Fwd: [luv-talk] LUV status (& online meeting possibilities)
-- Forwarded Message -- Subject: [luv-talk] LUV status (& online meeting possibilities) Date: Monday, 10 August 2020, 2:55:53 PM AEST From: Rick Moen via luv-talk To: luv-t...@luv.asn.au Robin Stephens asked: > Is luv-main still the primary place for discussion of all things Linux > in Victoria? It kind of is (to my knowledge). As you perhaps observed, it's reasonably active, with over a dozen postings over the course of July. I'm going to return to your point via a seeming digression, so please bear with me: Point 1. My friend Michael Paoli has been doing fine work collecting a list on Bay Area Linux User Group's (San Francisco) wiki of all known recurring virtual LUG meetings, during the pandemic era. It's here: https://www.wiki.balug.org/wiki/doku.php?id=balug:covid-19 You will note there's nothing (yet) from Oz: not Vic, not NSW, nothing. This is perhaps accurate, perhaps not. Truth to tell, I was just now double-checking all of LUV's public mailing lists and Web site to see if there were mention of a LUV online meeting. (There is not - yet.) As I find time, I intend to check other Australian Linux sites to see if any ought to be added to the page. Please, if you (plural) have a chance, kindly do likewise. That was the _initial_ point I wanted to make. Point 2: Hmm, one silver lining of the slow trend of rolling out online meetings (on Zoom, Jitsi Meet, or others) is that suddenly physicality is less important. I have lately been attending a number of organisations' Zoom or Jitsi meetings that are thousands of kilometres away from me. (Yr. humble servant is 60 km south of San Francisco, and his time zone during this season is UTC-7: Locals call it PDT = Pacific Daylight Time.) Recently, for five days at the end of July, I helped run the annual World Science Fiction Convention ('Worldcon'), a volunteer-owned/run literary and fandom event, held this year in Wellington, Enn-Zed. But, of course, 2020 being the dumpster fire that it is, few of the ~2000 attendees could be in Wellington, so this was the first-ever virtual Worldcon, held using a mix of Zoom, Discord, WordPress, Jitsi Meet, and some other technologies. (I did the buildout & administration of Jitsi Meet for the Worldcon.) Starting during staff planning and running through the event, I kept a browser tab open to https://www.worldtimebuddy.com/ , to keep an eye on the two timezones: I came to think of NZ, being on NZST = UTC+12, as five hours behind me plus a day ahead. (It seemed humourously fitting for the Worldcon to be held in the future. ;-> ) LUV / Melbourne / Vic, being on AEST = UTC+10 during these winter months, I would naturally think of as seven hours behind me plus a day ahead. As a mnemonic, you see. (I also switched to 24hr clock notation, as it makes the maths easier.) To sum: The jiggering of time differences is irksome but one quickly finds heuristics & tools to cut the annoyance value, and reduce error. The conclusion: How about other LUV people joining me in showing up at select virtual LUG events with little regard to distance or national borders? (I _am_ a longtime LUV person, even if I am Yet Another Bloody Yank.) Point 3: Also, please consider looking into occasional and perhaps regular LUV meetings on Jitsi Meet (like: meet.jit.si/luv) or on Zoom. Then, you (or I) can add them to Michael Paoli's list, and (for better or worse) gain international attendees with peculiar accents. I would be glad to give a virtual lecture on the construction, care, and feeding of Jitsi Meet for LUV. (I could be LUV's first monthly speaker to ever give a presentation to LUV's audience from 12,600 km away.) (If Russell or another LUV officer considers this posting appropriate for luv-main, great. I didn't want to presume.) ___ luv-talk mailing list luv-t...@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-talk - -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Fwd: Ockomothon CTF Begins Tonight!
Anyone interested in doing this? It's a free CTF event, tonight 8PM. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ --- Begin Message --- The Ockomothon 2020 Capture The Flag competition begins tonight at 8pm! Register today at metactf.com. Ockomthon2020 CTF Begins TONIGHT @ 8pm! Register Now (https://hs-6090418.t.hubspotstarter-iz.net/e2t/sc2/MmZ-8ykk9tKW5X87y35WK8cTW5-Kp-07cMbf_W4c5bVj7rW2CqdBzP8M04 ) Registration code: occam Presented By Sponsored By Step 1 Create an account at metactf.com (https://hs-6090418.t.hubspotstarter-iz.net/e2t/sc2/MmZ-8ykk9tKW5X87y35WK8cTW5-Kp-07cMbf_W4c5bVj7rW2CqdBzP8N04 ) Step 2 Once logged in sign-up for the Ockomothon 2020 CTF event, using occam as the event registration key. Step 3 Add up to 3 more team members by sharing your team's join code. Awesome Prizes Prizes from EC Council, Hak5, and conference tickets. Register Now (https://hs-6090418.t.hubspotstarter-iz.net/e2t/sc2/MmZ-8ykk9tKW5X87y35WK8cTW5-Kp-07cMbf_W4c5bVj7rW2CqdBzP8P04 ) Ockom, Inc., 500 Marquette Ave NW, Floor 12, Albuquerque, NM 87102, USA, 904-414-3015 Unsubscribe (https://hs-6090418.s.hubspotstarter.net/email-unsubscribe/email?product=emailStarter=all=Vnd69n85XVNMVMlzvh4cJ2lWW2m2l_p3K8K1pW43T4J34h2jTTN6kmRwHmWcNHW8YCS9K5-K08LV25tsF5DBtPhW8kK0XF8zND9SN6QlQ3c1yf0NW30b8197ywj2yMFdK8PNg2jbn8T6TgV3M3=2=russell%40coker.com.au&_hsenc=p2ANqtz--YEUfRejm9tHm2vvt5TMwB7uGmgQVL6h6jDsg1E8B5oOwg5qh96KKRzPB-vocqJKnbLXA2eDtwV_BxRhadILsQ6IjQmw&_hsmi=92412449 ) Manage preferences (https://hs-6090418.s.hubspotstarter.net/email-unsubscribe/email?product=emailStarter=Vnd69n85XVNMVMlzvh4cJ2lWW2m2l_p3K8K1pW43T4J34h2jTTN6kmRwHmWcNHW8YCS9K5-K08LV25tsF5DBtPhW8kK0XF8zND9SN6QlQ3c1yf0NW30b8197ywj2yMFdK8PNg2jbn8T6TgV3M3=2=russell%40coker.com.au&_hsenc=p2ANqtz--YEUfRejm9tHm2vvt5TMwB7uGmgQVL6h6jDsg1E8B5oOwg5qh96KKRzPB-vocqJKnbLXA2eDtwV_BxRhadILsQ6IjQmw&_hsmi=92412449 )--- End Message --- ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Resizing the whole screen with Debian 10 and Wayland
On Thursday, 16 July 2020 3:19:19 PM AEST Mark Trickett via luv-main wrote: > It is running on an AMD Ryzen 5 with 16 Gb of ram, and Gigabyte Nvidia > Geforce GT 710 video card (NV106) driving a 24" LED Wintal 12V TV. Firstly while it's not related to the issues you are having, I think you should consider buying an ATI video card. Every time I've used NVidia I've had problems related to driver support. Currently I'm supporting a Windows 10 system that's reliably running with a 4K video card that would cause regular system crashes in two different Linux systems. https://mjg59.dreamwidth.org/8705.html Next what type of TV is this and how are you connecting to it? The above blog post has some information on how TVs don't work in a sane manner, possibly some of the issues in that post apply to you. If so you can probably get it working properly (with some effort) but probably can't get the best quality. https://www.kogan.com/au/buy/kogan-24-full-hd-curved-75hz-freesync-gaming-monitor-1920-x-1080-a/ Here's a 24" FullHD monitor for $160 plus postage. That should just work for the full screen display and not look fuzzy. Then you can have TV playing as well while you look at your computer during ad breaks. ;) https://www.kogan.com/au/buy/kogan-24-qhd-freesync-75hz-monitor-2560-x-1440/ Here's a 24" 2560*1440 monitor for $280. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
KVM pc-i440fx-5.0 vs pc-q35-5.0
https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-libvirt-config-virsh.html For KVM, QEMU, and some other AMD64 virtual machine systems that use QEMU code you have a choice of pc-i440fx-5.0 (default) and pc-q35-5.0 for the machine type. The command "kvm -L help" gives you a list of machine types. The above URL is the only one I could find mentioning the difference, it says that "q35 is an Intel* chipset and includes PCIe, supports up to 12 USB ports, and has support for SATA and IOMMU". https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/latest-virtio/ I have the virtual IO drivers for storage (included in Linux by default and available for Windows at the above URL). I use the curses terminal for Linux VMs and am experimenting with VNC for Windows VMs so don't need USB keyboard and mouse. I don't need passthrough PCIe and the IOMMU only matters if you are running a hypervisor not for a guest. So would there be any benefit in using q35? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
S390X emulation
https://etbe.coker.com.au/2020/07/05/debian-s390x-emulation/ I just wrote a blog post about how to setup S390X emulation on Debian, a virtual mainframe running Linux. I have a play machine you can login to if you want to login to a virtual S390. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
PCI Ethernet cards for free
I have some 2 port PCI 100BaseT cards. These are sometimes really useful (and were expensive), but most machines only have PCIe nowadays. Email me off-list if you want some. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
hardware trends and hardware library
https://etbe.coker.com.au/2020/06/19/storage-trends/ I wrote the above blog post about trends in consumer level storage. Basically SSDs are getting so cheap that for large portions of the market spinning media makes no sense. If you need less than 2TB of storage in a workstation or server then SSD or NVMe is probably the best choice. The cheapest SSDs are significantly cheaper than the cheapest hard drives. I'm sending all my spare hard drives that are less than 500G in size to e- waste. I'll keep some 500G disks in the hardware library but anything smaller doesn't seem worth using. Also I'm going to send to e-waste all hardware that's designed for 32bit Intel systems. While a P3 made a decent firewall system, the cheap SATA SSDs make 64bit systems comparable for power use so I don't think a P3 is any good for a firewall nowadays. If anyone wants to make any last minute requests for IDE disks etc let me know. Finally while we aren't having LUV meetings you can still get access to the hardware library. Email me off-list if there's stuff you need, I can leave it on my porch or drop it off to you if you live in an area that's near somewhere I visit. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
PowerPC 64el QEMU problem
I am trying to run a virtual PPC64 system via QEMU on a Debian/Unstable AMD64 host. I have already got a s390x VM going (ssh r...@s390x.coker.com.au password "SELINUX"). qemu-system-ppc64 -drive format=raw,file=/vmstore/ppc64,if=virtio -nographic - m 1024 -kernel /boot/ppc64/vmlinux-4.19.0-9-powerpc64le -initrd /boot/ppc64/ initrd.img-4.19.0-9-powerpc64le -curses -append "root=/dev/vda ro" Above is the minimal qemu command that I'm using. Below is the result, it stops after the "4." from "4.19.0-9". Copyright (c) 2004, 2017 IBM Corporation All rights reserved. This program and the accompanying materials are made available under the terms of the BSD License available at http://www.opensource.org/licenses/bsd-license.php Booting from memory... Linux ppc64le #1 SMP Debian 4. The kernel is from the package linux-image-4.19.0-9-powerpc64le which is a dependency of the package linux-image-ppc64el in Debian/Buster. The program qemu-system-ppc64 is from version 5.0-5 of the qemu-system-ppc package. Any suggestions on what I should try next? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Buying Servers
On Wednesday, 17 June 2020 6:48:11 AM AEST Andrew McGlashan via luv-main wrote: > This new kit might be interesting if you can get one a particular > version supports ECC. > > > https://www.zdnet.com/product/intel-next-unit-of-computing-kit-9-pro-kit-nu > c9vxqnx-mini-pc-xeon-e-2286m-2-4-ghz-0-gb/ > > > https://www.intel.com/content/dam/support/us/en/documents/intel-nuc/nuc-kit > s/NUC9xyQNX_UserGuide.pdf > > http://staticice.com.au/cgi-bin/search.cgi?q=NUC9VXQNX=3 Thanks for that. It looks interesting. I will definitely consider that the next time I need a server! -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Buying Servers
On Saturday, 13 June 2020 11:15:34 PM AEST Russell Coker via luv-main wrote: > For a long time I've had a good history with Dell servers. I currently have > a PowerEdge Tower 1xx series at home, a LUV member has my previous > PowerEdge Tower 1xx series at his home, and I've got a bunch of clients > happily using 1xx series systems and one client with a PowerEdge Tower 630 > (18*3.5" SATA disks running nicely on ZFS). https://www.digicor.com.au/ Someone suggested off-list SuperMicro systems from Digicor. They look OK but the site is difficult to navigate and still not quite what is ideal. NVMe and SSD are the way to go for the vast majority of servers nowadays, 2TB is the largest SSDs available right now and 2*2TB disks in a RAID-1 will cover most SME server use cases. Is anyone selling white-box SFF cases and PSUs and what's a good place to buy ECC RAM and motherboards? It seems like a SFF system with ECC RAM and 2*SSD is a pretty ideal server for a lot of SME uses. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Buying Servers
On Saturday, 13 June 2020 11:21:28 PM AEST Andrew McGlashan via luv-main wrote: > Okay, well I think your customer is being unreasonable; it would be > difficult to source plenty of hardware that has to come from overseas at > this time for obvious reasons Yes it's understandable that they have difficulties. If they had said that it would take over a month to deliver when I placed the order the customer would have been a lot happier. They made an appointment to have someone install software on the server the day after it was due to be delivered and are unhappy that they had to cancel the appointment. Given the situation they were either going to be angry at Dell or at me... > Having said that, perhaps a second hand unit from eBay might get them out of > trouble and perhaps save them some money at the same time. The money is already spent. But that's a reasonable point, Grays Online has a lot of server gear and are very good with rapid shipping. Next time a client needs a server I'll check if Grays has any auctions coming up for suitable server gear. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Buying Servers
