?

Not really. Firefox had its weak phase, but it was short and seems
over. And I'm sure that it is in Google's strategy to influence that
perception.

Cheers
-- t


signature.asc
Description: Digital signature

Re: Why do UID values of system users matter?

[David Wright]

On Mon 19 Aug 2019 at 09:24:59 (-0400), Greg Wooledge wrote:
> On Fri, Aug 16, 2019 at 11:42:12PM -0500, David Wright wrote:
> > Difficult to say. My reaction would be to check the ownership of all
> > non-root-owned files. Because of the potential for trouble like the
> > above, I routinely keep a list on each system.
> > 
> > # find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s
> > %s  %s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files
> 
> The use of $11 here assumes the filename doesn't contain any whitespace.
> It'll break if one does.  You'd be better off using GNU find's -printf
> features, than parsing the output of -ls with awk.

Yes, I expect the reason I haven't lost anything in my listing is that
whitespace is sensibly avoided in these system files.

> Looks like you want the username, groupname, and filename.  So that would
> be:
> 
> find / -mount \( ! group 0 -o ! -user 0 \) -printf '%u  %g  %p\n' |
> sort -k 3 > /root/non-root-owned-files

Much appreciated improvement. (The - in -group got lost in transcription.)
Using \t tidies up the columniation too:

# find / -mount \( ! -group 0 -o ! -user 0 \) -printf '%u\t%g\t%p\n' | …

Cheers,
David.

Re: Reprendre une migration échouée lors d'un apt- upgrade

[Migrec]

Le 19/08/2019 à 16:27, fab a écrit :


Oui. Mais comme j'ai abandonné la configuration de cacti, le paquet a 
été noté comme installé donc rien n'est proposé.


si tu utilises aptitude:

aptitude reinstall cacti


J'ai tenté et c'est effectivement passé. Les bases cacti ont bien été 
migrées. Il me reste juste un capteur de température qui n'est plus graphé.


Merci !
--
Migrec

Re: touchpad annoyance, vertscroll area clickable

[Dan Ritter]

bw wrote: 
> It's a small thing, but very annoying.  Using synaptics driver 
> (xserver-xorg-input) on stretch, kde-standard 5:92 (kde-plasma-desktop)
> I want to setup the touchpad so that the vertical scroll area on the right 
> of the touchpad does not register a click when scrolling.
> 
> What happens is when scrolling various html, there are clicks registered 
> when picking up the finger and placing at the top again.  It's driving me 
> crazy(er)...
> 
> Here are the settings avaliable from synclient -l, any ideas?
> http://paste.debian.net/1096577/
> 

Use xev to figure out what events are being sent. event_mask
mouse should be helpful.

synclient options you might try:

maxtaptime
maxtapmove
singletaptimeout
maxdoubletaptime
tapanddraggesture


and you might prefer turning off vertedgescroll and using:

circular scrolling:

circscrolltrigger and
circularscrolling

or

verttwofingerscroll

or setting
ltcornerbutton = 4
lbcornerbutton = 5

to use corners as scroll buttons

Re: Network/Settings (ou l'applet network-manager) fait disparaître la connexion bridge créée si on la désactive

[roger . tarani]

- Original Message -
> From: "Fabien R" 
> To: debian-user-french@lists.debian.org
> Sent: Monday, August 19, 2019 8:36:38 AM
> Subject: Re: Network/Settings (ou l'applet network-manager) fait disparaître 
> la connexion bridge créée si on la
> désactive
> 
> On 19/08/2019 01:46, roger.tar...@free.fr wrote:
> > Quant à analyser et corriger le code, pourquoi pas, mais c'est une
> > autre aventure.
> > Est-ce jouable selon vous ?
> C'est le principe même du libre.
> Si une fonctionnalité manque ou un bug te bloque de façon critique...
> 
> --
> Fabien
> 
> 

Oui. C'est intéressant.

Peux-tu me guider ? 

C'est le code qui présente un GUI avec des boutons à glissière (image jointe).

J'ai identifié que lancer Settings/Network crée le processus 
"gnome-control-center network"
$ ps -aux | grep 'gnome'
...
0 S test   18606  1327  4  80   0 - 165664 x64_sy 18:39 tty200:00:00 
gnome-control-center network

$ dpkg-query -l gnome-control-center
+++----
ii  gnome-control-center 1:3.30.3-1   amd64utilities to configure the 
GNOME desktop

le code est là :
https://github.com/GNOME/gnome-control-center/tree/gnome-3-30
https://github.com/GNOME/gnome-control-center/tree/gnome-3-30/panels/network

J'aimerais essayer la 3.32 qui est disponible pour voir si le problème perdure.
Comment faire ça proprement et de manière réversible sans casser mon système 
Debian Buster tout neuf ?
Jene fais jamais ça d'habitude.

Ensuite, je peux essayer de voir ce que je comprends  dans le  code (C) et 
effectuer des modifications mineures.
S'il faut appréhender tout le code de network, ça va être plus complexe.
As-tu une idée de par quel bout commencer ?

Merci.

Re: dbus-deamon avoiding reboot after upgrade

[Bastien Durel]

Le lundi 19 août 2019 à 10:15 -0400, Greg Wooledge a écrit :
> On Mon, Aug 19, 2019 at 11:41:33AM +0200, Bastien Durel wrote:
> > Ok, there muste have been an error somewhere ...
> > 
> > root@corrin-2:~# apt-cache policy systemd-container
> > systemd-container:
> >   Installed: (none)
> >   Candidate: 241-5
> >   Version table:
> >  241-5 500
> > 500 http://ftp.fr.debian.org/debian buster/main amd64
> > PackagesPackages
> > root@corrin-2:~# dpkg -S /usr/bin/systemd-nspawn 
> > dpkg-query: no path found matching pattern /usr/bin/systemd-nspawn
> 
> Are you saying that you installed systemd-nspawn from something other
> than a Debian package, *and* you put it in the /usr/bin directory?
> That's a really poor decision -- local add-ons should be in
> /usr/local
> or in /opt.
> 
> Also, it appears you were relying on various dependenent packages,
> like
> dbus, without knowing it, since the thing that was actually using
> them
> wasn't installed via the packaging system.  That's something you will
> have to track yourself.  There's no way apt can do it for you.
> 
No, I had a problem during the jessie > strech migration, which leds to
/var/lib/dpkg corruption.
I "recovered" via a manual re-installation of all jessie deb files
found in /var/cache/apt, but some packages seems to have been missing
from dpkg index, despite beeing installed.

I found a few other files related to non-recorded jessie packages in
/usr/bin, like /usr/bin/pydoc3.4 or /usr/bin/mutt-org [1]

I re-installed some of the packages, purged some others, and I won't do
a full reinstall because I'm too lazy ;)

[1] https://paste.debian.net/1096576/

-- 
Bastien

Re: webmail and email from command line

[Celejar]

On Mon, 19 Aug 2019 17:21:40 +0200
 wrote:

> On Mon, Aug 19, 2019 at 10:06:33AM -0400, Celejar wrote:
> 
> [...]
> 
> > I'd love to run my own mail stack, and I think I could handle the
> > software deployment reasonably well, but from everything I've read,
> > the headaches required to make sure that major mail operators will
> > actually accept my mail are more than I have time or patience for:
> 
> It's not /that/ bad. I'm doing it myself, and I'm a C programmer.
> As a sysad I'm a catastrophe :-)

As I've explained, I'm not scared of the basic software configuration
and deployment. I have no patience, however, for constant monitoring to
make sure I stay off blacklists, and dealing with all sorts of
unspecified rules and conditions established by various organizations
for them to accept my mail.

Celejar

Re: webmail and email from command line

[Celejar]

On Mon, 19 Aug 2019 17:19:58 +0200
 wrote:

> On Mon, Aug 19, 2019 at 09:47:55AM -0400, Celejar wrote:
> > On Mon, 19 Aug 2019 10:32:31 +0200
> >  wrote:
> > 
> > > On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> > > > On Sun, 18 Aug 2019 23:43:35 +0200
> > > >  wrote:
> > > > 
> > > > > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > > > > On Fri, 16 Aug 2019 10:10:35 +0200
> > > 
> > > [...]
> > > 
> > > > I think terming Google's decision to call software that doesn't
> > > > implement OAuth "less secure" "evil" is hyperbole [...]
> > > 
> > > This nicely demonstrates my point: OAuth is a HTTP oriented access
> > > delegation protocol. Why should that be at all relevant, e.g. in
> > > the context of IMAP?
> > 
> > >From the Introduction to RFC 6749:
> 
> Edited by D. Hardt, Microsoft. Hmmm.

Ad hominem.

> > *
> > 
> > In the traditional client-server authentication model [...]
> 
> > Third-party applications are required to store the resource
> >   owner's credentials for future use, typically a password in
> >   clear-text.
> 
> So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
> only.

Not sure what your point is here: how are the relative merits of
OAuth and Kerberos relevant to the underlying question of whether it is
or is not reasonable for Google to call OAuth more secure than plain
password authentication?

> But I disgress: more interesting is this [1]:
> 
>"Eran Hammer resigned his role of lead author for the OAuth
> 2.0 project, withdrew from the IETF working group, and removed
> his name from the specification in July 2012. Hammer cited a
> conflict between web and enterprise cultures as his reason
> for leaving, noting that IETF is a community that is 'all
> about enterprise use cases' and 'not capable of simple.'"

Not sure how this is relevant to our discussion.

> See also "decommoditizing protocols [2]

Relevance? Explain?

> > You can argue that none of this matters to you, since you trust
> > whatever OSS software you're using, but I stand by what I wrote that
> > it's unfair to term Google's decision to refer to applications that
> > don't implement OAuth "less secure" "evil".
> 
> Whatever you mean by "none of this": I am interested in security.
> But in /my/ security, on in /your/ security -- not Google's or
> Microsoft's (or whatever bigcorp's out there). Much less in their
> business model's security.

