Re: Alternatief voor bash_history ?
Hi, Paul van der Vlis (p...@vandervlis.nl on 2018-03-19 11:57 +0100): > > Het zou behulpzaam zijn, als ik had kunnen nagaan wat ik om 21:15 voor > commando had gegeven. Om het voor een volgende keer te voorkomen. > > bash_history is een goede zaak, maar eigenlijk zou ik het loggen van > commando's graag wat beter geregeld hebben. Zoals een timestamp voor > elk commando. En dat het direct wordt weggeschreven, ook vanuit > meerdere terminals tegelijk. Zoals al aangegeven, heb je hiervoor geen alternatief nodig -- beide zijn mogelijk met bash zelf. Timestamps kun je activeren met de shell variable HISTTIMEFORMAT (bijvoorbeeld https://unix.stackexchange.com/questions/174900/histtimeformat-syntax) en direct wegschrijven van history kun je doen met PROMPT_COMMAND (bijvoorbeeld https://unix.stackexchange.com/questions/1288/preserve-bash-history-in-multiple-terminal-windows). De officiele documentatie is hier: https://www.gnu.org/software/bash/manual/html_node/Bash-History-Facilities.html, maar SE is vaak nuttiger. Ik heb nog wel een alternatief dat werkt ongeacht welke shell je gebruikt: je kunt NOEXEC:ALL toevoegen aan sudoers, zodat een root shell niets meer kan, en alle admins worden gedwongen om sudo te gebruiken voor ieder commando. Het voordeel daarvan is dat je sudo logging (syslog) kan gebruiken als audit log; het nadeel is dat je vervolgens wel EXEC:-uitzonderingen moet maken voor alle commando's die legitiem andere programma's uitvoeren, en dat zijn er helaas best wel veel. Groet, Arno
RE: sexist content in the package openclipart2-png
(yes, I know, old post, and offtopic. Still, pet peeve...) > Date: Thu, 31 Dec 2015 11:25:55 -0800 > From: jr...@salford-systems.com > > [..] combined with a general contempt for women > (beautiful or not) as weaklings and inferiors. Thus, while removing > sexually provacative pictures from collections of clip art *might* > discourage perverse sexual behavior to a very modest extent, it is > unlikely to reduce the number of wife-beaters. Treating the latter and > other bullies as the common criminals they are, and ceasing to make > excuses for them (together with teaching boys from a young age to respect > girls and women and protect them from violence) would do a lot more. I don't think you can have it both ways. There is no way to combine the perception of "women as weaklings and inferiors" with "teaching boys from a young age to [protect] girls and women". If you do the latter, you reinforce the former. Yes, teach boys to respect others. Teach girls the same. But stop perpetuating the misguided idea that one gender is reponsible (as either provider or protector) for the other. Regards, Arno
RE: systemd alternative for Jessie?
> Date: Wed, 14 Oct 2015 17:05:16 +0300 > From: moonsh...@openmailbox.org > > On Wed, 14 Oct 2015 07:49:08 -0500 > Richard Owlettwrote: > >> What has the end-user, with a single machine, gained today from >> the adoption of systemd? > > Speaking for myself: > 1. It took me an hour of googling to write my own working init script. > It takes me 10 minutes to write my own systemd unit. The last time I wrote an init script: - copy /etc/init.d/skeleton - edit the DAEMON= and DESC= lines > 2. Boot times improved. It's been years since I've seen a system where the OS boot took longer than the BIOS boot. Linux or Windows alike. As additional anecdata: my systems consistently boot to systemd-rescue mode whenever I try systemd. This is because I make heavy use of auto-unlockable encrypted volumes, and systemd doesn't support auto-unlocking. I finally got around to moving all my unlock scripts to the initramfs, only to find that the effort was futile: even if a volume is already unlocked, systemd drops to a rescue shell. Immediately typing 'exit' in the rescue shell boots the system to completion without further errors. Well, not a problem, right? Systemd was said to be modular, so I'll just uninstall the systemd cryptsetup component. Har har. So for all of my systems, systemd doesn't even work. I hope you understand I don't care about boot time when the boot is unsuccesful. Regards, Arno
RE: systemd alternative for Jessie?
> Date: Wed, 14 Oct 2015 22:26:53 +0200 > From: geo...@nsup.org > > Le tridi 23 vendémiaire, an CCXXIV, Arno Schuring a écrit : >> It's been years since I've seen a system where the OS boot took longer >> than the BIOS boot. Linux or Windows alike. > > You may have noticed that the operator between the time for the POST and the > time for the OS boot is +, not max(). Of course. But when your BIOS boot time is 15 seconds, it hardly makes any difference if your OS boots in 3 seconds or in 2.1 seconds, does it? Regards, Arno
RE: should I get rid of pulse audio ?
Date: Mon, 17 Aug 2015 23:16:55 +0200 To: debian-user@lists.debian.org [..] You can't install gnome without the pulseaudio libraries, but it runs perfectly fine without the daemon. On Debian? $ aptitude why gnome-core pulseaudio p gnome-core Depends pulseaudio This to me suggests that it doesn't even install without the daemon. Regards, Arno
RE: should I get rid of pulse audio ?
Date: Sun, 16 Aug 2015 13:37:37 -0700 From: bri...@aracnet.com [..snip list of PA inadequacies..] so soliciting opinions on whether or not getting rid of pulse audio is a good idea. It's a good thing you're asking for opinions, because that's what you're gonna get. A lot of it, probably ;) It can be a good idea, or it may cause your hair to fall out or turn gray. When I ditched pulseaudio, my idle system load average (as reported through uptime) dropped from 0.7 to 0.03, which was vindication enough for me. If you're running Gnome, ditchting pulseaudio is simply not possible. Not sure about other full-featured DEs, I think at least KDE still allows you to use alsa directly. Then there's the case that bluez5 also requires pulseaudio for any kind of bluetooth audio, and the inability of modern audio chips to handle more than one audio stream at a time. If you can live with those limitations (I know I can), you can go pure alsa. You may need to read up on configuring alsa through .asoundrc and/or configuring gstreamer defaults through dconf. You especially might want to look into the alsa dmix plugin if you expect to have sound output from multiple programs at the same time. So yes, it is doable, depending on what other programs you use and what features you expect. Regards, Arno
RE: Encrypted swap with cryptsetup won't mount at startup
From: somebody.mo...@gmail.com Date: Tue, 11 Aug 2015 10:08:05 +0200 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/08/2015 09:38, Arno Schuring wrote: On one of my machines I've gotten this (kinda) working by removing the systemd generator and manually creating a service file around cryptdisks_start and cryptdisks_stop. As I have never wrote a systemd unit, and I can't find a simple doc on how to do it, can you show me the service file you wrote ? This is my /etc/systemd/system/systemd-cryptsetup@cryptswap0.service. The naming matters, as it should override the systemd-generator name. The filename suffix (@cryptswap0) and Before= line should match what you have in /etc/crypttab: [Unit] Description=Hack to prevent systemd soiling itself on auto-unlocked encrypted volumes #BindTo=dev-%i.device Before=dev-mapper-cryptswap0.swap DefaultDependencies=no IgnoreOnIsolate=yes [Service] Type=oneshot ExecStart=/usr/sbin/cryptdisks_start %i ExecStop=/usr/sbin/cryptdisks_stop %i RemainAfterExit=yes I have a similar one for my luks-backed lvm volume, but with Before=lvm2.service instead of Before=$device. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub130-w90bb90b0da96d2600bf84bb8...@phx.gbl
RE: Encrypted swap with cryptsetup won't mount at startup
From: somebody.mo...@gmail.com Date: Mon, 10 Aug 2015 14:07:11 +0200 Hi, I'm trying to encrypt my swap partition, /dev/sda7. [..] At boot, it seems like systemd tries to mount /dev/sda7 as a non encrypted swap partition, and fails. Then it tries to mount cryptswap1 following my crypttab. I have to wait 1 min 30, and then I get a message Job dev-mapper-cryptswap1.device/start timed out.. Use sysvinit. Last I checked, systemd has no support for keyscripts, and no documented workaround. On one of my machines I've gotten this (kinda) working by removing the systemd generator and manually creating a service file around cryptdisks_start and cryptdisks_stop. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618862 Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub130-w2100c113663687aca21505b8...@phx.gbl
RE: kde fully broken in debian/testing
From: hans.ullr...@loop.de Date: Thu, 30 Jul 2015 22:18:18 +0200 Hi folks, it looks like kde is fully broken in testing and unstable, due to a big version mismatch in the repo. Yes. It was announced/explained a few days ago: http://perezmeyer.blogspot.nl/2015/07/plasmakf5-testing-situation.html Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub130-w57ce0fcddc2783d09d34b6b8...@phx.gbl
RE: VLAN config on Jessie
Date: Thu, 30 Jul 2015 21:43:25 +0100 From: aw...@comms.org.uk Ive got a Jessie machine acting as a router with eth0 being the WAN connection to the internet and eth1 being the LAN connection with 2 VLANS on it (VLAN1 has addresses 192.168.10.x and VLAN2 192.168.100.x) Your /e/n/interfaces does not match that description... auto eth1 iface eth1 inet static address 192.168.10.254 broadcast 192.168.10.255 netmask 255.255.255.0 up /etc/network/if-up.d/iptables This configures an untagged connection, which is not the same as vlan 1. Also, there's no need to set that broadcast address manually, it's inferred from the netmask. auto eth1.2 iface eth1.2 inet static address 192.168.100.254 netmask 255.255.255.0 vlan-raw-device eth1 I want vlan 1 to be the default hence I decared it as eth1 not eth1.1 That is most likely wrong. You set a default interface by configuring the default gateway with the lowest metric. Other than that, there's no default between network interfaces. Whats the correct way to do this please? I would expect you only configure eth1.1 and eth1.2, and leave eth1 itself unconfigured. Or perhaps, if that configuration confuses ifupdown: iface eth1 inet manual up ip link set eth1 up Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub130-w4309ea24d2ff0d1ecd7102b8...@phx.gbl
RE: nano needs curses.h?
Date: Thu, 23 Jul 2015 14:06:09 -0400 From: lee.j.i.win...@gmail.com [..] apt-get source nano apt-get build-dep nano ./configure make [..] nano.h:92:20: fatal error: curses.h: No such file or directory Should the nano package include curses.h or is some other package a prerequisite for nano? apt-get source does not install build dependencies. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w15cd7fdd246dc41f22817eb8...@phx.gbl
RE: mdadm: No arrays found in config file or automatically
From: embe8...@student.uu.se Date: Mon, 20 Jul 2015 01:05:08 +0200 At this point, I don't know if I even have arrays. It is nothing I put there or ever mucked around with, for sure. Assuming all your disks are online, just run blkid (as root). If you have any (software) raid partitions, they will show up as: /dev/sdc3: UUID=a6fad59a-fb65-69e0-c230-666b5103eba0 TYPE=linux_raid_member for a metadata 0.90 array member /dev/sdc2: UUID=8c85fc73-c0f2-74f0-7fa0-20dd94538f5d UUID_SUB=126427a1-e9c4-d5b6-29a6-609216e54318 LABEL=genie:0 TYPE=linux_raid_member for a metadata 1.2 array member Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w181efa5133b070b18d30deb8...@phx.gbl
RE: cp output format
From: andrew.mcglas...@affinityvision.com.au Date: Fri, 17 Jul 2015 20:54:16 +1000 for filex in $(ls); [..] No. Just no. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w32616e646393c66c1c2d06b8...@phx.gbl
RE: YAGF is a seriously screwed package
I know I shouldn't, but... From: jhas...@newsguy.com Date: Sat, 11 Jul 2015 15:58:03 -0500 Paul E Condon writes: Just Hi, has the benefit of fewer key strokes. (;-) And it's suitable even for an email addressed to single potted plant. I've given up emailing them. They never answer. There's an app for that: http://www.parrot.com/usa/products/flower-power/ Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w26747a1c6f807c35e66412b8...@phx.gbl
RE: Initrd and USB Keyboard
From: deb...@alexkretschmer.de Date: Fri, 10 Jul 2015 14:44:14 +0200 Hello, I have a system running raid1, dmcrypt and lvm2. Debian Version is jessie / stable My disks have a small partition for boot, the rest ist encrypted incl. the system. Therefore I'm forced to work with an initrd to at least build the raid, decrypt the 2nd partition and provide the virtual disks before the full system is able to boot. Unfortunately I can't get my USB Keyboard to work. Neither in a rescue shell nor to type the decryption password. You probably are missing hid_generic. You need either that module or evdev (iirc) for input (hot/cold)plugging to work. Even with those modules, I still haven't been able to access the usb keyboard connected through my laptop's docking station, though, so this may not be the complete answer. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w271c66591d013088560946b8...@phx.gbl
RE: Free GNU/Linux intro class for teens advice? Purchase box? Squeak/Smalltalk programming
Hi. To: debian-user@lists.debian.org From: mron...@alumni.upenn.edu I am working toward teaching a free introductory class to teens on GNU/Linux and the philosophy of free software at the Newton Free Library in MA this coming September. For the class, the participants will need access to GNU/Linux. After reviewing some options, including sdf.org, virtual machines, Chromebooks, etc., I am considering just asking participants to purchase a dedicated laptop and installing the OS. I may be able to direct students to install fests in the area before the class starts. I am not sure that this is the best idea, but it offers significant advantages including a potentially working box as part of the results of the course. All suggestions offered are fine, I would add one more: use live disks. This allows your students to bring their own device without the risk of bricking it. And you can have a few single-board devices for those without an own device. Having an RPi as a demo model also helps illustrate that there's no functional difference between a pc and what the hardware in their phone/tv/gadget can do. As a test, I purchased a laptop (Toshiba Satellite C75-B7180) on sale for $350 at our local Microcenter in Cambridge and was able to load GNU/Linux for my son. I am thinking of working some programming assignments in Squeak (Smalltalk), but maybe C is a better choice for an OS class? Choose a language with an interactive interpreter. Bash, Python, Ruby, Haskell all come to mind. But are you planning to teach OS basics or programming? Because for an OS class, I would focus more on shell tools (grep, cut, tail) than programming languages. Has anyone tried running a GNU/Linux intro class for teens? Can anyone share their experiences, thoughts or suggestions? Feedback based on actual experience would be most helpful, I think, but I would appreciate any insights. I am an instructor, but not at that level. For programming, I would probably use the following progression: - shell commands - shell scripts (i.e. sequencing shell commands) - interactive evaluation - functions - source files - compilation Something like Haskell would be ideal for the latter steps, as it has the ability to both interpret a source file (through runghc) and compile it (though ghc). Not sure if e.g. Go has a similar mode? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w112d4f776ccadea0dd3619b8...@phx.gbl
RE: Installing glibc-2.21 on debian-8
Date: Mon, 6 Jul 2015 08:41:44 +0100 From: zen75...@zen.co.uk On 06/07/15 06:07, Dhiraj Bhor wrote: Also wanted to know which are security bugs reported for glibc-2.19-18. Thanks for being patient. Information about current bugs in Debian packages can be found through the Bug Tracking System at https://bugs.debian.org/ Upstream bug information for GNU libc can be found at https://sourceware.org/bugzilla/ There's also https://security-tracker.debian.org/tracker/source-package/glibc Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w3889e0ba209b984db2aa49b8...@phx.gbl
RE: clock losing time after a reboot with HP ZBook G2
Date: Fri, 3 Jul 2015 15:07:34 +0200 From: vinc...@vinc17.net When I run hwclock --systohc manually before the reboot, the clock is OK after reboot. So, this seems to be a systemd bug. I've reported: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790974 Michael, since I've seen you reply on this list as well, could you please provide a little more rationale than we intentionally broke your system when closing a bug? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w162461707e12e0b2036d5fb8...@phx.gbl
RE: clock losing time after a reboot with HP ZBook G2
Date: Fri, 3 Jul 2015 15:38:02 +0200 From: bi...@debian.org Am 03.07.2015 um 15:18 schrieb Arno Schuring: Date: Fri, 3 Jul 2015 15:07:34 +0200 From: vinc...@vinc17.net When I run hwclock --systohc manually before the reboot, the clock is OK after reboot. So, this seems to be a systemd bug. I've reported: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790974 Michael, since I've seen you reply on this list as well, could you please provide a little more rationale than we intentionally broke your system when closing a bug? I didn't say we intentionally broke your system, I said we intentionally removed the hwclock-save units. That's a difference. Without further explanation, there is no difference to the casual observer. Thank you for the pointer to the rationale. I just wish you would have included that link in your closing message. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w35e610d6fef357015ddf1b8...@phx.gbl
RE: Installing glibc-2.21 on debian-8
Date: Fri, 3 Jul 2015 15:37:03 +0530 From: dhirajbho...@gmail.com On Fri, Jul 3, 2015 at 3:31 PM, claude juif claude.j...@gmail.commailto:claude.j...@gmail.com wrote: Hi, If you really need latest development tools, i suggest you to switch to Fedora 22. (glibc-2.21-5 and gcc 5.1.1). It will be easier and faster than trying to modify glibc stuff in Debian 8. Regards, I would like to but its a requirement and i have to do it. No option. May be if i can patch the glibc with all security patches will be enough for me. What exactly is the requirement? That you develop against latest libc or that you deploy with latest libc? Because you mentioning security patches makes me suspect it's the latter, in which case it's a seriously bad idea to build your own. Are you going to subscribe to the CVE lists and rebuild every security patch yourself? Have you factored the ongoing maintenance cost of that in your project? If it's only that your project needs to build against the latest glibc, I recommend you start with an unstable buildroot (man debootstrap), and install your latest libraries in there. You don't even need to develop in the chroot, just develop on your own and run the integration tests in the chroot. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w397696c524f08c62438ac4b8...@phx.gbl
RE: RAID b/w GPT and NON GPT partition.
Date: Wed, 1 Jul 2015 18:41:35 -0400 From: garyd...@torfree.net On 01/07/15 03:24 PM, Don Armstrong wrote: On Wed, 01 Jul 2015, Gary Dale wrote: The size of the RAID array is set by the smallest partition so if you want to be able to boot from either drive, then putting the ef02 partition in the free space on the new drive means that you will either not be able to boot from the old drive should the new drive fail, or you will have different partition tables on each drive. This is precisely why you should have the EF02 partition on every single drive in the raid set and run grub-install on all of them (or at the very least, one more than the number of drives that can fail and still assemble the array). You missed the point that this would require different partition tables on the two drives. Whose point was that? It certainly wasn't the OP's, who asked to have a GPT partition table on the second disk of a raid array, whilst the first had MBR. Moreover, if you ever replaced the original drive with a larger one, you would have to install LVM to get around the ef02 partition This makes no sense. There is no around if you created the ef02 partition in the first available sectors of the disk, as everyone has been advocating. Nor would it make sense to work around a partition of less than 1MB, you would only need to work around it if you made it unsensibly large, like the 100MB you seem to favour. And why would you want identical partition tables across drives of different sizes in the first place? [LVM] an added layer of complexity that you shouldn't need. Sure. Because no one would ever need to resize or migrate volumes without downtime. Don't patronize people by telling them what they do or do not need. We have seen more than enough of that already. However you seem to have conceded the larger point about UEFI which M$ is trying to make mandatory. The way I read the thread is that people have been trying to correct your misconceptions, not argue with you. But meh, I'm sure I'm reading it wrong. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w22438138a64c6273aea1dab8...@phx.gbl
RE: RAID b/w GPT and NON GPT partition.
Hi again, Date: Tue, 30 Jun 2015 18:58:36 +0500 From: sir...@gmail.com but there are few confusions. actually in my old drive. there was a extended partition for SWAP. however when i copy the partition table with gdisk x and u option it created the file successfully however. i can not see extended in the output. Don't worry about it. There's no such thing as extended, primary or logical partitions anymore in GPT, there's just partitions. my last question is making the new 2TB drive able to boot. when i run the command grup-install it gives me error. # grub-install /dev/sdb /usr/sbin/grub-setup: warn: This GPT partition label has no BIOS Boot Partition; embedding won't be possible!. /usr/sbin/grub-setup: error: embedding is not possible, but this is required when the root device is on a RAID array or LVM volume. if i change the type to ef02 (Bios Boot Partition) i may not be able to attach that partition to my current raid level. this is what i think i haven't don't hit and trial technique as i am working on production server. can you guys please share how can i make the new drive bootable? As Pascal has said, the easiest is to create a new partition in the free space before partition 1 (sectors 34-2047). Make sure it has the correct type for a Bios Boot Partition (gdisk type ef02, with parted you need to set the Bootable flag). Then reboot, as the kernel won't load the new partition table immediately. After reboot, the grub-install command above should work. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w17d26fedd3a7a6f9f36bebb8...@phx.gbl
RE: RAID b/w GPT and NON GPT partition.
Hi, Date: Mon, 29 Jun 2015 14:52:32 +0500 From: sir...@gmail.com I have been using RAID1 b/w two 1.5 TB drives which worked great with fdisk. now one of the drive is failed and there is no more 1.5 TB available in the market. the least available drive is 2TB. Which means fdisk 2TB issue. Not necessarily, the MBR partition format can handle addresses up to 2TiB. A new 2TB disk is almost certainly 2TB, so you should be fine with MBR partitioning. in old times i could use sfdisk command to copy partition table now since the new drive is 2TB my question is can i use sfdisk on 2TB drive.? i think this will not work since old drive is non GPT which means copying non GPT partition to a drive supports only GPT will not work. Just to be sure: MBR and GPT are on-disk layouts, there is no such thing as a non-GPT drive. You can use MBR partitioning on a drive larger than 2TiB (though not recommended for obvious reasons), and you can use GPT partitioning on a small drive as well. Even my 128GB ssd uses GPT partitioning. If you really want to use GPT partitioning, you can either use sfdisk to duplicate the partition table and then use any gpt-aware partitioner to convert the layout to GPT, or you can use gdisk which can do both. - i want to copy my old drive (1.5TB) partition table (non GPT) to new 2TB partition table (GPT)? # gdisk /dev/sdOLD menu options x, u to replicate (GPT) partition table to /dev/sdNEW # gdisk /dev/sdNEW review/resize/add partitions where needed - and then further want to replace the bad drive from mdadam? NOTE: completely untested, please wait for others to correct me: # mdadm --add /dev/mdX $new_partition If the failed drive is already removed from the array, you can stop here. It should rebuild automatically. But if your drive is still usable but on its way out (e.g. it just started creating bad sectors), it may be safer to temporarily grow the array: # mdadm --grow --raid-devices=3 /dev/mdX This should start a resync from your old disk to the new. Let it complete, and then remove the old disk: # mdadm /dev/mdX --fail $old_partition --remove $old_partition # mdadm --grow --raid-devices=2 /dev/mdX Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w38dbdb6e0c8163ad347565b8...@phx.gbl
RE: slightly OT: what's the point of vagrant when I have a debian VM
From: lisi.re...@gmail.com Date: Mon, 29 Jun 2015 21:52:59 +0100 On Monday 29 June 2015 17:50:13 Sivaram Neelakantan wrote: Our IT infra came up to me Please - put me out of my misery. I have googled, honest. _What_, when he she or it is at home, is an IT infra. I simply can't find infra as a noun! intrastructure admin / manager / department, i.e. the network overlords. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w34ed9c58ca0d3ebe7a8174b8...@phx.gbl
RE: aptitude full-upgrade bug?
Date: Sat, 27 Jun 2015 12:38:36 -0400 From: garyd...@torfree.net I've upgraded two machines [..] they failed to upgrade the kernel. [..] I suspect this could be because the meta-package linux-image-amd64 wasn't installed, but even that doesn't make a lot of sense. Shouldn't a full-upgrade bring all the packages up to the current version? That makes a lot of sense, actually. Linux kernel images are co- installable, one version does not replace the other. So in order to have an upgrade path for these packages, the metapackage linux-image-$arch exists. If you don't have the metapackage, you don't get new kernels. This is not unique to the kernel, for example gcc, python and postgresql follow the same method. However, in those cases, other packages depend on the metapackage so you usually can't uninstall it. The kernel is unique in that no package depends on it. In any case, jessie should be able to boot with a kernel from wheezy iirc. So there may be a bug lurking there, but it's not a bug in aptitude. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w7c4d4701b6cc2eb44e6c4b8...@phx.gbl
RE: Boots into emergency mode. How to analyze?
