Re: avahi-daemon allow/deny interfaces question

[Gareth Evans]

On Thu 14 Jul 2022, at 01:03, Ram Ramesh  wrote:
[...]
> I take back some of what I said. It is both - I mean usb 
> autosupend+avahi_daemon. I need to keep the adaptor from autosuspending 
> and tell avahi-daemon not to disable the interface in the OS.
>
> I also found the power/control entry in /sys/bus/usb/ for my usb 
> NIC. It is not in the usual place. lsusb does not list my usb ethernet 
> adapter at all. I had to manually search to find it and set its 
> power/control to "on"
>
> With all this done, so far my net is up and running fine. Will wait a 
> couple days with a couple of reboots to make sure I have captured all 
> fixes in some boot scripts. After that this problem can be thought of as 
> solved.

Hi Ramesh,

There are numerous reports (mostly old, afaics) of the issue you describe, but 
with various suggested reasons.  

I suspect the avahi related part is a consequence rather than a cause - I 
didn't think avahi was capable of disabling interfaces, the message looks like 
it's updating a table/list (etc) and "...no longer relevant..." messages appear 
in my syslog if I deliberately disconnect from wifi.

Please can you provide syslog extracts from just before and during a time when 
this has happened, using:

$ sudo cat /var/log/syslog | grep -i -E "avahi|network"
(must be capital -E and no spaces around the | inside the speech marks)

Is there anything that seems relevant in

$ sudo dmesg -T

?

Out of interest, did you try running for a while with just the power management 
tweak?

Thanks,
Gareth

Re: cups broken

[gene heskett]

On 7/13/22 19:27, Brian wrote:

On Wed 13 Jul 2022 at 16:10:56 -0400, gene heskett wrote:


On 7/13/22 15:14, Brian wrote:

On Wed 13 Jul 2022 at 13:21:07 -0400, gene heskett wrote:

[Broken lines mended to give a readable original post.]


Blame that in tbird.

Yet another part of the compting experience tou are unable to
control?
  

I give up, the driverless printer cups installs automaticaly cannot be
deleted and has taken over from the brother drivers that work,
preventing me from using the printer at all.

So how do I disable the driverless junk? Is that a separate package
that is removable?  cups doesn't even offer to disable this
non-working garbage.  Thanks for any good clues.

Driverless printing is only possible when avahi-daemon is on the
system. Your solution is obvious.


avahi-daemon 0.8-5 is installed.

Is this the avahi-daemon that, in the past, you have characterised as
unfit to be used on a local network and that didn't deserve any of
your disk space.
True, but that is all, none of its kin is.  And I did find out how to 
defeat it. But

when I went to look, that file has vanished and its still working.

So what happened that got /etc/dhcpcd.conf removed?
It had a fallback stanza near the bottom that I had edited in
the default eth0 config.  That finally got rid of the totally bogus 
169.xx.yy.zz

routing address. Now the file is gone,  and its still working.

 See the ppd driverless attached to my
previous msg it just now made.
It looks busted to me.

Broken files are best not used. Remove and follow my previos advice.

I have. and cups brings it back automatically on the restart that does. 
Probably

20 times I've deleted it. Its back before I can look to see if its gone.

Take care and stay well, Brian.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: cups broken

[gene heskett]

On 7/13/22 18:25, Gareth Evans wrote:

On 13 Jul 2022, at 22:04, gene heskett  wrote:
On 7/13/22 15:15, Gareth Evans wrote:

[...]
Out of interest, which model printer(s) has the issue?

Brother MFC-J6920DW A huge tabloid capable printer/scanner

# lpinfo -v

first off, none of that stuff is available to the user unless he has hacked his 
$PATH

You only have to do this once as root/sudo to set up the queue

QUEUENAME is whatever you want to call the printer queue.

So, eg:

# lpadmin -p J6920 -v  ipp://Brother%20MFC-J6920DW._ipp._tcp.local/  -E -m 
everywhere

Before and after you execute the above, what is output of:

$ driverless


before (after deleting it) ipp://Brother%20MFC-J6920DW._ipp._tcp.local/
and after running that cmd:ipp://Brother%20MFC-J6920DW._ipp._tcp.local/

?
it printed a test page, but when I checked the options and changed it to 
bottom, and
took the 1/4" of paper out of the top tray, its now asking for paper in 
tray #1. So it took

a sheet out of the top tray to do the test page.

Adding an everywhere queue via lpadmin may fix this:


using the everywhere default, the printer goes
busy for about the time the print job should take, 20 minutes or so, never 
moves any
thing looking for paper, and at the end of the receiving data time, reverts to 
its idle screen.

but it will be interesting to see about the tray selection issue.
That is not working so I've put copy paper in the top tray and will try 
to print that
web page I need. It turned out the color images were being blocked by 
FF's pop-up blocker.
Bondtech thinks they are being cute I guess.  And the speed was about 
normal. But that
41 pages is just the beginning, now I have to find the page that shows 
me how to put it

back together with the new, different, parts.

Thanks Gareth, Take care & stay well.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: avahi-daemon allow/deny interfaces question

[Ram Ramesh]

Hi Ramesh,

Please could you post some example daemon.log entries and any surrounding 
entries that seem related?

Also is there anything in

/var/log/syslog


that seems to relate?

Perhaps

$ sudo cat /var/log/syslog | grep x

where x = the interface name concerned.

Thanks,
Gareth


Hi Gareth,

 This is what I find in daemon.log
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Withdrawing address record 
for fe80::daeb:97ff:febf:5ad0 on enxd8eb97bf5ad0.
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Withdrawing address record 
for 192.168.1.124 on enxd8eb97bf5ad0.


After this happens, most of my net access goes down. Firefox cannot get 
to google.com/youtube.com. DNS lookup also returns nothing for external 
hosts. I see similar messages on /var/log/syslog also



Jul 12 18:27:16 new-yoda avahi-daemon[441]: Interface 
enxd8eb97bf5ad0.IPv6 no longer relevant for mDNS.
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Leaving mDNS multicast 
group on interface enxd8eb97bf5ad0.IPv6 with address 
fe80::daeb:97ff:febf:5ad0.
Jul 12 18:27:16 new-yoda dhclient[550]: receive_packet failed on 
enxd8eb97bf5ad0: Network is down
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Interface 
enxd8eb97bf5ad0.IPv4 no longer relevant for mDNS.
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Leaving mDNS multicast 
group on interface enxd8eb97bf5ad0.IPv4 with address 192.168.1.124.
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Withdrawing address 
record for fe80::daeb:97ff:febf:5ad0 on enxd8eb97bf5ad0.
Jul 12 18:27:16 new-yoda avahi-daemon[441]: Withdrawing address 
record for 192.168.1.124 on enxd8eb97bf5ad0.
Jul 12 18:27:17 new-yoda kernel: [ 8560.412306] asix 1-1:1.0 eth0: 
register 'asix' at usb-:00:14.0-1, ASIX AX88772 USB 2.0 Ethernet, 
d8:eb:97:bf:5a:d0
Jul 12 18:27:17 new-yoda NetworkManager[448]:  [1657668437.0609] 
manager: (eth0): new Ethernet device 
(/org/freedesktop/NetworkManager/Devices/6)
Jul 12 18:27:17 new-yoda systemd-udevd[1494]: Using default interface 
naming scheme 'v247'.
Jul 12 18:27:17 new-yoda systemd-udevd[1494]: ethtool: autonegotiation 
is unset or enabled, the speed and duplex are not writable.
Jul 12 18:27:17 new-yoda kernel: [ 8560.449674] asix 1-1:1.0 
enxd8eb97bf5ad0: renamed from eth0
Jul 12 18:27:17 new-yoda NetworkManager[448]:  [1657668437.1103] 
device (eth0): interface index 5 renamed iface from 'eth0' to 
'enxd8eb97bf5ad0'
Jul 12 18:27:17 new-yoda systemd-udevd[1494]: ethtool: autonegotiation 
is unset or enabled, the speed and duplex are not writable.
Jul 12 18:27:19 new-yoda ModemManager[489]:  [base-manager] 
couldn't check support for device 
'/sys/devices/pci:00/:00:14.0/usb1/1-1': not supported by any 
plugin


Looks like kernel finds usb NIC again and tries to do something? Since 
dhclient is not aware, it does not know how to handle. I get this from 
dhclient for the *next* DHCPDISCOVER/REQUEST


Jul 12 19:45:04 new-yoda dhclient[550]: DHCPREQUEST for 192.168.1.124 
on enxd8eb97bf5ad0 to 192.168.1.254 port 67
Jul 12 19:45:04 new-yoda dhclient[550]: send_packet: Network is 
unreachable
Jul 12 19:45:04 new-yoda dhclient[550]: send_packet: please consult 
README file regarding broadcast address.


Hope you can find something useful. For now, I simply edited 
avahi-daemon.conf and denied this interface as one not to be 
observed/managed. That fixed the part of the problem. Other issue is 
reported in one of my followup.


Regards
Ramesh

Re: Converting an old Chromebook to pure Debian, was: OT, Recommendation for low cost laptop

[Joel Roth]

On Mon, Jul 11, 2022 at 11:55:02AM +0100, Ottavio Caruso wrote:
> Hi, inspired by:
> 
> On 11/07/2022 08:32, john doe wrote:
> 
> > I'm looking for something cheap (max would be around 300 bucks), do you
> > have any suggestions/ideas?
> 
> 
> My local Cash-Converter/Generator(s) have plenty of old-ish Chromebooks for
> £50 or less.
> 
> I know it's possible to run some sort of Linux with trickeries like Crouton
> or similar. I wonder if it's just possible to nuke all Google related junk
> and install native Debian or is it not technically possible?

Crouton lets you install a native debian. You have to put
the Chromebook into developer mode first.

One problem I had (ten years back or so) was that every
subsequent boot brings up a dialog to *leave* developer mode. 
Saying yes clobbers the system you painstakingly installed.

cheers

> 
> -- 
> Ottavio Caruso
> 
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
> A: Top-posting.
> Q: What is the most annoying thing in e-mail?
> 

-- 
Joel Roth

Re: avahi-daemon allow/deny interfaces question

[Ram Ramesh]

On 7/12/22 19:21, Ram Ramesh wrote:

On 7/11/22 11:30, Ram Ramesh wrote:

Experts,

  I have a firewall machine built recently and it runs debian 
bullseye (v11). It has two ethernet interfaces - one internal ($intf) 
and one external ($extf). My external port runs dhclient to get its 
IP address and internal port runs dnsmasq to provide DNS service to 
internal/protected hosts. Usual iptables rules are established to 
prevent attack/entry into internal net from external net and allow 
proper internet access to internal net hosts.


  I had this system working fine (on an older machine) since debian 
5.0.7. I have not upgraded that machine as it is working fine. 
However that hardware is too old (10+ years) and I wanted to replace 
it with something more modern running latest OS and that is why I 
built the above machine.


 My old machine does not seem have avahi-daemon. So, it runs fine. 
However, my new machine has this daemon running which notices that 
$extif does not have much activity and disables it after some timeout 
idle time. I initially thought my firewall rules are suspect and was 
banging my head for a while adding extra rules for 
DHCPDISCOVER/REQUEST etc thinking that those are blocked. Today I 
noticed that my $extif is vanishing and /var/log/daemon.log shows 
some avahi-daemon messages about that interface being 
disabled/withdrawn or some such thing.


As a next step, I want to tell avahi-daemon that it should not work 
on that interface as it is not meant to be fooled around. Do I use 
deny-interface $extif or allow-interface $intif only? Which is 
proper? Will doing one of these solve my problem of $extif vanishing 
from ifconfig?


If you think there is something else that I can do that is better, 
please let me know that too.


Much appreciate any help.

Please let me know if you need anything else that will help to 
resolve this problem.


Regards
Ramesh



It appears that this is not an issue with avahi-daemon. My $extif is 
through usb NIC and that seem to go down due to some sort of powersave 
autosuspend.  Currently I am running ping -i 60  and that 
keeps the net up and $extif has not vanished for a day.


I did some googling on how to disable autosuspend, but answers were 
quite confusing. Do you know a simple way to disable autopowerdown of 
just this usb NIC? May be there is something that I can do with ethtool?


Regards
Ramesh



I take back some of what I said. It is both - I mean usb 
autosupend+avahi_daemon. I need to keep the adaptor from autosuspending 
and tell avahi-daemon not to disable the interface in the OS.


I also found the power/control entry in /sys/bus/usb/ for my usb 
NIC. It is not in the usual place. lsusb does not list my usb ethernet 
adapter at all. I had to manually search to find it and set its 
power/control to "on"


With all this done, so far my net is up and running fine. Will wait a 
couple days with a couple of reboots to make sure I have captured all 
fixes in some boot scripts. After that this problem can be thought of as 
solved.


Regards
Ramesh

Re: SSH resources, specifically on certificates (certificate authentication)

[Dan Purgert]

On Jul 13, 2022, David Wright wrote:
> On Wed 13 Jul 2022 at 18:40:18 (-0400), Dan Purgert wrote:
> > On Jul 13, 2022, rhkra...@gmail.com wrote:
> > > I seem to have gone down a rabbit hole.
> > > 
> > > I want(ed?) to set up ssh on my LAN using certificate authentication, and 
> > > am 
> > > having a lot of trouble finding the information I need / would like to 
> > > have.
> > 
> > Which is what, exactly?  Other than the "active mailing list" you
> > mentioned in a snipped segment.
> > 
> > SSH with cert-auth is pretty trivial to implement on most distros:
> > 
> > 1. install openssh-server (if not already installed) on SERVER (the
> > machine you will connect to)
> > 2. on the CLIENT (machine you will connect from), run ssh-keygen to
> > generate a new ssh keypair.  For example --  ssh-keygen -t ed25519 -f
> > keyfile -- will generate a new ED25519-based keypair ("keyfile" and
> > "keyfile.pub").
> > 3. copy the content of keyfile.pub to $HOME/.ssh/authorized_keys on the
> > SERVER machine
> > 4. try logging into SERVER with your key (e.g. ssh -i keyfile
> > user@SERVER) 
> > 
> > For "best security" repeat steps 2-4 on all CLIENT machines to create
> > individual client keys -- just make sure to APPEND to authorized_keys.
> 
> That's what I do, but that's /key/ authentication, not cert.
> (Search for "certificate" in   man ssh-keygen   to see what's
> involved with certificates.) I'm afraid I'm not up to speed
> on that topic.

*sigh* indeed, I crossed my thinking. :(

Should be basically the same -- at least the manpages for ssh and
ssh-keygen cover it pretty well...

 ssh-keygen -s /path/to/ca -I keyid /peth/to/user_public

sshd apparently needs a "cert-authority" parameter set at start-time, so
that it knows the signing CA for the certs, and then you (apparently)
configure authorized_keys in the same manner.  

I've never seen this implemented in any place I've worked in
the last 2 decades (granted, I "only" have said 2 decades of
"professional" experience); rather they've always used either (a) keys,
or (b) password + RSA Token (or other 2FA / TOTP mechanism)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: SSH resources, specifically on certificates (certificate authentication)

[David Christensen]

On 7/13/22 13:11, rhkra...@gmail.com wrote:

I seem to have gone down a rabbit hole.

I want(ed?) to set up ssh on my LAN using certificate authentication, and am
having a lot of trouble finding the information I need / would like to have.

I won't go into much detail now, but I didn't realize how big a subject ssh
is, and although I'm finding a lot of resources of various sorts (man pages,
articles, tutorials), I'm also finding a lot of incomplete, confusing,
conflicting, out-of-date, and, sometimes, afaict incorrect information.

I'd like to find an active mailing list that provides support for ssh.  Of the
mailing lists I've found, one went defunct in 2001, another in 2011, and the
Debian ssh list is for developers / maintainers, not for support.

I didn't (and don't want to read a book (but with all the other stuff I've
read, I probably could have read a book or two by now), I have found an online
book that was published in 2001 and does not address certificates (certificates
are listed in the index, but they are talking about ssl certificates).

My intention was to learn how to use certificates for ssh authentication on my
small LAN, and then, in view of how confusing the documentation I found seemed
to be, to try to write a wiki page (or several) (on WikiLearn) to try to be as
clear as possible.  (And, in addition to not wanting to read a book, nor do I
want to write one.)

So, I should mention some of the resources I've found (I've looked at a bunch,
and won't try to list them here), the two best I've found so far are:

* 
[[https://dev.to/gvelrajan/how-to-configure-and-setup-ssh-certificates-for-
ssh-authentication-b52][How to configure and setup SSH certificates for SSH
authentication]]

* [[https://smallstep.com/blog/use-ssh-certificates/][If you’re not using
SSH certificates you’re doing SSH wrong]]

If I can't find an ssh specific mailing list that is willing to consider support
questions, I'll probably start posting some of my questions here.

Thanks!



Buy and read "TLS Mastery" by Lucas:

https://mwl.io/nonfiction/networking#tls


David

Re: cups broken

[Brian]

On Wed 13 Jul 2022 at 16:10:56 -0400, gene heskett wrote:

> On 7/13/22 15:14, Brian wrote:
> > On Wed 13 Jul 2022 at 13:21:07 -0400, gene heskett wrote:
> > 
> > [Broken lines mended to give a readable original post.]
> > 
> Blame that in tbird.

Yet another part of the compting experience tou are unable to
control?
 
> > > I give up, the driverless printer cups installs automaticaly cannot be
> > > deleted and has taken over from the brother drivers that work,
> > > preventing me from using the printer at all.
> > > 
> > > So how do I disable the driverless junk? Is that a separate package
> > > that is removable?  cups doesn't even offer to disable this
> > > non-working garbage.  Thanks for any good clues.
> > Driverless printing is only possible when avahi-daemon is on the
> > system. Your solution is obvious.
> > 
> avahi-daemon 0.8-5 is installed.

Is this the avahi-daemon that, in the past, you have characterised as
unfit to be used on a local network and that didn't deserve any of
your disk space.

> See the ppd driverless attached to my
> previous msg it just now made.
> It looks busted to me.

Broken files are best not used. Remove and follow my previos advice.

-- 
Brian.

Re: SSH resources, specifically on certificates (certificate authentication)

[David Wright]

On Wed 13 Jul 2022 at 18:40:18 (-0400), Dan Purgert wrote:
> On Jul 13, 2022, rhkra...@gmail.com wrote:
> > I seem to have gone down a rabbit hole.
> > 
> > I want(ed?) to set up ssh on my LAN using certificate authentication, and 
> > am 
> > having a lot of trouble finding the information I need / would like to have.
> 
> Which is what, exactly?  Other than the "active mailing list" you
> mentioned in a snipped segment.
> 
> SSH with cert-auth is pretty trivial to implement on most distros:
> 
> 1. install openssh-server (if not already installed) on SERVER (the
> machine you will connect to)
> 2. on the CLIENT (machine you will connect from), run ssh-keygen to
> generate a new ssh keypair.  For example --  ssh-keygen -t ed25519 -f
> keyfile -- will generate a new ED25519-based keypair ("keyfile" and
> "keyfile.pub").
> 3. copy the content of keyfile.pub to $HOME/.ssh/authorized_keys on the
> SERVER machine
> 4. try logging into SERVER with your key (e.g. ssh -i keyfile
> user@SERVER) 
> 
> For "best security" repeat steps 2-4 on all CLIENT machines to create
> individual client keys -- just make sure to APPEND to authorized_keys.

That's what I do, but that's /key/ authentication, not cert.
(Search for "certificate" in   man ssh-keygen   to see what's
involved with certificates.) I'm afraid I'm not up to speed
on that topic.

Cheers,
David.

Re: SSH resources, specifically on certificates (certificate authentication)

[Jeremy Ardley]

On 14/7/22 6:40 am, Dan Purgert wrote:

On Jul 13, 2022, rhkra...@gmail.com wrote:

I seem to have gone down a rabbit hole.

I want(ed?) to set up ssh on my LAN using certificate authentication, and am
having a lot of trouble finding the information I need / would like to have.

Which is what, exactly?  Other than the "active mailing list" you
mentioned in a snipped segment.

SSH with cert-auth is pretty trivial to implement on most distros:



I understand that certificate based SSH authentication has problems with 
overall security management on a network. Password only has similar 
problems.


The correct solution seems to be a centrally managed authentication 
server but I haven't found any simple guide to implementing that in the 
Debian environment. Is there any useful tutorial available?




--

Jeremy



OpenPGP_signature
Description: OpenPGP digital signature

Re: SSH resources, specifically on certificates (certificate authentication)

[Dan Purgert]

On Jul 13, 2022, rhkra...@gmail.com wrote:
> I seem to have gone down a rabbit hole.
> 
> I want(ed?) to set up ssh on my LAN using certificate authentication, and am 
> having a lot of trouble finding the information I need / would like to have.

Which is what, exactly?  Other than the "active mailing list" you
mentioned in a snipped segment.

SSH with cert-auth is pretty trivial to implement on most distros:

1. install openssh-server (if not already installed) on SERVER (the
machine you will connect to)
2. on the CLIENT (machine you will connect from), run ssh-keygen to
generate a new ssh keypair.  For example --  ssh-keygen -t ed25519 -f
keyfile -- will generate a new ED25519-based keypair ("keyfile" and
"keyfile.pub").
3. copy the content of keyfile.pub to $HOME/.ssh/authorized_keys on the
SERVER machine
4. try logging into SERVER with your key (e.g. ssh -i keyfile
user@SERVER) 

For "best security" repeat steps 2-4 on all CLIENT machines to create
individual client keys -- just make sure to APPEND to authorized_keys.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: cups broken

[Gareth Evans]

> On 13 Jul 2022, at 22:04, gene heskett  wrote:
> On 7/13/22 15:15, Gareth Evans wrote:
>> [...]
>> Out of interest, which model printer(s) has the issue?
> Brother MFC-J6920DW A huge tabloid capable printer/scanner

>> # lpinfo -v
> first off, none of that stuff is available to the user unless he has hacked 
> his $PATH 

You only have to do this once as root/sudo to set up the queue

QUEUENAME is whatever you want to call the printer queue.

So, eg:

# lpadmin -p J6920 -v  ipp://Brother%20MFC-J6920DW._ipp._tcp.local/  -E -m 
everywhere

Before and after you execute the above, what is output of:

$ driverless

?

Adding an everywhere queue via lpadmin may fix this:

> using the everywhere default, the printer goes
> busy for about the time the print job should take, 20 minutes or so, never 
> moves any
> thing looking for paper, and at the end of the receiving data time, reverts 
> to its idle screen.

but it will be interesting to see about the tray selection issue.

Thanks,
Gareth

 

Devenu lenteur au boot

[benoit]

Ca boot, mais j'ai un nouveau problème, le POST (power-on self-test) se déroule 
bien, GUB me propose de booter sur debian, ça affiche "loading initial ramdisk" 
et puis juste un tiret qui clignote un long moment avant que les lignes de 
messages de démarrage se mettent à défiler normalement (quiet_boot="0" 
/etc/grub.d/10_linux est configuré pour montrer les lignes du démarrage).

Je ne sais pas à quoi est dû ce long moment

Là je suis perdu...

--- Original Message ---
Le mercredi 13 juillet 2022 à 02:40, Hugues Larrive  a écrit

> Normalement c'est une partition msdos, sur mon système j'ai une ligne dans 
> fstab :
> UUID=9A05-3C9C /boot/efi vfat umask=0077 0 1

Ok pour ça.

> # ls -R /boot/efi/
> /boot/efi/:
> EFI
>
> /boot/efi/EFI:
> debian
>
> /boot/efi/EFI/debian:
> BOOTX64.CSV fbx64.efi grub.cfg grubx64.efi mmx64.efi shimx64.efi

Ok pour ça.

> Je ne sais pas si c'est standard, c'était à l'origine une installation debian 
> 8 i386 sur un core2 duo en MBR, que j'ai mis à jour en 9 puis 10 et 
> "crossgradé" en amd64. Elle doit en être également à son 3ème PC et 5ème 
> disque dur.
>
> Les fichiers .efi proviennent du package grub-efi-amd64 et de shim 
> (dépendance).

Installé ok

> Avec EFI/GPT il faut oublier le concept de partition active ou boot flag, les 
> informations
> de boot sont stockées dans la NVRAM/CMOS de la carte-mère. On peut les lire 
> avec la commande efibootmgr :
> # efibootmgr
> BootCurrent: 000F
> Timeout: 1 seconds
> BootOrder: 0011,000F,000E,0003,0012,0004,0001,0006,0005
> Boot0001* Windows Boot Manager
> Boot0003* IBA GE Slot 00C8 v1555
> Boot0004* UEFI: Built-in EFI Shell
> Boot0005* Generic Usb Device
> Boot0006* CD/DVD Device
> Boot000E* TOSHIBA DT01ACA050
> Boot000F* debian
> Boot0011* KingFast
> Boot0012* USB2.0 CardReader
>
> Ici KingFast est le SSD où est installé ma debian, on peut voir qu'il est en 
> premier dans le BootOrder mais que BootCurrent est sur debian donc sans 
> "installation" ça n'aurait pas fonctionné.
>
>> Il faudra aussi réécrire un nouvel fstab avec de nouveau UUID je suppose que 
>> si on change la table de partition les UUID, ne sont plus les même ?
>
> Ça c'est effectivement la première chose à faire. Pour connaître les UUID qui 
> vont bien pour fstab j'utilise simplement la commande ls -l /dev/disk/by-uuid.

Fait, j'ai vérifié que chaque ligne du fstab affiche bien le bon UUID et de 
fait la swap n'avait pas le bon UUID.

> L'installation de grub-efi doit être effectuée dans un chroot avec la 
> partition efi montée, par exemple avec sda1 comme partition efi et sda2 comme 
> racine :
> mkdir /mnt/target
> mount /dev/sda2 /mnt/target
> mount /dev/sda1 /mnt/target/boot/efi
> cd /mnt/target
> for m in dev dev/pts proc run sys sys/firmware/efi/efivars; do mount --bind 
> /$m $m; done
> chroot .
> grub-install /dev/sda
> update-grub
> exit
> reboot

J'ai pu le faire sans chroot du coup, puisque ça finit par booter après un long 
moment.
update-grub me dit juste après coup qu'il ne cherche pas d'autres os mais comme 
je n'en ai qu'un tout est normal.

J'ai juste des ACPI Warning dans l'output de dmesg, je ne sais pas si c'est une 
bonne piste.

--

[ 1.309697] Freeing unused kernel image (text/rodata gap) memory:
2040K
[ 1.310327] Freeing unused kernel image (rodata/data gap) memory:
1672K
[ 1.406224] x86/mm: Checked W+X mappings: passed, no W+X pages
found.
[ 1.406226] x86/mm: Checking user space page tables
[ 1.463409] x86/mm: Checked W+X mappings: passed, no W+X pages
found.
[ 1.463422] Run /init as init process
[ 1.463424] with arguments:
[ 1.463425] /init
[ 1.463426] with environment:
[ 1.463427] HOME=/
[ 1.463428] TERM=linux
[ 1.463429] BOOT_IMAGE=/boot/vmlinuz-5.18.0-2-amd64
[ 1.577488] ACPI Warning: SystemIO range 0x0428-
0x042F conflicts with OpRegion 0x0400-
0x047F (\_SB.PCI0.LPCB.PMIO) (20211217/utaddress-204)
[ 1.577501] ACPI: OSL: Resource conflict; ACPI support missing from
driver?
[ 1.577505] ACPI Warning: SystemIO range 0x0540-
0x054F conflicts with OpRegion 0x0500-
0x054B (\_SB.PCI0.LPCB.OGIO) (20211217/utaddress-204)
[ 1.577512] ACPI: OSL: Resource conflict; ACPI support missing from
driver?
[ 1.577514] ACPI Warning: SystemIO range 0x0530-
0x053F conflicts with OpRegion 0x0500-
0x054B (\_SB.PCI0.LPCB.OGIO) (20211217/utaddress-204)
[ 1.577521] ACPI: OSL: Resource conflict; ACPI support missing from
driver?
[ 1.577523] ACPI Warning: SystemIO range 0x0500-
0x052F conflicts with OpRegion 0x0500-
0x054B (\_SB.PCI0.LPCB.OGIO) (20211217/utaddress-204)
[ 1.577529] ACPI: OSL: Resource conflict; ACPI support missing from
driver?
--

Benoît

Re: cups broken

[gene heskett]

On 7/13/22 15:15, Gareth Evans wrote:

On 13 Jul 2022, at 18:21, gene heskett  wrote:
I give up, the driverless printer cups installs automaticaly cannot be deleted 
and has
taken over from the brother drivers that work, preventing me from using the 
printer at all.

So how do I disable the driverless junk? Is that a separate package that is 
removable?
cups doesn't even offer to disable this non-working garbage.
Thanks for any good clues.

Hi Gene,

Out of interest, which model printer(s) has the issue?

Brother MFC-J6920DW A huge tabloid capable printer/scanner


There are options in

/etc/cups/cupsd.conf

to disable automatic queue creation for autodetected IPP/dns-sd/etc/etc 
printers.

You may find that

# lpinfo -v
first off, none of that stuff is available to the user unless he has 
hacked his $PATH statement.

The above produces:
gene@coyote:/etc/cups/ppd$ /usr/sbin/lpinfo -v
file cups-brf:/
network socket
file cups-pdf:/
network ipps
network http
network lpd
network https
network beh
network ipp
direct usb://Brother/MFC-J6920DW?serial=BROG5F229909
direct usb://Brother/HL-L2320D%20series?serial=U63877H0N346913
serial serial:/dev/ttyS0?baud=115200
serial serial:/dev/ttyUSB0?baud=230400
serial serial:/dev/ttyUSB1?baud=230400
file cups-x2go:/
network bjnp
network 
dnssd://Brother%20MFC-J6920DW._ipp._tcp.local/?uuid=e3248000-80ce-11db-8000-30055c8a2dc8

network ipp://Brother%20MFC-J6920DW._ipp._tcp.local/ <---
network lpd://BRN30055C8A2DC8/BINARY_P1
network tea4cups:socket
network tea4cups:lpd
serial tea4cups:serial:/dev/ttyS0?baud=115200
serial tea4cups:serial:/dev/ttyUSB0?baud=230400
serial tea4cups:serial:/dev/ttyUSB1?baud=230400
network tea4cups:ipp
network tea4cups:ipps
network tea4cups:bjnp
network tea4cups:https
network tea4cups:http
network tea4cups:beh
direct tea4cups://


copy the ipp:// url for the printer concerned

Then

# lpadmin -p QUEUENAME -v IPP_URL_HERE -E -m everywhere

produces a functional queue
Using the arrowed return line above, what then does the lpadmin cmd line 
look like?