You're not addressing what I wrote: I cited the OAuth RFC's explanation
for why something like OAuth is more secure than plain password
authentication. You've thrown in all sorts of interesting history and
ideology, but haven't directly addressed the points in the RFC.

> > I was referring to the client side - Chrome / Chromium achieved
> > dominance (particularly on the desktop) largely because they were
> > widely recognized as being more performant than the alternatives.
> 
> Remember that Google is an advertising company?

Of course I remember, but you keep ignoring the technical points I'm
making, and instead argue from ideology and innuendo. Do you or
do you not agree that much of Chrome / Chromium's success for years was
due to its technical merits?

> > Firefox may be catching up now, but my impression is that for years,
> > both experts as well as laymen often preferred Chrome / Chromium
> > because of its speed. [Note that I have always stuck to Firefox for
> > almost all my browsing, largely because I don't like / trust Google, so
> > we're not as far apart as we might seem.]
> 
> [...]
> 
> > We agree - I want it out of my cereal bowl as well ;)
> 
> Google-free cereals for all ;-D

On this we agree!

Celejar

Re: webmail and email from command line

[tomas]

On Mon, Aug 19, 2019 at 11:29:04AM -0400, Jude DaShiell wrote:

> Google could evaluate the non-browser software in use and pass what is
> secure and fail the other packages with explanations for the authors of
> failed packages [...]

I think it's more subtle than that. "Traditional" (i.e. non-Webmail)
clients are qualified as "insecure" although they haven't to be.

This will softly nudge people towards (Google) webmail.

OTOH I don't want to be misunderstood. Google is big, and they actually
do a couple of things which benefit us all. Project Zero, for one.
Google Summer of Code, for another.

Cheers
-- tomás


signature.asc
Description: Digital signature

Re: webmail and email from command line

[Jude DaShiell]

On Mon, 19 Aug 2019, to...@tuxteam.de wrote:

> Date: Mon, 19 Aug 2019 11:19:58
> From: to...@tuxteam.de
> To: debian-user@lists.debian.org
> Subject: Re: webmail and email from command line
>
> On Mon, Aug 19, 2019 at 09:47:55AM -0400, Celejar wrote:
> > On Mon, 19 Aug 2019 10:32:31 +0200
> >  wrote:
> >
> > > On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> > > > On Sun, 18 Aug 2019 23:43:35 +0200
> > > >  wrote:
> > > >
> > > > > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > > > > On Fri, 16 Aug 2019 10:10:35 +0200
> > >
> > > [...]
> > >
> > > > I think terming Google's decision to call software that doesn't
> > > > implement OAuth "less secure" "evil" is hyperbole [...]
> > >
> > > This nicely demonstrates my point: OAuth is a HTTP oriented access
> > > delegation protocol. Why should that be at all relevant, e.g. in
> > > the context of IMAP?
> >
> > >From the Introduction to RFC 6749:
>
> Edited by D. Hardt, Microsoft. Hmmm.
>
> > *
> >
> > In the traditional client-server authentication model [...]
>
> > Third-party applications are required to store the resource
> >   owner's credentials for future use, typically a password in
> >   clear-text.
>
> So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
> only.
>
> But I disgress: more interesting is this [1]:
>
>"Eran Hammer resigned his role of lead author for the OAuth
> 2.0 project, withdrew from the IETF working group, and removed
> his name from the specification in July 2012. Hammer cited a
> conflict between web and enterprise cultures as his reason
> for leaving, noting that IETF is a community that is 'all
> about enterprise use cases' and 'not capable of simple.'"
>
> See also "decommoditizing protocols [2]
>
> > You can argue that none of this matters to you, since you trust
> > whatever OSS software you're using, but I stand by what I wrote that
> > it's unfair to term Google's decision to refer to applications that
> > don't implement OAuth "less secure" "evil".
>
> Whatever you mean by "none of this": I am interested in security.
> But in /my/ security, on in /your/ security -- not Google's or
> Microsoft's (or whatever bigcorp's out there). Much less in their
> business model's security.
>
> > I was referring to the client side - Chrome / Chromium achieved
> > dominance (particularly on the desktop) largely because they were
> > widely recognized as being more performant than the alternatives.
>
> Remember that Google is an advertising company?
>
> > Firefox may be catching up now, but my impression is that for years,
> > both experts as well as laymen often preferred Chrome / Chromium
> > because of its speed. [Note that I have always stuck to Firefox for
> > almost all my browsing, largely because I don't like / trust Google, so
> > we're not as far apart as we might seem.]
>
> [...]
>
> > We agree - I want it out of my cereal bowl as well ;)
>
> Google-free cereals for all ;-D
>
> Cheers
>
> [1] https://en.wikipedia.org/wiki/OAuth#Controversy
> [2] https://www.levien.com/free/decommoditizing.html

Google could evaluate the non-browser software in use and pass what is
secure and fail the other packages with explanations for the authors of
failed packages but what google could do and what google is doing or will
be doing are three different matters altogether.  Lord Ackton in his full
quote had a few things to say about this and other corporate situations
in which we find ourselves these days.  By the way, his full quote is
longer than its first seven words and even better for that for my money.

>
> -- t >

-- 

Re: Darse de baja y el último adiós

[Guido Ignacio]

El jue., 15 ago. 2019 a las 10:32, Miguel Matos
() escribió:
>
> Muy buenas a todos los integrantes de la lista. He decidido darme una baja 
> definitiva porque, durante los últimos 2 años, he visto un decaímiento 
> radical tanto en la calidad de la lista como en la atención facilitada. 
> Adicionalmente, se mandan ahora más mensajes totalmente #offtopic sin 
> siquiera dar especificación de ello. Por lo que mi último mensaje es este: 
> busquen mejor el apoyo de sus necesidades en los grupos de Telegram. Debian 
> tiene como dos grupos en español donde pueden recibir mejor apoyo (no 
> garantizo una mejor atención, pero sí que será mejor que la que se da acá). Y 
> con esto me retiro a Telegram.
>
> --
>
> Ayuda para hacer preguntas inteligentes: http://is.gd/NJIwRz

Y dicho sea de paso mandaste un OT sin especificarlo.en fin,
estamos asi porque todos contribuimos a ello.

Re: webmail and email from command line

[tomas]

On Mon, Aug 19, 2019 at 10:06:33AM -0400, Celejar wrote:

[...]

> I'd love to run my own mail stack, and I think I could handle the
> software deployment reasonably well, but from everything I've read,
> the headaches required to make sure that major mail operators will
> actually accept my mail are more than I have time or patience for:

It's not /that/ bad. I'm doing it myself, and I'm a C programmer.
As a sysad I'm a catastrophe :-)

Cheers
-- t


signature.asc
Description: Digital signature

Re: webmail and email from command line

[tomas]

On Mon, Aug 19, 2019 at 09:47:55AM -0400, Celejar wrote:
> On Mon, 19 Aug 2019 10:32:31 +0200
>  wrote:
> 
> > On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> > > On Sun, 18 Aug 2019 23:43:35 +0200
> > >  wrote:
> > > 
> > > > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > > > On Fri, 16 Aug 2019 10:10:35 +0200
> > 
> > [...]
> > 
> > > I think terming Google's decision to call software that doesn't
> > > implement OAuth "less secure" "evil" is hyperbole [...]
> > 
> > This nicely demonstrates my point: OAuth is a HTTP oriented access
> > delegation protocol. Why should that be at all relevant, e.g. in
> > the context of IMAP?
> 
> >From the Introduction to RFC 6749:

Edited by D. Hardt, Microsoft. Hmmm.

> *
> 
> In the traditional client-server authentication model [...]

> Third-party applications are required to store the resource
>   owner's credentials for future use, typically a password in
>   clear-text.

So for Mr. Hardt, Kerberos doesn't exist. Or he's talking HTTP context
only.

But I disgress: more interesting is this [1]:

   "Eran Hammer resigned his role of lead author for the OAuth
2.0 project, withdrew from the IETF working group, and removed
his name from the specification in July 2012. Hammer cited a
conflict between web and enterprise cultures as his reason
for leaving, noting that IETF is a community that is 'all
about enterprise use cases' and 'not capable of simple.'"

See also "decommoditizing protocols [2]

> You can argue that none of this matters to you, since you trust
> whatever OSS software you're using, but I stand by what I wrote that
> it's unfair to term Google's decision to refer to applications that
> don't implement OAuth "less secure" "evil".

Whatever you mean by "none of this": I am interested in security.
But in /my/ security, on in /your/ security -- not Google's or
Microsoft's (or whatever bigcorp's out there). Much less in their
business model's security.

> I was referring to the client side - Chrome / Chromium achieved
> dominance (particularly on the desktop) largely because they were
> widely recognized as being more performant than the alternatives.

Remember that Google is an advertising company?

> Firefox may be catching up now, but my impression is that for years,
> both experts as well as laymen often preferred Chrome / Chromium
> because of its speed. [Note that I have always stuck to Firefox for
> almost all my browsing, largely because I don't like / trust Google, so
> we're not as far apart as we might seem.]

[...]

> We agree - I want it out of my cereal bowl as well ;)

Google-free cereals for all ;-D

Cheers

[1] https://en.wikipedia.org/wiki/OAuth#Controversy
[2] https://www.levien.com/free/decommoditizing.html

-- t


signature.asc
Description: Digital signature

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

[John Kerr Anderson]

I tried the suggestions by Curt to add "snd_hda_intel.probe_mask=0x01" and
it seemed to work after boot.

Nektarios suggestion to run "alsactl init" which returned this:

Found hardware: "HDA-Intel" "Realtek ALC269VC"
"HDA:10ec0269,17aa380f,00100203 HDA:8086280d,80860101,0010" "0x17aa"
"0x3807"
Hardware is initialized using a generic method

"cat /proc/asound/cards" returned this:

 0 [PCH]: HDA-Intel - HDA Intel PCH
  HDA Intel PCH at 0xa131 irq 130

Do I need to manually update Alsa to get the audio to work properly? Any
suggestions would be helpful, thank you everyone for their input.

