Re: [DNG] ..proper use of /merged and /devuan, was: Trouble with apt-get upgrade over TOR

[Fungal-net]

>>> On Tue, 24 Oct 2017 18:26:45 +0100, KatolaZ wrote in message


> jessie-proposed is under /devuan
> jessie-proposed-updates is under /devuan
> experimental is under /devuan

> The rest is under /merges, if I have not missed something.

I did not ask because I wanted to blame anyone, but asked so I can solve a 
problem
The above instructions are what they SHOULD be and this is HOW THEY WERE.
Since the keyring was not updated prior to the shift to amprolla3 all the 
merged repositories were invalid, and this is where the new keyring was.
Only by switching the merged into devuan was I able to update the key, I just 
didn't realize I had to rechange back to merged.  But merged were inaccessible 
without the key.

Why not go and delete your /etc/apt/trusted.gpg.d and see if you can install 
the keyring from /merged
I couldn't!   I could from /devuan!
If that is true then the instructions to switch from Debian/jessie to 
Devuan/jessie with onion addresses are invalid.  So try not to shove this under 
the carpet, yet.
In any case my question was about -ascii and -ceres not about -jessie but I 
will have to make the deduction, which has proven many times in the past to be 
false.___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] ..proper use of /merged and /devuan, was: Trouble with apt-get upgrade over TOR

[lpb+devuan]

This is my sources.list:

deb tor+http://devuanfwojg73k6r.onion/merged jessie  main contrib
deb tor+http://devuanfwojg73k6r.onion/merged jessie-updates  main contrib
deb tor+http://devuanfwojg73k6r.onion/merged jessie-security main contrib

That's it, no changes from that.

On 10/24/2017 02:50 PM, Antony Stone wrote:
> On Tuesday 24 October 2017 at 21:37:38, lpb+dev...@kandl.houston.tx.us wrote:
> 
>> I didn't change anything on my side, and now it seems to be working.
> 
> Please could you clarify what configuration you are using now, so we can know 
> what you haven't changed and is working :)
> 
> I for one would be interested to understand the distinction between /devuan 
> and /merged for these repositories...
> 
> 
> Antony.
> 
>> On 10/24/2017 02:18 PM, Arnt Karlsen wrote:
>>> On Tue, 24 Oct 2017 18:26:45 +0100, KatolaZ wrote in message
>>>
>>> <20171024172645.gy4...@katolaz.homeunix.net>:
 jessie-proposed   is under /devuan
 jessie-proposed-updates   is under /devuan
 experimental is under /devuan
>>>
>>> ..are you now saying these 3 should be /devuan and NOT /merged?
>>>
 The rest is under /merges, if I have not missed something.

> I think there is proposed-security as well.
>>>
>>> ..these 4 should be /devuan, the rest should be /merged, AIUI.
> 

-- 
ıɐq  ıƃınl
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Amprolla3 is out for testing

[Massimiliano Baldinelli]

On 10/20/2017 11:47 PM, goli...@dyne.org wrote:


If you want to help testing the new amprolla3, you just need to:

- replace "auto.mirror.devuan.org" with "pkgmaster.devuan.org" in
   your /etc/apt/sources.list
- # apt-get update
- # apt-get install devuan-keyring


I'm on ASCII, just made the switch, 34 packages to upgrade (about 76M). 
Apparently no problem here.


Long live D1 :)


--
   "Sin clave no hay salsa."

   ---=== Powered by Devuan GNU+Linux ===---
  http://distrowatch.com/table.php?distribution=devuan
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] ..proper use of /merged and /devuan, was: Trouble with apt-get upgrade over TOR

[Antony Stone]

On Tuesday 24 October 2017 at 21:37:38, lpb+dev...@kandl.houston.tx.us wrote:

> I didn't change anything on my side, and now it seems to be working.

Please could you clarify what configuration you are using now, so we can know 
what you haven't changed and is working :)

I for one would be interested to understand the distinction between /devuan 
and /merged for these repositories...


Antony.

> On 10/24/2017 02:18 PM, Arnt Karlsen wrote:
> > On Tue, 24 Oct 2017 18:26:45 +0100, KatolaZ wrote in message
> > 
> > <20171024172645.gy4...@katolaz.homeunix.net>:
> >> jessie-proposed   is under /devuan
> >> jessie-proposed-updates   is under /devuan
> >> experimental is under /devuan
> > 
> > ..are you now saying these 3 should be /devuan and NOT /merged?
> > 
> >> The rest is under /merges, if I have not missed something.
> >> 
> >>> I think there is proposed-security as well.
> > 
> > ..these 4 should be /devuan, the rest should be /merged, AIUI.

-- 
You can spend the whole of your life trying to be popular,
but at the end of the day the size of the crowd at your funeral
will be largely dictated by the weather.

 - Frank Skinner

   Please reply to the list;
 please *don't* CC me.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] ..proper use of /merged and /devuan, was: Trouble with apt-get upgrade over TOR

[lpb+devuan]

I didn't change anything on my side, and now it seems to be working.


On 10/24/2017 02:18 PM, Arnt Karlsen wrote:
> On Tue, 24 Oct 2017 18:26:45 +0100, KatolaZ wrote in message 
> <20171024172645.gy4...@katolaz.homeunix.net>:
> 
>>
>> jessie-proposed   is under /devuan
>> jessie-proposed-updates   is under /devuan
>> experimental   is under /devuan
> 
> ..are you now saying these 3 should be /devuan and NOT /merged?
> 
> 
>> The rest is under /merges, if I have not missed something. 
>>
>>> I think there is proposed-security as well.
> 
> ..these 4 should be /devuan, the rest should be /merged, AIUI.
> 

-- 
ıɐq  ıƃınl
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] ..proper use of /merged and /devuan, was: Trouble with apt-get upgrade over TOR

[Arnt Karlsen]

On Tue, 24 Oct 2017 18:26:45 +0100, KatolaZ wrote in message 
<20171024172645.gy4...@katolaz.homeunix.net>:

> 
> jessie-proposed   is under /devuan
> jessie-proposed-updates   is under /devuan
> experimentalis under /devuan

..are you now saying these 3 should be /devuan and NOT /merged?


> The rest is under /merges, if I have not missed something. 
> 
> > I think there is proposed-security as well.

..these 4 should be /devuan, the rest should be /merged, AIUI.

-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[KatolaZ]

On Tue, Oct 24, 2017 at 11:45:57AM -0400, Fungal-net wrote:

[cut]

> > The repository is not updated and the previous index files will be used. 
> > GPG error: tor://devuanfwojg73k6r.onion/merged ascii InRelease: The 
> > following signatures couldn't be verified because the public key is not 
> > available: NO_PUBKEY BB23C00C61FC752C

apt is telling you that you don'e have the key for that repo.  You
must:

  # apt-get update
  # apt-get install devuan-keyring

because amprolla3 is using a new signing key, which has been included
in the latest devuan-keyring. This was actually explained in the
announcement to this list. I admit that we didn't announce the
transition to amprolla3 for the onion address. Sorry for that.

> 
> I think I'm getting somewhere.
> The merged repositories will not update because the key is expired.  One 
> would have to revert to the /devuan/ update the keyring and re-edit the 
> repositories with the new key to be able to upgrade.
> But what about proposed-updates, is this devuan or merged?


jessie-proposed   is under /devuan
jessie-proposed-updates   is under /devuan
experimental  is under /devuan


The rest is under /merges, if I have not missed something. 

> I think there is proposed-security as well.
> 
> The installation I normally use and was checked frequently didn't have the 
> same problem as the ones that have been unattended for a month or two.  
> Somehow it seems as the keyring was updated before the pkgmaster deal and 
> that makes the difference.

That's because you need to install the latest devuan-keyring, as
explained above.

HTH

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[Fungal-net]

> From: kato...@freaknet.org
>
>> To: dng@lists.dyne.org
>>
>> On Tue, Oct 24, 2017 at 10:26:01AM -0400, Fungal-net wrote:
>>
>> [cut]
>>
>>>
>>> I reported the same in the forum and although I did not get an answer yet
>>> when earlier today I was trying to figure it out I changed all rep"s 
>>> /merged/ to
>>> /devuan/ and I got working releases. The /merged/ directories of the 
>>> repositories
>>> seem to not have been updated for a couple of months.
>>> I think this works for all ascii, ceres, experimental.
>>> Ohh.. and there was an update in one of the refracta pkgs as well :)
>>>
>>
>> That"s totally wrong. You should not replace /merged with /devuan
>> otherwise you won"t get any package at all, except those forked by
>> Devuan.
>>
>>> But it would be nice if one of the insideres would clarify this information 
>>> as
>>> there has been ambiguity on what is what for 3-4 days now.
>>> The confusing issue is that pkgmaster or whatever is called with amprolla3
>>> in the announcement says /merged/ while they say all onion is on pkgmaster
>>> but only /devuan/ works.
>>
>> I don"t understand what you refer to, since many users are using the
>> onion address and have no problems with that. The onion address works
>> as the normal pkgmaster.devuan.org, and changing /merged with /devuan
>> is not solving your problem, only eliminating it in the wrong way
>> (since you will miss all the packages that were not forked by Devuan,
>> which are an overwhelming majority).
>>
>> The Devuan onion address works by redirecting requests of non-devuan
>> packages to a Debian onion repo. If you onion configuration is
>> correct, you should be able to use the repos without errors.
>>
>> If you could be so kind to show what error you get, we might try to
>> nail the cause down.
>
> The repository is not updated and the previous index files will be used. GPG 
> error: tor://devuanfwojg73k6r.onion/merged ascii InRelease: The following 
> signatures couldn't be verified because the public key is not available: 
> NO_PUBKEY BB23C00C61FC752C

I think I'm getting somewhere.
The merged repositories will not update because the key is expired.  One would 
have to revert to the /devuan/ update the keyring and re-edit the repositories 
with the new key to be able to upgrade.
But what about proposed-updates, is this devuan or merged?
I think there is proposed-security as well.

The installation I normally use and was checked frequently didn't have the same 
problem as the ones that have been unattended for a month or two.  Somehow it 
seems as the keyring was updated before the pkgmaster deal and that makes the 
difference.___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[Fungal-net]

> From: kato...@freaknet.org
> To: dng@lists.dyne.org
>
> On Tue, Oct 24, 2017 at 10:26:01AM -0400, Fungal-net wrote:
>
> [cut]
>
>>
>> I reported the same in the forum and although I did not get an answer yet
>> when earlier today I was trying to figure it out I changed all rep"s 
>> /merged/ to
>> /devuan/ and I got working releases. The /merged/ directories of the 
>> repositories
>> seem to not have been updated for a couple of months.
>> I think this works for all ascii, ceres, experimental.
>> Ohh.. and there was an update in one of the refracta pkgs as well :)
>>
>
> That"s totally wrong. You should not replace /merged with /devuan
> otherwise you won"t get any package at all, except those forked by
> Devuan.
>
>> But it would be nice if one of the insideres would clarify this information 
>> as
>> there has been ambiguity on what is what for 3-4 days now.
>> The confusing issue is that pkgmaster or whatever is called with amprolla3
>> in the announcement says /merged/ while they say all onion is on pkgmaster
>> but only /devuan/ works.
>
> I don"t understand what you refer to, since many users are using the
> onion address and have no problems with that. The onion address works
> as the normal pkgmaster.devuan.org, and changing /merged with /devuan
> is not solving your problem, only eliminating it in the wrong way
> (since you will miss all the packages that were not forked by Devuan,
> which are an overwhelming majority).
>
> The Devuan onion address works by redirecting requests of non-devuan
> packages to a Debian onion repo. If you onion configuration is
> correct, you should be able to use the repos without errors.
>
> If you could be so kind to show what error you get, we might try to
> nail the cause down.

The repository is not updated and the previous index files will be used. GPG 
error: tor://devuanfwojg73k6r.onion/merged ascii InRelease: The following 
signatures couldn't be verified because the public key is not available: 
NO_PUBKEY BB23C00C61FC752C___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[KatolaZ]

On Tue, Oct 24, 2017 at 10:26:01AM -0400, Fungal-net wrote:

[cut]

> 
> I reported the same in the forum and although I did not get an answer yet
> when earlier today I was trying to figure it out I changed all rep's /merged/ 
> to
> /devuan/  and I got working releases.  The /merged/ directories of the 
> repositories
> seem to not have been updated for a couple of months.
> I think this works for all ascii, ceres, experimental.
> Ohh..  and there was an update in one of the refracta pkgs as well :)
>

That's totally wrong. You should not replace /merged with /devuan
otherwise you won't get any package at all, except those forked by
Devuan.


> But it would be nice if one of the insideres would clarify this information as
> there has been ambiguity on what is what for 3-4 days now.
> The confusing issue is that pkgmaster or whatever is called with amprolla3
> in the announcement says /merged/  while they say all onion is on pkgmaster
> but only /devuan/ works.

I don't understand what you refer to, since many users are using the
onion address and have no problems with that. The onion address works
as the normal pkgmaster.devuan.org, and changing /merged with /devuan
is not solving your problem, only eliminating it in the wrong way
(since you will miss all the packages that were not forked by Devuan,
which are an overwhelming majority).

The Devuan onion address works by redirecting requests of non-devuan
packages to a Debian onion repo. If you onion configuration is
correct, you should be able to use the repos without errors.

If you could be so kind to show what error you get, we might try to
nail the cause down.

HND

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[Fungal-net]

> From: a...@iaksess.no
> To: dng@lists.dyne.org
>
> On Mon, 23 Oct 2017 13:45:48 -0500, lpb+dev...@kandl.houston.tx.us
> wrote in message
> 3b6863f4-a35a-8b41-b09a-333778dab...@kandl.houston.tx.us:
>
>> I'm having trouble doing an "apt-get upgrade" over tor+http. The
>> update works fine; my guess is the manifests have bad information.
>> Here's what a session looks like (see below). Am I doing something
>> wrong?
>> I would have posted this to the bug tracker but I'm not sure to which
>> package to assign it.
>>
>> ..try 'reportbug apt-transport-tor', if you don't have it installed,
>> you'll see:
>> "Getting status for apt-transport-tor...
>> No matching source or binary packages.
>> A package named "apt-transport-tor" does not appear to be installed; do
>> you want to search for a similar-looking filename in an installed
>> package [Y|n|q|?]?"
>>
>> ..if you have it installed, just follow reportbug's promts.
>>
>> ..search tip: 'apt-cache search apt-transport ' yields:
>> apt-transport-https - https download transport for APT
>> apt-transport-spacewalk - APT transport for communicating with
>> Spacewalk servers
>> apt-transport-tor - APT transport for anonymous package downloads via
>> Tor
>>
>> --
>> ..med vennlig hilsen = with Kind Regards from Arnt Karlsen
>> ...with a number of polar bear hunters in his ancestry...
>> Scenarios always come in sets of three:
>> best case, worst case, and just in case.

I reported the same in the forum and although I did not get an answer yet
when earlier today I was trying to figure it out I changed all rep's /merged/ to
/devuan/  and I got working releases.  The /merged/ directories of the 
repositories
seem to not have been updated for a couple of months.
I think this works for all ascii, ceres, experimental.
Ohh..  and there was an update in one of the refracta pkgs as well :)

But it would be nice if one of the insideres would clarify this information as
there has been ambiguity on what is what for 3-4 days now.
The confusing issue is that pkgmaster or whatever is called with amprolla3
in the announcement says /merged/  while they say all onion is on pkgmaster
but only /devuan/ works.___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Debian testing drop redis non systemd [update]

[Bardot Jérôme]

This is what the debian maintainer wrote to me about redis.

(i ask if i miss understood the patch loq )

> Maybe i miss understood the message ?

You did. As the changelog entry mentions, it's only the Debian-
specific (eg.) /etc/redis/redis-server.pre-up.d support that have
been removed... and they were removed from both SysV and the systemd
"variants".



0x03878A98.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Debian testing drop redis non systemd

[John Hughes]

On 24/10/17 14:44, Patrick Meade wrote:


Only the first option is acceptable to me, so what needs to be done is 
also clear to me. I'm hoping that the Debian maintainer will be 
willing to revert this change, as that would be the easiest way for 
everybody to win. If not, well... there is some work ahead.



Perfectly reasonable.

It seems the obvious way forward is for a redis user who uses this 
feature to make a bug report.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Trouble with apt-get upgrade over TOR

[Arnt Karlsen]

On Mon, 23 Oct 2017 13:45:48 -0500, lpb+dev...@kandl.houston.tx.us
wrote in message
<3b6863f4-a35a-8b41-b09a-333778dab...@kandl.houston.tx.us>:

> I'm having trouble doing an "apt-get upgrade" over tor+http. The
> update works fine; my guess is the manifests have bad information.
> Here's what a session looks like (see below). Am I doing something
> wrong?
> 
> I would have posted this to the bug tracker but I'm not sure to which
> package to assign it.

..try 'reportbug apt-transport-tor', if you don't have it installed,
you'll see: 
"Getting status for apt-transport-tor...
No matching source or binary packages.
A package named "apt-transport-tor" does not appear to be installed; do
you want to search for a similar-looking filename in an installed
package [Y|n|q|?]?"

..if you have it installed, just follow reportbug's promts.

..search tip: 'apt-cache search apt-transport ' yields:
apt-transport-https - https download transport for APT
apt-transport-spacewalk - APT transport for communicating with
Spacewalk servers 
apt-transport-tor - APT transport for anonymous package downloads via
Tor

-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Debian testing drop redis non systemd

[Patrick Meade]

On 10/23/2017 09:19 AM, John Hughes wrote:

On 23/10/17 15:59, Patrick Meade wrote:
As John Hughes said, this isn't quite as bad as we originally thought. 
We can still run redis-server with the Debian provided sysvinit 
script, and Debian isn't throwing away upstream files for no reason.


Also note that the upstream init script example doesn't support the 
Debian hook scripts.  Perhaps upstream don't think that's useful 
functionality?


However, it's not all sunshine and flowers either. The daemon state 
change hooks are removed in the latest Debian package. If someone had 
a script that pre-loaded data into the redis cache on daemon start, or 
fired off a backup of the persistent store on daemon stop, these 
scripts would no longer be called when redis goes up/down.


Given that there is no documentation for these scripts other than the 
Debian changelog is anyone using them?


These are two good questions, but unfortunately it seems run-parts is a 
common idiom in Debian that dates back to 1994. Even if the redis 
feature was not well documented, it is not unrealistic to think that a 
system administrator could have gone to /etc/redis, saw the directories, 
and understood by the name of the directory what kind of script goes 
there, and what it would do.


So we have two groups of systems here.

Group A: Systems that never used the init script hooks in redis.

Group B: Systems that made use of the init script hooks in redis.

Group A pretty obviously doesn't give a rip either way. They never used 
the functionality, so they don't miss it now that it's gone. If we bring 
it back, they almost certainly won't care that it came back. If we leave 
it gone, they almost certainly won't care that it's still gone. Any 
action on our part neither helps nor harms the Group A folks. So, we set 
them aside.


The Group B folks will notice their system break once they upgrade. If 
we bring the functionality back, they will be happy that their system 
still works (sunny day). If we leave it gone, they will be unhappy that 
their system is broken (rainy day). The sunny day case requires nothing 
further, so we set it aside.


The rainy day case has two possible paths; try to fix the system or let 
it stay broken. The path chosen by the user will depend on their goals. 
The case where they let it stay broken requires nothing further, so we 
set it aside. The case where they try to fix it gets interesting.


If they are on Debian proper, the advice given will likely to be update 
the systemd unit to point to their scripts. systemd will run their 
scripts and they will be happy again. Since this case requires nothing 
further, we set it aside.


However, if they are on Devuan, there is no systemd. And without 
restoring the old functionality or providing new functionality, our 
answer will be an empty one: "Debian upstream broke it. Sorry." And our 
poor system administrator goes away empty handed, and maybe starts 
looking for a new distro.


Finally then, on the only path where our actions actually matter, we 
have two choices:


1. Restore the functionality, so that everybody including Devuan users, win.

2. Neglect the functionality, and let everybody except Devuan users, win.

Only the first option is acceptable to me, so what needs to be done is 
also clear to me. I'm hoping that the Debian maintainer will be willing 
to revert this change, as that would be the easiest way for everybody to 
win. If not, well... there is some work ahead.


Patrick
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Error after upgrade debian wheezy to devuan jessie...

[Linux O'Beardly]

Thomas,

First, it seems that you're actually trying to install different revisions
of the same package. You had libc-bin (2.19-18+deb8u9) in your first email,
and libc-bin (2.19-18+deb8u10) in your second.  While this is a minor
difference, I've seen it cause issues. I spun a test Debian Wheezy system
in VirtualBox and then upgraded to Devuan Jessie.  I could not recreate the
problem. Do you think you may have a corrupted package?  Did you try
removing the libc-bin package, then running a fresh update and
reinstalling?

rm /var/cache/archives/libc-bin_2.19-18+deb8u10_amd64.deb  AND/OR
rm /var/cache/archives/libc-bin_2.19-18+deb8u9_amd64.deb
apt-get update
apt-get install --reinstall libc-bin

Just a thought.

HTH,

Linux O'Beardly
@LinuxOBeardly
http://o.beard.ly
linux.obear...@gmail.com

On Tue, Oct 24, 2017 at 3:27 AM, Thomas Besser 
wrote:

> Hi all,
>
> meanwhile I upgraded the next server from debian wheezy to devuan jessie.
>
> With the same result on upgrading packages, like today:
>
> Trigger für libc-bin (2.19-18+deb8u10) werden verarbeitet ...
> syntax error at (eval 6) line 91, near ") {"
> Can't use global $/ in "my" at (eval 6) line 94, near ", $/"
> Global symbol "$fn" requires explicit package name at (eval 6) line 94.
> syntax error at (eval 6) line 96, near ";
>
> No one else has this problem on upgrading from debian wheezy to devuan
> jessie?
>
> Where can I find those 'trigger' scripts in Debian/Devuan?
> https://wiki.debian.org/DpkgTriggers says nothing about that.
>
> Purging package 'libc-bin' and reinstalling seems not to be a really
> good idea on a productive system ;-)
>
> Any hints how to solve this issue?
>
> Thanks in advance...
> Thomas
>
> Am 16.06.2017 um 08:45 schrieb Thomas Besser:
> > Hi,
> >
> > upgraded two file server last week from debian wheezy to devuan jessie.
> > Nearly everthing worked smooth on upgrading.
> >
> > Something is wrong with 'libc-bin'. On each operation with apt-get I'm
> > getting following error:
> >
> > The following packages will be upgraded:
> >   libgcrypt20
> > 1 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> > Need to get 0 B/393 kB of archives. After unpacking 0 B will be used.
> > (Reading database ... 49511 files and directories currently installed.)
> > Preparing to unpack .../libgcrypt20_1.6.3-2+deb8u3_amd64.deb ...
> > Unpacking libgcrypt20:amd64 (1.6.3-2+deb8u3) over (1.6.3-2+deb8u2) ...
> > Setting up libgcrypt20:amd64 (1.6.3-2+deb8u3) ...
> > Processing triggers for libc-bin (2.19-18+deb8u9) ...
> > syntax error at (eval 6) line 91, near ") {"
> > Can't use global $/ in "my" at (eval 6) line 94, near ", $/"
> > Global symbol "$fn" requires explicit package name at (eval 6) line 94.
> > syntax error at (eval 6) line 96, near ";
> >   }"
> >
> > Any hints to solve this issue?
> >
> > Tried "apt-get install --reinstall libc-bin" without success.
> >
> > Regards
> > Thomas
> >
> > P.S.: Same error occurs on both machines.
> >
> > ___
> > Dng mailing list
> > Dng@lists.dyne.org
> > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> >
>
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Error after upgrade debian wheezy to devuan jessie...

[Thomas Besser]

Hi all,

meanwhile I upgraded the next server from debian wheezy to devuan jessie.

With the same result on upgrading packages, like today:

Trigger für libc-bin (2.19-18+deb8u10) werden verarbeitet ...
syntax error at (eval 6) line 91, near ") {"
Can't use global $/ in "my" at (eval 6) line 94, near ", $/"
Global symbol "$fn" requires explicit package name at (eval 6) line 94.
syntax error at (eval 6) line 96, near ";

No one else has this problem on upgrading from debian wheezy to devuan
jessie?

Where can I find those 'trigger' scripts in Debian/Devuan?
https://wiki.debian.org/DpkgTriggers says nothing about that.

Purging package 'libc-bin' and reinstalling seems not to be a really
good idea on a productive system ;-)

Any hints how to solve this issue?

Thanks in advance...
Thomas

Am 16.06.2017 um 08:45 schrieb Thomas Besser:
> Hi,
> 
> upgraded two file server last week from debian wheezy to devuan jessie.
> Nearly everthing worked smooth on upgrading.
> 
> Something is wrong with 'libc-bin'. On each operation with apt-get I'm
> getting following error:
> 
> The following packages will be upgraded:
>   libgcrypt20
> 1 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Need to get 0 B/393 kB of archives. After unpacking 0 B will be used.
> (Reading database ... 49511 files and directories currently installed.)
> Preparing to unpack .../libgcrypt20_1.6.3-2+deb8u3_amd64.deb ...
> Unpacking libgcrypt20:amd64 (1.6.3-2+deb8u3) over (1.6.3-2+deb8u2) ...
> Setting up libgcrypt20:amd64 (1.6.3-2+deb8u3) ...
> Processing triggers for libc-bin (2.19-18+deb8u9) ...
> syntax error at (eval 6) line 91, near ") {"
> Can't use global $/ in "my" at (eval 6) line 94, near ", $/"
> Global symbol "$fn" requires explicit package name at (eval 6) line 94.
> syntax error at (eval 6) line 96, near ";
>   }"
> 
> Any hints to solve this issue?
> 
> Tried "apt-get install --reinstall libc-bin" without success.
> 
> Regards
> Thomas
> 
> P.S.: Same error occurs on both machines.
> 
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> 

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI and Secure Boot

[marc]

Hello

> > If you are worried that somebody who has
> > compromised your OS remotely will hack your bootloader, then
> > reconsider their motives: They are already on a running host OS
> > as root and can look inside your encrypted disk volumes too -
> > you have lost already.
> 
> Secureboot is there to prevent someone who has root access from installing a 
> rootkit.  (see above)  ???Looking inside??? is bad enough, and kernel signing 
> won???t prevent a Wordpress security flaw from letting them in.  It keeps 
> them from compromising the kernel, the tool you rely on to see they are 
> there. 
> 


Once root is compromised, the game is over. That is axiomatic.

An attacker with root can get userspace to lie to you too. A
keylogger can be written in userspace using evdev.  Once a bad
guy has root on a system that contains confidential information,
you assume that information is compromised. You re-install (or re-sell),
you don't reboot.

More importantly: If you want to build your own kernel, you need
to have the private key to sign it. Unless you compile this
kernel on a different system *and* transfer it across using a
mechanism which prevents a bad guy from hopping into your build
system (eg, no ssh, and stuxnet showed that USB isn't 100%
safe either) you have been totally compromised.

That is what makes the secure boot infrastructure so useful for
third parties who wish to control you: You are not authorised
to access their build system, so they get to distribute a
kernel to you that they know you can't circumvent.

Secureboot is designed for them, not for you. You might come
up with a really exotic use case, where it might help you. But
if you look at it carefully enough, it relies on secureboot
redefining root to something weaker than what we want, and
running some complex infrastructure which you are unaware
of behind it. If you want a weak root, run a virtual machine 
instead.

regards

marc
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd-udevd: renamed network interface eth0 to eth1

[Arnt Gulbrandsen]

(Sorry, forgot to send earlier)

Steve Litt writes:

Something that used to
take no more than correctly configuring grub now requires execution
of the volumes of information in these links, with much of that
execution being trial and error because of different UEFI/secureboot
implementations.


That sounds rather like booting itself, as well as reading data from drives 
and the network. Both were awfully simple until encryption and security and 
all that ruined it for us.


When I moved from DOS to linux I wrote a network storage driver for DOS (as 
a client) and linux (as server). The client side was just over 1500 bytes 
of assembly. No crypto of course. Today I'm sure I couldn't even parse the 
TLS handshake in that.


I also wrote a minixfs r/o driver in less than 640 bytes of assembly (the 
total project was 640 bytes, reading the file system was the biggest chunk 
of that). Again, no crypto. Today dealing with LUKS would need at least 
6400 bytes of assembly.


Stuff is so simple if you can assume that noone will try to decrypt your 
packets, read your files or attack your system.


Arnt

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng