Re: OT: End the Phone-Based Childhood Now

[Steve Sobol]

On 2024-03-15 22:58, Marco Moock wrote:

Am 15.03.2024 um 18:16:50 Uhr schrieb Jeffrey Walton:


Fascinating reading here:
.



What the hell?

I already get a ton of legitimate mail from the debian-user mailing 
list. Don't need the off-topic crap.


Admins, could you please get rid of the people who are contributing to 
the noise?

Re: Meeting with the Development Team

[Steve McIntyre]

Sigh.

Please don't respond to spam, it just magnifies the noise.

I'm already updating our anti-spam rules regularly to try and keep
things as clean as possible.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: debian-cd baking process

[Steve McIntyre]

On Tue, Feb 13, 2024 at 06:12:47PM +0100, Kevin Price wrote:
>Dear Steve:
>
>Am 18.01.24 um 00:37 schrieb Steve McIntyre:
>> Kevin Price wrote:
>>> I'm not quite sure where to address this to,
>
>> Argh, that's my code in the debian-cd package. "reportbug debian-cd"
>> should do the right thing...
>
>Thank you for your help, I should have known. So I've now filed
>https://bugs.debian.org/1063858 . Please accept my apology for being
>slow in doing that.

No worries, thanks for prodding. :-)

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
'There is some grim amusement in watching Pence try to run the typical
 "politician in the middle of a natural disaster" playbook, however
 incompetently, while Trump scribbles all over it in crayon and eats some
 of the pages.'   -- Russ Allbery

Re: please, help to get the image write done, due to an error. Thank you!

[Steve McIntyre]

Moving this to the debian-user list and setting reply-to accordingly...

On Fri, Feb 09, 2024 at 12:25:15PM +, guido mezzalana wrote:
>Hello
>
>First of all I wish to thank you all Debian's Team! To still enjoy a free OS:)
>
>I am running Ubuntu XFCE and I am using the Disk Image Write to get your lates
>Debian 12.4.1 XFCE on my USB. Unfortunately after a few try I get always an
>error and so I cannot get the job done. I do have a Lenovo X200 which comes
>without DVD writer.

Ummm. What image exactly are you trying to write, and how?

We don't have any images labelled with version 12.4.1. Where did you
get this image from?

What exact errors is the image writer program reporting? Without that
information it's very difficult to help you.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: what keyboard do you use?

[Steve McIntyre]

Lee wrote:
>
>I bought a Dell desktop in 2019 and the keyboard just died :(
>
>ssh in from another machine & do a 'sudo reboot now' and get an alert
>about 'Keyboard not found.'  on power up.  The keyboard also doesn't
>work in another machine so it's really & truly dead.
>
>I figure there's a high percentage of keyboard jockeys here so ..
>which keyboard do you like and why?

I used to love the old IBM Model M, and I used a few of those over the
years until I started having trouble with USB-PS/2 adapters. Then I
tried a new Unicomp USB keyboard. Very similar feel, as you'd expect,
but it didn't have the same build quality and the lower row of keys
started to die after ~5 years or so. It was also *very* loud, enough
to be a problem even in my home office.

About 2y aho I picked up a Filco Majestouch-2 with Cherry MX Brown
switches. I'm loving it - full size and a good level of mechanical
tactile feedback WITHOUT ALL THE NOISE ALL THE TIME. Very much
recommended.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: chrony date months off

[Steve McIntyre]

Darac Marjal  wrote:
>
>The script works like this: if the root device is specified on the 
>kernel command line AND the word "fixrtc" is  specified, then get the 
>time that the root file system was last mounted. The script then uses 
>"date" to set the clock to that date stamp.
>
>I assume that the idea is that, rather than having the clock start at 
>1970, it's better to start it at, say, yesterday. You've still got quite 
>a lot of slewing to do if you connect to NTP, but at least there's a 
>chance that you can verify certificates etc.

I also wrote fake-hwclock (packaged in Debian) for this kind of reason.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: To partition or not to partition MD arrays (Was Re: smartctl cannot access my storage, need syntax help)

[Steve McIntyre]

Hey Andy.

Andy Smith wrote:
>
>On Thu, Jan 18, 2024 at 12:53:43AM +, Steve McIntyre wrote:
>> I'm clearly a member of a third group of people,,, :-)
>
>Oh, I didn't mean to imply that those going by taste were in a
>minority! Taste, or possibly, "just never thought about it" could
>well be the biggest group. I was only talking about my observations
>of those who seem to hold strong opinions on this, usually to the
>point where they will advocate "their way" to others.

ACK!

>> Putting partitions on the RAID drives helps *me* identify them.
>
>So, I don't care what people do and I'm not trying to change your
>mind. Would you mind going into what makes "sda1" more identifiable
>for you than "sda" though?
>
>Or is it that you make use of partition labels for some extra info?

If I'm looking at disks on a system, the first thing I'll look for is
the partition table. If a disk has a partition table with "Linux RAID"
partitions viaible, that gives me a strong hint of what I should
expect on the disk. Especially if I'm swappings disk around between
systems, commisioning new systems and re-using disks etc.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: To partition or not to partition MD arrays (Was Re: smartctl cannot access my storage, need syntax help)

[Steve McIntyre]

Andy Smith wrote:
>
>The newer set of people recommending partitions are mostly doing so
>because there's been a few incidents of "helpful" PC motherboards
>detecting on boot what they think is a corrupt GPT, and replacing it
>with a blank one, damaging the RAID. This is a real thing that has
>happened to more than one person; it even got linked on Hacker News
>I believe.
>
>Then there will just be people going by taste.
>
>Personally I still put them directly on drives. If I ever get taken
>out by one of those crappy motherboards, I reserve the right to get
>a different religion. 😀

I'm clearly a member of a third group of people,,, :-)

Putting partitions on the RAID drives helps *me* identify them.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: debian-cd baking process

[Steve McIntyre]

Hi Kevin!

Kevin Price wrote:
>
>I'm not quite sure where to address this to, but I'm certain this is a
>bug: If you download debian installer media, for instance
>debian-12.4.0-amd64-DLBD-2.iso, they prominenty include the files
>"README.txt" and "README.html". Those presumably somehow auto-generated
>README files say, in the case of former example:
>
>"this disc is number 2 of a set of 1 discs"
>
>Which is obviously false.
>
>Could anyone please help me find where to file this bug to? Any ideas
>much appreciated. Maybe there's a bug already that I didn't find.

Argh, that's my code in the debian-cd package. "reportbug debian-cd"
should do the right thing...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: smartctl cannot access my storage, need syntax help

[Steve McIntyre]

Gene Heskett wrote:
>
>I'm looking for a solution to a broken install, all caused by the 
>installer finding a plugged in FDTI usb-serial adapter so it 
>automatically assumed I was blind and automatically installed brltty and 
>orca, which are not removable once installed without ripping the system 
>apart rendering it unbootable. If orca is disabled, the system will 
>_NOT_ reboot. And I catch hell for discriminating against the blind when 
>I complained at the time.
>
>That took me 20+ installs to get this far because if I removed the exec 
>bits on orca,  disabling it=no reboot=yet another re-install go thru the 
>same thing with orca yelling at me for every keystroke entered, till 
>someone took pity on me and wrote to unplug the usb stuff which looks 
>like a weeping willow tree here, nothing more or less.

Gene, *stop* doing this.

When you ask for help with *one* issue (in this case, smartctl),
looping around other issues you've had in the last few years *does not
help*. It's unrelated, it obfuscates what you're saying, and it's
*intensely* frustrating to the people here who might actually be
trying to help you.

You do this *a lot*. Please focus on one thing at a time, and we might
be able to help you better. The usual advice applies:

 * Give a clear description of the problem you're seeing. Include
   command lines and command output, log entries or similar. Make it
   possible for people to actually identify the problem - vague
   descriptions make it much harder.

 * When people reply to you asking for more information, they're not
   doing that to annoy you. They're trying to understand the problem
   you've reported more, so they can help you fix it. If they ask you
   to run extra commands and report the output, *please do that*.

 * Stay on topic. If you have another issue you'd like help with, send
   a separate mail about that and have a separate thread of
   conversation about that issue. Don't mix things up.

Please think about this, and help people to help you.

>And I'm forced to conclude that a simple yes or no answer to what looks 
>like a single, simple question to me, included above, is beyond you. 
>Surely there is someone who /can/ answer that question.
>
>Do take care, stay warm, dry and well Andy. And unvaxed, so you might 
>live to be my age.
>
>I am not. You are helpful, just not to me. That, I do not understand. It 
>comes across to me that you have no time for anyone north of 50 years 
>old, we are too dumb to be help when something goes south.  The only 
>part of the advanced age category I fit into is the poor short term 
>memory of someone 89 years old, which I am.

It's nothing to do with your age. You keep on bringing this up. People
are volunteering their time to help you. When you don't pay attention
and go wandering off-topic it makes it much harder for people to
help. I hope you can understand that.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Debian on Asus X205TA [Was: Re: Installing Debian on an old Asus EEE PC]

[Steve McIntyre]

m...@dorfdsl.de wrote:
>Am 06.01.2024 um 10:46:56 Uhr schrieb Leandro Noferini:
>
>> In my Asus EEEPC (X205TA) the bios/uefi is 32 bit but the processor is
>> 64 so you need only the grub 32 bit but the remaining of the operative
>> system, including kernel, is 64 bit.
>
>There was another thread (maybe on debian-users-german?) discussing
>that and Debian 12 doesn't ship multiarch installers, so it will be a
>bit harder to make it work with 32 bit UEFI.

The amd64 installation media now includes the bits needed to start the
installer on mixed-mode UEFI systems like the Bay Trail platform in
the X205TA. I still have an old mixed-moded Apple Imac that works that
way as a test machine.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: [HS] LINUX ENTREPRISE

[steve]

Le 04-01-2024, à 11:20:37 +, Yves Rutschle a écrit :


On Wed, Jan 03, 2024 at 01:49:21PM +0100, ilario.quinson@e.email wrote:


svp  c'est quoi CISO?


Chief Information System Officer, la version shakespearienne de RSSI.


May I correct? It's

Chief Information __Security__ Officer

s.

Content of /etc/ethers

[Steve Keller]

Which tools read /etc/ethers, what do they expect in there, what do
they do with the contents?  Is it only used to show names to a user or
take names from a user instead of MAC addresses, like in tcpdump?

The Linux man page says the entries in /etc/ethers should be numeric
IP addresses or names which can be resolved by DNS, while the FreeBSD
man page says there should be fully qualified names in /etc/ethers
which should also be in /etc/hosts.

But does really some tool get a MAC address from somewhere, converts
it to a name using /etc/ethers, and then expects to resolve that name
into an IP address?

I would like to put names of hosts or interfaces in there, which don't
necessarily have an IP address or no entry in /etc/hosts or DNS, like
switches, access points or routers with multiple interfaces,
interfaces of a Linux bridge, etc.

And may the entry in /etc/ethers contain a '.' to separate a name and
an interface number or VLAN ID, like host.0 and host.1 for the LAN and
WLAN interface?

Steve

Re: md0 + UUIDs for member disks

[Steve McIntyre]

fnat...@gmx.net wrote:
>
>I have /dev/md0 mounted at /storage which consists of two HDDs.
>
>Now I would like to add an SSD drive for better performance of
>VMs. Usually, before doing this, I make sure that all of my disks are
>mounted using UUID and not device names. I do not think this is
>the case for the two member HDDs of md0 (cat /proc/mdstat).
>Is there an easy way to fix this?
>
>If I need to reinstall, can I keep the two member HDDs with all the
>data, i.e. does the Debian12 installer recognize the member HDDs
>and will allow me to configure /dev/md0?

The reason behing using UUIDs is that individual disks don't have
persistent names attached: /dev/sda might be /dev/sdb next time, etc.

MD RAID devices *do* include persistent metadata so that the system
can recognise them reliably. You should be fine as you are.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

12.4.0 point release published

[Steve McIntyre]

Hi folks,

The new 12.4.0 point release is now out. It contains the needed fixes
for the ext4 data corruption bug (https://bugs.debian.org/1057843).

It's now safe to upgrade as normal, panic over.

Many thanks to all the people who spent all of their weekend making
this happen...

-- 
Steve McIntyre, Cambridge, UK
Debian images team

Re: Why is bullseye-backports recommended on bookworm?

[steve]

Thanks Greg for the precise explanation. I would suggest to put it in the
Debian Wiki for futur reference.

Le 18-11-2023, à 09:18:56 -0500, Greg Wooledge a écrit :


On Sat, Nov 18, 2023 at 12:24:30AM -0600, David Wright wrote:

On Fri 17 Nov 2023 at 14:07:54 (+), Tixy wrote:
> At time of writing, that depended on package in stable is called
> 'linux-image-6.1.0-13-amd64' and the version of that package is
> '6.1.55-1'. This is the kernel installed on my machine.

And AIUI that version is the upstream source version, and a Debian
counter for that source. The counter is rarely used, AFAICT, and can
cause consternation when it is, because it means the kernel gets
upgraded 'in place', making it tricky to revert if you wanted to.
(That shouldn't normally be necessary.) And I'm sure you know all
this, or something like it.


Debian kernel images have a complex naming system, to be sure.  Let's
look at the package name first: linux-image-6.1.0-13-amd64

The "linux-image-" part is obvious.  That's static.

The "6.1.0-" part comes from the upstream release series.  All the
kernel images containing "6.1.0-" in this section should come from the
same upstream series (6.1.x), and should have basically the same feature
set, with no major changes.

The "13" is the ABI (Application Binary Interface) identifier.  This
gets incremented each time the kernel's internal structures change in
a way that would require kernel modules to be recompiled.

And finally, the "-amd64" part is the architecture.

Next, look at the package version string: 6.1.55-1

The "6.1.55" part is the upstream release number.  In this case, this
is the 55th point release in the upstream 6.1.x series.

The "-1" indicates that this is the first Debian package built from
this upstream release, by the Debian kernel image maintainers.

Now, let's say a major bug is found in this kernel, and the maintainers
decide to release a new kernel package built from the same upstream
source, but with a fix.  Depending on the changes they make, one of two
things can happen:

1) If the fix doesn't require an ABI change (old modules can be loaded
  by the new kernel), then they only have to increment the package
  version number.  So they'll release package linux-image-6.1.0-13-amd64
  version 6.1.55-2.  (Or if it were the security team doing it, then
  the version number would be something like 6.1.55-1+deb12u1 instead.)

2) If the fix requires an ABI change, then a new package name has to
  be created.  In this case, they'll release a new package
  linux-image-6.1.0-14-amd64 with version 6.1.55-1 (or something
  like 6.1.55-0+deb12u1 maybe, although the security team is much
  less likely to invoke an ABI change).

In practice, though, new kernel images are most likely to be released
after a whole bunch of upstream point releases have occurred, and
will roll up all of those upstream changes into one gigantic change.
So we would most likely jump from linux-image-6.1.0-13-amd64 version
6.1.55-1 to linux-image-6.1.0-14-amd64 version 6.1.72-1 (or something
along those lines).  Because so many changes get amalgamated together,
it's vanishingly rare for the ABI counter *not* to increment.

Re: Problem with apt update (is not signed)

[Steve McIntyre]

kopecpa...@gmail.com wrote:
>
>Hello,
>
>since yesterday (2023-10-25) I received an error during the apt update 
>command:

Only since yesterday? Was it working fine previously?

>docker run -it debian:bullseye /bin/bash
>Unable to find image 'debian:bullseye' locally
>bullseye: Pulling from library/debian
>69b3efbf67c2: Pull complete
>Digest: 
>sha256:c141beaa9e0767774221cc82efe3a6712a1cc4f75d2699334dfd9a28a6f7357b
>Status: Downloaded newer image for debian:bullseye
>
>root@eb335ad71846:/# apt-get update
>Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB]
>Get:2 http://deb.debian.org/debian-security bullseye-security InRelease 
>[48.4 kB]
>Get:3 http://deb.debian.org/debian bullseye-updates InRelease [44.1 kB]
>Err:1 http://deb.debian.org/debian bullseye InRelease
>   At least one invalid signature was encountered.
>Err:2 http://deb.debian.org/debian-security bullseye-security InRelease
>   At least one invalid signature was encountered.
>Err:3 http://deb.debian.org/debian bullseye-updates InRelease
>   At least one invalid signature was encountered.
>Reading package lists... Done
>W: GPG error: http://deb.debian.org/debian bullseye InRelease: At least 
>one invalid signature was encountered.
>E: The repository 'http://deb.debian.org/debian bullseye InRelease' is 
>not signed.
>N: Updating from such a repository can't be done securely, and is 
>therefore disabled by default.
>N: See apt-secure(8) manpage for repository creation and user 
>configuration details.
>W: GPG error: http://deb.debian.org/debian-security bullseye-security 
>InRelease: At least one invalid signature was encountered.
>E: The repository 'http://deb.debian.org/debian-security 
>bullseye-security InRelease' is not signed.
>N: Updating from such a repository can't be done securely, and is 
>therefore disabled by default.
>N: See apt-secure(8) manpage for repository creation and user 
>configuration details.
>W: GPG error: http://deb.debian.org/debian bullseye-updates InRelease: 
>At least one invalid signature was encountered.
>E: The repository 'http://deb.debian.org/debian bullseye-updates 
>InRelease' is not signed.
>N: Updating from such a repository can't be done securely, and is 
>therefore disabled by default.
>N: See apt-secure(8) manpage for repository creation and user 
>configuration details.

What are you running as a host OS here? Are you running the same arch
on both the host and inside the container (i.e. i386 on i386, or amd64
on amd64)?

I've seen this kind of symptom in the past when a docker image
included software which depended on system calls only provided by a
newer kernel.

Docker is *awful* here - it doesn't actually isolate you from this
kind of mismatch; instead it hides the details of problems to make
them almost impossible to debug.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Understanding package dependencies

[Steve Keller]

Greg Wooledge  writes:

> Package: sysvinit-utils
> [...]
> Provides: lsb-base (= 11.1.0)
>
> When you remove the physical lsb-base package, the virtual package
> provided by sysvinit-utils remains, to satisfy the dependencies of
> ntpsec, rsync, etc.

OK, that explains, why lsb-base can be removed without ntpsec. Is there
a way to search for "Provides" in packages? I.e. show me all packages
(installed or all) that provide some feature "foobar"?

Steve

Understanding package dependencies

[Steve Keller]

I've always thought, that a package's dependencies must be full-filled
to install that package and that apt-get automatically manages these
dependencies.  And also, that if I remove a package, that all other
packages are removed, that depend on it.  Like this:

# aptitude purge bind9-libs
The following packages will be REMOVED:
  bind9-libs{p} libjemalloc2{u}
0 packages upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 4668 kB will be freed.
The following packages have unmet dependencies:
 bind9-host : Depends: bind9-libs (= 1:9.18.19-1~deb12u1) but it is not 
going to be installed
 bind9 : Depends: bind9-libs (= 1:9.18.19-1~deb12u1) but it is not going to 
be installed
 bind9-dnsutils : Depends: bind9-libs (= 1:9.18.19-1~deb12u1) but it is not 
going to be installed
 bind9-utils : Depends: bind9-libs (= 1:9.18.19-1~deb12u1) but it is not 
going to be installed
The following actions will resolve these dependencies:

 Remove the following packages:
1) bind9 [1:9.18.19-1~deb12u1 (now, stable-security)]
2) bind9-dnsutils [1:9.18.19-1~deb12u1 (now, stable-security)]
3) bind9-host [1:9.18.19-1~deb12u1 (now, stable-security)]
4) bind9-utils [1:9.18.19-1~deb12u1 (now, stable-security)]


But how can this then be explained?

# aptitude why lsb-base
i   ntpsec Depends lsb-base
# aptitude show ntpsec | grep ^Depends
Depends: adduser, lsb-base, netbase, python3, python3-ntp (= 
1.2.2+dfsg1-1+deb12u1), tzdata, libbsd0 (>= 0.0), libc6 (>= 2.34), libcap2 (>= 
1:2.10), libssl3 (>= 3.0.0)
# aptitude purge lsb-base
The following packages will be REMOVED:
  lsb-base{p}
0 packages upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 12.3 kB will be freed.
Do you want to continue? [Y/n/?]

Won't continuing here leave ntpsec with an unresolved package dependency?

Steve

usrmerge in bookworm

[Steve Keller]

I have upgraded from bullseye to bookworm and it seems the package usrmerge is 
installed forcedly now.  At least it has been installed and I haven't been 
asked about it :-(

I have always been sceptical about /usr merge, since all binaries now appear in 
two places, "type sh" in bash gives the strange looking /usr/bin/sh where all 
Uni*ers are strongly used to /bin/sh.  But also things like the following don't 
work anymore:

$ dpkg -S $(type -p sh)
dpkg-query: no path found matching pattern /usr/bin/sh

And I don't see a comfortable way around this.

Steve

Update on problem mounting NFS share

[Steve Matzura]

I gave up on the NFS business and went back to good old buggy but 
reliable SAMBA (LOL), which is what I was using when I was on Debian 8, 
and which worked fine. Except for one thing, everything's great.



In /etc/fstab, I have:


//192.168.1.156/BigVol1 /mnt/bigvol1 civs 
vers=2.0,credentials=/root/smbcreds,ro



That should work, right? Well, it does, but only sometimes. If I boot 
the system, the remote share isn't there. If I unmount everything with 
'umount -a', wait a few seconds, then remount everything with 'mount 
-a', I sometimes have to do it twice. Sometimes, the first time I get a 
message from mount about error -95, but if I wait the space of a couple 
heartbeats and try 'mount -a' again, the share mounts. If I look through 
/var/kern.log for errors, I don't find anything that stands out as 
erroneous, but would be glad to supply extracts here that might help me 
to trace this down and fix it.



TIA

Re: Debian will not boot any more, wrong UUID

[Steve McIntyre]

Hi Hans!

hans.ullr...@loop.de wrote:
>
>In short; I tried (as most people tell): Starting windows in secure mode, then 
>boot into the BIOS and there set from RAID to AHCI, afterwards start windows 
>as normal.
>
>This setting in BIOS was existent some time ago, but now it is complete gone 
>(this point is completele disappeared!)!!  I know that it is in RAID, because 
>Windows told so: BUS form = RAID.

Right. I have one of these machines as a test box locally, and I think
I know what the problem is.

The core issue is that the BIOS setup screen has a ridiculous
mis-feature - it hides some BIOS entries from the user, with no
indication that it has done so. On the model I have, it needs you to
hit Ctrl-s on each of the BIOS setup screens to show them. I've read
about other models where you need to hit other key combinations. Doing
a web search for " hidden bios settings" should help you here.

The "InsydeBIOS" thing is utter crap, basically. I'd *reallY* strongly
recommend getting rid of the machine and replacing it with something
less awful.

Be aware that if you switch storage from RAID to AHCI mode then you'll
probably lose access to the Windows installation - it will be
depending on the RAID setup.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Debian live boot corrupting secure boot

[Steve McIntyre]

valerio.va...@inwind.it wrote:
>On Wed, 27 Sep 2023 09:54:31 +0700 Max Nikulin  wrote:
>> I found the issue on latest versions of Clonezilla, but then I tried 
>> 
>>^^
>> 
>> with plain Debian live and the behavior is the same.
>> 
>> 
>> Does it mean that you can not boot your *old* Clonezilla live after booting 
>> a latest
>Clonezilla? If so, it is better to discuss the issue with shim or grub 
>developers.
>
>Yes. If I load a Clonezilla live newer than 3.1.0-11, then I cannot boot 
>anymore 2.8.1-12.
>
>> 
>> 1) Machine brand new: secure boot is active, Windows 10 shows it active, 
>> I can boot an
>old Clonezilla live (2.8.1-12) as many times as I want. 
>> 
>> An old image may be signed by a key later added to certificate revocation 
>> lists. If so,
>secure boot just works as it is supposed to do.
>
>I didn't consider that... But it makes sense.
>
>> 2) I boot from USB drive Debian Live 12
>>
>https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-12.1.0-amd64-kde.iso
>> 
>> 
>> If it can be reproduced with a contemporary Clonezilla or e.g. a Fedora 
>> image then it is not
>a Debian issue. If it is specific to namely Debian (I am unsure concerning 
>Ubuntu, Debian
>derivatives) then it is better to file a bug providing more details.
>
>As I said, the image that is not loaded anymore is older Clonezilla.
>The image that alters secure boot is newer Clonezilla, and then I found 
>that newer Debian does the same.
>I still haven't found an old version of Debian that cannot boot after 
>newer one (but I only tried 10 live, so far).

The newer images might be causing firmware key revocation updates to
be applied. This is part of the Secure Boot story - if you want to
stay secure, systems will need to be updated to stop older software
with known holes from being run.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Debian live boot corrupting secure boot

[Steve McIntyre]

Stefan wrote:
>> With outdated keys secure boot does not protect you.
>
>Just to clarify: in 99.99% of the cases, SecureBoot does not protect you
>(and is not designed to protect you either).

Sigh. Lose the misinformation crap, please. It's getting tedious.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Plus de session graphique [résolu]

[steve]

Le 29-09-2023, à 00:52:14 +0200, Jean Bernon a écrit :


La commande "apt install gnome" aboutissait à un problème de 2 paquets
dont gir1.2-mutter-11.deb. J'ai cherché ce paquet sur le site Debian,
j'ai abouti à cette page
packages.debian.org/en/stable/gir1.2-mutter-11/amd64/download
qui donne comme exemple de miroir à insérer dans sources.list
deb http://ftp.de.debian.org/debian bookworm main
J'ai ajouté cette ligne à mon sources.list et fait un apt update.
Ensuite la commande "apt install gnome" a fonctionné sans problème et
j'ai retrouvé mon environnement graphique.


Une chose de faite :)

Il manque deux entrées importantes (nouveau sous bookworm,
non-free-firmware):

deb http://security.debian.org/debian-security bookworm-security main contrib 
non-free non-free-firmware
deb-src http://security.debian.org/debian-security bookworm-security main 
contrib non-free non-free-firmware

deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free 
non-free-firmware
deb-src http://deb.debian.org/debian/ bookworm-updates main contrib non-free 
non-free-firmware




PS Il est vrai que ça n'explique pas complètement ce qui s'est passé
(un problème du miroir deb.debian.org ??)


Possible, mais pas sûr :)

Re: Plus de session graphique

[steve]

Le 28-09-2023, à 17:22:20 +0200, Jean Bernon a écrit :


Erreur http://deb.debian.org/debian bookworm/main amd64 gnome-shell-common all 
43.4-1
 404  Not Found [IP : 2a04:4e42:6a::644 80]
Erreur http://deb.debian.org/debian bookworm/main amd64 gir1.2-mutter-11 amd64 
43.4-2
 404  Not Found [IP : 2a04:4e42:6a::644 80]
Erreur http://deb.debian.org/debian bookworm/main amd64 gnome-shell amd64 43.4-1
 404  Not Found [IP : 2a04:4e42:6a::644 80]
55% [Attente des fichiers d'en-tête]��e&
Erreur http://deb.debian.org/debian bookworm/main amd64 
gnome-shell-extension-prefs amd64 43.4-1
 404  Not Found [IP : 2a04:4e42:6a::644 80]


C'est bizarre ça. Peux-tu mettre le contenu de ton sources.list ici ?

Re: Letting Windows go: scanning

[Steve Sobol]

On 2023-09-20 10:17, Timothy M Butterworth wrote:


When I used to use HP MFD's I used to have to connect to it with USB
to get scanning. I do not know if network scanning is now supported or
not.


Scanning directly to a computer, using drivers installed on that 
computer, is a nightmare - even with Windows PCs and Brother 
multi-function devices, which (in my opinion) work far better than 
products from any other manufacturer.


Consistently having to reinstall drivers because the MFD's suddenly were 
unable to connect to one or more computers got really old, really 
quickly.


I've started scanning to Windows (SMB) shares. Setting up shared folders 
on a Linux box is easy - Samba is your friend.


If the MFD is network-capable (either wired or wireless), that's the way 
to go.

Re: [a bit OT] Automate a (G o o g l e) search from a list of strings

[steve]

Le 20-09-2023, à 08:46:06 +, Andy Smith a écrit :


Hello,

On Wed, Sep 20, 2023 at 08:13:43AM +0200, steve wrote:

Le 19-09-2023, à 16:52:24 +0200, Nicolas George a écrit :
> what you intend is completely forbidden by Google's terms and
> service. And they have detection: please only do this on a
> computer and network access when you will be the only one
> inconvenienced when they block your access. It happened on a
> computer I co-administrate.

Why would it be forbidden, I just want to automate what I could do
manually? Nothing evil in my approach.


Google terms of use forbid mechanization, automation and scraping of
their service. And as Nicolas says, they do check, and they do
punish offenders. At best you'd be hoping that the volume of your
queries falls below their radar. But I wouldn't risk it.

A typical punishment is to require a CAPTCHA be solved for any query
from your netblock to any Google property, which is immensely
annoying.

I have had to terminate my own customers on multiple occasions over
their inability to take this exact issue seriously, because it
really upsets OTHER customers when they suddenly need to solve a
CAPTCHA to do a search query or look at their email.


Thank you very much for this very clear explanation, I didn't know that
(never read those terms of use to be honest).

I ended up doing my searches by hand, it took some time and that's all
right.

Best,

s.

Re: [a bit OT] Automate a (G o o g l e) search from a list of strings

[steve]

Dear all,

Thank you for your answers, unfortunately they don't help me much
(provided code is too complicated for me).


Le 19-09-2023, à 16:52:24 +0200, Nicolas George a écrit :


steve (12023-09-19):

I have a list of 200 keywords and would like for every one to launch a
search on a specific website and put the result(s) in a file, something
like:

search keyword website: example.com >> file.csv

I guess I could code a Python script to do that but if something already
exists I'd rather use it.

Any ideas or links ?


Hi.

If you have access to Google's APIs, then the answer is probably in
their documentation.


I don't.


If not, then what you intend is completely forbidden by Google's terms
and service. And they have detection: please only do this on a computer
and network access when you will be the only one inconvenienced when
they block your access. It happened on a computer I co-administrate.


Why would it be forbidden, I just want to automate what I could do
manually? Nothing evil in my approach.

Have a nice day.

s.

[a bit OT] Automate a (G o o g l e) search from a list of strings

[steve]

Hello,

I'm sorry if this question is a bit OT but since the answer will be
implemented from a Debian machine, it's not completely OT :)

I have a list of 200 keywords and would like for every one to launch a
search on a specific website and put the result(s) in a file, something
like:

search keyword website: example.com >> file.csv

I guess I could code a Python script to do that but if something already
exists I'd rather use it.

Any ideas or links ?

Thanks !

s.

Can't mount NFS NAS after major upgrade

[Steve Matzura]

I upgraded a version 8 system to version 11 from scratch--e.g., I 
totally reinitialized the internal drive and laid down an entirely fresh 
install of 11. Then 12 came out about a week later, but I haven't yet 
upgraded to 12 because I have a show-stopper on 11 which I absolutely 
must solve before moving ahead, and it's the following:



For years I have had a Synology NAS that was automatically mounted and 
directories thereon bound during the boot process via the following 
lines at the end of /etc/fstab:



# NAS box:
//192.168.1.156/BigVol1 /mnt/bigvol1 cifs 
_netdev,username=,password=,ro 0 0


Then I had the following line, replicated for several directories on 
bigvol1, to bind them to directories on the home filesystem, all in a 
script called /root/remount that I executed manually after each reboot:



mount /mnt/bigvol1/dir-1 /home/steve/dir-1 -o bind,ro

I had directories set up on the home filesystem to accept these binds, 
like this:



mount /mnt/bigvol1/dir-1 /home/steve/dir-1 -o bind,ro


None of this works any more on Debian 11. After boot, /mnt/bigvol1 is 
empty, so there's no need to even try the remount script because there's 
nothing to which those directories can bind, so even if those mount 
commands are correct, I would never know until bigvol1 mounts correctly 
and content appears in at least 'ls -ld /mnt/bigvol1'.



Research into this problem made me try similar techniques after having 
installed nfs-utils. I got bogged down by a required procedure entailing 
exportation of NFS volume information in order to let nfs-utils know 
about the NFS drive, but before I commit to that, I thought I'd ask in 
here to make sure I'm not about to do anything horribly wrong.



So, summarily put, what's different about mounting a networked NFS drive 
from 8 to 11 and 12?



Thanks in advance.

Re: Downgrade Unstable vers stable

[steve]

Le 16-09-2023, à 23:03:38 +0200, Haricophile a écrit :


On peut rétrograder, il y a les infos sur le wiki Debian, mais c'est
une opération non recommandée avec de bonnes raisons. Si tu n'a rien de
complexe a configurer, à mon avis personnel qui n'engage que moi :
réinstalle proprement.


Je soutiens à 100% cette proposition. Rétrograder de Unstable à Stable
n'est pas un processus soutenu par les dev de Debian et tu n'as aucune
garantie que ça fonctionne. Tu vas perdre des heures de travail pour un
résultat aléatoire. Seule solution viable: réinstaller depuis une image
officielle stable.

Re: conversion pdf

[steve]

Le 16-09-2023, à 18:42:15 +0300, Alex PADOLY a écrit :


  Bonsoir à tous,

  Connaissez-vous un paquet Debian pdf en ligne de commande pouvant
  s'intégrer dans un script permettant de convertir un document texte (
  txt, word, openOffice) ou un dessin en un fichier pdf.


pdftotext
cupsfilter
convert
ps2pdf
enscript
paps
vim
pandoc
unoconv
a2x

Ensuite faut utiliser celui le plus adapté à ton cas d'usage.

Re: Re : Re: Re : Re : Re : Re : FFMPEG ?

[steve]

Le 01-09-2023, à 00:00:19 -0700, ptilou a écrit :



Il n'y a pas d'avantage a utiliser le format RAW, sauf a achete des
mass storages !



Donc l'image avec par exemple la detection de tumeurs vous depasse,
mais vous me suivaient, ou vous etes rellement du proget Debian ?



ffmeg, ne supporte pas le RAW, qui n'est pas choisie, le plus complexe
en film, est d'obtenir plus de 120 images par secondes, tous
informations disponible par les images de la NASA, par contre je ne
connais pas de service de balistique qui partage leurs technologie pour
capturer les images, une balle d'arme a feux je crois que c'est 900
metres seconde, et l'argentique fait 90 images secondes, en jpg
Photoshop avec un script corrige les flous, et Imagemagick ?


Oui, on est tout à fait d'accord.

Re: Please verify Gnome and KDE wiki articles for correctness

[Steve McIntyre]

g...@wooledge.org wrote:
>On Sat, Aug 26, 2023 at 07:40:46AM -0500, Nate Bargmann wrote:
>> 
>> I was able to successfully change my password and update my Wiki home
>> page a little while ago.  It has been a long time since I created the
>> account and don't recall what the process entailed.
>
>If I recall correctly, it used to be possible to create an account with
>the standard wiki mechanisms, but that was discontinued due to spammers
>abusing it.  So, those of us who happened to create an account in the
>early days got to do it the easy way, but now any new accounts need to
>be approved by the wiki admins.

Yup, that's exactly it. We used to cope with some scripts to do
auto-whitelisting, but the spammers got worse and worse. So now we
need to do manual approval. We try to be as responsive as possible to
new signup requests, and we normally respond within a few hours.

Not enough spammers on fire. :-(

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: Gradle version in bookworm

[Steve Sobol]

On 2023-08-26 03:18, Mark Fletcher wrote:


continue using it -- but since I can get it onto my machine with zero
effort via Intellij


I am a Jetbrains subscriber who uses many of their IDEs, including 
IntelliJ, and if that's the way you want to go, I'm certainly not going 
to tell you not to.


But if you don't need IntelliJ, it seems silly to install it just to get 
Gradle.


You can download the latest OSS version of Gradle from gradle.org.

Am I missing something?

Re: Bookworm VPS image and cron

[Steve Sobol]

On 2023-08-25 08:38, Andy Smith wrote:

Hello,

On Thu, Aug 24, 2023 at 03:02:55PM -0700, Steve Sobol wrote:
So, there you go... it was a problem with DO's Bookworm image. I'm 
assuming
the omission wasn't intentional and if that is, in fact, the case, it 
will

get fixed quickly.


It sounds to me like not a bug, since a minimal debootstrap
(debootstrap --variant=minbase bookworm target-dir) of Debian 12
does not include the "cron" package either. It's just a change.
Nothing in the base system needs cron any more.


Might not be a bug. Regardless, that was their response. If they 
determine the package should not have been omitted, they'll fix their 
image.


It is what it is.

Thanks
--Steve

Re: Bookworm VPS image and cron

[Steve Sobol]

On 2023-08-05 23:06, Geert Stappers wrote:



> Or you could ask your VPS provider why they aren't providing
> "important" packages in their default image.

This is the first time it's happened. Of the Linux images I've used 
there,
Ubuntu 14.04, 16.04, 18.04, 20.04, 22.04, and Debian bullseye all 
shipped
with cron properly installed. Come to think of it... I just checked a 
local
bookworm VM I'm running at home, and it has cron installed, too. I'll 
open a

ticket.


Response from the provider:

[ Hi Steve,

Thanks for reaching out to DigitalOcean.

I understand you ran into an issue where you found cron was not 
preinstalled on our Debian 12 images. I can confirm that in testing I 
was able to replicate this issue where it's not installed on Debian 12, 
but is on Debian 11 and our Ubuntu images. It sounds to me like a bug, 
so I've submitted a review to our engineering team that handles the 
images for the Droplets. If they determine this to be incorrect they 
will update the image accordingly.


We appreciate the bug report! For the time being, if you need to launch 
a new Droplet with Debian 12 you will want to manually install cron.


If you have any other questions or concerns please feel free reach back 
out at your convenience.


Thank you for being a customer and have a great day! ]

So, there you go... it was a problem with DO's Bookworm image. I'm 
assuming the omission wasn't intentional and if that is, in fact, the 
case, it will get fixed quickly.


Thanks
--Steve

Re: Bookworm - cron?

[Steve Sobol]

On 2023-08-05 13:16, Andy Smith wrote:

Hello,

On Sat, Aug 05, 2023 at 12:53:08PM -0700, Steve Sobol wrote:
Part of my standard procedure for setting up new VMs involves editing 
root's

crontab.

But cron isn't installed.


Seems unlikely. There are system cron jobs that are not yet
converted to systemd timers. A bookworm install I did just yesterday
has cron jobs in /etc/cron.d/ that require the "cron" package.

What are you typing to edit root's crontab? What output do you get
that you don't expect?


crontab -e

Bash tells me that the "crontab" command wasn't found.

dpkg -l |grep cron returned nothing.

Re: Bookworm - cron?

[Steve Sobol]

On 2023-08-05 13:23, Michael Kjörling wrote:

On 5 Aug 2023 22:13 +0200, from johndoe65...@mail.com (john doe):

But cron isn't installed.


I just install a new Bookworm VM and 'cron' is present! :)


Ditto. That must be some customization your VPS provider has made, if
the installation didn't somehow fail.


I'll talk to them. The VPS was acting quite strangely, anyhow, and 
rather than fight with Bookworm, I nuked the VPS and created another one 
from their bullseye image.



Or you could ask your VPS provider why they aren't providing
"important" packages in their default image.


This is the first time it's happened. Of the Linux images I've used 
there, Ubuntu 14.04, 16.04, 18.04, 20.04, 22.04, and Debian bullseye all 
shipped with cron properly installed. Come to think of it... I just 
checked a local bookworm VM I'm running at home, and it has cron 
installed, too. I'll open a ticket.


Thanks :)

Re: Gradle version in bookworm

[Steve Sobol]

On 2023-08-05 12:12, Anders Andersson wrote:



Impossible, fake news. It's Java. When I still coded C and assembly in
the nineties everyone told me that Java would solve the issue of
portability forever. Write once, run anywhere! Just run it, no
worries!


Ahhh... I don't know what com.gradle.enterprise is, but I'm guessing 
it's not in the Gradle distributions I download from gradle.org.


So, before you share any more snark about Java... I'm running Gradle 8 
on at least one Debian VPS. And all I had to do was download it, untar 
and put it somewhere, and ensure that I had a recent JVM on that server.


Note that I downloaded the OSS version of Gradle from gradle.org, not 
Gradle Enterprise from gradle.com.

Re: Gradle version in bookworm

[Steve Sobol]

On 2023-08-05 09:50, Roberto C. Sánchez wrote:


However, it seems like there are rather serious blocking issues that
have halted progress.


When I need Gradle (whether on Mac, Linux or Windows), I just download 
the latest version, put it somewhere and use it. I do the same thing 
with Java VMs.


Gradle 4 is beyond ancient. The Bullseye VPS I'm looking at right now is 
running Gradle 8.0.2.

Bookworm - cron?

[Steve Sobol]

Crazy question:

My VPS provider just started offering bookworm images. So when I set up 
a new server yesterday, I installed bookworm.


Part of my standard procedure for setting up new VMs involves editing 
root's crontab.


But cron isn't installed.

What am I expected to use instead? (I assume that I *could* install 
cron, but there must be a reason it's not installed by default anymore, 
right?)


Thanks :)

Re: Feeds aren't yet dead (Was: Re: perl module listgarden)

[Steve McIntyre]

Andy Smith wrote:
>On Thu, Aug 03, 2023 at 06:23:15PM +, Russell L. Harris wrote:
>> On Thu, Aug 03, 2023 at 05:29:33PM +, Andy Smith wrote:
>> > On Thu, Aug 03, 2023 at 03:07:47AM +, Russell L. Harris wrote:
>> > > For that matter, is RSS still in use?
>> > 
>> > $ r2e list | wc -l
>> > 72
>> 
>> Andy, I don't understand; kindly explain.
>
>I am notified about new posts to feeds that I follow by rss2email. I
>have 72 feeds that I actively follow.
>
>> But I am a dinosaur, and I am not sure that RSS still is vital or even
>> helpful to a web site; therefore my query.
>
>It is niche but very appreciated by those of us that use it.
>Basically if I like a blog or similar service then I like to follow
>it. But I will never see new postings unless they have a feed, or if
>I follow them on Fediverse. I'm not going to sit there reloading 72
>web sites every day.
>
>(Doesn't have to be RSS; any feed tech like Atom is fine also)

Similar here. I'm using FreshRSS daily to pick up on RSS/atom feeds
from all over the place...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Re: les adresses d'expéditeur dans thunderbird

[steve]

Le 30-07-2023, à 13:45:44 +0200, hamster a écrit :

Je rève d'un système ou on pourrait renseigner (par exemple dans le 
carnet d'adresses) pour chaque destinataire avec quelle adresse 
d'expédition on veut lui écrire, et qu'il se charge automatiquement de 
mettre la bonne adresse d'expéditeur. Je veux dire qu'on puisse 
envoyer un message en mettant plusieurs destinataires différents en 
meme temps, et que ca parte pour chaque destinataire avec la bonne 
adresse d'expéditeur.


mutt

Re: Utilisateurs de Free/Zimbra, merci de faire un effort :-)

[steve]

Le 30-07-2023, à 13:24:07 +0200, Jean-François Bachelet a écrit :

pas trouvé comment le forcer à respecter l'adresse de retour des 
mails, il le fait quand il en a envie ici... (oui j'ai douze adresses 
différentes...)



Je n'utilise pas Thunderbird pour les listes de diffusion, donc je vais
peut-être dire une connerie, mais est-ce que la variable de TB
mail.override_list_reply_to est positionnée à false ?

Re: [OT] connect to Amazon AWS service

[Steve Sobol]

On 2023-07-28 08:46, Haines Brown wrote:

Sorry for a quetion not directly related to Debian, but where else
to turn?

I've used an on line validation servce to which I submit code. It
terminated with the note that it has now become a web service on the
Amazon EC2 Web Service. I registered for this cloud sercice, but have
no idea how to access an instance created by someone else.


I'm not sure what you're asking. You don't have access to anyone else's 
AWS resources unless someone gives you access to theirs.

Re: Networkmanager en mode console

[steve]

Le 26-07-2023, à 18:35:46 +0200, Michel Verdier a écrit :


Le 26 juillet 2023 ajh-valmer a écrit :


La connexion réseau en mode recovery est très importante,
c'est dans ce mode que l'on fait "apt upgrade" et surtout pour
"apt dist-upgrade" ou "apt  full-upgrade.


Pas évident. Si le boot peut se poursuivre assez pour faire un apt c'est
que le root est monté et donc que le réseau a été ou peut être lancé.


C'est évident, comment installer le firmware, pilote graphique,
si Xorg ne les a pas.


En bootant complètement mais en restant en console. Avec une install
classique ctrl-alt-f1 ... ctrl-alt-f5 pour accéder aux consoles.
Et si X bloque le désactiver en mode recovery puis continuer le boot pour
rester en console.


Évident, pour qui a creusé un poil…

Re: Networkmanager en mode console

[steve]

Le 26-07-2023, à 15:57:07 +0200, ajh-valmer a écrit :


Le 26 juillet 2023 ajh-valmer a écrit :
> lorsque je boote Debian-12  en mode console (recovery),
> sans Xorg, le réseau ne fonctionne plus,


On Wednesday 26 July 2023 15:32:01 Michel Verdier wrote:

Je ne suis pas sûr mais n'est-ce pas le fonctionnement normal du recovery ?
Il est là pour rétablir un système bootable, notamment le mount du
root qui normalement doit être en read-only à ce stade.


La connexion réseau en mode recovery est très importante,
c'est dans ce mode que l'on fait "apt upgrade" et surtout pour
"apt dist-upgrade" ou "apt  full-upgrade.
C'est évident, comment installer le firmware, pilote graphique,
si Xorg ne les a pas.
C'était ma question, pourquoi networkmanager ne connecte pas
en boot recovery ?



C'est un choix, réfléchi, pas de réseau en mode recovery. Si tu en as
besoin, tu le montes manuellement.

Re: Code de conduite [Was: Re: Comment router le trafic réseau finement]

[steve]

Le 26-07-2023, à 13:47:14 +0200, Michel Verdier a écrit :


(bon le bonheur pour moi s'appelle gnus :) désolé pour mutt)


(je me lance… nan ;-))

Re: Code de conduite [Was: Re: Comment router le trafic réseau finement]

[steve]

Le 26-07-2023, à 13:26:09 +0200, RogerT a écrit :





Le 26 juil. 2023 à 12:54, NoSpam  a écrit :



Le 26/07/2023 à 12:42, RogerT a écrit :
J’ai ressorti Thunderbird pour voir si ça aidait à la mise en forme
(des messages…). Je n’ai pas encore trouvé la manière de le
configurer correctement pour ça. Mon vieil Outlook me semble plus
familier

Ici c'est thunderbird, aucun problème.


Avec le réglage fourni à l’installation, ou encore avec un savant réglage ?


Un logiciel publié avec des valeurs par défaut ne va jamais répondre à
tous les cas d'usage possibles et imaginables. Il faut donc passer un
peu de temps à le régler pour qu'il réponde à ses propres besoins.

Est-ce que cela répond à ta question ?

Re: Code de conduite [Was: Re: Comment router le trafic réseau finement]

[steve]

Le 26-07-2023, à 12:42:56 +0200, RogerT a écrit :


PS : Actuellement, ne fait-on pas du middle posting (ou interleaved posting) ?
(si le bottom posting consiste à répondre entièrement en dessous du message 
précédent).


On répond sous le texte auquel on veut répondre, peu importe qu'il en
reste au-dessous, on peut appeler cela du correct-posting si tu veux :)

Re: Code de conduite [Was: Re: Comment router le trafic réseau finement]

[steve]

Le 26-07-2023, à 11:56:20 +0200, RogerT a écrit :


Merci de ton retour.
En effet, je crois qu’on aborde des points utiles pour beaucoup en
matière de réseau.


Oui, c'est très intéressant, et Michel amène beaucoup et de manière très
claire, merci à lui.l


Top posting : ok. tu voudrais du bottom-posting où les échanges se
succèdent avec le plus ancien en bas.


Oui, c'est en effet ce qui se fait fait très largement. Les avantages
ne sont plus à démontrer


Bonne conduite.  Je ne crois pas qu’il y ait eu de mauvaise conduite !


En effet vous savez vous tenir :) Le terme utilisé ici est très général.


Mon client webmail zimbra.free.fr ne respecte apparemment pas
correctement l’indentation et le retour à la ligne, sauf en texte brut.


Participer à une liste de diffusion Debian (mais pas que) avec un
webmail est un exercice pour le moins sportif …  ;-)


Mon client de smartphone respecte l’indentation.


Lequel est-ce ?


Quel client de messagerie recommandes-tu (recommandez-vous) qui fasse
correctement une mise en forme idéale pour une liste de discussion ?


J'utilise mutt et vim pour la rédaction, mais c'est très personnel.
Beaucoup le font pas trop mal, mais il faut passer un peu de temps sur
la configuration pour obtenir ce que l'on recherche…



Y a-t-il autre chose à corriger ?


C'est bien d'effacer tout ce qui n'est plus utile dans un échange, cela
clarifie le discours, mais de nouveau ça prend un peu de temps. J'essaie
toujours de me mettre à la place de mes lecteurs quand je rédige, ça
aide à structurer son texte.

Merci pour l'ouverture d'esprit !

s.

Code de conduite [Was: Re: Comment router le trafic réseau finement]

[steve]

Bonjour,

Cette conversation est très intéressante, malheureusement le top-posting
et le formatage de ces échanges rendent son suivi difficile. Serait-il
possible de faire quelques efforts pour respecter un minimum les règles
énoncées ici

https://www.debian.org/MailingLists/

et ici

https://www.debian.org/code_of_conduct

Merci d'avance.

s.

Re: Connexion ethernet qui saute sans raison

[steve]

Le 22-07-2023, à 17:16:57 +0200, ajh-valmer a écrit :


On Saturday 22 July 2023 13:08:04 steve wrote:

>> J'utilise NetworkManager, donc rien dans /etc/network/interfaces :


En diézant complètement "/etc/network/interfaces",
au reboot le réseau est bien connecté sur eth0.
Cependant, j'ai 3 cartes réseau, eth0, eth1 et WiFi,
et comment NetworkManager choisit-il la connexion réseau ?


Sur la page de Connexion de NetWorkManager, il y a une option dans
l'onglet Configuration générale qui permet de spécifier cela :

Se connecter automatiquement avec priorité …

Re: Connexion ethernet qui saute sans raison

[steve]

Le 22-07-2023, à 12:55:08 +0200, ajh-valmer a écrit :


On Saturday 22 July 2023 12:31:37 steve wrote:

En tous cas, c'est sympa d'avoir pris le temps de répondre :

Non, c'est normal, et sympa de remercier.


Oui ça se perd hein  ;-)


Le 22-07-2023, à 11:45:12 +0200, ajh-valmer a écrit :
J'utilise NetworkManager, donc rien dans /etc/network/interfaces :


Moi aussi, mais le fichier "/etc/network/interfaces" semble utile.


Sur cette page (https://wiki.debian.org/NetworkManager) :

NetworkManager will only handle interfaces not declared in 
/etc/network/interfaces (see README file).

cat /etc/network/interfaces
(vide)



# apt-cache policy network-manager
network-manager:
Installed: 1.42.4-1
# ps aux|grep network-manager
m'indique qu'il n'est pas lancé dans les processus.


ps aux | grep -i net
root1318  0.2  0.0 260036 21276 ?Ssl  08:37   0:33 
/usr/sbin/NetworkManager --no-daemon

(faut chercher correctement :-))


Par contre, l'icône de "network-manager" figure dans la barre
des tâches en bas à droite permettant configuration mais ça a l'air
capricieux.


C'est qu'on lit partout, mais honnêtement, une fois configuré, je n'y
touche plus du tout. Là je m'y suis intéressé à cause de ce problème de
connexion qui saute.

Re: Connexion ethernet qui saute sans raison

[steve]

Le 22-07-2023, à 11:45:12 +0200, ajh-valmer a écrit :


On Friday 21 July 2023 20:42:26 steve wrote:

J'ai deux cartes ethernet sur la machine, mais j'en utilise qu'une
seule. J'ai donc essayé d'inverser le câble rj45, le client dhcp cherche
une ip, en trouve une, puis 4 secondes plus tard, se déconnecte.
Si quelqu'un a une piste…


Hello,
Une des 2 cartes réseau défaillante ?
(ou mal reconnue post mise à jour).


Non je n'ai pas l'impression, mais je vais quand même creuser cette
piste.


Repérer celle qui ne l'est pas et retirer l'autre.
Vérifier le fichier "/etc/network/interfaces"
enlever le paragraphe de celle défaillante,
puis ifdown eth0, ifdown eth1
(selon n° eth).
ifup eth(X) (celle qui fonctionne).


J'utilise NetworkManager, donc rien dans /etc/network/interfaces


Hope it helps...



En tous cas, c'est sympa d'avoir pris le temps de répondre.

Connexion ethernet qui saute sans raison

[steve]

Salut la liste,

Comme dit dans le sujet, ça arrive sans crier gare, sans avoir fait de
mise à jour, sans raison (apparente).

Ce matin, connecté comme d'habitude et vers 11h, plus de connexion.

J'ai deux cartes ethernet sur la machine, mais j'en utilise qu'une
seule. J'ai donc essayé d'inverser le câble rj45, le client dhcp cherche
une ip, en trouve une, puis 4 secondes plus tard, se déconnecte.

J'ai redémarré le retour plusieurs fois, supprimé le bail dhcp actif,
redémarré la machine, etc, toujours le même truc, ça se connecte puis ça
se déconnecte 3-4 secondes plus tard.

Dépité, je me suis dit que c'était peut-être la dernière mise à jour qui
a amené un bug sournois mais comme je n'avais plus de réseau via
ethernet, je suis allé fouiller dans les cartons pour retrouver
l'antenne wifi, puis réactivé le contrôleur wifi dans le Bios,
redémarré, mais il n'y avait pas d'interface wifi, bien que le pilote
wifi (ath10_pci, lspci -k l'a montré) ait bien été chargé. Après un
moment à avoir cherché à monter cette interface, j'ai rebranché le câble
ethernet, et Ô miracle, la connexion s'est faite et tenait !
(Entre-temps j'ai redémmaré sur un noyau plus ancien, le 6.1.0-9, en
espérant que ça améliore les choses, mais même comportement).

J'ai déjà eu ce genre de choses par le passé, peut-être une fois tous
les trois mois, et c'est toujours revenu après un moment. J'ai pensé que
c'était un problème lié au serveur dhcp de mon routeur, mais en
attribuant une IP manuellement, ça ne changeait rien.


Maintenant ça marche, mais j'aimerais bien comprendre.

Si quelqu'un a une piste…

Merci et très belle soirée !

s.

Re: Gimp 2.10 en français impossible

[steve]

Salut,

Sauf erreur, les fichiers de configurations de Gimp sous bookworm se
trouvent dans ~/.config/GIMP/2.10/. Dans ce répertoire, il y a un
fichier gimprc où tu devrais pouvoir ajouter une ligne

(language fr)

et ça devrait marcher.

Par contre, c'est une bidouille parce que gimp est censé détecter la
langue de ton système automatiquement. Peut-être que les deux
répertoires ~/.gimp-2.6 et ~/.gimp-2.8 interfèrent et leur suppression
pourrait aider. Essaie déjà de les déplacer et vois si ça change quelque
chose.

J'espère que ça aide.

Re: WiFi Mac mini.

[steve]

Le 11-07-2023, à 12:32:09 +0200, ilario.quinson@e.email a écrit :


Ce que je t'ai indiqué est juste ce qu'il faut, j'ai éliminé tout le
reste. Tu peux donc copier-coller ce que j'ai mis dans le fichiers
/etc/apt/sources.list.



Ah bon je n'avais pas compris grand chose.


C'est normal au début, on est tous passé par là.

Pour revenir à ton sources.list, c'est un fichier que tu ne modifies que
quand une nouvelle version de Debian est publiée (ou presque). Avec ce
que je t'ai indiqué, ton système sera dans la version stable dont le
surnom est Bookworm. Peut-être que plus tard, tu voudras tester la
branche « testing » ou même « unstable », ou encore faire un mélange de
plusieurs branches, et à ce moment-là seulement, tu devras modifier ce
fichier. Mais pour une utilisation « normale », ce que je t'ai donné
suffit amplement.

s.

Re: WiFi Mac mini.

[steve]

Le 11-07-2023, à 08:48:16 +0200, Ilario Quinson a écrit :



je ne retrouve pas correspondance entre tes indications et mon fichier.

Je dois effacer ce que je vien de rajouter et coller simplement ta 
correction?



Ce que je t'ai indiqué est juste ce qu'il faut, j'ai éliminé tout le
reste. Tu peux donc copier-coller ce que j'ai mis dans le fichiers
/etc/apt/sources.list.

Re: WiFi Mac mini.

[steve]

Salut,

Le 10-07-2023, à 18:43:34 +0200, Ilario Quinson a écrit :



Mon fichier source.list est:


Corrigé ci-dessous. Les lignes commençant par deb-src ne sont utiles QUE
si tu vas compiler des programmes. Commentes-les avec un # si tu ne vas
pas faire ça.

/etc/apt/sources.list :


deb http://deb.debian.org/debian/ bookworm main contrib non-free 
non-free-firmware
#deb-src http://deb.debian.org/debian/ bookworm main contrib non-free 
non-free-firmware

deb http://security.debian.org/debian-security bookworm-security main contrib 
non-free non-free-firmware
#deb-src http://security.debian.org/debian-security bookworm-security main 
contrib non-free non-free-firmware


Ensuite:

sudo apt update
sudo apt upgrade

Peut-être

sudo apt full-upgrade

puis nettoyage

sudo apt clean
sudo apt autoremove


Si nouveau noyau (tu peux vérifier avant avec 'uname -a'):

sudo shutdown -r now

sinon, c'est bon comme ça.

Hope it helps.

s.

Re: When to sudo apt clean?

[Steve Sobol]

On 2023-06-27 10:54, David Wright wrote:

On Fri 23 Jun 2023 at 15:51:31 (-0700), Steve Sobol wrote:

On 2023-06-23 15:26, Emanuel Berg wrote:
> Steve Sobol wrote:
>
> > > In general people don't want to dist-upgrade automatically.
> >
> > Seconded.
>
> I'm not following, when these functions are invoked, be it
> scheduled by some other software or by the user from the shell,
> they are intended to do their work automatically
> (non-interactively) if that is what you mean?

Dist-upgrade makes major changes to your system, updating dozens of
packages, and pointing the OS at different APT repos.


Yes, but only if you've changed the codename in your sources.list
(or after a new release if you use the suite names).


Maybe I'm thinking of do-release-upgrade, then.

I am still not comfortable automating OS updates.

Re: php7.4 on bookworm

[Steve Sobol]

On 2023-06-26 00:52, Markus Schönhaber wrote:


I don't know if that somehow qualifies as "best practice" but Ondřej
Surý packages different PHP versions for Debian and Ubuntu one can
install side-by-side:

https://sury.org/


I can vouch for the quality of the Sury packages. I've used them for 
years.



That said: Upgrading the website to use a upstream-supported version
of PHP would probably be really "best practice".


But yes, upgrading is your best bet.

Re: When to sudo apt clean?

[Steve Sobol]

On 2023-06-23 21:59, to...@tuxteam.de wrote:

On Fri, Jun 23, 2023 at 05:29:22PM -0700, Steve Sobol wrote:

[...]

I'd much rather err on the side of extreme caution. If something goes 
bump,

I'm screwed.


To be fair, autoremove can improve safety: when it removes old kernel 
versions

filling up your boot partition.


Yes. My comment was about dist-upgrade, not autoremove.

Re: When to sudo apt clean?

[Steve Sobol]

On 2023-06-23 16:54, Emanuel Berg wrote:


Ah, don't worry, it is safe, I've done it a lot.


I don't doubt that it is quite safe, most of the time.

But I run my servers on Ubuntu and Debian. (Mostly Ubuntu right now; 
slowly migrating to Debian.)


I get paid for hosting, as well as work I do that requires the use of my 
VPS's.


I'd much rather err on the side of extreme caution. If something goes 
bump, I'm screwed.




But actually even if something goes wrong, it is still a good
idea since then it is the upgrade process that must be
debugged at the other end, the command is fine.


Spoken like someone who doesn't run live servers in production... :)

Re: When to sudo apt clean?

[Steve Sobol]

On 2023-06-23 15:26, Emanuel Berg wrote:

Steve Sobol wrote:


In general people don't want to dist-upgrade automatically.


Seconded.


I'm not following, when these functions are invoked, be it
scheduled by some other software or by the user from the shell,
they are intended to do their work automatically
(non-interactively) if that is what you mean?


Dist-upgrade makes major changes to your system, updating dozens of 
packages, and pointing the OS at different APT repos.


(Debian, and downstream distros like Ubuntu, have separate repos for 
each release.)


Automating such changes would be a very bad idea.

Personally, I avoid doing in-place upgrades from one Debian/Ubuntu 
release to another. Given the low cost and quick turnaround time 
involved in spinning up a new VPS, I will almost always spin up a new VM 
instead, and move services and data from the old one to the new one. But 
if I have to do an in-place upgrade, I'm going to sit and watch it 
happen... just in case something goes wrong.

Re: When to sudo apt clean?

[Steve Sobol]

On 2023-06-23 14:14, Dan Ritter wrote:


It seems unlikely to me that you want to do an autoremove before
you have done an upgrade.


I'd not say unwise. Useless, pointless, perhaps; but it doesn't hurt 
anything.


autoremove removes packages that were installed as dependencies of other 
packages that were "orphaned" (meaning any package(s) that installed 
those dependent packages are no longer installed). Running it two or 
more times in a row, or running it when you haven't uninstalled packages 
since the last time you ran autoremove, is pointless, but will have 
absolutely no effect.



In general people don't want to dist-upgrade automatically.


Seconded.

Re: How does the bookworm amd64 netinst 738MB iso fit into a 700MB cd-r?

[Steve McIntyre]

j...@jretrading.com wrote:
>On Mon, 19 Jun 2023 11:30:04 +0100
>Steve McIntyre  wrote:
>
>> ssmcmlxx+debianu...@gmail.com wrote:
>> >I tried to write the debian-12.0.0-amd64-netinst.iso to cd using
>> >cdrskin and xorriso but they both refused my command.  
>> 
>> Apologies, it's just too large at this point. Adding all the firmware
>> made things grow too much. We have some ideas on how to fix this, and
>> I hope that the 12.1 images will work better.
>> 
>
>Is compression practical in this case? Tom used to get 1.7MB on a 1.44MB
>floppy, and Knoppix claims to put 2GB on a live CD.

Just about everything on the media is already heavily compressed,
e.g. xz for data inside the .deb packages.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: How does the bookworm amd64 netinst 738MB iso fit into a 700MB cd-r?

[Steve McIntyre]

ssmcmlxx+debianu...@gmail.com wrote:
>I tried to write the debian-12.0.0-amd64-netinst.iso to cd using
>cdrskin and xorriso but they both refused my command.

Apologies, it's just too large at this point. Adding all the firmware
made things grow too much. We have some ideas on how to fix this, and
I hope that the 12.1 images will work better.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: exim - bad file descriptor

[steve]

Le 12-06-2023, à 21:25:40 +0200, Michel Verdier a écrit :


On 2023-06-11, steve wrote:


After a few days with this configuration, same errors are still present.

I guess I'll have either to reinstall or go the postfix way.


Just to be sure before you reinstall can you provide
exim -bP | grep syslog


syslog_duplication


Docs indicate it "controls duplicate log lines on syslog".
So adding syslog don't resolve the problem.

Sorry I don't have exim installed here and I can't help you more.
Try a purge+install. Perhaps after upgrading to bookworm :)


I've been a happy bookworm user for months already :)

Will give postfix a try one of these days.

Have a nice day

Re: exim - bad file descriptor

[steve]

Hi Michel,

Le 10-06-2023, à 11:19:25 +0200, Michel Verdier a écrit :


On 2023-06-10, steve wrote:


Hi Michel and al,

After a few days with this configuration, same errors are still present.

I guess I'll have either to reinstall or go the postfix way.


Just to be sure before you reinstall can you provide
exim -bP | grep syslog


syslog_duplication
syslog_facility =
syslog_pid
syslog_processname = exim
syslog_timestamp

Re: exim - bad file descriptor

[steve]

Hi Michel and al,

After a few days with this configuration, same errors are still present.

I guess I'll have either to reinstall or go the postfix way.

Have a nice day,

steve

Le 05-06-2023, à 10:50:00 +0200, Michel Verdier a écrit :


Le 5 juin 2023 Steve a écrit :


if one succeed without message and with code 0, add in
/etc/logrotate.d/exim4-base and /etc/logrotate.d/exim4-paniclog

   postrotate
   systemctl  exim4-base
   endscript

if you add reload but still get the error try restart, I don't know if
the reload free the files


Since this is a vanilla setup, I might as well uninstall and purge exim4
and re-install it (or postfix), what do you think?


Yes I wonder why debian don't add the postrotate.
But there is a specific package exim4-config. So you can do
dpkg-reconfigure exim4-config
you should ask to use syslog and not direct logging
it will add log_file_path in config files (you can check after)

I only use postfix for me and clients for a long time, so don't ask me :
postfix rules :)

Re: exim - bad file descriptor

[Steve]

Le 05-06-2023, à 10:50:00 +0200, Michel Verdier a écrit :


Le 5 juin 2023 Steve a écrit :


if one succeed without message and with code 0, add in
/etc/logrotate.d/exim4-base and /etc/logrotate.d/exim4-paniclog

   postrotate
   systemctl  exim4-base
   endscript

if you add reload but still get the error try restart, I don't know if
the reload free the files


Since this is a vanilla setup, I might as well uninstall and purge exim4
and re-install it (or postfix), what do you think?


Yes I wonder why debian don't add the postrotate.
But there is a specific package exim4-config. So you can do
dpkg-reconfigure exim4-config


Just did that, left unchanged except for the minimize DNS request, which
I enabled.


you should ask to use syslog and not direct logging


I did.


it will add log_file_path in config files (you can check after)


Now:

log_file_path = /var/log/exim4/%slog


I only use postfix for me and clients for a long time, so don't ask me :
postfix rules :)


Maybe another story later… :)

Re: exim - bad file descriptor

[Steve]

Le 05-06-2023, à 10:21:52 +0200, Michel Verdier a écrit :


Le 5 juin 2023 Steve a écrit :


Merci pour ton aide Michel.


De rien :) Let's continue in english for the list


Sure.


log_file_path = /var/log/exim4/%slog
log_selector = +smtp_protocol_error +smtp_syntax_error 
+tls_certificate_verified +tls_peerdn


exim writes directly to the logfiles. If you get the error almost every
day it can be because of the rotation.


This error appears everyday. I boot my machine every morning at 6 am.


I don't know it exim provide a reload command, so try

systemctl reload exim4-base


systemctl reload exim4-base.service
Failed to reload exim4-base.service: Job type reload is not applicable for unit 
exim4-base.service.

systemctl status exim4-base.service
○ exim4-base.service - exim4-base housekeeping
 Loaded: loaded (/lib/systemd/system/exim4-base.service; static)
 Active: inactive (dead)
TriggeredBy: ● exim4-base.timer
   Docs: man:exim4(8)





it should be exim4-base but if the service is not found type exim and TAB
to find the actual service name

if it fails try

systemctl restart exim4-base


I stopped and restarted the service. Now I get:

 systemctl status exim4-base.service
○ exim4-base.service - exim4-base housekeeping
 Loaded: loaded (/lib/systemd/system/exim4-base.service; static)
 Active: inactive (dead) since Mon 2023-06-05 10:29:02 CEST; 35s ago
TriggeredBy: ● exim4-base.timer
   Docs: man:exim4(8)
Process: 41181 ExecStart=/etc/cron.daily/exim4-base systemd-timer 
(code=exited, status=0/SUCCESS)
   Main PID: 41181 (code=exited, status=0/SUCCESS)
CPU: 63ms

jun 05 10:29:02 box.lan systemd[1]: Starting exim4-base.service - exim4-base 
housekeeping...
jun 05 10:29:02 box.lan systemd[1]: exim4-base.service: Deactivated 
successfully.
jun 05 10:29:02 box.lan systemd[1]: Finished exim4-base.service - exim4-base 
housekeeping.



if one succeed without message and with code 0, add in
/etc/logrotate.d/exim4-base and /etc/logrotate.d/exim4-paniclog

   postrotate
   systemctl  exim4-base
   endscript

if you add reload but still get the error try restart, I don't know if
the reload free the files



Since this is a vanilla setup, I might as well uninstall and purge exim4
and re-install it (or postfix), what do you think?

Re: exim - bad file descriptor

[Steve]

Le 05-06-2023, à 09:09:05 +0200, Michel Verdier a écrit :


Le 5 juin 2023 Steve a écrit :


Yes, nothing is done after rotation. But I don't remember the default
exim logging mechanism. Can you provide

grep -r log_file_path /etc/exim*


This gives nothing.


Then can you provide
exim -bP
(snip ip adresses if you want)


See attached file.

Merci pour ton aide Michel.
accept_8bitmime
acl_not_smtp = 
acl_not_smtp_start = 
acl_smtp_auth = 
acl_smtp_connect = 
acl_smtp_data = acl_check_data
acl_smtp_data_prdr = accept
acl_smtp_dkim = 
acl_smtp_etrn = 
acl_smtp_expn = 
acl_smtp_helo = 
acl_smtp_mail = acl_check_mail
acl_smtp_mailauth = 
acl_smtp_notquit = 
acl_smtp_predata = 
acl_smtp_quit = 
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_starttls = 
acl_smtp_vrfy = 
add_environment = 
admin_groups =
no_allow_domain_literals
no_allow_mx_to_ip
no_allow_utf8_domains
auth_advertise_hosts = *
auto_thaw = 0s
bi_command = 
bounce_message_file = 
bounce_message_text = 
bounce_return_body
bounce_return_linesize_limit = 998
bounce_return_message
bounce_return_size_limit = 100K
bounce_sender_authentication = 
callout_domain_negative_expire = 3h
callout_domain_positive_expire = 1w
callout_negative_expire = 2h
callout_positive_expire = 1d
callout_random_local_part = $primary_hostname-$tod_epoch-testing
check_log_inodes = 100
check_log_space = 10M
check_rfc2047_length
check_spool_inodes = 100
check_spool_space = 10M
chunking_advertise_hosts = *
no_commandline_checks_require_admin
daemon_smtp_ports = smtp
daemon_startup_retries = 9
daemon_startup_sleep = 30s
no_debug_store
delay_warning = 1d
delay_warning_condition = ${if or {{ 
!eq{$h_list-id:$h_list-post:$h_list-subscribe:}{} }{ 
match{$h_precedence:}{(?i)bulk|list|junk} }{ 
match{$h_auto-submitted:}{(?i)auto-generated|auto-replied} }} {no}{yes}}
no_deliver_drop_privilege
deliver_queue_load_max =
delivery_date_remove
no_disable_ipv6
dkim_verify_hashes = sha256:sha512
dkim_verify_keytypes = ed25519:rsa
dkim_verify_min_keysizes = rsa=1024 ed25519=250
no_dkim_verify_minimal
dkim_verify_signers = $dkim_signers
dns_again_means_nonexist = 
dns_check_names_pattern = (?i)^(?>(?(1)\.|())[^\W](?>[a-z0-9/_-]*[^\W])?)+(\.?)$
dns_cname_loops = 1
dns_csa_search_limit = 5
dns_csa_use_reverse
dns_dnssec_ok = 1
dns_ipv4_lookup = 
dns_retrans = 0s
dns_retry = 0
dns_trust_aa = 
dns_use_edns0 = -1
no_drop_cr
dsn_advertise_hosts = 
dsn_from = Mail Delivery System 
envelope_to_remove
errors_copy = 
errors_reply_to = 
event_action = 
exim_group = Debian-exim
exim_path = /usr/sbin/exim4
exim_user = Debian-exim
exim_version = 4.96
extra_local_interfaces = 
extract_addresses_remove_arguments
finduser_retries = 0
freeze_tell = postmaster
gecos_name = $1
gecos_pattern = ^([^,:]*)
no_gnutls_allow_auto_pkcs11
no_gnutls_compat_mode
header_line_maxsize = 0
header_maxsize = 1048576
headers_charset = UTF-8
helo_accept_junk_hosts = 
helo_allow_chars = 
helo_lookup_domains = @ : @[]
helo_try_verify_hosts = 
helo_verify_hosts = 
hold_domains = 
host_lookup = *
host_lookup_order = bydns:byaddr
host_reject_connection = 
hosts_connection_nolog = 
hosts_require_alpn = 
hosts_require_helo = *
hosts_treat_as_local = 
ignore_bounce_errors_after = 2d
ignore_fromline_hosts = 
no_ignore_fromline_local
keep_environment = 
keep_malformed = 4d
no_local_from_check
local_from_prefix = 
local_from_suffix = 
local_interfaces = <; 127.0.0.1 ; ::1
local_scan_path = 
local_scan_timeout = 5m
local_sender_retain
localhost_number = 
log_file_path = /var/log/exim4/%slog
log_selector = +smtp_protocol_error +smtp_syntax_error 
+tls_certificate_verified +tls_peerdn
no_log_timezone
lookup_open_max = 25
max_username_length = 0
no_message_body_newlines
message_body_visible = 500
message_id_header_domain = 
message_id_header_text = 
message_logs
message_size_limit = 50M
no_move_frozen_messages
no_mua_wrapper
never_users =
notifier_socket = $spool_directory/exim_daemon_notify
openssl_options = 
percent_hack_domains = 
pid_file_path = /run/exim4/exim.pid
pipelining_advertise_hosts = *
pipelining_connect_advertise_hosts = *
prdr_enable
no_preserve_message_logs
primary_hostname = box.lan
no_print_topbitchars
process_log_path = /var/spool/exim4/exim-process.info
prod_requires_admin
qualify_domain = box.lan
qualify_recipient = box.lan
queue_domains = 
no_queue_fast_ramp
queue_list_requires_admin
no_queue_only
queue_only_file = 
queue_only_load =
queue_only_load_latch
queue_only_override
no_queue_run_in_order
queue_run_max = 5
queue_smtp_domains = 
receive_timeout = 0s
received_header_text = Received: ${if def:sender_rcvhost {from 
$sender_rcvhost\n\t}{${if def:sender_ident {from 
${quote_local_part:$sender_ident} }}${if def:sender_helo_name 
{(helo=$sender_helo_name)\n\tby $primary_hostname ${if 
def:received_protocol {with $received_protocol }}${if def:tls_in_ver{ 
($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std\n\t}}(Exim 
$version_number)\n\t${if def:sender_address {(envelope-from 
<$sender_addre

Re: exim - bad file descriptor

[Steve]

Le 04-06-2023, à 19:11:57 +0200, Michel Verdier a écrit :


Le 4 juin 2023 Steve a écrit :


Does this help?


Yes, nothing is done after rotation. But I don't remember the default
exim logging mechanism. Can you provide

grep -r log_file_path /etc/exim*


This gives nothing.

Re: exim - bad file descriptor

[Steve]

Le 04-06-2023, à 14:30:08 +0200, Michel Verdier a écrit :


Le 4 juin 2023 Steve a écrit :


2023-06-04T06:30:54.117016+02:00 box exim[24894]: 2023-06-04 06:30:54 
1q5fOD-0006TT-2C failed to write to main log: length=91 result=-1 errno=9 (Bad 
file descriptor)
2023-06-04T06:30:54.150516+02:00 box exim[24894]: write failed on panic log: 
length=116 result=-1 errno=9 (Bad file descriptor)
jun 04 06:30:54 box.lan exim[24894]: 2023-06-04 06:30:54 1q5fOD-0006TT-2C 
failed to write to main log: length=91 result=-1 errno=9 (Bad file descriptor)
jun 04 06:30:54 box.lan exim[24894]: write failed on panic log: length=116 
result=-1 errno=9 (Bad file descriptor)


6h25 is the usual hour for cron.daily launching logrotate.
Check in /etc/logrotate.d/ if exim is reloaded/restarted after rotation.


cat /etc/logrotate.d/exim4-base
/var/log/exim4/mainlog /var/log/exim4/rejectlog {
daily
missingok
rotate 10
compress
delaycompress
notifempty
nocreate
}


cat /etc/logrotate.d/exim4-paniclog
/var/log/exim4/paniclog {
size 10M
missingok
rotate 10
compress
delaycompress
notifempty
nocreate
}

Does this help?

exim - bad file descriptor

[Steve]

Hi,

Running Debian bookworm fully updated.

Since a couple of weeks, i see strange lines in the logs:

2023-06-04T06:30:54.117016+02:00 box exim[24894]: 2023-06-04 06:30:54 
1q5fOD-0006TT-2C failed to write to main log: length=91 result=-1 errno=9 (Bad 
file descriptor)
2023-06-04T06:30:54.150516+02:00 box exim[24894]: write failed on panic log: 
length=116 result=-1 errno=9 (Bad file descriptor)
jun 04 06:30:54 box.lan exim[24894]: 2023-06-04 06:30:54 1q5fOD-0006TT-2C 
failed to write to main log: length=91 result=-1 errno=9 (Bad file descriptor)
jun 04 06:30:54 box.lan exim[24894]: write failed on panic log: length=116 
result=-1 errno=9 (Bad file descriptor)

Exim seems to work ok for internal mail.

Looked for information on the Net but didn't find anything that helped.

The setup must be Debian standard since I haven't tweaked any config
files (I don't know how to do that and I don't have any reason to do it,
I'm just using exim as internal mta).

It seems that /var/log/exim4/mainlog is filling up normally. I don't see
any panic log file in there though (what is a panic log). /var has
enough space left.

Why am I receiving the bad file desciptor log?

Thanks.

s.

Re: HS: pourquoi les disques SSD sont peu utilisé dans les serveurs

[steve]

Bonjour,

Infomaniak, un des plus gros hébergeurs de Suisse (et le mien, mais
c'est hors sujet ici), utilise de plus en plus des SSD sur leurs
serveur:

https://news.infomaniak.com/ssd-europeen-swissbit/

De plus, ces SSD (de marque Swissbit https://www.swissbit.com/en/) sont 
fabriqués en Europe.

Je pensais que cette information pourrait être intéressante pour cette
discussion.

s.

Re: Re : date de sortie prévisionnelle de Debian 12 Bookworm: le 10 juin 2023

[steve]

Le 01-05-2023, à 11:26:33 -0400, Ro Bou a écrit :


Bonjour!

J'ai aussi fait l'essai de bookworm. Résultat pas concluant dans mon cas.

Je suis en multi boot avec le windows 10  pré-installé, une 
debian-facile et un disque usb externe  de 4 tb pour des sauvegardes.


Au redémarrage de l'installation le grub n'affichait que la bookworm.


Pour ce problème, il faut cette entrée

GRUB_DISABLE_OS_PROBER=false

dans /etc/default/grub

puis lancer, en root

update-grub2

Ce comportement a changé entre bookworm et la stable actuelle. C'est
noté quelque part dans les notes de publication (je crois).

s.

Re: HFLB Holding SA

[steve]

Bonjour Marie,

C'est visé de mon côté, à Olivier de jouer.

  ~ steve ~ 


Le lundi 01 mai 2023 à 08:04, Marie Vazquez a écrit :


  Chère Madame, chers Messieurs,


  Nous avons saisi ce jour le paiement détaillé ci-après par le débit du
  compte de la société citée en objet, soit :


* Fiduciaire Dreyfus et Zurbuchen SA - facture datée du 31.03.2023
  concernant les travaux effectués durant la période allant du 1^er
  janvier au 28 février 2023.

Re: Boot an EFI system with QEMU

[Steve McIntyre]

On Tue, Apr 25, 2023 at 07:00:21PM +0200, Valentin Caracalla wrote:
>Hello Steve,
>
>thanks a lot for the tip! However, I'm a complete novice when it comes to 
>running custom firmware in QEMU. I just tried the following:
>
>1.: Download the latest EDK2 release from Github:
>
>https://github.com/tianocore/edk2/archive/refs/tags/edk2-stable202302.tar.gz
>
>2.: Extract the OVMF firmware file:
>
>tar xz edk2-edk2-stable202302/OvmfPkg/OvmfPkgX64.fdf 
>3.: Try to run it with QEMU:
>
>sudo qemu-system-x86_64 -accel kvm -bios 
>edk2-edk2-stable202302/OvmfPkg/OvmfPkgX64.fdf -smp 2 -m 2G /dev/sda
>This will just give me a QEMU error message ("could not load PC BIOS"). Is it 
>possible to boot an EFI system with QEMU without downloading a custom firmware 
>file, i.e. is there a Debian package providing this functionality?

My local test scripts for UEFI boot do other things too, but I add the
following:

-pflash  -pflash 

where I copy matching images from /usr/share/OVMF in the ovmf
package. See the file /usr/share/doc/ovmf/README.Debian for what the
different files offer (secure boot, etc.).

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"Yes, of course duct tape works in a near-vacuum. Duct tape works
 anywhere. Duct tape is magic and should be worshipped."
   -― Andy Weir, "The Martian"

Re: Debian installation using debootstrap and grub-install - no entry in ESC boot menu

[Steve McIntyre]

Nicolas George wrote:
>Max Nikulin (12023-04-25):
>> 0.5GB is usually enough, e.g. 550MiB recommended by
>> https://www.rodsbooks.com/gdisk/advice.html#esp_sizing)
>
>If you do not intend to install a Microsoft bootloader or anything
>besides GRUB, 16 megaoctets is plenty enough, probably can work with
>less.

Please STOP giving this advice to people!

Running out of space on the ESP may cause a lot of hassle
later. *Right now*, GRUB is small. But things do grow over time. Also,
if anybody wants to install an extra OS, or use fwupd to install
firmware updates (for example), saving a small amount of disk space
here could cause a massive PITA later.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: Debian installation using debootstrap and grub-install - no entry in ESC boot menu

[Steve McIntyre]

vorubergeh...@tutanota.com wrote:
>By the way:
>
>The disadvantage of using EFI is that it doesn't work in QEMU, i.e. the 
>following will not show a GRUB command line:
>
>sudo qemu-system-x86_64 -accel kvm -smp 2 -m 2G /dev/sda
>
>The same thing works for the BIOS boot interface, however (as in my original 
>recipe).

That's just qemu-system-x86_64 defaulting to using SeaBIOS for
firmware. I boot VMs in UEFI mode all the time, using the EDK2 binary
builds in the ovmf package.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: Is perl still the No.1 language for sysadmin?

[Steve Sobol]

On 2023-04-02 14:57, debian-u...@howorth.org.uk wrote:


I'll admit that when I first saw perl, I thought it was horrific and I
swore to continue using awk and C and ... anything but perl. But then
one day $job required me to learn perl so I did and have been a convert
ever since.


Perl definitely has the edge when you're working with text.

CPAN, however Ooo, CPAN. I can't even think about CPAN without 
my blood pressure rising.


(Don't ask. Just know that CPAN's stupidity has caused me untold amounts 
of grief.)

Re: Is perl still the No.1 language for sysadmin?

[Steve Sobol]

On 2023-04-02 02:24, Emanuel Berg wrote:


If you are looking for a career, Python is much bigger but
there is a lot of shell scripts and for that matter a little
bit of Perl don't harm, absolutely mot.


I'm seeing scripts written in Python far more often than Perl these 
days, but it is probably useful to at least be familiar with both.


There are some very popular software packages, like Sympa and RT, that 
are written in Perl. Both are currently maintained and have dropped new 
releases recently.

Re: [Bookworm] installer stops due to missing wifi firmware

[Steve McIntyre]

sulfur...@gmail.com wrote
>-=-=-=-=-=-
>
>Hello
>
>I'm trying to install Bookworm on a G513QY laptop with MT7921 wifi adapter.
>
>As soon as the installer (Net or DVD) tries to detect the HW, the installer
>stops blank.
>
>The last thing I see in dmesg is something like
>Detected ethernet HW, renamed to eth0 (succeed)
>then... :
>Failed to load mt7821 firmware (lots of this)
>hardware init failed
>[ loaded modules]
>[ stack trace ]
>
>rfkill
>wiphy
>ieee802
>
>
>Any ideas or workaround for this?

There's a bug in the kernel driver here, that we've picked up in
testing of these exact images. See https://bugs.debian.org/1029116 and
https://bugs.debian.org/1031286 if you're interested in the details.

We're planning on doing another debian-installer release in the next
few days which will include this fix. Or if you try one of the current
daily/weekly images it will most likely work too...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: Pilote carte vidéo Nvidia 340 210 obsolète.

[steve]

Le 28-02-2023, à 13:21:19 +0100, ajh-valmer a écrit :


On 28/02/2023 07:32, Basile Starynkevitch wrote:
Et j'ai oublié le plus important: quel est le fichier
/var/log/Xorg.0.log après lancement de /usr/bin/startx ou de /usr/bin/Xorg


Pilote "nouveau" :
Tout semble pourtant bien installé,
j'ai purgé tous les paquets "nvidia",
startx
"Fatal error, no screens found"
"Unable to connect to Xserver"


As-tu viré /etc/X11/xorg.conf ? Il n'est plus utilisé depuis belle
lurette sauf pour des configurations très spécifiques, ce qui n'est
manifestement pas ton cas.

mv xorg.conf xorg.conf.bak

si tu veux garder ce fichier pour l'Histoire :)

Re: awk not just using the Field separator as such. it is using the blank space as well ...

[Steve McIntyre]

lbrt...@gmail.com wrote:
>On 2/21/23, Greg Wooledge  wrote:
>> I have a funny feeling Albretch might be using Microsoft file systems
>> (FAT, NTFS) for a large chunk of his system.  Those have a much larger
>> set of restricted characters.
>
> Certainly not FAT32 and definitely not FAT, but at work (I work as a
>Math teacher and most schools use Microsoft) I have had to use WSL and
>NTFS. I always thought that  FSs used length-defined raster data
>structures in order to avoid messing with points and such things.

Different filesystems can vary massively here, you can't really assume
anything. All of the following can vary in filesystems supported by
Linux:

 * allowed characters in filenames
 * allowed filename lengths
 * allowed full-path lengths
 * character encodings for filenames
 * case-sensitivity
 * max number of files per directory
 * max number of files per filesystem
 * timestamps (minimum, maximum and resolution)
 * support for symlinks and hardlinks
 * support for extended attributes, permissions and and ACLs
 * ...

The VFS layer does a very good job of hiding the complexity and giving
you a reasonably consistent view, but it's not difficult to find edges
if you look. :-)

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: ecran vide après la connexion

[steve]

Hello,

Que donne 'lspci -kv' sous root ?

As-tu essayé un live-cd pour voir si le problème est identique ?

s.

Re: dell latitude 3510 - bios settings to boot debian netinst

[Steve McIntyre]

Jeff wrote:
>On Sun, Jan 22, 2023 at 9:51 PM Russell L. Harris  wrote:
>
>> 2) So I turn on Secure Boot?
>
>I recommend turning SecureBoot off.
>
>  - UEFI
> * GPT = on
> * SecureBoot = off
>
>And legacy modes, like BIOS legacy = off.
>
>In SecureBoot, the only thing that is attested are the disk images.
>There's no guarantees about the program once it is in-memory and
>executing. What's being executed in-memory is the important thing.
>
>The biggest accomplishment SecureBoot achieved under Windows 8 was
>locking out other operating systems. And that did not last very long.

Sigh. Secure Boot also does a reasonable job of blocking persistent
pre-boot malware, which is absolutely worth doing.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: Passwords

[steve]

Le 17-01-2023, à 15:05:37 +0100, to...@tuxteam.de a écrit :


chroot can be tricky for newcommers…


That's why passwd is nice to us and has the -R option :)


Thanks Tomas, didn't know that option. Will go to bed a bit less stupid
tonight :-)

Re: Passwords

[steve]

Le 17-01-2023, à 08:07:02 -0500, Greg Wooledge a écrit :


On Tue, Jan 17, 2023 at 01:53:33PM +0100, steve wrote:

Le 17-01-2023, à 07:19:04 -0500, Greg Wooledge a écrit :

> On Tue, Jan 17, 2023 at 09:36:03AM +0100, steve wrote:
> > Easier would be to delete the second field in /etc/shadow for root, so there
> > won't be anymore root password (it's empty). You can then create one with 
the
> > 'passwd' command.
>
> If you can edit the /etc/shadow file, you're already root, which means
> you can simply run "passwd root" to set a new password.  You will not
> be prompted for the old password, so there's no need to clear the old
> password hash preemptively.

You're right if you're editing the file in the OS, but not if you have
accessed data from a live-cd, which was what I was thinking. Sorry.


If you went in via a Live CD, and mounted the Debian root partition,
the next step is to chroot into the Debian root partition.  Then you
can run "passwd root" in the chroot shell.  Then exit from the shell,
and unmount the Debian partition.


chroot can be tricky for newcommers…


Of course, your way (which I'm assuming is "mount the Debian root
partition, edit the /debian/etc/shadow file to clear the hash, unmount
it, reboot into Debian, login as root with no password, and run "passwd")
also works, but it's a bit more effort.


Sure but it's pretty straightforward and simple to understand.

Anyway, thanks for the other options, always good to have a refresh :)

Re: Passwords

[steve]

Le 17-01-2023, à 07:19:04 -0500, Greg Wooledge a écrit :


On Tue, Jan 17, 2023 at 09:36:03AM +0100, steve wrote:

Easier would be to delete the second field in /etc/shadow for root, so there
won't be anymore root password (it's empty). You can then create one with the
'passwd' command.


If you can edit the /etc/shadow file, you're already root, which means
you can simply run "passwd root" to set a new password.  You will not
be prompted for the old password, so there's no need to clear the old
password hash preemptively.


You're right if you're editing the file in the OS, but not if you have
accessed data from a live-cd, which was what I was thinking. Sorry.

Re: Passwords

[steve]

Le 17-01-2023, à 07:58:40 +, Tim Woodall a écrit :



One other thing you can do if you don't have a quick and easy way to
boot is to manually replace the hash in /etc/shadow with one that you do
know the password for. (This might be the case, for example, where the
USB stick is for booting ARM but all your other machines are x86, mount,
change password, umount is much quicker than trying to work out how to
live boot a headless arm system...)


Easier would be to delete the second field in /etc/shadow for root, so there
won't be anymore root password (it's empty). You can then create one with the
'passwd' command.

Re: quite the end of an era: Re: Bug#931659: transition: rm python2

[Steve McIntyre]

Greg wrote:
>On Wed, Jan 11, 2023 at 10:42:31PM +, Tim Woodall wrote:
>> On Tue, 10 Jan 2023, songbird wrote:
>> 
>> >  kudoes to everyone who helped with this in getting it done, finding
>> > bugs, fixing problems, converting code, updating docs and testing.  :)
>> > 
>> 
>> What does debian use for moinmoin? Is the debian wiki stuck on buster?
>
>I was wondering exactly the same thing, a few months ago.  I asked on
>the Libera #debian IRC channel, and nobody knew.  (Fair enough.)
>
><https://wiki.debian.org/SystemInfo> shows the Python version:
>2.7.16 (default, Oct 10 2019, 22:02:15) [GCC 8.3.0]
>
>This is precisely the same as mine shows, and mine is running on buster.
>So my tentative conclusion is that wiki.debian.org is still hosted on
>a buster machine (virtual or physical).  I'm wondering what the path
>forward is for us.

Correct, we're still on buster for now.

I'm *hoping* to move forwards to moin 2 on python 3 at some point
soon, and Paul Boddie has been doing some great work on the ackaging
front there. But there's a bit more work needed yet all round.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"

Re: Package versions in multi-arch

[Steve McIntyre]

Mark wrote:
>
>I have a package installation problem which leads to a question about
>how (and if) package versions interact in different architectures.
>
>My system is an amd64 bookworm system, with multi-arch support and
>some packages from i386 installed, to support a vendor-supplied
>printer driver and, more relevantly to this problem I think, steam.
>
>For the last week or so package libllvm15:i386 doesn't want to upgrade
>and is "kept back" by apt.
>
>$ apt show -a liblllvm15:i386
>
>Shows two possible package versions, 1:15.0.6-3 which is installed and
>1:15.0.6-3+b1 which is a candidate to install. This situation pertains
>only to the i386 version, the amd64 version is at 1:15.0.6-3 and
>doesn't seem to have a newer version. This agrees with what I see on
>packages.debian.org.

...

>Am I reading this right that if two architectures of the same package
>are installed on the same system with multi-arch support, they have to
>be the same version? If that is true, the solution is just to wait for
>the new version of the package to be added in amd64. But... really?

You've been bitten by a subtle but unfortunately common problem,
yes. In multi-arch systems the versions of packages have to be totally
in sync. But the +b1 syntax here means that the i386 package has had a
binNMU (binary NMU) build which means that they *can't* be in
sync. The problem should be solved with the next new upload of the
llvm-toolchain-15 source package - that will bump the version in both
cases so that they match.

binNMUs are horrible. :-(

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"We're the technical experts.  We were hired so that management could
 ignore our recommendations and tell us how to do our jobs."  -- Mike Andrews

aptitude update / upgrade broke my Rapbian bullseye

[Steve Keller]

On Nov 26, I upgraded a Raspberry 4 from buster to bullseye using the
standard procedure of edit /etc/apt/sources.list and then apt-get
update && apt-get dist-upgrade.  Everything went fine, it ran stable
for some days and one annoying bug in the openbox window manager
occured less often.

On Dec 1, I did aptitude update && aptitude full-upgrade and it found
lots of dependency problems.  It seems this was mainly caused by
changing from gcc-8 to gcc-10 and python 3.7 to python 3.9.  I accepte
the second suggestion to solve these problems, removing a couple of
packages, and the whole upgrade process seemed to work smoothly.

But on the following reboot, it showed lots of problems:

1. dhcpcd doesn't reliably get its config, /etc/resolv.conf remains
   empty and the eth0 interface doesn't get an IP address.

2. Because of 1. NFS mounts fail

3. With restarting dhcpcd this gets fixed but after some time
   (e.g. hours) dhcpcd fails again repeatedly with

  dhcpcd[416]: ipv6nd_sendadvertisement: No buffer space available

4. Even when dhcpcd had success and the network is configured,
   avahi-daemon for no apparent reason eventually changes the
   interface address.  From daemon.log:

Dec  4 20:04:50  avahi-daemon[321]: Withdrawing address record for 
10.0.0.8 on eth0.
Dec  4 20:04:50  connmand[328]: eth0 {del} address 10.0.0.8/24 label eth0
Dec  4 20:04:50  connmand[328]: eth0 {del} route 10.0.0.0 gw 0.0.0.0 
scope 253 
Dec  4 20:04:50  connmand[328]: eth0 {del} route 10.0.0.254 gw 10.0.0.254 
scope 0 
Dec  4 20:04:50  connmand[328]: eth0 {del} route 0.0.0.0 gw 10.0.0.254 
scope 0 
Dec  4 20:04:50  dhcpcd[416]: eth0: adding default route
Dec  4 20:04:50  dhcpcd[416]: eth0: pid 0 deleted default route
Dec  4 20:05:34  avahi-daemon[321]: Registering new address record for 
169.254.129.129 on eth0.IPv4.
Dec  4 20:05:34  connmand[328]: eth0 {add} address 169.254.129.129/16 
label eth0 family 2
Dec  4 20:05:34  connmand[328]: eth0 {add} route 0.0.0.0 gw 0.0.0.0 scope 
253 

5. Also connmand, which I hadn't in buster, continously logs messages
   to daemon.log every few seconds:

Dec  7 05:48:34  connmand[328]: Skipping server 10.0.0.254 KoD code RATE
Dec  7 05:48:43  connmand[328]: Skipping server 10.0.0.1 KoD code RATE
Dec  7 05:48:52  connmand[328]: Skipping server 10.0.0.1 KoD code RATE
Dec  7 05:48:57  connmand[328]: Skipping server 10.0.0.254 KoD code RATE
Dec  7 05:49:06  connmand[328]: Skipping server 10.0.0.1 KoD code RATE

6. The whole network seems unreliable.

7. A couple of changes in the GUI, which I don't care about much at the moment:

   The Debian logo in the top left of the panel where you get the
   start menu for app is replaced by a green arrow pointing left.

   The small icons in the start menus to launch apps are missing

   The entries in the panel for audio volume, network, and keyboard
   language are missing.

8. I think there were some other minor issue which I currently don't
   remember.

Now I wonder if there is a chance to get all these things fixed or if
a fresh re-install would be easier, faster, and more sucessful.

I think, first I should remove connmand, since I don't know what I'd
need it for.

Steve

Re: Dial-in serial getty

[Steve Keller]

Dan Ritter wrote:

> agetty needs '-L never' to answer a modem; the modem may need an
> --init-string to be told to answer incoming calls. Have you done
> both of those?

I had tried -Lnever and it just causes a message in /var/log/auth.log

Dec  7 05:02:17 bit agetty[1555324]: invalid argument of --local-line

and agetty does not exec /bin/login in this case but only logs the
error message, waits for 10s, and then exits.  Since agetty does not
wait for the modems carrier detect or for the "RING" message from the
modem I don't see how it can be used on dial-in lines.

Steve