Regards,

John

On Mon, 19 Aug 2019 at 05:50, Nektarios Katakis <
nektar...@mail.nektarioskatakis.xyz> wrote:

> On Sun, 18 Aug 2019 18:09:50 -0400
> John Kerr Anderson  wrote:
>
> > Here is the output when it is working:
> >
> > aplay -l
> >  List of PLAYBACK Hardware Devices 
> > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > Analog] Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> >
> >
> > And here it is when it isn't working:
> >
> > ~$ aplay -l
> >  List of PLAYBACK Hardware Devices 
> > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > Analog] Subdevices: 0/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> > card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
> >   Subdevices: 1/1
> >   Subdevice #0: subdevice #0
> >
> > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > Analog] Subdevices: 1/1
> >
> > I notice when it's working the first entry says "Subdevices: 1/1" but
> > after I suspended the machine it says "Subdevices: 0/1"
> >
> > Also after I bring it up from suspend I notice when I use the hotkeys
> > to adjust the volume it goes from the internal speakers to
> > headphones.  If I plug headphones in I also don't have any audio
> > either.  Any suggestions on what I should do now?  Thank you for the
> > response so far!
> >
> > Regards,
> >
> > John
> >
> >
> > On Sun, 18 Aug 2019 at 17:50, Nektarios Katakis <
> > nektar...@mail.nektarioskatakis.xyz> wrote:
> >
> > > On Sun, 18 Aug 2019 14:06:57 -0400
> > > John Kerr Anderson  wrote:
> > >
> > > > Hello today,  I've got an Ideapad and after I suspend I cannot
> > > > get the audio to work when the system resumes.
> > > >
> > > > lspci -v returns the following for the audio section:
> > > >
> > > > 00:0e.0 Audio device: Intel Corporation Device 3198 (rev 03)
> > > > Subsystem: Lenovo Device 3807
> > > > Flags: bus master, fast devsel, latency 0, IRQ 25
> > > > Memory at a131 (64-bit, non-prefetchable) [size=16K]
> > > > Memory at a100 (64-bit, non-prefetchable) [size=1M]
> > > > Capabilities: [50] Power Management version 3
> > > > Capabilities: [80] Vendor Specific Information: Len=14 
> > > > Capabilities: [60] MSI: Enable- Count=1/1 Maskable- 64bit+
> > > > Capabilities: [70] Express Root Complex Integrated Endpoint, MSI
> > > > 00 Kernel driver in use: snd_hda_intel
> > > > Kernel modules: snd_hda_intel, snd_soc_skl
> > > >
> > > > In the system log I found the following audio related error
> > > > message as well:
> > > >
> > > > Aug 18 12:34:57 ideapad kernel: [   51.672003] snd_hda_intel
> > > > :00:0e.0: azx_get_response timeout, switching to polling mode:
> > > > last cmd=0x20bf8100 Aug 18 12:34:57 ideapad kernel: [   52.684197]
> > > > snd_hda_intel :00:0e.0: No response from codec, disabling MSI:
> > > > last cmd=0x20bf8100 Aug 18 12:34:57 ideapad kernel: [   53.695872]
> > > > snd_hda_intel :00:0e.0: azx_get_response timeout, switching to
> > > > single_cmd mode: last cmd=0x20bf8100 Aug 18 12:34:57 ideapad
> > > > kernel: [   53.696078] azx_single_wait_for_response: 9 callbacks
> > > > suppressed Aug 18 12:34:57 ideapad kernel: [   53.981143]
> > > > snd_hda_codec_hdmi hdaudioC0D2: Unable to sync register 0x2f0d00.
> > > > -5
> > > >
> > > >
> > > > Aug 18 12:36:42 ideapad kernel: [  158.417338]
> > > > 

Re: Reprendre une migration échouée lors d'un apt- upgrade

[fab]

Oui. Mais comme j'ai abandonné la configuration de cacti, le paquet a 
été noté comme installé donc rien n'est proposé.


si tu utilises aptitude:

aptitude reinstall cacti

?

f.



--
Migrec

Re: Reprendre une migration échouée lors d'un apt- upgrade

[Migrec]

Le 19/08/2019 à 15:27, Jean-Michel OLTRA a écrit :

 Bonjour,


Le lundi 19 août 2019, Migrec a écrit...



Mais du coup, comment puis-je reprendre la migration des bases de
données. La paquet cacti est noté comme "Installé" et si je me rends
sur l'interface, le processus de nouvelle installation semble de lancer
même s'il est fait mention d'une migration (NOTE:This process will
guide you through the steps for upgrading from version '1.1.31'.). Sauf
qu'avec Stretch, on en était à la 0.8 je crois.

As tu essayé tout bêtement de relancer un `apt-get upgrade` (ou aptitude
upgrade si tu utilises aptitude) ?


Oui. Mais comme j'ai abandonné la configuration de cacti, le paquet a 
été noté comme installé donc rien n'est proposé.


--
Migrec

Re: dbus-deamon avoiding reboot after upgrade

[Greg Wooledge]

On Mon, Aug 19, 2019 at 11:41:33AM +0200, Bastien Durel wrote:
> Ok, there muste have been an error somewhere ...
> 
> root@corrin-2:~# apt-cache policy systemd-container
> systemd-container:
>   Installed: (none)
>   Candidate: 241-5
>   Version table:
>  241-5 500
> 500 http://ftp.fr.debian.org/debian buster/main amd64
> PackagesPackages
> root@corrin-2:~# dpkg -S /usr/bin/systemd-nspawn 
> dpkg-query: no path found matching pattern /usr/bin/systemd-nspawn

Are you saying that you installed systemd-nspawn from something other
than a Debian package, *and* you put it in the /usr/bin directory?
That's a really poor decision -- local add-ons should be in /usr/local
or in /opt.

Also, it appears you were relying on various dependenent packages, like
dbus, without knowing it, since the thing that was actually using them
wasn't installed via the packaging system.  That's something you will
have to track yourself.  There's no way apt can do it for you.

(It's also why I disable apt's autoremove features -- I don't ever want
apt to decide I'm *not* using something, because I do have a bunch of
local add-ons, and apt can't know what's actually safe to remove.)

Re: webmail and email from command line

[Celejar]

On Mon, 19 Aug 2019 11:33:52 +0200
Alessandro Vesely  wrote:

>  On Mon 19/Aug/2019 03:15:45 +0200 Celejar wrote:
> > I think terming Google's decision to call software that doesn't
> > implement OAuth "less secure" "evil" is hyperbole that doesn't help our
> > broader cause of opposing its breaking of standards, imposing various
> > sorts of lock-in, invasions of privacy, etc.
> 
> 
> Breaking of standards?  Not sure about the web, but for email
> protocols Google counts many active participants and gmail is often
> among the early adopters (e.g. ARC).

I think I've seen many reports of Gmail's breaking of standards over
the years, but here's one that I've been able to find:

http://pyropus.ca/software/getmail/faq.html#faq-notabug-gmail-bug

...

> At this point I realize this message is not so off-topic as I had
> figured when I hit the reply button.  So, let me mention I'm also
> still running my own server.  I use Courier-MTA, which integrates SMTP
> and IMAP with maildrop (delivery agent and mail filter) and a plethora
> of utilities.  Of course, I recommend it.

I'd love to run my own mail stack, and I think I could handle the
software deployment reasonably well, but from everything I've read,
the headaches required to make sure that major mail operators will
actually accept my mail are more than I have time or patience for:

https://arstechnica.com/information-technology/2014/02/how-to-run-your-own-e-mail-server-with-your-own-domain-part-1/
https://arstechnica.com/gadgets/2018/12/review-helm-personal-server-gets-email-self-hosting-almost-exactly-right/

Celejar

Re: webmail and email from command line

[Celejar]

On Mon, 19 Aug 2019 10:32:31 +0200
 wrote:

> On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> > On Sun, 18 Aug 2019 23:43:35 +0200
> >  wrote:
> > 
> > > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > > On Fri, 16 Aug 2019 10:10:35 +0200
> 
> [...]
> 
> > I think terming Google's decision to call software that doesn't
> > implement OAuth "less secure" "evil" is hyperbole [...]
> 
> This nicely demonstrates my point: OAuth is a HTTP oriented access
> delegation protocol. Why should that be at all relevant, e.g. in
> the context of IMAP?

>From the Introduction to RFC 6749:

*

In the traditional client-server authentication model, the client
   requests an access-restricted resource (protected resource) on the
   server by authenticating with the server using the resource owner's
   credentials.  In order to provide third-party applications access to
   restricted resources, the resource owner shares its credentials with
   the third party.  This creates several problems and limitations:

Third-party applications are required to store the resource
  owner's credentials for future use, typically a password in
  clear-text.

...

Third-party applications gain overly broad access to the resource
  owner's protected resources, leaving resource owners without any
  ability to restrict duration or access to a limited subset of
  resources.

Resource owners cannot revoke access to an individual third party
  without revoking access to all third parties, and must do so by
  changing the third party's password.

Compromise of any third-party application results in compromise of
  the end-user's password and all of the data protected by that
  password.

*

https://tools.ietf.org/html/rfc6749

You can argue that none of this matters to you, since you trust
whatever OSS software you're using, but I stand by what I wrote that
it's unfair to term Google's decision to refer to applications that
don't implement OAuth "less secure" "evil".

> > > In general,
> > > 
> > >  - dominance on the server (adwords, visibility in search engines...)
> > >and on the client (Chrome/Chromium, Android) side.
> > 
> > I don't consider dominance gained largely through superior
> > technology and legitimate means "evil". Undesirable, yes.
> 
> This misses the point. The fact that my favourite news"paper" has to
> embed Google trackers in its website to survive economically has nothing
> to do with technical superiority and all with market dominance.