Hi, Date: Thu, 25 Jun 2015 21:46:33 -0600 From: b...@proulx.com The Wanderer wrote: In which case I return to my original comment on that point: although there might be situations where this setup could make sense, they would _not_ be for the casual user. As a setup for a sole computer intended to be administered by its sole user, this is simply a crazy design. I, like you, feel that being able to log in using a root password is an essential requirement. However it is also true that Ubuntu is designed for the non-technical and Ubuntu has chosen to disable the root password by default and to provide sudo as the root access method. Although I agree with you that it is crazy I have to admit that there are a lot of Ubuntu machines out there with root login disabled. Having a single root account for administration is also bad from an accountability viewpoint: it's essentially an anonymous account. Having user-based accounts allows for much better control and transparency over who did what. So while you think it is crazy to have to use sudo on a single-user machine, I think it's similarly crazy to enable the root account on machines that are administered by multiple people. The root account should be limited to emergency use only, and when your threat model doesn't include having to defend against physical access, the Debian approach of locking the root account and allowing passwordless login through sulogin is a perfectly reasonable and valid setup. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w460a5c57b12873b9424974b8...@phx.gbl
RE: auto-mount NFS shares on boot
From: svenj...@gmx.de Date: Fri, 26 Jun 2015 19:28:37 +0200 On 2015-06-26 18:38 +0200, Jonas Meurer wrote: # systemctl status var-vmail.mount ● var-vmail.mount - /var/vmail Loaded: loaded (/etc/fstab) Active: failed (Result: exit-code) since Fri 2015-06-26 16:29:02 UTC; 6s ago Where: /var/vmail What: nfs-server:/vmail Docs: man:fstab(5) man:systemd-fstab-generator(8) Process: 352 ExecMount=/bin/mount -n nfs-server:/vmail /var/vmail -t nfs4 -o sec=krb5i,_netdev (code=exited, status=32) Jun 26 16:29:02 clt mount[352]: mount.nfs4: an incorrect mount option was specified mount.nfs4 prints this not very enlightening message if the mount syscall fails with EINVAL. If I've understood the mount scripts correctly, the error is correct: the _netdev mount option is for mount scripts only, and should /not/ be passed to the mount command. I would guess that this is another case where systemd breaks backwards compatibility. Maybe it's mentioned in the release notes? Regards, Arno
RE: Why Debian 8.1 has no torrents beyond first 3 DVD ISO images
Hi, From: cu...@free.fr Date: Mon, 15 Jun 2015 12:39:44 + On 2015-06-14, Arno Schuring wrote: $ wget http://cdimage.debian.org/debian-cd/current/amd64/list-dvd/debian-8.1.0-amd64-DVD-{1..13}.list.gz [..] $ zgrep -E '^(stumpwm|cl-ppcre|sbcl|gcl|mpd|gmpc|feh|libtheora0)_' * | cut -d: -f1|sort|uniq Wouldn't your regexp also match the sources packages? It probably would, but it looks like the sources are on separate DVDs (in the [..]/current/source directory), so they wouldn't show up when grepping the amd64/list-dvd/ files. Either way, you can verify the output by removing the postprocessing by the cut|sort|uniq pipes. Regards, Arno
RE: Why Debian 8.1 has no torrents beyond first 3 DVD ISO images
From: cu...@free.fr Date: Sun, 14 Jun 2015 18:12:11 + On 2015-06-14, John Hasler jhas...@newsguy.com wrote: arnuld uttre writes: Well, I need many packages which normal users don't use, like stumpwm, ppcre, sbcl, clisp, gcc, mpd, gmpc, feh, theora etc. I have used Debian Sarge (and in those days I only had CDs) and I noticed some package I wanted were only in last few CDs You don't need the source packages nor the ones for architectures other than your own. Without having researched the question, is there a simple way of knowing which dvds contain what (a package list or something)? Yes, the list-cd/ and list-dvd/ subdirectories on the cdimage server: $ wget http://cdimage.debian.org/debian-cd/current/amd64/list-dvd/debian-8.1.0-amd64-DVD-{1..13}.list.gz [..] $ zgrep -E '^(stumpwm|cl-ppcre|sbcl|gcl|mpd|gmpc|feh|libtheora0)_' * | cut -d: -f1|sort|uniq debian-8.1.0-amd64-DVD-1.list.gz debian-8.1.0-amd64-DVD-2.list.gz debian-8.1.0-amd64-DVD-3.list.gz debian-8.1.0-amd64-DVD-5.list.gz debian-8.1.0-amd64-DVD-6.list.gz Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w188f0e621287fd69f45d15b8...@phx.gbl
RE: cdda2wav missing
To: debian-user@lists.debian.org From: rodolfo.med...@gmail.com In Sid, trying to install cdda2wav that I've always used, the package is no more available. Why, and how to replace it in command line? I could not work it out with Google. It has been missing for a long time. Since 2010, to be exact: http://archive.debian.net/etch/cdda2wav In Etch, cdda2wav was replaced with icedax. Regards, Arno
RE: changing from BIOS to GPT
Date: Mon, 8 Jun 2015 11:24:20 +0200 From: geo...@nsup.org More precisely: a conforming UEFI firmware MUST be able to read FAT32 partitions. It CAN be able to read other types: apple's implementation can read apple's proprietary filesystem. If you KNOW that YOUR firmware supports ext2, you can use ext2. More likely, your firmware only supports FAT32, possibly NTFS. Ah, I did not know that the EFI spec didn't mandate FAT32 for the ESP. Its partition type in gdisk should be EF00, and it should be mounted on /boot/efi. Not much. It should be mounted there if you want to use grub-install with the default options, and probably a few other similar tools, but that is all. Well, default options are default options. Debian tools expect the ESP to be mounted at /boot/efi. That's enough of a should for me. Debian has always provided ways to deviate from the default setup, but that doesn't alter the premise. [ESP] is required to be present when using EFI boot. This is not true at all. When using UEFI boot, you need a bootloader on a supported filesystem in a supported partition, pointed by the UEFI variables for the menu. The GPT type of the partition is irrelevant. Yet, the EFI spec only requires the firmware to support FAT32... You need an UEFI system partition with the precise characteristics if you want your firmware to GUESS the bootloader to use on the device, without a boot variable pointing to it. ...and the EFI firmware only looks for bootloaders in a partition of type 0xEF or C12A7328-F81F-11D2-BA4B-00A0C93EC93B. That you can find ways to configure your UEFI system to boot without a partition of that specific type doesn't invalidate my statement though. The spec mandates a discoverable partition, and it wouldn't surprise me if half of the firmwares out there would flatly refuse to read files from a partition with the wrong type. (which we already knew, as Windows does not support booting in EFI mode from an MBR-style disk) I am no windows specialist, but I doubt this is true: I have observed a barely-conforming laptop without BIOS emulation booting a windows 8 recovery USB stick formated in MBR format. From https://msdn.microsoft.com/en-us/library/windows/hardware/dn336946.aspx: [..] you receive the error message: Windows cannot be installed to this disk. The selected disk is not of the GPT partition style, it's because your PC is booted in UEFI mode, but your hard drive is not configured for UEFI mode. You’ve got a few options: - Reboot the PC in legacy BIOS-compatibility mode. This option lets you keep the existing partition style. [..] - Reformat the drive for UEFI by using the GPT partition style. This option lets you use the PC’s UEFI firmware features. Regards, Arno
RE: changing from BIOS to GPT
Date: Sun, 7 Jun 2015 23:23:26 -0400 From: garyd...@torfree.net On top of that, grub installs its stage2 bootloader in the unclaimed space between the MBR and the first partition. That space is not unused in the GPT disk format, so when you simply convert your existing partitions, grub will have no place to install its stage2 and grub-install will error out. To have grub-pc boot from a GPT disk, you need to have a Bios Boot Partition (gdisk partition type ef02) of at least 128kB. I added one early on in the process. It's 100M which should be plenty. I later formatted it as FAT32 after reading that it need that, but it didn't help. There's still some confusion here: - The ESP (Efi System Partition) is recommended to be around 100-200MB and should be formatted as FAT32. Its partition type in gdisk should be EF00, and it should be mounted on /boot/efi. It is required to be present when using EFI boot. - The BBP (Bios Boot Partition) is only needed to store grub's second- stage loader and doesn't need to be any larger than 1MB. It should not be formatted or mounted, as grub will use the raw space. Its partition type in gdisk is EF02. It is only needed when using grub to bios-boot from a GPT disk. Luckily, most partition tools start their first partition at the 1MB boundary, so you can usually create that bios boot partition between sectors 40 and 2048, but that's not a given. The original Windows layout had a recovery partition starting at 2048 and the main Windows partition coming after that. There wasn't an EFI partition on the original layout. Nor did I add one when I shrank the main partition and installed Linux. I only added an EFI partition after switching to GPT. If there wasn't an EFI System Partition, you were not booting through UEFI but in BIOS mode (which we already knew, as Windows does not support booting in EFI mode from an MBR-style disk). I can't explain how grub-efi came to be on your system, but it wasn't what made your system boot. Regards, Arno
RE: changing from BIOS to GPT
(sending again through hotmail's web interface -- apologies for anything my MUA may do to the content) Date: Sun, 7 Jun 2015 14:23:40 -0500 From: deb...@lionunicorn.co.uk Quoting Gary Dale: Arno Schuring said: reconfigure grub in this case meant uninstalling grub-pc and installing grub-efi, right? No actually. I never uninstalled grub-pc. The machine seemed to have grub-efi-amd64 all along. What I meant was the more mundane update-grub sequence. Also, I've been using EF02 as the gpt partition type for the efi partition. So far I've never had a problem with that. I don't think that matters. I have read that converting a disk from MBR to GPT, quite simply, breaks grub, whichever version. So it needs to be reinstalled. It does, but what it breaks is the installed bootloader, not the grub installation. So it needs to be reinstalled is correct, but aptitude reinstall grub-pc is the wrong solution. You should be running update-grub and grub-install, using the package manager will not solve the issue (except for the fact that both update-grub and grub-install /may/ be triggered as part of the package installation). On top of that, grub installs its stage2 bootloader in the unclaimed space between the MBR and the first partition. That space is not unused in the GPT disk format, so when you simply convert your existing partitions, grub will have no place to install its stage2 and grub-install will error out. To have grub-pc boot from a GPT disk, you need to have a Bios Boot Partition (gdisk partition type ef02) of at least 128kB. Luckily, most partition tools start their first partition at the 1MB boundary, so you can usually create that bios boot partition between sectors 40 and 2048, but that's not a given. Note that the above applies if simply switching from dos-style to gpt-style partitioning. It doesn't apply when switching from legacy boot to efi boot. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w49141a0e6d750156db5747b8...@phx.gbl
RE: changing from BIOS to GPT
Hi, Date: Fri, 5 Jun 2015 14:45:04 -0400 From: garyd...@torfree.net I have a computer that was set up with an the older style partition table and wanted to convert it to GPT. Since the first partition started at 2048, I figured this wouldn't be a problem. Just use gdisk to write a new partition table after stealing some space from swap for an EFI boot partition. Then reconfigure grub... reconfigure grub in this case meant uninstalling grub-pc and installing grub-efi, right? And that EFI boot partition is mounted on /boot/EFI, is formatted as FAT32, and has the correct partition type (EF01 in gdisk iirc)? [..] created new Linux and Swap partitions that I installed Jessie to. These were extended partitions that gdisk converted to primary (it displays them as primary but with the original numbers). There's no such thing as primary/extended/logical partitions with GPT. Now I don't even to get a grub rescue prompt. I've tried reinstalling grub in a chroot after booting with system rescue cd but that didn't work. I've reinstalled grub to /dev/sda but again without success. Update-grub sees the partitions but doesn't give me a bootable system. BTW: Grub is the grub-efi-amd64 package. At one point I did get it to boot after using F12 to bring up a boot menu and booting from the first HD, but I haven't been able to repeat that. That probably wouldn't have worked anyway, as EFI doesn't boot from HD. That boot from HD option probably tried a legacy boot. Instead, EFI relies on a list of bootloaders that's stored in nvram. You can use efibootmgr to query or modify this list. However, that gives you a nice chicken-and-egg problem. Modifying the efi boot list can only be done through efi system calls, and the efi system calls are only available if your system is booted in EFI mode to begin with. See http://blog.uncooperative.org/blog/2014/02/06/the-efi-system-partition/ for a description of the boot process. There is a default efi bootloader, it should be located as /boot/efi/efi/boot/bootx64.efi assuming your ESP is mounted correctly (see above). Grub is probably installed as grubx64.efi, you may want to copy the grub efi loader to this default location and try again. If that fails, your next attempt at fixing this would be to find a copy of shellx64.efi on the 'net. It's a part of Intel's EFI SDK, but easily available as a separate download (eek! downloading unsigned binaries from random sites). If you put it in the root of the ESP (i.e. /boot/efi/shellx64.efi), your firmware/bios may offer you a separate option to boot this shell instead. Note the use of may, there is no standard for this. That shell pretty much behaves as a dos prompt with tab completion, you can try to start grubx64 from there. That's pretty all the pointers I can give you. The process above is how I converted one of my machines from legacy to efi boot. Be prepared for a lot of reading, trialing, and erroring. Best of luck, Arno
RE: Old Computers
From: lisi.re...@gmail.com Date: Tue, 2 Jun 2015 16:46:17 +0100 On Tuesday 02 June 2015 16:28:30 lostson wrote: On Tue, 2015-06-02 at 16:07 +0100, Lisi Reisz wrote: On Tuesday 02 June 2015 14:55:51 Sven Arvidsson wrote: I thought of DSL. But it needs an i486. :-( http://www.damnsmalllinux.org/ http://distrowatch.com/table.php?distribution=damnsmall Lisi How about Tiny Core Linux http://distro.ibiblio.org/tinycorelinux/faq.html#req Needs i486. :-( The Linux kernel itself requires 486, it doesn't build for 386 anymore. IIRC it's because it uses the CMPXCHG instruction to implement locking, and that instruction isn't available on 80386. Regards, Arno
RE: Strange problem with *.local / avahi / zeroconf
(apologies in advance for any mangling caused by hotmail's web interface) From: b-m...@gmx.ch Date: Fri, 29 May 2015 21:19:48 +0200 On Friday 29 May 2015 18.11:29 Arno Schuring wrote: [..] Sorry, forgot to mention, ping with ip does work, only ping with hostname.local doesn't. Avahi-discover is great, thanks! But I'm only one step further, since now after a reboot, when everything works as expected, it shows the server's hostname as a Workstation. I can get its details (IP address etc.) When connections using the hostname stopped working, the hostname is still shown as a Workstation, but I cannot get its details anymore, instead I get the following error: org.freedesktop.Avahi.TimeoutError: Timeout reached What timeout is that, one on the server or one on the client? I still don't get it :-( The timeout error is from the client, but the reason is likely that the server is no longer reponding to requests. You said you had multiple clients, do they all fail at the same moments? If all your clients fail at the same time, the cause is likely to be on the server. If one client fails while the others still work fine, your problem is more likely to be misconfiguration of the clients. My money's on the server being the cause. I have no direct knowledge of avahi-daemon, but the generic advice is to run the service manually (i.e. run avahi-daemon --debug on the server), or check /var/log/daemon.log or /var/log/messages and hope that avahi does useful logging. Best of luck, Arno
RE: How to boot without GUI
From: cu...@free.fr Date: Fri, 29 May 2015 20:16:15 + That seems to ring a bell, now that you mention it (seems I do remember intentionally installing gdm3 at some point on this machine). Except the name of the previous package was gdm (version 2.20.11-4) not gdm2. So Squeeze never provided a gdm2 package, you're wrong on that point. There are two versions of 'gdm' in Squeeze, one named 'gdm' and the other 'gdm3', corresponding to versions 2.20.11-4 and 2.30.5-6squeeze5. Reco never stated that there was a package gdm2, just that squeeze shipped with both versions. There used to be just one package, gdm, and it installed the display manager for gnome. That package was called gdm for gnome 1, and was called gdm for gnome 2. However, gdm became unmaintained as of gnome 2.20, and was replaced with a complete rewrite as of gnome 2.30. But the rewrite did not have all the features of gdm (iirc), so Squeeze shipped with both. It's only with the introduction of gdm3 that people started referring to the original gdm as gdm2. Before gdm3, there was only gdm. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub119-w26cfe89479dd54ddb7178ab8...@phx.gbl
RE: Strange problem with *.local / avahi / zeroconf
Hi, One machine runs apache2 with services like owncloud as well as avahi-daemon. Other machines (clients) connect to it, e.g. with the owncloud client, using hostname.local as URL. After some time, maybe 2 or 3 minutes or so, the other machines loose the connection. In a browser I cannot connect, I cannot ping, nothing. It's absolute reproducable. You cannot ping the machine's ip address, or you cannot reach (resolve) the .local hostname? If I restart a client, it can reconnect, but only for a few minutes. This happens for both, Jessie and Mac OS clients. I went already through a reset of the router, no effect. Your router has nothing to do with it, unless it's actively blocking the traffic. The .local hostnames are resolved through mdns (multicast dns), which is provided by avahi-daemon on the server side, and libnss-mdns on the client. You could use a tool like mdns-scan or avahi-discover to list the services on the current network, to verify the presence or absence of the service. I suspect you may need to read man avahi-daemon.conf, specifically the rate-limiting options. Of course there is no mention of what happens when the limit is reached, or what the default values are. I would point you to the server's logfiles, but I can't say for certain if avahi logs anything at all. Regards, Arno
RE: strange booting behavior
Hi, On 5/19/15, Arno Schuring aelschur...@hotmail.com wrote: Note that you can add break=premount to the kernel cmdline to force an initramfs shell, then use sh -x /scripts/$phase/$script to manually step through the initramfs procedure. You can use grep maybe_break /usr/share/initramfs-tools/init to check the valid break= values, and their order. stepping sounds like a great way to debug, but i'm out of my depth. i don't know what premount is (is that a phase? a script? something else?), or what initrd does (all i know is it's a ramdisk and has a fake root fs for some reason). i will of course be happy to try this, but i won't know what scripts to run, in what order, or what the results will mean. premount is just one of the breakpoints in the initramfs where you can break out and get a shell. The init procedure is completely shell-based, you may try reading /init lines 208-238 to get a feel for it. Basically, every phase is represented as a directory in /scripts, and the order in which the scripts are run is determined by a /scripts/$phase/ORDER file in each directory. /scripts/local-top/cryptroot is probably the most interesting script for you to run, and I don't think it has many dependencies since you're not using lvm. But ORDER is itself a shell script as well :) Beyond that, I don't think I can be of much help. I only know about this because I'm using a custom unlock procedure for my rootfs. I can't tell you about the design of the initramfs, nor do I know if what I'm advising here is the easiest way. Also, can you verify that /conf/conf.d/cryptroot exists in the initramfs and contains the correct line? instead of rebooting to determine this and trying to transcribe it, is it ok to extract the initrd as it is on disk? i did so and got this: target=toshiba-root,source=UUID=...,key=none,rootdev (where ... is the correct uuid according to blkid for /dev/sda3, which is the partition on which encrypted root resides). does that seem correct? yes, that should be correct. in fact, in the initrd busybox shell, i can do cryptsetup luksOpen /dev/sda3 toshiba-root. i do not know how or where to mount it, however. mounting it on / not work. You need to mount it (readonly) on /root. Then exit the initramfs shell and the boot should continue normally. on /root, as in the superuser's home dir for dot files etc.? Yes. There is no home dir in the initramfs. It's a bit counterintuitive, but it does make sense to mount the real root filesystem on /root. It's just a shame that 'root' has more than one meaning. Regards, Arno
RE: strange booting behavior
Hi, i am still trying to get something to boot and will be grateful for any suggestions, including other places to ask. [..] grub comes up, i select the default debian version. the kernel loads and starts doing things for 7 seconds. [..] Note that you can add break=premount to the kernel cmdline to force an initramfs shell, then use sh -x /scripts/$phase/$script to manually step through the initramfs procedure. You can use grep maybe_break /usr/share/initramfs-tools/init to check the valid break= values, and their order. then drops into a shell, initramfs. the error message is roughly like the following (transcribed manually, ... not in the original). Check cryptopts=source= bootarg:cat/proc/command line or missing modules, device:cat/proc/modules ls/dev -r ALERT! /dev/disk/by-uuid/a892...732 does not exist dropping to a shell! i do not understand this error message. that partition DOES exist. the uuid refers to /dev/sda3 (the raw partition that contains encrypted root). Does the partition exist, or does the /dev/disk/by-uuid/... symlink exist? The error message clearly indicates it's looking for a /dev/disk/by-uuid symlink, so the presence of /dev/sda3 is not enough. Also, can you verify that /conf/conf.d/cryptroot exists in the initramfs and contains the correct line? in fact, in the initrd busybox shell, i can do cryptsetup luksOpen /dev/sda3 toshiba-root. i do not know how or where to mount it, however. mounting it on / not work. You need to mount it (readonly) on /root. Then exit the initramfs shell and the boot should continue normally. strangely, despite having dropped into an initramfs shell, the kernel keeps spewing USB messages every 30 seconds or so. these start with usb disconnect, then new usb device and it mentions my mouses and stuff. i have to clear the screen each time. I would expect that dmesg -n 1 should solve that, but am not sure if that works within the initramfs. Hope this helps, Arno
Re: Services die afhankelijk van elkaar zijn
Paul van der Vlis (p...@vandervlis.nl on 2012-12-04 11:46 +0100): Ik draai een systeem waarbij enkele services afhankelijk van elkaar zijn. Als bijvoorbeeld de database herstart wordt, bijvoorbeeld voor een security update, dan moet ook een andere service herstart worden, want die doet het dan niet meer (en hersteld zich ook niet). Is er binnen Debian een mechanisme om dit te automatiseren? Min of meer. Dependencies kunnen worden aangegeven in de LSB-headers van de init scripts, en insserv (vanaf Squeeze) en systemd snappen deze dependencies. Zie man 8 insserv. Lees dan vooral ook de sectie over overrides, zodat dpkg niet bij de volgende upgrade gaat vragen om het init script te vervangen. Dus dat als b.v. de database herstart wordt, ook een andere service herstart wordt? Deze dependencies zijn enkel voor het bepalen van de opstartvolgorde; bij het herstarten van services worden ze niet meegenomen. Het ontwerp van Upstart biedt wel deze mogelijkheid (stop on stopping en start on started events), maar of dit volledig is geïmplementeerd voor package upgrades weet ik niet. Of is er principieel iets mis met een service als deze dusdanig afhankelijk is van een andere service, dat die andere service niet even herstart kan worden? Dat hangt af van de service, maar de meeste Unix-services volgen het client-server model, en daarbij maakt het geen verschil of de services of dezelfde machine of op verschillende machines draaien. Het hele Internet is in zekere zin gebaseerd op robuustheid, op het automatisch kunnen herstellen van verbindingsfouten. Een client service die omvalt bij de eerste communicatiestoring zou mij in ieder geval niet veel vertrouwen geven in de maker ervan. De enige uitzondering daarop die ik ken (en die daarover ook genoeg kritiek ontvangt) is dbus: als de messagebus-server onderuit gaat zijn clients niet in staat om opnieuw te verbinden als deze wordt herstart. Groeten, Arno -- To UNSUBSCRIBE, email to debian-user-dutch-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121204201852.2ac4d...@murid.intra.loos.site
Re: OT: The following packages will be REMOVED:
Ralf Mardorf (ralf.mard...@alice-dsl.net on 2012-11-14 19:41 +0100): On Wed, 2012-11-14 at 13:30 -0500, Tom H wrote: And if for Debian udev still should be available as an independent package, then because Debian maintainers extract it from systemd, In April 2012, udev's source tree was merged into systemd - http://en.wikipedia.org/wiki/Udev Actually, it's because Wheezy's udev version (175) is from before the systemd merge. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121114230751.44f47...@murid.intra.loos.site
Re: Found problem source - BUG or undocumented feature? - was[Re: Mounting of USB flash drives - observed strangeness]
Richard Owlett (rowl...@cloud85.net on 2012-11-14 13:05 -0600): The source of the discrepancy is whether or not a USB flash drive is present (for whatever reason) during Debian installation. If there has been no USB flash drive present during install, then a labeled device shows up as /media/device label as expected. Having just done some Wheezy usb installs, I can confirm this for wheezy. However I'm not sure what solution it is you're looking for (do not create /media entry points for usb removables detected during install?). If you can explain that, perhaps the formulation of the bug report follows naturally. While you're at it, you may want to ask why the installer doesn't allow putting /media on a separate filesystem. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121114225758.43bc8...@murid.intra.loos.site
Re: debian 6.0.5 ISO installation issue. GRUB .. file not found
Muhammad Yousuf Khan (sir...@gmail.com on 2012-08-09 16:55 +0500): i just installed debian from 6.0.5 amd64 net CD. with basic options. installation went fine but in first boot. shows me this Welcome to GRUB error : file not found grub rescue If memory serves me right, you need to rescue set root=(hd0,1) Assuming that /boot is a separate partition, created as /dev/sda1. Season to taste. The grub shell has tab-completion, not sure if the rescue shell has the same. If the installer created one single partition, you may also need rescue set prefix=($root)/boot/grub rescue insmod normal rescue normal And from there the regular grub commands (linux, initrd) should work. There may also be a command to start the menu from there (insmod gfxmenu?). An easier but slower solution is to boot again from the installation disc, start a rescue shell and re-run grub-install and update-grub. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120809165340.4d3f0...@viper.intra.loos.site
Re: [OT] what is the correct way of setting up lvm
Umarzuki Mochlis (umarz...@gmail.com on 2012-03-18 21:08 +0800): this not a debian issue but a general linux issue i had set a LUN (e.g.: /dev/sdb) that can be seen from a server but after some time (rsync to this logical volume) it got remounted read-only and there's unlinked-inode from dmesg. my method of creating a ext3 logical volume is # pvcreate /dev/sdb # vgcreate backup /dev/sdb # lvcreate -n mailbackup --size 1200g backup # lvextend -l +100%FREE /dev/backup/mailbackup # mkfs.ext3 /dev/backup/mailbackup I don't see anything obviously wrong, but using lvextend on a new VG isn't really necessary. I'd have used # lvcreate -n mailbackup -l 100%VG backup The remount action may have been triggered because of a communication error between the host and the san. Were you sharing the iscsi target between multiple hosts? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120318182604.7b590...@viper.intra.loos.site
Re: [OT] how to take care of hand
lina (lina.lastn...@gmail.com on 2012-02-04 00:57 +0800): Hi, are there some suggestions about how to take care of hand? for weeks, I felt the hand especially the thumb get strengh-less in typing, and kinda of stiff, I've never hand problems with my hands, it's always been wrist or shoulder for me. I can't avoid using mouse ( even has changed to a light one) and keyboard, googled some way, a bit horrible, someone even said need do operations. I'm still using a 10+ year old Logitech Mouseman. It's the one mouse that somewhat matches my natural hand positioning. I've also swapped right-button with the thumb button. As for operations: this is not a medical forum. are there some good way of avoiding it. 3 years ago I once had, but gone within week. now I get handache about it. Headaches? Take a good look at your posture. Mousing too far from your body will imbalance your shoulder, and that will strain your back and neck muscles. I've found that the most natural position for me is placing the mouse on my thigh. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120204103321.54caf...@viper.intra.loos.site
Re: ext4 extends implementation question
Alberto Fuentes (alberto.fuen...@qindel.com on 2012-01-23 09:24 +0100): On 01/10/2012 11:31 PM, Arno Schuring wrote: afuentes (alberto.fuen...@qindel.com on 2012-01-10 10:33 +0100): What happens when you run out of space to allocate new extends in ext4? is not allowed to write anymore even tho there are tons of blocks available? I'm unsure what you mean. Extents is only an optimization strategy for allocating contiguous blocks. If there are no contiguous blocks, ext4 falls back to allocating singular blocks, but with normal usage patterns you should never get tons of blocks available with none of them contiguous. At least, that's how I understand it. Are you getting allocation failures with still plenty of space available? Regards, Arno This is how i see it [X][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][X][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][X][X][X][X][X][ ][ ][ ][ ] [X][X][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][ ][ ][ ][ ][ ][ ][ ][ ][ ] [-][-][-][-][-][-][-][-][-][-][-][-] [-][-][-][-][-][-][-][-][-][-][-][-] row= extends [x]= used [ ]= allocated [-]= free That's not how extents work. What you are describing is a large block granularity, not extents-based allocation. There is no reason why the next allocation can't happen like this: [X][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][X][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][X][X][X][X][X][A][A][A][A] [X][X][ ][ ][ ][ ][ ][ ][ ][ ][ ][ ] [X][X][X][ ][ ][ ][ ][ ][ ][ ][ ][ ] [-][-][-][-][-][-][-][-][-][-][-][-] [-][-][-][-][-][-][-][-][-][-][-][-] Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120123202148.3be5a...@viper.intra.loos.site
Re: Grub cannot fit into boot record
John Hasler (jhas...@newsguy.com on 2012-01-14 12:25 -0600): Panayiotis writes: I have another computer running Wheezy with lvm and it's working fine. Maybe it's the sum of the md driver + lvm driver that is too big to fit in the gap? Use Lilo. It doesn't use the gap at all. That's true, LILO uses a blocklist IIRC. IMHO putting critical boot software in an unallocated area that other software will (not unreasonably) assume contains nothing important is a loony idea. It's not any more loony than hardcoding the disk sectors in which the kernel file resides. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120115142440.3fe30...@viper.intra.loos.site
Re: network / nat / port forward -- problem
YR (zha...@videotron.ca on 2012-01-12 16:34 -0500): The system has 2 network cards. Debian accesses the internet via eth0 without problems. (typical dhcp getting IP from ISP) the internet connection is shared, and the xp machine connected to eth1 connects to the internet also without problems (none that I saw anyway) the dhcp server on debian assigns an ip to the eth1 machine successfully in the 10.x.x.x range First things first -- you have no modem, or the modem is in bridge mode (i.e. your Debian machine is directly connected to the Internet)? In what range is the IP address of your Debian box? my problem is that I cannot access the machine on eth1 when it serves. For example, from the machine connected to eth1 I could play quake 3 connecting to a server on the internet flawlessly, but I cannot host a server myself, others can't connect to me. how to I forward the ports to the eth1 machine so that I can have a server on it? (or as routers often call it virtual servers) You need port forwarding, known as DNAT to friends. The official documentation is here: http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html Some examples: http://linux-ip.net/html/nat-dnat.html I also want to activate the firewall on the debian machine but that also has caused problems with the internet connection sharing, leaving the machine on eth1 connectionless. You already have a firewall, or you would have serious issues with connectivity from your eth1 box. How did you activate the firewall? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120113005731.494e5...@viper.intra.loos.site
Re: ext4 extends implementation question
afuentes (alberto.fuen...@qindel.com on 2012-01-10 10:33 +0100): What happens when you run out of space to allocate new extends in ext4? is not allowed to write anymore even tho there are tons of blocks available? I'm unsure what you mean. Extents is only an optimization strategy for allocating contiguous blocks. If there are no contiguous blocks, ext4 falls back to allocating singular blocks, but with normal usage patterns you should never get tons of blocks available with none of them contiguous. At least, that's how I understand it. Are you getting allocation failures with still plenty of space available? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120110233113.6c2f8...@viper.intra.loos.site
Re: No sound after purged some gnome packages
Csanyi Pal (csanyi...@gmail.com on 2012-01-10 18:05 +0100): Hi, I have problem with sound. Can't hear anything except PC speaker's beep. This PC Speaker is in the PC Box and is small. :) [..] Aplay can't find any soundcard. aplay -l aplay: device_list:242: no soundcards found... [..] What I did is that that I just purged almost all gnome packages from my Debian SID and maybe purged some essential packages for sound. Smart money's on a missing alsa-base package. To be more thorough: - Is alsa-base still installed? - Are you still a member of the audio group? - What are the permissions on /dev/dsp and /dev/mixer? What is the output of: $ lsmod | grep snd $ cat /proc/asound/cards Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120110234554.101e4...@viper.intra.loos.site
Re: SATA disk errors
Tony van der Hoff (t...@vanderhoff.org on 2011-12-31 18:21 +): 199 UDMA_CRC_Error_Count0x003e 200 199 000Old_age Always - 455 This is your problem (well, symptom). The disk isn't failing hardware-wise, but it is seeing a lot of transmission errors. The ATA bus errors in dmesg seem to agree with that. I'd say you have a problem on the SATA bus. That can be either a faulty controller, faulty wiring or a faulty SATA chip on the disk. If you can, try to swap the disk positions or connectors. If the problem remains on ata3, the problem is in the controller. Similar tests can help you rule out faulty cables. Stan Hoeppner (s...@hardwarefreak.com on 2011-12-31 17:04 -0600): On 12/31/2011 12:21 PM, Tony van der Hoff wrote: /dev/sda 1 Raw_Read_Error_Rate 243530983 7 Seek_Error_Rate 18363743 /dev/sdb 1 Raw_Read_Error_Rate 138763088 7 Seek_Error_Rate 1374378 Interestingly, SMART says these two drives have been in service only 2.6 months: 9 Power_On_Hours 1893 This indicates both drives are failing and should be replaced ASAP. As Camaleon has said, for Seagate drives this isn't necessarily true. My WD drives keep the raw value strictly at 0, but the Seagates I use always report very high read error rate (same goes for ECC recovered). They seem to me more like debug flags than actual counters. I find it more instructive to look at the longevity indicators in the middle (VALUE, WORST and THRESH), because they help interpret the raw data without requiring you to read a data sheet. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120103005853.03f17...@viper.intra.loos.site
Re: Rkhunter warning
David Baron (d_ba...@012.net.il on 2011-12-27 12:12 +0200): Warning: Network TCP port 13000 is being used by /sbin/rpc.statd. Possible rootkit: Possible Universal Rootkit (URK) SSH server Use the 'lsof -i' or 'netstat -an' command to check this. rpc.statd is started by nfs-common. False alarm? Bug? Serous trouble? If you have installed rpc.statd and have it running, it could be a false alarm. Have you tried profiling the port (with an ssh client or nmap)? You can ask rpcinfo for confirmation: $ rpcinfo -p program vers proto port [..] 1000241 udp 20492 status 1000241 tcp 20492 status # lsof -i |grep stat rpc.statd 15685statd 5u IPv4 463090t0 UDP *:1021 rpc.statd 15685statd 7u IPv4 463180t0 UDP *:20492 rpc.statd 15685statd 8u IPv4 463210t0 TCP *:20492 (LISTEN) By default, rpc.statd uses a random port number. If you restart nfs-common, chances are that it will pick a different port number. You can force a different (static) port by editing /etc/default/nfs-common. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111227202333.5fe6f...@neminis.intra.loos.site
RE: which is the best command to use
well, I have two files: File_a.txt a a a File_b.txt b b b I wish to get a file_ab.txt as a b a b a b man 1 paste Regards,Arno
Re: which command I should use to extract the matching part out
lina (lina.lastn...@gmail.com on 2011-12-19 23:53 +0800): sed -n '/^model 1/q;/^model 0/,$p' Just realize the sed -n '/model 0/,/model 1/'p can also do that. (so newbie I was/am). just still don't understand above sentence. sed -n '/^model 1/q;/^model 0/,$p' The semicolon separates two commands. The first one matches on model 1, and quits sed (stops processing). The second one is a range command, matches from the model 0 line to the end of the file ($), and prints the current line. Arguably, the single range command (/model 0/,/model 1/) is a better solution because it also works in the aggregate case (cat *|sed instead of sed *). Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111219192856.4d59a...@neminis.intra.loos.site
Re: How can I find the BusID?
lina (lina.lastn...@gmail.com on 2011-12-11 00:33 +0800): Hi, I don't know how to find the BusID for: xorg.conf Section Device Identifier aticonfig-Device[0]-0 Driver fglrx BusID PCI:1:0:0 (Here the one seems not correct) cause there is an warning: No matching Device section for instance (BusID PCI:0@1:0:1) found Your line is correct. The reason for the warning is that your card is dual-head, and both heads have their own pci address. The message is harmless as both fglrx and radeon understand the second head without needing it configured. # lspci | grep VGA 01:00.0 VGA In my case: 01:00.0 VGA compatible controller: ATI Technologies Inc RV350 AS 01:00.1 Display controller: ATI Technologies Inc RV350 AS (Secondary) Which is why the second controller doesn't show up, apparently it isn't VGA-compatible :) Another question, How do I check whether there is a 3D acceleration, seems 2D have. Besides the direct rendering, you can also check the opengl version: $ glxinfo|grep -i opengl OpenGL vendor string: X.Org R300 Project OpenGL renderer string: Gallium 0.4 on ATI RV350 OpenGL version string: 2.1 Mesa 7.11.1 OpenGL shading language version string: 1.20 Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111211221932.706a2...@neminis.intra.loos.site
Re: voortgang aptitude safe-upgrade
Geert Stappers (stapp...@stappers.nl on 2011-12-11 16:06 +0100): On Sun, Dec 11, 2011 at 03:25:26PM +0100, Geert Stappers wrote: Hoi, Hoe kun je zien dat `aptitude safe-upgrade` nog vorderingen maakt? Ik heb al een tijdje deze regel op mijn scherm staan: open: 1741; closed: 4659; defer: 119; conflict: 80 o Dit karakter zou moeten pulseren: ^ (de volgorde is dacht ik . o O o) Groet, Arno -- To UNSUBSCRIBE, email to debian-user-dutch-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (sthu.d...@gmail.com on 2011-12-06 01:18 +0700): Thank You for Your time and answer, Arno: a) locking the root account (passwd -l root), which will give you sulogin: root account is locked, starting shell That's the point - sudo is used on the system and the root account is blocked. Que? http://lists.debian.org/debian-user/2011/12/msg00075.html -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111206201500.3ef0f...@neminis.intra.loos.site
Re: where to get patched older kernel for example 2.6.39
Jim Green (student.northwest...@gmail.com on 2011-12-06 05:17 +): On 6 December 2011 05:07, Bob Proulx b...@proulx.com wrote: Do you have any examples of something in the Linux 3.x kernel that isn't in the 2.6.38 kernel that is likely to cause trouble? Actually I don't :) I haven't got the chance to look through the long changelogs.. my other concern using the 3.** kernel is my .config for the kernel, probbaly it doesn't work for 3.** kernel because of new kernel parameters or parameter changes.. I think you'll be pleasantly surprised. I'm sure there are some changes (I can recall a submenu being moved around sometime in recent history, which made all parameters appear as NEW), but most of them will be additional drivers which you can safely ignore. Just to be sure: you do know about make oldconfig, right? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111206203328.4b133...@neminis.intra.loos.site
Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (sthu.d...@gmail.com on 2011-12-03 17:53 +0700): [..] A standard Debian config should not offer a passwordless root shell unless you explicitly ask for it, Oh, no! I didn't! :) Do You have an idea where to look for that? - I have no ideas, absolutely. Just as a pointer, you can get a passwordless root shell by: - interrupting initramfs: specify break=init on the kernel command line - overriding init: specify init=/bin/bash on the kernel command line - configuring inittab: either add a bootwait line spawning /bin/*sh or tell getty to bypass login with -l /bin/*sh - setting SULOGIN=yes in /etc/default/rcS, and either a) locking the root account (passwd -l root), which will give you sulogin: root account is locked, starting shell b) deleting root's password (passwd -d root), which will give you Press enter for maintenance(or type Control-D to continue) All four methods above will give you an unconditional root shell. Since yours only spawns on error, none of the above applies. On other hand, if we pursue this idea - that physical access makes a host absolutely undefended, - we can let root account to be password-less - for why worrying? Setting a root password will still protect you from remote users that have access to login programs (such as su). Locking the root account reduces the attack surface to your sudoers configuration. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111203150013.1fa5b...@neminis.intra.loos.site
Re: relocation error: and segmentation fault
Dennis Wicks (w...@mgssub.com on 2011-12-03 13:38 -0600): It looks like I am going to have to restore some libraries at the least. Is there any way that I can refresh or reinstall my system without wiping out all the other things I have on the same disk? eg /home and other user directories and optional software. Can you still run dpkg? Then your best bet is to use a different machine to download just enough to get apt working again (that's only libc6, libgcc1, libstdc++6 and zlib1g on testing). If some configure script cannot run because of a missing library, you can postpone it by using dpkg --unpack instead of dpkg -i. When you have apt working, you can work on restoring the rest of your system. My advice would be to (re)install aptitude first, see below why. You can use ldd to find out which libraries are missing, and dpkg -S to get the package to which they belong. As an example: $ ldd `which apt-get` linux-gate.so.1 = (0xf7757000) libapt-pkg.so.4.10 = /usr/lib/libapt-pkg.so.4.10 (0xf7634000) [..] libdl.so.2 = /lib/i386-linux-gnu/i686/cmov/libdl.so.2 (..) libz.so.1 = /usr/lib/libz.so.1 (0xf739) /lib/ld-linux.so.2 (0xf7758000) $ dpkg -S /usr/lib/libz.so.1 zlib1g: /usr/lib/libz.so.1 If libraries are missing, they will show as '= not found'. That means you will have to guess the full path, use another system as reference, use apt-file to search for the package, or just guess. Most libraries are in /lib or /usr/lib on Squeeze, but on Wheezy you'll find some in the old location and most in an architecture-specific location such as shown above. When you have aptitude working, you're almost home. A full system rebuild can be done with # aptitude reinstall ~i Or just the libraries: # aptitude reinstall ~slibs (Don't about the tons of not installed, so not reinstall messages). Best of luck, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111204011531.2185c...@neminis.intra.loos.site
Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (sthu.d...@gmail.com on 2011-12-02 15:17 +0700): From here it's all guesswork. You'd need to provide a full bootlog up to the point where the shell is started to get any meaningful answers. Hmm. I thought everybody has the same OS behavior in such condition... And the problem here is only improper/default configuration. That could very well be, but I haven't had a boot problem in years (well, except when trying out systemd). A standard Debian config should not offer a passwordless root shell unless you explicitly ask for it, but I can think of at least four ways to get such a root shell -- not including misconfiguration, bugs or alternative boot devices. I have grepped through my logs on HDD partition that caused the boot stop (because one partition was not mounted that set to be auto mounted) - I don't think you'll find anything in the system logs. From the little information you have given, it is clear that the system has not fully started, so there is no reason to assume that /var/log is accessible or that syslog is running. Early boot messages should be found in /var/log/boot, but bootlogd seems very hitmiss on my systems. Filesystem checks are logged in /var/log/fsck. In general, am I correct in understanding the situation, that what I gonna do is abnormal behavior in Debian distro., and to have the root password-less shell in emergency cases is OK for some (to developers / security team) reasons It's not about emergency situations, although it certainly can be used as such. It's about accesss: if anyone has physical access to your machine, there are so many ways to access your system that it is silly to protect against one of them. So yes, protecting yourself from physical attacks by insisting on a root password is abnormal behaviour. How are you going to prevent an attacker from opening your PC and connecting the harddisk to his own machine? - and in case I want to commit what I have targeted, I have to develop the solution myself (that is there is no a config. file that I might simply turn on the password prompt for root shell in such cases)? In short, yes. If you really want to be that paranoid (and there are good reasons for it, especially on laptops), you should be looking at encryption as your solution (dm-crypt, truecrypt, bitlocker), not passwords. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111203000543.44f5a...@neminis.intra.loos.site
Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (sthu.d...@gmail.com on 2011-12-01 23:54 +0700): fsck errors should drop into a sulogin shell, which asks for the password. The only way you could get a root shell is if your root device cannot be found. In that case, there is no way to ask for a password because there is no password file. Well. There is root device - if You mean / mount point. Otherwise whence sulogin comes from? sulogin should be in /sbin on your filesystem, but that is not the first filesystem where programs are started from. Google early userspace and initramfs' for background info. From here it's all guesswork. You'd need to provide a full bootlog up to the point where the shell is started to get any meaningful answers. If you must, there might be a way to get what you want by adding files to the initramfs by dropping a file in /etc/initramfs-tools/hooks/ or Ahh. I have the dir. empty. the like. But if you find yourself needing to secure against that, then you must also set a bootloader password, lock out alternative boot methods, set a BIOS password and put your machine behind lock and key. Do you really need that? At least I want that. Do You know how to do that? I know the theory, that is all I know. The Debian initramfs is generated from scripts in /usr/share/initramfs-tools. To add files to it, you need to create a file in /etc/initramfs-tools/hooks that copies the required files (/sbin/sulogin, /etc/passwd and /etc/shadow) into the initramfs, and then you need to edit the panic() function scipts/functions to spawn sulogin instead of a shell. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111202000209.2394c...@neminis.intra.loos.site
Re: Trouble with remote rsyslog
Summarizing the other comments and adding my own... vr (debian-u...@iotk.net on 2011-11-30 00:03 -0500): I'm having trouble getting remote rsyslog to work. Can anyone look over my config and offer clues what I've done wrong please? SENDING SERVER (99.30.25.3, Squeeze, up to date) /etc/rsyslog.conf $ModLoad imudp $UDPServerRun 514 The sender needs omudp (the output module), and is not a UDP server. main.info @99.30.25.3 mail.warn @99.30.25.3 mail.err @99.30.25.3 You're sending to the wrong address /etc/default/rsyslog RSYSLOGD_OPTIONS=-c4 RECEIVING SERVER (99.30.25.2, Squeeze, up to date) /etc/rsyslog.conf $ModLoad imudp $UDPServerRun 514 This will work, but note that the recommended protocol for rsyslog-to-rsyslog logging is RFC3195: $ModLoad imrelp $InputRELPServerRun 2514 /etc/default/rsyslog RSYSLOGD_OPTIONS=-r That file should warn you that -r is deprecated, and it is not needed if you load the correct modules anyway. Finally, you're opening your syslog port on a public interface. Please make sure you have an adequate firewall. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2030230114.46c32...@neminis.intra.loos.site
Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (sthu.d...@gmail.com on 2011-11-28 13:47 +0700): Once mount error occurs while OS booting, I get root shell - w/o even asking for password... How I can change the behavior (to ask for password before granting root shell)? Do you get a message 'root account locked, starting shell?' fsck errors should drop into a sulogin shell, which asks for the password. The only way you could get a root shell is if your root device cannot be found. In that case, there is no way to ask for a password because there is no password file. If you must, there might be a way to get what you want by adding files to the initramfs by dropping a file in /etc/initramfs-tools/hooks/ or the like. But if you find yourself needing to secure against that, then you must also set a bootloader password, lock out alternative boot methods, set a BIOS password and put your machine behind lock and key. Do you really need that? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2028171700.61ae3...@neminis.intra.loos.site
Re: reduce crypt partition
scar (s...@drigon.com on 2011-11-25 13:56 -0700): i need a little help reducing my crypt partition. when i first installed debian, i used a rather standard /boot on /dev/hda1 and crypt on /dev/hda2, using LVM for the rest of the partitions. [..] $ sudo fdisk -l Advice: use fdisk -u. It will allow you to specify partition offsets in sectors, instead of hoping that your current fdisk aligns partitions at the exact location that the previous partitioner did. Disk /dev/hda: 40.0 GB, 40007761920 bytes 255 heads, 63 sectors/track, 4864 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk identifier: 0x3f423f42 Device Boot Start End Blocks Id System /dev/hda1 * 1 31 248976 83 Linux /dev/hda2 32486438821072+ 83 Linux [..] $ sudo pvdisplay --- Physical volume --- PV Name /dev/dm-0 VG Name graveyard PV Size 20.00 GB / not usable 3.81 MB Allocatable NO PE Size (KByte) 4096 Total PE 5119 sectors/PE = 4096*1024 / 512 = 8192 Total sectors = 5119*8192 = 41934848 I don't know if you need additional space for dmcrypt headers, so I would advise to use more sectors than this minimum. As a general rule, I always use resize2fs -M to make sure I don't get caught in conversion errors (1000 vs 1024 etc). Also, after changing the partitions you should resize the PV to the real size of the partition (i.e. without size argument). It's your best way to ensure everything has gone right. Best of luck, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2027125916.7da06...@neminis.intra.loos.site
Linux 3.1 and r300
Hi all, Since the upgrade to the 3.1 kernel, I'm seeing display flickers on two machines with an older ATI card (a 9600 and X1500). One machine is very vocal about EDID errors and blinks the display roughly every ten seconds, making it impossible to work with. The other logs no EDID errors and only blinks once every hour. I've had this before, and then it was related to load detection which can be disabled (doesn't appear to work this time): $ xrandr --output DVI-0 --set load detection 0 The EDID errors can be resolved by killing output polling (drm.poll=0 on the kernel command line). Before I file a bug, is anyone else seeing this? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2027131721.76ad9...@neminis.intra.loos.site
RE: Documentation -- gcc?
