Re: laptop freezes randomly - please help!! dell xps 15 with debian testing
On Mon, Jan 30, 2023 at 6:00 PM Alexandre Rossi wrote: > Hi, > > > In the past week my laptop freezes randomly, I can say it happens every > 2-3 > > hours. but there are actions that consistently always cause a freeze, > like > > opening Zoom or executing lspci in Terminator. > > I would suggest: > - try to get more debugging info using SysRQ keys [1] > - try to get more debugging info using netconsole[2] (needs wired > connection) > - try another OS (Ubuntu live CD, Windows) to rule out hardware problem > following the suggestion to try another OS i booted the computer with ubuntu 22.4 live usb, i'm working with since yesterday with no issues. i have enough memory so i installed some of the applications i use like slack,zoom,terminator and more, i even installed intellij idea and worked on my project for hours. zoom works with video ,slack works, there is no freeze , the computer is up with ubuntu 22.4 for almost 24 hours and everything looks ok. So i guess there is no hardware problem. So i don't know what to do, I'm thinking to reinstall debian but I'm not sure the problem will disappear because it may be something with the kernel of some package. > > [1] https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html > [2] https://debamax.com/blog/2019/01/03/debugging-with-netconsole/ > > Alex > >
Re: laptop freezes randomly - please help!! dell xps 15 with debian testing
I can get lspci listing with Gnome terminal with no problem , but when i try with Terminator, the second i press the enter key the computer freezes, well most of the time at least once it succeeded with Terminator too. On Mon, Jan 30, 2023 at 8:43 PM Charles Curley < charlescur...@charlescurley.com> wrote: > On Mon, 30 Jan 2023 18:59:19 +0200 > Shalom Ben-Zvii Kazaz wrote: > > > In the past week my laptop freezes randomly, I can say it happens > > every 2-3 hours. but there are actions that consistently always cause > > a freeze, like opening Zoom or executing lspci in Terminator. > > lspci leads me to wonder if lspci is triggering a hardware flaw > somewhere on the PCI bus. And Zoom might do the same thing: I > conjecture that it looks for cameras on the PCI and USB busses. > > Does it always freeze at the same point in the lspci listing? What > happens if you do a verbose listing? 'lspci -v' > > Can you get a complete lspci listing using an older version of Linux, > or a live CD version (e.g. finnix)? > > > > -- > Does anybody read signatures any more? > > https://charlescurley.com > https://charlescurley.com/blog/ > >
Re: laptop freezes randomly - please help!! dell xps 15 with debian testing
I tried SysRQ and there is no response when the computer freezes. i tried before freeze to make sure i know how to use it and it worked, i tried b and k and it worked. but when the computer freezes there is nothing, no response. On Mon, Jan 30, 2023 at 8:00 PM Alexandre Rossi wrote: > Hi, > > > In the past week my laptop freezes randomly, I can say it happens every > 2-3 > > hours. but there are actions that consistently always cause a freeze, > like > > opening Zoom or executing lspci in Terminator. > > I would suggest: > - try to get more debugging info using SysRQ keys [1] > - try to get more debugging info using netconsole[2] (needs wired > connection) > - try another OS (Ubuntu live CD, Windows) to rule out hardware problem > > [1] https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html > [2] https://debamax.com/blog/2019/01/03/debugging-with-netconsole/ > > Alex > >
laptop freezes randomly - please help!! dell xps 15 with debian testing
Hello, Sorry for starting a new conversation, the previous one didn't help me and I hope that now I have more details. I don't have any idea how to approach that, its my workstation and the past few days I just couldn't really work. I'm also not experienced with this mailing list and a bit confused how to reply here. I hope this time I will do it right. In the past week my laptop freezes randomly, I can say it happens every 2-3 hours. but there are actions that consistently always cause a freeze, like opening Zoom or executing lspci in Terminator. Its a dell xps 15 7590, Intel® Core™ i9-9980HK × 16, 64.0 GiB memory, Mesa Intel® UHD Graphics 630 (CFL GT2), The laptop is attached to a dell docking station wd19 with an external monitor and keyboard and external mouse. It's running Debian GNU/Linux bookworm (debian testing) with Gnome. I've been using this laptop for the past 3 years with the same setup with debian testing since its new. two month ago an official Dell technician replaced the keyboard and fans and cooling board while still under Dell warranty. The freeze started a few days ago after I did full-upgrade. Since then I did full-upgrade again a few times hoping that it's a bug that was fixed but it's still freezing. I always have a few projects open in Jetbrains Intellij idea and rider. I configure Intellij with 20GB memory, always a few browser windows open with many tabs, usually brave and chromium. I always have a few windows and tabs open in Terminator. and more. The freeze always happens as a result of some UI action. examples are when i tried to open settings, or some action in Intellij idea. It's completely random and happens with other applications too. there are actions that always cause a freeze, i tried that again and again restarting the computer every time and it's always the same result, and something suspicious with terminator: trying to open the Zoom app always causes a freeze, I use zoom regularly and there was never a problem until a few days ago. trying to execute the command lspci in Terminator always causes a freeze, everything else in terminator works. executing lspci in Gnome terminal works, that looks to me very suspicious. I tried that at least 10 times to make sure that it's not a coincidence and it's always the same, typing lspci in Terminator and then Enter freezes the computer, but not in Gnome terminal. What I did: As suggested to me here, I connected an ssh session with top and journalctrl -f from another computer and waited for a freeze. I have the latest messages from both at the bottom of this message. I started the computer with a gnome classic session, same thing, computer freeze. started with xfce session, same thing. I ran the Dell pre-boot performance test including a full memory test and it passed OK. I removed all the devices connected like external mouse and keyboard and same thing. I detached the laptop from the docking station and the computer freezes when trying to open zoom or execute lspci in Terminator. I hope someone can help in finding the cause of that freeze. this is info i collected This is journalctrl from another computer in ssh session just before the computer freeze, the freeze was exactly at 16:39 Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: java.lang.RuntimeException: Cannot invoke (class=, method=projectClosing, topic=ProjectManagerListener) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.util.messages.impl.MessageBusImplKt.invokeListener(MessageBusImpl.kt:639) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.util.messages.impl.MessageBusImplKt.executeOrAddToQueue(MessageBusImpl.kt:466) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.util.messages.impl.ToDirectChildrenMessagePublisher.publish$intellij_platform_core(CompositeMessageBus.kt:295) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.util.messages.impl.MessagePublisher.invoke(MessageBusImpl.kt:421) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at jdk.proxy2/jdk.proxy2.$Proxy97.projectClosing(Unknown Source) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.openapi.project.impl.ProjectManagerImplKt.fireProjectClosing(ProjectManagerImpl.kt:1040) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.openapi.project.impl.ProjectManagerImplKt.access$fireProjectClosing(ProjectManagerImpl.kt:1) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.openapi.project.impl.ProjectManagerImpl.closeProject(ProjectManagerImpl.kt:426) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.openapi.project.impl.ProjectManagerImpl.closeProject$default(ProjectManagerImpl.kt:369) Jan 30 16:38:57 xps-debian jetbrains-idea-ce.desktop[82252]: at com.intellij.openapi.project.impl.ProjectManagerImpl.closeAndDisposeAllProjects(ProjectManagerImpl.kt:362)
Re: laptop frozen when opening apps, debian testing with gnome
kageKit[2312]: resolve transaction /32688_aaecaebb from uid 1000 finished with cancelled after 323ms Jan 30 00:01:50 xps-debian gnome-software[4034]: internal error: failed, but no error code: cancelled Jan 30 00:01:50 xps-debian dbus-daemon[3297]: [session uid=1000 pid=3297] Activating service name='org.gnome.seahorse.Application' requested by ':1.35' (uid=1000 pid=3523 comm="/usr/bin/gnome-shell") Jan 30 00:01:50 xps-debian gnome-shell[3523]: Received error from D-Bus search provider org.gnome.Terminal.desktop: Gio.DBusError: GDBus.Error:org.freedesktop.DBus.Error.UnknownMethod: Object does not exist at path “/org/gnome/Terminal/SearchProvider” Jan 30 00:01:50 xps-debian dbus-daemon[3297]: [session uid=1000 pid=3297] Successfully activated service 'org.gnome.seahorse.Application' Jan 30 00:01:50 xps-debian PackageKit[2312]: resolve transaction /32689_acdbdcac from uid 1000 finished with cancelled after 311ms Jan 30 00:01:50 xps-debian gnome-software[4034]: internal error: failed, but no error code: cancelled Jan 30 00:01:51 xps-debian PackageKit[2312]: resolve transaction /32690_beddabed from uid 1000 finished with success after 294ms Jan 30 00:01:52 xps-debian systemd[3253]: Started Application launched by gnome-shell. top 9323 shalom20 0 389416 37848 28308 R 48.8 0.1 0:01.47 gnome-clocks 2312 root 20 0 377972 54280 18304 S 30.9 0.1 0:33.72 packagekitd 3523 shalom20 0 6970776 620328 446956 S 23.3 0.9 1:14.52 gnome-shell 5466 shalom20 0 5289772 709372 225944 S 21.9 1.1 4:27.93 firefox-esr 9321 shalom20 0 4616308 183336 94060 S 17.3 0.3 0:00.52 gnome-character 4034 shalom20 0 730912 83672 49864 S 13.0 0.1 0:08.00 gnome-software 9315 shalom20 0 550888 40832 23944 S 12.6 0.1 0:00.38 gnome-contacts- 8182 shalom20 0 2620200 219800 98688 S 11.0 0.3 0:56.39 Isolated Web Co 9402 shalom20 0 359068 35996 26500 S 10.6 0.1 0:00.32 gnome-disks 9326 shalom20 0 398104 36068 28484 S 8.6 0.1 0:00.26 gnome-terminal- 6114 shalom20 0 2517920 183140 102408 S 7.3 0.3 1:21.44 Isolated Web Co 9317 shalom20 0 899976 49148 35352 S 6.6 0.1 0:00.20 nautilus 9313 shalom20 0 342312 30380 22696 S 3.0 0.0 0:00.09 gnome-control-c 3297 shalom20 0 11128 6880 4340 S 2.3 0.0 0:00.67 dbus-daemon 4050 shalom20 0 699744 78740 58388 S 2.0 0.1 0:06.61 psensor 4400 shalom20 0 1784672 123896 58556 S 2.0 0.2 0:20.43 Xwayland 3486 shalom20 0 770772 58212 33768 S 1.7 0.1 0:00.57 goa-daemon 9319 shalom20 0 413604 24504 19536 S 1.3 0.0 0:00.04 gnome-calculato 3404 shalom39 19 701428 32428 19492 S 1.0 0.0 0:00.57 tracker-miner-f 3881 shalom20 0 760680 48000 26792 S 1.0 0.1 0:00.16 evolution-addre 7480 shalom20 0 2488348 141428 97648 S 1.0 0.2 0:25.34 Isolated Web Co 7483 shalom20 0 2469872 117060 90304 S 1.0 0.2 0:10.56 Isolated Web Co 7985 root 20 0 0 0 0 I 1.0 0.0 0:02.77 kworker/0:1-rcu_gp 8242 shalom20 0 2461252 107204 83560 S 1.0 0.2 0:00.39 Isolated Web Co 81 root 20 0 0 0 0 S 0.7 0.0 0:03.03 ksoftirqd/13 3925 shalom20 0 312436 14300 6872 S 0.7 0.0 0:01.44 ibus-daemon 4026 shalom20 0 4493304 523692 291540 S 0.7 0.8 0:06.59 quiterss 4112 shalom20 0 784084 120324 87532 S 0.7 0.2 0:10.79 terminator 15 root 20 0 0 0 0 I 0.3 0.0 0:00.55 rcu_preempt 103 root 20 0 0 0 0 I 0.3 0.0 0:00.76 kworker/u32:9-i915 127 root 20 0 0 0 0 I 0.3 0.0 0:03.25 kworker/13:1-events 1203 message+ 20 0 12064 7240 4228 S 0.3 0.0 0:01.36 dbus-daemon 1211 root 20 0 221760 8296 3440 S 0.3 0.0 0:00.20 rsyslogd On Sun, Jan 29, 2023 at 8:02 PM wrote: > On Sunday, January 29, 2023 01:59:51 AM Shalom Ben-Zvii Kazaz wrote: > > There is no ssh when its frozen > > Hmm, I'm a little confused, and maybe you are, also. > > I think the intent of the advice was to log into the frozen laptop from > another computer / device, using ssh *while the frozen laptop is not > frozen*. > > Further, on that other device, run a command like top or journalctrl -f, > and > then wait (or cause) the laptop to freeze. > > Then examine top or such on the working computer to look for clues as to > why > the frozen laptop has frozen. > > (I may be confused. ;-) > > -- > rhk > > (sig revised 20221206) > > If you reply: snip, snip, and snip again; leave attributions; avoid HTML; > avoid top posting; and keep it "on list". (Oxford comma (and semi-colon) > included at no char
Re: laptop frozen when opening apps, debian testing with gnome
There is no ssh when its frozen On Mon, Jan 23, 2023 at 11:19 PM Stefan Monnier wrote: > > completely frozen, need to shut down and restart. > > I'd check to see "how" frozen it is: e.g. try to log into it via SSH (or > better yet, keep an `ssh` or `mosh` connection to it with an `atop` or > `top` running inside of it, and/or `journalctl -f` so when it freezes > you can immediately see if the remote connection is also frozen and > what it is/was doing). > > > Stefan > >
laptop frozen when opening apps, debian testing with gnome
Hi since the latest full-upgrade three days ago on my laptop the computer gets completely frozen sometimes, yesterday got frozen few times when i tried to open zoom. today few times when i tried to open brave browser. completely frozen, need to shut down and restart. i'm running debian testing for three years on that laptop, dell xps 15, gnome desktop. what can i do,check? i'm not so experienced, usually there are no problems.
