Zoom conferencing
(I hope no one gets upset about double posting debian and ubuntu users lists.) Questions about zoom -- www.zoom.us Anyone using it? Issues? Known reasons they don't put it in the general repositories?
Re: Get the external IP address from a Linux box
(Erk. Sorry, Joe.) On Thu, May 24, 2018 at 6:29 PM, Joe wrote: > On Thu, 24 May 2018 08:13:54 +0100 > André Rodier wrote: > >> On Thu, 2018-05-24 at 09:07 +0200, Alberto Luaces wrote: >> > Joe writes: >> > >> > > On the assumption that you are using a router of some kind, your >> > > public >> > > IP address will be that of the router WAN port (cable, ADSL, etc.) >> > > and >> > > there will be a method of determining that by connecting to the >> > > router >> > > as an administrator. That method will depend entirely on the >> > > router. >> > >> > If the router supports upnp and it is activated, you can check the >> > external IP in an device-independent way with >> > >> > upnpc -l | grep ExternalIPAddress >> > >> >> Thank you, finally an answer that make sense and is not pedantic. Two people have already tried to point out that UPNP is vulnerable by design. If you have any interest in your local security, your router to the outside should simply not respond to UPNP at all. Block/ignore UPNP at every interface, internal and external, on your external router, at bare minimum. This is not pedantry, this is trying to save you from being attacked from your inside. > How is it possible to avoid being pedantic? You told us nothing about > your Internet connection, or Debian version, so we had to guess at what > information you actually wanted and which device to ask. > >> I tried this, but it is not 100% reliable. For instance, with the >> firewall / router I use, upnp id not activated. I suppose I will have >> to write a custom python script. > > So presumably it isn't your computer's external address that you want, > but that of your router. I was a bit surprised to see upnp mentioned, I > thought it was only game-players who were willing to run that, and > Debian would not be their OS of choice. > > From (not recent) experience of talking to routers, you may have telnet > or ssh available, otherwise it's an http admin login, followed by one or > two router-specific commands. You might be lucky, and the default > router status page without login may contain the WAN address. > > A couple of lines of bash should do it: use curl, and you'll probably > have to provide the admin password, so the script should probably be > stored in /root. My routers in years gone by used to need an occasional > reboot, so I had a script running every ten minutes to check multiple > websites for connectivity, and if none were found, to issue a reboot > command. What Joe says here. I had ten or twenty lines of moderately careful code in a two hundred-line perl script I used to update my dyndns.com domain name back before dyn.com decided they had to kick all the freeloaders like me off. Resolution to *some* domain name really ought to be part of an ISP's basic package, but the Internet got taken over by the poachers. -- Joel Rees http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: no /etc/inittab
2017/08/15 1:05 "Brian" <a...@cityscape.co.uk>: > > On Mon 14 Aug 2017 at 13:22:45 +0200, Nicolas George wrote: > > > Le septidi 27 thermidor, an CCXXV, Pierre Frenkiel a écrit : > > > I just wanted to know why the Debian wiki is not updated, 2 months after the Stretch release. > > > > Jessie also used systemd, so that is more two years than two months. > > > > The answer to that question is simple: it is a wiki, it has not been > > updated because you did not update it. Me neither. Please proceed. > > That looked to be a five minute job. Replace the "Overview" section > with the single line "The system initialization process is handled > by systemd" and delete all the links except the one to init(1). > > That's until you get to thinking what the purpose of the page is and > look at where it is linked from and what has to be done to make all > the parts form a coherent whole. I wonder if you will now begin to recognize why the forced universal upgrade to systemd was a thoroughly ill-conceived bit of social engineering. -- Joel Rees http://reiisi.blogspot.com
Re: Yes you have standing to sue GRSecurity.
On Mon, Jul 31, 2017 at 5:01 PM, <to...@tuxteam.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Mon, Jul 31, 2017 at 09:23:06AM +0200, deloptes wrote: > > [...] > >> Recently I found out that when ideology stands higher than pragmatics the >> whole thing affected dies ... numerous examples like communism or democracy >> in our modern understanding. > > This is so... unpragmatic that it could itself be called an ideology. Precisely. We can only do what we can, and part of what we can do is educate ourselves. If we don't educate ourselves, we end up being able to do less. Getting depressed at the real world is also not going to help us do what we can. And that's the way the world has been for as long as I've been alive, and, near as I can tell, for as far back as we have history. > best > - -- t And I'll echo that. Best. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Yes you have standing to sue GRSecurity.
On Mon, Jul 31, 2017 at 3:33 AM, deloptes <delop...@gmail.com> wrote: > Nicolas George wrote: > >> How do you know you can trust that "legal clarification" better than >> what any of us could have written? I do not have any legal training, and >> I know approximatively what is written in the first message, but you >> would be wrong to take my opinion at face value. >> >> Have you checked « ni...@redchan.it »'s credentials as an attorney? >> >> Regards, > > Why do you think I trust you or him? I mean - every one can put forward a > proposition. The statement was clear and from argumentative point of you > OK. It was definitely informative. I do not take it as granted but as a > fair stand point - same as your statement. > > There is a lot the community could do, but it spends time being and arguing > about political correctness and trying to bring all parties together > etc ... if those guys are too far right, you are too far left - IMO. > > regards One thing that might be worth saying here: Partial truths are sometimes more damaging than outright lies. Specifically, GRSecurity is, in fact, misusing the GPL in a way which we do not want to see becoming common. This is the part the troll is quite willing to tell. What the troll is not telling is that they are doing so in response to certain parties who are in flagrant violation of the GPL, specifically regarding their (GrSecurity's) contributions. (And have a record of other, more general violations.) Since the original offenders seem to be more willing to throw lawyers and legal filings at the problem than simply come into compliance regarding their use of GRSecurities patches, I would question the motives of the trolls. Frankly, the large corporations who are doing this with GRSecurity have no logical reason to be so recalcitrant. The old expression, "Cutting off their noses to spite their own faces," seems to apply. If the patches are useful, they should be willing to support the source of the patches. And if the patches are useful, they should be willing to help their customers keep their firewalls and other infrastructure equipment up-to-date. We may not support GRSecurity's questionable methods, but we may well decide we should boycott the companies who induced GRSecurity's stance. If you want to know who those companies are, you can find out pretty quickly by searching the web. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: From dual- to single-boot
On Tue, Jul 25, 2017 at 2:40 PM, solitone <solit...@mail.com> wrote: > On Tuesday, 25 July 2017 14:25:59 CEST Joel Rees wrote: >> Can you boot without the Mac OS partition? > > I'm using grub to boot debian. > > To boot MacOS, I need to press the option key (⌥) to start up to Apple's > Startup Manager, rather than grub. Startup Manager allows me to choose the > MacOS partition, and boot that one. The reason I ask is that, at least in the past, at least in some configurations, you needed a bootable Mac partition to boot anything else. And it might be easy to forget if you had such a setup and had not been using Mac OS for a while. Just one more thing to check. Personally, I've been bitten by a botched partition move in the past, so I'd tend to avoid moving partitions anyway, if not using LVM. And if I needed the extra 20G, I'd be foreseeing needing more pretty soon, so I'd be planning on buying a second drive pretty soon. Or I could delete the Mac OS partition (after backing anything important up, of course) and make sure it still boots after formatting the partition for Linux. If it doesn't it will be much easier to re-install the Mac OS and necessary boot stuff before you try anything fancy. Then, instead of moving partitions around, I'd look for what needs the extra space, and mount the former Mac OS partition there. For instance if it's space for backups, mount the partition as /backup2/ or /home/sharedbackup/ or something. Or, if I could wait, I'd hold things off until I upgrade to a new version, and restructure my drive(s) while doing the upgrade. LVM helps avoid botching things when you move things and resize a lot, and it has better recovery options than when you move things with a partition editor, so if you think you might be moving things around a lot, you should look into LVM, as someone else has already suggested, either with a second drive or when you back up your data and re-install from scratch on your next upgrade. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: From dual- to single-boot
On Mon, Jul 24, 2017 at 11:13 PM, solitone <solit...@mail.com> wrote: > I never use MacOs, so I want to just keep debian, so at least I'll put its 22 > GB space to better use. I used to keep it just for some sporadic firmware > update, but frankly I don't think I'll need this again in the future. Can you boot without the Mac OS partition? > The issue is that MacOs is at the start of the disc: > > ~$ > ~$ sudo /sbin/parted /dev/sda print > Model: ATA APPLE SSD SM0128 (scsi) > Disk /dev/sda: 121GB > Sector size (logical/physical): 512B/4096B > Partition Table: gpt > Disk Flags: > > Number Start End SizeFile system Name Flags > 1 20.5kB 210MB 210MB fat32 EFI System Partition boot, > esp > 2 210MB 22.6GB 22.4GB hfs+ > 3 22.6GB 23.2GB 650MB hfs+ > 4 23.2GB 31.2GB 8000MB linux-swap(v1) swap > 5 31.4GB 121GB 89.8GB ext4linux > ~$ > > I would use parted from the installation media to delete partitions 1-4, > recreate the swap at the start (unless I decide to usa a file for the swap), > and move/extend the ext4 partition. > > This seems a bit risky, though. I already asked this, but is there a way to > completely backup my current system, so that I could quickly restore it on a > blank new partition, in case everything goes wrong? > > I have daily backups of /home, /usr/local, and /etc. But in case I need to > reinstall from scratch I think I need more. > > What's the best approach? > -- > ⢀⣴⠾⠻⢶⣦⠀ > ⣾⠁⢠⠒⠀⣿⡁Sent from my brain using neurons fueled by glucose. > ⢿⡄⠘⠷⠚⠋⠀ > ⠈⠳⣄ > -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Can "PulseAudio Volume Control" devs be redeemed?
On Sat, Jul 22, 2017 at 1:51 PM, Erik Christiansen <dva...@internode.on.net> wrote: > After two days of trying to google ways to get audio on the hdmi output > on a shiny new Udoo X86 running debian 9.0.0, sheer gritted-teeth > determination, smacking the walls of the GUI rat's maze lucked onto the > deeply concealed interface. > > On the LXDE desktop, the "Sound & Video" -> "PulseAudio Volume Control" > menu item has only 3 widely spaced tabs, underutilising the chosen > window width, and the "Output Ports" tab offered no management or > configuration possibilities. > > But there are two tiny dark triangles in the corners. Clicking on the RH > one leads to an unnecessarily hidden tab, "Input Devices", and clicking > again reveals "Configuration". There, in a "Profile" selection box, it > is possible to select "Digital Stereo (HDMI) Output". Once selected, it > even seems to be the power-on default. (Much to my surprise, given the > user-hostile perversity of the devious GUI design, deliberately made > unnecessarily narrow, so that two vital tabs could be hidden from the > user, without the most tenuous rational reason for doing so.) > > Granted, the purpose of a GUI is to put access to necessary functions > at the end of deep maze rat runs - but invisible secret tabs with double > blind access?! I do believe that some of these devs are being paid by > Microsoft to paralyse linux. (If not, we know that they were born > arse-backwards, and have never turned around.) > > There is no rational explanation for failing to make all 5 tabs visible. > > Erik > (Who in 30 years of s/w development never let a team member produce crap > like that.) > I think there are two things going on here. One is that many devs get huge displays to make it easier to code, and then forget what the ordinary-sized displays are like. So they get careless about the constraints imposed by ordinary-sized screens. Another is that many devs are trying to support tablets without designing a separate UI for them. So they cram too much in. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: funding & viability questions of GPL enforcement.
On Sat, Jul 22, 2017 at 3:29 AM, Alessandro Vesely <ves...@tana.it> wrote: > On Thu 20/Jul/2017 22:18:25 +0200 Fungi4All wrote: >>[...] > >> For linux we all need to agree before we decide. > > Yeah, that's a pita. It's hard to change anything if everyone can veto. That's sure indication that everything is getting too big -- the companies, of course, but also the projects, the software, ... ... and the egos. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Free software
On Fri, Jul 21, 2017 at 3:46 AM, Doug <dmcgarr...@optonline.net> wrote: > > On 07/20/2017 06:32 AM, rhkra...@gmail.com wrote: >> >> On Wednesday, July 19, 2017 09:27:16 PM Gene Heskett wrote: >>> >>> Doug is correct. Every shop had a subscription to SAM's and toward the >>> end as many as 9 or 10, tall 4 drawer fileing cabinets to keep the stuff >>> in if the subscription was for all of the stuff. >> >> Ahh, Sam's was a good clue (for me)--I think the series was called Sam's >> Photofacts. >> >> >> > You can look it up on the Internet. Just put Sam's Photofact into > your browser! > > (I remember it as Photofacts, just like rhkramer, but the 'net > has it as singular.) Well, a couple of filing cabinets full would be plural, wouldn't it? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Free software
On Thu, Jul 20, 2017 at 8:04 AM, Doug <dmcgarr...@optonline.net> wrote: > > On 07/19/2017 05:44 PM, Joel Rees wrote: >> >> >> This is another aspect of "closed source" gratis technology that is >> often swept under the rug. >> >> It used to be, for instance, that a TV in the US had a full diagram >> of working parts in the back case, so that the TV could still be >> fixed even if the manufacturer suddenly wiped their books and >> disappeared. >> >> > Not at all true! As a sideline I was a TV serviceman in the 1960s. > There usually was a drawing of the tube numbers and positions Thus, the working parts. Except it was not just the tubes, it usually included whatever an independent technician could get as a "part". > somewhere in the set--more usually on an inside surface of the > wooden box. Yeah, in the back [of the] case. :-/ > There certainly was no schematic diagram. What do you call a schematic diagram, then? > However, it was almost always possible to obtain real service > information including schematic diagrams of the circuits from > a paid service, SAMS was one of the services which provide more detailed schematic diagrams. Their existence owe no small debt to the fact that "intellectual property" rights of inventors of usually-not-all-that-new art were not allowed by the law then to take precedence over the rights of the inventors of prior art, nor of the community that gives birth to art over the existing state-of-the-art. And there's another word whose legal definition seems to have changed: state-of-the-art seems to now mean to lawyers something it cannot logically mean to those who practice the art. Too many salescrew-turned-lawyers, maybe. > the name of which escapes me now. (The pages > always included useless ones for record players and such that > nobody ever heard of!) Funny. I often used those useless diagrams for record players that I guess you never heard of. Maybe it was because I used them in the seventies, not the sixties? ;-) For those who are missing the allegories, source code is somewhat the parallel of those diagrams, and we don't have them now except in very rare cases. And, where those diagrams kept still-usable electronics out of the landfill for a few more years, lack of the source code results in a lot of waste in the current economy, contributing to pollution and other things that don't, ultimately, help the economy. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Free software
FTR On Wed, Jul 19, 2017 at 5:46 PM, Fungi4All <fungil...@protonmail.com> wrote: > >>> From: dmcgarr...@optonline.net >>> To: Gene Heskett <ghesk...@shentel.net>, debian-user@lists.debian.org >>> [ important stuff, check the archives] >>> Cheers, Gene Heskett >> I thought I put this to bed, but apparently not. >> > > You thought well because if we are clarifying the description > of reality we can not utilize the grocery store logic of choice. Either > one final thought convinces everyone that it is correct or there > still is room for discussion. ... or we decide we are tired of discussion, which sometimes is not a good thing. > I have no beef with nvidia in specific, > they are just as bad as any for-profit organization, so it is not > specific. > >> I"ve stated my case. Let"s drop it here! You have a lousy attitude. You get to air your armpits, but no one who disagrees with you does. > But this is the problem, you can not be one sided in having > the authority to end a conversation. If Nvidia one day decides > it is not profiting from their little monopoly and decides to > fold its gc production and r, they have the "legal right" to > destroy all knowledge produced and owned by them. The > work and findings of hundreds of people developing nvidia > products is in the hands of one entity (stock-holders). > The state gives them the right to conduct this atrocity of > destroying knowledge and deny society access to it, even > when it has no value for them anymore. This is another aspect of "closed source" gratis technology that is often swept under the rug. It used to be, for instance, that a TV in the US had a full diagram of working parts in the back case, so that the TV could still be fixed even if the manufacturer suddenly wiped their books and disappeared. > I believe society has the right to criticize this mutual practice > by state and owner of knowledge. Any industry is a school for > society and it exists due to lack of alternatives for society. > This is what we are talking about, I think. Internalizing the > logic of the capitalist and its puppet the state, the logic of > market, into our conversation as "logical" is a product of > propaganda and demagogues of the media and other > "institutions". A society must be able to survive having > alternatives past capitalism. > > [...] Again, just for the record, politics itself may be off topic, but we have to give each other a little leeway where politics intersects with the license which allows us to cooperate peacefully in this community. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: so much for your ascii only emails and 80 char lines :)
On Wed, Jul 19, 2017 at 4:58 AM, Dominik George <n...@naturalnet.de> wrote: > it? Thanks! > topic and stop > gone horribly off- > that this thread has > all just agree > So, can we > Sent from my very colourful mailer which encodes as it pleases. > ROFCOL :) Just for reference, this thread just misses paralleling a thread on misc@openbsd: https://marc.info/?l=openbsd-misc=149984510728808=2 -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: funding & viability questions of GPL enforcement.
On Sun, Jul 16, 2017 at 8:47 PM, Alessandro Vesely <ves...@tana.it> wrote: > There are salient discrepancies in copylefting collective work —as there are > mismatches in working as a free software developer in a western economic > model. > There are salient discrepancies in every licensing model, so-called free/libre, free/open, free-as-in-beer, sell-your-first-child-shrinkwrap, etc. Shoot, the entire concept of property is still not worked out well. It only works if we agree to cooperate. And people and companies who receive excess and refuse to return it to the market simply are not cooperating, irregardless of either license or external economic system. (Excess includes not only money and less tangible proxies for value, but also control, which is one place where communism and socialism historically fail.) The whole idea that they have to protect themselves from users of their so-called intellectual property is where we, as a society are failing to do the reality check. > Let me just say that this discussion, working out the legal details of the > problem, is very interesting. I guess that's how every inch of freedom has to > be conquered, and I'm delighted that this list allows me to witness it. I think you meant "fought for" and not "conquered"? > Please go ahead. > > On Sat 15/Jul/2017 19:24:56 +0200 Bradley M. Kuhn wrote: >> [...] >> Finally, this is probably a good moment -- since this thread has erupted on >> a Debian Mailing List -- to let everyone know that Conservancy also >> organizes a GPL copyright aggregation project for Debian contributors as >> well, see: https://sfconservancy.org/copyleft-compliance/#debian and >> https://sfconservancy.org/news/2015/aug/17/debian/. Crowd-funding without the middleman! > [...] -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
On Tue, Jun 20, 2017 at 7:12 AM, deloptes <delop...@gmail.com> wrote: > Richard Stallman wrote: I don't think you should assume RMS is monitoring the debian list. >> I am not trying to study the GRsecurity case because (0) it's >> complicated, and it would take a lot of time to think about, (1) the >> FSF has no say in the matter (it is about Linux) and (2) I don't think >> the copany would heed whatever I might say. > > Could you explain why it should be complicated? I don't want to pretend to be answering for Mr. Stallman, but I have done a small bit of reading now that I see Bruce Perens is taking the time to get involved. > GPL states the rights > obtained should be passed to the recipient, so the recipient should be > allowed to redistribute the code (IMO) even if he/she is paying for > improvements. > > It would be really nice if GRSec could help improve the kernel security in > some way acceptable by and for the benefit of all. I don't think someone > wants to punish them for what they are doing. It would be better to have > mutual benefit if possible as the GPL does not prohibit modifying and > redistributing the code and demanding a fee, it however does guarantee the > right to redistribute is passed to the recipient, which is not the case > here. GRSecurity has posted their complaints here: https://grsecurity.net/announce.php They have a point, although bending the rules is not a good way to make your point, in general. (And I'll note that they seem to be thinking they are following RedHat's example here. At this point I'm more than half inclined to think they might be following RedHat's example, for what that's worth.) TheReg's recent article https://www.theregister.co.uk/2017/04/26/grsecurity_linux_kernel_freeloaders/ indicates they think they might know which large, well-heeled, well- financed major embedded industry player provided the straw that broke GRSecurity's camel's back. But it is not just one player. The entire embedded industry does not seem to understand how their products came to be or how their future products will come to be. That said, GRSecurity needs to find a different way to seek redress. And someone in the community needs to find them a lawyer who will take their case. The GPL is a gentlemen's agreement. When the members of the market refuse to behave like gentlemen, it destroys the value of the agreement. It makes the agreement useless. It will also destroy the market, so the moneyed players who are not paying their fair share back into supporting the "small players" are basically shortening the life-span of their own companies -- cutting off their own noses to spite their faces, as we used to say. I am personally not impressed with GRSecurity's hubris. Their tech is only impressive in that it sort of helps make up a little bit for the serious lacks in the security of every major CPU available today, but especially the ones from Intel. So they do make a contribution, or have until recently. If the OP wants to solve this problem, (s)he has done enough rabble-rowsing this way. He needs to start asking everyone he knows if they know a good lawyer willing to work on contingency. The rest of us who are concerned probably should, as well. Or, perhaps, GRSecurity should go to one of the crowdfunding sites. Or maybe someone could start a new crowdfunding site to specialize in providing legal relief for the small guy. (Not sure how that would work.) (Yeah, I am willing to name and shame Intel here. If our civilization survives the next two decades, our children will remember Intel's processors with the same phrase that Ralph Nader made popular relative to the auto industry. Who can compete when Intel refuses to pay the price of making CPUs that are unsafe at progressively higher speeds?) -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: FYI: systemd session logging - no solution
On Mon, Jul 10, 2017 at 11:52 PM, Václav Ovsík <vaclav.ov...@gmail.com> wrote: > Lately I found this: > https://github.com/systemd/systemd/issues/1291 > so no nice solution unfortunately :(. > -- > Zito > I want to show that to Poettering's manager. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: How to gain control over the system?