OK, so gcc documentation is unfree. I have no dog in that fight. Save an old man a few days of reading the GFDL flame wars from seven years ago, and someone (one) just kindly say where this non-free documentation is. http://packages.debian.org/squeeze/gcc-doc-base and http://packages.debian.org/squeeze/gcc-doc Maybe http://gcc.gnu.org/onlinedocs/ will be faster? I have 16 (two architectures) DVDs. Could it be lurking somewhere in those 64 GB of compressed files? Or have I been had? A quick scan of http://cdimage.debian.org/debian-cd/6.0.3/amd64/list-dvd/ shows no sign of these packages. Presumably because the DVDs only contain the main archive? Regards, Arno
Re: NCID with no rcS.d
lrhorer (lrho...@satx.rr.com on 2011-11-24 03:38 -0600): OK, so here's the deal. I compiled and installed ncid on one of my Debian servers Everything seems to be working just fine. There's one small item, though. When I took the init scripts and ran update-rc.d, it gave me a warning saying stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (S 0 1 6). When I looked at the scripts, they have the line # Default-Stop: S 0 1 6 [..] First of all, why did the routine put up that warning and fail to create the links? insserv doesn't create the links unless explicitly asked to do so. By default (as it's called from dpkg), it only determines start/stop ordering. I'm not sure how those links are populated initially. It could be that the package provides them, and is missing that one link. To restore the defaults, run: # insserv -vd ncid Secondly, what is the potential operational impact, here? Virtually none. You're only missing the kill script that affects runlevel transitions into runlevel S (iiuc). That transition will never happen unless you do it manually, and most people reboot into S, not telinit into it. It seems to me this will cause a dirty shutdown of the ncid processes, although I'm not sure how really heinous that would be. No, shutdown and reboot are runlevels 0 and 6 respectively. That will still work. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2024140106.18279...@neminis.intra.loos.site
Re: Disabling NFSv4 on Debian Squeeze
Israel Bravo (bravo...@gmail.com on 2011-11-20 15:42 +0200): How can I disable the NFSv4 on Debian Squeeze (without recompiling the kernel)? man 5 nfs will tell you that you can force a specific nfs version by adding -o nfsvers=X on the mount command line (or in /etc/fstab). Or - another possibility - to disable mapping UID and GID to nobody/nogroup ? Have you checked the server is not configured with all_squash? The mapping is done by the nfs id mapper (man 8 rpc.idmapd). I've found the documentation to be severely lacking, but maybe http://linux.die.net/man/5/idmapd.conf will help. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2020211834.1002c...@neminis.intra.loos.site
Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)
Kramarenko A. Maksim (mc@k-max.name on 2011-11-15 09:51 +0400): Arno Schuring aelschur...@hotmail.com писал(а) в своём письме Tue, 15 Nov 2011 03:30:54 +0400: Kramarenko A. Maksim (mc@k-max.name on 2011-11-14 13:02 +0400): Hello, All! Tired of fighting with Kreberos. The second week I can not properly configure the server NFSv4 and domain on Win 2k8 R2 via kerberos. Kinit command, etc. work properly and get tickets from the KDC: = ...daemon.log. Nov 8 13:50:10 archiv rpc.gssd[2067]: WARNING: KDC has no support for encryption type while getting initial ticket for principal 'nfs/archiv.sag.local@SAG.LOCAL' using keytab If this is the cause, and it seems to be, then your kernel is simply too old. The default kernel in Squeeze only support des-cbc encryption for NFS, and that is deprecated. On Linux systems the workaround is to specify allow_weak_crypto in krb5.conf, but I'm not aware of a workaround for Windows. Maybe try a newer kernel, e.g. from backports? Regards, Arno Thanks for the answer. Arno, I upgraded from backports kernel and NFS (nfs-common and nfs-kernel-server), but now I have the following error when mounting: ARCHIV ~ # uname -a Linux ARCHIV 2.6.39-bpo.2-686-pae #1 SMP Thu Aug 4 11:02:22 UTC 2011 i686 GNU/Linux client: == [..] Nov 15 00:06:32 debian rpc.gssd[1730]: Success getting keytab entry for 'nfs/debian.sag.local@SAG.LOCAL' Seems good... === ... and server: === Nov 15 00:06:34 archiv rpc.svcgssd[1097]: ERROR: GSS-API: error in handle_nullreq: gss_accept_sec_context(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - No supported encryption types (config file error?) Nov 15 00:06:34 archiv rpc.svcgssd[1097]: ERROR: GSS-API: error in handle_nullreq: gss_accept_sec_context(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - No supported encryption types (config file error?) The server does not seem to accept the encryption type, or the KDC (Windows) is rejecting the negotiation. Does the client keytab contain multiple encryption types (klist -k -e)? Can the server mount itself? Try mounting the exported directories on the server to see if that works. You might get more response on linux-...@vger.kernel.org Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2016203450.5f556...@neminis.intra.loos.site
Re: KVM networking.
Sthu Deus (sthu.d...@gmail.com on 2011-11-15 20:12 +0700): $ /usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda da -net nic,macaddr=$(printf 'DE:AD:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))) -net tap kvm: -net tap: could not configure /dev/net/tun (tap%d): Operation not permitted kvm: -net tap: Device 'tap' could not be initialized I run it under normal user - as You have guessed already - yet in sudoers I have for the user (as I understand all the commands involved in tap bringing up by KVM): vmuser ALL = /sbin/ifconfig *, /sbin/ifup br0, /sbin/ifdown br0, /sbin/ip *, /sbin/brctl *, /usr/sbin/tunctl *, /sbin/route add -host * How I can solve this? qemu does not use sudo. -net tap,ifname=$(sudo tunctl -b) doesn't work? By the way, to overrun the permission problem I have tried running it under sudo (root) user when I got the following error: No protocol specified Could not initialize SDL(No available video device) - exiting So it needs a screen for KVM window running. Do You know how I can launch it in such case? - Except to allow root user. :) Most likely your sudo does not preserve $DISPLAY. See my other mail. You can get the network working by using the correct routes (I hope). But that won't get you internet access from the VM without either NAT or reconfiguring your modem. My host is connected to router. Do You mean that I need NAT at the router or host? - I thought host only. Yes, NAT at the host should work. Sthu Deus (sthu.d...@gmail.com on 2011-11-15 01:40 +0700): Thank You for Your time and answer, Arno: I think this setup might need additional configuration on the outside, because you need to add the same subnet route on your Internet modem/router. I don't think qemu gives you NAT for free... I've got such a problem w/ NATing: /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d ! 192.168.1.0/24 -j SNAT --to-source 192.168.0.2 Bad argument `192.168.1.0/24' Do You have any idea why iptables does not accept the ip nor the ip net? You need to use ! -d addr, not -d ! addr Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2016204900.0743f...@neminis.intra.loos.site
Re: sources.list best practices
Brad Alexander (stor...@gmail.com on 2011-11-16 10:07 -0500): Actually, Andrei, that will fit puppet well. I was just looking for methodologies, and I think that you and Tong pointed out a couple of important points. First, never cross the streams on stable. I'm guessing here that both of you probably use the codename (e.g. squeeze, lenny, wheezy, etc) and not the release name (stable, testing, unstable) to protect against inadvertent upgrades. In my case, /etc/apt/sources.list is for all machines the same and simply lists stable, testing and unstable + security.d.o. I use /etc/apt/preferences to protect against unplanned upgrades (stable has higher priority than testing, etc). I only use APT::Default-Release to refer to a release by name. If I need more (experimental, dmo, -updates), I add those in sources.list.d. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2016210650.0b732...@neminis.intra.loos.site
Re: GNOME 3 Alt-Tab takes two hands now?
Kevin Ross (ke...@familyross.net on 2011-11-13 19:38 -0800): If you have two windows open for the same application, the Alt-Tab popup combines them into a single icon. To switch between windows of the same application, you have to hit the down arrow while the popup is up. So you have to hit Alt-Tab, and while holding down the Alt key, hit the down arrow, then hit Tab multiple times to get to the window you want. You want Alt-Tick (the button above Tab) Really? This is an improvement? Meh. For me the more important issue is that the ordering seems random. I'm used to having my applications ordered in LRU-style (so pressing alt-tab gives me my previous application, twice the one before that etc). That's no longer true in G3. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201450.41df2...@neminis.intra.loos.site
Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)
Kramarenko A. Maksim (mc@k-max.name on 2011-11-14 13:02 +0400): Hello, All! Tired of fighting with Kreberos. The second week I can not properly configure the server NFSv4 and domain on Win 2k8 R2 via kerberos. Kinit command, etc. work properly and get tickets from the KDC: = ...daemon.log. Nov 8 13:50:10 archiv rpc.gssd[2067]: WARNING: KDC has no support for encryption type while getting initial ticket for principal 'nfs/archiv.sag.local@SAG.LOCAL' using keytab If this is the cause, and it seems to be, then your kernel is simply too old. The default kernel in Squeeze only support des-cbc encryption for NFS, and that is deprecated. On Linux systems the workaround is to specify allow_weak_crypto in krb5.conf, but I'm not aware of a workaround for Windows. Maybe try a newer kernel, e.g. from backports? Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2015003054.74f62...@neminis.intra.loos.site
Re: GNOME 3 - Help needed - Testing upgraded from GNOME 2 to GNOME 3
Selim T. Erdogan (se...@alumni.cs.utexas.edu on 2011-11-13 05:32 -0600): Arno Schuring, 12.11.2011: Ralf Mardorf (ralf.mard...@alice-dsl.net on 2011-11-11 23:51 +0100): Before I run the upgrade I saved a backup of my GNOME 2 Debian. Is there the need to restore Debian from the backup, or is there a way to get back a usable DE, by editing GNOME 3? Others have pointed out the fallback mode, but if I try that, X won't start at all (can't find session gnome-fallback). There's a separate package, gnome-session-fallback, that I had to install additionally. (On sid, a few weeks ago.) Do you have that installed? Ah thanks for that. No I hadn't, I had assumed it was part of the gnome-shell package. And concerning one other gripe: And now that I've touched the xrandr system settings, I can no longer start g-s-d while in Enlightenment because it f***s up my display settings... $ gsettings set org.gnome.settings-daemon.plugins.xrandr active 'false' Thanks! Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2013234319.6c76d...@neminis.intra.loos.site
Re: Is GNOME 2 panel still in unstable?
Camaleón (noela...@gmail.com on 2011-11-13 17:59 +): and how many people are whining because GNOME 2 is gone? We all miss the good job that GNOME2 did. IMO, there is nothing wrong about users whining or complaining because of the change, that's a normal reaction that express the love we had for GNOME2 and loving GNOME2 is nothing bad. Now that's a spin that I like :) However, you can argue whether effectively discontinuing the most-used DE on Linux is a wise move. I can understand some of the reasoning behind it, but in my mind, abandoning your old product in favor of some fad of the day feels like a forced upgrade. And most users use Linux because they got fed up with the forced upgrade treadmill of certain proprietary software manufacturers... Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2014013415.673fb...@neminis.intra.loos.site
Re: KVM networking.
Sthu Deus (sthu.d...@gmail.com on 2011-11-11 23:41 +0700): I have included more options to network script: /usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda da -net nic -net tap,ifname=$(sudo /usr/sbin/tunctl -b -u $(whoami); sudo /sbin/ifconfig tap0 192.168.1.1 up; sudo /sbin/route add -host 192.168.1.1 dev tap0),script=no,downscript=no You're adding a host route, whereas you need a network route. Try: $ sudo ip route add 192.168.1.0/24 via 192.168.1.1 Or, with the older tools (a bit rusty): $ sudo route add 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 dev tap0 I think this setup might need additional configuration on the outside, because you need to add the same subnet route on your Internet modem/router. I don't think qemu gives you NAT for free... Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2012145818.63559...@neminis.intra.loos.site
Re: KVM networking.
Sthu Deus (sthu.d...@gmail.com on 2011-11-11 23:23 +0700): Sthu Deus (sthu.d...@gmail.com on 2011-11-08 14:44 +0700): 1. The bridges take the Internet connections for itself - thus leaving the host app.s w/o Internet access, probably routing needed here - but they do not make any specifications for that. That sounds weird. What does brctl show? A default setup with these two lines should already work fine: iface br0 inet dhcp bridge_ports eth0 Just remember to leave eth0 unconfigured... Then how do host's app.s will get to Internet? Through the bridge. I can't tell what's missing until you show us your bridge configuration, if you have any. I'll show my config for comparison: $ ip addr show eth0 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN qlen 1000 link/ether 00:17:31:4a:c6:a3 brd ff:ff:ff:ff:ff:ff $ ip -4 addr show br0 4: br0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UP inet 172.22.15.221/24 scope global br0 Note the master br0 on the eth0 configuration, and the lack of any IP addresses. My routing is slightly different, but you can see there are no routes using eth0 directly: ladmin@golem:~$ ip -4 route show default via 172.22.21.1 dev vlan21 172.22.15.0/24 dev br0 proto kernel scope link src 172.22.15.221 2. As a workstation - it does not provide access from host to the guest. You mean networking access? I've never needed it, but it should work once your host apps have networking access... (just tested: ping between host and vm works fine for me). I mean that DHCP of KVM gives Internet access to guest and having no interface from host to guest, I can not reach the guest from host. Of course, host app.s and guest's app.s - both have Internet connection, but not host-guest connection. I'm not sure exactly what you're trying to do, but KVM only does DHCP and basic routing with -net user and not with -net tap FAFAIK. 3. W/ tap - You have seen already the problem - some unknown to me permission problem - do You know why is it so? [..] Now it works - regarding the permission problem, but I need the interface (tap). Of course I can create by root w/: ifconfig tap0 192.168.1.1 up route add -host 192.168.1.1 dev tap0 but I want w/o root. Then you should consider using -net user instead of -net tap, I think. I agree that it is slightly weird that you can't configure a tap interface even when you own it, but it makes sense: you're not just configuring the tap interface (which you can do from inside the VM), you're also changing the host's routing table. And even w/ root - I still can not get network working between host and guest - having configured guest w/: See my other mail. You can get the network working by using the correct routes (I hope). But that won't get you internet access from the VM without either NAT or reconfiguring your modem. btw I made a mistake in the previous route command: you shouldn't need to set a gateway, just the dev tap0 should be enough. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2012151649.4ef2d...@neminis.intra.loos.site
Re: Yikes, 140 held packages
Harry Putnam (rea...@newsguy.com on 2011-11-12 05:31 -0600): Andrei POPESCU andreimpope...@gmail.com writes: I would suggest you run 'aptitude safe-upgrade' first and then try 'aptitude full-upgrade'. Don't worry, aptitude will present all changes to you before applying. If you don't like or understand what you see just copy-paste it here and we'll have a look. It happens that I had already run `aptitude full-upgrade' before seeing your post... It removed a fairly extensive list of pkgs. But still I see 135 on hold. I forgot how to list only installed with aptitude but running `aptitude search . |grep ^ih' shows 135 (you were look for aptitude search ~i) What does the following show: $ aptitude search ~ahold This should probably give you the list of 135 packages. You can release the held packages by using the same syntax: # aptitude unhold ~ahold If that doesn't work, the packages could be held in dpkg instead, but the output is slightly different (and aptitude and dpkg easily disagree): $ echo xfonts-encodings hold |sudo dpkg --set-selections $ aptitude search ~ahold ihA xfonts-encodings - Encodings for X.Org fonts $ sudo aptitude unhold xfonts-encodings [..] $ aptitude search ~ahold $ dpkg --get-selections|grep hold xfonts-encodingshold $ dpkg -l xfonts\* hi xfonts-encodin ii xfonts-utils [..] To quickly unhold packages held by dpkg, you can use this: $ dpkg --get-selections|awk '$2==hold {$2=install;print}' list Review the list before feeding it to set-selections: $ sudo dpkg --set-selections list Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2012164057.18359...@neminis.intra.loos.site
Re: Removing evolution but leave gnome intact?
kei...@strucktower.com (kei...@strucktower.com on 2011-11-10 19:24 -0800): I realize it is not necessary, but if possible I'd like to remove evolution. This is what I have tried so far: # aptitude unmarkauto gnome-control-center evolution-data-server # aptitude unmarkauto libedataserverui1.2-11 capplets-data # aptitude unmarkauto evolution-data-server-common # aptitude unmarkauto gnome-session gnome-panel gnome-applets # aptitude -s -R remove --purge evolution-data-server / evolution-data-server-common libedataserverui1.2-11 / gnome-control-center: gnome-panel: gnome-applets: gnome-session: You cannot remove the data server or evolution libraries, they are tied into the gnome-panel's clock function. If they had 90% market share, they would be facing antitrust probes over it ;) You might be able to fake its presence by using equivs, but there's no telling whether that will break gnome-panel. Apart from that, removing the evolution binary is as far as you can go... Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2012172420.4be69...@neminis.intra.loos.site
Re: GNOME 3 - Help needed - Testing upgraded from GNOME 2 to GNOME 3
Allow me to join the choir :) I actually had high hopes for some of the stuff. Integrating IM account control in the top right menu is a great idea, and I like the way notifications are presented. But empathy is possibly even worse than Evolution, it won't connect to half of my accounts and invisible mode still shows me online to my contacts. If I login to Gnome3 in dual-screen mode, it immediately bails out with session gnome failed to start. If I start in single-screen mode and then use xrandr to enable the second screen, Gnome freezes to the point where only the mouse and Ctrl-Alt-Bksp still work. If I use the system-settings control panel, the displays flicker and then it resets to clone mode. Yay! But the worst part is that gnome-settings-daemon won't keep its grubby hands off my configuration. By default, even though I'm running Enlightenment, it reconfigured mouse speed and keyboard even though I've been fine with those settings for years. And now that I've touched the xrandr system settings, I can no longer start g-s-d while in Enlightenment because it f***s up my display settings... Ralf Mardorf (ralf.mard...@alice-dsl.net on 2011-11-11 23:51 +0100): Hahaha :D GNOME 3 what an odd DE. Missing features (weather, restart option etc.), Evolution doesn't work, because it can't connect to the network, it tries to force us to install pulseaudio, it completely breaks the workflow of sane users. Empathy has a setting for that, maybe Evolution has too? $ gsettings set org.gnome.Evolution use-conn false Before I run the upgrade I saved a backup of my GNOME 2 Debian. Is there the need to restore Debian from the backup, or is there a way to get back a usable DE, by editing GNOME 3? Others have pointed out the fallback mode, but if I try that, X won't start at all (can't find session gnome-fallback). Could it be, that Evolution isn't working anymore, because I didn't install pulseaudio, hence gnome-core couldn't be upgraded too? Could be. Then again, Evolution working properly could also be a sign of an impending apocalypse... I can't install pulseaudio, because this would break my DAW. Join the club :) You will get no sound in Gnome, but fear not, the most hideous beep at gdm3 login is back! How can I get back a theme, window buttons etc.? $ gsettings set org.gnome.desktop.interface gtk-theme 'greybird' You need to install xfwm or murrine-themes for that to work though. You can use gnome-tweak-tool to restore window controls, but I've not yet found the gsettings incantation for that. Even NumLock is disabled and the fonts are a PITA. $ gsettings set org.gnome.desktop.interface font-name 'DejaVu Sans 10' Apparently you need to install numlockx to get your numlock powers back... By default it's the ugliest DE I've ever seen in my life. Not really, my gtk2 apps look even worse if I start them without starting g-s-d. Hope this helps (at the very least, venting always helps me ;) Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2012233042.6dd19...@neminis.intra.loos.site
Re: KVM networking.
Sthu Deus (sthu.d...@gmail.com on 2011-11-08 14:44 +0700): /usr/bin/kvm -localtime -m 256 -no-reboot -cdrom ./debian-6.0.2.1-amd64-netinst/debian-6.0.2.1-amd64-netinst.iso -boot d -hda ./da -net nic -net tap,ifname=tap0,script=no kvm: -net tap,ifname=tap0,script=no: could not configure /dev/net/tun (tap0): Operation not permitted [..] But if you are like me and you manage multiple virtual machines and you stubbornly insist on using dynamic tap interfaces, you can work around this by setting the CAP_NET_ADMIN capability on kvm: # setcap cap_net_admin+ep /usr/bin/kvm I want to make it secure and update independent, let's look may some on the list will share his/her knowledge w/ us - I do not believe all who use the standard VM-ing make such work arounds. Yes, I agree my solution is suboptimal, but it's the best I could do. Eagerly awaiting input... :) In the KVM manual it is clearly written what to do in every case the network one would use - just a workstation Internet access, bridges (private/public), and tapped w/ latter routing for the interface. For me it does not work for the following reasons: 1. The bridges take the Internet connections for itself - thus leaving the host app.s w/o Internet access, probably routing needed here - but they do not make any specifications for that. That sounds weird. What does brctl show? A default setup with these two lines should already work fine: iface br0 inet dhcp bridge_ports eth0 Just remember to leave eth0 unconfigured... 2. As a workstation - it does not provide access from host to the guest. You mean networking access? I've never needed it, but it should work once your host apps have networking access... (just tested: ping between host and vm works fine for me). 3. W/ tap - You have seen already the problem - some unknown to me permission problem - do You know why is it so? I can make a guess: $ ls -l /dev/net/tun crw-rw 1 root kvm 10, 200 Nov 9 21:36 tun $ groups aschuring users kvm [..] $ /usr/sbin/tunctl -b TUNSETIFF: Operation not permitted $ sudo setcap cap_net_admin+ep /usr/sbin/tunctl $ /usr/sbin/tunctl -b tap0 Or may have an idea what else command I have to add to sudoers file for the user or some other way by root specify the interface parameters that the user has to use the interface w/? Yes. You can just add tunctl to your list of sudo commands, and use the output of ifname=$(sudo tunctl -b -u $(whoami)) on the kvm command line. Alternatively, set the cap_net_admin capability on tunctl and you won't need sudo (but still upgrade-unsafe)... This way, kvm will not need to create the interface and you won't run into permission problems. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2009222614.7ef98...@neminis.intra.loos.site
Re: KVM networking.
Sthu Deus (sthu.d...@gmail.com on 2011-11-07 02:18 +0700): I try to run KVM network w/o under normal user w/ the following result: /usr/bin/kvm -localtime -m 256 -no-reboot -cdrom ./debian-6.0.2.1-amd64-netinst/debian-6.0.2.1-amd64-netinst.iso -boot d -hda ./da -net nic -net tap,ifname=tap0,script=no kvm: -net tap,ifname=tap0,script=no: could not configure /dev/net/tun (tap0): Operation not permitted Apparently, you need root access to create tap interfaces regardless of the permissions on the tap device. I have it on good authority (http://bugs.debian.org/630701#10) that the preferred way is to precreate the tapX interfaces in /etc/network/interfaces. But if you are like me and you manage multiple virtual machines and you stubbornly insist on using dynamic tap interfaces, you can work around this by setting the CAP_NET_ADMIN capability on kvm: # setcap cap_net_admin+ep /usr/bin/kvm However, there are two problems with this: - every time dpkg upgrades qemu, the capability gets reset - this is INSECURE, because you're now granting all your users full access to your network interfaces. Only do this if you trust your users. The KVM/tap networking documentation seems scattered across the 'net, most of it is incomplete and sometimes contradictory. If someone has a pointer to The Definitive Guide(tm), I'd be interested to read it. user ALL = /sbin/ifconfig *, /sbin/ifup br0, /sbin/ifdown br0, /sbin/ip *, /sbin/brctl *, /sbin/tunctl * If you precreate the tap interface, you won't need these... Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2007213156.5284c...@neminis.intra.loos.site
Re: Broken packages............
Charlie (aries...@skymesh.com.au on 2011-10-30 00:12 +1100): On Sat, 29 Oct 2011 14:01:16 +0200 Arno Schuring aelschur...@hotmail.com suggested this: DMO? Sorry, silly question, but. what is DMO? Have been googling it and not getting anywhere, and it's late, or early. Sorry, force of habit. It's short for debian-multimedia.org, as Tom already said. Apologies for the confusion, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111029225039.784d4...@neminis.intra.loos.site
Re: Broken packages............