For a long time I've had a good history with Dell servers. I currently have a PowerEdge Tower 1xx series at home, a LUV member has my previous PowerEdge Tower 1xx series at his home, and I've got a bunch of clients happily using 1xx series systems and one client with a PowerEdge Tower 630 (18*3.5" SATA disks running nicely on ZFS). Now I've ordered a 1xx series for a client in May and it looks like it won't arrive until July, the client is not happy at all. What's a good affordable low end name brand server system where I can get delivery in a reasonable time period? Just need 2*SATA disks, ECC RAM, and nothing else special (don't need redundant PSUs). IBM had always impressed me with their gear and Lenovo has done well with Thinkpads so I checked out their servers but their web site broke. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
FOSS Distributed database
Is there any good FOSS distributed database that's not a heap of Maven rubbish that can't be supported in a distribution? I've been briefly looking at Cockroach, Hbase, Voldemort, Ignite Accumulo, and of course I had tried Cassandra at a LUV event. All the ones I looked at in detail couldn't be packaged for Debian because they used Maven for the build system and a build process that downloads java programs from the web doesn't fit with reproducible builds. I presume that the others which aren't in Debian are in a similar situation. Does anyone know of a good candidate that could be packaged for Debian? Failing that which of the ones that suck too badly for inclusion in Debian don't suck so badly that they are horrible to use? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Squirrelmail
On Tuesday, 9 June 2020 11:55:35 AM AEST Nic Baxter via luv-main wrote: > There is a plugin for roundcube that might help > It is elastic4mobile > > https://packagist.org/packages/roundcube/elastic4mobile Thanks for that, I might try it out. When looking through the Roundcube settings under Mailbox View there's an option for a "list" layout (widescreen is the default). I'll point that out and hopefully the user in question will be happy. I'm not trying to make something that's good for everyone, just good for the few people who use it so I can move on to something else. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Squirrelmail
On Friday, 29 May 2020 11:20:45 AM AEST James McGlashan via luv-main wrote: > On Fri, May 29, 2020 at 10:08:50AM +0930, Mike O'Connor via luv-main wrote: > > Roundcube, seems to be ok. > > Every instance of Squirrelmail I've seen has migrated to Roundcube. I've just installed Roundcube. The problem I had was that one significant webmail user complained that Squirrelmail had started messing up the display of some messages, I suspect it was due to the transition of certain MUAs to sending base64 encoded Subject lines etc (but never got to the bottom of it - my email worked fine in Squirrelmail). Another significant webmail user then complained that Roundcube didn't render properly on the latest Galaxy Note phonem, he showed me screen shots of it only using half the screen width. So now I'm supporting 2 webmail systems. > After a quick look through their documentation; the former doesn't appear to > require a relational database, while the latter does. Let that be MySQL, > PostgreSQL, or sqlite. You need to store webmail settings somewhere. Using a choice of sqlite or a database server allows running multiple web servers with a single database server backend. Using just flat files as Squirrelmail does means you probably need a distributed filesystem (or at least an NFS server) if you want to have multiple web frontends. > I wouldn't trust any PHP or SQL stack but I don't have any better > suggestions for webmail. A SQL server is a lot easier to get right than a distributed filesystem. Even an NFS server can make things more difficult. > Attached below, major security update just a month ago. If you install > Roundcube, be careful with the versions. I'll trust the Debian developers to package the security updates fast enough. Thanks for the suggestions. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Black Lives Matter
https://twitter.com/BiellaColeman/status/1268988146181648388 Biella Coleman (who is known for her anthropological research on the Debian community among other things) just Tweeted about DKG (ACLU staff and Debian Developer) being beaten by the police. Most of the time we try to avoid an overt political position for LUV, even for political issues where there is a clear and obvious issue of right and wrong. But when a member of our community is a victim of violent crime we have to speak out. LUV opposes police violence except as a last resort. Police who needlessly injure or kill people should be arrested and charged just like any other criminal. Police who are racist should be sacked and if their racist acts hurt people then they should be arrested and charged just like any other criminal. https://www.commongrace.org.au/339_recommendations_from_the_rciadic The recommendations from the Royal Commission Into Aboriginal Deaths In Custody should be applied ASAP. Australia should provide good food and healthcare to all detained people and should comply with the international obligations regarding the treatment of refugees. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
sharing files
Asking for a friend. She is on the committee of a small non-profit group with ten members. They're looking for a free/low cost solution for storing committee correspondence, files, images, etc in one central place. Currently the individual members share files they own via Google, and upload files to their Facebook group, or keep files on their own computers. It's messy, and they need everything to be in one place with the ability to easily control permissions. For eg when a committee member leaves, they want to be able to press a button that removes all access for that (former) member but their files will remain. And they want different levels of access, for e.g. the executive can see certain files but not general committee members (for issues where privacy is a concern). They need a structure that is easily managed, such as for eg sections on the various committee roles and relevant documentation for that role; a section for storing minutes; a section for current works in progress; collaborating on documents, etc. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Laptop storage issues
At the bottom of the message I pasted kernel messages relating to storage hangs on my laptop. So far I have only seen one SSD properly fail (it would just deny all writes) so don't have experience of failure cases. Might the below be due to motherboard or storage problems? https://support.lenovo.com/au/en/solutions/pd027202#stor The above page has specs for my laptop, Thinkpad X1 Carbon type 3460-2B9. INTEL SSDSCMMW18 LE9i /dev/sda180GB Above is the output of "lsscsi -s". Googling the Intel part number gives me nothing useful. https://www.windowscentral.com/how-upgrade-ssd-lenovo-thinkpad-x1-carbon The above states that M.2 SATA is the type of device. Is it likely to take an NVMe device? [683642.347249] ata1.00: status: { DRDY } [683642.347250] ata1.00: failed command: READ FPDMA QUEUED [683642.347253] ata1.00: cmd 60/08:d8:88:8a:5a/00:00:03:00:00/40 tag 27 ncq dma 4096 in res 40/00:01:00:00:00/00:00:00:00:00/e0 Emask 0x4 (timeout) [683642.347254] ata1.00: status: { DRDY } [683642.347255] ata1.00: failed command: READ FPDMA QUEUED [683642.347257] ata1.00: cmd 60/08:e0:d0:8a:5a/00:00:03:00:00/40 tag 28 ncq dma 4096 in res 40/00:01:00:00:00/00:00:00:00:00/e0 Emask 0x4 (timeout) [683642.347259] ata1.00: status: { DRDY } [683642.347260] ata1.00: failed command: READ FPDMA QUEUED [683642.347262] ata1.00: cmd 60/08:e8:d0:8b:5a/00:00:03:00:00/40 tag 29 ncq dma 4096 in res 40/00:01:00:00:00/00:00:00:00:00/e0 Emask 0x4 (timeout) [683642.347264] ata1.00: status: { DRDY } [683642.347265] ata1.00: failed command: READ FPDMA QUEUED [683642.347267] ata1.00: cmd 60/38:f0:48:8c:5a/00:00:03:00:00/40 tag 30 ncq dma 28672 in res 40/00:00:00:4f:c2/00:00:00:00:00/00 Emask 0x4 (timeout) [683642.347268] ata1.00: status: { DRDY } [683642.347269] ata1.00: failed command: READ FPDMA QUEUED [683642.347272] ata1.00: cmd 60/08:f8:38:92:5a/00:00:03:00:00/40 tag 31 ncq dma 4096 in res 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout) [683642.347273] ata1.00: status: { DRDY } [683642.347276] ata1: hard resetting link [683642.661304] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [683642.672851] ata1.00: ACPI cmd ef/02:00:00:00:00:a0 (SET FEATURES) succeeded [683642.672853] ata1.00: ACPI cmd f5/00:00:00:00:00:a0 (SECURITY FREEZE LOCK) filtered out [683642.672855] ata1.00: ACPI cmd ef/10:03:00:00:00:a0 (SET FEATURES) filtered out [683642.692818] ata1.00: ACPI cmd ef/02:00:00:00:00:a0 (SET FEATURES) succeeded [683642.692820] ata1.00: ACPI cmd f5/00:00:00:00:00:a0 (SECURITY FREEZE LOCK) filtered out [683642.692822] ata1.00: ACPI cmd ef/10:03:00:00:00:a0 (SET FEATURES) filtered out [683642.702477] ata1.00: configured for UDMA/133 [683642.702838] ata1.00: device reported invalid CHS sector 0 [683642.702848] sd 0:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE [683642.702850] sd 0:0:0:0: [sda] tag#0 Sense Key : Illegal Request [current] [683642.702852] sd 0:0:0:0: [sda] tag#0 Add. Sense: Unaligned write command [683642.702854] sd 0:0:0:0: [sda] tag#0 CDB: Read(10) 28 00 03 5a 8c 98 00 00 10 00 [683642.702855] print_req_error: I/O error, dev sda, sector 56265880 [683642.702874] sd 0:0:0:0: [sda] tag#1 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE [683642.702875] sd 0:0:0:0: [sda] tag#1 Sense Key : Illegal Request [current] [683642.702876] sd 0:0:0:0: [sda] tag#1 Add. Sense: Unaligned write command [683642.702877] sd 0:0:0:0: [sda] tag#1 CDB: Read(10) 28 00 03 5a 8c b8 00 00 30 00 [683642.702878] print_req_error: I/O error, dev sda, sector 56265912 [683642.702883] sd 0:0:0:0: [sda] tag#2 FAILED Result: hostbyte=DID_O -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Squirrelmail
https://en.wikipedia.org/wiki/SquirrelMail The Wikipedia page indicates that Squirrelmail is no longer maintained. I've had a problem reported with it after upgrading to PHP 7.3. Is there a good replacement for Squirrelmail? Something simple and lightweight that just gets the job done. Not Horde. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Open Bug Bounty
On Thursday, 28 May 2020 9:13:27 AM AEST James McGlashan via luv-main wrote: > (Redacted retransmit. Unsure if Russell received unredacted version after no > response and the issue remaining unpatched. Added a note about TeamHash' > low prices and implied low time.) Yes I got it thanks. I'm dealing with things as I have time and energy for them. While the pandemic has given me more free time it has given me less energy for significant things. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Upgrading LUV server
In preparation for a Drupal upgrade I've just upgraded to MariaDB on the LUV server. Everything seems to work ok, if you notice anything broken then let me know. Also I removed the DNS entry for members.luv.asn.au as that wasn't configured in the web server. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Open Bug Bounty
https://www.openbugbounty.org/reports/1170432/ Is this some kind of scam? The web page in question is a static page with an embedded Google search field. Unless there's a problem with the Google search (which would probably be more of a problem for Google than for me) then I can't imagine what the issue might be. Details aren't provided, presumably they want me to pay for that. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
iotop and kvm
When I run iotop on a kvm server I see the qemu processes for KVM being listed as between 1MB/s and 8MB/s for writes, the aggregate of those processes is about 10MB/s. This isn't an impossible number as the image files for KVM are stored on a RAID-1 array of SSDs. Reads tend to be about zero because there is a lot of cache and the system has been running for a while. When I run iostat on the block devices for the RAID-1 I see the average write speed reported at something that's always below 2MB/s and which is often below 1MB/s for a 10 second reporting period. Could iotop be considering writes to /dev/kvm or /dev/net/tun as disk IO? What else could be the explanation for this? How could I work this out? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Strange load average
On Wednesday, 13 May 2020 8:42:16 PM AEST Arjen Lentz wrote: > I happened to spot that you tagged me - mind that I don't do much DB stuff > these days, but happy to help if I can. Thanks. > > The iowait while not correlated with this issue was higher than I > > expected, I ran "iotop -o -d5 -b -P" which indicated that writes from > > mysqld was the main disk access. I ran "fatrace -f W" which indicated > > that mysqld was writing to deleted files in /tmp. > > > > | 68991 | luv_drupal | localhost | luv_drupal | Query |0 | Creating > > | sort> > > index | SELECT v.vid, v.*, n.type FROM vocabulary v LEFT JOIN > > vocabulary_node_types n ON v.vid = n.vid WHERE | According to "show table status;" the vocabulary and vocabulary_node_types tables each have 16K of data. > > The only time I caught an access with the "show processlist;" SQL command > > was the above, might "Creating sort index" mean writing to deleted files > > in /tmp? > If sort_buffer_size is too small (generally 2M or 4M is good), or the SELECT It's running MySQL 5.6 which apparently has 256K for the default sort_buffer_size and the configuration doesn't seem to specify anything different. So I guess we shouldn't have problems in this regard. Will I gain anything from changing to MariaDB? For reasons that I never worked out the LUV server didn't get changed to MariaDB on the Debian upgrade process while other Debian servers I run did. > Btw if you use SHOW FULL PROCESSLIST you'll get the full rather than a Thanks, I'll try that. > possibly truncated query string. If you are using MariaDB, you can set up > the slow query log and enable extra options so that sorts that go to disk > get logged. But if you just set up slow query log with 1 second, you can > already see what shows. If it takes that long it'll show up. Or go further, > long_query_time=0.1 OK, I guess that's one reason for changing to MariaDB. > I think the resultset of this query is way bigger than it should be, > otherwise it possibly wouldn't go disk, and wouldn't produce enough disk > I/O to blip. Tuning the server a bit might help. Did you change any > settings from the defaults? > > If you have enough RAM you could take a sneaky shortcut and define > tmp=/dev/shm, but if the tmp files that MySQL does need during normal > operations are big enough, you'll get memory troubles instead. And as > you'll know, swapping is never a good thing on a DB server. The VM has 4G of RAM which is a reasonable amount for what is being done. There is 16G of RAM allocated to VMs and 48G in the system. I can easily allocate more RAM to that VM. The total of all databases on the LUV server is 3G of storage. I could allocate it another 3G of RAM to make sure it all stays in cache. Using /dev/shm for tmp seems like a good idea. > But tuning the server just a bit is always a good idea, the defaults on most > distros are to minimise RAM usage and minimal logging. Also set stuff like > innodb_flush_method=O_DIRECT to optimise the I/O further. Thanks, I'll check that out too. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