On Mon, Jul 10, 2017 at 7:11 AM, Kaj Persson <kape_...@algonet.se> wrote: > Hi Jimmy, > Well, I did not follow your suggestion exactly, but as people has said, the > root account is already and always there, even it has not been assigned a > password. So, against my real whish, not to activate the root account, I > gave the command sudo passwd root, and entered a password. And now I suppose > I have burned my ships and have no way back... Of course you have a way back. man vipw man 5 passwd man 5 shadow and note the -s option. man nologin man false Then sudo vipw and change the line for root (should be the very first line) to give it either /bin/false or /sbin/nologin as the default shell for root. (That's the last field.) cat /etc/passwd after you're done, to make sure you saved it. Then, sudo vipw -s and replace the encrypted password (second ffield) there with '*'. > But! Nothing has changed. I can still not enter program icons to the panel, > and not define keyboard shortcuts. If I sort the icons on the desktop they > still, after a cold start, come back in a completely other order, dispite I > had marked "Keep ajusted" (right click on desktop). > > So...? > /Kaj Have you checked group ownership and permissions? Also, have you checked your mount parameters? And have you checked whether you have established SELinux or acl permissions or anything of that ilk? (BTW, do you keep a backup of your /home partition? I usually find myself using cp -p or tar to copy the files from the old /home to the new one, instead of keeping an old /home around.) -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Installing Debian on an android device
On Mon, Jul 10, 2017 at 12:00 AM, deloptes <delop...@gmail.com> wrote: > [...] > As for some conspiracy chips with embedded rom if you have basic > engineering knowledge you could easily identify all of it and to my > knowledge it is not trivial to embed such a chip into a mass product, > especially a mobile phone. Have you read Ken Thompson's On Trusting Trust? If it is true of software, it is true of hardware. > There were servers in the past, where NSA plugged in special chips before > those machines were shipped to china, but it did not last long and the > chineese found out. Either that was in the days when the NSA didn't really have a lot of skilled engineers, or they wanted the special chips to be found. I'd tend to guess at the latter, because I know how easy it would be to bundle a custom soc with an extra processor and private memory with any standard bit of circuit, package it in a standard-looking package, and label it with the name and package numbering of any company of choice. This has been easy for a long time. > So keep your eyes open and think twice before you buy something and use it - > this is my advise -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: shadow spam (was Re: stop your mail)
On Sun, Jul 9, 2017 at 7:53 PM, Thomas Schmitt <scdbac...@gmx.net> wrote: > Hi, > [...] > > Joel Rees wrote: >> (1) These messages may be a sort of generator for phishing targets. > > You mean that those who hit the "Smack Sender" button of their mail > app show up as flotsam here and can be harvested without reveiling > the harvester's mail address ? > (This theory would imply that the reflector senders are real people > or their watchdog apps.) > > Eek. That would mean we would really have to take measures to not > let appear most of the messages in subscriber mailboxes and archive. > If we let this continue then we create a commercial incentive to > flood us. Of course, if the hypothetical "they" are looking for a commercially viable way to harvest addresses from this list and are doing this, they've missed something much more obvious. And? >> they might be setting up a noise >> background against which to send steganographically encoded messages. > > That's a good one. > We are testing ground for a novel low-bandwidth method to control > bot nets or remote spies. Not likely a testing ground. > Ten hops over iPads, Galaxies, or WinPhones would be nearly as > effective in hiding the sender as a Tor onion would be. > > > Have a nice day :) > > Thomas > Did I say something about onions? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
shadow spam (was Re: stop your mail)
Can I suggest two possibilities not apparently being considered? (1) These messages may be a sort of generator for phishing targets. (This is not currently a likely scenario, but you want to consider it.) (2) These might be either the body of a message sent by a spatter steganography technique, or they might be setting up a noise background against which to send steganographically encoded messages. I'd suggest a third, which is true tin-foil-hat stuff, but you who are into conspiracy theories can work that out yourselves. Whenever I see a sudden rise in odd-looking spam, I tend to assume something like the second possibility. https://en.wikipedia.org/wiki/Steganography -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Installing Debian on an android device
On Thu, Jul 6, 2017 at 2:13 PM, Fungi4All <fungil...@protonmail.com> wrote: > > From: joel.r...@gmail.com > To: debian users <debian-user@lists.debian.org> > > On Wed, Jul 5, 2017 at 8:58 AM, Fungi4All <fungil...@protonmail.com> wrote: >> [...] >> Installing a real debian will require first jailbreaking the device, >> then getting access to the drivers that the manufacturer provides >> and customizing them for Debian, then cross-compiling a lot of stuff ... > > It isn"t easy, and that"s why we don"t find a debain architecture for > any android devices. > > > It seems as there is a variety among them. The architecture gnuroot > identified is armhf and I haven't investigated far enough to see what > its peculiarities are. I am wondering though whether this is the true > architecture or a simulation by gnuroot to build the environment within > the container. > If you give/force gnuroot to go through orbot to connect to the net, > would it be safe to assume anything contained in it connects through > socks5 proxy? > > Is the main obstacle of all this is to crack through the root passw of > android? Would one then be able to replace one system for another? You're on the right track to understanding, but you may be tempted again about the frisbee thing when you gain the understanding. gnuroot debian is not debian. It is a shim that hooks most of the API necessary to simulate debian in the Android environment. And it runs in a sandbox, like a good little Android app should. If you want more access to the system, yes, you have to jailbreak the tablet -- usually using an app that is not a good little Android app, and is opaque, to boot. I haven't tried it yet because of the opaqueness, but my tablet is still on Android 2.4, so it's getting to be time to jailbreak the thing or throw it away. The manufacturer has indicated that it will not provide a system update for the device, so, if I want to update it I will have to waste a lot of time and money setting up a build environment, work the manufacturer-supplied drivers over myself, and build the updated thing myself. I do not have the money to buy the time, much less the hardware and software. If I jailbreak it, I may be able to upgrade to something new, like an Android 4 or 5 pseudo-foss look-alike, or I may not -- assuming I don't brick the thing while trying to jailbreak it. I was never able to figure out how to use Google's dev tools to jailbreak it by hand. They try really hard to convince you it's not possible. If I were to try to install Debian on it, it would be the same as trying to install an updated Android. I'd have to assemble the build environment and build it myself. Except for one more thing, I'd have to expect to do even more work making the manufacturer's drivers work with Debian. Oh, and one more thing, learning how to set up a Debian build environment will probably require learning how to set up an Android build environment first. I've been looking at this page for a while, https://www.linux.com/learn/how-get-open-source-android But the information there is old and getting older. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Replace systemd
On Fri, Jul 7, 2017 at 12:42 AM, Reco <recovery...@gmail.com> wrote: > [...] >> > >> >> This behaviour on a critical component is mere madness. >> > >> > OpenBSD folks beg to differ. >> > >> > https://marc.info/?l=openbsd-tech=149902196520920=2 >> >> They were mocking systemd, not adopting the behaviour... > > Rly? But why? That's legitimate patch aimed on improving compatibility > and interoperability. I certainly expect this patch to land in sudo > upstream. You can hurt yourself cherry picking from the openbsd lists. If you want to know whether Ted was serious, the best approach is to watch the source tree: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/doas/ Check the date on the message, and, BTW, read the whole thread, while you're at it, if you haven't. Ask yourself why the debate fizzled. Check the date again, check who owns doas, check the last change to the source tree. What is missing? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Installing Debian on an android device
On Wed, Jul 5, 2017 at 8:58 AM, Fungi4All <fungil...@protonmail.com> wrote: > Although I despise such devices, my only experience has been > helping a friend out locating certain settings and installing the proper > software for specific uses. > Lately, a problematic one, ended up in my hands as the owner > gave up on it and purchased a better one. The problem seemed > to be either bad ram cells that the system couldn't probably read > after writing, insufficient ram, or bugs on the system utilizing ram > > I thought maybe a debian installation could possibly identify the > issues. If only we had a common BIOS for the ARM devices. Unfortunately, we don't. So we can't just boot a CD/USB/SD. > It seemed possible, even though there is no root access > on the system. I don't know why you would think it possible without root. > I managed to install debian with a package of > gnu-debian. >From the playstore, I presume? Maybe gnuroot debian? I used no-root debian or some such for a while. > Then, after it seemed as a painless successful installation, I > tried to get some gui action. I installed an x-server and up it went. > > 1 The pointing device doesn't seem to work as described. Unfortunately, the touchscreen user interface has been redesigned, and does not cooperate well with the mouse paradigm. I was able to use a usb mouse through a usb hub on no-root debian. > 2 Through browsing the system from debian I can't find where > android is stored as only the debian installation seem to exist, > although it is clear that android runs as a base still. Without root, an install of another Linux environment is just the environment only, linked up so the Android kernel and system tools substitute for the Debian kernel and some of the Debian system tools. It's incomplete, and it's in a sandbox or jail. You aren't allowed access to the real system. You can compile and such things, but the object you get runs in the sandbox with the rest of gnu-root debian. > 3 Would anything past jessie work? Should I try it? It's a rather fragile arrangement, and requires a lot of work to get as much as you have. Odds are very good you'll break something if you try that. But, most likely, only in the debian environment. > 4 It feels like running in VM but it isn't. No root no logins > no user. Exactly. Installing a real debian will require first jailbreaking the device, then getting access to the drivers that the manufacturer provides and customizing them for Debian, then cross-compiling a lot of stuff ... It isn't easy, and that's why we don't find a debain architecture for any android devices. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Clarifying what 'systemd' actually means
On Sun, Jul 2, 2017 at 8:37 PM, Alessandro Vesely <ves...@tana.it> wrote: > On Sun 02/Jul/2017 12:37:33 +0200 Christian Seiler wrote: >> On 07/02/2017 11:24 AM, Michael Fothergill wrote: >>> Could this be exploited to force people to use sysvinit instead of systemd ? > > :-) :-| >> This bug has nothing to do with systemd as the init system, it's in an >> optional component that's disabled by default on Debian. In principle, >> I suspect that resolved could also be used on sysvinit, if you really >> wanted to, though I haven't tried it. >> >> Furthermore, the systemd versions of Wheezy and Jessie are too old to >> already include systemd-resolved, so they are not affected at all. > > Yet, there's a man page: > https://manpages.debian.org/jessie/systemd/systemd-resolved.service.8.en.html > Seriously? >> In general, I think it's helpful for everyone to take a mental note >> that 'systemd' can mean two things: >> >> 1. The init binary itself. (PID 1) >> >> 2. A project that implements various things in userspace >> that includes the init binary, but also an assortment >> of other tools. >> >> In fact, it might be very helpful to draw the following Venn diagram: >> >> +-+ >> | systemd project| >> | | >> | ++ +--+ | >> | | init system | | other tools (some require that | | >> | || | systemd be PID1, others don't) | | >> | | ++ | | | | >> | | | systemd binary (PID 1) | | | these are all optional when | | >> | | ++ | | using systemd as init system, | | >> | || | and there are other projects| | >> | | ++ | | providing similar functionality | | >> | | | generators | | | | | >> | | | (for supporing | | | +--+ | | >> | | | /etc/fstab, etc.) | | | | resolved | | | >> | | ++ | | +--+ | | >> | | [...] > > I'd be curious on why tools which don't even require that systemd be PID1 go > under the systemd umbrella. Doesn't that contribute to make systemd appear > like some kind of conspiracy? Well, I'd say it depends on whether you think that systemd is the best thing since buttered bread or not. > BTW, is resolved one of them or does it require systemd? > > Ale > A quick look on the web doesn't tell me one way or the other, but it seems to be one of those NIH additions to the project. Here's the opendesktop manpage: https://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html My memory of the history of the thing is that a member of the cabal decided that they couldn't rely on existing tools. If any of the group here active in the systemd projects or maybe the opendesktop projects would care to chime in? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [Stretch] apt-get has no updates?
On Sun, Jul 2, 2017 at 5:10 AM, Dejan Jocic <jode...@gmail.com> wrote: > On 01-07-17, Larry Dighera wrote: >> On Fri, 30 Jun 2017 16:31:37 -0400, you wrote: >> >> >> Someone else mentioned unattended upgrades, which is a thing I have >> >> never used, and which is also a thing I would disable if I ever found >> >> it running. But that's just me. >> > >> >I would like to do that but don't know how. Anyone caring to enlighten >> >me without me having to bother poor old Mr. Google yet again - it would >> >be appreciated. :) >> >> Perhaps you'll find this useful: >> >> === >> # auto-update-on-off.sh This script will enable and disable >> unattended-updates >> # >> # LGD: Thu Jun 1 15:00:09 PDT 2017 >> # >> >> [[ $# != 1 ]] && echo -e "\n\t\"$@\" Unknown\n\tUsage: $0 <e|d|s> >> \n\t\tWhere: e = Enable\n\t\t\td = Disable\n\t\t\ts = Status" >&2 && >> exit 1 >> >> FILNAM="/etc/apt/apt.conf.d/10periodic" >> OFF="APT::Periodic::Unattended-Upgrade \"0\";" >> ON="APT::Periodic::Unattended-Upgrade \"1\";" >> >> status(){ # Get current status >> if [[ -s "$FILNAM" ]] ;then # Does file exist with >0 file >> length? >> [[ $(grep -qs 1 "$FILNAM") ]] && STATUS=Enabled >> [[ $(grep -qs 0 "$FILNAM") ]] && STATUS=Disabled >> else >> STATUS="Not Configured (Disabled)" >> fi >> return $STATUS >> } >> >> >> case $1 in >> -[sS]*) status; echo "Current $0 status: $STATUS">&2;exit 0 ;; >> -[dD]*) echo "$OFF" >/etc/apt/apt.conf.d/10periodic ;; >> -[eE]*) echo "$ON" >/etc/apt/apt.conf.d/10periodic ;; >> *) echo -e "\n\t\"$@\" Unknown\n\tUsage: $0 <e|d|s> \n\t\tWhere: e >> = Enable\n\t\t\td = Disable\n\t\t\ts = Status" >&2 && exit 1 >> esac >> >> = >> > > Why would you do that? Write and use script to change one 0/1 in > /etc/apt/apt.conf/20auto-upgrades? Or even 2, in case that you change > both for update and upgrade. Not to mention that those using gnome > software or some kde equivalent can do it in GUI too. At any rate, the script seems to show where the flags are and what they look like. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Wired and Wireless with Etables
On Sat, Jul 1, 2017 at 9:35 PM, ray <r...@aarden.us> wrote: > I would like to determine how to configure dom0 to use either wireless or > wired connections automatically depending upon which are available. > > I am trying to get Xen4.9 up and Debian 9 on a Toshiba laptop with only a > wireless and a wired (enx0) connection through a docking station. I am > trying to use: > https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC > This laptop is a personal workstation implementing a variety of vms and OSs. > Testing wireless internet connection is using JetPack 4G AP and I intend to > use various public/private wireless APs. > > It seems the way to do this is to bond wlan0 and eth0 as bond0, then build a > bridge for domus with bond0. Etables requires the bridge MAC to be defined > in the rules. I do not know how to assign a MAC to the bridge since I don't > know which interface came up. > > How can I set up bridging without knowing which interface is up? > > Thanks, > Ray > I don't know how much help this will be, but here's my recent adventures in setting up a bridge to use my netbook as a wireless access point: Started here: https://lists.debian.org/debian-user/2017/06/msg00153.html Continued here: https://lists.debian.org/debian-user/2017/06/msg00360.html And here: https://lists.debian.org/debian-user/2017/06/msg00459.html Here's where Dan Ritter suggested a bridge configuration that worked for me: https://lists.debian.org/debian-user/2017/06/msg00506.html It's a long story, and I think what I am doing is different from you're trying to do, but something in there may be useful. (I was trying to use etables and gave up, by the way.) I'll note that the log messages were confusing. Even now, the bootup messages say eth0 is not configured and isn't coming up, but the bridge is functioning. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [Stretch] apt-get has no updates?
(Not looking for answers, just using the list to remind myself of something in the future.) On Sat, Jul 1, 2017 at 5:05 AM, Dejan Jocic <jode...@gmail.com> wrote: > On 30-06-17, Greg Wooledge wrote: >> On Fri, Jun 30, 2017 at 06:34:49PM +0200, Dejan Jocic wrote: >> > If you want to >> > prevent automatic upgrades and disable them, because you want to do it >> > manually like you are used to, you should edit file >> > /etc/apt/apt.conf.d/20auto-upgrades and change it from this: >> > >> > APT::Periodic::Update-Package-Lists "1"; >> > APT::Periodic::Unattended-Upgrade "1"; >> > >> > to this: >> > >> > APT::Periodic::Update-Package-Lists "0"; >> > APT::Periodic::Unattended-Upgrade "0"; >> >> Or you can just remove the unattended-upgrades package, right? >> > > Sure, if you want to. [mark (reiisi): python-dependencies ] > On gnome, it is pulled in because of > gnome-packagekit which recommends software-properties-gtk which depends > on python3-software-properties which recommends unattended-upgrades. [end-mark] > Personally would leave it on, because I like to have it in case that I > become lazy with my daily routine and because I like to look at various > things and understand how they work. But if OP does not need it, it is > safe to remove/purge it. > > > -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: OT: SQL database - some questions
On Wed, Jun 28, 2017 at 5:00 PM, Hans <hans.ullr...@loop.de> wrote: > Dear list, > > this is a little offtopic, but maybe you can make things a little bit clearer > for me. > > I had had a webserver hosted by a provider, which is switched off since a > year. From this server I got a backup of a sql database. The system that ran > that time, was wordpress, and the database is called something like > "bla_bla_wp2016018_911.sql.gz" > > On this website I wrote some blogs, which I want to have back. > > So my question: Are these blogs content in this database? And if yes, can I > restore them without to setup a complete wordpress server with sql database? This question should be first asked on the wordpress list, not here. Some of the wordpress devs do haunt the debian lists, but you'll just get better answers there. > Is there an easy way or only a hard way? Yes. There is an easy way and many ways to easily make it way harder than it should be. > Would be nice, if someone could give me some points, I am not so experienced > with databases. It will be much easier to figure the database part out with wordpress installed and running. You can set it up for access only from the local machine, and then you can play around with the files as you like. Much easier to make progress when you have the thing in front of you, running. If you have, for example, other mysql/maria database stuff on the machine, you can set up wordpress to not conflict, with help from the people on the wordpress list. And if you have questions they can't answer, we may be able to help you here. Or we may send you to the mysql list. (I personally have found that shying away from signing onto new mailing lists has caused me more trouble than keeping track of the new passwords, etc.) -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: slow connections to non-bridged hostapd/dnsmasq wireless access point (was pointers to material...)
On Wed, Jun 14, 2017 at 9:39 AM, Dan Ritter <d...@randomstring.org> wrote: > On Wed, Jun 14, 2017 at 07:40:49AM +0900, Joel Rees wrote: >> (Now that I'm awake...) >> >> On Wed, Jun 14, 2017 at 2:18 AM, Joel Rees <joel.r...@gmail.com> wrote: >> > On Tue, Jun 13, 2017 at 9:26 PM, Dan Ritter <d...@randomstring.org> wrote: >> >> On Tue, Jun 13, 2017 at 11:55:11AM +0900, Joel Rees wrote: >> >>> On Tue, Jun 13, 2017 at 9:30 AM, Dan Ritter <d...@randomstring.org> >> >>> wrote: >> >>> > On Mon, Jun 12, 2017 at 11:50:00AM +0900, Joel Rees wrote: >> >>> >> (famous last words) >> >>> >> >> >>> >> On Sat, Jun 10, 2017 at 3:53 PM, Joel Rees <joel.r...@gmail.com> >> >>> >> wrote: >> >>> >> > I now have connection for both the wireless and the netbook that is >> >>> >> > acting >> >>> >> > as the AP. I took out the bridge entirely, quit trying to play with >> >>> >> > port forwarding, >> >>> >> > just used dead simple setup. dnsmasq was the only missing piece, if >> >>> >> > I had >> >>> >> > not been focusing on bridging. Bridging is probably for the other >> >>> >> > direction. >> >>> >> > >> >>> >> > But the wireless is pretty slow, so I'm not sure I'm finished. >> >>> >> > >> >>> >> > I have to go take care of some family business, when I'm done I'll >> >>> >> > post the details. >> >>> >> > >> >>> >> > But it's really pretty simply. I was just working too hard. >> >>> >> >> >>> >> But it's too slow to maintain a connection. >> >>> >> >> >>> >> After mucking around a bit, I haven't really come up with anything. So >> >>> >> I'll post my >> >>> >> configurations (names changed as usual): >> >>> > >> >>> > You have an eth0 network, a non-overlapping wlan0 network -- can >> >>> > you characterize "too slow"? >> >>> >> >>> Actually, now that I dig in, it only seems to be routing dns traffic. >> >>> >> >>> That is, I tried to ping the wireless interface from my daughter's >> >>> computer >> >>> and got a network not reachable or down result of some sort. (I didn't >> >>> write the exact message down, and my daughter's at school so I can't >> >>> use her computer.) >> >>> >> >>> But my logs on the netbook that is running hostapd and dnsmasq show >> >>> quite a bit of dns traffic, lots of queries returning successful results. >> >>> >> >>> > Things to check: >> >>> > >> >>> > - ping from your netbook to the outside world >> >>> >> >>> No problem there. >> >>> >> >>> > - ping from a wifi client through the netbook to the outside >> >>> > world >> >>> >> >>> That also got network not reachable or down or something. >> >>> >> >>> > if those work, >> >>> > >> >>> > - wget -O /dev/null http://speed.hetzner.de/100MB.bin >> >>> > - and on a wifi client >> >>> >> >>> I tried that in bridge configuration just now and I'm only getting one >> >>> percent every twenty to thirty seconds. The non-bridged configuration >> >>> doesn't even read the mail to look at the url. >> >>> >> >> >> >> Right, that's bad. >> >> Actually, it might be normal for this ancient Android tablet. >> >> >> Try this: >> >> >> >> allow-hotplug eth0 >> >> iface eth0 inet static >> >> >> >> allow-hotplug wlan0 >> >> iface wlan0 inet static >> >> >> >> auto br0 >> >> iface br0 inet static >> >> address 172.28.45.58 >> >> netmask 255.255.255.192 >> >> broadcast 172.28.45.63 >> >> gateway 172.28.45.32 >> >> dns-nameservers 172.28.45.32 208.67.222.222 8.8.4.4 >> >> bridge_ports eth0 wlan0 >> >> bridge_maxwait 1 >> >> >> >> &g
Re: slow connections to non-bridged hostapd/dnsmasq wireless access point (was pointers to material...)