What is QUEUENAME? Arbitrary/anything?

Thanks Gareth, but I just posted an attcachment of the ppd it generated, 
looks busted to me.
Let me repeat for probably the 20th time, that brothers drivers have 
been working flawlessly
with this printer for several years and many installs since wheezy was a 
puppy.


You'll see that ppd specs the bottom tray, but it actually uses the top 
tray, that I normally keep
$mucho dollars photo paper in. Removed in self defense of my bank 
balance until this behaves.


Thanks Gareth

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: cups broken

[Gareth Evans]

On Wed 13 Jul 2022, at 20:36, Brian  wrote:
> On Wed 13 Jul 2022 at 20:12:28 +0100, Gareth Evans wrote:
[...]
>> 
>> Hi Gene, 
>> 
>> Out of interest, which model printer(s) has the issue?
>> 
>> There are options in
>> 
>> /etc/cups/cupsd.conf
>> 
>> to disable automatic queue creation for autodetected IPP/dns-sd/etc/etc 
>> printers.
>

> No such options exist in cupsd.conf.

Hi Brian,

I meant cups-browsed.conf at least as regards IPP network printer queues, which 
I think might remain helpful despite revision of the problem description.  I 
had momentarily confused DNS-SD as being one of whatever everywhere, driverless 
etc are.

$ cat /etc/cups/cups-browsed.conf

# Set CreateIPPPrinterQueues to "No" to not auto-create print queues
# for IPP network printers.

# CreateIPPPrinterQueues No
# CreateIPPPrinterQueues LocalOnly
# CreateIPPPrinterQueues Everywhere
# CreateIPPPrinterQueues AppleRaster
# CreateIPPPrinterQueues Everywhere AppleRaster
# CreateIPPPrinterQueues Driverless
# CreateIPPPrinterQueues All

Best wishes,
Gareth

SSH resources, specifically on certificates (certificate authentication)

[rhkramer]

I seem to have gone down a rabbit hole.

I want(ed?) to set up ssh on my LAN using certificate authentication, and am 
having a lot of trouble finding the information I need / would like to have.

I won't go into much detail now, but I didn't realize how big a subject ssh 
is, and although I'm finding a lot of resources of various sorts (man pages, 
articles, tutorials), I'm also finding a lot of incomplete, confusing, 
conflicting, out-of-date, and, sometimes, afaict incorrect information.

I'd like to find an active mailing list that provides support for ssh.  Of the 
mailing lists I've found, one went defunct in 2001, another in 2011, and the 
Debian ssh list is for developers / maintainers, not for support.

I didn't (and don't want to read a book (but with all the other stuff I've 
read, I probably could have read a book or two by now), I have found an online 
book that was published in 2001 and does not address certificates (certificates 
are listed in the index, but they are talking about ssl certificates).

My intention was to learn how to use certificates for ssh authentication on my 
small LAN, and then, in view of how confusing the documentation I found seemed 
to be, to try to write a wiki page (or several) (on WikiLearn) to try to be as 
clear as possible.  (And, in addition to not wanting to read a book, nor do I 
want to write one.)

So, I should mention some of the resources I've found (I've looked at a bunch, 
and won't try to list them here), the two best I've found so far are:

   * [[https://dev.to/gvelrajan/how-to-configure-and-setup-ssh-certificates-for-
ssh-authentication-b52][How to configure and setup SSH certificates for SSH 
authentication]]

   * [[https://smallstep.com/blog/use-ssh-certificates/][If you’re not using 
SSH certificates you’re doing SSH wrong]]

If I can't find an ssh specific mailing list that is willing to consider 
support 
questions, I'll probably start posting some of my questions here.

Thanks!
 
-- 
rhk

If you reply: snip, snip, and snip again; leave attributions; avoid top 
posting; and keep it "on list".  (Oxford comma included at no charge.)  If you 
change topics, change the Subject: line. 

A picture is worth a thousand words -- divide by 10 for each minute of video 
(or audio) or create a transcript and edit it to 10% of the original.

Re: cups broken

[gene heskett]

On 7/13/22 15:14, Brian wrote:

On Wed 13 Jul 2022 at 13:21:07 -0400, gene heskett wrote:

[Broken lines mended to give a readable original post.]


Blame that in tbird.


I give up, the driverless printer cups installs automaticaly cannot be
deleted and has taken over from the brother drivers that work,
preventing me from using the printer at all.

So how do I disable the driverless junk? Is that a separate package
that is removable?  cups doesn't even offer to disable this
non-working garbage.  Thanks for any good clues.

Driverless printing is only possible when avahi-daemon is on the
system. Your solution is obvious.

avahi-daemon 0.8-5 is installed. See the ppd driverless attached to my 
previous msg it just now made.

It looks busted to me.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: cups broken

[gene heskett]

On 7/13/22 13:59, John Conover wrote:

gene heskett writes:

I give up, the driverless printer cups installs automaticaly cannot be
deleted and has
taken over from the brother drivers that work, preventing me from using
the printer at all.

So how do I disable the driverless junk? Is that a separate package that
is removable?
cups doesn't even offer to disable this non-working garbage.
Thanks for any good clues.


Hi Gene. If its a network connected printer, then the driverless
connection will be PROBABLY default to PCL5e/PCL6, (or maybe ipp,)
which the modern Brother printers support.

Older Brother printers do not support PCL and/or ipp, and require a
specific Brother printer set of drivers for network connectivity.

If its an older printer, you might attempt a re-install of the Brother
printer drivers, and cups(1) SHOULD remove any existing PCL/ipp
drivers during installation, (famous last words.) BTW,
x86_64-linux-gnu has to be installed on my machines for the the
Brother printer drivers to compile.

/etc/cups/ppd/* and/or /usr/local/Brother/* and/or /opt/Brother/* may
provide some information.

 John
The problem here would appear to be the ipp everywhere driver used by 
default
ignores the tray 2 src, looks at tray 1, and calls for paper, which I 
have removed
from tray 1 because its 50 cents a sheet photo paper. Cups calls them 
main and
bottom. instead of tray 1 or tray 2 but you can select on the set 
default options
screen, bottom, main or automatic, in all 3 cases the printer looks at 
the top tray only.


The printer also has a net port, assigned a local address, and sane even 
uses it to
drive its scanner, but any attempts to set up a net que are met with a 
no device

found error from cups. ./usr/sbin/lpinfo -v shows:

gene@coyote:~/Downloads/brother-drivers$ /usr/sbin/lpinfo  -v
network socket
file cups-brf:/
file cups-pdf:/
network ipps
network ipp
network https
serial serial:/dev/ttyS0?baud=115200
serial serial:/dev/ttyUSB0?baud=230400
serial serial:/dev/ttyUSB1?baud=230400
network beh
network lpd
direct usb://Brother/MFC-J6920DW?serial=BROG5F229909
network http
direct usb://Brother/HL-L2320D%20series?serial=U63877H0N346913
file cups-x2go:/
network bjnp
network 
dnssd://Brother%20MFC-J6920DW._ipp._tcp.local/?uuid=e3248000-80ce-11db-8000-30055c8a2dc8

network ipp://Brother%20MFC-J6920DW._ipp._tcp.local/
network lpd://BRN30055C8A2DC8/BINARY_P1
network tea4cups:socket
network tea4cups:lpd
serial tea4cups:serial:/dev/ttyS0?baud=115200
serial tea4cups:serial:/dev/ttyUSB0?baud=230400
serial tea4cups:serial:/dev/ttyUSB1?baud=230400
network tea4cups:ipp
network tea4cups:ipps
network tea4cups:bjnp
network tea4cups:https
network tea4cups:http
network tea4cups:beh
direct tea4cups://


I have re-installed the brother drivers 3 times now, and they have 
always worked
flawlessly until the last cups update, but now cups refuses to do 
anything beyond
a test page during the driver install. All I get from 
localhost:631->print test page,

is endless requester's on the printer screen for more paper in tray 1.

I am repairing an $850 Prusa 3d printer by modifying the problem parts 
with better stuff.
But the teardown instructions are 61 pages, using the everywhere 
default, the printer goes
busy for about the time the print job should take, 20 minutes or so, 
never moves any
thing looking for paper, and at the end of the receiving data time, 
reverts to its idle screen.


The other half of the problem is that I've known Mike Sweet since his 
college days in the
later '80's when we were both using color computers. Now I can't even 
subscribe to the

cups.org user mailing list.

I have 2 brother printers here, the other is the workhorse $120 laser, 
and it works.


But it is B and what I want to print is in color and color of wires is 
important for this.


I'll move some duplex copy paper to tray 1 just for S Test page 
works. And so does
the 61 page instructions doc, but single sided, and face up meaning its 
printing the last
page first, will use 61 sheet of paper and take a couple hours. And I 
canceled the job,
it is not printing any of the pix from the web pages. This, using the 
brother drivers, is a

4 pages a minute in full color.

I just found that utilities man page for driverless,
and had it generate a ppd with this commandline:
 driverless cat driverless:ipp://Brother%20MFC-J6920DW._ipp._tcp.local/ 
>MFC-J6920DW.ppd


And that MFC-J6920DW.ppd is attached. If that is what it got from the 
printer, it looks busted to me.


Thanks John.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 


MFC-J6920DW.ppd
Description: application/vnd.cups-ppd

Re: cups broken

[Brian]

On Wed 13 Jul 2022 at 20:12:28 +0100, Gareth Evans wrote:

> 
> > On 13 Jul 2022, at 18:21, gene heskett  wrote:
> > I give up, the driverless printer cups installs automaticaly cannot be 
> > deleted and has
> > taken over from the brother drivers that work, preventing me from using the 
> > printer at all.
> > 
> > So how do I disable the driverless junk? Is that a separate package that is 
> > removable?
> > cups doesn't even offer to disable this non-working garbage.
> > Thanks for any good clues.
> 
> Hi Gene, 
> 
> Out of interest, which model printer(s) has the issue?
> 
> There are options in
> 
> /etc/cups/cupsd.conf
> 
> to disable automatic queue creation for autodetected IPP/dns-sd/etc/etc 
> printers.

No such options exist in cupsd.conf.

-- 
Brian.

Re: cups broken

[Brian]

On Wed 13 Jul 2022 at 10:56:15 -0700, John Conover wrote:

> gene heskett writes:
> > I give up, the driverless printer cups installs automaticaly cannot be 
> > deleted and has
> > taken over from the brother drivers that work, preventing me from using 
> > the printer at all.
> > 
> > So how do I disable the driverless junk? Is that a separate package that 
> > is removable?
> > cups doesn't even offer to disable this non-working garbage.
> > Thanks for any good clues.
> >
> 
> Hi Gene. If its a network connected printer, then the driverless
> connection will be PROBABLY default to PCL5e/PCL6, (or maybe ipp,)
> which the modern Brother printers support.

 * PCL5e/PCL6 are not driverless PDLs and both are irrelevant.
 * ipp is a protocol. Absolutely nothing to do with PCL5e/PCL6.
   (But ipp is essential for  driverless printing).

-- 
Brian.

Re: cups broken

[Gareth Evans]

> On 13 Jul 2022, at 18:21, gene heskett  wrote:
> I give up, the driverless printer cups installs automaticaly cannot be 
> deleted and has
> taken over from the brother drivers that work, preventing me from using the 
> printer at all.
> 
> So how do I disable the driverless junk? Is that a separate package that is 
> removable?
> cups doesn't even offer to disable this non-working garbage.
> Thanks for any good clues.

Hi Gene, 

Out of interest, which model printer(s) has the issue?

There are options in

/etc/cups/cupsd.conf

to disable automatic queue creation for autodetected IPP/dns-sd/etc/etc 
printers.

You may find that

# lpinfo -v

copy the ipp:// url for the printer concerned

Then

# lpadmin -p QUEUENAME -v IPP_URL_HERE -E -m everywhere

produces a functional queue

Thanks
Gareth

> 
> Cheers, Gene Heskett.
> -- 
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
> - Louis D. Brandeis
> Genes Web page 

Re: cups broken

[Brian]

On Wed 13 Jul 2022 at 13:21:07 -0400, gene heskett wrote:

[Broken lines mended to give a readable original post.]

> I give up, the driverless printer cups installs automaticaly cannot be
> deleted and has taken over from the brother drivers that work,
> preventing me from using the printer at all.
> 
> So how do I disable the driverless junk? Is that a separate package
> that is removable?  cups doesn't even offer to disable this
> non-working garbage.  Thanks for any good clues.

Driverless printing is only possible when avahi-daemon is on the
system. Your solution is obvious.

-- 
Brian.

Re: cups broken

[John Conover]

gene heskett writes:
> I give up, the driverless printer cups installs automaticaly cannot be 
> deleted and has
> taken over from the brother drivers that work, preventing me from using 
> the printer at all.
> 
> So how do I disable the driverless junk? Is that a separate package that 
> is removable?
> cups doesn't even offer to disable this non-working garbage.
> Thanks for any good clues.
>

Hi Gene. If its a network connected printer, then the driverless
connection will be PROBABLY default to PCL5e/PCL6, (or maybe ipp,)
which the modern Brother printers support.

Older Brother printers do not support PCL and/or ipp, and require a
specific Brother printer set of drivers for network connectivity.

If its an older printer, you might attempt a re-install of the Brother
printer drivers, and cups(1) SHOULD remove any existing PCL/ipp
drivers during installation, (famous last words.) BTW,
x86_64-linux-gnu has to be installed on my machines for the the
Brother printer drivers to compile.

/etc/cups/ppd/* and/or /usr/local/Brother/* and/or /opt/Brother/* may
provide some information.

John

-- 

John Conover, cono...@panix.com, http://www.johncon.com/

Re: cups broken

[mick crane]

On 2022-07-13 18:21, gene heskett wrote:

I give up, the driverless printer cups installs automaticaly cannot be
deleted and has
taken over from the brother drivers that work, preventing me from
using the printer at all.

So how do I disable the driverless junk? Is that a separate package
that is removable?
cups doesn't even offer to disable this non-working garbage.
Thanks for any good clues.


I've usually managed once discovered what CUPS thinks the printer is 
called.

Not seen this documentation on github before.
https://openprinting.github.io/cups/doc/admin.html

mick

cups broken

[gene heskett]

I give up, the driverless printer cups installs automaticaly cannot be 
deleted and has
taken over from the brother drivers that work, preventing me from using 
the printer at all.


So how do I disable the driverless junk? Is that a separate package that 
is removable?

cups doesn't even offer to disable this non-working garbage.
Thanks for any good clues.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Resolve static linking

[David Wright]

On Wed 13 Jul 2022 at 00:01:31 (-0500), Igor Korot wrote:
> On Tue, Jul 12, 2022 at 10:10 PM David Wright  
> wrote:
> > On Tue 12 Jul 2022 at 21:48:08 (-0500), Igor Korot wrote:
> >
> > > igor@debian:~/dbhandler/Debug$ ls -la /usr/local/lib/
> > > [ … ]
> > > drwxr-xr-x  3 root root 4096 Jul  9 16:52 python3.9
> >
> > > 2. There is python 3.9 folder there
> > > I now I didn't install anything python specific and so the box
> > > should contain only the default python implementation
> > >
> > > Is there a way to find what this python folder about?
> >
> > $ grep local/lib/python /var/lib/dpkg/info/*
> 
> [code]
> igor@debian:~/dbhandler/Debug$  grep local/lib/python /var/lib/dpkg/info/*
> /var/lib/dpkg/info/python3.9-minimal.postinst:if [ ! -e
> /usr/local/lib/python3.9 ]; then
> /var/lib/dpkg/info/python3.9-minimal.postinst:mkdir -p
> /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:chmod $perm
> /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:chown
> root:$group /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:
> localsite=/usr/local/lib/python3.9/dist-packages
> /var/lib/dpkg/info/python3.9-minimal.postrm:rmdir --parents
> /usr/local/lib/python3.9 2>/dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.prerm:
> localsite=/usr/local/lib/python3.9/dist-packages
> 
> igor@debian:~/dbhandler/Debug$
> [/code]
> 
> What package are we talking about?
> 
> > will give you the name of the package that's creating this.
> >
> > /usr/share/doc/python3.9-minimal/README.Debian.gz will tell
> > you about this package.

It's difficult to believe that you read the last sentence of my post
because:

$ zcat /usr/share/doc/python3.9-minimal/README.Debian.gz | head -n 2
Contents of the python3.9-minimal package
-
$ 

The bulk of the matches came from the package's post-installation
script, which creates the directory/folder your OP enquired about.

Sorry, but with your having installed sid within the last year,
I thought you'd be able to figure things out from half a dozen
lines of output.

Cheers,
David.

Re: Resolve static linking

[Greg Wooledge]

On Wed, Jul 13, 2022 at 12:01:31AM -0500, Igor Korot wrote:
> igor@debian:~/dbhandler/Debug$  grep local/lib/python /var/lib/dpkg/info/*
> /var/lib/dpkg/info/python3.9-minimal.postinst:if [ ! -e
> /usr/local/lib/python3.9 ]; then
> /var/lib/dpkg/info/python3.9-minimal.postinst:mkdir -p
> /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:chmod $perm
> /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:chown
> root:$group /usr/local/lib/python3.9 2> /dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.postinst:
> localsite=/usr/local/lib/python3.9/dist-packages
> /var/lib/dpkg/info/python3.9-minimal.postrm:rmdir --parents
> /usr/local/lib/python3.9 2>/dev/null || true
> /var/lib/dpkg/info/python3.9-minimal.prerm:
> localsite=/usr/local/lib/python3.9/dist-packages
> 
> igor@debian:~/dbhandler/Debug$
> [/code]
> 
> What package are we talking about?

It's right there in your output, half a dozen times.

python3.9-minimal

Re: avahi-daemon allow/deny interfaces question

[Gareth Evans]

On Wed 13 Jul 2022, at 01:21, Ram Ramesh  wrote:
> Do you know a simple way to disable autopowerdown of 
> just this usb NIC? May be there is something that I can do with ethtool?

I wonder if powertop may be of use here.  

It has a "tunables" section where (I think) power-saving features can be 
toggled between "good" (on?) or "bad" (off?) by pressing Enter or Space when 
selected, though neither man powertop nor its (github) website 

01.org/powertop

explains the significance  or difference between "good" and "bad", but maybe 
worth trying?

Best wishes,
Gareth