Re: issue with purging an old kernel

[Vincent Lefevre]

On 2022-06-21 12:09:00 -0600, D. R. Evans wrote:
> DdB wrote on 6/20/22 10:07:
> > Since i am running dozens of VM's, i can say:
> > Me2 am running into this regularly, when i am trying to purge old
> > kernels. I am seeing this so frequently, that i even wrote a script
> > (meant to be run inside the VM's) to clean up the mess, some apt-scripts
> > happen to leave behind.
> 
> It's comforting to know that this seems to be a relatively common occurrence
> (although this is the first time I've run into it, and I've been running
> debian for maybe seven or eight years at this point). As far as I know I
> have only official debian stable packages on the system, so it has the
> flavour of a minor packaging bug somewhere. Anyway, I'm not going to worry
> about it, given that you see it so often. I have cleared out the offending
> directory and moved on.

Not necessarily a bug. There are packages whose goal is to build
modules. While the source is tracked by the packaging system,
what is built isn't.

It could still be a bug in some /etc/kernel/prerm.d script.
Or you could write a script there to remove empty directories
for the kernel being removed.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: Status of Virtualbox in debian

[Boyan Penkov]

On Tue, Jun 21, 2022 at 7:32 PM Peter Hillier-Brook  wrote:
>
> On 21/06/2022 12:48, Boyan Penkov wrote:
> >
> >
> > On 6/21/22 07:35, Peter Hillier-Brook wrote:
> >> On 21/06/2022 11:53, Siard wrote:
> >>> On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:
>  On 20/06/2022 14:55, Siard wrote:
> > On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote: :
> >>> www.virtualbox.org/manual/ch04.html#additions-linux
> >>>
> >>> I should also note that right now there appear to be problems with
> >>> the latest
> >>> kernel, 5.18.0. The message in the terminal where VB was started
> >>> from, says:
> >>> "WARNING: The vboxdrv kernel module is not loaded. Either there is no
> >>> module
> >>> available for the current kernel (5.18.0-1-amd64) or it failed to load."
> >>> Probably a temporary problem. When starting Debian with the previous
> >>> kernel
> >>> 5.17.0, VB still works.
> >>
> >> Thanks for the quick response. Without correctly functioning guest
> >> additions - by which I specifically mean USB - VirtualBox is almost
> >> useless for me. I would agree with you that kernel 5.18.0 is the most
> >> likely source of the problem and living on in hope is the best option.
> >
> > Hey folks -- I was OP on the thread that raised the dmks issue; with
> > thanks to Keith Bainbridge, ensuring linux-kernel-headers for 5.18 were
> > installed, and then reinstalling virtualbox and virtualbox-dkms resolved
> > the issue for me.  I can confirm this is working on 5.18.0-1-amd64 right
> > now.
>
> The last time I looked at Sid the VirtualBox version was very dated. I
> doubt that you have achieved success via VBox 6.1.34?

Confirming my observations are on 6.1.34, which is what's in Sid right now.
>
> Peter HB
>


-- 
Boyan Penkov

Re: Status of Virtualbox in debian

[Peter Hillier-Brook]

On 21/06/2022 12:48, Boyan Penkov wrote:



On 6/21/22 07:35, Peter Hillier-Brook wrote:

On 21/06/2022 11:53, Siard wrote:

On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:

On 20/06/2022 14:55, Siard wrote:

On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote: :

www.virtualbox.org/manual/ch04.html#additions-linux

I should also note that right now there appear to be problems with 
the latest
kernel, 5.18.0. The message in the terminal where VB was started 
from, says:
"WARNING: The vboxdrv kernel module is not loaded. Either there is no 
module

available for the current kernel (5.18.0-1-amd64) or it failed to load."
Probably a temporary problem. When starting Debian with the previous 
kernel

5.17.0, VB still works.


Thanks for the quick response. Without correctly functioning guest 
additions - by which I specifically mean USB - VirtualBox is almost 
useless for me. I would agree with you that kernel 5.18.0 is the most 
likely source of the problem and living on in hope is the best option.


Hey folks -- I was OP on the thread that raised the dmks issue; with 
thanks to Keith Bainbridge, ensuring linux-kernel-headers for 5.18 were 
installed, and then reinstalling virtualbox and virtualbox-dkms resolved 
the issue for me.  I can confirm this is working on 5.18.0-1-amd64 right 
now.


The last time I looked at Sid the VirtualBox version was very dated. I 
doubt that you have achieved success via VBox 6.1.34?


Peter HB

Re: : SSH timeout logoff don't work!

[didier . gaumet]

Le mardi 21 juin 2022 à 23:40 +0200, didier gaumet a écrit :

[...]
> - if you want to restrict the time of ssh connection and are in
> position to modify the ssh command they use (an alias in their bashrc
> for example?), perhaps you can try to force the ssh -o option with
> the ConnectTimeout parameter (see ssh manpage). I have never done it
> myself, so I don't know if it can solve your problem.

Too quick to post: I just checked the ssh_config manpage and this
ConnectTimeout parameter is only relative to the time to establish the
connection, so no cigar.

Re: : SSH timeout logoff don't work!

[didier gaumet]

Le mardi 21 juin 2022 à 12:52 +0200, Conti Stefano a écrit :
> If I put ClientAliveCountMax 1 with ClientAliveInterval 600 timeout
> is 1200 inmy Debian 11. I have try all combinations but at the moment
> nothing happen; session stay alive! There is somethng but i don't
> understand what keep alive the session...

- just in case: do you restart sshd after modifying its setup?
- As Greg Wooledge as stated, use of these sshd parameters is to permit
closing of unresponsive or hung connections, not ordinary and
responsive connections
- if you want to restrict the time of ssh connection and are in
position to modify the ssh command they use (an alias in their bashrc
for example?), perhaps you can try to force the ssh -o option with the
ConnectTimeout parameter (see ssh manpage). I have never done it
myself, so I don't know if it can solve your problem.