I was referring to the client side - Chrome / Chromium achieved
dominance (particularly on the desktop) largely because they were
widely recognized as being more performant than the alternatives.
Firefox may be catching up now, but my impression is that for years,
both experts as well as laymen often preferred Chrome / Chromium
because of its speed. [Note that I have always stuck to Firefox for
almost all my browsing, largely because I don't like / trust Google, so
we're not as far apart as we might seem.]

...

> > > IMO they're far too big.
> > 
> > Agreed, but again, I don't think that makes them "evil".
> 
> Call that what you want. I call this "emergent evil". And I definitely
> want it out of my cereal bowl :-)

We agree - I want it out of my cereal bowl as well ;)

Celejar

SLAPD_SENTINEL_FILE problem and openldap / slapds jessie changelog missing

[Neo]

Hi Debian lovers

I struggle to find the current changelog for slapd/openldap.

[root@host ~]# dpkg -l | grep slap
ii  slapd 2.4.40+dfsg-1+deb8u5   amd64    OpenLDAP 
server (slapd)


[root@host ~]# cat /etc/*version
8.11


https://metadata.ftp-master.debian.org/changelogs//main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5_changelog
-> 404.

Basically I have seen, that in the file /etc/default/slapd

there is (and was before the update) this entry:

# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists,
# the init script will not start or restart slapd (but stop will still
# work).  Use this for temporarily disabling startup of slapd (when doing
# maintenance, for example, or through a configuration management system)
# when you don't want to edit a configuration file.
SLAPD_SENTINEL_FILE=/etc/ldap/noslapd

so on service restart, it failed until i commented this out.

Interesting:

root@host ~]# ll /etc/ldap/noslapd
ls: cannot access /etc/ldap/noslapd: No such file or directory

So the sentence "If SLAPD_SENTINEL_FILE is set to path to a file and 
that file exists" seems to be wrong.


on another, similar, but more actual host

[ ok ] Stopping slapd (via systemctl): slapd.service.
[ ok ] Starting slapd (via systemctl): slapd.service.
[root@host2 bin]# dpkg -l | grep slapd
ii  slapd 2.4.44+dfsg-5+deb9u2   amd64    OpenLDAP server 
(slapd)

[root@host2 bin]# cat /etc/*version
9.9
[root@host2 bin]# cat /etc/default/slapd
[..]
# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists,
# the init script will not start or restart slapd (but stop will still
# work).  Use this for temporarily disabling startup of slapd (when doing
# maintenance, for example, or through a configuration management system)
# when you don't want to edit a configuration file.
SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
[..]

Any clues about that? Thank you.

Best regards

Spacerat

Re: Reprendre une migration échouée lors d'un apt- upgrade

[Jean-Michel OLTRA]

Bonjour,


Le lundi 19 août 2019, Migrec a écrit...


>Mais du coup, comment puis-je reprendre la migration des bases de
>données. La paquet cacti est noté comme "Installé" et si je me rends
>sur l'interface, le processus de nouvelle installation semble de lancer
>même s'il est fait mention d'une migration (NOTE:This process will
>guide you through the steps for upgrading from version '1.1.31'.). Sauf
>qu'avec Stretch, on en était à la 0.8 je crois.

As tu essayé tout bêtement de relancer un `apt-get upgrade` (ou aptitude
upgrade si tu utilises aptitude) ?

-- 
jm

Re: Why do UID values of system users matter?

[Greg Wooledge]

On Fri, Aug 16, 2019 at 11:42:12PM -0500, David Wright wrote:
> Difficult to say. My reaction would be to check the ownership of all
> non-root-owned files. Because of the potential for trouble like the
> above, I routinely keep a list on each system.
> 
> # find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s  %s  
> %s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files

The use of $11 here assumes the filename doesn't contain any whitespace.
It'll break if one does.  You'd be better off using GNU find's -printf
features, than parsing the output of -ls with awk.

Looks like you want the username, groupname, and filename.  So that would
be:

find / -mount \( ! group 0 -o ! -user 0 \) -printf '%u  %g  %p\n' |
sort -k 3 > /root/non-root-owned-files

Re: duckduckgo

[Celejar]

On Mon, 19 Aug 2019 10:23:44 +0200
 wrote:

> On Sun, Aug 18, 2019 at 06:26:20PM -0400, Celejar wrote:
> > On Sun, 18 Aug 2019 22:52:07 +0200
> >  wrote:

...

> >I certainly need to use numerous sites (bill
> > paying, banking, etc.) that require JS to function.
> 
> There's no clear-cut, generally valid thing here. I've the luck to live
> in a country (Germany) where an open protocol for banking exists (HBCI),
> and a free software implementing that protocol. So, thanks $DEITY, I
> just can do my bank things from the command line. There are other things
> (tax decl), where I've to use my browser, with javascript. This browser
> runs in a separate user session, with another user ID.

Yes, I'm a bit jealous of you Europeans in this regard ;) But my issues
go well beyond banking: most sites that require login and so on don't
seem to function well if at all without JS, including those of medical
offices (downloading reports, etc.) and utilities (downloading bills,
other activities), and even many news and information sites won't work
without JS.
q
Celejar

Re: Why do UID values of system users matter?

[Greg Wooledge]

On Fri, Aug 16, 2019 at 11:03:48PM -0400, Kenneth Parker wrote:
> >From looking at an Ubuntu 16.04 System I administer, User "man" (uid 6) is,
> apparently the owner of /var/cache/man, which appears to be an area for
> translating man pages.  Who creates this User?

I don't know about Ubuntu, because this is debian-user.  In Debian,
the preinst script for the base-passwd package will create a bunch
of system users if /etc/passwd is not present, and groups if /etc/group
is not present.

See /var/lib/dpkg/info/base-passwd.preinst for details.

One might ponder under what conditions, exactly, this script would be
executed while these files are not yet present.  I don't know the inner
workings of the debian-installer, so I'm not sure whether this is just
a safety net, or an expected part of a normal system installation.

Re: duckduckgo

[steef]

On 19-08-19 00:41, rhkra...@gmail.com wrote:

On Sunday, August 18, 2019 05:27:07 PM steef wrote:

On 18-08-19 22:04, rhkra...@gmail.com wrote:

On Sunday, August 18, 2019 01:16:59 PM nektarios wrote:


--< snip >--


I have a similar setup as yours but am getting no popups from my browser
(firefox) and no ad blocker at all as I m using legit sites that have
income from ads. Why do you think the popups originate from duckduckgo?


@steef,

Are you actually getting pop-up ads, or are you just seeing search
results that might be considered advertisements as they focus on a
particular company / product?

I don't get pop-ups, but some of the search results might be considered
ads, and, if so, I don't know what can be done about that.


.I get sometimes results that may be considered ads with the fonts
'ADV' added


Is that the problem you are concerned about?


well, yes. because it is possible to avoid these sites for only one session using duckduckgo. the next session one must again block out 
these sites. that is cumbersome and annoying allthough i understand that duckduckgo somehow must get paid for.


regards,

steef

Reprendre une migration échouée lors d'un apt- upgrade

[Migrec]

  
  
Bonjour,

Je démarre un nouveau fil dans la lignée de mes messages précédents.
Lors du apt upgrade pour passer à Buster, le serveur MariaDB n'était
pas démarré lors de la mise à jour de cacti (migration des bases de
données).

Du coup, j'ai opté pour l'option "Abandonner" et une sauvegarde a
été faite dans /var/cache/dbconfig-common/.
Vu la taille de la sauvegarde, je ne suis pas certain d'avoir toutes
les données : il semblerait que ça soit juste la structure. On verra
bien.

Mais du coup, comment puis-je reprendre la migration des bases de
données. La paquet cacti est noté comme "Installé" et si je me rends
sur l'interface, le processus de nouvelle installation semble de
lancer même s'il est fait mention d'une migration (NOTE:This process will guide you
  through the steps for upgrading from version '1.1.31'.). Sauf
  qu'avec Stretch, on en était à la 0.8 je crois. 

Puis-je relancer un dpkg-reconfigure cacti sans souci ? Faut-il
extraire les scripts de pré et post installation depuis le paquet
source ? Une autre méthode ? Je voudrai vraiment garder l'historique
de mes données cacti !

Cordialement,
--
Migrec
  

Re: Grub

[Juan Lavieri]

Hola.

El 19/8/2019 a las 6:48 a. m., Antonio Trujillo Carmona escribió:

El 19/8/19 a las 2:15, Fran Torres escribió:

Buenas,

Veo algunas pequeñas (o grandes según se mire) incongruencias:

1. Tienes Windows 7 de 32 bits (lo llamaremos x86) y actualizas a
Windows 10 de 64 (amd64).
2. tienes un debian x86 y actualizas a amd64?
   Algo me dice que esto no es posible, pues si actualizas una versión
anterior, lo que actualizas es lo que tienes instalado.
Lo que creo que deberías hacer es lo siguiente:
1. instalar Windows 7 amd64 y entonces actualizar a Windows 10 amd64.
2. posteriormente, instalar debian amd64.
eso, u opción número dos:
instalar Windows 10 amd64 directamente y, posteriormente, debian amd64.

Fran.


El 19/8/19, diego leon giraldo garcia  escribió:

Buenas tardes a la lista, tenía windows 7 y actualice a windows 10 de 64
bits, el windows 7 era de 32. Ahora trató de recuperar el grub de debían 9
con ubuntu y con el dvd de debían pero no ha sido posible con todos los
comandos que he consultado, claro que ahora me doy cuenta que el debían que
tenía era de 32, debo instalar de nuevo debían de 64?. Es como lo más
lógico o me equivoco?.
Gracias




A parte de lo que te aporta Fran, si te encuentra 2 windows es por algo,
verifica en la Bios del equipo si tienes arranque por UEFI, de ser asi
mira que sistemas hay reg9istrados en la BIOS, es posible que siga
registrado el antiguo windows y eso confunde al grub.





Antonio, el nunca dijo que veía 2 Windows.

--
Errar es de humanos, pero es mas humano culpar a los demás

Re: Grub

[Juan Lavieri]

Hola

El 18/8/2019 a las 7:19 p. m., diego leon giraldo garcia escribió:
Buenas tardes a la lista, tenía windows 7 y actualice a windows 10 de 64 
bits, el windows 7 era de 32. Ahora trató de recuperar el grub de debían 
9  con ubuntu y con el dvd de debían pero no ha sido posible con todos 
los comandos que he consultado, claro que ahora me doy cuenta que el 
debían que tenía era de 32, debo instalar de nuevo debían de 64?. Es 
como lo más lógico o me equivoco?.


Me parece que solo debes recuperar el grub.

Guíate por este artículo.

https://www.taringa.net/+linux/como-recuperar-grub-despues-de-instalar-windows_h4lhj


Gracias


De nada.

Saludos.

--
Errar es de humanos, pero es mas humano culpar a los demás

Re: Grub

[Antonio Trujillo Carmona]

El 19/8/19 a las 2:15, Fran Torres escribió:
> Buenas,
>
> Veo algunas pequeñas (o grandes según se mire) incongruencias:
>
> 1. Tienes Windows 7 de 32 bits (lo llamaremos x86) y actualizas a
> Windows 10 de 64 (amd64).
> 2. tienes un debian x86 y actualizas a amd64?
>   Algo me dice que esto no es posible, pues si actualizas una versión
> anterior, lo que actualizas es lo que tienes instalado.
> Lo que creo que deberías hacer es lo siguiente:
> 1. instalar Windows 7 amd64 y entonces actualizar a Windows 10 amd64.
> 2. posteriormente, instalar debian amd64.
> eso, u opción número dos:
> instalar Windows 10 amd64 directamente y, posteriormente, debian amd64.
>
> Fran.
>
>
> El 19/8/19, diego leon giraldo garcia  escribió:
>> Buenas tardes a la lista, tenía windows 7 y actualice a windows 10 de 64
>> bits, el windows 7 era de 32. Ahora trató de recuperar el grub de debían 9
>> con ubuntu y con el dvd de debían pero no ha sido posible con todos los
>> comandos que he consultado, claro que ahora me doy cuenta que el debían que
>> tenía era de 32, debo instalar de nuevo debían de 64?. Es como lo más
>> lógico o me equivoco?.
>> Gracias
>>
>
A parte de lo que te aporta Fran, si te encuentra 2 windows es por algo,
verifica en la Bios del equipo si tienes arranque por UEFI, de ser asi
mira que sistemas hay reg9istrados en la BIOS, es posible que siga
registrado el antiguo windows y eso confunde al grub.





signature.asc
Description: OpenPGP digital signature

Global B2B Emails List

[lillie . simmons]

Hi,

Hope you are doing great.

Did you get a chance to review my previous email. Please let me know your
thoughts.

Thanks & Regards,

Lillie Simmons.

Re: Upgrade Buster et MySQL/MariaDB

[Migrec]

  
  
Le 19/08/2019 à 10:54, Basile Starynkevitch a écrit :

  
  On 8/19/19 10:52 AM, Basile
Starynkevitch wrote:
  
  



On 8/19/19 10:03 AM, Migrec wrote:

 
  Pour Adminer, je l'ai installé mais on est d'accord qu'il faut
  mettre en place des directives pour Apache ? Il n'y a rien
  dans le paquet de déjà prêt ? 



A mon avis, il est plus efficace (à long terme) de savoir
  administrer un système Linux (en particulier Debian) en ligne
  de commande et avec des fichiers textuels de configuration
  (sous /etc et gérés avec git et parfois
  scriptés par exemple avec guile
  et guix).
  Bien sûr, il y a un sérieux effort d'apprentissage à faire au
  début. D'excellents livres et ressources web (en français
  comme en anglais) sont disponibles pour ça.
  


Bonjour,

Je ne peux qu'être d'accord, bien entendu. Je suis sur Debian depuis
assez longtemps (Potato je crois) et je m'étais m'auto-formé en y
passant beaucoup de temps, n'étant pas du métier.
Mais c'est vrai que ces dernières années, je n'ai plus autant de
temps qu'avant et je me suis fait distancé par toutes les
nouveautés. Donc je me "contente" de maintenir mon petit serveur à
jour.
Mais là, entre l'abandon d'iptables, de phpmyadmin, le renommage des
interfaces réseaux, les scripts désuets inirtrd, ça fait beaucoup
;-). D'où mon appel à l'aide une peu "simpliste" pour les
spécialistes.

Pour revenir au sujet, ma base MariaDB fonctionne et en analysant
les logs de mise à jour, la migration de cacti a planté tout
simplement parce que le serveur SQL n'était pas lancé... J'ai choisi
"abandonner", j'ai bien une sauvegarde de la base mais j'ai peur de
faire une betise avec. Mais c'est un sujet à ouvrir à part
peut-être.

Cordialement,

--
Migrec

  

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

On Mon, Aug 19, 2019 at 11:41:33AM +0200, Bastien Durel wrote:
> Le lundi 19 août 2019 à 11:54 +0300, Reco a écrit :
> > Hi.
> > 
> > On Mon, Aug 19, 2019 at 10:23:54AM +0200, Bastien Durel wrote:
> > > Le lundi 19 août 2019 à 10:37 +0300, Reco a écrit :
> > > > > $ apt purge dbus -s
> > > > <...>
> > > > >dbus* libpam-systemd*
> > > > 
> > > > So, dbus is not needed there.
> > > 
> > > Hello. Same here, but with dbus removed, my jobs using systemd-
> > > nspawn
> > > fails with:
> > > 
> > > Failed to open system bus: Connection refused
> > > 
> > > So testing your system after removal may be a good idea, apt
> > > insight is
> > > not sufficient ;)
> > 
> > $ apt show systemd-container | grep dbus
> > Depends: libacl1 (>= 2.2.23), ..., dbus
> > 
> > apt cannot help you if you're using it wrong.
>
> Ok, there muste have been an error somewhere ...

And I'd solve it with "apt install systemd-container".

Reco

Re: dbus-deamon avoiding reboot after upgrade

[Bastien Durel]

Le lundi 19 août 2019 à 11:54 +0300, Reco a écrit :
>   Hi.
> 
> On Mon, Aug 19, 2019 at 10:23:54AM +0200, Bastien Durel wrote:
> > Le lundi 19 août 2019 à 10:37 +0300, Reco a écrit :
> > > > $ apt purge dbus -s
> > > <...>
> > > >dbus* libpam-systemd*
> > > 
> > > So, dbus is not needed there.
> > 
> > Hello. Same here, but with dbus removed, my jobs using systemd-
> > nspawn
> > fails with:
> > 
> > Failed to open system bus: Connection refused
> > 
> > So testing your system after removal may be a good idea, apt
> > insight is
> > not sufficient ;)
> 
> $ apt show systemd-container | grep dbus
> Depends: libacl1 (>= 2.2.23), ..., dbus
> 
> apt cannot help you if you're using it wrong.
> 
> Reco
> 
Ok, there muste have been an error somewhere ...

root@corrin-2:~# apt-cache policy systemd-container
systemd-container:
  Installed: (none)
  Candidate: 241-5
  Version table:
 241-5 500
500 http://ftp.fr.debian.org/debian buster/main amd64
PackagesPackages
root@corrin-2:~# dpkg -S /usr/bin/systemd-nspawn 
dpkg-query: no path found matching pattern /usr/bin/systemd-nspawn

:/

-- 
Bastien

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

[Nektarios Katakis]

On Sun, 18 Aug 2019 18:09:50 -0400
John Kerr Anderson  wrote:

> Here is the output when it is working:
> 
> aplay -l
>  List of PLAYBACK Hardware Devices 
> card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> Analog] Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> 
> 
> And here it is when it isn't working:
> 
> ~$ aplay -l
>  List of PLAYBACK Hardware Devices 
> card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> Analog] Subdevices: 0/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
>   Subdevices: 1/1
>   Subdevice #0: subdevice #0
> 
> card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> Analog] Subdevices: 1/1
> 
> I notice when it's working the first entry says "Subdevices: 1/1" but
> after I suspended the machine it says "Subdevices: 0/1"
> 
> Also after I bring it up from suspend I notice when I use the hotkeys
> to adjust the volume it goes from the internal speakers to
> headphones.  If I plug headphones in I also don't have any audio
> either.  Any suggestions on what I should do now?  Thank you for the
> response so far!
> 
> Regards,
> 
> John
> 
> 
> On Sun, 18 Aug 2019 at 17:50, Nektarios Katakis <
> nektar...@mail.nektarioskatakis.xyz> wrote:  
> 
> > On Sun, 18 Aug 2019 14:06:57 -0400
> > John Kerr Anderson  wrote:
> >  
> > > Hello today,  I've got an Ideapad and after I suspend I cannot
> > > get the audio to work when the system resumes.
> > >
> > > lspci -v returns the following for the audio section:
> > >
> > > 00:0e.0 Audio device: Intel Corporation Device 3198 (rev 03)
> > > Subsystem: Lenovo Device 3807
> > > Flags: bus master, fast devsel, latency 0, IRQ 25
> > > Memory at a131 (64-bit, non-prefetchable) [size=16K]
> > > Memory at a100 (64-bit, non-prefetchable) [size=1M]
> > > Capabilities: [50] Power Management version 3
> > > Capabilities: [80] Vendor Specific Information: Len=14 
> > > Capabilities: [60] MSI: Enable- Count=1/1 Maskable- 64bit+
> > > Capabilities: [70] Express Root Complex Integrated Endpoint, MSI
> > > 00 Kernel driver in use: snd_hda_intel
> > > Kernel modules: snd_hda_intel, snd_soc_skl
> > >
> > > In the system log I found the following audio related error
> > > message as well:
> > >
> > > Aug 18 12:34:57 ideapad kernel: [   51.672003] snd_hda_intel
> > > :00:0e.0: azx_get_response timeout, switching to polling mode:
> > > last cmd=0x20bf8100 Aug 18 12:34:57 ideapad kernel: [   52.684197]
> > > snd_hda_intel :00:0e.0: No response from codec, disabling MSI:
> > > last cmd=0x20bf8100 Aug 18 12:34:57 ideapad kernel: [   53.695872]
> > > snd_hda_intel :00:0e.0: azx_get_response timeout, switching to
> > > single_cmd mode: last cmd=0x20bf8100 Aug 18 12:34:57 ideapad
> > > kernel: [   53.696078] azx_single_wait_for_response: 9 callbacks
> > > suppressed Aug 18 12:34:57 ideapad kernel: [   53.981143]
> > > snd_hda_codec_hdmi hdaudioC0D2: Unable to sync register 0x2f0d00.
> > > -5
> > >
> > >
> > > Aug 18 12:36:42 ideapad kernel: [  158.417338]
> > > snd_hda_codec_realtek hdaudioC0D0: Unable to sync register
> > > 0x1f0e00. -5 Aug 18 12:36:42 ideapad kernel: [  158.417498]
> > > snd_hda_codec_realtek hdaudioC0D0: Unable to sync register
> > > 0x1f0e00. -5 Aug 18 12:36:42 ideapad pulseaudio[1013]: W:
> > > [alsa-sink-ALC269VC Analog] alsa-mixer.c: Failed to set switch of
> > > Speaker: Input/output error Aug 18 12:36:42 ideapad
> > > pulseaudio[1013]: W: [alsa-sink-ALC269VC Analog] alsa-mixer.c:
> > > Failed to set switch of Headphone: Input/output error Aug 18
> > > 12:36:53 ideapad kernel: [  169.533192] azx_single_send_cmd: 299
> > > callbacks suppressed
> > >
> > > Aug 18 13:45:13 ideapad kernel: [ 4269.876500]
> > > snd_hda_codec_realtek hdaudioC0D0: Unable to sync register
> > > 0x1f0e00. -5 Aug 18 13:49:47 ideapad kernel: [ 4543.985442]
> > > snd_hda_codec_realtek hdaudioC0D0: Unable to sync register
> > > 0x1f0e00. -5
> > >
> > > Are there any suggestions I could try to get this 

Re: webmail and email from command line

[Alessandro Vesely]

 On Mon 19/Aug/2019 03:15:45 +0200 Celejar wrote:
> I think terming Google's decision to call software that doesn't
> implement OAuth "less secure" "evil" is hyperbole that doesn't help our
> broader cause of opposing its breaking of standards, imposing various
> sorts of lock-in, invasions of privacy, etc.


Breaking of standards?  Not sure about the web, but for email
protocols Google counts many active participants and gmail is often
among the early adopters (e.g. ARC).

On the other hand, I am perplexed when I see epic personalities of
IETF standard making, like Brian Carpenter, Dave Crocket, and many
other, preferably use gmail addresses.  Most of them used to prefer
sending from their own mail servers.  Obviously, they find gmail more
convenient...  Of course, protocols will be useless when there will be
just one or two providers.

Even John Klensin, the author of ESMTP, although he uses his own
domain for sending mail through Exim, uses outlook.com for incoming
MX.  Presumably, that's more convenient than maintaining efficient
anti-virus and anti-spam.  Notably, as an SMTP purist, John deploys
neither SPF nor DKIM.

At this point I realize this message is not so off-topic as I had
figured when I hit the reply button.  So, let me mention I'm also
still running my own server.  I use Courier-MTA, which integrates SMTP
and IMAP with maildrop (delivery agent and mail filter) and a plethora
of utilities.  Of course, I recommend it.


jm2c
Ale

Re: webmail and email from command line

[Nektarios Katakis]

On Mon, 19 Aug 2019 10:32:31 +0200
 wrote:

> On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> > On Sun, 18 Aug 2019 23:43:35 +0200
> >  wrote:
> > 
> > > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > > On Fri, 16 Aug 2019 10:10:35 +0200
> 
> [...]
> 
> > I think terming Google's decision to call software that doesn't
> > implement OAuth "less secure" "evil" is hyperbole [...]
> 
> This nicely demonstrates my point: OAuth is a HTTP oriented access
> delegation protocol. Why should that be at all relevant, e.g. in
> the context of IMAP?
> 

I couldn't agree more. SMTP and IMAP have their own specs and any mail
host that follows them is legit. Google is evil as it is monopolizing
the market and following microsoft practices from 10-15 years back.

Like either works with Google or we dont care. 

> > > In general,
> > > 
> > >  - dominance on the server (adwords, visibility in search
> > > engines...) and on the client (Chrome/Chromium, Android) side.
> > 
> > I don't consider dominance gained largely through superior
> > technology and legitimate means "evil". Undesirable, yes.
> 
> This misses the point. The fact that my favourite news"paper" has to
> embed Google trackers in its website to survive economically has
> nothing to do with technical superiority and all with market
> dominance.
> 
> Not long ago, Microsoft was in this position. Remember when Internet
> Explorer was the dominant browser and everyone was hot on implementig
> ActiveX?
> 
> [...]
> 
> > > (I'm sure you can think of two or three more).
> > > 
> > > IMO they're far too big.
> > 
> > Agreed, but again, I don't think that makes them "evil".
> 
> Call that what you want. I call this "emergent evil". And I definitely
> want it out of my cereal bowl :-)

And definitely is. I am happy that there are people out there
recognizing it.


> 
> Cheers
> -- t

Regards,

-- 
Nektarios Katakis

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

Hi.

On Mon, Aug 19, 2019 at 10:23:54AM +0200, Bastien Durel wrote:
> Le lundi 19 août 2019 à 10:37 +0300, Reco a écrit :
> > > $ apt purge dbus -s
> > <...>
> > >dbus* libpam-systemd*
> > 
> > So, dbus is not needed there.
> 
> Hello. Same here, but with dbus removed, my jobs using systemd-nspawn
> fails with:
> 
> Failed to open system bus: Connection refused
> 
> So testing your system after removal may be a good idea, apt insight is
> not sufficient ;)

$ apt show systemd-container | grep dbus
Depends: libacl1 (>= 2.2.23), ..., dbus

apt cannot help you if you're using it wrong.

Reco

Re: Upgrade Buster et MySQL/MariaDB

[Basile Starynkevitch]

On 8/19/19 10:52 AM, Basile Starynkevitch wrote:



On 8/19/19 10:03 AM, Migrec wrote:


Pour Adminer, je l'ai installé mais on est d'accord qu'il faut mettre 
en place des directives pour Apache ? Il n'y a rien dans le paquet de 
déjà prêt ?



A mon avis, il est plus efficace (à long terme) de savoir administrer 
un système Linux (en particulier Debian) en ligne de commande et avec 
des fichiers textuels de configuration (sous /etc et gérés avec git 
 et parfois scriptés par exemple avec guile 
 et guix 
). Bien sûr, il y a un sérieux effort 
d'apprentissage à faire au début. D'excellents livres et ressources 
web (en français comme en anglais) sont disponibles pour ça.




A commencer par SICP 
 
(pour ma part, je pense qu'on ne devrait pas accéder à un système Linux 
sérieux sans avoir lu ce livre, dont une traduction française existe).



--
Basile STARYNKEVITCH   == http://starynkevitch.net/Basile
opinions are mine only - les opinions sont seulement miennes
Bourg La Reine, France; 
(mobile phone: cf my web page / voir ma page web...)

Re: duckduckgo

[Eric S Fraga]

On Sunday, 18 Aug 2019 at 22:52, to...@tuxteam.de wrote:
> This is actually for me a filter criterion: if a site doesn't work
> with javascript, chances are high that I avoid it. I do make some
> exceptions, but very few.

Ditto.  My exceptions are my bank and flickr.  All else I access via eww
in Emacs.

-- 
Eric S Fraga via Emacs 27.0.50 & org 9.2.4 on Debian 10.0

Re: Upgrade Buster et MySQL/MariaDB

[Basile Starynkevitch]

On 8/19/19 10:03 AM, Migrec wrote:


Pour Adminer, je l'ai installé mais on est d'accord qu'il faut mettre 
en place des directives pour Apache ? Il n'y a rien dans le paquet de 
déjà prêt ?



A mon avis, il est plus efficace (à long terme) de savoir administrer un 
système Linux (en particulier Debian) en ligne de commande et avec des 
fichiers textuels de configuration (sous /etc et gérés avec git 
 et parfois scriptés par exemple avec guile 
 et guix ). 
Bien sûr, il y a un sérieux effort d'apprentissage à faire au début. 
D'excellents livres et ressources web (en français comme en anglais) 
sont disponibles pour ça.


Librement


--
Basile STARYNKEVITCH   == http://starynkevitch.net/Basile
opinions are mine only - les opinions sont seulement miennes
Bourg La Reine, France; 
(mobile phone: cf my web page / voir ma page web...)

Re: Upgrade Buster et MySQL/MariaDB

[Migrec]

Le 19/08/2019 à 10:12, fab a écrit :


Pour Adminer, je l'ai installé mais on est d'accord qu'il faut mettre 
en place des directives pour Apache ? Il n'y a rien dans le paquet de 
déjà prêt ?

Effectivement, j'ai du créer un /etc/apache2/conf-available/adminer.conf

# cat /etc/apache2/conf-available/adminer.conf
Alias /adminer.php /usr/share/adminer/adminer.php



AuthUserFile /var/.mdp/.mdp
AuthName "Acces Restreint"
AuthType Basic


require valid-user





Entendu merci !
--
Migrec

Re: dbus-deamon avoiding reboot after upgrade

[Bastien Durel]

Le lundi 19 août 2019 à 10:37 +0300, Reco a écrit :
> > $ apt purge dbus -s
> <...>
> >dbus* libpam-systemd*
> 
> So, dbus is not needed there.

Hello. Same here, but with dbus removed, my jobs using systemd-nspawn
fails with:

Failed to open system bus: Connection refused

So testing your system after removal may be a good idea, apt insight is
not sufficient ;)

-- 
Bastien

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

On Mon, Aug 19, 2019 at 09:54:08AM +0200, john doe wrote:
> >> If things goes well on this server, which is a test server, I'll
> >> consider purging dbus from my production server(s) on which a reboot is
> >> to be avoided.
> >>
> >> Here is the requested output from a test server:
> >>
> >> $ apt purge dbus -s
> > <...>
> >>   dbus* libpam-systemd*
> >
> > So, dbus is not needed there.
> >
> 
> Okay, one more question, can you give me an example where dbus is
> required on a non-desktop env or is cups requiring dbus?

Let's see.

firewalld. Yet another netfilter/nft frontend. One of favorite Red Hat
toys.

pacemaker. For those who think that cluster is "it's not down if it's
restarted on a neighbour host".

nfs-ganesha. Userspace NFS server, designed to be run in a container.
Slow as a snail, but is useful to somebody. 

teamd. Linux bonding has a huge implementation deficiency - it does not
depend on dbus :) This one does.

avahi-daemon. Was mentioned in this very thread.


And last, but not least - any terminal server, like LTSP.

Reco

Re: webmail and email from command line

[tomas]

On Sun, Aug 18, 2019 at 09:15:45PM -0400, Celejar wrote:
> On Sun, 18 Aug 2019 23:43:35 +0200
>  wrote:
> 
> > On Sun, Aug 18, 2019 at 05:19:28PM -0400, Celejar wrote:
> > > On Fri, 16 Aug 2019 10:10:35 +0200

[...]

> I think terming Google's decision to call software that doesn't
> implement OAuth "less secure" "evil" is hyperbole [...]

This nicely demonstrates my point: OAuth is a HTTP oriented access
delegation protocol. Why should that be at all relevant, e.g. in
the context of IMAP?

> > In general,
> > 
> >  - dominance on the server (adwords, visibility in search engines...)
> >and on the client (Chrome/Chromium, Android) side.
> 
> I don't consider dominance gained largely through superior
> technology and legitimate means "evil". Undesirable, yes.

This misses the point. The fact that my favourite news"paper" has to
embed Google trackers in its website to survive economically has nothing
to do with technical superiority and all with market dominance.

Not long ago, Microsoft was in this position. Remember when Internet
Explorer was the dominant browser and everyone was hot on implementig
ActiveX?

[...]

> > (I'm sure you can think of two or three more).
> > 
> > IMO they're far too big.
> 
> Agreed, but again, I don't think that makes them "evil".

Call that what you want. I call this "emergent evil". And I definitely
want it out of my cereal bowl :-)

Cheers
-- t


signature.asc
Description: Digital signature

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

[Curt]

On 2019-08-18, John Kerr Anderson  wrote:
>
> Aug 18 13:45:13 ideapad kernel: [ 4269.876500] snd_hda_codec_realtek
> hdaudioC0D0: Unable to sync register 0x1f0e00. -5
> Aug 18 13:49:47 ideapad kernel: [ 4543.985442] snd_hda_codec_realtek
> hdaudioC0D0: Unable to sync register 0x1f0e00. -5

Looks like this bug:

https://bugs.freedesktop.org/show_bug.cgi?id=110916#c5

> Are there any suggestions I could try to get this to work correctly after
> suspend/resume events?

Workaround suggested at the link above:

add "snd_hda_intel.probe_mask=0x01" to your kernel parameters at boot.

This kernel parameter renders any hdmi audio output you might have
unavailable and therefore unusable, though.

Good luck.

> Thanks in advance,
>
> John
>

-- 
“We are all in the gutter, but some of us are looking at the stars.” 
― Oscar Wilde, Lady Windermere's Fan

Ważne pytanie

[Agencja Online]

Dzień dobry,



reprezentuję firmę zajmującą się tworzeniem nowoczesnych *Stron i Sklepów* 
Online.



Z przyjemnością podeślę naszą aktualną propozycję w tym zakresie.



Jeśli mogę, proszę o e-mail zwrotny o treści*TAK.*

_
Pozdrawiamy Serdecznie,
Strony i SklepyWWW

Re: duckduckgo

[tomas]

On Sun, Aug 18, 2019 at 06:26:20PM -0400, Celejar wrote:
> On Sun, 18 Aug 2019 22:52:07 +0200
>  wrote:

[... on disabling javascript]

> Question: is this due to a belief that such sites are (at least for
> your use cases) at best marginally more useful than their non-JS
> utilizing alternatives, or due to a desire to punish such sites or an
> ethical objection to them?

I don't believe in punishment (to people, that is). Corps can't be
punished, anyway. I just find this whole machinery (what Shoshana
Zuboff [1] calls "surveillance capitalism") so disgusting that I
choose to take as little part in it as is compatible with my way
of life. Call this an "ethical position" if you must -- I tend to
avoid such high-flying terms, because at the end everyone understands
them differently, causing confusion.

And yes, part of it is the realization that "convenience" doesn't
top all -- through "convenience" [2], I'm being manipulated. That's the
Trojan horse. I want to be aware of when this happens, and take those
decisions in full knowledge.

>I certainly need to use numerous sites (bill
> paying, banking, etc.) that require JS to function.

There's no clear-cut, generally valid thing here. I've the luck to live
in a country (Germany) where an open protocol for banking exists (HBCI),
and a free software implementing that protocol. So, thanks $DEITY, I
just can do my bank things from the command line. There are other things
(tax decl), where I've to use my browser, with javascript. This browser
runs in a separate user session, with another user ID.

"Be like water" :-)

Cheers

[1] https://en.wikipedia.org/wiki/Shoshana_Zuboff
[2] That's why I tend to not use NoScript and adblockers. I *really*
   want to know. I sometimes even do read the javascript which is not
   executed on my machine ;-D

-- t


signature.asc
Description: Digital signature

Re: Upgrade Buster et MySQL/MariaDB

[fab]

Pour Adminer, je l'ai installé mais on est d'accord qu'il faut mettre en 
place des directives pour Apache ? Il n'y a rien dans le paquet de déjà 
prêt ?

Effectivement, j'ai du créer un /etc/apache2/conf-available/adminer.conf

# cat /etc/apache2/conf-available/adminer.conf
Alias /adminer.php /usr/share/adminer/adminer.php



AuthUserFile /var/.mdp/.mdp
AuthName "Acces Restreint"
AuthType Basic


require valid-user




f.

Re: Upgrade Buster et MySQL/MariaDB

[Migrec]

Le 19/08/2019 à 09:53, fab a écrit :

'lut,

Ça fait beaucoup et je ne sais pas trop par quoi commencer... Avec le 
paquet default-mysql-server

oui, bonne idée. Sinon, j'ai directement installé mariadb avec:

mariadb-common
mariadb-server

, est-ce que les accès se font de manière transparente avec les 
commandes mysql ?

oui, toujours.

Les utilisateurs, les bases existantes ont-elles été migrées ?? 

oui.


J'imagine que oui mais sans sans PhpMyAdmin, je suis perdu ;-)

je me suis dit la même chose ;) Mais essaye adminer et tu seras conquis.


Merci.
En fait le serveur MariaDB n'était tout simplement pas lancé. J'avais 
pourtant redémarré le serveur.
Du coup j'accède à Cacti mais je me retrouve sur un page d'installation, 
je vais creuser de ce coté.


Pour Adminer, je l'ai installé mais on est d'accord qu'il faut mettre en 
place des directives pour Apache ? Il n'y a rien dans le paquet de déjà 
prêt ?


--
Migrec

Re: dbus-deamon avoiding reboot after upgrade

[john doe]

Hi Rico, thanks for your answer.

On 8/19/2019 9:37 AM, Reco wrote:
>   Hi.
>
> On Mon, Aug 19, 2019 at 09:25:56AM +0200, john doe wrote:
>> On 8/18/2019 4:59 PM, Reco wrote:
>>> On Sun, Aug 18, 2019 at 04:56:34PM +0200, john doe wrote:
 On 8/18/2019 3:19 PM, Brian wrote:
> On Sun 18 Aug 2019 at 12:17:59 +0200, john doe wrote:
>
>> On 8/17/2019 8:15 PM, Brian wrote:
>>> On Tue 13 Aug 2019 at 20:07:49 +0200, john doe wrote:

 While upgrading the dbus deamon, I get the following:

 "A reboot is required to replace the running dbus-daemon.
 Please reboot the system when convenient."


 I have no plan to reboot that server, what are the pros and cons of not
 doing that or how can I avoid rebooting altogether?
>>>
>>> In the light of Curt's reference to #805449 and your reluctance to
>>> provide any extra information on the server setup you have in mind,
>>> your plan will have to accomodate reality. Reboot and be done with
>>> it.
>>>
>>
>> From reading this thread, here's what I understand:
>>
>> Despide the word desktop being thrown everyware (URL of the page given
>> in this thread, ...) it has now moved to be use or at the very least
>> installed, on non-desktop host.
>>
>> If the above is correct, is there a rule to determine if dbus is 
>> required?
>> Relying on apt/apt-get is something that I'm not comfortable with! :)
>
> The -s option to apt could make you feel more comfortable if you are
> concerned about damaging the system. Otherwise, 'aptitude why dbus'.
>

 Thank you, Apt/apt-get will do what I tell it to do but what I don't
 understand is on what bases should I remove dbus.

 In other words, in what cases is dbus not redondent/when do I need dbus
 on a non-desktop environment.
>>>
>>> Show us 'apt purge dbus -s' output please.
>>
>> If things goes well on this server, which is a test server, I'll
>> consider purging dbus from my production server(s) on which a reboot is
>> to be avoided.
>>
>> Here is the requested output from a test server:
>>
>> $ apt purge dbus -s
> <...>
>>   dbus* libpam-systemd*
>
> So, dbus is not needed there.
>

Okay, one more question, can you give me an example where dbus is
required on a non-desktop env or is cups requiring dbus?

>
>> Is apt the only way to know if dbus is redundant?
>
> No, but it's an easiest one.
>
> Hard one would be to answer "what function this server serves",
> following by "what software performs said function", following by "what
> the software in question really needs to be operational". Requires
> knowing your software and a good memory, as usual.
>
>
>> Sorry for not providing the output earlier, but I was hoping for a more
>> general way to determine on which server dbus can be safely removed.
>
> Replace "dbus" with "some annoying dependency", and you'll see that some
> questions are better left answered by machine, not a human.
>

Duly noted, thanks again.

--
John Doe

Re: Upgrade Buster et MySQL/MariaDB

[fab]

'lut,

Ça fait beaucoup et je ne sais pas trop par quoi commencer... Avec le 
paquet default-mysql-server

oui, bonne idée. Sinon, j'ai directement installé mariadb avec:

mariadb-common
mariadb-server

, est-ce que les accès se font de manière transparente avec les 
commandes mysql ?

oui, toujours.

Les utilisateurs, les bases existantes ont-elles été migrées ?? 

oui.


J'imagine que oui mais sans sans PhpMyAdmin, je suis perdu ;-)

je me suis dit la même chose ;) Mais essaye adminer et tu seras conquis.

a+

f.

Upgrade Buster et MySQL/MariaDB

[Migrec]

Bonjour,

Lors de mon passage en Buster, j'ai eu un souci avec cacti (des échecs 
dans la migration des bases de données) et icinga2.
En vérifiant un peu, je me rends compte que le souci est lié à MySQL, au 
moins en partie : connexion impossible, fin de l'installation d'icinga2 
impossible). Et je prends connaissance (trop tard...) que MySQL est 
remplacé par MariaDB. Et que PhpMyAdmin n'est plus inclus.


Ça fait beaucoup et je ne sais pas trop par quoi commencer... Avec le 
paquet default-mysql-server
, est-ce que les accès se font de manière transparente avec les 
commandes mysql ?


Les utilisateurs, les bases existantes ont-elles été migrées ?? 
J'imagine que oui mais sans sans PhpMyAdmin, je suis perdu ;-)


Toute aide est la bienvenue.
--
Migrec

Re: dbus-deamon avoiding reboot after upgrade

[Reco]

Hi.

On Mon, Aug 19, 2019 at 09:25:56AM +0200, john doe wrote:
> On 8/18/2019 4:59 PM, Reco wrote:
> > On Sun, Aug 18, 2019 at 04:56:34PM +0200, john doe wrote:
> >> On 8/18/2019 3:19 PM, Brian wrote:
> >>> On Sun 18 Aug 2019 at 12:17:59 +0200, john doe wrote:
> >>>
>  On 8/17/2019 8:15 PM, Brian wrote:
> > On Tue 13 Aug 2019 at 20:07:49 +0200, john doe wrote:
> >>
> >> While upgrading the dbus deamon, I get the following:
> >>
> >> "A reboot is required to replace the running dbus-daemon.
> >> Please reboot the system when convenient."
> >>
> >>
> >> I have no plan to reboot that server, what are the pros and cons of not
> >> doing that or how can I avoid rebooting altogether?
> >
> > In the light of Curt's reference to #805449 and your reluctance to
> > provide any extra information on the server setup you have in mind,
> > your plan will have to accomodate reality. Reboot and be done with
> > it.
> >
> 
>  From reading this thread, here's what I understand:
> 
>  Despide the word desktop being thrown everyware (URL of the page given
>  in this thread, ...) it has now moved to be use or at the very least
>  installed, on non-desktop host.
> 
>  If the above is correct, is there a rule to determine if dbus is 
>  required?
>  Relying on apt/apt-get is something that I'm not comfortable with! :)
> >>>
> >>> The -s option to apt could make you feel more comfortable if you are
> >>> concerned about damaging the system. Otherwise, 'aptitude why dbus'.
> >>>
> >>
> >> Thank you, Apt/apt-get will do what I tell it to do but what I don't
> >> understand is on what bases should I remove dbus.
> >>
> >> In other words, in what cases is dbus not redondent/when do I need dbus
> >> on a non-desktop environment.
> >
> > Show us 'apt purge dbus -s' output please.
> 
> If things goes well on this server, which is a test server, I'll
> consider purging dbus from my production server(s) on which a reboot is
> to be avoided.
> 
> Here is the requested output from a test server:
> 
> $ apt purge dbus -s
<...>
>   dbus* libpam-systemd*

So, dbus is not needed there.


> Is apt the only way to know if dbus is redundant?

No, but it's an easiest one.

Hard one would be to answer "what function this server serves",
following by "what software performs said function", following by "what
the software in question really needs to be operational". Requires
knowing your software and a good memory, as usual.


> Sorry for not providing the output earlier, but I was hoping for a more
> general way to determine on which server dbus can be safely removed.

Replace "dbus" with "some annoying dependency", and you'll see that some
questions are better left answered by machine, not a human.

Reco

Re: dbus-deamon avoiding reboot after upgrade

[john doe]

On 8/18/2019 4:59 PM, Reco wrote:
> On Sun, Aug 18, 2019 at 04:56:34PM +0200, john doe wrote:
>> On 8/18/2019 3:19 PM, Brian wrote:
>>> On Sun 18 Aug 2019 at 12:17:59 +0200, john doe wrote:
>>>
 On 8/17/2019 8:15 PM, Brian wrote:
> On Tue 13 Aug 2019 at 20:07:49 +0200, john doe wrote:
>
>> Hi,
>>
>> While upgrading the dbus deamon, I get the following:
>>
>> "A reboot is required to replace the running dbus-daemon.
>> Please reboot the system when convenient."
>>
>>
>> I have no plan to reboot that server, what are the pros and cons of not
>> doing that or how can I avoid rebooting altogether?
>
> In the light of Curt's reference to #805449 and your reluctance to
> provide any extra information on the server setup you have in mind,
> your plan will have to accomodate reality. Reboot and be done with
> it.
>

 From reading this thread, here's what I understand:

 Despide the word desktop being thrown everyware (URL of the page given
 in this thread, ...) it has now moved to be use or at the very least
 installed, on non-desktop host.

 If the above is correct, is there a rule to determine if dbus is required?
 Relying on apt/apt-get is something that I'm not comfortable with! :)
>>>
>>> The -s option to apt could make you feel more comfortable if you are
>>> concerned about damaging the system. Otherwise, 'aptitude why dbus'.
>>>
>>
>> Thank you, Apt/apt-get will do what I tell it to do but what I don't
>> understand is on what bases should I remove dbus.
>>
>> In other words, in what cases is dbus not redondent/when do I need dbus
>> on a non-desktop environment.
>
> Show us 'apt purge dbus -s' output please.
>

If things goes well on this server, which is a test server, I'll
consider purging dbus from my production server(s) on which a reboot is
to be avoided.

Here is the requested output from a test server:

$ apt purge dbus -s
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
  dbus* libpam-systemd*
0 upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
Purg libpam-systemd [241-5]
Purg dbus [1.12.16-1]


Is apt the only way to know if dbus is redundant?


P.S.

Sorry for not providing the output earlier, but I was hoping for a more
general way to determine on which server dbus can be safely removed.

--
John Doe

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

[Andrei POPESCU]

On Du, 18 aug 19, 14:06:57, John Kerr Anderson wrote:
> Hello today,  I've got an Ideapad and after I suspend I cannot get the
> audio to work when the system resumes.
> 
> lspci -v returns the following for the audio section:

[...]

> Kernel driver in use: snd_hda_intel
> Kernel modules: snd_hda_intel, snd_soc_skl

As a workaround you could try to remove and re-insert snd_hda_intel.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Network/Settings (ou l'applet network-manager) fait disparaître la connexion bridge créée si on la désactive

[Fabien R]

On 19/08/2019 01:46, roger.tar...@free.fr wrote:
> Quant à analyser et corriger le code, pourquoi pas, mais c'est une autre 
> aventure. 
> Est-ce jouable selon vous ? 
C'est le principe même du libre.
Si une fonctionnalité manque ou un bug te bloque de façon critique...

--
Fabien

Re: Buster: I can access SMB share from Windows 10 v1903 client, but cannot write to it (settings within)

[Judah Richardson]

Solution here:
https://www.reddit.com/r/debian/comments/csc3vt/buster_i_can_access_smb_share_from_windows_10/exe050g/

On Sun, Aug 18, 2019 at 11:07 PM Judah Richardson 
wrote:

> On Debian Buster, I have a shared folder that lives on a btrfs raid1
> array. It's located at
> /mnt/ToshibaL200BtrfsRAID1/@/Backup/luckyBackup/HPProBook4530s
>
> I would like to ensure that my samba user and mine alone has read/write
> access to that folder.
>
> I cloned the permissions from my home folder to that folder using:
>
> sudo chmod --reference=/home/MyUsername
> /mnt/ToshibaL200BtrfsRAID1/@/Backup/luckyBackup/HPProBook4530s
>
> In smb.conf, I have:
>
> [hpprobook4530s]
>comment = backup path
>browseable = yes
>writable = yes
>path = /mnt/ToshibaL200BtrfsRAID1/@/Backup/luckyBackup/HPProBook4530s
> #   create mask = 0775
> #   directory mask = 0775
>force user = MyUsername
>
> I've restarted the samba daemon after each change using:
>
> sudo /usr/sbin/service smbd restart
>
> While I can access the folder from my Windows 10 v1903 client, I cannot
> write to it. What am I doing wrong?
>
>
>