from:"Mark"

On Mon, 18 Dec 2023 at 22:15, Felix Miata  wrote:
>
> I can't answer why Grub scripts to what the do, because I don't really use 
> them,
> and don't need to understand much about them. Grub config files in 
> /boot/grub/ are
> akin to scripts, but they are really simple, mainly just command scripts. The
> usual one is grub.cfg, the one os-prober feeds from other Linux 
> installations. A
> less common one is custom.cfg. To use it requires the admin build it. When it
> exists, grub-mkconfig incorporates its use by/in grub.cfg. It actually gets 
> called
> by default from /etc/grub.d/41_custom, which adds the stanzas from it to the 
> Grub
> boot menu - after those that it has generated itself. I copy it to
> /etc/grub.d/07_custom, and empty 41_custom. That causes my custom stanzas to
> appear first in Grub's boot menu. /etc/grub.d/40_custom acts, and a copy of 
> it as
> 06_custom would act, in similar fashion, except that the admin's custom 
> stanzas
> are put into it by the admin instead of into a custom.cfg file.
>
> Thus, you, as admin, construct working stanzas however you like, with or 
> without
> UUIDS, with or without device names, with or without volume LABELS, however 
> you
> like boot to go, and they don't get changed, except by the admin - you. This 
> is
> easy, because you as admin can use the kernel (and initrd) symlinks Debian 
> puts in
> /, or anywhere you'd like symlinks to them to go, for distros that don't
> automatically create them for you. There's no need for maintenance when new
> kernels are installed in the case of Debian and other distros that 
> automatically
> generate new symlinks. For those that don't, creating them is trivial.
>

I have just tried this, I see 41_custom in /etc/grub.d and I see that
the text from that file ends up in my grub.cfg when I run update-grub.
So I have disabled os-prober, since I won't need it if I can get this
working, and created a cusom.cfg file with approximately what
os-prober generated as manuentry stanza lines for my LFS instance
(with references to os-prober removed and the root=/dev/sdc2 changed
to root=PARTUUID=)

And... on reboot, the menu entry for LFS is not included.

Now looking closer at 41_custom, it says this:

#!/bin/sh
cat <

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Thu, 21 Dec 2023 at 21:38, Mark Fletcher  wrote:
>
>
> So I rebuilt my LFS (was happy to do so, this is a learning exercise)
> with its own /boot partition, which gets me closer to the solution I
> want which is one Grub, Debian's grub, with Debian as the first and
> default boot choice, but LFS available as an alternative. And the only
> remaining problem is the Debian GRUB's insistence on using /dev/sdX2
> (for the root partition is the second partition on the disk) in the
> "linux" command line parameter.
>
Apologies -- I probably made it less clear rather than more with the
above -- I mean that Debian GRUB is insisting on using /dev/sdX2 _for
the LFS menu entry_. For its own menu entry it works fine, because my
bookworm installation is using LVM.

There is and ever has been only one GRUB on this system -- Debian's.
That's why I am asking about this on a Debian list. My goal here is to
configure Debian's GRUB to boot LFS as a secondary option alongside
the primary option of Debian, and have that survive kernel updates for
Debian, and I am there, except for persuading it not to specify
"root=/dev/sdX2" for the root filesystem in the LFS linux command
line, and instead persuading ti to specify "root=PARTUUID="
which grub-mkconfig's documentation says is what it will do when there
is no initrd and the GRUB_DISABLE_LINUX_{PART,}UUID variables are set
to false.

Mark

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Wed, 20 Dec 2023 at 06:01, David Wright  wrote:
>
>
> I can't see anywhere where the OP claims to have set up LFS for
> booting itself, as opposed to being booted from a Debian Grub.
> It only says "I have been able to get a grub.cfg including the
> LFS system …", which seems to imply LFS has only been set up
> as a "foreign" system by a Debian system.

Yes, that's exactly it. My very first attempt involved using Debian's
/boot partition as the /boot partition for LFS as well, so installing
LFS's kernel (6.4.12 IIRC) alongside Debian's, but I quickly learned
the folly of that when I saw the mess update-grub made of that...

So I rebuilt my LFS (was happy to do so, this is a learning exercise)
with its own /boot partition, which gets me closer to the solution I
want which is one Grub, Debian's grub, with Debian as the first and
default boot choice, but LFS available as an alternative. And the only
remaining problem is the Debian GRUB's insistence on using /dev/sdX2
(for the root partition is the second partition on the disk) in the
"linux" command line parameter.

>
> When os-prober runs on my system, a lot of stuff gets logged in
> messages, syslog and user.log. The lines that contain the string
> "result:" (without the quotes) are interesting. It's evident from
> those that have six fields following result: have had their root=
> field copied from the foreign system's grub.cfg. (In my case,
> "foreign" means a Debian system of the previous release.)
>
> When os-prober writes several clauses into my new grub.cfg's
> "### BEGIN /etc/grub.d/30_os-prober ###" section, the references
> to the partition are constructed using UUIDs (not PARTUUIDs, because
> there's an initrd). However, the kernel command line reads
> "root=LABEL=toto04", so that string wasn't constructed by os-prober,
> but copied from the foreign grub.cfg¹.
>
> That suggests to me the probability that whereas +Grub constructs+
> the root= strings for the "### BEGIN /etc/grub.d/10_linux ###"
> section, +os-prober copies+ the root= strings into the
> "### BEGIN /etc/grub.d/30_os-prober ###" section instead.
>

Interesting -- but there is no grub.cfg on the LFS system because grub
has never been installed there. There is a /boot partition but no
/boot/grub/grub.cfg .
So, nothing to copy from in this case.

Mark

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Wed, 20 Dec 2023 at 02:40, Felix Miata  wrote:
>
> Mark Fletcher composed on 2023-12-20 00:28 (UTC):
>
> > I am curious to know from Debian
> > GRUBbers (as it were) if the behaviour I am describing in this thread
> > is expected...
>
> I suspect few if any regulars here spend much time with Slackware.

I am genuinely confused about how Slackware came into the picture
here... my foreign OS is LFS, nothing to do with slackware as far as I
know...

I appreciate your initial help which I still think is my best hope of
a solution -- about to implement in a few minutes so will know for
sure shortly -- but have not responded to the rest of this message as
I think it is based on a misunderstanding.

Thanks

Mark

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

2023-12-19 Thread Mark Fletcher

On Mon, 18 Dec 2023 at 22:15, Felix Miata  wrote:
>
> Thus, you, as admin, construct working stanzas however you like, with or 
> without
> UUIDS, with or without device names, with or without volume LABELS, however 
> you
> like boot to go, and they don't get changed, except by the admin - you. This 
> is
> easy, because you as admin can use the kernel (and initrd) symlinks Debian 
> puts in
> /, or anywhere you'd like symlinks to them to go, for distros that don't
> automatically create them for you. There's no need for maintenance when new
> kernels are installed in the case of Debian and other distros that 
> automatically
> generate new symlinks. For those that don't, creating them is trivial.
>
> <https://forums.opensuse.org/t/how-to-have-a-custom-uefi-grub-menu-for-a-multiboot-system/133541/2>
> is a thread that goes through my UEFI system setups.
> --

Thanks very much for your help, I reckon I can make that work.

Is that the "official" answer? I am curious to know from Debian
GRUBbers (as it were) if the behaviour I am describing in this thread
is expected...

Thanks

Mark

GRUB -- Debian overrides? Or maybe I just don't understand it well...

2023-12-18 Thread Mark Fletcher

Hello

I need help with a problem configuring grub. My main OS on the system
concerned is bookworm (was probably originally installed as bullseye,
might even have been earlier, and then has been upgraded over the
years, now at bookworm). That system is the system that has installed
grub and grub's configuration gets updated whenever a kernel update
happens in the Debian stable ecosystem.

I have now set up an LFS (Linux from Scratch) installation on the same
box, on a brand new SSD installed into the machine for the purpose. So
I want to be able to dual-boot. I have been able to get a grub.cfg
including the LFS system but the root of the LFS system is being
specified by device name and that is a problem.

There are also a couple of existing, older SSDs in the machine, one of
which contains an older installation of Debian which I don't use any
more but haven't quite brought myself to delete (although will
eventually), and one is mounted as /opt in my main system.

Because I want to dual-boot with the LFS system I turned on the
os-prober in /etc/default/grub. Running update-grub then duly finds
the LFS system and sets up configuration in grub for it (it also finds
the old Debian system, which I'd prefer to keep out of grub but that's
not a big deal for now).

Both old and current Debian installations use LVM and initrd. The LFS
instance uses neither.

I just don't seem to be able to persuade update-grub to put
root=UUID= or root=PARTUUID= into the linux command line
for the LFS system. Because update-grub is going to be run every time
there is a kernel update in Debian, I need it to work and just
overriding it by hand isn't a solution.

Instead it is using root=/dev/sdX2. The problem is over the last few
boots I have seen the SSD containing the LFS system come up as
/dev/sda, /dev/sdb and on this boot now, /dev/sdc.

According to the grub-mkconfig documentation[1], if I make sure
GRUB_DISABLE_LINUX_UUID and GRUB_DISABLE_LINUX_PARTUUID are both set
to false, in the absence of an initrd it should use "root=PARTUUID=<>"
in the linux command line, but when I run update-grub that is not
happening, and the device identifier is being used instead.

Can anyone explain why, and how I can fix this in a way that will
still work the next time the bookworm kernel gets an update?

Thanks

Mark

[1]
https://www.gnu.org/software/grub/manual/grub/html_node/Root-Identifcation-Heuristics.html#Root-Identifcation-Heuristics

Re: linux-image-amd64: kernel fails to find all nvme SSDs

2023-10-24 Thread Jeffrey Mark Siskind

Supermicro provided a workaround: boot with the kernel command line
parameter pci=realloc=off.

As an side, Rocky 9.2 does not have this issue even though it boots
without that kernel command line parameter.

Jeff (http://engineering.purdue.edu/~qobi)

linux-image-amd64: kernel fails to find all nvme SSDs

2023-10-14 Thread Jeffrey Mark Siskind

I purchased a new server: Supermicro AS-8125GS-TNHR. It has 17 NVME
drives installed:

1x Micron 7450
   12x Micron 9300
4x Micron 9400

Upon boot, /dev/nvme* only shows 10 drives: the Micron 7450, 8 of the
Micron 9300s, and 1 of the Micron 9400s. Before I plugged in the 12x
Micron 9300, /dev/nvme* only showed 2 drives: the Micron 7450 and 1 of
the Micron 9400s.

I run bookworm stable. Upon first install, it ran kernel
6.1.0-12. After an apt upgrade it ran 6.1.0-13. I also installed
6.4.0-0-deb12.2 from bookworm backports. All 3 exhibit the same
issue. the only difference is that under 6.1.0-13 the 10 drives that do
appear appear as /de/nvme{0,1,2,3,4,5,6,7,8,9} while under 6.4.0-0-deb12.2
the 10 drives that do appear appear as different numbers with some missing.

The 1x 7450 has 3 partitions: EFI, / formatted as btrfs, and swap.
The 12x 9300s are all formatted with 1 partition. There are 6 pairs of
2, Each pair has a btrfs raid1 file system. The 9400s are not yet formatted.

lspci shows all 17 drives. But only 10 show up in hwinfo.

Thanks,
Jeff (http: //engineering.purdue.edu/~qobi)

linux-image-amd64: failed to bring up processor 192

2023-10-14 Thread Jeffrey Mark Siskind

I purchased a new server based on the Supermicro AS-8125GS-TNHR. It
has two EPYC 9654 processors. Each processor has 96 cores and 192 hyperthreads.
Thus the system as a whole has 192 cores and 384 hyperthreads. I run
Debian stable bookworm. When first installed, it ran kernel
6.1.0.12. That kernel found all 384 "CPUs". All were reported in /proc/cpuinfo.
I subsequently did an apt upgrade which upgraded to 6.1.0.13. Upon
boot, dmesg -lerr reports:

   root@poto:~# dmesg -lerr
   [   11.080833] smpboot: do_boot_cpu failed(-1) to wakeup CPU#192

Further, /proc/cpuinfo is missing processor 192.

I subsequently installed 6.4.0-0-deb12.2-amd64 from bookwork
backports. The issue still occurs. If I boot 6.1.0.12 I do not get the issue.

There are other reasons I cannot run 6.1.0.12 that I will describe in
a different bug report.

Jeff (http: //engineering.purdue.edu/~qobi)

Re: trixie update/upgrade strangeness

2023-10-12 Thread Mark Copper

On Wed, Oct 11, 2023, 9:49 PM Andy Smith  wrote:

> Hello,
>
> On Wed, Oct 11, 2023 at 04:25:58PM -0500, Mark Copper wrote:
> > suddenly, all files created on /dev/sda1 for the last 27 days have
> > disappeared, even files I edited this morning before restarting. Like the
> > clock was turned back a month. The disk, a new 18 TB, passed the test
>
> This happened to a customer of mine once, and they asked me to look
> into it. When I did I found that:
>
> - they were using LVM
> - they'd taken a snapshot of their root fs
> - they were finding and mounting their root fs by fs UUID
> - snapshot obviously had same fs UUID
> - the kernel was finding the snapshot first at boot
>
> Could anything like that be happening?
>
> Thanks,
> Andy
>
> --
> https://bitfolk.com/ -- No-nonsense VPS hosting
>

Yes, something like that. I should have mentioned it wasn't just files
disappearing but also files that had been moved were back in their previous
location. This "snapshot" appears to have been taken at the time of my
upgrade from bookworm to trixie.

The whole system is behaving strangely so I had better save the data that
remains.

Thanks for responding.

>

trixie update/upgrade strangeness

2023-10-11 Thread Mark Copper

Yesterday, an attempt to install topcat package failed. So I ran "apt
update" and "apt upgrade".

The first surprise was the extent upgrade, it was much more extensive than
I would have expected.

After the upgrade the X terminal crashed.

Today wifi started misbehaving so I rebooted the box.

Now, suddenly, all files created on /dev/sda1 for the last 27 days have
disappeared, even files I edited this morning before restarting. Like the
clock was turned back a month. The disk, a new 18 TB, passed the test

sudo smartctl -a /dev/sda

There is nothing in dmesg or syslog to indicate a problem. And

fsck /dev/sda1

is clean.

Strange, no?

Re: Gradle version in bookworm

2023-08-27 Thread Mark Fletcher

On Sun, 27 Aug 2023 at 07:52, Steve Sobol  wrote:

> On 2023-08-26 03:18, Mark Fletcher wrote:
>
> > continue using it -- but since I can get it onto my machine with zero
> > effort via Intellij
>
> I am a Jetbrains subscriber who uses many of their IDEs, including
> IntelliJ, and if that's the way you want to go, I'm certainly not going
> to tell you not to.
>
> But if you don't need IntelliJ, it seems silly to install it just to get
> Gradle.
>
> You can download the latest OSS version of Gradle from gradle.org.
>
> Am I missing something?
>

Oh, yes — the fact that I never suggested for a moment that the only reason
I installed IntelliJ was to get Gradle. I’ve been an IntelliJ user since
about 2006/7 or so.

What I said was that I noticed that IntelliJ was installing a version of
gradle to suit it, not using the platform-level Gradle, and was regularly
updating it. The point of that, if you read the thread, was that there was
a suggestion earlier in the thread that the reason gradle hadn’t been
upgraded in bookworm and was still on version 4 while upstream was on
version 8 was that it was terribly difficult to do, due to dependencies —
but clearly not, given the ease of installing it manually.

>
Hope that clears that up.

Mark

>
>

Re: Gradle version in bookworm

2023-08-26 Thread Mark Fletcher

On Sat, 5 Aug 2023 at 17:51, Roberto C. Sánchez  wrote:
>
> On Sat, Aug 05, 2023 at 05:21:55PM +0100, Mark Fletcher wrote:
> > Gradle is not some minority, hardly-used tool, so there is presumably
> > a reason why the package hasn't been updated in Debian. Anyone know
> > what it is?
> >
> Becuase it's Very Hard Work(TM).
>
> Updating Gradle in Debian was proposed as a project under Freexian's
> Project Funding initiative and it was accepted and work was done on it
> for several months:
> https://salsa.debian.org/freexian-team/project-funding/-/issues/19
>

Thanks, that makes interesting reading. On the surface, it's clearly _not_ a
major technical challenge to install considering how easy it is to install
manually.
After my original post I discovered that IntelliJ has been installing
successive
versions of it on my machine and the latest version installed Gradle 8.2
which
is the latest. So I will just use that going forward, and upgrade when I
update IntelliJ.

Looks like the issue for _packaging_ Gradle is some of its dependencies.
That
effort you provided a link to is / was about getting rid of some
proprietary enterprise
plugin, and seems to have uncovered a dependency chain via Kotlin that
slightly
bizarrely leads to a dependency on OpenJDK 8... Really? In 2023? If I am
reading
the discussion right it looks like the version of Kotlin we have in Debian
depends
on OpenJDK 8 and no one is stepping forward to update that. They are making
rumbling noises about dropping gradle from Debian. I like gradle and will
likely
continue using it -- but since I can get it onto my machine with zero
effort via
Intellij I don't seek to insist that Debian package it (and installing it
manually is
easy if I had to... which I don't). So I guess the way out of this current
situation
is either for gradle to be dropped from Debian or Kotlin to get an upgrade.
I'd lean
towards drop it except that there is an acknowledgement that Kotlin isn't
going
away and will need an upgrade at some point anyway...

Anyway, thanks, I understand the situation a little better now -- and also
I have
a path forward for my own work, so I am happy now.

Mark

Gradle version in bookworm

2023-08-05 Thread Mark Fletcher

Apologies if this is a dumb and/or frequently-answered question,
but... does anyone know why the version of the "gradle" build tool in
bookworm is version 4?

The version in bookworm, 4.4.1-18, was migrated to testing in January
of this year -- an upgrade from version 4.4.1-13 -- at which time the
latest upstream version was at least version 7. So it doesn't appear
to be a "package not maintained any more" issue... The maintainers
appear to be the Debian Java maintenance team, who I would assume
would be unlikely to wander off... Bug reports against the package are
beginning to show evidence that people are finding the age of the
package a problem as unit tests and even some build dependencies
become harder and harder to support.

Gradle is not some minority, hardly-used tool, so there is presumably
a reason why the package hasn't been updated in Debian. Anyone know
what it is?

Thanks!

Mark

Re: Overzealous polkit

2023-07-25 Thread Mark Fletcher

On Mon, Jul 24, 2023 at 22:55 Charles Curley <
charlescur...@charlescurley.com> wrote:

> A fresh install of Debian 12.1 on a Lenovo Yoga 13. I have firewalld
> installed, and firewall-config 1.3.0-1 to manage it. Polkit insists on
> authentication, which is fine. It then has extremely short timeouts (or
> something), so I have to keep re-authenticating. How do I tell it to
> not be so zealous?
>
> --
> Does anybody read signatures any more?
>
> https://charlescurley.com
> https://charlescurley.com/blog/
>
> I misread the subject line of this thread as “overzealous polecat” — and
thought “What’s this, a new release of Ubuntu or something?” :)

Mark

Re: virtualisation

2023-05-22 Thread Mark Allums


On 5/22/2023 2:10 PM, Dan Ritter wrote:

mick.crane wrote:

This is a request for best practice, perceived knowledge.
For one reason and another this PC/Workstation (what is the difference?)
boots in legacy mode. It was something to do with the SS usb port not
booting the installer in EFI mode.
I forget exactly.
Anyway, it's a niggle that it is legacy mode and changing a working system
seems a palaver.
As I have the /home stuff all being/copied onto another disk I thought I'd
reinstall and try to get it tidy.
I thought to try this virtualisation.
Q1. Would openbox be the one to go for?
Things I use work happily on Bookworm but seems openbox is only available in
Sid for now.
Should I try to build openbox or try to get it from Sid if OpenBox is what I
want?
I have purchased 64Gb of this DIMM memory for the experimentation.

Openbox is a window manager.

You probably mean VirtualBox, and the answer is no.


Why is VirtualBox a no?  I use it; it works  fine.



Try KVM/QEMU, which is available via the libvirt tools; the
primary graphical interface is virt-manager, and the primary CLI
is virsh.

-dsr-


Marl Allums

Re: efi problem

2023-04-22 Thread Mark Allums


On 4/22/23 15:06, mick.crane wrote:

On 2023-04-22 19:05, DdB wrote:

Am 22.04.2023 um 19:30 schrieb mick.crane:

I suspect the GPU is suspect because there are small blocks of pixels
appearing where they aren't wanted.
I'd like to re-install the OS as I've got copies of everything I think.
Just to see if it's maybe a driver issue.
Thing is I can't get the f12 options screen of the PC to let me boot
from a CD in this EFI mode what's grub done.
How can I boot from CD in this EFI mode?

mick




My neighbor has an old laptop without a CD drive. But there is a linux
running (ubuntu). So what i did is this:
i did download (and check) an ISO-file to boot from (debian- or ubuntu-
live versions) and googled for the appropriate stanza for grub to handle
booting from that ISO file. Then i did modify the /etc/grub.d/41_custom
file, to make sure, grub will include that stanza on update-grub
automatically.
But if you only want to boot it only once, you could - on boot, while
seeing the grub menu, enter "c" to open a command line and enter the
necessary commands by hand. (I liked to learn, what grub has to offer
for cases of emergency. Can come in handily, if you - or a friend - gets
stuck on boot.)

BTW: IIRC, grub is able to start an efi-shell, if needed, to force boot
options that way. But my neighbor did not have uefi. Whereas I do, and -
although i am lazy and prefer automation, i had to boot up manually via
UEFI several times.

What i am saying is: it is possible, but not exactly trivial. Learning
is involved and desirable.

Have fun
DdB


It used to be grub thought things were HD0, HD1
and you could decide what to boot from
I have a CD with the debian installer on it that I burnt with the 
xorriso which I'm presuming is a bootable CD but there's no way of 
telling because the EFI thing won't let me select it to boot from


Good grief!  Use etcher or dd to copy it to a USB flash drive. Or put 
the machine in compatibility mode, and bypass the UEFI.


Mark A.

Re: Gnome desktop environment

2023-04-22 Thread Mark Fletcher

On Sat, 22 Apr 2023 at 20:53, William Torrez Corea 
wrote:

> I want to delete the Gnome desktop environment.
>
> *What command is used for an elimination complete?*
>
> I use this command but don't get the effect desired.
>
> # apt-get install task-gnome-desktop
>
>
Well, to be fair, if you want to remove it, telling it to install it
probably isn’t likely to produce the desired effect…

>
You could try using “remove” or “purge” instead but be ready for a lot of
applications that depend on Gnome (or at least on a desktop of some sort).
So the better approach may be to decide what you want to replace it with,
try to install that, and guide the package manager towards uninstalling
Gnome as it tries to sort out the mess that creates.

Mark

>
>
>

Re: how to limit a CPU temperature?

2023-04-08 Thread Mark Allums


On 4/8/2023 8:01 PM, David Christensen wrote:

On 4/8/23 07:17, songbird wrote:

   i have a program that has changed it's behavior to suddenly
become a CPU hog (while doing something simple like uploading
files for my website).  probably a bug, but it got me to
wondering how i could limit the CPU temperature to a range
well below the maximum that kicks in by the CPU itself.

   i have an intel processor and it has the MAX which does
prevent it from going higher (100C), but i'd like to keep it
at 70C or lower.

   i've been trying to find anything that will let me set this
but no luck yet in my searches.

   thanks!  :)


   songbird



Assuming the computer had a proper thermal solution when assembled, 
the 100 C processor temperature indicates that the thermal paste 
between the processor and its heat sink has gone bad.  I suggest 
replacing it with silver-based thermal paste.


New paste yes, silver no.  That's out-of-date.  Silver is conductive.  
Silver paste is not superior to Thermal Grizzly Kryonaut or Arctic 
(maker of the most popular silver paste) MX-6. You want non-conductive, 
non-capacitive paste.



Mark Allums

Re: does your Thunderbird for deb11 often become unresponsive?

2023-03-04 Thread Mark Allums


On 3/3/23 12:17, Alexander V. Makartsev wrote:

On 03.03.2023 09:02, hlyg wrote:
at first i suspect Thunderbird(TB) try to access some sites that are 
blocked in china


i disable show Start Page when it launches

i disable check email automatically for each account

but it becomes unresponsive when i File->New->Message

i really don't know cause of unresponsiveness

PS: even if blocked sites cause trouble, it's bug of TB, it shall 
timeout after it can't access sites for some time

I don't have any issues with TB on a PC with operating system on SSD.
If I had to guess the culprit, it could be a failing HDD.
You should check "/var/log/syslog" for anything suspicious and\or 
"smartctl".
This also could be a symptom of resource starvation. Run "free -h" 
and\or "top" to see if there is any resource hogs.


It's a bug in Thunderbird.  It is the result of using multiple accounts 
and something about multi-threading, I think, (on mine, anyway).  I have 
not filed a bug, but surely they know about it, it's present on both 
Linux and Windows, and through several versions.  I have been patiently 
waiting for a fix, perhaps we should all file bugs, if they are 
inundated with bug reports, maybe they'll be more motivated to fix it.


Mark A.



--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Re: netgear wna3100 not supported by linux?

2023-01-09 Thread Mark Fletcher

On Mon, 9 Jan 2023 at 09:46, lsg  wrote:

> i've searched Internet, it doesn't seem supported by linux?? too bad
>
> Looks like you need to use ndiswrapper with the windows drivers to get it
to work. Saw that on an Ubuntu forum but what’s good for the gander is
often good for the goose…

Mark

Re: Package versions in multi-arch

2023-01-06 Thread Mark Fletcher

On Fri, 6 Jan 2023 at 15:39, Steve McIntyre  wrote:

> You've been bitten by a subtle but unfortunately common problem,
> yes. In multi-arch systems the versions of packages have to be totally
> in sync. But the +b1 syntax here means that the i386 package has had a
> binNMU (binary NMU) build which means that they *can't* be in
> sync. The problem should be solved with the next new upload of the
> llvm-toolchain-15 source package - that will bump the version in both
> cases so that they match.
>
> binNMUs are horrible. :-(
>
Thanks very much. That explains it. Guess I will just wait then.

Thanks

Mark

Package versions in multi-arch

2023-01-06 Thread Mark Fletcher

Hi list

I have a package installation problem which leads to a question about
how (and if) package versions interact in different architectures.

My system is an amd64 bookworm system, with multi-arch support and
some packages from i386 installed, to support a vendor-supplied
printer driver and, more relevantly to this problem I think, steam.

For the last week or so package libllvm15:i386 doesn't want to upgrade
and is "kept back" by apt.

$ apt show -a liblllvm15:i386

Shows two possible package versions, 1:15.0.6-3 which is installed and
1:15.0.6-3+b1 which is a candidate to install. This situation pertains
only to the i386 version, the amd64 version is at 1:15.0.6-3 and
doesn't seem to have a newer version. This agrees with what I see on
packages.debian.org.

Looking at the dependencies of the two versions of the i386 package,
the only difference I can see is that the new version depends on
libstdc++6 version 2.12.0.10 or newer, while the older, installed
version depends on 2.12.0.09 or newer. However I have 2.12.0.13
installed so that should satisfy either version's dependency.

I also checked dependencies _on_ libllvm15:i386:

$ apt rdepends libllvm15:i386 | awk '/^ Depends/ {print $2}' | awk -F:
'{print $1}' > depends.txt
$ apt list --installed | grep i386 | grep -f depends.txt

This shows me 4 i386 packages are both installed and depend on
libllvm15:i386, looking at "apt show" of all 4 shows that they all
depend simply on the presence of the package and make no demands about
what version of the package is present.

The last thing I could think of was a Conflicts dependency:

$ apt list --installed | grep i386 | awk -F/ '{print $1}' | xargs apt
show -a | grep ^Conflicts: | grep libllvm15

returns nothing, indicating that none of the installed i386 packages
conflict with any version of libllvm15.

In desperation I dragged aptitude out of retirement and did aptitude
full-upgrade, and got a little bit more information. Aptitude wanted
to uninstall the amd64 version of libllvm15 and then upgrade
liblvm15:i386. I didn't let it because that would have broken the
packages that depend on the amd64 version of the package.

Am I reading this right that if two architectures of the same package
are installed on the same system with multi-arch support, they have to
be the same version? If that is true, the solution is just to wait for
the new version of the package to be added in amd64. But... really?

Thanks

Mark

apt-get under Kali Linux reports wrong data rate.

2022-12-24 Thread Mark

Dear People

I have no idea who to report this issue to.

Under latest build of Kali Linux i have noticed the download speed with apt-get 
commands, it shows K Bits/s and should in fact be K bits/s
The difference between Bytes & Bits is important.

N.B small b not capital B!
KIDS!

Please pass on to Debian & Kali developers this major error in download speeds.

Regards

Mark Edgar

Sent with [Proton Mail](https://proton.me/) secure email.

Re: gnome-remote-desktop on bookworm

2022-12-21 Thread Mark Fletcher

On Tue, 20 Dec 2022 at 15:41, Mark Fletcher  wrote:
>
> Hi
>
> Does anyone know what state gnome-remote-desktop is in on bookworm? I can't 
> get it to work. I have a system recently upgraded to bookworm, running Gnome 
> if that wasn't obvious.
>

This turned out to be caused by port number confusion. Some of the
summary info about gnome-remote-desktop suggests it offers both VNC
and RDP protocols. Digging deeper into the docs it turns out that RDP
is offered by default and you have to dig deeper to turn on VNC. Port
5900 is the VNC port, the RDP port being 3389. gnome-remote-desktop
was listening on 3389, and when I downloaded an RDP as opposed to VNC
client on the client side and tried that, it worked.

