Re: help needed to get a bookworm install to succeed

[David Christensen]

On 3/31/24 02:18, DdB wrote:

Hello list,

i intend to create a huge backup server from some oldish hardware.
Hardware has been partly refurbished and offers 1 SSD + 8 HDD on a 6core
Intel with 64 GB RAM.
Already before assembling the hardware, grub was working from the SSD,
which got lvm partitioning and is basically empty. As i have no working
CD drive nor can this old machine boot from USB, i put an ISO for
bookworm onto an lvm-LV. Using grub, i can manually boot from that ISO
and see the first installer screens. But after asking some questions,
the installer wants to mount the external media (ISO), and does not find
it on sd[a-z], then aborts.
By switching to Desktop 4, i can see the attempt to search for the
"CD"-drive, which is bound to fail.
I am not familiar with the very restricted shell, that is available from
the installer (busybox) and have not yet found an approach to circumvent
my problems. i would like to use the installer, as debootstrapping would
necessitate alot more knowledge than mine.

Suggestions are welcome :-)
DdB




A computer with a 6-core processor, 64 GB memory, and 9 drive bays/ 
ports that cannot boot USB?  That does not make sense.



Please post a console session that identifies the ISO you are using, 
verifies the checksum, burns the ISO to a USB flash drive, and compares 
the ISO against the flash drive.



Then insert the USB flash drive into a USB port on the the target 
computer, power up and enter Setup, reset the settings to factory 
defaults, enable USB booting, set the USB flash drive as the first boot 
device, save, and exit.  The Debian installer should then boot.



David

Re: Debian 12.5 up-to-date Xfce, Firefox clings to USB stick

[Antti-Pekka Känsälä]

I filed bug report 1068122. I feel fine, despite my concern over my data.
Heartfelt thanks for all the advice!

Re: making Debian secure by default

[Roberto C . Sánchez]

On Mon, Apr 01, 2024 at 01:45:07AM +, Andy Smith wrote:
> Hi,
> 
> On Sun, Mar 31, 2024 at 07:19:41PM -0500, Nicholas Geovanis wrote:
> > I would think A Smith's comment here was directed to this interesting bit
> > from the report he cited:
> > 
> > Given the activity over several weeks, the committer is either directly
> > involved or there was some quite severe compromise of their
> > system. Unfortunately the latter looks like the less likely explanation,
> > given
> > they communicated on various lists about the "fixes" mentioned above.
> > 
> > End quote.
> 
> I don't really want to go much further into this as the person I
> responded to was clearly further upset by what I said, but all I was
> suggesting was not getting too worked up about things that are so
> far out of one's control.
> 
> To bring this sort of thing somewhat more under humanity's control
> is going to take some very large scale reworking of how the open
> source software supply chain works, possibly even how society works.
> It's not something that can be achieved by an end user with a best
> practices document or a security checklist. Unless step one on the
> list is "give up general purpose computing."
> 
> In the xz case the further you go looking for a root cause the wider
> the implications are:
> 
> Q: Why was there a back door in sshd?
> A: Because some malicious code was linked to it.
> 
> Q: How did malicious code get linked to it?
> A: Its lzma dependency was compromised.
> 
> Q: Who compromised the lzma dependency?
> A: One of the developers of that project who had full rights to
> commit code to it.
> 
> Q: Why did a persona that no one knows anything about get full
> access rights to a code repository that is linked to openssh?
> A: Because they did some work over a period of years that looked
> genuine and the single other developer who was overwhelmed with work
> decided to give them access based on that
> 
> Q: Why did lzma, a dependency of openssh, have a single overwhelmed
> developer?
> A: Because no one felt the need to pay a team of developers to work
> on it or audit work on it.
> 

I love this. It's a great example of the "5 whys" (I know one of the 5
here was technically a "how", but could have just as easily been
rephrased as a "why").

The final answer isn't comforting, but it certainly provides a clear and
actionable path: "ensure critical projects aren't understaffed."

It seems like an extremely obvious thing, the sort of thing that we
wouldn't let happen. But then this XKCD from a year or two ago wouldn't
be such an accurate representation of so many projects:
https://xkcd.com/2347/

(I'm sure it's probably been linked in a 1,000 different threads in a
1,000 different forums related to this problem by now.)