(Now that I'm awake...) On Wed, Jun 14, 2017 at 2:18 AM, Joel Rees <joel.r...@gmail.com> wrote: > On Tue, Jun 13, 2017 at 9:26 PM, Dan Ritter <d...@randomstring.org> wrote: >> On Tue, Jun 13, 2017 at 11:55:11AM +0900, Joel Rees wrote: >>> On Tue, Jun 13, 2017 at 9:30 AM, Dan Ritter <d...@randomstring.org> wrote: >>> > On Mon, Jun 12, 2017 at 11:50:00AM +0900, Joel Rees wrote: >>> >> (famous last words) >>> >> >>> >> On Sat, Jun 10, 2017 at 3:53 PM, Joel Rees <joel.r...@gmail.com> wrote: >>> >> > I now have connection for both the wireless and the netbook that is >>> >> > acting >>> >> > as the AP. I took out the bridge entirely, quit trying to play with >>> >> > port forwarding, >>> >> > just used dead simple setup. dnsmasq was the only missing piece, if I >>> >> > had >>> >> > not been focusing on bridging. Bridging is probably for the other >>> >> > direction. >>> >> > >>> >> > But the wireless is pretty slow, so I'm not sure I'm finished. >>> >> > >>> >> > I have to go take care of some family business, when I'm done I'll >>> >> > post the details. >>> >> > >>> >> > But it's really pretty simply. I was just working too hard. >>> >> >>> >> But it's too slow to maintain a connection. >>> >> >>> >> After mucking around a bit, I haven't really come up with anything. So >>> >> I'll post my >>> >> configurations (names changed as usual): >>> > >>> > You have an eth0 network, a non-overlapping wlan0 network -- can >>> > you characterize "too slow"? >>> >>> Actually, now that I dig in, it only seems to be routing dns traffic. >>> >>> That is, I tried to ping the wireless interface from my daughter's computer >>> and got a network not reachable or down result of some sort. (I didn't >>> write the exact message down, and my daughter's at school so I can't >>> use her computer.) >>> >>> But my logs on the netbook that is running hostapd and dnsmasq show >>> quite a bit of dns traffic, lots of queries returning successful results. >>> >>> > Things to check: >>> > >>> > - ping from your netbook to the outside world >>> >>> No problem there. >>> >>> > - ping from a wifi client through the netbook to the outside >>> > world >>> >>> That also got network not reachable or down or something. >>> >>> > if those work, >>> > >>> > - wget -O /dev/null http://speed.hetzner.de/100MB.bin >>> > - and on a wifi client >>> >>> I tried that in bridge configuration just now and I'm only getting one >>> percent every twenty to thirty seconds. The non-bridged configuration >>> doesn't even read the mail to look at the url. >>> >> >> Right, that's bad. Actually, it might be normal for this ancient Android tablet. >> Try this: >> >> allow-hotplug eth0 >> iface eth0 inet static >> >> allow-hotplug wlan0 >> iface wlan0 inet static >> >> auto br0 >> iface br0 inet static >> address 172.28.45.58 >> netmask 255.255.255.192 >> broadcast 172.28.45.63 >> gateway 172.28.45.32 >> dns-nameservers 172.28.45.32 208.67.222.222 8.8.4.4 >> bridge_ports eth0 wlan0 >> bridge_maxwait 1 >> >> >> Note that now both the eth0 and wlan0 interfaces will have the same >> 172.28.45.58 address >> >> But for right now, ignore that: just test connectivity and speed on this >> netbook while the bridge is in effect. > > Interesting. Without the alias on eth0, the netbook is now able to access > the internet through the bridged eth0 port. This is beginning to make > more sense to me. > > Speed on your 100Mb blob is reasonable, ETA of about two minutes > and 40 seconds, which is close to the limit on my connection. > > Wireless devices are not able to log in. I'm not sure I got the changes > to the dnsmasq and ntp configurations right for doing a subrange of > what I have the wall router providing me. I forgot the most important setting. Setting hostapd to bridge mode solved the connection problem. It's still running about 20 seconds per megabyte, which may be all I want to expect from this ancient single-processor 32-bit ARM Android 2.4
Re: slow connections to non-bridged hostapd/dnsmasq wireless access point (was pointers to material...)
On Tue, Jun 13, 2017 at 9:26 PM, Dan Ritter <d...@randomstring.org> wrote: > On Tue, Jun 13, 2017 at 11:55:11AM +0900, Joel Rees wrote: >> On Tue, Jun 13, 2017 at 9:30 AM, Dan Ritter <d...@randomstring.org> wrote: >> > On Mon, Jun 12, 2017 at 11:50:00AM +0900, Joel Rees wrote: >> >> (famous last words) >> >> >> >> On Sat, Jun 10, 2017 at 3:53 PM, Joel Rees <joel.r...@gmail.com> wrote: >> >> > I now have connection for both the wireless and the netbook that is >> >> > acting >> >> > as the AP. I took out the bridge entirely, quit trying to play with >> >> > port forwarding, >> >> > just used dead simple setup. dnsmasq was the only missing piece, if I >> >> > had >> >> > not been focusing on bridging. Bridging is probably for the other >> >> > direction. >> >> > >> >> > But the wireless is pretty slow, so I'm not sure I'm finished. >> >> > >> >> > I have to go take care of some family business, when I'm done I'll >> >> > post the details. >> >> > >> >> > But it's really pretty simply. I was just working too hard. >> >> >> >> But it's too slow to maintain a connection. >> >> >> >> After mucking around a bit, I haven't really come up with anything. So >> >> I'll post my >> >> configurations (names changed as usual): >> >> >> > >> > >> > You have an eth0 network, a non-overlapping wlan0 network -- can >> > you characterize "too slow"? >> >> Actually, now that I dig in, it only seems to be routing dns traffic. >> >> That is, I tried to ping the wireless interface from my daughter's computer >> and got a network not reachable or down result of some sort. (I didn't >> write the exact message down, and my daughter's at school so I can't >> use her computer.) >> >> But my logs on the netbook that is running hostapd and dnsmasq show >> quite a bit of dns traffic, lots of queries returning successful results. >> >> > Things to check: >> > >> > - ping from your netbook to the outside world >> >> No problem there. >> >> > - ping from a wifi client through the netbook to the outside >> > world >> >> That also got network not reachable or down or something. >> >> > if those work, >> > >> > - wget -O /dev/null http://speed.hetzner.de/100MB.bin >> > - and on a wifi client >> >> I tried that in bridge configuration just now and I'm only getting one >> percent every twenty to thirty seconds. The non-bridged configuration >> doesn't even read the mail to look at the url. >> > > Right, that's bad. > > Try this: > > allow-hotplug eth0 > iface eth0 inet static > > allow-hotplug wlan0 > iface wlan0 inet static > > auto br0 > iface br0 inet static > address 172.28.45.58 > netmask 255.255.255.192 > broadcast 172.28.45.63 > gateway 172.28.45.32 > dns-nameservers 172.28.45.32 208.67.222.222 8.8.4.4 > bridge_ports eth0 wlan0 > bridge_maxwait 1 > > > Note that now both the eth0 and wlan0 interfaces will have the same > 172.28.45.58 address > > But for right now, ignore that: just test connectivity and speed on this > netbook while the bridge is in effect. Interesting. Without the alias on eth0, the netbook is now able to access the internet through the bridged eth0 port. This is beginning to make more sense to me. Speed on your 100Mb blob is reasonable, ETA of about two minutes and 40 seconds, which is close to the limit on my connection. Wireless devices are not able to log in. I'm not sure I got the changes to the dnsmasq and ntp configurations right for doing a subrange of what I have the wall router providing me. > If you can't get a good approximation of your internet > connection speed from this, there's more to track down. > > -dsr- This is something I can play with after I wake up tomorrow. (It's about two in the morning here and I need to get some sleep.) Thanks! -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: slow connections to non-bridged hostapd/dnsmasq wireless access point (was pointers to material...)
On Tue, Jun 13, 2017 at 9:30 AM, Dan Ritter <d...@randomstring.org> wrote: > On Mon, Jun 12, 2017 at 11:50:00AM +0900, Joel Rees wrote: >> (famous last words) >> >> On Sat, Jun 10, 2017 at 3:53 PM, Joel Rees <joel.r...@gmail.com> wrote: >> > I now have connection for both the wireless and the netbook that is acting >> > as the AP. I took out the bridge entirely, quit trying to play with >> > port forwarding, >> > just used dead simple setup. dnsmasq was the only missing piece, if I had >> > not been focusing on bridging. Bridging is probably for the other >> > direction. >> > >> > But the wireless is pretty slow, so I'm not sure I'm finished. >> > >> > I have to go take care of some family business, when I'm done I'll >> > post the details. >> > >> > But it's really pretty simply. I was just working too hard. >> >> But it's too slow to maintain a connection. >> >> After mucking around a bit, I haven't really come up with anything. So >> I'll post my >> configurations (names changed as usual): >> > > > You have an eth0 network, a non-overlapping wlan0 network -- can > you characterize "too slow"? Actually, now that I dig in, it only seems to be routing dns traffic. That is, I tried to ping the wireless interface from my daughter's computer and got a network not reachable or down result of some sort. (I didn't write the exact message down, and my daughter's at school so I can't use her computer.) But my logs on the netbook that is running hostapd and dnsmasq show quite a bit of dns traffic, lots of queries returning successful results. > Things to check: > > - ping from your netbook to the outside world No problem there. > - ping from a wifi client through the netbook to the outside > world That also got network not reachable or down or something. > if those work, > > - wget -O /dev/null http://speed.hetzner.de/100MB.bin > - and on a wifi client I tried that in bridge configuration just now and I'm only getting one percent every twenty to thirty seconds. The non-bridged configuration doesn't even read the mail to look at the url. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
slow connections to non-bridged hostapd/dnsmasq wireless access point (was pointers to material...)
(famous last words) On Sat, Jun 10, 2017 at 3:53 PM, Joel Rees <joel.r...@gmail.com> wrote: > I now have connection for both the wireless and the netbook that is acting > as the AP. I took out the bridge entirely, quit trying to play with > port forwarding, > just used dead simple setup. dnsmasq was the only missing piece, if I had > not been focusing on bridging. Bridging is probably for the other direction. > > But the wireless is pretty slow, so I'm not sure I'm finished. > > I have to go take care of some family business, when I'm done I'll > post the details. > > But it's really pretty simply. I was just working too hard. But it's too slow to maintain a connection. After mucking around a bit, I haven't really come up with anything. So I'll post my configurations (names changed as usual): /etc/network/interfaces--- # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 #iface eth0 inet dhcp iface eth0 inet static address 172.28.45.58 network 172.28.45.0 netmask 255.255.255.192 broadcast 172.28.45.63 gateway 172.28.45.32 dns-nameservers 172.28.45.32 208.67.222.222 8.8.4.4 # wireless wlan0 allow-hotplug wlan0 #iface wlan0 inet manual iface wlan0 inet static address 172.28.43.168 netmask 255.255.255.192 network 172.28.43.128 broadcast 172.28.43.191 gateway 172.28.45.58 dns-nameservers 172.28.45.58 172.28.45.32 208.67.222.222 8.8.4.4 -- --/etc/hostapd/hostapd.conf ### Wireless network name ### interface=wlan0 ### Driver Name ### driver=nl80211 ### Set your bridge name ### #bridge=br0 ### Country name code in ISO/IEC 3166-1 format. ### # This is used to set regulatory domain. # Set as needed to indicate country in which device is operating. # This can limit available channels and transmit power. ### (IN == INDIA, UK == United Kingdom, US == United Stats and so on ) ### country_code=JP ### SSID: ### ssid=MonkeyMagic ### channel number (some drivers will only accept 0) ### ### (some drivers will not accept 0) ### channel=1,6,10 ### operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g) ### hw_mode=g ieee80211n=1 ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40] ### WPA mode: ### wpa=2 ### passphrase (WiFi password): ### wpa_passphrase=n0+m4REALpa55P#ra$e ## Key management algorithms ## wpa_key_mgmt=WPA-PSK ## Set cipher suites (encryption algorithms) ## ## TKIP = Temporal Key Integrity Protocol ## CCMP = AES in Counter mode with CBC-MAC wpa_pairwise=TKIP rsn_pairwise=CCMP ## Shared Key Authentication ## auth_algs=1 ## Accept all MAC address ### macaddr_acl=0 ## Don't mess with media-specific tuning. ## wme_enabled=0 -- /etc/dnsmasq.conf # Configuration file for dnsmasq. # # Format is one option per line, legal options are the same # as the long options legal on the command line. See # "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details. # Listen on this specific port instead of the standard DNS port # (53). Setting this to zero completely disables DNS function, # leaving only DHCP and/or TFTP. #port=5353 # The following two options make you a better netizen, since they # tell dnsmasq to filter out queries which the public DNS cannot # answer, and which load the servers (especially the root servers) # unnecessarily. If you have a dial-on-demand link they also stop # these requests from bringing up the link unnecessarily. # Never forward plain names (without a dot or domain part) domain-needed # Never forward addresses in the non-routed address spaces. bogus-priv # Uncomment this to filter useless windows-originated DNS requests # which can trigger dial-on-demand links needlessly. # Note that (amongst other things) this blocks all SRV requests, # so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk. # This option only affects forwarding, SRV records originating for # dnsmasq (via srv-host= lines) are not suppressed by it. #filterwin2k # Change this line if you want dns to get its upstream servers from # somewhere other that /etc/resolv.conf #resolv-file= # By default, dnsmasq will send queries to any of the upstream # servers it knows about and tries to favour servers to are known # to be up. Uncommenting this forces dnsmasq to try each query # with each server strictly in the order they appear in # /etc/resolv.conf #strict-order # If you don't want dnsmasq to read /etc/resolv.conf or any other # file, getting its servers from this file instead (see below), then # uncomment this. #no-resolv # If you don't
Re: ifconfig network resolution (Re: pointers to material for using netbook's wireless as access point)
On Sun, Jun 11, 2017 at 4:57 PM, Joe <j...@jretrading.com> wrote: > On Sat, 10 Jun 2017 10:57:47 +0900 > Joel Rees <joel.r...@gmail.com> wrote: > >> Experimenting from the command line, I find myself puzzled about the >> arguments for ifconfig. >> >> Reading the manual, it would appear that the arguments for ifconfig >> should be something like this: >> >> ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 >> broadcast 10.19.23.223 10.19.23.94 >> >> But the command returns with >> >> SIOCSIFNETMASK: Can't allocate this address. >> SIOCSIFBRDADDR: Can't allocate this address. >> >> If I repeat the command, it gives no errors, but the netmask and >> broadcast address end up full class A (255.0.0.0 and 10.255.255.255). >> >> Anyone have an idea what's happening? >> > > Could you humour me for a moment, and try the exercise with one of the > 192.168... networks, with the same sized subnet? > > I've seen this kind of behaviour a very long time ago, and I can't > really believe it is still happening, but... See the other sub-thread. But it does go to class C instead of the partial class C when the device address comes at the end of the list. -- Joel Rees Trying to re-invent the entire industry all by myself: http://defining-computers.blogspot.jp/
Re: ifconfig network resolution
On Sun, Jun 11, 2017 at 2:04 PM, Lisi Reisz <lisi.re...@gmail.com> wrote: > On Saturday 10 June 2017 21:18:42 Cindy-Sue Causey wrote: >> My apologies in advance because I'm asking that without knowing if he >> does or does not actually speak Japanese. He might be able to read >> that quite well. In that case, I'm envious because that's on a #Life >> to-do bucket list for me.. :) > > He lives in Japan and probably actually has a Japanese computer that has to > be persuaded to talk English. ;-). Sometimes *I* have to be persuaded to speak English. > Now, I have debugged network problems on a UNIX computer that spoke Japanese, > knowing none myself and reading even less. AND I succeeded. I felt very > proud not just of myself but of UNIX. (Japanese Macbook withMac-OSX) > > Lisi > I like Macs, too. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: ifconfig network resolution
On Sun, Jun 11, 2017 at 11:09 AM, Andy Smith <a...@strugglers.net> wrote: > Hi Joel, > > On Sun, Jun 11, 2017 at 07:55:50AM +0900, Joel Rees wrote: >> # If the address to be assigned is given first, which I think everyone >> # pretty much does: >> >> myadm@mycomp:~$ env LANG=en_US.UTF-8 sudo ifconfig eth0:1 down >> myadm@mycomp:~$ env LANG=en_US.UTF-8 sudo ifconfig eth0:1 >> 10.19.201.198 netmask 255.255.255.224 broadcast 10.19.201.223 >> myadm@mycomp:~$ env LANG=en_US.UTF-8 sudo ifconfig eth0:1 >> eth0:1Link encap:Ethernet HWaddr 53:bc:81:02:21:bb >> inet addr:10.19.201.198 Bcast:10.19.201.223 Mask:255.255.255.224 >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> Interrupt:42 Base address:0xa000 >> >> # it seems to see the address first and set things as intended in one pass. >> - >> >> Which is confusing to my middle-aged brain. > > Have you considered just using "ip"? Once upon a time, I tried to learn ip. It does not stick in my memory. The fires burning from systemd Still feel fresh and hot to me. Too hot to think of words more pithy. But when I left RH behind I felt free. For a year or two. When the inevitable happens, I'll probably just kill myself trying to rewrite the whole thing from scratch, with a unified,logical basis, and short, concise commands that don't try to take over the whole system and the kitchen sink. Just leave me alone in my codgerism. -- Joel Rees Trying to re-invent the industry all by myself: http://defining-computers.blogspot.jp/
Re: ifconfig network resolution
erk On Sun, Jun 11, 2017 at 7:55 AM, Joel Rees <joel.r...@gmail.com> wrote: > [...] > Which is confusing to my middle-aged brain. So I could suggest editing > the man page, something along the lines of the following > > - > [...] > {add} > NOTES >The parameters and options are processed in the order given, thus >if the address appears after the netmask and broadcast address, >the netmask and broadcast address may be re-interpreted and applied >to an existing address, or to the state of having no address >assigned, with unintended results which affect the security state >of the host. {end add} >{...} > - > > -- > Joel Rees > > randomly ranting: > http://reiisi.blogspot.com -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: ifconfig network resolution
if an address is assigned to the interface. down This flag causes the driver for this interface to be shut down. {...} netmask addr Set the IP network mask for this interface. This value defaults to the usual class A, B or C network mask (as derived from the interface IP address), but it can be set to any value. {...} [-]broadcast [addr] If the address argument is given, set the protocol broadcast address for this interface. Otherwise, set (or clear) the IFF_BROADCAST flag for the interface. {...} NOTES The parameters and options are processed in the order given, thus if the address appears after the netmask and broadcast address, the netmask and broadcast address may be re-interpreted and applied to an existing address, or to the state of having no address assigned, with unintended results which affect the security state of the host. {...} - -- Joel Rees randomly ranting: http://reiisi.blogspot.com
Re: ifconfig network resolution
Sorry, again, On Sat, Jun 10, 2017 at 11:36 PM, Joel Rees <joel.r...@gmail.com> wrote: > On Sat, Jun 10, 2017 at 8:16 PM, Pascal Hambourg <pas...@plouf.fr.eu.org> > wrote: >> Le 10/06/2017 à 12:13, Joel Rees a écrit : >>> >>> On Sat, Jun 10, 2017 at 3:52 PM, Pascal Hambourg <pas...@plouf.fr.eu.org> >>> wrote: >>>> >>>> Le 10/06/2017 à 03:57, Joel Rees a écrit : >>>>> >>>>> >>>>> ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 >>>>> broadcast 10.19.23.223 10.19.23.94 > > Noting, as I did in my previous followup post, that the device address > and the broadcast address and the netmask do not match. > >>>>> But the command returns with >>>>> >>>>> SIOCSIFNETMASK: Can't allocate this address. >>>>> SIOCSIFBRDADDR: Can't allocate this address. >> >> (...) >>>> >>>> The address must be set before the mask and broadcast address. >>> >>> >>> Now there's another puzzle, because the man page indicates that the >>> address should come after the options. >> >> >> Actually the man page does not indicate any order : it just says "option | >> address ..." (options or address) > > I guess it could be read that way. > > 8) > > Would that mean you could give it more than one address to assign to > the device on a single command line? > >>> I had been used to typing it before the options, and was getting the >>> same kind of results with the address before the parameters, I think. >> >> >> I tested before replying and got the correct result. >> > > Okay, I guess my follow-up wasn't clear enough. > > - > myadm@mycomp:~$ sudo ifconfig eth0:1 down > myadm@mycomp:~$ sudo ifconfig eth0:1 > eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa ethernet hardware address > UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 > 割り込み:42 ベースアドレス:0xa000 metric:1 IRQ:42 base address: 0xa000 > > myadm@mycomp:~$ sudo ifconfig eth0:1 netmask 255.255.255.224 broadcast > 10.19.201.223 10.19.201.198 > SIOCSIFNETMASK: 要求アドレスに割り当てられません Could not allocate requested address > SIOCSIFBRDADDR: 要求アドレスに割り当てられません could not allocate requested address > SIOCSIFFLAGS: 要求アドレスに割り当てられません could not allocate requested address > myadm@mycomp:~$ sudo ifconfig eth0:1 > eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa > inetアドレス:10.19.201.198 ブロードキャスト:10.255.255.255 マスク:255.0.0.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 > 割り込み:42 ベースアドレス:0xa000 > (see above) > myadm@mycomp:~$ sudo ifconfig eth0:1 netmask 255.255.255.224 broadcast > 10.19.201.223 10.19.201.198 > myadm@mycomp:~$ sudo ifconfig eth0:1 > eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa > inetアドレス:10.19.201.198 ブロードキャスト:10.19.201.223 マスク:255.255.255.224 > UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 > 割り込み:42 ベースアドレス:0xa000 > > myadm@mycomp:~$ sudo ifconfig eth0:1 down > myadm@mycomp:~$ sudo ifconfig eth0:1 10.19.201.198 netmask > 255.255.255.224 broadcast 10.19.201.223 > myadm@mycomp:~$ sudo ifconfig eth0:1 > eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa > inetアドレス:10.19.201.198 ブロードキャスト:10.19.201.223 マスク:255.255.255.224 > UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 > 割り込み:42 ベースアドレス:0xa000 > > myadm@mycomp:~$ sudo ifconfig eth0:1 down > - > > I still say the man page could use a little revision. > > -- > Joel Rees > > One of these days I'll get someone to pay me > to design a language that combines the best of Forth and C. > Then I'll be able to leap wide instruction sets with a single #ifdef, > run faster than a speeding infinite loop with a #define, > and stop all integer size bugs with a bare cast. > > More of my delusions: > http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html > http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: ifconfig network resolution