Re: OpenSSL 3.0 support for Debian11
You are correct, perhaps I shouldn't have recommended that given I'm not sure of the OP's experience with Debian. I personally run it like this with no issues. On 18/01/2023 06:18, David wrote: On Wed, 18 Jan 2023 at 10:24, Ben Lavender wrote: Stable releases don't always provide the latest software, generally that isn't always respectively "stable". The latest seems to be available via the repositories Debian testing and unstable of which you can still run on Debian 11 if you configure it so. Hi, Debian 11 is current Debian Stable release. There's a page on the Debian wiki titled "Advice For New Users On Not Breaking Their Debian System" [1] and the very first item of advice there is "If you're trying to install software that isn't available in the current Debian Stable release, it's not a good idea to add repositories for other Debian releases." So it might be a good idea for anyone considering adding additional software outside of what is officially packaged for a Debian Stable release to evaluate the information given on that page regarding different methods of doing so, and possible consequences. [1] https://wiki.debian.org/DontBreakDebian
Re: OpenSSL 3.0 support for Debian11
Stable releases don't always provide the latest software, generally that isn't always respectively "stable". The latest seems to be available via the repositories Debian testing and unstable of which you can still run on Debian 11 if you configure it so. https://tracker.debian.org/pkg/openssl On 17/01/2023 14:33, Shaheena Kazi wrote: Hello Team, We are using Debian 11 with OpenSSL 1.1.1n As OpenSSL 1.1.1 series is going EOL on 11th September 2023. We would like to know if Debian is planning to add OpenSSL 3.0 support on Debian 11 any time soon. Regards,
Re: Debian DSA-5095-1 : linux - security update
On Wed, 2022-03-16 at 23:46 +0530, Sona Das wrote: > Hi Team, > > We are having High level threat in our Debian systems detected by our > vulnerability scanners > Debian DSA-5095-1 : linux - security update > > Debian DSA-4994-1 : bind9 - security update > > We tried to upgrade our Debian systems using the Debian repo but the affected > packages didn’t received the package upgrade which takes care of the > vulnerability. Below packages are affected and are not getting upgraded: > linux-headers-5.10.0-10-amd64_5.10.84-1 This was replaced by linux-headers-5.10.0-11-amd64. So long as you install the metapackage linux-headers-amd64, replacements like this should be upgraded automatically. > libirs-export161_1:9.11.19+dfsg-2.1 This is the only version available in Debian. It is built separately from bind9 and is only used by the ISC DHCP server. Ben. -- Ben Hutchings Make three consecutive correct guesses and you will be considered an expert. signature.asc Description: This is a digitally signed message part
Re: strange file query
On 17/01/2022 10:07, ghe2001 wrote: Looking at your link to Wikipedia, it does indeed seem to have something to do with Mesa (there's a paragraph in there about 'shader'). But I've never heard of Mesa, and I certainly didn't install it. This sounds like one vote for deletion. Or maybe .8 votes :-) No. Leave well enough alone. Mesa is a core part of the graphics stack. Heaps of Debian applications use OpenGL for hardware-accelerated graphics rendering. Shaders are tiny programs that run on your GPU. If you delete this cache, it will likely be recreated, or Bad Things May Happen. You will have many Mesa libraries installed as dependencies: dpkg -l "*mesa*" On my system (sid), this removes 100 packages (note "-s" to simulate), including xserver-xorg!: apt-get purge -s -V libglapi-mesa There are likely other direct dependencies. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: po...@lists.debian.org
On 10/01/2021 11:33, gru...@mailfence.com wrote: and can i do that in stretch or do i need buster Thanks you so much. This is by far the best contribution to this thread. :-D Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: xfce widget problem
On 11/11/2020 11:26, ghe2001 wrote: How can I remove a widget that doesn't have a right-button xfce menu (the one with 'Remove' in it)? There's lots of info on the web about sticking one in the panel, but I can't find anything about removing one. Right-click / Panel / Panel Preferences / Items to see what you have in that panel. If it has no Remove option, it likely is a child of Notification Area that has been added by a process. I do not recommend removing Notification Area. Most applications that do this have an option to disable showing an icon in the "System Tray" (Xfce Notification Area is an implementation of this concept). As a last resort, you can exit the application or stop it starting in Sessions / Settings and Startup. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: title bar can't show chinese
On 17/09/2020 10:16, Long Wind wrote: firefox can show chinese page except in title bar(though in each tab's window, title is correctly shown) i use twm and below is option in /etc/X11/twm/system.twmrc TitleFont "-adobe-helvetica-bold-r-normal--*-120-*-*-*-*-*-*" i delete line above, it doesn't help both stretch and buster have this problem twm is ancient, so you have to specify an X11 bitmap font with Chinese language support. Consider using a window manager with scalable font support (this is what Firefox uses to draw its content). Xfce is a popular and lightweight choice. But twm can be made to work: I copied the system twmrc to ~/.twmrc and edited the TitleFont line to: TitleFont "hanzigb16fs" and then restarted twm. The Firefox window title was then displayed in Chinese for a Chinese language page. In fact, all window titles were displayed in Chinese. Tested with debian-live-10.3.0-amd64-xfce.iso under QEMU with locale zh_CN.UTF-8 set with "dpgk-reconfigure locales" and twm manually installed. Here are a few Chinese bitmap fonts installed by default: $ xlsfonts | grep gb2312 -isas-fangsong ti-medium-r-normal--0-0-72-72-c-0-gb2312.1980-0 -isas-fangsong ti-medium-r-normal--16-160-72-72-c-160-gb2312.1980-0 -isas-song ti-medium-r-normal--0-0-72-72-c-0-gb2312.1980-0 -isas-song ti-medium-r-normal--16-160-72-72-c-160-gb2312.1980-0 -isas-song ti-medium-r-normal--24-240-72-72-c-240-gb2312.1980-0 These three are aliases for the three fonts above without --0-0 in their names $ xlsfonts | grep hanzigb hanzigb16fs hanzigb16st hanzigb24st Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Create 3D text?
On 10/09/2020 13:53, Carl Fink wrote: Can anyone suggest a Debian repo-installable program to create 3D text? Blender. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: passwords + bad memory - Was (Re: how to test disk for bad sector)
On 02/09/2020 06:42, Mike McClain wrote: On Mon, Aug 31, 2020 at 09:41:06PM +, Long Wind wrote: my memory is poor, i can't remember many accounts and passwords The more experience you have the harder it is to find the memory you're searching for. That's my story and I'm sticking to it. Yes, you can't pour a gallon of knowledge into a shot glass without spilling a few drops (for those of us old enough to remember Married with Children). I use and recommend KeePassXC under Debian and KeePassDroid under Android to manage passwords without online services. They use the same .kdbx file format. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: recently-used.xbel
On 21/08/2020 12:31, Ben Caradoc-Davies wrote: On 21/08/2020 14:01, Mike McClain wrote: I took a look at ~/.local/share/.recently-used.xbel and see that not only is it tracking what I do but claims to be the property of freedesktop.org. This file records your most recently used local files. It is used to populate the "Recent Files" lists in many applications. If this still bothers you, you can disable it, but this seems to require per-toolkit settings. For example, for GTK3, edit ~/.config/gtk-3.0/settings.ini and add this line to the [Settings] section: gtk-recent-files-enable = 0 See: https://unix.stackexchange.com/questions/74031/disable-recently-used-in-gtk-file-directory-selector Delete ~/.local/share/recently-used.xbel then log out and back in. You might need similar settings for other toolkits such as GTK2 or Qt; the reappearance of ~/.local/share/recently-used.xbel will alert you to this. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: recently-used.xbel
On 21/08/2020 14:01, Mike McClain wrote: I took a look at ~/.local/share/.recently-used.xbel and see that not only is it tracking what I do but claims to be the property of freedesktop.org. Is there any way to see if this is being sent to them and who might they be selling this info to? It's bad enough that Google and so many others care to spy on us but it's really uncomfortable to think my own computer is doing it. This is worse than Big Brother. This file records your most recently used local files. It is used to populate the "Recent Files" lists in many applications. It is not sent to anyone unless you are syncing your home directory with a cloud service. Every href in my ~/.local/share/recently-used.xbel starts with "file:///" (a local absolute file URL). freedesktop.org is the organisation that maintains standards for filesystem layouts and some configuration file formats so that different applications and Linux distributions can use the same directory structure, launchers, and so on, to make life easier for users and application developers. They never receive user data. The tag owner="http://freedesktop.org;> in recently-used.xbel just means that they define the meaning of the enclosed tags. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Recommendation for filesystem for USB external drive for backups
On 20/08/2020 10:08, David Christensen wrote: On 2020-08-13 01:31, David Christensen wrote: Without knowing anything about your resources, needs, expectations, "consistent backup plan", etc., and given the choices ext2, ext3, or ext4 for an external USB drive presumably to store backup repositories, I would also pick ext4. If you want to access the backup drive from foreign operating systems: If interoperability is a consideration, FAT32 and NTFS should also be considered. FAT32 is widely used for removable flash media but has a 4GB file size limit, no journaling, and no support for permissions. NTFS is widely used for external hard drives and has journaling and support for attributes. If you buy a consumer-grade external hard drive, it will most likely be formatted with NTFS. Backup archives (such as tar archives) can be used to preserve Linux file metadata (permissions and timestamps) on foreign filesystems. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Recommendation for filesystem for USB external drive for backups
On 13/08/2020 12:14, rhkra...@gmail.com wrote: I'm getting closer to setting up a consistent backup plan, backing up to an external USB drive. I'm wondering about a reasonable filesystem to use, I think I want to stay in the ext2/3/4 family, and I'm wondering if there is any good reason to use anything beyond ext2? I use and recommend ext4. Journaling protects against filesystem metadata corruption, which can be caused by an electrical outage or system crash. ext3 also has journaling, but I see no reason to not use ext4. It is robust, widely deployed, and the default in Debian. My backups are pigz-compressed tar archives, encrypted with gpg symmetric encryption, with a "pigz -0" outer wrapper to add a 32-bit checksum wrapper for convenient verification with "gzip -tv" or similar without requiring decryption. Archives are written to both external local storage and uploaded to cloud storage. Because I have a small number of large backup files, I make backup filesystems to optimise for large files and maximise space: minimal journal, no reserved blocks, large file inode ratio, and no support for resizing while mounted. I also disable mount count and interval checking: mkfs.ext4 -J size=4 -m 0 -T largefile4 -O "^resize_inode" /dev/sdb1 tune2fs -c 0 -i 0 -L Backup /dev/sdb1 I have this line in /etc/fstab: LABEL=Backup /media/backup ext4 noatime,noauto,user,errors=remount-ro 0 0 Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: what calculator do you use?
On 14/07/2020 03:39, Wolf Halton wrote: I know you are looking for a GUI calculator app, however I would like to entice you with a CLI app that is easy to use, but will make your coworkers think you are secretly a computer expert. I tend to use python3 in the terminal window. I open a terminal, type python or python3 in the command line. It lets me do relatively complex calculations, and makes easy copy/paste of the entire calculation where required I use powershell in Windows the same way. Can just use the up-arrow to repeat similar calculations. Python is a programming language and it’s pretty simple to set up all kinds of repetitive math quite easily, but you probably won’t need all the capability (at least at first). 4/5 (enter) gets you 0 which is good for estimating but 4.0/5 gets you 0.8 like you probably expect "Floor division" is the default in Python 2 (without "from __future__ import division"), but in Python 3, "true division" is the default and there is a new "floor division" operator. Python 2: 4 / 5 == 0 4.0 / 5 == 0.8 Python 3: 4 / 5 == 0.8 4 // 5 == 0 Project Jupyter <https://en.wikipedia.org/wiki/Project_Jupyter> provides a rich set of tools and supports Python. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: what calculator do you use?
On 13/07/2020 19:31, kaye n wrote: Correct me if I'm wrong, but I don't see any calculator app in my Debian os. What do you guys use? I'm having trouble with Galculator. Python 3 with the contents of the math module imported. I have this in my ~/.bashrc: alias pyc="python3 -i -c \"from math import *\"" Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Thank you [was: Reminder about the Debian Code of Conduct]
On 26/06/2020 02:50, Default User wrote: "Beware the censor, for in his heart, he deems himself your master." main! -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: why foxit hasn't been included in buster?
On 25/06/2020 17:01, Long Wind wrote: oh, i see, it's not free, so it isn't included in debian mainthen i will try evince qpdfview is also nice. Qt application so takes a little fiddling to get consistent theming if you are using Gnome or other GTK-based desktop. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: What is the best practice for a firewall for Debian Buster: iptables or nftables?
Personally I'd learn nf_tables because that's the way forward and if you stick to it's CLI then the better. I found this on github: https://github.com/larsbs/nftablui but i havn't used it myself so maybe it could be of use to you? Regards Ben Lavender On Sat, 20 Jun 2020, 15:25 Tom Browder, wrote: > I see it's recommended that Buster users use nftables, but the default > installation still uses iptables! > > I need to change ports on my new remote server to allow http and https > traffic, but should I keep using iptables? Or should I remove iptables > and install nftables first? > > If I keep iptables, should I add a firewall management program like > ufw or something else? Is there something like ufw for nftables? > > Thanks. > > Best regards, > > -Tom > >
Re: technical terms overhaul
On 20/06/2020 11:19, Larry Martell wrote: On Fri, Jun 19, 2020 at 7:08 PM Eike Lantzsch wrote: I really like "redlist" and "greenlist". Offensive to Native Americans and Martians. And also culturally confusing to some Chinese in which red is a happy colour. As I understand it, Chinese stock market colour coding is opposite to Western. Red/green is also the most common form of colour-blindness. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: technical terms overhaul
On 20/06/2020 09:45, davidson wrote: On Fri, 19 Jun 2020, Dan Ritter wrote: Most things described as master/slave aren't actually very well matched by that metaphor. Source/sink, boss/worker, Woah there. "Team Leader" / "Team Member", please. "Secretary of the Workers' Revolutionary Committee" was once popular, but has not yet, as far as I know, been applied to technology. Some high-availablity clusters vote to elect their leaders so that a defective primary can be deposed. "Associate" is a popular weasel word for lowly-paid employees. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: technical terms overhaul
On 20/06/2020 07:14, Eike Lantzsch wrote: instead of (for example on disk drives) "master" and "slave" I like to propose the terms This discussion reminds me of the PC gaming supremacists on the pcmasterrace subreddit <https://old.reddit.com/r/pcmasterrace/>. The term "master" has a long history. In addition to its racial connotations, it is also gendered. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: onde está a comunidade Debian
Ótimo desfecho para essa discussão sem sentido. Valeu, Terceiro. On April 20, 2020 10:53:11 PM GMT-03:00, Antonio Terceiro wrote: >On Mon, Apr 20, 2020 at 07:37:11PM -0400, Thiago C. F. wrote: >> Hoje em dia o Telegram esta sendo muito utilizado pela comunidade. Já >os >> meios oficiais de contato, como pelo IRC por exemplo, esta parado, >quase >> morto, infelizmente (pelo menos para mim, pois gostos dos meios >oficiais). >> Gosto do IRC. Acho que gera uma certa nostalgia. Mas... como a >maioria >> prefere a praticidade, logo estou também acompanhando o Debian Brasil >pelo >> Telegram. > >Note que o dia a dia do desenvolvimento do Debian continua acontecendo >por email e IRC, como sempre. O #debian-br é provavelmente o canal com >menos movimento no meu cliente, mas os vários outros onde eu estou são >bem ativos. > >De fato uma boa parte da comunidade de usuários acabou indo pra outras >plataformas. Por um lado a dispersão é um problema, mas por outro é >também inevitável: a cada dia existem mais e mais plataformas, e as >pessoas são livres pra se reunir onde elas bem entenderem. > >Existe uma discussão no projeto sobre fornecer espaços mais "modernos" >que incentivem a participação de mais gente. Por exemplo, tem um >pessoal >testando uma instência de Discourse que talvez se torne permanente >(discourse.debian.net). > >E hoje em dia, tem bastante gente nos canais IRC que estão usando uma >ponte matrix. Eu mesmo tenho uma conta matrix pendurada nos canais mais >importantes pra mim, pra poder acompanhar pelo celular. -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade.
inactive uploaders maintainers what to do?
Hello, Some package maintainers/uploaders seem inactive and/or email is gone. Can I report this somewhere? And how, if so. Nice Day, signature.asc Description: OpenPGP digital signature
Re: Cannot open Trash in spacefm?
On 07/03/2020 07:40, kaye n wrote: *What happens if, as a test, you select Thunar as your preferred file manager, and then double-click on the Trash icon?* It opens! This confirms that the problem is in spacefm, not Thunar or Xfce. I was able to reproduce the behaviour you report on a buster live image after installing spacefm. I am not familiar with spacefm, but seems that it does not support Trash, trash:/// urls, or any other part of the Freedesktop.org Trash specification. There are some community plugins for Trash support, but I think you also need handler support to get trash:/// urls to work. I have updated the title to draw attention from anyone who might be able to help with spacefm. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Cannot open Trash?
On 06/03/2020 16:28, kaye n wrote: I forgot to mention that I've made spacefm the default file manager of my system. Double-clicking the trash icon in the desktop screen and then choosing a file manager to open it results in /home/user being shown, not the trash directory, regardless if I choose thunar or spacefm. What happens if, as a test, you select Thunar as your preferred file manager, and then double-click on the Trash icon? I have not tried spacefm. What happens if you try to open Trash directly with spacefm? spacefm trash:/// It is possible that exo-open is misconfigured (and I think that is what is used to open preferred applications). For me, this opens Trash in Thunar (my preferred file manager): exo-open --launch FileManager trash:/// Please also see the following output: *kaye@laptop:~$ sudo dpkg -l "gvfs*" It looks like you have all the expected gvfs* packages so this is not the problem. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Cannot open Trash?
On 06/03/2020 11:39, Ben Caradoc-Davies wrote: I tried purging gvfs-backends and was still able to access Trash via Thunar, so missing this package is not likely to be your issue. But if I purge gvfs itself, Trash vanishes from Thunar and cannot be accessed by manually entering the location "trash:///". If you are missing the gvfs package, you can install it with: apt-get install gvfs or via the package manager of your choice. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Cannot open Trash?
On 06/03/2020 11:29, Ben Caradoc-Davies wrote: What gvfs packages do you have installed? See with: dpkg -l "gvfs*" Some gvfs-* packages are optional and one might include the handler for trash: urls. apt-get dist-upgrade on sid recently tried to remove gvfs-backends during the python3.8 transition, but you are on buster so should not have been affected, and I do not think gvfs-backends provides the handler for trash: urls. I tried purging gvfs-backends and was still able to access Trash via Thunar, so missing this package is not likely to be your issue. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Cannot open Trash?
On 05/03/2020 20:55, kaye n wrote: Hello Friends! My system: Host: laptop Kernel: 4.19.0-6-amd64 x86_64 bits: 64 Desktop: Xfce 4.12.4 Distro: Debian GNU/Linux 10 (buster) There is a Trash icon on the desktop screen. If I double-click it to open it so I can view its contents, I get a dialogue box with the title, *Handler Not Found* The message of the dialogue box is: *No network handler is configured for this URL, or no mount command is set. Add a handler in Devices|Settings|Protocol Handlers.* I'm too ignorant right now to figure it out. I would appreciate it if anyone could give a step by step instruction. Thank you very much! Can you open Trash in Thunar? If not, try opening a Terminal, quit Thunar with Close All Windows (or use "thunar -q" as I am not sure quit works if Thunar is managing your desktop), run "thunar" at the command line, and look for error messages. You might also see error messages in ~/.xsession-errors . What gvfs packages do you have installed? See with: dpkg -l "gvfs*" Some gvfs-* packages are optional and one might include the handler for trash: urls. apt-get dist-upgrade on sid recently tried to remove gvfs-backends during the python3.8 transition, but you are on buster so should not have been affected, and I do not think gvfs-backends provides the handler for trash: urls. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Anti-malware for my personal Debian workstation?
I agree with this deeply. It's surprising the amount of machines I see that have some fancy subscription-based and expensive AV but have the firewalls, SELinux, UAC disabled along with weak filesystem and sharing ACLs. It's fine to get a good AV running on the system but they don't detect all malware, and I've always run with that being something like 50% of malware being detected. Good security practices is the best first line of defence, believe me I've seen the evidence when it's not. On 23/02/2020 12:02, mlnl wrote: Hi l0f...@tuta.io, l0f...@tuta.io wrote: Considering the fact I am human so not perfect at all + other notions like defense in depth / layered defense... would you recommend having a Linux anti-malware? I have used clamav, linux malware detect with 3rd party repos like sanesecurity just for fun and for some time to see, what you can do beside commercial products. I had only a few postive, Windows related matches and a lot of false positives - and think about the 0-day problem with all anti-malware or the capabilities of state sponsored cracker groups or CNA/CNE groups inside military/civil state organizations ;) I think, it is more important & usefull to audit & harden/secure your system, kernels (KSPP), services and applications with IDS/IPS (e. g. Samhain), MACs like AppArmor, systemd-analyze security unit, secured sudoers file, use of additional 2FA tokens and so on...
Re: The nightmare of Intel Integrated GPUs under Linux in general and Debian in particular
On 13/02/2020 18:24, T wrote: Have you monitored your CPU temperatures? mprime (AKA Prime95) is a well-known CPU stress tester. I would also test memory with multiple concurrent instances of memtester. All problems I suspected of being caused by CPU overheating were in fact caused by RAM (most recently, a tiny overclock that seemed safe and harmless but caused intermittent corruption). Integrated GPUs are totally reliant on system RAM. There is also gputest, but I have not used it. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Best file system to use?
On 13/02/2020 12:55, Dennis Wicks wrote: I have 4TB running on an AMD Ryzen under Buster. What is the current consensus of the best file system to use for general data usage? I have been using xfs but that is based on info from many years ago. With apologies to Samuel L Jackson (as Beaumont in Jackie Brown): ext4. The very best there is. When you absolutely, positively got to have the most robust and widely deployed Linux filesystem, accept no substitute. In all seriousness, unless you have niche performance needs and quantitative evidence to support them, or require fat32 for interoperability (and are willing to sacrifice Unix permissions and file size), do not overlook the robustness and ubiquity of ext4. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: buster: low audio level
On 13/02/2020 13:48, Jonas Smedegaard wrote: Quoting Doug McGarrett (2020-02-13 01:15:57) What on earth is bikeshedding? That's a new one on me! That's when you ask something in a large community that is easy to have an opinion on and with many possible opinions - e.g. asking "which color should we paint our bikeshed?" or "what disk format is best" or "which computer should I buy?" https://en.wikipedia.org/wiki/Law_of_triviality The choice of easy problems with many possible solutions is the observed behaviour, but the outcome is that "members of an organization give disproportionate weight to trivial issues". Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: guys
Even though RTM always applies, sometimes things do get more complicated with lesser experienced users regardless and sometimes other peoples issues aren't always related to FAQ/DOC/MAN etc This is a users mailing list after all. On 01/02/2020 19:31, mick crane wrote: I probably shouldn't post this. I see all these questions people trying to get their installations to work. It is supposed to be files with documentation what they do. Is there a reason things seem to get more complicated ? mick
Re: customização da Live CD
Olá Caio, Creio que seja uma boa ideia entrar em contate com o pessoal da lista debian-l...@lists.debian.org, pois é onde se discute a respeito dessa versão do sistema. Att, On 30/01/20 03:11, Caio Ferreira wrote: > Lista > > alguém saberia me dizer se existe a possibilidade de customizar a iso do > Live CD do Debian? eu estou querendo acrescentar o software minicom ou > putty no live CD do Debian > > desde já agradeço pela atenção > > Caio Abreu Ferreira -- Qobi Ben Nun GPG F733 0F08 BB62 FA82 A6B6 E4E0 E781 D54A 536F 0287
Re: Protecting no longer supported Windows7
Wanderer is correct here, you can attempt to purchase an ESU for it, which depends on version. https://support.microsoft.com/en-gb/help/4527878/faq-about-extended-security-updates-for-windows- Regards On Wed, 15 Jan 2020, 13:48 The Wanderer, wrote: > On 2020-01-15 at 01:29, Alexander V. Makartsev wrote: > > > On 15.01.2020 10:25, john doe wrote: > > > >> Hi, > >> > >> I have a Debian server serving/doing DHCP/DNS/firewall/..., as of > >> today, Microsoft stops supporting Windows7. > >> > >> Is there anything that I could do to protect those Windows7 hosts > >> that are behind this server? > >> > >> P.S. > >> > >> For the sake of this question, upgrading to W10 /buying new > >> Windows devices is not an option. > > > > End of support for Windows 7 means that you won't get OS updates, or > > any kind of support anymore. > > True. (Unless you have a paid extended-support contract with Microsoft, > in which case - as long as you keep paying, I think per-computer - you > have something like another two years.) > > > It also means Microsoft will now change many downloadable support > > packages so they won't run anymore on Windows 7 > > Possible, although I wouldn't expect them to bother to go and make > changes en-masse. It's more likely that they just won't bother to make > sure that future changes to such packages remain compatible with Windows 7. > > > and delete TechNet articles about Windows 7, > > Are you sure? I've never seen them do that with previous releases; at > the least, I'm fairly sure I keep running across Technet articles (and > other support documents) marked as being for older Windows versions, > when I'm looking for ones that apply to something newer. > > > and also 3rd party software developers now have rights to deny any > > support for Windows 7. > > They had that before; it just wasn't a particularly good idea in many > cases. Some of them will probably start doing this, while others will > probably continue offering as much support as they did before, at least > for a good while. > > > If Windows 7 is unsupported it doesn't means it will stop function, > > it means, in terms of support and maintenance, you're on your own. It > > will stay as secure as it is to this day > > Modulo the discovery of new security vulnerabilities, which currently > exist but aren't yet known about, anyway. So technically true, but > doesn't mean what it might appear to mean at first glance. > > Personally, I'm half-expecting one or more previously unknown zero-day > vulnerabilities to be revealed and start being actively exploited today, > now that the only people who will be getting patches for them are the > ones who have paid extended-support contracts with Microsoft. > > > and it doesn't really depend on firewall, if you won't open > > (port-forward) high risk service ports (like RDP, SMB, etc) to the > > internet, of course. > > I'm not really sure what you're talking about here. While yes, if you > wall a Windows 7 computer off from access to the Internet any security > vulnerabilities it may have will become far closer to irrelevant than > otherwise be the case, anything short of that will still leave ways by > which it could get infected (especially assuming less-than-perfect > security behavior on the part of users) - and the full wall-off would > most likely be impractical for real-world use. > > -- >The Wanderer > > The reasonable man adapts himself to the world; the unreasonable one > persists in trying to adapt the world to himself. Therefore all > progress depends on the unreasonable man. -- George Bernard Shaw > >
Re: Protecting no longer supported Windows7
I personally recommend upgrading them, if not then ensure they are isolated from the rest of the network as well as ensure they do not have WAN access. Further ensure they are protected by an up-to-date AV with regular scans. Think hard if you really need them as you may be able to remove then entirely. Regards Ben Lavender On Wed, 15 Jan 2020, 05:25 john doe, wrote: > Hi, > > I have a Debian server serving/doing DHCP/DNS/firewall/..., as of today, > Microsoft stops supporting Windows7. > > Is there anything that I could do to protect those Windows7 hosts that > are behind this server? > > P.S. > > For the sake of this question, upgrading to W10 /buying new Windows > devices is not an option. > > -- > John Doe > >
Re: apple mini
On 09/01/2020 16:45, David Wright wrote: No, don't mix degaussers and disks. If you want to reuse them, they're likely too damaged. If you're concerned about data recovery, then they're unlikely to be erased enough to prevent it. <https://en.wikipedia.org/wiki/Degaussing>: "For certain forms of computer data storage, however, such as modern hard disk drives and some tape drives, degaussing renders the magnetic media completely unusable and damages the storage system. This is due to the devices having an infinitely variable read/write head positioning mechanism which relies on special servo control data (e.g. Gray Code) that is meant to be permanently recorded onto the magnetic media. This servo data is written onto the media a single time at the factory using special-purpose servo writing hardware." -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: apple mini
On 09/01/2020 15:57, ghe wrote: Back in the analog days, I worked at a college radio station that sent out radio programs on tape. There was a big box that we passed a reel of tape over to erase it. That box might do disks too :-) I recall reading that the information encoded on HDDs is much more densely and strongly encoded and on multiple platters, so much harder to reliably erase with external magnetic fields such as those generated by a bulk tape eraser. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: apple mini
I use ATA secure erase <https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase>; I activate it with hdparm from a live usb drive (you may need to install hdparm). I do not know if ATA secure erase is supported by the mini bios and drive. Many bioses I have seen that freeze security can be unfrozen with a suspend/resume cycle. ATA secure erase is fast, optimised for the drive, and can also erase unallocated blocks that are not visible to the operating system (especially those on SSDs). No HDD can be fully overwritten in two minutes. Enhanced erase may offer more protection, but you are at the mercy of the HDD vendor implementation. I also encrypt all my drives. If you need to protect against an attacker willing to examine your HDD with magnetic force microscopy, there is no substitute for physical destruction of the media. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Firefox equivalent of SeaMonkey's pref.js
On 20/12/2019 10:52, Richard Owlett wrote: As I date from Netscape era I much prefer SeaMonkey. However when I did a reasonably default install of Debian 9.8 I got Firefox 60.5.0esr . Due to *OPERATOR ERROR*, I mangled a preference. On the mozilla.general list I was told to edit pref.js . For SeaMonkey I have no problem. For Firefox where/what is equivalent file/directory? ?? ??? ?? TIA prefs.js (with an "s"): ~/.mozilla/firefox/$PROFILE/prefs.js where $PROFILE is the generated profile directory. If you have multiple profiles, you can find all instances of prefs.js with: find ~/.mozilla/firefox -name prefs.js Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: USB Examiner Package? Special USB Kernel Modules?
On 27/11/2019 04:28, Kenneth Parker wrote: My suspicion, by the way, is that the Power types of Malware are caused by shorting out some Pins. USB is designed to survive shorts. An example of a malicious device is the USB Killer, which is available from a commercial supplier. Similar devices have been improvised for very little cost: https://en.wikipedia.org/wiki/USB_Killer "The device collects power from the USB power source of the component it is connected to in its capacitors until it reaches a high voltage and then it discharges the high voltage onto the data pins." [...] "In April 2019, a 27-year-old Indian former student of the College of Saint Rose, Vishwanath Akuthota, pleaded guilty to destroying 59 computers in his college using a USB killer, resulting in over $50,000 in damages." Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: USB Examiner Package? Special USB Kernel Modules?
