Re: [DNG] routine ascii upgrade mysteriously on hold

[Rod Rodolico via Dng]

May not mean anything, but I quit using aptitude back with Jessie, I
think. Maybe ASCII. The main reason was exactly what you describe. There
was a major difference between what apt/apt-get did and what aptitude
did. It may not be maintained anymore, or maybe maintained, but not as
strongly, but appears to have settings that are not consistent with
apt/apt-get.

Recommend you just use apt update/apt [dist]upgrade and all your
problems could (maybe, possibly) go way.

Rod

On 8/1/21 10:33 AM, Bernard Rosset via Dng wrote:
> On 31/07/2021 22:03, Hendrik Boom wrote:
>> I'm practicing upgrades on my spare laptop, getting ready for doing my
>> server
>> upgrade from ascii to beowulf..
>>
>> They are both running ascii.
>>
>> Starting, of course, by making the ascii up to date still as ascii,
>> before I try tye
>> upgrade to beowulf.
>>
>> Having trouble doing even this innocuous act.
>>
>> I tried starting by using interactive aptitude to just update and
>> upgrade.
> 
> After changing your sources to point to the new release, have you run
> "apt-get upgrade" or "apt-get dist-upgrade"?
> It looks to me as if you did the former.
> 
>> Only to discover that *every* package that might be upgraded was
>> "held", and could
>> therefore not be upgraded even though newer packages were available.
>>
>> What could be causing this?  Or rather, how should I go about trying
>> to track down
>> the origin of these holds/this mass hold?
> Packages might be held back in several situations, for instance when
> download fails or checksum mismatches. In your case I would guess it is
> because dependencies of the held back packages have changed.
> The "dist-upgrade" action handles that, not "upgrade".
> 
> To check your current state, you could always run "apt-get check" or
> "aptitude why-not ".
> 
> To fix the current situation, you could run the "dist-upgrade" action,
> which is the official, documented way of doing release upgrades (cf.
> https://www.debian.org/doc/manuals/debian-faq/uptodate.en.html#apt).
> That will also take care of the cleanup, ie will offer to remove packages.
> Check what it tells you to do before accepting (and maybe run it with
> the "--simulate" option?), especially having a look at the proposed
> packages removal.
> 
> You could also try "apt-get --with-new-pkgs upgrade", which should
> download the new dependencies (in case that is your problem), but I
> suspect it will leave litter behind.
> I suggest this only as a possibility, but would encourage you to follow
> the best practice stated above.
> 
> Bernard (Beer) Rosset
> https://rosset.net/
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465 US
http://dailydata.net
214.827.2170
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Hendrik Boom]

On Sun, Aug 01, 2021 at 09:54:33PM -0400, Hendrik Boom wrote:
> On Sun, Aug 01, 2021 at 01:13:26PM -0400, Hendrik Boom wrote:
> > On Sun, Aug 01, 2021 at 05:33:23PM +0200, Bernard Rosset via Dng wrote:
> > > On 31/07/2021 22:03, Hendrik Boom wrote:
> > > > I'm practicing upgrades on my spare laptop, getting ready for doing my 
> > > > server
> > > > upgrade from ascii to beowulf..
> > > > 
> > > > They are both running ascii.
> > > > 
> > > > Starting, of course, by making the ascii up to date still as ascii, 
> > > > before I try tye
> > > > upgrade to beowulf.
> > > > 
> > > > Having trouble doing even this innocuous act.
> > > > 
> > > > I tried starting by using interactive aptitude to just update and 
> > > > upgrade.
> > > 
> > > After changing your sources to point to the new release,
> > 
> > I have not yet changed my sources.  I figured I should make sure the 
> > ascii system is up-to-date as an ascii system before I start to upgrade 
> > to beowulf.
> > 
> > > have you run
> > > "apt-get upgrade" or "apt-get dist-upgrade"?
> > > It looks to me as if you did the former.
> > 
> > I used the update and upgrade inside the interactive aptitude.
> > 
> > I guess I have to do dist-upgrade outside the interacctive aptitude.
> 
> And today I did aptitude update and aptitude upgrade in the CLI instead 
> of in the interactive apttude.  Just about everything just worked, 
> except for 3 packages:
>   elogind
>   libpam-elogind
>   libelogind0
> They do nog get upgraded.
> 
> Following this with
>   aptitude dist-upgrade
> tells me these will be upgraded, but then balks, telling me to remove 
>   libpam-elogind 

This is what it says:

root@notlookedfor:~# aptitude dist-upgrade
The following packages will be upgraded: 
  elogind libelogind0 libpam-elogind{b} 
3 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 861 kB of archives. After unpacking 0 B will be used.
The following packages have unmet dependencies:
 libpam-elogind : Breaks: libpam-ck-connector but 0.4.6-6 is installed
The following actions will resolve these dependencies:

 Remove the following packages:
1) libpam-elogind [234.4-1+devuan1.5 (now)]



Accept this solution? [Y/n/q/?] 

> 
> How safe is this?  isn't elogind kind of important?
> 
> I'm still just upgrading from ascii to ascii.  Beowulf is not in my 
> sights yet.
> 
> -- hendrik
> 
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Hendrik Boom]

On Sun, Aug 01, 2021 at 01:13:26PM -0400, Hendrik Boom wrote:
> On Sun, Aug 01, 2021 at 05:33:23PM +0200, Bernard Rosset via Dng wrote:
> > On 31/07/2021 22:03, Hendrik Boom wrote:
> > > I'm practicing upgrades on my spare laptop, getting ready for doing my 
> > > server
> > > upgrade from ascii to beowulf..
> > > 
> > > They are both running ascii.
> > > 
> > > Starting, of course, by making the ascii up to date still as ascii, 
> > > before I try tye
> > > upgrade to beowulf.
> > > 
> > > Having trouble doing even this innocuous act.
> > > 
> > > I tried starting by using interactive aptitude to just update and upgrade.
> > 
> > After changing your sources to point to the new release,
> 
> I have not yet changed my sources.  I figured I should make sure the 
> ascii system is up-to-date as an ascii system before I start to upgrade 
> to beowulf.
> 
> > have you run
> > "apt-get upgrade" or "apt-get dist-upgrade"?
> > It looks to me as if you did the former.
> 
> I used the update and upgrade inside the interactive aptitude.
> 
> I guess I have to do dist-upgrade outside the interacctive aptitude.

And today I did aptitude update and aptitude upgrade in the CLI instead 
of in the interactive apttude.  Just about everything just worked, 
except for 3 packages:
  elogind
  libpam-elogind
  libelogind0
They do nog get upgraded.

Following this with
  aptitude dist-upgrade
tells me these will be upgraded, but then balks, telling me to remove 
  libpam-elogind 

How safe is this?  isn't elogind kind of important?

I'm still just upgrading from ascii to ascii.  beowulf not in my sights 
yet.

-- hendrik

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Devuan as a hypervisor?

[Rod Rodolico via Dng]

We have been virtualizing machines, servers and workstations, for over a
decade. First on Debian, then Devuan.

My personal workstation is Devuan, and I have Windows 7 & 10, FreeBSD,
Devuan, and CentOS available as virtuals that I spool up as needed.

On our servers, we mainly virtualize Devuan servers;
dbs/web/mail/nextcloud/jitsi and even one database server (MySQL +
Postgres). We also have several Windows Server (2008r2, 2016 and 2019)
in production as virtuals.

Xen is historically good, but I've been having issues with it over the
past few years. The Windows PV drivers are not as available as they have
been in the past, and there have been some other issues. I tried some
other tools, notably Oracle Virtualbox, and they run fine, but I decided
I would not tie myself to them.

Instead, we are slowly moving to KVM, and actually are using libvirt
(from Redhat) to manage them. I have never been a big RedHat fan, but
they did good on this. It is a front end to Xen, KVM and maybe other
hypervisors, but you use a consistent set of commands to do things. It
also has a GUI if you want. I use it on my workstation, but we don't
install GUI's on our servers, so those are done via the cli. I think
there may even be a WebUI for it, but not sure.

One of the main reasons for going with KVM is the availability of PV
drivers for Windows. The difference between full virtualization and the
use of PV drivers is huge. About a 5-10 speedup (my personal guess).

Since we manage OS X machines also, I've thought about looking at the
legality of creating an OS X virtual. I understand it is fairly well
documented.

My notes on this are at kb.unixservertech.com. NOTE: these are my notes,
and as it says on the cover, if it makes your computer fall into a black
hole, it is not my fault. But, I try to put reference links at the
bottom of everything, so it may give you a start. It is notes, not
howto's or anything.

You can feel free to contact me off list if you decide to go this route
and need anything.

Rod

On 8/1/21 7:18 PM, Curtis Maurand via Dng wrote:
> I’ve been running a production system first on ascii, but upgraded to 
> beowulf.  the only trouble I’ve had has been hardware and that was just a 
> failed power supply.  i run the whole thing on kvm/libvirt.  runs great.  
> uptimes in the 100’s of days.
> 
> Your mileage may vary.
> 
> —Curtis 
> 
> Sent from my iPhone
> 
>> On Aug 1, 2021, at 7:45 PM, yami...@cock.li wrote:
>>
>> Hi.
>>
>> I want to install a bare metal hypervisor in my computer to get the benefits 
>> from dual booting except without the mess that is dual booting.
>>
>> I'm going to use it for both linux and windows systems and all I want is for 
>> the vms and their files to be isolated, control over their resources, PCI 
>> passthrough, and good performance. I don't care for a GUI as long as scripts 
>> are an option.
>>
>> Currently I'm between Xen and Qemu, but I'm open to other options.
>> Which would be the best option in this case, and is this even a good idea?
>>
>> Thanks.
>> ___
>> Dng mailing list
>> Dng@lists.dyne.org
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> 

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465 US
http://dailydata.net
214.827.2170
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Devuan as a hypervisor?

[Curtis Maurand via Dng]

I’ve been running a production system first on ascii, but upgraded to beowulf.  
the only trouble I’ve had has been hardware and that was just a failed power 
supply.  i run the whole thing on kvm/libvirt.  runs great.  uptimes in the 
100’s of days.

Your mileage may vary.

—Curtis 

Sent from my iPhone

> On Aug 1, 2021, at 7:45 PM, yami...@cock.li wrote:
> 
> Hi.
> 
> I want to install a bare metal hypervisor in my computer to get the benefits 
> from dual booting except without the mess that is dual booting.
> 
> I'm going to use it for both linux and windows systems and all I want is for 
> the vms and their files to be isolated, control over their resources, PCI 
> passthrough, and good performance. I don't care for a GUI as long as scripts 
> are an option.
> 
> Currently I'm between Xen and Qemu, but I'm open to other options.
> Which would be the best option in this case, and is this even a good idea?
> 
> Thanks.
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Devuan as a hypervisor?

[yamifag]

Hi.

I want to install a bare metal hypervisor in my computer to get the 
benefits from dual booting except without the mess that is dual booting.


I'm going to use it for both linux and windows systems and all I want is 
for the vms and their files to be isolated, control over their 
resources, PCI passthrough, and good performance. I don't care for a GUI 
as long as scripts are an option.


Currently I'm between Xen and Qemu, but I'm open to other options.
Which would be the best option in this case, and is this even a good 
idea?


Thanks.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] May I use Netaid source as an example of good code?

[aitor]

On 2/8/21 0:41, aitor wrote:


Hi,

On 1/8/21 19:20, aitor wrote:
After that, the suid binary can check _whether or not_ the emited 
signal has been received. If yes, both
the gui and the suid will communicate each other through a unix 
socket or a fifo to know what to do.
Better said, the suid binary can check whether or not the gui has 
handled the signal as expected because
the default behavior of SIGUSR1 (User defined signal 1) is to 
terminate the process. See the table at the

end of the link:

https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals 



I.e., when such a intruder is acting the 
PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"

no longer exists.

Aitor.


Sorry for the "Re: [DNG] [SPAM] Re: ... " in the subject :(

Aitor.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] [SPAM] Re: May I use Netaid source as an example of good code?

[aitor]

Hi,

On 1/8/21 19:20, aitor wrote:
After that, the suid binary can check _whether or not_ the emited 
signal has been received. If yes, both
the gui and the suid will communicate each other through a unix socket 
or a fifo to know what to do.
Better said, the suid binary can check whether or not the gui has 
handled the signal as expected because
the default behavior of SIGUSR1 (User defined signal 1) is to terminate 
the process. See the table at the

end of the link:

https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals 



I.e., when such a intruder is acting the 
PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"

no longer exists.

Aitor.



___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Josef Grosch via Dng]

On 8/1/21 12:50 PM, Steve Litt wrote:

wirelessduck--- via Dng said on Sun, 1 Aug 2021 22:43:35 +1000


On 1 Aug 2021, at 21:56, Hendrik Boom  wrote:

On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:

Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700

   

Another suggestion I have is to use the variable and method naming
convention that java uses. I like the way it looks and I think
camel case is more readable than snake case.

This reminds me of something not yet in the outline. The originating
author should place, in comments, near the top, his or her syntax
conventions including naming conventions, brace placements if not
Python, spaces or tabs.

I'm hidiously guilty of using violating my own conventions (or not
having any), so I should make that document at the start of a
project. Matter of fact, I should make it BEFORE my next project.
Naturally, one such stylesheet must be made for Python, another for
C, etc.

