Re: Group ID conflicts between different distros: how to manage them with NIS?

[Reco]

Hi.

On Mon, Aug 20, 2018 at 12:51:24AM -0300, Joao Roscoe wrote:
> Hmmm...
> 
> If I create a NIS group (with a high ID), called serial_ports, dhould I
> just, as root, chgrp /dev/ttyS0 so that it's group is serial_ports ?

You could, and it may even work, but it would be temporary.
To make it truly work you should write your own udev rule for these (and
other) devices.

The reason being - udev creates everything under the /dev (system boot).
Udev changes everything under the /dev (vt switch, user relogins).

In that particular case you should override changes made by
/lib/udev/rules.d/50-udev-default.rules.

Reco

Re: Deep Packet Inspection

[Eero Volotinen]

squid with ssl_bump

Eero

On Mon, Aug 20, 2018 at 12:48 AM Cindy-Sue Causey 
wrote:

> On 8/19/18, Reco  wrote:
> >   Hi.
> >
> > On Sun, Aug 19, 2018 at 09:03:10PM +0300, Eero Volotinen wrote:
> >> snort
> >
> > Intrusion detection. Unsuitable for traffic shaping or filtering.
> >
> >> and suricata.
> >
> > Utilizes NFQUEUE. Friends do not let friends to copy network packets
> > from kernelspace to userspace and back.
>
>
> DISCLAIMER: I am NOT versed in this, but that didn't stop me from
> trying "apt-cache search packet sniffing". Ended up with ngrep:
>
> "ngrep strives to provide most of GNU grep's common features, applying
> them to the network layer.  ngrep is a pcap-aware tool that will allow
> you to specify extended regular expressions to match against data
> payloads of packets.  It currently recognizes TCP, UDP and ICMP across
> Ethernet, PPP, SLIP and null interfaces, and understands bpf filter
> logic in the same fashion as more common packet sniffing tools, such
> as tcpdump and snoop."
>
> Yes, I can see that description is very specific about what it touches
> which means it might be otherwise limited. That or it's keyword
> stuffing. Yay, go them if it's keyword happy because that does help
> users find potentially helpful packages in amongst the 10,000 (?) or
> so. :)
>
> I decided I've surely messed the whole concept up in my head so I used
> some of ngrep's stuffing/description, namely "bpf", and searched
> again:
>
> netsniff-ng: "netsniff-ng is a high performance Linux network sniffer
> for packet inspection. It can be used for protocol analysis, reverse
> engineering or network debugging. The gain of performance is reached
> by 'zero-copy' mechanisms, so that the kernel does not need to copy
> packets from kernelspace to userspace."
>
> Does NOT need to copy packets from kernelspace to userspace.
>
> YES, I know. Overall, it still might not do the OP's job that's
> needed, but it used the SAME words I just read above in Reco's
> response. That put it at least in the ballpark in my head since it's
> talking about packet inspection. Developer wrote a description that
> addressed a concern they knew knowledgeable users would have about
> this topic.
>
> So here it is for that reason plus that it did use "packet
> inspection", too. Sorry, no specific mention of "deep" according to
> one last query tried before posting.
>
> Ngrep stayed because I liked how it said it "will allow you to specify
> extended regular expressions to match against data payloads of
> packets". That makes it sound like it might have basic offerings that
> wouldn't fit everyone's needs. I decided that might not stop someone
> who knows how to roll out what they really need if they have a good,
> base Debian package as a template. :)
>
> Cindy :)
> --
> Cindy-Sue Causey
> Talking Rock, Pickens County, Georgia, USA
>
> * runs with duct tape *
>
>

Re: painted into a corner

[Zenaan Harkness]

On Sun, Aug 19, 2018 at 03:40:55PM -0400, Gene Heskett wrote:
> I just installed stretch to a fresh 2T HD. letting it autopartition and 
> format for separate /, swap, /var and /home partitions. But I didn't let 
> it overwrite the grub on the 1st drive it was/is  booting wheezy from.
> 
> I figured I'd mount it to wheezy and copy over my personal stuff, like an 
> email corpus well over 15GB reaching back to 2002.
> 
> But I can't mount much of the drive, / is all that will actually mount, 
> because the 2 versions of ext4 are incompatible, nearly all the mount 
> and e2tools can't touch the installers ext4 file systems.
> 
> For instance, its not mounted:
> gene@coyote:~$ e2fsck /dev/sdb8
> e2fsck 1.42.5 (29-Jul-2012)
> /dev/sdb8 has unsupported feature(s): metadata_csum
> e2fsck: Get a newer version of e2fsck!
> 
> And of course whats installed to wheezy is the latest available wheezy 
> version of e2fsck.
> 
> Whats the recommended way to do these mounts so I can maintain as much 
> continuity as possible?

I have a few versions of /etc/ backed up - most of what I ever need
in a new install (physical or VM) is in there.

The rest is somewhere in /home - but when installing clean after
skipping a version of Debian, I prefer to move ~/.config/ to a backup
location, before logging in the first time, then just customize till
I get things reasonably the way I like - and I can always grep
through my old .config just in case...

So apart from a little command line mounting of old stuff
occasionally, but in the new system, I always boot into my new
system.

SO, re your grub setup - and since you're now in your old install -
you might configure old grub to know about the new install, and
update grub to the HDD accordingly. In fact, I would also install a
grub that recognizes all my installs, to BOTH HDDs!

That way you can always boot into something.

Other than that, as soon as I can start working in my new install,
the better as far as I'm concerned.

As a mountpoint, perhaps /media/wheezy for mounting your old root, or
vice versa?

Good luck,

Re: "accept_ra 1" vs "accept_ra 2" in interfaces configuration-file

[Andy Smith]

Hi Martin,

On Mon, Aug 20, 2018 at 05:12:56AM +0300, Martin T wrote:
> According to "man interfaces" "accept_ra 1" makes interface to accept
> IPv6 RA messages. "accept_ra 2" does the same and in addition, it also
> enables forwarding. What does the forwarding mean in this context? One
> could think, that it modifies the /proc/sys/net/ipv6/conf/*/forwarding
> file(s), but this does not seem to be the case.

If forwarding = 1 then by default RAs will not be accepted. Setting
accept_ra to 2 allows RAs to be accepted even when forwarding = 1.

Changing the values of either forwarding or accept_ra does not alter
the values of the other. Only the behaviour of the system.

Back in 2011 this was a hard-won battle:


http://strugglers.net/~andy/blog/2011/09/04/linux-ipv6-router-advertisements-and-forwarding/

Cheers,
Andy

Re: painted into a corner

[David Christensen]

On 08/19/2018 12:40 PM, Gene Heskett wrote:

Greetings all;

I just installed stretch to a fresh 2T HD. letting it autopartition and
format for separate /, swap, /var and /home partitions. But I didn't let
it overwrite the grub on the 1st drive it was/is  booting wheezy from.

I figured I'd mount it to wheezy and copy over my personal stuff, like an
email corpus well over 15GB reaching back to 2002.

But I can't mount much of the drive, / is all that will actually mount,
because the 2 versions of ext4 are incompatible, nearly all the mount
and e2tools can't touch the installers ext4 file systems.

For instance, its not mounted:
gene@coyote:~$ e2fsck /dev/sdb8
e2fsck 1.42.5 (29-Jul-2012)
/dev/sdb8 has unsupported feature(s): metadata_csum
e2fsck: Get a newer version of e2fsck!

And of course whats installed to wheezy is the latest available wheezy
version of e2fsck.

Whats the recommended way to do these mounts so I can maintain as much
continuity as possible?

Thanks all.


Migrations are much easier when you have additional computers and parts 
drives to help.  I have a dedicated file and version control server.  I 
also have a machine for backups, archives, images, and whatever else 
(workbench).  All of my machines have HDD/ SDD mobile racks, so it is 
easy to move drives around.



I prefer small SSD's for system drives -- 16+ GB.  I use large HDD's for 
file server data drives and for storing backups, archives, and images. 
I would use that 2 TB for one of the non-system drive purposes.



When I want to upgrade a machine, I ensure that all of the configuration 
files are checked into version control and that all the data is backed 
up/ archived.  I pull all of the drives, and take an image of the system 
drive.  The old drives go on the shelf, in case I want to revert.



Next, I insert a wiped 2.5" SSD system drive into the target machine and 
do a fresh install.  I take an image of the system drive.



Next, I install applications, adjust configuration files, restore data, 
etc., adding drives, taking notes, and using version control as needed.



Once the rebuilt machine is complete and operational, I integrate it 
into my backup/ archive system and take another image of the system drive.



David

Re: Group ID conflicts between different distros: how to manage them with NIS?

[Joao Roscoe]

Hmmm...

If I create a NIS group (with a high ID), called serial_ports, dhould I
just, as root, chgrp /dev/ttyS0 so that it's group is serial_ports ?

João

On Sun, Aug 19, 2018 at 12:47 PM Michael Stone  wrote:

> On Fri, Aug 17, 2018 at 02:48:56PM -0300, Joao Roscoe wrote:
> >Right, that's best practice.
> >
> >But, what if I need to include a user who is defined in NIS in lp or ttyS0
> >group? Would going into /etc/group in *every* machine be unavoidable?
>
> That's one option. Another would be to create new centrally-managed
> groups and give those groups permissions to do what is needed across the
> environment. A third option would be to give people certain permissions
> when they log in. There are any number of solutions, all of which will
> be more reliable than trying to centrally manage system groups. The best
> option really depends on what you're trying to accomplish.
>
> Mike Stone
>
>

"accept_ra 1" vs "accept_ra 2" in interfaces configuration-file

[Martin T]

Hi!

According to "man interfaces" "accept_ra 1" makes interface to accept
IPv6 RA messages. "accept_ra 2" does the same and in addition, it also
enables forwarding. What does the forwarding mean in this context? One
could think, that it modifies the /proc/sys/net/ipv6/conf/*/forwarding
file(s), but this does not seem to be the case.


thanks,
Martin

consequences to deleting a (generic name) alternative? - reverse dependencies on ImageMagick binaries?

[Zenaan Harkness]

ImageMagick (IM) seems to be needed (at least on XFCE desktop) for
the PDF printer (cups-filters). There are many apparent rdepends of
IM, from a2ps and devede to inkscape and sunclock.

ImageMagick in Debian stable is a bit of a bush pig, dominating the
/usr/bin default PATH namespace with a number of excessively generic
verbs.

Although the files are apparently strictly versioned:

/usr/bin/animate-im6.q16
/usr/bin/compare-im6.q16
/usr/bin/composite-im6.q16
/usr/bin/conjure-im6.q16
/usr/bin/convert-im6.q16
/usr/bin/display-im6.q16
/usr/bin/identify-im6.q16
/usr/bin/import-im6.q16
/usr/bin/mogrify-im6.q16
/usr/bin/montage-im6.q16
/usr/bin/stream-im6.q16


, alternatives are put in place:

/usr/bin/animate -> /etc/alternatives/animate
/usr/bin/animate-im6 -> /etc/alternatives/animate-im6
/usr/bin/animate-im6.q16
/usr/bin/compare -> /etc/alternatives/compare
/usr/bin/compare-im6 -> /etc/alternatives/compare-im6
/usr/bin/compare-im6.q16
/usr/bin/composite -> /etc/alternatives/composite
/usr/bin/composite-im6 -> /etc/alternatives/composite-im6
/usr/bin/composite-im6.q16
/usr/bin/conjure -> /etc/alternatives/conjure
/usr/bin/conjure-im6 -> /etc/alternatives/conjure-im6
/usr/bin/conjure-im6.q16
/usr/bin/convert -> /etc/alternatives/convert
/usr/bin/convert-im6 -> /etc/alternatives/convert-im6
/usr/bin/convert-im6.q16
/usr/bin/display -> /etc/alternatives/display
/usr/bin/display-im6 -> /etc/alternatives/display-im6
/usr/bin/display-im6.q16
/usr/bin/identify -> /etc/alternatives/identify
/usr/bin/identify-im6 -> /etc/alternatives/identify-im6
/usr/bin/identify-im6.q16
/usr/bin/import -> /etc/alternatives/import
/usr/bin/import-im6 -> /etc/alternatives/import-im6
/usr/bin/import-im6.q16
/usr/bin/mogrify -> /etc/alternatives/mogrify
/usr/bin/mogrify-im6 -> /etc/alternatives/mogrify-im6
/usr/bin/mogrify-im6.q16
/usr/bin/montage -> /etc/alternatives/montage
/usr/bin/montage-im6 -> /etc/alternatives/montage-im6
/usr/bin/montage-im6.q16
/usr/bin/stream -> /etc/alternatives/stream
/usr/bin/stream-im6 -> /etc/alternatives/stream-im6
/usr/bin/stream-im6.q16


There is no "magick" command (or alternative), yet it seems as though
there is meant to be a "magick" program:
http://www.imagemagick.org/script/command-line-tools.php

Perhaps this "magick" command is only available in newer versions of
ImageMagick?


Anyway, "import" gets in the way, and others such as "convert",
"stream", "identify" and "display" really dominate those respective
generic namespaces, and in this particular case, are directly
obstructing:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906674


"Alternatives" provides for choosing amongst "functionally the same"
alternatives, or "deleting" the generic name.


My question is, can I safely remove the symbolic link "generic"
names applied by the IM package, or IM's reverse dependencies going
to bite me?

TIA,

Re: painted into a corner

[Gene Heskett]

On Sunday 19 August 2018 17:33:32 David Wright wrote:

> On Sun 19 Aug 2018 at 15:40:55 (-0400), Gene Heskett wrote:
> > Greetings all;
> >
> > I just installed stretch to a fresh 2T HD. letting it autopartition
> > and format for separate /, swap, /var and /home partitions. But I
> > didn't let it overwrite the grub on the 1st drive it was/is  booting
> > wheezy from.
> >
> > I figured I'd mount it to wheezy and copy over my personal stuff,
> > like an email corpus well over 15GB reaching back to 2002.
> >
> > But I can't mount much of the drive, / is all that will actually
> > mount, because the 2 versions of ext4 are incompatible, nearly all
> > the mount and e2tools can't touch the installers ext4 file systems.
> >
> > For instance, its not mounted:
> > gene@coyote:~$ e2fsck /dev/sdb8
> > e2fsck 1.42.5 (29-Jul-2012)
> > /dev/sdb8 has unsupported feature(s): metadata_csum
> > e2fsck: Get a newer version of e2fsck!
> >
> > And of course whats installed to wheezy is the latest available
> > wheezy version of e2fsck.
> >
> > Whats the recommended way to do these mounts so I can maintain as
> > much continuity as possible?
>
> Can you not run your stretch installation then? In a new system, I'd
> mount the old wheezy disk(s) and pull the files across. Leaving the
> wheezy mount there makes it easy to look back at the old system in
> case you forget a file or just want to see how you used to do a
> particular something.
>
That is what I'll likely do when I next boot to it, but the tools to make 
that easy are often in the missing list. I did get synaptic to install 
mc, but had all sorts of perms problems I didn't expect when I tried to 
use it, due I think to the changes in what says is ext4 on both disks. 
We will eventually get it sorted I hope.  So I'll be, without a doubt, 
back with more problems but hopefully making progress over the next week 
or so. Progress always puts me in a better mood than I was for the first 
post in this thread.

==

It will be a week down the log when I get to it, but I absolutely must 
figure out how to get ssh -Y to work again.  Works flawlessly wheezy to 
wheezy, but wheezy to Jessie and wheezy to stretch is a no-go from the 
gitgo.

X11 forwarding request failed on channel 0, is the error.

It also fails like that from jessie(on an rpi-3b) to stretch(on a 
rock64), but not from stretch to jessie, but still won't let geany run, 
reporting "geany: can't open display".  So there may be 2 show stoppers 
to fix.  Sigh...


> Cheers,
> David.

Thanks David.

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Literal postings, was Re: Wanted - Debian(preferred)/Linux handheld

[Zenaan Harkness]

On Sun, Aug 19, 2018 at 01:30:42PM -0500, David Wright wrote:
> This list has a completely different philosophy, see:
> https://www.debian.org/MailingLists/
> It's unmoderated

A blatantly salacious assertion to entrap rebellious 12 year olds
masquerading as adults [absolutely NO similarity to myself of course]
into boundary testing the CoC-mods limits of this feindishly
deceptive and overloaded yet sultrily beckoning hope‼

Alas buried deep in yonder lists, the ever lurking fear for eternal
torment upon pain of free expression doth the said mods mod, burying
the light of shame and dusty cocwebs unswept.

'Tis a pithy…

;)


> and the postings are not tweaked into some sort of
> conformity. A huge history of the Debian project has built up with
> archives stretching back over two decades.
> 
> Cheers,
> David.
> 

Re: yabasic problem

[David Wright]

On Sun 19 Aug 2018 at 17:03:26 (+0200), Thomas Schmitt wrote:
> Hi,
> 
> Curt wrote:
> > I ain't no programmer, but sure is butt ugly.
> 
> Yeah. This Yet-Another-BASIC lacks the ON ERROR GOTO gesture.
> (Found the booklet. It's HP BASIC 3.0, not 2.0. Newest techology of 1985.)

I thought we were up to version 4.0¹ by 1985, if you're referring to
Rocky Mountain BASIC. We ran it on HP 9836s; our 9845B³ was stuck
around version 2.1 because the entire OS was contained in ROMs².

By 1992 we had migrated all our programs to the TransEra HTBasic
"clone" running on variously DOS 3.3, 5.0 and 6.22. (HP
maintenance contracts cost a small fortune, though they were
absolutely comprehensive and, boy, did we test them.)

RMB's ON ERROR statement had not only GOTO, but GOSUB, CALL and
RECOVER options, though the latter two weren't useful for me.
Would you agree, though, that "BASIC" is the language that must
have the biggest contrast between its well-endowed versions and
the most dire cr*p. Where would yabasic fit?

¹98613-90051_Basic4.0_LangRef_Jul85.pdf is still on the web,
along with stacks of software and hardware manuals of the period,
²eg 09845-91083_asmDevRom_Mar80.pdf

³If you've not come across the 9845 machine, it was in my experience
unique, in that you could edit the program while it was executing,
not even having to pause it. The Assembler extension module mentioned
above was also unusual in that it executed on a coprocessor, so it
could run in parallel with the RMB program; and it also did not
answer to the keyboard's keys like [PAUSE] and [STOP].

Cheers,
David.

Re: painted into a corner

[Gene Heskett]

On Sunday 19 August 2018 17:15:43 Eike Lantzsch wrote:

> On Sunday, August 19, 2018 10:37:05 PM -04 john doe wrote:
> > On 8/19/2018 9:40 PM, Gene Heskett wrote:
> > > Greetings all;
> > >
> > > I just installed stretch to a fresh 2T HD. letting it
> > > autopartition and format for separate /, swap, /var and /home
> > > partitions. But I didn't let it overwrite the grub on the 1st
> > > drive it was/is  booting wheezy from.
> > >
> > > I figured I'd mount it to wheezy and copy over my personal stuff,
> > > like an email corpus well over 15GB reaching back to 2002.
> > >
> > > But I can't mount much of the drive, / is all that will actually
> > > mount, because the 2 versions of ext4 are incompatible, nearly all
> > > the mount and e2tools can't touch the installers ext4 file
> > > systems.
> > >
> > > For instance, its not mounted:
> > > gene@coyote:~$ e2fsck /dev/sdb8
> > > e2fsck 1.42.5 (29-Jul-2012)
> > > /dev/sdb8 has unsupported feature(s): metadata_csum
> > > e2fsck: Get a newer version of e2fsck!
> > >
> > > And of course whats installed to wheezy is the latest available
> > > wheezy version of e2fsck.
> > >
> > > Whats the recommended way to do these mounts so I can maintain as
> > > much continuity as possible?
> >
> > Maybe using apt-pinning.
> >
> > In other words, installing the version of Stretch/Jessie on wheezy.
> >
> > On the wheezy host, can't you backupt on an external hardware?
>
> In those cases I usually boot a recent live-CD (or USB-stick) like
> KNOPPIX and mount and copy from there.

I just rebooted to it, and I found a desktop interface that will wear out 
a set of batteries in my mouse weekly because it takes at least 8 to 10 
clicks and some scroll wheel work just to find a #@%# terminal, and it 
can't even add tabs to a different shell either! I didn't install 
anything special for a desktop, took the default because I intended to 
replace it with TDE asap, and going from 10 workspaces, 4 of which have 
multi-tabbed (up to 7 tabs each) konsoles running on them, with a 
pulldown text menu to run half the stuff I run on the other workspaces, 
to a single window, single tasking system thats worse than the last 
windows box I was asked to configure the networking on, was very 
disheartening.  So I added the trinity stuff to /etc/apt/sources.list.d 
using mc to copy that from the old disk, changing the wheezy in the deb 
line to stretch, and that did not get me the TDE desktop I've been using 
for years, but did get me some sort of a warning window that was taller 
than my screen, fussing that some repo I hadn't added, was duff. If 
debian is trying to kill itself, it was a heck of a good start, not even 
a windows user looking for something better would be impressed.

The only thing that Just Worked was the networking, it took everything 
for a static net and Just Worked on the reboot.  That was a rather 
pleasant surprise considering the only stretch based install on my 
rock64's that works at all was armbian.  None of the other arm|hf|64 
*bians will accept a gateway assignment except as as a route command 
after a login.

I'm burned out for today, my cataracts might have to be the next thing I 
fix.

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Deep Packet Inspection

[Cindy-Sue Causey]

On 8/19/18, Reco  wrote:
>   Hi.
>
> On Sun, Aug 19, 2018 at 09:03:10PM +0300, Eero Volotinen wrote:
>> snort
>
> Intrusion detection. Unsuitable for traffic shaping or filtering.
>
>> and suricata.
>
> Utilizes NFQUEUE. Friends do not let friends to copy network packets
> from kernelspace to userspace and back.


DISCLAIMER: I am NOT versed in this, but that didn't stop me from
trying "apt-cache search packet sniffing". Ended up with ngrep:

"ngrep strives to provide most of GNU grep's common features, applying
them to the network layer.  ngrep is a pcap-aware tool that will allow
you to specify extended regular expressions to match against data
payloads of packets.  It currently recognizes TCP, UDP and ICMP across
Ethernet, PPP, SLIP and null interfaces, and understands bpf filter
logic in the same fashion as more common packet sniffing tools, such
as tcpdump and snoop."

Yes, I can see that description is very specific about what it touches
which means it might be otherwise limited. That or it's keyword
stuffing. Yay, go them if it's keyword happy because that does help
users find potentially helpful packages in amongst the 10,000 (?) or
so. :)

I decided I've surely messed the whole concept up in my head so I used
some of ngrep's stuffing/description, namely "bpf", and searched
again:

netsniff-ng: "netsniff-ng is a high performance Linux network sniffer
for packet inspection. It can be used for protocol analysis, reverse
engineering or network debugging. The gain of performance is reached
by 'zero-copy' mechanisms, so that the kernel does not need to copy
packets from kernelspace to userspace."

Does NOT need to copy packets from kernelspace to userspace.

YES, I know. Overall, it still might not do the OP's job that's
needed, but it used the SAME words I just read above in Reco's
response. That put it at least in the ballpark in my head since it's
talking about packet inspection. Developer wrote a description that
addressed a concern they knew knowledgeable users would have about
this topic.

So here it is for that reason plus that it did use "packet
inspection", too. Sorry, no specific mention of "deep" according to
one last query tried before posting.

Ngrep stayed because I liked how it said it "will allow you to specify
extended regular expressions to match against data payloads of
packets". That makes it sound like it might have basic offerings that
wouldn't fit everyone's needs. I decided that might not stop someone
who knows how to roll out what they really need if they have a good,
base Debian package as a template. :)

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: dar permiso de lectura y escritura disco duro externo

[Juan Lavieri]

Hola.

Por favor disculpen que me meta en esto sin haber sido llamado.


El 19/8/2018 a las 5:06 p.m., Lic. Vladimir Valero escribió:

A ver si entiendo:

dices que el hdd externo se debate entre dos pc una con win$ y otra con 
Linux?


No pudes migrar los permisos de un sistema operativo a otro, es decir 
los permisos que le das a tu HDD en Windows son solo aplicables a tu 
Windows, es mas si ese mismo disco los pones en otro Windows veras que 
los permisos que distes en el Win$ anterior ya no estan presentes en 
este ultimo porque eso se hace a nivel de sistema operativo. Lo mismo te 
pasara con Linux tu puedes dar permisos 444 para el propietario, grupo 
al que pertenece el propietario y el resto de los usuarios 
respectivamente eso es solo VALIDO para ese SO, cuando lo pones en otro 
Linux ya no sera de esa manera y lo puedes comprobar haciendo un ls -l.


Creo que ese punto no lo tienes muy claro amigo Vladimir.

En realidad el tema de los permisos en cualquier Unix no está ligado 
directamente al SO como tal deido principalmente en que la información 
relacionada con un archivo en específico se almacena, no en el SO mismo, 
sino en el propio inode y dichos permisos se establecen tomando como 
base el usrid y el grpid, no el nombre del usuario.


Por esa razón si tu de le das permisos de lectura, escritura y ejecución 
al usuario Vladimir para el archivo X, es probable que suceda que al 
cambiar el disco a otra máquina, el usuario Vladimir ya no tenga acceso 
al archivo, pero el usuario Juan (que ni siquiera existía en la máquina 
original) si, esto es porque el usrid de Juan en esta máquina es igual 
al que tenía el usuario Vladimir en la original.


Si ejecutas el comando stat podrás ver esa información.

Hay muchas cosas relacionadas con eso pero para no extenderme dejo un 
enlace que puede ser de utilidad:


https://wiki.archlinux.org/index.php/File_permissions_and_attributes




Otra cosa no olvides que en Linux el proceso de uso de un disco no es lo 
mismo que en Windows, para Linux todo es un archivo que parte de la 
raiz(/) todo, todo, todo se monta en algun lugar del SO cuando el pc 
arranca y tu HDD externo no es la exepcion 
(/media/miusuario/toshiba-hd-ext) el directorio toshiba-hd-ext es el 
contenedor donde estan alojados (montados) el contenido de tu HDD los 
permisos son aplicados a ese directorio LOCAL en tu system. Al desmontar 
el HDD externo y montarlo en otro lugar o mas critico aun en otro PC ya 
ese directorio no sera el mismo aunque tenga el mismo nombre y de igual 
manera los permisos por default no seran los mismos a no se que te tomes 
el trabajo de recrear un entorno de permisos y propietarios igual que el 
anterior, pero de cualquier manera eso lo tendras que hacer cada ves que 
cambies el directorio de montage de tu HDD, cambies de PC o SO. Algunos 
HDD externos (NO MUCHOS) incorporan un switch o interructor que te 
permite poner tu HDD como solo lectura y asi proteger tus datos, este 
tipo de cacharro aunque los he visto no son muy abundantes.


Saludos


Saludos.



---

Lic. Vladimir Valero

Administrador de Redes

Complejo Las Terrazas
El 19/08/18 a las 15:11, Constantino Vargas escribió:

Buenas tardes amigos y gracias por sus respuestas

tengo un disco duro externo de 1T, que esta formateado en NTFS y lo 
uso para respaldar informacion que proviene de pcs con windows 10 y de 
mi laptop con debian 9.



entiendo que cuando conecte este disco duro externo a una pc con 
windows corro peligro de infectarme con un virus.


por lo que desde mi debian quiero darle permiso de solo lectura a la 
totalidad del disco duro y a la carpeta en donde tengo respaldado toda 
mi informacion darle todo los permisos


he cambiado el permiso a modo lectura desde MC 444 pero no cambia

veo que el disco duro externo se monta en 
/media/miusuario/toshiba-hd-ext cuando lo conecto


gracias por su respuesta

--
Atentamente.

Constantino Vargas Cornejo





--
Errar es de humanos, pero es mas humano culpar a los demás

Re: painted into a corner

[David Wright]

On Sun 19 Aug 2018 at 15:40:55 (-0400), Gene Heskett wrote:
> Greetings all;
> 
> I just installed stretch to a fresh 2T HD. letting it autopartition and 
> format for separate /, swap, /var and /home partitions. But I didn't let 
> it overwrite the grub on the 1st drive it was/is  booting wheezy from.
> 
> I figured I'd mount it to wheezy and copy over my personal stuff, like an 
> email corpus well over 15GB reaching back to 2002.
> 
> But I can't mount much of the drive, / is all that will actually mount, 
> because the 2 versions of ext4 are incompatible, nearly all the mount 
> and e2tools can't touch the installers ext4 file systems.
> 
> For instance, its not mounted:
> gene@coyote:~$ e2fsck /dev/sdb8
> e2fsck 1.42.5 (29-Jul-2012)
> /dev/sdb8 has unsupported feature(s): metadata_csum
> e2fsck: Get a newer version of e2fsck!
> 
> And of course whats installed to wheezy is the latest available wheezy 
> version of e2fsck.
> 
> Whats the recommended way to do these mounts so I can maintain as much 
> continuity as possible?

Can you not run your stretch installation then? In a new system, I'd
mount the old wheezy disk(s) and pull the files across. Leaving the
wheezy mount there makes it easy to look back at the old system in
case you forget a file or just want to see how you used to do a
particular something.

Cheers,
David.

Re: painted into a corner

[Eike Lantzsch]

On Sunday, August 19, 2018 10:37:05 PM -04 john doe wrote:
> On 8/19/2018 9:40 PM, Gene Heskett wrote:
> > Greetings all;
> > 
> > I just installed stretch to a fresh 2T HD. letting it autopartition and
> > format for separate /, swap, /var and /home partitions. But I didn't let
> > it overwrite the grub on the 1st drive it was/is  booting wheezy from.
> > 
> > I figured I'd mount it to wheezy and copy over my personal stuff, like an
> > email corpus well over 15GB reaching back to 2002.
> > 
> > But I can't mount much of the drive, / is all that will actually mount,
> > because the 2 versions of ext4 are incompatible, nearly all the mount
> > and e2tools can't touch the installers ext4 file systems.
> > 
> > For instance, its not mounted:
> > gene@coyote:~$ e2fsck /dev/sdb8
> > e2fsck 1.42.5 (29-Jul-2012)
> > /dev/sdb8 has unsupported feature(s): metadata_csum
> > e2fsck: Get a newer version of e2fsck!
> > 
> > And of course whats installed to wheezy is the latest available wheezy
> > version of e2fsck.
> > 
> > Whats the recommended way to do these mounts so I can maintain as much
> > continuity as possible?
> 
> Maybe using apt-pinning.
> 
> In other words, installing the version of Stretch/Jessie on wheezy.
> 
> On the wheezy host, can't you backupt on an external hardware?

In those cases I usually boot a recent live-CD (or USB-stick) like KNOPPIX and 
mount and copy from there.

-- 
Eike Lantzsch ZP6CGE

Re: dar permiso de lectura y escritura disco duro externo

[Lic. Vladimir Valero]

A ver si entiendo:

dices que el hdd externo se debate entre dos pc una con win$ y otra con 
Linux?


No pudes migrar los permisos de un sistema operativo a otro, es decir 
los permisos que le das a tu HDD en Windows son solo aplicables a tu 
Windows, es mas si ese mismo disco los pones en otro Windows veras que 
los permisos que distes en el Win$ anterior ya no estan presentes en 
este ultimo porque eso se hace a nivel de sistema operativo. Lo mismo te 
pasara con Linux tu puedes dar permisos 444 para el propietario, grupo 
al que pertenece el propietario y el resto de los usuarios 
respectivamente eso es solo VALIDO para ese SO, cuando lo pones en otro 
Linux ya no sera de esa manera y lo puedes comprobar haciendo un ls -l. 
Otra cosa no olvides que en Linux el proceso de uso de un disco no es lo 
mismo que en Windows, para Linux todo es un archivo que parte de la 
raiz(/) todo, todo, todo se monta en algun lugar del SO cuando el pc 
arranca y tu HDD externo no es la exepcion 
(/media/miusuario/toshiba-hd-ext) el directorio toshiba-hd-ext es el 
contenedor donde estan alojados (montados) el contenido de tu HDD los 
permisos son aplicados a ese directorio LOCAL en tu system. Al desmontar 
el HDD externo y montarlo en otro lugar o mas critico aun en otro PC ya 
ese directorio no sera el mismo aunque tenga el mismo nombre y de igual 
manera los permisos por default no seran los mismos a no se que te tomes 
el trabajo de recrear un entorno de permisos y propietarios igual que el 
anterior, pero de cualquier manera eso lo tendras que hacer cada ves que 
cambies el directorio de montage de tu HDD, cambies de PC o SO. Algunos 
HDD externos (NO MUCHOS) incorporan un switch o interructor que te 
permite poner tu HDD como solo lectura y asi proteger tus datos, este 
tipo de cacharro aunque los he visto no son muy abundantes.


Saludos

---

Lic. Vladimir Valero

Administrador de Redes

Complejo Las Terrazas
El 19/08/18 a las 15:11, Constantino Vargas escribió:

Buenas tardes amigos y gracias por sus respuestas

tengo un disco duro externo de 1T, que esta formateado en NTFS y lo 
uso para respaldar informacion que proviene de pcs con windows 10 y de 
mi laptop con debian 9.



entiendo que cuando conecte este disco duro externo a una pc con 
windows corro peligro de infectarme con un virus.


por lo que desde mi debian quiero darle permiso de solo lectura a la 
totalidad del disco duro y a la carpeta en donde tengo respaldado toda 
mi informacion darle todo los permisos


he cambiado el permiso a modo lectura desde MC 444 pero no cambia

veo que el disco duro externo se monta en 
/media/miusuario/toshiba-hd-ext cuando lo conecto


gracias por su respuesta

--
Atentamente.

Constantino Vargas Cornejo

Re: painted into a corner

[john doe]

On 8/19/2018 9:40 PM, Gene Heskett wrote:

Greetings all;

I just installed stretch to a fresh 2T HD. letting it autopartition and
format for separate /, swap, /var and /home partitions. But I didn't let
it overwrite the grub on the 1st drive it was/is  booting wheezy from.

I figured I'd mount it to wheezy and copy over my personal stuff, like an
email corpus well over 15GB reaching back to 2002.

But I can't mount much of the drive, / is all that will actually mount,
because the 2 versions of ext4 are incompatible, nearly all the mount
and e2tools can't touch the installers ext4 file systems.

For instance, its not mounted:
gene@coyote:~$ e2fsck /dev/sdb8
e2fsck 1.42.5 (29-Jul-2012)
/dev/sdb8 has unsupported feature(s): metadata_csum
e2fsck: Get a newer version of e2fsck!

And of course whats installed to wheezy is the latest available wheezy
version of e2fsck.

Whats the recommended way to do these mounts so I can maintain as much
continuity as possible?



Maybe using apt-pinning.

In other words, installing the version of Stretch/Jessie on wheezy.

On the wheezy host, can't you backupt on an external hardware?

--
John Doe

painted into a corner

[Gene Heskett]

Greetings all;

I just installed stretch to a fresh 2T HD. letting it autopartition and 
format for separate /, swap, /var and /home partitions. But I didn't let 
it overwrite the grub on the 1st drive it was/is  booting wheezy from.

I figured I'd mount it to wheezy and copy over my personal stuff, like an 
email corpus well over 15GB reaching back to 2002.

But I can't mount much of the drive, / is all that will actually mount, 
because the 2 versions of ext4 are incompatible, nearly all the mount 
and e2tools can't touch the installers ext4 file systems.

For instance, its not mounted:
gene@coyote:~$ e2fsck /dev/sdb8
e2fsck 1.42.5 (29-Jul-2012)
/dev/sdb8 has unsupported feature(s): metadata_csum
e2fsck: Get a newer version of e2fsck!

And of course whats installed to wheezy is the latest available wheezy 
version of e2fsck.

Whats the recommended way to do these mounts so I can maintain as much 
continuity as possible?

Thanks all.

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

dar permiso de lectura y escritura disco duro externo

[Constantino Vargas]

Buenas tardes amigos y gracias por sus respuestas

tengo un disco duro externo de 1T, que esta formateado en NTFS y lo uso
para respaldar informacion que proviene de pcs con windows 10 y de mi
laptop con debian 9.


entiendo que cuando conecte este disco duro externo a una pc con windows
corro peligro de infectarme con un virus.

por lo que desde mi debian quiero darle permiso de solo lectura a la
totalidad del disco duro y a la carpeta en donde tengo respaldado toda mi
informacion darle todo los permisos

he cambiado el permiso a modo lectura desde MC 444 pero no cambia

veo que el disco duro externo se monta en /media/miusuario/toshiba-hd-ext
cuando lo conecto

gracias por su respuesta

-- 
Atentamente.

Constantino Vargas Cornejo

Re: Problem Mounting New Drives

[john doe]

On 8/19/2018 8:59 PM, Stephen P. Molnar wrote:



On 08/19/2018 02:28 PM, Reco wrote:

Hi.

On Sun, Aug 19, 2018 at 02:04:39PM -0400, Stephen P. Molnar wrote:

Note that second field is a mountpoint in fstab(5), as one of the stock
records show:


UUID=8f4eeaae-a055-4262-bebb-cf99abe982a5 /var    ext4 defaults
0   2

Yours have a block device name instead of mountpoint:

UUID=900b5f0b-4f3d-4a64-8c91-29aee4c6fd07 /dev/sdb1 ext4 
errors=remount-ro 0

1
UUID=d65867da-c658-4e35-928c-9dd2d6dd5742 /dev/sdc1 ext4 
errors=remount-ro 0

1
UUID=007c1f16-34a4-438c-9d15-e3df601649ba /dev/sdc2 ext4 
errors=remount-ro 0

1

So even a stock mount(1) should refuse to mount these.


When I rebooted the computer the OS didn't like the new fstab and 
gave me a

number of, at least to me, obscure messages.

systemd-mount can be cryptic, I agree.



Obviously, I missed something important.  My question is what?

It's a kind of dumb question, but where do you need your sdb1, sdc1 and
sdc2 mounted? Your fstab(5) does not mention that.

Reco



Well, that's another red faced forehead slapper!

It merely reinforces that I don't know what I'm doing as far as hardware 
is concerned.


It's a good thing that I'm an Organic Chemist and not an IT person.



Instead of trying your new changes in '/etc/fstab' by rebooting, you 
could also try 'mount -a'.


https://linux.die.net/man/8/mount

--
John Doe

Re: Problem Mounting New Drives

[Stephen P. Molnar]

On 08/19/2018 02:28 PM, Reco wrote:

Hi.

On Sun, Aug 19, 2018 at 02:04:39PM -0400, Stephen P. Molnar wrote:

Note that second field is a mountpoint in fstab(5), as one of the stock
records show:


UUID=8f4eeaae-a055-4262-bebb-cf99abe982a5 /varext4 defaults
0   2

Yours have a block device name instead of mountpoint:


UUID=900b5f0b-4f3d-4a64-8c91-29aee4c6fd07 /dev/sdb1 ext4 errors=remount-ro 0
1
UUID=d65867da-c658-4e35-928c-9dd2d6dd5742 /dev/sdc1 ext4 errors=remount-ro 0
1
UUID=007c1f16-34a4-438c-9d15-e3df601649ba /dev/sdc2 ext4 errors=remount-ro 0
1

So even a stock mount(1) should refuse to mount these.



When I rebooted the computer the OS didn't like the new fstab and gave me a
number of, at least to me, obscure messages.

systemd-mount can be cryptic, I agree.



Obviously, I missed something important.  My question is what?

It's a kind of dumb question, but where do you need your sdb1, sdc1 and
sdc2 mounted? Your fstab(5) does not mention that.

Reco



Well, that's another red faced forehead slapper!

It merely reinforces that I don't know what I'm doing as far as hardware 
is concerned.


It's a good thing that I'm an Organic Chemist and not an IT person.

Many, many thanks.

--
Stephen P. Molnar, Ph.D.
Consultant
www.molecular-modeling.net
(614)312-7528 (c)
Skype: smolnar1

Re: Literal postings, was Re: Wanted - Debian(preferred)/Linux handheld

[David Wright]

On Sun 19 Aug 2018 at 08:30:40 (+0200), Anders Andersson wrote:
> On Sat, Aug 18, 2018 at 6:42 PM, David Wright  
> wrote:
> >
> > . A lot of OPs provide very little background information. Sometimes
> > this may be because they don't know what *is* relevant, but often a
> > thread turns into an episode of "Twenty Questions" because of what
> > seems like a reluctance to reveal any facts about their system.
> >
> > . Following this, when the OP apparently "disappears" after making
> > their first post, people are left little option but to make guesses
> > about what their problem might be caused by.
> 
> In my opinion, the *proper* course of action is then to ask for more
> information instead of guessing. If OP then does not reply, then
> there's no need to keep going.

Many people make the assumption that if one person has a problem,
others are quite likely to, so the question may still be worth
pursuing. If you don't want to partake in it, that's fine.
(Brian has covered the situation where people think they have
some sort of proprietorial control over the direction threads drift.)

> I believe that my views on this have changed after the Stack Exchange
> network of websites sprung up. It makes such a huge difference in
> clarity when bad questions are forcibly closed until corrected.

Then head over there. I just checked: they have 2,625 questions
awaiting their first answer. But it's a different animal, run by a
company with hundreds of employees and tens of millions of dollars.
I use it all the time via google. Why try to duplicate it here?

This list has a completely different philosophy, see:
https://www.debian.org/MailingLists/
It's unmoderated and the postings are not tweaked into some sort of
conformity. A huge history of the Debian project has built up with
archives stretching back over two decades.

Cheers,
David.

Re: Problem Mounting New Drives

[Reco]

Hi.

On Sun, Aug 19, 2018 at 02:04:39PM -0400, Stephen P. Molnar wrote:

Note that second field is a mountpoint in fstab(5), as one of the stock
records show:

> UUID=8f4eeaae-a055-4262-bebb-cf99abe982a5 /varext4 defaults
> 0   2

Yours have a block device name instead of mountpoint:

> UUID=900b5f0b-4f3d-4a64-8c91-29aee4c6fd07 /dev/sdb1 ext4 errors=remount-ro 0
> 1
> UUID=d65867da-c658-4e35-928c-9dd2d6dd5742 /dev/sdc1 ext4 errors=remount-ro 0
> 1
> UUID=007c1f16-34a4-438c-9d15-e3df601649ba /dev/sdc2 ext4 errors=remount-ro 0
> 1

So even a stock mount(1) should refuse to mount these.


> When I rebooted the computer the OS didn't like the new fstab and gave me a
> number of, at least to me, obscure messages.

systemd-mount can be cryptic, I agree.


> Obviously, I missed something important.  My question is what?

It's a kind of dumb question, but where do you need your sdb1, sdc1 and
sdc2 mounted? Your fstab(5) does not mention that.

Reco

Re: Deep Packet Inspection

[Reco]

Hi.

On Sun, Aug 19, 2018 at 09:03:10PM +0300, Eero Volotinen wrote:
> snort

Intrusion detection. Unsuitable for traffic shaping or filtering.

> and suricata.

Utilizes NFQUEUE. Friends do not let friends to copy network packets
from kernelspace to userspace and back.

Reco

Problem Mounting New Drives

[Stephen P. Molnar]

Up to date Stretch.

I have just reinstalled Stretch on a new SSD as sda.  I  have two 
additional HD's on the platform, sdb and sdc.


Here is the blkid ouput:

root@AbNormal:/home/comp# blkid
/dev/sda1: UUID="07defe36-57e7-4218-82cb-35cc109b004e" TYPE="ext4" 
PARTUUID="2f9cc88d-01"
/dev/sda5: UUID="8f4eeaae-a055-4262-bebb-cf99abe982a5" TYPE="ext4" 
PARTUUID="2f9cc88d-05"
/dev/sda6: UUID="09461b2f-2b58-461a-869f-eef158a78127" TYPE="swap" 
PARTUUID="2f9cc88d-06"
/dev/sda7: UUID="3508065e-0ab4-424f-9002-3b237e5d120e" TYPE="ext4" 
PARTUUID="2f9cc88d-07"
/dev/sda8: UUID="af824450-3dd9-48b8-8ff3-c831365f31fa" TYPE="ext4" 
PARTUUID="2f9cc88d-08"
/dev/sdb1: UUID="900b5f0b-4f3d-4a64-8c91-29aee4c6fd07" TYPE="ext4" 
PARTUUID="0bc7db76-01"
/dev/sdb5: UUID="7c386aca-a547-475f-8616-f7664f93c595" TYPE="swap" 
PARTUUID="0bc7db76-05"
/dev/sdc1: UUID="d65867da-c658-4e35-928c-9dd2d6dd5742" TYPE="ext4" 
PARTUUID="0003d403-01"
/dev/sdc2: UUID="007c1f16-34a4-438c-9d15-e3df601649ba" TYPE="ext4" 
PARTUUID="0003d403-02"


On the basis of blkid output I edited /etc/fstab:

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
#   
# / was on /dev/sda1 during installation
UUID=07defe36-57e7-4218-82cb-35cc109b004e /   ext4 
errors=remount-ro 0   1

# /home was on /dev/sda8 during installation
UUID=af824450-3dd9-48b8-8ff3-c831365f31fa /home   ext4 
defaults0   2

# /tmp was on /dev/sda7 during installation
UUID=3508065e-0ab4-424f-9002-3b237e5d120e /tmpext4 
defaults0   2

# /var was on /dev/sda5 during installation
UUID=8f4eeaae-a055-4262-bebb-cf99abe982a5 /varext4 
defaults0   2

# swap was on /dev/sda6 during installation
UUID=09461b2f-2b58-461a-869f-eef158a78127 noneswap 
sw  0   0

/dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0 0

UUID=900b5f0b-4f3d-4a64-8c91-29aee4c6fd07 /dev/sdb1 ext4 
errors=remount-ro 0   1
UUID=d65867da-c658-4e35-928c-9dd2d6dd5742 /dev/sdc1 ext4 
errors=remount-ro 0   1
UUID=007c1f16-34a4-438c-9d15-e3df601649ba /dev/sdc2 ext4 
errors=remount-ro 0   1


/dev/sdb5 is the swap partition on the old sda, the new SSD was 
installed as sda, so I didn't include that swap in the edited fstab.


I also added sdb1, sdc1 and sdc2 to /.  /dev contains 
/sdb/sdb1/sdb2/sdb5/sdc,sdc1 and sdc2 as well as all of the entries for sda.


Before saving the edited fstab I renamed the /etc/fsab /etc/fstab_old.

When I rebooted the computer the OS didn't like the new fstab and gave 
me a number of, at least to me, obscure messages.


However, I was allowed to log on as root and execute startx.  This 
allowed me to reinstall the unedited fstab and the system booted properly.


Obviously, I missed something important.  My question is what?

Thanks in advance.

--
Stephen P. Molnar, Ph.D.
Consultant
www.molecular-modeling.net
(614)312-7528 (c)
Skype: smolnar1

Re: Deep Packet Inspection

[Eero Volotinen]

snort and suricata.

Eero

su 19. elok. 2018 klo 20.52 Reco  kirjoitti:

> Hi.
>
> On Sun, Aug 19, 2018 at 08:31:42PM +0300, Mimiko wrote:
> > Hello.
> >
> > Maybe this was answered. Is there a Deep Packet Inspection to use in
> Debian 9 for a firewall setup? Opensource and maybe in repository.
>
> Once upon a time there was so called l7filter (main suite), which was
> packaged for Debian, but it was excluded from current stable.
> Not a big loss IMO, as l7filter was only good for traffic classification
> (netfilter mangle table).
>
> You may want to check a set of kernel patches called nDPI - [1] (sorry
> for the GitHub link). It will take a patched kernel *and* iptables suite
> to make the thing run, and I suspect that amd64 is the only supported
> architecture.
>
> If software archeology is your thing, there's OpenDPI - [2] (sorry for
> the GitHub link again).
>
> As far as I can tell, there's no DPI software packaged for current
> stable at all.
>
> [1] https://github.com/vel21ripn/nDPI
>
> [2] https://github.com/thomasbhatia/OpenDPI
>
> Reco
>
>

Re: Sid: NFSv3 mounting problem

[Reco]

Hi.

On Sun, Aug 19, 2018 at 05:11:02PM +0200, Grzegorz Sójka wrote:
> On 08/19/18 16:52, deloptes wrote:
> > Grzegorz Sójka wrote:
> > 
> > > /home/trash 192.168.0.0/24(no_subtree_check,async,rw,all_squash)
> > 
> > and you are 100% sure you are using nfs v3 and not nfs v4 on the not working
> > client? you do not have firewalls enabled?
> 
> Yes, here is appropriate line from fstab:
> 
> Hermes:/home/trash /home/trash nfs vers=3,defaults,noatime,nodiratime 0 0

Out of pure curiosity, can you provide the result of

rpcinfo -p localhost

from the NFS server, 'good' NFS client and a 'problematic' one?

And, while we're at it anyway, the result of:

rpcinfo -p hermes

from both the clients?

Reco

Re: Deep Packet Inspection

[Dan Ritter]

On Sun, Aug 19, 2018 at 08:31:42PM +0300, Mimiko wrote:
> Hello.
> 
> Maybe this was answered. Is there a Deep Packet Inspection to use in Debian 9 
> for a firewall setup? Opensource and maybe in repository.
> 

libndpi and ntopng are packaged, but no firewall built on that
is packaged (that I know of).

zorp is a proxying firewall with many look-inside features, but
is not arbitrarily deep.

Why do you need DPI rather than connection tracking?

-dsr-

Re: Deep Packet Inspection

[Reco]

Hi.

On Sun, Aug 19, 2018 at 08:31:42PM +0300, Mimiko wrote:
> Hello.
> 
> Maybe this was answered. Is there a Deep Packet Inspection to use in Debian 9 
> for a firewall setup? Opensource and maybe in repository.

Once upon a time there was so called l7filter (main suite), which was
packaged for Debian, but it was excluded from current stable.
Not a big loss IMO, as l7filter was only good for traffic classification
(netfilter mangle table).

You may want to check a set of kernel patches called nDPI - [1] (sorry
for the GitHub link). It will take a patched kernel *and* iptables suite
to make the thing run, and I suspect that amd64 is the only supported
architecture.

If software archeology is your thing, there's OpenDPI - [2] (sorry for
the GitHub link again).

As far as I can tell, there's no DPI software packaged for current
stable at all.

[1] https://github.com/vel21ripn/nDPI

[2] https://github.com/thomasbhatia/OpenDPI

Reco

Deep Packet Inspection

[Mimiko]

Hello.

Maybe this was answered. Is there a Deep Packet Inspection to use in Debian 9 
for a firewall setup? Opensource and maybe in repository.

Thank you.

Re: Debian 9.5 install hangs at starting up the partitioner

[Felix Miata]

Malcolm Crowe composed on 2018-08-19 16:01 (UTC+0100):

> Googling this issue just showed closed threads from years ago.
> I'm installing from dvd-1.iso to an empty virtual machine with a
> new fixed size 127GB virtual disk.
> One of the threads suggested changing boot parameters: how would I do this?
> I've tried the standard and advanced graphical installs.

On the old netboot Stretch media I just booted:

1-when the boot menu appears on the screen, hit 
2-"boot: " appears on the screen, hit 
3-several options appear on the screen, last of which is "help"
4-type help and hit 

a function key menu appears containing several choices about boot parameters

more: https://www.debian.org/releases/stable/i386/ch05s03.html.en
-- 
"Wisdom is supreme; therefore get wisdom. Whatever else you
get, get wisdom." Proverbs 4:7 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: Group ID conflicts between different distros: how to manage them with NIS?

[Michael Stone]

On Fri, Aug 17, 2018 at 02:48:56PM -0300, Joao Roscoe wrote:

Right, that's best practice.

But, what if I need to include a user who is defined in NIS in lp or ttyS0
group? Would going into /etc/group in *every* machine be unavoidable?


That's one option. Another would be to create new centrally-managed 
groups and give those groups permissions to do what is needed across the 
environment. A third option would be to give people certain permissions 
when they log in. There are any number of solutions, all of which will 
be more reliable than trying to centrally manage system groups. The best 
option really depends on what you're trying to accomplish.


Mike Stone

Debian 9.5 install hangs at starting up the partitioner

[Malcolm Crowe]

Hi,
Googling this issue just showed closed threads from years ago.
I'm installing from dvd-1.iso to an empty virtual machine with a
new fixed size 127GB virtual disk.
One of the threads suggested changing boot parameters: how would I do this?
I've tried the standard and advanced graphical installs.
Many thanks
Malcolm Crowe

Re: Sid: NFSv3 mounting problem

[Grzegorz Sójka]

On 08/19/18 16:52, deloptes wrote:

Grzegorz Sójka wrote:


/home/trash 192.168.0.0/24(no_subtree_check,async,rw,all_squash)


and you are 100% sure you are using nfs v3 and not nfs v4 on the not working
client? you do not have firewalls enabled?


Yes, here is appropriate line from fstab:

Hermes:/home/trash /home/trash nfs vers=3,defaults,noatime,nodiratime 0 0

> you do not have firewalls enabled?
I do have firewall only on external interface. Moreover I have a dual 
boot (the some network settings) and the other distro mounts fine.


--
Pozdrawiam
Grzesiek

Wysłane z kompa wolnego od wirusów Billa Gatesa.

Re: yabasic problem

[Thomas Schmitt]

Hi,

Curt wrote:
> I ain't no programmer, but sure is butt ugly.

Yeah. This Yet-Another-BASIC lacks the ON ERROR GOTO gesture.
(Found the booklet. It's HP BASIC 3.0, not 2.0. Newest techology of 1985.)


Have a nice day :)

Thomas

Re: Sid: NFSv3 mounting problem

[deloptes]

Grzegorz Sójka wrote:

> /home/trash 192.168.0.0/24(no_subtree_check,async,rw,all_squash)

and you are 100% sure you are using nfs v3 and not nfs v4 on the not working
client? you do not have firewalls enabled?

Re: yabasic problem

[Curt]

On 2018-08-19, Richard Owlett  wrote:
>> 
>> I tried to look up their online documentation, but it's one of
>> those stupid javascript-only sites, and I tend to avoid that.
>> Attention economy? I can play that: they won't get mine.
>
> So somebody agrees with me.
> A well done HTML manual is in the Debian package.
> Thanks
>

I glanced at some doc and your manner of creating a variable is rather
opinionated.

You can test for successful file opening thusly:

 if (not open(#1,"test.dat","r")) print "Can't open the file!"

Opening test.dat in the current directory, reading and printing its
contents, which are:

 one two three 
 four five 
 six seven eight nine

code:

 open 1,"test.dat","r" 
 while(!eof(1))
  input #1 a$ 
  line input b$ 
  print "a$=\"",a$,"\", b$=\"",b$,"\"" 
 wend

To create a variable (and then open and read that):

 a=open("foo")
 input #a a$

I ain't no programmer, but sure is butt ugly.

-- 
"She was a blank wall, fresh painted." 
Louise Erdrich, Love Medicine

Re: Sid: NFSv3 mounting problem

[Grzegorz Sójka]

On 08/19/18 00:08, deloptes wrote:

Grzegorz Sójka wrote:



Hi there

I have stretch x86_64 home server running NFSv3 and Sid-x86-64 desktop.
When I try to mount any NFS share on the desktop I always get the
following:

# mount -v /home/trash
mount.nfs: timeout set for Sat Aug 18 18:55:52 2018
mount.nfs: trying text-based options 'nfsvers=3,addr=192.168.0.129'
mount.nfs: prog 13, trying vers=3, prot=6
mount.nfs: trying 192.168.0.129 prog 13 vers 3 prot TCP port 2049
mount.nfs: prog 15, trying vers=3, prot=17
mount.nfs: trying 192.168.0.129 prog 15 vers 3 prot UDP port 37385
mount.nfs: Protocol not supported

I'm pretty convinced that the server is running fine. It's because I
have Odroid-C2 client (and two other raspberry pi) using NFSv3 without
any problems. Actually, I did copy-paste the following line:

Hermes:/home/trash /home/trash nfs vers=3,defaults,noatime,nodiratime 0 0

from the odroid to pc fstab.

Thanks in advance for any help


Did you add the new client to the exportfs file on the server?


I have a whole subnet in exports:

/home/trash 192.168.0.0/24(no_subtree_check,async,rw,all_squash)

--
Pozdrawiam
Grzesiek

Wysłane z kompa wolnego od wirusów Billa Gatesa.

Re: yabasic problem

[Richard Owlett]

On 08/19/2018 08:36 AM, to...@tuxteam.de wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Aug 19, 2018 at 08:00:31AM -0500, Richard Owlett wrote:

I've installed yabasic from the repository.

I invoked as:> richard@debian-jan13:~$

richard@debian-jan13:~$ yabasic

This is yabasic version 2.78.0,
built on i686-pc-linux-gnu at Mon Jan 23 14:17:02 UTC 2017

My code fragment is:

infile$  = 
"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt"
outfile$ = 
"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/1stpass.txt"
fd_in=open("/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt","r")
print peek$("error")
fd_out = open(outfile$,"w")
print peek$("error")


For both print peek$("error") I'm told "No such file or directory".
The file to be read EXISTS and belongs to "richard"


Most people here won't know what 'print' and 'peek' do. Things you
might want to check:

   - is yabasic trying to interpret print's first argument (i.e.
 those pesky 'peek()' as some kind of file descriptor or name
 where to print to?


According to the manual, "peek$("error")" is explicitly for diagnosing 
problems when opening a file.




   - try running your program under strace: there you'll see which
 system calls are being issued, and perhaps gain some insight
 on where this "No such file..." (ENOENT) really happens and
 what argument values are being passed to the system call.

 (as a very short intro:

   strace -o  yabasic
   [do your thing]
   [exit]
   [go carefully with a pitchfork through your trace file
looking out for your file names and for ENOENT]

 Holler here if you need help with strace. It's a handy tool
 in any hacker's toolbox.


Didn't know of strace. Just glanced at manpage. On my way out - pursue 
this afternoon.




I tried to look up their online documentation, but it's one of
those stupid javascript-only sites, and I tend to avoid that.
Attention economy? I can play that: they won't get mine.


So somebody agrees with me.
A well done HTML manual is in the Debian package.
Thanks




Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlt5cmQACgkQBcgs9XrR2kYdwgCaAyvOm44ZmYkfmQsyBH7DOVbn
d4UAn3bJsq1dEoYlBdWpbAeLJ+ttbp7F
=jkYQ
-END PGP SIGNATURE-

Re: yabasic problem

[Thomas Schmitt]

Hi,

i still have a HP BASIC 2.0 Quick Reference somewhere ...

Richar Owlett wrote:
> fd_in=open("/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt","r")
> print peek$("error")

Although the open() call does not really look like BASIC, it is authorized
by http://www.yabasic.de/yabasic.htm#ref_open

But shouldn't you test fd_in for failure (i.e. whether it is 0 after the
call) ?

The description of peek$("error") indicates that your BASIC program
should not even reach the message print command if open() failed.
It does not promise that the error indicator is reset when a new open()
or seek() is performed.
  http://www.yabasic.de/yabasic.htm#ref_peek

> Suggestions?

#ref_peek suggests
  if you use open as a condition (e.g. if (open(#1,"foo")) …) the outcome
  (success or failure) of the open-operation will determine, if the
  condition evaluates to true or false. If now such an operation fails,
  your program will not be terminated and you might want to learn the
  reason for failure. This reason will be returned by peek("error")
 (as a number) or by peek$("error") (as a string)


Mandatory deviation from literally answering the original question:
Even considering all sweet nostalgy, i would still stay with C as language.


Have a nice day :)

Thomas

Re: yabasic problem

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Aug 19, 2018 at 08:00:31AM -0500, Richard Owlett wrote:
> I've installed yabasic from the repository.
> 
> I invoked as:> richard@debian-jan13:~$
> >richard@debian-jan13:~$ yabasic
> >
> >This is yabasic version 2.78.0,
> >built on i686-pc-linux-gnu at Mon Jan 23 14:17:02 UTC 2017
> My code fragment is:
> >infile$  = 
> >"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt"
> >outfile$ = 
> >"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/1stpass.txt"
> >fd_in=open("/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt","r")
> >print peek$("error")
> >fd_out = open(outfile$,"w")
> >print peek$("error")
> 
> For both print peek$("error") I'm told "No such file or directory".
> The file to be read EXISTS and belongs to "richard"

Most people here won't know what 'print' and 'peek' do. Things you
might want to check:

  - is yabasic trying to interpret print's first argument (i.e.
those pesky 'peek()' as some kind of file descriptor or name
where to print to?

  - try running your program under strace: there you'll see which
system calls are being issued, and perhaps gain some insight
on where this "No such file..." (ENOENT) really happens and
what argument values are being passed to the system call.

(as a very short intro:

  strace -o  yabasic
  [do your thing]
  [exit]
  [go carefully with a pitchfork through your trace file
   looking out for your file names and for ENOENT]

Holler here if you need help with strace. It's a handy tool
in any hacker's toolbox.

I tried to look up their online documentation, but it's one of
those stupid javascript-only sites, and I tend to avoid that.
Attention economy? I can play that: they won't get mine.

Cheers
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlt5cmQACgkQBcgs9XrR2kYdwgCaAyvOm44ZmYkfmQsyBH7DOVbn
d4UAn3bJsq1dEoYlBdWpbAeLJ+ttbp7F
=jkYQ
-END PGP SIGNATURE-

Re: Wanted - Debian(preferred)/Linux handheld

[Eric S Fraga]

On Thursday, 16 Aug 2018 at 14:28, Glenn English wrote:
> It's all over Amazon (search: planet gemini pda computer), but, as
> best I can tell, there's no computer. 

I'm not sure I understand what you mean by "there's no computer."  The
Gemini is not vapourware.  It exists.  

I bought mine retail from planetcom.co.uk in June and have been using it
for 2 months.  Installed Debian (stretch) and am loving it.  I don't use
it as a mobile phone but as a small laptop.  It has some rough edges
without doubt but perfectly usable (for my use case); YMMV, of course.

-- 
Eric S Fraga via Emacs 27.0.50 & org 9.1.13 on Debian buster/sid

Re: What is the mailing list software used by lists.debian.org?

[Carl Fink]

On 08/19/2018 02:51 AM, Byung-Hee HWANG (황병희, 黃炳熙) wrote:

Brian Nguyen  writes:


I think it's not GNU Mailman. What is the software used for official Debian 
mailing lists? Is it free
software?

Maybe following page do help for you.
See /MailingLists/index.en.html.

Yes that is not GNU Mailman.

To avoid being coy, it's a package called "SmartList" which is free and 
which is available as a Debian package, IIRC.

--
Carl Fink

What is the name of this xfce element?

[Martin]

Hi list members,

can someone tell me please, what the name of those xfce pop-windows is, what 
you get on certain task bar elements (clementine, as an example), when you 
click them? And, even more important, how to change the size of those things?
Don't know what I'm talking about -> 
https://drive.google.com/file/d/133MNrQ7QTPxxVma0GtflxhDVZfyQclaD/view

Martin

yabasic problem

[Richard Owlett]

I've installed yabasic from the repository.

I invoked as:> richard@debian-jan13:~$

richard@debian-jan13:~$ yabasic

This is yabasic version 2.78.0,
built on i686-pc-linux-gnu at Mon Jan 23 14:17:02 UTC 2017

My code fragment is:

infile$  = 
"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt"
outfile$ = 
"/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/1stpass.txt"
fd_in=open("/home/richard/Documents/cherrytree/edit_bookmarks/expermental_copies/prettytest0txt","r")
print peek$("error")
fd_out = open(outfile$,"w")
print peek$("error")


For both print peek$("error") I'm told "No such file or directory".
The file to be read EXISTS and belongs to "richard"

I'm running the i386 flavor of Debian Stretch on a 686 machine [ThinkPad 
T510]


Suggestions?
TIA

Re: Repository Problem

[Stephen P. Molnar]

On 08/19/2018 08:21 AM, Freek de Kruijf wrote:

Op zaterdag 18 augustus 2018 20:50:34 CEST schreef Stephen P. Molnar:

root@AbNormal:/home/comp# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
 valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
 valid_lft forever preferred_lft forever
2: enp2s0:  mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
  link/ether bc:ee:7b:5e:83:36 brd ff:ff:ff:ff:ff:ff
  inet 192.168.1.123/24 brd 192.168.1.255 scope global dynamic enp2s0
 valid_lft 86368sec preferred_lft 86368sec
  inet6 2600:1700:4280:3690::33/128 scope global dynamic
 valid_lft 1209566sec preferred_lft 1209566sec
  inet6 2600:1700:4280:3690:f15f:a615:62e3:1b2d/64 scope global
temporary dynamic
 valid_lft 604766sec preferred_lft 85961sec
  inet6 2600:1700:4280:3690:beee:7bff:fe5e:8336/64 scope global
mngtmpaddr noprefixroute dynamic
 valid_lft 1209598sec preferred_lft 1209598sec
  inet6 fe80::beee:7bff:fe5e:8336/64 scope link
 valid_lft forever preferred_lft forever
root@AbNormal:/home/comp#

This means you get an IPv6 address, but using it needs also a proper default
gateway or router address. So what is the output of:

ip -6 r


root@AbNormal:/home/comp# ip -6 r
2600:1700:4280:3690::33 dev enp2s0 proto kernel metric 256  expires 
1209559sec pref medium

2600:1700:4280:3690::/64 dev enp2s0 proto ra metric 100  pref medium
2600:1700:4280:3690::/60 via fe80::3e04:61ff:feb3:3c20 dev enp2s0 proto 
ra metric 100  pref medium

fe80::3e04:61ff:feb3:3c20 dev enp2s0 proto static metric 100  pref medium
fe80::/64 dev enp2s0 proto kernel metric 256  pref medium
default via fe80::3e04:61ff:feb3:3c20 dev enp2s0 proto static metric 
100  pref medium

root@AbNormal:/home/comp#

--
Stephen P. Molnar, Ph.D.
Consultant
www.molecular-modeling.net
(614)312-7528 (c)
Skype: smolnar1

Re: Repository Problem

[Stephen P. Molnar]

On 08/18/2018 11:59 PM, mick crane wrote:

On 2018-08-19 02:37, Cindy-Sue Causey wrote:

On 8/18/18, Stephen P. Molnar  wrote:


On 08/18/2018 01:54 PM, Brian wrote:

What does 'ip a' give you? And 'ping -cwww.debian.org?


   Thanksfot the reply.

root@AbNormal:/home/comp# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp2s0:  mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
 link/ether bc:ee:7b:5e:83:36 brd ff:ff:ff:ff:ff:ff
 inet 192.168.1.123/24 brd 192.168.1.255 scope global dynamic 
enp2s0

valid_lft 86368sec preferred_lft 86368sec
 inet6 2600:1700:4280:3690::33/128 scope global dynamic
valid_lft 1209566sec preferred_lft 1209566sec
 inet6 2600:1700:4280:3690:f15f:a615:62e3:1b2d/64 scope global
temporary dynamic
valid_lft 604766sec preferred_lft 85961sec
 inet6 2600:1700:4280:3690:beee:7bff:fe5e:8336/64 scope global
mngtmpaddr noprefixroute dynamic
valid_lft 1209598sec preferred_lft 1209598sec
 inet6 fe80::beee:7bff:fe5e:8336/64 scope link
valid_lft forever preferred_lft forever
root@AbNormal:/home/comp#

root@AbNormal:/home/comp# ping -c www.debian.org

but, without the -c switch:

PING www.debian.org(mirror-isc3.debian.org (2001:4f8:1:c::15)) 56 data
bytes
^C
--- www.debian.org ping statistics ---
12 packets transmitted, 0 received, 100% packet loss, time 11266ms

root@AbNormal:/home/comp#

ping: bad number of packets to transmit. ping -cwww.debian.org
root@AbNormal:/home/comp#



I tried this, too, while lurking along. Received the same "bad number
of packets" *abrupt retort* to "ping -c". I didn't want to
interject/bother anyone here so I searched the Net instead.

Only 175 pages pulled up when that advisement is enclosed in quotation
marks. A slightly wider search with 'ping "bad number of packets"'
only raised it to 360 pages.

That seems curiously small. Does it mean it's something that people
pretty much don't need and/or just don't know they could address
somehow?

Two for two of us here tried it and received that message so that's
why I decided to put this out here. Are we the only two in the World
with this... no, surely not...

And ultimately does it matter enough that it could maybe use some,
e.g. Publicity Team, airtime now that it has come up in a very
informative way?

It's the first time I've ever done the "ping -c", I always just ping
because I never thought about taking it any further than just making
sure I was connected to the Net... to which I am so am off to search
for answers. :)

Cindy :)

I think you are supposed to put a number after -c
man ping

mick

Absolutely, correct.

root@AbNormal:/home/comp# ping -c 4 www.debian.org
PING www.debian.org (128.31.0.62) 56(84) bytes of data.
64 bytes from mirror-csail.debian.org (128.31.0.62): icmp_seq=1 ttl=46 
time=29.2 ms
64 bytes from mirror-csail.debian.org (128.31.0.62): icmp_seq=2 ttl=46 
time=29.1 ms
64 bytes from mirror-csail.debian.org (128.31.0.62): icmp_seq=3 ttl=46 
time=29.0 ms
64 bytes from mirror-csail.debian.org (128.31.0.62): icmp_seq=4 ttl=46 
time=29.2 ms


--- www.debian.org ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 29.046/29.165/29.266/0.193 ms
root@AbNormal:/home/comp#

--
Stephen P. Molnar, Ph.D.
Consultant
www.molecular-modeling.net
(614)312-7528 (c)
Skype: smolnar1

Re: Repository Problem

[Freek de Kruijf]

Op zaterdag 18 augustus 2018 20:50:34 CEST schreef Stephen P. Molnar:
> root@AbNormal:/home/comp# ip a
> 1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
> group default qlen 1
>  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>  inet 127.0.0.1/8 scope host lo
> valid_lft forever preferred_lft forever
>  inet6 ::1/128 scope host
> valid_lft forever preferred_lft forever
> 2: enp2s0:  mtu 1500 qdisc pfifo_fast
> state UP group default qlen 1000
>  link/ether bc:ee:7b:5e:83:36 brd ff:ff:ff:ff:ff:ff
>  inet 192.168.1.123/24 brd 192.168.1.255 scope global dynamic enp2s0
> valid_lft 86368sec preferred_lft 86368sec
>  inet6 2600:1700:4280:3690::33/128 scope global dynamic
> valid_lft 1209566sec preferred_lft 1209566sec
>  inet6 2600:1700:4280:3690:f15f:a615:62e3:1b2d/64 scope global
> temporary dynamic
> valid_lft 604766sec preferred_lft 85961sec
>  inet6 2600:1700:4280:3690:beee:7bff:fe5e:8336/64 scope global
> mngtmpaddr noprefixroute dynamic
> valid_lft 1209598sec preferred_lft 1209598sec
>  inet6 fe80::beee:7bff:fe5e:8336/64 scope link
> valid_lft forever preferred_lft forever
> root@AbNormal:/home/comp#

This means you get an IPv6 address, but using it needs also a proper default 
gateway or router address. So what is the output of:

ip -6 r

-- 
fr.gr.

Freek de Kruijf

Re: script bash pour unbound

[Petrus MH8]

Bonjour,

J'utilise actuellement un script un peu différent avec Unbound, pour une
finalité anti-pubs équivalente avec une autre source, je pense cependant
qu'il est possible de remanier la commande afin d'utiliser ta source si
tu préfères...
En espérant que ca fonctionne toujours sur la version Unbound distribuée
sur une Stretch, car actuellement sur une Raspbian 8 Jessie.

réf:
https://mh8.mooo.com/www/leminos/wiki/unbound-serveur-dns-a-la-maison-requetes-aux-dns-racines



Le 18/08/2018 à 21:48, Bernard Schoenacker a écrit :
> bonjour,
>
> j'ai pris ce script bash et je n'arrive pas à le déverminer:
>
> https://blog.mirabellette.eu/index.php?article17/block-advertise-domain-name-with-unbound
>
> voici le début qui pose problème :
>
> ARRAY= 
> $(https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts
>  )
>
> for i in "${ARRAY[@]}"
> do
>   wget -c  -O  w  "$i"
>
>   grep -v " #\|\|\|\|\|\|href\|title=\|=\|<" w > 
> adsList.txt
>   rm -f w
>   dos2unix adsList.txt
>
>
> merci pour le coup de puce
>
> slt
> bernard
>






signature.asc
Description: OpenPGP digital signature

Re: checkbox in libreoffice base doesn't work anymore

[Joe]

On Sat, 18 Aug 2018 23:58:03 +0200
Flo  wrote:

> > 
> > The best help I can offer is to recommend you don't use Base for
> > anything mission-critical. It's barely useable, buggy as hell and
> > it frequently regresses. It hasn't improved much in the last five
> > years, though at least it can talk to MySQL directly now rather
> > than using the even less functional ODBC.
> > 
> > You and I must be two of about three people in the world using Base,
> > because there's no sense of urgency there. I'm doing pretty much
> > all my database work in PHP now.
> >   
> 
> It is kind of critical, I programmed my tax consultant with Base. At
> least it's not time critical :-)
> 

Last year, I opened Base to print an invoice, and the Report Writer was
gone. Not a sign of it opening. I've had trouble with Report Writer
before, but never had it actually go missing. So I spent an evening
learning a PDF library and writing an invoice printer in PHP...

It's a much better application, but it's single-purpose, so not a great
ROI. I once had hopes of Base aspiring to be an Access (by far the best
software MS has ever produced) clone, but I can't see it happening now.
It never got good enough to get enough users to justify the effort to
make it good enough...

-- 
Joe

Re: bts command `send-unmatched'

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Aug 19, 2018 at 03:40:18PM +0900, Byung-Hee HWANG (황병희, 黃炳熙) wrote:

[...]

> Sorry for late. And thank you very so much for your explanation.

Hey, no problem :-)

I'm glad that so many people contribute to making a great distribution,
and you are now part of it. So thank *you* very much!

> By the way my friend told me the command is disabled by BTS
> server. In this case, may i do to comment on that to the translating
> page? 

Perhaps this makes sense, but I don't know the details myself...

> Again thank you tomas and your time^^

And thank you for your hard work.

Cheers
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlt5HGwACgkQBcgs9XrR2kaCFgCeIkbhVCkg1uqMRMJR6q+Z2F+s
SfMAmgMWlRKJeYU9mWsSV5Mmxvc+Y2W6
=VjPe
-END PGP SIGNATURE-

Re: What is the mailing list software used by lists.debian.org?

[Byung-Hee HWANG (황병희, 黃炳熙)]

Brian Nguyen  writes:

> I think it's not GNU Mailman. What is the software used for official Debian 
> mailing lists? Is it free
> software?

Maybe following page do help for you.
See /MailingLists/index.en.html.

Yes that is not GNU Mailman.

-- 
^고맙습니다 _地平天成_ 감사합니다_^))//

Re: bts command `send-unmatched'

[Byung-Hee HWANG (황병희, 黃炳熙)]

 writes:

> On Wed, Aug 15, 2018 at 04:13:32PM +0900, Byung-Hee HWANG (황병희, 黃炳熙) wrote:
>> When i type command by email as follows:
>> 
>> send-unmatched old|-2
>> send-unmatched [old|-2]
>> 
>> Then BTS server tell me "Unknown command or malformed arguments to
>> command." with both above commands.
>> 
>> Yes, i'm now translating /Bugs/server-request
>> [https://www.debian.org/Bugs/server-request.en.html].
>> 
>> Is that dead command? Or am i someting wrong?
>
> Hey, and thanks for your translation work!
>
> NOTE: I didnn't really try this, this is just a quick answer.
>
> I think those signs [ | and ] are just what is called "metasyntax" [1]
> In this case, [...] seems to mean that what goes in [] is optional,
> that is:
>
>   index [full]
>
> means you can either say "index" or "index full". And ...|... means
> either... or, for example:
>
>   send-unmatched last|-1
>
> means you can say "send-unmatched last" or "send-unmatched -1" (both
> seem to mean the same thing). Finally
>
>   send-unmatched [this|0]
>
> means you can say "send unmatched this", "send-unmatched 0" or just simply
> "send-unmatched". Those also seem to mean the same thing.
>
> HTH
> [1] https://en.wikipedia.org/wiki/Metasyntax

Sorry for late. And thank you very so much for your explanation.

By the way my friend told me the command is disabled by BTS
server. In this case, may i do to comment on that to the translating
page? 

Again thank you tomas and your time^^

Sincerely, Byung-Hee.

-- 
^고맙습니다 _地平天成_ 감사합니다_^))//

Re: Literal postings, was Re: Wanted - Debian(preferred)/Linux handheld

[Anders Andersson]

On Sat, Aug 18, 2018 at 6:42 PM, David Wright  wrote:
>
> . A lot of OPs provide very little background information. Sometimes
> this may be because they don't know what *is* relevant, but often a
> thread turns into an episode of "Twenty Questions" because of what
> seems like a reluctance to reveal any facts about their system.
>
> . Following this, when the OP apparently "disappears" after making
> their first post, people are left little option but to make guesses
> about what their problem might be caused by.

In my opinion, the *proper* course of action is then to ask for more
information instead of guessing. If OP then does not reply, then
there's no need to keep going.

I believe that my views on this have changed after the Stack Exchange
network of websites sprung up. It makes such a huge difference in
clarity when bad questions are forcibly closed until corrected.


> . Some OPs provide facts which, when people start investigating, are
> found to be incorrect, so the thread bifurcates into those accepting
> the factoid and others disputing it.

This is of course unfortunate but something even I have to admit that
we have to accept. :)