On 26/11/2019 16:37, Kenneth Parker wrote: Here's an interesting one: A Windows friend handed me a USB Dongle, knowing that I'm a Linux user. He says he got it 3rd hand, with info that it might be "Very Dangerous". He would be interested, if I find out something about it. (And, indeed, Google has many hits on "USB Malware"). So, what I want, is a USB Debugging Package, that will *NOT* attempt to, actually open this device, but will give me information about it. Obviously, this has to be handled carefully because, for one, it's not always obvious which USB goes where. For example, before I plug it in, "lsusb" should not show anything plugged in. End of preliminaries. When I plug in something, (i.e. Serial Mouse in Text Only environment, or a USB Thumb Drive), a Flurry of Activity ensues, with lots of Kernel Messages (and before I get to examine it). Does that mean I have to make a Custom Kernel for this, or limit the Kernel Modules used? Any insights so far? I take it that you are aware that there are malicious USB devices that look like thumb drives and can: (1) impersonate an HID (e.g. keyboard), fingerprint the host, open a terminal, and start typing at maximum rate to download malicious software (hence your interest in disabling kernel USB support), or (2) deliver a high voltage to the USB bus to inflict physical damage. At the least, I hope you have watched all USB-related DEFCON videos on YouTube, especially those on BadUSB. One or two were enough for me to never want to use a USB thumb drive of unknown provenance. That is all I know. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Orphaned Inode Problem
On 19/11/2019 08:17, Reco wrote: A kernel panic or OOPS comes to mind first. That's very broad class of the problem, to say the least, hence the need of kernel logs. Xorg hang is the second possible option. AMD hardware is somewhat problematic here. Barring above - an overheat is the third possible scenario here. Memory errors under load can also cause kernel panics. I like to test RAM by running multiple concurrent memtester processes to simulate multithreaded load. Some AMD platforms had a reputation for instability with anything less than the highest performance RAM. mprime (Prime95) is useful for stress testing a CPU. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Top 7 Programming Languages That Employers Really Want
On 18/10/2019 15:33, Turritopsis Dohrnii Teo En Ming wrote: This is just a quick survey. May I know what programming languages do you know? I am considering being a programmer or developer. How long will it take for me to master a programming language like C++, Java, and Python? Mastery is a high level goal. Are you trying to learn enough to secure employment in an entry-level position? Python is easiest to learn and widely used, but not commonly used in packaged products. Java is the most widely used, and designed as a more portable and easier to learn alternative to C++, which is also widely used. C++ is by far the hardest. Do you have a particular industry in mind? The choice of language will follow the domain. Software development is about much more than just programming: teamwork, engineering practices, and personal technical and business problem-solving ability. What is your background? A great way to learn is to choose an open source project that uses a language of interest to you and contribute bug fixes to it. Proven ability on open source projects is a great way of building your resume. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Only boot tty
Hi I was installing Debian and after finishing I was only able to boot into a tty. There was a problem during install where it wouldn't connect to the mirror and I had to go ahead anyway and it said I'd only have basic utilities. I was at the library and I may have had a unreliable connection.
Re: Debian Buster update error
On Thu, 2019-09-26 at 07:55 +, c...@riseup.net wrote: > Hi, > When update buster, it gives the following errors: > > Setting up linux-image-4.19.0-6-amd64 (4.19.67-2+deb10u1) ... > /etc/kernel/postinst.d/initramfs-tools: > update-initramfs: Generating /boot/initrd.img-4.19.0-6-amd64 > > gzip: stdout: No space left on device > E: mkinitramfs failure cpio 141 gzip 1 > update-initramfs: failed for /boot/initrd.img-4.19.0-6-amd64 with 1. > run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return > code 1 > dpkg: error processing package linux-image-4.19.0-6-amd64 (--configure): > installed linux-image-4.19.0-6-amd64 package post-installation script > subprocess returned error exit status 1 > Errors were encountered while processing: > linux-image-4.19.0-6-amd64 > E: Sub-process /usr/bin/dpkg returned an error code (1) > > Any ideas how to solve it? [...] There are several things you can try: * Remove outdated kernel packages with "apt autoremove" * Expand the /boot partition (but it seems you already found this is impossible) * Exclude unneeded modules from the initramfs: - Change the MODULES setting in /etc/initramfs-tools/initrams.conf to MODULES=dep - Run "update-initramfs -u" If you do this, the disk probably won't be bootable if you move it to another computer. * Compress the initramfs harder: - Change the COMPRESS setting in initramfs.conf to COMPRESS=xz This will make kernel/initramfs updates very slow, though. Ben. -- Ben Hutchings Beware of programmers who carry screwdrivers. - Leonard Brandwein signature.asc Description: This is a digitally signed message part
Re: Screensaver issues after distro upgrade
On 11/09/2019 06:11, Christopher David Howie wrote: On 9/10/19 4:30 AM, Miroslav Skoric wrote: After upgrading the old laptop from Jessie to Stretch, I noticed that the screensaver in Mate environment does not work for me as before. For example, when the screen goes black after some time of inactivity, for returning back it is not enough just to touch the touchpad or press any key. Instead, pressing any key or touching the touchpad makes the screen just some 1% lighter than the full black (or better to say, it remains 99% black). However, the last working GUI does not return. I have this same issue with the default configuration of XFCE on Buster, where the problem was not present on Stretch. Is light-locker installed, and do you use lightdm? light-locker appears to be the source of this issue. Googling "light-locker black screen" returns dozens of posts across many sites complaining about the same problem. I resolved this issue by removing light-locker and installing xscreensaver instead. Note that this required removing a few metapackages, and then marking the dependent packages that I wanted to keep as manually installed to prevent apt from removing most of my desktop tools. I saw the same problem when I tried lightlocker after upgrading to XFCE 4.14, so I went back to good old xscreensaver. Ugly bitmaps fonts and no theming, but secure and reliable. There is a new locker in XFCE, but there have been reports of segfaults causing uncommanded unlock, so I consider it too vulnerable for use. There is a bug report. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Xfce 4.12 to 4.14: high Xorg CPU usage
On 28/08/2019 01:01, Stefan Pietsch wrote: I upgraded Xfce to 4.14 recently (Debian unstable) and noticed slightly delayed rendering of UI elements. Firefox and Thunderbird behave sluggishly and CPU usage by Xorg is significantly higher as compared to Xfce 4.12. Did anyone who is using Xfce 4.14 observe similar effects? Does top/htop show any process burning CPU? I mask the colord service because I do not need it, and after upgrading from Xfce 4.12 to Xfce 4.14, my session acquired an xiccd process that sat burning 100% of one CPU (unhappy about not being able to contact colord?). I disabled it from my Xfce session in Settings / Session and Startup / Application Autostart, logged in and out, and the problem went away. I do not save my sessions. Other than needing to use ~/.config/gtk-3.0/settings.ini to force all Xfce GTK 3 elements to use the correct font size (the setting is ignored for some elements), everything else works for me as well as in 4.12 and performance is satisfactory. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: duckduckgo
On 19/08/2019 08:52, to...@tuxteam.de wrote: This is actually for me a filter criterion: if a site doesn't work with javascript, chances are high that I avoid it. I do make some exceptions, but very few. I use NoScript to enable JavaScript only where I want it. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: How free is Debian
On 09/08/2019 12:05, John Hasler wrote: There is a lot wrong with the patent system. Twenty years is too long. Fees are too high. Processing is too slow. The language used in the disclosures is arcane (the disclosure is supposed to teach the invention to someone "skilled in the art", but the art one must be skilled in is patent law). Software patents not only exist, but are described in *incredibly* arcane language rather than in source code. Pharmaceutical patent law is even more bizarre than software patent law (mostly due to the efforts of Congress to "fix" it). New Zealand banned pure software patents in 2013: How New Zealand banned software patents without violating international law https://qz.com/119419/how-new-zealand-banned-software-patents-without-violating-international-law/ Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Wireless home LAN - WiFi vs Bluetooth?
On 01/08/2019 01:44, Reco wrote: On Wed, Jul 31, 2019 at 02:32:25PM +0100, Brian wrote: On Wed 31 Jul 2019 at 16:07:33 +0300, Reco wrote: On Wed, Jul 31, 2019 at 07:58:54AM -0400, Celejar wrote: mathematical analysis of how much hardware would be necessary to crack a good WPA2 password. I've seen lots of sites explaining how to use hashcat with a GPU, and various real-world tests on lists of hashed passwords (e.g., [1]), but can you provide a serious analysis of the practical cost, in time or hardware, of cracking a real-world WPA setup? Cost - Amazon will take 11c per hour for that VM that comes with NVIDIA Tesla videocard. Said hour is more than enough to bruteforce 8 character WPA passphrase with hashcat. In the context of a home user producing a secure wireless configuration, a 64 random character passphrase works wonders. The sky is not about to fall in. Agreed. If 64 character password is reasonably random, bruteforcing it is economically unfeasible. With obvious exceptions, of course. Entering such password to a device is somewhat tedious though. Especially tedious on devices with limited input interfaces, such as smart TVs, game consoles, and printers. Restricting the WPA2 passphrase to digits and lowercase letters reduces entropy but makes input more bearable. Seeing the reaction of guests when they are handed a piece of paper with a long random WPA2 passphrase: priceless. It never gets old. :-D Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Lançamento da Buster
É justamente o mal uso das ferramentas. Como tinha sido mencionado anteriormente, Telegram e afins são práticos, porém falta muito bom senso e bons hábitos pra que funcione devidamente. Não posso dizer pelos outros, mas sou um brasileiro que gosta de ler. :-) Não sem motivo que estou aqui interagindo com vocês. Em 3 de julho de 2019 21:18:23 BRT, Gilberto F da Silva <2458...@gmail.com> escreveu: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >On Wed, Jul 03, 2019 at 08:43:01AM -0300, Qobi Ben Nun wrote: >> Primeiro, que nem sempre as respostas ficam embaixo das perguntas e >depois o que tem de gente fazendo a mesma pergunta quase que o tempo >todo sem nem se dar ao trabalho de buscar no histórico grupos é de se >estressar. Tudo bem que ao fazer isso, vai gerar grande confusão também >porque se escreve muito mal, de forma fragmentada, sem fornecer >informação que ajude a resolver as dúvidas. >> Estou chegando a conclusão de que não é a ferramenta usada. Seja um >tipo ou outro, tem quem faça bobagem e subutilizam a ferramenta. > > Por que o pessoal abandonou o hábito de responder depois das > perguntas e deixaram de quotar as mensagens? > >- -- > >Stela dato:2.458.668,511 Loka tempo:2019-07-03 21:16:39 Merkredo >- -==- >"O livre arbítrio na realidade não é livre, pois é uma coação você só >pode escolher dois caminhos, um é bom e outro é ruim. Livre arbítrio >mesmo é poder escolher muitos caminhos, todos bons". >-- Perrone >-BEGIN PGP SIGNATURE- >Comment: +-+ >Comment: ! Gilberto F da Silva - ICQ 136.782.571 ! >Comment: +-+ > >iF0EARECAB0WIQR6BybJIKBLy3+8xXcnG6Ba0yEbDgUCXR1FzQAKCRAnG6Ba0yEb >DqmvAJ98jhN23f1Bcov9Lmb1Vh74HGzmLACeKxHTILBWJW9nbizPsVzpuhF7CFU= >=1Z9K >-END PGP SIGNATURE- -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade.
Re: Lançamento da Buster
Primeiro, que nem sempre as respostas ficam embaixo das perguntas e depois o que tem de gente fazendo a mesma pergunta quase que o tempo todo sem nem se dar ao trabalho de buscar no histórico grupos é de se estressar. Tudo bem que ao fazer isso, vai gerar grande confusão também porque se escreve muito mal, de forma fragmentada, sem fornecer informação que ajude a resolver as dúvidas. Estou chegando a conclusão de que não é a ferramenta usada. Seja um tipo ou outro, tem quem faça bobagem e subutilizam a ferramenta. Em 2 de julho de 2019 09:23:14 BRT, Gilberto F da Silva <2458...@gmail.com> escreveu: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >On Mon, Jul 01, 2019 at 11:08:32PM -0300, G. Felipe Pereira da Silva >wrote: >> Boa noite, >> >> Estou no grupo do debian Brasil no telegram. >> Tem-se como vantagem a praticidade/agilidade >> Contudo, não é organizado como uma lista e acredito que o >conhecimento fique >> restrito lá. > > Pelo menos, lá as respostas ficam embaixo das perguntas. > >- -- > >Stela dato:2.458.667,015 Loka tempo:2019-07-02 09:21:54 Mardo >- -==- >A filosofia é composta de respostas incompreensíveis para questões >insolúveis. >-- Henry B. Adams, historiador americano >-BEGIN PGP SIGNATURE- >Comment: +-+ >Comment: ! Gilberto F da Silva - ICQ 136.782.571 ! >Comment: +-+ > >iF0EARECAB0WIQR6BybJIKBLy3+8xXcnG6Ba0yEbDgUCXRtMrwAKCRAnG6Ba0yEb >DojnAJwO85CyXIBq0DvoDvRm6ua/Gpc80QCfULckZm7FxDPHJ7Hj9d8taTtyOTw= >=g7Dr >-END PGP SIGNATURE- -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade.
Re: please do *never* use GitHub for free software, was Re: Salsa vs Github
Mark Allums writes: > The onus is not on me to provide reasons. I simply asked for more > info. You initially asked for reasons; reasons were given. You haven't responded to those, from what I can see, and AFAICT they answer the initial reuest adequately. As best I can tell, a reasonable person would either be satisfied with what was presented, or have specific responses to rebut them. You can ask for more information; but if you have no specific response to the information already provided that shows why it's not sufficient to convince you, I don't see that anyone has an onus to provide more. -- \ “Try to learn something about everything and everything about | `\ something.” —Thomas Henry Huxley | _o__) | Ben Finney
Re: Lançamentos da Debian
Olá, Francisco Em 17 de maio de 2019 17:08:06 BRT, Francisco M Neto escreveu: >Boa tarde! > >Criei o primeiro de uma série (de provavelmente 2) posts sobre o ciclo >de >lançamentos da Debian. > Sua iniciativa é muito boa. Parabéns! >Eu adoraria receber comentários a respeito, principalmente se vierem de >alguém >com maior proximidade que eu à Debian. > Se contar a opinião de quem usa Debian há quase 15 anos, digo que seu texto é bem leve e tranquilo de ler. Algo desse tipo poderia estar na Wiki do Projeto. Meu apoio já tem. >http://fmneto.com.br/archives/2019/entendendo-os-releases-da-debian/ > >Abraços! -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade. Att, Qobi
Re: Programa para Ações
Olá. Não sei se lhe serviria, mas o GNU Cash é ótimo com finanças. Att, Em 17 de maio de 2019 13:18:55 BRT, riesdra escreveu: >Olá, > >Paulo, hoje eu uso libreoffice mas queria ver se existia algo >específico já, pois facilitaria muito. > >Rodolfo, sou um pequeno investidor, para mim hoje arcar com este custo >ficaria pesado pelo que tenho. > >Agradeço o retorno. > >-- >Ricardo Libanio > > > > > On Sex, 17 mai 2019 09:12:38 -0300 rof20...@gmail.com wrote > > >Sou programador, se quiser posso fazer um sistema pra você, porém só >avisando que cobro né. Se não conseguir achar algum open source(eu >realmente não conheço software para o que você quer, se não lhe >indicaria sem problemas) e tiver interesse, só me procurar. > > >Abs. > > >Rodolfo Azevedo > > >Em qui, 16 de mai de 2019 às 22:41, riesdra >escreveu: > >Olá, gostaria de saber se existe algum programa onde se possa lançar as >compras de ações e fiis brasileiros , para fazer custo médio e >acompanhar estoque das ações. > >Desde já agradeço a atenção de todos. > > >-- >Ricardo Libanio -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade.
Re: please do *never* use GitHub for free software, was Re: Salsa vs Github
Mark Allums writes: > On 5/17/19 2:28 AM, Dominik George wrote: > >> Please explain, in detail, why. > > https://mako.cc/writing/hill-free_tools.html > > https://www.adamhyde.net/another-good-reason-not-to-use-github/ > > https://www.mirbsd.org/permalinks/wlog-10_e20170301-tg.htm > > I'm not convinced, Give me more. If the above articles don't convince you, what would convince you that has not already been said? I'm sure you can appreciate that some people have unreasonable demands for being convinced, and no amount of persuasion is enough. Can you give an example of what reasonable presentation would be needed to convince you on this matter? -- \“Don't worry about people stealing your ideas. If your ideas | `\ are any good, you'll have to ram them down people's throats.” | _o__) —Howard Aiken | Ben Finney
Re: Configure your PC to contribute to Debian community
Ian Jackson writes:
> Vipul writes ("Configure your PC to contribute to Debian community"):
> > Is there a way to get isolation for work & contribution purpose to
> > keep yourself organized? I can get isolation by using Docker image
> > or install one more copy of Debian in PC and switch between them but
> > that would be painful. I want to hear from contributors &
> > maintainers Which method they are using or prefer to get isolation?
>
> schroot is a utility to help you work with chroots.
> sbuild is the build tool.
>
> To make a chroot you can use sbuild-createchroot or, err, I forget
> what it's called, schroot-buildd-setup or something ? Maybe someone
> else will pop up with the answer.
The relatively new ‘sbuild-debian-developer-setup’ package installs a
command of the same name, which I found significantly simplifies setting
up a sufficiently-isolated standard Debian package build environment.
--
\ “Do unto others twenty-five percent better than you expect them |
`\ to do unto you. (The twenty-five percent is [to correct] for |
_o__)error.)” —Linus Pauling's Golden Rule |
Ben Finney
Re: Can't install addons for firefox
On 05/05/2019 10:52, Ben Caradoc-Davies wrote: Setting about:config / xpinstall.signatures.required to false fixed extensions for me for firefox 66.0.1-1 amd64 on Debian sid and for Firefox 66.0.2 on Android. I needed to restart Firefox on Debian. Seems fixed in firefox 66.0.4-1 on Debian sid and firefox 66.0.4 on Android: extensions continue to work after restoring the default about:config xpinstall.signatures.required setting (true). Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Can't install addons for firefox
On 05/05/2019 21:30, Dave Sherohman wrote: On Sun, May 05, 2019 at 10:52:56AM +1200, Ben Caradoc-Davies wrote: Setting about:config / xpinstall.signatures.required to false fixed extensions for me for firefox 66.0.1-1 amd64 on Debian sid and for Firefox 66.0.2 on Android. I needed to restart Firefox on Debian. When I tried that yesterday, it allowed extensions to be reinstalled (yes, I was one of those who tried to fix this problem by uninstalling and reinstalling my extensions), but not all plugins actually worked in this state. Most notably, NoScript displayed no icon on the toolbar (just a blank space with a tooltip) and did not appear to actually do anything. Its settings were also inaccessible, both through the (missing) popup menu and via the list of installed add-ons (in which case I got a blank grey page with an endless "loading" spinner animation). Based on this, it appears that xpinstall.signatures.required may be no more than a partial solution. (Although it's also possible that something may have been broken in the uninstall/reinstall process.) My prexisting NoScript installation works correctly after setting xpinstall.signatures.required to false, including Add On preferences page and toolbar icon. I did not uninstall/reinstall. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Can't install addons for firefox
Setting about:config / xpinstall.signatures.required to false fixed extensions for me for firefox 66.0.1-1 amd64 on Debian sid and for Firefox 66.0.2 on Android. I needed to restart Firefox on Debian. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: System warning that "/var" is almost full
Esteban L writes: > >From command line: /var# du -h --max-depth=1 > 1.8G ./lib > 4.0K ./local > 2.7M ./tmp > 16K ./lost+found > 44K ./snap > 6.3G ./cache > 4.0K ./opt > 56K ./spool > 4.0K ./mail > 8.2M ./backups > 139M ./log > 8.2G . > > So, my backups seems to be causing the main issue, followed closely by > the cache. I don't know whether you have different output, but by my reading, ‘backups’ (8.2MiB) is significantly smaller than ‘lib’ (1.8GiB) which is smaller again than ‘cache’ (6.3GiB). You can see them sorted by size with: $ du --max-depth=1 /var | sort --numeric-sort The ‘-h’ (‘--human-readable’) is useful as its name implies; but it has the disadvantage of being difficult to visually compare between lines. Better to use absolute numbers if you want to compare accurately. -- \ “'Tis strange, — but true; for truth is always strange; / | `\Stranger than fiction.” —“Lord” George Gordon Noel Byron, _Don | _o__) Juan_ | Ben Finney
Emacs without knowing any Lisp (was: text editors)
deloptes writes: > I've been there exactly 17y ago. I still have no idea where lisp is used > except in Emacs and some exotic projects, so being pragmatic ... good for > you who know emacs - for the rest good that you do not know emacs. I've been a happy and productive Emacs user for more than 17 years and still don't edit any Lisp. It just isn't necessary to get things done. (I hear the Atom text editor is implemented in JavaScript; that doesn't imply JavaScript knowledge is needed to use Atom.) With that knowledge, hopefully more people can explore using Emacs https://tuhdo.github.io/emacs-tutor.html>. -- \ “The good thing about science is that it's true whether or not | `\ you believe in it.” —Neil deGrasse Tyson, 2011-02-04 | _o__) | Ben Finney
Re: text editors
mick crane writes: > Is there any text editor, preferably in a terminal that has the > facility to protect lines in the document, not the document itself ? If by “protect” you mean “prevent editing these lines but not others”, no I think that's not a feature of any editor I know. You can achieve some protection by temporarily *hiding* lines you're not wanting to edit. Vim has “folding” (hiding a set of lines). Emacs has “narrow&"9 to see nothing *but* a specific range of lines. > I've got 2 blocks of "code" that look similar and I keep editing the > wrong one and then it doesn't work. I would use Emacs “narrow” commands for that; quickly narrow the focus of the editor to only show me the area I'm meaning to edit, then easily widen the range when I need to. -- \ “Ridicule is the only weapon which can be used against | `\ unintelligible propositions.” —Thomas Jefferson, 1816-07-30 | _o__) | Ben Finney
Re: Recover deleted files on LVM volume
Hans writes: > Maybe "scalpel" or "foremost" may help. I will try ‘scalpel’ soon. The ‘foremost’ documentation leads me to believe it wants to dump a whole lot of stuff somewhere. I don't want that (the files should be restorable in-place, if at all; that's what ‘testdisk’ did the last time I used it successfully). -- \ “Try to learn something about everything and everything about | `\ something.” —Thomas Henry Huxley | _o__) | Ben Finney
Re: Recover deleted files on LVM volume
Reco writes: > But you don't need "testdisk", you need "photorec". Which Debian package do I install for that? $ aptitude search photorec $ echo $? 1 -- \ “I have a map of the United States; it's actual size. It says | `\‘1 mile equals 1 mile’. Last summer, I folded it.” —Steven | _o__) Wright | Ben Finney
Re: Using USB Flash / Pendrives or [micro]SD cards for backup
On 19/03/2019 02:30, rhkra...@gmail.com wrote:
Is anyone (reading this list) using USB Flash / Pendrives or [micro]SD cards
for backup?
I've thought about doing that, especially as they continue to come down in
price, but my experience with them at least in some cases has not been good.
The worst case seems to be dash cams where, after about a year or so they just
stop working, but I've had at least one similar case using them for data
storage.
I have six 16 GB ext4-formatted USB 2 flash drives of two models that I
rotate for daily local backups. Each backup is about a 3 GB
gzipped-gpged-gzipped-tar file, so the write pattern is large sequential
writes. The outermost zero-compression gzip ("pigz -0") allows a keyless
32-bit checksum test with any gzip implementation. Each thumb drive
contains no more than three backup files at a time. All are
checksum-tested after each backup.
I have been using these drives for at least five, and perhaps more than
seven years. My rough estimate is that I have written around 60 times
their capacity to these drives. I have had one drive fail, about five
years ago.
My rules for USB flash backup are: (1) nothing gets written to USB
without first being encrypted because failed drives cannot be erased
without physical destruction, and (2) nothing gets written to USB
without a checksum because USB drives are unreliable and will happily
and silently corrupt data.
Redundancy and the expectation of drive failure will reduce
inconvenience when it occurs. And it will. But you have to be able to
detect it.
I also have offsite backup in the cloud with the same encryption and
integrity measures (plus cloud encryption), and retention of longer-term
archival backups. Now that I have gigabit fibre, offsite backup is
faster than local.
Kind regards,
--
Ben Caradoc-Davies
Director
Transient Software Limited <https://transient.nz/>
New Zealand
Recover deleted files on LVM volume
Howdy all, How can I recover files deleted on a ext4 volume, in a logical (LVM) volume? I accidentally deleted a tree of directories and files, after completing a move of those files from elsewhere :-( In the past I have successfully used ‘testdisk’ to discover and recover deleted files. However when I try now, the tool apparently gets confused that there's no partition table. The “Advanced” menu item normally leads to a filesystem browser of deleted files. On this (still quite happily working) LVM volume though, ‘testdisk’ complains that it can't find any partitions. Should I be using ‘testdisk’ in a different way because this is an LVM logical volume? Should I be using some other tool to recover a tree of deleted files? -- \“The right to search for truth implies also a duty; one must | `\ not conceal any part of what one has recognized to be true.” | _o__) —Albert Einstein | Ben Finney
Re: ssh policy change in new stretch??
On 08/03/2019 12:12, Long Wind wrote: i run command below and it work in early debian: ssh zhou@192.168.1.3 but new stretch says: ssh: connect to host 192.168.1.3 port 22: Connection refused what should i do? Thanks! Has the server also been upgraded to stretch? Is sshd running on the server? Is there a firewall on the server? Try: ssh -vvv zhou@192.168.1.3 to see the full connection attempt. You can also check whether the port is open with (on the client): nmap -p 22 192.168.1.3 Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
NetworkManager with VPN for internet, not local LAN
Howdy all, How can I convince NetworkManager that a specific VPN is to be used only for traffic outside the local network, whatever that local network happens to be? I have an external VPN service that I use to avoid surveillance and censorship, both within organisations (like an employer or a café) and within my home country that mandates our ISPs spy on their behalf. So when I'm connecting to the various networks my notebook computer finds itself in, I want to connect to that VPN and have all internet traffic go through that VPN. Simultaneously, any addresses on the local LAN should *not* be routed through that VPN, because those local addresses are not routed outside the local network. What do I need to do in the NetworkManager VPN configuration, to ensure that when I've enabled that VPN it will apply to internet addresses but not local non-routable LAN addresses? Bear in mind that those LAN addresses can change dynamically as I move the computer to a different network, yet the VPN configuration should remain the same. -- \“You don't change the world by placidly finding your bliss — | `\you do it by focusing your discontent in productive ways.” | _o__) —Paul Z. Myers, 2011-08-31 | Ben Finney
Re: [debian-br] Proposta para renoemar as listas *-portuguse para *-brazilian até 31/10/18
Mudar o que não precisa ser mudado? Em tempo pra nos unirmos e não nos separarmos. Qobi -- Enviado de meu dispositivo Android com K-9 mail. Desculpe-me pela brevidade.
GnuBee: freedom-respecting Network Attached Storage (was: Please Recommend Affordable and Reliable Cloud Storage for 50 TB of Data)
Andy Smith writes: > If all you require is access to your data when you are out and about, > and you do currently have always-on Internet at home, you could build > a cheap server, attach your existing USB storage to it, and serve it > with owncloud or something. This sometimes goes by the (IMO stupidly misleading) name of “personal cloud”, but “cloud” is a useless word for all of this. It's simply an always-on server for file storage and maybe some other services. When the primary purpose is network-attached file storage, as the original poster is requesting, the term to search for is Network Attached Storage (NAS). In other words, it's what used to be quite normal for many people, before the internet was centralised :-) and is a great step to re-decentralising the net [0]. One downside is, as pointed out earlier, you must (yourself, or convince someone else to) take on the job of system administrator for your network. There is a good free-software-respecting hardware solution for building a bare-bones server for running at a home or small office, the GnuBee https://www.crowdsupply.com/gnubee/>. It runs a full-blown GNU+Linux operating system under your full control, so you could set it up to also run services along the line of nextCloud or the like. [0] https://www.economist.com/special-report/2018/06/28/how-to-fix-what-has-gone-wrong-with-the-internet> https://www.wired.co.uk/article/tim-berners-lee-reclaim-the-web> -- \ “Every valuable human being must be a radical and a rebel, for | `\ what he must aim at is to make things better than they are.” | _o__) —Niels Bohr | Ben Finney
Using a VPN to bypass surveillance and censorship (was: how to find out video memory size?)
Long Wind writes: > google is blocked in china, and i can't use it to find answer It appears DuckDuckGo (a much more freedom-respecting search engine) is also blocked in China. This article discusses using a VPN to bypass surveillance and censorship https://www.comparitech.com/privacy-security-tools/blockedinchina/duckduckgo/>. -- \ “Natural catastrophes are rare, but they come often enough. We | `\ need not force the hand of nature.” —Carl Sagan, _Cosmos_, 1980 | _o__) | Ben Finney
Re: How to file a proper bug report
t.j.duch...@gmail.com writes: > I spend most of my time working on Windows, so debugging Linux will be > something new. Thanks for helping me on that! If you don't mind, > I'll post back on what I find so I can do this the right way. You're welcome here to ask about using Debian, especially since you already have a motivation to help the Debian Project make it better :-) -- \ “Speech is human, silence is divine, yet also brutish and dead: | `\ therefore we must learn both arts.” —Thomas Carlyle, 1830 | _o__) | Ben Finney
Re: How to file a proper bug report
t.j.duch...@gmail.com writes: > I have a user question on how to file a proper Debian bug report under > certain circumstances. Thank you for taking the care to find out what information is needed for a good bug report. Your specific use cases seem to involve non-free software (Steam games are, I assume, non-free in general, though there may be some exceptions) so that makes it particularly difficult to diagnose problems. If there are reproducible behaviours, it can be helpful to run the program under ‘strace’ and reproduce the behaviour, to get an extremely verbose log of system calls being made at the time when the behaviour occurs. When that is reproducible, it might be helpful to have two separate ‘strace’ log outputs: one from the environment where you don't get the buggy behaviour, one where you do. -- \ “If we don't believe in freedom of expression for people we | `\ despise, we don't believe in it at all.” —Noam Chomsky, | _o__) 1992-11-25 | Ben Finney
Re: Installer can't find network interface on Intel NUC BOXNUC8i3BEH1
On Wed, 2019-02-13 at 16:17 -0500, Laurent Dumont wrote: > I'm not sure if it's the exact same case but I had the same issue with a > more recent motherboard. Debian failed to detect the network card with the > E1000 drivers. > > I tried an iso with the non free repo without success. > > A base Ubuntu iso install was able to detect and configure the network > driver. > > I'll see if I can find the adapter version. It was an Intel based adapter. [...] Unfortunately the various chips supported by e1000e are all subtly different and each new chip seems to need extra code in the driver. Debian 9 still has Linux 4.9 and we haven't backported those driver changes. There is supposed to be an optional installer build that uses a newer kernel version, but that hasn't officially happened yet. At this point you might be better off using the alpha release of the installer for Debian 10 "buster". Ben. -- Ben Hutchings When in doubt, use brute force. - Ken Thompson signature.asc Description: This is a digitally signed message part
Re: Can a recipients rights under GNU GPL be revoked?
rhkra...@gmail.com writes: > […] I believe that the original author of a package could do something > like create further modifications to the code and create a non-free > version of the code. Yes. The _Copyleft and the GNU General Public License_ guide https://copyleft.org/guide/> addresses that possibility: The GPL is irrevocable in the sense that once a copyright holder grants rights for someone to copy, modify and redistribute the software under terms of the GPL, they cannot later revoke that grant. Since the GPL has no provision allowing the copyright holder to take such a prerogative, the license is granted as long as the copyright remains in effect. The copyright holders have the right to relicense the same work under different licenses […], or to stop distributing the GPLv2’d version (assuming GPLv2 §3(b) was never used), but they may not revoke the rights under GPLv2 already granted. In fact, when an entity loses their right to copy, modify and distribute GPL’d software, it is because of their *own actions*, not that of the copyright holder. The copyright holder does not decide when GPLv2 §4 termination occurs (if ever); rather, the actions of the licensee determine that. https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-510007.1> So, the copyright holders can make new releases without granting GPL freedoms. But they have no way to revoke the GPL freedoms already granted to a person in a specific past release of the work. -- \“Fascism is capitalism plus murder.” —Upton Sinclair | `\ | _o__) | Ben Finney
Re: Can a recipients rights under GNU GPL be revoked?
rhkra...@gmail.com writes: > […] I believe that the original author of a package could do something > like create further modifications to the code and create a non-free > version of the code. Yes. The _Copyleft and the GNU General Public License_ guide https://copyleft.org/guide/> addresses that possibility: The GPL is irrevocable in the sense that once a copyright holder grants rights for someone to copy, modify and redistribute the software under terms of the GPL, they cannot later revoke that grant. Since the GPL has no provision allowing the copyright holder to take such a prerogative, the license is granted as long as the copyright remains in effect. The copyright holders have the right to relicense the same work under different licenses […], or to stop distributing the GPLv2’d version (assuming GPLv2 §3(b) was never used), but they may not revoke the rights under GPLv2 already granted. In fact, when an entity loses their right to copy, modify and distribute GPL’d software, it is because of their *own actions*, not that of the copyright holder. The copyright holder does not decide when GPLv2 §4 termination occurs (if ever); rather, the actions of the licensee determine that. https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-510007.1> So, the copyright holder can make new releases without granting GPL freedoms. But they have no way to revoke the GPL freedoms already granted to a person in a specific past release of the work. -- \“Fascism is capitalism plus murder.” —Upton Sinclair | `\ | _o__) | Ben Finney
Can a recipients rights under GNU GPL be revoked?
Howdy all, Recently in this forum, some concerns have been raised about works covered by GNU GPL. In particular, whether a recipient of a work, received under conditions of the GNU GPL, can have the freedoms of the GNU GPL later withdrawn in that same work. To reassure those who might worry whether they can reply on the freedom granted in a work, it is worth reading the GNU FAQ document for the GNU GPL at the Free Software Foundation: [For any GNU GPL-licensed work,] the public already has the right to use the program under the GPL, and this right cannot be withdrawn. https://www.gnu.org/licenses/gpl-faq.en.html#CanDeveloperThirdParty> The same answer is in the FAQ specifically for the GNU GPL version 2.0 https://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#CanDeveloperThirdParty>. You can read more in the Software Freedom Conservancy's document _Copyleft and the GNU General Public License: A Comprehensive Tutorial and Guide_, specifically in §7.4 “GPLv2 Irrevocability”. That concludes: Whether as a matter of a straightforward contractual obligation, or as a matter of promissory estoppel, a contributor’s attempt to revoke a copyright license grant and then enforce their copyright against a user is highly unlikely to succeed. https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-540007.4> In other words: Any copyright holder can *say* they wish to retroactively revoke the GNU GPL to some party. However, unless that party has violated the conditions of the GNU GPL grant they originally received, there does not appear to be any enforcible threat of revocation that would succeed. I hope these, along with the many court cases world-wide that have tested the GNU GPL and found it to be enforcible, can reassure those considering whether a particular copyright holder's whim can revoke the freedoms guaranteed in a GNU GPL-covered work. I'd say there's nothing to worry about from those threats. -- \ “I distrust those people who know so well what God wants them | `\to do to their fellows, because it always coincides with their | _o__) own desires.” —Susan Brownell Anthony, 1896 | Ben Finney
Re: Why popular sites are looking ugly
On 24/01/2019 01:07, Marek Mosiewicz wrote: After some experiments with dpkg-reconfigure fontconfig-config it seems that the issue is with native/autohinting option. Seems that Debian uses Dejavu fonts which looks better with native. I use manually hinted fonts, including Liberation Sans and DejaVu Sans Mono, with full greyscale hinting at 96 dpi. I do not like the rendering of these fonts with the automatic hinting of the new v40 TrueType interpreter, which is the default in FreeType 2.7 or later: https://www.freetype.org/freetype2/docs/subpixel-hinting.html I enable the old v35 interpreter everywhere by default with the following in /etc/environment: FREETYPE_PROPERTIES=truetype:interpreter-version=35 The new interpreter is supposed to have better results with MS fonts, so this may not fix your problem. For lovingly hand-hinted fonts on low DPI screens (mine is physically about 82 dpi (27" 1080p)), the old interpreter might be worth a try. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Log in details
On 12/01/2019 16:05, Johndy Laviña wrote: Hi, May I know what is the login and password for Debian GNU / Linux 9? Thanks Live or installed? For Debian Live, the login is "user" and password is "live". You will need these if you lock the screen. To get root, open a terminal and use use "sudo -i". For installed Debian, login and password are set at install time. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Looking for advice on tools (or libraries) for unsupervised, bulk symmetric encryption/decryption of files
On 10/01/2019 03:05, Kynn Jones wrote: The only encryption tool I have used for encrypting files on my hard drive is gpg2, which I have used for small, interactive encryption tasks (half-dozen files, at most). Therefore, my initial attempt was to use gpg2 for this new bulk-encryption task, but I found myself constantly fighting with it, and finally had to recognize that I was trying to use gpg2 for something it is not primarily designed for. (I am also a bit concerned with gpg2's future stability. AFAICT, It's design has varied significantly over the years, and as a result there's a lot of confusion on its use. That has been my experience, in any case.) I use a pipe with gpg2 as one component for symmetric encryption: gpg --batch --symmetric --cipher-algo AES256 --s2k-digest-algo SHA512 --compress-algo none --passphrase-file $PASSPHRASE_FILE My pipe input is usually a tar file gzipped with pigz for parallel compression, hence the "--compress-algo none". I then add another "pigz -0" wrapper to get a cryptographically weak checksum to allow testing for media failures without the passphrase. I like tar because it preserves file metadata and filesystem structure and is a very stable format. Other formats may be better for random access. Recently I used gpg2 to decrypt files that were encrypted over 15 years ago; note that these were much smaller files and a simpler invocation of gpg1 (the then default cipher was CAST5 IIRC). The gpg file format seems well-documented and stable. Regular decryption tests are prudent to catch problems after gpg upgrade. Yes, the new interactive predilections of gpg2 were a pain at first when compared to gpg1, but "--batch" and "--passphrase-file" seem sufficient for batch symmetric encryption, if you do not mind your passphrase being in plain text on your filesystem. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: ot: of a sort, alternative news collection sources?
Karen Lewellen writes: > If not, does anyone know of an alternative source that provides a > collection of news stories from various outlets in one place? Does collaboratively-edited publishing meet the need? Anyone can contribute, and articles are written collaboratively for a global audience. We strive at all times to meet the policy of writing and reporting from a neutral point of view, ensuring our reporting is as fair as possible. Furthermore, everything we write is cited, to maintain the highest standards of reliability. https://www.wikinews.org/> -- \ “As I bit into the nectarine, it had a crisp juiciness about it | `\ that was very pleasurable — until I realized it wasn't a | _o__) nectarine at all, but A HUMAN HEAD!!” —Jack Handey | Ben Finney
Re: do you find old firefox is better than new one?
Long Wind writes: > i have 52.9.0 and 45.9.0, both for stretch > new one often becomes unresponsive, Which one of “52.9.0” and “45.9.0” is the “new one”? Or do you mean some other version? Have you tried versions later than “52”? Debian Buster now has ‘firefox-esr’ version “60.4.0esr-1”. How does that change the behaviour for you? > and i have to close it and restart it This happened for me quite often, because many of the Firefox extensions were not compatible with Firefox 60. So, some of the extensions which formerly blocked garbage from many internet sites – malware like advertising and trackers – resumed when I visited sites, so many of my tabs would contain malware that quickly crippled the performance of the browser. After installing newer, compatible extensions (NoScript 10, uMatrix, uBlock Origin) and restarting the browser, that malware ceased, and my browser is now happily fast again. > i can't describe it in more details or reproduce problem If you can answer some of the questions above, that might help us understand better the behaviour you are describing. -- \ “For your convenience we recommend courteous, efficient | `\self-service.” —supermarket, Hong Kong | _o__) | Ben Finney
Re: do you find old firefox is better than new one?
On 17/12/2018 06:35, dekkz...@gmail.com wrote: On 12/16, Long Wind wrote: i have 52.9.0 and 45.9.0, both for stretch new one often becomes unresponsive, and i have to close it and restart it New FF is for me by far the better, quicker and far better memory use. Firefox 63 and 64 have been good for me. Earlier 60s seemed to have slow startup but this might have been because of plugins that have now been improved. I have not experienced any hangs or resource problems, and I use many windows and tabs. I use NoScript and Adblock Plus, which reduce resource consumption. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: question about usb socket on front panel
On 12/12/2018 14:04, Long Wind wrote: sorry! this question isn't linux specific there are two usb sockets on front panel of pc casethey appear same, but really are notwireless mouse can only be connected to one of them could you tell me their difference? Thanks! Bad connection on one port? USB front ports are often connected to the motherboard by a pair of internal cables. A bad connection would prevent the mouse from working. This could be caused by a flipped internal connector, loose connection, or bad cable. A flipped connection can prevent booting by shorting 5V to ground. Do other USB devices work on the port that does not work with the mouse adapter? Sometimes USB ports differ by speed (blue for USB 3, black for USB up to 2), or permit USB charging (lightning bolt symbol, supports higher current). Neither should affect a wireless mouse, because it is a low speed device, unless the mouse adapter just will not work with a hub at using a particular specification. The hub is internal and typically on the motherboard. The front USB ports I have seen are connected to the same hub so I would expect both to work or neither. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Interphone with SIP-Protocol
On 18-11-29 05:48:03, Dan Ritter wrote: Michelle Konzack wrote: Because my Portal is in a distance of 60m from the Serverbunker and I do not like to install a seperated earth cable, I am now searching for an IP/SIP based Interphone. Best would be with Video. Has someone experience with it and can suggest me a product? Note 1: We have currently -10°C on the Farm and it can go down until -30°C (some years ago it was for one day -39°C), which increase the requirements on the Interphone. Note 2: In 2017/2018 i used a Banana PI at a Sidele Interphone, but the BPI gaved up at -5°C and the Siedele at -20°C. By "Interphone", do you mean a local voice and/or video system that doesn't connect to the general Internet? Based on another reply, I think they meant an intercom/doorbell system. The sort of thing that sits on an outdoor wall. If it's SIP based then I presumed a local PBX, but I might be wrong. I would suggest building a small insulated box to hold your electronics, along with an incandescent lightbulb to provide both light and heat. If I guessed right, I agree with you! There's not much out there that will go down to -30C without some sort of heating element. signature.asc Description: PGP signature
Re: Interphone with SIP-Protocol
On 18-11-29 10:27:49, Michelle Konzack wrote: Note 1: We have currently -10°C on the Farm and it can go down until -30°C (some years ago it was for one day -39°C), which increase the requirements on the Interphone. Quite an interesting issue. I would probably go down the route of a 'tough' Android phone with a SIP app like linphone. I have used 'runbo' phones before and they were good. Not sure about the temperature specs though. Just an alternative idea for you to think about. signature.asc Description: PGP signature
Re: Looking for a "friendly" e-mail service
On 18-11-26 21:12:19, Celejar wrote: On Mon, 26 Nov 2018 09:37:21 -0500 Mark Neidorff wrote: ... Now, I don't like the webmail interfaces and the limited storage for old Limited storage? Who - big or small player - offers unlimited storage for old emails? My suggestion [0] (a 'small' player) does! [0] https://www.migadu.com/ signature.asc Description: PGP signature
Re: Looking for a "friendly" e-mail service
On 18-11-26 09:37:21, Mark Neidorff wrote: If you know of an e-mail service that allows me POP3 and SMTP connections would you please post it in a reply. I recommend and use https://www.migadu.com/ They do have a webmail but they focus mainly on providing a simple email service. They have good docs on getting DNS set up, and a pretty simple management interface for handling accounts etc. Been with them for 1 year now and I'm very happy with it. signature.asc Description: PGP signature
Re: portable CD players
On 18-11-10 06:11:34, mick crane wrote: Does anybody know about these portable CD players like Sony Discman ? On the PC I "play stories.m3u" where "stories.m3u" is just a list of mp3 files from librivox.org If I put them on a CD will Discman play them, with a menu selection ? Are they ATRAC or something ? Any particular format needed ? Any recommendations for CD player ? mick FWIW There are CD players out there that support MP3, if you really have to go with CD. https://www.amazon.co.uk/gp/product/B019J4N5DQ/ You can put MP3s directly onto the disc and play them. This allows you to fit a lot more music on. However, it's less versatile because _every_ CD player you want to use with the disc also has to support MP3. Just something to consider. signature.asc Description: PGP signature
Re: Reverting firefox-esr upgrade in Buster
On 09/11/2018 03:53, Cindy-Sue Causey wrote: But... bank account STILL does not work... It yelled javascript was not enabled and basically*almost* KICKED me out IMMEDIATELY because it wasn't available. Which led to me sitting here thinking... I THOUGHT javascript was security issue prone to the point folks are trying to wipe it from the Net. So WHY is a bank so dependent on it that my bank's website almost seemed to freak that javascript wasn't available??? I use and recommend Firefox with NoScript. Recent NoScript supports WebExtensions, with a new user interface. NoScript blocks JavaScript by default and protects you from a range of threats even for origins from which JavaScript is permitted. With NoScript, you can selectively enable JavaScript for those sites that you trust. I also use Adblock Plus because ads are a known delivery mechanism for malicious content. The combination of NoScript and Adblock Plus has the side benefit of making we browsing much faster. If you are paranoid, you can use a dedicated Firefox profile for your internet banking. If you are super-paranoid, you can run Firefox on a dedicated virtual machine. A freshly booted non-writeable live image for each banking session will prevent malicious state from being persisted on the client VM. As long as the host machine has not been compromised, in which case all bets are off. I like web sites that fail gracefully when JavaScript is disabled. Unfortunately, JavaScript Single Page Applications (SPA) are a plague on the internet. I prefer RESTful architectures. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
Re: Removing firefox-esr also removes gnome
On 06/11/2018 08:37, Reco wrote: Seems like other browsers like Iceweasel are just arbitrarily left out. It's been two years since they discontinued Iceweasel. Iceweasel was just Debian's Firefox rebranded to address trademark and logo licensing issues <https://en.wikipedia.org/wiki/Mozilla_software_rebranded_by_Debian#Iceweasel>. In June 2016, the iceweasel package was replaced with the firefox-esr package. Kind regards, -- Ben Caradoc-Davies Director Transient Software Limited <https://transient.nz/> New Zealand