Re: I *think* I found the apache2 docs, but it's in .html and Icannot getfirefox to access it using "file:"+ /path/to/filedir

[Gareth Evans]

> On 21 Jun 2022, at 22:12, Gareth Evans  wrote:
> 
> On Tue 21 Jun 2022, at 20:16, gene heskett  wrote:
>>> On 6/21/22 14:09, Gareth Evans wrote:
>>> On Tue 21 Jun 2022, at 18:06, gene heskett  wrote:
 On 6/21/22 12:11, Andrew M.A. Cater wrote:
> On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:
>> Greetings all;
>> 
>> So how am I supposed to read these installed docs?
>> 
>> Thanks all.
>> 
>> Cheers, Gene Heskett.
>> -- 
>> "There are four boxes to be used in defense of liberty:
>>   soap, ballot, jury, and ammo. Please use in that order."
>> -Ed Howdershelt (Author, 1940)
>> If we desire respect for the law, we must first make the law respectable.
>>   - Louis D. Brandeis
>> 
>> From a web browser?
> 
> file:///usr/share/doc/apache2-doc
> 
> That's three slashes - file:// - two slashes - and then the filesystem 
> path.
> 
> Hope this helps, with every good wish, as ever,
> 
> Andy Cater
 And that works, the third slash is new to me.
 
 So now the only thing I've changed from the default install is in
 /etc/apache2/envvars
 for usr and grp to be www-data. But now it won't restart.
 journalctl -xe reports:
 Jun 21 12:46:16 coyote apachectl[286443]: AH00526: Syntax error on line
 63 of /etc/apache2/conf-enabled/security.conf:
 Jun 21 12:46:16 coyote apachectl[286443]: Invalid command 'Header', [...]
>>> In my (unedited) version of that file:
>>> 
>>> [...]
>>> 61 # Requires mod_headers to be enabled.
>>> 62 #
>>> 63 #Header set X-Content-Type-Options: "nosniff"
>>> 
>>> If line 63 is required un-commented, then
>>> 
>>> $ sudo a2enmod headers
>>> $ sudo systemctl restart apache2
>>> 
>>> should do the trick.
>> After I found it with locate/ /usr/sbin is not in su's $PATH
>> That fixed the error, and I uncommented the stanza in apache2.conf
>> that points to the directory I want the server to access, and
>> localhost:port# displays the default startup page ok.
>> 
>> dig "my-site-name" returns the proper ipv4 address.
> 
>>  I just used the address:6309 and it worked. So I edited the
>> address bar to use the registered name:6309 and hit F5,
>> a couple times, and that works.
> 
> Do you see a page titled "Apache2 Debian Default Page" with the Debian logo?
> 
> If so it's probably configured in
> 
> /etc/apache2/sites-available/000-default.conf
> 
> or 
> 
> /etc/apache2/sites-available/default-ssl.conf for https version
> 
> as Debian uses name-based virtual hosts with a config file structure which 
> does not correspond to the Apache docs afaics, and I can't find any Debian 
> docs on the subject.
> 
> https://httpd.apache.org/docs/2.4/configuring.html
> https://httpd.apache.org/docs/2.4/vhosts/
> 
> 000-default is already enabled (though the other for https may not be) if 
> you're seeing the page I referred to above.
> 
> $ sudo a2ensite filename (without .conf)
> 
> is the command you would use to enable an "available" configuration (which 
> creates a symlink in ../sites-enabled),


> but you may find it easier just to edit the existing 000-default.conf file.

According to comments in my apache2.conf there needs to be a directory stanza 
there too for each directory not already declared which you want Apache to be 
able to access contents under.

>  You can create another (or iirc just extend it) if you want to add other 
> (domain-)name-based sites in future.
> 
> * in the virtualhost tag as in "*:portNo" means "all domains", so these would 
> need to be specified if >1.
> 
> This tutorial (amongst others I'm sure) explains the Debian approach:
> 
> https://vitux.com/debian-apache/
> 
> You may find that putting a suitable  stanza around your 
> directory stanza in apache2.conf works (eg. copy the relevant parts from 
> 000-default), though I think you would at least need to disable 000-default 
> if you do. For that:
> 
> $ sudo a2dissite 000-default
> 
> I think the most pain-free method is likely to be to edit or add to the files 
> in 
> /etc/apache2/sites-available/
> 
> Hope that helps.
> Gareth
> 
> 
>> 
>> So now I need a  stanza in apache2.conf that works.
>> This one doesn't:
>> 
>> Options Indexes FollowSymLinks
>> AllowOverride None
>> Require all granted
>> 
>> 
>> Do I need to comment out the default page to expose mine?
>> I have constructed that path, made a subdir for buster armhf
>> stuff in it and placed an preempt-rt kernel file in it. 
>> The intent
>> is to let anybody download it. If the bots insist on wasting my
>> upload bw, I may OTP passwd protect the subdirs, but that's a
>> future option & howto question.
>> 
>> Making progress, I think, Thanks Gareth.
>> 
>> Take care & stay well.
>> 
>> Cheers, Gene Heskett.
>> -- 
>> "There are four boxes to be used in defense of liberty:
>>  soap, ballot, jury, and ammo. Please use in that order."
>> -Ed Howdershelt (Author, 1940)
>> If we desire respect for the 

Re: SSH timeout logoff don't work!

[Nicholas Geovanis]

On Tue, Jun 21, 2022 at 6:04 AM Greg Wooledge  wrote:

> On Tue, Jun 21, 2022 at 10:05:43AM +0200, Conti Stefano wrote:
> > Hello! In My Debian 11 SSH timeout logoff not work! I must put in
> > .bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
> > course, but close all bash terminal!
> >
> > This is my sshd_config with info for timeout:
> >
> > TCPKeepAlive no
> > ClientAliveInterval 600
> > ClientAliveCountMax 0
>
> Those settings *are not* supposed to close an idle ssh session.  Nothing
> in ssh is supposed to close an idle session.  There isn't any facility
> to do that, because it's entirely contrary to the design of ssh.
>
> Your TMOUT solution is the standard way to appease the managerial morons
> who are asking this of you.


Well, it's one of the standard ways. The other is to let the network admins
do it instead.


> It asks the shell to terminate if it's
> sitting idle for however many seconds you specify.  If the shell closes,
> then the ssh session is free to close as well, assuming there are no
> active tunneling connections, etc.
>
>

Re: Status of Virtualbox in debian

[Oliver Schoede]

On Tue, 21 Jun 2022 13:31:11 +0100
Joe  wrote:

>
>Yes, I was using it a few years ago, and a new Debian kernel made the
>guest additions unusable. I forget what I needed them for, but gave up
>on VB then. I dare say a later version of the VB additions fixed the
>problem, but there was no knowing how long this would take, or whether
>this would happen after every kernel upgrade.
>

Nearly. To be fair though that's usually not Debian specific, the latest
patch for our own packages for instance was liberally taken from
Arch Linux. The VB folks too are constantly trying to keep up with a
moving target as is the kernel and basically every changelog sports a
line or two announcing as much. And then these guys are (or have been
anyway) cranking out releases like hardly anything that's (mostly) free
software after all, maybe apart from Linux itself. In fact I dimly
remember FreeBSD at some point giving up on it more or less completely,
they were pretty much on their own and hopeless. We're already lucky
Linux is just big enough to be supported and somehow worth it, how
long, who knows. One probably shouldn't be surprised though if
something like this perhaps doesn't always, immediately work OOB on the
shiniest, newest kernel releases. If at all possible and stability is
the main thing, it's a typical use case for an LTS kernel by the way.