On Thu, Oct 27, 2011 at 4:53 PM, Charlie aries...@skymesh.com.au wrote: On Thu, 27 Oct 2011 14:25:18 +0200 Arno Schuring aelschur...@hotmail.com suggested this: Charlie (aries...@skymesh.com.au on 2011-10-27 16:35 +1100): libavcodec52: Depends: libavutil50 (4:0.6.2-99) but 5:0.7.1-0.1 is to be installed or libavutil-extra-50 (4:0.6.2-99) but it is not installable [..] deb http://www.debian-multimedia.org testing main non-free Is that a problem? Does it use an old libavutil50 package? DMO declares a higher epoch for all its packages (5: vs 4:), which means that it is not possible to mix packages between DMO and the original Debian. The error message above implies that libavcodecs52 is only available in Debian, and conflicts with the already installed packages from DMO. Wu-Kung Sun (sunwuk...@gmail.com on 2011-10-28 09:56 -0500): It looks like debian-multimedia has xvidcap built against libavdevice52 which has since been replaced by libavdevice53. http://debian-multimedia.org/dists/testing/main/binary-amd64/package/xvidcap.php http://debian-multimedia.org/dists/testing/main/binary-amd64/package/libavdevice53.php If I'm right, only the DMO maintainers can fix this so I've copied that list which I hope is ok. Thanks! Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111029140116.1c0f8...@neminis.intra.loos.site
RE: Fetchmail certificate problem
From: jsp...@sun.ac.za [..] fetchmail: Server certificate verification error: self signed certificate fetchmail: This means that the root signing certificate (issued for /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webaster@localhost) is not in the trusted CA certificate locations, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!) [..] fetchmail: Server CommonName mismatch: localhost != alterit.co.za This might still cause a problem when you get the certificate working. The service provider sent me a certificiate which I did put in the path referred to in the configuration but it did not solve the problem. /etc/ssl/certs is a managed location (yes, I know, not strictly FHS compliant). You need to put the certificate in /usr/local/share/ca-certificates (from memory, please double-check with the ca-certificates documentation) and re-run update-ca-certificates. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/snt108-w61bac6cecc26fdfd7c4122b8...@phx.gbl
Re: Broken packages............
Charlie (aries...@skymesh.com.au on 2011-10-27 16:35 +1100): libavcodec52: Depends: libavutil50 (4:0.6.2-99) but 5:0.7.1-0.1 is to be installed or libavutil-extra-50 (4:0.6.2-99) but it is not installable Do you have debian-multimedia in your sources.list by any chance? Or have had it? Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111027142518.01071...@neminis.intra.loos.site
RE: ubuntu.
From: mailingl...@darac.org.uk On Tue, Oct 25, 2011 at 11:41:34AM +0200, Tony van der Hoff wrote: On 25/10/11 11:23, Luca Cappelletti wrote: 2011/10/25 Mauromrsan...@gmail.com ... I appear to have subscribed to the wrong mail list. Can anyone here point me at the ENGLISH DEBIAN list, please. There being no language defined *in the address* of this list, I'd expect the occasional international discussion. (I'm aware that http://lists.debian.org/debian-user/ says Support for Debian users who speak English but not everyone visits that page). Of course, if you need to be pedantic about it, you should also point out that this list is about written English, not spoken. And I'd hazard a guess that all discussions on this list are already international. However, since there is a http://lists.debian.org/debian-italian/ -- it should be very clear to non-pedants what the intended language of this list is. There's very little excuse, however, for discussing Ubuntu here. lol Arno
Re: Sharing files on a local network
Raf Czlonka (r...@linuxstuff.pl on 2011-10-23 15:39 +0100): On Sun, Oct 23, 2011 at 01:52:14PM BST, Harry Putnam wrote: I don't understand why a few people have passed over ssh as being overkill. SSH (Secure Shell) - you don't need security on home-only network. That depends. If you're running a wireless setup, even with WPA2 protection, I'd still advise security. Its easiest of all to setup. (well excepting the nautilus suggestion) IMHO, it's not - dozens of options for both the server and client. You simply mount the NFS share and it's transparent to the system. Well, in all fairness - NFS requires that the user ids on all systems match. Forcing such a match can be quite troublesome. I mean with fuse and sshfs, then it acts much the same as nfs far as enduser experience. FUSE as it name suggests is in user-space, NFS is supported in the kernel. You don't have the overhead. Overhead is peanuts :) No, not really. But for a home setup, convenience trumps performance. And besides, when's the last time that your desktop machine was pegged on CPU? For the current situation, I'd advise sshfs. If it's integrated in Nautilus, all the better. But SSH is only point-to-point -- as soon as you're sharing files with more than 2 machines, NFS is the way to go. My 2 cents: even for Linux-only systems, there really is no satisfactory answer to the OP's question besides Samba/CIFS. All (Unix-)native solutions have their roots in enterprise (managed) networking, which implies manual setup. In terms of autodiscovery and autoconfiguration, nothing can hold a candle to the original SMB. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111024004654.61be9...@neminis.intra.loos.site
Re: how to get pkg names not upgraded
Harry Putnam (rea...@newsguy.com on 2011-10-21 19:19 -0500): When I run `aptitude full upgrade' Sometimes I see something in the output saying some number of packages will not be upgraded. Something like [...] 40 pkgs to upgrade 8 pkgs not upgraded. [...] (That is not verbatim... just close) How can I get the pkg names, that are not being upgraded? That should be $ aptitude search ~U But it has happened to me that aptitude said that there were packages not upgraded while search-upgradable would yield no results. YMMV See http://algebraicthunk.net/~dburrows/projects/aptitude/doc/en/ch02s03s05.html for the complete search term reference. Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111022125158.018df...@neminis.intra.loos.site
Re: bash command
kuLa (deb...@kulisz.net on 2011-10-20 09:37 +0100): On 20/10/11 09:29, Jesus arteche wrote: Hey guys, I want to create a script to change some words in some sonf files at the start up of the system...do you know the command in bash for search the word and replace it?? Well, I don't know about bash command but I know about sed. Theoretically it's possible with bash (=3) as well: $ VAR=oldword $ echo $VAR oldword $ echo ${VAR/old/new} newword And use a read loop over all the lines in the file :) Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111020125802.1ea77...@neminis.loos.site
Re: GPT on BIOS system partitions scheme
Virgo Pärna (virgo.pa...@mail.ee on 2011-10-17 08:50 +): On Mon, 17 Oct 2011 00:16:02 +0200, Arno Schuring aelschur...@hotmail.com wrote: yudi v (yudi@gmail.com on 2011-10-16 15:20 +1000): Partitions will be aligned on 2048-sector boundaries This is not necessary. Menu X, D will allow you to change this to 1. The 2048 value is just wasteful (an overly safe default). Whether you care about losing that 2MB is your call... I'd say, that 8 sectors would be safer than 1. In case the hard drive is one with 4096 byte sectors that emulates 512 byte sectors. Certainly, you are correct :) As general advice, 8 sectors is better because of advanced format. But then you also have to account for modern SSDs, which have erase block sizes between 128 and 512kB (256 or 1024 sectors), and for partitioning hw-raid devices you need to know the stripe size of the underlying device. When taking that all into account, the MS default of 2048 sectors is quite understandable. But the drive in question was 600GB (iirc). Too large for an SSD and too small for advanced format... Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111017155049.06af8...@neminis.loos.site
Re: GPT on BIOS system partitions scheme
yudi v (yudi@gmail.com on 2011-10-18 00:09 +1000): But the drive in question was 600GB (iirc). Too large for an SSD and too small for advanced format... It's an Advance format, check the fdisk output posted above. I stand corrected. Then your sector alignment should be a multiple of 8. I didn't know newer disks were all advanced format, even the smaller models. Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111017202541.6475f...@neminis.loos.site
Re: OT: harddrive addition for RAID
Hi, firstly: this is only offtopic if you're not running Debian. Richard (richard.b...@blueyonder.co.uk on 2011-10-17 17:39 +0100): Hi, I'm thinking about adding another 500 GB HD to use RAID. 2 questions:- 1. does the HD need to be exactly the same as the one its being paired with ? No. Assuming you're going with Linux software raid (md or lvm), you can do partition-level raid. So even if the disks are not of equal size, you can create partitions that are and use the remainder of one of the disks as extra (non-raid) storage. 2. how easy is it to change from a non RAID config to a RAID config. ie. can I just put in the second HD and run something to automagically change the config to RAID ? In general, it is not easy, and potentially very dangerous. But it's not rocket science either. Anyway, you should be prepared to do a lot of command-line typing where a single typo could possibly destroy your system. If you are already using LVM, that makes the process slightly less dangerous and significantly easier. This list can help you out. Just making sure you know what you're getting into :) Regards and good luck, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111018003618.664f9...@neminis.loos.site
Re: GPT on BIOS system partitions scheme
yudi v (yudi@gmail.com on 2011-10-16 15:20 +1000): Could someone using GPT on a BIOS system confirm if I got the GPT partitioning right on a BIOS system [..] Partition table scan: MBR: protective BSD: not present APM: not present GPT: present Found valid GPT with protective MBR; using GPT. So far so good... Partitions will be aligned on 2048-sector boundaries This is not necessary. Menu X, D will allow you to change this to 1. The 2048 value is just wasteful (an overly safe default). Whether you care about losing that 2MB is your call... Total free space is 1058782 sectors (517.0 MiB) Number Start (sector)End (sector) Size Code Name 12048 411647 200.0 MiB EF00 EFI System 2 675840 677887 1024.0 KiB EF02 BIOS boot 3 942080 3039231 1024.0 MiB 0700 Linux/Windows 4 3303424 1464884942 696.9 GiB 8E00 Linux LVM Looks great. Do you really need partition 1? If it's a BIOS system, the first partition has no purpose. *Partition3 will be used for /boot partition4 - LVM over LUKS Do you really need 1G for /boot? 100MB is already overkill on most systems, maybe if you plan to do kernel development... Used Fdisk to mark the first partition as boot. root@ubuntu:/home/ubuntu# fdisk /dev/sda WARNING: GPT (GUID Partition Table) detected on '/dev/sda'! The util fdisk doesn't support GPT. Use GNU Parted. Did you notice the warning? GPT partitions can't be marked active, and even if they could -- grub doesn't use the active marker, not even on an MBR disk. Your partitioning is fine. It's not optimal, but it will work as it should. Just remember to install grub2 on the whole disk (/dev/sda), not in a partition. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111017001602.40ef2...@neminis.loos.site
NFSv4: rpc.gssd hangs indefinitely
Hi, Any NFSv4 experts on this list? I'm trying to get my fileserver to incorporate Kerberos security but the mounts fail in the most annoying way: no error or syslog message, not even a timeout. They just hang. I've already spent a few hours trying to set it up and debug it, and I believe I've managed to avoid the usual pitfalls this time around (principals, keytabs, encryption types, exports). The Kerberos/LDAP setup itself is not an issue, and non-Kerberized nfs4 mounts work perfectly -- that is the setup that I've been running for the past year. So, for those of you who are still listening, here is the problem in short (server is running Squeeze): ladmin@genie:~$ sudo mount -v -t nfs4 genie:/ /mnt mount.nfs4: timeout set for Mon Oct 17 01:32:18 2011 mount.nfs4: trying text-based options 'addr=172.22.21.8,clientaddr=172.22.21.8' genie:/ on /mnt type nfs4 (rw) ladmin@genie:~$ sudo mount -v -t nfs4 -o sec=krb5 genie:/ /mnt mount.nfs4: timeout set for Mon Oct 17 01:32:35 2011 mount.nfs4: trying text-based options 'sec=krb5,addr=172.22.21.8,clientaddr=172.22.21.8' ... and the command prompt never returns. Adding -vvv to the mount command doesn't reveal anything new, and enabling -vvv on all the daemons gives the following (among the many interesting lines): Oct 17 00:39:04 genie rpc.gssd[16110]: Success getting keytab entry for 'nfs/genie.loos.site@' Oct 17 00:39:04 genie rpc.gssd[16110]: creating context with server n...@genie.loos.site Oct 17 00:39:04 genie rpc.svcgssd[15500]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 Oct 17 00:39:04 genie rpc.svcgssd[15500]: doing downcall Oct 17 00:39:04 genie rpc.svcgssd[15500]: finished handling null request Oct 17 00:39:04 genie rpc.gssd[16110]: prepare_krb5_rfc1964_buffer: serializing keys with enctype 4 and length 8 Oct 17 00:39:04 genie rpc.gssd[16110]: doing downcall And there my google-fu ends. Comparing other logs, the downcall here should result in calls to idmapd. But the id mapper is working fine, as it's also needed for the non-krb5 case. The idmapd logs show a deafening silence... until the mount command is killed, in which case I get stale client in the idmapd logs. I'm not willing to file a bug yet, I wouldn't know what package to report it on. Moreover, the last two times that I've reported a bug, I found a solution within five minutes of sending. So here's hoping... :) Any pointers/hints/tips are greatly appreciated. Thanks, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111017020517.79ca2...@neminis.loos.site
Re: how much time do I need to run badblocks
Long Wind (longwind2...@gmail.com on 2011-09-23 20:07 +0800): I bought a 60G disk and test it with badblocks badblocks -vws /dev/hdb 6 hours has passed and it's still running That can happen. My last disk was a 2TB low-rpm disk. It took badblocks over 50 hours to complete the check. I can no longer wait and press Ctrl+c It have finished with 3 test patterns It says nothing about whether bad blocks are found or not badblocks will only output bad blocks. No output means that everything is fine. I have read its manual and get no answer about my question I'm still not sure if the disk is reliable I find smartmontools a better indicator of disk reliability than badblocks. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110924000633.02f49...@neminis.loos.site
Re: PostgreSQL vraagje
Paul van der Vlis (p...@vandervlis.nl on 2011-08-24 20:51 +0200): Op 24-08-11 18:17, Paul van der Vlis schreef: Hallo, Om PostgreSQL te backuppen per database heb je een scbone lijst met databases nodig, zonder allerlei opmaak. Deze lijst generereerde ik altijd met zoiets: [..] Ik heb iets (maar het kan vast mooier): su postgres -c psql -q -c 'SELECT datname FROM pg_database' \ | grep -v 'rows)' | awk 'NR2 {print $1}' Uiteraard: $ postgres -tA -c 'SELECT datname FROM pg_database' Gr, A -- To UNSUBSCRIBE, email to debian-user-dutch-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Partition not mounted. Was Transplanting old System to New Drive
Martin McCormick (mar...@x.it.okstate.edu on 2011-08-16 06:30 -0500): Is there a way to convince fdisk that hdb1 is not mounted? There might be. Try umount -f The information about current mounts is recorded in /etc/mtab (basically an old relic, but sadly still not put down). The real (kernel) information about mounts is in /proc/mounts. When copying root filesystems or working on a read-only / the mtab file can easily contain stale information. If you really know what you're doing, simply remove the file (protip: after cloning /, always remove /etc/mtab from the clone), or copy /proc/mounts over it. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110817213840.78cc2...@neminis.loos.site