Incidentally the gnome-remote-desktop docs say you have to use a
command line tool to turn on VNC support, but when you invoke said
tool, its help only offers any info about RDP options.. Still haven't
figured out how to turn on VNC support -- but that's OK because I have
RDP working now.

The other thing I have learned through this experience is that there
are a large number of extremely crap RDP client apps available for the
iPad -- I had to kiss a fair number of frogs before I found a decent
one. One of the frogs included a tool that claimed to be _made by
Microsoft_ but didn't map the screen properly, so where you were
clicking wasn't where you thought you were clicking. Never mind, I
found a decent one in the end.

Mark

gnome-remote-desktop on bookworm

2022-12-20 Thread Mark Fletcher

Hi

Does anyone know what state gnome-remote-desktop is in on bookworm? I can't
get it to work. I have a system recently upgraded to bookworm, running
Gnome if that wasn't obvious.

In Gnome settings, under Sharing I have turned on Remote Desktop and Remote
Control, but other clients on my network can't connect, saying the port
can't be contacted. Those machines can connect to the machine in question
in other ways, eg ssh.

I googled for this and found a discussion in an Ubuntu forum where they
used lsof to show that nothing was listening on the RDP port, 5900. The
cause on that occasion was held to be that Ubuntu was using a different
major version of gnome-control-center (41) to that of gnome-remote-desktop
(42). I've checked and in bookworm right now the major version of both is
43.

# lsof -i TCP:5900

returns nothing. Same for all port numbers between 5900 and 5909 (I checked
in case it was using a different virtual desktop number). That suggests to
me the remote desktop server is not listening, although the settings would
have me believe it is. I also tried a reboot although I realise this isn't
Windows but just in case... no dice.

Is anyone using this (relatively new, I gather) feature of Gnome? Did you
have to do anything else to get it to work?

Thanks all

Mark

Asterisk 20 doesn't include chan_sip.so

2022-11-20 Thread Mark Kamichoff

Hi - 

I'm not sure if this is a bug or intentional so I figured I'd ask here
first before submitting a bug report.

The Asterisk package in testing (1:20.0.0~dfsg+~cs6.12.40431414-2)
doesn't appear to have chan_sip.so included anymore.  The file is no
longer there so no amount of noload'ing pjsip and load'ing chan_sip
works.  The package for version 18 (1:18.14.0~dfsg+~cs6.12.40431414-1)
has it included.  From my understanding even though chan_sip has been
deprecated in favor of pjsip for a few releases, it is still included
until version 21 (Oct 2023?) where it will be removed completely in
favor of res_pjsip.

I didn't find anything about its removal in changelog or NEWS files.

Can any Asterisk users out there comment if this may have been
intentional or whether this was a miss on the Asterisk 20 package build?

Thanks!

- Mark

-- 
Mark Kamichoff
p...@prolixium.com
https://www.prolixium.com/


signature.asc
Description: PGP signature

Put a package back

2022-11-18 Thread Mark Killeen

Hello,
Our system is relying on an older version of this package libnet-ssleay-perl.
Its left us in a bad position with clients as we are blocked from releasing a 
hotfix. Can this package get put back temporarily?
https://deb.debian.org/debian/pool/main/libn/libnet-ssleay-perl/libnet-ssleay-perl_1.85-2+b1_amd64.deb

Thanks,
Mark


Mark Killeen
Revelation Team

[Logo  Description automatically generated]<https://www.forsta.com/>

Email confidentiality 
statement<http://confirmit.com/activity/email-confidentiality.aspx>




CONFIDENTIALITY NOTICE: This e-mail is confidential and may contain legally 
privileged information. If you have received it by mistake, please inform us by 
reply e-mail and then delete it (including any attachments) from your system; 
you should not copy it or in any other way disclose its content to anyone. 
E-mail is susceptible to data corruption, interception, unauthorized amendment, 
tampering and virus. We do not accept liability for any such actions or the 
consequences thereof.

Apt upgrade problem

2022-10-16 Thread Mark Fletcher

Hi

Tonight I am seeing a behaviour pattern in my Debian Bullseye system that I
have not seen before.

After "sudo apt update", the system informs me there is 1 package that can
be upgraded.

"sudo apt upgrade" reports nothing to do, 0 packages upgraded, 0 newly
installed, 0 to remove and 0 not upgraded...

"apt list --upgradable" shows a new version of the Amazon Workspaces
client, version 4.3.0.1766. It also shows that there is one more version
available.

"apt list -a --upgradable" shows:

Listing... Done
workspacesclient/unknown 4.3.0.1766 amd64 [upgradable from: 4.2.0.1665]
workspacesclient/now 4.2.0.1665 amd64 [installed,upgradable to: 4.3.0.1766]

"sudo apt install" reports:

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.

System doesn't seem to want to install the new version of the Amazon
workspaces client. I'm assuming some dependency not known to the system is
needed for the new version. However I also note the /unknown after the
package name in the new version, which is /now in the current version. I am
not sure what that is, but presumably /unknown isn't good... Can anyone
suggest an approach to investigate why this upgrade won't happen?

In case important, Amazon workspaces client is included in my package list
by "amazon-workspaces-clients.list" in /etc/apt/sources.list.d/ :

deb [arch=amd64] https://d3nt0h4h6pmmc4.cloudfront.net/ubuntu bionic main

That comes from the install instructions page of the Amazon Workspaces
client. It did occur to me that perhaps the new version needs some
additional repository, so I went back and checked but the installation
instructions have not changed, so it seems not.

Thanks in advance

Mark

VNC on debian 11 can't get it working on fress install

2022-09-30 Thread Mark Tyfish

Hello all,
I am struggling getting VNC to behave on a fresh install.
I followed these instructions:
https://computingforgeeks.com/install-and-configure-tigervnc-vnc-server-on-debian/


~ This command works and brings up a vnc server I can log into:

vncserver -xstartup startxfce4 &

~ Here is the start of the logfile of a successful 
start:mark@debian:~/.vnc$ cat debian\:5901.log
Xvnc TigerVNC 1.11.0 - built 2022-01-26 17:59Copyright (C) 1999-2020 TigerVNC 
Team and many others (see README.rst)See https://www.tigervnc.org for 
information on TigerVNC.Underlying X server release 12011000, The X.Org 
Foundation

Fri Sep 30 20:21:56 2022 vncext:      VNC extension running! vncext:      
Listening for VNC connections on local interface(s), port 5901 vncext:      
created VNC server for screen 03NI3X0 New Xtigervnc server 'debian:1 (mark)' on 
port 5901 for display :1.3NI3X0 Use xtigervncviewer -SecurityTypes VncAuth 
-passwd /home/mark/.vnc/passwd :1 to connect to the VNC 
server./usr/bin/startxfce4: X server already running on display :1gpg-agent: a 
gpg-agent is already running - not starting a new one
(xfwm4:4458): xfwm4-WARNING **: 20:21:57.417: Unsupported GL renderer (llvmpipe 
(LLVM 11.0.1, 256 bits)).
** (xfce4-power-manager:4492): WARNING **: 20:21:57.987: Failed to get name 
owner: GDBus.Error:org.freedesktop.DBus.Error.NameHasNoOwner: Could not get 
owner of name 'org.xfce.PowerManager': no such name

** (xfce4-power-manager:4492): WARNING **: 20:21:57.988: Failed to get name 
owner: GDBus.Error:org.freedesktop.DBus.Error.NameHasNoOwner: Could not get 
owner of name 'org.freedesktop.PowerManagement': no such name
Xfce power manager is not runningXlib:  extension "DPMS" missing on display 
":1".
(xfce4-power-manager:4492): xfce4-power-manager-WARNING **: 20:21:57.991: 
Monitor is not DPMS capable~ log continues



~ This command does not work:mark@debian:~/.vnc$ vncserver
New Xtigervnc server 'debian:1 (mark)' on port 5901 for display :1.Use 
xtigervncviewer -SecurityTypes VncAuth -passwd /home/mark/.vnc/passwd :1 to 
connect to the VNC server.

=== tail /home/mark/.vnc/debian:5901.log 
===xrdb: No such file or directoryxrdb: can't open file 
'/.Xresources'
Session startup via '/home/mark/.vnc/xstartup' cleanly exited too early (< 3 
seconds)!
Maybe try something simple first, e.g.,        tigervncserver -xstartup 
/usr/bin/xtermThe X session cleanly exited!Killing Xtigervnc process ID 4806... 
success!
~ This is the log I get:mark@debian:~/.vnc$ cat debian\:5901.log
Xvnc TigerVNC 1.11.0 - built 2022-01-26 17:59Copyright (C) 1999-2020 TigerVNC 
Team and many others (see README.rst)See https://www.tigervnc.org for 
information on TigerVNC.Underlying X server release 12011000, The X.Org 
Foundation

Fri Sep 30 20:32:01 2022 vncext:      VNC extension running! vncext:      
Listening for VNC connections on local interface(s), port 5901 vncext:      
created VNC server for screen 03NI3X0 New Xtigervnc server 'debian:1 (mark)' on 
port 5901 for display :1.3NI3X0 Use xtigervncviewer -SecurityTypes VncAuth 
-passwd /home/mark/.vnc/passwd :1 to connect to the VNC server.xrdb: No such 
file or directoryxrdb: can't open file '/.Xresources'/usr/bin/startxfce4: X 
server already running on display :1 ComparingUpdateTracker: 0 pixels in / 0 
pixels out ComparingUpdateTracker: (1:-nan ratio)xrdb: Connection refusedxrdb: 
Can't open display ':1'Unable to init server: Could not connect: Connection 
refusedxfce4-session: Cannot open display: .Type 'xfce4-session --help' for 
usage.
Any ideas?  thanks

DM crashes in Sid

2022-05-12 Thread Mark Allums

Ihave Mate, Gnome Flashback, and XFCE installed.  Today, when starting 
up, all three will start, then exit with extreme prejudice.  Mate was 
doing that before, so, being lazy, I switched to XFCE, and didn't try to 
diagnose and solve and fix. But now all are doing it.  Also, the virtual 
terminals (Alt-Ctrl-F2, etc.) are behaving a bit weirdly, and will not 
show a bash prompt.


Oddly, when I rebooted and started in rescue mode, when I changed to 
user mode via SU, as in su george, I expected that typing startx, I 
might get some error messages.  But X works, and LightDM works, and when 
I logged into Mate, Mate continued to work, when it hadn't been working 
for months.


What do I need to do to discover the problem?  Running Sid.  I recall a 
similar problem for someone else, a segfault-or-other, I think, that I 
seem to recall involved deleting a config file.  If someone that recalls 
that could post a link, it'd be great, or could coach me how to diagnose 
and fix, or at least tell me what to Google for...


Thanks

Mark Allums

Re: Issues running TigerVNC on Debian WSL-2

2022-04-17 Thread Mark Wood-Patrick

I need to run on Debian under WSL-2 and want to be able to use Microsoft
Wayland as display 0 and want to have VNC access to the system.

Can you elaborate on exactly what your concerns are and how you would
resolve them and on your comment about the sticky bit, any links on these
issues would be appreciated

Regards

Mark

On Sun, Apr 17, 2022 at 11:07 AM Greg Wooledge  wrote:

> On Sun, Apr 17, 2022 at 10:59:44AM -0700, mwoodpatr...@gmail.com wrote:
> > Many thanks for the response. Much appreciated
> >
> > Permissions look ok
> >
> > ls -ld /tmp /tmp/.X11-unix
> >  drwxrwxrwt 2 root root 4096 Apr 17 09:31 /tmp
> >  lrwxrwxrwx 1 root root   19 Apr 17 09:31 /tmp/.X11-unix ->
> > /mnt/wslg/.X11-unix
> >
> > ls -ld /mnt/wslg/.X11-unix
> > drwxrwxrwx 2 root root 60 Apr 17 09:31 /mnt/wslg/.X11-unix
> >
> > I have write access to both locations
>
> That looks incredibly not OK.  You're doing something unusual, and
> you are going to have to deal with the consequences of that.  This
> may include running afoul of various things like AppArmor that are
> restricting access to specific directory trees, which you are no longer
> in.
>
> I can't imagine what benefit you think you're deriving from this
> convoluted setup, but whatever it is, I hope it's worth the pain you're
> going to experience, trying to track down all of the things you've
> broken.
>
> (You've also forgotten the sticky bit on your mounted directory.)
>
>

-- 
Mark Wood-Patrick

Re: I've been caught out

2022-01-24 Thread Mark Allums


On 1/24/22 05:08, gene heskett wrote:

On Monday, January 24, 2022 5:19:13 AM EST Thomas Schmitt wrote:

Hi,


gene@coyote:~/Debian-arm/linux$ patch -p1  ../patches/*.patch
patch: ../patches/0001-mm-memcg-Disable-threshold-event-handlers-on-
PREEMPT.patch: extra operand


man patch says

patch [options] [originalfile [patchfile]]

With "patchfile" being singular i'd expect that it refuses if you give
more than one.
Further it does not look as if you give an "originalfile", which is
demanded by the common []-bracket around "originalfile [patchfile]".

So what file do you want to change by the patch ?
Does ../patches/*.patch evaluate to a single file ?


No, its a directory with many patches. IMO patch should take them, in
their sorted order, until its out of patches. Or do we have a gui to
oversee that, something like kompare maybe? I'll take a look.


(I get that error if i give three dummy file arguments.
  If i give two i get a lot of "Hunk ... FAILED at .." because my second
file is no properly formatted patch.
  If i give one, the program waits for standard input.)


Have a nice day :)

Thomas


Thanks Thomas, stay well now.

.



Cheers, Gene Heskett.



There exist tools for this.  What about quilt?

Mark A.

Re: Firefox: Warning: Potential Security Risk Ahead for the USPS.com

2022-01-03 Thread Mark Allums


Did you click on a phishing link?

Mark Allums



On 1/3/22 16:16, local10 wrote:

Jan 3, 2022, 22:11 by robe...@debian.org:


The site works fine for me.

In FF, click on 'SSL_ERROR_BAD_CERT_DOMAIN', which should take you to
the full error output.  Then click 'Copy text to clipboard' and paste
the full text into an email.  Someone on the list ought to be able to
help diagnose further from there.



Weird. This is what I get:


Websites prove their identity via certificates. Firefox does not trust this site 
because it uses a certificate that is not valid for tools.usps.com. The certificate 
is only valid for the following names: www.costco.ca <http://www.costco.ca>, 
costco.ca

Error code: SSL_ERROR_BAD_CERT_DOMAIN


https://tools.usps.com/go/TrackConfirmAction_input?origTrackNum=1234567890

Unable to communicate securely with peer: requested domain name does not match 
the server’s certificate.