server stats collection
https://www.datadoghq.com/ I want to do something like what DataDog does, but with free software. The aim is to address the LUV server load average issue as well as other similar things. Below is a bunch of links to things I'm considering. I welcome comments about any of the below or general comments about the issue that don't reference the below stuff. So if you have some experience to report and don't want to bother reading the below then please let me know. https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51876 Seems that Datadog was based on or inspired by statsd. https://www.tecmint.com/monitorix-a-lightweight-system-and-network-monitoring-tool-for-linux/ This one seems like an all in one thing that's easy to install. But the downside is that it's for only a single system. It would be useful to for example be able to display all disk IO in all VMs on the one host and see where the load is coming from when the disks can't keep up. https://wiki.openstack.org/wiki/Gnocchi Gnocchi (packaged for Debian as gnocchi-statsd) seems to be an implementation of the statsd protocol from Etsy. The idea of statsd is that you have UDP based data collection with arbitrary "bucket" names and various ways of analysing it (total of a series of numbers, number of unique IDs, etc). Then you have different tools for analysing it. https://thenewstack.io/collecting-metrics-using-statsd-a-standard-for-real-time-monitoring/ Here's an overview of statsd operation. It mentions the ability to add monitoring to any code, there are statsd modules in Debian for Perl, Python, Ruby, Haskell, and Go. https://github.com/statsd/statsd/wiki Here is a list of links to various pieces of statsd software. https://github.com/talebook/statsd-client-cpp Here's a statsd client that monitors the basics of load, cpu, processes, network transfer, etc. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Strange load average
At the bottom of this message is an extract from the monitoring system for the LUV server. Load average spikes to over 20, but at the time of monitoring there was only 1 D state process and nothing was using much CPU time or much RAM. At the same time other VMs didn't report high load so it wasn't an issue of the disk capacity of the hardware being saturated (which would be difficult for a RAID array of SSDs on a mostly quiet server). 09:55:01CPU %user %nice %system %iowait%steal%idle 12:35:02all 4.28 0.00 1.15 17.87 1.4075.29 12:45:01all 4.82 0.00 1.54 17.73 1.5774.35 12:55:01all 5.00 0.00 1.20 18.15 0.9174.75 13:05:01all 5.60 0.00 1.33 17.79 1.0074.28 13:15:01all 14.11 0.00 2.70 16.95 1.5664.69 13:25:01all 4.21 0.00 1.52 20.83 0.8972.56 Average:all 5.15 0.00 1.31 19.99 1.0972.45 Above is part of the sar output. Note that at around the time of the high load average there was a higher than usual amount of user CPU time. The iowait while not correlated with this issue was higher than I expected, I ran "iotop -o -d5 -b -P" which indicated that writes from mysqld was the main disk access. I ran "fatrace -f W" which indicated that mysqld was writing to deleted files in /tmp. | 68991 | luv_drupal | localhost | luv_drupal | Query |0 | Creating sort index | SELECT v.vid, v.*, n.type FROM vocabulary v LEFT JOIN vocabulary_node_types n ON v.vid = n.vid WHERE | The only time I caught an access with the "show processlist;" SQL command was the above, might "Creating sort index" mean writing to deleted files in /tmp? ALERT itmustbe/loadavg: 21.27 6.84 3.01 >= 7 5 4 (Wed May 13 13:06:39) Summary output: 21.27 6.84 3.01 >= 7 5 4 Detailed text (if any) follows: --- Here are D state processes: USER PIDVSZRSS TTY COMMAND root 157 0B 0B [jbd2/vda-8] Here are processes with the top CPU percentages: USER PID CPU TTY COMMAND mon 1630 7.0 /usr/bin/perl /usr/lib/mon/mon-local.d/ loadavg.monitor 7 5 4 mon 1629 6.0 /usr/bin/perl /usr/lib/mon/mon.d/msql- mysql.monitor --mode m www-data 1445 5.1 /usr/sbin/apache2 -k start Here are processes with the top RAM use: USER PID VIRTRES TTY COMMAND clamav 335 1.12GB 874MB /usr/sbin/clamd --foreground=true mysql 1392 1.7GB 613MB /usr/sbin/mysqld --basedir=/usr -- datadir=/var/lib/mysql --p spamassassin 20347 101MB 89.3MB spamd child spamassassin 29351 97MB 84.9MB spamd child root 1047 94.5MB 84.1MB /usr/bin/perl -T -w /usr/sbin/spamd -d --pidfile=/var/run/sp Swap Used: 7.8MB / 256MB -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: portable 4k monitor
On Wednesday, 6 May 2020 12:56:45 AM AEST Julien Goodwin via luv-main wrote: > On 6/5/20 12:11 am, Russell Coker via luv-main wrote: > > https://desklabmonitor.com/ > > > > What do you think of this? 15" portable monitor that's battery powered > > and > > connects via HDMI and USB-C. It claims Linux support but doesn't say > > anything about how the touch screen part works. Would that be a USB-C > > thing? > There's 1080P versions of very similar products from Lenovo & HP (at least). > > The monitor part certainly should just work, and I keep meaning to pick > one of those up for myself, would be really handy when working on things > like PCB designs on the go. Thanks for the feedback. I just ordered one of the Desklab devices and when I got to the order form I found that they have a FullHD version for $100 less, but I decided to order the 4K version, getting 25% of the pixels for 75% of the price doesn't seem like a good deal. I have some uses for this which can take advantage of the touch screen and it is possible that it might see some use on Windows systems too. But the basic functionality of the monitor is enough to justify the price. If it does everything I want I might even get a second one. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
portable 4k monitor
https://desklabmonitor.com/ What do you think of this? 15" portable monitor that's battery powered and connects via HDMI and USB-C. It claims Linux support but doesn't say anything about how the touch screen part works. Would that be a USB-C thing? https://www.jaycar.com.au/vga-to-hdmi-video-converter/p/AC1639 The above is a link for VGA to HDMI (such converters aren't common). One of those and a portable monitor could make it a little easier for diagnosing problems in server rooms (taking a full size monitor in there is a hassle). That would be a handy addition to the regular functions of a laptop/gaming monitor. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
maildroprc header match
exception { if (/^X-Spam-Status: No, score=[234]/:h) { to "$DEFAULT/.SpamScore/" } } The above snippet from /etc/maildroprc makes mail with a SA score of 2+ go to a folder for high spam score mail while mail with a lower SA score gets regular delivery (SA score of 5+ means SMTP reject). The ":h" in the pattern match should specify a header match. Unfortunately it seems to be matching on header from an encapsulated message. So a list server sends a message to me for moderation because the sender isn't a list member, the message in question has a high spam score (not surprising) and the message goes to the SpamScore folder not the folder for mailing list mail. Any ideas what's going wrong here? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
mailman
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959435 Mailman has just been removed from Debian/Unstable because it is "obsolete". Why would it be regarded as obsolete and if so what should we replace it with? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Sharing files between Mac OS and Linux systems
On Monday, 27 April 2020 9:46:43 AM AEST Gordon Heydon via luv-main wrote: > Hi, > > You could set up samba on your linux computer and then you can access it > from your Mac. > > Of the opposite way to use smbfs to mount a Mac share from your linux > computer. > > If it is just the occasional file then as Andrew said you can use ssh. > > Remember if you want to access your Mac from your linux computer you will > need to enable these functions via Sharing in the system preferences. https://www.digitalocean.com/community/tutorials/how-to-use-sshfs-to-mount-remote-file-systems-over-ssh I haven't tried this, but the concept seems good. SMB over the Internet is generally a bad idea. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: [MLUG] Problem with very old Dell XPS M1330
On Saturday, 25 April 2020 5:34:48 PM AEST stripes theotoky via luv-main wrote: > Problem is with connection speeds of 3.28 download and 0.54 upload there is > very little I can do. 3.28megabit download? That's 410KB/s or about half an hour for a CD. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
HP Server
I just got given a HP ML 350 G6 server that I had hoped to use for LUV training etc. It has 18G of RAM (9 DIMM slots used out of 18 total and the only DIMM I could read was 2G), 2CPUs that each probably are in the 3000-5000 speed range according to https://www.cpubenchmark.net/ and 6*146G 15000rpm SAS disks. It's a nice mid range server. The problem is that it appears to have a broken power supply backplane (the thing that connects to the hot-swap power supplies). Does anyone know where to get a backplane cheap? I'm not paying $80 given the possibility that whatever damaged the backplane damaged the rest of it in the process. Does anyone have a similar HP system they want to use for swapping parts or something? Also as an aside I've got a box of 3.5" SAS disks. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: COVID-19 cure research
On Tuesday, 14 April 2020 10:35:25 PM AEST Peter Drake via luv-main wrote: > COVID-19 > > Lend your spare compute to finding a cure > https://foldingathome.org/ > > The only question is why not I'm running Einstein at home to search for pulsars and Asteroids at home to determine the shapes of asteroids. While searching for pulsars is unlikely to have any health effects, we could suffer the same fate as the dinosaurs so research into asteroids is a really good thing. Folding at home is a worthy project, but they probably have plenty of people subscribing to it now. If you haven't setup Boinc before then Folding at home is a reasonable choice for a first project. Make sure you monitor CPU temperature if you want to have good performance for other things too. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Problem with very old Dell XPS M1330
On Tuesday, 14 April 2020 7:46:38 PM AEST stripes theotoky via luv-main wrote: > Have a problem with a very old Dell XPS M1330. The box is 12 years old > (2008) and runs Ubuntu 10.04 Lucid Lynx. It has only been used recently to > play frozen bubble as it has a very good keyboard. >From the reviews that sounds like a nice laptop. > The problem: > It does not pick the wifi. The switch on the side of the box doesn't seem > to be working. > I have checked the BIOS and both wifi and blue tooth seem to be turned on > there (ENABLED). > > I tried iwconfig which listed the following interfaces and that nothing was > wifi capable Did it ever work on Wifi? If so when did it stop working and what changes correlated with that? > I tried > sudo ifconfig vboxnet0 up > and > sudo ifconfig vboxnet0 down > > which show I can turn the vboxnet0 interface on and off. With it turned on > I again tried > iwconfig and still there are no wifi capable interfaces. Isn't vboxnet0 an interface for Virtualbox VMs? It doesn't look like it would be correlated with Wifi. The command "lspci" can indicate whether hardware is detected. Are wifi drivers loaded? The command "lsmod" should give useful indication. > This happens with the Ubuntu that is on this box and with Mint 17 booted > from a USB key. > > Any ideas? Is the wifi internal card dead? old system? We need more information to determine that. One thing to note is that Officeworks has USB Wifi devices starting at $27. So if you can't get the onboard Wifi going it shouldn't cost a lot to buy a USB device to replace it. Such USB devices are really handy to have at any time, so if you buy one and fix the onboard wifi later you probably won't feel like you wasted your money. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
SpamAssassin rule problem
header SWS_AUTHReceived =~ /Authenticated sender/ describeSWS_AUTHMail from local SASL is good score SWS_AUTH-10 I have the above in my SA local.conf file. Received: from liv (unknown [x.x.x.x]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: russ...@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id 4BB77F173 for ; Tue, 14 Apr 2020 13:53:41 +1000 (AEST) [...] X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED=0.1, DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,DKIM_VALID_EF=-0.1, UNPARSEABLE_RELAY=0.001 autolearn=disabled version=3.4.2 Above are the relevant headers of a message coming through. Why am I not getting a -10 added to the score? Thanks. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Video Conferencing
https://www.schneier.com/blog/archives/2020/04/security_and_pr_1.html Bruce Schneier wrote an informative blog post about the problems with Zoom. https://jitsi.org/ He recommends Jitsi which has Debian packages among other things. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Telstra 4GX Hotspot vs 4GX Wi-Fi Pro