On Sat, Jun 10, 2017 at 8:16 PM, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote: > Le 10/06/2017 à 12:13, Joel Rees a écrit : >> >> On Sat, Jun 10, 2017 at 3:52 PM, Pascal Hambourg <pas...@plouf.fr.eu.org> >> wrote: >>> >>> Le 10/06/2017 à 03:57, Joel Rees a écrit : >>>> >>>> >>>> ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 >>>> broadcast 10.19.23.223 10.19.23.94 Noting, as I did in my previous followup post, that the device address and the broadcast address and the netmask do not match. >>>> But the command returns with >>>> >>>> SIOCSIFNETMASK: Can't allocate this address. >>>> SIOCSIFBRDADDR: Can't allocate this address. > > (...) >>> >>> The address must be set before the mask and broadcast address. >> >> >> Now there's another puzzle, because the man page indicates that the >> address should come after the options. > > > Actually the man page does not indicate any order : it just says "option | > address ..." (options or address) I guess it could be read that way. 8) Would that mean you could give it more than one address to assign to the device on a single command line? >> I had been used to typing it before the options, and was getting the >> same kind of results with the address before the parameters, I think. > > > I tested before replying and got the correct result. > Okay, I guess my follow-up wasn't clear enough. - myadm@mycomp:~$ sudo ifconfig eth0:1 down myadm@mycomp:~$ sudo ifconfig eth0:1 eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 割り込み:42 ベースアドレス:0xa000 myadm@mycomp:~$ sudo ifconfig eth0:1 netmask 255.255.255.224 broadcast 10.19.201.223 10.19.201.198 SIOCSIFNETMASK: 要求アドレスに割り当てられません SIOCSIFBRDADDR: 要求アドレスに割り当てられません SIOCSIFFLAGS: 要求アドレスに割り当てられません myadm@mycomp:~$ sudo ifconfig eth0:1 eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa inetアドレス:10.19.201.198 ブロードキャスト:10.255.255.255 マスク:255.0.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 割り込み:42 ベースアドレス:0xa000 myadm@mycomp:~$ sudo ifconfig eth0:1 netmask 255.255.255.224 broadcast 10.19.201.223 10.19.201.198 myadm@mycomp:~$ sudo ifconfig eth0:1 eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa inetアドレス:10.19.201.198 ブロードキャスト:10.19.201.223 マスク:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 割り込み:42 ベースアドレス:0xa000 myadm@mycomp:~$ sudo ifconfig eth0:1 down myadm@mycomp:~$ sudo ifconfig eth0:1 10.19.201.198 netmask 255.255.255.224 broadcast 10.19.201.223 myadm@mycomp:~$ sudo ifconfig eth0:1 eth0:1Link encap:イーサネット ハードウェアアドレス 50:af:73:12:64:aa inetアドレス:10.19.201.198 ブロードキャスト:10.19.201.223 マスク:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 メトリック:1 割り込み:42 ベースアドレス:0xa000 myadm@mycomp:~$ sudo ifconfig eth0:1 down - I still say the man page could use a little revision. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Reply-to-all or reply-to-list again
On Sat, Jun 10, 2017 at 10:52 PM, Fungi4All <fungil...@protonmail.com> wrote: > UTC Time: June 10, 2017 2:13 AM > > From: joel.r...@gmail.com > > On Sat, Jun 10, 2017 at 12:57 AM, Nicolas George <geo...@nsup.org> wrote: >> Le primidi 21 prairial, an CCXXV, The Wanderer a écrit : >>> Disagreed. This results in sending extra copies to people who are >>> subscribed to the list, which is incorrect. >> >> Not if the list is properly configured. >> >> Debian's lists are badly configured, it results in burden to all users, >> but the users should reject that burden. I do. >> >> I will not answer Gene's message, he obviously missed the whole point of >> my mail. >> Nicolas George > > And Now Google Doesn't Think Users Should Ever Set Headers. > Progress is progress. > > > Progress in a society comes when they collectively pursue in common > something > that would improve their lives and conditions. If the few and powerful > coerce or > blackmail a society to move a certain direction because that advances the > interests > of the few I wouldn't dare call this progress. Rarely in history did such > moves lasted > and stabilized, as for every action there is a reaction. Just give it some > time and > the vast majority of the world will be really happy to see google/fb/ms > collapse > and vanish. That may be progress, being without the pests. > > Would you call android and win10 progress? I hope not. Vehicles were > progress > over horses and carriages in some respects, people walking and one in > ten thousands being driven in a Rolls Royce where the passengers were > covered > and the driver was outside was not progress. Model A was progress at > a cost. > > Progress is not made by following rulers and those in power, it comes > from the dialectic of resisting and reacting to power and oligarchy. > > Joel Rees > > > (AK) Yeah. Progress is progress. ahem. Sorry. I guess I forgot something. {irony}Progress is progress.{end-irony} -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: ifconfig network resolution
On Sat, Jun 10, 2017 at 3:52 PM, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote: > Le 10/06/2017 à 03:57, Joel Rees a écrit : >> >> Experimenting from the command line, I find myself puzzled about the >> arguments for ifconfig. >> >> Reading the manual, it would appear that the arguments for ifconfig >> should be something like this: >> >> ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 >> broadcast 10.19.23.223 10.19.23.94 >> >> But the command returns with >> >> SIOCSIFNETMASK: Can't allocate this address. >> SIOCSIFBRDADDR: Can't allocate this address. > > > You set the mask twice. Actually, I did not set the the mask twice, I just typed it it twice. ;/ I hand-typed it from memory, as I noted in my followup. But I did check, and I get the same kinds of results when I without typing extra parameters. > The address must be set before the mask and broadcast address. Now there's another puzzle, because the man page indicates that the address should come after the options. I had been used to typing it before the options, and was getting the same kind of results with the address before the parameters, I think. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
I now have connection for both the wireless and the netbook that is acting as the AP. I took out the bridge entirely, quit trying to play with port forwarding, just used dead simple setup. dnsmasq was the only missing piece, if I had not been focusing on bridging. Bridging is probably for the other direction. But the wireless is pretty slow, so I'm not sure I'm finished. I have to go take care of some family business, when I'm done I'll post the details. But it's really pretty simply. I was just working too hard. -- Joel Rees Randomly ranting: http://reiisi.blogspot.com
Re: ifconfig network resolution (Re: pointers to material for using netbook's wireless as access point)
Sorry my typing is so lame. On Sat, Jun 10, 2017 at 10:57 AM, Joel Rees <joel.r...@gmail.com> wrote: > Experimenting from the command line, I find myself puzzled about the > arguments for ifconfig. > > Reading the manual, it would appear that the arguments for ifconfig > should be something like this: > > ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 > broadcast 10.19.23.223 10.19.23.94 sudo ifconfig eth0 netmask 255.255.255.224 broadcast 10.19.23.223 10.19.23.194 > But the command returns with > > SIOCSIFNETMASK: Can't allocate this address. > SIOCSIFBRDADDR: Can't allocate this address. > > If I repeat the command, it gives no errors, but the netmask and > broadcast address end up full class A (255.0.0.0 and 10.255.255.255). But if I repeat it often enough (with legitimate parameters), it seems to decide to believe me, and sets the nic to the requested netmask and broadcast address. Once or twice may have been bad parameters, but I have just hit the up arrow and it goes ahead and sets the parameters to what I said on the second try. > Anyone have an idea what's happening? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
I posted the following to Randy, yesterday, intending it to go to the list. I'll post it back to the list (with Randy's permission), with a bit of further comment: > On Friday, June 09, 2017 02:14:17 AM Joel Rees wrote: >> (With aplogies for html mail) >> >> 2017/06/08 23:46 <rhkra...@gmail.com>: >> > On Thursday, June 08, 2017 10:00:17 AM Joel Rees wrote: >> > > Maybe I'm misunderstanding that wiki, but it seems to be describing >> > > this >> > > >> > > kind of setup: >> > >WAN <--> foreign AP <-wireless-> debian box <-> more devices >> > > >> > > But what I'm wanting is >> > > >> > >WAN <-wired-> router/modem <-wired-> debian netbook AP <-> more >> >> devices >> >> > Thank you for including the above "sketch" which finally let me >> >> understand what >> >> > you are looking for. >> > >> > I doubt that I can help, but I'll think about it--my setup is somewhat >> > >> > similar to what you describe except that the "debian notebook AP" is >> >> replaced >> >> > by a commericial wireless AP (but, as your sketch shows, wired to my >> >> router / >> >> > modem). >> > >> > Aside: I wouldn't think it should be very difficult, since it seems to be >> >> off- >> >> > the-shelf functionality you can buy, but ... >> >> Thanks for looking at it. >> >> Just for the record, I am presently typing on my tablet, connected wireless >> through the >> software AP in the netbook (which is the reason for the html). It's >> transparent, so the >> modem at the wall sees it as if the wireless is an extension of the modem's >> (wired) >> network. And this is kind of tricky, because it seems to be a bit dependent on the weather, whether it works or no. Or, rather, I have since installed dnsmasq and removed and re-installed network-manager (stupid thing gets in the way), and I'm not connecting any more. >> What I'm trying to get is connection on the netbook itself. I can't even >> ping the modem >> from the netbook, because the bridge owns the netbook's only ethernet port. >> So I can't >> work on anything that requires the network while the kids are playing. >> >> I read hints here and there about how to do it, but I keep hitting walls. >> (And learning >> things. :) >> >> I had it serving dhcp and dns over the wireless a bit back, but I couldn't >> get outside the >> modem with either the wireless or the netbook. That was not, of course, >> bridged. I think. I was able to confirm that it was bridged. >> 8-/ >> >> It would be cheaper, time-wise, to buy a portable access point, of course, >> and I will probably do so. >> But I'm finally getting an idea of how a bridge really works, so it's also >> worth the >> education. >> >> Joel Rees Randy replied, On Fri, Jun 9, 2017 at 9:43 PM, <rhkra...@gmail.com> wrote: > This provides me with even more understanding of what you're looking for and > the problems you're having--up until I read this, I didn't understand that (1) > the netbook is already working "properly" as a wireless access point (in that > your tablet wirelessly connects via it), but (2) the problem is that the > netbook apparently can't be used simultaneously as a WAP and to provide its > own connection to the Internet. > > I would suggest that you post this to the list--I think others may have the > same misunderstanding as to your goal and the current problem, and once > understanding this, may be able to help you. > > If you want, I can post it to the list as well. > > I would tend to say that your problem is not a common problem, so I suspect > most documentation won't be helpful. I also tend to doubt that you want the > netbook to be in bridge mode, but I don't know that for sure. IIRC (and I > can't easily check at the moment), I believe my (commercial) WAP is working as > a full fledged router, in the sense that it creates a new network (with a > different IP address and provides DHCP functionality). I'll have to turn my > WAP on later and see what IP address my phone gets to see if it is on my "main > LAN" (i.e., wired) or if it is an IP on a different network. > > Good luck, > Randy Kramer > Indeed, that's what I want to do. But I'm not smart enough to set the wireless up myself, so I was hoping hostapd would do that. On Fri, Jun 9, 2017 at 10:30 PM, <rhkra...@gmail.com> wrote: > Update: I just turned on
Re: Reply-to-all or reply-to-list again
On Sat, Jun 10, 2017 at 12:57 AM, Nicolas George <geo...@nsup.org> wrote: > Le primidi 21 prairial, an CCXXV, The Wanderer a écrit : >> Disagreed. This results in sending extra copies to people who are >> subscribed to the list, which is incorrect. > > Not if the list is properly configured. > > Debian's lists are badly configured, it results in burden to all users, > but the users should reject that burden. I do. > > I will not answer Gene's message, he obviously missed the whole point of > my mail. > > Regards, > > -- > Nicolas George There was a time when mailing lists were e-mail, and newsgroups were newsgroups. Newsgroups have unfortunately mostly gone the way of the dodo, and mailing list participants want the mailing lists to behave like newsgroups. And Now Google Doesn't Think Users Should Ever Set Headers. Progress is progress. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
ifconfig network resolution (Re: pointers to material for using netbook's wireless as access point)
Experimenting from the command line, I find myself puzzled about the arguments for ifconfig. Reading the manual, it would appear that the arguments for ifconfig should be something like this: ifconfig eth0 netmask 255.255.255.224 netmask 255.255.255.224 broadcast 10.19.23.223 10.19.23.94 But the command returns with SIOCSIFNETMASK: Can't allocate this address. SIOCSIFBRDADDR: Can't allocate this address. If I repeat the command, it gives no errors, but the netmask and broadcast address end up full class A (255.0.0.0 and 10.255.255.255). Anyone have an idea what's happening? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
On Thu, Jun 8, 2017 at 5:03 PM, didier gaumet <didier.gau...@gmail.com> wrote: > Le 08/06/2017 à 02:29, Joel Rees a écrit : > > [...] >> # Setup bridge >> iface br0 inet manual >> bridge_ports wlan0 eth0:0 > [...] > > I am sorry, network wise, I am a true dumb, so I cannot be of a great > help, but: > > - the Archlinux wiki indicates that the wireless interface should not be > added to the bridge in the bridge configuration, being already attached > to it in the hostapd configuration. > - you could look at the ethernet-wireless bridge section of the Debian > wiki wich points at routing differences with ethernet bridges: > https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC > Maybe I'm misunderstanding that wiki, but it seems to be describing this kind of setup: WAN <--> foreign AP <-wireless-> debian box <-> more devices But what I'm wanting is WAN <-wired-> router/modem <-wired-> debian netbook AP <-> more devices (But thanks for taking the time to mention that page.) -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
A little more detail, with the following pair of configurations, I get on the boot console, Configuring network interfaces...can't add wlan0 to bridge br0: Operation not supported SIOCSIFFLAGS: Cannot assign requested address SIOCSIFFLAGS: Cannot assign requested address Waiting for br0 to get ready (MAXWAIT is 32 seconds). And another couple of messages I didn't get pictures of, including one apparently from the driver, about the file already existing, and another probably from the kernel about not being able to set up the bridge. I think it was the following, but I couldn't get a picture of it: RTNETLINK answers: File exists Failed to bring up [was it eth0 or br0?]. (And, yet, the bridge was set up and functional, even to routing the DHCP handshake. It was only the netbook's inability to access the internet through its own ethernet port that left me needing a better solution.) Those messages, by the way, were not recorded in any file under /var/log. The only way to capture them was by taking a picture. On Thu, Jun 8, 2017 at 9:29 AM, Joel Rees <joel.r...@gmail.com> wrote: > [...] > > -hostapd.conf > ### Wireless network name ### > interface=wlan0 > > ### Driver Name ### > driver=nl80211 > > ### Set your bridge name ### > bridge=br0 > > ### Country name code in ISO/IEC 3166-1 format. ### > # This is used to set regulatory domain. > # Set as needed to indicate country in which device is operating. > # This can limit available channels and transmit power. > ### (IN == INDIA, UK == United Kingdom, US == United Stats and so on ) ### > country_code=JP > > ### SSID: ### > ssid=StuporInducingNetwork > > ### channel number (some drivers will only accept 0) ### > channel=1 > > ### operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g) ### > hw_mode=g > ieee80211n=1 > ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40] > > ### WPA mode: ### > wpa=2 > > ### passphrase (WiFi password): ### > wpa_passphrase=something!wouldn0t$#0wHER3 > > ## Key management algorithms ## > wpa_key_mgmt=WPA-PSK > > ## Set cipher suites (encryption algorithms) ## > ## TKIP = Temporal Key Integrity Protocol > ## CCMP = AES in Counter mode with CBC-MAC > wpa_pairwise=TKIP > rsn_pairwise=CCMP > ## Shared Key Authentication ## > auth_algs=1 > ## Accept all MAC address ### > macaddr_acl=0 > > --- >[...] > ---interfaces-v2 > # This file describes the network interfaces available on your system > # and how to activate them. For more information, see interfaces(5). > > # The loopback network interface > auto lo br0 > #auto lo > iface lo inet loopback > > # The primary network interface > allow-hotplug eth0 > #iface eth0 inet dhcp > # iface eth0 inet static > > iface eth0 inet static > address 172.19.138.147 > netmask 255.255.255.192 > gateway 172.19.138.179 > up route add -net default gw 172.19.138.179 > down route del -net default gw 172.19.138.179 > broadcast 172.19.138.191 > iface eth0:1 inet manual > # > dns-nameservers 172.19.138.179 208.67.222.222 8.8.4.4 > > wireless wlan0 > allow-hotplug wlan0 > #iface wlan0 inet static > iface wlan0 inet manual > > # Setup bridge > iface br0 inet manual > bridge_ports wlan0 eth0:1 > address 172.19.138.177 > netmask 255.255.255.192 > network 172.19.138.160 > broadcast 172.19.138.191 > ## isp router 172.19.138.179 also runs DHCPD ## > gateway 172.19.138.179 > dns-nameservers 172.19.138.179 208.67.222.222 8.8.4.4 > - >[...] -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
On Wed, Jun 7, 2017 at 2:08 PM, Joel Rees <joel.r...@gmail.com> wrote: > On Tue, Jun 6, 2017 at 4:10 PM, didier gaumet <didier.gau...@gmail.com> wrote: >> Le 06/06/2017 à 03:58, Joel Rees a écrit : >> [...] >> can anyone point me to a good how-to? >> [...] >> >> these should do the trick: >> https://agentoss.wordpress.com/2011/10/31/creating-a-wireless-access-point-with-debian-linux/ >> https://wiki.archlinux.org/index.php/Software_access_point >> http://oob.freeshell.org/nzwireless/LWAP-HOWTO.html >> > > I'd thought I was recognized the URLs as some I had looked at before, ("had recognized" or maybe "was recognizing", erk) > but I check now and see lots of useful information. Thanks. > > I'll probably have more questions when I've had a chance to work through > them. Okay, I have partial success. My kids can connect via wireless, but I can't connect on the netbook in question, at all. First thing I did was install rfkill and use it to undo whatever had the thing believing I'd shut the wireless down by hand or something: --- $sudo rfkill list all 0: phy0: Wireless LAN Soft blocked: yes Hard blocked: no 1: ideapad_wlan: Wireless LAN Soft blocked: yes Hard blocked: yes $sudo rfkill unblock wifi $sudo rfkill unblock all $sudo rfkill list all 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no 1: ideapad_wlan: Wireless LAN Soft blocked: no Hard blocked: no --- My /etc/hostapd/hostapd.conf is below, along with one of the /etc/network/interfaces files I've tried. This combination allows my children to access the internet from my netbook's wifi, through my netbook's ethernet, to the provider's modem. I cannot access the internet on the same netbook. (It only has one ethernet port. DHCP from the modem is routed through the wireless to the children's Should I just remove networkmanager from the system, or should I try to solve this by the NAT approach (which I still am working through). -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html clients: -hostapd.conf ### Wireless network name ### interface=wlan0 ### Driver Name ### driver=nl80211 ### Set your bridge name ### bridge=br0 ### Country name code in ISO/IEC 3166-1 format. ### # This is used to set regulatory domain. # Set as needed to indicate country in which device is operating. # This can limit available channels and transmit power. ### (IN == INDIA, UK == United Kingdom, US == United Stats and so on ) ### country_code=JP ### SSID: ### ssid=StuporInducingNetwork ### channel number (some drivers will only accept 0) ### channel=1 ### operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g) ### hw_mode=g ieee80211n=1 ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40] ### WPA mode: ### wpa=2 ### passphrase (WiFi password): ### wpa_passphrase=something!wouldn0t$#0wHER3 ## Key management algorithms ## wpa_key_mgmt=WPA-PSK ## Set cipher suites (encryption algorithms) ## ## TKIP = Temporal Key Integrity Protocol ## CCMP = AES in Counter mode with CBC-MAC wpa_pairwise=TKIP rsn_pairwise=CCMP ## Shared Key Authentication ## auth_algs=1 ## Accept all MAC address ### macaddr_acl=0 --- ---interfaces-v1 # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo br0 #auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 #iface eth0 inet dhcp # iface eth0 inet static iface eth0:0 inet manual iface eth0:1 inet static address 172.19.138.147 netmask 255.255.255.128 gateway 172.19.138.179 broadcast 172.19.138.191 # dns-nameservers 172.19.138.179 208.67.222.222 8.8.4.4 wireless wlan0 allow-hotplug wlan0 #iface wlan0 inet static iface wlan0 inet manual # Setup bridge iface br0 inet manual bridge_ports wlan0 eth0:0 address 172.19.138.177 netmask 255.255.255.192 network 172.19.138.160 broadcast 172.19.138.191 ## isp router 172.19.138.179 also runs DHCPD ## gateway 172.19.138.179 dns-nameservers 172.19.138.179 208.67.222.222 8.8.4.4 - This next interfaces file tries to make the default route explicit, but gives similar results: ---interfaces-v2--
Re: pointers to material for using netbook's wireless as access point
On Tue, Jun 6, 2017 at 4:10 PM, didier gaumet <didier.gau...@gmail.com> wrote: > Le 06/06/2017 à 03:58, Joel Rees a écrit : > [...] > can anyone point me to a good how-to? > [...] > > these should do the trick: > https://agentoss.wordpress.com/2011/10/31/creating-a-wireless-access-point-with-debian-linux/ > https://wiki.archlinux.org/index.php/Software_access_point > http://oob.freeshell.org/nzwireless/LWAP-HOWTO.html > I'd thought I was recognized the URLs as some I had looked at before, but I check now and see lots of useful information. Thanks. I'll probably have more questions when I've had a chance to work through them. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: pointers to material for using netbook's wireless as access point
On Tue, Jun 6, 2017 at 7:30 PM, Dan Ritter <d...@randomstring.org> wrote: > On Tue, Jun 06, 2017 at 10:58:09AM +0900, Joel Rees wrote: >> I've seen a lot of answers that say "NOT POSSIBLE!!", as if the device >> manufacturers really want us to believe that it can only be done on >> MSWindows and MacOSX. >> >> I've seen a bit of talk about what appears to me to be the reverse of what I >> want to do -- allow other computers to connect via the netbook's ethernet >> port and piggyback the netbook's wireless onto the web. That's not what >> I want to do. >> >> I've got brctl and hostapd installed and have tried some >> configurations I've seen. I keep getting blocked, apparently by >> RF-kill and/or something >> else that tells me it's not allowed. >> >> So, before I dump all my configuration files and error messages on the >> list, can anyone point me to a good how-to? I want to make sure I'm not >> missing something obvious before I start asking questions. > > Depends on the wifi chipset. Some are deliberately disabled by > their manufacturer from acting in "infrastructure mode", which > is to say, as an access point. > > Here's how to tell: > > sudo iwconfig wlan1 mode master Error for wireless request "Set Mode" (8B06) : SET failed on device wlan0 ; Invalid argument. But, without "master", wlan0 IEEE 802.11bgn ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=off Retry long limit:7 RTS thr=2347 B Fragment thr:off Encryption key:off Power Management:on > will put it into infrastructure mode if it can *and you have an > older chip* > > or > > sudo iw list Supported interface modes: * IBSS * managed * AP * AP/VLAN * monitor software interface modes (can always be added): * AP/VLAN * monitor interface combinations are not supported I'll paste in the rest below, just in case. > will show "AP" as an available mode on newer chips. > > > brctl and hostapd are the right way to go. If I only knew what to do with them. ;-/ It seems like my goal would be to set up a brdge, or perhaps (according to some of the things I read) routing with NAT, and to set up the netbook as a DHCP server for the wireless network. Am I thinking in the right direction, there? > RF-kill > is sometimes in hardware (physical switch) and sometimes in > software (package rfkill is available starting in Wheezy). Would the rfkill package be useful to install if the messages I get about rfkill include "hard blocked"? > -dsr- And, something I keep wondering about, would ad hoc mode be a good alternative to setting up an access point? I seem to remember using that, perhaps in addition to sharing, on old Macs some fifteen our so years ago. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html - iw list output: Wiphy phy0 Band 1: Capabilities: 0x1862 HT20/HT40 Static SM Power Save RX HT20 SGI RX HT40 SGI No RX STBC Max AMSDU length: 7935 bytes DSSS/CCK HT40 Maximum RX AMPDU length 65535 bytes (exponent: 0x003) Minimum RX AMPDU time spacing: 16 usec (0x07) HT TX/RX MCS rate indexes supported: 0-7, 32 Frequencies: * 2412 MHz [1] (20.0 dBm) * 2417 MHz [2] (20.0 dBm) * 2422 MHz [3] (20.0 dBm) * 2427 MHz [4] (20.0 dBm) * 2432 MHz [5] (20.0 dBm) * 2437 MHz [6] (20.0 dBm) * 2442 MHz [7] (20.0 dBm) * 2447 MHz [8] (20.0 dBm) * 2452 MHz [9] (20.0 dBm) * 2457 MHz [10] (20.0 dBm) * 2462 MHz [11] (20.0 dBm) * 2467 MHz [12] (20.0 dBm) * 2472 MHz [13] (20.0 dBm) * 2484 MHz [14] (disabled) Bitrates (non-HT): * 1.0 Mbps * 2.0 Mbps * 5.5 Mbps * 11.0 Mbps * 6.0 Mbps * 9.0 Mbps * 12.0 Mbps * 18.0 Mbps * 24.0 Mbps * 36.0 Mbps * 48.0 Mbps * 54.0 Mbps max # scan SSIDs: 4 max scan IEs length: 2257 bytes RTS threshold: 2347 Coverage class: 0 (up to 0m) Supported Ciphers: * WEP40 (00-0f-ac:1)
pointers to material for using netbook's wireless as access point
I've seen a lot of answers that say "NOT POSSIBLE!!", as if the device manufacturers really want us to believe that it can only be done on MSWindows and MacOSX. I've seen a bit of talk about what appears to me to be the reverse of what I want to do -- allow other computers to connect via the netbook's ethernet port and piggyback the netbook's wireless onto the web. That's not what I want to do. I've got brctl and hostapd installed and have tried some configurations I've seen. I keep getting blocked, apparently by RF-kill and/or something else that tells me it's not allowed. So, before I dump all my configuration files and error messages on the list, can anyone point me to a good how-to? I want to make sure I'm not missing something obvious before I start asking questions. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: drive names and UUIDs, was Re: Intresting dd fsck grub uuid fstab action
On Sun, Jun 4, 2017 at 12:59 AM, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote: > Le 03/06/2017 à 17:48, Gene Heskett a écrit : >> >> >> I don't believe that will work. dd runs on the raw device, not to an >> artificially created "partition". > > > dd runs on any type of device, including partitions. > But it copies the raw data. In the context of this discussion, it makes absolutely no sense to have it twiddling any of the data it copies, much less any of the data that refers to what is being copied. (Sorry about the misfire, Pascal.) -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: drive names and UUIDs, was Re: Intresting dd fsck grub uuid fstab action
(Google or something is screwing up the threading. My apologies if I mess it up further.) On Sun, Jun 4, 2017 at 7:30 AM, Fungi4All <fungil...@protonmail.com> wrote: > >> From: deb...@lionunicorn.co.uk >> >>> Ι was waiting to see if anyone else found something like this significant >> and willing to contribute some wisdom >> No wisdom here, I'm afraid. > > just evolution of the unix-dna It would definitely be evolution. And it would be something that should be relegated to an explicitly specified option (maybe like character encoding stuff), if at all. And it would be orders of magnitude more complex than what dd now does. That's part of the reason we have (g)parted and other similar tools. (And, if you are using LVM, LVM has its own tools.) >>[...] >>> Also, I believe that when dd is used to copy something from disk to disk >>> it should provide an option of whether to >>> produce a new uuid or retain the original (backup, not a concurrent >>> system). > >> Here you're asking for the impossible. dd is blind to what it's >> copying at that level. It can fiddle with something it calls "records" >> (which stinks of IBM FB↔VB conversion) and that's about it. > > > I actually like dd the more I learn about it but what I was suggesting was > to have > an option to change the uuid to a new random one after it is done copying. If at all, an option, but it really is out of dd's scope. dd is not parted. > I understand (think) that dd does not even care about the format of the fs > it copies > or that of what it copies to, just blocks of space, where to start and where > to finish. Very true. > So if a 10gb NTFS partition is copied to a 20gb EXT4 partition, the target > will be an > ntfs 20gb partition. No, the target will, depending on what you specify, be a 10gb file in the ext4 partition or a 10gb NTFS partition (overwriting the ext4 file system completely) and a 10gb gap of unused disk space that the MBR says goes with the partition which is formatted as a 10gb NTFS partition, but the NTFS partition really doesn't know anything about (unless you tell it about it afterwards by expanding the partition using NTFS tools.) IIUC. > So I suspect it does formatting in there too, dd is not parted, nor is it an NTFS partition editor. > otherwise the > partition would have been left half ntfs half ext4. The MBR partition is left half used by the NTFS file system and half unused. The unused part may have some useless bits of ext4 left behind, but it has nothing like a file system in it. > The kernel I assume as soon as dd is done picks up the new set of uuids and > updates the table. So if dd does not do it it leaves the system in a mesh. Not that I am aware. Not unless you tell the kernel to do so. >[...] -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
drive names and UUIDs, was Re: Intresting dd fsck grub uuid fstab action
Fungi4All-san, I'll try explaining what we don't know whether you understand or not. First, about /dev/sda /dev/sdb ... When you turn the machine on, these "names" do not exist. Well, at least, the computer does not know which physical device is /dev/sda and which is /dev/sdb, etc. When the BIOS is finding hard disks and other disk-like persistent storage devices right after you turn the computer on, it remembers them in the order it finds them. That means that, if one device finishes powering up before another, it is likely to have a lower device name. But even that is a probability, not a guarantee, because BIOS is generally not looking at each device at the exact moment it powers up. Because of this, /dev/sda may be your boot drive one time, and may be your backup drive another time. Or, if you have multiple boot drives, it may be your MSWIndows boot drive one time and your debian boot drive the next, etc. You want to think it should be more simple, but it's not. And it's not your fault, and it's not Debian's fault. (Who's fault? Microsoft, Intel, Apple, Maxtor, Seagate, Commodore, Atari, Radio Shack, IBM, DEC, Honeywell, ..., pretty much all the companies involved.) Why can't the drive itself just say it's /dev/sda? Well, what happens when you go to the store and need a /dev/sdc, but all the drives in stock are named /dev/sdb? Labels of various sorts were tried, but when labels tended to be too simply done, like "accounting" instead of something like "ACTG20170601". So UUIDs were invented as a new sort of label that would theoretically never be duplicated. They are separate from the labels that the are called labels in /etc/fstab and gparted's listing, etc. This explanation is too simple, but close enough to what's happening to explain what we thing has happened to your drives. UUIDs or other kinds of labels, where are they stored? In the storage area of the drive itself, along with the MBR, the partition information, the file system information, and the program and data files. That means that, when you use dd to duplicate your storage device, even the UUID is duplicated. Now, it turns out that it's convenient to label or name partitions/volumes within the device, and UUIDs are now generally assigned to each partition/volume. These are different UUIDs, and they are also stored on the disk itself. So when you dd a parition/volume, you copy the UUID for that partition/volume, too. And when you dd the whole device, you copy all the UUIDs on every partition/volume on the device. In order to have both the duplicate and the original connected to the computer at the same time, you have to figure out a way it can tell them apart. The easiest way is to first change the UUID for the new device, and then the UUIDs for each partition/volume, as well. and then edit /etc/fstab on the new device to point to the changed UUIDs. You can do this with an install CD or a live OS on a USB, etc. You can't do it easily by booting either the new or old device, even if you boot a different OS on either the new or old device. It can be done,by giving the necessary volumes and the device itself labels (that are not UUIDs) and changing /etc/fstab on the device that will be booted to use labels instead of UUIDs. Anything you changed before you changed either the UUIDs or labels, edited /etc/fstab to use the new ones, and rebooted, you really don't know which drive you did it to. Running fsck before you take care of that could be really dangerous. If you read through this and understand it, and can tell us what you did in a way that we can tell you understand this, we can continue to try to help. -- Joel Rees delusions of being a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html
Re: spammers go personal
On Thu, May 25, 2017 at 12:08 PM, Christian Hinch <yoshif...@gmail.com> wrote: > That's weird. No, it's marketing. Tailored unrequested junk mail. Once you give in to having to send messages one at a time, it isn't hard to fake a response to a faked message, in the hopes of bringing more uncautious people to drive by your website. Or someone is being randomly sarcastic. > On Wed, May 24, 2017 at 9:44 PM Fungi4All <fungil...@protonmail.com> wrote: >> >> Well I did not get the message myself to see the headers but I got a >> response to what appeared to be my spam by Christian Hinch >> >> Re: yoshifanc_You_Qualify_for_Window_Replacemen_Rebates!_HQXL >> 73.617.583.28 >> >> Original Message >> Subject: Re: yoshifanc_You_Qualify_for_Window_Replacemen_Rebates!_HQXL >> 73.617.583.28 >> Local Time: May 23, 2017 8:48 PM >> UTC Time: May 23, 2017 5:48 PM >> From: yoshif...@gmail.com >> To: Fungi4All <fungil...@protonmail.com> >> >> Wow! This is AMAZING! Thanks for qualifying me! >> On Tue, May 23, 2017 at 12:01 PM Eco-Windows Fungi4All >> <fungil...@protonmail.com> wrote: >>> >>> xdgc >>> >>> Free Windo-- >> >> Sent from Christian's Official iPad Mini Device >> >> > -- > Sent from Christian's Official iPad Mini Device -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Debian Developers Have Been Listening!
On Wed, May 24, 2017 at 6:19 AM, Patrick Bartek <nemomm...@gmail.com> wrote: > On Mon, 22 May 2017 08:30:15 +0900 Joel Rees <joel.r...@gmail.com> > wrote: > >> On Fri, May 19, 2017 at 1:48 AM, Patrick Bartek <nemomm...@gmail.com> >> wrote: >> > >> > A while ago, I initiated the "If Linux Is About Choice ..." thread >> > about why there is no choice of inits during an initial install. >> > >> > Since that time, I've tested several systemd-less distros[1] as >> > well as Stretch as replacements for my aging Wheezy system. With >> > Stretch my plan was to see if I could replace systemd as the init >> > without removing it just leaving its components (some or all as >> > necessary) to meet dependencies without it breaking the system >> >> ??? > > Could you be a little more specific? Or should I? Thank you for being more specific. >> > That way there would be no >> > need for third party repos or jumping through hoops to keep a >> > systemd-less working. I figured it would be a somewhat difficult, >> > time consuming process. However, I made a discovery during these >> > tests: The Debian developers had already done it for me. They made >> > switching from systemd as the init to sysvinit or runit easy just >> > by issuing a couple commands. Here's what you do. >> >> I thought that information came out several times in the thread you >> mention having started -- that it was possible to install the base >> system, then disable and remove the main systemd component, just >> leaving some of the pieces that have been picked up as dependencies >> by other packages. > > That scenerio was mentioned and was known by me, but usually used to > prevent systemd from being installed all. But since Debian is now > systemd dependent and doing that will cause problems. You either have > to use third party repos or compile stuff yourself, have local repos, > etc just to get things to work. I ended up with a simplier solution: > Just treat systemd like any other dependency, then no special repos, > compiling, etc. And it worked! And the Stretch developers made it > easy to do which wasn't available with Jessie. Thank you developers. > > My original thread was on why there is no choice of init at install > time. You have choices on almost everything else. Anyway, most of the > answers were ambiguous, a few acrimonious. No matter. > >> Maybe the discussion of using more advanced techniques to keep from >> ever installing systemd in the first place hid the information about >> the removal approach. > > Too many hoops to jump through to eliminate systemd if major > components (GNOME, udev, udisks2, policykit-1, etc) have it (or parts of > it) as dependencies. Just look at all Devuan had to go through to do > it. > >> If so, it would seem to be worthwhile to have this separate thread, >> as well. > > I don't think it would do any good. Debian has chosen systemd, for > better or worse, and I don't see that changing. Users and > administrators will either adapt or adopt another distro. > > I just hope my little "fix" is useful to someone else. FWIW, I found > without systemd as the init and supervisor, I have about 7.5 MB more > free RAM. > > B > When I have enough money to replace this half-broken laptop I'm using, I'll probably post more questions on the above. Thanks. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Spammers go personal
On Wed, May 24, 2017 at 4:38 AM, Fungi4All <fungil...@protonmail.com> wrote: > I think I got it like anyone else may have but I can't be sure of it. > It shows me as the one forwarding it. Did you get one? > I can understand picking up addresses off the archive and using them to fake > impersonate a list member, but it doesn't seem like it went through the > list, it came direct. This is why I'm quoting it. Only you can tell, from the headers, and from your own setup, whether the junk-fraudmailers just spoofed your address or actually used your computer to send it. I think most of us have automatic filters that shunted the original into their junkmail boxes. And, yes, the junkmailers are finding it harder to get responses from the buckshot approach, so they are getting a bit more sophisticated with the headers. Until we, as a race, learn to quit fighting poverty with more opportunities to make people poor, this kind of problem will only get worse. > Original Message > Subject: Re: Spammers go personal > Local Time: May 23, 2017 10:31 PM > UTC Time: May 23, 2017 7:31 PM > From: b...@fineby.me.uk > To: Debian Users ML <debian-user@lists.debian.org> > > On Tue, 23 May 2017 15:13:54 -0400 > Fungi4All <fungil...@protonmail.com> wrote: > > Hello Fungi4All, > >>If any of you received such a message I for sure did not send it, but >>I'm pretty sure the theist spammer got it of the list. > > But you're happy to quote it. > > -- > Regards _ > / ) "The blindingly obvious is > / _)rad never immediately apparent" > It's cool to know nothin' > Never Miss A Beat - Kaiser Chiefs > > -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Debian Developers Have Been Listening!
On Fri, May 19, 2017 at 1:48 AM, Patrick Bartek <nemomm...@gmail.com> wrote: > > A while ago, I initiated the "If Linux Is About Choice ..." thread > about why there is no choice of inits during an initial install. > > Since that time, I've tested several systemd-less distros[1] as well as > Stretch as replacements for my aging Wheezy system. With Stretch my > plan was to see if I could replace systemd as the init without removing > it just leaving its components (some or all as necessary) to meet > dependencies without it breaking the system ??? > That way there would be no > need for third party repos or jumping through hoops to keep a > systemd-less working. I figured it would be a somewhat difficult, time > consuming process. However, I made a discovery during these tests: The > Debian developers had already done it for me. They made switching from > systemd as the init to sysvinit or runit easy just by issuing a couple > commands. Here's what you do. I thought that information came out several times in the thread you mention having started -- that it was possible to install the base system, then disable and remove the main systemd component, just leaving some of the pieces that have been picked up as dependencies by other packages. Maybe the discussion of using more advanced techniques to keep from ever installing systemd in the first place hid the information about the removal approach. If so, it would seem to be worthwhile to have this separate thread, as well. > First, install Stretch as you normally would, systemd, et al. I chose > LXDE for the GUI as it has no direct systemd dependencies, and it uses > Openbox as the window manager which I normally use in lieu of a desktop > environment anyway. This was quicker and easier testing-wise than > starting with a terminal-based system as I normally would, and building > up from there. > > To switch to sysvinit, as root: > > apt-get install sysvinit-core > > and reboot. Done! systemd components are still on the hard drive, > except systemd-sysv has been removed. There is also no systemd > supervision either as far as I can tell. > > To switch to runit-init is an easy 2-step process. Do a standard > install as before.[2] Then add runit supervision first before > installing runit-init. As root: > > apt-get install runit-systemd > > reboot, then > > apt-get install runit-init > > Reboot. Done! The latter command removes systemd-sysv during the > install. > > These new init set ups survive apt-get upgrade or dist-upgrade even if > systemd components are upgraded. Systemd as init does not get > reactivated. Tested and verified. I can find no systemd pinning > either. > > I now have two Stretch systems running in VirtualBox. One a full LXDE > desktop using runit for both the init and supervision, and the other > with just Openbox and lxpanel as the GUI, and sysvinit and runit for > supervison. No problems at all with either. > > > B > > [1] AntiX, MX Linux, SalixOS and Void Linux. > > [2] With either above options, you can't go from an init other than > systemd to another init. apt-get install fails due to > systemd-sysv being missing. > Thanks for the report. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Debian Developers Have Been Listening!
On Mon, May 22, 2017 at 6:44 AM, Brian <a...@cityscape.co.uk> wrote: > On Sat 20 May 2017 at 17:06:56 +0100, Michael Fothergill wrote: > >> On 20 May 2017 at 15:59, Brad Rogers <b...@fineby.me.uk> wrote: >> >> > On Sat, 20 May 2017 14:20:15 +0100 >> > Michael Fothergill <michael.fotherg...@gmail.com> wrote: >> > >> > Hello Michael, >> > >> > >with systemd running on it to the old sysvinit format then why is there >> > >all this sturm und drang and spam on this subject...?? >> > >> > People complain about all sorts of things. Changing something. Not >> > changing something. Sometimes, it's even the same people. >> > >> >> Now I see why the developers have their own mailing list... > > A misconception. They don't. > Care to unpack that, so you won't be misunderstood? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: (OT) problem with unknown software
On Fri, May 19, 2017 at 8:33 AM, ghe <g...@slsware.net> wrote: > For several days, I've been getting email from myself, with no date, > title: Why the lack of date and title I can't say. Perhaps some configuration issue. > Problem: /dev/sdd is UNKNOWN at 2017-05-18 11:56:30 from sbox > () > > The body: > > /dev/sdd () is Unavailable > > The Received: header: > > Received: from localhost (sbox.slsware.net []) > by srv.slsware.net (srv.slsware.net) with ESMTP id 5701F2C06E2 > for <g...@slsware.net>; Thu, 18 May 2017 11:56:29 -0600 (MDT) Set to log boot errors to e-mail, probably. > #1: There is, for sure, a /dev/sdd on the machine (it's half of md1, the > number 2 RAID1 array), and > > #2: I can't remember what I installed (with Aptitude, almost certainly) > that's doing this. Setting, rather than installed package. > Does anyone know what piece of bent software can find /dev/sda, b, and > c, but not sdd? Or what I did to break it? > > -- > Glenn English > Boot up process. /dev/sdd is taking a long time to come on line for some reason. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with a bare cast. More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: libreboot? Doc to follow? -- Re: Secure boot - Uefi installation
On Fri, Apr 21, 2017 at 7:31 AM, Steve McIntyre <st...@einval.com> wrote: > f...@areyouforthepeople.org wrote: >> >>Hello: >> >>2 things: >> >>a. Even given all of their recent "damage" to themselves, >>how does Libreboot play into this? Is there a guide with respect to >>Debian that people can use to go the Libreboot route -- supported >>by this list? > > Pass. > >>b. This UEFI crap - and Microsoft/Intel trying to lock everything to >>themselves crap is crappy. >> >>Has anyone gathered all of these UEFI steps and good workarounds into >>One place that people can follow? > > UEFI as a design is fine, If the option is nothing or UEFI, I'm still not sure which I'd take. For a decent processor, I think I'd actually prefer raw hardware, but such a decent processor doesn't exist. Nor do the I/O devices I'd be able to attach to it. Different people have different ideas of what they want, I guess. (Shoot, I even have different ideas of what I want. ;-/ ) > but there are a lot of crappy > implementations out there. Just like there are lots of crappy > BIOSes. :-( > > For more information about UEFI and Debian, I wrote a long wiki page > at > > https://wiki.debian.org/UEFI Thanks. Looks useful. > Please check that out, and please ask if anything's not clear. > > -- > Steve McIntyre, Cambridge, UK.st...@einval.com > Is there anybody out there? Nobody out here but us chickens. -- Joel Rees I'm imagining I'm a computer scientist. http://defining-computers.blogspot.com/2017/04/model-boot-up-process-description-with.html
Fwd: Systemd services (was Re: If Linux Is About Choice, Why Then ...)
On Sat, Apr 22, 2017 at 4:13 AM, Nicholas Geovanis <nickgeova...@gmail.com> wrote: > Like numerous linux users I have sometimes lamented coming to terms with > systemd. My belief is that it's a well-written collection of software which > is somewhat over-engineered. It fills a need, sure, though I've managed to > live and work without it for a long time (been using linux since 1994). And > who am I to question Torvalds and Co. on the subject of its suitability for > linux and the data center? Have Linus and Lennart come to a meeting of minds or something? So I looked up "Torvalds systemd" and found a slashdot Q/A article with Torvalds in which someone asked him about systemd. Interesting. > So the other day I was on a recently-built Amazon AWS EC2 instance, running > one of the AWS-branded linux AMIs, fixing things in /etc/init.d. Thinking > about how AWS might rule the world someday, since they already hold about > 35-40% of the public cloud > (http://www.geekwire.com/2017/cloud-report-card-amazon-web-services-12b-juggernaut-microsoft-google-gaining/). > Then I had one of those "Duh!" moments: There must be on-the-order-of a > million of linux instances on the planet which are _not_ running systemd, as > AWS's own linux AMIs do not by default. > > It seems to me that this data point has been completely ignored in the > years-long discussions about systemd's merits, flaws and suitability. > > On Mon, Apr 17, 2017 at 4:34 PM, Jonathan Dowland <j...@debian.org> wrote: >> >> On Fri, Apr 14, 2017 at 03:17:00PM +0200, Nicolas George wrote: >> > Note: systemd is not for end-users, it is for system administrator and >> > distribution authors. >> >> {systemctl,journalctl,etc.} --user beg to differ. >> >> >> -- >> ⢀⣴⠾⠻⢶⣦⠀ >> ⣾⠁⢠⠒⠀⣿⡁ Jonathan Dowland >> ⢿⡄⠘⠷⠚⠋⠀ https://jmtd.net >> ⠈⠳⣄ Please do not CC me, I am subscribed to the list. > > -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Secure boot - Uefi installation
On Tue, Apr 18, 2017 at 6:30 AM, Karagkiaouris Diamantis <diamantis.karagkiaouris@gmail.com> wrote: > Dear All, > > How can i install debian with UEFI support? Is there any simple tutorial? I hate to ask the obvious, but have you searched the web for, say, "secure boot shim grub" ? And have you looked at https://wiki.debian.org/SecureBoot ? > Also do i have to disable the secure boot and then proceed with uefi > installation? > I have tried but then a message "could not authenticate boot media" emerges > and the boot stop right there. > I am new to debian and i don't want to abandon for this silly reason. > > Thank you > Some other distributions provide you with a distribution-signed shim. That means the distribution owns the cryptographic rights to remotely admin your computer. (Cryptographic, not legal, and they eschew the actual responsibility, of course.) And you still may have a BIOS that doesn't really follow the UEFI rules about any keys but the vendor's. Debian is not doing that. If you want to use UEFI with Debian, you'll have to make your own shim. UEFI is only secure if you believe that letting your OS manufacturer remotely admin your box is secure. Just say, "No." Turn off secure boot. And set the BIOS to allow MBR booting. (That's two BIOS settings for most BIOSes, IIRC. At least, the last time I did this, I had to do those separately in the BIOS I was working with.) -- Joel Rees I'm imagining I'm a computer scientist: http://defining-computers.blogspot.com/2017/04/model-boot-up-process-description-with.html
Re: Spam on Debian lists (was: Actually)
On Fri, Apr 21, 2017 at 6:52 AM, Patrick Bartek <nemomm...@gmail.com> wrote: > On Thu, 20 Apr 2017 22:40:56 +0200 Jochen Spieker <m...@well-adjusted.de> > wrote: > >> fc: >> > >> > Actually -- does anyone monitor this list for this type of stuff? >> >> You have no idea *how much* spam is blocked by the work of the list >> masters. But it's not that anybody monitors all of the almost 300 >> Debian lists¹ with thousands of posts each day. >> >> > I see these types of things come through periodically -- and 1 >> > delete on the front end could prevent a lot of woe. >> >> Your help is appreciated: >> https://wiki.debian.org/Teams/ListMaster/ListArchiveSpam >> >> Obviously, this only affects the archive after all subscribers already >> received the spam message. Moderating all Debian lists is not a job >> that anybody wants to do (and it wouldn't even be appreciated). >> >> > *Even more so* -- it seems like unauthorized users can email this >> > list? >> > >> > Why not just restrict it to people who have subscribed? >> >> Because this excludes use cases that are deemed valid by the list >> masters. > > Like what? > > Why not this: To post or reply to the list, you must be > a subscriber; but to read/browse (even search archives, etc.), you > do not. This is the way most of the lists I've been involved with have > been set up. Works quite well controlling spurious posting by 'bots. > One list I used required annual renewal.. How do you limit posts to subscribers? Login? Subscriber list? What happens when you need an answer, but you don't have access to a functional machine that you can trust? Also, I think there is a web forum that functions more or less as you describe: http://forums.debian.net/ -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Secure boot - Uefi installation
On Thu, Apr 20, 2017 at 4:02 AM, Diamantis Karagkiaouris <diamantis.karagkiaouris@gmail.com> wrote: > I am really pissed off with the installation as it failed miserably. If it fails after disabling UEFI, you probably have a machine with a BIOS that doesn't really disable UEFI when you tell it to nicely. (I hear some won't allow it at all. The entry is there in the BIOS configuration screens, but it either does nothing or is trapped back to UEFI on such hardware.) > It asks me if i want to force uefi and then it fails on grub configuration. What do you mean by force UEFI? > In opensuse i didnt have this issue. > I really like the idea of hands on but this is nonsense. > In every upgrade of debian testing should i cross my fingers? It sounds like there is something I don't know about what you are doing. > Am 19.04.2017 21:54 schrieb "Pascal Hambourg" <pas...@plouf.fr.eu.org>: >> >> Le 18/04/2017 à 01:21, Mark Fletcher a écrit : >>> >>> >>> I believe the live images only use MBR boot >> >> >> BIOS boot. -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Wed, Apr 19, 2017 at 12:41 AM, Gene Heskett <ghesk...@shentel.net> wrote: > On Tuesday 18 April 2017 11:00:34 Jonathan Dowland wrote: > >> [...] >> In the past at least, HP hosted and provided servers and bandwidth for >> critical Debian build infrastructure, and (still) sponsor a group >> subscription to LWN for Debian developers. So you could answer "HP" >> here. One could look at whoever (possibly still including HP, I >> haven't checked) provide or host Debian's infrastructure today. > > If thats still the case Jonathan, and I suspect you may be in a position > to confirm or deny, if HP is providing such support to debian, then I'd > submit that it shouldn't be so well hidden. I wish I didn't have to put my conspiracy theorist hat on here, but I suspect that many in HP's management are fearful of upsetting the 800 pound gorilla/elephant in the room. Neither Microsoft nor Intel seem to have any desire to understand where the technology on which they so blithely ride their fortunes came from originally. And they seem quite willing to say one thing and do another with one hand and use the other hand to stab anyone handy in the back with behind-the-scenes market pressure. There do seem to be many in top management at most of the major hardware vendors who feel extremely embarrassed to have any visible association with Linux (and any other openly community-driven technology). (Further mumbling about bean counters and expected value and such elided.) > Server machines cost money, > and so does the bandwidth. IMO HP should be thanked for providing that > service, by our raising HP to a higher position on the potential list of > products to purchase when we are in need of a printer or home server. > > Credit is nicely given at <http://debian.org/partners>, which I see a > lengthy list of there. No doubt the rest of that list also deserves our > support if they are within the geographical range applicable. > > Those of us who care, should visit that link to keep ourselves up to > date, because those who do support debian, deserve our support. > > TANSTAAFL principle at work folks. Oh, the lunch has always been free, but there sure are a lot of goons who seem to have nothing better to do than "protect" the free lunch from the hungry people who need it. Either way, we need to do our part to support alternatives whose expected value is not among the current crop of assumed winners being bet on by the big money. > Cheers, Gene Heskett > -- > "There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." > -Ed Howdershelt (Author) > Genes Web page <http://geneslinuxbox.net:6309/gene> > -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Systemd services (was Re: If Linux Is About Choice, Why Then ...)
On Fri, Apr 14, 2017 at 9:37 PM, Greg Wooledge <wool...@eeg.ccf.org> wrote: > [...] >Don't even get me started on sshd.service vs. ssh.service. Do you >have any idea how hard it is to notice that extra/missing "d", and >figure out why things Simply Do Not Work? Well, that demonstrates that the concept of tagging a "d" on the end of a name to indicate the daemon part well predates systemd, and probably should be reconsidered in a world where short names are no longer required. Not sure how that relates to the rest of the issues you are trying to work through. -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Fri, Apr 14, 2017 at 6:46 PM, Nicolas George <geo...@nsup.org> wrote: > Le quintidi 25 germinal, an CCXXV, Joel Rees a écrit : >> > Summary: Linux has a new system call to allow process to register as >> > adopters for orphan processes. >> Ick. I hope they don't register directly with pid1. > > I am sorry, but that does not even make sense. Well, this is where the conversation does seem to fall apart. I'm looking at the problem from the point of view of someone who has seen the ins and outs of an engineering principle called complexity. I know enough about complexity to understand that you cannot guarantee response time without properly constraining certain processes -- or, perhaps I should say, supported recurring paths of execution, because you might think I mean a specific entity with a process id on a Unix system, and systemd itself is an example of a unix system process that has multiple actual supported recurring paths of execution. >> Or you could have pid1 monitor only the monitoring process, to keep pid1 >> simple. > > Or you could have PID 1 monitor a process that monitors a process that > monitors a process that monitors a process that monitors the monitoring > process. Talk about strawman arguments. If you care to listen, I am not saying add process redirection to process redirection ad infinitum. There are, of course, limits to what one can do that direction, as well, and caution has to be applied in constructing the redirections. What I'm suggesting does require changes to the kernel. In particular, 16 bits of process id is not enough. How we change that requires some thought, but it is not enough. Systemd already takes a certain approach. Actually, it appears that they are trying two, maybe three approaches. Ultimately it will have to end up being able to resolve the identity of a process at a greater resolution of 1 in 2^16, and distinguish between processes in different ways than just the arbitrary distinction between threads and processes, and the arbitrary distinction between system and user. > Sorry, I do not share your religious imperative of keeping PID 1 simple > at the cost of making everything else more complex. It is easy to call things you don't want to think about "religious". Doing so doesn't solve any problems. If I had time, maybe I could construct a demonstration of the problem of complexity that would make the issues clear. But the demonstrations do exist already. >> pid1 seems to be doing a lot of other things in systemd. Is it >> cooperatively multitasking with itself yet? Or have they borrowed >> threads to define a new kind of process concept, so that pid1 can >> multitask with itself preemptively? >> >> I should go look at the source to see, I suppose > > Obviously you find burning straw men more entertaining. Please go ahead, > I will try not to trouble further. Working out the set of possible execution paths that a critical process can take may look like burning straw men to you, or it may look like wasting time in strawman arguments to you. It appears to look like a waste of time to many people in management. I do hope that what you are saying is that you assume that Poettering and company at least are walking through an informal analysis of the execution paths in systemd. (Formal analysis would be preferred.) Otherwise, your reference in other branches of this conversation to guarantees better than "most of the time" would seem rather, I hate to use the word, but there it is -- duplicitous. -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Fri, Apr 14, 2017 at 6:20 AM, Nicolas George <geo...@nsup.org> wrote: > Le quartidi 24 germinal, an CCXXV, Jonathan de Boyne Pollard a écrit : >> Nicolas George: >> > The process with PID one is the only immortal process on the system, and >> > adopts all orphan processes. > >> Wrong. Indeed, it was the systemd people who drove the making it wrong. > > I have no idea what that sentence means. > >> * https://unix.stackexchange.com/a/177361/5132 > > Summary: Linux has a new system call to allow process to register as > adopters for orphan processes. Ick. I hope they don't register directly with pid1. > Ok, Linux has a new mutant power that I did not know about, and half my > sentence was wrong. > > Yet, PID 1 is still the only immortal process, unless you have another > new mutant power to produce, and that property is needed to have a > reliable monitoring system. Otherwise, the monitoring process could be > killed, and nobody would notice. Or you could have pid1 monitor only the monitoring process, to keep pid1 simple. > So I stand by my claim: monitoring systems must be anchored at PID 1, > and that makes monitoring part of init's job. Conflicting requirements generally indicates a refactoring is necessary. Of course, it's possible to refactor things incorrectly. > (Immortal, in this context, does not mean that it cannot die: of course, > it can die, but if it does, the kernel panics and the hardware watchdog > reboots it. And of course, it means it cannot be killed by things like > the OOM killer.) pid1 seems to be doing a lot of other things in systemd. Is it cooperatively multitasking with itself yet? Or have they borrowed threads to define a new kind of process concept, so that pid1 can multitask with itself preemptively? I should go look at the source to see, I suppose, if I could only find the time. I assume they will eventually recognize that pid1 is doing too much and start pushing some of the conceptual changes outside pid1. I, of course, being superhuman, if I could find someone to fund my efforts, could solve all these problems without mistake. ;-> Yeah. Still it can be painful to watch them make the mistakes they are making. I would want them to be trying different solutions. But if I back-seat drive over in the Fedora tech lists, it will be distracting to them, so I back-seat drive over here. And try not to get into too much of a panic, since that doesn't seem to help. (If I could find someone to fund my efforts, I would sure like to try to develop an alternative. Sometimes life is not fair. :-/ ) -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
kAt, write a novel. Sure, some of the people here still don't realize just how bad things are, but there are limits to what individuals and even groups do. My dad used to tell me, if I wanted to change things, I'd have to change them from the inside. It's a poor expression of the principle because you can't get "inside" far enough without X, Y, or Z, and they all make it very difficult to change things once you are inside. So write a novel. That's what I'm doing. I don't know whether I'll convince very many people, but it's helping my ability to express myself. -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Tue, Apr 11, 2017 at 10:48 AM, somebody wrote, off list: (I'm not sure why you sent it off-list, but I want to respond on-list. > On 04/10/2017 08:08 PM, Joel Rees wrote: > >> What we needed was probably for a group like Canonical to have funded >> development of several alternative services management systems earlier >> on. What we need now is for Redhat to back off just a little more than >> they already have. > > [something about redhat earning a billion dollars in a year.] Last year, their net wasn't even a half-billion. I don't remember if it's going up or down, and I don't remember them actually netting a billion. Grossing, yes. They grossed well over 2 billion last fiscal year, if I haven't already forgotten what I just read. But I haven't been paying attention, really. It's (relatively) easy to saturate a market. It's much harder to turn saturation into a stable business model. It's often much easier to develop a stable business if you avoid saturation. One of the problems of the current economy is that almost everyone seems to be focused on saturation instead of stability. Anyway, the argument of money has to be applied carefully, and generally should not supplant the technological discussion. Unless you want to make your killing and exit the market. > If you know of a way for RedHat to earn more than a billion in a year, I'm > sure they would be all ears. I'm not sure Redhat really wants another saturation point more than stability, and systemd, actually, was more about stability. They needed to keep selling things to managers who wanted to believe they could control their infrastructure. Systemd definitely gives more apparent evidence of control. > Until then, I'm betting they will keep on doing > what they do quite successfully. Success is relative, and keeping on doing exactly what you are doing now is not a good way to maintain success. you have to adapt to changing times to even keep your focus steady. > It could be they aren't quite so dumb and > that for Debian to survive they ought to be following RedHat's lead. :) Ric Well, if "Debian" as a company that needs to succeed (Is it?) wants to follow Redhat's lead into a now saturated area, that's generally not good business. Someone would need to analyze how much and what kind of saturation has occurred, so that the theoretical company could focus on areas that aren't saturated. On the other hand, following Redhat's example (not lead) would mean making their (our?) own init and service management solution, and making it better than Redhat's. But I'm not sure what you were trying to get at. If the systemd cabal learns how to move important functions that have been absorbed into pid 1 back out, systemd will become a properly usable tool. (It's only usable now in comparison to what had not been uniformly available before.) They haven't yet done that, even though I think they have had time to. Future success requires fixing things that don't currently work, even if they aren't yet causing enough problems to impinge on the present bottom line. Problems ignored hit the bottom line eventually. (Unless you bail first, and no one wants that, I hope.) -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Mon, Apr 10, 2017 at 11:32 PM, Nicolas George <geo...@nsup.org> wrote: > Le primidi 21 germinal, an CCXXV, to...@tuxteam.de a écrit : >> > Your other arguments make sense, but sorry, this one does not. The >> > process with PID one is the only immortal process on the system, and >> > adopts all orphan processes. For that reason, any kind of process >> > monitoring, if it needs reliability, must be rooted in PID 1. And in >> > turn, that makes process monitoring in scope for any project that aims >> > to implement a program for PID 1. >> >> Runit works. Think about how :-) > > No need to think how: runit takes PID 1. You prove my point. > > (runit can also be integrated with the rudimentary monitoring of SysV > init: hacks upon hacks) Hacks upon hacks, refactored, is another way to look at stepwise refinement. > Regards, > > -- > Nicolas George -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Mon, Apr 10, 2017 at 11:13 PM, Nicolas George <geo...@nsup.org> wrote: > Le primidi 21 germinal, an CCXXV, to...@tuxteam.de a écrit : >> SysV init is broken because it has no process monitoring? No. >> Process monitoring isn't in its scope. > > Your other arguments make sense, but sorry, this one does not. The > process with PID one is the only immortal process on the system, and > adopts all orphan processes. For that reason, any kind of process > monitoring, if it needs reliability, must be rooted in PID 1. And in > turn, that makes process monitoring in scope for any project that aims > to implement a program for PID 1. No, it means you need to redesign certain aspects of the permissions systems. systemd essentially does that through cgroups and something else I'm not placing, but it shouldn't be at pid 1. It can be moved off to a higher pid daemon. It takes refactoring that ripples into the kernel. So does systemd. The big problem with systemd was that the design was to put it all in pid 1, which Linus rightly protested. > And that is what makes SysV init unsalvageable. ... without refactoring. It takes work. We should quite fighting against the idea that something takes work. > Socket activation, automounting, etc., are entirely optional and > peripheral. Process monitoring is not. Socket activation is not optional. Automounting is. Process monitoring may not be optional, but it has to be kept out of pid 1 because pid 1 has to be kept small. > Regards, > > -- > Nicolas George -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
but don't use any of > its optional intrusive tendrils. Other people have other opinions, and > that's awesome. A healthy, vigorous competitive environment benefits > all of us. Fortunately, a lot of people are standing up to the cabal. > My wheezy servers use wheezy's sysvinit + daemontools. My locally > installed services are managed by daemontools. Debian's services are > managed by sysvinit. > > On my jessie machines, I have systemd (with its syvinit compat layer) > plus daemontools, started as a systemd service. I'm slowly transitioning > my local stuff from daemontools to systemd services, but I am in no hurry > to do so. What we needed was probably for a group like Canonical to have funded development of several alternative services management systems earlier on. What we need now is for Redhat to back off just a little more than they already have. -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Sun, Apr 9, 2017 at 7:20 PM, <to...@tuxteam.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Sun, Apr 09, 2017 at 08:20:16AM +0900, Joel Rees wrote: > > [...] > >> There is no plus to a restricted declaration syntax except the walls >> between the controlling service and the controlled services. In other >> words, the minus of separation is the plus of separation. > > To be fair, there *is* a plus: with a restricted language, you can be > sure that some properties of the whole system are maintained. It then > becomes easier to reason about the whole behaviour. I think it becomes > a tradeoff. I think that was what I was trying to say, that the plus is also a minus and you have to weigh it as a tradeoff. But you do have to understand, in the weighing, that the restrictions are not a perfect wall. Also, I was trying to refer to the restricted dependency declaration language becoming infrastructure that allows management software to reliably analyze the dependencies. That was what was not happening when the shell itself was being used to declare (or search out) the dependencies. Assuming that the declaration language is sufficient, the plus side is that once the declarations are made, the management tools can work on the dependencies more or less directly. The minus side includes the problems of new language and the question of whether it is sufficient, and, as someone else said elsewhere, the baggage that systemd brings along with the new language. The language itself could be made independent of systemd, if the systemd project would cooperate with that. > regards > - -- tomás > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.12 (GNU/Linux) > > iEYEARECAAYFAljqCuEACgkQBcgs9XrR2kbADQCcDpqg5P8RMFFFyk4YDUslK22w > nFAAnAm1/LMIznTSv84Lffg1/AI7319D > =fNYy > -----END PGP SIGNATURE- > -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: If Linux Is About Choice, Why Then ...
On Sat, Apr 8, 2017 at 4:15 PM, <to...@tuxteam.de> wrote: > [...] > What systemd brings (mainly[1]) to the table is the decoupling of > different "parts" of init: just imagine you have one service (let's > say a web server) which depends on some other thing (say a file > system being present via ummm... NFS, but it could be a RAID or a > memory stick, you get the idea). With a SysV init you can't express > that: you would have to script it explicitly. With systemd you > can express that the web server is only to be started once that > file system appears. Well, sure you could express such relationships in the sysv scripts, and people did. But sysv scripts used the shell as the declaration language, and the shell is very flexible, and everyone seems to have done their own thing in expressing such relationships. That made it hard to get an overall analysis. What could have been done here was to build a simple database of relationships and a daemon to maintain the database. Sysv could start that daemon early, and other inits could simply register through that daemon as they came on-line. But there were several different approaches to that, and territory wars, and it wasn't ready for prime-time on the schedule of Fedora's management team. > [...] > [1] Yeah: a "declarative" configuration, which may be considered > as a plus (less obscure side effects) or as a minus (stronger > separation between "priests" and "mortals"). There is no plus to a restricted declaration syntax except the walls between the controlling service and the controlled services. In other words, the minus of separation is the plus of separation. And, of course, all the relationship database daemons used their own subset of the shell's syntax for the declaration syntax. Systemd uses a completely separate declaration syntax to strengthen the walls. Noting that the walls are an illusion will invite flames, but that's true of all the walls in software systems. They can all be got around. If we couldn't get around the walls, no work could be done. The issue is not the walls, it is whether processes can maintain reasonable behavior in getting around the walls and still get their jobs done, without too much policing and hand-holding from whatever daemon/service is in charge of the wall. And it was not that it could not be achieved in sysv, it was only that it had not been uniformly achieved to meet Fedora management's timetables. This was and is the core of the arguments, I believe, but, if I expand that thought too much I think it will still cause flames. (And I don't understand why. Politics is an essential part of management, and no one reasonable claims that open source means no management at all. We ultimately will have to deal with the political issues, whether we think we want to or not.) (No, wait, I guess I do understand why. We do not have a uniform language of politics. We can't say words like "democratic" or "committee" and be sure that the person we are talking to understands them they way we intend them. I should have been more careful about that then, and I will try to be more careful now, if we can do this conversation this time.) -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2017/01/soc500-00-00-toc.html More of my delusions: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Stretch stable and jessie testing - repositories listed
On Fri, Feb 10, 2017 at 2:51 AM, GiaThnYgeia <giathnyg...@openmailbox.org> wrote: > [...] > The Debian 7 pc stayed this way, I used it as an example that if I had > switched it to testing on wheezy would I be in stretch now? And I > assume the answer would be yes unless I again misunderstand how it works. Maybe, if you had done that before Jessie was stable and had managed to ride the changes okay. Don't do it now or you'll be in a serious mess of the sort where the best answer is to back up your data and maybe your passwords and re-install from scratch. It might be good to have Synaptic issue a warning to that effect when certain (repository) targets are changed, but that would be something to take up on a developers' list, maybe. -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Stretch stable and jessie testing - repositories listed
Hi, Greg, On Thu, Feb 9, 2017 at 10:27 PM, Greg Wooledge <wool...@eeg.ccf.org> wrote: > On Thu, Feb 09, 2017 at 12:29:00PM +, GiaThnYgeia wrote: >> It may seem silly to most of you but not very clear. If in the synaptic >> repository list one has used testing in Jessie > > What?! > >> by now the system has >> converted fully (99.99%) to Debian 9 Stretch. Right? > > If you want to run stretch, then you should put "stretch" in your > sources.list. Currently this is the same as testing, but when stretch > is released, you will be running Debian 9, and you will stay there until > you choose something else. > > If you want to run PERPETUAL testing, never stabilizing, always > half-broken, then you should put "testing" in your sources.list. > > If you put EITHER of these things in your sources.list, EVER, then you are > NOT running jessie. It is completely nonsensical to write a phrase like > "testing in jessie". You are running testing, or you are running jessie, > or you are running neither. > Please don't get so excited on-list. Some of the members of the list have to go handle flammable liquids in the early morning cold between reading messages, and you might cause an hour's worth of fuel oil to be spilled all over someone's veranda. :-( Sure, it's that someone's fault for thinking about the list and watching the fuel instead of the gauge for a second or two at the wrong moment, but :/) -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Monitor switched off after resume from hibernation
On Fri, Jan 6, 2017 at 6:04 AM, solitone <solit...@mail.com> wrote: > > I'm on debian stretch, and my computer is a MacBookPro 12,1. I've recently > noticed an issue that affect my system when it hibernates. > > When the screen is already switched off and then the system hibernates, it > won't resume correctly later on. Specifically, the monitor will be switched > off > again at the end of the resume process. So, just out of curiosity, what happens if you use ctrl-alt-Fn to switch between virtual consoles several times after the box gets stuck thinking the screen is off? > > [...] > Davide -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Monitor switched off after resume from hibernation
On Mon, Jan 9, 2017 at 10:01 AM, David Wright <deb...@lionunicorn.co.uk> wrote: > On Sun 08 Jan 2017 at 07:59:39 (+0100), solitone wrote: >> On Saturday, January 7, 2017 1:35:07 PM CET David Wright wrote: >> > you could go on to combine it with the >> > hibernation process to make sure that the monitor was on just before >> > hibernation started. (There might be some sort of serialisation >> > required to make sure the two actions occur in the right order. You >> > don't want a race.) >> >> What sort of serialisation are you referring to? I tried with the following >> script, but won't work: >> >> $cat /usr/lib/systemd/system-sleep/screen_hack_hibernate >> >> if [ "$2" = "hibernate" ]; then >> case "$1" in >> pre) >> xset -display :0 dpms force on >> ;; >> esac >> fi >> >> I thought it would be run just before hibernate (it's the same technique I use >> to unload the driver of my wifi adapter before hibernate, to prevent some other >> network issues I had) , but it doesn't. > > I can only answer you in the vaguest terms. I thought you might add a > service that has to run before hibernate, and it would contain a > Before= (or hibernate an After= ) line to make sure that turning on > the monitor preceeded the hibernation. > > If you manage this, perhaps with others' help, you'll be ahead of me > on the systemd learning curve. > > BTW I haven't bothered to respond to Stefan Monnier's contribution. > I can imagine scenarios that might cause power consumption when a > machine is off (like network cards running to watch for magic WoL > packets, and things like that), Cheap power supply designs. I think he indicated. Without load, some power supply designs draw more energy, either in not-fully-defined operating modes or in modes where the P/S loads itself down dynamically. > but a machine in hibernation should > cope with a power cut. In any case, I support your expectation that > using sleep/hibernate should not involve compromising monitors' > power-saving behaviour. > > Cheers, > David. > -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: cannot register @forum
On Mon, Jan 9, 2017 at 4:07 AM, sweethome <mpal2...@rediffmail.com> wrote: > cannot register in debian forum, forums.debian.net is, I believe, a separate organization. > whenever I am trying to register after > filling the form , i am getting a message " your ip is black listed " > without doing anything wrong with the website.!!! how to register, please > let me know. Searching the web for "debian forum blacklist" found this post in the archives of the debian-www mailing list: https://lists.debian.org/debian-www/2015/01/msg00026.html but that was last year, so the contact list Paul gives there may be old.. Looking at http://forums.debian.net, I find the topic or whatever, "forum stuff and feedback": http://forums.debian.net/viewforum.php?f=12 You might find a useful post in there, or maybe a way to contact the forum admins if you have a problem of any kind. Or you could subscribe to this list at https://lists.debian.org/debian-user/ if you haven't already, and post your questions here via e-mail instead of at the web forum. It's a little different from a web forum, but your mail seems to get through okay. And we can probably answer some of your questions or point you to places you can get the answers. -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: brother printer/scanners
Woops. Corrections below: On Tue, Jan 3, 2017 at 2:29 PM, Joel Rees <joel.r...@gmail.com> wrote: > (Ben saw this, anyway. 8-p > > Sorry. Wandering back and forth between Ubuntu and Debian, I sometimes > forget that debian treats e-mail as e-mail, where Ubuntu does the > convenient thing.) > > On Mon, Jan 2, 2017 at 1:49 PM, Ben Caradoc-Davies <b...@transient.nz> wrote: >> On 02/01/17 13:38, Joel Rees wrote: >>> >>> I got a Brother printer to work by installing both the debian packages >>> from the repos and the deb from Brother's website, but the scanner >>> still isn't being found. >>> Running Wheezy. >>> Would anyone care to tell me what steps they took to get scan >>> functionality on their Brother multifunction printers? > > I'll mention here, for completeness, that I installed the short deb > that set up the udevs this morning, but that didn't help. xsane still > only found my internal camera. (Which, unfortunately, does not seem to > scan. Maybe I'll find a way to configure the camera later on, just for > fun.) > >> Is this a network printer? Did you configure your scanner client settings >> with brsaneconfig[1-4]? For example: >> http://support.brother.com/g/s/id/linux/en/instruction_scn1b.html?c=nz=en=mfcl2740dw_us_eu_as=on >> >> From my MFC-L2740DW on unstable amd64, I ran: >> >> brsaneconfig4 -a name="Brother MFC-L2740DW" model=MFC-L2740DW ip=192.168.1.2 >> > > That helped. When running xsane after that, it found the scanner and > showed it to me in a list with the internal camera. But it errored > out, complaining about bad parameters. > > Then I ran > > brsaneconfig4 -q > > to see if it was there, and after that it connects and scans. YAY! > >> The scanner was then correctly detected in xsane. >> >> I am using: >> >> brscan-skey-0.2.4-1.amd64.deb > > I haven't installed this yet, but I may try it just for fun, > especially if I end up with multiple brother devices. ;-) > >> brscan4-0.4.3-0.amd64.deb > > That's what I had from repos. No, that wasn't from repos. Now that I check, it was from Brother's driver clot. Uhm, deb package. My bad. You know, I'm not sure where it came from. Wait. Here it is: http://support.brother.com/g/s/id/linux/en/index.html?c=us_ot=en=on=on Here are some of their famous instructions: http://support.brother.com/g/s/id/linux/en/instruction_scn1b.html?c=us_ot=en=on Here's the monster download page: http://support.brother.com/g/s/id/linux/en/download_scn.html which has the scanner stuff for a whole bunch of models. As someone said, the debian repos don't seem to have any scanner stuff. >> mfcl2740dwcupswrapper-3.2.0-1.i386.deb dcpj952ncupswrapper-whatever (3.0.0.1, i386) >> mfcl2740dwlpr-3.2.0-1.i386.deb dcpj952nlpr-whatever (3.0.0.1, i386) It looks like I got them from Brother, but I'm not sure what page. It may be a Japanese-only page for a Japan-only printer. Oh, this is probably it: http://support.brother.co.jp/j/b/downloadlist.aspx?c=jp=ja=dcpj957n=128 And I seem to have picked tthe simple install, which appears to be downlevel but must not be, since I have the 3.0.0.1 drivers. The dates are confusing, too. But the models supported list includes the dcp-j957. As several have commented, it's impossible to be sure what came from where because I installed what was in the repos, then installed the stuff from Brother. > Not sure about those, don't seem to remember seeing what would be the > equivalent for the DCP-J975N, which is my multifunction device. Double woops. DCP-J957N. But the driver deb is named for the 952. > >> >> Kind regards, >> >> -- >> Ben Caradoc-Davies <b...@transient.nz> >> Director >> Transient Software Limited <http://transient.nz/> >> New Zealand > > Much appreciation to all who responded, including off-list. -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: brother printer/scanners
(Ben saw this, anyway. 8-p Sorry. Wandering back and forth between Ubuntu and Debian, I sometimes forget that debian treats e-mail as e-mail, where Ubuntu does the convenient thing.) On Mon, Jan 2, 2017 at 1:49 PM, Ben Caradoc-Davies <b...@transient.nz> wrote: > On 02/01/17 13:38, Joel Rees wrote: >> >> I got a Brother printer to work by installing both the debian packages >> from the repos and the deb from Brother's website, but the scanner >> still isn't being found. >> Running Wheezy. >> Would anyone care to tell me what steps they took to get scan >> functionality on their Brother multifunction printers? I'll mention here, for completeness, that I installed the short deb that set up the udevs this morning, but that didn't help. xsane still only found my internal camera. (Which, unfortunately, does not seem to scan. Maybe I'll find a way to configure the camera later on, just for fun.) > Is this a network printer? Did you configure your scanner client settings > with brsaneconfig[1-4]? For example: > http://support.brother.com/g/s/id/linux/en/instruction_scn1b.html?c=nz=en=mfcl2740dw_us_eu_as=on > > From my MFC-L2740DW on unstable amd64, I ran: > > brsaneconfig4 -a name="Brother MFC-L2740DW" model=MFC-L2740DW ip=192.168.1.2 > That helped. When running xsane after that, it found the scanner and showed it to me in a list with the internal camera. But it errored out, complaining about bad parameters. Then I ran brsaneconfig4 -q to see if it was there, and after that it connects and scans. YAY! > The scanner was then correctly detected in xsane. > > I am using: > > brscan-skey-0.2.4-1.amd64.deb I haven't installed this yet, but I may try it just for fun, especially if I end up with multiple brother devices. ;-) > brscan4-0.4.3-0.amd64.deb That's what I had from repos. > mfcl2740dwcupswrapper-3.2.0-1.i386.deb > mfcl2740dwlpr-3.2.0-1.i386.deb Not sure about those, don't seem to remember seeing what would be the equivalent for the DCP-J975N, which is my multifunction device. > > Kind regards, > > -- > Ben Caradoc-Davies <b...@transient.nz> > Director > Transient Software Limited <http://transient.nz/> > New Zealand Much appreciation to all who responded, including off-list. -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
brother printer/scanners
I got a Brother printer to work by installing both the debian packages from the repos and the deb from Brother's website, but the scanner still isn't being found. Running Wheezy. Would anyone care to tell me what steps they took to get scan functionality on their Brother multifunction printers? -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [OT] on education [was]: Do have programs have poor documentation? (was ... Re: Why? -- "A Modest Proposal")
I know you are trying to EOT this, but, from someone trying to teach high school English, ... On Mon, Jan 2, 2017 at 7:40 AM, Nicolas George <geo...@nsup.org> wrote: > Le duodi 12 nivôse, an CCXXV, deloptes a écrit : >> No time to discuss too long with you > > [...] > The truth is that the level has actually increased in developed > countries: a greater proportion of people finish high school, a greater > proportion of people access to higher education. The contents is also > broader and more rewarding, YMMV on the "broader" and "more rewarding" evaluation, in particular. I see more information, less help actually using it. Actually, I see institutional biases against helping the students learn to use the information they get. > people no longer learn by heart lists of > battle dates and capital cities, they learn social mechanisms and > geopolitics; they study literary works instead of minute spelling rules. > They spend less time training to do three-digits multiplications by hand > because they have calculators, and thus they have time to study > statistics. > > Now, why do people think the level drops? There are several reasons. > > The simplest is this: they do not realize how much they evolved, they do > not realize they were just as clueless and ignorant at the same age. > [...] I read stuff I wrote thirty-five years ago and wonder where that guy has been all my life, sometimes. Sure, I know more about what the stuff I wrote back then means. I have more experience. But the writing itself, the concepts I was dealing with, and the conclusions I drew back then, ... My writing was technically good. I was focused on stuff that matters. I knew what I was talking about even if I let a bunch of misguided or even malignant teachers, managers, and experts convince me that I was wrong for the longest time. I communicate better with other people now, because of the experience. The information, the knowledge itself are without value without experience. And much of the current curricula and methodology really does seem to discourage the children from experiencing things that are not out on the social network or in their games. (I'd love to have someone fund my startup for writing adventure games that teach physics, math, history, etc., instead of just playing games with it in ways that teach those who play the games that the real universe is not fun. First, I have to write the business plan, I suppose, ...) -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [OT] Antikythera mechanism [was Re: Do have programs have poor documentation?]
On Mon, Jan 2, 2017 at 1:10 AM, Lisi Reisz <lisi.re...@gmail.com> wrote: > On Sunday 01 January 2017 14:54:09 Joel Rees wrote: >> On Sat, Dec 31, 2016 at 11:11 AM, Miles Fidelman >> >> <mfidel...@meetinghouse.net> wrote: > >> > On 12/30/16 7:07 PM, deloptes wrote: > No, I wrote that. Somebody besides me trimmed your name out of the quotes, and I didn't check. Sorry. >> >>> In what way is the Antikythera mechanism not a computer? And where did >> >>> your 400 years come from? >> >> Without a functioning Antikythera mechanism, we really can't answer >> that question in a useful manner. However, I could guess that I could >> not program that machine with anything that looks like a full C >> compiler. > > So something that can't be programmed with anything that looks like a full C > compiler is not a computer??? So Colossus was not a computer?? :-) Shoot, a thermostat is a computer. > C itself, of course, is MUCH later than Colossus, Well, yeah. Formal descriptions of procedures do, in fact, date back before the Antikythera mech. Most human languages do allow description of algorithms in a Turing complete fashion, although the selection of the symbols and grammar constructs is not clear in the old records. And, without a clear delineation between the language being used for the algorithm and the general language, things can get confusing. I think said mechanism is thought to predate modern algebraic notation, but algebraic notation is not Turing complete without some parts that we usually don't deal with. The languages of the Calculus and of formal logic almost get us there, but not quite. > C was originally developed by Dennis Ritchie between 1969 and 1973 at > Bell Labs, > https://en.wikipedia.org/wiki/C_(programming_language) ... based on ideas and constructs evident in bcpl, Algol, and other languages not too many people have heard of. > > Colossus was a set of computers developed by British codebreakers in > 1943-1945 The prototype, Colossus Mark 1, was shown to be working in > December 1943 > > https://en.wikipedia.org/wiki/Colossus_computer > > but I don't think that Colossus could compile with anything. It had to be > directly programmed. I'm sure that, if we wanted to, we could define a subset of C or some other Turing complete language that could be compiled to a wiring description for the Colossus. Subset. And it would be really easy to write programs in such a subset that could not be run on the Colossus -- without a lot of hardware augmentation. And the problem is not just lack of storage area. > Lisi >> (Guess. For all we know, there were nanotech mechanical CPUs in the >> thing before the seawater made it non-functional.) >> >> Subset C, maybe. The difference is important. So, do you think the differences are not important? >> >> I understand what you mean, but it was in the last 400y that this >> >> machine took shape. In fact it was Turing that defined it. But he would >> >> not be able >> >> to define it if it was not the mathematicians before him. I agree with >> >> you as well, we could go to the roots of mathematics, however even if >> >> the definition of such a machine was so old, it wouldn't be possible to >> >> build it without the technical advantage, so ... I still think my >> >> statement is true. You can argue as long as you will. >> > >> > Well, you kind of forget: >> > Joseph Jacquard (and maybe Basile Bouchon) >> > not to mention Charles Babbage and Ada Lovelance >> > Alonzo Church. >> > And of course, John von Neumann (if you want to talk actual hardware >> > architecture) >> >> Interesting thing about the siggie and the above. >> >> > -- >> > In theory, there is no difference between theory and practice. >> > In practice, there is. Yogi Berra >[...] >> My personal vote for the original topic is man 7, as someone else >> mentioned. (Yes, the man pages did, from back in the system 6 days, >> even, include a _little_ bit of tutorial.) I'm not sure who's arguing what in these threads, but, for example, documentation being inaccessible is a direct cause of a lot of code churn in the community. (Not that code churn is inherently evil, but, ...) And I've seen a lot of odd things asserted in these threads, like the idea that man pages are not the place for tutorial content. -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [OT] Antikythera mechanism [was Re: Do have programs have poor documentation?]
On Sat, Dec 31, 2016 at 11:11 AM, Miles Fidelman <mfidel...@meetinghouse.net> wrote: > Talk about a thread going South! (Perhaps we can get back to bashing > systemd?) There's a chuckle. > On 12/30/16 7:07 PM, deloptes wrote: >>> >>> In what way is the Antikythera mechanism not a computer? And where did >>> your 400 years come from? Without a functioning Antikythera mechanism, we really can't answer that question in a useful manner. However, I could guess that I could not program that machine with anything that looks like a full C compiler. (Guess. For all we know, there were nanotech mechanical CPUs in the thing before the seawater made it non-functional.) Subset C, maybe. The difference is important. >> I understand what you mean, but it was in the last 400y that this machine >> took shape. In fact it was Turing that defined it. But he would not be >> able >> to define it if it was not the mathematicians before him. I agree with you >> as well, we could go to the roots of mathematics, however even if the >> definition of such a machine was so old, it wouldn't be possible to build >> it without the technical advantage, so ... I still think my statement is >> true. You can argue as long as you will. > > > Well, you kind of forget: > Joseph Jacquard (and maybe Basile Bouchon) > not to mention Charles Babbage and Ada Lovelance > Alonzo Church. > And of course, John von Neumann (if you want to talk actual hardware > architecture) Interesting thing about the siggie and the above. > -- > In theory, there is no difference between theory and practice. > In practice, there is. Yogi Berra Intel really still wants us to believe that the 8086, because it was Turing complete -- other than the memory limitation (cough) -- was equivalent to the 68000. Nobody in their right mind used an 8086 to control an engine, however. (But we do now use subsets of the Power PC architecture and variations of the SH architecture.) You can program PLAs in something that looks like a subset of C, but it's not the same. You can construct a CPU with a PLA, but you can get much more energy efficiency and much better CPU speed by laying out the various CPU parts as dedicated blocks of logic. On the converse, simulating a switch grid with a CPU introduces serious inefficiencies, as well. Different classes of complexity. Programming, but not the same kind of programs. The info system is another example. Very powerful, but I didn't want to have to learn the info system just to wade through the info info pages. It was very intuitive for someone who already had certain keyboard habits, but not for the rest of us. Keyboard macros are not the same thing as Forth or LISP primitives or M4 or cpp macrose. html is a bit less obtuse than info, less concise, and a shallower learning curve. And plain text coupled with the apropos command (man -k), with the in-page search function, still get me a lot farther into something new, quicker, than info files. Much less keyboard dancing. My personal vote for the original topic is man 7, as someone else mentioned. (Yes, the man pages did, from back in the system 6 days, even, include a _little_ bit of tutorial.) -- Joel Rees I'm imagining I'm a novelist: http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: [Gimp-user] Next gotcha
(Bringing it back to both lists so those who are telling Gene he should upgrade his debian can get a clue.) On Sat, Jul 23, 2016 at 7:19 PM, Gene Heskett <ghesk...@shentel.net> wrote: > On Saturday 23 July 2016 05:41:29 Michael Schumacher wrote: > >> On 07/22/2016 10:32 PM, Gene Heskett wrote: >> > But when I hit the help menu, up pops the help for 2.6! So I fire >> > up synaptic and check to see if I am out of date, because the >> > "context help" doesn't work at all. Yup, I'm up to date allright, >> > got gimp-2.8.2 but the doc files are for 2.6.x. Debian wheezy at >> > your service, NOT. >> >> Well, actually you are not up-to-date at all - this is because you >> choose to run the oldstable Debian release. >> >> This also means you're missing most of the bug fixes that have >> happened in 2.8 since 2.8.2 has been released (minus some security >> fixes, maybe). >> >> > Did this train lose its conductor a few stops back? Or how can I >> > back it up to when it Just Worked(TM) quite a bit of the time? >> >> You should check whether you can and want to upgrade to a more current >> Debian release. Or, in train terms: check if you want to board a train >> that is actually going somewhere, instead of the museum train that's >> running around in circles on its closed track. > > True, but I am stuck with a distribution that can run LinuxCNC, which has > a need for a real time capable kernel. The guys are working on it but so > far have not managed to get good enough IRQ response with kernels post > 3.4.9-55 to run stepper motors direct, they have to be delegated to > specialized control cards that run from $90 to 3 or 400, depending on > the complexity of the machine being controlled. (I suppose I should restrain myself, and it doesn't help Gene at all for me to say, to the pro-systemd sheeple, that this is what I was warning about. But this is what I was warning about. Oh, for someone to foot me a few hundred million JPY to fork the kernel and strip it of all the damage done in trying to deal with that cabal. Ah, but I'd prefer to write a new kernel from scratch and get rid of a whole lot of cruft. Linus has done well, and the bazaar has worked well, but the committee effects take their toll. Systemd was just the worst visible evidence of the committee effect to date. And I doubt anyone reading this except Gene understands my mumbling, so I really should restrain myself. :-< ) -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2016/06/econ101-novel-toc.html
Re: [Gimp-user] Next gotcha
On Sat, Jul 23, 2016 at 5:32 AM, Gene Heskett <ghesk...@shentel.net> wrote: > Greetings all > > I did, after 20 minutes of screwing around, finally get it to use a > selected foreground color for the text. > > But when I hit the help menu, up pops the help for 2.6! So I fire up > synaptic and check to see if I am out of date, because the "context > help" doesn't work at all. Yup, I'm up to date allright, got gimp-2.8.2 > but the doc files are for 2.6.x. Debian wheezy at your service, NOT. I don't even have the help files installed. 8-< Look for the package for the help files in synaptic or from the command line and update that manually. > Anyway, the next problem is that I can't find a tool that will let me > draw freehand lines so I can make a few arrows that point from a line of > text to a feature in the image. Or maybe even draw a balloon around the > text pointing at the feature. There's a pen tool in there that I'm still trying to figure out how to use. It's for constructing "paths". Ignore it for now. Airbrush, paintbrush, pencil, stamp, etc. Except, ... > Did this train lose its conductor a few stops back? Or how can I back it > up to when it Just Worked(TM) quite a bit of the time? I'm guessing what you've bumped into is the problem of selecting which layer you want to draw into. If you can bring up the widget that shows your layer list, it's a lot easier to navigate the layers. Otherwise, you have to kind of intuit which layer you are currently in and use the layer menu stuff to shift between them. > Cheers, Gene Heskett > -- > "There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." > -Ed Howdershelt (Author) > Genes Web page <http://geneslinuxbox.net:6309/gene> -- Joel Rees I'm imagining I'm a novelist: http://joel-rees-economics.blogspot.com/2016/06/econ101-novel-toc.html
Re: Libre graphics could become the standard if we push right now
For those who might be interested ... 2016/01/23 9:27 "Joel Rees" <joel.r...@gmail.com>: > > On Sat, Jan 23, 2016 at 7:15 AM, jdd <j...@dodin.org> wrote: > > Le 22/01/2016 17:34, Alberto Salvia Novella a écrit : > >> > >> libre hardware. > > > > that's far from new > > > > https://en.wikipedia.org/wiki/Open-source_hardware > > > > http://www.gnu.org/philosophy/free-hardware-designs.en.html > > > > I remember efforts done to have free cpu, but I don't think significant > > result have been achieved > > > > I guess the better step is > > > > http://www.excamera.com/files/j1.pdf > > Oh, dear, another FORTH nut. > > :) > > > but I couldn't find the license for this work > > > > jdd > > > > Well, in the pdf for his Euroforth 2010 presentation on his J1 > processor, he asserts the BSD license. > > I assume he means BSD template, unless he works for UC Berkeley. > Judging from the license in his git repository for SWAPFORTH, it > appears that he does mean BSD template. > > I'll have to see if I can contact him, since I'm another FORTH nut, myself. I contacted James Bowman, and he said the swapforth repository, https://github.com/jamesbowman/swapforth/ is the active repository for his work, including j1. FWIW. > It looks like the development tools for his processors run on Debian. > Maybe they'll also run on openbsd. > > (To make the relevance to the thread explicit, some of the stuff on > Bowman's site, which jdd linked to above, includes examples of a Forth > processor being used as a graphics processor (8 bit). This stuff > really isn't rocket science, guys, no matter how much Intel wants us > to believe it's ever too hard for ordinary people like us to even > bother trying to understand.) > > Thanks for the link. Joel Rees Computer memory is just fancy paper, CPUs just fancy pens. All is a stream of text flowing from the past into the future.
lightdm/xfce4, lost my window manager and my panels and some session state
Several days back, after a late night session when I was asleep at the keyboard by the time I logged at, xfwm4 quit starting up after logging in from lightdm (which is my default dm). There were no title bars and no trim. I could right-click on the desktop and get the applications menu and start applications from that, but I couldn't get keyboard focus into a terminal window to run any commands from the command line. Logging in on a virtual console (ctl-alt-Fn), I could check ps wwaux | grep xf and see that the window manager, xfwm4, did not show up. I could startx from there and the window manager and panels would be in place, without memory of any of my session state. Logging out of x11 there, and logging back out and back in through lightdm, there was no change for the lightdm managed login. No title bars, no panels, most of my session stuff still gone. >From the application menu's "Run Program" (or whatever it is in English) item, I was able to use the xfwm4 --replace & command and get the window manager and title bars back. Logging out and in, my window manage was back, but not my panels. Running xfce4-panel from a terminal window, I got my panels back and those persisted through logging out and in, as well. Still missing most of my workspace session state, and what is left is all collected into a single workspace. Well, all my workspaces were way cluttered, and it was probably time to clean up anyway. :-P Would be interested in any suggestions about why that might have happened (ergo, about what my fingers might have typed/moused while I was not at home upstairs). -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: Libre graphics could become the standard if we push right now
On Sat, Jan 23, 2016 at 7:15 AM, jdd <j...@dodin.org> wrote: > Le 22/01/2016 17:34, Alberto Salvia Novella a écrit : >> >> libre hardware. > > that's far from new > > https://en.wikipedia.org/wiki/Open-source_hardware > > http://www.gnu.org/philosophy/free-hardware-designs.en.html > > I remember efforts done to have free cpu, but I don't think significant > result have been achieved > > I guess the better step is > > http://www.excamera.com/files/j1.pdf Oh, dear, another FORTH nut. :) > but I couldn't find the license for this work > > jdd > Well, in the pdf for his Euroforth 2010 presentation on his J1 processor, he asserts the BSD license. I assume he means BSD template, unless he works for UC Berkeley. Judging from the license in his git repository for SWAPFORTH, it appears that he does mean BSD template. I'll have to see if I can contact him, since I'm another FORTH nut, myself. It looks like the development tools for his processors run on Debian. Maybe they'll also run on openbsd. (To make the relevance to the thread explicit, some of the stuff on Bowman's site, which jdd linked to above, includes examples of a Forth processor being used as a graphics processor (8 bit). This stuff really isn't rocket science, guys, no matter how much Intel wants us to believe it's ever too hard for ordinary people like us to even bother trying to understand.) Thanks for the link. -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: Libre graphics could become the standard if we push right now
Just to clarify my participation in this thread -- On Sat, Jan 23, 2016 at 1:34 AM, Alberto Salvia Novella <es204904...@gmail.com> wrote: > Joel Rees: >> >> "Modern" CPUs have plenty of spare register space, most of it >> undocumented. Register space can be used to record something of state, >> allowing instruction streams to be self-parsing. > > > Anyway I think this falls mostly in the hardware side. I think you are making an artificial distinction between hardware and software. That is, you seem to see a bright line where I don't see a line, and you seem to call some things hardware that I would not. I still prefer to call ROMmed design elements "firmware", and still prefer to group firmware with software, making the distinction that firmware is write-protected by hardware. Other lines of distinction are generally promoted by salescrews with an axe to grind (proprietary pseudo-solution to sell). And the ability to clear the write protection by software makes firmware infirm, so to speak. Re-writing CPU microcode and BIOS code, including boot-time drivers and codec definitions, is dangerous, and shrouding it in secrecy and cryptographic mumbo-jumbo is just the old sales line of "trust me", which Ken Thompson explained the weakness of in his classic (and deliberately incomplete) Reflections on Trusting Trust. > I liked microcode to > be libre too, Sure, microcode should also be free-as-in-freedom. I am definitely not arguing against that idea. I'm just saying you seemed to be promoting microcode for something it can't do, back a ways there. Your description of microcode as somehow less "executable" and more "declarative" than something also didn't sit well. (It is both. You cant separate operation from definition.) > but I'm postponing that goal for later. As my main goal now is > software to be libre. Okay with that, as long as we don't promote the idea of a single standard solution to graphics. Monoculture pretty much undoes the advantages of freedom. > When libre software is the standard, then I will start talking about libre > hardware. No problem with your focus on software, although I personally won't believe we've won much as long as Intel (and now AMD again) and others hide any kind of code, including the hardware and firmware. > Have a nice day. You have a nice day, too. -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: Libre graphics could become the standard if we push right now
2016/01/21 2:33 "Alberto Salvia Novella" <es204904...@gmail.com>: > > Joel Rees: > >> It supports neither your peculiar assertion that microcode is not >> executable nor your equally peculiar assertion that microcode is not >> and has not been a cause for concern. > > > Polynomial (http://tinyurl.com/hdtpa7g): You know, a url contains useful information in and of itself. I appreciate that urls get long and code points out of the basic plane make them hard to read and encoded server internal indexing really isn't interesting, but at least it would tell us in this case that what you are taking out of context is supposed to be from stackexchange. > > Let's assume for a moment that you could overwrite microcode in a > > useful way. How would you make it do anything useful? The poster you are quoting part of does know somewhat about his topic, but these two sentences together should cause you to think carefully. Useful is not useful? Clearly he is thinking of more than one kind of usefulness. > > Keep in mind > > that each code simply shifts some values around in the internals of > > the hardware, rather than a real operation. If "simply shifting values around in the internals of the hardware" is not doing any "real" operation, how would the results of any "real operation" ever get out of the arithmetic or logic units? Putting an address on the address bus in-and-of-itself neither reads nor writes data, but putting an address on the address bus is part of both reading and writing data. "Modern" CPUs have plenty of spare register space, most of it undocumented. Register space can be used to record something of state, allowing instruction streams to be self-parsing. How many elements of the stuff that enables malware do you want me to point out? Sure, you're not going to write a backdoor entirely in microcode, but you can use rogue updates to slip bits and pieces of microcode in to instructions that allow a backdoor to run and get around the walls. And not all rogue updates come from 3rd parties. Read the links Anders posted. > Mark Shuttleworth (http://tinyurl.com/pk8zwmv): > > Declarative firmware that describes hardware linkages and > > dependencies but doesn’t include executable code is the best chance > > we have of real bottom-up security. In some ideal world, you could pre-define all the customizations an integrator or end-user could want in code that gets shipped in the kernel, and provide a declarative interface to select the tweaks an integrator or end-user wants. >From where I stand, it requires the kernel developers to know an awful lot more about what every possible thing an end user or integrator might want than is humanly possible. -- Joel Rees
Re: Libre graphics could become the standard if we push right now
On Wed, Jan 20, 2016 at 12:55 AM, Alberto Salvia Novella <es204904...@gmail.com> wrote: > Joel Rees: >> >> Just for the record, if microcode can play with the CPU internal >> system state, say, the bits that specify whether the CPU is in >> supervisor or user state, there's not much to stop, for instance, a >> microcode update from providing an undocumented trap to a hidden >> routine in the BIOS that does deep packet inspection and arbitrary >> forwarding. > > > http://security.stackexchange.com/questions/29730/processor-microcode-manipulation-to-change-opcodes > Other than some significant errors in that, how do you interpret it? It supports neither your peculiar assertion that microcode is not executable nor your equally peculiar assertion that microcode is not and has not been a cause for concern. -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: Libre graphics could become the standard if we push right now
On Wed, Jan 20, 2016 at 12:59 AM, Anders Andersson <pipat...@gmail.com> wrote: >>> Just for the record, if microcode can play with the CPU internal >>> system state, say, the bits that specify whether the CPU is in >>> supervisor or user state, there's not much to stop, for instance, a >>> microcode update from providing an undocumented trap to a hidden >>> routine in the BIOS that does deep packet inspection and arbitrary >>> forwarding. >> >> http://security.stackexchange.com/questions/29730/processor-microcode-manipulation-to-change-opcodes > > While we're on the topic of horrible horrible things that I don't want > to think about, and makes me want to move to a cave and run my own > transistor-based CPU: > > https://libreboot.org/faq/#microcode > > And more generally, secret chipset firmware: https://libreboot.org/faq/#intel > Well, yeah, we've always been somewhat at the mercy of the CPU vendor, but with billions of on-chip gates to play with, they can and do hide all sorts of things in there. Building a CPU out of transistors would be fun, indeed, but it would eat power like crazy. LS logic would be much more reasonable, and still not really subject to hidden vulnerabilities other than your own bugs. I don't think I'd want to build anything beyond a 6809 or maybe a 6812 that way, and, even there, the power dissipation would be in the same range as a portable electric heater. Convenient in winter, in some ways, but you'd have trouble opening up a web page with it. E-mail, maybe, if you add DMA harware. Programmable logic is theoretically susceptible to rigging by the manufacturer, but anything less is not going to be very useful. -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: Libre graphics could become the standard if we push right now
2016/01/16 1:16 "Alberto Salvia Novella" <es204904...@gmail.com>: > > [...] > > Firmware is a common concern because it can be overwritten by malware, have > malicious functionalities, or have back-doors. > > That has never been the case with microcode. It just declares the instruction > set, but is not an executable. > Just for the record, if microcode can play with the CPU internal system state, say, the bits that specify whether the CPU is in supervisor or user state, there's not much to stop, for instance, a microcode update from providing an undocumented trap to a hidden routine in the BIOS that does deep packet inspection and arbitrary forwarding. As just one way to take advantage of microcode. -- Joel Rees Computer memory is just fancy paper, CPUs just fancy pens. All is a stream of text flowing from the past into the future.
Re: sexist content in the package openclipart2-png
On Wed, Jan 6, 2016 at 6:11 PM, Renaud OLGIATI <ren...@olgiati-in-paraguay.org> wrote: > On Wed, 06 Jan 2016 09:36:58 +0100 > deloptes <delop...@yahoo.com> wrote: > >> Start educating is what I want to say, start educating your children, and >> building up self protection. Believe me this is the only way you can >> protect them. > > And that would start with educating the parents... > [...] For those of you who find the discussion more objectionable than the images, I have four questions: (1) Are you relying on the first image in the list, the face of a reclining woman? There are, in fact, cultures where the makeup an expression would indicate a woman of a certain class, but, then again, there is something discriminatory and repressive about accepting such opinions as authoritative. When I saw that image, I'll admit I was wondering whether the OP were a sock puppet looking to generate some Streisand effect and a little more user love for the package. So I took a look to see if the package is worth using and I think it probably is, in general. (2) Are you basing your opinions only on the low resolution png images in the debian directories Thomas Schmitt pointed out? They are mostly a bit "cuter" at that resolution. Which leads to the third question, (3) Have you gone to the trouble of installing the openclipart2 package and looking at the svg images under the /usr/share/ so that you can base your opinion on the actual contents? (4) Aside from the copyright issues, would you be game for including vectorized playboy centerfolds at full resolution in general clipart packages for family and work? -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html