Re: F38 and new GDM behavior
On 04/22/2023 11:44 PM, Jeffrey Walton wrote: I just keep upgrading it every 6 months. Even so, there's no reason for you to be running it in full graphical mode. Multi-user (what used to be runlevel 3) is all you need. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: F38 and new GDM behavior
On Sun, Apr 23, 2023 at 1:41 AM Joe Zeff wrote: > > On 04/22/2023 11:28 PM, Jeffrey Walton wrote: > > After 15 minutes of cleanup GDM suspended the machine with an active > > SSH connection. > > If the machine is headless, why are you running Gnome on it? It used to be a daily driver back when Skylake was new. Now it is relegated to testing the Skylake Instruction Set Architecture (ISA) for crypto libraries, like Botan, Crypto++ and OpenSSL. I just keep upgrading it every 6 months. Jeff ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: F38 and new GDM behavior
On 04/22/2023 11:28 PM, Jeffrey Walton wrote: After 15 minutes of cleanup GDM suspended the machine with an active SSH connection. If the machine is headless, why are you running Gnome on it? ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
F38 and new GDM behavior
Hi Everyone, I have a headless workstation that was upgraded from F37 to F38 this morning. After the upgrade I SSH'd back in and began performing post-install tasks, like cleaning up old packages and old symlinks. After 15 minutes of cleanup GDM suspended the machine with an active SSH connection. I got a message on my tty: Broadcast message from gdm@skylake on tty1 (Sat 2023-04-22 12:26:40 EDT): The system will suspend now! client_loop: send disconnect: Broken pipe I could not SSH back into the machine. I had to drive across town to wake it back up. It seems this is new behavior for Fedora 38: https://src.fedoraproject.org/rpms/gnome-settings-daemon/c/c8f9665aca0617a921ec308a0f1d2741d92dc41d?branch=rawhide . Thanks to u/EatMeerkats on Reddit for the explanation. (https://www.reddit.com/r/Fedora/comments/12vfnt8/f38_suspends_with_active_ssh_connections/) . The workaround I used was to mask the power states. No more sleeping while I am using SSH... # systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target Created symlink /etc/systemd/system/sleep.target → /dev/null. Created symlink /etc/systemd/system/suspend.target → /dev/null. Created symlink /etc/systemd/system/hibernate.target → /dev/null. Created symlink /etc/systemd/system/hybrid-sleep.target → /dev/null. Jeff ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0/-/issues/185 Thanks for reporting it and thanks glb for an answer On 4/22/23, Samuel Sieb <> wrote: > On 4/22/23 07:54, Luna Jernberg wrote: >> Might be good to file an issue here too: >> https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0 >> so it can be added to the new website > > It looks like it was just overlooked. The ALT download page > descriptions mention torrents, so I think it was just missed. > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
Tim: >> Nor should you really have to have a virtual host. Mike Wright: > I think it may be referring to the Apache directive So was I. You can have a webserver serving a solitary website. Virtual host configs should only be necessary when you have multiple sites on the same server. Really, it ought to be looking for the server name (and/or aliases), and the server should be sending them back with all connection attempts (including when you don't do virtual hosting). It's just that virtual host configuration is much more explicit about getting you to configure it. It used to be that HTTPS required that (dedicated server), which was a problem in a world with dwindling spare IPv4 addresses. -- uname -rsvp Linux 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
On Sat Apr22'23 11:26:12PM, Jeffrey Walton wrote: > From: Jeffrey Walton > Date: Sat, 22 Apr 2023 23:26:12 -0400 > To: Community support for Fedora users > Reply-To: noloa...@gmail.com, Community support for Fedora users > > Subject: Re: Fedora 38 Upgrade From Fedora 36 > > On Sat, Apr 22, 2023 at 11:18 PM Ranjan Maitra wrote: > > [...] > > Actually, I went F34 -> F38 last night, without any issue. Just added a > > --nogpgcheck. > > > > So, I have this circa 2009 Dell Precision T7710 and the HDD died. I put in > > an old SSD and brought it back. However, for some reason, it does not boot > > off of a live CD that is newer. I had one F34 lying around, and got it > > booted off that. Then I did > > > > sudo dnf update --releasever 38 > > > > and it went through the download and then failed at the key check. So, I > > tried by removing the check and it went through. > > > > sudo dnf update --releasever 38 --nogpgcheck > > > > After installation, it asked to verify the key for F38, and that was > > permitted, and it appears to be like another machine that has been able to > > follow a more disciplined regimen. I tried this on a whim some time ago > > with another old machine (F34 -> F37 in that case), and it worked then too. > > I guess this is not recommended, but it worked for me. > > The Fedora signing keys are located at /etc/pki/rpm-gpg. I wonder if > you could have copied the missing keys manually, or if the signing > algorithm was the problem. > Thanks, that is a good point. I could have done that, I guess, but it would have been more work. So, I gave the nogpgcheck to update, and then verified once the update to the higher release version happened. I can see why this would not be recommended. I think that my case was safer because I used the F34 to install and then immediately moved to upgrade to F38. No non-Fedora repos were added before the upgrade. Many thanks and best wishes, Ranjan ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
On Sat, Apr 22, 2023 at 11:18 PM Ranjan Maitra wrote: > [...] > Actually, I went F34 -> F38 last night, without any issue. Just added a > --nogpgcheck. > > So, I have this circa 2009 Dell Precision T7710 and the HDD died. I put in an > old SSD and brought it back. However, for some reason, it does not boot off > of a live CD that is newer. I had one F34 lying around, and got it booted off > that. Then I did > > sudo dnf update --releasever 38 > > and it went through the download and then failed at the key check. So, I > tried by removing the check and it went through. > > sudo dnf update --releasever 38 --nogpgcheck > > After installation, it asked to verify the key for F38, and that was > permitted, and it appears to be like another machine that has been able to > follow a more disciplined regimen. I tried this on a whim some time ago with > another old machine (F34 -> F37 in that case), and it worked then too. I > guess this is not recommended, but it worked for me. The Fedora signing keys are located at /etc/pki/rpm-gpg. I wonder if you could have copied the missing keys manually, or if the signing algorithm was the problem. Jeff $ ls /etc/pki/rpm-gpg RPM-GPG-KEY-37-fedoraRPM-GPG-KEY-fedora-26-i386 RPM-GPG-KEY-fedora-10-i386 RPM-GPG-KEY-fedora-26-ppc64 RPM-GPG-KEY-fedora-10-ppcRPM-GPG-KEY-fedora-26-ppc64le RPM-GPG-KEY-fedora-10-ppc64 RPM-GPG-KEY-fedora-26-primary RPM-GPG-KEY-fedora-10-primaryRPM-GPG-KEY-fedora-26-s390x RPM-GPG-KEY-fedora-10-x86_64 RPM-GPG-KEY-fedora-26-secondary RPM-GPG-KEY-fedora-11-i386 RPM-GPG-KEY-fedora-26-x86_64 RPM-GPG-KEY-fedora-11-ppcRPM-GPG-KEY-fedora-27-aarch64 RPM-GPG-KEY-fedora-11-ppc64 RPM-GPG-KEY-fedora-27-armhfp RPM-GPG-KEY-fedora-11-primaryRPM-GPG-KEY-fedora-27-i386 RPM-GPG-KEY-fedora-11-x86_64 RPM-GPG-KEY-fedora-27-ppc64 RPM-GPG-KEY-fedora-12-i386 RPM-GPG-KEY-fedora-27-ppc64le RPM-GPG-KEY-fedora-12-ppcRPM-GPG-KEY-fedora-27-primary RPM-GPG-KEY-fedora-12-ppc64 RPM-GPG-KEY-fedora-27-s390x RPM-GPG-KEY-fedora-12-primaryRPM-GPG-KEY-fedora-27-x86_64 RPM-GPG-KEY-fedora-12-x86_64 RPM-GPG-KEY-fedora-28-aarch64 RPM-GPG-KEY-fedora-13-armRPM-GPG-KEY-fedora-28-armhfp RPM-GPG-KEY-fedora-13-armhfp RPM-GPG-KEY-fedora-28-i386 RPM-GPG-KEY-fedora-13-i386 RPM-GPG-KEY-fedora-28-ppc64 RPM-GPG-KEY-fedora-13-mips RPM-GPG-KEY-fedora-28-ppc64le RPM-GPG-KEY-fedora-13-primaryRPM-GPG-KEY-fedora-28-primary RPM-GPG-KEY-fedora-13-secondary RPM-GPG-KEY-fedora-28-s390x RPM-GPG-KEY-fedora-13-x86_64 RPM-GPG-KEY-fedora-28-x86_64 RPM-GPG-KEY-fedora-14-armRPM-GPG-KEY-fedora-29-aarch64 RPM-GPG-KEY-fedora-14-i386 RPM-GPG-KEY-fedora-29-armhfp RPM-GPG-KEY-fedora-14-primaryRPM-GPG-KEY-fedora-29-i386 RPM-GPG-KEY-fedora-14-secondary RPM-GPG-KEY-fedora-29-ppc64 RPM-GPG-KEY-fedora-14-x86_64 RPM-GPG-KEY-fedora-29-ppc64le RPM-GPG-KEY-fedora-15-armRPM-GPG-KEY-fedora-29-primary RPM-GPG-KEY-fedora-15-armhfp RPM-GPG-KEY-fedora-29-s390x RPM-GPG-KEY-fedora-15-i386 RPM-GPG-KEY-fedora-29-x86_64 RPM-GPG-KEY-fedora-15-ppcRPM-GPG-KEY-fedora-30-aarch64 RPM-GPG-KEY-fedora-15-ppc64 RPM-GPG-KEY-fedora-30-armhfp RPM-GPG-KEY-fedora-15-primaryRPM-GPG-KEY-fedora-30-i386 RPM-GPG-KEY-fedora-15-s390 RPM-GPG-KEY-fedora-30-ppc64le RPM-GPG-KEY-fedora-15-s390x RPM-GPG-KEY-fedora-30-primary RPM-GPG-KEY-fedora-15-secondary RPM-GPG-KEY-fedora-30-s390x RPM-GPG-KEY-fedora-15-x86_64 RPM-GPG-KEY-fedora-30-x86_64 RPM-GPG-KEY-fedora-16-armRPM-GPG-KEY-fedora-31-aarch64 RPM-GPG-KEY-fedora-16-armhfp RPM-GPG-KEY-fedora-31-armhfp RPM-GPG-KEY-fedora-16-i386 RPM-GPG-KEY-fedora-31-i386 RPM-GPG-KEY-fedora-16-ppcRPM-GPG-KEY-fedora-31-ppc64le RPM-GPG-KEY-fedora-16-ppc64 RPM-GPG-KEY-fedora-31-primary RPM-GPG-KEY-fedora-16-primaryRPM-GPG-KEY-fedora-31-s390x RPM-GPG-KEY-fedora-16-s390 RPM-GPG-KEY-fedora-31-x86_64 RPM-GPG-KEY-fedora-16-s390x RPM-GPG-KEY-fedora-32-aarch64 RPM-GPG-KEY-fedora-16-secondary RPM-GPG-KEY-fedora-32-armhfp RPM-GPG-KEY-fedora-16-x86_64 RPM-GPG-KEY-fedora-32-i386 RPM-GPG-KEY-fedora-17-armRPM-GPG-KEY-fedora-32-ppc64le RPM-GPG-KEY-fedora-17-armhfp RPM-GPG-KEY-fedora-32-primary RPM-GPG-KEY-fedora-17-i386 RPM-GPG-KEY-fedora-32-s390x RPM-GPG-KEY-fedora-17-ppcRPM-GPG-KEY-fedora-32-x86_64 RPM-GPG-KEY-fedora-17-ppc64 RPM-GPG-KEY-fedora-33-aarch64 RPM-GPG-KEY-fedora-17-primaryRPM-GPG-KEY-fedora-33-armhfp RPM-GPG-KEY-fedora-17-s390 RPM-GPG-KEY-fedora-33-i386 RPM-GPG-KEY-fedora-17-s390x RPM-GPG-KEY-fedora-33-ppc64le RPM-GPG-KEY-fedora-17-secondary RPM-GPG-KEY-fedora-33-primary RPM-GPG-KEY-fedora-17-x86_64 RPM-GPG-KEY-fedora-33-s390x RPM-GPG-KEY-fedora-18-armRPM-GPG-KEY-fedora-33-x86_64 RPM-GPG-KEY-fedora-18-armhfp RPM-GPG-KEY-fedora-34-aarch64 RPM-GPG-KEY-fedora-18-i386 RPM-GPG-KEY-fedora-34-armhfp RPM-GPG-KEY-fedora-18-ppc
Re: Fedora 38 Upgrade From Fedora 36
On Sat Apr22'23 03:59:36PM, Community Support for Fedora Users wrote: > From: ToddAndMargo via users > Date: Sat, 22 Apr 2023 15:59:36 -0700 > To: users@lists.fedoraproject.org > Cc: ToddAndMargo > Reply-To: Community support for Fedora users > Subject: Re: Fedora 38 Upgrade From Fedora 36 > > On 4/22/23 15:31, Samuel Sieb wrote: > > On 4/22/23 10:31, Barry wrote: > > > > On 22 Apr 2023, at 18:11, David Dembrow wrote: > > > > > > > > Is it safe to upgrade to fedora 38 from fedora 36? Or in other > > > > words can a release cycle get skipped? > > > > > > It is not recommended. Safest to go via 37. > > > > That is not correct. See the link that Jeffrey posted. > > > > "System upgrade is only officially supported and tested over 2 releases > > at most (e.g. from 36 to 38)." > > > > I have upgraded 2 releases at a time many times with no issues. > > I have got away with it too. Went two at > a time from 33 to 37 last year at > a customer site. > Actually, I went F34 -> F38 last night, without any issue. Just added a --nogpgcheck. So, I have this circa 2009 Dell Precision T7710 and the HDD died. I put in an old SSD and brought it back. However, for some reason, it does not boot off of a live CD that is newer. I had one F34 lying around, and got it booted off that. Then I did sudo dnf update --releasever 38 and it went through the download and then failed at the key check. So, I tried by removing the check and it went through. sudo dnf update --releasever 38 --nogpgcheck After installation, it asked to verify the key for F38, and that was permitted, and it appears to be like another machine that has been able to follow a more disciplined regimen. I tried this on a whim some time ago with another old machine (F34 -> F37 in that case), and it worked then too. I guess this is not recommended, but it worked for me. Thanks, Ranjan ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 14:17, Tim via users wrote: Nor should you really have to have a virtual host. I think it may be referring to the Apache directive ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
On 4/22/23 15:31, Samuel Sieb wrote: On 4/22/23 10:31, Barry wrote: On 22 Apr 2023, at 18:11, David Dembrow wrote: Is it safe to upgrade to fedora 38 from fedora 36? Or in other words can a release cycle get skipped? It is not recommended. Safest to go via 37. That is not correct. See the link that Jeffrey posted. "System upgrade is only officially supported and tested over 2 releases at most (e.g. from 36 to 38)." I have upgraded 2 releases at a time many times with no issues. I have got away with it too. Went two at a time from 33 to 37 last year at a customer site. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 14:40, Samuel Sieb wrote: On 4/22/23 14:35, ToddAndMargo via users wrote: On 4/22/23 13:51, Samuel Sieb wrote: On 4/22/23 06:42, Ranjan Maitra wrote: I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. You should really use "system-upgrade" instead. It can have some extra cleanup or adjustments required by the new version. I did. I will post my full notes in a minute somewhere down the thread. The purpose of my post was poke gentle fun at the "which shouldn't take much longer than brewing and enjoying a nice cup of coffee" comment. That is going to be one really strong and cold cup of coffee. I did not say it did not work. I had to do some clean up of conflicting packaged as such, but things picked up right were they left off. It was impressive. I think you misread this. :-) I was replying to Ranjan who said he used only "upgrade". Definitely. I have seen a lot of this with Thunderbird lately, especially on the newsgroups. I have been burned by it about ten times now. Thanks for being in a good mood over it. :-) ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
scrolling issue
Hi. I've done something wrong. In test terminals, I can no longer seem to have unlimited scrolling. I run a test script, that should generate lots of line/output. For some reason, the output seems to only display the latest X lines (havent counted them). But it appears less than 50. I've looked in the "Terminal" menu, and unlimited scrolling is checked. I've tried the usual reset -- reset/clear etc. Looking over diff 'net sites hasn't gotten the 'aha' moment. Any thoughts thanks ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
On 4/22/23 10:31, Barry wrote: On 22 Apr 2023, at 18:11, David Dembrow wrote: Is it safe to upgrade to fedora 38 from fedora 36? Or in other words can a release cycle get skipped? It is not recommended. Safest to go via 37. That is not correct. See the link that Jeffrey posted. "System upgrade is only officially supported and tested over 2 releases at most (e.g. from 36 to 38)." I have upgraded 2 releases at a time many times with no issues. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, Apr 22, 2023 at 6:12 PM Tim via users wrote: > > On Sat, 2023-04-22 at 14:32 -0700, Samuel Sieb wrote: > > As Patrick said, using port 443 would be a circular dependency. There > > is no "testing" of the cert, this is for providing the cert. > > Ah... I thought it was for checking and auto-renewing certificates > before expiry (like certwatch). > > > At this point, you don't have an SSL certificate, so it wouldn't work. The > > requester puts a token in the web server directory and then tells the > > certificate generating side to verify the token. > > Hmm, sounds like a security problem to get data via insecure means, in > the first place. It escapes me why you'd want to work that way if you > were running it on the same machine as the server. The LE client downloads a X.509 certificate based on a CSR (after passing the challenges). It's the same certificate the server supplies to user agents and clients. There's no loss of confidentiality. About the only thing an adversary can do is a DoS. Jeff ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 15:11, Tim via users wrote: On Sat, 2023-04-22 at 14:32 -0700, Samuel Sieb wrote: As Patrick said, using port 443 would be a circular dependency. There is no "testing" of the cert, this is for providing the cert. Ah... I thought it was for checking and auto-renewing certificates before expiry (like certwatch). At this point, you don't have an SSL certificate, so it wouldn't work. The requester puts a token in the web server directory and then tells the certificate generating side to verify the token. Hmm, sounds like a security problem to get data via insecure means, in the first place. It escapes me why you'd want to work that way if you were running it on the same machine as the server. How is it insecure? The requester creates a one-time token, passes that to the letsencrypt server. The server connects back using the domain name to make sure the domain and request is valid by checking the token. There's no way to mitm that. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 14:32 -0700, Samuel Sieb wrote: > As Patrick said, using port 443 would be a circular dependency. There > is no "testing" of the cert, this is for providing the cert. Ah... I thought it was for checking and auto-renewing certificates before expiry (like certwatch). > At this point, you don't have an SSL certificate, so it wouldn't work. The > requester puts a token in the web server directory and then tells the > certificate generating side to verify the token. Hmm, sounds like a security problem to get data via insecure means, in the first place. It escapes me why you'd want to work that way if you were running it on the same machine as the server. -- NB: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the list. The following system info data is generated fresh for each post: uname -rsvp Linux 6.2.8-100.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 22 19:14:19 UTC 2023 x86_64 ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Random Error on Boot
On Apr 22, 2023, at 12:53, Luiboat wrote: > I keep getting this error, it really does nothing. But, I wanna know what it > is and how to fix it. I'm on a fresh install with nothing, and this happens > ever time I install fedora GNOME. It would be impossible to know what issue you are encountering without seeing the backtrack captured in the abrt report. Your screenshot is just a picture of the alert. -- Jonathan Billings ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: grub-customizer only show OSs on secondary HDs
On Apr 19, 2023, at 21:39, Philip Rhoades via users wrote: > > People, > > I thought grub-customizer might help me do something but I have loaded it > onto two computers now (F37 KDE WS) and a server (F34 XFCE) and after I run > the program (it takes minutes to get info), the listing of OSs only shows > info for the secondary HDs on each computer - instead of also the active OS > booted from /dev/sda - why is this? Most likely because grub-customizer doesn’t understand BLSCFG grub entries and is entirely unsuitable for use on Fedora without tweaking the default grub settings. -- Jonathan Billings ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 23:31 +0200, Markus Schönhaber wrote: > 22.04.23, 19:42 +0200, Patrick O'Callaghan: > > > On Sat, 2023-04-22 at 15:30 +0200, Markus Schönhaber wrote: > > > > If certbot --apache doesn't work, you could try to only fetch the > > > certificates and manually configure httpd to actually use them > > > afterwards. I. e. do something like > > > > > > # certbot certonly --webroot -w /path/to/webroot -d $DOMAIN ... > > > > I've considered that (there are several other ACME clients on > > Fedora) > > but Certbot is the recommended one so I'm sticking with it for now. > > What are you talking about? > The command I showed you above *is* a certbot invocation. I know it's a Certbot invocation. I'm merely saying that Certbot is not the only way to obtain certificates using the ACME protocol. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 14:35, ToddAndMargo via users wrote: On 4/22/23 13:51, Samuel Sieb wrote: On 4/22/23 06:42, Ranjan Maitra wrote: I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. You should really use "system-upgrade" instead. It can have some extra cleanup or adjustments required by the new version. I did. I will post my full notes in a minute somewhere down the thread. The purpose of my post was poke gentle fun at the "which shouldn't take much longer than brewing and enjoying a nice cup of coffee" comment. That is going to be one really strong and cold cup of coffee. I did not say it did not work. I had to do some clean up of conflicting packaged as such, but things picked up right were they left off. It was impressive. I think you misread this. :-) I was replying to Ranjan who said he used only "upgrade". ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 09:27, Peter Boy wrote: With apache you have the advantage that you don't need certbot at all, but apache does everything itself with the help of the md module. Configure as follows: # Letsencrypt certificate management via Apache mod_md # By default, automatically all alternative names get included. MDomain MY_DOMAIN.TLD MDContactEmail ME@MY_DOMAIN.TLD MDCertificateAgreement accepted ServerName MY_DOMAIN.TLD ServerAlias www.MY_DOMAIN.TLD ServerAlias demo.MY_DOMAIN.TLD … … After adding the above configuration restart apache. Wait some minutes and restart again. You should now see in the logs the certificates. Apache cares about the 3-monthly renewing. You don’t need to do anything. That is very nice! Unfortunately, that doesn't work for all my certs because some are for the mail server and other applications, but definitely something to keep in mind for some of them. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 13:51, Samuel Sieb wrote: On 4/22/23 06:42, Ranjan Maitra wrote: I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. You should really use "system-upgrade" instead. It can have some extra cleanup or adjustments required by the new version. I did. I will post my full notes in a minute somewhere down the thread. The purpose of my post was poke gentle fun at the "which shouldn't take much longer than brewing and enjoying a nice cup of coffee" comment. That is going to be one really strong and cold cup of coffee. I did not say it did not work. I had to do some clean up of conflicting packaged as such, but things picked up right were they left off. It was impressive. And I A-D-O-R-E the `dnf autoremove` command!! Freed up 1.7G on my drive! ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 14:30, Patrick O'Callaghan wrote: On Sun, 2023-04-23 at 06:47 +0930, Tim via users wrote: On Sat, 2023-04-22 at 18:45 +0100, Patrick O'Callaghan wrote: My understanding is that it needs port 80 for the initial token negotiation to get the certificate to set up HTTPS. Requiring port 443 would be a circular dependency. [...] And, testing that: If I disable all port 80 connections, I can connect to my webserver using HTTPS over port 443. Their error message seems to indicate that *it* wants a connection response from the webserver on port 80 with your site's domain name in the response headers (to prove you own the site). This seems to be a bizarre requirement. Possibly the cert checker needs programming better, rather than Apache needing something done to it. That's entirely possible of course. Nor should you really have to have a virtual host. You could be a webserver that you own totally and it only serves your website. It seems some oddball demands from the cert checker. I do agree with that. I think it's a specific limitation of Certbot itself, which (from discussions on the LetsEncrypt site) actually messes with your Apache config while it's doing its testing. Other implementations of the ACME protocol don't seem to require this, but I'm just guessing. There are other methods. You can tell it where the webroot is (as described by Markus), you can have certbot run its own web server, you can use a DNS entry, etc. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 14:17, Tim via users wrote: On Sat, 2023-04-22 at 18:45 +0100, Patrick O'Callaghan wrote: My understanding is that it needs port 80 for the initial token negotiation to get the certificate to set up HTTPS. Requiring port 443 would be a circular dependency. So far as I'm aware, that's not the case. A HTTPS connection is made completely over port 443. The browser attempts to connect directly to port 443, and negotiation for *how* to do that carries on over port 443. To attempt to non-securely start this over port 80 would be insecure. And, testing that: If I disable all port 80 connections, I can connect to my webserver using HTTPS over port 443. Their error message seems to indicate that *it* wants a connection response from the webserver on port 80 with your site's domain name in the response headers (to prove you own the site). This seems to be a bizarre requirement. Possibly the cert checker needs programming better, rather than Apache needing something done to it. Nor should you really have to have a virtual host. You could be a webserver that you own totally and it only serves your website. It seems some oddball demands from the cert checker. My thoughts are that cert testing should be done entirely over port 443. Since that's how HTTPS works, the test should work the same way. A HTTP transaction over port 80 wouldn't have any info about the HTTPS certificate. As Patrick said, using port 443 would be a circular dependency. There is no "testing" of the cert, this is for providing the cert. At this point, you don't have an SSL certificate, so it wouldn't work. The requester puts a token in the web server directory and then tells the certificate generating side to verify the token. To do that, it has to request that file from your domain and compare it to what the requester gave it. The requirements are that your domain name resolves to an address that points to the http server serving that file. There is also an alternative method where you put the token in a DNS entry instead. That's useful for when the cert is for a not publicly visible server. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sun, 2023-04-23 at 06:47 +0930, Tim via users wrote: > On Sat, 2023-04-22 at 18:45 +0100, Patrick O'Callaghan wrote: > > My understanding is that it needs port 80 for the initial token > > negotiation to get the certificate to set up HTTPS. Requiring port > > 443 > > would be a circular dependency. > > [...] > And, testing that: If I disable all port 80 connections, I can > connect > to my webserver using HTTPS over port 443. > > Their error message seems to indicate that *it* wants a connection > response from the webserver on port 80 with your site's domain name > in > the response headers (to prove you own the site). This seems to be a > bizarre requirement. Possibly the cert checker needs programming > better, rather than Apache needing something done to it. > That's entirely possible of course. > Nor should you really have to have a virtual host. You could be a > webserver that you own totally and it only serves your website. It > seems some oddball demands from the cert checker. > I do agree with that. I think it's a specific limitation of Certbot itself, which (from discussions on the LetsEncrypt site) actually messes with your Apache config while it's doing its testing. Other implementations of the ACME protocol don't seem to require this, but I'm just guessing. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
22.04.23, 19:42 +0200, Patrick O'Callaghan: On Sat, 2023-04-22 at 15:30 +0200, Markus Schönhaber wrote: If certbot --apache doesn't work, you could try to only fetch the certificates and manually configure httpd to actually use them afterwards. I. e. do something like # certbot certonly --webroot -w /path/to/webroot -d $DOMAIN ... I've considered that (there are several other ACME clients on Fedora) but Certbot is the recommended one so I'm sticking with it for now. What are you talking about? The command I showed you above *is* a certbot invocation. -- Regards mks ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 08:38, Jeffrey Walton wrote: On Sat, Apr 22, 2023 at 4:47 AM ToddAndMargo via users wrote: On 4/18/23 07:00, Matthew Miller wrote: or, of course, just upgrade your already-installed systems, which shouldn't take much longer than brewing and enjoying a nice cup of coffee. Enjoy! Ha! Are you forgetting this preinstall command? # dnf --enablerepo=* update --refresh That cups of coffee is going to be really strong and really cold. I recommend following the docs for a system-upgrade: https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/ . Jeff This is my keeper notes on 37 to 38. I lvoe the `dnf autoremove` command. It freed up 1.7 G on my drive! Also not the two reference I am using. FC 37 -->> FC 38 https://www.linuxcapable.com/how-to-upgrade-fedora-release/ https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/ # rpm --rebuilddb # rpm -Va --nofiles --nodigest if anything is too new, do a # dnf downgrade offender(s) # dnf --enablerepo=* update --refresh # dnf autoremove # dnf install dnf-plugin-system-upgrade # dnf system-upgrade download --refresh --releasever=38 # rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-38-primary # dnf clean packages <-- optional # dnf system-upgrade -v reboot --debugsolver ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 20:35 +0200, Peter Boy wrote: > > > > Am 22.04.2023 um 19:48 schrieb Patrick O'Callaghan > > : > > > > On Sat, 2023-04-22 at 18:27 +0200, Peter Boy wrote: > > > > > > > > > > Am 22.04.2023 um 14:11 schrieb Patrick O'Callaghan > > > > : > > > > > > > > I'm trying to set up a simple web server for personal use, > > > > using > > > > Apache, and want to enable HTTPS access. This involves getting > > > > an > > > > SSL > > > > certificate and I'll be using LetsEncrypt > > > > (www.letsencrypt.org). > > > > > > > > The recommended way to do this is with Certbot, but I can't get > > > > past > > > > this error: > > > > > > > > > With apache you have the advantage that you don't need certbot at > > > all, but apache does everything itself with the help of the md > > > module. Configure as follows: > > > > > > # Letsencrypt certificate management via Apache mod_md > > > # By default, automatically all alternative names get included. > > > MDomain MY_DOMAIN.TLD > > > MDContactEmail ME@MY_DOMAIN.TLD > > > MDCertificateAgreement accepted > > > > > > ServerName MY_DOMAIN.TLD > > > ServerAlias www.MY_DOMAIN.TLD > > > ServerAlias demo.MY_DOMAIN.TLD > > > … > > > … > > > > > > > > > After adding the above configuration restart apache. Wait some > > > minutes and restart again. You should now see in the logs the > > > certificates. > > > > > > Apache cares about the 3-monthly renewing. You don’t need to do > > > anything. > > > > That's interesting, but seems to contradict what the LetsEncrypt > > site > > seems to say (as far as I understand it). How does Apache set up a > > certificate if it's only reachable via port 443, which requires a > > certificate? > > Apache developed mod_md which is, among others, yet another > implementation of the certbot protocol, but manages everything inside > apache. The module knows it has to renew every 3 months and it > manages the communication with lets encrypt by its own. I didn’t > check, but - as it works - mod_md knows about the ports and chooses > the appropriate. > > I should have send the complete config, it says further down: > > > # Production Web Site Fiction meets Science > ServerName MY_DOMAIN.TLD > ServerAlias www.MY_DOMAIN.TLD > RewriteEngine On > RewriteRule ^(.*)$ https://MY_DOMAIN.TLD$1 > [R=301,L] > It's documented in https://httpd.apache.org/docs/2.4/mod/mod_md.html so I may try it. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 18:45 +0100, Patrick O'Callaghan wrote: > My understanding is that it needs port 80 for the initial token > negotiation to get the certificate to set up HTTPS. Requiring port 443 > would be a circular dependency. So far as I'm aware, that's not the case. A HTTPS connection is made completely over port 443. The browser attempts to connect directly to port 443, and negotiation for *how* to do that carries on over port 443. To attempt to non-securely start this over port 80 would be insecure. And, testing that: If I disable all port 80 connections, I can connect to my webserver using HTTPS over port 443. Their error message seems to indicate that *it* wants a connection response from the webserver on port 80 with your site's domain name in the response headers (to prove you own the site). This seems to be a bizarre requirement. Possibly the cert checker needs programming better, rather than Apache needing something done to it. Nor should you really have to have a virtual host. You could be a webserver that you own totally and it only serves your website. It seems some oddball demands from the cert checker. My thoughts are that cert testing should be done entirely over port 443. Since that's how HTTPS works, the test should work the same way. A HTTP transaction over port 80 wouldn't have any info about the HTTPS certificate. -- NB: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the list. The following system info data is generated fresh for each post: uname -rsvp Linux 6.2.8-100.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 22 19:14:19 UTC 2023 x86_64 ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 06:42, Ranjan Maitra wrote: I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. You should really use "system-upgrade" instead. It can have some extra cleanup or adjustments required by the new version. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
On 4/22/23 07:54, Luna Jernberg wrote: Might be good to file an issue here too: https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0 so it can be added to the new website It looks like it was just overlooked. The ALT download page descriptions mention torrents, so I think it was just missed. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: cifs mount error F38 (possible selinux issue).
> Am 22.04.2023 um 15:40 schrieb Ranjan Maitra : > > I tried to change selinux to permissive on the F38 box, and then I was able > to mount the share. However, the F37 box mounts the share fine, with selinux > set at enforcing. So, should a separate context need to be created for F38? > If so, what, where? As I understand, you have a Windows box that provides some shares. And you have a Fedora box, I assume one of the desktop variants, where you want to mount that share. And indeed, if it works with SELinux permissive it is clearly a SELinux issue and has nothing to do with the Windows version or smbclient. Have a look at https://docs.fedoraproject.org/en-US/quick-docs/troubleshooting_selinux/ to further analyse the blockage. Good luck -- Peter Boy https://fedoraproject.org/wiki/User:Pboy p...@fedoraproject.org Timezone: CET (UTC+1) / CEST (UTC+2) Fedora Server Edition Working Group member Fedora docs team contributor Java developer and enthusiast ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: fedora 37 network issues with current kernel vmlinuz-6.2.10-200.fc37.x86_64
On Tue, Apr 18, 2023 at 07:40:40PM -0700, Patrick Mansfield via users wrote: > On Mon, Apr 17, 2023 at 08:02:34AM -0700, Patrick Mansfield via users wrote: > > I don't know exactly what's wrong, it's been a while since I setup the > > network for this. > > > > I have a VLAN on 201 and PPPoE setup (century link ISP). > > > > This has worked fine for some time, and it works with kernel: > > > > vmlinuz-6.2.9-200.fc37.x86_64 > > > > But fails with the most recent kernel: > > > > vmlinuz-6.2.10-200.fc37.x86_64 > > > > Any hints or pointers to open issues for this? > > Opened a bug for this: > > https://bugzilla.redhat.com/show_bug.cgi?id=2187869 It looks like network naming got fixed with kernel v6.2.10: I had previously setup to name a particular interface but apparently that was not working, so I used the default name. Kernel v6.2.10 looks to have fixed the problem, so I had to switch back to my now properly named network interface and it's now working. Closed the bug. -- Patrick ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
> Am 22.04.2023 um 19:48 schrieb Patrick O'Callaghan : > > On Sat, 2023-04-22 at 18:27 +0200, Peter Boy wrote: >> >> >>> Am 22.04.2023 um 14:11 schrieb Patrick O'Callaghan >>> : >>> >>> I'm trying to set up a simple web server for personal use, using >>> Apache, and want to enable HTTPS access. This involves getting an >>> SSL >>> certificate and I'll be using LetsEncrypt (www.letsencrypt.org). >>> >>> The recommended way to do this is with Certbot, but I can't get >>> past >>> this error: >> >> >> With apache you have the advantage that you don't need certbot at >> all, but apache does everything itself with the help of the md >> module. Configure as follows: >> >> # Letsencrypt certificate management via Apache mod_md >> # By default, automatically all alternative names get included. >> MDomain MY_DOMAIN.TLD >> MDContactEmail ME@MY_DOMAIN.TLD >> MDCertificateAgreement accepted >> >> ServerName MY_DOMAIN.TLD >> ServerAlias www.MY_DOMAIN.TLD >> ServerAlias demo.MY_DOMAIN.TLD >> … >> … >> >> >> After adding the above configuration restart apache. Wait some >> minutes and restart again. You should now see in the logs the >> certificates. >> >> Apache cares about the 3-monthly renewing. You don’t need to do >> anything. > > That's interesting, but seems to contradict what the LetsEncrypt site > seems to say (as far as I understand it). How does Apache set up a > certificate if it's only reachable via port 443, which requires a > certificate? Apache developed mod_md which is, among others, yet another implementation of the certbot protocol, but manages everything inside apache. The module knows it has to renew every 3 months and it manages the communication with lets encrypt by its own. I didn’t check, but - as it works - mod_md knows about the ports and chooses the appropriate. I should have send the complete config, it says further down: # Production Web Site Fiction meets Science ServerName MY_DOMAIN.TLD ServerAlias www.MY_DOMAIN.TLD RewriteEngine On RewriteRule ^(.*)$ https://MY_DOMAIN.TLD$1 [R=301,L] But of course, I use Fedora Server. -- Peter Boy https://fedoraproject.org/wiki/User:Pboy p...@fedoraproject.org Timezone: CET (UTC+1) / CEST (UTC+2) Fedora Server Edition Working Group member Fedora docs team contributor Java developer and enthusiast ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 10:26, Todd Zullinger wrote: Mike Wright wrote: I've never seen the port number included as part of the ServerName directive. Try removing that and give it a go. FWIW, the documented syntax¹ for ServerName is: ServerName [scheme://]domain-name|ip-address[:port] That docs go on to say: If no port is specified in the ServerName, then the server will use the port from the incoming request. For optimal reliability and predictability, you should specify an explicit hostname and port using the ServerName directive. Having a port in ServerName shouldn't be a problem (assuming the correct port, of course). ¹ https://httpd.apache.org/docs/2.4/mod/core.html#servername Thanks Todd, I'd always taken ServerName literally and had no idea it allowed such granularity. With the ability to also specify protocol allows (e.g.) having different DocumentRoot values for ftp, http, https, etc. Nice. Mike ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[OT] was Re: Certbot error
On 04/22/2023 11:41 AM, Patrick O'Callaghan wrote: No. I barely understand Apache and don't want to introduce another variable. If I were writing an encryption package, I think I'd name it Navajo, after the WW II code talkers. I understand that some of the slang they used for things such as tanks and bombers that weren't in their language were quite imaginative. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
On Sat, 2023-04-22 at 08:14 -0700, Emmett Culley via users wrote: > On 4/22/23 7:26 AM, Luna Jernberg wrote: > > https://torrents.fedoraproject.org/ > > > > They can be found here :) > > > Unfortunately I am not able to get the torrent as I am seeing the > following error: > > Error: Timeout on server > torrent.fedoraproject.org: Socket operation timed out It's torrents (plural) not torrent. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 18:27 +0200, Peter Boy wrote: > > > > Am 22.04.2023 um 14:11 schrieb Patrick O'Callaghan > > : > > > > I'm trying to set up a simple web server for personal use, using > > Apache, and want to enable HTTPS access. This involves getting an > > SSL > > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > > > The recommended way to do this is with Certbot, but I can't get > > past > > this error: > > > With apache you have the advantage that you don't need certbot at > all, but apache does everything itself with the help of the md > module. Configure as follows: > > # Letsencrypt certificate management via Apache mod_md > # By default, automatically all alternative names get included. > MDomain MY_DOMAIN.TLD > MDContactEmail ME@MY_DOMAIN.TLD > MDCertificateAgreement accepted > > ServerName MY_DOMAIN.TLD > ServerAlias www.MY_DOMAIN.TLD > ServerAlias demo.MY_DOMAIN.TLD > … > … > > > After adding the above configuration restart apache. Wait some > minutes and restart again. You should now see in the logs the > certificates. > > Apache cares about the 3-monthly renewing. You don’t need to do > anything. That's interesting, but seems to contradict what the LetsEncrypt site seems to say (as far as I understand it). How does Apache set up a certificate if it's only reachable via port 443, which requires a certificate? poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sun, 2023-04-23 at 00:26 +0930, Tim via users wrote: > On Sat, 2023-04-22 at 13:11 +0100, Patrick O'Callaghan wrote: > > I'm trying to set up a simple web server for personal use, using > > Apache, and want to enable HTTPS access. This involves getting an > > SSL > > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > > > The recommended way to do this is with Certbot, but I can't get > > past > > this error: > > > > # certbot --apache -d bree.org.uk > > Saving debug log to /var/log/letsencrypt/letsencrypt.log > > Requesting a certificate for bree.org.uk > > Unable to find a virtual host listening on port 80 which is > > currently > > needed for Certbot to prove to the CA that you control your domain. > > Please add a virtual host for port 80. > > Ask for help or search for solutions at > > https://community.letsencrypt.org. > > See the logfile /var/log/letsencrypt/letsencrypt.log or re-run > > Certbot > > with -v for more details. > > > > Note that the httpd server is online and reachable from outside my > > local net, i.e. this doesn't appear to be a firewall issue. > > > > I've reported the problem upstream and followed a number of > > suggestions, but nothing seems to make any difference: > > > > https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 > > I wonder does Certbot read the Apache config files directly, or is it > doing HTTP/HTTPS access of the webserver? > > Looking at some of your results it is probing port 80, though it > might > be doing more than one thing. > > Assuming that Certbot runs inside your LAN, does the domain name > resolve internally to an IP that can be reached internally? Yes. > e.g. Can you browse to that address staying entirely within your LAN? Yes. > If it reads the config files, might SELinux be denying it? > No. I disabled SElinux and it made no difference. > Looking at my Apache configuration, the virtual hosts ServerName and > ServerAlias entries just have the host names without any port > numbers. > > > ServerName www.example.com > ServerAlias example.com The port number is optional. I've since removed it. It makes no difference. > Interesting that it wants a port 80 virtual host, for something > (HTTPS) > that's going to be running through port 443. I would have thought > you'd need something along the lines of: > > > ServerName www.example.com > ServerAlias example.com > > as well. > My understanding is that it needs port 80 for the initial token negotiation to get the certificate to set up HTTPS. Requiring port 443 would be a circular dependency. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 15:30 +0200, Markus Schönhaber wrote: > Am 22.04.23 um 14:11 schrieb Patrick O'Callaghan: > > > I'm trying to set up a simple web server for personal use, using > > Apache, and want to enable HTTPS access. This involves getting an > > SSL > > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > > > The recommended way to do this is with Certbot, but I can't get > > past > > this error: > > > > # certbot --apache -d bree.org.uk > > Saving debug log to /var/log/letsencrypt/letsencrypt.log > > Requesting a certificate for bree.org.uk > > Unable to find a virtual host listening on port 80 which is > > currently needed for Certbot to prove to the CA that you control > > your domain. Please add a virtual host for port 80. > > Ask for help or search for solutions at > > https://community.letsencrypt.org. See the logfile > > /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for > > more details. > > > > Note that the httpd server is online and reachable from outside my > > local net, i.e. this doesn't appear to be a firewall issue. > > > > I've reported the problem upstream and followed a number of > > suggestions, but nothing seems to make any difference: > > > > https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 > > > > Any thoughts on this would be welcome, but please review the above > > link > > before replying. > > If certbot --apache doesn't work, you could try to only fetch the > certificates and manually configure httpd to actually use them > afterwards. I. e. do something like > > # certbot certonly --webroot -w /path/to/webroot -d $DOMAIN ... I've considered that (there are several other ACME clients on Fedora) but Certbot is the recommended one so I'm sticking with it for now. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 09:24 -0700, Mike Wright wrote: > On 4/22/23 05:11, Patrick O'Callaghan wrote: > > I'm trying to set up a simple web server for personal use, using > > Apache, and want to enable HTTPS access. This involves getting an > > SSL > > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > > > The recommended way to do this is with Certbot, but I can't get > > past > > this error: > > > > # certbot --apache -d bree.org.uk > > Saving debug log to /var/log/letsencrypt/letsencrypt.log > > Requesting a certificate for bree.org.uk > > Unable to find a virtual host listening on port 80 which is > > currently needed for Certbot to prove to the CA that you control > > your domain. Please add a virtual host for port 80. > > Ask for help or search for solutions at > > https://community.letsencrypt.org. See the logfile > > /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for > > more details. > > > > Note that the httpd server is online and reachable from outside my > > local net, i.e. this doesn't appear to be a firewall issue. > > > > I've reported the problem upstream and followed a number of > > suggestions, but nothing seems to make any difference: > > > > https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 > > > > Any thoughts on this would be welcome, but please review the above > > link > > before replying. > > Trying again. The "Dark" theme gave me purple on black. Looks like > nobody can see what I wrote ;/ > > I've never seen the port number included as part of the ServerName > directive. Try removing that and give it a go. > The port number is optional, according to the docs. However that was a late addition. Previously I didn't have it and it made no difference. I've since removed it. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 15:55 +0300, jarmo wrote: > Sat, 22 Apr 2023 13:11:45 +0100 > Patrick O'Callaghan kirjoitti: > > > I'm trying to set up a simple web server for personal use, using > > Apache, and want to enable HTTPS access. This involves getting an > > SSL > > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > Have you thought about > http://nginx.org/en/docs/http/configuring_https_servers.html > > Instead of apache? No. I barely understand Apache and don't want to introduce another variable. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
On Sat, Apr 22, 2023 at 1:11 PM David Dembrow wrote: > > Is it safe to upgrade to fedora 38 from fedora 36? Or in other words > can a release cycle get skipped? See https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/ . The topic is discussed. Jeff ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Fedora 38 Upgrade From Fedora 36
> On 22 Apr 2023, at 18:11, David Dembrow wrote: > > Is it safe to upgrade to fedora 38 from fedora 36? Or in other words can a > release cycle get skipped? It is not recommended. Safest to go via 37. Barry > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
Mike Wright wrote: > I've never seen the port number included as part of the ServerName > directive. Try removing that and give it a go. FWIW, the documented syntax¹ for ServerName is: ServerName [scheme://]domain-name|ip-address[:port] That docs go on to say: If no port is specified in the ServerName, then the server will use the port from the incoming request. For optimal reliability and predictability, you should specify an explicit hostname and port using the ServerName directive. Having a port in ServerName shouldn't be a problem (assuming the correct port, of course). ¹ https://httpd.apache.org/docs/2.4/mod/core.html#servername -- Todd signature.asc Description: PGP signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, Apr 22, 2023 at 8:13 AM Patrick O'Callaghan wrote: > > I'm trying to set up a simple web server for personal use, using > Apache, and want to enable HTTPS access. This involves getting an SSL > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > The recommended way to do this is with Certbot, but I can't get past > this error: > > # certbot --apache -d bree.org.uk > Saving debug log to /var/log/letsencrypt/letsencrypt.log > Requesting a certificate for bree.org.uk > Unable to find a virtual host listening on port 80 which is currently needed > for Certbot to prove to the CA that you control your domain. Please add a > virtual host for port 80. > Ask for help or search for solutions at https://community.letsencrypt.org. > See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with > -v for more details. > > Note that the httpd server is online and reachable from outside my > local net, i.e. this doesn't appear to be a firewall issue. > > I've reported the problem upstream and followed a number of > suggestions, but nothing seems to make any difference: > > https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 > > Any thoughts on this would be welcome, but please review the above link > before replying. No. If there's information needed, it needs to be provided here. I'm not going to grind through some off-site Q We run an Apache server on Ubuntu 22.04, and we use Certbot for cryptopp.com. (Our VPS host does not provide Fedora Server, so we use Ubuntu Server). Our server config files are as follows. The first two are most important: ~# find /etc/ -name 'cryptopp*' /etc/apache2/sites-enabled/cryptopp.conf /etc/apache2/sites-available/cryptopp.conf /etc/ssl/private/cryptopp-com.chain.pem /etc/ssl/private/cryptopp-com.pem.rsa /etc/ssl/private/cryptopp-com.key.pem.ec /etc/ssl/private/cryptopp-com.cert.pem /etc/ssl/private/cryptopp-com.chain.pem.rsa /etc/ssl/private/cryptopp-com.key.pem /etc/ssl/private/cryptopp-com.key.pem.rsa So the question is, do you have a *.conf file in sites-available? And is there a link to it in sites-enabled? (You enable a site with a2ensite. Once enabled, there is a symlink from sites-available to sites-enabled). Jeff Here is sites-enabled. It is a symlink: # ls -Al /etc/apache2/sites-enabled/cryptopp.conf lrwxrwxrwx 1 root root 32 Apr 6 2021 /etc/apache2/sites-enabled/cryptopp.conf -> ../sites-available/cryptopp.conf Here is sites-available/cryptopp.conf: # cat /etc/apache2/sites-available/cryptopp.conf # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerName cryptopp.com ServerAlias www.cryptopp.com *.cryptopp.com # https://linuxize.com/post/redirect-http-to-https-in-apache/ Redirect permanent / https://cryptopp.com/ ServerAdmin webmas...@cryptopp.com DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on ServerName cryptopp.com ServerAlias www.cryptopp.com *.cryptopp.com ServerAdmin webmas...@cryptopp.com DocumentRoot /var/www/html # Use separate log files for the SSL virtual host; note that LogLevel # is not inherited from httpd.conf. ErrorLog ${APACHE_LOG_DIR}/error.log TransferLog ${APACHE_LOG_DIR}/access.log LogLevel warn # SSL Protocol support: # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: # SSLProtocol all -SSLv2 SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
Re: Encryption for internet storage
On 4/22/2023 6:52 AM, Patrick O'Callaghan wrote: On Fri, 2023-04-21 at 17:21 -0400, Go Canes wrote: On Fri, Apr 21, 2023 at 5:17 PM Robert Nichols wrote: And no, I don't have a clean solution for keeping encrypted backups in the cloud. I do believe that my current backup method (rdiff- backup-2.2.4-2.fc37) is incompatible with that. Don't know if it qualifies as a "clean solution" as it uses mono, but duplicati easily handles encrypted backups to the cloud. As does Rclone, in the standard repo. poc My main idea here was preventing via an encrypted filesystem the host and those using it from viewing contents and files. There may be no way of doing that unless you simply encrypt the files and upload to storage. I like so many others don't trust online storage. But then there's losing a key . B ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Fedora 38 Upgrade From Fedora 36
Is it safe to upgrade to fedora 38 from fedora 36? Or in other words can a release cycle get skipped? ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Random Error on Boot
I keep getting this error, it really does nothing. But, I wanna know what it is and how to fix it. I'm on a fresh install with nothing, and this happens ever time I install fedora GNOME. https://imgur.com/a/Y3tapot ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
> Am 22.04.2023 um 14:11 schrieb Patrick O'Callaghan : > > I'm trying to set up a simple web server for personal use, using > Apache, and want to enable HTTPS access. This involves getting an SSL > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > The recommended way to do this is with Certbot, but I can't get past > this error: With apache you have the advantage that you don't need certbot at all, but apache does everything itself with the help of the md module. Configure as follows: # Letsencrypt certificate management via Apache mod_md # By default, automatically all alternative names get included. MDomain MY_DOMAIN.TLD MDContactEmail ME@MY_DOMAIN.TLD MDCertificateAgreement accepted ServerName MY_DOMAIN.TLD ServerAlias www.MY_DOMAIN.TLD ServerAlias demo.MY_DOMAIN.TLD … … After adding the above configuration restart apache. Wait some minutes and restart again. You should now see in the logs the certificates. Apache cares about the 3-monthly renewing. You don’t need to do anything. -- Peter Boy https://fedoraproject.org/wiki/User:Pboy p...@fedoraproject.org Timezone: CET (UTC+1) / CEST (UTC+2) Fedora Server Edition Working Group member Fedora docs team contributor Java developer and enthusiast ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 05:11, Patrick O'Callaghan wrote: I'm trying to set up a simple web server for personal use, using Apache, and want to enable HTTPS access. This involves getting an SSL certificate and I'll be using LetsEncrypt (www.letsencrypt.org). The recommended way to do this is with Certbot, but I can't get past this error: # certbot --apache -d bree.org.uk Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for bree.org.uk Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Note that the httpd server is online and reachable from outside my local net, i.e. this doesn't appear to be a firewall issue. I've reported the problem upstream and followed a number of suggestions, but nothing seems to make any difference: https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 Any thoughts on this would be welcome, but please review the above link before replying. Trying again. The "Dark" theme gave me purple on black. Looks like nobody can see what I wrote ;/ I've never seen the port number included as part of the ServerName directive. Try removing that and give it a go. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On 4/22/23 05:11, Patrick O'Callaghan wrote: I'm trying to set up a simple web server for personal use, using Apache, and want to enable HTTPS access. This involves getting an SSL certificate and I'll be using LetsEncrypt (www.letsencrypt.org). The recommended way to do this is with Certbot, but I can't get past this error: # certbot --apache -d bree.org.uk Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for bree.org.uk Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Note that the httpd server is online and reachable from outside my local net, i.e. this doesn't appear to be a firewall issue. I've reported the problem upstream and followed a number of suggestions, but nothing seems to make any difference: https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 Any thoughts on this would be welcome, but please review the above link before replying. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On Sat, Apr 22, 2023 at 4:47 AM ToddAndMargo via users wrote: > > On 4/18/23 07:00, Matthew Miller wrote: > > or, of course, just upgrade your already-installed systems, which > > shouldn't take much longer than brewing and enjoying a nice cup of > > coffee. Enjoy! > > > Ha! Are you forgetting this preinstall command? > > # dnf --enablerepo=* update --refresh > > That cups of coffee is going to be really strong > and really cold. I recommend following the docs for a system-upgrade: https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/ . Jeff ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
On 4/22/23 7:26 AM, Luna Jernberg wrote: https://torrents.fedoraproject.org/ They can be found here :) Unfortunately I am not able to get the torrent as I am seeing the following error: Error: Timeout on server torrent.fedoraproject.org: Socket operation timed out I'll try again later. Emmett ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
On Sat, 2023-04-22 at 13:11 +0100, Patrick O'Callaghan wrote: > I'm trying to set up a simple web server for personal use, using > Apache, and want to enable HTTPS access. This involves getting an SSL > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). > > The recommended way to do this is with Certbot, but I can't get past > this error: > > # certbot --apache -d bree.org.uk > Saving debug log to /var/log/letsencrypt/letsencrypt.log > Requesting a certificate for bree.org.uk > Unable to find a virtual host listening on port 80 which is currently > needed for Certbot to prove to the CA that you control your domain. > Please add a virtual host for port 80. > Ask for help or search for solutions at https://community.letsencrypt.org. > See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot > with -v for more details. > > Note that the httpd server is online and reachable from outside my > local net, i.e. this doesn't appear to be a firewall issue. > > I've reported the problem upstream and followed a number of > suggestions, but nothing seems to make any difference: > > https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 I wonder does Certbot read the Apache config files directly, or is it doing HTTP/HTTPS access of the webserver? Looking at some of your results it is probing port 80, though it might be doing more than one thing. Assuming that Certbot runs inside your LAN, does the domain name resolve internally to an IP that can be reached internally? e.g. Can you browse to that address staying entirely within your LAN? If it reads the config files, might SELinux be denying it? Looking at my Apache configuration, the virtual hosts ServerName and ServerAlias entries just have the host names without any port numbers. ServerName www.example.com ServerAlias example.com Interesting that it wants a port 80 virtual host, for something (HTTPS) that's going to be running through port 443. I would have thought you'd need something along the lines of: ServerName www.example.com ServerAlias example.com as well. I have to say that my experimenting with SSL is rather limited, I don't have anything needing encryption on my public or private web servers. And the public one is professionally hosted, where they've done most of the hard work, and customising it is next to impossible (regarding the issues we're discussing here). -- NB: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the list. The following system info data is generated fresh for each post: uname -rsvp Linux 6.2.8-100.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 22 19:14:19 UTC 2023 x86_64 ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
No problems Might be good to file an issue here too: https://gitlab.com/fedora/websites-apps/fedora-websites/fedora-websites-3.0 so it can be added to the new website On Sat, Apr 22, 2023 at 4:49 PM Tom Horsley wrote: > > On Sat, 22 Apr 2023 16:26:04 +0200 > Luna Jernberg wrote: > > > https://torrents.fedoraproject.org/ > > > > They can be found here :) > > I guess I'll bookmark that since they no longer have a link to it > (and hope they don't change the name :-). > > Thanks. > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
On Sat, 22 Apr 2023 16:26:04 +0200 Luna Jernberg wrote: > https://torrents.fedoraproject.org/ > > They can be found here :) I guess I'll bookmark that since they no longer have a link to it (and hope they don't change the name :-). Thanks. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 06:42, Ranjan Maitra wrote: On Sat Apr22'23 01:46:56AM, Community Support for Fedora Users wrote: From: ToddAndMargo via users Date: Sat, 22 Apr 2023 01:46:56 -0700 To: Community support for Fedora users Cc: ToddAndMargo Reply-To: Community support for Fedora users Subject: Re: Surprise! Fedora Linux 38 is here! On 4/18/23 07:00, Matthew Miller wrote: or, of course, just upgrade your already-installed systems, which shouldn't take much longer than brewing and enjoying a nice cup of coffee. Enjoy! Ha! Are you forgetting this preinstall command? # dnf --enablerepo=* update --refresh That cups of coffee is going to be really strong and really cold. I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. Ranjan Mine did too. Took about a hour though. That cup of coffee got really cold! ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/22/23 03:56, Patrick O'Callaghan wrote: On Sat, 2023-04-22 at 01:46 -0700, ToddAndMargo via users wrote: On 4/18/23 07:00, Matthew Miller wrote: or, of course, just upgrade your already-installed systems, which shouldn't take much longer than brewing and enjoying a nice cup of coffee. Enjoy! Ha! Are you forgetting this preinstall command? # dnf --enablerepo=* update --refresh That cups of coffee is going to be really strong and really cold. I've never done that and didn't do it this time. The repos I use are enabled by default, so why would I do this? poc I have a bunch of repo disabled, so it would depend if you wanted them upgraded or not. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: New website hides torrent downloads?
https://torrents.fedoraproject.org/ They can be found here :) On 4/22/23, Tom Horsley wrote: > Is it just impossible to locate the f38 torrent downloads or are > they abandoned now? > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
New website hides torrent downloads?
Is it just impossible to locate the f38 torrent downloads or are they abandoned now? ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On Sat Apr22'23 01:46:56AM, Community Support for Fedora Users wrote: > From: ToddAndMargo via users > Date: Sat, 22 Apr 2023 01:46:56 -0700 > To: Community support for Fedora users > Cc: ToddAndMargo > Reply-To: Community support for Fedora users > Subject: Re: Surprise! Fedora Linux 38 is here! > > On 4/18/23 07:00, Matthew Miller wrote: > > or, of course, just upgrade your already-installed systems, which > > shouldn't take much longer than brewing and enjoying a nice cup of > > coffee. Enjoy! > > > Ha! Are you forgetting this preinstall command? > ># dnf --enablerepo=* update --refresh > > That cups of coffee is going to be really strong > and really cold. I just tried: sudo dnf update --releasever 38 and things went through, reasonably well. Ranjan ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: cifs mount error F38 (possible selinux issue).
Barry, Thanks for this! To answer some of your questions, I do not know what the version of Windows is. It is something that is fairly recent, but has not been changed for years. After looking at dmesg (as recommended by the error message), and /var/log/messages, I tried to change selinux to permissive on the F38 box, and then I was able to mount the share. However, the F37 box mounts the share fine, with selinux set at enforcing. So, should a separate context need to be created for F38? If so, what, where? Also, the mount-cifs package version is exactly the same on both F37 and F38 (both up to date). So, I do not know if mount-cifs is the issue, hence I do not know if it is worthwhile trying smbclient for this purpose. Many thanks again, and best wishes, Ranjan On Sat Apr22'23 08:51:20AM, Barry wrote: > From: Barry > Date: Sat, 22 Apr 2023 08:51:20 +0100 > To: Community support for Fedora users > Reply-To: Community support for Fedora users > Subject: Re: cifs mount error F38 > > > > > On 21 Apr 2023, at 23:33, Ranjan Maitra wrote: > > > > Barry, > > > > Thanks! > > > >> On Fri Apr21'23 10:35:32PM, Barry wrote: > >> From: Barry > >> Date: Fri, 21 Apr 2023 22:35:32 +0100 > >> To: Community support for Fedora users > >> Reply-To: Community support for Fedora users > >> > >> Subject: Re: cifs mount error F38 > >> > >> > >> > On 21 Apr 2023, at 19:34, Ranjan Maitra wrote: > >>> > >>> I recently upgraded two of my Fedora machines, but when I try to mount a > >>> Windows share using mount-cifs, I get the following: > >>> > >>> mount error(126): Required key not available > >>> > >>> The mount.cifs command that is used has the following > >>> sec=ntlmssp,rw,nounix,noserverino,file_mode=0777,dir_mode=0777,vers=3.0 > >>> > >>> Mounting this same share still works from my F37 machines. Presumably > >>> something has changed with F38, and so I am wondering how to mount these > >>> shares. > >> > >> What OS and software is serving the shares? > > > > The share is a Windows share. I do not know how to answer the software > > question, sorry. > > What is the version of windows? > > > > >> Can you use smbclient to access the share? > > > > I do not know about this. the above > > sec=ntlmssp,rw,nounix,noserverino,file_mode=0777,dir_mode=0777,vers=3.0 are > > needed in mount.cifs for things to work, with mount.cifs. > > > > How would I try using smbclient with something that matches the above > > invocations? > > > > Sorry, I am not very familiar with this. > > Try the man page for smbclient, let us know if you can get it working. > > > > > Thanks again for your help! > > > > Best wishes, > > Ranjan > > ___ > > users mailing list -- users@lists.fedoraproject.org > > To unsubscribe send an email to users-le...@lists.fedoraproject.org > > Fedora Code of Conduct: > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > > Do not reply to spam, report it: > > https://pagure.io/fedora-infrastructure/new_issue > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
Am 22.04.23 um 14:11 schrieb Patrick O'Callaghan: I'm trying to set up a simple web server for personal use, using Apache, and want to enable HTTPS access. This involves getting an SSL certificate and I'll be using LetsEncrypt (www.letsencrypt.org). The recommended way to do this is with Certbot, but I can't get past this error: # certbot --apache -d bree.org.uk Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for bree.org.uk Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Note that the httpd server is online and reachable from outside my local net, i.e. this doesn't appear to be a firewall issue. I've reported the problem upstream and followed a number of suggestions, but nothing seems to make any difference: https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 Any thoughts on this would be welcome, but please review the above link before replying. If certbot --apache doesn't work, you could try to only fetch the certificates and manually configure httpd to actually use them afterwards. I. e. do something like # certbot certonly --webroot -w /path/to/webroot -d $DOMAIN ... -- Regards mks ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Certbot error
Sat, 22 Apr 2023 13:11:45 +0100 Patrick O'Callaghan kirjoitti: > I'm trying to set up a simple web server for personal use, using > Apache, and want to enable HTTPS access. This involves getting an SSL > certificate and I'll be using LetsEncrypt (www.letsencrypt.org). Have you thought about http://nginx.org/en/docs/http/configuring_https_servers.html Instead of apache? Jarmo ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Certbot error
I'm trying to set up a simple web server for personal use, using Apache, and want to enable HTTPS access. This involves getting an SSL certificate and I'll be using LetsEncrypt (www.letsencrypt.org). The recommended way to do this is with Certbot, but I can't get past this error: # certbot --apache -d bree.org.uk Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for bree.org.uk Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Note that the httpd server is online and reachable from outside my local net, i.e. this doesn't appear to be a firewall issue. I've reported the problem upstream and followed a number of suggestions, but nothing seems to make any difference: https://community.letsencrypt.org/t/certbot-fails-with-cant-find-virtual-host-error/196800/29 Any thoughts on this would be welcome, but please review the above link before replying. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On Sat, 2023-04-22 at 01:46 -0700, ToddAndMargo via users wrote: > On 4/18/23 07:00, Matthew Miller wrote: > > or, of course, just upgrade your already-installed systems, which > > shouldn't take much longer than brewing and enjoying a nice cup of > > coffee. Enjoy! > > > Ha! Are you forgetting this preinstall command? > > # dnf --enablerepo=* update --refresh > > That cups of coffee is going to be really strong > and really cold. I've never done that and didn't do it this time. The repos I use are enabled by default, so why would I do this? poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Encryption for internet storage
On Fri, 2023-04-21 at 17:21 -0400, Go Canes wrote: > On Fri, Apr 21, 2023 at 5:17 PM Robert Nichols > wrote: > > And no, I don't have a clean solution for keeping encrypted backups > > in the cloud. I do believe that my current backup method (rdiff- > > backup-2.2.4-2.fc37) is incompatible with that. > > Don't know if it qualifies as a "clean solution" as it uses mono, but > duplicati easily handles encrypted backups to the cloud. As does Rclone, in the standard repo. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Installed Fedora 38 (sway) / grub2 on a new HD - boots OK but does not have a menuentry item in grub.cfg ?
Francis, On 2023-04-22 17:18, francis.montag...@inria.fr wrote: Hi. On Sat, 22 Apr 2023 16:37:53 +1000 Philip Rhoades via users wrote: - but why is there is not a line like this in /boot/grub2/grub.conf for Fedora 38 Sway? I can see that the appropriate other Sway files are in the /boot tree so I am guessing that grub2 somehow knows the proper, default boot image - even though the default does not have a menuentry in grub.cfg? I bet it's related to BootLoaderSpec. If you look at the ### BEGIN /etc/grub.d/10_linux ### section of grub.cfg you will see: # The blscfg command parses the BootLoaderSpec files stored in # /boot/loader/entries and populates the boot menu. Please refer to the Boot # Loader Specification documentation for the files format: # https://systemd.io/BOOT_LOADER_SPECIFICATION/. Ah - that sounds promising! - I will have a look at that - I would like a better understanding of how grub2 operates before I start messing around with adding entries to grub.cfg manually . . Thanks! Phil. -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Surprise! Fedora Linux 38 is here!
On 4/18/23 07:00, Matthew Miller wrote: or, of course, just upgrade your already-installed systems, which shouldn't take much longer than brewing and enjoying a nice cup of coffee. Enjoy! Ha! Are you forgetting this preinstall command? # dnf --enablerepo=* update --refresh That cups of coffee is going to be really strong and really cold. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: cifs mount error F38
> On 21 Apr 2023, at 23:33, Ranjan Maitra wrote: > > Barry, > > Thanks! > >> On Fri Apr21'23 10:35:32PM, Barry wrote: >> From: Barry >> Date: Fri, 21 Apr 2023 22:35:32 +0100 >> To: Community support for Fedora users >> Reply-To: Community support for Fedora users >> Subject: Re: cifs mount error F38 >> >> >> On 21 Apr 2023, at 19:34, Ranjan Maitra wrote: >>> >>> I recently upgraded two of my Fedora machines, but when I try to mount a >>> Windows share using mount-cifs, I get the following: >>> >>> mount error(126): Required key not available >>> >>> The mount.cifs command that is used has the following >>> sec=ntlmssp,rw,nounix,noserverino,file_mode=0777,dir_mode=0777,vers=3.0 >>> >>> Mounting this same share still works from my F37 machines. Presumably >>> something has changed with F38, and so I am wondering how to mount these >>> shares. >> >> What OS and software is serving the shares? > > The share is a Windows share. I do not know how to answer the software > question, sorry. What is the version of windows? > >> Can you use smbclient to access the share? > > I do not know about this. the above > sec=ntlmssp,rw,nounix,noserverino,file_mode=0777,dir_mode=0777,vers=3.0 are > needed in mount.cifs for things to work, with mount.cifs. > > How would I try using smbclient with something that matches the above > invocations? > > Sorry, I am not very familiar with this. Try the man page for smbclient, let us know if you can get it working. > > Thanks again for your help! > > Best wishes, > Ranjan > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Installed Fedora 38 (sway) / grub2 on a new HD - boots OK but does not have a menuentry item in grub.cfg ?
Hi. On Sat, 22 Apr 2023 16:37:53 +1000 Philip Rhoades via users wrote: > - but why is there is not a line like this in /boot/grub2/grub.conf for > Fedora 38 Sway? > I can see that the appropriate other Sway files are in the /boot tree so > I am guessing that grub2 somehow knows the proper, default boot image - > even though the default does not have a menuentry in grub.cfg? I bet it's related to BootLoaderSpec. If you look at the ### BEGIN /etc/grub.d/10_linux ### section of grub.cfg you will see: # The blscfg command parses the BootLoaderSpec files stored in # /boot/loader/entries and populates the boot menu. Please refer to the Boot # Loader Specification documentation for the files format: # https://systemd.io/BOOT_LOADER_SPECIFICATION/. -- francis ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Installed Fedora 38 (sway) / grub2 on a new HD - boots OK but does not have a menuentry item in grub.cfg ?
People, My Fedora WS has 4 drive bays and I access old boot and other HDs in bays 2-4. I just did a clean install of Fedora Sway to /dev/sda - everything is fine and the system boots OK but I am confused: - cat /etc/os-release NAME="Fedora Linux" VERSION="38 (Sway)" . PRETTY_NAME="Fedora Linux 38 (Sway)" ANSI_COLOR="0;38;2;60;110;180" . VARIANT="Sway" VARIANT_ID=sway - The install picked up old Fedora boot setups which show up in /boot/grub2/grub.conf like this: menuentry 'Fedora Linux 37 (KDE Plasma) (on /dev/sde3)' --class gnu-linux --class gnu --class os $menuentry_id_option 'osprober-gnulinux-/boot/vmlinuz-6.0.7-301.fc37.x86_64--f6f43412-e6ed-4dff-808b-fe013691c3b6' { - but why is there is not a line like this in /boot/grub2/grub.conf for Fedora 38 Sway? I can see that the appropriate other Sway files are in the /boot tree so I am guessing that grub2 somehow knows the proper, default boot image - even though the default does not have a menuentry in grub.cfg? A pointer to a link for info would be great . . Thanks! Phil. -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: Upstream for libvirtd?
On 4/7/23 13:43, ToddAndMargo via users wrote: Anyone know where "upstream" is for libvirtd? Upstream figure out my problem. And it is specifically with Fedora's RPM. libvirt-daemon dies after being idle https://bugzilla.redhat.com/show_bug.cgi?id=2177547#c2 (It is suppose to die after two minutes.) Thank you all for helping me finding upstream! ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue