Re: System time/timezone, was Re: Maximum size .bash_aliases file

[tomas]

On Sat, Jun 22, 2024 at 10:22:53AM +0700, Max Nikulin wrote:

[...]

> I think, you are biased treating "system" as tightly built-in while most of
> others assume "system-wide".

Taking your bias out ("you are biased" -- "most of others") I'd 
tend to agree :-)

You do have a point. Coming from the UNIX tradition, for me, X,
for example, isn't part of "the operating system". Much less a
desktop environment. For those coming from a Windows tradition
(remember: Microsoft once argued they couldn't remove Internet
Explorer from Windows for "technical reasons"?), it's the other
way around.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Having ten thousands of mount bind causes various processes to go into loops

[Max Nikulin]

On 19/06/2024 16:27, Julien Petit wrote:

Does it have some logic to avoid descending into bind mounts? Maybe I am
wrong with my expectation that it does not use anything besides st_dev
from stat result. It may be promising case to demonstrate the issue in a
way independent of systemd and sandboxing. You can obtain command line
arguments. Attach to its mount namespace and inspect content of its
/proc//mounts or mountinfo. The next step would be to profile or at
least to trace a process.


I'm not sure i understand you there.


It was intended to express my surprise that "find" is affected. I may 
expect some bugs in udisksd or PHP related to number of entries in 
"mounts" or "mountinfo" /proc files, but find is much more simple and 
likely more convenient for debugging of the issue. (Actually I am even 
more surprised by presence of udisksd on a cloud platform with sharing 
files among virtual users.)


On 20/06/2024 04:18, Julien Petit wrote:

However do you need shared subtrees?

I'm gonna test the effect of setting them to private.


This doesn't seem to fix the problem either


Sorry, but without any details what you have actually tried, it adds 
nothing to the following kind of summary: "Despite there are enough 
projects that actively use bind mounts, some person faced some obscure 
issue. The tool might be used in a wrong way".


User and mount namespaces caused some challenges in respect to bind 
mounts. Personally I have not convinced that changes in kernel may 
contain some regression. However nowadays bind mounts perhaps should be 
treated with more care.


It seems nobody on this list is motivated enough to actively participate 
in debugging starting from the script you posted. You may ask in other 
communities.

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Max Nikulin]

On 21/06/2024 11:45, to...@tuxteam.de wrote:

On Fri, Jun 21, 2024 at 09:32:10AM +0700, Max Nikulin wrote:

On 20/06/2024 11:52, to...@tuxteam.de wrote:

"the system's
time zone" (of which some, me included, say "there's no such thing",
and others disagree 


What term is appropriate in your opinion do describe the setting stored as
the /etc/localtime symlink? localtime(5)


The default time zone (i.e. that one which is used when some
process calls for one and hasn't specified one itself).


So you just believe that "system" is confusing. However other 
configuration files may be taken into account, e.g. 
~/.config/ktimezonedrc for *default* timezone in KDE session of the 
specific user. From my point of view, adding "system-wide" to "default 
timezone" leaves less room for ambiguity.


It is still important that neither TZ environment nor /etc/localtime 
must be respected by all processes. Anyway POSIX and libc are not 
designed for applications that need to work with multiple timezones 
simultaneously, so any system-wide hints may be disregarded.


I think, you are biased treating "system" as tightly built-in while most 
of others assume "system-wide".

Re: mounting external hard drive from rescue mode shell?

[Max Nikulin]

On 21/06/2024 11:39, David Christensen wrote:

On 6/20/24 19:10, Max Nikulin wrote:

On 20/06/2024 12:06, David Christensen wrote:

You can use the fdisk(8) command to list the partitions on a drive.


lsblk --fs

perhaps with "-o +SIZE" may be more convenient to get overview of drives.


The debian-11.9.0-amd64-netinst rescue shell does not include lsblk(8):


My bad, I missed that the topic is specific to installer rescue mode. I 
usually boot a live image for rescue. It is more convenient: more tools 
are available or can be temporary installed, a browser may be used to 
search for failure details. A possible downside is enabling of found 
swap partitions and automounting of removable drives.

Re: About dash as sh

[Stefan Monnier]

>   When the shell is using standard input and it invokes a command that
>   also uses standard input, the shell shall ensure that the standard
>   input file pointer points directly after the command it has read when
>   the command begins execution.
>
> But I consider this clause is misguided, it should apply only when the
> input is a tty.

And if it's not a tty, you get some kind of Undefined Behavior?
I don't think I'd like that because I don't think the benefit would be worth
the UB troubles.

> Relying on it is a terrible idea.

I'd tend to agree.


Stefan

Re: [HS] eruptions solaires

[hamster]

Le 20/06/2024 à 22:06, Haricophile a écrit :

Et à propos de radioactivité naturelle, j'ai oui dire qu'il y aurait un
risque d'intense éruption solaire dans l'année qui vient. Ils ont
protégés les disques ou pas ? Quand le télégraphe marche tout seul sans
alimentation c'est pas trop grave vu la rusticité de l'appareil,
quand les américains se foutaient des Russes avec des «antiques» lampes
au lieu de transistor dans instruments des avions ils oubliaient que les
leurs n'auraient peut être probablement pas résisté à une déflagration
nucléaire, j'ai beaucoup de doute concernant l'électronique moderne et
pas mal d'infrastructures en général… Il y a une réflexion globale
dessus (hors militaires) où on est sur le principe «13e étage, jusqu'ici
tout va bien» ?


Les éruptions solaires peuvent provoquer une petite augmentation de la 
radioactivité naturelle. Ca reste très modéré.


Les scénarios catastrophe avec les éruptions solaires c'est que ca peut 
modifier temporairement le champ magnétique terrestre et ainsi provoquer 
par induction de forts courants dans le sol et dans les infrastructures 
a grande échelle.

https://fr.wikipedia.org/wiki/Courant_induit_g%C3%A9omagn%C3%A9tiquement

En gros, tout ce qui est conducteur et s'étend sur des centaines ou des 
milliers de kilomètres est concerné. Ca vaut pour les fils du télégraphe 
ou du téléphone, ca vaut pour le réseau électrique, ca vaut pour les 
rails et les caténaires des trains, ca vaut pour les cables qui 
transportent internet au fond des océans et a travers les continents (y 
compris si c'est des fibres optiques : il y a besoin d'un amplificateur 
tous les 100 km environ et ces amplificateurs ont besoin de courant donc 
il y a des fils en cuivre a coté de la fibre dans le cable, et c'est eux 
qui sont impactés).


Hors militaire, il n'y a pas de réflexion globale ni de protections. On 
sait très bien que quand une éruption comme celle de 1859 arrivera, on 
aura plus un réseau électrique fonctionnel, plus un réseau de 
communication fonctionnel, plus un réseau de trains électrifié 
fonctionnel, les réseaux de train non électrifiés seront en carafe aussi 
parce que la signalisation et les commandes des aiguillages auront 
disjoncté.

https://fr.wikipedia.org/wiki/Temp%C3%AAte_solaire_de_1859

Mais les disques durs n'ayant pas des dimentions qui se comptent en 
centaines de kilomètres, ils ne seront pas impactés.

Re: Evolution & ThunderBird

[Marco Moock]

Am 21.06.2024 um 13:57:11 Uhr schrieb CHRIS M:

> And I like how for POP3 accounts, each email is stored as an
> individual file, vs being shoved into a binary .mbx file that could
> get corrupted at any time! 

This is possible for IMAP too, e.g. with the Maildir format.

-- 
Gruß
Marco

Send unsolicited bulk mail to 1718971031mu...@cartoonies.org

Re: Evolution & ThunderBird

[CHRIS M]

On Wednesday 19 June 2024 04:00:44 pm Cindy Sue Causey wrote:
> My brain keeps wanting to note that e.g. Gmail used to make us jump
> through painful hoops to use desktop programs like Evolution. That
> didn't happen for me this time, but maybe other email providers still
> have the detail that needs addressed on their online end and that isn't
> seen while setting up an Evolution account (versus other email
> programs).
>

Do you use POP or IMAP with GMAIL?

I love Evolution for email, since I was a big OUTLOOK user back in my Windows 
days! And I like how for POP3 accounts, each email is stored as an individual 
file, vs being shoved into a binary .mbx file that could get corrupted at any 
time! 


THANKS IN ADVANCE!
 
CHRIS

ch...@cwm030.com
 
~* Lenovo ThinkCentre M710q*~~* 
*~~1 TB SSD*~~
~*15.5 GiB of ram*~

 ~~* Q4OS Trinity Edition* ~~ 
~FYI, TDE is a continuation of KDE 3.x ~ 
~ Q4OS is based off of the latest Debian Version~

Re: About dash as sh

[Greg Wooledge]

On Fri, Jun 21, 2024 at 09:43:52 -0700, Mike Castle wrote:
> On Fri, Jun 21, 2024 at 4:57 AM Greg Wooledge  wrote:
> > That's why I find it frustrating when someone claims that this bug is
> > so severe that Debian has to *change their policy* without even describing
> > how this bug is affecting them in real life.
> 
> I did not feel like the OP was saying the bug was that bad and the
> policy needed to change, but as a starting point to ask why it is
> still the policy after 27 years.

Are you unaware that it *changed*?

Here's a quote from  which was the
first place I could find it:

  In all releases up to and including DebianLenny, Bash was the default
  non-interactive shell. Beginning with DebianSqueeze, Debian uses Dash
  (the Debian Almquist shell) as the target of the /bin/sh symlink.

Debian made a *conscious choice* to switch /bin/sh from bash to dash.
The OP of this thread is requesting that Debian should reverse this
and change *back* to bash, because of one bug, which affects a very
small number of scripts.

Furthermore:

  From DebianSqueeze to DebianBullseye, it was possible to select Bash
  as the target of the /bin/sh symlink by running dpkg-reconfigure
  dash. However, as of DebianBookworm, this is no longer supported.

So, the OP is not only asking for a reversion of the policy decision
that was made, but for a reinvestment of the time and resources that
would be required to support this new-but-really-old policy.  The
resources to support /bin/sh -> bash have already been discontinued.

Re: About dash as sh

[Mike Castle]

On Fri, Jun 21, 2024 at 4:57 AM Greg Wooledge  wrote:
> That's why I find it frustrating when someone claims that this bug is
> so severe that Debian has to *change their policy* without even describing
> how this bug is affecting them in real life.

I did not feel like the OP was saying the bug was that bad and the
policy needed to change, but as a starting point to ask why it is
still the policy after 27 years.

mrc

Re: can't connect to eduroam due to SSL3 unsupported protocol

[davenull]

Hello

On 2024-06-17 16:14, Vincent Lefevre wrote:

On 2024-06-17 08:26:39 -0400, Dan Ritter wrote:

On stable:
$ openssl list -disabled
Disabled algorithms:
IDEA
MD2
MDC2
RC5
SCTP
SSL3
ZLIB

So, SSL3 support was removed at least that long ago. I think it
was actually dropped around 2016.


That's strange because when I installed the machine in October,
there were no issues.


SSL v3 has been deprecated years ago, and replaced by TLS. SSLv3 support 
in Debian has been
dropped a while ago, like most OSes (except obsolete ones, from 2016 and 
before).


Even TLS 1.0 and 1.1 should be avoided whenever possible.

Maybe it worked because it used correct configuration/hardware/software.
If it supports SSLv3 and not TLS, it's outdated software.

The best thing you could do is to

- try debian stable form live USB to check if it also tries to use SSLv3
If it tries to use SSLv3 as well, chances are the authentification 
server only offers SSLv3 and is outdated
If it doesn't and it connects using TLS (preferably v1.2 or 1.3), maybe 
there a bug in Unstable, which leads the client (Debian unstable) to try 
to use SSLv3 (erratically)
- contact your UNi Eduroam support to see if changed anything since last 
October

Re: About dash as sh

[Greg Wooledge]

On Fri, Jun 21, 2024 at 13:44:35 +0200, Nicolas George wrote:
> Greg Wooledge (12024-06-21):
> > The original message began with the assertion that the OP had run
> > across a bug in dash, and gave two URLs, with no description of the bug
> > or the impact it was having on their life.
> > 
> > I read one of the URLs, and the bug is rather obscure.  It involves a
> > second script embedded inside a here document inside the first script,
> > with the second script being passed to an interpreter process on stdin.
> > I'm not surprised that nobody knew about the bug for many years.
> 
> The purported bug boils down to this: if you pipe to a non-interactive
> shell a command and data for that command, then the non-interactive
> shell might read more than just the command as part of its input
> buffering and leave less or nothing as data to the command itself.
> 
> It is indeed a bug, since the standard says:
> 
>   When the shell is using standard input and it invokes a command that
>   also uses standard input, the shell shall ensure that the standard
>   input file pointer points directly after the command it has read when
>   the command begins execution.

I understood the bug as described.  I've been doing shell stuff for
a while now, and I've picked up a few bits of knowledge here and there.
I still claim that it's an obscure corner case that most script writers
will never encounter.

That's why I find it frustrating when someone claims that this bug is
so severe that Debian has to *change their policy* without even describing
how this bug is affecting them in real life.

> But I consider this clause is misguided, it should apply only when the
> input is a tty. Relying on it is a terrible idea.

I think the POSIX wording is there primarily because of here documents,
and people doing what I can only *guess* is similar to what the OP of
this thread wanted to do -- embedding layers of scripts inside scripts
using here documents.

I doubt that the wording was intended only for input coming from
terminals.

Re: About dash as sh

[Nicolas George]

Greg Wooledge (12024-06-21):
> The original message began with the assertion that the OP had run
> across a bug in dash, and gave two URLs, with no description of the bug
> or the impact it was having on their life.
> 
> I read one of the URLs, and the bug is rather obscure.  It involves a
> second script embedded inside a here document inside the first script,
> with the second script being passed to an interpreter process on stdin.
> I'm not surprised that nobody knew about the bug for many years.

The purported bug boils down to this: if you pipe to a non-interactive
shell a command and data for that command, then the non-interactive
shell might read more than just the command as part of its input
buffering and leave less or nothing as data to the command itself.

It is indeed a bug, since the standard says:

  When the shell is using standard input and it invokes a command that
  also uses standard input, the shell shall ensure that the standard
  input file pointer points directly after the command it has read when
  the command begins execution.

But I consider this clause is misguided, it should apply only when the
input is a tty. Relying on it is a terrible idea.

Regards,

-- 
  Nicolas George

Re: About dash as sh

[Greg Wooledge]

The original message began with the assertion that the OP had run
across a bug in dash, and gave two URLs, with no description of the bug
or the impact it was having on their life.

I read one of the URLs, and the bug is rather obscure.  It involves a
second script embedded inside a here document inside the first script,
with the second script being passed to an interpreter process on stdin.
I'm not surprised that nobody knew about the bug for many years.

So, having found one obscure bug in dash, the OP decided that the
best solution is to change Debian's years-old /bin/sh policy.

This ignores the fact that all shells, including bash, have *lots*
of bugs in them.  Switching /bin/sh to another shell would simply be
trading one set of bugs for a different set.

Given that Debian *originally* used bash as /bin/sh, and made a
conscious decision to switch that default to dash several years ago,
it would take an overwhelmingly strong reason to revert that change.
"I found an obscure bug in dash that affects me and one other person"
is probably not strong enough, especially when the bug has been fixed
upstream (albeit not in a released version yet??).

A more productive course of action would be to open a Debian bug report
against dash, describe the issue and how it affects you, point to the
upstream patch, and hope that a patched version of dash makes it into
trixie.

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Greg Wooledge]

On Thu, Jun 20, 2024 at 23:17:42 -0500, David Wright wrote:
> And what am I to call the time that a system
> issues using that system default time zone?

If you mean the current time translated into that time zone, "local time"
is the traditional name for it.

If you mean an arbitrary past time, then it's just whatever the time
string says.  "Three fifteen PM" or what have you.  You're probably
reading log files or something, so it's convenient to have the times
presented in your own local time zone (assuming this matches the system's
default).  This lets you align the log messages with any events that
you happen to remember ("hmm, that was about when the lightning storm
started"), or with logs from other computers.

Setting /etc/localtime to *your* time zone, assuming you're the primary
system administrator, just makes your life easier.  That's all.

> If I boot up two computers
> and they display different times, what term is appropriate in your
> opinion to describe the time displayed?

They're out of sync.  Or, at least one of them is.  At this point
you check the NTP settings on both of them to find out which one is
at fault, and how to get it fixed.  Maybe you check a wall clock or a
wrist watch or a cell phone as an independent time authority.

Or did you mean "the same time, but in two different time zones"?  If
you displayed these times by running "date", which respects both the
TZ environment variable and the /etc/localtime symlink, then you figure
out which of them is set to an undesired value.  And then you fix it.
Or, if it's set how you *want* it, then you leave it alone.

Re: Having ten thousands of mount bind causes various processes to go into loops

[debian-user]

Julien Petit  wrote:
> How Linux is supposed to be used? That's why i'm here. There wasn't
> until kernel 4.19 an official limit to the number of mounts in the
> documentation. Even though we use mounts a lot, we're still far from
> the official limit. Did we get lucky for 15 years and we should change
> the way we do things or is it a bug ? I will now take this to the
> kernel team and see what they have to say about it.

I take it you have read
https://docs.kernel.org/filesystems/sharedsubtree.html which says "A
shared mount can be replicated to as many mountpoints and all the
replicas continue to be exactly same" and seems to be trying to say
your use case is valid.

I'd be interested to follow your discussion with the kernel devs if you
could post a link.

Re: About dash as sh

[Michael Kjörling]

On 21 Jun 2024 00:28 +0200, from ilya.kazakev...@jetbrains.com (Ilya 
Kazakevich):
> [...] honestly, I can't imagine how bash
> could be a bottleneck for anything in 2024 (if you have such
> scenarios, please share).

Debian doesn't target only desktops and servers, where your assertion
is quite possibly correct. It's equally supported on comparatively
very low-powered systems; consider for example a low-RAM, perhaps also
slow-storage armel system.

Also, Debian doesn't target only this-year's systems. My own desktop
system uses a CPU which wasn't even top of the line when I put the
computer together over a decade ago now, and I like that Debian runs
well on it without requiring me to buy a new computer every few years.
(The one I had before this one reached a similar age before it broke
beyond the point of reasonably fixing it by replacing individual
parts.) Not only does it save money, it also saves on limited physical
resources and results in significantly less e-waste. Yes, _one_
computer may be relatively inconsequential, but in aggregate it does
add up.

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: suggestion of upgrade to 12

[Richard]

That's the beauty of Debian. If the dev doesn't backport a fix, the
maintainer might. It's not uncommon.

On Thu, Jun 20, 2024, 22:38 Jeffrey Walton  wrote:

> One additional data point to consider... there are folks who have
> exploits written for vulnerabilities that the community does not know
> about.
>
> Generally speaking, the older the software, the more exploits are
> available. Developers generally don't work on old versions of their
> software. Instead, they fix some things, release a new version and
> move on. The only chance to fix the vulnerability is move to a newer
> version of the software by building it yourself or using the latest
> distro release.
>
> Folks who deal in vulnerabilities and exploits adore the old software
> because nothing gets fixed, so their exploits continue to work on old
> versions of software. As Greg Kroah-Hartman noted: [1]
>
> We have a very bad history of keeping bugs alive for a long time.
> Somebody did a check of it, most known bugs live for five years in
> systems. These are things that people know and know how to exploit.
> They’re not closed. That’s a problem in our infrastructure...
>
> CVE tracking is not the answer because that assumes every exploitable
> bug is tagged with a CVE. There are lots of bugs out there that are
> not tracked with a CVE, yet are exploitable. See, for example, the
> TTY1 layer bug discussed in [1]. It took over 3 years to figure out it
> was exploitable and for the patches to be backported.
>
> (I have first hand knowledge of how one firm operates. The firm sells
> their exploits to Northrop Grumman Electronic Warfare Division.)
>
> [1]
> https://thenewstack.io/design-system-can-update-greg-kroah-hartman-linux-security/
>
> Jeff
>

how to use xfonts-intl-chinese

[hlyg]

i have installed it for bookworm

but firefox can't display Chinese characters on pages at debian.org

https://www.debian.org/index.zh-cn.html

https://www.debian.org/index.zh-hk.html

https://www.debian.org/index.zh-tw.html

Re: About dash as sh

[Mike Castle]

bash is still 10x larger than dash:
$ ls -l /bin/[bd]ash
-rwxr-xr-x 1 root root 1265648 Apr 23  2023 /bin/bash
-rwxr-xr-x 1 root root  125640 Jan  5  2023 /bin/dash

I would not be surprised if that impacts things like initrd and other
resource constrained environments.


Generally speaking, standards require multiple implementations.  So
having dash and bash leads to more consistency, not less.

Folks have been using different shells for interactive and scripting
usage for years.  Just check in with anyone who uses csh for their
interactive shell.  That does not mean they write scripts in csh.

Bash is known to have deviations from POSIX compliance, even in POSIX
mode (though much fewer than I remember from the last time I bothered
checking).

On the other hand, it appears that POSIX is in the middle of a cycle
introducing new shell features and Bash is actively implementing them.
I have no idea if dash is doing similar.  So it could be that, in a
year or two, Bash is more compliant than dash.

mrc

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[tomas]

On Thu, Jun 20, 2024 at 11:17:42PM -0500, David Wright wrote:
> On Thu 20 Jun 2024 at 22:58:53 (-0400), Greg Wooledge wrote:
> > On Fri, Jun 21, 2024 at 09:32:10 +0700, Max Nikulin wrote:
> > > On 20/06/2024 11:52, to...@tuxteam.de wrote:

[...]

> Well, that's a mouthful. And what am I to call the time that a system
> issues using that system default time zone? If I boot up two computers
> and they display different times, what term is appropriate in your
> opinion to describe the time displayed?

The first step would be to realize that it's not the "computers" doing
the time display, but some processes running on them, and *those* are
the ones with the time zone (either default or explicitly set).

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[tomas]

On Fri, Jun 21, 2024 at 09:32:10AM +0700, Max Nikulin wrote:
> On 20/06/2024 11:52, to...@tuxteam.de wrote:
> > "the system's
> > time zone" (of which some, me included, say "there's no such thing",
> > and others disagree 
> 
> What term is appropriate in your opinion do describe the setting stored as
> the /etc/localtime symlink? localtime(5)

The default time zone (i.e. that one which is used when some
process calls for one and hasn't specified one itself).

> On 19/06/2024 11:37, to...@tuxteam.de wrote:
> > Especially that bit with the "system timezone". Reminds me of some
> > remote past, where a system actually had a timezone (and changed its
> > clock twice a year). Back then we used to set all our networked
> > Windows boxen to a time zone without summer time change (ISTR it
> > was Monrovia/Liberia) to avoid having our Makefiles freaking out
> > twice a year.
> 
> I recall a checkbox do disable DST in Windows 95 or Windows 98, so perhaps
> searching for a timezone without DST was not necessary.

It's a log time ago, but we were a shop with a few pretty knowledgeable folks,
so I guess we first tried something like that.

> By the way,
>  describes another style of
> identifiers in the Microsoft TZ DB. At certain point I have realized that
> "time zone" and "timezone" have a bit different meaning in the case of the
> IANA database 

It's a complex matter, yes. Food for nerds :)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: mounting external hard drive from rescue mode shell?

[David Christensen]

On 6/20/24 19:10, Max Nikulin wrote:

On 20/06/2024 12:06, David Christensen wrote:

You can use the fdisk(8) command to list the partitions on a drive.


lsblk --fs

perhaps with "-o +SIZE" may be more convenient to get overview of drives.



The debian-11.9.0-amd64-netinst rescue shell does not include lsblk(8):

~ # lsblk
/bin/sh: lsblk: not found


David

Re: Modifying Desktop Icons

[tomas]

On Thu, Jun 20, 2024 at 09:33:22PM +0100, Brad Rogers wrote:

[...]

> This is (one) reason why using undocumented features is a Bad Thing™.

It doesn't seem to be "undocumented": on the contrary, it's rather
"overdocumented" (two different ways in two different places), but
thanks to some intrepid users in this thread we do know that both
ways work.

In Greg's words, it seems to be something something desktop.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Maximum size .bash_aliases file

[David Wright]

On Thu 20 Jun 2024 at 21:00:38 (+1000), Keith Bainbridge wrote:
> On 17/6/24 18:26, Keith Bainbridge wrote:
> > 
> > It was late afternoon on 16Jun2024 that I wrote this. Possibly
> > 18:13:36 when I pressed send. I'd reckon it would likely have been
> > 08:13:36 UTC   What's wrong with my system clock. I've not really
> > looked at the time on my originals before.  I'll try to remember
> > to enter my local time as I press send
> 
> Thanks for those responses. [ … ]
> 
> I reskon that they seem to indicate that the date/time in my original
> question are fine. the difficulty is more related to how we humans are
> interpreting the information we are reading.
> 
> https://manpages.debian.org/bookworm/manpages-dev/strftime.3.en.html
> 
> is a list of place names for MANY parts of a date layout. I have set
> up the following code in my text substitution app:
> "%a %d%b%Y at %H:%M:%S =UTC %Z"
> 
> Triggering that give me
> Thu 20Jun2024 at 20:51:19 =UTC +10:00
> 
> Seems to me that if the code writers of our various MUA would add the
> +UTC to the line that prints the various dates, we'd understand what
> they mean better.
> 
> Meantime, we have to accept what we have.

You could pronounce your time written above as:

  "It's Thu 20Jun2024 at 20:51:19 here, where clocks are UTC+10:00"

if that's indeed your intention. But what you've done is invent
some notation of your own, which people will likely misunderstand.

I think it best to look up these references and follow them:

  https://en.wikipedia.org/wiki/ISO_8601
  https://www.ietf.org/rfc/rfc3339.txt

IMHO I think that email attributions are best presented in and with
the time zone of the sender, and not oneself.

Cheers,
David.

Re: UEFI secure boot issue

[Bhasker C V]

On Thu, Jun 20, 2024 at 3:57 PM Jeffrey Walton  wrote:
>
> On Thu, Jun 20, 2024 at 9:23 AM Bhasker C V  wrote:
> >
> > I generated a pr/pk pair and the kernel is signed. Placed them in the
> > kernel tree and compiled the kernel.
>
> I don't think you are supposed to check-in/compile-in the private key.
> It is usually supposed to stay private.
>
> > Could someone tell me what am I doing wrong please ?
> >
> > Below is the status (I am using loader.efi from linuxfoundation)
> > When i boot debian stock kernel signed, i see that the secure boot
> > gets enabled (hence bios and everything else seems to be fine with the
> > same UEFI loader).
> > However, when I boot the compiled kernel I get
> >
> > $ dmesg | grep -i secure
> > [0.007085] Secure boot could not be determined
> >
> >
> > $ sbverify --list bootx64.efi
> > warning: data remaining[91472 vs 101160]: gaps between PE/COFF sections?
> > signature 1
> > image signature issuers:
> >  - /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft
> > Corporation UEFI CA 2011
> > image signature certificates:
> >  - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
> > Corporation/OU=MOPR/CN=Microsoft Windows UEFI Driver Publisher
> >issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
> > Corporation/CN=Microsoft Corporation UEFI CA 2011
> >  - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
> > Corporation/CN=Microsoft Corporation UEFI CA 2011
> >issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
> > Corporation/CN=Microsoft Corporation Third Party Marketplace Root
> > $ sbverify  --list ./loader.efi
> > signature 1
> > image signature issuers:
> >  - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> > image signature certificates:
> >  - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> >issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> > $ sbverify  --list ../../linux/k.bcv
> > signature 1
> > image signature issuers:
> >  - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> > image signature certificates:
> >  - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> >issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
>
>
> Have a look at , and the use of
> the Machine Owner Key (MOK).

Thanks Jeff. I did follow this.
Like I had mentioned before, the stock kernel still works in
locked-down mode with secure boot whereas the kernel I have compiled
and signed does not.
Is there a way to debug this on why exactly does this not work ?

>
> Jeff

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[David Wright]

On Thu 20 Jun 2024 at 22:58:53 (-0400), Greg Wooledge wrote:
> On Fri, Jun 21, 2024 at 09:32:10 +0700, Max Nikulin wrote:
> > On 20/06/2024 11:52, to...@tuxteam.de wrote:
> > > "the system's
> > > time zone" (of which some, me included, say "there's no such thing",
> > > and others disagree 
> > 
> > What term is appropriate in your opinion do describe the setting stored as
> > the /etc/localtime symlink? localtime(5)
> 
> I've been using "system default time zone", for lack of a better phrase.
> I feel it's important to convey that this is *not* a global setting that
> affects "the system" in some universal way.  Like, for example, changing
> where /etc/localtime points will (probably) *not* change the behavior
> of any programs that are already running.  Nor will it change the behavior
> of any programs that have the TZ environment variable set, or any that
> simply ignore time zones and write everything in UTC or TAI64 or whatever.
> 
> It's just a default that many, but not all, programs may use when they run.

Well, that's a mouthful. And what am I to call the time that a system
issues using that system default time zone? If I boot up two computers
and they display different times, what term is appropriate in your
opinion to describe the time displayed?

Cheers,
David.

Re: How to recover when monitor goes blank.

[Felix Miata]

Ram Ramesh composed on 2024-06-20 22:58 (UTC-0400):

>> Did you try 'e' as I suggested, or read that page? From there:

>> [quote]
>> 'e' will force the display to be enabled, i.e. it will override the detection
>> if a display is connected.
>> [/quote]

> Ok, I will try it, but that is a reboot. I guess if I booted with that 
> switch, it will always be on and I would not reach a point of blank 
> screen. Make sense.

> I just do not like forcing resolution, but better than broken display.

The foibles of life complicated by a KVM switch. :p I hope it does what it 
claims.

If not, I suppose you could connect both Debian PC and laptop to display at the
same time, and use the display's input switch instead of the KVM for video out.
-- 
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata

Re: How to recover when monitor goes blank.

[Ram Ramesh]

Did you try 'e' as I suggested, or read that page? From there:

[quote]
'e' will force the display to be enabled, i.e. it will override the detection
if a display is connected.
[/quote]


Ok, I will try it, but that is a reboot. I guess if I booted with that 
switch, it will always be on and I would not reach a point of blank 
screen. Make sense.


I just do not like forcing resolution, but better than broken display.

Regards
Ramesh

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Greg Wooledge]

On Fri, Jun 21, 2024 at 09:32:10 +0700, Max Nikulin wrote:
> On 20/06/2024 11:52, to...@tuxteam.de wrote:
> > "the system's
> > time zone" (of which some, me included, say "there's no such thing",
> > and others disagree 
> 
> What term is appropriate in your opinion do describe the setting stored as
> the /etc/localtime symlink? localtime(5)

I've been using "system default time zone", for lack of a better phrase.
I feel it's important to convey that this is *not* a global setting that
affects "the system" in some universal way.  Like, for example, changing
where /etc/localtime points will (probably) *not* change the behavior
of any programs that are already running.  Nor will it change the behavior
of any programs that have the TZ environment variable set, or any that
simply ignore time zones and write everything in UTC or TAI64 or whatever.

It's just a default that many, but not all, programs may use when they run.

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Max Nikulin]

On 20/06/2024 11:52, to...@tuxteam.de wrote:

"the system's
time zone" (of which some, me included, say "there's no such thing",
and others disagree 


What term is appropriate in your opinion do describe the setting stored 
as the /etc/localtime symlink? localtime(5)


On 19/06/2024 11:37, to...@tuxteam.de wrote:

Especially that bit with the "system timezone". Reminds me of some
remote past, where a system actually had a timezone (and changed its
clock twice a year). Back then we used to set all our networked
Windows boxen to a time zone without summer time change (ISTR it
was Monrovia/Liberia) to avoid having our Makefiles freaking out
twice a year.


I recall a checkbox do disable DST in Windows 95 or Windows 98, so 
perhaps searching for a timezone without DST was not necessary. By the 
way,  describes another 
style of identifiers in the Microsoft TZ DB. At certain point I have 
realized that "time zone" and "timezone" have a bit different meaning in 
the case of the IANA database 

Re: mounting external hard drive from rescue mode shell?

[Max Nikulin]

On 20/06/2024 12:06, David Christensen wrote:

You can use the fdisk(8) command to list the partitions on a drive.


lsblk --fs

perhaps with "-o +SIZE" may be more convenient to get overview of drives.

Re: Modifying Desktop Icons

[Max Nikulin]

On 21/06/2024 00:26, Pranjal Singh wrote:

What I've done is changing /usr/share/applications/firefox.desktop:

- Exec=firefox %u
+ Exec=firefox -private-window %u

I also created a desktop file in ~/.local/share/applications, but
that too didn't work.


You may file a bug (if it does not exist yet) against the Debian package 
to add alternative actions in the desktop file, see



It would not open private widow by default though, it just would make it 
available from GUI.


Have you checked your files using the desktop-file-validate tool?

Are you sure that your desktop environment uses namely files you have 
edited, not a copy of the original file? Menus may use cache with data 
extracted from desktop files instead of files directly. Try to set 
unique Name and Comment.


Notice that the firefox-esr bookworm package contains 
/usr/share/applications/firefox-esr.desktop, not 
/usr/share/applications/firefox.desktop. I would avoid editing 
/usr/share/applications/firefox-esr.desktop since every package update 
means revert to original version with loosing changes.

Re: Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

> This can be solved with ACLs. Instead of creating a bind mount, this process 
> that allows the user to share the directory can set an ACL and create a 
> symlink.

For a few users maybe but not that easy when you have many thousands
users (that on top do not have local accounts). We'd probably hit
another ACL limitation.

Then again, this thread was not about finding new ways of doing what
we do but to know the reason it stopped working. Is it a new
limitation or a bug?

> PS: It would be better if you used a mailer that correctly sets mail headers 
> References and/or In-Reply-To so that your replies are properly threaded.

Sorry about that, i use the link provided on the list for mails i
don't receive in my mailbox directly and gmail doesn't seem to be good
about it...

Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

> PS: if you maintain your own software and aren't able to find a way for your 
> user to do shares - especially while systems that most likely have such 
> functionality built-in out of the box surely exist, think Nextcloud etc - 
> that is covered by how Linux is supposed to be used, by definition it's 
> pretty much out of support.

Nextcloud doesn't offer sftp or rsync access to users that i know of.
The specifications are much simpler because they only deal with web
access (the web interface and the webdav server written in PHP).

How Linux is supposed to be used? That's why i'm here. There wasn't
until kernel 4.19 an official limit to the number of mounts in the
documentation. Even though we use mounts a lot, we're still far from
the official limit. Did we get lucky for 15 years and we should change
the way we do things or is it a bug ? I will now take this to the
kernel team and see what they have to say about it.

> Especially if you keep insisting on using a way that was never officially 
> supported, just because you got away with it for 15 years.

That's the very question i guess! How much mount is too much mount ;)

Thanks again for your help.

Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

> At this point, I kinda doubt this issue has anything to do with Debian 
> itself, but will most likely be an issue/limitation of the Linux Kernel 
> itself.

>From my latest tests, it seems to point that way. Kernel 5.4 came with
a new mount API and it seems to break since then.
During my search, i also found that since kernel 4.19, there is a
default limit of mount set to 100 000 to avoid DOS.
We're still far from it.

Re: How to recover when monitor goes blank.

[Felix Miata]

Ram Ramesh composed on 2024-06-20 17:43 (UTC-0500):

>> Not to recover, but to perhaps prevent, via kernel cmdline, one can direct 
>> the
>> kernel which framebuffer mode to force-enable with video=, e.g.:

>>  video=2560x1440@60e

>> https://www.kernel.org/doc/Documentation/fb/modedb.txt

> I think kernel thinks that no monitor is attached or KB is present. I 
> want to remote login and tell it to look again and find them.
> It appears like there is no magic incantation exists for that. I was 
> hoping a write to /sys or /proc file will do the trick, but no such 
> thing seem to exists.

Did you try 'e' as I suggested, or read that page? From there:

[quote]
'e' will force the display to be enabled, i.e. it will override the detection
if a display is connected.
[/quote]

The way I read it, if it doesn't work, it's yet another kernel bug, because it
should - prevent - not fix.
-- 
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata

Re: [HS] sauvegarde sur Disque Mécanique ou SSD

[Haricophile]

Le Wed, 19 Jun 2024 18:07:56 +0200,
hamster  a écrit :

> Tu va donc acheter 2 disques, les remplir avec des trucs a
> sauvegarder (videos, partitions, etc) tout copié en double. Une fois
> qu'ils sont pleins, t'en achete 2 nouveaux pour continuer a
> sauvegarder tes nouvelles vidéos personnelles et tu les range un dans
> ton bureau a coté de ton ordi, l'autre dans un autre batiment, et t'y
> touche plus en espérant ne jamais avoir besoin de ces sauvegardes.

Je les mets quand même à jour de temps a autres, et il y a
effectivement des trucs en taille limitée que je sauvegarde plus
souvent. Mais l'idée est tout a fait ça dans mon cas, beaucoup de
volume mais peu de fréquence. C'est évident que pour de la sauvegarde au
fil de l'eau il faut penser tout autrement.

Et à propos de radioactivité naturelle, j'ai oui dire qu'il y aurait un
risque d'intense éruption solaire dans l'année qui vient. Ils ont
protégés les disques ou pas ? Quand le télégraphe marche tout seul sans
alimentation c'est pas trop grave vu la rusticité de l'appareil,
quand les américains se foutaient des Russes avec des «antiques» lampes
au lieu de transistor dans instruments des avions ils oubliaient que les
leurs n'auraient peut être probablement pas résisté à une déflagration
nucléaire, j'ai beaucoup de doute concernant l'électronique moderne et
pas mal d'infrastructures en général… Il y a une réflexion globale
dessus (hors militaires) où on est sur le principe «13e étage, jusqu'ici
tout va bien» ? 

Re: How to recover when monitor goes blank.

[Ram Ramesh]

Not to recover, but to perhaps prevent, via kernel cmdline, one can direct the
kernel which framebuffer mode to force-enable with video=, e.g.:

video=2560x1440@60e

https://www.kernel.org/doc/Documentation/fb/modedb.txt
--
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

  Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata


I think kernel thinks that no monitor is attached or KB is present. I 
want to remote login and tell it to look again and find them.
It appears like there is no magic incantation exists for that. I was 
hoping a write to /sys or /proc file will do the trick, but no such 
thing seem to exists.


Regards
Ramesh

About dash as sh

[Ilya Kazakevich]

Hello,

I've recently come across a bug in dash.

https://lore.kernel.org/dash/CAMQsgbSZnEac=ETYnR6a_ysnAysaHThwY03pnoDxC=p5fqt...@mail.gmail.com/T

This issue is known for 7 years:
https://groups.google.com/g/linux.debian.bugs.dist/c/c6kRE-fhyuM

Fix is 18 months old, but unfortunately not released yet. Hence, we
have this issue even in sid (as I understand).


As this bug doesn't exist in bash I started thinking: why does Debian
use dash at all (not like RH for example, which uses `bash` for `sh)?

It turned out that 27 years ago there were 2 arguments:
1) Speed: bash is much larger and slower, and boot time was affected.
2) Posix compatibility.

The former argument is probably not so important now since Debian uses
`systemd` (no more sh scripts) and, honestly, I can't imagine how bash
could be a bottleneck for anything in 2024 (if you have such
scenarios, please share).

The latter is also a little bit strange as aforenamed bug breaks POSIX
compatibility (yes, stable Debian has a bug that breaks POSIX).

Having two shells (one for scripting and other one for interactive)
might lead to some other inconsistencies (one code-base is usually
more consistent than two).

With all of that I am pretty sure there should be some reason why dash
is still `sh` in Debian, and I must be missing something.

So, what is the reason?

Thank you,

Ilya.

Re: NVIDIA drivers issue: Bug that keeps presenting on kernel 6.1.0-21

[Anssi Saari]

Daniel Rodriguez  writes:

> The solution of the post to this issue is to update the kernel from
> 6.1.0-13 -> 6.1.0.18; however, my kernel is a later version:
> 6.1.0-21-amd64, so I am stuck for solving this issue. Do you have any
> idea about what may be happening and/or how to solve it?

I wondered about this since I have no such issue. Then I remembered, you
need nvidia-driver from bookworm-updates.

$ uname -a
Linux rocket 6.1.0-21-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.90-1 (2024-05-03) 
x86_64 GNU/Linux
$ apt policy nvidia-driver
nvidia-driver:
  Installed: 525.147.05-7~deb12u1
  Candidate: 525.147.05-7~deb12u1
  Version table:
 *** 525.147.05-7~deb12u1 500
500 https://deb.debian.org/debian bookworm-updates/non-free amd64 
Packages
100 /var/lib/dpkg/status
 525.147.05-4~deb12u1 500
500 https://deb.debian.org/debian bookworm/non-free amd64 Packages

Re: Modifying Desktop Icons

[Brad Rogers]

On Thu, 20 Jun 2024 20:55:12 +0100
debian-u...@howorth.org.uk wrote:

Hello debian-u...@howorth.org.uk,

>or just try it! It works pefectly well with a single hyphen.

Now, yes.  However, at some point, that may no longer be the case.  When 
(perhaps) somebody notices that actually behaviour differs from
documented behaviour.  At which point, all the scripts stop working.

This is (one) reason why using undocumented features is a Bad Thing™.

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
Do you want to play?
Play With Me - Extreme


pgp1_yxqZmMy3.pgp
Description: OpenPGP digital signature

Re: Modifying Desktop Icons

[Greg Wooledge]

> > > Assuming that's not a typo, please try:
> > > 
> > > --private-window  
> > 
> > Yep. Asking firefox itself (firefox --help) confirms that the
> > option wants two dashes.
> 
> See https://wiki.mozilla.org/Firefox/CommandLineOptions#-private-window
> 
> or just try it! It works pefectly well with a single hyphen.

It seems to work either way, with firefox-esr 115.12.0esr-1~deb12u1 .
I tested with https://www.debian.org/>
and https://www.debian.org/>.

So... in that case, we don't know why the OP's thing isn't working.
Something something desktop blah blah.  Try to find a log file where
you can see what's wrong.  If it's not a DE, you might be able to
find logs in ~/.xsession-errors but with a Fancy Desktop Environment,
the logs could be *anywhere*.  Or nowhere.

Re: How to recover when monitor goes blank.

[Felix Miata]

Ram Ramesh composed on 2024-06-19 15:45 (UTC-0500):

>    I have my monitor, keyboard and mouse shared through a KVM switch. 
> One host is Linux Debian bookworm 12.5 and another is laptop running 
> Windows 11. When I leave KVM on the laptop side for extended period I 
> have issues switching back to Debian side. When I switch, the screen is 
> blank and KB does not respond as if Debian is running headless. I had to 
> remote login and reboot Debian side with KVM locked on this side to get 
> back the monitor/KB. This happens regardless of whether I am in Xorg or 
> VT.  I do not know how to force Debian/Linux to check for monitor/KB 
> again after extended period of disconnect when it has assumed it is 
> running headless. Any solutions?

Not to recover, but to perhaps prevent, via kernel cmdline, one can direct the
kernel which framebuffer mode to force-enable with video=, e.g.:

video=2560x1440@60e

https://www.kernel.org/doc/Documentation/fb/modedb.txt
-- 
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata

Re: Modifying Desktop Icons

[debian-user]

 wrote:
> On Tue, Jun 18, 2024 at 01:38:00AM +0100, Gareth Evans wrote:
> >   
> > > On 17 Jun 2024, at 20:45, Pranjal Singh
> > >  wrote:
> > > 
> > > 
> > > Hi,
> > > 
> > > I am trying to modify the Firefox desktop icon so that it opens
> > > an incognito window by default.
> > > 
> > > ...
> > > 
> > > - Exec=firefox %u
> > > + Exec=firefox -private-window %u
> > >   
> > 
> > Assuming that's not a typo, please try:
> > 
> > --private-window  
> 
> Yep. Asking firefox itself (firefox --help) confirms that the
> option wants two dashes.

See https://wiki.mozilla.org/Firefox/CommandLineOptions#-private-window

or just try it! It works pefectly well with a single hyphen.

Re: Modifying Desktop Icons

[debian-user]

Greg Wooledge  wrote:
> On Thu, Jun 20, 2024 at 22:56:33 +0530, Pranjal Singh wrote:
> > It runs regular Firefox after adding the -private-window flag.
> > 
> > To get a MWE, I made these changes later:
> > - Exec=firefox -private-window %u
> > - StartupWMClass=firefox
> > +Exec=gnome-calculator  
> 
> Did you see Gareth's reply at
> ?
> 
> It's supposed to be --private-window with two leading hyphens, not
> one, he said.

He was wrong according to Mozilla's documentation.

Re: How to recover when monitor goes blank.

[Ram Ramesh]

My Debian machines have Xfce. I configure Applications Menu -> 
Settings-> Power Manager -> Display -> Display power management -> Off.

David


This is not a dpms issue. This is the OS thinking that it is not 
attached to a monitor/KB.  I can remote login and remove dpms any time. 
Besides this happens in a VT also where there is no xfce. I just do not 
know how to tell Linux/OS that a monitor and kb is attached and it 
should look for enabling the respective drivers. I thought xrandr is the 
way to go, but that is only when Xorg is running and not when we are at 
a VT login prompt.


Regards
Ramesh

Re: Modifying Desktop Icons

[tomas]

On Thu, Jun 20, 2024 at 02:10:38PM -0400, Jeffrey Walton wrote:
> On Tue, Jun 18, 2024 at 12:23 AM Gareth Evans  wrote:
> >
> > On 17 Jun 2024, at 20:45, Pranjal Singh  wrote:
> >
> > I am trying to modify the Firefox desktop icon so that it opens
> > an incognito window by default.
> > ...
> >
> > - Exec=firefox %u
> > + Exec=firefox -private-window %u
> >
> > Assuming that's not a typo, please try:
> >
> > --private-window
> >
> > (NB two hyphens at the beginning)
> >
> > This works for me on Mate.
> 
> According to Mozilla documentation at
> , it is one
> hyphen, not two.

And according to "firefox --help" it's two, not one. Never trust the
internet, I s'ppose :-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Modifying Desktop Icons

[tomas]

On Tue, Jun 18, 2024 at 01:38:00AM +0100, Gareth Evans wrote:
> 
> > On 17 Jun 2024, at 20:45, Pranjal Singh  wrote:
> > 
> > 
> > Hi,
> > 
> > I am trying to modify the Firefox desktop icon so that it opens
> > an incognito window by default.
> > 
> > ...
> > 
> > - Exec=firefox %u
> > + Exec=firefox -private-window %u
> > 
> 
> Assuming that's not a typo, please try:
> 
> --private-window

Yep. Asking firefox itself (firefox --help) confirms that the
option wants two dashes.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: suggestion of upgrade to 12

[Andrew M.A. Cater]

On Thu, Jun 20, 2024 at 11:09:35AM +0800, Jeff Peng wrote:
> Hello,
> 
> I am running a small mailserver with debian 11 for many years. It's quite
> solid.
> Though I have read this article:
> https://www.cherryservers.com/blog/debian-12-bookworm-release
> do you think there is any need for me to upgrade from 11 to 12?
> just for the newer software like postfix, dovecot?
> 
> Thanks.
>

The last upload for Debian 11 as a point release is scheduled for the end of 
June: it then goes to LTS.

I _definitely_ suggest reading the reading notes and updating to Bookworm.

All the very best,

Andy 

Re: Modifying Desktop Icons

[Jeffrey Walton]

On Tue, Jun 18, 2024 at 12:23 AM Gareth Evans  wrote:
>
> On 17 Jun 2024, at 20:45, Pranjal Singh  wrote:
>
> I am trying to modify the Firefox desktop icon so that it opens
> an incognito window by default.
> ...
>
> - Exec=firefox %u
> + Exec=firefox -private-window %u
>
> Assuming that's not a typo, please try:
>
> --private-window
>
> (NB two hyphens at the beginning)
>
> This works for me on Mate.

According to Mozilla documentation at
, it is one
hyphen, not two.

Jeff

Re: Modifying Desktop Icons

[Greg Wooledge]

On Thu, Jun 20, 2024 at 22:56:33 +0530, Pranjal Singh wrote:
> It runs regular Firefox after adding the -private-window flag.
> 
> To get a MWE, I made these changes later:
> - Exec=firefox -private-window %u
> - StartupWMClass=firefox
> +Exec=gnome-calculator

Did you see Gareth's reply at
?

It's supposed to be --private-window with two leading hyphens, not one,
he said.

Re: Modifying Desktop Icons

[Pranjal Singh]

Hi Eben,

Sorry for the late reply.
I realise I could've added more details.

On 18/06/24 01:31, e...@gmx.us wrote:

On 6/17/24 15:29, Pranjal Singh wrote:

Hi,

I am trying to modify the Firefox desktop icon so that it opens
an incognito window by default.


...


What I've done is changing /usr/share/applications/firefox.desktop:

- Exec=firefox %u
+ Exec=firefox -private-window %u

I also created a desktop file in ~/.local/share/applications, but
that too didn't work.


How didn't it work?  Did it run regular Firefox, or not run at all?


It runs regular Firefox after adding the -private-window flag.

To get a MWE, I made these changes later:
- Exec=firefox -private-window %u
- StartupWMClass=firefox
+Exec=gnome-calculator

This too doesn't change anything.
Meanwhile, I also found some seemingly unhelpful documentation at
https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s07.html 
(Exec key - says what I expected)
https://specifications.freedesktop.org/desktop-entry-spec/latest/index.html 
(The entire specification)


Any ideas, anyone?

Grateful,
Pranjal

Re: suggestion of upgrade to 12

[Jeffrey Walton]

On Thu, Jun 20, 2024 at 10:08 AM Richard  wrote:
>
> The question with Linux isn't if there's a need to update to the latest 
> version (of the distro) like on Windows, but rather what's keeping you from 
> updating? If there's no urgent reason to stick to 11, update. 11 is now 
> oldstable and will become oldoldstable mid next year. Thus, it currently 
> becomes fewer updates - no idea how the situation is with security updates 
> compared to stable. 10 reaches end of life in about a month or so. So that's 
> the timetable you'll need to keep in mind. Of course, right now there isn't 
> anything forcing you to update, you merely need to update within the next two 
> years to keep getting updates. But chances are very low with more 
> conservative distros like Debian that upgrading will have more drawbacks than 
> benefits. Of course it can always be a smart choice to wait for the first one 
> or two dot releases, as they will fix issues previously unnoticed or where 
> the fix wasn't ready on time. But that's all.

One additional data point to consider... there are folks who have
exploits written for vulnerabilities that the community does not know
about.

Generally speaking, the older the software, the more exploits are
available. Developers generally don't work on old versions of their
software. Instead, they fix some things, release a new version and
move on. The only chance to fix the vulnerability is move to a newer
version of the software by building it yourself or using the latest
distro release.

Folks who deal in vulnerabilities and exploits adore the old software
because nothing gets fixed, so their exploits continue to work on old
versions of software. As Greg Kroah-Hartman noted: [1]

We have a very bad history of keeping bugs alive for a long time.
Somebody did a check of it, most known bugs live for five years in
systems. These are things that people know and know how to exploit.
They’re not closed. That’s a problem in our infrastructure...

CVE tracking is not the answer because that assumes every exploitable
bug is tagged with a CVE. There are lots of bugs out there that are
not tracked with a CVE, yet are exploitable. See, for example, the
TTY1 layer bug discussed in [1]. It took over 3 years to figure out it
was exploitable and for the patches to be backported.

(I have first hand knowledge of how one firm operates. The firm sells
their exploits to Northrop Grumman Electronic Warfare Division.)

[1] 
https://thenewstack.io/design-system-can-update-greg-kroah-hartman-linux-security/

Jeff

> Am Do., 20. Juni 2024 um 09:58 Uhr schrieb Jeff Peng :
>>
>> I am running a small mailserver with debian 11 for many years. It's
>> quite solid.
>> Though I have read this article:
>> https://www.cherryservers.com/blog/debian-12-bookworm-release
>> do you think there is any need for me to upgrade from 11 to 12?
>> just for the newer software like postfix, dovecot?
>>
>> Thanks.

Re: UEFI secure boot issue

[Jeffrey Walton]

On Thu, Jun 20, 2024 at 9:23 AM Bhasker C V  wrote:
>
> I generated a pr/pk pair and the kernel is signed. Placed them in the
> kernel tree and compiled the kernel.

I don't think you are supposed to check-in/compile-in the private key.
It is usually supposed to stay private.

> Could someone tell me what am I doing wrong please ?
>
> Below is the status (I am using loader.efi from linuxfoundation)
> When i boot debian stock kernel signed, i see that the secure boot
> gets enabled (hence bios and everything else seems to be fine with the
> same UEFI loader).
> However, when I boot the compiled kernel I get
>
> $ dmesg | grep -i secure
> [0.007085] Secure boot could not be determined
>
>
> $ sbverify --list bootx64.efi
> warning: data remaining[91472 vs 101160]: gaps between PE/COFF sections?
> signature 1
> image signature issuers:
>  - /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft
> Corporation UEFI CA 2011
> image signature certificates:
>  - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
> Corporation/OU=MOPR/CN=Microsoft Windows UEFI Driver Publisher
>issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
> Corporation/CN=Microsoft Corporation UEFI CA 2011
>  - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
> Corporation/CN=Microsoft Corporation UEFI CA 2011
>issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
> Corporation/CN=Microsoft Corporation Third Party Marketplace Root
> $ sbverify  --list ./loader.efi
> signature 1
> image signature issuers:
>  - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> image signature certificates:
>  - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
>issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> $ sbverify  --list ../../linux/k.bcv
> signature 1
> image signature issuers:
>  - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
> image signature certificates:
>  - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
>issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv


Have a look at , and the use of
the Machine Owner Key (MOK).

Jeff

Re: testing, various tmpfs /run directories, df -x tmpfs

[songbird]

David Wright wrote:
> On Tue 18 Jun 2024 at 19:29:31 (-0400), songbird wrote:
>
>> "df -x tmpfs" does the magic and gives me the better view that is
>> more useful.
>
> FWIW I define dfree as:
>
>   df --output=source,ipcent,fstype,size,used,avail,pcent,target -B 100 -x 
> tmpfs -x devtmpfs -x fuse.portal | sed -E 's/([^ ] )/\1 /g'

  :)


> which produces a listing like:
>
>   $ dfree
>   Filesystem  IUse%  Type  1MB-blocksUsed   Avail  Use%  Mounted  on
>   /dev/nvme0n1p223%  ext4   30783   17131   12063   59%  /
>   /dev/nvme0n1p3 3%  ext4   307831922   272727%  /apex-partial
>   /dev/nvme0n1p1  -  vfat 523  21 5025%  /boot/efi
>   /dev/dm-0  2%  ext4  390073  186974  183209   51%  /home
>   $ 
>
> For filesystems, I find a uniform MB works better than "human-readable" sizes.

  i also find the same units better for my pea brain...  :)


  songbird

Re: MoinMoin wikis and Debian 11+

[Eduardo M KALINOWSKI]

On 20/06/2024 08:21, Greg Wooledge wrote:

As we're nearing the end of life for Debian 10, I'm still wondering
what MoinMoin wiki users are supposed to do.  (This includes
 as near as I can see from SystemInfo.)

MoinMoin 1.x requires Python2, and Debian 11 and newer don't have
Python2 any more.  They only have Python3.

Should we install Python 2.x from upstream, build it in /usr/local,
figure out all of the modules that are required for MoinMoin, build
those as well, and then symlink /usr/bin/python to our local Python2?

Or is there some path forward from MoinMoin 1.x to 2.x?  (Is MoinMoin 2.x
even a functional product?)

Or should we burn the entire site down, migrate to some other wiki
engine (please gods don't let it need PHP), and start all over?

Or should we just keep running Debian 10 past end of life?


You could run a Docker container with a Debian 10-based system with only 
what you need for MoinMoin 1.x. At least it is more isolated than 
installing Python 2.x directly in the system.


But it only postpones the problem (an so do other solutions). Eventually 
you'll need to upgrade to a newer version of MoinMoin or switch to a 
similar product. I am not familiar with the options, but perhaps another 
product can import your data.


--
BOFH excuse #129:

The ring needs another token

Eduardo M KALINOWSKI
edua...@kalinowski.com.br

Re: MoinMoin wikis and Debian 11+

[Dan Ritter]

Greg Wooledge wrote: 
> As we're nearing the end of life for Debian 10, I'm still wondering
> what MoinMoin wiki users are supposed to do.  (This includes
>  as near as I can see from SystemInfo.)

...

> Or should we burn the entire site down, migrate to some other wiki
> engine (please gods don't let it need PHP), and start all over?


https://gitlab.com/anarcat/moin2iki/ converts moinmoin to
ikiwiki. ikiwiki ( https://ikiwiki.info/ ) is written
in Perl, not PHP, and is packaged in Debian 12. 

-dsr-

Re: Having ten thousands of mount bind causes various processes to go into loops

[Richard]

PS: if you maintain your own software and aren't able to find a way for
your user to do shares - especially while systems that most likely have
such functionality built-in out of the box surely exist, think Nextcloud
etc - that is covered by how Linux is supposed to be used, by definition
it's pretty much out of support. Especially if you keep insisting on using
a way that was never officially supported, just because you got away with
it for 15 years.

Am Do., 20. Juni 2024 um 00:06 Uhr schrieb Julien Petit :

> We're the maintainers of our software so it's not out of support :)
> I'm here because we'd like to save a few trees reducing that cpu usage
> down :D
> Thanks again for your time!
>

Re: Having ten thousands of mount bind causes various processes to go into loops

[Richard]

Software is only tested to a certain degree. So mounts are tested to a
sensible number, if you move outside it, you have to bet on luck if it's
supported or not. At this point, I kinda doubt this issue has anything to
do with Debian itself, but will most likely be an issue/limitation of the
Linux Kernel itself. So the biggest chance to get this fixed is compile the
Kernel yourself ([1] is a great guide to do so with little to no effort,
enabling and disabling all the same features Debian uses minus any
potential additional patches. If it still occurs, you know it can't be a
Debian problem. Try with both the sources of the Kernel version you use and
the latest stable sources - 6.9.5 as of writing this. One thing though:
replace make deb-pkg from the guide with make bindeb-pkg, and with -j# set
a sensible number of concurrent jobs). If the issue still appears, head
over to [2], see if someone else has reported a similar issue and if not,
create a new bug report. This may be the only place to have the chance of
getting a fix to ever be done, beyond hiring a service firm like Collabora
etc and pay them for this specific thing.

Richard

[1]:
https://www.debian.org/doc//manuals/debian-handbook/sect.kernel-compilation.html
[2]: https://bugzilla.kernel.org/

Am Do., 20. Juni 2024 um 00:06 Uhr schrieb Julien Petit :

> You're thinking of a traditional file server in a business. Our
> solution is a cloud platform. We don't know ahead how our customers
> are going to manage their files and shares. And we don't need to.
> As i said to Eduardo, it doesn't really matter where folders/mounts
> are. Users can share any directory (and subdirectories) in their home
> directory with any other user. The shared folder is mounted in the
> special directory "Shared with me" of the recipient home directory.
> I.e: John/Sales/Invoices is mounted in Alice/Shared with me/Invoices.
> The shares can be read/write or read-only.
>

MoinMoin wikis and Debian 11+

[Greg Wooledge]

As we're nearing the end of life for Debian 10, I'm still wondering
what MoinMoin wiki users are supposed to do.  (This includes
 as near as I can see from SystemInfo.)

MoinMoin 1.x requires Python2, and Debian 11 and newer don't have
Python2 any more.  They only have Python3.

Should we install Python 2.x from upstream, build it in /usr/local,
figure out all of the modules that are required for MoinMoin, build
those as well, and then symlink /usr/bin/python to our local Python2?

Or is there some path forward from MoinMoin 1.x to 2.x?  (Is MoinMoin 2.x
even a functional product?)

Or should we burn the entire site down, migrate to some other wiki
engine (please gods don't let it need PHP), and start all over?

Or should we just keep running Debian 10 past end of life?

Re: Maximum size .bash_aliases file

[The Wanderer]

On 2024-06-20 at 07:10, Greg Wooledge wrote:

> On Thu, Jun 20, 2024 at 21:00:38 +1000, Keith Bainbridge wrote:
>
>> https://manpages.debian.org/bookworm/manpages-dev/strftime.3.en.html
>> 
>> is a list of place names for MANY parts of a date layout. I have set up the
>> following code in my text substitution app:
>> "%a %d%b%Y at %H:%M:%S =UTC %Z"
>> 
>> Triggering that give me
>> Thu 20Jun2024 at 20:51:19 =UTC +10:00
>> 
>> Seems to me that if the code writers of our various MUA would add the +UTC
>> to the line that prints the various dates, we'd understand what they mean
>> better.
> 
> Honestly, I have no idea what the =UTC part of your output is intended
> to mean, since you've got +10:00 (time zone offset specification in hours
> ahead of UTC) overriding it.

I parsed it as meaning "[date and time] is equal to UTC plus ten hours",
or in other words, "the time specified is in the UTC+10 time-zone".
Similarly to how I often seen Eastern Standard Time referenced as UTC-4
(that is, UTC minus four hours).

> Normally, you put either the string UTC to indicate that this date/time
> string is in UTC, or a time zone offset indicator that begins with + or -.
> Not both.

It may be notable that he didn't put a +- offset indicator; he put a
format specifier which *expands to* whichever such indicator would
correspond to the active time zone.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: Maximum size .bash_aliases file

[Greg Wooledge]

On Thu, Jun 20, 2024 at 21:00:38 +1000, Keith Bainbridge wrote:
> https://manpages.debian.org/bookworm/manpages-dev/strftime.3.en.html
> 
> is a list of place names for MANY parts of a date layout. I have set up the
> following code in my text substitution app:
> "%a %d%b%Y at %H:%M:%S =UTC %Z"
> 
> Triggering that give me
> Thu 20Jun2024 at 20:51:19 =UTC +10:00
> 
> Seems to me that if the code writers of our various MUA would add the +UTC
> to the line that prints the various dates, we'd understand what they mean
> better.

Honestly, I have no idea what the =UTC part of your output is intended
to mean, since you've got +10:00 (time zone offset specification in hours
ahead of UTC) overriding it.

Normally, you put either the string UTC to indicate that this date/time
string is in UTC, or a time zone offset indicator that begins with + or -.
Not both.

Re: suggestion of upgrade to 12

[Jeff Peng]

that's nice to know. thanks for all your help.


about dovecot:
if you have dovecot installed from the dovecot repository, then be 
aware that dovecot does not (yet) provide a version for bookworm.
if you have dovecot installed from the debian repository, then you 
should be fine.


about debian:
read
- 
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-upgrading.en.html
- 
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html

twice! especially chapter 4.5 and 5.

greetings...

Re: Maximum size .bash_aliases file

[Keith Bainbridge]

On 17/6/24 18:26, Keith Bainbridge wrote:


It was late afternoon on 16Jun2024 that I wrote this. Possibly 18:13:36 
when I pressed send. I'd reckon it would likely have been 08:13:36 UTC 
  What's wrong with my system clock. I've not really looked at the time 
on my originals before.  I'll try to remember to enter my local time as 
I press send



Evening folk - not good it seems. I can't find the separate thread that 
some wise person kindly started for this topic.Mm


Thanks for those responses. When I find the thread again, I'll read ALL 
the responses and respond better, if this doesn't reply to your general 
suggestion.


I reskon that they seem to indicate that the date/time in my original 
question are fine. the difficulty is more related to how we humans are 
interpreting the information we are reading.


https://manpages.debian.org/bookworm/manpages-dev/strftime.3.en.html

is a list of place names for MANY parts of a date layout. I have set up 
the following code in my text substitution app:

"%a %d%b%Y at %H:%M:%S =UTC %Z"

Triggering that give me
Thu 20Jun2024 at 20:51:19 =UTC +10:00

Seems to me that if the code writers of our various MUA would add the 
+UTC to the line that prints the various dates, we'd understand what 
they mean better.


Meantime, we have to accept what we have.

Thanks again.
--
All the best

Keith Bainbridge

keithr...@gmail.com
keith.bainbridge.3...@gmail.com
+61 (0)447 667 468

UTC + 10:00

Re: suggestion of upgrade to 12

[Richard]

The question with Linux isn't if there's a need to update to the
latest version (of the distro) like on Windows, but rather what's keeping
you from updating? If there's no urgent reason to stick to 11, update. 11
is now oldstable and will become oldoldstable mid next year. Thus, it
currently becomes fewer updates - no idea how the situation is with
security updates compared to stable. 10 reaches end of life in about a
month or so. So that's the timetable you'll need to keep in mind.
Of course, right now there isn't anything forcing you to update, you merely
need to update within the next two years to keep getting updates. But
chances are very low with more conservative distros like Debian that
upgrading will have more drawbacks than benefits. Of course it can always
be a smart choice to wait for the first one or two dot releases, as they
will fix issues previously unnoticed or where the fix wasn't ready on time.
But that's all.

Am Do., 20. Juni 2024 um 09:58 Uhr schrieb Jeff Peng :

> Hello,
>
> I am running a small mailserver with debian 11 for many years. It's
> quite solid.
> Though I have read this article:
> https://www.cherryservers.com/blog/debian-12-bookworm-release
> do you think there is any need for me to upgrade from 11 to 12?
> just for the newer software like postfix, dovecot?
>
> Thanks.
>
>

UEFI secure boot issue

[Bhasker C V]

Hi,

I generated a pr/pk pair and the kernel is signed. Placed them in the
kernel tree and compiled the kernel.


Could someone tell me what am I doing wrong please ?

Below is the status (I am using loader.efi from linuxfoundation)
When i boot debian stock kernel signed, i see that the secure boot
gets enabled (hence bios and everything else seems to be fine with the
same UEFI loader).
However, when I boot the compiled kernel I get

$ dmesg | grep -i secure
[0.007085] Secure boot could not be determined


$ sbverify --list bootx64.efi
warning: data remaining[91472 vs 101160]: gaps between PE/COFF sections?
signature 1
image signature issuers:
 - /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft
Corporation UEFI CA 2011
image signature certificates:
 - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
Corporation/OU=MOPR/CN=Microsoft Windows UEFI Driver Publisher
   issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
Corporation/CN=Microsoft Corporation UEFI CA 2011
 - subject: /C=US/ST=Washington/L=Redmond/O=Microsoft
Corporation/CN=Microsoft Corporation UEFI CA 2011
   issuer:  /C=US/ST=Washington/L=Redmond/O=Microsoft
Corporation/CN=Microsoft Corporation Third Party Marketplace Root
$ sbverify  --list ./loader.efi
signature 1
image signature issuers:
 - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
image signature certificates:
 - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
   issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
$ sbverify  --list ../../linux/k.bcv
signature 1
image signature issuers:
 - /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
image signature certificates:
 - subject: /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv
   issuer:  /C=GB/ST=England/L=London/O=BHASKER/CN=bcvm.bcvm.bcv

Re: can't connect to eduroam due to SSL3 unsupported protocol

[Marco Moock]

Am 20.06.2024 um 11:05:10 Uhr schrieb Vincent Lefevre:

> I've got a confirmation that their Radius servers still use SSL3,
> and they said that they could not upgrade them.

Then they have very, very outdated stuff. Talk to the security
department at your site, maybe they make them hurry up.

Re: can't connect to eduroam due to SSL3 unsupported protocol

[Vincent Lefevre]

On 2024-06-17 15:08:54 -0400, Dan Ritter wrote:
> Vincent Lefevre wrote: 
> > On 2024-06-17 08:26:39 -0400, Dan Ritter wrote:
> > > On stable:
> > > $ openssl list -disabled
> > > Disabled algorithms:
> > > IDEA
> > > MD2
> > > MDC2
> > > RC5
> > > SCTP
> > > SSL3
> > > ZLIB
> > > 
> > > So, SSL3 support was removed at least that long ago. I think it
> > > was actually dropped around 2016.
> > 
> > That's strange because when I installed the machine in October,
> > there were no issues.
> 
> Perhaps the change is not in your system but in theirs?

I've got a confirmation that their Radius servers still use SSL3,
and they said that they could not upgrade them.

But perhaps the authentication is done differently when I connect
locally (still using eduroam)?

I could try again locally if need be.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: suggestion of upgrade to 12

[Michael]

On Thursday, June 20, 2024 5:09:35 AM CEST, Jeff Peng wrote:
I am running a small mailserver with debian 11 for many years. 
It's quite solid.

Though I have read this article:
https://www.cherryservers.com/blog/debian-12-bookworm-release
do you think there is any need for me to upgrade from 11 to 12?
just for the newer software like postfix, dovecot?


about dovecot:
if you have dovecot installed from the dovecot repository, then be aware 
that dovecot does not (yet) provide a version for bookworm.
if you have dovecot installed from the debian repository, then you should 
be fine.


about debian:
read
- 
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-upgrading.en.html
- 
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html

twice! especially chapter 4.5 and 5.

greetings...

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[tomas]

On Thu, Jun 20, 2024 at 01:22:31AM -0400, Jeffrey Walton wrote:
> On Thu, Jun 20, 2024 at 12:52 AM  wrote:

[...]

> > Please, keep those three at a safe distance
> 
> I'm not sure how you can disgorge them given they contribute to a
> human readable time.

I wasn't arguing to disgorge anything -- actually I tend towards
non-violence most of the time :)

Perhaps I should have added "... from each other" to my phrase
above to make that clearer.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Jeffrey Walton]

On Thu, Jun 20, 2024 at 12:52 AM  wrote:
>
> On Wed, Jun 19, 2024 at 01:01:44PM -0400, Jeffrey Walton wrote:
> > On Wed, Jun 19, 2024 at 7:09 AM Greg Wooledge  wrote:
>
> [...]
>
> > > I strongly disagree.  The system clock is kept on "epoch time", which
> > > is the number of seconds since midnight, January 1, 1970 UTC.
> > >
> > > The system clock doesn't have a time zone of its own.  It just gets
> > > converted to a time and date within any given time zone on demand.
> >
> > ++.
> >
> > The sharp edge is how the RTC clock is set - UTC or localtime. Also
> > see .
>
> Please don't mix those three things, that makes them just more confusing.
>
> The original topic was the system's time zone. This hasn't anything
> to do with the RTC clock, and only peripherally with "the system's
> time zone" (of which some, me included, say "there's no such thing",
> and others disagree :)
>
> You have
>
>  - the RTC clock. This is *only* looked at at boot time, to init
>the system clock (and when you, as an admin, do "hwclock").
>During those operations, it's important to know which timezone
>the RTC is in, since this one /is/ in "human format. It was
>intended to be read and set by humans, like your kitchen clock,
>back then.
>
>  - the system clock: it boringly counts seconds. Since Epoch.
>Since it has't hours or minutes, let alone weeks or months,
>time zones don't even make sense to it. Sometimes it does
>a leap second, but experts are torn on whether this was a
>good idea at all. Have a look at [1] for an entrance to yet
>another deep time rabbit hole.
>
>  - timezones and stuff: those happen whenever you want to convert
>the system clock to hours, minutes, days, and other human
>related stuff and back.
>
> (if you have good net connectivity, reading the RTC at boot can
> be shunned completely, you don't need it anymore).

Don't forget boottime and the delta between boottime and the monotonic
clock. You'll need them to explain this:

$ TZ=America/New_York dmesg -T | head -1
[Wed Jun 19 01:50:14 2024] Linux version 6.9.4-200.fc40.x86_64 (mockbuild@d372fa
1a67e347178b7bd422ead09b96) (gcc (GCC) 14.1.1 20240607 (Red Hat 14.1.1-5), GNU l
d version 2.41-37.fc40) #1 SMP PREEMPT_DYNAMIC Wed Jun 12 13:33:34 UTC 2024

$ TZ=America/California dmesg -T | head -1
[Wed Jun 19 05:50:14 2024] Linux version 6.9.4-200.fc40.x86_64 (mockbuild@d372fa
1a67e347178b7bd422ead09b96) (gcc (GCC) 14.1.1 20240607 (Red Hat 14.1.1-5), GNU l
d version 2.41-37.fc40) #1 SMP PREEMPT_DYNAMIC Wed Jun 12 13:33:34 UTC 2024

> Please, keep those three at a safe distance

I'm not sure how you can disgorge them given they contribute to a
human readable time.

Jeff

Re: How to recover when monitor goes blank.

[David Christensen]

On 6/19/24 13:45, Ram Ramesh wrote:

Hi,

   I have my monitor, keyboard and mouse shared through a KVM switch. 
One host is Linux Debian bookworm 12.5 and another is laptop running 
Windows 11. When I leave KVM on the laptop side for extended period I 
have issues switching back to Debian side. When I switch, the screen is 
blank and KB does not respond as if Debian is running headless. I had to 
remote login and reboot Debian side with KVM locked on this side to get 
back the monitor/KB. This happens regardless of whether I am in Xorg or 
VT.  I do not know how to force Debian/Linux to check for monitor/KB 
again after extended period of disconnect when it has assumed it is 
running headless. Any solutions?


Regards
Ramesh



My Debian machines have Xfce.  I configure Applications Menu -> Settings 
-> Power Manager -> Display -> Display power management -> Off.



David

Re: mounting external hard drive from rescue mode shell?

[David Christensen]

On 6/19/24 12:23, Heriberto Avelino wrote:

On Wed, Jun 19, 2024 at 9:04 AM Heriberto Avelino wrote:

Is it possible to mount an external hard drive while running Debian in
rescue mode?
Furthermore, the ultimate question is how could I copy folders from the
computer's hard drive to the external one while in rescue mode?



> Thanks Eben and David!
> I am now on a shell (BusyBox v.35.0 Debian 1:1.35.0-4+b3)
> I don't see the mounting points to execute cp.
> There is nothing under media nor root; under usr I can see only: bin
> lib local sbin share.
> Where are the internal h-drive and the external?
> I would very much appreciate your further help.
> Who could have envisioned a community like this back in the 80's? This
> is great!
> Heriberto


We are glad to help.  :-)


On Debian GNU/Linux, SATA drives (internal and external) should have 
special files (device nodes) under /dev.  You can use the ls(1) command 
and a glob pattern to find them:


~ # ls /dev/sd?

/dev/sda


You can use the fdisk(8) command to list the partitions on a drive.  For 
example, here is the drive containing Debian in the computer I am using now:


~ # fdisk -l /dev/sda
Disk /dev/sda: 55.9 GiB, 60022480896 bytes, 117231408 sectors
Disk model: INTEL SSDSC2CW06
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x544032f5

Device BootStart   End  Sectors  Size Id Type
/dev/sda1  *2048   1953791  1951744  953M 83 Linux
/dev/sda21953792   3907583  1953792  954M 83 Linux
/dev/sda33907584  29298687 25391104 12.1G 83 Linux
/dev/sda4   29298688 117229567 87930880 41.9G 83 Linux


Partitions can contain one of several things.  One possibility is a file 
system.  I keep detailed records on all of my OS's and drives, so I know 
what is what.  Figuring out the contents of an unknown drive using the 
Debian rescue shell is possible, but requires more knowledge and effort. 
 Using a live Linux distribution instead of the Debian rescue shell can 
make such tasks easier.  I install Debian onto a SATA SSD via a USB-SATA 
adapter cable for this purpose.



Once you have identified the device node of a partition that contains 
the file system that you want to read and/or write, you must mount the 
file system.  The first step is to create a mount point with mkdir(1):


~ # mkdir /scratch


The second step is to mount the file system with mount(8):

~ # mount /dev/sda4 /scratch


Repeat the above process to mount any additional file systems that you 
want to read and/or write.



One the file system(s) are mounted, you can read and/or write files 
and/or directories.  For example, you can use cp(1) to copy files from 
an internal drive to an external drive.



"Learning the Unix Operating System" is a good book for learning how to 
use Unix/ Linux from the command line:


https://www.oreilly.com/library/view/learning-the-unix/0596002610/


"UNIX and Linux System Administration Handbook" is a good book for 
learning how to administer Unix/ Linux from the command line:


https://www.oreilly.com/library/view/unix-and-linux/9780134278308/


"Design of the UNIX Operating System" is a good book for understanding 
how Unix worked around the time Linux Torvalds wrote Linux:


https://www.pearson.com/en-us/subject-catalog/p/design-of-the-unix-operating-system/P20009243/9780132017992

https://en.wikipedia.org/wiki/Linus_Torvalds


David

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[tomas]

On Wed, Jun 19, 2024 at 01:01:44PM -0400, Jeffrey Walton wrote:
> On Wed, Jun 19, 2024 at 7:09 AM Greg Wooledge  wrote:

[...]

> > I strongly disagree.  The system clock is kept on "epoch time", which
> > is the number of seconds since midnight, January 1, 1970 UTC.
> >
> > The system clock doesn't have a time zone of its own.  It just gets
> > converted to a time and date within any given time zone on demand.
> 
> ++.
> 
> The sharp edge is how the RTC clock is set - UTC or localtime. Also
> see .

Please don't mix those three things, that makes them just more confusing.

The original topic was the system's time zone. This hasn't anything
to do with the RTC clock, and only peripherally with "the system's
time zone" (of which some, me included, say "there's no such thing",
and others disagree :)

You have

 - the RTC clock. This is *only* looked at at boot time, to init
   the system clock (and when you, as an admin, do "hwclock").
   During those operations, it's important to know which timezone
   the RTC is in, since this one /is/ in "human format. It was
   intended to be read and set by humans, like your kitchen clock,
   back then.

 - the system clock: it boringly counts seconds. Since Epoch.
   Since it has't hours or minutes, let alone weeks or months,
   time zones don't even make sense to it. Sometimes it does
   a leap second, but experts are torn on whether this was a
   good idea at all. Have a look at [1] for an entrance to yet
   another deep time rabbit hole.

 - timezones and stuff: those happen whenever you want to convert
   the system clock to hours, minutes, days, and other human
   related stuff and back.

(if you have good net connectivity, reading the RTC at boot can
be shunned completely, you don't need it anymore).

Please, keep those three at a safe distance.

Cheers

[1] https://en.wikipedia.org/wiki/International_Atomic_Time
-- 
tomás


signature.asc
Description: PGP signature

Re: mounting external hard drive from rescue mode shell?

[tomas]

On Wed, Jun 19, 2024 at 01:23:01PM -0600, Heriberto Avelino wrote:
> Thanks Eben and David!
> I am now on a shell (BusyBox v.35.0 Debian 1:1.35.0-4+b3)
> I don't see the mounting points to execute cp.

As far as I know, you have dmesg in the rescue shell. So the way to
go would be:

- insert your external disc
- wait a second or two for things to settle
- issue "dmesg | tail"
- you'll see your kernel recognising external media and trying
  to make sense of it. Here's an example:

==
tomas@caliban:~$ sudo dmesg | tail
[ 1124.990155] scsi host2: usb-storage 2-6:1.0
[ 1126.811573] scsi 2:0:0:0: Direct-Access  USB DISK PMAP 
PQ: 0 ANSI: 6
[ 1126.812188] sd 2:0:0:0: Attached scsi generic sg1 type 0
[ 1126.814169] sd 2:0:0:0: [sdb] 30310400 512-byte logical blocks: (15.5 
GB/14.5 GiB)
[ 1126.814602] sd 2:0:0:0: [sdb] Write Protect is off
[ 1126.814613] sd 2:0:0:0: [sdb] Mode Sense: 23 00 00 00
[ 1126.814788] sd 2:0:0:0: [sdb] No Caching mode page found
[ 1126.814796] sd 2:0:0:0: [sdb] Assuming drive cache: write through
[ 1126.820398]  sdb: sdb1
[ 1126.820515] sd 2:0:0:0: [sdb] Attached SCSI removable disk
==

This was me inserting a DOS partitioned stick with one primary partition
(sdb1). Therefore, the block device will appear as /dev/sdb1.

Your mileage will almost certainly vary.

Now you can, e.g. say

mount /dev/sdb1 /mnt

The kernel will try to auto-detect which file system is on your partition.
You can, of course, choose another mount point than /mnt -- it has just
to be some directory. Its contents, if any, will be shadowed by your new
file system and won't be accessible as long as the mount is in effect.

From here on you can use mv, cp, whatever. Whenever copying lots of stuff
recursively, the option "-a" to cp comes in handy.

> There is nothing under media nor root; under usr I can see only: bin lib
> local sbin share.

Your rescue system is very bare-bones: it won't do automounting for you,
etc. I think that makes sense.

> Where are the internal h-drive and the external?
> I would very much appreciate your further help.

I hope the above description gets you started. In case of doubt, just
ask :)

> Who could have envisioned a community like this back in the 80's? This is
> great!

It is, yes. I'm very thankful for that.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: suggestion of upgrade to 12

[Greg Wooledge]

On Thu, Jun 20, 2024 at 11:09:35 +0800, Jeff Peng wrote:
> I am running a small mailserver with debian 11 for many years. It's quite
> solid.
> Though I have read this article:
> https://www.cherryservers.com/blog/debian-12-bookworm-release
> do you think there is any need for me to upgrade from 11 to 12?
> just for the newer software like postfix, dovecot?

If you have to ask this question, then you are obviously not in need
of newer versions/features.  (If you were, then you would have a specific
goal in mind, like "I want to upgrade to postfix version X.Y.Z because
it has Feature Q.")

This means you get to perform the standard balancing act that most
system administrators have to deal with: the desire to *not touch it*
because it's not broken, versus the need to upgrade it because that's
the only way to continue receiving security support.

At this time, Debian 11 is still supported, and you may continue running
on that version.  But at some point, that will no longer be true, and
you'll be forced to upgrade it, or have a potentially insecure system.

If you're *able* to upgrade to version 12 without losing any of the
features you're using, then you may wish to consider investigating the
upgrade process.  It's generally easy and smooth, but there are always
potential issues, so the more you know going in, the better.

If upgrading to version 12 would cause you to lose features, then the
sooner you know this, the better.  That will give you longer to plan
how you will handle the end of support for version 11.

suggestion of upgrade to 12

[Jeff Peng]

Hello,

I am running a small mailserver with debian 11 for many years. It's 
quite solid.

Though I have read this article:
https://www.cherryservers.com/blog/debian-12-bookworm-release
do you think there is any need for me to upgrade from 11 to 12?
just for the newer software like postfix, dovecot?

Thanks.

Re: RTC, was Re: System time/timezone

[Michael Stone]

On Wed, Jun 19, 2024 at 02:16:14PM -0500, Nicholas Geovanis wrote:

Reading the link that Walton sent, the only case where RTC clock in UTC is
recommended is in the linux/windows dual-boot case. There's no statement that
RTC should be set to UTC besides that. And they say right there why it isn't
mentioned: your Debian machine might move around geographically. But if it
doesnt

Servers in data centers don't move around, they just sit there :-) So in my
experience servers running anything non-windows have RTC set to local time.


Which is great, except that for some reason we still have daylight 
saving time...which screws everything up. So the real answer is that 
keeping RTC in local time is great for servers which never move around 
and don't have DST *or never turn off*. In which case it doesn't really 
matter. Except for that corner case where it suddenly does, at which 
point you'll regret not having used UTC (which works reliably regardless 
of what the politicians have decided to do to local time, and regardless 
of how long a server has been turned off).

Re: dictd?

[Max Nikulin]

On 20/06/2024 00:31, Greg Wooledge wrote:

On Wed, Jun 19, 2024 at 22:15:20 +0500, Stanislav Vlasov wrote:

In my system mode bits on my home dir are `drwx--` so only my user
have access to it.


Well, yeah.  That's not a default setting


0700 is the current default. See /usr/share/doc/adduser/README.gz and 
/usr/share/doc/adduser/NEWS.Debian.gz

Re: RTC, was Re: System time/timezone

[Stefan Monnier]

> If your system only boots one operating system, and never changes its
> default time zone, then it makes no difference whether the RTC is set
> to UTC or local time.  The OS will use the same assumptions when reading
> and writing to the RTC, so everything will remain correct.

Of course, the famous exception is if your machine is OFF during the
switch to/from DST.  IIUC there are hacks in Windows to try and handle
it "correctly", but I believe they can also misfire in some cases.
Don't know if GNU/Linux bothers with it: it's just a lot simpler and
more sane to use UTC so you never need to worry about it.
And of course, NTP is your friend: several of my machines don't even
have an RTC and I haven't really felt like they are missing something.


Stefan

Re: RTC, was Re: System time/timezone

[Max Nikulin]

On 20/06/2024 02:16, Nicholas Geovanis wrote:
Servers in data centers don't move around, they just sit there :-) So in 
my experience servers running anything non-windows have RTC set to local 
time. That's been on Red Hat/CentOS, Debian, Ubuntu.


My experience with Ubuntu is that its installer is able to guess 
timezone (GeoIP?) and it properly sets /etc/localtime symlink while RTC 
is in UTC. Try "timedatectl" or hwclock. Setting RTC to local time 
increases a chance of some mess due to DST or an administrative time jump.

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Stefan Monnier]

>> It's *theoretically* possible for some daemons to be configured to use
>> a different time zone, or to be hard-coded to use UTC.  I've never seen
>> this, but it could be done.
> In view of that, I think it's reasonable to drop the "default",
> and go with "system time zone", ie the time zone that the system
> clock it set to.

Funny, because I think on the contrary that the word "default" is key:
it conveys the information that this is just the time zone used by
default when converting a time to a human readable form.

You can drop "system" on the other hand, AFAIC.  


Stefan

Re: Having ten thousands of mount bind causes various processes to go into loops

[Eduardo M KALINOWSKI]

On 19/06/2024 19:06, Julien Petit wrote:

It doesn't really matter where folders/mounts are. Users can share any
directory (and subdirectories) in their home directory with any other
user. The shared folder is mounted in the special directory "Shared
with me" of the recipient home directory. I.e: John/Sales/Invoices is
mounted in Alice/Shared with me/Invoices.


Can be done with symlinks.

I imagine there's some process that creates these bind mounts, so the 
process could create symlinks.



Symlinks are no good since the user sharing his directory can decide
to share it read/write to one user but read only to another


This can be solved with ACLs. Instead of creating a bind mount, this 
process that allows the user to share the directory can set an ACL and 
create a symlink.


PS: It would be better if you used a mailer that correctly sets mail 
headers References and/or In-Reply-To so that your replies are properly 
threaded.



--
Go placidly amid the noise and waste, and remember what value there may
be in owning a piece thereof.
-- National Lampoon, "Deteriorata"

Eduardo M KALINOWSKI
edua...@kalinowski.com.br

Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

> For this, probably the easiest is to set up a common directory/a few common 
> directories, set up proper permissions through use of groups and worst case 
> create some symlinks from the user's home directories, if these directories 
> really need to be accessible from within their home directories. That's 
> pretty much how shared directories are always done. As this would be a one 
> time effort, it would be doable.

You're thinking of a traditional file server in a business. Our
solution is a cloud platform. We don't know ahead how our customers
are going to manage their files and shares. And we don't need to.
As i said to Eduardo, it doesn't really matter where folders/mounts
are. Users can share any directory (and subdirectories) in their home
directory with any other user. The shared folder is mounted in the
special directory "Shared with me" of the recipient home directory.
I.e: John/Sales/Invoices is mounted in Alice/Shared with me/Invoices.
The shares can be read/write or read-only.

> But at this point, you should really think about paying some company with 
> deep knowledge of Linux that can come up with a sustainable plan. Because 
> obviously, your way of doing things isn't anything that could (or on that 
> note should) be a long-term solution. And maybe think about rewriting the 
> ancient software that causes this setup in the first place.

We've come up with that solution in 2009 and it's been working until
now (and still is but eating away cpus). So i guess it makes it a
proven long-term solution ;) Is there a better way to do it now?
Maybe. But not as easy as setting up a few symlinks and some
permissions.

Anyway, that's out of subject. My request is simpler than knowing how
our solution works. Mounting many thousands folders wasn't an issue
before and it is now (i haven't nailed on which Debian update it broke
yet). As i said in my request, i know that this usage is an heavy
usage of mounts but it worked perfectly for many years. I'm just
trying to understand the cause behind it.

> Desperately trying to cling to something that has been out of support for 
> decades is just not sustainable, not on any OS.

We're the maintainers of our software so it's not out of support :)
I'm here because we'd like to save a few trees reducing that cpu usage
down :D
Thanks again for your time!

Re: Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

> Does it really have to be in the home directory? Can't the software (and/or 
> the users) open files in, say, /shared/accounting?

It doesn't really matter where folders/mounts are. Users can share any
directory (and subdirectories) in their home directory with any other
user. The shared folder is mounted in the special directory "Shared
with me" of the recipient home directory. I.e: John/Sales/Invoices is
mounted in Alice/Shared with me/Invoices.

> If it really needs to be under /home: symlinks.

Symlinks are no good since the user sharing his directory can decide
to share it read/write to one user but read only to another

Re: Re: Having ten thousands of mount bind causes various processes to go into loops

[Julien Petit]

>> However do you need shared subtrees?
> I'm gonna test the effect of setting them to private.

This doesn't seem to fix the problem either

Re: mounting external hard drive from rescue mode shell?

[eben]

On 6/19/24 15:23, Heriberto Avelino wrote:


I am now on a shell (BusyBox v.35.0 Debian 1:1.35.0-4+b3)



There is nothing under media nor root


Things mounted by the system would probably show up under /media or /mnt .


Where are the internal h-drive and the external?


To mount those you need the device names.  Perhaps you'd be better off with
a graphical file manager.

--
And if the cloud bursts, thunder in your ear
You shout and no one seems to hear
And if the band you're in starts playing different tunes
I'll see you on th dark side of the moon -- PF, "Brain Damage", _DSotM_

How to recover when monitor goes blank.

[Ram Ramesh]

Hi,

  I have my monitor, keyboard and mouse shared through a KVM switch. 
One host is Linux Debian bookworm 12.5 and another is laptop running 
Windows 11. When I leave KVM on the laptop side for extended period I 
have issues switching back to Debian side. When I switch, the screen is 
blank and KB does not respond as if Debian is running headless. I had to 
remote login and reboot Debian side with KVM locked on this side to get 
back the monitor/KB. This happens regardless of whether I am in Xorg or 
VT.  I do not know how to force Debian/Linux to check for monitor/KB 
again after extended period of disconnect when it has assumed it is 
running headless. Any solutions?


Regards
Ramesh

Re: Evolution & ThunderBird

[Cindy Sue Causey]

On Wed, 2024-06-19 at 15:16 -0400, Jerry Mellon wrote:
> 
> Hello,
> 
> New user having trouble with evolution. I think that I have it setup
> correctly, but it will not login
> 
> to my email accounts. At the bottom of screen it is scanning the email
> server from my login but then 
>  
> a box pops up indicating that there was an error trying to login and
> asks for the password, which I supply and box closes only to return
> shortly with the same response.
> I have used the account on my other system and no problem so the
> account is OK.
>   
> I tried to download Thunderbird to give it a try but it is missing
> some dependencies an will not
> load.

Hi.. I started using Evolution several months ago. Am still working out
some kinks myself. I just test drove adding a second mail account for a
same user, and it started walking me through that process. What about
trying that for the same account that's failing right now?

What I'm thinking is maybe there was a quiet typo, a missed field, or
something. I say that because I'm having an awful time seeing the
characters I'm typing here on mine. I've had typos galore in two emails.

You could give your favorite email a new (second) account name, see if
it works, delete the first account if the second one works, and then
rename the second to the first account name that is presumed memorable.

If a second account ends up working, make sure to click through that
"hamburger" or whatever official method exists to delete the first
account. In other words, don't just delete the name in the folder
hierarchy wherever you're seeing it (mine's a directory tree on the
left).

My brain keeps wanting to note that e.g. Gmail used to make us jump
through painful hoops to use desktop programs like Evolution. That
didn't happen for me this time, but maybe other email providers still
have the detail that needs addressed on their online end and that isn't
seen while setting up an Evolution account (versus other email
programs).

That inspires me to then say, if I was stuck in this situation, I'd do a
quick Internet search for my specific email provider along with keywords
like Linux AND Evolution to cut down on false positive returns. Maybe
someone has already presented a detailed step-by-step how-to after their
own fails at this.

Just thinking out loud. I'll say this, Evolution email has real-l-l-ly
worked out for me _this time_ after I had not had a good experience with
it multiple times in the past.

Cindy :)
-- 
Talking Rock, Pickens County, Georgia, USA
* runs with backups of Evolution just in case (click that hamburger 
to find backup and restore under "File") *

Re: mounting external hard drive from rescue mode shell?

[Heriberto Avelino]

Thanks Eben and David!
I am now on a shell (BusyBox v.35.0 Debian 1:1.35.0-4+b3)
I don't see the mounting points to execute cp.
There is nothing under media nor root; under usr I can see only: bin lib
local sbin share.
Where are the internal h-drive and the external?
I would very much appreciate your further help.
Who could have envisioned a community like this back in the 80's? This is
great!
Heriberto


On Wed, Jun 19, 2024 at 9:04 AM Heriberto Avelino <
heriberto.avel...@gmail.com> wrote:

> Dear all:
> Is it possible to mount an external hard drive while running Debian in
> rescue mode?
> Furthermore, the ultimate question is how could I copy folders from the
> computer's hard drive to the external one while in rescue mode?
> Many thanks!!
> Heriberto
>

Re: RTC, was Re: System time/timezone

[Greg Wooledge]

On Wed, Jun 19, 2024 at 14:16:14 -0500, Nicholas Geovanis wrote:
> > > .
> 
> Reading the link that Walton sent, the only case where RTC clock in UTC is
> recommended is in the linux/windows dual-boot case. There's no statement
> that RTC should be set to UTC besides that. And they say right there why it
> isn't mentioned: your Debian machine might move around geographically. But
> if it doesnt
> 
> Servers in data centers don't move around, they just sit there :-) So in my
> experience servers running anything non-windows have RTC set to local time.
> That's been on Red Hat/CentOS, Debian, Ubuntu.

If your system only boots one operating system, and never changes its
default time zone, then it makes no difference whether the RTC is set
to UTC or local time.  The OS will use the same assumptions when reading
and writing to the RTC, so everything will remain correct.

If you boot multiple operating systems, or if you ever change your
default time zone, then keeping the RTC in UTC gives you a much better
chance of things remaining correct.

And of course, if your system is configured to retrieve the correct time
from NTP servers immediately after booting, then the RTC's contents don't
really matter much in the first place.  You'd only "use" the RTC for the
brief time between boot and NTP synchronization, or if for some reason
you can't reach your NTP servers (Internet is down or whatever).

Evolution & ThunderBird

[Jerry Mellon]

Hello,

New user having trouble with evolution. I think that I have it setup 
correctly, but it will not login


to my email accounts. At the bottom of screen it is scanning the email 
server from my login but then


a box pops up indicating that there was an error trying to login and 
asks for the password, which I supply and box closes only to return 
shortly with the same response.


I have used the account on my other system and no problem so the account 
is OK.


I tried to download Thunderbird to give it a try but it is missing some 
dependencies an will not


load.

--
Jerry Mellon
501 Los Caminos St
St Augustine FL 32095
407.461.9216
jfmel...@netscape.net

Re: RTC, was Re: System time/timezone

[Nicholas Geovanis]

On Tue, Jun 18, 2024, 11:05 PM David Wright 
wrote:

> On Tue 18 Jun 2024 at 04:12:07 (-0400), Jeffrey Walton wrote:
> > On Tue, Jun 18, 2024 at 4:05 AM  wrote:
> > > On Mon, Jun 17, 2024 at 11:54:03PM -0500, David Wright wrote:
> > > > [...]
> > > > I notice that   man timedatectl   says:
> > > >
> > > >set-timezone [TIMEZONE]
> > > >Set the system time zone to the specified value.
> > > >Available timezones can be listed with list-timezones.
> > > >If the RTC is configured to be in the local time, this
> > > >will also update the RTC time. This call will alter
> > > >the /etc/localtime symlink. See localtime(5) for more
> > > >information.
> > >
> > > I cringe a bit when I see that.
> >
> > Yeah.. on Linux, it is recommended to keep the RTC clock in UTC.
> > Unless Windows has contaminated the machine. See
> > .
>
> Here's your subthread for discussing the RTC, as it's a separate
> issue from the system's time zone.
>

Reading the link that Walton sent, the only case where RTC clock in UTC is
recommended is in the linux/windows dual-boot case. There's no statement
that RTC should be set to UTC besides that. And they say right there why it
isn't mentioned: your Debian machine might move around geographically. But
if it doesnt

Servers in data centers don't move around, they just sit there :-) So in my
experience servers running anything non-windows have RTC set to local time.
That's been on Red Hat/CentOS, Debian, Ubuntu.

(I believe I'm correct in saying that Windows has long been able,
> by means of a registry key setting, to run with the RTC set to UTC.)
>

That is also my understanding but Windows 95 is the last release I've been
an admin on.

Cheers,
> David.
>
>

Re: disable GUI/X?

[Franco Martelli]

On 19/06/24 at 04:24, David Chmelik wrote:

How can I disable GUI/X for next boot?  I just want to run it when I
decide as startx/startxfce/etc.



When I occasionally need to boot in the CLI instead of the GUI I boot 
the system in "recovery mode", it's an option of the GRUB's menu shown 
at boot time in "Advanced options for Debian" menu.
Then, after given the root's password, I switch to multi-user target 
with the command:


~# systemctl isolate multi-user.target

When you end jobs with the CLI you can switch to the GUI with "startx". 
To enable "recovery mode" in GRUB you need to edit /etc/default/grub 
file and comment out the line:


#GRUB_DISABLE_RECOVERY="true"

It's a default setting, so it should be already comment out.

Cheers,
--
Franco Martelli

Re: dictd?

[Greg Wooledge]

On Wed, Jun 19, 2024 at 22:15:20 +0500, Stanislav Vlasov wrote:
> ср, 19 июн. 2024 г. в 16:18, Greg Wooledge :
> 
> > > > Place files to /usr/share/dictd and run `dictdconfig -w` and restart
> > > > dictd service
> > >
> > > Thanks!  I guess it doesn't work with symbolic links (symlinks) to user
> > > directories/folders though...
> >
> > Doesn't work, how?  Do you get permission denied?  If that's the case,
> > it might be something like AppArmor.
> 
> I create .deb with dictionary and didn't place dict files manually, so
> further my assumption.
> 
> I think, dictd user have no access to $HOME even without
> apparmor/selinux/another acl
> ls -ld ~ will show you more.
> In my system mode bits on my home dir are `drwx--` so only my user
> have access to it.

Well, yeah.  That's not a default setting, but indeed, if you have
stuff in user home directories that you wanted to share (~/public_html/
directories, or these dictionaries), you'll need to add at least +x
permissions on the home directory(ies) in question.

You still haven't told us what kind of failure you're seeing with your
dictionaries.  Is there a specific error message?  What does it say?

Re: dictd?

[Stanislav Vlasov]

ср, 19 июн. 2024 г. в 16:18, Greg Wooledge :

> > > Place files to /usr/share/dictd and run `dictdconfig -w` and restart
> > > dictd service
> >
> > Thanks!  I guess it doesn't work with symbolic links (symlinks) to user
> > directories/folders though...
>
> Doesn't work, how?  Do you get permission denied?  If that's the case,
> it might be something like AppArmor.

I create .deb with dictionary and didn't place dict files manually, so
further my assumption.

I think, dictd user have no access to $HOME even without
apparmor/selinux/another acl
ls -ld ~ will show you more.
In my system mode bits on my home dir are `drwx--` so only my user
have access to it.

-- 
Stanislav

Re: mounting external hard drive from rescue mode shell?

[David Christensen]

On 6/19/24 08:04, Heriberto Avelino wrote:

Dear all:
Is it possible to mount an external hard drive while running Debian in
rescue mode?



Yes.



Furthermore, the ultimate question is how could I copy folders from the
computer's hard drive to the external one while in rescue mode?
Many thanks!!
Heriberto



This is how I start a rescue shell using debian-11.9.0-amd64-netboot media:

Debian GNU/Linux installer menu (BIOS mode) -> Advanced options
Advanced options -> Rescue mode
Language -> C
Continent or region -> North America
Country, territory or area -> United States
Keymap -> American English
Hostname -> debianrescue
Domain name -> tracy.holgerdanske.com
Select your time zone -> Pacific
Passphrase for /dev/sda3 ->  -> Continue
Device to use as a root file system -> Do not use a root file system
Rescue operations -> Execute a shell in the installer environment
Executing a shell -> Continue


Once busybox(1) is running, you can issue mount(8) and cp(1) commands 
similar to using a shell.



David

Re: System time/timezone, was Re: Maximum size .bash_aliases file

[Jeffrey Walton]

On Wed, Jun 19, 2024 at 7:09 AM Greg Wooledge  wrote:
>
> On Tue, Jun 18, 2024 at 23:09:04 -0500, David Wright wrote:
> > On Tue 18 Jun 2024 at 07:07:36 (-0400), Greg Wooledge wrote:
> > > On Mon, Jun 17, 2024 at 23:54:03 -0500, David Wright wrote:
> > > > What should I call the timezone of my computer when it's booted up and
> > > > no users are logged in?
> > >
> > > Daemons will almost always use the system's default time zone (the one
> > > specified by /etc/localtime or /etc/timezone).
> > >
> > > It's *theoretically* possible for some daemons to be configured to use
> > > a different time zone, or to be hard-coded to use UTC.  I've never seen
> > > this, but it could be done.
> >
> > In view of that, I think it's reasonable to drop the "default",
> > and go with "system time zone", ie the time zone that the system
> > clock it set to.
>
> I strongly disagree.  The system clock is kept on "epoch time", which
> is the number of seconds since midnight, January 1, 1970 UTC.
>
> The system clock doesn't have a time zone of its own.  It just gets
> converted to a time and date within any given time zone on demand.

++.

The sharp edge is how the RTC clock is set - UTC or localtime. Also
see .

Jeff

Re: [HS] sauvegarde sur Disque Mécanique ou SSD

[hamster]

Le 19/06/2024 à 11:43, Haricophile a écrit :

Le Tue, 18 Jun 2024 12:56:24 +0200,
Basile Starynkevitch  a écrit :


Un téra-octet de données personnelles, c'est énorme. Il me semble que
la seule activité numérique qui en consomme autant c'est la vidéo.


En fait non, ça dépend précisément ce que tu sauvegarde, et il ne faut
pas penser que un particulier n'est qu'un consommateur.

Personnellement j'ai des vidéos irremplaçables, MES vidéos et pas les
films téléchargés… j'ai mes fichiers audio irremplaçables à savoir MES
enregistrements, ou des musique introuvables sortis de vinyles ou
ailleurs, j'ai une tonne de partitions musicales scannées qui sont mon
petit trésor, des bouquins itou (les anciens on ne les trouve pas en
epub cf. Galica) etc. etc. et même si je triais tout ça (ce qui ferait
peut-être du bien) je ne pourrais certainement pas descendre en dessous
de 1.5To à 2To


Pour un cas comme celui la je pense que tu n'a pas besoin de faire des 
sauvegardes régulières ni très fréquentes : ton stock ne change pas 
beaucoup. Une fois une vidéo personnelle sauvegardée, elle ne sera pas 
modifiée et donc il n'y aura pas besoin de sauvegarder a nouveau.


Ce que tu a surtout besoin c'est d'espace de stockage volumineux pour y 
mettre tous tes trucs et qu'ensuite ces espaces de stockage dorment dans 
un tiroir en étant re-branchés que de facon très rare.


Dans ce cas le nombre d'écritures limité des disques SSD n'est pas un 
handicap : de toutes facons tu ne les écrira qu'une fois. Le coté 
aléatoire des pannes mécaniques des disques durs ne sont pas un handicap 
non plus : tu ne les laissera pas branchés en permanence, leur durée de 
vie (en heures de fonctionnement) ne sera donc pas consommée.


Je te conseille donc des disques durs magnétiques a l'ancienne, surtout 
parce que c'est moins cher, aussi parce que les disques SSD ne 
vieillissent pas que avec le nombre d'écritures : meme stockés dans un 
tiroir ils vieillissent lentement a cause de la radioactivité naturelle.


Tu va donc acheter 2 disques, les remplir avec des trucs a sauvegarder 
(videos, partitions, etc) tout copié en double. Une fois qu'ils sont 
pleins, t'en achete 2 nouveaux pour continuer a sauvegarder tes 
nouvelles vidéos personnelles et tu les range un dans ton bureau a coté 
de ton ordi, l'autre dans un autre batiment, et t'y touche plus en 
espérant ne jamais avoir besoin de ces sauvegardes.