Regards,

-Roberto

-- 
Roberto C. Sánchez

Re: making Debian secure by default

[Andy Smith]

Hi,

On Sun, Mar 31, 2024 at 07:19:41PM -0500, Nicholas Geovanis wrote:
> I would think A Smith's comment here was directed to this interesting bit
> from the report he cited:
> 
> Given the activity over several weeks, the committer is either directly
> involved or there was some quite severe compromise of their
> system. Unfortunately the latter looks like the less likely explanation,
> given
> they communicated on various lists about the "fixes" mentioned above.
> 
> End quote.

I don't really want to go much further into this as the person I
responded to was clearly further upset by what I said, but all I was
suggesting was not getting too worked up about things that are so
far out of one's control.

To bring this sort of thing somewhat more under humanity's control
is going to take some very large scale reworking of how the open
source software supply chain works, possibly even how society works.
It's not something that can be achieved by an end user with a best
practices document or a security checklist. Unless step one on the
list is "give up general purpose computing."

In the xz case the further you go looking for a root cause the wider
the implications are:

Q: Why was there a back door in sshd?
A: Because some malicious code was linked to it.

Q: How did malicious code get linked to it?
A: Its lzma dependency was compromised.

Q: Who compromised the lzma dependency?
A: One of the developers of that project who had full rights to
commit code to it.

Q: Why did a persona that no one knows anything about get full
access rights to a code repository that is linked to openssh?
A: Because they did some work over a period of years that looked
genuine and the single other developer who was overwhelmed with work
decided to give them access based on that

Q: Why did lzma, a dependency of openssh, have a single overwhelmed
developer?
A: Because no one felt the need to pay a team of developers to work
on it or audit work on it.

Society demands that open source developers work, often for free,
and that they merge contributions. If they push back and say they
are unable to due to workload then they are encouraged to seek help
by adding more committers. That's what apparently happened here: the
attacker(s) seemingly counting on the pressure that would exist to
give them rights within the project. It is hammered in to open
source developers over and over:

Allow others to contribute, or even to take over, if you are too
busy. It's the right thing to do.

We have now seen proof of what has long been theorised: that the
above way of working is very vulnerable to attackers who are willing
to put in some effort, and that "enough eyes make all bugs shallow"
doesn't hold true unless the process is actually providing those
eyes.

I have no answers on how to fix such a deep-rooted societal problem
but I am not going to start yelling obscenities at people on public
mailing lists because they are wanting to discuss a CVE or whatever.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: making Debian secure by default

[Nicholas Geovanis]

On Fri, Mar 29, 2024, 12:24 PM Joe  wrote:

> On Fri, 29 Mar 2024 16:53:04 +
> Andy Smith  wrote:
>
> > Hello,
> >
> > On Thu, Mar 28, 2024 at 05:47:44PM -, Curt wrote:
> > > On 2024-03-28, Greg Wooledge  wrote:
> > > >
> > > > A more proactive endeavor would be to document known best
> > > > practices
> > >
> > > It makes no fucking difference, because your important data is
> > > elsewhere and completely out of your control.
> >
> > I WAS going to gently suggest that you have a lie down in a cool,
> > shaded room, but which of us had this on our 2024 bingo card?
> >
> > https://www.openwall.com/lists/oss-security/2024/03/29/4
> >
> > (Upstream xz/lzma project compromised, hostile code inserted into
> > sshd in Debian sid and other leading edge distros.)
> >
>
> Hah! Most of us remember Heartbleed.
>
> He's actually referring to credentials stored externally being
> compromised. I'm not sure what can be done about that: maybe make some
>

I would think A Smith's comment here was directed to this interesting bit
from the report he cited:

Given the activity over several weeks, the committer is either directly
involved or there was some quite severe compromise of their
system. Unfortunately the latter looks like the less likely explanation,
given
they communicated on various lists about the "fixes" mentioned above.

End quote. The issue appears to be a bad actor masquerading as (or being)
the real maintainer. There's no software-development or identity management
solution to that, it has to be organizational. We're lucky to have software
guys as sharp the one who caught this.

kind of, you know, law, about storing sensitive data, and prosecuting
> people who are responsible for failure to keep it secure... nothing
> like accountability for discouraging negligence.
>
> --
> Joe
>
>

Nettoyage du spam : mars 2024

[Jean-Pierre Giraud]

Bonjour,
Comme nous sommes en avril, il est désormais possible de traiter les
archives du mois de mars 2024 des listes francophones.

Si vous disposez d'un peu de temps, vous pouvez aussi traiter les mois de
mai 2021 à décembre 2021 inclus où il manque un relecteur pour achever le
traitement des spams

N'oubliez bien sûr pas d'ajouter votre nom à la liste des relecteurs
pour que nous sachions où nous en sommes.

Détails du processus de nettoyage du spam sur :

https://wiki.debian.org/I18n/FrenchSpamClean

Jean-Pierre Giraud


signature.asc
Description: This is a digitally signed message part

Re: making Debian secure by default

[gene heskett]

On 3/31/24 17:16, Andy Smith wrote:

Hello,

On Sun, Mar 31, 2024 at 04:27:52PM -0400, gene heskett wrote:

On 3/31/24 15:26, Roberto C. Sánchez wrote:

https://lists.debian.org/debian-security-announce/2024/msg00058.html

Does this mean its now safe to update our bookworm installs?


I am not aware of a time when it was not safe to do so, since the
ext4 corruption bug of December 2023.

What were you thinking of?


Just trying to clarify Andy.  Thatk you


Thanks,
Andy



Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: System hangs at GDM login or a bit later...

[nimrod]

On Wed, 2024-03-27 at 18:32 -0400, Jeffrey Walton wrote:
> On Wed, Mar 27, 2024 at 4:47 PM nimrod  wrote:
> > 
> > I'm having this annoying behaviour from GDM (or something related).
> > 
> > Quite ofter, after the GDM login screen appears, the host freezes
> > completely: every input device is unresponsive, no ssh connection
> > from another host is possible any more, no CTRL+ALT+CANC/F1-F6 is
> > working.
> > 
> > But the same happens also while I'm typing the username or the
> > password, or after the login screen disappears because the login
> > was successful, or even a bit after the dash has appeared at the
> > bottom of the screen.
> > 
> > Looking at boot.log, the last line before the next boot reads "[ OK
> > ] Started gdm.service - GNOME Display Manager".
> > 
> > Looking at syslog instead, the lines are not always the same, but
> > usually there is something like this:
> > 
> > 2024-03-27T17:57:25.479168+01:00 SW-GIULIANO /usr/libexec/gdm-x-
> > session[1831]: (II) Initializing extension RECORD
> > 2024-03-27T17:57:25.479455+01:00 SW-GIULIANO /usr/libexec/gdm-x-
> > session[1831]: (II) Initializing extension DPMS
> > 2024-03-27T17:57:25.479734+01:00 SW-GIULIANO /usr/libexec/gdm-x-
> > session[1831]: (II) Initializing ext2024-03-
> > 27T17:58:25.469753+01:00 SW-GIULIANO systemd-modules-load[394]:
> > Inserted module 'lp'
> > 2024-03-27T17:58:25.469853+01:00 SW-GIULIANO kernel: [ 0.00]
> > microcode: microcode updated early to revision 0xf4, date = 2023-
> > 02-23
> > 
> > Please note how the third line suddenly ends with "ext", followed
> > immediately by the first line written by the next boot sequence.
> > 
> > The"gdm-x-session" lines above are just the last of a very long
> > list. I can provide other logs if requested.
> > 
> > Any hint would be veri appreciated.
> 
> Can you boot to a previous kernel? Hold SHIFT when the BiOS hands off
> to Grub to get the Grub menu.

I went back to 6.1.0-17 kernel a couple of days ago and the system
didn't freeze so far. It's not enough to say the problem is solved,
because it is very random, but two days without freezing is encouraging
indeed.

I'll let you know how is going, thanks.

> 
> If not, then ... maybe a hardware problem. Start with a memory
> checker. Then move on to disabling the GPU.
> 
> Jeff
> 

Re: making Debian secure by default

[Andy Smith]

Hello,

On Sun, Mar 31, 2024 at 04:27:52PM -0400, gene heskett wrote:
> On 3/31/24 15:26, Roberto C. Sánchez wrote:
> > https://lists.debian.org/debian-security-announce/2024/msg00058.html
> Does this mean its now safe to update our bookworm installs?

I am not aware of a time when it was not safe to do so, since the
ext4 corruption bug of December 2023.

What were you thinking of?

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: making Debian secure by default

[gene heskett]

On 3/31/24 15:26, Roberto C. Sánchez wrote:

On Sun, Mar 31, 2024 at 07:00:50PM +, Andy Smith wrote:

Hello,

On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:

I just saw this advisory
   Escape sequence injection in util-linux wall (CVE-2024-28085)
 https://seclists.org/fulldisclosure/2024/Mar/35
where they're talking about grabbing other users sudo password.


I note that "write" and "wall" in Debian had setgid removed after this.

 
https://salsa.debian.org/debian/util-linux/-/commit/c4be137b4b09a855713c1f4d052dfee773c4ad3b
 
https://metadata.ftp-master.debian.org/changelogs//main/u/util-linux/util-linux_2.39.3-11_changelog


The fix has also been made to stable and oldstable:
https://lists.debian.org/debian-security-announce/2024/msg00058.html

Does this mean its now safe to update our bookworm installs?
TY.


Regards,

-Roberto


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Paquetes snap sin snap.

[JavierDebian]

El 30/3/24 a las 19:50, Carlos Villiere escribió:

El sáb, 30 mar 2024 a las 15:02, Camaleón (>) escribió:


El 2024-03-30 a las 09:23 -0300, JavierDebian escribió:
 >
 > El 30/3/24 a las 05:50, Camaleón escribió:
 > > El 2024-03-29 a las 09:07 -0300, JavierDebian escribió:
 > >
 > > > El 29/3/24 a las 06:49, Listas escribió:
 > > > > El jue, 28-03-2024 a las 14:59 -0300, JavierDebian escribió:
 > > > > > Buenas tardes.
 > > > > >
 > > > > > Proyecto para mi fin de semana:
 > > > > >
 > > > > > Instalar paquetes de SNAP sin instalar Snap.
 > > > > > Odio Snap.
 > > > >
 > > > > ¿Hay alguna razón para necesitar que sea un paquete snap?
 > > > > Quiero decir, ¿no está empaquetado en la distribución? ¿no se
 > > > > distribuye en otro formato?
 > > > >
 > > > > >
 > > > > > ¿Alguien tiene alguna idea o intentó algo?
 > > > >
 > > > > Nunca utilizé snap pero se podría buscar otro tipo de
contenedor, como
 > > > > un docker o similar, o simplemente compilarlo si está
disponible el
 > > > > código.
 > > > >
 > > > > Un saludo
 > > > >
 > > >
 > > > Buen día para todos y esperanza fundada para aquellos que
somos creyentes.
 > > >
 > > > El paquete en cuestión es Geogebra.
 > >
 > > (...)
 > >
 > > Parece que están reduciendo el soporte de la aplicación en Linux:
 > >
 > > 
 > > Can we expect an up-to-date Linux application package in the
near future?
 > >
https://www.reddit.com/r/geogebra/comments/17e0rpb/comment/k60gd50/

 > >
 > > mike_geogebra / hace 5 m
 > >
 > > Sorry, the only official way to run GeoGebra on Linux is in the
Chrome
 > > browser, or
 > >

https://wiki.geogebra.org/en/Reference:GeoGebra_Installation#GeoGebra_Classic_5_for_Desktop
 

 > > 
 >
 >
 > Justamente lo que decía.
 > Es una API de Chrome.
 > Se puede correr "stand alone" si uno revuelve la página de
descarga, que
 > hasta ahora no la han bloqueado para un acceso de fuerza bruta.
 > El sitio es
 > https://download.geogebra.org/installers/6.0
 y el paquete es
 > GeoGebra-Linux64-Portable-6-0-804-0.zip
 > No es fácil llegar, dado que no hay enlace alguno.
 > Lo que está está en SNAP, justamente, lo que hace es bajar esa
API y al
 > hacerla correr en modo "independiente" (no se ve el navegador),
parece que
 > es un paquete autónomo.
 > No me molesta correrlo así, lo que me molesta es SNAP.

No veo dependencia estricta/directa con Snap :-?

Si hay .deb de la versión 6.0 clásica para la arquitectura armhf¹, y
está disponible en otras distribuciones (Gentoo, Archlinux...) el
problema entonces que que NO hay nadie que lo empaquete para amd64 en
Debian, pero no parece una limitación impuesta por el desarrollador.


¹https://download.geogebra.org/installers/6.0/geogebra-classic_6.0.609.0-202010060653_armhf.deb
 

²https://packages.gentoo.org/packages/sci-mathematics/geogebra-bin

³https://archlinux.org/packages/extra/x86_64/geogebra/


Saludos,

-- 
Camaleón



> ¡Hola a todos!
> Tengo una versión para amd64 que corro en Debian 11 sin problemas y no
> tengo inconveniente en compartirla con ustedes. Lo que no sé,¿cómo
> hacerlas llegar?
> El archivo es geogebra-clasic_6.0.666.0-202109211234_amd64.deb
> Saludos
>

¿Dónde la bajaste?¿O la empaquetaste vos?

Saludos.

JAP

Re: making Debian secure by default

[Roberto C . Sánchez]

On Sun, Mar 31, 2024 at 07:00:50PM +, Andy Smith wrote:
> Hello,
> 
> On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:
> > I just saw this advisory
> >   Escape sequence injection in util-linux wall (CVE-2024-28085)
> > https://seclists.org/fulldisclosure/2024/Mar/35
> > where they're talking about grabbing other users sudo password.
> 
> I note that "write" and "wall" in Debian had setgid removed after this.
> 
> 
> https://salsa.debian.org/debian/util-linux/-/commit/c4be137b4b09a855713c1f4d052dfee773c4ad3b
> 
> https://metadata.ftp-master.debian.org/changelogs//main/u/util-linux/util-linux_2.39.3-11_changelog
> 
The fix has also been made to stable and oldstable:
https://lists.debian.org/debian-security-announce/2024/msg00058.html

Regards,

-Roberto
-- 
Roberto C. Sánchez

Re: making Debian secure by default

[Andy Smith]

Hello,

On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:
> I just saw this advisory
>   Escape sequence injection in util-linux wall (CVE-2024-28085)
> https://seclists.org/fulldisclosure/2024/Mar/35
> where they're talking about grabbing other users sudo password.

I note that "write" and "wall" in Debian had setgid removed after this.


https://salsa.debian.org/debian/util-linux/-/commit/c4be137b4b09a855713c1f4d052dfee773c4ad3b

https://metadata.ftp-master.debian.org/changelogs//main/u/util-linux/util-linux_2.39.3-11_changelog

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Debian 12.5 up-to-date Xfce, Firefox clings to USB stick

[David Wright]

On Sun 31 Mar 2024 at 09:42:37 (+0300), Antti-Pekka Känsälä wrote:
> I'm mounting and unmounting through the stick icon's menu on Xfce desktop.
> Maybe a fancy file chooser dialogue stays around analyzing the directory,
> as you suspect? But I'm worried my Gmail in Firefox is capable of stealing
> files off my USB stick.

I've no answer for that, particularly in view of Max's reply
to my previous post.

I've always copied files to and from USB sticks, floppy disks, CDs,
etc), using the hard disk as a staging area. That habit developed
thirty years ago on account of (other's) experience with Windows,
and the "stickiness" of its file choosers. This could lead to
problems when you attempted to renavigate to files, but hadn't got
the same devices plugged in as previously.

That's not much help to you because by doing that, you'd merely be
exposing your hard drive instead for analysis, to Firefox, or
worse, possibly to Gmail.

I run two instances of Firefox as a matter of course. One user's
instance is used for banking and other administrative tasks.
The other user's is for everything else. The latter is unable
to read any of the former's files. (Some people use different
machines to the same end.)

Cheers,
David.

Re: help needed to get a bookworm install to succeed

[David Wright]

On Sun 31 Mar 2024 at 11:18:30 (+0200), DdB wrote:

> Already before assembling the hardware, grub was working from the SSD,
> which got lvm partitioning and is basically empty. As i have no working
> CD drive nor can this old machine boot from USB, i put an ISO for
> bookworm onto an lvm-LV. Using grub, i can manually boot from that ISO
> and see the first installer screens. But after asking some questions,
> the installer wants to mount the external media (ISO), and does not find
> it on sd[a-z], then aborts.
> By switching to Desktop 4, i can see the attempt to search for the
> "CD"-drive, which is bound to fail.
> I am not familiar with the very restricted shell, that is available from
> the installer (busybox) and have not yet found an approach to circumvent
> my problems. i would like to use the installer, as debootstrapping would
> necessitate alot more knowledge than mine.

My memory of doing this is rusty, as it's a while since my
Seattle2 machine finally expired. I would try downloading the
kernel¹ and initrd from:

  
http://http.us.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/debian-installer/amd64/

as these can search for the ISO in a greater range of locations.
I'd copy the two files onto the hard disk, and use an entry like:

  menuentry "Install Debian via HTTP" {
search --no-floppy --label --set=root noah03
linux   /boot/linux priority=low
initrd  /boot/initrd.gz
  }

in Grub to boot it. (Add a custom entry, or just edit a preexisting
entry to suit. BTW I use LABELs on my disks.) Make sure the kernel
versions are the same for those two files and the ISO.

https://www.debian.org/releases/bookworm/amd64/apas02.en.html#howto-getting-images-hard-disk
https://www.debian.org/releases/bookworm/amd64/ch05s01.en.html#boot-initrd
https://www.debian.org/releases/bookworm/amd64/ch04s04.en.html

¹ I see linux, rather than vmlinuz, at that location now.

Cheers,
David.

Re: help needed to get a bookworm install to succeed

[Michael Kjörling]

On 31 Mar 2024 11:18 +0200, from debianl...@potentially-spam.de-bruyn.de (DdB):
> As i have no working
> CD drive nor can this old machine boot from USB, i put an ISO for
> bookworm onto an lvm-LV. Using grub, i can manually boot from that ISO
> and see the first installer screens. But after asking some questions,
> the installer wants to mount the external media (ISO), and does not find
> it on sd[a-z], then aborts.

I would suggest to write the _same_ ISO file to a USB stick of
sufficient size, and leave the USB stick connected while running the
installer. The installer should detect the USB stick and use that as
the source for installation, regardless of how you booted into the
installer.

As long as both media contain the same data, this should be completely
unproblematic.

Think of it as a variation of, in the old days, booting the installer
from a floppy (on a system that couldn't boot from CD) but actually
installing from a CD.

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: Installation minimaliste

[David P.]

Bonjour,

Si ça peut vous aider, j'utilise habituellement ces lignes de commandes pour un 
Linux minimaliste avec interface graphique Mate (ma préférence !) qui se lance 
avec startx pour certaines utilisations ponctuelles (explorateur Web, 
libreoffice, etc...)

- Avec un ISO debian netinstall, je n'installe que la version Linux de base 
seul, il suffit de ne cocher que Linux seul sans les interfaces graphiques, 
avec ou sans serveur SSH,

- après installation et update/upgrade, je tape cette ligne de commande (en 
root) :
#apt install xorg mesa-utils mate-desktop-environment-core

- je lance $startx

Et j'installe des logiciels libres.

L'avantage est que j'aie toujours le mode console au démarrage.

Librement,
David

⁣Télécharger BlueMail pour Android ​

Le 31 mars 2024 à 14:37, à 14:37, "François LE GAD"  a 
écrit:
>Le 29/03/2024 à 18:19, Alex PADOLY a écrit :
>
>> Si on veut effectuer une installation minimaliste, faut-il choisir le
>
>> mode expert à l'installation pour maitriser le maximum de chose à
>> l'installation.
>>
>Tu dois avoir quelque part dans l'installateur le choix d'installer le
>système de base, c'est à dire le minimum, sans serveur graphique.
>Tu ajoutes ensuite ce qu'il te faut en ligne de commande, avec apt.
>
>--
>François

Re: help needed to get a bookworm install to succeed

[Felix Miata]

DdB composed on 2024-03-31 11:18 (UTC+0200):

> Suggestions are welcome :-)

https://www.debian.org/CD/netinst/

All my installations use this NET method. What I usually do though is extract
linux and initrd.gz from it or directly from the mirrors and load them with Grub
rather than booting the NET .iso.
-- 
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata

Re: Installation minimaliste

[François LE GAD]

Le 29/03/2024 à 18:19, Alex PADOLY a écrit :

Si on veut effectuer une installation minimaliste, faut-il choisir le 
mode expert à l'installation pour maitriser le maximum de chose à 
l'installation.


Tu dois avoir quelque part dans l'installateur le choix d'installer le 
système de base, c'est à dire le minimum, sans serveur graphique.

Tu ajoutes ensuite ce qu'il te faut en ligne de commande, avec apt.

--
François

Re: help needed to get a bookworm install to succeed

[Geert Stappers]

On Sun, Mar 31, 2024 at 11:18:30AM +0200, DdB wrote:
> Hello list,
> 
> i intend to create a huge backup server from some oldish hardware.
> Hardware has been partly refurbished and offers 1 SSD + 8 HDD on a 6core
> Intel with 64 GB RAM.
> Already before assembling the hardware, grub was working from the SSD,
> which got lvm partitioning and is basically empty. As i have no working
> CD drive nor can this old machine boot from USB, i put an ISO for
> bookworm onto an lvm-LV.

Not knowing how that was done, I guess disk was taken to another
computer where the lvm-LV was written.

If so:  put the (ISO)image just on the disk, not in LVM.



> Using grub, i can manually boot from that ISO
> and see the first installer screens. But after asking some questions,
> the installer wants to mount the external media (ISO), and does not find
> it on sd[a-z], then aborts.
> By switching to Desktop 4, i can see the attempt to search for the
> "CD"-drive, which is bound to fail.
> I am not familiar with the very restricted shell, that is available from
> the installer (busybox) and have not yet found an approach to circumvent
> my problems. i would like to use the installer, as debootstrapping would
> necessitate alot more knowledge than mine.
> 
> Suggestions are welcome :-)

Original post based:
  Take bootdisk out the back server,
  take the disk to other server.
  Install there, move the disk to the back server.

What I would do:
  Network boot


> DdB
 

Groeten
Geert Stappers
-- 
Silence is hard to parse

help needed to get a bookworm install to succeed

[DdB]

Hello list,

i intend to create a huge backup server from some oldish hardware.
Hardware has been partly refurbished and offers 1 SSD + 8 HDD on a 6core
Intel with 64 GB RAM.
Already before assembling the hardware, grub was working from the SSD,
which got lvm partitioning and is basically empty. As i have no working
CD drive nor can this old machine boot from USB, i put an ISO for
bookworm onto an lvm-LV. Using grub, i can manually boot from that ISO
and see the first installer screens. But after asking some questions,
the installer wants to mount the external media (ISO), and does not find
it on sd[a-z], then aborts.
By switching to Desktop 4, i can see the attempt to search for the
"CD"-drive, which is bound to fail.
I am not familiar with the very restricted shell, that is available from
the installer (busybox) and have not yet found an approach to circumvent
my problems. i would like to use the installer, as debootstrapping would
necessitate alot more knowledge than mine.

Suggestions are welcome :-)
DdB

Re: Re: Debian 12.5 up-to-date Xfce, Firefox clings to USB stick

[Antti-Pekka Känsälä]

I'm mounting and unmounting through the stick icon's menu on Xfce desktop.
Maybe a fancy file chooser dialogue stays around analyzing the directory,
as you suspect? But I'm worried my Gmail in Firefox is capable of stealing
files off my USB stick.

Re: Debian 12.5 up-to-date Xfce, Firefox clings to USB stick

[Max Nikulin]

On 31/03/2024 11:46, David Wright wrote:

Double-clicking on the directory
mounts it and displays the files in it. Opening a text file
displays it. At least for a small file, FF does not hold the
file open, so I can immediately unmount the stick.


Gmail may do something more fancy
- https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file
- https://developer.mozilla.org/en-US/docs/Web/API/File_System_API

I am not surprised that the device is busy for some interval of time.