In an ideal world, here's how I'd do C blocks:

if(mybool)
   {
   do_my_stuff()
   }

I tend to use
if(mybool)
  { do_my_stuff();
do_other_stuff);
  }

I really believe matching braces should be on the same line, or,
failing that, at the same level of indentation; i.e., above one
another.

And I'd like the compile to warn me of deviations from that.

-- hendrik
   

However, I do it the way Vim preformats for me, to make my life
easier:

if(mybool){
   do_my_stuff()
}

#ifndef AUTHOR
   char * AUTHOR = "SteveT"
#endif

AUTHOR

Steve Litt

Just use indent(1) and forget about all stying problems? I prefer
`indent -kr`, none of that GNU styling craziness!!

https://manpages.debian.org/buster/indent/indent.1.en.html

I just spent 2 hours trying out indent. As far as I can tell, -bli
doesn't work, and I could find no way to put statements in block at the
same level with the block's parentheses. So what I want is this:

int myfunc()
{
do_something();
do_more();
if(mybool)
   {
   do_special()
   }
}

If you know a way to accomplish the preceding with indent, please let
me know. Closest I could get was

int myfunc()
{
do_something();
do_more();
if(mybool)
   {
  do_special()
   }
}

Eeeeu, ugly, confusing, and inconsistent. I'd rather just keep
doing it Vim's way:

int myfunc(){
do_something();
do_more();
if(mybool){
   do_special()
}
}

The preceding is at least consistent, and the ending brace is at the
level of the statement running the block, which at least is fathomable
if you get used to it.


SteveT



It looks like you are trying to get what was once called the Whitesmiths 
style.



https://en.wikipedia.org/wiki/Indentation_style#Whitesmiths_style


Back when the earth was still cooling, 1991 or so, I worked at Motorola 
in Chicago and this was the preferred coding style for the project I was 
a member of. Configuring indent was always a matter of trail and error 
and the docs could be better.  Using a config file, ~/.indent.pro made 
things easier. I might still have a copy of that file somewhere, I'll look.



Josef

--
Josef Grosch| Another day closer |
jgro...@mooseriver.com  | to Redwood Heaven  | Berkeley, Ca.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Are there any other archives besides https://lists.dyne.org/lurker/list/dng.en.html

[Steve Litt]

Hi all,

Are there any other archives besides
https://lists.dyne.org/lurker/list/dng.en.html ?

I've found the preceding web archive to be worse than useless, in so
many ways I can't enumerate them all, but suffice it to say I was
trying to find some recent messages in the archives and was unable to
do it.

SteveT

Steve Litt 
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] difficulty issuing commands

[Haines Brown]

On Sun, Aug 01, 2021 at 01:59:35PM -0400, Steve Litt wrote:
> The preceding paragraphs have a lot of articles (such as "it"), so I
> can't be sure what you're saying, but it sounds like "the balance
> program" is hogging CPU, so don't use it, or at least don't use it when
> you're doing other work. If you're the author of the balance program,
> find out what about it is hogging all CPU.

Sorry. I compounded the obscurity by starting to call balance.bal 
backup.bal.

The situation seems to indicate a problem in emacs bookmarks. The 
balance.bal is an emacs bookkeeping program. ~/.balance.bal has 
-rw-r--r-- permission that is simply a log of a bank account. It is
manipulated by a set of commands to perform operations on it. So
the .balance.bal file is simple and not a likely source of trouble.

The problem is not with bookmarks, for if I try to open .balance.bal 
simply like any their file in emacs, I get the same problem. If it
has not been opened for while the opening hangs with the spinning
spiral. I have to stop the open process with Ctl-g  and then then I
can open it without a problem.

I note wo things. One is that there's an array of .balance* files such 
as .balance.bal.bak that open right up. In emacss or nano. It is 
emacs that can't open .balance.bal on first try/ 

Also there is a symlink for .balance.bal: 

   .#balance.bal -> haines@engels.3050:1627212275

'I'm delete it.


-- 
Haines Brown  
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Steve Litt]

wirelessduck--- via Dng said on Sun, 1 Aug 2021 22:43:35 +1000

>> On 1 Aug 2021, at 21:56, Hendrik Boom  wrote:
>> 
>> On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:  
>>> Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700
>>> 
>>>   
 Another suggestion I have is to use the variable and method naming 
 convention that java uses. I like the way it looks and I think
 camel case is more readable than snake case.  
>>> 
>>> This reminds me of something not yet in the outline. The originating
>>> author should place, in comments, near the top, his or her syntax
>>> conventions including naming conventions, brace placements if not
>>> Python, spaces or tabs. 
>>> 
>>> I'm hidiously guilty of using violating my own conventions (or not
>>> having any), so I should make that document at the start of a
>>> project. Matter of fact, I should make it BEFORE my next project.
>>> Naturally, one such stylesheet must be made for Python, another for
>>> C, etc.
>>> 
>>> In an ideal world, here's how I'd do C blocks:
>>> 
>>> if(mybool)
>>>   {
>>>   do_my_stuff()
>>>   }  
>> 
>> I tend to use
>> if(mybool)
>>  { do_my_stuff();
>>do_other_stuff);
>>  }
>> 
>> I really believe matching braces should be on the same line, or, 
>> failing that, at the same level of indentation; i.e., above one 
>> another.
>> 
>> And I'd like the compile to warn me of deviations from that.
>> 
>> -- hendrik
>>   
>>> 
>>> However, I do it the way Vim preformats for me, to make my life
>>> easier:
>>> 
>>> if(mybool){
>>>   do_my_stuff()
>>> }
>>> 
>>> #ifndef AUTHOR
>>>   char * AUTHOR = "SteveT"
>>> #endif
>>> 
>>> AUTHOR
>>> 
>>> Steve Litt   
>
>Just use indent(1) and forget about all stying problems? I prefer
>`indent -kr`, none of that GNU styling craziness!!
>
>https://manpages.debian.org/buster/indent/indent.1.en.html

I just spent 2 hours trying out indent. As far as I can tell, -bli
doesn't work, and I could find no way to put statements in block at the
same level with the block's parentheses. So what I want is this:

int myfunc()
   {
   do_something();
   do_more();
   if(mybool)
  {
  do_special()
  }
   }

If you know a way to accomplish the preceding with indent, please let
me know. Closest I could get was

int myfunc()
{
   do_something();
   do_more();
   if(mybool)
  {
 do_special()
  }
}

Eeeeu, ugly, confusing, and inconsistent. I'd rather just keep
doing it Vim's way:

int myfunc(){
   do_something();
   do_more();
   if(mybool){
  do_special()
   }
}

The preceding is at least consistent, and the ending brace is at the
level of the statement running the block, which at least is fathomable
if you get used to it.


SteveT

Steve Litt 
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Steve Litt]

tito via Dng said on Sun, 1 Aug 2021 14:41:31 +0200


>Hi,
>I really prefer 
>
>if (mybool) {
>   do_my_stuff();
>   do_other_stuff);
>}

Vim prefers it that way too, which is why (and the only reason) I use
the preceding brace placement.

SteveT

Steve Litt 
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] difficulty issuing commands

[Steve Litt]

Haines Brown said on Sun, 1 Aug 2021 07:16:00 -0400

>On Sun, Aug 01, 2021 at 02:54:55AM -0400, Steve Litt wrote:
>> Haines Brown said on Sat, 31 Jul 2021 21:54:56 -0400
>>   
>> >Sorry for the ambivalent subject line.
>> >
>> >I'm running Beowulf with Fluxbox window manager but without a
>> >desktop environment. Without knowing what might have triggered it,
>> >I find it laborious to start some applications from CLI. What
>> >happens is that I get a hang (little spiral rotates) until I kill
>> >the process with Crtl-g and try again.   
>> 
>> Do you mean Ctrl-c ? I've never heard of ctrl-g killing commands.
>> 
>> [snip other weird intermittent symptoms]
>> 
>> I'd start by collecting data:
>> 
>> df -h >> data.txt  
>
>No problems here. No partition is more than 50%

OK, full partition ruled out.

>
>> vmstat -S M >> data.txt  
>
>I don't know how to interpret all the info. But here it is:
>
>procs ---memory-- ---swap-- -io
>-system---cpu-
> r  b   swpd   free   buff  cache   si   sobibo   in   cs us
> sy id wa st 2  3  0162   5852   6370008595
> 39 10  3 86  1  0

You have plenty of available RAM, so that's not the problem.

>
>Nothing here strike my eye
>
>> Also, run the htop command to see whether you're maxing out your
>> CPUs.  
>
>Wow! Don't like this result, It looks like for the four cores, number 
>is running 100%. The others are low. Currently my machine is running 
>an automatic bacvkup. I do not have a swap partition. Mem is 
>3.7G/15.6G
>
>In the display of processes, CPU runs 98-101% I'm runnng two sessions
>of emacs on two virtyual desktops and it is the second that is hogging 
>CPU.
>
>I see that in fiddling to start balance program, I left it in  hung 
>state (spinning spiral). So now use C-g to stop the process. This 
>is enacs for stop the process. Ctl-c has no effect on the emacs 
>process. I now look to see what effect stopping the process has.
>
>Sure enough. My CPU is back to normal. My backup running in 
>the background calls occasionally for as much as 30%.

The preceding paragraphs have a lot of articles (such as "it"), so I
can't be sure what you're saying, but it sounds like "the balance
program" is hogging CPU, so don't use it, or at least don't use it when
you're doing other work. If you're the author of the balance program,
find out what about it is hogging all CPU.

>
>So I'm back to the problem that I cannot run ~/.backup.bal without. It 
>may be that this is a problem specific to emacs. 

I'm guessing backup.bal is a backup program. I'd advise every night b4
bed, you shut down all other programs and just run backup.bal.

>
>I'll take the further steps if you think wise. 

I think it's wise to go further unless your computer is hopefully
antiquated, which I doubt given as it seems like you have about 16GB
RAM, or you suspect that your hardware's broken. Can you find a
substitute for your "balance program"?

I computer with 16GB RAM and a processor made in the last 10 years
should be fairly snappy with fluxbox.

SteveT

Steve Litt 
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] [SPAM] Re: May I use Netaid source as an example of good code?

[aitor]

On 1/8/21 19:20, aitor wrote:
  /*  trigger the signal handler in order to receive the SIGUSR1 
signal emited by the suid binary */

*emitted*
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] May I use Netaid source as an example of good code?

[aitor]

Hi again,

On 1/8/21 19:20, aitor wrote:


Hi Arnt,

On 1/8/21 17:59, Arnt Karlsen wrote:

I'm looking for a safer way to run the binary with suid permissions
using the shared memory of the system to send a signal.

Time ago somebody said me: "you can do nothing from your binary that
i can't do externally from another binary".

So, am i wasting time?

..nope.


Good :)



Today i've been testing the idea and it's working for me. I'd like to
prepare an example and share with all of you to resolve
vulnerabilities. The example consists of a window with a button (to
run the suid binary) and another binary -the intruder- located in the
same directory and trying to do the same by using the other party's
PID pretending to be the window.

..you're being too damned naive: Why would the intruder not try to
e.g. use your PID?


?

Yes, the intruder would.., of course. And that's what i'm trying to 
avoid. The logic is as follows:


Let's assume the intruder sending our PID. The suid binary receives 
the PID and extracts
the corresponding binary name afterwards. There are other ways, but 
i'll use Jude Nelson's

libpstat for that.

If this name -say PSTAT_BINARY- doesn't match the name of our 
application, then the suid binary

will do nothing. For instance:

if (PSTAT_BINARY == $current_working_dir/app_name) {

    continue;

} else {

    do nothing;

}

Now, you're thinking: "The gui application is already running with the 
above PID. So,

the suid binary will go ahead!"

And here is the key point: the suid binary sends a SIGUSR1 signal to 
the gui application. But
the signal handler associated to this SIGUSR1 is activated within the 
callback function of the button
responsible for running the suid binary, being triggered its default 
signal handling behavior as
soon as the suid binary has been executed. Hence, not reacting to the 
SIGUSR1 signal

events unlessthe user clicks again on the button.


gboolean button_callback ()
{

  /*

    ... run the suid binary asynchronously, going ahead...

 */

  /*  trigger the signal handler in order to receive the SIGUSR1 
signal emited by the suid binary */


  struct sigaction sa;
  memset(, 0, sizeof(sa));
  sa.sa_handler = sig_handler;
  sa.sa_flags = SA_RESTART | SA_SIGINFO;
  sigemptyset(_mask);
  sigaction(SIGUSR1, , 0);

}

Now, the signal handler will react:

void signal_handler (int signum)
{

if( gtk_main_level() == 0) exit(-1);

/*

    ... here goes the socket ...

 */

  /*   Set to default !!  */

  signal(SIGUSR1, SIG_DFL);

}

After that, the suid binary can check _whether or not_ the emited 
signal has been received. If yes, both
the gui and the suid will communicate each other through a unix socket 
or a fifo to know what to do.


Finally, the suid binary parses the received arguments.

Does it make sense? If not, i may stop here.

Thanks in advance,

Aitor.



The PID of the process is emmited via shmget():

https://www.csl.mtu.edu/cs4411.ck/www/NOTES/signal/kill.html 



The idea might have weak points, but it's better than nothing.

Aitor.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] [SPAM] Re: May I use Netaid source as an example of good code?

[aitor]

Hi Arnt,

On 1/8/21 17:59, Arnt Karlsen wrote:

I'm looking for a safer way to run the binary with suid permissions
using the shared memory of the system to send a signal.

Time ago somebody said me: "you can do nothing from your binary that
i can't do externally from another binary".

So, am i wasting time?

..nope.


Good :)



Today i've been testing the idea and it's working for me. I'd like to
prepare an example and share with all of you to resolve
vulnerabilities. The example consists of a window with a button (to
run the suid binary) and another binary -the intruder- located in the
same directory and trying to do the same by using the other party's
PID pretending to be the window.

..you're being too damned naive: Why would the intruder not try to
e.g. use your PID?


?

Yes, the intruder would.., of course. And that's what i'm trying to 
avoid. The logic is as follows:


Let's assume the intruder sending our PID. The suid binary receives the 
PID and extracts
the corresponding binary name afterwards. There are other ways, but i'll 
use Jude Nelson's

libpstat for that.

If this name -say PSTAT_BINARY- doesn't match the name of our 
application, then the suid binary

will do nothing. For instance:

if (PSTAT_BINARY == $current_working_dir/app_name) {

    continue;

} else {

    do nothing;

}

Now, you're thinking: "The gui application is already running with the 
above PID. So,

the suid binary will go ahead!"

And here is the key point: the suid binary sends a SIGUSR1 signal to the 
gui application. But
the signal handler associated to this SIGUSR1 is activated within the 
callback function of the button
responsible for running the suid binary, being triggered its default 
signal handling behavior as
soon as the suid binary has been executed. Hence, not reacting to the 
SIGUSR1 signal

events unlessthe user clicks again on the button.


gboolean button_callback ()
{

  /*

    ... run the suid binary asynchronously, going ahead...

 */

  /*  trigger the signal handler in order to receive the SIGUSR1 signal 
emited by the suid binary */


  struct sigaction sa;
  memset(, 0, sizeof(sa));
  sa.sa_handler = sig_handler;
  sa.sa_flags = SA_RESTART | SA_SIGINFO;
  sigemptyset(_mask);
  sigaction(SIGUSR1, , 0);

}

Now, the signal handler will react:

void signal_handler (int signum)
{

if( gtk_main_level() == 0) exit(-1);

/*

    ... here goes the socket ...

 */

  /*   Set to default !!  */

  signal(SIGUSR1, SIG_DFL);

}

After that, the suid binary can check _whether or not_ the emited signal 
has been received. If yes, both
the gui and the suid will communicate each other through a unix socket 
or a fifo to know what to do.


Finally, the suid binary parses the received arguments.

Does it make sense? If not, i may stop here.

Thanks in advance,

Aitor.





___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] routine ascii upgrade mysteriously on hold

[Hendrik Boom]

On Sun, Aug 01, 2021 at 05:33:23PM +0200, Bernard Rosset via Dng wrote:
> On 31/07/2021 22:03, Hendrik Boom wrote:
> > I'm practicing upgrades on my spare laptop, getting ready for doing my 
> > server
> > upgrade from ascii to beowulf..
> > 
> > They are both running ascii.
> > 
> > Starting, of course, by making the ascii up to date still as ascii, before 
> > I try tye
> > upgrade to beowulf.
> > 
> > Having trouble doing even this innocuous act.
> > 
> > I tried starting by using interactive aptitude to just update and upgrade.
> 
> After changing your sources to point to the new release,

I have not yet changed my sources.  I figured I should make sure the 
ascii system is up-to-date as an ascii system before I start to upgrade 
to beowulf.

> have you run
> "apt-get upgrade" or "apt-get dist-upgrade"?
> It looks to me as if you did the former.

I used the update and upgrade inside the interactive aptitude.

I guess I have to do dist-upgrade outside the interacctive aptitude.

> 
> > Only to discover that *every* package that might be upgraded was "held", 
> > and could
> > therefore not be upgraded even though newer packages were available.
> > 
> > What could be causing this?  Or rather, how should I go about trying to 
> > track down
> > the origin of these holds/this mass hold?
> Packages might be held back in several situations, for instance when
> download fails or checksum mismatches. In your case I would guess it is
> because dependencies of the held back packages have changed.
> The "dist-upgrade" action handles that, not "upgrade".
> 
> To check your current state, you could always run "apt-get check" or
> "aptitude why-not ".
> 
> To fix the current situation, you could run the "dist-upgrade" action, which
> is the official, documented way of doing release upgrades (cf.
> https://www.debian.org/doc/manuals/debian-faq/uptodate.en.html#apt). That
> will also take care of the cleanup, ie will offer to remove packages.
> Check what it tells you to do before accepting (and maybe run it with the
> "--simulate" option?), especially having a look at the proposed packages
> removal.
> 
> You could also try "apt-get --with-new-pkgs upgrade", which should download
> the new dependencies (in case that is your problem), but I suspect it will
> leave litter behind.
> I suggest this only as a possibility, but would encourage you to follow the
> best practice stated above.
> 
> Bernard (Beer) Rosset
> https://rosset.net/
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] difficulty issuing commands

[Arnt Karlsen]

On Sun, 1 Aug 2021 07:16:00 -0400, Haines wrote in message 
<2021080600.ge29...@engels.histomat.net>:

> On Sun, Aug 01, 2021 at 02:54:55AM -0400, Steve Litt wrote:
> > Haines Brown said on Sat, 31 Jul 2021 21:54:56 -0400
> >   
> > >Sorry for the ambivalent subject line.
> > >
> > >I'm running Beowulf with Fluxbox window manager but without a
> > >desktop environment. Without knowing what might have triggered it,
> > >I find it laborious to start some applications from CLI. What
> > >happens is that I get a hang (little spiral rotates) until I kill
> > >the process with Crtl-g and try again.   
> > 
> > Do you mean Ctrl-c ? I've never heard of ctrl-g killing commands.
> > 
> > [snip other weird intermittent symptoms]
> > 
> > I'd start by collecting data:
> > 
> > df -h >> data.txt  
> 
> No problems here. No partition is more than 50%
> 
> > vmstat -S M >> data.txt  
> 
> I don't know how to interpret all the info. But here it is:
> 
> procs ---memory-- ---swap-- -io
> -system---cpu- r  b   swpd   free   buff  cache   si   so
> bibo   in   cs us sy id wa st 2  3  0162   5852   6370
> 00859539 10  3 86  1  0
> 
> Nothing here strike my eye
> 
> > Also, run the htop command to see whether you're maxing out your
> > CPUs.  
> 
> Wow! Don't like this result, It looks like for the four cores, number 
> is running 100%. The others are low. Currently my machine is running 
> an automatic bacvkup. I do not have a swap partition. Mem is 
> 3.7G/15.6G

..in my final Debian days I used 8GB swap on my 4GB ram laptops.
Upgrading to 8GB ram also had me raise that to 24GB swap on an 
hunch there might be something clever about 32GB total memory, 
rather than carrying on with the twice-ram-swap rule to 24GB.
Works wonderfully well for me. 

..and I suspect some programs act up if they can't see any swap 
memory at all, regardless of whether or not they actually need 
any swap memory, all it really takes, are bad and badly hardcoded
assumptions.

> In the display of processes, CPU runs 98-101% I'm runnng two sessions
> of emacs on two virtyual desktops and it is the second that is
> hogging CPU.
> 
> I see that in fiddling to start balance program, I left it in  hung 
> state (spinning spiral). So now use C-g to stop the process. This 
> is enacs for stop the process. Ctl-c has no effect on the emacs 
> process. I now look to see what effect stopping the process has.
> 
> Sure enough. My CPU is back to normal. My backup running in 
> the background calls occasionally for as much as 30%.
> 
> So I'm back to the problem that I cannot run ~/.backup.bal without.

..what happens if you try run this with nice,
e.g. "nice -n 18 ~/.backup.bal &" ?

..or tie it to some specific cpu core(s)?  
Etc for your Emacs sessions.

> It may be that this is a problem specific to emacs. 
> 
> I'll take the further steps if you think wise. It maey be that the 
> problem with .backup.bal is an oddity. I'm about to reconstruct the 
> bookmark. The problem with accessing bank not understanding my
> browser until I try to acess a second time is  probably irrelevant. 
> 


-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] May I use Netaid source as an example of good code?

[Arnt Karlsen]

On Sun, 1 Aug 2021 12:41:58 +0200, aitor wrote in message 
:

> Hi,
> 
> On 1/8/21 1:39, aitor wrote:
> > I'm looking for a safer way to run the binary with suid permissions 
> > using the shared memory of the system to send a signal.  
> 
> Time ago somebody said me: "you can do nothing from your binary that
> i can't do externally from another binary".
> 
> So, am i wasting time?

..nope.

> 
> Today i've been testing the idea and it's working for me. I'd like to 
> prepare an example and share with all of you to resolve
> vulnerabilities. The example consists of a window with a button (to
> run the suid binary) and another binary -the intruder- located in the
> same directory and trying to do the same by using the other party's
> PID pretending to be the window.

..you're being too damned naive: Why would the intruder not try to
e.g. use your PID?

> The result is a segmentation fault.

..which I would argue is good, unless you are trying to set up some
sort of honey trap. 
For a public etc service, log what you need and restart that service.

> I insist on trying to find the safest approach to run the suid binary 
> because this is important not only for simple-netaid, but also for
> hopman, which will require granted permissions for running the
> *eject* command or the like (among others?).
> 
> Cheers,
> 
> Aitor.

..that eject command Can be used with a CD player to push a 
reset or power switch button. ;o)

-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] routine ascii upgrade mysteriously on hold

[Bernard Rosset via Dng]

On 31/07/2021 22:03, Hendrik Boom wrote:

I'm practicing upgrades on my spare laptop, getting ready for doing my server
upgrade from ascii to beowulf..

They are both running ascii.

Starting, of course, by making the ascii up to date still as ascii, before I 
try tye
upgrade to beowulf.

Having trouble doing even this innocuous act.

I tried starting by using interactive aptitude to just update and upgrade.


After changing your sources to point to the new release, have you run 
"apt-get upgrade" or "apt-get dist-upgrade"?

It looks to me as if you did the former.


Only to discover that *every* package that might be upgraded was "held", and 
could
therefore not be upgraded even though newer packages were available.

What could be causing this?  Or rather, how should I go about trying to track 
down
the origin of these holds/this mass hold?
Packages might be held back in several situations, for instance when 
download fails or checksum mismatches. In your case I would guess it is 
because dependencies of the held back packages have changed.

The "dist-upgrade" action handles that, not "upgrade".

To check your current state, you could always run "apt-get check" or 
"aptitude why-not ".


To fix the current situation, you could run the "dist-upgrade" action, 
which is the official, documented way of doing release upgrades (cf. 
https://www.debian.org/doc/manuals/debian-faq/uptodate.en.html#apt). 
That will also take care of the cleanup, ie will offer to remove packages.
Check what it tells you to do before accepting (and maybe run it with 
the "--simulate" option?), especially having a look at the proposed 
packages removal.


You could also try "apt-get --with-new-pkgs upgrade", which should 
download the new dependencies (in case that is your problem), but I 
suspect it will leave litter behind.
I suggest this only as a possibility, but would encourage you to follow 
the best practice stated above.


Bernard (Beer) Rosset
https://rosset.net/
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[aitor]

Hi,

On 1/8/21 14:41, tito via Dng wrote:

Hi,
I really prefer

if (mybool) {
do_my_stuff();
do_other_stuff);
}

for the rule of least vertical screen usage (same as yours)
and the brace and the if on the same indentation level
make it clear where  the conditional block of code stops.


Me too. I tend to use the Linux Kernel coding style:

https://www.kernel.org/doc/html/v4.10/process/coding-style.html 



Cheers,

Aitor.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[wirelessduck--- via Dng]

> On 1 Aug 2021, at 21:56, Hendrik Boom  wrote:
> 
> On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:
>> Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700
>> 
>> 
>>> Another suggestion I have is to use the variable and method naming 
>>> convention that java uses. I like the way it looks and I think camel 
>>> case is more readable than snake case.
>> 
>> This reminds me of something not yet in the outline. The originating
>> author should place, in comments, near the top, his or her syntax
>> conventions including naming conventions, brace placements if not
>> Python, spaces or tabs. 
>> 
>> I'm hidiously guilty of using violating my own conventions (or not
>> having any), so I should make that document at the start of a project.
>> Matter of fact, I should make it BEFORE my next project. Naturally, one
>> such stylesheet must be made for Python, another for C, etc.
>> 
>> In an ideal world, here's how I'd do C blocks:
>> 
>> if(mybool)
>>   {
>>   do_my_stuff()
>>   }
> 
> I tend to use
> if(mybool)
>  { do_my_stuff();
>do_other_stuff);
>  }
> 
> I really believe matching braces should be on the same line, or, 
> failing that, at the same level of indentation; i.e., above one 
> another.
> 
> And I'd like the compile to warn me of deviations from that.
> 
> -- hendrik
> 
>> 
>> However, I do it the way Vim preformats for me, to make my life easier:
>> 
>> if(mybool){
>>   do_my_stuff()
>> }
>> 
>> #ifndef AUTHOR
>>   char * AUTHOR = "SteveT"
>> #endif
>> 
>> AUTHOR
>> 
>> Steve Litt 

Just use indent(1) and forget about all stying problems? I prefer `indent -kr`, 
none of that GNU styling craziness!!

https://manpages.debian.org/buster/indent/indent.1.en.html___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[tito via Dng]

On Sun, 1 Aug 2021 07:56:18 -0400
Hendrik Boom  wrote:

> On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:
> > Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700
> > 
> > 
> > >Another suggestion I have is to use the variable and method naming 
> > >convention that java uses. I like the way it looks and I think camel 
> > >case is more readable than snake case.
> > 
> > This reminds me of something not yet in the outline. The originating
> > author should place, in comments, near the top, his or her syntax
> > conventions including naming conventions, brace placements if not
> > Python, spaces or tabs. 
> > 
> > I'm hidiously guilty of using violating my own conventions (or not
> > having any), so I should make that document at the start of a project.
> > Matter of fact, I should make it BEFORE my next project. Naturally, one
> > such stylesheet must be made for Python, another for C, etc.
> > 
> > In an ideal world, here's how I'd do C blocks:
> > 
> > if(mybool)
> >{
> >do_my_stuff()
> >}
> 
> I tend to use
> if(mybool)
>   { do_my_stuff();
> do_other_stuff);
>   }

Hi,
I really prefer 

if (mybool) {
   do_my_stuff();
   do_other_stuff);
}

for the rule of least vertical screen usage (same as yours)
and the brace and the if on the same indentation level
make it clear where  the conditional block of code stops.
Also for one liners this form saves space

if (mybool) { do_my_stuff(); }

but keep the braces if you or others need to add more code
later.

Just my 2 cents
Tito

> 
> I really believe matching braces should be on the same line, or, 
> failing that, at the same level of indentation; i.e., above one 
> another.
> 
> And I'd like the compile to warn me of deviations from that.
> 
> -- hendrik
> 
> > 
> > However, I do it the way Vim preformats for me, to make my life easier:
> > 
> > if(mybool){
> >do_my_stuff()
> > }
> > 
> > #ifndef AUTHOR
> >char * AUTHOR = "SteveT"
> > #endif
> > 
> > AUTHOR
> > 
> > Steve Litt 
> > Spring 2021 featured book: Troubleshooting Techniques of the Successful
> > Technologist http://www.troubleshooters.com/techniques
> > ___
> > Dng mailing list
> > Dng@lists.dyne.org
> > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Hendrik Boom]

On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:
> Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700
> 
> 
> >Another suggestion I have is to use the variable and method naming 
> >convention that java uses. I like the way it looks and I think camel 
> >case is more readable than snake case.
> 
> This reminds me of something not yet in the outline. The originating
> author should place, in comments, near the top, his or her syntax
> conventions including naming conventions, brace placements if not
> Python, spaces or tabs. 
> 
> I'm hidiously guilty of using violating my own conventions (or not
> having any), so I should make that document at the start of a project.
> Matter of fact, I should make it BEFORE my next project. Naturally, one
> such stylesheet must be made for Python, another for C, etc.
> 
> In an ideal world, here's how I'd do C blocks:
> 
> if(mybool)
>{
>do_my_stuff()
>}

I tend to use
if(mybool)
  { do_my_stuff();
do_other_stuff);
  }

I really believe matching braces should be on the same line, or, 
failing that, at the same level of indentation; i.e., above one 
another.

And I'd like the compile to warn me of deviations from that.

-- hendrik

> 
> However, I do it the way Vim preformats for me, to make my life easier:
> 
> if(mybool){
>do_my_stuff()
> }
> 
> #ifndef AUTHOR
>char * AUTHOR = "SteveT"
> #endif
> 
> AUTHOR
> 
> Steve Litt 
> Spring 2021 featured book: Troubleshooting Techniques of the Successful
> Technologist http://www.troubleshooters.com/techniques
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Hendrik Boom]

On Fri, Jul 30, 2021 at 03:33:05PM +0200, Enrico Weigelt, metux IT consult 
wrote:
> On 30.07.21 00:32, Josef Grosch via Dng wrote:
> 
> > Global variables are a disaster looking for a place to happen, avoid at
> > all cost. The scope of variables should be as small as possible.
> 
> it depends ... for small programs where you really *know* (by
> definition) there really may only be one instance of that data, it might
> be actually the better solution - in that case you know the working set
> for sure (size of .data). This is the kind of programming where you also
> rely on the OS (kernel, supervisor, container, ...) doing all post
> termination cleanups.
> 
> Many Plan9 programs are written in that way - they're so damn small that
> they just don't need much function local (or even dynamically allocated)
> data.

If the program is that small, global variables already satisfy the "as 
small as possible" convention.

-- hendrik
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] difficulty issuing commands

[Haines Brown]

On Sun, Aug 01, 2021 at 02:54:55AM -0400, Steve Litt wrote:
> Haines Brown said on Sat, 31 Jul 2021 21:54:56 -0400
> 
> >Sorry for the ambivalent subject line.
> >
> >I'm running Beowulf with Fluxbox window manager but without a desktop
> >environment. Without knowing what might have triggered it, I find it
> >laborious to start some applications from CLI. What happens is that
> >I get a hang (little spiral rotates) until I kill the process with
> >Crtl-g and try again. 
> 
> Do you mean Ctrl-c ? I've never heard of ctrl-g killing commands.
> 
> [snip other weird intermittent symptoms]
> 
> I'd start by collecting data:
> 
> df -h >> data.txt

No problems here. No partition is more than 50%

> vmstat -S M >> data.txt

I don't know how to interpret all the info. But here it is:

procs ---memory-- ---swap-- -io -system---cpu-
 r  b   swpd   free   buff  cache   si   sobibo   in   cs us sy id wa st
 2  3  0162   5852   637000859539 10  3 86  1  0

Nothing here strike my eye

> Also, run the htop command to see whether you're maxing out your CPUs.

Wow! Don't like this result, It looks like for the four cores, number 
is running 100%. The others are low. Currently my machine is running 
an automatic bacvkup. I do not have a swap partition. Mem is 
3.7G/15.6G

In the display of processes, CPU runs 98-101% I'm runnng two sessions
of emacs on two virtyual desktops and it is the second that is hogging 
CPU.

I see that in fiddling to start balance program, I left it in  hung 
state (spinning spiral). So now use C-g to stop the process. This 
is enacs for stop the process. Ctl-c has no effect on the emacs 
process. I now look to see what effect stopping the process has.

Sure enough. My CPU is back to normal. My backup running in 
the background calls occasionally for as much as 30%.

So I'm back to the problem that I cannot run ~/.backup.bal without. It 
may be that this is a problem specific to emacs. 

I'll take the further steps if you think wise. It maey be that the 
problem with .backup.bal is an oddity. I'm about to reconstruct the 
bookmark. The problem with accessing bank not understanding my browser 
until I try to acess a second time is  probably irrelevant. 

-- 
Haines Brown  
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Jim Jackson]

On Fri, 30 Jul 2021, Steve Litt wrote:

> idea, although one screenfull sounds a little too short for prose, to

"one screenfull" what's that. When I started interactive programming it was 
on an teletype with continuous scroll of paper - you tended to print one or 
teo lines at a time - just t6o save time!

Then 24 (or 25) lines of 80 cols for alot of terminals. I always chaffed at 
the restriction of the number of lines of those screens, but I've always 
taken 80 cols os a sensible line length. Nowadays I have xtemrs set to be 
aprox 40 x 80. But lots of people I've worked with have one terminal screen 
filling the whole screen - with _far_ too much on the screen to digest 
sensibly.

So what size is a screenfull?




___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] May I use Netaid source as an example of good code?

[aitor]

Hi,

On 1/8/21 1:39, aitor wrote:
I'm looking for a safer way to run the binary with suid permissions 
using the shared memory of the system to send a signal.


Time ago somebody said me: "you can do nothing from your binary that i 
can't do externally from another binary".


So, am i wasting time?

Today i've been testing the idea and it's working for me. I'd like to 
prepare an example and share with all of you to resolve vulnerabilities.
The example consists of a window with a button (to run the suid binary) 
and another binary -the intruder- located in the same directory
and trying to do the same by using the other party's PID pretending to 
be the window. The result is a segmentation fault.


I insist on trying to find the safest approach to run the suid binary 
because this is important not only for simple-netaid, but also for hopman,
which will require granted permissions for running the *eject* command 
or the like (among others?).


Cheers,

Aitor.



___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Nasty Linux systemd security bug revealed

[al3xu5]

Hi 


Thu, 29 Jul 2021 16:57:44 -0400 - Steve Litt :

> al3xu5 said on Thu, 29 Jul 2021 17:33:10 +0200
> >
> >9) Write code to debug and log   
> 
> I'm not sure what you mean here. Do you mean to write errors and
> warnings to log files, or do you mean something more.


Both.

I do definitely mean that the code should allow debugging (better if at
different levels of depth) during execution, even with a log system. But
this is (should) be the norm of any programming.

More, I mean that debugging / log should cover not only errors and
warning, but be extended to the values of variables, calls etc. -- in
general, that is, debug / log should be related to everything that can
help a better development of the code avoiding (even potentially)
bugs and inconsistencies.

Obviously what all this means in practice depends a lot on the programming
language, and if a development framework is used or not. 

( Incidentally, I believe this can be an example of how to evaluate the
capacity of a programmer: to be capable - based on the programming
language, the eventual framework, the complexity of the project etc. -
to find the most appropriate debug / log level, and consequently choosing
the most appropriate debug / log implementation. )


Regards
al3xu5

-- 
Say NO to copyright, patents, trademarks and industrial design
restrictions!


Public GPG/PGP key: 8FC2 3121 2803 86E9 F7D8  B624 DA50 835B 2624 A36B


pgpYB_SCGtAE3.pgp
Description: Firma digitale OpenPGP
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] difficulty issuing commands

[Steve Litt]

Haines Brown said on Sat, 31 Jul 2021 21:54:56 -0400

>Sorry for the ambivalent subject line.
>
>I'm running Beowulf with Fluxbox window manager but without a desktop
>environment. Without knowing what might have triggered it, I find it
>laborious to start some applications from CLI. What happens is that
>I get a hang (little spiral rotates) until I kill the process with
>Crtl-g and try again. 

Do you mean Ctrl-c ? I've never heard of ctrl-g killing commands.

[snip other weird intermittent symptoms]

I'd start by collecting data:

df -h >> data.txt
vmstat -S M >> data.txt

The first command finds any mostly-full partitions. The second command
finds if you've run out of real RAM.

Also, run the htop command to see whether you're maxing out your CPUs.


If nothing pops out at you, I'd try power cycling the computer, leaving
it powered down for 30 seconds before restarting. A lot of times such a
move cures the problem, at least until events happen that bring it back.


If none of this works, run a program that can check your drives for
problems. And memory test your machine with one of those boot-up memory
tests. If these show no problems, run the same programs from a live CD
and see if they occur. If they do, you have a hardware problem. If not,
you probably have a software problem.

Before I go farther, try the stuff I've mentioned.

SteveT

Steve Litt 
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Rant: was fresh install of chimaera on an Ultrabook - no touchpad

[Olaf Meeuwissen via Dng]

Hi,

Hendrik Boom writes:

> On Fri, Jul 30, 2021 at 08:02:59PM +1000, wirelessduck--- via Dng wrote:
>>
>>
>> > On 30 Jul 2021, at 05:15, Steve Litt  wrote:
>> >
>> > Riccardo Mottola said on Thu, 29 Jul 2021 16:07:11 +0200
>> >
>> >> Sometimes you can find another card, but that is not always possible.
>> >> Rarely you can know exactly what is inside a Laptop on beforehand.
>> >
>> > Riccardo,
>> >
>> > You just reminded me that I always recommend having a known good,
>> > doesn't-need-drivers wifi dongle on hand for those times when your
>> > laptop's wifi won't work during installation. Some are made for the
>> > Raspberry Pi: I'd guess that those would work on pretty much any
>> > hardware.
>> >
>> > SteveT
>>
>> The FSF publishes a list of Linux-compatible hardware at https://ryf.fsf.org
>
> Probably only hardware for which the Linux drivers are free.

Yes, as in Free Software and certifiedly so ;-)
--
Olaf Meeuwissen, LPIC-2FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Softwarehttps://my.fsf.org/donate
 Join the Free Software Foundation  https://my.fsf.org/join
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Rant: was fresh install of chimaera on an Ultrabook - no touchpad

[Olaf Meeuwissen via Dng]

Hi,

terryc writes:

> On Fri, 30 Jul 2021 21:07:43 +0900
> Olaf Meeuwissen via Dng  wrote:
>
>> Hi g4sra,
>>
>> g4sra via Dng writes:
>>
>> > <--snip-->
>> > This is why Devuan's installer will ask\prompt you to insert
>> > additional installation media such as a USB stick. There are just
>> > too many Gigabytes of Drivers required to satisfy every corner
>> > case, put the drivers your quirky hardware requires on a USB stick
>> > and use it when prompted! I do not ever want to have to install an
>> > OS from 31 removable media's ever again! (Windows NT
>> > anybody?).___
>
> I've done that once, but mostly it has been various versions of Novell
> which thankfully are not that many as NT was.
>
>>
>> Me waxes nostalgic and remembers installing Debian from 12
>> floppies ;-) --
>
> Did it work?

Yes, although I may have had to rewrite a bad floppy, or two.
And it worked not just on i386, but on m68k as well, IIRC.

Hope this helps,
--
Olaf Meeuwissen, LPIC-2FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Softwarehttps://my.fsf.org/donate
 Join the Free Software Foundation  https://my.fsf.org/join
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng