Re: (deb-cat) instalacio multiarch

[Narcis Garcia]

És a dir, que els discs «multiarch» símplement tenen paquets per a les
dues arquitectures, i instal·len una de sola?
Em pensava que hi havia paquets o compilacions de programari
«multiarquitectura».



__
I'm using this express-made address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.
El 12/12/17 a les 16:57, tictacbum ha escrit:
> bé, un si, que pesa més :P
> 
> El dia 12 de desembre de 2017 a les 16:55, tictacbum
> > ha escrit:
> 
> Hola,
> que jo sàpiga l'únic avantatge dels discs multiarch és que
> t'estalvies de tenir dos discs separats i no se m'acut cap inconvenient
> 
> salut!
> Lluís
> 
> 
> El dia 12 de desembre de 2017 a les 9:10, Narcis Garcia
> > ha escrit:
> 
> Als equips fins i686 els instal·lo distribucions d'arquitectura
> i386 i
> als altres normalment els instal·lo amb arquitectura amd64.
> 
> M'agradaria saber millor els avantatges (i desavantatges)
> d'instal·lar
> amb discs «multiarch» a qualsevol dels ordinadors.
> 
> Gràcies.
> 
> --
> 
> 
> __
> I'm using this express-made address because personal addresses
> aren't
> masked enough at this mail public archive. Public archive
> administrator
> should fix this against automated addresses collectors.
> 
> 
> 

Re: how to install stretch securely

[David Christensen]

On 12/11/17 21:30, John Hasler wrote:

David Christensen writes:

I suggest that you contact your stock broker and find out what
hardware, operating system, and software they recommend and support.


I suggest that if your broker requires any particular hardware, OS, or
software that you find a new broker.


Requirements are a reality of all software, in spite of ANSI C, Java, etc..


Charles Schwab boasts about the depth and breadth of their software 
offerings:


https://www.schwab.com/public/schwab/active_trader/trading_tools

* StreetSmart Edge requires Windows 7 with Service Pack 1, minimum, and 
recommends Windows 8.1 (64-bit) or later.


* Accessing StreetSmart Edge over the web requires Internet Explorer, 
Safari, or Firefox.


* Schwab Mobile is available via the Apple App Store, Google Play, and 
Amazon Appstore for Android.  There is also a version for Apple Watch at 
the App Store.  I did not see the iOS or Android version requirements.



For Debian users, the obvious choice is Firefox on Debian 9, 8, or 7.


David

Fwd: problème de sauvegarde avec deja-dup

[Bernard Schoenacker]

- Mail transféré -
> De: "jean-pierre giraud" 
> À: debian-user-french@lists.debian.org
> Envoyé: Mercredi 13 Décembre 2017 01:12:46
> Objet: problème de sauvegarde avec deja-dup
> 
> Bonjour,
> Je redirige sur la liste une question envoyée par erreur à la liste
> debian-news-fre...@lists.debian.org
> 
> jipege
> 
>  Message transféré 
> Sujet :   Re: Publication de la mise à jour de Debian 9.3
> Date :Tue, 12 Dec 2017 17:59:28 +0100
> De :  christian 
> Pour :jean-pierregir...@neuf.fr
> Copie à : debian-news-fre...@lists.debian.org
> 
> Bonjour,
> 
> Merci pour votre suivi de Debian.
> 
> Je suis en version Debian 9. Je rencontre un gros problème avec
> deja-dup
> qui refuse de sauvegarder.
> 
> Etes vous au courant ? Ci-joint quelques élements du bug. dans
> fichier
> joint Deja-Dup.odt.
> 
> Au passage pouvez vous me conseiller sur les outils de backup Debian
> ?
> sbackup ou deja-dup ou autre ?
> 
> Bien cordialement
> 
> Christian Rozé
> 
> 
bonjour,

serait il possible d'essayer luckybackup ou bacula ?

slt
bernard

Re: does elinks have a show hidden links option?

[Karen Lewellen]

good for you, however, you are not me.
because of a condition tied to anesthetic over exposure resulting in a 
auditory processing challenge, all software produced speech stimulates the 
dizzy centres of my brain.
While I am thrilled for your solution, I fail to see how it applies to my 
question, or its place in this thread...unless you wish to claim all those 
who  may share a label are equally interchangeable for one another?




On Tue, 12 Dec 2017, Jude DaShiell wrote:

With a compatible device iphone/ipad or android and the be my eyes app loaded 
on it it's possible to use the app and request assistance solving the 
captchas if lios won't work and firefox has been modified so often webvisum 
is no longer useable.


On Tue, 12 Dec 2017, Karen Lewellen wrote:


 Date: Tue, 12 Dec 2017 22:28:16
 From: Karen Lewellen 
 To: Dan Purgert 
 Cc: debian-user@lists.debian.org
 Subject: Re: does elinks have a show hidden links option?
 Resent-Date: Wed, 13 Dec 2017 03:28:35 + (UTC)
 Resent-From: debian-user@lists.debian.org

 As I experience blindness meaning I cannot read the image, and paypal does
 not provide  as I experience things  inclusive ways around this, doing the
 verification is not an option.
 Oddly enough I have used the browser before, many times in fact...so the
 answer   to my actual question?



 On Wed, 13 Dec 2017, Dan Purgert wrote:

>   Karen Lewellen wrote:
> >   Hi,
> >   working with PayPal e-mail  come to think of it, does elinks have a 
> >   way

> >   to change  the character set display?
> >   No idea if this will  help, but paypal only lets me use one browser
> >   now..all  others generate an image verification.
> >   Thanks,
> >   Karen
> 
>   Sounds like your cookies have expired (or you've not used the browser

>   before, or you've cleaned the cache, etc.).  Should just need to do the
>   verification, and tell paypal to remember you again.
> 
> 
>   -- 
> |  _|O|_| Registered Linux user #585947

> |  _|_|O| Github: https://github.com/dpurgert
> |  O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281
> 
> 





--

Re: does elinks have a show hidden links option?

[Karen Lewellen]

I haven't the slightest idea, as I am not using  the program.
Frankly encouraging the use of  w3c suggested verification's, things like 
math problems, or using  a honeypot test instead of graphical ones at all

 is a better focus.
Especially since my elinks question, where I prefer focusing my attention, 
has not even been touched laughs.




On Tue, 12 Dec 2017, Jude DaShiell wrote:


I'm curious, could lios be used to handle captchas?

On Tue, 12 Dec 2017, Karen Lewellen wrote:


 Date: Tue, 12 Dec 2017 21:36:53
 From: Karen Lewellen 
 To: debian-user@lists.debian.org
 Subject: does elinks have a show hidden links option?
 Resent-Date: Wed, 13 Dec 2017 02:46:14 + (UTC)
 Resent-From: debian-user@lists.debian.org

 Hi,
 working with PayPal e-mail  come to think of it, does elinks have a way to
 change  the character set display?
 No idea if this will  help, but paypal only lets me use one browser
 now..all others generate an image verification.
 Thanks,
 Karen


 "No one is born hating another person because of the color of his
 skin or his background or his religion ... People must learn to
 hate, and if they can learn to hate, they can be taught to
 love... For love comes more naturally to the human heart than its
 opposite." Nelson Mandela.




--

Re: does elinks have a show hidden links option?

[Jude DaShiell]

With a compatible device iphone/ipad or android and the be my eyes app 
loaded on it it's possible to use the app and request assistance solving 
the captchas if lios won't work and firefox has been modified so often 
webvisum is no longer useable.


On Tue, 12 Dec 2017, Karen Lewellen wrote:


Date: Tue, 12 Dec 2017 22:28:16
From: Karen Lewellen 
To: Dan Purgert 
Cc: debian-user@lists.debian.org
Subject: Re: does elinks have a show hidden links option?
Resent-Date: Wed, 13 Dec 2017 03:28:35 + (UTC)
Resent-From: debian-user@lists.debian.org

As I experience blindness meaning I cannot read the image, and paypal does 
not provide  as I experience things  inclusive ways around this, doing the 
verification is not an option.
Oddly enough I have used the browser before, many times in fact...so the 
answer   to my actual question?




On Wed, 13 Dec 2017, Dan Purgert wrote:


 Karen Lewellen wrote:

 Hi,
 working with PayPal e-mail  come to think of it, does elinks have a way
 to change  the character set display?
 No idea if this will  help, but paypal only lets me use one browser
 now..all  others generate an image verification.
 Thanks,
 Karen


 Sounds like your cookies have expired (or you've not used the browser
 before, or you've cleaned the cache, etc.).  Should just need to do the
 verification, and tell paypal to remember you again.


 -- 
| _|O|_| Registered Linux user #585947

| _|_|O| Github: https://github.com/dpurgert
| O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281







--

Re: does elinks have a show hidden links option?

[Jude DaShiell]

I'm curious, could lios be used to handle captchas?

On Tue, 12 Dec 2017, Karen Lewellen wrote:


Date: Tue, 12 Dec 2017 21:36:53
From: Karen Lewellen 
To: debian-user@lists.debian.org
Subject: does elinks have a show hidden links option?
Resent-Date: Wed, 13 Dec 2017 02:46:14 + (UTC)
Resent-From: debian-user@lists.debian.org

Hi,
working with PayPal e-mail  come to think of it, does elinks have a way to 
change  the character set display?
No idea if this will  help, but paypal only lets me use one browser now..all 
others generate an image verification.

Thanks,
Karen


"No one is born hating another person because of the color of his
skin or his background or his religion ... People must learn to
hate, and if they can learn to hate, they can be taught to
love... For love comes more naturally to the human heart than its
opposite." Nelson Mandela.




--

Re: Rust? (and a wordsmithing question)

[Richard Hector]

On 13/12/17 06:09, Curt wrote:
> On 2017-12-12,   wrote:
>> On Tue, Dec 12, 2017 at 08:24:39AM -0800, James H. H. Lampert wrote:
>>
>> [...]
>>
>>> McGill MUSIC still exists, actually.
>>>
>>> http://webpages.mcgill.ca/staff/group3/dedwar1/web/msi/musicsp.htm
>> Thanks for the link :-)
> The Sim390 mainframe emulator home page link at the bottom appears to be
> defunct (downloadable demo version you can run in a virtual machine on
> Windows?).

There's a working link on the Wikipedia page:

https://en.wikipedia.org/wiki/MUSIC%2FSP
http://www.canpub.com/teammpg/de/sim390/index.htm

Richard



signature.asc
Description: OpenPGP digital signature

Re: does elinks have a show hidden links option?

[Karen Lewellen]

As I experience blindness meaning I cannot read the image, and paypal does 
not provide  as I experience things  inclusive ways around this, doing the 
verification is not an option.
Oddly enough I have used the browser before, many times in fact...so the 
answer   to my actual question?




On Wed, 13 Dec 2017, Dan Purgert wrote:


Karen Lewellen wrote:

Hi,
working with PayPal e-mail  come to think of it, does elinks have a way
to change  the character set display?
No idea if this will  help, but paypal only lets me use one browser
now..all  others generate an image verification.
Thanks,
Karen


Sounds like your cookies have expired (or you've not used the browser
before, or you've cleaned the cache, etc.).  Should just need to do the
verification, and tell paypal to remember you again.


--
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: does elinks have a show hidden links option?

[Dan Purgert]

Karen Lewellen wrote:
> Hi,
> working with PayPal e-mail  come to think of it, does elinks have a way 
> to change  the character set display?
> No idea if this will  help, but paypal only lets me use one browser 
> now..all  others generate an image verification.
> Thanks,
> Karen

Sounds like your cookies have expired (or you've not used the browser
before, or you've cleaned the cache, etc.).  Should just need to do the
verification, and tell paypal to remember you again.


-- 
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: overcoming known kernel bug

[David Christensen]

On 12/12/17 05:30, Brian Oney wrote:

I am having trouble with my 2016 lenovo thinkpad yoga 11e (3rd gen) running
the current version of debian stable (stretch). The on wake-from-suspend
the fan runs on high.

Specifically, I have:

~ $ uname -a
Linux tinkbox 4.9.0-4-amd64 #1 SMP Debian 4.9.51-1 (2017-09-28) x86_64
GNU/Linux

On wake-from-suspend:

   ~ $ sensors
   thinkpad-isa-
   Adapter: ISA adapter
   fan1:6125 RPM

   acpitz-virtual-0
   Adapter: Virtual device
   temp1:+65.0°C  (crit = +90.0°C)


The acpitz-virtual-0 pegs the temperature at 65°C and won't let it go.
Therefore the fan attempts liftoff.

I could attach the output of 'reportbug kernel', but the problem is known
and the bug is described in:

   https://bugzilla.kernel.org/show_bug.cgi?id=196129

The bug is present up until it's fix in kernel 4.13.4 or something around
that time. The solution is to install a much newer kernel (or downgrade).

Being lazy I tried to just install the latest backported kernel
(linux-image-4.13.0-0.bpo.1-amd64). That doesn't work.

What I find most interesting would be to compile a slimmer, faster kernel,
but I have failed (after consulting the debian kernel handbook). One thing
or the other doesn't work afterwards. Also, I run out of disk space lately
(15Gb is huge!)  My idea was to use the old kernel configuration (with
'make olddefconfig'), but there are so many new options and I honestly have
no clue how to get an overview and make an informed decision.
I would report this as a low priority kernel bug but it's (far) upstream.
It's also a known problem, which isn't necessarily debian's problem.

I would appreciate any advice. I bought this laptop because it's tough and
has a good battery. Any laptop that misbehaves on wake-from-suspend is not
a very useful laptop (Imagine a meeting with a constantly whining laptop).
Thanks in advance!


Debian 9 on certain laptops seems to have polling loop issues that 
manifest when the graphical login screen is displayed and when the 
screen saver is displayed.  These are deal-breaker bugs that will burn 
up your CPU and suck your battery dry.  Here's the bug report for my 
Dell Inspiron E1505/6400:


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878313

The fact that it has been ignored for 2 months is not encouraging.


My work-around has been to pull the battery, plug in the power adapter, run:

cpufreq-set -g powersave

to minimize heating/ damage when I log out/ screen lock, and run:

cpufreq-set -g ondemand

when I log in.


I read a post somewhere that someone had found a way to muck with 
configuration settings and make at least some of the problems go away, 
but I don't have that URL.



Looking at the Debian Testing kernel packages, it doesn't look like 
Testing includes the bug fixes you mention (?):


https://packages.debian.org/testing/kernel/


Ideas:

1.  Go older -- e.g. Debian 8 or Debian 7.

2.  Go bleeding edge -- e.g. Debian Unstable, Fedora, or Arch.

3.  Run Windows and a hypervisor.


David

does elinks have a show hidden links option?

[Karen Lewellen]

Hi,
working with PayPal e-mail  come to think of it, does elinks have a way 
to change  the character set display?
No idea if this will  help, but paypal only lets me use one browser 
now..all  others generate an image verification.

Thanks,
Karen


"No one is born hating another person because of the color of his
skin or his background or his religion ... People must learn to
hate, and if they can learn to hate, they can be taught to
love... For love comes more naturally to the human heart than its
opposite." Nelson Mandela.

emacs fails to launch from the gnome shortcut

[Boyan Penkov]

Hey folks,

Here’s an interesting one;

After restart, emacs-gui (using the gnome desktop shortcut) fails to launch, 
stalling at pdf-tool’s server launch.

However, running “emacs &” at a terminal pulls up everything quite cleanly.  
-debug-init shows nothing in the terminal.

I’m on buster.  Any thoughts?

Cheers!
--
Boyan Penkov
www.boyanpenkov.com

Re: is there any Windows virus that affect linux?

[x9p]

On Tue, December 12, 2017 8:00 am, to...@tuxteam.de wrote:
...
> That said, this kinds of attacks are so complex that (as in the
> case of Stuxnet) it possibly takes the resources of a nation-state
> (or, in this case, probably two) to set something up like that.
> OTOH things are pretty fluid these days, so I wouldn't count on
> that staying the same for a long time.
>
> So to sum up -- you'll have to read up on many things to even
> understand an answer to your question. My current answer would
> be (to some high, but unspecified degree of probability) "No",
> but that might change whithin the next couple o'years.
>
...

If a nation-state wanna play games with you, there are a lot of more
important things you should really care about...

ps:

ELF --> PE infection on FAT/FAT32/NTFS partition on same disk, unencrypted
(quite easy)
PE --> ELF infection on ext? partition on same disk, unencrypted (bit more
of work)

cheers.

--
x9p | PGP : 0x03B50AF5EA4C8D80 / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE
1524 E7EE

problème de sauvegarde avec deja-dup

[jean-pierre giraud]

Bonjour,
Je redirige sur la liste une question envoyée par erreur à la liste 
debian-news-fre...@lists.debian.org

jipege

 Message transféré 
Sujet : Re: Publication de la mise à jour de Debian 9.3
Date :  Tue, 12 Dec 2017 17:59:28 +0100
De :christian 
Pour :  jean-pierregir...@neuf.fr
Copie à :   debian-news-fre...@lists.debian.org

Bonjour,

Merci pour votre suivi de Debian.

Je suis en version Debian 9. Je rencontre un gros problème avec deja-dup
qui refuse de sauvegarder.

Etes vous au courant ? Ci-joint quelques élements du bug. dans fichier
joint Deja-Dup.odt.

Au passage pouvez vous me conseiller sur les outils de backup Debian ?
sbackup ou deja-dup ou autre ?

Bien cordialement

Christian Rozé

14 Studencki Festiwal Informatyczny w Krakowie.

[Krzysztof Zubik]

Nareszcie mam dlugo oczekiwana wiadomosc.

14 Studencki Festiwal Informatyczny-2016 bedzie od 5 do 7 kwietnia t.j.
od czwartku do soboty.

Przed chwilka wiadomosc ta pojawila sie na fb.
pod https://www.facebook.com/sfikrakow

Na aktualisacje witryny pod http://www.sfi.org.pl trzeba
poczekac. Za kilka dni prawdopodobnie dowiemy sie
gdzie dokladnie bedzie to wielkie spotkanie.


Open Source jest dziś największym i najważniejszym nurtem w sektorze IT 
- albo dasz się ponieść na fali, albo utoniesz próbując płynąć pod prąd...

--
Konczac Zycze  Zdrowych i Wesolych Swiat,
oraz Szczesliwego Nowego Roku. Krzysztof.

Registered Linux User: 253243
Powered by Aurox 11.0, Ubuntu 16.04
Krzysztof Zubik. | kzu...@netglob.com.pl | krzysztof.zu...@gmail.com
http://www.kzubik.gda.pl | http://wpolsce.it
Kanał na YouTube.
https://www.youtube.com/channel/UCJxbf19gUD1XAo96ZADdIlg

Managed Service Providers (MSPs) Global Accounts

[Cheryl Weston]

Hi,

This is Cheryl from pre-sales team. Hope you're doing great.

With the revolution created in the IT Industry by Managed Service Providers 
(MSPs) to target SMB's which is turning out to be a very successful venture, I 
am pitching you customized and targeted MSPs, MSSPs, VARs and ISVs of your 
direct competitors for your Channel and Partner Marketing Initiative.

Would you also be interested in targeting End Users Install Base of the below 
competitors?

We have 100% Opt-In Data Intelligence of:-

Data center and collaboration: - Cisco, Aruba, Avaya, Polycom, Brocade and 
Check Point Users

Firewall: - Fortinet, SonicWall, Palo Alto, WatchGuard, F5, Sophos and Trend 
Micro Users

Kindly review and let me know and I will get back with more information on the 
same.

Regards,
Cheryl

To REMOVE from this mailing list mention UNSUBSCRIBE

Re: bnfa/sharing

[Yann Serre]

Oui, d'où le smiley qui relativise et élargit le "privé" à "partage 
discret avec modération" :)


Le 12/12/2017 à 21:28, Jean Bernon a écrit :

Le site permet à toute personne privée qui a un handicap de télécharger 
gratuitement des documents pour un usage privé. Donc si Pierre qui a un 
handicap distribue un document qu'il a téléchargé à Paul qui a le même 
handicap, mais qui n'est pas de sa famille, c'est formellement illégal en 
effet, mais je doute fort que ce soit là le souci majeur de la BnF qui 
distribue ces documents. Le souci majeur c'est bien le risque d'une 
distribution large, a fortiori sur un site public, à des personnes qui ne sont 
pas éligibles à la distribution gratuite de ces documents.

Re: bnfa/sharing

[Jean Bernon]

Le site permet à toute personne privée qui a un handicap de télécharger 
gratuitement des documents pour un usage privé. Donc si Pierre qui a un 
handicap distribue un document qu'il a téléchargé à Paul qui a le même 
handicap, mais qui n'est pas de sa famille, c'est formellement illégal en 
effet, mais je doute fort que ce soit là le souci majeur de la BnF qui 
distribue ces documents. Le souci majeur c'est bien le risque d'une 
distribution large, a fortiori sur un site public, à des personnes qui ne sont 
pas éligibles à la distribution gratuite de ces documents.


- Mail original - 

> De: "Yann Serre" 
> À: debian-user-french@lists.debian.org
> Envoyé: Mardi 12 Décembre 2017 21:02:14
> Objet: Re: bnfa/sharing

> Bonjour, sauf que "distribuer une copie à quelques personnes privées"
> est aussi illégal :)
> Distribuer dans son foyer (à soi-même, à son conjoint, à ses enfants
> vivant dans le foyer,... ), ça c'est privé au sens de la loi.
> Le voisin ou les amis, ça c'est public...

> Le 12/12/2017 à 20:03, Jean Bernon a écrit :
> > Consulte les mentions légales du site.
> > http://www.bnfa.fr/mentions-legales
> > Il est dit que tout autre usage que privé est illégal. Donc si tu
> > distribues une copie à quelques personnes privées pas de problème.
> > Si toi ou l'une d'entre elles met les données en ligne sur un site
> > public (sens de sharing ?), c'est illégal.
> > Le plus simple est de leur dire ce que tu veux faire exactement.
> > Ils te diront si c'est légal et sous quelles conditions.

Re: bnfa/sharing

[Yann Serre]

Bonjour, sauf que "distribuer une copie à quelques personnes privées" 
est aussi illégal :)
Distribuer dans son foyer (à soi-même, à son conjoint, à ses enfants 
vivant dans le foyer,... ), ça c'est privé au sens de la loi.

Le voisin ou les amis, ça c'est public...

Le 12/12/2017 à 20:03, Jean Bernon a écrit :

Consulte les mentions légales du site.
http://www.bnfa.fr/mentions-legales  
Il est dit que tout autre usage que privé est illégal. Donc si tu distribues une copie à quelques personnes privées pas de problème. Si toi ou l'une d'entre elles met les données en ligne sur un site public (sens de sharing ?), c'est illégal.

Le plus simple est de leur dire ce que tu veux faire exactement. Ils te diront 
si c'est légal et sous quelles conditions.

Re: Qu'est ce qui rend nécessaire un changement de MTU ?

[Pascal Hambourg]

Le 12/12/2017 à 09:15, Olivier a écrit :


Après recherches, il s'avère qu'en valorisant à 1472, le MTU (par une
commande "ifconfig eth0 mtu up"), les conséquences du problème ont disparu
(plus d'affichage SSH tronqué, scp OK).

J'aimerai comprendre ce qui s'est passé et ce qui a, en apparence, du
moins, rendu nécessaire ce changement de MTU.


Un changement de MTU (diminution) le long du chemin et une mauvaise 
gestion de la fragmentation et des messages ICMP "destination 
unreachable - fragmentation needed but DF (don't fragmet flag) set".


Lorsqu'un routeur reçoit un paquet IPv4 qu'il doit router par une 
interface de MTU inférieure à la taille du paquet, doit :
- si le paquet a le flag DF à 0, fragmenter le paquet et envoyer les 
fragments par l'interface ;
- si le paquet a le flag DF à 1, écarter le paquet et renvoyer un 
message d'erreur ICMP "destination unreachable - fragmentation needed 
but DF set" annonçant la taille maximum à l'adresse source du paquet.


Les problèmes possibles sont nombreux :
- Le routeur écarte les paquets trop gros mais n'envoie pas de messages 
ICMP, ou l'équipement où a lieu la baisse de MTU n'est pas un routeur 
(exemple : concentrateur d'accès PPPoE ADSL qui n'est qu'un relais entre 
un tunnel PPPoE et un tunnel L2TP).
- Les messages d'erreur ICMP sont filtrés en chemin par un firewall ou 
ignorés par l'émetteur du paquet initial.

- les fragments sont filtrés en chemin par un firewall.

Les VPN et autres tunnels sont de gros pourvoyeurs de baisse de MTU 
et/ou de fragmentation car l'encapsulation augmente la taille des paquets.

Re: Qu'est ce qui rend nécessaire un changement de MTU ?

[Pascal Hambourg]

Le 12/12/2017 à 14:14, Olivier Krief a écrit :

Mea culpa:

il fallait lire:
1472 + 4 (IP) + 20 (ICMP) = 1500

et non:
1428 + 4 (IP) + 20 (ICMP) = 1500


Encore faux.

20 (IP) + 8 (ICMP) + 1472 (data) = 1500

Re: bnfa/sharing

[Jean Bernon]

Consulte les mentions légales du site. 
http://www.bnfa.fr/mentions-legales 
Il est dit que tout autre usage que privé est illégal. Donc si tu distribues 
une copie à quelques personnes privées pas de problème. Si toi ou l'une d'entre 
elles met les données en ligne sur un site public (sens de sharing ?), c'est 
illégal. 
Le plus simple est de leur dire ce que tu veux faire exactement. Ils te diront 
si c'est légal et sous quelles conditions. 
- Mail original -

> De: mala...@elude.in
> À: debian-user-french@lists.debian.org
> Envoyé: Mardi 12 Décembre 2017 17:51:37
> Objet: bnfa/sharing

> www.bnfa.fr

> est-ce qu'un partage est illégal ?
> (copy audio)

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

[David Wright]

On Mon 11 Dec 2017 at 09:16:35 (-0500), rhkra...@gmail.com wrote:

> From the Wikipedia article on "Magnetic storage":
> 
> https://en.wikipedia.org/wiki/Magnetic_storage#Design
> 
> "For reliable storage of data, the recording material needs to resist self-
> demagnetisation, which occurs when the magnetic domains repel each other. 
> Magnetic domains written too densely together to a weakly magnetisable 
> material will degrade over time due to rotation of the magnetic moment one or 
> more domains to cancel out these forces. The domains rotate sideways to a 
> halfway position that weakens the readability of the domain and relieves the 
> magnetic stresses. Older hard disk drives used iron(III) oxide as the 
> magnetic 
> material, but current disks use a cobalt-based alloy.[1]"

The last sentence belongs at the end of the previous paragraph,
which explains two changes made in disk technology:
i  horizontal→vertical,
ii iron→cobalt.

> I have trouble understanding that 2nd sentence:

Yes, it doesn't parse, and it also doesn't clearly express which
domains (grains or regions) are meant at each mention of the term.

But before changing it, I'd want to check out the physics. 



 "Magnetic domains written too 
> densely together to a weakly magnetisable material will degrade over time due 
> to rotation of the magnetic moment one or more domains to cancel out these 
> forces." and would like to rewrite it to be more clear--I'll make an attempt 
> below--suggestions are welcome:
> 
> "Magnetic domains written too densely together to a weakly magnetisable 
> material will degrade over time--the magnetic forces which impact the disk 
> during rotation will cause one or more of the tiny magnetic domains to rotate 
> to (partialy) cancel out the intended magnetization (which stores the data)."
> 
> I'll probably also replace "too densely together" with either "too close 
> together" or "too densely".
> 
> Maybe I've combined too much of the third sentence into the second sentence 
> and it might stand rewriting as well.

Cheers,
David.

bnfa/sharing

[malakit]

www.bnfa.fr

est-ce qu'un partage est illégal ?
(copy audio)

Re: Rust? (and a wordsmithing question)

[Curt]

On 2017-12-12,   wrote:
>
> On Tue, Dec 12, 2017 at 08:24:39AM -0800, James H. H. Lampert wrote:
>
> [...]
>
>> McGill MUSIC still exists, actually.
>> 
>> http://webpages.mcgill.ca/staff/group3/dedwar1/web/msi/musicsp.htm
>
> Thanks for the link :-)

The Sim390 mainframe emulator home page link at the bottom appears to be
defunct (downloadable demo version you can run in a virtual machine on
Windows?).

Whatever.

Apropos, I sure hope Oumuamua is an alien probe and not a real (close,
but no) cigar. We should know tomorrow.

> Cheers
> - -- t
>
>


-- 
"The world is full of shipping clerks who have read the Harvard Classics."
— Charles Bukowski

Re: Rust? (and a wordsmithing question)

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, Dec 12, 2017 at 08:24:39AM -0800, James H. H. Lampert wrote:

[...]

> McGill MUSIC still exists, actually.
> 
> http://webpages.mcgill.ca/staff/group3/dedwar1/web/msi/musicsp.htm

Thanks for the link :-)

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlowBkYACgkQBcgs9XrR2kYvvwCbB1eUHVeVhdawlx4TofkTJZVK
/NUAn3xH6ExFlfHgkVR5lq4P2wLdNtY4
=Yeif
-END PGP SIGNATURE-

Re: Rust? (and a wordsmithing question)

[James H. H. Lampert]

I wrote:

The student timeshare systems my high school used (running the
McGill University MUSIC operating system) while I was a student
there (an IBM 370/135 at the District Office) and shortly after I
graduated (an on-site IBM 4341) used Merlin drives.


to which Tomas replied:

Those times, high schools and unis built their own OSes. These day
they even outsource "programming" web pages. Way to go :-(


McGill MUSIC still exists, actually.

http://webpages.mcgill.ca/staff/group3/dedwar1/web/msi/musicsp.htm

--
JHHL

Re: imprimante bien compatible avec cups

[andre_debian]

On Tuesday 05 December 2017 14:08:04 fab wrote:
> > à 1€ pièce chez Amazon. À ce tarif là, j'imprime à gogo sans sourciller.
> > Désolé d'être un tantinet GAFAM et de ne pas respecter l'éthique
> > 100% Libriste, mais bon, au moins ça marche impec, pas cher 
> > et pas de soucis. 
> Mais ne sois pas désolé. C'est un choix que tu fais... en conscience.
> > :-)

On peut formuler le problème ainsi :
Comment combiner un système global qui fonctionne bien 
mais ne respecte pas complètement l'éthique du logiciel Libre 
et Opensource ?

To be or not to be, that is the question ?  comme l'a dit Shakespeare :-)

André

Re: (deb-cat) instalacio multiarch

[tictacbum]

bé, un si, que pesa més :P

El dia 12 de desembre de 2017 a les 16:55, tictacbum 
ha escrit:

> Hola,
> que jo sàpiga l'únic avantatge dels discs multiarch és que t'estalvies de
> tenir dos discs separats i no se m'acut cap inconvenient
>
> salut!
> Lluís
>
>
> El dia 12 de desembre de 2017 a les 9:10, Narcis Garcia <
> debianli...@actiu.net> ha escrit:
>
>> Als equips fins i686 els instal·lo distribucions d'arquitectura i386 i
>> als altres normalment els instal·lo amb arquitectura amd64.
>>
>> M'agradaria saber millor els avantatges (i desavantatges) d'instal·lar
>> amb discs «multiarch» a qualsevol dels ordinadors.
>>
>> Gràcies.
>>
>> --
>>
>>
>> __
>> I'm using this express-made address because personal addresses aren't
>> masked enough at this mail public archive. Public archive administrator
>> should fix this against automated addresses collectors.
>>
>>
>

Re: (deb-cat) instalacio multiarch

[tictacbum]

Hola,
que jo sàpiga l'únic avantatge dels discs multiarch és que t'estalvies de
tenir dos discs separats i no se m'acut cap inconvenient

salut!
Lluís

El dia 12 de desembre de 2017 a les 9:10, Narcis Garcia <
debianli...@actiu.net> ha escrit:

> Als equips fins i686 els instal·lo distribucions d'arquitectura i386 i
> als altres normalment els instal·lo amb arquitectura amd64.
>
> M'agradaria saber millor els avantatges (i desavantatges) d'instal·lar
> amb discs «multiarch» a qualsevol dels ordinadors.
>
> Gràcies.
>
> --
>
>
> __
> I'm using this express-made address because personal addresses aren't
> masked enough at this mail public archive. Public archive administrator
> should fix this against automated addresses collectors.
>
>

Re: NVIDIA Corporation Device [10de:179c] (rev a2)

[disk]

El 10/12/17 a las 22:07, Felix Perez escribió:

El 10 de diciembre de 2017, 14:06, divagante
 escribió:

El 04/12/17 a las 17:50, Felix Perez escribió:


El 4 de diciembre de 2017, 14:23, guillendario .
 escribió:


Espero alguien pueda ayudarme:

Cuento con una laptop con dos tarjetas gráficas, investigando encontre lo
que es nvidia optimus y bumblebee, he seguido los pasos de la wiki para
instalarlo y al parecer todo va bien, al reiniciar me encuentro con el
siguente programa: NVIDIA X Server Settings. Pero al ejecutarlo me sale
el
siente mensaje: You do not appear to be using the NVIDIA X driver. Please
edit your X configuration file (just run nvidia-xconfig as root), and
restart the X server.

Abro una terminal y ejecuto:

sudo nvidia-xconfig

con lo cual optengo:

sudo: nvidia-xconfig: command not found

y  aquí ya no se que mas hacer, he buscado bastante pero no encuentro una
solución, también he descargado el driver directo de la pagina de nvidia
y
al ejecutarlo me sale el mismo mensaje de arriba, al parecer no detecta
bien
la tarjeta envidia, al poner en terminal lspci obtengo lo siguiente:

00:00.0 Host bridge: Intel Corporation Xeon E3-1200 v6/7th Gen Core
Processor Host Bridge/DRAM Registers (rev 02)
00:02.0 VGA compatible controller: Intel Corporation HD Graphics 620 (rev
02)
00:04.0 Signal processing controller: Intel Corporation Skylake Processor
Thermal Subsystem (rev 02)
00:13.0 Non-VGA unclassified device: Intel Corporation Device 9d35 (rev
21)
00:14.0 USB controller: Intel Corporation Sunrise Point-LP USB 3.0 xHCI
Controller (rev 21)
00:14.2 Signal processing controller: Intel Corporation Sunrise Point-LP
Thermal subsystem (rev 21)
00:15.0 Signal processing controller: Intel Corporation Sunrise Point-LP
Serial IO I2C Controller #0 (rev 21)
00:15.1 Signal processing controller: Intel Corporation Sunrise Point-LP
Serial IO I2C Controller #1 (rev 21)
00:16.0 Communication controller: Intel Corporation Sunrise Point-LP CSME
HECI #1 (rev 21)
00:17.0 SATA controller: Intel Corporation Sunrise Point-LP SATA
Controller
[AHCI mode] (rev 21)
00:1c.0 PCI bridge: Intel Corporation Sunrise Point-LP PCI Express Root
Port
(rev f1)
00:1c.6 PCI bridge: Intel Corporation Sunrise Point-LP PCI Express Root
Port
#7 (rev f1)
00:1d.0 PCI bridge: Intel Corporation Sunrise Point-LP PCI Express Root
Port
#9 (rev f1)
00:1f.0 ISA bridge: Intel Corporation Sunrise Point-LP LPC Controller
(rev
21)
00:1f.2 Memory controller: Intel Corporation Sunrise Point-LP PMC (rev
21)
00:1f.3 Audio device: Intel Corporation Device 9d71 (rev 21)
00:1f.4 SMBus: Intel Corporation Sunrise Point-LP SMBus (rev 21)
01:00.0 3D controller: NVIDIA Corporation Device 179c (rev ff)
02:00.0 Network controller: Intel Corporation Wireless 8260 (rev 3a)

Por lo que veo la tarjeta envidia no es correctamente reconocida, y  no
he
encontrado como solucionarlo, ya reinstale el sistema un par de veces
pensando que fue algun error en la instalacion pero sigo obteniendo lo
mismo, y pensé que al instalar bumblebee se arreglaría pero despues de
reiniciar sigo con lo mismo.

Bueno esa es mis situación actual, agradecería mucho si alguien pudiera
ayudarme.

Mi nombre es Darío Guillén de antemano gracias.

Saludos.



No mencionas ni marca y  modelo de laptop y tampoco el modelo de la T.
Video  Nvidia



A ver felix.. y porque no ha de mencionarlas?




Estimado lo invito amablemente a leer el hilo completo antes de responder algo.

Saludos.




 Hola, puedes probar con el siguiente comando:
 optirun nvidia-xconfig

 En el siguiente enlace esta bien explicado el uso de bumblebee
 https://wiki.debian.org/es/Bumblebee

 Un saludo.

Re: unison compatibility in stretch

[David Margerison]

On 12 December 2017 at 21:16, Tony van der Hoff  wrote:
> On 12/12/17 08:50, Curt wrote:
>>
>> * workaroundable via symlink version number truncation bug
>>
> Thanks for your reply, Curt, but we appear to speak different languages ;)
>
> WVSVNTB?

The mysterious "WVSVNTB" might be a reference to the first line I have
quoted above.

overcoming known kernel bug

[Brian Oney]

Dear Debian User List,

I am having trouble with my 2016 lenovo thinkpad yoga 11e (3rd gen) running
the current version of debian stable (stretch). The on wake-from-suspend
the fan runs on high.

Specifically, I have:

~ $ uname -a
Linux tinkbox 4.9.0-4-amd64 #1 SMP Debian 4.9.51-1 (2017-09-28) x86_64
GNU/Linux

On wake-from-suspend:

  ~ $ sensors
  thinkpad-isa-
  Adapter: ISA adapter
  fan1:6125 RPM

  acpitz-virtual-0
  Adapter: Virtual device
  temp1:+65.0°C  (crit = +90.0°C)


The acpitz-virtual-0 pegs the temperature at 65°C and won't let it go.
Therefore the fan attempts liftoff.

I could attach the output of 'reportbug kernel', but the problem is known
and the bug is described in:

  https://bugzilla.kernel.org/show_bug.cgi?id=196129

The bug is present up until it's fix in kernel 4.13.4 or something around
that time. The solution is to install a much newer kernel (or downgrade).

Being lazy I tried to just install the latest backported kernel
(linux-image-4.13.0-0.bpo.1-amd64). That doesn't work.

What I find most interesting would be to compile a slimmer, faster kernel,
but I have failed (after consulting the debian kernel handbook). One thing
or the other doesn't work afterwards. Also, I run out of disk space lately
(15Gb is huge!)  My idea was to use the old kernel configuration (with
'make olddefconfig'), but there are so many new options and I honestly have
no clue how to get an overview and make an informed decision.
I would report this as a low priority kernel bug but it's (far) upstream.
It's also a known problem, which isn't necessarily debian's problem.

I would appreciate any advice. I bought this laptop because it's tough and
has a good battery. Any laptop that misbehaves on wake-from-suspend is not
a very useful laptop (Imagine a meeting with a constantly whining laptop).
Thanks in advance!

Cheers,
Brian

Re: Qu'est ce qui rend nécessaire un changement de MTU ?

[Olivier Krief]

Mea culpa:

il fallait lire:
1472 + 4 (IP) + 20 (ICMP) = 1500

et non:
1428 + 4 (IP) + 20 (ICMP) = 1500

Bluetooth devices get disconnected.

[Jiri Kanicky]

Hi.

I am running Debian Sid with KDE. I have Logitech MX 2 and Bose 
Bluetooth headphones. I experience disconnects very often.


I tried to use different configuration, but nothing seems to work.

After running the following the mouse gets connected again, and I can 
reconnect BT headphones also. However the devices get disconnected again 
in 1, 5 or 10 minutes again:

hciconfig hci0 sspmode 1
hciconfig hci0 down
hciconfig hci0 up

I also noticed that when the mouse is working I see the following:

$ hciconfig -a
hci0:   Type: Primary  Bus: USB
    BD Address: 28:16:AD:B6:2A:0A  ACL MTU: 1021:4  SCO MTU: 96:6
    UP RUNNING
    RX bytes:21923293 acl:792631 sco:0 events:111597 errors:0
    TX bytes:10619740 acl:18458 sco:0 commands:1832 errors:0
    Features: 0xbf 0xfe 0x0f 0xfe 0xdb 0xff 0x7b 0x87
    Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3
    Link policy: RSWITCH SNIFF
    Link mode: SLAVE ACCEPT
    Name: 'supermanbt'
    Class: 0x1c010c
    Service Classes: Rendering, Capturing, Object Transfer
    Device Class: Computer, Laptop
    HCI Version: 4.2 (0x8)  Revision: 0x100
    LMP Version: 4.2 (0x8)  Subversion: 0x100
    Manufacturer: Intel Corp. (2)


After disconnect I can see the following:

$ hciconfig -a
hci0:   Type: Primary  Bus: USB
    BD Address: 28:16:AD:B6:2A:0A  ACL MTU: 1021:4  SCO MTU: 96:6
    UP RUNNING PSCAN
    RX bytes:22096318 acl:800070 sco:0 events:113012 errors:0
    TX bytes:11042199 acl:19322 sco:0 commands:2053 errors:0
    Features: 0xbf 0xfe 0x0f 0xfe 0xdb 0xff 0x7b 0x87
    Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3
    Link policy: RSWITCH SNIFF
    Link mode: SLAVE ACCEPT
    Name: 'Bluemoon Universal Bluetooth Host Controller'
    Class: 0x00
    Service Classes: Unspecified
    Device Class: Miscellaneous,
    HCI Version: 4.2 (0x8)  Revision: 0x100
    LMP Version: 4.2 (0x8)  Subversion: 0x100
    Manufacturer: Intel Corp. (2)

I also configured blutoothd with -d option, but I don't see any specific 
messages when the devices disconnect.


Any thoughts how to fix it or debug it? Is this general bluetooth issue 
or KDE bluedevil problem?


Thanks Jiri

Re: unison compatibility in stretch

[Curt]

On 2017-12-12, Tony van der Hoff  wrote:

>>> tony@tony-lx:~$ unison -addversionno tony
>>> Contacting server...
>>> bash: unison-2.48: command not found
>>> Fatal error: Lost connection with the server
>>>
>>>
>> * workaroundable via symlink version number truncation bug
>>
> Thanks for your reply, Curt, but we appear to speak different languages ;)
>
> WVSVNTB?
>
> could you please reduce the brevity of your solution?
>
> Cheers, Tony
>
>

A reduced brevity version would be to create a symbolic link unison-2.48
pointing to your installed version (unison-2.48.3?) to obviate
the dreaded WVSWVNTB.

 ln -s unison-2.48.3 unison-2.48

-- 
"The world is full of shipping clerks who have read the Harvard Classics."
— Charles Bukowski

Re: Qu'est ce qui rend nécessaire un changement de MTU ?

[Olivier]

Voici des informations que j'ai pu glaner depuis mon message précédent.

La valeur 1472 de la commande "ping -M do -s 1472 192.168.1.231" doit
s'interpréter de la façon suivante:
1428 + 4 (IP) + 20 (ICMP) = 1500
Une erreur avec 1473 est cohérente avec le MTU de 1500 du commutateur.

En reconfigurant un modem router, j'ai pu me connecter à mon serveur sans
utiliser le client OpenVPN qui y est installé et via lequel j'avais opéré
mes essais (et omis de le préciser).

Avec une connexion directe (ie sans VPN), je peux afficher par SSH le
contenu d'un fichier assez long.
Avec une connexion par VPN, je ne peux pas afficher par SSH le contenu d'un
fichier assez long.

En changeant le MTU de l'interface Ethernet, je peux afficher par SSH le
contenu d'un fichier assez long via le VPN mais ceci diminue les
performances globales.

Le lien [1] évoque le paramètre mssfix.
Qu'en penser ?

[1]
https://openvpn.net/index.php/open-source/faq/77-server/271-i-can-ping-through-the-tunnel-but-any-real-work-causes-it-to-lock-up-is-this-an-mtu-problem.html



Le 12 décembre 2017 à 09:15, Olivier  a écrit :

> Bonjour,
>
> J'ai constaté il y quelques semaines sur un serveur distant sous Jessie,
> que mes connexions SSH  et commandes scp étaient inexplicablement
> perturbées: affichage bloqué dès que les données affichées dépassaient un
> certain volume.
>
> Après recherches, il s'avère qu'en valorisant à 1472, le MTU (par une
> commande "ifconfig eth0 mtu up"), les conséquences du problème ont disparu
> (plus d'affichage SSH tronqué, scp OK).
>
> J'aimerai comprendre ce qui s'est passé et ce qui a, en apparence, du
> moins, rendu nécessaire ce changement de MTU.
>
>
> Mon installation comprend:
> Serveur Jessie < Eth -> Commutateur
>
> Le commutateur a l'adresse 192.168.1.231.
> Depuis le serveur, j'avais:
> ping -M do -s 1472 192.168.1.231100% de réussite
> ping -M do -s 1473 192.168.1.231100% d'échec
>
>
> Après une discussion très sommaire, avec le support du commutateur, j'ai
> compris:
>
> A. que l'interface du serveur pouvait avoir un MTU différent de celui de
> l'interface du commutateur, du moment que la valeur était inférieure ou
> égale.
>
> B. que l'interface du commutateur est actuellement configurée avec un MTU
> de 1500.
>
> Mes questions sont:
>
> 1. Que pensez-vous de A ?
>
> 2. Pour quelle raison, ai-je un échec  avec un "ping à 1473" ? Si j'en
> crois l'interface du switch, je devrais pouvoir monter jusqu'à 1500, non ?
>
> 3. Qui a déjà eu à modifier en urgence, soudainement, un tel paramètre ?
> Dans quelles circonstances ?
>
> Slts
>
>

Re: unison compatibility in stretch

[Eric S Fraga]

On Monday, 11 Dec 2017 at 10:36, Tony van der Hoff wrote:

[...]

> No:
>
> tony@tony-lx:~$ unison -addversionno tony
> Contacting server...
> bash: unison-2.48: command not found

But you do need to install the various versions you may to use on the
server.  Then the client can request to use the version that it has by
using that option.

So install unison-2.48?

-- 
Eric S Fraga via Emacs 27.0.50, org 9.1.3


signature.asc
Description: PGP signature

Re: Problemas con drivers

[José Mateo Ruiz]

Hola Felix:
Decías el  Lunes, 11 de Diciembre del 2017.
> El 10 de diciembre de 2017, 18:14, Juan Cruz  escribió:
>> Si, pero me pide del 20 al 26 si mal no recuerdo y ahí solo da el 22...
> 
> Re-envío a la lista.
> 
> Por favor no hagas top posting y no escribas al privado.  Gracias.
> 
> https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi#d_3165_and_3168_support
> 
> Saludos.
> 
>>
>>
>>  Mensaje original 
>> On 10 de dic. de 2017 18:10, Felix Perez < felix.listadeb...@gmail.com>
>> escribió:
>>
>>
>> El 10 de diciembre de 2017, 18:01, Juan Cruz escribió:
>>> Hola,
>>>
>>> Quisiera saber donde puedo conseguir algunos controladores para instalar
>>> la
>>> tarjeta de red wifi. Me pide en la instalación el Intel Wireless 3168
>>> firmware (iwlwifi-3168-21.ucode) entre otros de la misma tarjeta.
>>
>> Supongo buscaste aquí:
>> https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi
>>
>>

Tener activada la rama non-free, instalar el paquete firmware-iwlwifi
 
-- 

(·)>
/|\José Tomás Mateo Ruiz
\_/_50550 Aragón España
---
Ni mesa sin pan, ni ejército sin capitán.

Re: is there any Windows virus that affect linux?

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, Dec 12, 2017 at 05:09:59AM -0500, Anil Duggirala wrote:
>  Think for yourself a bit: technically it is perfectly possible. The
> > Linux partition is accessible from windows and, given some sort of
> > library for "understanding" the file system (probably ext4), files
> > can be modified this way. Vice-versa, the windows partition will be
> > accessible from Linux.
>
> Yes, that is what I am thinking. I have often accesed (viewed) Windows
> files from linux but not the other way around. I trust 10 times more on
> Linux security than in Windows, thus having dual-boot in my mind,
> diminishes my security ten-fold. Is there any safeguard in Windows (or
> in Linux) to avoid this access to a different partition?

Well, in Linux you've to be root to mount a partition (if you are using
a desktop environment, this fact is somewhat "cloaked" by PolicyKit
and friends). On Windows there'll be a similar mechanism, likewise
watered down by some convenience wrapper.

> > So in both cases, and given enough access rights, software can modify
> > the respective "other side". Only perhaps full-disk encryption (and
> > using different keys on both sides, and being particularly suspicious
> > when you get asked for the "wrong" key) might help you here. Except...
> > there's the unencrypted boot partition (cf. "evil maid attack").
>
> How does the boot partition play a role here? Is the software planted in
> Windows (or Linux) and then executed at boot?

That's the idea. In its simplest form, it would "impersonate" the
dialog asking you for your encryption passphrase (up to that point
things have to be unencrypted, remember[1]) and then, say phone home
giving away your passphrase.  Read on "evil maid attack"[2] (a stupid
name, but which has become somewhat standard in the field).

[1] Unless you have some help from the hardware. But given the
   last news on Intel's Management Engine, it's not really clear
   who that hardware is helping (it just seems clear it's not
   the user, though).

[2] https://en.wikipedia.org/wiki/Rootkit#Bootkits

> thanks very much.

You are welcome :-)

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlovrwIACgkQBcgs9XrR2kZa+QCfdmSVblwgpm8j1UaUoGEhmMXK
4e0AnjKWy+Ye8Zssn53+PY66QzrGcgCM
=MA/w
-END PGP SIGNATURE-

Re: unison compatibility in stretch

[Tony van der Hoff]

On 12/12/17 08:50, Curt wrote:
> On 2017-12-11, Tony van der Hoff  wrote:
>> On 10/12/17 19:40, Eric S Fraga wrote:
>>> On Sunday, 10 Dec 2017 at 12:25, Tony van der Hoff wrote:
>>>
>>> [...]
>>>
 In the passt, I've always worked round this by installing the lower
 version on my desktop and adjusted the links. This appears no lnger to
 be possible.

 Does anyone know how to get round this? (I've no immediate intention to
 upgrade the server).
>>> There is the -addversionno option which allows use to use different
>>> versions of unison on the server end.  Try this out (without adjusting
>>> any links).
>>>
>> No:
> What, no? Yes (WVSVNTB).
>
>> tony@tony-lx:~$ unison -addversionno tony
>> Contacting server...
>> bash: unison-2.48: command not found
>> Fatal error: Lost connection with the server
>>
>>
> * workaroundable via symlink version number truncation bug
>
Thanks for your reply, Curt, but we appear to speak different languages ;)

WVSVNTB?

could you please reduce the brevity of your solution?

Cheers, Tony

Re: is there any Windows virus that affect linux?

[Anil Duggirala]

 Think for yourself a bit: technically it is perfectly possible. The
> Linux partition is accessible from windows and, given some sort of
> library for "understanding" the file system (probably ext4), files
> can be modified this way. Vice-versa, the windows partition will be
> accessible from Linux.

Yes, that is what I am thinking. I have often accesed (viewed) Windows
files from linux but not the other way around. I trust 10 times more on
Linux security than in Windows, thus having dual-boot in my mind,
diminishes my security ten-fold. Is there any safeguard in Windows (or
in Linux) to avoid this access to a different partition?

> So in both cases, and given enough access rights, software can modify
> the respective "other side". Only perhaps full-disk encryption (and
> using different keys on both sides, and being particularly suspicious
> when you get asked for the "wrong" key) might help you here. Except...
> there's the unencrypted boot partition (cf. "evil maid attack").

How does the boot partition play a role here? Is the software planted in
Windows (or Linux) and then executed at boot?

thanks very much.

gérer les tâches d'une copropriété

[Klaus Becker]

Bonjour,

je cherche comment gérer de manière conviviale les tâches d'une copropriétés, 
notamment les échanges mel entre le Conseil Syndical et le syndic. Bref il 
s'agit surtout de contrôler le tavail du syndic de manière efficace.

En gros :

- demande par mel adressée à telle date par telle personne au syndic et à 
d'autres organismes impliqués

- objet de la demande

- remarques

- date d'une réponse, par quelle personne

- problème résolu ou non

- suite à donner

- etc.

Pour l'instant, je le fais avec Libreoffice Calc, donc sous forme de tableau, 
mais je n'en suis pas satisfait : le suivi devient vite un casse-tête, pénible 
à suivre.

Peut-être connaissez-vous un tel tableau plus réussi ou d'autres logiciels 
pour ce travail.

J'ai 2 versions très différentes d'un tel tableau Calc, je peux éventuellement 
vous l'envoyer en privé.

merci bien

Klaus

Re: is there any Windows virus that affect linux?

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, Dec 12, 2017 at 04:40:07AM -0500, Anil Duggirala wrote:
> Ill ask another question here. Is having dual boot Windows 10 (or 7 or
> 8) and Linux a security risk? Will malicious Windows programs gain
> access to Linux files (files in the Linux partition?)? Does GPT help
> here? 

Think for yourself a bit: technically it is perfectly possible. The
Linux partition is accessible from windows and, given some sort of
library for "understanding" the file system (probably ext4), files
can be modified this way. Vice-versa, the windows partition will be
accessible from Linux.

So in both cases, and given enough access rights, software can modify
the respective "other side". Only perhaps full-disk encryption (and
using different keys on both sides, and being particularly suspicious
when you get asked for the "wrong" key) might help you here. Except...
there's the unencrypted boot partition (cf. "evil maid attack").

There is an history of such "mixed target" attacks: Stuxnet[1] comes
to mind, whose ultimate target was (quite probably) the Siemens S7
SCADA at the uranium enrichment plant in Natanz/Iran, but as a stepping
stone it first infected the Windows machines used as operator front
ends connected to the S7.

It takes some dedication to even understand what Stuxnet was doing
there, mind you.

That said, this kinds of attacks are so complex that (as in the
case of Stuxnet) it possibly takes the resources of a nation-state
(or, in this case, probably two) to set something up like that.
OTOH things are pretty fluid these days, so I wouldn't count on
that staying the same for a long time.

So to sum up -- you'll have to read up on many things to even
understand an answer to your question. My current answer would
be (to some high, but unspecified degree of probability) "No",
but that might change whithin the next couple o'years.

Cheers

[1] https://en.wikipedia.org/wiki/Stuxnet
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlovqLIACgkQBcgs9XrR2kYs2wCePta+m261wwRGfqr2wY1Lr9GV
fdwAniuQ7tyLwiZ4WQ7KVkxf8ySea+x1
=zrZZ
-END PGP SIGNATURE-

Re: is there any Windows virus that affect linux?

[Anil Duggirala]

Ill ask another question here. Is having dual boot Windows 10 (or 7 or
8) and Linux a security risk? Will malicious Windows programs gain
access to Linux files (files in the Linux partition?)? Does GPT help
here? 
thanks,

On Mon, Dec 11, 2017, at 09:31 PM, Dan Purgert wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Long Wind wrote:
> > i have Windows XP and Linux on one diskis there any XP virus that can
> > spread to linux?
> > Thanks!
> 
> 
> Generally no, given that Windows and Linux use different executable
> formats.  That being said, you can still spread infected files around --
> that is, if you download an infected file under linux, when you try to
> open it under windows, it'll infect your windows install.
> 
> That being said, Windows XP should be banned from any form of external
> communications -- it's quite dead and forgotten by Microsoft.
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
> 
> iQEcBAEBAgAGBQJaLz9TAAoJEI4R3fMSeaKBOfIH/3Tkpl+JcIx4lMe/MvnxcrZw
> ehhxqkRNlBsYEbUAB0RLsn080rxYCSSDH049RdjZfmiouDGpLL/4YOhQb/Clg8dv
> 0Tnm5FViOZfNukYPO+9yHkVNgrhwI4T5a9FcnhH84xM1xFQODHxXGyc5q1/ZZiH7
> hbSXqWUMzCZMmg5du41LaOvlK6s3NLN+keIpseLU0v4m0NWlrxMnI7CB+1d9KgNk
> VZFmRiV8qtRbS2s7w9NzwxYop1j2/aN04+wtMQvQHYJfMF45kVchaSp/LuINKCH8
> /BAeOJ+nrg2v40CQPQEsHBI6gTFgpu0AzPii2YmgsPDS+Fr0C63UxwWglziBcE0=
> =p04g
> -END PGP SIGNATURE-
> 
> -- 
> |_|O|_| Registered Linux user #585947
> |_|_|O| Github: https://github.com/dpurgert
> |O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281
> 

Re: unison compatibility in stretch

[Curt]

On 2017-12-11, Tony van der Hoff  wrote:
> On 10/12/17 19:40, Eric S Fraga wrote:
>> On Sunday, 10 Dec 2017 at 12:25, Tony van der Hoff wrote:
>>
>> [...]
>>
>>> In the passt, I've always worked round this by installing the lower
>>> version on my desktop and adjusted the links. This appears no lnger to
>>> be possible.
>>>
>>> Does anyone know how to get round this? (I've no immediate intention to
>>> upgrade the server).
>> There is the -addversionno option which allows use to use different
>> versions of unison on the server end.  Try this out (without adjusting
>> any links).
>>
> No:

What, no? Yes (WVSVNTB).

> tony@tony-lx:~$ unison -addversionno tony
> Contacting server...
> bash: unison-2.48: command not found
> Fatal error: Lost connection with the server
>
>

* workaroundable via symlink version number truncation bug

-- 
"The world is full of shipping clerks who have read the Harvard Classics."
— Charles Bukowski

Re: Rust? (and a wordsmithing question)

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Dec 11, 2017 at 08:34:41AM -0800, James H. H. Lampert wrote:
> On 12/11/17, 7:04 AM, Joe wrote:
> >The rigid platters of IBM cartridges and packs (the things you see in
> >computer rooms in films) did have brown oxide coatings. The surface of
> >each 12 inch platter side stored a magnificent 2.5MB, or at least the
> >version I used did. It was used in a system with an embedded DG Nova,
> >and a competitive product of the time used the modern 8 inch floppy
> >discs...
> 
> The student timeshare systems my high school used (running the
> McGill University MUSIC operating system) while I was a student
> there (an IBM 370/135 at the District Office) and shortly after I
> graduated (an on-site IBM 4341) used Merlin drives.

Those times, high schools and unis built their own OSes. These day
they even outsource "programming" web pages. Way to go :-(

(Sorry. Having one of those black days)
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlovkUgACgkQBcgs9XrR2kaA4QCfUDo1V8AMPAunH+r8Z0NzvDvq
CKwAn3DcJ2VIPLMpueYOoo+MoU3b1x8w
=5eDw
-END PGP SIGNATURE-

Qu'est ce qui rend nécessaire un changement de MTU ?

[Olivier]

Bonjour,

J'ai constaté il y quelques semaines sur un serveur distant sous Jessie,
que mes connexions SSH  et commandes scp étaient inexplicablement
perturbées: affichage bloqué dès que les données affichées dépassaient un
certain volume.

Après recherches, il s'avère qu'en valorisant à 1472, le MTU (par une
commande "ifconfig eth0 mtu up"), les conséquences du problème ont disparu
(plus d'affichage SSH tronqué, scp OK).

J'aimerai comprendre ce qui s'est passé et ce qui a, en apparence, du
moins, rendu nécessaire ce changement de MTU.


Mon installation comprend:
Serveur Jessie < Eth -> Commutateur

Le commutateur a l'adresse 192.168.1.231.
Depuis le serveur, j'avais:
ping -M do -s 1472 192.168.1.231100% de réussite
ping -M do -s 1473 192.168.1.231100% d'échec


Après une discussion très sommaire, avec le support du commutateur, j'ai
compris:

A. que l'interface du serveur pouvait avoir un MTU différent de celui de
l'interface du commutateur, du moment que la valeur était inférieure ou
égale.

B. que l'interface du commutateur est actuellement configurée avec un MTU
de 1500.

Mes questions sont:

1. Que pensez-vous de A ?

2. Pour quelle raison, ai-je un échec  avec un "ping à 1473" ? Si j'en
crois l'interface du switch, je devrais pouvoir monter jusqu'à 1500, non ?

3. Qui a déjà eu à modifier en urgence, soudainement, un tel paramètre ?
Dans quelles circonstances ?

Slts

(deb-cat) instalacio multiarch

[Narcis Garcia]

Als equips fins i686 els instal·lo distribucions d'arquitectura i386 i
als altres normalment els instal·lo amb arquitectura amd64.

M'agradaria saber millor els avantatges (i desavantatges) d'instal·lar
amb discs «multiarch» a qualsevol dels ordinadors.

Gràcies.

-- 


__
I'm using this express-made address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.