HTTP Strict Transport Security: false
HTTP Public Key Pinning: false

Certificate chain:

-BEGIN CERTIFICATE-
MIIHTjCCBjagAwIBAgIQBOyIfmSb5tyeC53E3AQoqzANBgkqhkiG9w0BAQsFADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDQxMzAwMDAwMFoXDTIyMDcxMjEy
MDAwMFowgdsxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
BAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCldhc2hpbmd0b24xFDASBgNV
BAUTCzYwMSAwMjQgNjc0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv
bjERMA8GA1UEBxMISXNzYXF1YWgxJTAjBgNVBAoTHENvc3RjbyBXaG9sZXNhbGUg
Q29ycG9yYXRpb24xFjAUBgNVBAMTDXd3dy5jb3N0Y28uY2EwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDaZN4KpbA4DhbWw+TT9c8mNUPeVKsYaysqMKJK
jVUKCx4DfAa1xWdR3l/DcMfuA3oTfFhf1X9tpL7hcCQN+jr/WKKTR9usHzjFzP1O
Q8QXPza0HjOaQbLwlO6MMrLfO/R5p1D2dhTAnGneL0ZR03DoqLIPqJT/aBEvQC2C
D5wxtm1TbooHuQ3OeUW8kOp/UY/+mT3uuf1LBz5EdjJ8A0Kc5FX6Lo54vK5Jty4X
VWASsj8W5DkLVL5k6zMUpRqKx9LEb1mYnKxYcTUQetCRBVo3zv7QUb+xNjhwEIiB
qe8g7pFgTW5FORITPoeWLCS68YwxZ/DJ7jYnouQludCKEsaPAgMBAAGjggNxMIID
bTAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQU34QV
E4cZWcbn/7IWLK0nuAzCU9YwIwYDVR0RBBwwGoINd3d3LmNvc3Rjby5jYYIJY29z
dGNvLmNhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
L3NoYTItZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNl
cnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG
/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAcGBWeBDAEBMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAh0dHA6Ly9v
Y3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNB
LmNydDAJBgNVHRMEAjAAMIIBewYKKwYBBAHWeQIEAgSCAWsEggFnAWUAdQCkuQmQ
tBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEXF1Ht6gAAAEAwBGMEQCIDR/
YSEr0iSj2uKBMQuc3YmvbFjlwH2+uEmd6NNbi9wGAiBTrfdlBpZJN6GyKMqded5g
yCxxgCV4jUtLQiw7vBUN2gB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXW
idDdAAABcXUe3vcAAAQDAEYwRAIgJKh7x+t4g47X35aah89yser+f77yFRGzp9sj
6WryR2sCIHOa8cSDFzjBwPp3vTHAse1lJO4QGPtg/NXXfk4Veb75AHUAu9nfvB+K
cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFxdR7etQAABAMARjBEAiBqwSAH
8sKPb4Y818r3AtnliGWrGhqgtZ0GEZWyDGf+eAIgYYVrZ8xAfrWu83TLSHemxk1E
XvOQ9k8JJHyjVRmOxpQwDQYJKoZIhvcNAQELBQADggEBAGjuhZ9ypCuzqFPHmafF
8tSty5Fb/LsQQ5i6O2A8lgG33WinpVjYbmDvlCl3vEsdkEvarGjCihJgTsb0RwZs
cNBkoFr+kNiR4lm/YnhtAd0qv8+uLJzZ1i9MmhcKuOSTgIKw368Kh0i9C3xDlsPU
jxK1rASaJxAuYBNWcPsnrO/BipRlpK8DG6XlNIUn8PzsuTVNOVf+kjdoM0rAHhVG
kagbhBbKJFLSOqLAZiXgc954wy9VIkEUHOd6Z3asMamTFSyC7wPj6rD3tkGwKKc0
NQO6pYEvkXJRJeieYtla+a+Luly3Nxi8yHWDl98N6sqKgitjCBScs4bWaILw54E3
S1c=
-END CERTIFICATE-
-BEGIN CERTIFICATE-
MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBW
YWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUY
uD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/
LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy
/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQh
cJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k
8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYB
Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAh0dHA6Ly9vY3NwLmRp
Z2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2Vy
dC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2
MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
b20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAW
gBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbh
hgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59

Re:[solved] Broken libc6 running Sid (multiarch sytem)

2021-12-19 Thread Mark Allums


On 12/19/21 18:12, Mark Allums wrote:

On 12/19/2021 2:30 AM, Andrei POPESCU wrote:

On Du, 19 dec 21, 07:24:56, Tim Woodall wrote:

On Sat, 18 Dec 2021, Mark Allums wrote:



Preparing to unpack .../libc6_2.33-1_amd64.deb ...
Unpacking libc6:amd64 (2.33-1) over (2.34-0experimental1) ...
dpkg: error processing archive
/var/cache/apt/archives/libc6_2.33-1_amd64.deb (--unpack):
trying to overwrite shared '/usr/share/doc/libc6/NEWS.gz', which is
different from other instances of package libc6:amd64


I'd delete that file and try again. (move it to the side if it's
something you might want to consult)


According to my understanding of the manpage it should work with an
added '--force-overwrite'.
Kind regards,
Andrei

Thanks.  I'll try that soonest.  I'll let everybody know.

Mark Allums





It worked, with lots of warnings. I did overlook the option 
--force-overwrite in the man page.  Once I got the main libc6 squared 
away, I ran the interactive Aptitude and let the solver correct the 
other libc6-related packages, and also removed lintian, as I am not a 
package maintainer.  Everything is now cleared up.


I am running Bookworm, with some Sid packages (or Sid with some Bookworm 
packages, if you prefer.) I do occasionally install a new NVIDIA driver 
or kernel from experimental, and I currently have installed gcc-12 for 
the heck of it.  If I depended on this machine for a main system (aka 
production), I of course wouldn't do this.  I installed the new libc6 as 
a lark, but since it is an essential package and since I am not a 
maintainer, I should not have done so.


Thanks Andrei, for your perusal of the man page on my behalf.

Mark Allums

Re: Broken libc6 running Sid (multiarch sytem)

2021-12-19 Thread Mark Allums


On 12/19/2021 2:30 AM, Andrei POPESCU wrote:

On Du, 19 dec 21, 07:24:56, Tim Woodall wrote:

On Sat, 18 Dec 2021, Mark Allums wrote:



Preparing to unpack .../libc6_2.33-1_amd64.deb ...
Unpacking libc6:amd64 (2.33-1) over (2.34-0experimental1) ...
dpkg: error processing archive
/var/cache/apt/archives/libc6_2.33-1_amd64.deb (--unpack):
trying to overwrite shared '/usr/share/doc/libc6/NEWS.gz', which is
different from other instances of package libc6:amd64


I'd delete that file and try again. (move it to the side if it's
something you might want to consult)


According to my understanding of the manpage it should work with an
added '--force-overwrite'.
  
Kind regards,

Andrei

Thanks.  I'll try that soonest.  I'll let everybody know.

Mark Allums

Broken libc6 running Sid (multiarch sytem)

2021-12-18 Thread Mark Allums

I messed up real good!  I foolishly tried to upgrade my libc6 to the 
version in experimental, and the i386 version wouldn't install, 
something about lintian overrides. (Why lintian is even installed is a 
mystery.  I don't need it, and with the current state of the broken 
libc6, I cant uninstall it.)  I decided to fix it by downgrading libc, 
et al, back to Testing/Sid.  Now, libc6-amd64 package won't downgrade, 
something about overwriting a file (not like other versions of same 
package, duh.) I downloaded the amd64 libc6 .deb from Testing and 
attempted to use dpkg to forcibly install it, but I guess I don't 
understand the man page about forcing things, cause it won't work.  The 
following is some of my thrashing around, trying to understand and fix it.


I'm no guru, what do?

Mark Allums



root@martha:/home/george/Desktop# apt -f install

The following packages have unmet dependencies:
 libc-dev-bin : Depends: libc6 (< 2.34) but 2.34-0experimental1 is 
installed

 libc6 : Breaks: locales (< 2.34) but 2.33-1 is installed
 Breaks: libc6:i386 (!= 2.34-0experimental1) but 2.33-1 is 
installed
 libc6:i386 : Breaks: libc6 (!= 2.33-1) but 2.34-0experimental1 is 
installed

 libc6-dbg : Depends: libc6 (= 2.33-1) but 2.34-0experimental1 is installed
 libc6-dev : Depends: libc6 (= 2.33-1) but 2.34-0experimental1 is installed
 libc6-i386 : Depends: libc6 (= 2.33-1) but 2.34-0experimental1 is 
installed

 libc6-x32 : Depends: libc6 (= 2.33-1) but 2.34-0experimental1 is installed
E: Error, pkgProblemResolver::Resolve generated breaks, this may be 
caused by held packages.

E: Unable to correct dependencies



root@martha:/home/george/Desktop# aptitude
Performing actions...
Preconfiguring packages ...
dpkg: warning: downgrading libc6:amd64 from 2.34-0experimental1 to 2.33-1
(Reading database ... 2712532 files and directories currently installed.)
Preparing to unpack .../libc6_2.33-1_amd64.deb ...
Unpacking libc6:amd64 (2.33-1) over (2.34-0experimental1) ...
dpkg: error processing archive 
/var/cache/apt/archives/libc6_2.33-1_amd64.deb (--unpack):
 trying to overwrite shared '/usr/share/doc/libc6/NEWS.gz', which is 
different from other instances of package libc6:amd64

dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)



Errors were encountered while processing:
 /var/cache/apt/archives/libc6_2.33-1_amd64.deb

libc6-dbg:amd64
 libc6-x32
 libc6-dev-x32
 libc6:amd64
 libc6-i386
 libc6-dev:amd64
 libc-dev-bin
 libc-devtools
 libc6-dev-i386
 libc-bin
 locales
 nscd
 man-db



root@martha:/home/george/Desktop# apt list | grep libc6

WARNING: apt does not have a stable CLI interface. Use with caution in 
scripts.


libc6-amd64-cross/unstable,unstable 2.33-1cross1 all
libc6-amd64-i386-cross/unstable,unstable 2.33-1cross1 all
libc6-amd64-x32-cross/unstable,unstable 2.33-1cross1 all
libc6-amd64/testing,unstable 2.33-1 i386
libc6-arm64-cross/unstable,unstable 2.33-1cross1 all
libc6-armel-cross/unstable,unstable 2.33-1cross1 all
libc6-armhf-cross/unstable,unstable 2.33-1cross1 all
libc6-dbg/testing,unstable,now 2.33-1 amd64 [installed]
libc6-dbg/testing,unstable 2.33-1 i386
libc6-dev-amd64-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-amd64-i386-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-amd64-x32-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-amd64/testing,unstable 2.33-1 i386
libc6-dev-arm64-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-armel-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-armhf-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-hppa-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-i386-amd64-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-i386-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-i386-x32-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-i386/testing,unstable,now 2.33-1 amd64 [installed]
libc6-dev-m68k-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mips64-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mips64el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mips64r6-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mips64r6el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mipsn32-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mipsn32el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mipsn32r6-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips32-mipsn32r6el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mips-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsel-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsn32-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsn32el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsn32r6-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsn32r6el-cross/unstable,unstable 2.33-1cross1 all
libc6-dev-mips64-mipsr6-cross/unstable,unstabl

Re: How to cause a process started in .xsessionrc to terminate with x-session termination?

2021-11-18 Thread Mark Neyhart

On 11/17/21 12:39 PM, Arkadiusz Dabrowski wrote:
> Hi all
> I have a problem with unison sync termination when it is started from
> .xsessionrc.
> It works flawlessly but when I log out it is orphaned and not terminated.
> I start it like this:
> nice -n18 ionice -c2 -n7 unison unison_profile &>/dev/null &
> Once started the parent is x-session-manager and they the same process
> group.
> What can I do to terminate the process with x-session?
>

/etc/X11/Xreset.d is a directory which holds scripts to be executed
upon termination of a display manager.  It may work to put a kill
script in there.  The /etc/X11/Xreset.d/README file has more details.
I use it to terminate non-X tasks which are started by my window manager.

Mark

Re: clean Bullseye install, display disappears after "loading initial ramdisk"

2021-11-06 Thread Mark Copper

On Fri, Nov 5, 2021 at 4:25 PM The Wanderer  wrote:

> On 2021-11-05 at 18:14, Mark Copper wrote:
>
> > Where to start diagnosing a problem like this?
>
> At first blush: look into ways to disable kernel modesetting.
>
> The details tend to vary depending on the GPU involved, but one thing
> they usually have in common is adding 'nomodeset' to the kernel command
> line.
>
> I think I usually see the changeover to KMS happening later than the
> point right after "loading initial ramdisk", but there's no guarantee
> that that will always be the case, and the symptom seems right.
>
> > Minimal install -- no desktop.
> >
> > No "oops" in syslog though there are some warnings.
> >
> > System seems to shut down properly when power button pressed.
> > Yesterday I could even ssh in, but that facility disappeared.
>
> Shut down immediately (hard-power-off style, much like you get when
> pressing that button during POST), or initiate shutdown and complete
> after the normal amount of shutdown time (as you get when initiating a
> shutdown command from the software UI within the booted OS)?
>
> The answer should help us tell how far it had managed to boot before the
> power-button press happened.
>
> > Asrock H570M-ITX/ac with Intel i3-10100. More info gladly provided.
>
> There's a specific kernel-command-line parameter (on top of 'nomodeset')
> for disabling KMS with certain types of Intel integrated GPU; I don't
> remember it off the top of my head, but I believe it involves the string
> 'i915'. If you're using such a GPU, it might be worth looking into that.
>
> Disabling kernel modesetting isn't the greatest thing for long-term use,
> but if it can let you boot, you may be able to use that as a basis for
> figuring out what other solutions may be possible.
>
> Regarding longer-term use, I bumped into this discussion this morning
which might be helpful:
   https://forums.linuxmint.com/viewtopic.php?t=345452

Purchase Debian Linux subscript

2021-11-06 Thread LI, Mark

Hi Sir.

We want to purchase Debian Linux subscript service , who can we contact


Thanks

Regards

Mark Li (Li Xuemin)
Office phone : 010 69115405
Mobile : 13301737271
Email:  xuemin...@atos.net<mailto:xuemin...@atos.net>
11/F, Unicom International Tower
No.547 Tian Mu Xi Rd

This e-mail and the documents attached are confidential and intended solely for 
the addressee; it may also be privileged. If you receive this e-mail in error, 
please notify the sender immediately and destroy it. As its integrity cannot be 
secured on the Internet, the Atos group liability cannot be triggered for the 
message content. Although the sender endeavors to maintain a computer 
virus-free network, the sender does not warrant that this transmission is 
virus-free and will not be liable for any damages resulting from any virus 
transmitted.

Re: clean Bullseye install, display disappears after "loading initial ramdisk"

2021-11-05 Thread Mark Copper

On Fri, Nov 5, 2021 at 5:18 PM The Wanderer  wrote:
>
> (Is there a reason why the line after the quote and before your new
> text, in both cases where that happened, consisted of a string of 11 tab
> characters instead of being empty? I had to delete the tabs manually in
> order to avoid having it mess up quoting in this reply.)
>
> On 2021-11-05 at 19:03, Felix Miata wrote:
>
> > The Wanderer composed on 2021-11-05 18:25 (UTC-0400):
> >
> >> There's a specific kernel-command-line parameter (on top of
> >> 'nomodeset') for disabling KMS with certain types of Intel
> >> integrated GPU; I don't remember it off the top of my head, but I
> >> believe it involves the string 'i915'.
> >
> > Nomodeset disables KMS for all graphics hardware.
>
> While I have no reason to doubt this statement, it doesn't seem to
> entirely line up with what I've observed in the real world.
>
> I've encountered cases where specifying just 'nomodeset' didn't make the
> system stop attempting to switch to a more-advanced display mode (and go
> blank, losing the ability to display at all), but specifying both that
> and 'i915.whateveritwas' did.
>
> (With exactly the same live-boot image, on different hardware,
> specifying just 'nomodeset' worked just fine. So it wasn't something odd
> about the boot environment, or at least not exclusively so.)
>
> >> Disabling kernel modesetting isn't the greatest thing for long-term
> >> use, but if it can let you boot, you may be able to use that as a
> >> basis for figuring out what other solutions may be possible.
> >
> > Nomodeset is primarily intended to be a troubleshooting parameter.
> > KMS, which nomodeset disables, is an absolute requirement for
> > competent graphics performance from al FOSS drivers supporting AMD,
> > Intel and NVidia GPUs, among others.
>
> I figured it'd be something like that, but didn't have the
> (sufficiently-recent) direct experience to be able to say for sure.
>
> --
>The Wanderer
>
> The reasonable man adapts himself to the world; the unreasonable one
> persists in trying to adapt the world to himself. Therefore all
> progress depends on the unreasonable man. -- George Bernard Shaw

Thank you. I'd completely forgotten about "nomodeset" although I've
had occasion to use it before. Did the job!

clean Bullseye install, display disappears after "loading initial ramdisk"

2021-11-05 Thread Mark Copper

Where to start diagnosing a problem like this?

Minimal install -- no desktop.

No "oops" in syslog though there are some warnings.

System seems to shut down properly when power button pressed.
Yesterday I could even ssh in, but that facility disappeared.

Asrock H570M-ITX/ac with Intel i3-10100. More info gladly provided.

Thanks for reading.

Re: A bug in Vim, in Mate Terminal or in Debian 11?

2021-09-20 Thread Mark Neyhart

On 9/18/21 5:14 PM, Dedeco Balaco wrote:
> Vim is one of these programs. While it is running, the terminal title
> shows the name of the file currently being edited, and the number of
> files that was opened with it, when it was launched.
> 
> After the upgrade, when i quit vim, the terminal title becomes empty,
> instead of returning to the default title "Terminal".
> 
> Why is this happening? A bug in Vim? In mate-terminal? Or in Debian 11?

I did not see it mentioned anywhere, but $PROMPT_COMMAND (if it
exists) might be setting the terminal title.

Re: Why ``color_prompt`` is only set for ``xterm``?

2021-09-03 Thread Mark Neyhart

On 9/2/21 5:45 PM, piorunz wrote:
> On 03/09/2021 01:34, David Wright wrote:
>> (I use my own customisations for distinct colours on each host,
>> and inverse colours for root's prompt.)
> 
> Can you please share your root prompt invocation? Thanks!
> 

In /root/.bashrc I use this to give a red prompt including host and
full path followed by a new line.  This leaves more room for a long
command when the full path is long.

export PS1='\[\e[1;31m\]\h:\w\$\[\e[0m\]\n'

Re: Please help to test latest Debian 11 release candidate on real hardware

2021-07-24 Thread Mark Allums





On 7/24/2021 3:14 PM, Andrey Ponomarenko wrote:

Hello!

Let's help developers to test upcoming Debian version 11 by filling 
out the community-driven list of tested hardware configurations: 
https://github.com/linuxhw/TestCoverage/tree/master/Dist/Debian_11 
<https://github.com/linuxhw/TestCoverage/tree/master/Dist/Debian_11)>

I get a 404 at the above address.

The development team only has a limited set of hardware for tests, but 
I'm sure we can find almost any configuration in the community. Anyone 
can easily add their computers / laptops or servers info to the list 
using the package https://packages.debian.org/bullseye/hw-probe 
<https://packages.debian.org/bullseye/hw-probe>.
You can download Debian 11 release candidate on the page 
https://www.debian.org/devel/debian-installer/ 
<https://www.debian.org/devel/debian-installer/>.

Andrey

Mark Allums

Re: why is package mono-vbnc missing from Buster?

2021-07-01 Thread Mark Copper

Thank you.

On Thu, Jul 1, 2021 at 3:55 PM Greg Wooledge  wrote:
>
> On Thu, Jul 01, 2021 at 03:52:42PM -0600, Mark Copper wrote:
> > mono-vbnc is a package in stretch and sid but not buster. Why is that?
>
> https://tracker.debian.org/pkg/mono-basic
>
> According to this, it was removed from testing in 2019.  You can click
> the links to see why.
>

why is package mono-vbnc missing from Buster?

2021-07-01 Thread Mark Copper

mono-vbnc is a package in stretch and sid but not buster. Why is that?

Re: Messed up Email

2021-06-21 Thread Mark Allums





On 6/21/2021 6:22 PM, Gary L. Roach wrote:

Hi all,

Operating System: Debian GNU/Linux 10
KDE Plasma Version: 5.14.5
Qt Version: 5.11.3
KDE Frameworks Version: 5.54.0
Kernel Version: 4.19.0-16-amd64
OS Type: 64-bit
Processors: 4 × AMD FX(tm)-4350 Quad-Core Processor
Memory: 15.6 GiB of RAM

Thunderbird 78.10.0(64bit)

For some years, I have been using Thunderbird on Debian with no 
problems. Over a year ago I switched to gmail.com (Imap server) for my 
mail server. Everything went fine until about 6 months ago . All of a 
sudden I had an All-Mail folder that wasn't there before. Since then 
all of my Emails are bypassing my InBox and my filters. I decided to 
sort out the All-Mail by creating a new set of filters and running 
them on the All-Mail box. I completely cleaned out all 4000 or so 
Emails. As soon as I restarted Thunderbird all of the old Emails were 
downloaded from the web and re-filled the All-Mail box. Nothing in the 
InBox. In addition, I now have multiple copies of the same messages in 
all of my local folders. In short I have a real mess on my hands. I 
have seen various solutions on the web but none seem to work. I also 
noted that pop servers, unlike imap servers, store all of the files on 
the local computer. Could switching to pop solve this problem? Are 
there any other solutions? Please help.


Gary R.

Check your server account (you may need to log in to webmail). Chances 
are, the ISP/mail provider added a new folder that behaves that way.  
Using filters on the server rather than locally might help, and as you 
surmised, trying POP may help.  It's a feature of IMAP to keep your mail 
locally matching the server.  Perhaps some configuration details could 
be changed.


Mark A.

Re: clarification for UnattendedUpgrades

2021-03-29 Thread V. Mark Lehky

Seems like the syntax of 50unattended-upgrades has changed since that
answer. But at least now I know where the "Origin" values come from.

ty

On Sun, 28 Mar 2021 at 19:05, Charles Curley
 wrote:
>
> On Sun, 28 Mar 2021 17:07:06 -0700
> "V. Mark Lehky"  wrote:
>
> > My question is: How would I be able to find / determine these exact
> > values for any Debian distribution?
>
> See answer # 1 at.
> https://askubuntu.com/questions/87849/how-to-enable-silent-automatic-updates-for-any-repository
>
>
>
> --
> Does anybody read signatures any more?
>
> https://charlescurley.com
> https://charlescurley.com/blog/
>

clarification for UnattendedUpgrades

2021-03-28 Thread V. Mark Lehky

Hello.

I would like to ask some questions to clarify the usage of
UnattendedUpgrades. I am starting from this wiki
.

The first section says that I have to configure the file 50unattended-upgrades.
I am trying to do this on the Raspbian distribution. I (almost
accidentally) found this comment on StackExchange:

It basically says that I need to add:
"origin=Raspbian,codename=${distro_codename},label=Raspbian";
"origin=Raspberry Pi
Foundation,codename=${distro_codename},label=Raspberry Pi Foundation";
My question is: How would I be able to find / determine these exact
values for any Debian distribution?

Next, the wiki tells me "The defaults will work fine, but you should
read it and make changes as needed." So reading through that file, I
found couple of sections that apply to my use-case:
// Remove unused automatically installed kernel-related packages
// (kernel images, kernel headers and kernel version locked tools).
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
// Do automatic removal of newly unused dependencies after the upgrade
Unattended-Upgrade::Remove-New-Unused-Dependencies "false";
// Do automatic removal of unused packages after the upgrade
// (equivalent to apt-get autoremove)
Unattended-Upgrade::Remove-Unused-Dependencies "true";
My question is: Do I just uncomment the lines that I want, or do I
_also_ need to set the value to "true"? Notice that by default, the
second one is set for "false".

ty for your help.

Re: OT: Router behaviour

2021-02-20 Thread Mark Fletcher

On Thu, Feb 04, 2021 at 08:23:39PM -0500, Stefan Monnier wrote:
> > I powered the router down again, plugged its WAN port into one of the 
> > LAN ports of the ISP-supplied router, and brought it back up.
> 
> I you sure you plugged your ISP-router into the WAN port of your
> (Buffalo) router and not into one of the LAN ports?
> 
> The behavior you describe would be easy to explain if it was plugged
> into a LAN port (or if the WAN port was somehow bridged with the LAN
> ports) since in that case you'd have basically a single network with
> packets forwarded between the two routers, and two DHCP servers, making
> it quite possible that a DHCP request received on your router ends up
> being answered by the ISP router instead (since the request is
> broadcasted to all connected machines).
> 

So thanks to everyone who replied to this thread, some really great 
links and suggestions which I am following up. One thing for the record, 
there is absolutely no possibility I connected the LAN port to LAN port 
-- the LAN port on the ISP's router is plugged into the WAN port of the 
old router. That has been checked, double checked and triple checked. 
Whatever is causing it, it isn't that.

There is a switch on the back of the old router, with 2 settings, "AP" 
and "WB". "AP" is obviously "Access Point". Not sure yet what "WB" 
stands for but I suspect some of the links you guys supplied will help 
me figure that out. The router is set to "AP" -- I _think_ it always has 
been, but I might be misremembering that and the switch could easily 
enough have been moved in the course of an international move or while 
lying around on my spare bedroom floor for the best part of a year.

Anyway -- thanks very much all for the input supplied, I have plenty 
reading to do! :)

Mark

OT: Router behaviour

2021-02-04 Thread Mark Fletcher

First apologies for the off-topic post, but I know this community is 
full of experts on this topic and my ask in the end is a simple one:

Can anyone point me at a reasonably accessible guide to the details of 
how IP networks work, in particular the communications that occur 
between router devices that are designed to support home networks? I'm 
computer science trained but from many years ago and if I ever learned 
these specific details I have forgotten them, but I feel equipped to 
understand them. I'm after a certain amount of detail and would prefer 
to avoid adverts or advice of the "just buy our product, plug it in and 
your problems will all be solved" type.

The background to my request is this:

A while ago I moved house (and countries) and since arriving in the new 
house I have been using a WiFi router provided by my broadband provider, 
somewhat reluctantly, but without a really serious alternative since the 
router also contains the ISP's modem. In the old place I used a 
store-bought router+WiFi device of very typical type (Buffalo brand, 
although I don't expect that to be relevant) plugged into the (cable) 
modem.

My kids have been complaining recently about the quality of the WiFi and 
so I thought I'd fire up the old router from the old house and see if 
it's any better. I experimentally fired it up without plugging it into 
anything and the old WiFi networks came up, I could connect to them, and 
got an IP address in the range I used to use at the old house (which is 
different from what I use now, for arbitrary reasons).

I powered the router down again, plugged its WAN port into one of the 
LAN ports of the ISP-supplied router, and brought it back up. It came up 
but seems to have automatically subordinated itself to the ISP-supplied 
router and is now offering up IP addresses in the range supplied by the 
ISP's router... It seems like it has automatically taken a subordinate 
role to the ISP's router. It is still offering up the old network names 
with the old password but when I connect I get an IP address in the 
range used by the ISP's router (said address works fine).

I don't think I expected it to do that, certainly not automatically, and 
before I decide if I am happy with this outcome or not I want to 
understand in detail what just happened and why, so I can understand its 
implications. Just as one example, I want to understand what the 
implications are for the store-bought router's firewall -- has it just 
been bypassed? and so on. Hence the request for a pointer to some good 
documentation. Book, website, whatever you think would be most helpful, 
I would much appreciate any pointers.

Thanks

Mark

Re: Archivemail

2021-01-23 Thread Mark Fletcher

On Sun, Jan 24, 2021 at 12:17:55AM +0100, Jochen Spieker wrote:
> Thank you for pointing out that archivemail will be gone soon. Since I
> am using it as well, I took a quick look at it ("how hard can it be??")
> and tried a quick conversion to Python3:
> https://github.com/solexx/archivemail
> 
> Luckily there is a test suite and only about two thirds of the tests are
> failing, otherwise I might have thought it should work. ;-)
> 
> The main problem is that one has to replace a few modules/functions,
> mostly the long-obsolete rfc822. I think I can get away with throwing
> away the get_filename function completely, which was a little
> problematic due to the dependencies. I guess I have only "solved" the
> easy problems for now, but I still think the conversion should be
> doable.

On digging around prompted by Brian's earlier input I found a 
conversation between a couple of other people and they seemed to start 
that process and then give up on the basis that it was a lot harder than 
they thought...

I'm probably going to just write a python3 script of my own to handle my 
use-case, which is just to sift through /var/mail/ to delete mails 
older than a month. I've found the python3 "mailbox" library which 
includes support for mbox type mail files, which is what I think 
/var/mail/ is. Looking at the API it doesn't look that hard, and I 
have to assume the complexity of porting archivemail comes either from 
the paradigm it operates in or from functionality it provides other than 
simply deleting old mail.

On my travels today I discovered mutt can do the job I want for me with 
a simple command, but I don't want to have to run mutt to do it -- I'm 
"away" for long periods and I want the mail box size to stay under 
control while I'm not paying attention, accepting that means I will 
never read some mail that goes to the mailing list. Hence I want an 
automated solution that happens whether I am paying attention or not.

> 
> I have no idea whether or when I will be able to finish this, because I
> am severly time-constrained due to the pandemic (daycare in the morning,
> regular work in the afternoon until late at night). I am also aware that
> it is probably too late for bullseye, but archivemail can be dropped to
> ~/bin/ easily.
> 
> But well, first me or somebody else has to fix those failing tests.
> 

Despite my decision to have a crack at writing something local for my 
own usecase, I do think it would be good if archivemail made a comeback, 
so I wish you well in that endeavour. I'd offer to help test but as I've 
illustrated, my usecase is very simple...

(still, happy to test that usecase if it would be helpful)

Mark

Re: Archivemail

2021-01-22 Thread Mark Fletcher

On Fri, Jan 22, 2021 at 11:33:13PM +, Brian wrote:
> On Fri 22 Jan 2021 at 23:22:19 +0000, Mark Fletcher wrote:
> 
> > Anyone know what happened to archivemail in Debian?
> > 
> > packages.debian.org shows it was in Jessie, Stretch and Buster, but it 
> > is in neither sid nor Bullseye which presumably means it has been 
> > dropped. Anyone know why?
> > 
> > bugs.debian.org doesn't show any bugs against it and google is coming up 
> > short too.
> 
> It's always a good idea to look at "Developer Information" on a
> package page.
> 
> Python2? Python3?
> 

OK deciphering the above for anyone who might follow after me: 
archivemail is dependent on Python2 which, it appears, is getting 
removed from bullseye (although as of right now it's not gone yet, it's 
installed on my system and I didn't ask for it, so something is clearly 
still dependent on it)

So what alternatives would people recommend? My use case is for deleting 
messages to a local copy of this mailing list after they're a month old, 
which I have previously pulled down to my local user ID from my gmail 
account with fetchmail.

Mark

Archivemail

2021-01-22 Thread Mark Fletcher

Anyone know what happened to archivemail in Debian?

packages.debian.org shows it was in Jessie, Stretch and Buster, but it 
is in neither sid nor Bullseye which presumably means it has been 
dropped. Anyone know why?

bugs.debian.org doesn't show any bugs against it and google is coming up 
short too.

Thanks

Mark

Gnome Terminal in Bullseye

2021-01-22 Thread Mark Fletcher

Hello

Has anyone else noticed in Gnome Terminal in bullseye that, by default, 
it starts in an 80x24 configuration, but if you press F11 to make it 
full screen and then press F11 again to take it back to non-full-screen, 
the configuration it goes back to isn't quite 80x24? It's approx 79x23 
or 22, I would say.

Is there configuration somewhere that controls this? And if there is, is 
there any reason why we would want it configured in Debian not to return 
to the size it came from after being in full-screen mode?

I'm wondering if this is a simple configuration issue, a bug in the 
Debian package, or an upstream bug.

I don't know if this is long-standing behaviour as I have been using 
XTerm for the last few releases due to a different Gnome Terminal bug 
which annoyed me, which seems to be fixed now in bullseye.

Thanks

Mark

Re: new harddrive degraded speed

2021-01-21 Thread Mark Allums


On 1/20/21 11:41 PM, Stefan Monnier wrote:

i bought a new harddrive
western digital red plus 6tb

=== START OF INFORMATION SECTION ===
Model Family: Western Digital Red
Device Model: WDC WD60EFRX-68L0BN1
Serial Number:WD-WX62D60C9L6X
LU WWN Device Id: 5 0014ee 212e6b9ad
Firmware Version: 82.00A82
User Capacity:6,001,175,126,016 bytes [6.00 TB]
Sector Sizes: 512 bytes logical, 4096 bytes physical
Rotation Rate:5700 rpm
Device is:In smartctl database [for details use: -P show]
ATA Version is:   ACS-2, ACS-3 T13/2161-D revision 3b
SATA Version is:  SATA 3.1, 6.0 Gb/s (current: 3.0 Gb/s)
Local Time is:Wed Jan 20 17:12:52 2021 CST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

why is the speed 3.0 gbs i have 4 other drive i have tested with this
device and they all  use 6.0 gbs

I can't tell you why, but I'd recommend you look at

 dmesg | grep -i ata

It might give you some clues,


 Stefan


Is it an SMR drive?  Interface speed may not be too critical if it is.


Mark

Re: Bullseye: setting and using $DISPLAY after su -

2020-12-31 Thread Mark Neyhart

On 12/31/20 12:50 PM, Charles Curley wrote:
> I am using Bullseye as updated to yesterday. It is my custom to log in
> to XFCE as my regular user, then "su -" in order to run as root,
> including GUI programs. In the process, in the past $DISPLAY has been
> set.
> 
> I now find on bullseye that $DISPLAY is not being set. However, even if
> I set DISPLAY manually or run 'su -w DISPLAY -', programs like xclock
> complain that they cannot open the display.
> 
> How do I allow root to use the display?
> 

Before the su try

xhost SI:localuser:root

or just

xhost +

You will still have to set $DISPLAY manually

Re: Tiling display support

2020-12-19 Thread Mark Allums

Oh, thanks, I've reread specs. It says 'refresh rate up to 240Hz', but 
for full resolution it's 5120 x 1440 | 60 Hz. There is LG, which 
promises 3840 x 2160 144Hz. I'll be more careful.


Which LG model offers 144 Hz at 3480 x 2160?  Because I am shopping for 
a high-refresh 4k device right now, and I haven't run across any model 
like that from LG.


Mark

(Preferably 32-inch.)

Re: Migrating LVM volumes to a new machine

2020-12-12 Thread Mark Fletcher

On Fri, Dec 11, 2020 at 06:53:59PM -0500, Michael Stone wrote:
> On Fri, Dec 11, 2020 at 11:46:46PM +0000, Mark Fletcher wrote:
> > I feel
> > like I can't follow the instructions in the HOWTO because it wants me to
> > unmount the file systems, export the LVs and so on, on the old machine
> > before moving the disk, and I don't see how I can do that on a system
> > that is expecting to use those file systems to operate.
> 
> you must have missed:
> "vgexport/vgimport is not necessary to move drives from one system to
> another. It is an administrative policy tool to prevent access to volumes in
> the time it takes to move them."

Yeah... didn't miss that, but thought "that can't mean what it appears 
to mean, because if it did the whole article would be contracticting 
itself". So I guess "failed to understand" would be closer to the truth 
than "missed".

> 
> Just move the disk and the lvm stuff will show up like normal. The only
> potential gotcha is if you used the same volume group names on both systems,
> then that would need to be resolved (by renaming one of them)
> 

Oh. Good. Thanks! Yes I had considered that different VG names would be 
needed. I just let the installer do its thing with the naming last time, 
guess when I install this time on the new machine I will intervene.

That generates a followup question, out of curiosity. Presumably for 
that to work, all the info needed for the computer to learn about the VG 
at boot must be stored on the PV. What happens when there is more than 
one PV for a VG? Is the info stored on all of them, or just one?

Thanks

Mark

Migrating LVM volumes to a new machine

2020-12-11 Thread Mark Fletcher

Hello

I would like to understand how to move a LVM VG from one machine to 
another, when the disk to be moved contains filesystems key to the 
source system. I have read section 13.6 of the LVM HOWTO which talks 
about moving VGs. However the context of my situation is I am 
cannibalising an old machine and moving the VG that contains the LVs 
mounted on /, swap and /home of the source machine. That, apart from the 
non-LVM /boot partition, is all that is on this SSD.

The disk will not be the primary disk on the new machine, and the new 
machine's /, swap and /home will be elsewhere, but I will want to be 
able to access the current contents of the disk from the old machine on 
the new machine for a period of time before I decide to wipe it. I feel 
like I can't follow the instructions in the HOWTO because it wants me to 
unmount the file systems, export the LVs and so on, on the old machine 
before moving the disk, and I don't see how I can do that on a system 
that is expecting to use those file systems to operate.

I thought of booting a live system from a USB stick, so the affected LVs 
aren't mounted or in use, but then I'll face the problem of how to get 
the live system to be aware of the LVM setup existing on the SSD.

I guess the bottom line is I am missing some understanding of how LVM 
works in detail, and in particular how a machine that didn't create a 
particular VG and its contents can nonetheless be made to recognise it. 
Can anyone fill me in?

Thanks 

Mark

Re: Permissions on NFS mounts

2020-12-10 Thread Mark Fletcher

On Wed, Dec 09, 2020 at 03:54:10PM -0500, Dan Ritter wrote:
> Paul M Foster wrote: 
> > I have two users on the client: paulf 1000 and nancyf 1001. On the
> > server, I have two users: pi 1000 and paulf 1001. I can mount the NFS
> > share from the server to /mnt on my client. But any files belonging to
> > me (user 1001 on the server) look like they belong to nancy (user 1001
> > on the client. More importantly, if I copy files to this share from the
> > client, they will look like they belong to pi (user 1000) on the server.
> > 
> > Is there some way in the /etc/exports file to adjust the parameters so
> > that files retain my ownership on the server?
> 
> You're looking for userid mapping, handled by idmapd.
> 
> Your best long-term solution is to make the userids consistent
> across machines by making a decision about who will be 1000, 
> 1001 and 1002, and then changing /etc/passwd and running
> suitable "chown -R" commands, probably followed by find
> commands.
> 
> Debian automatically starts user numbering at 1000, so it's a
> good idea to have a consistent install username, if you can
> arrange it.
> 

This brings up an interesting thought. In the situation where you align 
user IDs across a number of machines for ths purpose, you'll inevitably 
end up with situations where users are created on some of the machines 
only for the purpose of keeping the IDs in synch so they can all play 
nice with the NFS. Left alone, having unneeded users on a given machine 
could be a security threat, at least in the sense that it provides a 
greater than necessary attackable surface area. What can be done about 
that? Obviously one thing would be setting the shell to /dev/null in the 
password file of those machines that don't need a given user, to prevent 
interactive logins. What else could be done? Is there a way to put an 
account "beyond use", in any way including su, sudo etc, while still 
having the machine recognise the user for being a user and therefore not 
messing up the mapping of user IDs on shared resources like NFS? In 
other words, create the sense of "yes this user exists, but they are not 
welcome here"?

Mark

Re: Two questions as I prepare for a new install

2020-12-09 Thread Mark Fletcher

On Mon, Dec 07, 2020 at 06:06:43PM -0700, Charles Curley wrote:
> On Tue, 8 Dec 2020 00:00:54 +
> Mark Fletcher  wrote:
> 
> > 1. Does anyone have any advice (or a link to offcial advice)
> > regarding whether a new bullseye install is better done with the
> > testing installer at this time, or by first installing buster and
> > then upgrading?
> 
> In general, you are better off installing new rather than upgrading.
> Installing new means less Buster cruft on your system compared to
> upgrading buster. Upgrading is a PITA. Why install and then upgrade
> when installing will get you what you want?
> 

Thanks, great to know -- but just for the record that didn't use to be 
the advice -- I'm sure a search through the archives of this list will 
show times when people advised that the way to install testing was to 
install stable and then upgrade. That sounded like a faff, for exactly 
the reasons you mentioned, hence why I asked -- was hoping I'd get the 
answer you gave!

Anyone have any thoughts on the second question I asked?

Thanks

Mark

Two questions as I prepare for a new install

2020-12-07 Thread Mark Fletcher

Hello list

I am currently amassing the hardware for a new PC build as a Christmas 
present to myself, and plan to install Bullseye on it when the hardware 
is all here.

My current system runs Buster and I thought it would be interesting to 
see what's coming.

I have two questions:

1. Does anyone have any advice (or a link to offcial advice) regarding 
whether a new bullseye install is better done with the testing installer 
at this time, or by first installing buster and then upgrading?

2. My new graphics card is a ASUS-branded nVidia GeForce RTX-2060, which 
means I get to move back to the core non-legacy nVidia driver instead of 
the legacy-legacy one I have been forced to use for some years on my old 
system due to the hardware being 11 years old. Yay... EXCEPT I have read 
hints there is a problem with the up-to-date nVidia driver and recent 
kernels. Does that affect Bullseye? Are there caveats or workarounds I 
should be aware of?

Either direct answers or links to places that answer these would be 
appreciated -- I've been a bit out of the loop recently and suspect I've 
missed a few developments.

Thanks

Mark

Re: VPN ideas

2020-12-07 Thread Mark Fletcher

On Mon, Dec 07, 2020 at 04:35:09PM -0500, Roberto C. Sánchez wrote:
> On Mon, Dec 07, 2020 at 11:27:25PM +0200, ellanios82 wrote:
> >  Hi List   :)
> > 
> > 
> >  - any suggestions please , for a handy VPN for everyday use : no specific
> > purpose, but only to add a little more privacy ??
> > 
> >  - and , is this a reasonable idea ?
> > 
> It is difficult to know since you don't specify any actual requirements,
> but OpenVPN or WireGuard should be suitable for most uses.
> 
+1 for OpenVPN. I've used it for some years and love it.

Some time ago I also used HMA (stands for "Hide My A$$" I believe), as 
something I could use across Android devices and Linux. It also did the 
job and let me pretend I was in a different country.

Mark

Re: Raid 1 borked

2020-10-26 Thread Mark Neyhart

On 10/26/20 4:55 AM, Bill wrote:

> lsblk reveals sda and sdb with sda[1-5] and sdb[1-5] but no md[0-5].
> blkid reveals that sda[1-5] and sdb[1-5] are still listed as
> TYPE="linux_raid_member".
> 
> So first of all I'd like to be able to diagnose what's going on. What
> commands should I use for that? And secondly, I'd like to get the raid
> arrays remounted as separate partitions. How to do that?
> 
    Bill

mdadm will give you some information about which partitions have been
configured as part of a raid device.

mdadm --examine /dev/sda1

It can also report on a raid device

mdadm --detail /dev/md1

If these commands don't report anything, you will need to define the
raid devices again.

Mark

Re: Replacement Email Client

2020-10-24 Thread Mark Allums





Both Thunderbird and Balsa have been rejected as T'bird is a behemoth
and no longer in development;
Thunderbird has been spun off from Mozilla, and is actively being 
developed.  The thing is still pretty fat, but they recently added 
support for PGP/GPG encryption built-in.  I wouldn't outright dismiss it 
as a possibility.



Mark

libXp -- was there a better way?

2020-10-23 Thread Mark Fletcher

Hello

I am running Buster on c2009 amd64 hardware -- one of the earliest Intel 
Core i7s. This was a clean install of Buster done a little over a year 
ago. Previously I had run many older flavours of Debian on this hardware 
over the years.

I occasionally use a specialist piece of software called xephem, which 
is old but doesn't to my knowledge have a newer replacement that's 1% as 
good. I tried to fire it up the other night for the first time since I 
installed buster. It refused to run because libXp.so.6 was missing. A 
bit of googling showed me that this is an old, deprecated library for 
printing in X. I couldn't run the execuable of xephem I had previously 
built and I couldn't build the latest version because of its expectation 
to find the include  which is provided by the same 
library... ("latest" version isn't very new...)

libXp.so.6 was last in Debian in Jessie, in package libxp6. Looking at 
the dependencies of libxp6 in Jessie, they were all installed on my 
system (obviously newer versions) except multiarch-support. So I 
downloaded the package from Jessie and used gdebi to install it on my 
system. This worked, and now xephem runs.

To avoid trouble when I next upgrade I propose from here to create a 
dummy package for xephem using equivs to register the dependency on 
libxp6, and then mark libxp6 as automatically installed, so the package 
manager in a future upgrade can figure out it can remove xephem's dummy 
package and thereby get rid of libxp6 if it causes conflicts. I have no 
idea if xephem will now be able to print, but I don't care as I don't 
want to use its printing functionality, I only did any of this because 
the missing library was preventing it from starting.

My question is, was there a better way to resolve this dependency? And, 
in a Buster system which has been installed not upgraded, am I in danger 
of creating trouble for myself by having this old package on my system?

Thanks

Mark

Re: dosemu

2020-10-17 Thread Mark Allums


On 10/17/20 12:47 PM, ellanios82 wrote:

  Mark replied :
 > Consider dosbox-x, related to dosbox (fork), but much easier to configure
and use, with lots of new features.

https://github.com/joncampbell123/dosbox-x 
<https://github.com/joncampbell123/dosbox-x>


Mark
.

  - thanks Mark vm.

  . . . sadly am bewildered by github

  : what steps, please, to download & make executable program ??

  thanks
.
  regards



It's available as a flatpak.
https://dosbox-x.com/
 Mark

Re: dosemu

2020-10-17 Thread Mark Allums


On 10/17/20 2:56 PM, Mark Allums wrote:

On 10/17/20 12:47 PM, ellanios82 wrote:

  Mark replied :
 > Consider dosbox-x, related to dosbox (fork), but much easier to 
configure

and use, with lots of new features.

https://github.com/joncampbell123/dosbox-x 
<https://github.com/joncampbell123/dosbox-x>


Mark
.

  - thanks Mark vm.

  . . . sadly am bewildered by github

  : what steps, please, to download & make executable program ??

  thanks
.
  regards



It's available as a flatpak.
https://dosbox-x.com/
  Mark


I just found out that it's also available as a snap, if you're okay with 
snaps/Canonical/Ubuntu


https://snapcraft.io/dosbox-x

sudo snap install dosbox-x

Mark

Re: Fwd: dosemu : DOS emulator program

2020-10-17 Thread Mark Allums


On 10/17/20 11:27 AM, ellanios82 wrote:

  - meantime , got lucky : added to APT Sources List :

   http://ftp.de.debian.org/debian 
<http://ftp.de.debian.org/debian> stretch main contrib>


  - did "apt install dosemu"

.

  Oh Miracle !

  dosemu installed & working, sweet
  [ have to say, for me , dosemu is superior functions]

  - again, thank you Reinhard

.
  regards



Cosider dosbox-x, related to dosbox (fork), but much easier to configure 
and use, with lots of new features.


https://github.com/joncampbell123/dosbox-x

Mark

Re: chromium users https question

2020-10-15 Thread Mark Allums


It;s not https, it's JavaScript. Having to do ad-blockers, maybe.

Mark


On 10/15/2020 3:11 PM, Gene Heskett wrote:

On Thursday 15 October 2020 14:22:39 l0f...@tuta.io wrote:


Hi,

15 oct. 2020 à 18:26 de ghesk...@shentel.net:

But I've not been able to click on an "https" link and have it work.

Where is your link? I mean is it a link on a webpage or is it inside a
text editor for example? Can you share a working link and a bad one?

Best regards,
l0f4r0

I will do that as soon as I find another bad one.

Thanks.

Cheers, Gene Heskett

Re: Partial Mouse Lockup

2020-10-07 Thread Mark Allums


On 10/6/20 1:27 PM, Thomas George wrote:

Mouse clicks don't work though mouse moves the pointer.

This happens infrequently, once in a day or two. I am using two pc's, a 
raspberrypi and a Ubuntu Studio each with its own Logitech usb keyboard 
and have experienced  this problem on both systems.


I have tried to recover with various keyboard entries - ctl-c, cti-d, 
esc, q and by disconnecting and reconnecting the keyboard. Nothing but a 
reboot solves the problem.  I use ctl-alt-f1 to open a terminal, sign in 
and enter shutdown -r now to do this. There is no problem with the 
keyboard.


Is this a known problem? Is there a known solution?



It's been happening to me lately, especially in browsers.  I think it's 
garbage collection.


Mark

Re: Recommendation for filesystem for USB external drive for backups

2020-08-12 Thread Mark Allums


On 8/12/2020 7:14 PM, rhkra...@gmail.com wrote:

I'm getting closer to setting up a consistent backup plan, backing up to an
external USB drive.  I'm wondering about a reasonable filesystem to use, I
think I want to stay in the ext2/3/4 family, and I'm wondering if there is any
good reason to use anything beyond ext2?

(Some day I'll try ZFS or BTRFS for my "system" filesystems, but don't see any
point (and don't want to learn) either of them at this point -- I don't see
much need for a backup filesystem.)

But, I'll listen to opinions ;-)



Go for ext4.  No reason not to.

Re: Very old hardware...

2020-07-12 Thread Mark Allums


On 7/11/20 7:07 PM, David Wright wrote:

On Sun 05 Jul 2020 at 23:44:09 (+0200), Thomas Schmitt wrote:

David Wright wrote:

My 650MHz Pentium III (Coppermine) [...]

consumes ~50mA idling, ~300mA when busy. [...] at 220V


11 to 66 Watt. That's unusual for a full size PC of that time.
I knew some which issued 10 Watts already by noise power and could
heat a small sized office room in winter.


Sorry, "idling" is probably not the best term—I extracted the line
from a spreadsheet of power consumptions for a multitude of different
electronics and electrical appliances. For this PC, it means switched
on, but with only the NIC waiting for a wakeup call. So the disks, fan
and, I assume, the CPU, are not running. The ability to wake it up is
not something I currently use on this machine because of its
convenient location; though after shutdown, I don't rush to turn off
the wall switch.


The word you are looking for is probably "standby".

Mark

Re: Are All Drives Installed .

2020-06-25 Thread Mark Allums


On 6/25/2020 4:36 PM, Arun Mathai wrote:

Hello Guys,

 I own a Dell e6420 ,  and i had installed debian buster (mate).But 
the brightness and wifi drivers and i assume the hdmi drivers were not 
installed. How can i know that all the drivers for my device is installed?


You may need to install device firmware.  It is not installed by 
default.  Drivers come in packages.  Check if the driver package for 
your device is installed.  Rebooting will be necessary, and you may need 
to check configuration defaults.


Mark

Re: Newbie

2020-06-25 Thread Mark Allums


Ask one question per post.  Do research yourself (Google is your friend.)

Mark

On 6/25/2020 4:26 PM, Arun Mathai wrote:

Hello Guys,

I am a total newbie for debian.

I have some technical difficulties and questions that i want to ask.

Could anyone please tell me how to proceed.

Regards,

Arun Mathai

Re: Strange squealing noise from computer

2020-05-29 Thread Mark Allums


On 5/29/2020 8:03 AM, J.W. Foster wrote:

So just to be fair this is NOT a Debian specific issue as I run several distros 
including Debian and Windows10. I have a recently built DIY computer that is 
making a LOUD squealing sound. I thought of fan bearings at first and I tried 
individually stopping each fan to see if the noise stopped one was bad on the 
Enermax 360 cooler so I replaced it. That seemed to get rid of the issue, but 
after about 2 weeks it returned even louder. I checked every fan but none were 
the culprit. I have checked the graphics card fans also and they are fine. This 
only seems to leave the Enermax liquid cooler as a possible issue.

I have been on this list for MANY years and have an idea that someone here may 
have had similar issues. If so, please advise as to your solution, especially 
if the way it is mounted is of concern. Mine is mounted vertically with the 
tubes at the top going to the CPU mounting block. This is on a Ryzen 1950 CPU 
so I must have a high capacity cooler.
Thanks!!
John


It's not coil whine in the power supply, is it?

Mark

Re: R performance

2020-05-13 Thread Mark Fletcher

On Tue, May 12, 2020 at 12:06:52PM -0500, Nicholas Geovanis wrote:
> 
> You don't mention which distro you are running on the EC2 instance, nor
> whether R or the C libraries differ in release levels. Moreover, that EC2
> instance type is AMD-based not Intel. So if not an apples-to-oranges
> comparison, it might be fujis-to-mcintoshs.

The distro on EC2 was Amazon Linux -- the current Amazon Linux build 
they offer that isn't Amazon Linux 2. Sorry I don't remember the exact 
build number. I did also try Amazon Linux 2 and got similar results, 
tainted by the fact that I had a little bit of trouble on THAT occasion 
building the tidyverse libraries in R, and may possibly have ended up 
with a not-entirely-clean install as a result on that one occasion. So 
best to ignore that and concentrate on the Amazon Linux (not Amazon 
Linux 2) attempts, of whcih I had a couple, which were consistent.

Locally I am running Buster.

On EC2 I commissioned the fresh machine, installed R from the Amazon Linux 
repositories, which by the way is 3.4.1 "Single Candle" -- not quite 
what is in the Debian repositories but different by a minor version.

EC2 used to offer Debian but they don't any more. The closest I could 
get would be Ubuntu.

But we are talking about the same R code and same data running with a 
13-fold performance difference -- I don't believe that is down to the 
Linux distro per se, or AMD vs Intel. Something else is going on here. 
The EC2 box has 128GB of RAM and I could see the R instance using about 
1.3GB, which is what it does on my local box too (24GB RAM here).

I do get that we are talking about virtualised CPUs on the EC2 box and 
virtualisation introduces a penalty of some sort -- but 13-fold? 
Compared to 10-year-old physical hardware? Sounds wrong to me. As I say, 
something else is going on here. Especially when one considers, as I 
mentioned before, that past experiments with Java have not seen a 
significant performance difference between EC2 and my environment.

> 
> Long ago I built R from source a couple times a year. It has an
> unfathomable number of libraries and switches, any one of them could have a
> decisive effect on performamce. Two different builds could be quite
> different in behavior.
> 

Right -- that's what prompted my original question. I was/am hoping 
someone might be in a position to say "well it could be the fact that we 
set the XYZ flags in the build of R in Debian..." that would give me a 
rabbit hole to chase off down.

D.R. Evans' helpful point about his experiences with multi-CPU usage in 
recent Debian builds of R, for example -- even though that's not what 
I'm seeing in my runs, it does imply thought has gone into optimal CPU 
usage in the Debian R build...

Overnight I've run the job on my own machine now, by splitting the job 
up into 10 pieces and running 2 parts each in 5 parallel batches -- I 
was loath to do that at first as the machine is old and self-built and I 
worried about overheating it, but me of little faith, it handled it 
fine. So the question has become academic but I would like to get some 
sort of explanation so I can adjust for the future.

Mark

Re: R performance

2020-05-12 Thread Mark Fletcher

On Tue, May 12, 2020 at 08:16:52AM -0600, D. R. Evans wrote:
> Mark Fletcher wrote on 5/12/20 7:34 AM:
> > Hello
> > 
> 
> I have noticed that recent versions of R supplied by debian are using all the
> available cores instead of just one. I don't know whether that's a debian
> change or an R change, but it certainly makes things much faster (one of my
> major complaints about R was that it seemed to be single threaded, so I'm very
> glad that, for whatever reason, that's no longer the case).
> 
Thanks, but definitely not the case here. When running on my own 
machine, top shows the process at 100% CPU, the load on the machine 
heading for 1.0, and the Gnome system monitor shows one CPU vCore 
(hyperthread, whatever) at 100% and the other 7 idle.

R is certainly _capable_ of using more of the CPU than that, but you 
have to load libraries eg snow and use their function calls to do it -- in 
short, like in many languages, you have to code for parallelism. I tried 
to keep parallelism out of this experiment on both machines being 
compared.

Mark

R performance

2020-05-12 Thread Mark Fletcher

Hello

I have recently had cause to compare performance of running the R 
language on my 10+-year-old PC running Buster (Intel Core i7-920 CPU) 
and in the cloud on AWS. I got a surprising result, and I am wondering 
if the R packages on Debian have been built with any flags that account 
for the difference.

My PC was a mean machine when it was built, but that was in 2009. I'd 
expect it would be outperformed by up to date hardware.

I have a script in R which I wrote which performs a moderately involved 
calculation column-by-column on a 4000-row, 1-column matrix. On my 
Buster PC, performing the calculation on a single column takes 9.5 
seconds. The code does not use any multi-cpu capabilities so it uses 
just one of the 8 avaialable virtual CPUs in my PC while doing so. (4 
cores, with hyperthreading = 8 virtual CPUs)

Running the same code on the same data on a fairly high-spec AWS EC2 
server in the cloud, (the r5a-4xlarge variety for those who know about 
AWS) the same calculation takes 2 minutes and 6 seconds. 

Obviously there is virtualisation involved here, but at low load with 
just one instance running and the machine not being asked to do anything 
else I would have expected the AWS machine to be much closer to local 
performance if not better, given the age of my PC.

In the past I have run highly parallel Java programs in the two 
environments and have seen much better results from using AWS in 
Java-land. That led me to wonder if it is something about how R is 
configured. I am not getting anywhere in the AWS forums (unless you pay 
a lot of money you basically don't get a lot of attention) so I was 
wondering if anyone was familiar with how the R packages are configured 
in Debian who might know if anything has been done to optimise 
performance, that might explain why it is so much faster in Debian? Is 
it purely local hardware versus virtualised? I am struggling to believe 
that because I don't see the same phenomenon in Java programs.

Thanks for any ideas

Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Greg,

> > How do I get in contact with somebody who can fix the problem in
> > Debian Buser and/ or the official Debian Buster arm32v7 Docker image?
>
> Looks a bit like <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923479>
> to me.

Thanks a lot! Yes, this looks a lot like my problem. Also their
workaround of running "c_rehash" works. :)

The only difference I was able to spot is that my build process does
not give the "qemu: Unsupported syscall: 382" error message. It stays
completely silent.

https://gitlab.com/toertel/docker-image-tls-https-broken/-/jobs/534935085#L317

317 Setting up ca-certificates (20190110) ...
318 Updating certificates in /etc/ssl/certs...
319 128 added, 0 removed; done.
320 Setting up libgssapi-krb5-2:armhf (1.17-3) ...
321 Setting up libcurl4:armhf (7.64.0-4+deb10u1) ...
322 Setting up curl (7.64.0-4+deb10u1) ...
323 Processing triggers for libc-bin (2.28-10) ...
324 Processing triggers for ca-certificates (20190110) ...
325 Updating certificates in /etc/ssl/certs...
326 0 added, 0 removed; done.
327 Running hooks in /etc/ca-certificates/update.d...
328 done.

I implemented the workaround and it also works in GitLab CI.

https://gitlab.com/toertel/docker-image-tls-https-broken/pipelines/142869786

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Reco,

> > Yes, I have my own Dockerfile and I can add to it whatever I want. But
> > "dpkg-reconfigure ca-certificates" asks a lot of questions. And that
> > list from 1 to 128 might eventually change. So I am puzzled how to
> > automate that without human intervention.
>
> dpkg-reconfigure --default-priority ca-certificates

Yes, now it does not ask questions. But the workaround so far is to
run dpkg-reconfigure once to remove all certificates and then once
again to re-add all of them. I do not know what "dpkg-reconfigure
--default-priority ca-certificates" does.

Thanks for your help,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Greg,

> You... *think* it's there?  Why not actually look?
>
> unicorn:~$ ls -l /etc/ssl/certs/4a6481c9.0
> lrwxrwxrwx 1 root root 27 Jul 14  2018 /etc/ssl/certs/4a6481c9.0 -> 
> GlobalSign_Root_CA_-_R2.pem
>
> It takes a few seconds, and then you can remove all doubt.

Correct, the file is not there. But there are a lot of other links in
/etc/ssl/certs. But those links have real names, not just sequences of
numbers.

# ls -l /etc/ssl/certs/4a6481c9.0
ls: cannot access '/etc/ssl/certs/4a6481c9.0': No such file or directory

What is the difference between the numbered links and the ones with
human readable names?

I *think* that the problem is that these numbered links are missing.

How do I get in contact with somebody who can fix the problem in
Debian Buser and/ or the official Debian Buster arm32v7 Docker image?

Regards,
Mark

# ls -l /etc/ssl/certs/
total 580
lrwxrwxrwx 1 root root 48 May  1 13:06  ACCVRAIZ1.pem ->
/usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  AC_RAIZ_FNMT-RCM.pem ->
/usr/share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt
lrwxrwxrwx 1 root root 69 May  1 13:06
Actalis_Authentication_Root_CA.pem ->
/usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt
lrwxrwxrwx 1 root root 61 May  1 13:06  AddTrust_External_Root.pem
-> /usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt
lrwxrwxrwx 1 root root 61 May  1 13:06  AffirmTrust_Commercial.pem
-> /usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt
lrwxrwxrwx 1 root root 61 May  1 13:06  AffirmTrust_Networking.pem
-> /usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt
lrwxrwxrwx 1 root root 58 May  1 13:06  AffirmTrust_Premium.pem ->
/usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt
lrwxrwxrwx 1 root root 62 May  1 13:06
AffirmTrust_Premium_ECC.pem ->
/usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  Amazon_Root_CA_1.pem ->
/usr/share/ca-certificates/mozilla/Amazon_Root_CA_1.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  Amazon_Root_CA_2.pem ->
/usr/share/ca-certificates/mozilla/Amazon_Root_CA_2.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  Amazon_Root_CA_3.pem ->
/usr/share/ca-certificates/mozilla/Amazon_Root_CA_3.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  Amazon_Root_CA_4.pem ->
/usr/share/ca-certificates/mozilla/Amazon_Root_CA_4.crt
lrwxrwxrwx 1 root root 60 May  1 13:06  Atos_TrustedRoot_2011.pem
-> /usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt
lrwxrwxrwx 1 root root 96 May  1 13:06
Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem ->
/usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
lrwxrwxrwx 1 root root 64 May  1 13:06
Baltimore_CyberTrust_Root.pem ->
/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
lrwxrwxrwx 1 root root 62 May  1 13:06
Buypass_Class_2_Root_CA.pem ->
/usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt
lrwxrwxrwx 1 root root 62 May  1 13:06
Buypass_Class_3_Root_CA.pem ->
/usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt
lrwxrwxrwx 1 root root 55 May  1 13:06  CA_Disig_Root_R2.pem ->
/usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt
lrwxrwxrwx 1 root root 51 May  1 13:06  CFCA_EV_ROOT.pem ->
/usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt
lrwxrwxrwx 1 root root 69 May  1 13:06
COMODO_Certification_Authority.pem ->
/usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt
lrwxrwxrwx 1 root root 73 May  1 13:06
COMODO_ECC_Certification_Authority.pem ->
/usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt
lrwxrwxrwx 1 root root 73 May  1 13:06
COMODO_RSA_Certification_Authority.pem ->
/usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt
lrwxrwxrwx 1 root root 47 May  1 13:06  Certigna.pem ->
/usr/share/ca-certificates/mozilla/Certigna.crt
lrwxrwxrwx 1 root root 59 May  1 13:06  Certinomis_-_Root_CA.pem
-> /usr/share/ca-certificates/mozilla/Certinomis_-_Root_CA.crt
lrwxrwxrwx 1 root root 66 May  1 13:06
Certplus_Class_2_Primary_CA.pem ->
/usr/share/ca-certificates/mozilla/Certplus_Class_2_Primary_CA.crt
lrwxrwxrwx 1 root root 64 May  1 13:06
Certum_Trusted_Network_CA.pem ->
/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt
lrwxrwxrwx 1 root root 66 May  1 13:06
Certum_Trusted_Network_CA_2.pem ->
/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt
lrwxrwxrwx 1 root root 71 May  1 13:06
Chambers_of_Commerce_Root_-_2008.pem ->
/usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt
lrwxrwxrwx 1 root root 63 May  1 13:06
Comodo_AAA_Services_root.pem ->
/usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.c

Re: armhf: buster: TLS / HTTPS partly broken

/usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt
lrwxrwxrwx 1 root root 72 May  1 13:06
ePKI_Root_Certification_Authority.pem ->
/usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt
lrwxrwxrwx 1 root root 61 May  1 13:06  thawte_Primary_Root_CA.pem
-> /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt
lrwxrwxrwx 1 root root 66 May  1 13:06
thawte_Primary_Root_CA_-_G2.pem ->
/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt
lrwxrwxrwx 1 root root 66 May  1 13:06
thawte_Primary_Root_CA_-_G3.pem ->
/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt

Greetings,
Mark

On Tue, May 5, 2020 at 9:10 AM Michael Howard  wrote:
>
> On 05/05/2020 07:44, Mark Jonas wrote:
>
> Hi Reco,
>
> What now? How do I get this fixed in Debian and/ or the official
> container image?
>
> I was under the impression that you're creating your own docker
> container anyway.
> Add it to docker build file or whatever it's called.
>
> Yes, I have my own Dockerfile and I can add to it whatever I want. But
> "dpkg-reconfigure ca-certificates" asks a lot of questions. And that
> list from 1 to 128 might eventually change. So I am puzzled how to
> automate that without human intervention.
>
>
>
> Does 'update-ca-certificates' not work? Doesn't need interaction. Apologies 
> if I missed something, haven't read the whole thread.
>
> --
> Michael Howard

Re: armhf: buster: TLS / HTTPS partly broken

Hi Reco,

> > What now? How do I get this fixed in Debian and/ or the official
> > container image?
>
> I was under the impression that you're creating your own docker
> container anyway.
> Add it to docker build file or whatever it's called.

Yes, I have my own Dockerfile and I can add to it whatever I want. But
"dpkg-reconfigure ca-certificates" asks a lot of questions. And that
list from 1 to 128 might eventually change. So I am puzzled how to
automate that without human intervention.

I am also very much interested in getting the attention of the right
person to fix the official Debian Docker base image. Do you have an
idea whom I shall contact?

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Reco,

> > 1613  stat64("/etc/ssl/certs/4a6481c9.0", 0x7ec95160) = -1 ENOENT (No
> > such file or directory)
>
> Presumably ca-certificates postinst script haven't run, because these
> symlinks missing ain't normal.

Ubuntu 18.04 on my PC gives more or less the same errors but succeeds.
So I have some doubt. I think the symlinks are there.

openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY) = 6
openat(AT_FDCWD, "/etc/ssl/certs/ca-certificates.crt", O_RDONLY) = 6
stat("/etc/ssl/certs/99bdd351.0", 0x7ffc3c886370) = -1 ENOENT (No such
file or directory)

> So, start with "dpkg-reconfigure ca-certificates", and if it does not
> fix it - "apt-get install --reinstall ca-certificates".

This does not work either. But the following works. And this is super confusing.

1. Run "dpkg-reconfigure ca-certificates"
   Trust new certificates from certificate authorities? 1 (yes)
   Certificates to activate: (empty list)
   Updating certificates in /etc/ssl/certs...
   0 added, 128 removed; done.

2. Run "dpkg-reconfigure ca-certificates"
   Trust new certificates from certificate authorities? 1 (yes)
   Certificates to activate: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124
125 126 127 128
   Updating certificates in /etc/ssl/certs...
   128 added, 0 removed; done.

3. "curl https://www.google.com;  now succeeds.

What now? How do I get this fixed in Debian and/ or the official
container image?

Is there a way to automate the above so I can do it as a workaround in
the container creation?

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Reco,

> > I used the identical image to run the container on an amhf host
> > (Raspberry Pi 3). So there is now no QEMU in the way.
>
> Curious. Just tested it with curl at Marvell Armada 385 (runs Debian 10,
> armhf), works as supposed to.
> I could also test it on Exynos 5422 (also runs Debian 10, armhf), but
> it'll be the same.

Do you want to try the Docker image on one of these? Maybe the problem
is not Debian itself but only the official Debian Docker image?

> > curl https://www.google.com still fails on the armhf host. So QEMU is
> > out of the game.
>
> Ok. Is it possible to run curl via strace from inside the docker?
> Something like this would be perfect (-o designates an output file):
>
> strace -o /tmp/curl -e trace=file curl https://www.google.com

Please have a look at the reply I send to Tomas. There is the complete
strace output.

> Specifically, it should try to open a symlink to
> /etc/ssl/certs/GlobalSign_Root_CA_-_R2.pem.
> Here it's called /etc/ssl/certs/4a6481c9.0, may be machine-specific.

Yes, it tries to open something like that and fails. But on my PC,
where curl works, the trace shows similar failures.

Raspberry Pi Docker host, armhf Docker container snippet:

1613  openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY|O_LARGEFILE) = 4
1613  stat64("/etc/ssl/certs/99bdd351.0", 0x7ec95160) = -1 ENOENT (No
such file or directory)
1613  openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
1613  stat64("/etc/ssl/certs/4a6481c9.0", 0x7ec95160) = -1 ENOENT (No
such file or directory)
1613  stat64("/etc/ssl/certs/4a6481c9.0", 0x7ec95160) = -1 ENOENT (No
such file or directory)
1613  +++ exited with 60 +++

PC strace snippet:

5524  openat(AT_FDCWD, "/dev/urandom", O_RDONLY) = 4
5524  openat(AT_FDCWD, "/dev/random", O_RDONLY) = 5
5524  openat(AT_FDCWD, "/dev/srandom", O_RDONLY) = -1 ENOENT (No such
file or directory)
5524  openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY) = 6
5524  openat(AT_FDCWD, "/etc/ssl/certs/ca-certificates.crt", O_RDONLY) = 6
5524  stat("/etc/ssl/certs/99bdd351.0", 0x760b7060) = -1 ENOENT
(No such file or directory)
5524  openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 6
5524  +++ exited with 0 +++

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

   openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/libgpg-error.so.0",
O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
283   openat(AT_FDCWD, "/usr/lib/arm-linux-gnueabihf/libffi.so.6",
O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
283   openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/libgcc_s.so.1",
O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
283   stat64("/etc/gnutls/default-priorities", 0x7ecb9d60) = -1 ENOENT
(No such file or directory)
283   openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY|O_LARGEFILE) = 3
283   access("/etc/gcrypt/fips_enabled", F_OK) = -1 ENOENT (No such
file or directory)
283   openat(AT_FDCWD, "/proc/sys/crypto/fips_enabled", O_RDONLY) = -1
ENOENT (No such file or directory)
283   openat(AT_FDCWD, "/etc/gcrypt/hwf.deny", O_RDONLY) = -1 ENOENT
(No such file or directory)
283   openat(AT_FDCWD, "/proc/self/auxv", O_RDONLY) = 3
283   openat(AT_FDCWD, "/proc/cpuinfo", O_RDONLY) = 3
283   openat(AT_FDCWD, "/root/.curlrc", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No such file or directory)
284   openat(AT_FDCWD, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
284   stat64("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=67, ...}) = 0
284   openat(AT_FDCWD, "/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/libnss_files.so.2",
O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/libnss_dns.so.2",
O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
284   openat(AT_FDCWD, "/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
284   +++ exited with 0 +++
283   openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY|O_LARGEFILE) = 4
283   stat64("/etc/ssl/certs/99bdd351.0", 0x7ecb9180) = -1 ENOENT (No
such file or directory)
283   openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
283   stat64("/etc/ssl/certs/4a6481c9.0", 0x7ecb9180) = -1 ENOENT (No
such file or directory)
283   stat64("/etc/ssl/certs/4a6481c9.0", 0x7ecb9180) = -1 ENOENT (No
such file or directory)
283   +++ exited with 60 +++

On my PC, where curl works fine, I can also see that every access to
files like /etc/ssl/certs/4a6481c9.0 fails, too. So I guess that is
not the problem.

But on the PC I can see that curl reads
/etc/ssl/certs/ca-certificates.crt which is doesn't on armhf. But the
file exists on armhf, has a reasonable size of ~200 kB, and the
contents look unsuspicious. I also ran update-ca-certificates and the
file is identical afterwards.

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Thomas,

> > curl https://www.google.com still fails on the armhf host. So QEMU is
> > out of the game.
>
> Someone hinted at ca_certificates. To verify that, you could try with
> the option "-k" for curl. Then the server certificate isn't checked.

Yes, "curl -k https:/www.google.com" succeeds.

I am 100% sure that the ca-certificates package is installed.

# dpkg --get-selections | grep ca-certificates
ca-certificatesinstall

> Of course this may be a bad idea for a permanent "solution", but would
> allow you to bisect the problem.

I do not understand how that helps.

In my real use case the Logitech Media Server shows the same problem
as curl. I am just using curl here because it is a Debian supported
package and the problem is way easier to reproduce.

Greetings,
Mark

Re: armhf: buster: TLS / HTTPS partly broken

Hi Reco,

> > > Ok. Can you run tcpdump while you're running curl?
> > > Specifically,
> > >
> > > tcpdump -s0 -pnni any -w /tmp/curl.pcap tcp port 443
> >
> > I tried to dump from within the running container but failed.
>
> It's way too complicated. Docker is basically a one big NAT, so please
> run tcpdump on a host instead.

I used the identical image to run the container on an amhf host
(Raspberry Pi 3). So there is now no QEMU in the way.

> But this hiccup gave me an idea - maybe libssl on armhf is perfectly
> fine, but it's qemu which fails to emulate certain CPU instruction.

curl https://www.google.com still fails on the armhf host. So QEMU is
out of the game.

Packet capturing now also worked. For capturing QEMU was the problem.
I also captured aria2c (succeeds with warning) and wget (silently
succeeds). You can download the capture files from
https://fil.email/pzzgUgVp . The link is good for one week and is from
filemail.com.

Thanks for your help,
Mark

Re: armhf: buster: TLS / HTTPS partly broken