On Sunday, 29 March 2020 11:33:39 AM AEDT Mark Trickett via luv-main wrote: > This is not the Android, or app store, but someone spoofing your > identity to contact a phone connection provider, and have your number > moved to someone else, like between Optus and Vodaphone, or Optus and > Telstra. Having done so, they can get access to everything on the > phone, and bank accounts have been stripped. https://krebsonsecurity.com/tag/sim-swap/ Brian Krebs has some good articles on this topic (all his articles are worth reading). That is only a security problem if you use a phone number for things related to security. Don't use SMS as your 2FA, use a hardware device or an Android app (Googles GAuth or Microsoft Authenticator for example). Also don't have your security based on someone calling you on your mobile phone. > This is why I want the sim and device locked to the one network, until > I present in person with sufficient ID to then choose to migrate. I do Is this something that Australian providers can do? A SIM used for a 3G Wifi hotspot device will have a phone number and can be used to receive calls and SMS if you know the number. There is no functional difference between a phone used as a Wifi hotspot and a 3G Wifi dedicated device. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Telstra 4GX Hotspot vs 4GX Wi-Fi Pro
On Saturday, 28 March 2020 8:37:23 PM AEDT Mark Trickett via luv-main wrote: > There have been cases of the phone being "ported" to a different > mobile service provider, and the phone being stripped of personal > data. It may be not common, but it is a real risk. There are also There are many rumors about this. If you have a recent phone that has an SSL implementation without flaws (IE not Android 2.3 or something) then a hostile intermediary can't fake the Play Store and push apps on you. If you have Android 2.3 and aren't important in some way (why would someone who meets any definition of "important" be using Android 2.3?) then hostile parties probably won't try to attack you, they will go for the wealthier 99% of the market. An Android phone won't inherently have any information on you other than access to a Gmail account. Whether that is a risk depends on what you do with your Gmail account, admittedly Google tries to coerce users into using their Gmail account for many things. > issues about the durability of the various devices. My mobile is a > Nokia 6120-c, and is still locked to the Telstra network. It can do > the Internet, but the screen is way too small, and while it will do > bluetooth, I have a Telstra 4GX Advanced III, with the cradle, and My observation is that devices become unable to use the right frequencies before they become unusable due to other reasons. I've got a couple of Android 2.3 phones that still work OK for what they do, but they use the old Telstra frequencies and now that GSM has gone away they can't be used on any non-Telstra network and are pretty much unusable on Telstra. Phones haven't got much bigger since the first Galaxy Note was released in 2011. Phones haven't had much usable improvement in displays since the Galaxy Note 3 was released in 2013 with a FullHD display (there aren't many laptops with a higher resolution than that on sale now). The main factor stopping continued use of phones is lack of security support. If you want a long-term secure phone you need to install your own OS. Doing so is really hard because phones were not designed like PCs - which I consider to be a significant flaw. I think that as the first Android phone had 256M of RAM (256* more than a real- mode PC could address and 64* more than the first Linux PC I used) there's no reason that it couldn't have had a standard "BIOS" interface to provide basic video without special drivers (before OS specific drivers are loaded) and basic touch screen and storage access. Then it could have been designed for multiple boot devices so if you wanted to try a new OS on your phone you could just install a new micro-SD card that was bootable. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Telstra 4GX Hotspot vs 4GX Wi-Fi Pro
On Saturday, 28 March 2020 8:29:33 PM AEDT Brian May via luv-main wrote: > Colin Fee via luv-main writes: > > In the scramble to get people to, work from home over the past weeks, we > > discovered three that do not have home internet. They asked us for > > broadband dogles or modems, to which we said use your phone, data charges > > are similar etc. > > > > They contacted their respective telcos who all said don't use your phone > > for this, especially for long periods as it may damage the phone. That's ridiculous. I've done lots of long term wifi usage on lots of phones and never had any sorts of problems. I've had phones run as Wifi hotspots for multiple weeks on end without problems. The only potential problem is that Wifi uses more power and therefore causes the phone to dissipate more heat. If you have a phone on the dash of your car on a hot day then running a Wifi hotspot could be the thing to push it over the edge. Strangely Korea is about the same distance from the equator as Sydney but Samsung doesn't even do a good job of making phones that cope with Melbourne weather. Probably telcos don't want people actually using the bandwidth quotas that they pay for. > My experience of using my Phone, a Galaxy Note 10+ 5G, as a Wifi > hotspot, is it is good most of the time, but terrible when it encounters > congestion. I've had that in the past but not recently and not when using a telco that runs on the Telstra network. What provider have you seen such problems with? > As in it never drops packets, ping times are measured in minutes, and > even when you leave the congested area it still doesn't work correctly - I've seen it delay DNS packets longer than the timeout which then causes longer delays as DNS repeats use up all bandwidth. At one stage I had my laptop configured to use IP addresses for everything that mattered to alleviate that problem. But that was with the Vodafone network and I think the Optus network, not Telstra. I don't know how much of the problem was due to old network hardware (GSM and 3G vs 3G and 4G), how much was due to old phones, and how much was due to non-Telstra networks. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: luv-main Digest, Vol 103, Issue 11
On Saturday, 28 March 2020 10:07:24 PM AEDT Andrew Mather wrote: > > The cheapest new Android phone that Kogan offers is $159. Second hand > > phones > > are cheaper. Why do you want a dedicated Wifi device when you could get a > > phone that does it as well as other things? > > I have an ancient Telstra 3G/4G Hotspot device and have found it performs > way better than my iPhone as a data hotspot. By performance, I mean the > hotspot has better reception in marginal areas and data transfer speeds are > higher. It also has much better battery life and is quicker to recharge. > Obviously this may be affected somewhat by the number of other applications > running on the phone, but that doesn't account for the whole difference. Newer phones recharge quickly, USB-C can deliver up to 90W. The size of phones does limit the antenna size and phones generally aren't designed for external antennas. A few years ago Samsung phones had the antenna in the back cover with spring clips connecting it to the phone body, so putting an external antenna on probably wouldn't be that difficult. But having a device designed for it would be better. > I suspect that being a dedicated device, it's optimised for data transfer > in ways that the phone isn't. It also sounds like the people in question > already have phones, so the extra features aren't required. I don't think it can be more designed for data transfer. But designed for a better antenna is likely. > The main downside is it's locked to the Telstra network, but given a lot of > the time, I'm using it in remote 4WD touring situtaions, is not an issue > because there's often no other network out there. Yes, Telstra is definitely better for most outer areas, with a few annoying exceptions of course. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Telstra 4GX Hotspot vs 4GX Wi-Fi Pro
On Friday, 27 March 2020 11:14:41 AM AEDT stripes theotoky via luv-main wrote: > I have the following question: I need to get a mobile broadband hotspot. > Currently the telstra website shows the 4GX hotspot at $149 and the 4GX > Wi-Fi Pro at $119. However, when clicking on buy online for the 4GX The cheapest new Android phone that Kogan offers is $159. Second hand phones are cheaper. Why do you want a dedicated Wifi device when you could get a phone that does it as well as other things? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: meetings
On Friday, 13 March 2020 9:59:07 AM AEDT Andrew Worsley via luv-main wrote: > On Fri, 13 Mar 2020 at 09:36, Russell Coker via luv-main > > wrote: > > https://en.wikipedia.org/wiki/Coronavirus_disease_2019 > > > > Coronavirus is spreading exponentially as diseases do. People can be > > infected for as long as 14 days without showing symptoms, according to > > Wikipedia 5 days is the average time for symptoms to develop. This means > > that we won't know when it gets really bad until at least 6 days after it > > has got really bad. > An interesting question is how long after infection a person becomes > infectious. On one podcast I've heard 4 days - meaning on average 1 > day of infectious but not yet sick. That might be the case, but even so 1 day on a tram can spread it a lot, and if we get unlucky that someone has their 1 day at a LUV meeting... > > The only responsible course of action is to significantly scale back > > public > > meetings now to reduce the risk. > > Perhaps people could consider an IRC or Audio/Video presentation? > I don't know the trade-offs or how viable various packages are in > practice though and I suspect it will take some effort to work these > out. > > http://openmeetings.apache.org/ > > https://openvidu.io/ > > https://jitsi.org/ > > Or slightly older review https://opensource.com/alternatives/skype What we need is responses from people who want to be involved in such things. The current lack of response indicates that we shouldn't bother running it and should only use the mailing list until Coronavirus is over. > > I have raised this matter for discussion on the committee list but with no > > reply. So I now publicly propose that all LUV in-person meetings be > > cancelled from now until the stage where we know the disease is under > > control. I can't imagine that being before July. > > > > As fun as LUV meetings are, it's not something that's worth risking lives > > over. > > > > I have some plans for online education which could be run at the times we > > usually have LUV meetings, follow up here if you want to discuss that. > > Please use luv-talk if you want to discuss details of the disease. > > Perhaps the topics could be proposed and voted on a poll (the > venerable luv web site might host this?) > > I suspect that this type of remote working software is going to be > needed for many other organisations than luv in the near future... True. But we need people who are interested in it, and we don't seem to have that. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
meetings
https://en.wikipedia.org/wiki/Coronavirus_disease_2019 Coronavirus is spreading exponentially as diseases do. People can be infected for as long as 14 days without showing symptoms, according to Wikipedia 5 days is the average time for symptoms to develop. This means that we won't know when it gets really bad until at least 6 days after it has got really bad. The only responsible course of action is to significantly scale back public meetings now to reduce the risk. I have raised this matter for discussion on the committee list but with no reply. So I now publicly propose that all LUV in-person meetings be cancelled from now until the stage where we know the disease is under control. I can't imagine that being before July. As fun as LUV meetings are, it's not something that's worth risking lives over. I have some plans for online education which could be run at the times we usually have LUV meetings, follow up here if you want to discuss that. Please use luv-talk if you want to discuss details of the disease. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: IRC based self education
On Thursday, 5 March 2020 6:56:41 PM AEDT Russell Coker via luv-main wrote: > One thing I've been thinking of doing for a while is IRC based self > education. The idea is that a group of people who are interested in a topic > arrange to go on IRC at a set time to learn about it. When you get stuck > on something you ask the channel and probably someone else will be working > on it and be able to help you. > > One thing I've been thinking of doing is try running some BSD variants in > VMs. Anyone interested in doing this? I've got some spare capacity on one > of my servers so I could set it up to allow people to run some VMs there. For the time, I was thinking of an evening on a weeknight. What do you think? Who's interested in doing this? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
IRC based self education
One thing I've been thinking of doing for a while is IRC based self education. The idea is that a group of people who are interested in a topic arrange to go on IRC at a set time to learn about it. When you get stuck on something you ask the channel and probably someone else will be working on it and be able to help you. One thing I've been thinking of doing is try running some BSD variants in VMs. Anyone interested in doing this? I've got some spare capacity on one of my servers so I could set it up to allow people to run some VMs there. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: No luv-announce email again
On Tuesday, 3 March 2020 11:50:08 AM AEDT Duncan Roe via luv-main wrote: > Ok I'll still come What happened in the end? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
SpamAssassin questions
Does anyone know of a good Australian whitelist of domains that are totally legit but trigger SA checks? For example seek.com.au triggers checks about lots of money but I want a job paying lots of money. Is there a way of configuring SA to have a per-user Bayes path for virtual mailboxes? EG mail is stored under /mail/$DOMAIN/$USER and I want Bayes under /bayes/$DOMAIN/$USER but there is no entry in /etc/passwd for the user. Why does the command "spamc -d 127.0.0.1 -c -u russ...@coker.com.au < msg.txt" give a spam score way different from that which was generated when the mail was received? Seems that running spamc from the command-line gives different checks than when it's run by spamass-milter. https://wiki.debian.org/DebianSpamAssassin What's the pros and cons of SA as a Postfix content_filter vs spamass-milter? Prior to reading the above page I never realised that there was any way other than spamass-milter (which seems to work ok for me). What's up with the files like /etc/spamassassin/v340.pre /etc/spamassassin/ v341.pre /etc/spamassassin/v342.pre on Debian? Why are config items split out by SA version? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
log analysis
Whats a good FOSS log analysis system? I'm after something that will aggregate the logs of multiple systems and give results on demand through a web interface and allow alerts to be propagated to a monitoring system. Also what's a good FOSS system for graphing all the metrics of a system (network use, disk IO, CPU use, and arbitrary other metrics? Ideally I'd like something like what Datadog does with a web interface that shows multiple graphs and allows easy comparing of the values from multiple graphs at the same point in time. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Is there a meeting this evening? YES
On Tuesday, 4 February 2020 3:07:32 PM AEDT Alexar Pendashteh wrote: > Thank you Duncan for the update again. There seem to be some issues with > the mailing lists. Archives don't work at the moment for example (for me at > least). It's not clear yet why my announcement wasn't sent out. > > @Russell Coker , do you have any idea? What URLs aren't working for archives? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Thursday, 30 January 2020 5:14:22 PM AEDT Craig Sanders via luv-main wrote: > On Tue, Jan 28, 2020 at 08:02:15PM +1100, russ...@coker.com.au wrote: > > Having a storage device fail entirely seems like a rare occurance. The > > only time it happened to me in the last 5 years is a SSD that stopped > > accepting writes (reads still mostly worked OK). > > it's not rare at all, but a drive doesn't have to be completely > non-responsive to be considered "dead". It just has to consistently cause > enough errors that it results in the pool being degraded. In recent times I've only had one disk that had such a large amount of errors, a 4TB (from memory) disk with about 12,000 errors. ~12,000 errors out of ~1,000,000,000 blocks (4K block size) means about 0.0012% errors. ZFS with copies=2 on that seems quite likely to give a good amount of your data back. > To me, that's a dead drive because it's not safe to use. it can not be > trusted to reliably store data. it is junk. the only good use for it is to > scrap it for the magnets. I've had about a dozen disks in the last ~5 years that would give about 20 ZFS checksum errors a month. I got them replaced with that level of errors, who knows that they might have done if they had remained in service. Presumably if the system in question had run Ext4 we would have discovered the answer to that question. > > I've had a couple of SSDs have checksum errors recently and a lot of hard > > drives have checksum errors. Checksum errors (where the drive returns > > what > > it considers good data but BTRFS or ZFS regard as bad data) are by far the > > most common failures I see of the 40+ storage devices I'm running in > > recent > > times. > > a drive that consistently returns bad data is not fit for purpose. it is > junk. it is a dead drive. That's my opinion too. But sometimes the people who pay have different opinions and are happy to tolerate a small number of checksum errors. > > BTRFS "dup" and ZFS "copies=2" would cover almost all storage hardware > > issues that I've seen in the last 5+ years. > > IMO, two copies of data on a drive you can't trust isn't significantly > better or more useful than one copy. It's roughly equivalent to making a > photocopy of your important documents and then putting both copies in the > same soggy cardboard box in a damp cellar. If a disk gets 20 checksum errors per month out of 6TB or more of storage then the probability of 2 of those checksum errors hitting the same block is very low, even on BTRFS which I believe has a fairly random allocation for dup. I believe that ZFS is designed to allocate data to reduce the possibility of somewhat random errors taking out multiple copies of data but haven't investigated the details. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Monday, 20 January 2020 2:34:09 AM AEDT Craig Sanders via luv-main wrote: > On Sun, Jan 19, 2020 at 05:38:23PM +1100, russ...@coker.com.au wrote: > > Generally I recommend using BTRFS for workstations and servers that have 2 > > disks. Use ZFS for big storage. > > Unless you need to make regular backups from workstations or small servers > to a "big storage" ZFS backup server. In that case, use zfs so you can use > 'zfs send'. Backups will be completed in a very small fraction of the time > they'd take with rsyncthe time difference is huge - minutes vs hours. > That's fast enough to do them hourly or more frequently if needed, instead > of daily. It really depends on the type of data. Backing up VM images via rsync is slow because they always have relatively small changes in the middle of large files. Backing up large mail spools can be slow as there's a significant number of accounts with no real changes as well as a good number of accounts with only small changes (like the power users who have 10,000+ old messages stored and only a few new messages at any time because they delete most mail soon after it arrives). But even for those corner cases rsync will work if your data volume isn't too big. For other cases it works pretty well. I guess you have to trade off the features of using one filesystem everywhere vs the ability to run filesystems independently of what applications will run on top. I like the freedom to use whichever filesystem best suits the server. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Monday, 20 January 2020 2:08:44 AM AEDT Craig Sanders via luv-main wrote: > On Sun, Jan 19, 2020 at 05:34:46PM +1100, russ...@coker.com.au wrote: > > I generally agree that RAID-1 is the way to go. But if you can't do that > > then BTRFS "dup" and ZFS "copies=2" are good options, especially with SSD. > > I don't see how that's the case, how it can help much (if at all). Making a > second copy of the data on the same drive that's failing doesn't add much > redundancy, but does add significantly to the drive's workload (increasing > the risk of failure). > > It might be ok on a drive with only a few bad sectors or in conjunction with > some kind of RAID, but it's not a substitute for RAID. Having a storage device fail entirely seems like a rare occurance. The only time it happened to me in the last 5 years is a SSD that stopped accepting writes (reads still mostly worked OK). I've had a couple of SSDs have checksum errors recently and a lot of hard drives have checksum errors. Checksum errors (where the drive returns what it considers good data but BTRFS or ZFS regard as bad data) are by far the most common failures I see of the 40+ storage devices I'm running in recent times. BTRFS "dup" and ZFS "copies=2" would cover almost all storage hardware issues that I've seen in the last 5+ years. > > So far I have not seen a SSD entirely die, the worst I've seen is a SSD > > stop > I haven't either, but I've heard & read of it. Andrew's rootfs SSD seems to > have died (or possibly just corrupted so badly it can't be mounted. i'm not > sure) > > I've seen LOTS of HDDs die. Even at home I've had dozens die on me over the > years - I've got multiple stacks of dead drives of various ages and sizes > cluttering up shelves (mostly waiting for me to need another fridge magnet > or shiny coffee-cup coaster :) I've seen them die in the past. But recently they seem to just give increasing error counts. Maybe if I ran a disk that was giving ZFS or BTRFS checksum errors for another few years it might die entirely, but I generally have such disks discarded or drastically repurposed after getting ~40 checksum errors. > > For hard drives also I haven't seen a total failure (like stiction) for > > many years. The worst hard drive problem I've seen was about 12,000 read > > errors, that sounds like a lot but is a very small portion of a 3TB disk > > and "dup" or "copies=2" should get most of your data back in that > > situation. > If a drive is failing, all the read or write re-tries kill performance on a > zpool, and that drive will eventually be evicted from the pool. Lose enough > drives, and your pool goes from "DEGRADED" to "FAILED", and your data goes > with it. So far I haven't seen that happen on my ZFS servers. I have replaced at least 20 disks in zpools due to excessive checksum errors. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
BTRFS and ZFS training
https://doc.coker.com.au/training/btrfs-training-exercises/ https://doc.coker.com.au/training/zfs-training-exercises/ I've put some simple BTRFS and ZFS training exercises at the above URLs (this is the training that was done at a LUV Saturday meeting in 2015). As they involve deliberately corrupting data to exercise the filesystems it's a good idea to to this on a VM so a typo won't cause problems. I can give access to a VM for doing this if anyone needs it. But the system in question doesn't have a lot of RAM so anyone who gets a VM will need to complete the training reasonably quickly. If you have any suggestions for additions to the training please be specific about what commands to run. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Saturday, 18 January 2020 6:44:51 PM AEDT Craig Sanders via luv-main wrote: > I personally would never use anything less than RAID-1 (or equivalent, such > as a mirrored pair on zfs) for any storage. Which means, of course, that I'm > used to paying double for my storage capacity - i can't just buy one, I > have to buy a pair. Not as a substitute for regular backups, but for > convenience when only one drive of a pair has died. > > Drives die, and the time & inconvenience of dealing with that (and the lost > data) cost far more than the price of a second drive for raid-1/mirror. I generally agree that RAID-1 is the way to go. But if you can't do that then BTRFS "dup" and ZFS "copies=2" are good options, especially with SSD. So far I have not seen a SSD entirely die, the worst I've seen is a SSD stop accepting writes (which causes an immediate kernel panic with a filesystem like BTRFS). I've also seen SSDs return corrupt data while claiming it to be good, but not in huge quantities. For hard drives also I haven't seen a total failure (like stiction) for many years. The worst hard drive problem I've seen was about 12,000 read errors, that sounds like a lot but is a very small portion of a 3TB disk and "dup" or "copies=2" should get most of your data back in that situation. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Saturday, 18 January 2020 2:34:52 PM AEDT Andrew McGlashan via luv-main wrote: > Hi, > > On 18/1/20 2:14 pm, Andrew McGlashan via luv-main wrote: > > btrfs -- I never, ever considered that to be real production ready > > and I believe that even dead hat has moved away from it somewhat > > (not sure to what extent). > > Some links, none of which are new as this occurred some time ago now. > > https://news.ycombinator.com/item?id=14907771 I think this link is the most useful. BTRFS has worked quite solidly for me for years. The main deficiency of BTRFS is that RAID-5 and RAID-6 are not usable as of the last reports I read. For a home server RAID-1 is all you need (2 or 3 largish SATA disks in a RAID-1 gives plenty of storage). The way BTRFS allows you to extend a RAID-1 filesystem by adding a new disk of any size and rebalancing is really handy for home use. The ZFS limit of having all disks be the same size and upgraded in lock step is no problem for corporate use. Generally I recommend using BTRFS for workstations and servers that have 2 disks. Use ZFS for big storage. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Rebuild after disk fail
On Sunday, 19 January 2020 3:47:00 PM AEDT Craig Sanders via luv-main wrote: > NVME SSDs are **much** faster then SATA SSDs. SATA 3 is 6 Gbps (600 MBps), > so taking protocol overhead into account SATA drives max out at around 550 > MBps. > > NVME drives run at **up to** PCI-e bus speeds - with 4 lanes, that's a > little under 40 Gbps for PCIe v3 (approx 4000 MBps minus protocol > overhead), double that for PCIe v4. That's the theoretical maximum speed, > anyway. In practice, most NVME SSDs run quite a bit slower than that, about > 2 GBps - that's still almost 4 times as fast as a SATA SSD. > > Some brands and models (e.g. those from samsung and crucial) run at around > 3200 to 3500 MBps, but they cost more (e.g. a 1TB Samsung 970 EVO PLUS > (MZ-V7S1T0BW) costs around $300, while the 1TB Kingston A2000 > (SA2000M8/1000G) costs around $160 but is only around 1800 MBps). Until recently I had a work Thinkpad with NVMe. That could sustain almost 5GB/s until the CPU overheated and throttled it (there was an ACPI bug that caused it to falsely regard 60C as a thermal throttle point instead of 80C). But when it came to random writes the speed was much lower, particularly with sustained writes. Things like upgrading a Linux distribution in a VM image causes sustained write rates to go well below 1GB/s. The NVMe interface is good, but having a CPU and storage that can sustain it is another issue. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Linux routers
On Thursday, 14 November 2019 10:51:28 AM AEDT Russell Coker wrote: > Wen, how did that Linux router I gave you go? I've got a heap more to give > away so if you could provide a summary for other users that would be good. For more information, the routers are NetAssure M6086-A devices (Google doesn't turn anything up). They have 2 Ethernet ports (probably 100baseT) and a phone port for ADSL on an expansion card (probably PCI not PCIe but haven't checked). The configuration is to be transferred on a 16MB USB stick. There are S-Video and coaxial "video" ports as well as VGA and serial ports. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: DRI
On Monday, 7 October 2019 8:05:52 AM AEDT Russell Coker via luv-main wrote: > Is there any way to disable DRI for an application? > > Kmail is using DRI and SEGVing in the Nouveau libraries. Not sure how much > of this is Kmail bugs and how much is Nouveau (valgrind reports heaps of > issues in Kmail and Nouveau triggers kernel bugs). But while investigating > this I'd like to have Kmail keep working while not removing DRI entirely > from the system. > > Any suggestions? https://etbe.coker.com.au/2019/11/03/kmail-crashing-libgl/ I found a workaround for this which will probably work for other DRI issues too. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Linux routers
Wen, how did that Linux router I gave you go? I've got a heap more to give away so if you could provide a summary for other users that would be good. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Hardware library
On Thursday, 14 November 2019 3:34:57 AM AEDT Andrew Luke Nesbit wrote: > I would love to borrow some hardware for a few weeks if any of the > following is available. > > Important: > > - Monitor cable adapters (mini-HDMI adapter, micro-HDMI adapter, etc) > - A keyboard (USB) > - A mouse (USB) > - Ethernet switch + .AU PSU > - EU or UK power board I could lend you a keyboard and mouse (I don't keep keyboards in the hardware library due to size) and a power board. I could meet you in the CBD any weekday if that works for you. https://www.meetup.com/en-AU/Software-Art-Thou/ I'm attending this meetup tonight, it's free, I can bring hardware there for you. The meeting should be interesting, I think most LUV members would enjoy it. Please reply to this message ASAP if you want me to bring stuff for you to the meeting tonight. > Other things: > > - USB-to-UART (3.3V TTL-level or 5V RS232) converters > > - USB-to-USB serial comms cables with integrated converters (for > computers and serial consoles with no COM port -- to connect an Intel > NUC to a serial console emulator on a ThinkPad X230 or MacBook Pro, in > other words, to convert my laptop computer ) > > - Associated hardware such as DuPont cables, breadboards, etc LUV probably isn't the best place to ask about that. There are a number of makerspaces that you could meet up with where they might have that. > - USB to USB-OTG cables and good quality .AU USB mains chargers I could lend you USB cables. The LUV hardware library has a Samsung USB charger with UK plug that works quite well apart from making a whistling sound (the frequency is high enough that most people in the 40+ age range probably can't hear it). I can lend you an adapter for UK devices in Australian sockets (you can keep the charger). > After I return I would send a care package+donation to LUV's hardware > library. This would include serial comms equipment, MCU's, logic > analyzers, SBC's, etc. > > I have some enterprise hardware (Supermicro servers, RAM, SSD's, SAS > HDD's, etc) some of which I would be happy to donate if LUV helps with > shipping and packaging costs from UK. Assuming this is economical. Server shipping from the UK probably isn't worth it. RAM and SSDs would be, but isn't there a LUG in the UK that could make use of it? Years ago I attended the Cambridge and Oxford LUGs, they weren't as big as LUV, but helping them to grow would be good. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Hardware library
I just gave one of each item that's duplicated in the hardware library to kick-start another hardware library (reproducing like amoeba). After doing that it looks a bit bare. Please consider if there's anything you can donate at the next meeting. -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
DRI
Is there any way to disable DRI for an application? Kmail is using DRI and SEGVing in the Nouveau libraries. Not sure how much of this is Kmail bugs and how much is Nouveau (valgrind reports heaps of issues in Kmail and Nouveau triggers kernel bugs). But while investigating this I'd like to have Kmail keep working while not removing DRI entirely from the system. Any suggestions? -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Free hardware
2 MSI N1996 motherboards with CPUs. Believed to be working but not tested recently. They take 2 DDR2 DIMMs and I can supply 2G DIMMs for a capacity of 4G. Not sure what CPUs, but you know the speed of CPUs that work with DDR2. Radeon HD6970 video card. Gamer card from a while ago, so takes lots of power but isn't really fast by today's standards. DVI, HDMI, and mini DP. Had a cooling problem on Windows even after compressed air had removed the dust, maybe a windows driver issue. Gigabyte GV-N56GOC-1GI video card. Does only FullHD on mini-HDMI and does 1440p on DVI. Nice card if you want only FullHD or up to 1440p on DVI. -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
modern anti-spam
I currently have SpamAssassin set to reject anything over 5.0, but I'm still getting a lot of spam. Are there any other good options? I haven't tweaked SA much, just used mostly the default Debian settings with a few whitelist entries (which are not responsible for the spam). It could be that I'm not running SA properly, if anyone has some quick tips on how to optimise it then I'm interested. I'm not so interested in detailed configuration changes because I don't want to go down the path of SA tweaking and because the server I run has lots of people from different regions and some use of multiple languages so I can't just tweak it for me personally. I guess I could try the Bayes stuff, does that give much of a benefit and how easy is it to setup? CRM-114 is said to be good, does it do things better than SA in some significant way? At this stage I'm even considering challenge-response. I figure if everything below a SA score of 3.0 was let through, everyone who I've ever sent mail to or who I've received good mail from was let through, and everything with a SA score over 5.0 was rejected then there wouldn't be too many challenges sent out (only challenges for unknown senders with scores between 3.0 and 5.0). Also if I do CR I'll set things up so that mail from known good lists (like this one) gets the reply-to added to the whitelist, of course challenges won't go out in response to precedence:bulk mail. Some years ago I ran a CR mail system for about 50,000 users and have memorised the design as well as having a copy of some of the code. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Planet Aggregation
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940982 Planet-venus is being removed from Debian. What's a good replacement? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Insecure link to sig
On Wednesday, 3 July 2019 4:27:47 PM AEST Robert Parker via luv-main wrote: > Hi Guys, > Both Google Chrome and Firefox refuse to connect to this link, claiming > that it's insecure. > http://programmers.luv.asn.au/ There is no content for that site, so even if you had connected there was nothing there. I removed the DNS entry. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Raid Disaster
Firstly when recovering start by making 2 copies of the raw device on separate hardware. If need be buy 2*4TB disks to store this (the price of the disks is nothing compared to the value of the data). On Friday, 19 July 2019 10:10:46 AM AEST bob via luv-main wrote: > I can access the damaged disk by attaching it to my Kubuntu workstation, > reading it with testdisk and all the partitions and data appears to be How exactly is the disk "damaged"? This will be important later. > still there, but I can't see the files because of the RAID filing > system. I have tried ddrescue which I have been able to use to copy > data from the main partition on the damaged disk onto an old ntfs disk I > had lying around but it is still unreadable as the raid filesystem > refuses to mount and I still can't see the files. When you have an image of the disk stored safely run use losetup to set it up as a loop block device and then kpartx to access the partition table. After doing that run "file -s" on the block devices for the kpartx created partition entries and give us the output. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Talks
Andrew says: We need the people that wanted to speak next month to COME FORWARD can we ask the list for these ppl to contact me. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Talks?
We are currently having problems where mail Andrew sends to luv-main gets blocked by localhost. # postconf -d|grep mynet mynetworks = 127.0.0.0/8 10.10.10.0/24 [::1]/128 [2a01:4f8:140:71f5::]/64 [fe80::]/64 Below are the relevant log entries. It seems that ::1 is not being accepted as an exclusion for spam checks, from the above you can see that ::1 is in mynetworks and from the attached main.cf you can see that permit_mynetworks is before other checks. Any ideas as to what the problem might be and why it only seems to affect Andrew's mail? To clarify, what happens is that outbound mail from the list server is sent to localhost and the Postfix instance on localhost is rejecting it. >From the attached master.cf you can see that localhost is excluded from SpamAssassin and ClamAV checks. Jun 18 16:21:47 itmustbe postfix/cleanup[23587]: CADE6B0AD: reject: header From: achalmers--- via luv-main from localhost[::1]; from= to= proto=ESMTP helo=: 5.7.1 550 Message rejected Mail from a likely spam domain 10002 Jun 18 16:21:47 itmustbe postfix/cleanup[23587]: CD54CB0AD: reject: header From: achalmers--- via luv-main from localhost[::1]; from= to= proto=ESMTP helo=: 5.7.1 550 Message rejected Mail from a likely spam domain 10002 Jun 18 16:21:48 itmustbe postfix/cleanup[23587]: D96C3B0AD: reject: header From: achalmers--- via luv-main from localhost[::1]; from= to= proto=ESMTP helo=: 5.7.1 550 Message rejected Mail from a likely spam domain 10002 Jun 18 16:21:48 itmustbe postfix/cleanup[23587]: 26916B0AD: reject: header From: achalmers--- via luv-main from localhost[::1]; from= to= proto=ESMTP helo=: 5.7.1 550 Message rejected Mail from a likely spam domain 10002 -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/letsencrypt/live/www.luv.asn.au/cert.pem smtpd_tls_key_file = /etc/letsencrypt/live/www.luv.asn.au/privkey.pem smtpd_tls_CAfile = /etc/letsencrypt/live/www.luv.asn.au/chain.pem smtpd_tls_mandatory_protocols = TLSv1 smtpd_use_tls=yes smtpd_tls_received_header = yes smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtp_tls_loglevel = 1 smtp_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = luv.asn.au alias_maps = hash:/etc/aliases,hash:/etc/aliases.mailman alias_database = hash:/etc/aliases,hash:/etc/aliases.mailman myorigin = /etc/mailname mydestination = itmustbe.luv.asn.au, lists.luv.asn.au, tainted.luv.asn.au, luv.asn.au, localhost mydomain = luv.asn.au relayhost = #mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all # We need this so we can just send all @lists email to mailman. #relay_domains = luv.asn.au, lists.luv.asn.au, lists.wikimedia.org.au relay_domains = luv.asn.au, lists.luv.asn.au transport_maps = hash:/etc/postfix/transport mailman_destination_recipient_limit = 1 smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_unknown_client, permit smtpd_restriction_classes = greylist greylist = check_policy_service inet:127.0.0.1:10023 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_policy_service unix:private/spfcheck, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_pipelining, reject_unknown_client, check_recipient_access hash:/etc/postfix/greylist_optin, permit smtpd_data_restrictions = reject_unauth_pipelining, permit smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_hostname, permit smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit header_checks = regexp:/etc/postfix/regex/header_checks body_checks = regexp:/etc/postfix/regex/body_checks mime_header_checks = regexp:/etc/postfix/regex/mime_checks access_map_reject_code = 554 invalid_hostname_reject_code = 554 maps_rbl_reject_code = 554 reject_code = 550 relay_domains_reject_code = 550 unknown_address_reject_code = 450
Re: Mixed results with Linux 5.1
On Tuesday, 28 May 2019 4:27:53 PM AEST Duncan Roe via luv-main wrote: > Following Andrew's exhortations at the last main meeting, I built 5.1 and > installed it on my laptop. I usually try to avoid building kernels, compiling a kernel with the same settings as Debian uses takes too long and changing the settings to a minimal set that matches what I want to do is more effort than I want. Currently Debian/Experimental only has 5.0. > I went back to 5.0 and checked what was in debug.log (which logs > everything). And there was nothing at all! No hint that 5.1 had ever > started - just a 7 minute gap between the last 5.0 shutdown and 5.0 > starting. Did any other log file have anything in that time period? Was networking operational, could you ping it? If so network logging might work. Did you try configuring your system to disable video mode changes? Serial console might be an option, but not many systems have proper serial ports nowadays. > Have you seen this email before? Please mail me off-list if so. > > I originally sent this on 13th May but didn't see it come back. It got delivered to me then and was in my lists folder with lots of other unread mail from months ago. Maybe people just couldn't think of good suggestions to offer you. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: outlook.office365.com "invalid parameter supplied"
On Wednesday, 5 June 2019 10:09:45 PM AEST Jason White via luv-main wrote: > As a side question, how reliable is their IMAP server? If I remember > rightly, it used to have a reputation for not conforming to standards, but > that was a very long time ago with Microsoft Exchange. The --crlf option is needed with gnutls-cli, that's one significant incompatibility. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: The Truth About Southeast Linuxfest | Ask Noah Show 80
On Wednesday, 19 June 2019 2:17:11 AM AEST Andrew McGlashan via luv-main wrote: > On 18/6/19 2:43 pm, Russell Coker via luv-main wrote: > > Podcasts about politics are one step away from Fox News. > > > > I think politics was a very, very small part of this; I wouldn't even > care about what was said about "politics". Whether or not to have a CoC is a political issue and the people who like Fox News are the ones who oppose having a CoC the most. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Monitoring swap
On Wednesday, 19 June 2019 5:42:09 PM AEST Erik Christiansen via luv-main wrote: > On 19.06.19 17:14, Russell Coker via luv-main wrote: > > I wrote a mon script to monitor swap use because catching systems when > > memory use gets excessive before they go Oom is a good thing. > > > > When I deployed it I was notified of one of my servers which had 99% > > of the 2G of swap used but also 7G of "buff/cache" memory according to > > top and seemed to be running nicely like that. > > > > Would it give a better result to ignore the amount of swap in use and > > instead monitor the percentage of RAM used for buff/cache? -- Sent > > from my Huawei Mate 9 with K-9 Mail. > > What about reporting both? Then users could get a feel for how the > balance pans out for them, I figure. (Assuming that the script is > destined for the wild?) It's designed for common usage, it's in the "mon" package in Debian. But I try to avoid adding useless features and to make defaults that are reasonably useful. > This aging host is growing slow, and checking up on what happens > especially when iceweasel ploughs into treacle, would be useful. > > Mind you, sometimes X just locks up, and I'd have to find and fire up > another host to whack it through ssh. Reset works. I've been meaning to get into monit which can restart things automatically. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Monitoring swap
I wrote a mon script to monitor swap use because catching systems when memory use gets excessive before they go Oom is a good thing. When I deployed it I was notified of one of my servers which had 99% of the 2G of swap used but also 7G of "buff/cache" memory according to top and seemed to be running nicely like that. Would it give a better result to ignore the amount of swap in use and instead monitor the percentage of RAM used for buff/cache? -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: The Truth About Southeast Linuxfest | Ask Noah Show 80
Podcasts about politics are one step away from Fox News. On 16 June 2019 4:45:26 am AEST, Andrew McGlashan via luv-main wrote: > >btw this was the article that pointed me to the podcast, but I'm glad >that I didn't limit my listening (and in turn viewing) to just the >quoted sections about CoC. > >http://techrights.org/2019/06/15/jeremy-sands-and-imposed-coc/ > >I sought out the video because it was referenced by the audio version >as being available and there was some useful extra content that made >it worthwhile (including live chat at the time and slides with images). > >-- >Kind Regards >AndrewM > >Andrew McGlashan -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Hardware library
I've got a bunch of new stuff in the hardware library for tonight. Also will have some Cisco gear and embedded Linux servers in the boot of my car. -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Boot problems after adding 2 new disks
If you have a RAID-1 of 2TB disks a single 1TB disk doesn't provide much value. I suggest using the port for a second SSD instead and have a RAID-1 on SSD for root and /home and 2*2TB RAID-1 for everything else. If a 2TB RAID-1 isn't enough for your big files then consider getting a couple of 6TB disks, they are cheap nowadays. -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: upgrade
On Friday, 22 February 2019 4:55:07 PM AEDT Mark Trickett wrote: > Hello Russell, > > On 2/22/19, Russell Coker via luv-main wrote: > > A few days ago there was some downtime on the LUV server because rebooting > > another VM on the same hardware revealed a bug in the KVM scripts that > > shut > > off IPv4 access. > > > > Tonight I have just upgraded the LUV server to Debian/Testing (we are in > > the freeze process for the next release of Debian). In the process of > > upgrading the LUV server and other servers I run to Debian/Testing I've > > fixed many issues with my code and filed bug reports against some other > > packages. > My thanks also for your efforts in keeping the LUV server up and > running and secure. Also thanks for much else you do for the LUV > community. A small query, nothing fixed, but when is Buster expected > to be released? I have issues with scanning that I need to sort, but > there are a couple of different approaches, and the expected time > frame for Buster will influence whether I wait a little, or try > something else that will probably be more involved and susceptible to > mistakes. Not a firm date, but an expectation only. I don't know when it will be released. But the freeze process has started so maybe a few months. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Boot problems after adding 2 new disks
In regard to the hardware advice. The LUV hardware library often has DDR3 RAM for free, but 4G modules don't hang around long. If anyone is upgrading from a DDR3 system to DDR4 please donate your old RAM as lots of people have a use for this. Also we need more SATA disks, if anyone has disks of 300G+ that they don't need then please donate them. -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
upgrade
A few days ago there was some downtime on the LUV server because rebooting another VM on the same hardware revealed a bug in the KVM scripts that shut off IPv4 access. Tonight I have just upgraded the LUV server to Debian/Testing (we are in the freeze process for the next release of Debian). In the process of upgrading the LUV server and other servers I run to Debian/Testing I've fixed many issues with my code and filed bug reports against some other packages. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: postfix boot dependencies with systemd
On Sunday, 27 January 2019 8:23:10 AM AEDT Mark Trickett via luv-main wrote: > >> is there a loopback only target you can make it depend on rather than > >> network-manager? > > > > There doesn't appear to be. Google searches indicate not. > > > >> other than that, my only idea is to dump network manager and manually > >> configure your network with /etc/interfaces. I've always found that's > >> best, anyway - NM is OK-ish for the simplest of network configs but a > >> complete PITA for anything even slightly complex. > > > > My laptop has a very simple network configuration, connect to whatever > > Wifi > > or > > Ethernet is available and route everything through it. It's also a very > > annoying configuration to run in any other way due to the dozen or so Wifi > > networks I connect to. > > Very interesting. This relates to why I would prefer less monolithic > "solutions" than Systemd and NetworkManager. It is also what I want to > find, but appears to not be available, yet, some simpler framework or > daemon that will handle Wi-Fi connections, even just one routine one. Less monolithic solutions don't solve problems, they just give you different problems. The other problem is that some daemons can't start until networking is operational. Sometimes the solution to this without systemd is to put sleep statements in the start scripts, which then means that you get delays you don't need to have. > I have found the underlying assumptions in NetworkManager a real pain > and frustrating. I have found that it will proceed to make the first > connection the default route, regardless of whether that is suitable, > and unduly difficult to change. That made life difficult while on dial > up, and wanting to use an ethernet cable to another PC, and consider a > network printer. I was bringing up the modem and the connection > manually, running the computer in local mode most of the time. Yes that's a difficult thing (from what I know about NetworkManager). > I really dislike Lennart Poettering and his attitudes. https://www.youtube.com/watch?v=o_AIw9bGogo This is worth watching. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: postfix boot dependencies with systemd
On Saturday, 26 January 2019 11:34:26 PM AEDT Craig Sanders via luv-main wrote: > On Sat, Jan 26, 2019 at 10:13:10PM +1100, Russell Coker wrote: > > It appears that the boot of my laptop is delayed by postfix depending on > > network-online.target. How can I change this? Postfix is only listening > > on 127.0.0.1 so there's no reason for it to wait until my laptop connects > > to the Wifi network before continuing the boot. > > > > I ran "systemctl edit postfix@-" and "systemctl edit postfix@" and put the > > below in which should make it not depend on network-online.target. But it > > doesn't change anything. Any ideas? > > is there a loopback only target you can make it depend on rather than > network-manager? There doesn't appear to be. Google searches indicate not. > other than that, my only idea is to dump network manager and manually > configure your network with /etc/interfaces. I've always found that's > best, anyway - NM is OK-ish for the simplest of network configs but a > complete PITA for anything even slightly complex. My laptop has a very simple network configuration, connect to whatever Wifi or Ethernet is available and route everything through it. It's also a very annoying configuration to run in any other way due to the dozen or so Wifi networks I connect to. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
postfix boot dependencies with systemd
It appears that the boot of my laptop is delayed by postfix depending on network-online.target. How can I change this? Postfix is only listening on 127.0.0.1 so there's no reason for it to wait until my laptop connects to the Wifi network before continuing the boot. I ran "systemctl edit postfix@-" and "systemctl edit postfix@" and put the below in which should make it not depend on network-online.target. But it doesn't change anything. Any ideas? [Unit] After=NetworkManager.service nss-lookup.target Wants=NetworkManager.service Here is the critical chain for booting: # systemd-analyze critical-chain The time after the unit is active or started is printed after the "@" character. The time the unit takes to start is printed after the "+" character. graphical.target @19.216s └─multi-user.target @19.216s └─postfix.service @19.212s +2ms └─postfix@-.service @18.759s +449ms └─network-online.target @18.758s └─NetworkManager-wait-online.service @1.649s +17.107s └─NetworkManager.service @1.463s +173ms └─dbus.service @1.438s └─basic.target @1.419s └─paths.target @1.419s └─acpid.path @1.419s └─sysinit.target @1.416s └─systemd-backlight@backlight:intel_backlight.service @2.3 └─system-systemd\x2dbacklight.slice @1.039s └─system.slice @416ms └─-.slice @416ms -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: rsync and filesystem capabilities
On Sunday, 20 January 2019 7:24:33 AM AEDT Andrew Luke Nesbit via luv-main wrote: > On 08/01/2019 20:34, Russell Coker wrote: > > On Wednesday, 9 January 2019 7:25:35 AM AEDT Andrew Luke Nesbit via > > luv-main> > >> Do you mind if I ask you what your backup regime is? I often ask > >> people when the topic comes up because it's such an important thing. > >> I'm always interested in potentially improving my knowledge and > >> practice. > > > > Firstly I use BTRFS or ZFS for everything that matters. The first stage > > of > > backup is filesystem snapshots, that covers the most common restore case > > of > > "oops I deleted the wrong file". > > Thank you for explaining this to me/us. I have been thinking about what > you wrote in the hope that the penny would drop, but no such luck so far... > > Are you saying that the snapshot _itself_ is literally the first-stage > backup? Yes. > > Next I rsync files to a disk with a BTRFS filesystem and use BTRFS > > snapshots on that for multiple backups (going back months or years as > > most files don't change much). > > Are the files you rsync to the disk with Btrfs are the snapstop files > you mentioned earlier? Or regular files in the "working portion" of the > main disk/array/NAS? The snapshot files. If you rsync from the files that are writable you risk getting inconsistent sets of files, EG a compiled executable with a version of the source that doesn't match and you also risk inconsistency internally to files (EG databases in use and filesystem images that are mounted or being used in VMs). > > Some of those disks with backups are stored offsite. > > How do you make this decision, and how is this implemented? When I feel like it, or when I'm visiting a relative who has a safe to put them in. I don't have the type of answer you probably expected. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Grub in text mode
On Saturday, 12 January 2019 5:04:17 PM AEDT Craig Sanders via luv-main wrote: > I'd forgotten that screen could even do that. It's been years since I even > used zmodem, possibly decades. > > Seems you're not the first to miss it: > If you're going to send a patch, I'd suggest making two generic features > rather than hard-coding support for zmodem. > > 1. Add an ability to allow tmux to run a program and pipe the output into > the terminal. e.g. run "rz" inside the terminal and then have tmux run "sz > filename" to upload a file. This would have many other uses, like running > "vi" in the terminal and typing "i" or "o" in vi, then having tmux run "cat > filename". That is appealing. > 2. Add an ability to pipe all input from the terminal into a command until > that command terminates. e.g. run "sz filename" in the terminal and then > have "tmux" run "rz". > > For programs like rz that are able to detect the end of their input, this > isn't terribly complicated, but it would be much more complicated for > programs that just keep on hoovering up stdin until stdin closes - e.g. > "cat filename" inside the terminal while tmux runs "xsel -i". Another tmux > command to manually close the input to the running external program would > be clumsy but workable. > > > 3. An obvious third feature would be programmable triggers to run commands. > e.g. if tmux sees a particular sequence of characters, then run a particular > program. e.g. "**B00" could trigger running "rz". I expect > that this would probably be quite difficult, and would probably have a > noticable impact on tmux's performance. I expect that in the common case of running screen/tmux on the same system as an X term the X display would use more CPU time anyway. I just did a quick test of running top while doing a fairly verbose compile with screen and couldn't see screen in top output. I did see konsole (the KDE X-term) taking up to 18% CPU time. I think there's plenty of scope to have a program like screen or tmux do pattern matching on output without comparing to the CPU use of konsole. I anticipate that someone might be about to say "but konsole sucks it uses too much CPU time". However konsole generally works well enough for me and many other people. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: scsi
On Saturday, 12 January 2019 12:19:26 AM AEDT Andrew Greig via luv-main wrote: > I should look at an SSD for my system drive I have a couple of new drives > for my RAID. SSDs are considerably smaller than hard drives. So a PC that only has space for 2 hard drives could probably fit 2 hard drives and 2 SSDs. SSDs also dissipate much less heat so can be crammed into spaces that don't have enough ventilation for hard drives. 2*SSD + 2*HDD makes for a nice system, lots of space on the HDD and good speed on the SSD. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: scsi
On Friday, 11 January 2019 7:22:35 PM AEDT Andrew Greig via luv-main wrote: > In the old days when boot times were quick When things work correctly with systemd boot seems quicker than it has been for a long time, especially with SSD. Most of the Linux workstations I run have boot times comparable to MS-DOS. If things go wrong with systemd then things can get very slow (90 second timeouts). But that's a solvable problem. You should be able to rescan the SCSI bus. It's been a while since I used SCSI, but that functionality seemed to work well last time I tried it. Good SSDs have been just over $100 for a few years now. It used to be that 120G SSDs were about $120 each, now 512G is getting cheap. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: rsync and filesystem capabilities
On Wednesday, 9 January 2019 12:14:47 PM AEDT Tim Connors via luv-main wrote: > On Wed, 9 Jan 2019, Glenn McIntosh wrote: > > On 8/1/19 11:44 pm, Russell Coker via luv-main wrote: > > > Below is an example. Is there a good way of preserving capabilities > > > apart > > > from running "getcap /bin/* /sbin/* /usr/bin/* /usr/sbin/*" and storing > > > the > > > output? > > > > Since the capabilities are stored using extended attributes, then using > > the '-X' flag on rsync should do the trick. You may need to be root user > > to be able to create these on the destination (or alternatively use > > fake-super on rsync). > > rsync flags I frequently see people forget to use on rsync when they want > the destination to be exactly the same as the source: > > rsync -HAXS Thanks Tim and Glenn. Not surprising that rsync could do what I wanted but I just didn't know where to look. getfattr from the attr package on debian can give a list of xattrs that are in use. # getfattr -m - /bin/ping getfattr: Removing leading '/' from absolute path names # file: bin/ping security.capability security.selinux -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Grub in text mode
On Thursday, 10 January 2019 2:57:02 AM AEDT Craig Sanders via luv-main wrote: > On Tue, Jan 08, 2019 at 11:51:33PM +1100, Russell Coker wrote: > > Currently I run my kvm VMs under screen > > sounds like a PITA doing everything manually...but whatever works for you. Well it's a small ongoing PITA vs a major PITA to change to something else... > > and just use screen -r to get the console. > > I strongly recommend switching to tmux. I stuck with screen for many years, > been using it since the early 90s, but finally made the switch about a year > ago...finally got sick of screen's bugs, quirks, piss-poor unicode support, > and effective abandonment as an actively-developed project. it took me > about half an hour to configure it so that the transition was > non-traumatic. after a few days, i wouldn't even consider switching back, > any more than i'd switch back from mutt to elm. People have been saying that for years. But what I do with screen is fairly basic so it's been working well enough that I haven't had a great incentive to change. > As I did with screen, I've mapped tmux's escape key to ^K. I rarely use > that for anything else but I use ^A all the time -- ^A is move to start of > line in bash/readline, an extremely stupid key for screen to hijack as its > default control prefix. tmux's default of ^B is better, but I've got used > to ^K over the years. Unlearning that would be too painful. Yes, ^A is really annoying. But I don't use screen enough to make it worth changing. > > Virsh has some benefits, but so far it hasn't seemed worth the pain. > > for just "virsh console", no not worth it. for everything else - virsh and > libvirt are definitely worth it. I probably will do it eventually. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Many to many VPN
On Thursday, 10 January 2019 5:59:42 PM AEDT Mike O'Connor wrote: > > Support is required for Linux servers and Linux, Windows, and OS/X > > clients. > > Wireguard :) Possibly not the most user friendly but very impressive tech. https://en.wikipedia.org/wiki/WireGuard I have had some experience with Wireguard. It requries kernel code that isn't in the mainline kernel so you need DKMS to get it going, that doesn't exclude it, but makes it a little more difficult. According to Wikipedia one of the benefits of WG is that it has less code, but some of that code is kernel code so the potential for problems if there's a problem is greater. Another cited benefit of WG is not being as difficult as IPSEC, but pretty much everything meets the "not as difficult as IPSEC" criteria. How does WG go for many-many operation? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Many to many VPN
If you have servers in multiple countries and people using those servers in multiple locations what's a good way of setting up a VPN? If you have a VPN server at each DC then performance will be great but users have to setup multiple instances of the VPN software which they will mess up and time will be wasted. If you have a VPN server at one DC then a user who connects to a server in a different DC gets longer ping times. Also an outage in one DC breaks everything. Any ideas? Support is required for Linux servers and Linux, Windows, and OS/X clients. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: rsync and filesystem capabilities
On Wednesday, 9 January 2019 7:25:35 AM AEDT Andrew Luke Nesbit via luv-main wrote: > I hope you don't mind me jumping in like this... > > On 08/01/2019 12:44, Russell Coker via luv-main wrote: > > I use rsync for most of my backups. For a restore I can rsync the > > files back and touch /.autorelabel to restore the SE Linux labels. > > Do you mind if I ask you what your backup regime is? I often ask > people when the topic comes up because it's such an important thing. > I'm always interested in potentially improving my knowledge and > practice. Firstly I use BTRFS or ZFS for everything that matters. The first stage of backup is filesystem snapshots, that covers the most common restore case of "oops I deleted the wrong file". Next I rsync files to a disk with a BTRFS filesystem and use BTRFS snapshots on that for multiple backups (going back months or years as most files don't change much). Some of those disks with backups are stored offsite. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Grub in text mode
On Saturday, 22 December 2018 2:04:46 AM AEDT Craig Sanders via luv-main wrote: > On Fri, Dec 21, 2018 at 04:32:20PM +1100, Russell Coker wrote: > > Recently Grub has been changing to a high resolution mode. On some systems > > this is really slow, presumably due to having a crap BIOS. On kvm/qemu > > systems it doesn't work with -display curses. > > > > How do I get grub to stick to 80x25 text? > > On Debian, Ubuntu etc, edit /etc/default/grub and > > 1. un-comment the line: > > GRUB_TERMINAL=console Thanks for that, I did that, ran diff on /boot/grub/grub.cfg and found that the following 2 lines were the relevant ones: terminal_input console terminal_output console Knowing that I was able to Google how to do this in Nixos, which is to put the following in /etc/nixos/configuration.nix and run "nixos-rebuild switch". boot.loader.grub.extraConfig = "terminal_input console ; terminal_output console"; > BTW, for kvm you might also want to enable a serial console. I usually > enable two serial consoles per VM, one to log the VM's boot up to a text > file on the host, the other for console access with 'virsh console' (this > is also how console access is provided in a javascript web by openstack and > similar virtualisation wrapper systems). Remember to actually configure > both grub and a getty (via inittab or systemd) to use the serial console as > well as adding the console "hardware" to the VM. Currently I run my kvm VMs under screen and just use screen -r to get the console. Virsh has some benefits, but so far it hasn't seemed worth the pain. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
rsync and filesystem capabilities
I use rsync for most of my backups. For a restore I can rsync the files back and touch /.autorelabel to restore the SE Linux labels. That combination gets all setuid files etc, but doesn't get file capabilities. Below is an example. Is there a good way of preserving capabilities apart from running "getcap /bin/* /sbin/* /usr/bin/* /usr/sbin/*" and storing the output? Currently /bin/ping seems to be the only commonly used program using filesystem capability flags. Also is there a way of telling Debian to restore capabilities apart from "apt-get --reinstall install iputils-ping"? root@sevm:~# cp -a /bin/ping . root@sevm:~# rsync -va /bin/ping ping2 sending incremental file list ping sent 61,328 bytes received 35 bytes 122,726.00 bytes/sec total size is 61,240 speedup is 1.00 root@sevm:~# getcap ping ping2 ping = cap_net_raw+ep root@sevm:~# -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Grub in text mode
Recently Grub has been changing to a high resolution mode. On some systems this is really slow, presumably due to having a crap BIOS. On kvm/qemu systems it doesn't work with -display curses. How do I get grub to stick to 80x25 text? -- Sent from my Huawei Mate 9 with K-9 Mail. ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
SSL improvements
https://www.ssllabs.com/ssltest/analyze.html?d=www.luv.asn.au=46.4.124.163 Based on the above (and some other reading) I made some changes to the LUV configuration. SSLProtocol all -SSLv3 -TLSv1 I used the above to remove support for TLSv1. That prevents Android versions below 4.3 from connecting as well as ancient versions of IE on Windows. I'm pretty sure that every Windows system that still has MS support can run a browser that supports TLS version 1.1. As for the tiny minority of devices running Android 4.3 and earlier, that's going to be a problem for them if they aren't using Chrome. I believe that the main purpose of LUV is education. If someone has a problem with a LUV web site then they can talk to us and get some help with that. While if they encounter the same issue on some corporate site they probably won't. # from https://mozilla.github.io/server-side-tls/ssl-config-generator/ # HSTS (mod_headers is required) (15768000 seconds = 6 months) Header always set Strict-Transport-Security "max-age=15768000" I've had the above in the LUV configuration for some time. That means that browsers will cache the fact that they should use HTTPS so if you manually type in a URL the browser will use HTTPS instead. IN CAA 0 issue "letsencrypt.org" IN CAA 0 issuewild ";" IN CAA 0 iodef "mailto:russ...@coker.com.au; I've also added the above DNS entries to lock the luv.asn.au domain to only certificates from letsencrypt.org. I don't think that this is going to give us a significant benefit as letsencrypt gives out certificates based on connecting to the name in question. So the task of fooling letsencrypt is probably easier than fooling a regular HTTP session. This also means that the Strict-Transport-Security also probably provides minimal benefit. Also the LUV web site doesn't need a lot of security, we aren't going online banking or anything. But again we are about education, so if LUV doing this helps others learn about configuration options and promote them for other organisations with greater security needs then that's a good thing. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Symmetric Key Management and Distribution
On Wednesday, 17 October 2018 7:00:11 PM AEDT Usman Saeed via luv-main wrote: > I have looked at Key Management Interoperability Protocol (KMIP). It > provides all of these features but sadly there is no open-source > implementation available in C. Why is a C implmentation so important? C can call library code written in any language that allows compiling libraries. For languages which don't have a compiled form (Perl etc) then you can run a program in that language as a child process. As an aside, the last time I did any significant crypto coding in C I ran into some SEGVs that I couldn't fix. I called 2 different libraries that both called OpenSSL libraries and got a SEGV afterwards. I ended up changing the code to call the second OpenSSL using library in a child process as the only way of avoiding memory corruption and a later SEGV. So I wouldn't recommend planning on having a single C program to do it all. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: Dropbox and zfs
On Sunday, 21 October 2018 11:38:06 PM AEDT Craig Sanders via luv-main wrote: > My partner needs to use dropbox to share files with people at work, and > her desktop machine here runs ZFS. When dropbox announced this ext4-only > thing a few months ago, I just created a 20GB ZVOL (with "zfs create -V > 20G poolname/dropbox"), formatted it as ext4, mounted it as ~/dropbox in > /etc/fstab (which is what the dropbox client is configured to use), and > chown-ed the mounted fs to her uid & gid. > > > What will happen with the zfs snapshots that the box takes every minute? > > The SD card isn't part of zpool so won't be snapshotted. if you're rsyncing > or copying it to ZFS, that's only a read (remember to use the noatime or > relatime mount option), not a write so won't affect the SD card's lifespan. If you use a ZVOL you can make snapshots of that. If you use a filesystem other than ZFS or Ext4 you can use a loopback mount, just create a regular file of a suitable size, run mkfs.ext4, then mount -o loop. If you use BTRFS then you can have a loopback ext4 filesystem snapshotted as part of the subvol that contains it. This will be more of a problem for Windows users who aren't using NTFS as they don't have the options for loopback filesystems that we have (I'm running a corporate Dropbox account and got an email about the Windows users who aren't using NTFS). -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Re: strange date issue
On Sunday, 14 October 2018 1:29:41 PM AEDT Robin Humble via luv-main wrote: > On Sun, Oct 14, 2018 at 01:21:05PM +1100, Russell Coker via luv-main wrote: > >Anyway when the VM boots up it gets the acutal time rather than the hwclock > >time: > >... > >Any ideas for where this might be set? It's a fairly standard > >Debian/Stretch system with systemd. When I boot with "init=/bin/bash" it > >has the correct time, so something after going multi-user sets the time > >via NTP (presumably). > does output from timedatectl help you? > it's what I use first these days if time goes awry. root@stretch:/etc# timedatectl Failed to create bus connection: No such file or directory There's something broken in that regard. But as no NTP servers are set I would hope that it doesn't just go and do stuff. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ ___ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main