Regards,
Oliver

Re: I *think* I found the apache2 docs, but it's in .html and Icannot getfirefox to access it using "file:"+ /path/to/filedir

[Gareth Evans]

On Tue 21 Jun 2022, at 20:16, gene heskett  wrote:
> On 6/21/22 14:09, Gareth Evans wrote:
>> On Tue 21 Jun 2022, at 18:06, gene heskett  wrote:
>>> On 6/21/22 12:11, Andrew M.A. Cater wrote:
 On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:
> Greetings all;
>
> So how am I supposed to read these installed docs?
>
> Thanks all.
>
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
>soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>- Louis D. Brandeis
>
 >From a web browser?

 file:///usr/share/doc/apache2-doc

 That's three slashes - file:// - two slashes - and then the filesystem 
 path.

 Hope this helps, with every good wish, as ever,

 Andy Cater
>>> And that works, the third slash is new to me.
>>>
>>> So now the only thing I've changed from the default install is in
>>> /etc/apache2/envvars
>>> for usr and grp to be www-data. But now it won't restart.
>>> journalctl -xe reports:
>>> Jun 21 12:46:16 coyote apachectl[286443]: AH00526: Syntax error on line
>>> 63 of /etc/apache2/conf-enabled/security.conf:
>>> Jun 21 12:46:16 coyote apachectl[286443]: Invalid command 'Header', [...]
>> In my (unedited) version of that file:
>>
>> [...]
>> 61 # Requires mod_headers to be enabled.
>> 62 #
>> 63 #Header set X-Content-Type-Options: "nosniff"
>>
>> If line 63 is required un-commented, then
>>
>> $ sudo a2enmod headers
>> $ sudo systemctl restart apache2
>>
>> should do the trick.
> After I found it with locate/ /usr/sbin is not in su's $PATH
> That fixed the error, and I uncommented the stanza in apache2.conf
> that points to the directory I want the server to access, and
> localhost:port# displays the default startup page ok.
>
> dig "my-site-name" returns the proper ipv4 address.

>   I just used the address:6309 and it worked. So I edited the
> address bar to use the registered name:6309 and hit F5,
> a couple times, and that works.

Do you see a page titled "Apache2 Debian Default Page" with the Debian logo?

If so it's probably configured in

/etc/apache2/sites-available/000-default.conf

or 

/etc/apache2/sites-available/default-ssl.conf for https version

as Debian uses name-based virtual hosts with a config file structure which does 
not correspond to the Apache docs afaics, and I can't find any Debian docs on 
the subject.

https://httpd.apache.org/docs/2.4/configuring.html
https://httpd.apache.org/docs/2.4/vhosts/

000-default is already enabled (though the other for https may not be) if 
you're seeing the page I referred to above.

$ sudo a2ensite filename (without .conf)

is the command you would use to enable an "available" configuration (which 
creates a symlink in ../sites-enabled), but you may find it easier just to edit 
the existing 000-default.conf file.  You can create another (or iirc just 
extend it) if you want to add other (domain-)name-based sites in future.

* in the virtualhost tag as in "*:portNo" means "all domains", so these would 
need to be specified if >1.

This tutorial (amongst others I'm sure) explains the Debian approach:

https://vitux.com/debian-apache/

You may find that putting a suitable  stanza around your directory 
stanza in apache2.conf works (eg. copy the relevant parts from 000-default), 
though I think you would at least need to disable 000-default if you do. For 
that:

$ sudo a2dissite 000-default

I think the most pain-free method is likely to be to edit or add to the files 
in 
/etc/apache2/sites-available/

Hope that helps.
Gareth


>
> So now I need a  stanza in apache2.conf that works.
> This one doesn't:
> 
>      Options Indexes FollowSymLinks
>      AllowOverride None
>      Require all granted
> 
>
> Do I need to comment out the default page to expose mine?
> I have constructed that path, made a subdir for buster armhf
> stuff in it and placed an preempt-rt kernel file in it. 
> The intent
> is to let anybody download it. If the bots insist on wasting my
> upload bw, I may OTP passwd protect the subdirs, but that's a
> future option & howto question.
>
> Making progress, I think, Thanks Gareth.
>
> Take care & stay well.
>
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
>   soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>   - Louis D. Brandeis

Re: new subject

[gene heskett]

On 6/21/22 15:19, gene heskett writes:


dig "my-site-name" returns the proper ipv4 address.
 I just used the address:6309 and it worked. So I edited the
address bar to use the registered name:6309 and hit F5,
a couple times, and that works.

So now I need a  stanza in apache2.conf that 
works.

This one doesn't:

    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted


Do I need to comment out the default page to expose mine?



I have constructed that path, made a subdir for buster armhf
stuff in it and placed an preempt-rt kernel file in it.  The intent
is to let anybody download it. If the bots insist on wasting my
upload bw, I may OTP passwd protect the subdirs, but that's a
future option & howto question.

Take care & stay well.

Cheers, Gene Heskett.



Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: I *think* I found the apache2 docs, but it's in .html andIcannot getfirefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/21/22 15:30, Greg Wooledge wrote:

On Tue, Jun 21, 2022 at 03:16:11PM -0400, gene heskett wrote:

/usr/sbin is not in su's $PATH

https://wiki.debian.org/NewInBuster#Changes


Thanks Greg just what Mr.Gene ordered.

Take care & stay well.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: I *think* I found the apache2 docs, but it's in .html and Icannot getfirefox to access it using "file:"+ /path/to/filedir

[Greg Wooledge]

On Tue, Jun 21, 2022 at 03:16:11PM -0400, gene heskett wrote:
> /usr/sbin is not in su's $PATH

https://wiki.debian.org/NewInBuster#Changes

Re: I *think* I found the apache2 docs, but it's in .html and Icannot getfirefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/21/22 14:09, Gareth Evans wrote:

On Tue 21 Jun 2022, at 18:06, gene heskett  wrote:

On 6/21/22 12:11, Andrew M.A. Cater wrote:

On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:

Greetings all;

So how am I supposed to read these installed docs?

Thanks all.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
   soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
   - Louis D. Brandeis


>From a web browser?

file:///usr/share/doc/apache2-doc

That's three slashes - file:// - two slashes - and then the filesystem path.

Hope this helps, with every good wish, as ever,

Andy Cater

And that works, the third slash is new to me.

So now the only thing I've changed from the default install is in
/etc/apache2/envvars
for usr and grp to be www-data. But now it won't restart.
journalctl -xe reports:
Jun 21 12:46:16 coyote apachectl[286443]: AH00526: Syntax error on line
63 of /etc/apache2/conf-enabled/security.conf:
Jun 21 12:46:16 coyote apachectl[286443]: Invalid command 'Header', [...]

In my (unedited) version of that file:

[...]
61 # Requires mod_headers to be enabled.
62 #
63 #Header set X-Content-Type-Options: "nosniff"

If line 63 is required un-commented, then

$ sudo a2enmod headers
$ sudo systemctl restart apache2

should do the trick.

After I found it with locate/ /usr/sbin is not in su's $PATH
That fixed the error, and I uncommented the stanza in apache2.conf
that points to the directory I want the server to access, and
localhost:port# displays the default startup page ok.

dig "my-site-name" returns the proper ipv4 address.
 I just used the address:6309 and it worked. So I edited the
address bar to use the registered name:6309 and hit F5,
a couple times, and that works.

So now I need a  stanza in apache2.conf that works.
This one doesn't:

    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted


Do I need to comment out the default page to expose mine?
I have constructed that path, made a subdir for buster armhf
stuff in it and placed an preempt-rt kernel file in it.  The intent
is to let anybody download it. If the bots insist on wasting my
upload bw, I may OTP passwd protect the subdirs, but that's a
future option & howto question.

Making progress, I think, Thanks Gareth.

Take care & stay well.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: issue with purging an old kernel

[D. R. Evans]

DdB wrote on 6/20/22 10:07:

Since i am running dozens of VM's, i can say:
Me2 am running into this regularly, when i am trying to purge old
kernels. I am seeing this so frequently, that i even wrote a script
(meant to be run inside the VM's) to clean up the mess, some apt-scripts
happen to leave behind.


It's comforting to know that this seems to be a relatively common occurrence 
(although this is the first time I've run into it, and I've been running 
debian for maybe seven or eight years at this point). As far as I know I have 
only official debian stable packages on the system, so it has the flavour of a 
minor packaging bug somewhere. Anyway, I'm not going to worry about it, given 
that you see it so often. I have cleared out the offending directory and moved on.


Thanks to you and the other posters for responding.

  Doc

--
Web:  http://enginehousebooks.com/drevans

Re: I *think* I found the apache2 docs, but it's in .html and Icannot get firefox to access it using "file:"+ /path/to/filedir

[Gareth Evans]

On Tue 21 Jun 2022, at 18:06, gene heskett  wrote:
> On 6/21/22 12:11, Andrew M.A. Cater wrote:
>> On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:
>>> Greetings all;
>>>
>>> So how am I supposed to read these installed docs?
>>>
>>> Thanks all.
>>>
>>> Cheers, Gene Heskett.
>>> -- 
>>> "There are four boxes to be used in defense of liberty:
>>>   soap, ballot, jury, and ammo. Please use in that order."
>>> -Ed Howdershelt (Author, 1940)
>>> If we desire respect for the law, we must first make the law respectable.
>>>   - Louis D. Brandeis
>>>
>> >From a web browser?
>>
>> file:///usr/share/doc/apache2-doc
>>
>> That's three slashes - file:// - two slashes - and then the filesystem path.
>>
>> Hope this helps, with every good wish, as ever,
>>
>> Andy Cater
> And that works, the third slash is new to me.
>

> So now the only thing I've changed from the default install is in 
> /etc/apache2/envvars
> for usr and grp to be www-data. But now it won't restart.
> journalctl -xe reports:
> Jun 21 12:46:16 coyote apachectl[286443]: AH00526: Syntax error on line 
> 63 of /etc/apache2/conf-enabled/security.conf:
> Jun 21 12:46:16 coyote apachectl[286443]: Invalid command 'Header', [...]

In my (unedited) version of that file:

[...]
61 # Requires mod_headers to be enabled.
62 #
63 #Header set X-Content-Type-Options: "nosniff"

If line 63 is required un-commented, then

$ sudo a2enmod headers
$ sudo systemctl restart apache2

should do the trick.

$ sudo apache2ctl -M

should then inlclude

"headers_module (shared)" 

which

https://httpd.apache.org/docs/current/mod/mod_headers.html

confirms is the identifier for mod_headers.

$ sudo a2dismod headers
$ sudo systemctl restart apache2
to disable, should that be desired.

Hope that helps.
Gareth



> perhaps misspelled or defined by a module not included in the server 
> configuration
> Jun 21 12:46:16 coyote apachectl[286440]: Action 'start' failed.
>
> It appears apache2 probably has it own mechanism for moving/linking stuff
> from mods-available to mods-enabled but makes no reference to the name 
> of that
> utility that I have found. Does it have a name? Or do I cobble up a 
> symlink in mc?
>
> Thanks Andy.
>> .
>
>
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
>   soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>   - Louis D. Brandeis

Re: Status of Virtualbox in debian

[Boyan Penkov]

On Tue, Jun 21, 2022, 13:26 Siard  wrote:

> On Tue, 21 Jun 2022 07:48 -0400, Boyan Penkov wrote:
> > ... ensuring linux-kernel-headers for 5.18 were installed, and then
> > reinstalling virtualbox and virtualbox-dkms resolved the issue for me.
> > I can confirm this is working on 5.18.0-1-amd64 right now.
>
> Is this in testing? Do you have a debian version of virtualbox (from sid??)
>

Yes, vbox  from Side.

or the version from www.virtualbox.org? And where did you find
> virtualbox-dkms?
>

In Sid.   Yes, this is a mixed testing/unstable install...

>
>

Re: IPMI Service error al actualizar

[Camaleón]

El 2022-06-21 a las 18:53 +0200, Juan Gómez "Txonta" escribió:

> Hola.
> 
>Después de actualizar los paquetes en el servidor debian
>me devuelve un error que no me llega mi conocimiento a saber la
>transcendencia
>ni como actuar. Agradezco comentarios y consejos.
>Mensaje en apt upgrade:
> 

(...)

>jun 21 16:48:15 xx--ovh systemd[1]: Starting IPMI event
>daemon...
>jun 21 16:48:15 xx--ovh ipmievd[17846]: Could not open
>device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such
>file or directory

(...)

IPMI es un sistema para gestionar el hardware de los servidores, muy útil 
en funciones de mantenimiento y control de los equipos cuando  trabajas 
en remoto.

Por los mensajes que veo me da la sensación de que estás en una máquina 
virtual y que el servidor físico tendrá instalada una tarjeta IPMI, que 
tendrás que configurar para poder usarla, normalmente cargando el 
módulo del kernel e instalado alguna herramienta de monitorización.

(...)

>¿Que me aconsejan?

Te puede venir bien tener configurado el módulo IPMI, pero ten cuidado 
si accedes en remoto y no tienes acceso físico al servidor, porque 
puedes dejarlo sin comunicación o inaccesible.

Busca información sobre lo que te ofrece el servicio¹ y si le ves 
utilidad, trata de configurarlo instalando las herramientas neecsarias 
de gestión (ipmitool o similares)

Si decides que no lo necesitas, podrás desactivar el servicio para que 
no te dé guerra.

¹https://www.ibm.com/docs/es/power8?topic=power8-p8eih-p8eih-ipmitool-htm

Saludos,

-- 
Camaleón 

Re: Status of Virtualbox in debian

[Siard]

On Tue, 21 Jun 2022 07:48 -0400, Boyan Penkov wrote:
> ... ensuring linux-kernel-headers for 5.18 were installed, and then
> reinstalling virtualbox and virtualbox-dkms resolved the issue for me.
> I can confirm this is working on 5.18.0-1-amd64 right now.

Is this in testing? Do you have a debian version of virtualbox (from sid??)
or the version from www.virtualbox.org? And where did you find virtualbox-dkms?

Re: I *think* I found the apache2 docs, but it's in .html and Icannot get firefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/21/22 12:26, Will Mengarini wrote:

* gene heskett  [22-06/21=Tu 11:55 -0400]:

[Apache2 docs are in .html & Firefox won't access it using "file:"+
/path/to/filedir, so] how am I supposed to read these installed docs?

Firefox disables file: URLs by default now, but you can enable them.

I found instructions by Googling 'firefox file: URLs'; the first hit
looked good.  The nuance is that you have to be able to find your
profile folder, which has a weird randomized name.  Links:

https://blog.scottlowe.org/2020/04/04/making-file-urls-work-again-in-firefox/
http://kb.mozillazine.org/Profile_folder_-_Firefox

Let us know if the instructions you Google up are insufficient.

I got that working with Andy's help.

"There are four boxes to be used in defense of liberty:
  soap, ballot, jury, and ammo. Please use in that order."

There are FIVE boxes to be used in defense of liberty:
search, soap, ballot, jury, and ammo.

Yeah, but in case you've not noticed, all the boxes up to the last have
had little effect recently. Scary. I don't know what good adding the
search is as its flltered to make sure it's PC according to TPTB. Free 
speech?

Is history...






Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: I *think* I found the apache2 docs, but it's in .html and Icannot get firefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/21/22 12:11, Andrew M.A. Cater wrote:

On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:

Greetings all;

So how am I supposed to read these installed docs?

Thanks all.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
  soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
  - Louis D. Brandeis


>From a web browser?

file:///usr/share/doc/apache2-doc

That's three slashes - file:// - two slashes - and then the filesystem path.

Hope this helps, with every good wish, as ever,

Andy Cater

And that works, the third slash is new to me.

So now the only thing I've changed from the default install is in 
/etc/apache2/envvars

for usr and grp to be www-data. But now it won't restart.
journalctl -xe reports:
Jun 21 12:46:16 coyote apachectl[286443]: AH00526: Syntax error on line 
63 of /etc/apache2/conf-enabled/security.conf:
Jun 21 12:46:16 coyote apachectl[286443]: Invalid command 'Header', 
perhaps misspelled or defined by a module not included in the server 
configuration

Jun 21 12:46:16 coyote apachectl[286440]: Action 'start' failed.

It appears apache2 probably has it own mechanism for moving/linking stuff
from mods-available to mods-enabled but makes no reference to the name 
of that
utility that I have found. Does it have a name? Or do I cobble up a 
symlink in mc?


Thanks Andy.

.



Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

IPMI Service error al actualizar

[Txonta]

Hola.

   Después de actualizar los paquetes en el servidor debian
   me devuelve un error que no me llega mi conocimiento a saber la
   transcendencia
   ni como actuar. Agradezco comentarios y consejos.
   Mensaje en apt upgrade:

   ...
   Job for ipmievd.service failed because the control process
   exited with error code.
   See "systemctl status ipmievd.service" and "journalctl -xe" for
   details.
   invoke-rc.d: initscript ipmievd, action "restart" failed.
   ● ipmievd.service - IPMI event daemon
   Loaded: loaded (/lib/systemd/system/ipmievd.service;
   disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2022-06-21
   16:48:15 CEST; 13ms ago
  Process: 17846 ExecStart=/usr/sbin/ipmievd $IPMIEVD_OPTIONS
   (code=exited, status=1/FAILURE)

   jun 21 16:48:15 xx--ovh systemd[1]: Starting IPMI event
   daemon...
   jun 21 16:48:15 xx--ovh ipmievd[17846]: Could not open
   device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such
   file or directory
   jun 21 16:48:15 xx--ovh systemd[1]: ipmievd.service: Control
   process exited, code=exited status=1
   jun 21 16:48:15 xx--ovh systemd[1]: Failed to start IPMI
   event daemon.
   jun 21 16:48:15 xx--ovh systemd[1]: ipmievd.service: Unit
   entered failed state.
   jun 21 16:48:15 xx--ovh systemd[1]: ipmievd.service: Failed
   with result 'exit-code'.
   Hint: Some lines were ellipsized, use -l to show in full.
   Unable to start ipmievd during installation.  Trying to disable.
   ...

   El servicio que desconozco y del que hay poca información en la red
   parece que continuamente esta cambiando de id:

   # ps axwu|grep ipmi
   root 23673  0.0  0.0  12780  1024 pts/0    S+   18:17   0:00
   grep ipmi
   :~# ps axwu|grep ipmi
   root 23677  0.0  0.0  12780   940 pts/0    S+   18:17   0:00
   grep ipmi

   No responde a service stop, o restart.
   Mas datos:

   # uname -a
   Linux xx-ovh 4.9.0-15-amd64 #1 SMP Debian 4.9.258-1
   (2021-03-08) x86_64 GNU/Linux
   # lsb_release -a
   No LSB modules are available.
   Distributor ID:    Debian
   Description:    Debian GNU/Linux 9.13 (stretch)
   Release:    9.13
   Codename:    stretch

   ¿Que me aconsejan?
   Disculpad la ignorancia y gracias por la ayuda.

Juan

Re: I *think* I found the apache2 docs, but it's in .html and I cannot get firefox to access it using "file:"+ /path/to/filedir

[Will Mengarini]

* gene heskett  [22-06/21=Tu 11:55 -0400]:
> [Apache2 docs are in .html & Firefox won't access it using "file:"+
> /path/to/filedir, so] how am I supposed to read these installed docs?

Firefox disables file: URLs by default now, but you can enable them.

I found instructions by Googling 'firefox file: URLs'; the first hit
looked good.  The nuance is that you have to be able to find your
profile folder, which has a weird randomized name.  Links:

https://blog.scottlowe.org/2020/04/04/making-file-urls-work-again-in-firefox/
http://kb.mozillazine.org/Profile_folder_-_Firefox

Let us know if the instructions you Google up are insufficient.

> "There are four boxes to be used in defense of liberty:
>  soap, ballot, jury, and ammo. Please use in that order."

There are FIVE boxes to be used in defense of liberty:
search, soap, ballot, jury, and ammo.

-- 
 Will Mengarini  
 Free software: the Source will be with you, always.

.htaccess help?

[Maurizio Caloro]

Hello

Fighting with setup .htpaccess restriction and i need to give access to 
the folder

    >"https://mta-sts.caloro.ch/.well-known/mta-sts.txt; to public

this folder living on my system on following folder /var/www/mta-sts, 
the Home-

page are on folder /var/www/wordpress/index

if disable the folowing line "RewriteRule ^(.*)$ https://www.caloro.ch/ 
[R,L]"

i have access to this mta-sts.txt. please how i can concentrate to open only
the hompege and this mta-sts folder, so that are visible to public:

on etc/apache i have the mta-sts.conf

/etc/apache2/sites-available# cat mta-sts-ssl.conf


    ServerName mta-sts.caloro.ch
    DocumentRoot /

ErrorDocument 403 "403 Forbidden - This site is used to specify the 
MTA-STS policy for this domain, please see '/.well-known/mta-sts.txt'. 
If you were not expecting to see this, please use href=\"https://caloro.ch\; rel=\"noopener\">https://caloro.ch instead."


    DocumentRoot "/var/www/mta-sts"
    
    Options -Indexes +FollowSymLinks
    # AllowOverride AuthConfig
    AllowOverride None
    # Tachtler (enable for unlimited access)
    Require all granted
    
    Alias /.well-known/mta-sts.txt /var/www/mta-sts/mta-sts.txt
    DirectoryIndex mta-sts.txt

    RewriteEngine On
    RewriteOptions IgnoreInherit
    RewriteRule !^/.well-known/mta-sts.txt - [L,R=403]

    SSLCertificateFile 
/etc/letsencrypt/live/mta-sts.caloro.ch/fullchain.pem
    SSLCertificateKeyFile 
/etc/letsencrypt/live/mta-sts.caloro.ch/privkey.pem

    Include /etc/letsencrypt/options-ssl-apache.conf



--

/var/www# cat .htaccess
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
# RewriteRule ^(.*)$ https://www.caloro.ch/ [R,L]
# RewriteRule ^(.*)$ https://mta-sts.caloro.ch/.well-known/ [R,L]

# No access to Folder-Structures
Options All -Indexes

# No access to the install.php

Order allow,deny
Deny from all


# No access to the wp-config.php

Order allow,deny
Deny from all


## No access to .htaccess and .htpasswd

 Order deny,allow
 Deny from all


## No access to includes folder

 RewriteEngine On
 RewriteBase /
 RewriteRule ^wp-admin/includes/ - [F,L]
 RewriteRule !^wp-includes/ - [S=3]
 RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
 RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
 RewriteRule ^wp-includes/theme-compat/ - [F,L]


## No access to usernames

 RewriteEngine On
 RewriteBase /
 RewriteCond %{QUERY_STRING} .*author=(.+.?) [NC]
 RewriteRule (.*) /blog/?author= [NC,L,R=301]


# No ETags
# Header unset ETag
# FileETag None

thanks for possible help
regards

Re: I *think* I found the apache2 docs, but it's in .html and I cannot get firefox to access it using "file:"+ /path/to/filedir

[Andrew M.A. Cater]

On Tue, Jun 21, 2022 at 11:55:56AM -0400, gene heskett wrote:
> Greetings all;
> 
> So how am I supposed to read these installed docs?
> 
> Thanks all.
> 
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
>  soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
>  - Louis D. Brandeis
>

>From a web browser?

file:///usr/share/doc/apache2-doc

That's three slashes - file:// - two slashes - and then the filesystem path.

Hope this helps, with every good wish, as ever,

Andy Cater 

Re: X coordinates displayed interactively.

[Vincent Lefevre]

On 2022-06-19 18:38:50 +0200, Andreas Rönnquist wrote:
> A simple solution would be something like the one described in
> 
> https://askubuntu.com/questions/346913/show-realtime-mouse-cursor-coordinates-cursor-mod-overlay-also-copy-to-c

I've added my own, complete solution:

  xterm -geometry 9x1+0+0 +sb -sl 0 -T 'Mouse location' -e '
set -e; tput civis; stty quit "^[";
while true; do
  eval $(xdotool getmouselocation --shell) && printf "%4d %4d\r" $X $Y;
  sleep .05;
done'

(this can be written on one line if need be).

Some explanations:
  * The -geometry 9x1+0+0 puts the terminal at the top left, with the
expected size.
  * The +sb tells xterm not to display a scrollbar.
  * The -sl 0 avoids an unnecessary scrolling buffer.
  * The tput civis makes the cursor invisible (it would be annoying).
  * The stty quit "^[" allows one to quit with the Esc key instead of
Ctrl-\.
  * Concerning the sleep value, I find 0.1 too large; 0.05 seems OK.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

I *think* I found the apache2 docs, but it's in .html and I cannot get firefox to access it using "file:"+ /path/to/filedir

[gene heskett]

Greetings all;

So how am I supposed to read these installed docs?

Thanks all.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Status of Virtualbox in debian

[Joe]

On Tue, 21 Jun 2022 12:35:08 +0100
Peter Hillier-Brook  wrote:

> On 21/06/2022 11:53, Siard wrote:
> > On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:  
> >> On 20/06/2022 14:55, Siard wrote:  
> >>> On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote:  
>  Has something changed that makes virtualbox workable again,  
> >>>
> >>> I have the Virtualbox 6.1.34 package for Debian 11, downloaded
> >>> from www.virtualbox.org, working fine in Debian 12 (Bookworm).  
> >>
> >> Have you succeeded in gaining support for USB? I haven't yet got
> >> past the  and guest Additions stage.  
> > 
> > Indeed, USB appears not to be working. (Never used it.)
> > I have dkms and dh-dkms installed.
> > The VirtualBox-6.1 deb has been installed and upgraded with 'dpkg
> > -i'. It also puts VBoxGuestAdditions.iso into /usr/share/virtualbox.
> > Then in the guest OS you can choose Devices > Insert Guest
> > Additions CD image... from the menu.
> > More about installing and maintaining the guest additions:
> > www.virtualbox.org/manual/ch04.html#additions-linux
> > 
> > I should also note that right now there appear to be problems with
> > the latest kernel, 5.18.0. The message in the terminal where VB was
> > started from, says: "WARNING: The vboxdrv kernel module is not
> > loaded. Either there is no module available for the current kernel
> > (5.18.0-1-amd64) or it failed to load." Probably a temporary
> > problem. When starting Debian with the previous kernel 5.17.0, VB
> > still works.  
> 
> Thanks for the quick response. Without correctly functioning guest 
> additions - by which I specifically mean USB - VirtualBox is almost 
> useless for me. I would agree with you that kernel 5.18.0 is the most 
> likely source of the problem and living on in hope is the best option.
>

Yes, I was using it a few years ago, and a new Debian kernel made the
guest additions unusable. I forget what I needed them for, but gave up
on VB then. I dare say a later version of the VB additions fixed the
problem, but there was no knowing how long this would take, or whether
this would happen after every kernel upgrade.

-- 
Joe

Re: SSH timeout logoff don't work!

[Greg Wooledge]

On Tue, Jun 21, 2022 at 02:02:38PM +0200, Conti Stefano wrote:
> Excuse me but i sure you that i use this practice from many years and
> always work in the past. I've a other distro, an "old" Debian 9 and a
> Centos 7 with SSH version 7.4p1 and i'm sure work all well because i
> put  ClientAliveInterval 15 and after 15 seconds SSH session closed!

sshd_config(5) says:

 ClientAliveInterval
 Sets a timeout interval in seconds after which if no data has
 been received from the client, sshd(8) will send a message
 through the encrypted channel to request a response from the
 client.  The default is 0, indicating that these messages will
 not be sent to the client.

Nothing here relates to *idle* sessions.  If you scroll up to the previous
section:

 ClientAliveCountMax
 Sets the number of client alive messages which may be sent with‐
 out sshd(8) receiving any messages back from the client. [...]

 The default value is 3.  If ClientAliveInterval is set to 15, and
 ClientAliveCountMax is left at the default, unresponsive SSH
 clients will be disconnected after approximately 45 seconds.
 Setting a zero ClientAliveCountMax disables connection termina‐
 tion.

This still doesn't relate to idle sessions.  It's there to remove
*non-responsive* sessions -- ones where the client has crashed, or
where the network connection between the client and server has stopped
transmitting packets.

SSH timeout logoff don't work!

[Conti Stefano]

Excuse me but i sure you that i use this practice from many years and
always work in the past. I've a other distro, an "old" Debian 9 and a
Centos 7 with SSH version 7.4p1 and i'm sure work all well because i
put  ClientAliveInterval 15 and after 15 seconds SSH session closed!
 However thanks for your time of course!   


On Tue, Jun 21, 2022 at 10:05:43AM +0200, Conti Stefano wrote:
> Hello! In My Debian 11 SSH timeout logoff not work! I must put in
> .bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
> course, but close all bash terminal!
> 
> This is my sshd_config with info for timeout: 
> 
> TCPKeepAlive no
> ClientAliveInterval 600
> ClientAliveCountMax 0

Those settings *are not* supposed to close an idle ssh session. 
Nothing
in ssh is supposed to close an idle session.  There isn't any facility
to do that, because it's entirely contrary to the design of ssh.

Your TMOUT solution is the standard way to appease the managerial
morons
who are asking this of you.  It asks the shell to terminate if it's
sitting idle for however many seconds you specify.  If the shell
closes,
then the ssh session is free to close as well, assuming there are no
active tunneling connections, etc.

Re: Status of Virtualbox in debian

[Boyan Penkov]

On 6/21/22 07:35, Peter Hillier-Brook wrote:

On 21/06/2022 11:53, Siard wrote:

On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:

On 20/06/2022 14:55, Siard wrote:

On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote: :

www.virtualbox.org/manual/ch04.html#additions-linux

I should also note that right now there appear to be problems with 
the latest
kernel, 5.18.0. The message in the terminal where VB was started 
from, says:
"WARNING: The vboxdrv kernel module is not loaded. Either there is no 
module

available for the current kernel (5.18.0-1-amd64) or it failed to load."
Probably a temporary problem. When starting Debian with the previous 
kernel

5.17.0, VB still works.


Thanks for the quick response. Without correctly functioning guest 
additions - by which I specifically mean USB - VirtualBox is almost 
useless for me. I would agree with you that kernel 5.18.0 is the most 
likely source of the problem and living on in hope is the best option.


Hey folks -- I was OP on the thread that raised the dmks issue; with 
thanks to Keith Bainbridge, ensuring linux-kernel-headers for 5.18 were 
installed, and then reinstalling virtualbox and virtualbox-dkms resolved 
the issue for me.  I can confirm this is working on 5.18.0-1-amd64 right 
now.


Peter HB

Re: Status of Virtualbox in debian

[Peter Hillier-Brook]

On 21/06/2022 11:53, Siard wrote:

On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:

On 20/06/2022 14:55, Siard wrote:

On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote:

Has something changed that makes virtualbox workable again,


I have the Virtualbox 6.1.34 package for Debian 11, downloaded from
www.virtualbox.org, working fine in Debian 12 (Bookworm).


Have you succeeded in gaining support for USB? I haven't yet got past
the  and guest Additions stage.


Indeed, USB appears not to be working. (Never used it.)
I have dkms and dh-dkms installed.
The VirtualBox-6.1 deb has been installed and upgraded with 'dpkg -i'.
It also puts VBoxGuestAdditions.iso into /usr/share/virtualbox.
Then in the guest OS you can choose Devices > Insert Guest Additions CD image...
from the menu.
More about installing and maintaining the guest additions:
www.virtualbox.org/manual/ch04.html#additions-linux

I should also note that right now there appear to be problems with the latest
kernel, 5.18.0. The message in the terminal where VB was started from, says:
"WARNING: The vboxdrv kernel module is not loaded. Either there is no module
available for the current kernel (5.18.0-1-amd64) or it failed to load."
Probably a temporary problem. When starting Debian with the previous kernel
5.17.0, VB still works.


Thanks for the quick response. Without correctly functioning guest 
additions - by which I specifically mean USB - VirtualBox is almost 
useless for me. I would agree with you that kernel 5.18.0 is the most 
likely source of the problem and living on in hope is the best option.


Peter HB

Re: SSH timeout logoff don't work!

[Greg Wooledge]

On Tue, Jun 21, 2022 at 10:05:43AM +0200, Conti Stefano wrote:
> Hello! In My Debian 11 SSH timeout logoff not work! I must put in
> .bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
> course, but close all bash terminal!
> 
> This is my sshd_config with info for timeout: 
> 
> TCPKeepAlive no
> ClientAliveInterval 600
> ClientAliveCountMax 0

Those settings *are not* supposed to close an idle ssh session.  Nothing
in ssh is supposed to close an idle session.  There isn't any facility
to do that, because it's entirely contrary to the design of ssh.

Your TMOUT solution is the standard way to appease the managerial morons
who are asking this of you.  It asks the shell to terminate if it's
sitting idle for however many seconds you specify.  If the shell closes,
then the ssh session is free to close as well, assuming there are no
active tunneling connections, etc.

Re: Status of Virtualbox in debian

[Siard]

On Tue, 21 Jun 2022 00:05 +0100, Peter Hillier-Brook wrote:
> On 20/06/2022 14:55, Siard wrote:
> > On Mon, 20 Jun 2022 14:21 +0200, Anders Andersson wrote:
> > > Has something changed that makes virtualbox workable again,
> > 
> > I have the Virtualbox 6.1.34 package for Debian 11, downloaded from
> > www.virtualbox.org, working fine in Debian 12 (Bookworm).
>
> Have you succeeded in gaining support for USB? I haven't yet got past 
> the  and guest Additions stage.

Indeed, USB appears not to be working. (Never used it.)
I have dkms and dh-dkms installed.
The VirtualBox-6.1 deb has been installed and upgraded with 'dpkg -i'.
It also puts VBoxGuestAdditions.iso into /usr/share/virtualbox.
Then in the guest OS you can choose Devices > Insert Guest Additions CD image...
from the menu.
More about installing and maintaining the guest additions:
www.virtualbox.org/manual/ch04.html#additions-linux

I should also note that right now there appear to be problems with the latest
kernel, 5.18.0. The message in the terminal where VB was started from, says:
"WARNING: The vboxdrv kernel module is not loaded. Either there is no module
available for the current kernel (5.18.0-1-amd64) or it failed to load."
Probably a temporary problem. When starting Debian with the previous kernel
5.17.0, VB still works.

: SSH timeout logoff don't work!

[Conti Stefano]

If I put ClientAliveCountMax 1 with ClientAliveInterval 600 timeout is
1200 inmy Debian 11. I have try all combinations but at the moment
nothing happen; session stay alive! There is somethng but i don't
understand what keep alive the session...
--- Begin Message ---


Le mardi 21 juin 2022 à 10:05 +0200, Conti Stefano a écrit :
> Hello! In My Debian 11 SSH timeout logoff not work! I must put in
> .bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
> course, but close all bash terminal!
> 
> This is my sshd_config with info for timeout: 
> 
> TCPKeepAlive no
> ClientAliveInterval 600
> ClientAliveCountMax 0
>  
> Any suggest?

Disclaimer: I am not knowledgeable in ssh/sshd matters

If I am not wrong, from what I understand from sshd_config manpage:
https://manpages.debian.org/bullseye/openssh-server/sshd_config.5.en.html
this behavior is what it is supposed to be: 
DisconnectionDelay=ClientAliveInterval*ClientAliveCountMax
(times expressed in seconds)

ClientAliveCountMax set to 0 disables disconnection and is set by
default to 3.

For example, to have a 10mn disconnection delay, you could set:
- ClientAliveCountMax to 3 (default) and ClientAliveInterval to 200
- ClientAliveCountMax to 1 and ClientAliveInterval to 600
- ClientAliveCountMax to 10 and ClientAliveInterval to 60
...


--- End Message ---

Re: SSH timeout logoff don't work!

[didier gaumet]

Le mardi 21 juin 2022 à 10:05 +0200, Conti Stefano a écrit :
> Hello! In My Debian 11 SSH timeout logoff not work! I must put in
> .bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
> course, but close all bash terminal!
> 
> This is my sshd_config with info for timeout: 
> 
> TCPKeepAlive no
> ClientAliveInterval 600
> ClientAliveCountMax 0
>  
> Any suggest?

Disclaimer: I am not knowledgeable in ssh/sshd matters

If I am not wrong, from what I understand from sshd_config manpage:
https://manpages.debian.org/bullseye/openssh-server/sshd_config.5.en.html
this behavior is what it is supposed to be: 
DisconnectionDelay=ClientAliveInterval*ClientAliveCountMax
(times expressed in seconds)

ClientAliveCountMax set to 0 disables disconnection and is set by
default to 3.

For example, to have a 10mn disconnection delay, you could set:
- ClientAliveCountMax to 3 (default) and ClientAliveInterval to 200
- ClientAliveCountMax to 1 and ClientAliveInterval to 600
- ClientAliveCountMax to 10 and ClientAliveInterval to 60
...

SSH timeout logoff don't work!

[Conti Stefano]

Hello! In My Debian 11 SSH timeout logoff not work! I must put in
.bashrc of my user: TMOUT=600 to loogut after 10 minutes. Work, of
course, but close all bash terminal!

This is my sshd_config with info for timeout: 

TCPKeepAlive no
ClientAliveInterval 600
ClientAliveCountMax 0
 
Any suggest?