Re: Synaptic error

[Reco]

Hi.

On Sun, Apr 12, 2020 at 06:50:04PM -0500, David Wright wrote:
> On Sun 12 Apr 2020 at 15:46:45 (+0200), to...@tuxteam.de wrote:
> > On Sun, Apr 12, 2020 at 08:43:12AM -0500, Richard Owlett wrote:
> > > Using Synaptic I:
> > > 1. searched package names for "info"
> > > 2. selected it
> > > 3. clicked Apply
> > > 4. received error message saying
> > > >E: Could not open lock file /var/cache/apt/archives/lock - open (2: No 
> > > >such file or directory)
> > > >E: Could not open file descriptor -1
> > > >E: Unable to lock the download directory
> > 
> > Question: is there a /var/cache/apt/archives directory? There should
> > be one.
> 
> The impression given by the FHS is that, upon deletion, the system
> should be able to recreate anything in a cache directory.

That is assuming that the cache directory itself is existing (i.e.
/var/cache, and everything down the filesystem hierarchy that's needed).
Note that FHS part you're quoting specifically refers to the "files",
not anything else.

A small distinction, but it's important here.

Reco

Re: DOH (was: geolocation services disabled and Gnome maps)

[Reco]

Hi.

On Sun, Apr 12, 2020 at 07:46:38PM -0400, Lee wrote:
> > The questionable idea behind DOH is that the browser makers do not trust
> > your local resolver.
> 
> Mozilla claims it's a privacy issue:
> https://support.mozilla.org/en-US/kb/firefox-dns-over-https

It's a privacy issue along with the other things.
With the default settings the Firefox user is handing all DNS resolution
to Cloudflare. Not an equivalent to complete browsing history, but close
enough.


> > 1) One can use a local resolver with the ability *not* to resolve
> > certain DNS queries, which refer to the sites which just happen to
> > contain advertisements, fingerprinting, tracking, cryptomining etc.
> > Since all two major browser makers (Google and Mozilla) happen to rely
> > on revenue generated by advertising *and* users' browsing habits this
> > obviously can not be tolerated.
> 
> Wasn't there a fairly recent kerfluffle about an upcoming change to
> chrome that would break things like the uMatrix addon?

There was, indeed.


> If firefox wasn't a viable alternative to chrome, what are the chances
> that change would have been implemented?

It is implemented already, it's just there are alternatives to
declarativeNetRequest that are working - so far.


> > 3) Bad guys and gals can hijack DNS too, to the usual hilarious results.
> 
> And the bad guys and gals can use DOH to "hide" their traffic and
> circumvent things like pihole.

There is tor or i2p for *that* already.


> I just did a quick search and couldn't find anything for smart TVs
> using DOH.

Probably because they aren't there yet. A typical smart TV is based on
the Android, and Google haven't said their word about DOH so far.


> > With the advent of HTTPS all this may be seen as moot points (if you're
> > redirected elsewhere the certificate validation should fail), but
> > nevertheless DOH is forced upon the collective throat of Firefox users
> > as we speak (and Chrome users are likely to follow them Soon™).
> > Currently a Firefox user is supposed to trust Cloudflare to do DNS
> > queries for them, and HTTPS is used for this purpose because Security™.
> 
> For some values of "security", DOH _is_ more secure.

As far as the "last mile" is concerned - maybe. As far as the whole
Internet goes - not so much as overall security of DNS queries depends
of DNSSEC implemented in every zone (and it ain't there yet).


> How many people use a dnssec validating resolver?

See above. Besides, DNSSEC is for integrity of zones, not privacy.
You need DNS-over-TLS if you need last one.


> At least Cloudflare resolvers have dnssec enabled.

*And* the ability to see users' DNS queries. Neat, right?

Reco

Re: Synaptic error

[Richard Owlett]

On 04/12/2020 03:28 PM, songbird wrote:

Richard Owlett wrote:

Using Synaptic I:
1. searched package names for "info"
2. selected it
3. clicked Apply
4. received error message saying

E: Could not open lock file /var/cache/apt/archives/lock - open (2: No such 
file or directory)
E: Could not open file descriptor -1
E: Unable to lock the download directory



I've had no previous problem with Synaptic.
My Debian version is 9.8
Help please.


   whatever else is going on i would wonder how such
directories were removed?

   was this something you did?


Those are among my questions ;}


   have you changed partitions or mount points or
something here or run some other command which had
unintended consequences?


Not that I know of.
I intend to do a scratch install of Buster shortly, after doing a 
inventory of applications I actually use. Due to bandwidth constraints 
and some personal preferences I purchase complete DVD sets.


It has been suggested that I install auditd and was referred to the 
auditctl man page when I asked for newbie oriented orientation.
[Not only is forest concealed by the trees, it is obscured by the veins 
of the leaves of the trees. Any suggestions for a broad overview?]

Re: Debian is testing Discourse

[Keith Bainbridge]

On 12/4/20 10:09 pm, Andy Smith wrote:

I am really glad that Debian is investigating this option and I look
forward to answering (and asking!) typical debian-user questions
there. I hope that fellow debian-user regulars will give it a try
with an open mind.



OK I might give it a try - but my history with fora that are available 
in browser is that I forget to go look at what is happening; even when I 
ask a question. At least with email, I get a prompt to look at un-read mail.



If the interface is as good as google mail in browser, I won't last 
long; maybe 2 minutes.


--
Keith Bainbridge

ke1th3...@zoho.com
+61 (0)447 667 468

Re: Problemes amb la captura d'àudio

[Enric]

Salut Xavier, 

gràcies per ser agosarat. Tinc el pressentiment, que serà una cosa
senzilla com aquesta. Per tant, qualsevol suggeriment serà més que
benvingut. 

Però en aquest cas, el Mic Mute es refereix al LED del teclat. Tinc un
botó que em permetia obrir i tancar el micro, i m'ho ensenyava amb un
LED taronja indicant si estava engegat o apagat. 

Amb aquesta opció del alsamixer, es pot fer que el LED estigui apagat
(Mic Mute off), estigui encès (Mic Mute on), s'engegui segons si segueix
el Mute (Follow Mute) i el que més m'intriga, l'opció que segueix la
captura (Follow Capture). Perque si poso l'opció Follow Capture, el LED
se m'engega indicant que el capture està off, i crec que els trets van
per aquí. Com si tingués un volum o una opció del capture en off. 

Merci per llegir-me! 

Vinga, 

Salut i desobediència! 

 Enric. 

A 12-04-2020 22:09, Xavier De Yzaguirre i Maura escrigué:

> Diguem agosarat, però a "Mic Mute" hi posa "on".
> A mi els Conexant em feien força la punyeta amb els canvis de nucli.
> Salut i confinament.
> 
> On 12/4/20 21:33, Enric wrote: 
> 
> Disculpeu, adjunto la captura. 
> 
> A 12-04-2020 21:30, Enric escrigué: 
> Salut Ernest,
> 
> El 12/4/20 a les 18:40, Ernest Adrogué ha escrit: 
> 
> Però l'arecord amb l'opció -f dat enregistra alguna cosa o no?  Mira bé
> que no tinguis l'entrada silenciada amb l'alsamixer a la targeta
> corresponent.  (Per fer aquest tipus de comprovacions només hauries
> d'utilitzar arecord, aplay i alsamixer, que són els programes que
> interactuen directament amb ALSA.)
> 
> Merci per la resposta.
> No grava res, és un fitxer sense audio.
> He provat arecord, aplay i a alsamixer he pujat tots els volums. 
> Adjunto captura. No hi veig el Micro intern però en principi està tot el 
> volum aixecat i no hi ha cap mute.
> 
> Vinga,
> 
> Salut i desobediència!
> 
> Enric.
> 
> -- 
> DECLARACIÓ D'INDEPENDÈNCIA DEL CIBERESPAI [1]
> per John Perry Barlow
> 8 de Febrer del 1996

-- 
XAVIER DE YZAGUIRRE
xdeyzaguirre(at)gmail(dot)com 

 

Links:
--
[1] http://biblioweb.sindominio.net/telematica/manif_barlow.html

Re: Debian is testing Discourse

[Celejar]

On Sun, 12 Apr 2020 12:47:52 -0700
Ihor Antonov  wrote:

> On Sunday, April 12, 2020 12:39:43 PM PDT John Hasler wrote:
> > I note that Discourse is not in the Debian archive.
> > 
> > Not that it matters, but I certainly won't use Discourse and if most
> > debian-user traffic were to shift to Discourse I would simply stop
> > subscribing.
> > 
> > "Ease of moderation" is *not* a plus.
> 
> +1
> Observing how zealots have moderated Norbert Preining is a perfect example of 
> how 
> biased and closed-minded those moderators can be.

+1

Moderation seems eminently reasonable on paper, but in practice, my
experiences with it have been generally bad (stack exchange sites, some
other mailing lists).

Celejar

Re: Debian is testing Discourse

[Steve McIntyre]

Ihor Antonov wrote:
>
>Observing how zealots have moderated Norbert Preining is a perfect example of 
>how 
>biased and closed-minded those moderators can be.

As Russ has described to you on the debian-project list today, the
point of the Debian lists (and other communication forums) is to
assist in developing and supporting the Debian operating system.

As a project, we want a respectful, productive, and inclusive
atmosphere throughout the Debian community. We ask people to meet that
standard when collaborating in the Debian community. If some people
choose not to, then we can (and will) moderate or block those people
where necessary. We value free speech, but that does *not* extend to
giving contributors a free pass to harass or abuse others.

I hope you understand that.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
  Armed with "Valor": "Centurion" represents quality of Discipline,
  Honor, Integrity and Loyalty. Now you don't have to be a Caesar to
  concord the digital world while feeling safe and proud.

Re: Synaptic error

[David Wright]

On Sun 12 Apr 2020 at 15:46:45 (+0200), to...@tuxteam.de wrote:
> On Sun, Apr 12, 2020 at 08:43:12AM -0500, Richard Owlett wrote:
> > Using Synaptic I:
> > 1. searched package names for "info"
> > 2. selected it
> > 3. clicked Apply
> > 4. received error message saying
> > >E: Could not open lock file /var/cache/apt/archives/lock - open (2: No 
> > >such file or directory)
> > >E: Could not open file descriptor -1
> > >E: Unable to lock the download directory
> 
> Question: is there a /var/cache/apt/archives directory? There should
> be one.

The impression given by the FHS is that, upon deletion, the system
should be able to recreate anything in a cache directory. I suspect
that running something like apt-get update might do it. (It's not
always clear exactly whose responsibility such recreation is.)

5.5. /var/cache : Application cache data
5.5.1. Purpose
   /var/cache is intended for cached data from applications. Such
   data is locally generated as a result of time-consuming I/O or
   calculation. The application must be able to regenerate or
   restore the data. Unlike /var/spool, the cached files can be
   deleted without data loss. The data must remain valid between
   invocations of the application and rebooting the system.

   Files located under /var/cache may be expired in an application
   specific manner, by the system administrator, or both. The
   application must always be able to recover from manual deletion
   of these files (generally because of a disk space shortage). No
   other requirements are made on the data format of the cache
   directories.
[FHS 3.0]

Cheers,
David.

Re: DOH (was: geolocation services disabled and Gnome maps)

[Lee]

On 4/12/20, Reco  wrote:
> On Sun, Apr 12, 2020 at 12:35:44PM +0200, to...@tuxteam.de wrote:
>> On Sun, Apr 12, 2020 at 01:21:08PM +0300, Reco wrote:
>> > On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
>> > > That's why I cringe at the idea that browsers want to start doing
>> > > name resolution over HTTPS.
>> >
>> > This simple one line of dnsmasq configuration will disable this
>> > problematic feature for good for Firefox (basically it creates a bogus
>> > NXDOMAIN response for this particular site):
>> >
>> > local=/use-application-dns.net/
>>
>> I don't quite understand [1] how the dnsmasq config has a say on
>> whether the browser resolves things over HTTP (it won't ask the
>> resolver in the first place, would it?), but thanks for the pointer
>> anyway.
>>
>> Cheers
>> [1] That's not a rhethorical flourish, it's genuine. I know too
>>little about DNS-over-HTTP to be of any use at this point.
>
> The questionable idea behind DOH is that the browser makers do not trust
> your local resolver.

Mozilla claims it's a privacy issue:
https://support.mozilla.org/en-US/kb/firefox-dns-over-https
  Benefits
DoH improves privacy by hiding domain name lookups from someone
lurking on public WiFi, your ISP, or anyone else on your local
network. DoH, when enabled, ensures that your ISP cannot collect and
sell personal information related to your browsing behavior.

Altho I suspect "cannot" should be changed to "has a slightly harder time to"

> As usual, main arguments here are:
>
> 1) One can use a local resolver with the ability *not* to resolve
> certain DNS queries, which refer to the sites which just happen to
> contain advertisements, fingerprinting, tracking, cryptomining etc.
> Since all two major browser makers (Google and Mozilla) happen to rely
> on revenue generated by advertising *and* users' browsing habits this
> obviously can not be tolerated.

Wasn't there a fairly recent kerfluffle about an upcoming change to
chrome that would break things like the uMatrix addon? hrmm...  ok,
found it
https://bugs.chromium.org/p/chromium/issues/detail?id=896897=2#c23
  If this (quite limited) declarativeNetRequest API ends up being the
only way content blockers can accomplish their duty, this essentially
means that two content blockers I have maintained for years, uBlock
Origin ("uBO") and uMatrix, can no longer exist.

If firefox wasn't a viable alternative to chrome, what are the chances
that change would have been implemented?


> 2) ISPs can intercept DNS queries, and modify them at their leisure.
> Usually considered a first step to a censorship, implemented in this
> particular form at certain European countries.

along with ISPs can monitor DNS queries and sell the info.

https://www.vice.com/en_us/article/9kembz/comcast-lobbying-against-doh-dns-over-https-encryption-browsing-data
  Ellen Canale, director of corporate communications at Mozilla, wrote
in an email, "This is part of a pretty aggressive campaign we've seen
from the ISPs to protect their control over DNS traffic and the
tracking opportunities it provides them."

> 3) Bad guys and gals can hijack DNS too, to the usual hilarious results.

And the bad guys and gals can use DOH to "hide" their traffic and
circumvent things like pihole.  I just did a quick search and couldn't
find anything for smart TVs using DOH.  Probably because my search
skillz sux :(

> With the advent of HTTPS all this may be seen as moot points (if you're
> redirected elsewhere the certificate validation should fail), but
> nevertheless DOH is forced upon the collective throat of Firefox users
> as we speak (and Chrome users are likely to follow them Soon™).
> Currently a Firefox user is supposed to trust Cloudflare to do DNS
> queries for them, and HTTPS is used for this purpose because Security™.

For some values of "security", DOH _is_ more secure.  How many people
use a dnssec validating resolver?  At least Cloudflare resolvers have
dnssec enabled.

^shrug^ there's lots of trade-offs to be made in this area.  I'm
certainly not a fan of DOH and I do my best to block it on my
network..  I just think there are some privacy/security arguments for
DOH that you're minimizing.

Regards,
Lee

Re: X framebuffer problem on AMD Picasso [fixed]

[Paul Scott]

On 4/12/20 11:23 AM, Paul Scott wrote:

On 4/12/20 3:10 AM, Paul Scott wrote:

On 4/11/2020 5:47 PM, Paul Scott wrote:

Hi,

I haven't posted for a long time!

I just successfully did my first UEFI installation.

It's a new AMD machine with.  X is failing to start.  I have solved 
a number of related problems within online information including 
finding the firmware-amd-graphics package.  I can't easily post log 
contents from that machine since it doesn't have email installed yet.


I am now at:

open /dev/dri/card0: no such file...

What I find online refers to the firmware problems I think I have 
solved.



Upgrading the rest of the testing packages killed X again.

Upgrading to the sid kernel fixed it again

Paul




TIA for any ideas,

Paul



Upgrading to testing fixed X.

Paul



Answered from my new machine.

In case anyone refers to this "thread" I should add that I didn't do a 
full update to Bullseye yet.  I just updated a few packages 
*including* the kernel.  I'm guessing it was rhe kernel that solved 
the problem.


Paul

Re: Synaptic error

[songbird]

Richard Owlett wrote:
> Using Synaptic I:
> 1. searched package names for "info"
> 2. selected it
> 3. clicked Apply
> 4. received error message saying
>> E: Could not open lock file /var/cache/apt/archives/lock - open (2: No such 
>> file or directory)
>> E: Could not open file descriptor -1
>> E: Unable to lock the download directory
>> 
>
> I've had no previous problem with Synaptic.
> My Debian version is 9.8
> Help please.

  whatever else is going on i would wonder how such 
directories were removed?

  was this something you did?

  have you changed partitions or mount points or
something here or run some other command which had
unintended consequences?


  songbird

Re: Question Regarding sources.list

[Tobias Brink]

Hello Chris,

Chris Debian  writes:

> I recently installed Debian Bullseye with the unofficial iso that
> includes non-free firmware
> (debian-live-testing-amd64-xfce+nonfree.iso).
>
> However, my sources.list file does not contain "contrib" or "non-free"
> components. Should "contrib" and "non-free" components be added to all
> of the archives to ensure system and firmware are up-to-date with
> security updates, etc?

If you want you could first find out if you actually have any software
from those archives installed on your system. I use the package "vrms",
which can list these. If you do have contrib and/or non-free software
installed, I would recommend to add "contrib" and/or "non-free" to keep
them up-to-date.

You should check if there are any files in /etc/apt/sources.list.d/,
though, since those may also contain relevant configuration.

Tobias

Re: Problemes amb la captura d'àudio

[Xavier De Yzaguirre i Maura]

Diguem agosarat, però a "Mic Mute" hi posa "on".
A mi els Conexant em feien força la punyeta amb els canvis de nucli.
Salut i confinament.

On 12/4/20 21:33, Enric wrote:


Disculpeu, adjunto la captura.


A 12-04-2020 21:30, Enric escrigué:


Salut Ernest,

El 12/4/20 a les 18:40, Ernest Adrogué ha escrit:

Però l'arecord amb l'opció -f dat enregistra alguna cosa o no?  Mira bé
que no tinguis l'entrada silenciada amb l'alsamixer a la targeta
corresponent.  (Per fer aquest tipus de comprovacions només hauries
d'utilitzar arecord, aplay i alsamixer, que són els programes que
interactuen directament amb ALSA.)

Merci per la resposta.
No grava res, és un fitxer sense audio.
He provat arecord, aplay i a alsamixer he pujat tots els volums.
Adjunto captura. No hi veig el Micro intern però en principi està tot 
el volum aixecat i no hi ha cap mute.


Vinga,

Salut i desobediència!

  Enric.


--
*Declaració d'Independència del Ciberespai* 


per John Perry Barlow
8 de Febrer del 1996




--
*Xavier De Yzaguirre*
xdeyzaguirre(at)gmail(dot)com

Re: Question commande unzip

[hamster]

Le 12/04/2020 à 21:22, Simeone Dominique a écrit :
> Bonjour,
>
> j'ai téléchargé sur debian Buster des fichiers zip et tar.gz.
>
> J'ai voulu en ligne de commande les installer mais sans succès.
>
> unzip gnome-displays-master.zip -d/
> unzip:  cannot find or open gnome-displays-master.zip,
> gnome-displays-master.zip.zip or gnome-displays-master.zip.ZIP.
>
> Y-a-t-il un autre moyen pour instaler les dossiers compressés?

Clic drois sur le fichier .zip, puis "extraire ici".

Ca marcherait aussi en ligne de commande, le souci que tu a eu c'est que
tu lui a mal indiqué le chemin pour trouver le fichier. Par défaut quand
tu lance un terminal il s'ouvre dans le dossier personnel. Mais
visiblement le fichier que tu veux extraire n'est pas dans le dossier
personnel (peut-etre dans le dossier téléchargements ?).

Tu peux donc déplacer le fichier .zip dans ton dossier personnel et la
commande marchera. Ou alors modifier la commande, par exemple :
unzip Téléchargements/gnome-displays-master.zip -d/
Bien sur, il faut que tu adapte en fonction de l'endroit ou tu a mis ce
fichier.

J'ajoute que l'option -d/ a la fin va faire enregistrer le dossier
extrait a la racine du système de fichiers. Mais tu n'a pas le droit
d'écrire a cet endroit, alors ca va encore te sortir un message
d'erreur. Je te conseille donc de supprimer purement et simplement cette
option et d'aller récupérer le dossier extrait dans ton dossier personnel.
unzip Téléchargements/gnome-displays-master.zip

Re: Debian is testing Discourse

[Ihor Antonov]

On Sunday, April 12, 2020 12:39:43 PM PDT John Hasler wrote:
> I note that Discourse is not in the Debian archive.
> 
> Not that it matters, but I certainly won't use Discourse and if most
> debian-user traffic were to shift to Discourse I would simply stop
> subscribing.
> 
> "Ease of moderation" is *not* a plus.

+1
Observing how zealots have moderated Norbert Preining is a perfect example of 
how 
biased and closed-minded those moderators can be.


-- 
Ihor Antonov
https://useplaintext.email

Re: Debian is testing Discourse

[John Hasler]

I note that Discourse is not in the Debian archive.

Not that it matters, but I certainly won't use Discourse and if most
debian-user traffic were to shift to Discourse I would simply stop
subscribing.

"Ease of moderation" is *not* a plus.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Question Regarding sources.list

[Chris Debian]

Good Afternoon,

I recently installed Debian Bullseye with the unofficial iso that
includes non-free firmware
(debian-live-testing-amd64-xfce+nonfree.iso).

However, my sources.list file does not contain "contrib" or "non-free"
components. Should "contrib" and "non-free" components be added to all
of the archives to ensure system and firmware are up-to-date with
security updates, etc?

I am a complete beginner. My apologies if this question seems obvious.
My sources.list files is below:

# See https://wiki.debian.org/SourcesList for more information.
deb http://deb.debian.org/debian/ bullseye main
deb-src http://deb.debian.org/debian/ bullseye main

deb http://deb.debian.org/debian/ bullseye-updates main
deb-src http://deb.debian.org/debian/ bullseye-updates main

deb http://security.debian.org/debian-security/ bullseye-security main
deb-src http://security.debian.org/debian-security/ bullseye-security main

Thank you,
Chris

Re: Sound issues on ThinkPad X220T (Lenovo)

[deloptes]

riveravaldez wrote:

> On 4/12/20, riveravaldez  wrote:
>> On 4/12/20, Andrei POPESCU  wrote:
>>> On Sb, 11 apr 20, 21:02:39, riveravaldez wrote:

 Strangely, 'speaker-test -c2' doesn't produce a sound. But 'sudo
 speaker-test -c2' works flawlessly. (The idea to check that came from
 [1].)
>>>
>>> Some program might be blocking the sound card, check also the output of
>>> 'lsof | grep /dev/snd' (as root).
>>>
>>> Kind regards,
>>> Andrei
>>
>> Thanks a lot for your answer and help, Andrei.
>> I've got these:
>>
>> $ sudo lsof | grep /dev/snd/
>> timidity   644timidity  mem   CHR
>> 116,213463 /dev/snd/pcmC0D0p
>> timidity   644timidity3r  CHR
>>116,33   0t0  12547 /dev/snd/timer
>> timidity   644timidity4u  CHR
>> 116,2   0t0  13463 /dev/snd/pcmC0D0p
>> timidity   644timidity5u  CHR
>> 116,9   0t0  13479 /dev/snd/controlC0
>> timidity   644timidity6u  CHR
>> 116,1   0t0  12548 /dev/snd/seq
>> alsamixer 2150thinkpad3u  CHR
>> 116,9   0t0  13479 /dev/snd/controlC0
>>
>> Maybe a timidity configuration issue?
> 
> Oh, mother-bugger... Problem - practically - solved.
> 

IT is known issue with timidity. I did not know that sound can be played via
root account though. We learned a bit more.

Re: Problemes amb la captura d'àudio

[Enric]

Disculpeu, adjunto la captura. 

A 12-04-2020 21:30, Enric escrigué:

> Salut Ernest,
> 
> El 12/4/20 a les 18:40, Ernest Adrogué ha escrit: 
> 
>> Però l'arecord amb l'opció -f dat enregistra alguna cosa o no?  Mira bé
>> que no tinguis l'entrada silenciada amb l'alsamixer a la targeta
>> corresponent.  (Per fer aquest tipus de comprovacions només hauries
>> d'utilitzar arecord, aplay i alsamixer, que són els programes que
>> interactuen directament amb ALSA.)
> Merci per la resposta.
> No grava res, és un fitxer sense audio.
> He provat arecord, aplay i a alsamixer he pujat tots els volums. 
> Adjunto captura. No hi veig el Micro intern però en principi està tot el 
> volum aixecat i no hi ha cap mute.
> 
> Vinga,
> 
> Salut i desobediència!
> 
> Enric.
> 
> -- 
> DECLARACIÓ D'INDEPENDÈNCIA DEL CIBERESPAI [1]
> per John Perry Barlow
> 8 de Febrer del 1996

 

Links:
--
[1] http://biblioweb.sindominio.net/telematica/manif_barlow.html

Re: Problemes amb la captura d'àudio

[Enric]

Salut Ernest,

El 12/4/20 a les 18:40, Ernest Adrogué ha escrit:
> Però l'arecord amb l'opció -f dat enregistra alguna cosa o no?  Mira bé
> que no tinguis l'entrada silenciada amb l'alsamixer a la targeta
> corresponent.  (Per fer aquest tipus de comprovacions només hauries
> d'utilitzar arecord, aplay i alsamixer, que són els programes que
> interactuen directament amb ALSA.)
Merci per la resposta.
No grava res, és un fitxer sense audio.
He provat arecord, aplay i a alsamixer he pujat tots els volums.
Adjunto captura. No hi veig el Micro intern però en principi està tot el
volum aixecat i no hi ha cap mute.

Vinga,

Salut i desobediència!

  Enric.


-- 
*Declaració d'Independència del Ciberespai*

per John Perry Barlow
8 de Febrer del 1996

Question commande

[Simeone Dominique]

Bonjour,
j'ai téléchargé sur debian Buster des fichiers zip et tar.gz.
J'ai voulu en ligne de commande les installer mais sans succès.
unzip gnome-displays-master.zip -d/
unzip:  cannot find or open gnome-displays-master.zip, 
gnome-displays-master.zip.zip or gnome-displays-master.zip.ZIP.

Y-a-t-il un autre moyen pour instaler les dossiers compressés?
Bien cordialement.

Mr.Dominique Simeone

Re: Debian is testing Discourse

[john doe]

On 4/12/2020 10:45 AM, Reco wrote:
>   Dear list,
>
> [1] came to my attention today. To quote relevant parts:
>
> What about the mailing lists?
>   This may or may not be a replacement for any particular list. I
> suspect there are some thet would benefit greatly from having Discourse
> be the primary interaction, and other places where this would be less
> suitable.
>
> Be specific!
>   Ok... I think *debian-user*, debian-vote and possibly debian-project
> would be better off in Discourse. I think debian-devel-announce should
> stay as an email list (for now). However, I am not suddenly proposing
> that we shut those lists down. The aim of this exercise is to see if
> Discourse would work well for us.
>

Debian is very good at accessibility, moving to something other then the
mailing lists will make accessibility less functional.

> Email is still important to me!
>   Fine, you can interact with Discorse by email rather than the web

Here with Debian's mailing lists, I can interact without having to login
to a website to configure being able to use e-mails
If such a move is done, I'll have to find an other destro.

> interface. It should be noted however, that there is *not 1:1 feature
> partiy* with email and the web interface, as Discorse does things that
> can't easily be done with email. For the majority of users though, email
> interaction should be "good enough".

What does 'good enough' means?

>
> Why are you doing this?
>   I have two motivations. First, is *moderation*. Discourse has built in
> tools to allow community moderation on a much better scale than our
> email lists.  Secondly, I genuinely believe that ease of access to new
> contributors is of paramount importance to the project.
>

Ease of accessibility is something that you probably don't understand
from the perspective of a screenreader user.

>
> So, thoughts, options?
>

To summerise my thoughts, from an accessibility point of view using
e-mails to interact with a webinterface is ludicrous.

Note that I'm not answering to Reco but to the poster from (1).

--
John Doe

Re: Debian is testing Discourse

[Ihor Antonov]

On Sunday, April 12, 2020 8:55:48 AM PDT Nate Bargmann wrote:

> I've been hearing/reading this old saw about "less technical users" for
> well over two decades, and not just in Linux land but amateur radio as
> well, and it really touches a nerve of mine.  How are less technical
> users ever going to progress into more technical users unless they have
> the opportunity to break something and thus learn?  Striving to make
> *everything* at beginner level 0.1 just retards growth.  That said, I do
> use Gnome.  ;-)

This touches my nerve too and I can't agree more. Both justifications for 
Discourse are 
wrong at their core:

1. The "lets attract more users with this new convenient tool" premise thin is 
like this.

 Imagine you are the owner of the Healthy Food Restaurant. And for some reason 
people 
don't visit your place very often, instead they go to fast food chain where 
they get fast, 
unhealthy coated with sugar food. 

And you think "So average person is impatient, addicted to sugar and is 
overweight, I 
need to put more sugar into my food, compromise on quality to increase speed of 
delivery to attract more sugar-addicted visitors!"

It is only a good decision if you only care about making money. 


2. The "it is easier to moderate" premise is IMHO is an attack on computing 
freedom and 
freedom of speech.  

Email is decentralized and replacing it with a centralized communication tool 
puts to 
much trust into the person/group who moderates it. Moderation + centralization 
is a 
slippery slope to dictatorship. Too much power in one's hands. I wouldn't trust 
myself to 
make the right call every time I need to "moderate" someone. 

And the whole idea of "moderation" is evil in its core. People are different,
they have different thoughts, different opinions and often they are bad at 
communication.  And learning how to communicate properly together as a 
community is 
freaking hard. And all that scares the shit out of some folks so they decide to 
"moderate" 
and use "centralized platform" so  they can hide from real problems that we 
can't talk to 
each other.

Do you really want more users that bad that you are willing to compromise on 
your own 
principles of freedom and technical excellence?



> > As far as I can tell for Debian the main drivers are:
> > 
> > 1. The hope that software like Discourse can improve the quality of
> > discussion as well as signal-to-noise ration, e.g. by providing an
> > alternative to "+1" messages.
> 
> As the message archive is centrally managed, moderators can remove
> messages behind the scenes, for good or for ill.  On a mailing list we
> all get the good with the bad.  It's up to us which is which.  Yeah it's
> messy and doesn't provide much of a safe space.  Viva la liberty!
> 
> > 2. Providing communication options that are preferred by the younger
> > generation, and that's just the natural course of life.
> 
> More than likely this is driven by mobile device users where typing is a
> pain at best and typing long missives is better left for when one is at
> a real computer.
> 
> As I use neomutt as an MUA and make heavy use of procmail filtering,
> trying to access my mail via my phone simply isn't feasible.  Unlike
> most I do not have a Gmail account to access from my phone, etc.
> 
> - Nate


-- 
Ihor Antonov
https://useplaintext.email

Re: Anti-malware for my personal Debian workstation?

[John Hasler]

tomas writes:
> No, I think the only (small) edge free operating systems have over the
> rest of the pack is that, on average, their users tend to be more
> curious (and, as a result, educated).

I think that the (big) edge that free operating systems on the desktop
have is too few users to interest malware operators.  Their interest is
in getting their stuff onto as many machines as possible and the effort
it would take to port it to Linux is more profitably expended on
improving the Windows version.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Anti-malware for my personal Debian workstation?

[tomas]

On Sun, Apr 12, 2020 at 12:25:16PM -0400, Celejar wrote:

[...]

> Exactly. So if I trust the Sandstorm community (for example - I know
> nothing about them), then I'm not sure that there's any particularly
> great risk in installing their product via "curl | bash", and if I
> don't trust them, I shouldn't install their product via any other
> mechanism either.

That's it. OTOH, for me (YMMV), trust depends on how I perceive
their efforts to set up a (to me, again) meaningful security
infrastructure.

Cheers
-- t


signature.asc
Description: Digital signature

Re: Improving performance: RAM or CPU speed

[John Hasler]

Andrei writes:
> How do you upgrade / from where do you get the packages? (apt,
> manually installed deb, etc.)

Apt from Debian/Sid.  Just did it a couple of days ago.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: X framebuffer problem on AMD Picasso [fixed]

[Paul Scott]

On 4/12/20 3:10 AM, Paul Scott wrote:

On 4/11/2020 5:47 PM, Paul Scott wrote:

Hi,

I haven't posted for a long time!

I just successfully did my first UEFI installation.

It's a new AMD machine with.  X is failing to start.  I have solved a 
number of related problems within online information including 
finding the firmware-amd-graphics package.  I can't easily post log 
contents from that machine since it doesn't have email installed yet.


I am now at:

open /dev/dri/card0: no such file...

What I find online refers to the firmware problems I think I have 
solved.


TIA for any ideas,

Paul



Upgrading to testing fixed X.

Paul



Answered from my new machine.

In case anyone refers to this "thread" I should add that I didn't do a 
full update to Bullseye yet.  I just updated a few packages *including* 
the kernel.  I'm guessing it was rhe kernel that solved the problem.


Paul

Re: impresora epson

[Felix Perez]

El sáb., 11 de abr. de 2020 a la(s) 12:18, Galvatorix Torixgalva (
galvatorix2...@gmail.com) escribió:

> Hola,
>
> no se si sera exactamente este modelo, pero creo que he encontrado algo
>
> https://www.openprinting.org/printer/Epson/Epson-Stylus_C45
>
> un detallito: ahi hablan de paquetes rpm, para instalar eso en debian
> necesitas usar alien, creo que era algo como "alien -d archivo.rpm.
>
> No es necesario, hay paquetes debian:
https://www.openprinting.org/download/printdriver/debian/dists/lsb3.2/contrib/binary-amd64/openprinting-gutenprint_5.2.7-1lsb3.2_amd64.deb
y
https://www.openprinting.org/download/printdriver/debian/dists/lsb3.2/contrib/binary-i386/openprinting-gutenprint_5.2.7-1lsb3.2_i386.deb

Pero como el estimado, no ha dado noticias, supongo que ya solucionó el
percance.  ¿Troll eres tú?

Saludos.

> Podria ser que tengas que tocar algo en la configuracion de cups.
>
> No te puedo decir mucho mas al respecto porque no tengo impresora ;)
>
> Un saludo
>
>
> 
>  Libre
> de virus. www.avg.com
> 
> <#m_2822817483697551912_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> On Sat, Apr 11, 2020 at 1:05 AM luis godoy 
> wrote:
>
>> hay un grave problema con los driver para la impresora epson c45, los
>> programadores estan jugando con en tema de la impresion, primero no imprime
>> verde, despues no imprime negro pero si verde, algunos botones o funciones
>> no estan funcionando, hasta cuando juegan?
>>
>
>
> --
> Profesor de informática en Tutellus
>
> Tutellus https://www.tutellus.com/perfil/230494/rafael-navarro
>
>

-- 
usuario linux  #274354
normas de la lista:  http://wiki.debian.org/es/NormasLista
como hacer preguntas inteligentes:
http://www.sindominio.net/ayuda/preguntas-inteligentes.html

Re: geolocation services disabled and Gnome maps

[John Hasler]

Andrei writes:
> This very much ISP dependent. My current one will allocate new IPs (v4
> as well as v6) on every re-connection, so the only way to keep the
> same IPs is connection uptime.

> The only benefits I can think of from their side is less management
> overhead and charging for fixed IPs (if that is even an option for
> private users, didn't bother to check).

It may also be somewhat historical.  There was a time when most users
were not connected most of the time.  This meant that by allocating the
next free IP upon connecting they could "overbook" IPs.  Now I think
that they just use DHCP.  Simplifies provisioning.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Synaptic error

[Mark Allums]

On 4/12/2020 10:44 AM, Reco wrote:


Your local apt index file is out of sync with the mirror.
They should give a button in Synaptic that performs the equivalent of
"apt-get update".

Reload.

Re: Can't get my Debian laptop to use my Radeon 520 Mobile graphics card

[Martin]

Hi Jörg-Volker and Felix,
appreciate your help!
Here is the complete output for: sudo dpkg -i
amdgpu-core_19.30-934563_all.deb amdgpu-dkms_19.30-934563_all.deb
https://pastebin.com/kadr0nyH

My sources list is (apart from docker, and skype repos):
deb http://deb.debian.org/debian/ unstable main non-free contrib
deb-src http://deb.debian.org/debian/ unstable main non-free contrib

I did not install that kernel manually, just what I get by "apt dist-upgrade"
And I can confirm that the file exists on my system:

ls /usr/src/linux-headers-5.4.0-4-common/include/drm/drmP.h
/usr/src/linux-headers-5.4.0-4-common/include/drm/drmP.h

@Felix, yes, for firmware-amd-graphics  apt says it is the newest
version: 20190717-2

On Sun, 12 Apr 2020 at 17:23, Jörg-Volker Peetz  wrote:
>
> >From which repository did you get your kernel?
> In case of a missing file I consult https://packages.debian.org/ "Search the
> contents of packages". There is also the package apt-file.
> The package linux-headers-5.4.0-4-common from bullseye contains a file
> /usr/src/linux-headers-5.4.0-4-common/include/drm/drmP.h
>
> I don't have access to that GPU or experience with Radeon 520 Mobile.
> According to https://linux-hardware.org/index.php?id=pci%3A1002-6660-103c-8331
> it should be supported by Linux kernel 5.4.
>
> Regards,
> Jörg.
>

Re: Anti-malware for my personal Debian workstation?

[John Hasler]

 tomás writes:
> Trust is a complex beast. At its bottom it can't be completely
> rational, but usually you trust a community because you somehow think
> you understand how it works and you trust the information chain
> linking you to that community.

You can also trust a community because it's hard for one to keep a
secret (harder for some sorts of communities than others).
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Problemes amb la captura d'àudio

[Ernest Adrogué]

Enric  writes:
> Doncs torno al tema audio.
> Em vau proposar fer això 
> # arecord -D hw:0,0 -f cd -t wav fitxer.wav
> I em donava un error d'Entrada i Sortida.
> En canvi, si ho faig amb 
> # arecord -D hw:0,0 -f data -t wav fitxer.wav
>
> no em dóna error.

L'única diferència entre "-f cd" i "-f dat" (suposo que volies dir
"dat", i no "data") és que l'opció "cd" llegeix dades amb una freqüència
de 44100Hz i l'opció "dat" amb una freqüència de 48000Hz.  Per tant
podria ser que el teu xip d'audio només suporti lectura a 48000Hz.

> El més curiós és que si endollo un micro, de fet, haig d'endollar uns 
> auriculars amb micro que només tenen una
> entrada minijack, perquè el portàtil (Lenovo Tinkpad X220), només accepta una 
> entra d'audio. És a dir, si endollo un
> micro no funciona, el pavucontrol detecta que he endollat un micro i tampoc 
> grava.
> Per tant, entenc que si hi ha un problema de hardware és de la part de la 
> captura d'audio de la targeta de so, no pas
> del micro intern.

Però l'arecord amb l'opció -f dat enregistra alguna cosa o no?  Mira bé
que no tinguis l'entrada silenciada amb l'alsamixer a la targeta
corresponent.  (Per fer aquest tipus de comprovacions només hauries
d'utilitzar arecord, aplay i alsamixer, que són els programes que
interactuen directament amb ALSA.)

Re: Anti-malware for my personal Debian workstation?

[Celejar]

On Sun, 12 Apr 2020 17:41:54 +0200
 wrote:

> On Sun, Apr 12, 2020 at 10:41:12AM -0400, Celejar wrote:
> > On Sun, 12 Apr 2020 11:37:24 +0300
> > Andrei POPESCU  wrote:
> > 
> > > On Du, 12 apr 20, 09:17:18, to...@tuxteam.de wrote:
> > > > On Sun, Apr 12, 2020 at 09:52:50AM +0300, Andrei POPESCU wrote:
> 
> [...]
> 
> > Interesting discussion. I've looked quickly at the other side [1],
> > however, and there seem to be serious people and arguments in that
> > direction as well. Are they so obviously wrong? [The objection Andrei
> > notes here is specifically countered by the "curl | bash" defenders,
> > although even I can see that the counter is not as strong as the
> > objection.]
> > 
> > [1]
> > https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install
> > https://news.ycombinator.com/item?id=12766049
> 
> It boils down to whom you trust. Actually the sandstorm page is
> a bit too much marketing-ish for my taste:
> 
>   "Some of the objectors, though, go a bit further: They claim
>that curl|bash is more open to attack that other distribution
>mechanisms [...]
> 
>Of course, all content served by sandstorm.io – from software
>downloads to our blog – is served strictly over HTTPS [...]"
> 
> They are mixing up the chain of trust up to the distributor (package
> signing) with the transport secutity (HTTPS). Why?
> 
> Remember that nice npm event-stream messup [1]? That's the dark
> side of "iterate faster".
> 
> Trust is a complex beast. At its bottom it can't be completely
> rational, but usually you trust a community because you somehow
> think you understand how it works and you trust the information
> chain linking you to that community.

Exactly. So if I trust the Sandstorm community (for example - I know
nothing about them), then I'm not sure that there's any particularly
great risk in installing their product via "curl | bash", and if I
don't trust them, I shouldn't install their product via any other
mechanism either.

> Cheers
> [1] https://lwn.net/Articles/773121/
> -- tomás


Celejar

Re: DOH (was: geolocation services disabled and Gnome maps)

[Gene Heskett]

On Sunday 12 April 2020 09:39:09 to...@tuxteam.de wrote:

> On Sun, Apr 12, 2020 at 07:33:51AM -0400, Gene Heskett wrote:
>
> [...]
>
> > I don't either, but at some point in an https environment, it seems
> > to me that a dns lookup is going to have to be translated into a
> > plain dns lookup.
>
> No, that's not how it works. When the browser wants to resolve a
> name, it doesn't "do" DNS (when it's doing DOH, that is) but uses
> some "web-service-ish" protocol over https to some server out there
> (cloudflare, e.g.) which does the resolution and answers via https.
>
> Thus bypassing whatever scheme the sysadmin has set up for DNS.
>
> I don't have polite words for that.
>
Neither do I, and it WILL BE EXPLOITED. Linux has been such a breath of 
fresh air when I found it in late 1998, that I've forgotten a monologue, 
about 4 or 5 minutes long I used in my early dealings with Nt-3.51 and 
its random deletions of important dll's that M$ used to make you buy a 
new license.  Once, I might have been gullible enough to buy it, but at 
$600 for a new license twice in 2 years time on 2 different machines the 
same dll just vanished has to be malicious. But the crowning blow was 
when somebody in Redmond had the chutzpah to call me a pie-rat because I 
wanted a floppy fedexed to me with just that library on it. Screw em, 
and the camel that rode in on them...

> Cheers
> -- t


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Capturar i imprimir pantalla

[Ernest Adrogué]

Narcis Garcia  writes:
> El problema no és que sigui possible utilitzar una impressora per a
> imprimir, sinó que a partir de la captura ja s'enviï a impressora, sense
> obrir ni un terminal ni noves accions: Capturar && trobar-ho en paper.
>
> També ho podria resoldre si la drecera de teclat executés una comanda,
> amb la qual jo ja automatitzaria Captura+Impressió.

XFCE té un applet per executar programes amb un clic.  El programa pot
ser un fitxer executable o una ordre de l'intèrpret Unix.

També permet configurar tecles per executar programes.  Per exemple, la
tecla PrntScr per defecte executa el programa xfce4-screenshooter.  Es
pot canviar per tal que executi una altra cosa.

Si això ho pot fer XFCE, que és una versió minimalista de Gnome,
m'imagino que Gnome també ho ha de poder fer.

Re: Debian is testing Discourse

[Curt]

On 2020-04-12, Dan Purgert  wrote:
>
> On Apr 12, 2020, Eike Lantzsch wrote:
>> On Sunday, 12 April 2020 09:21:42 -04 Andrei POPESCU wrote:
>> > On Du, 12 apr 20, 11:10:22, to...@tuxteam.de wrote:
>> > > I know I will be out here.
>> >
>> > I seriously doubt this (or any) mailing list will be shut down as long
>> > as there is significant activity (spam and off-topic doesn't count).
>> >
>> > Kind regards,
>> > Andrei
>> debian-user is still available on usenet, although kiddies nowadays
>> seem to not know about it. So there might  be hope still.
>
> It is (was) hosted through a usenet / list portal (IIRC, gmane?).  I
> used it for years so I could get everything through slrn; but I started
> having problems, so went "back" to just email.

linux.debian.user is alive; to post you must use a gateway (like gmane). 

I briefly read and understood that a Discourse plugin (?) allowed for
mirroring to a usenet group but only (?) in read-only mode (which might
delight those members of the forum who'd love to see me shut my face).

:-)

Re: Best practice to allow a program to write its logs

[Reco]

Hi.

On Sun, Apr 12, 2020 at 05:00:09PM +0200, l0f...@tuta.io wrote:
> Hi,
> 
> Oops, I didn't answer to that, sorry...

No big deal. This is a maillist, we have nothing to hurry here :)


> > It all works - conventional POSIX permissions, ACLs, xattrs, SELinux
> > Labels, etc. Until you try to restore from a backup :)
> >
> What do you mean please? Why does the backup would pose a problem when 
> restored?

Both cpio and tar do not save xattrs and SELinux labels. The very
archive format does not allow it.
There were some experimental RedHat patches for that, but they never
made it to the upstream.
There are also similar deficiencies in rsync (although it is better in
this regard).

And these three (cpio, tar, rsync) are the cornerstones of just
about any backup tools that Debian main provides.

Of course, there's dump(8) which *does* account for all these filesystem
oddities, but it's ext4-specific by definition and is not that popular.

All this applies to the backups of / and /var, mainly. Your typical
$HOME is usually free from all these advanced attributes.


> >> You mean for this use case writing into /var/log/msmtp?
> >> Actually, I don't really know why but I've decided to write user
> >> specific configuration with appropriate logs.  So my conf is not in
> >> /etc/msmtprc but in ~/.msmtprc and logging is in the same vein inside
> >> ~/.msmtp.log.
> >
> > My advice to you then - don't do this.
> > Best are not the logs that are written often or are verbose, and even
> > not those are written in a convenient filesystem locations.
> > Best are the logs which contain the problem, but do not contain assorted
> > junk (implies logs filtering), 
> >
> How to you filter your logs? Directly by tweaking severities in 
> (r)syslog(-ng).conf?

Personally I prefer rsyslog configuration files for this.
If you prefer syslog-ng - it should have similar filtering capabilities.


> > are small (implies periodic rotation)
> >
> logrotate I presume?

Yep. There's no need to reinvent the wheel here.


> > and, the most importantly, are stored not only on your host, but
> > elsewhere, preferrably in a centralized and indexed way.
> >
> Via (r)syslog(-ng)?

Yup. A single setting like this (rsyslog style):

*.info  @rsyslog.home

Implies running syslog daemon that's listening udp:514 at rsyslog.home.


> > A false dichotomy. Why reinventing a wheel with custom logging if they
> > given you that "--syslog=on" option?
> >
> I didn't notice that, thanks! :)
> So you recommend not specifying any logfile in /etc/msmtprc but just use 
> switch "--syslog=on" everytime msmtp is used? Maybe this can be viewed as a 
> constraint as one should remember to use that option... (except by using some 
> trick as an alias)

Yes, I do.


> > Ah, that's not a real MTA. My mistake.
> > A quick look at postinst script gives me:
> >
> > chgrp msmtp /usr/bin/msmtp
> > chmod 2755 /usr/bin/msmtp
> >
> In a nutshell, an application triggers actions under the identity of who 
> launched it initially, except if the application makes use of a specific 
> technical account, right?
> If so what is the best way to know if an application operates under a 
> specific account?

Reading postinst (possibly preinst) from the package never failed me so
far.

Reco

Re: Debian is testing Discourse

[nito]

On Sun, Apr 12, 2020 at 18:16:44 +0300, Andrei POPESCU wrote:  
> What if someone else already wrote that, possibly in better words than I 
> could?
If you really feel like it's necessary, you can reply to the thread with:
 I like this proposal mainly because of A and B, but I am a bit concerned 
 about C. Person P. already gave an good argument as to why.

> The rules for submitting or sponsoring actual voting proposals /
> amendments etc. are clearly laid out, I don't see any danger here.
Well, I do, though none of us can see into the future.
But that makes me wonder: If you don't think likes/dislikes as present on 
discourse have an influence on this: Why bother using it at all ?

And even if I only mentioned it with one sentence in the debian-vote section as 
I wrote about it before: The accessibility, which would *decrease* with 
discourse, (and exclude mail-interface users from the like/disliking) should be 
a top priority for debian-vote.

If you want to give people more familiar with forums a familiar interface, I'd 
say the reverse approach is much more feasible and does not create problems 
with accessibility: Offer a forum-like front-end for the mailing list.
There are already 3rd parties offering something like that for debian 
mailing-lists. One that sometimes shows up in my search results, would be 
nabble 
(note that I'm not endorsing or recommending any such 3rd party provider)
  http://debian.2.n7.nabble.com/Debian-is-testing-Discourse-td4669989.html

If there is a need for that debian could offer something like that itself (if 
it 
does not yet exists, didn't check).
As the backend would still be purely text based, there is no issue with 
accessibility or feature exclusion.


This leaves us only with "moderation" as a _potential_ benefit of discourse as 
a 
primary interface.
Stronger moderation with retroactive editing and deleting however, while it 
night offer _some_ benefits, also creates a fair share of problems and 
potential 
for abuse in the future.
Given the disadvantages with a forum focused interface, I don't think a 
potential benefit in moderation is worth it.


-- Nito


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

[Nate Bargmann]

* On 2020 12 Apr 10:06 -0500, Andrei POPESCU wrote:
> On Du, 12 apr 20, 16:23:52, to...@tuxteam.de wrote:
> > On Sun, Apr 12, 2020 at 07:57:22AM -0600, Keith Christian wrote:

> > On the other hand there are the silos, which like to have more end
> > user control, which you can't have as much if everyone gets to
> > see their content the way they like.
> 
> I seriously doubt developers care about that. As far as I can tell most 
> of them are trying to provide just enough[2] customization options 
> without overwhelming less technical users.

I've been hearing/reading this old saw about "less technical users" for
well over two decades, and not just in Linux land but amateur radio as
well, and it really touches a nerve of mine.  How are less technical
users ever going to progress into more technical users unless they have
the opportunity to break something and thus learn?  Striving to make
*everything* at beginner level 0.1 just retards growth.  That said, I do
use Gnome.  ;-)

> As far as I can tell for Debian the main drivers are:
> 
> 1. The hope that software like Discourse can improve the quality of 
> discussion as well as signal-to-noise ration, e.g. by providing an 
> alternative to "+1" messages.

As the message archive is centrally managed, moderators can remove
messages behind the scenes, for good or for ill.  On a mailing list we
all get the good with the bad.  It's up to us which is which.  Yeah it's
messy and doesn't provide much of a safe space.  Viva la liberty!

> 2. Providing communication options that are preferred by the younger 
> generation, and that's just the natural course of life.

More than likely this is driven by mobile device users where typing is a
pain at best and typing long missives is better left for when one is at
a real computer.

As I use neomutt as an MUA and make heavy use of procmail filtering,
trying to access my mail via my phone simply isn't feasible.  Unlike
most I do not have a Gmail account to access from my phone, etc.

- Nate

-- 

"The optimist proclaims that we live in the best of all
possible worlds.  The pessimist fears this is true."

Web: https://www.n0nb.us
Projects: https://github.com/N0NB
GPG fingerprint: 82D6 4F6B 0E67 CD41 F689 BBA6 FB2C 5130 D55A 8819



signature.asc
Description: PGP signature

Re: Sound issues on ThinkPad X220T (Lenovo)

[riveravaldez]

On 4/12/20, riveravaldez  wrote:
> On 4/12/20, Andrei POPESCU  wrote:
>> On Sb, 11 apr 20, 21:02:39, riveravaldez wrote:
>>>
>>> Strangely, 'speaker-test -c2' doesn't produce a sound. But 'sudo
>>> speaker-test -c2' works flawlessly. (The idea to check that came from
>>> [1].)
>>
>> Some program might be blocking the sound card, check also the output of
>> 'lsof | grep /dev/snd' (as root).
>>
>> Kind regards,
>> Andrei
>
> Thanks a lot for your answer and help, Andrei.
> I've got these:
>
> $ sudo lsof | grep /dev/snd/
> timidity   644timidity  mem   CHR
> 116,213463 /dev/snd/pcmC0D0p
> timidity   644timidity3r  CHR
>116,33   0t0  12547 /dev/snd/timer
> timidity   644timidity4u  CHR
> 116,2   0t0  13463 /dev/snd/pcmC0D0p
> timidity   644timidity5u  CHR
> 116,9   0t0  13479 /dev/snd/controlC0
> timidity   644timidity6u  CHR
> 116,1   0t0  12548 /dev/snd/seq
> alsamixer 2150thinkpad3u  CHR
> 116,9   0t0  13479 /dev/snd/controlC0
>
> Maybe a timidity configuration issue?

Oh, mother-bugger... Problem - practically - solved.

I did:

$ sudo apt-get purge timidity
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
Los siguientes paquetes se ELIMINARÁN:
  timidity* timidity-daemon*
0 actualizados, 0 nuevos se instalarán, 2 para eliminar y 9 no actualizados.
Se liberarán 1.655 kB después de esta operación.
¿Desea continuar? [S/n]
(Leyendo la base de datos ... 123466 ficheros o directorios instalados
actualmente.)
Desinstalando timidity-daemon (2.14.0-8) ...
Desinstalando timidity (2.14.0-8) ...
Procesando disparadores para mime-support (3.64) ...
Procesando disparadores para man-db (2.9.1-1) ...
Procesando disparadores para desktop-file-utils (0.24-1) ...
(Leyendo la base de datos ... 123413 ficheros o directorios instalados
actualmente.)
Purgando ficheros de configuración de timidity-daemon (2.14.0-8) ...
Purgando ficheros de configuración de timidity (2.14.0-8) ...
Procesando disparadores para systemd (244.3-1) ...

And everything came to work. Pavucontrol shows the devices, streams
and configurations. All media-players (audacious, mplayer, firefox,
audacity, etc.) work with default audio configuration, and even JACK
is working flawlessly. In fact, tested JACK (qjackctl) with qsynt and
vmpk and everything worked fine (maybe I don't even need timidity at
all?).

And then - testing if could reinstall - found the cause of the problem:

$ sudo apt-get install timidity
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
Paquetes sugeridos:
  fluid-soundfont-gs pmidi timidity-daemon
Se instalarán los siguientes paquetes NUEVOS:
  timidity
0 actualizados, 1 nuevos se instalarán, 0 para eliminar y 9 no actualizados.
Se necesita descargar 0 B/627 kB de archivos.
Se utilizarán 1.582 kB de espacio de disco adicional después de esta operación.
Obteniendo informes de fallo... Finalizado
Analizando información Encontrada/Corregida... Finalizado
Fallos critical del paquete timidity (→ 2.14.0-8) 
 b1 - #901148 - timidity: upgrading to 2.14.0-2 broke sound via pulseaudio
   Fusionado con: 902330 904652 918522
Resumen:
 timidity(1 fallo)
¿Está seguro de que desea instalar/actualizar los paquetes mostrados
anteriormente? [Y/n/?/...] n
*
** Saliendo con error para detener la instalación. **
*
E: El subproceso /usr/bin/apt-listbugs apt devolvió un código de error (10)
E: Failure running script /usr/bin/apt-listbugs apt

Don't know how that passed without me noticing it...

Last messages from: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901148#147

> After many tests I have found the solution about the
> bugs around timidity-daemon and pulseaudio.
>
> timidity-daemon installs an system-wide daemon. But
> pulseaudio is a user-wide "daemon".

I guess that explains the 'sudo works, non-sudo non-works'?

> With my appended patch the system-wide daemon will be
> removed and a xdg/autostart script will be installed.
>
> After that timidity together with pulseaudio runs
> perfectly.

> Now I have made new Debian packages for buster and testing
> including my patch:

That last's from 20 Feb 2020, maybe still not uploaded?

Should I mark this as 'SOLVED' in some manner?

Thanks a lot for everything. Andrei, you saved me. ^_^ (!)

Re: Synaptic error

[Reco]

On Sun, Apr 12, 2020 at 10:39:34AM -0500, Richard Owlett wrote:
> On 04/12/2020 09:17 AM, Reco wrote:
> > Hi.
> > 
> > On Sun, Apr 12, 2020 at 09:07:07AM -0500, Richard Owlett wrote:
> > > As I said, there has been no previous problem with Synaptic.
> > > Where would I look for cause of missing archives sub-directory?
> > 
> > Unless you have an audit facility configured in your kernel - you have
> > to guess.
> 
> Unless an audit facility is installed by default, I don't have it.
> Sounds like something I should read up on.
> Suggested link(s) for someone coming at the subject cold?

apt install auditd

man auditctl

You'll need this:

auditctl -a always,exit -F dir=/var/cache/apt/archives -F perm=wa


> > > Is it safe to blindly create it?
> > 
> > Yep. 0:0 as group:owner, 0755 as permission.
> > 
> > $ ls -ald /var/cache/apt/archives/
> > drwxr-xr-x 3 root root 4096 Apr 11 12:00 /var/cache/apt/archives/
> 
> I created the sub-directory using Caja.
> # ls -ald /var/cache/apt/archives/
> drwxr-xr-x 2 root root 4096 Apr 12 09:41 /var/cache/apt/archives/
> 
> *NOTE* When I ran ls there were only 2 {NOT 3} hard links.
> I attempted to install via Synaptic again.
> The error message was:
> > W: Failed to fetch 
> > http://deb.debian.org/debian/pool/main/t/texinfo/install-info_6.3.0.dfsg.1-1+b2_i386.deb
> >   Could not open file 
> > /var/cache/apt/archives/partial/install-info_6.3.0.dfsg.1-1+b2_i386.deb - 
> > open (2: No such file or directory) [IP: 151.101.52.204 80]
> > 
> > W: Failed to fetch 
> > http://deb.debian.org/debian/pool/main/t/texinfo/info_6.3.0.dfsg.1-1+b2_i386.deb
> >   Could not open file 
> > /var/cache/apt/archives/partial/info_6.3.0.dfsg.1-1+b2_i386.deb - open (2: 
> > No such file or directory) [IP: 151.101.52.204 80]

Your local apt index file is out of sync with the mirror.
They should give a button in Synaptic that performs the equivalent of
"apt-get update".

Reco

Re: Anti-malware for my personal Debian workstation?

[Andrei POPESCU]

On Du, 12 apr 20, 15:45:10, to...@tuxteam.de wrote:
> > 
> > Microsoft has been moving to the cloud and buying Github seems to be 
> > part of the same direction. Github might not need to make a profit in 
> > order to benefit Microsoft's profits,
> 
> But that was my point: Github's value for them is mindshare, or
> cultural hegemony, call it what you like.

I meant as part of their offer of cloud services, by making the entire 
package more attractive. Oh well...

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Anti-malware for my personal Debian workstation?

[tomas]

On Sun, Apr 12, 2020 at 10:41:12AM -0400, Celejar wrote:
> On Sun, 12 Apr 2020 11:37:24 +0300
> Andrei POPESCU  wrote:
> 
> > On Du, 12 apr 20, 09:17:18, to...@tuxteam.de wrote:
> > > On Sun, Apr 12, 2020 at 09:52:50AM +0300, Andrei POPESCU wrote:

[...]

> Interesting discussion. I've looked quickly at the other side [1],
> however, and there seem to be serious people and arguments in that
> direction as well. Are they so obviously wrong? [The objection Andrei
> notes here is specifically countered by the "curl | bash" defenders,
> although even I can see that the counter is not as strong as the
> objection.]
> 
> [1]
> https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install
> https://news.ycombinator.com/item?id=12766049

It boils down to whom you trust. Actually the sandstorm page is
a bit too much marketing-ish for my taste:

  "Some of the objectors, though, go a bit further: They claim
   that curl|bash is more open to attack that other distribution
   mechanisms [...]

   Of course, all content served by sandstorm.io – from software
   downloads to our blog – is served strictly over HTTPS [...]"

They are mixing up the chain of trust up to the distributor (package
signing) with the transport secutity (HTTPS). Why?

Remember that nice npm event-stream messup [1]? That's the dark
side of "iterate faster".

Trust is a complex beast. At its bottom it can't be completely
rational, but usually you trust a community because you somehow
think you understand how it works and you trust the information
chain linking you to that community.

Cheers
[1] https://lwn.net/Articles/773121/
-- tomás


signature.asc
Description: Digital signature

Re: Synaptic error

[Richard Owlett]

On 04/12/2020 09:17 AM, Reco wrote:

Hi.

On Sun, Apr 12, 2020 at 09:07:07AM -0500, Richard Owlett wrote:

As I said, there has been no previous problem with Synaptic.
Where would I look for cause of missing archives sub-directory?


Unless you have an audit facility configured in your kernel - you have
to guess.


Unless an audit facility is installed by default, I don't have it.
Sounds like something I should read up on.
Suggested link(s) for someone coming at the subject cold?




Is it safe to blindly create it?


Yep. 0:0 as group:owner, 0755 as permission.

$ ls -ald /var/cache/apt/archives/
drwxr-xr-x 3 root root 4096 Apr 11 12:00 /var/cache/apt/archives/


I created the sub-directory using Caja.
# ls -ald /var/cache/apt/archives/
drwxr-xr-x 2 root root 4096 Apr 12 09:41 /var/cache/apt/archives/

*NOTE* When I ran ls there were only 2 {NOT 3} hard links.
I attempted to install via Synaptic again.
The error message was:

W: Failed to fetch 
http://deb.debian.org/debian/pool/main/t/texinfo/install-info_6.3.0.dfsg.1-1+b2_i386.deb
  Could not open file 
/var/cache/apt/archives/partial/install-info_6.3.0.dfsg.1-1+b2_i386.deb - open 
(2: No such file or directory) [IP: 151.101.52.204 80]

W: Failed to fetch 
http://deb.debian.org/debian/pool/main/t/texinfo/info_6.3.0.dfsg.1-1+b2_i386.deb
  Could not open file 
/var/cache/apt/archives/partial/info_6.3.0.dfsg.1-1+b2_i386.deb - open (2: No 
such file or directory) [IP: 151.101.52.204 80]


Suspecting Synaptic being the problem, I did "apt-get install info".
There was no problem.
There is now a /var/cache/apt/archives/partial directory.
This is in line with what Cindy says elsewhere in this thread.
Following her example, I've included all the details for future newbies.

Re: Anti-malware for my personal Debian workstation?

[Dan Purgert]

On Apr 12, 2020, to...@tuxteam.de wrote:
> [...]
> No, I think the only (small) edge free operating systems have over
> the rest of the pack is that, on average, their users tend to be
> more curious (and, as a result, educated).

Don't forget "distrustful of the 'this is way better for you than
$unmodern way!!!" shtick that many (all) of those web-based tools try
using to get users locked in.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Anti-malware for my personal Debian workstation?

[Andrei POPESCU]

On Du, 12 apr 20, 11:26:18, Gene Heskett wrote:
> 
> This might also be true. But at the risk of stating the obvious, if 
> github gets forked by an open source advocate, I'd sure investigate 
> moving our open source efforts away from the M$ tentacles.

As far as I know the software behind the Github platform is and always 
was proprietary (except for git, of course), so there is nothing to 
fork.

If you need alternatives to Github have a look at Gitlab, which is 
available both as a service and a software to host yourself.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

[Nate Bargmann]

* On 2020 12 Apr 03:46 -0500, Reco wrote:
>   Dear list,
> So, thoughts, options?

About a year ago the Gnome project moved to Discourse and shut down all
of their mailing lists.  I check in there from time to time as interest
in GTK development strikes and I must say that I think it is a very poor
imitation of a Web forum and I've not tried their email interface but I
cannot imagine that it would be as useful as a real mailing list.

Gnome has their Discourse set so that 14 days after the last reply a
topic is locked so no more replies may be added.  I find this myopic, to
be honest, as there are many times when an answer relevant to a thread
may come months later and can be added to "close the loop" of that
particular thread.  I suppose one would have to start a new thread with
a link to the old one in their case which to me just leads to
thread/forum pollution.

Put me down as not interested in seeing this list replaced in a similar
manner.

- Nate

-- 

"The optimist proclaims that we live in the best of all
possible worlds.  The pessimist fears this is true."

Web: https://www.n0nb.us
Projects: https://github.com/N0NB
GPG fingerprint: 82D6 4F6B 0E67 CD41 F689 BBA6 FB2C 5130 D55A 8819



signature.asc
Description: PGP signature

Re: Debian is testing Discourse

[Dan Purgert]

On Apr 12, 2020, Eike Lantzsch wrote:
> On Sunday, 12 April 2020 09:21:42 -04 Andrei POPESCU wrote:
> > On Du, 12 apr 20, 11:10:22, to...@tuxteam.de wrote:
> > > I know I will be out here.
> >
> > I seriously doubt this (or any) mailing list will be shut down as long
> > as there is significant activity (spam and off-topic doesn't count).
> >
> > Kind regards,
> > Andrei
> debian-user is still available on usenet, although kiddies nowadays
> seem to not know about it. So there might  be hope still.

It is (was) hosted through a usenet / list portal (IIRC, gmane?).  I
used it for years so I could get everything through slrn; but I started
having problems, so went "back" to just email.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Sound issues on ThinkPad X220T (Lenovo)

[Andrei POPESCU]

On Du, 12 apr 20, 11:39:52, riveravaldez wrote:
> 
> $ groups
> thinkpad cdrom floppy sudo audio dip video plugdev netdev

Ok.
 
> $ speaker-test -c2 [Still not sound.]

And no error...
 
> $ sudo speaker-test -c2 [Sounds OK.]

That would indicate that sound is handled differently for the regular 
user (e.g. via pulseaudio) vs. the root user.

This could be either pulseaudio or an .asoundrc (do you have one in your 
home directory?).

Try this as user:

pasuspender -- speaker-test -c2

> $ sudo lsof | grep /dev/snd/
> timidity   644timidity  mem   CHR
> 116,213463 /dev/snd/pcmC0D0p
> timidity   644timidity3r  CHR
>116,33   0t0  12547 /dev/snd/timer
> timidity   644timidity4u  CHR
> 116,2   0t0  13463 /dev/snd/pcmC0D0p
> timidity   644timidity5u  CHR
> 116,9   0t0  13479 /dev/snd/controlC0
> timidity   644timidity6u  CHR
> 116,1   0t0  12548 /dev/snd/seq
> alsamixer 2150thinkpad3u  CHR
> 116,9   0t0  13479 /dev/snd/controlC0
> 
> Maybe a timidity configuration issue?

Try stopping / disabling it and see if that helps.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Anti-malware for my personal Debian workstation?

[Gene Heskett]

On Sunday 12 April 2020 09:04:23 Andrei POPESCU wrote:

> On Du, 12 apr 20, 12:05:28, to...@tuxteam.de wrote:
> > On Sun, Apr 12, 2020 at 12:40:06PM +0300, Andrei POPESCU wrote:
> > > So far it seems Microsoft's intention is to use Github to host its
> > > own Open Source software while also making a profit from it.
> > > Nothing wrong with any of that.
> >
> > Yah, but $7B is a hell of a lot of money. Do we know how much
> > Github makes a year?
>
> Microsoft has been moving to the cloud and buying Github seems to be
> part of the same direction. Github might not need to make a profit in
> order to benefit Microsoft's profits,
>
> Kind regards,
> Andrei

This might also be true. But at the risk of stating the obvious, if 
github gets forked by an open source advocate, I'd sure investigate 
moving our open source efforts away from the M$ tentacles.  This war is 
not done as it has the odor of embrace tightly enough to suffocate and 
extinguish which has been the M$ goal all along.

Some how, the tigers inability to change its strips will be displayed.

In the meantime, stay well everybody.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: Can't get my Debian laptop to use my Radeon 520 Mobile graphics card

[Jörg-Volker Peetz]

>From which repository did you get your kernel?
In case of a missing file I consult https://packages.debian.org/ "Search the
contents of packages". There is also the package apt-file.
The package linux-headers-5.4.0-4-common from bullseye contains a file
/usr/src/linux-headers-5.4.0-4-common/include/drm/drmP.h

I don't have access to that GPU or experience with Radeon 520 Mobile.
According to https://linux-hardware.org/index.php?id=pci%3A1002-6660-103c-8331
it should be supported by Linux kernel 5.4.

Regards,
Jörg.

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 15:48:08, n...@dismail.de wrote:
> 
> > Be specific!
> >   Ok... I think *debian-user*, debian-vote and possibly debian-project
> > would be better off in Discourse. […]
> While I'm not eligible to vote in debian matters, I'd say that *especially* 
> debian-vote should *not* be in discourse.
> One reason is the accessibility mentioned above, another reason is that I 
> believe the absence of likes etc on debian-votes to be a *good* thing. This 
> helps to avoid influencing the readers and gives all proposals a fairer 
> chance. 

It also makes it too easy to influence and/or derail the discussion, 
e.g. by attrition, trolling, etc.

> Let's say supporters of one proposal are primarily using discourse and all 
> like 
> the proposal, while another proposal has roughly the same amount of 
> supporters, 
> but the supporters are using the mail interface and can't like/don't see a 
> point 
> in liking.
> This will distort perceived support for the proposals.

The rules for submitting or sponsoring actual voting proposals / 
amendments etc. are clearly laid out, I don't see any danger here.

The discussion of the proposals and/or amendments however tends to 
become very chaotic on controversial issues.

> Also I think that taking the time to write down what you believe to be 
> good/bad about a proposal instead of +1/-1 helps everyone to get a better 
> picture on the situation.

What if someone else already wrote that, possibly in better words than I 
could?

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Synaptic error

[Cindy Sue Causey]

On 4/12/20, to...@tuxteam.de  wrote:
> On Sun, Apr 12, 2020 at 08:43:12AM -0500, Richard Owlett wrote:
>> Using Synaptic I:
>> 1. searched package names for "info"
>> 2. selected it
>> 3. clicked Apply
>> 4. received error message saying
>> >E: Could not open lock file /var/cache/apt/archives/lock - open (2: No
>> > such file or directory)
>> >E: Could not open file descriptor -1
>> >E: Unable to lock the download directory
>
> Question: is there a /var/cache/apt/archives directory? There should
> be one.


DISCLAIMER: I see Reco's very succinct answer. Kudos! I decided to
still send mine out. Maybe it will help a newbie somewhere get to know
their own system better somehow. I can still remember the first time
of TRUSTING command line package management. Major YEEHAW! moment in
my Linux usage overall. I've never looked back. :)

So my observation to this thread is

Maybe this is a Synaptic thing that it doesn't work when that lock's
missing AND that it doesn't recreate that lock file on the fly?

As tomas asked, what about... looking first to see if there actually
is that file in place to see if it's falsely being reported as
missing? (Sounds like that's a done deal.)

Then, if it really *is* missing: What *I* would try since I've been in
this spot in various similarly different scenarios is run something
like "apt(-get) upgrade".

That command might easily put that file back in place. It did for me
just now. That command then stops and waits for user interaction. The
action can be cancel(l)ed without any further system changes
occurring.

The reason I know to try that is because that lock file and the ones
at "/var/lib/dpkg/lock" and "/var/lib/dpkg/lock-frontend" will, on
rare occasion, get locked up for whatever reasons. If I "delete" those
by renaming so they're still available as backup then rerun an
affected apt(-get) command, things go back to normal when dpkg and/or
apt(-get) recreate those lock files on the fly.

It's odd to me that Synaptic's not replacing a missing lock file, but
it may be on purpose by Developer design. Or maybe Synaptic doesn't
"know how" to do that... or doesn't have the right permissions reach
deeper into the system or something... ?

It occurred to me to check the dotDEB archive files for both dpkg and
apt since I experience this with both of them. Nope, neither package
contains those files as part of their base installation. Rightly or
wrongly, that causes me to a-sume those lock files are generated on
the fly, at least on the first run of a program after installation..

OR in instances such as my experiences where I have to force the
situation via lock file deletion WHEN my setup... locks up for
whatever reason.

To test that theory, I just ran "apt-get update", and those three
files maintained their previous creation time stamps that are at least
an hour old... or two days old because I JUST encountered this with
dpkg a couple days ago (TWICE). That implies to me that they're
initially generated then stand their ground in that creation state
until borked again at some future point in time.

Cindy :)
-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* hops with birdseed *

Re: Debian is testing Discourse

[Steve McIntyre]

Reco wrote:
>
>While I admire your optimistic view on things, there's a thing to
>consider:
>
>1) The proposition was made by Neil McGovern, who's currently listed as
>an Executive Director at [1].
>
>[1] https://www.gnome.org/foundation/staff/

Neil has also been a Debian developer for over a decade, and was DPL
for a year. He understands the project, and is suggesting ways to help
engage with more people too. *I'm* not such a fan of discourse myself,
but equally mailing lists are also not popular with a lot of people.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
  Armed with "Valor": "Centurion" represents quality of Discipline,
  Honor, Integrity and Loyalty. Now you don't have to be a Caesar to
  concord the digital world while feeling safe and proud.

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 16:23:52, to...@tuxteam.de wrote:
> On Sun, Apr 12, 2020 at 07:57:22AM -0600, Keith Christian wrote:
> > Is there a general "war on mailing lists" going on?
> 
> I'd say there always has been a "war on mail". Starting with Outlook
> which brought upon us the plague of top-quoting (hey, you top-quoted,
> too :-)
> 
> On a more serious note: I'd not call it a war. It's a mix. On the one
> hand there is a more browser-centric culture, which doesn't understand
> what an asset it is to have diverse end-user agents -- and would like
> to get rid of the friction that (naturally!) entails.

I don't believe the browser-centric culture cares about that at all[1], 
they are just much more familiar with other interfaces (point-and-click, 
tap/swipe).

> On the other hand there are the silos, which like to have more end
> user control, which you can't have as much if everyone gets to
> see their content the way they like.

I seriously doubt developers care about that. As far as I can tell most 
of them are trying to provide just enough[2] customization options 
without overwhelming less technical users.

As far as I can tell for Debian the main drivers are:

1. The hope that software like Discourse can improve the quality of 
discussion as well as signal-to-noise ration, e.g. by providing an 
alternative to "+1" messages.

2. Providing communication options that are preferred by the younger 
generation, and that's just the natural course of life.

[1] except maybe developers who get to fight with different 
implementations of standards
[2] what "just enough" means depends, of course, on the user community.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: geolocation services disabled and Gnome maps

[Curt]

On 2020-04-12, Andrei POPESCU  wrote:
>
> I was only trying to point out that just querying an external geoip
> database has similar privacy implications as any regular internet access
> (the server will learn your IP and can, at will, get your aproximate
> location from a geoip database).
>
> The above point is unrelated to whether the software in question does
> more than that (I don't know) or if the OP should care about it (his
> choice).

It's a bug and geoclue queries location.services.mozilla.com regardless
of user settings to the contrary. "Upstream said it was intentional to
not be able to disable location sharing." And the user is hoodwinked
into believing he can indeed disable it. Hard to believe, but
true. I think Bigonville's use of the term "misleading" is a euphemism.

But maybe I'm wrong again somehow.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924516
https://gitlab.gnome.org/GNOME/gnome-control-center/issues/885

> Kind regards,
> Andrei(that doesn't look like it's going to be fixed anytime

Re: Best practice to allow a program to write its logs

[l0f4r0]

Hi,

Oops, I didn't answer to that, sorry...

23 févr. 2020 à 21:08 de recovery...@enotuniq.net:

> On Sun, Feb 23, 2020 at 08:31:59PM +0100, l0f...@tuta.io wrote:
>
>> 23 févr. 2020 à 18:02 de recovery...@enotuniq.net:
>>
>> > Clever, but not any filesystem supports ACL.
>> > And you would have created a problem by your own hands if you're doing
>> > backups (depends on a type of a backup, of course).
>> >
>> Interesting... but I'm using ext4 everywhere so it's OK ^^
>>
> It all works - conventional POSIX permissions, ACLs, xattrs, SELinux
> Labels, etc. Until you try to restore from a backup :)
>
What do you mean please? Why does the backup would pose a problem when restored?

>> > A conventional way is simple - do not deviate from distribution
>> > defaults (in this case - logging to a package-assigned file).
>> > In this case such approach solves numerous issues with log rotating, log
>> > gathering, log analyzing etc.
>> >
>> > Of course, there are cases of legitimate needs to deviate from
>> > distribution defaults. I'd like to hear yours.
>> >
>> You mean for this use case writing into /var/log/msmtp?
>> Actually, I don't really know why but I've decided to write user
>> specific configuration with appropriate logs.  So my conf is not in
>> /etc/msmtprc but in ~/.msmtprc and logging is in the same vein inside
>> ~/.msmtp.log.
>>
>
> My advice to you then - don't do this.
> Best are not the logs that are written often or are verbose, and even
> not those are written in a convenient filesystem locations.
> Best are the logs which contain the problem, but do not contain assorted
> junk (implies logs filtering), 
>
How to you filter your logs? Directly by tweaking severities in 
(r)syslog(-ng).conf?

> are small (implies periodic rotation)
>
logrotate I presume?
> and, the most importantly, are stored not only on your host, but
> elsewhere, preferrably in a centralized and indexed way.
>
Via (r)syslog(-ng)?

>> Anyway, even if I choose /var/log/msmtp, this directory/file needs to
>> be created so I have the same problematic (except l0f4r0 is not the
>> owner/group of /var/log, but root is), right?
>>
>
> A false dichotomy. Why reinventing a wheel with custom logging if they
> given you that "--syslog=on" option?
>
I didn't notice that, thanks! :)
So you recommend not specifying any logfile in /etc/msmtprc but just use switch 
"--syslog=on" everytime msmtp is used? Maybe this can be viewed as a constraint 
as one should remember to use that option... (except by using some trick as an 
alias)

>> >> how can I know for sure which service/technical account is used for
>> >> writing msmtp logs?
>> >>
>> >
>> > Try executing "ps -ef | grep msmtp".
>> >
>> Nothing. This would work for commands taking long time to be processed I 
>> think, not quick/almost instantaneous ones...
>>
>
> Ah, that's not a real MTA. My mistake.
> A quick look at postinst script gives me:
>
> chgrp msmtp /usr/bin/msmtp
> chmod 2755 /usr/bin/msmtp
>
In a nutshell, an application triggers actions under the identity of who 
launched it initially, except if the application makes use of a specific 
technical account, right?
If so what is the best way to know if an application operates under a specific 
account?
I had the instinct to verify /etc/passwd while, if I'm correct, you suggested 
"ps -ef" and checked msmtp.postinst inside msmtp source deb file... Do you see 
another way?

> Assuming a typical permissions for the Debian-packaged binary (which are
> 755, uid:gid = 0:0), it gives us:
>
> The resulting permissions of 2755, owner root, group msmtp.
>
> So, every time a user invokes msmtp, the resulting process owner does
> not change (same as user's), primary group changes to msmtp even if a
> user does not has it.
>
Yes, setgid here...

Thank you! :)
Best regards,
l0f4r0

Re: dhclient deixa de funcionar

[Narcis Garcia]

Que jo recordi, la nomenclatura de Systemd/udev per a les targetes de
xarxa va canviar abans de Debian 9.
I igualment no, en cap dels casos no havien canviat aquests noms (ja
eren del «nou estil»).


Narcis Garcia

__
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.
El 12/4/20 a les 16:29, Josep Lladonosa ha escrit:
> Hola, Narcís,
> 
> Algun cop m'havia passat alguna cosa semblant. Potser et passa pel canvi
> de nomenclatura de les targetes de xarxa? Encara tens eth0?
> 
> 
> 
> 
> On Sun, 12 Apr 2020 at 12:49, Narcis Garcia  > wrote:
> 
> Ja m'he trobat en més d'un ordinador (sense NetworkManager):
> Sembla que dhclient funciona com a servei, i suposo que, quan caduca la
> concessió DHCP per a la configuració de la targeta de xarxa, deu ser
> l'encarregat de fer una nova petició i renovar les dades.
> 
> La cosa és que en 2 o 3 ordinadors sempre engegats he vist com aquest
> programa o servei finalitza (deixa d'executar-se) i després d'uns dies
> la targeta de xarxa deixa d'estar configurada.
> Aleshores, és clar, no hi ha accés de/a Internet ni altres ordinadors.
> 
> Coincideix que els ordinadors amb aquest problema foren instal·lats de
> zero amb Debian 9, i després actualitzats a Debian 10.
> 
> Algú sap de què va això, i com corregir-ho?
> 
> Gràcies.
> 
> -- 
> Salut i ara desobediència;
> Narcis Garcia
> 
> __
> I'm using this dedicated address because personal addresses aren't
> masked enough at this mail public archive. Public archive administrator
> should fix this against automated addresses collectors.
> 
> 
> 
> -- 
> --
> Salutacions...Josep
> --

Re: Sound issues on ThinkPad X220T (Lenovo)

[riveravaldez]

On 4/12/20, deloptes  wrote:
> riveravaldez wrote:
>
>> But this not, even as sudo (and the error is similar to JACK one):
>> $ aplay -vv -D front:CARD=PCH,DEV=0 /usr/share/sounds/alsa/Noise.wav
>> aplay: main:830: audio open error: Device or resource bussy
>
> aplay -vv -D plughw:CARD=PCH,DEV=0 /usr/share/sounds/alsa/Noise.wav

Problem persists, no sound:

$ aplay -vv -D plughw:CARD=PCH,DEV=0 /usr/share/sounds/alsa/Noise.wav
aplay: main:830: audio open error: Device or resource busy

> read this
> https://wiki.archlinux.org/index.php/Advanced_Linux_Sound_Architecture

I'll check it again.

>
> you should know what you are doing

Yes, that's the idea.
Any help?

Thanks!

Re: Anti-malware for my personal Debian workstation?

[Celejar]

On Sun, 12 Apr 2020 11:37:24 +0300
Andrei POPESCU  wrote:

> On Du, 12 apr 20, 09:17:18, to...@tuxteam.de wrote:
> > On Sun, Apr 12, 2020 at 09:52:50AM +0300, Andrei POPESCU wrote:
> > 
> > [...]
> > 
> > > There are sufficient tutorials advising to download random scripts and 
> > > run with root privileges.
> > 
> > My fave still is
> > 
> >   curl https://random.site.net/script | sudo bash
> > 
> > And there are still people out there who even advocate it [1].
> > 
> > I think I was three when my mom taught me not to stuff random scripts
> > ...uh stuff I found on the street into my mouth.
> 
> Excelent analogy :)
>  
> > Cheers
> > [1] https://gist.github.com/btm/6700524
> 
> Thanks for that, I haven't thought of the potential for unintended 
> damage mentioned in the comments (e.g. due to incomplete download, 
> overriding already installed software, etc.).

Interesting discussion. I've looked quickly at the other side [1],
however, and there seem to be serious people and arguments in that
direction as well. Are they so obviously wrong? [The objection Andrei
notes here is specifically countered by the "curl | bash" defenders,
although even I can see that the counter is not as strong as the
objection.]

[1]
https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install
https://news.ycombinator.com/item?id=12766049

Celejar

Re: Sound issues on ThinkPad X220T (Lenovo)

[riveravaldez]

On 4/12/20, Andrei POPESCU  wrote:
> On Sb, 11 apr 20, 21:02:39, riveravaldez wrote:
>>
>> Strangely, 'speaker-test -c2' doesn't produce a sound. But 'sudo
>> speaker-test -c2' works flawlessly. (The idea to check that came from
>> [1].)
>
> Any error message? Is your user a member of group 'audio'?
>
> Some program might be blocking the sound card, check also the output of
> 'lsof | grep /dev/snd' (as root).
>
> Kind regards,
> Andrei

Thanks a lot for your answer and help, Andrei.
I've got these:

$ groups
thinkpad cdrom floppy sudo audio dip video plugdev netdev

$ speaker-test -c2 [Still not sound.]

speaker-test 1.2.2

Playback device is default
Stream parameters are 48000Hz, S16_LE, 2 channels
Using 16 octaves of pink noise
Rate set to 48000Hz (requested 48000Hz)
Buffer size range from 96 to 1048576
Period size range from 32 to 349526
Using max buffer size 1048576
Periods = 4
was set period_size = 262144
was set buffer_size = 1048576
 0 - Front Left
 1 - Front Right
Time per period = 12,314270
 0 - Front Left
 1 - Front Right
^CTime per period = 12,317682

$ sudo speaker-test -c2 [Sounds OK.]

speaker-test 1.2.2

Playback device is default
Stream parameters are 48000Hz, S16_LE, 2 channels
Using 16 octaves of pink noise
Rate set to 48000Hz (requested 48000Hz)
Buffer size range from 2048 to 16384
Period size range from 1024 to 1024
Using max buffer size 16384
Periods = 4
was set period_size = 1024
was set buffer_size = 16384
 0 - Front Left
 1 - Front Right
Time per period = 5,644667
 0 - Front Left
^CWrite error: -4,Llamada al sistema interrumpida
xrun_recovery failed: -4,Llamada al sistema interrumpida
Transfer failed: Llamada al sistema interrumpida
[System is in Spanish, last lines mean, 'Interrupted system-call'.]

$ sudo lsof | grep /dev/snd/
timidity   644timidity  mem   CHR
116,213463 /dev/snd/pcmC0D0p
timidity   644timidity3r  CHR
   116,33   0t0  12547 /dev/snd/timer
timidity   644timidity4u  CHR
116,2   0t0  13463 /dev/snd/pcmC0D0p
timidity   644timidity5u  CHR
116,9   0t0  13479 /dev/snd/controlC0
timidity   644timidity6u  CHR
116,1   0t0  12548 /dev/snd/seq
alsamixer 2150thinkpad3u  CHR
116,9   0t0  13479 /dev/snd/controlC0

Maybe a timidity configuration issue?

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 16:43:12, Reco wrote:
> On Sun, Apr 12, 2020 at 04:30:05PM +0300, Andrei POPESCU wrote:
> > 
> > Having a highly e-mail centric community like Debian using it is likely 
> > to have a significant impact on its development.
> 
> While I admire your optimistic view on things, there's a thing to
> consider:
> 
> 1) The proposition was made by Neil McGovern, who's currently listed as
> an Executive Director at [1].
> 
> 2) GNOME, for the last ten years or so is known for their own, unique
> approach to the usability and the pursuit of the Modern Desktop™. The end
> result of this, let's put it lightly, is not to everyone's liking.
 
I'm quite sure the affiliation of *one* Debian Member with a completely 
different project has very little (if any) relevance for how Discourse 
will develop in the future.

> 3) Summing these two, there's distinct possibility that "e-mail
> interaciton with Discourse" will be considered UnModern in the
> not-so-distant future, and we all known how they deal with UnModern in
> GNOME.

Discourse developers may as well decide that on their own, without any 
kind of relation to GNOME design decisions.

In my opinion it's more likely to be a decision based on (perceived) 
benefits vs. costs (complexity, security, etc.).

As this is FLOSS one can always chose to contribute, fork or 
re-implement.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: systemd-networkd: IPv6 prefix delegation lost when changing prefixes

[Andrei POPESCU]

On Du, 12 apr 20, 15:32:29, Tobias Brink wrote:
> 
> Thanks for the info, but I will rather contact systemd upstream about
> this, so that this software can be fixed. 

Great attitude and thanks for your contribution :)

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: dhclient deixa de funcionar

[Josep Lladonosa]

Hola, Narcís,

Algun cop m'havia passat alguna cosa semblant. Potser et passa pel canvi de
nomenclatura de les targetes de xarxa? Encara tens eth0?




On Sun, 12 Apr 2020 at 12:49, Narcis Garcia  wrote:

> Ja m'he trobat en més d'un ordinador (sense NetworkManager):
> Sembla que dhclient funciona com a servei, i suposo que, quan caduca la
> concessió DHCP per a la configuració de la targeta de xarxa, deu ser
> l'encarregat de fer una nova petició i renovar les dades.
>
> La cosa és que en 2 o 3 ordinadors sempre engegats he vist com aquest
> programa o servei finalitza (deixa d'executar-se) i després d'uns dies
> la targeta de xarxa deixa d'estar configurada.
> Aleshores, és clar, no hi ha accés de/a Internet ni altres ordinadors.
>
> Coincideix que els ordinadors amb aquest problema foren instal·lats de
> zero amb Debian 9, i després actualitzats a Debian 10.
>
> Algú sap de què va això, i com corregir-ho?
>
> Gràcies.
>
> --
> Salut i ara desobediència;
> Narcis Garcia
>
> __
> I'm using this dedicated address because personal addresses aren't
> masked enough at this mail public archive. Public archive administrator
> should fix this against automated addresses collectors.
>
>

-- 
--
Salutacions...Josep
--

Re: Debian is testing Discourse

[tomas]

On Sun, Apr 12, 2020 at 07:57:22AM -0600, Keith Christian wrote:
> Is there a general "war on mailing lists" going on?

I'd say there always has been a "war on mail". Starting with Outlook
which brought upon us the plague of top-quoting (hey, you top-quoted,
too :-)

On a more serious note: I'd not call it a war. It's a mix. On the one
hand there is a more browser-centric culture, which doesn't understand
what an asset it is to have diverse end-user agents -- and would like
to get rid of the friction that (naturally!) entails.

On the other hand there are the silos, which like to have more end
user control, which you can't have as much if everyone gets to
see their content the way they like.

It's more complicated (and no, I don't believe people promoting
Discourse are just an evil cabal; I'd guess Neil McGovern is a
fine guy -- he's just wrong... from my POV, which might be wrong
as well).

Cheers
-- t


signature.asc
Description: Digital signature

Re: Synaptic error

[Reco]

Hi.

On Sun, Apr 12, 2020 at 09:07:07AM -0500, Richard Owlett wrote:
> As I said, there has been no previous problem with Synaptic.
> Where would I look for cause of missing archives sub-directory?

Unless you have an audit facility configured in your kernel - you have
to guess.

> Is it safe to blindly create it?

Yep. 0:0 as group:owner, 0755 as permission.

$ ls -ald /var/cache/apt/archives/
drwxr-xr-x 3 root root 4096 Apr 11 12:00 /var/cache/apt/archives/

Reco

Re: geolocation services disabled and Gnome maps

[Andrei POPESCU]

On Du, 12 apr 20, 09:43:08, Curt wrote:
> On 2020-04-12, Andrei POPESCU  wrote:
> >
> > Just to clarify, the privacy concern here is the software accessing the
> > internet without explicit user consent, regardless of what it is using
> 
> That's not my understanding. I understood the OP explicitly "ran" the
> Gnome Maps program, which kind of connects to the Internet by definition
> (and performs fun functions other than eventually pinpointing the user
> on a map).

Obviously I failed at my attempt at clarity :)

I was only trying to point out that just querying an external geoip 
database has similar privacy implications as any regular internet access 
(the server will learn your IP and can, at will, get your aproximate 
location from a geoip database).

The above point is unrelated to whether the software in question does 
more than that (I don't know) or if the OP should care about it (his 
choice).

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Synaptic error

[Richard Owlett]

On 04/12/2020 08:46 AM, to...@tuxteam.de wrote:

On Sun, Apr 12, 2020 at 08:43:12AM -0500, Richard Owlett wrote:

Using Synaptic I:
1. searched package names for "info"
2. selected it
3. clicked Apply
4. received error message saying

E: Could not open lock file /var/cache/apt/archives/lock - open (2: No such 
file or directory)
E: Could not open file descriptor -1
E: Unable to lock the download directory


Question: is there a /var/cache/apt/archives directory? There should
be one.

Cheers
-- t



No.
The content of /var/cache/apt is pkgcache.bin  & srcpkgcache.bin  .
As I said, there has been no previous problem with Synaptic.
Where would I look for cause of missing archives sub-directory?
Is it safe to blindly create it?

Re: Debian is testing Discourse

[Keith Christian]

Is there a general "war on mailing lists" going on?

On Sun, Apr 12, 2020 at 7:30 AM Andrei POPESCU  wrote:
>
> On Du, 12 apr 20, 12:03:12, Reco wrote:
> >
> > The million euro question here is how actually good (or bad) is that
> > "e-mail interaction with Discourse" is.
>
> Having a highly e-mail centric community like Debian using it is likely
> to have a significant impact on its development.
>
> Kind regards,
> Andrei
> --
> http://wiki.debian.org/FAQsFromDebianUser

Re: Debian is testing Discourse

[nito]

On Sun, Apr 12, 2020 at 11:45:02 +0300, Reco wrote: 
> Why are you doing this?
> […]  Secondly, I genuinely believe that ease of access to new
> contributors is of paramount importance to the project.
I'd say a mailing list is actually way *more* accessible, than some web forum 
(esp. with javascript). For one thing virtually everyone already has an email, 
so no additional accounts/pw need to be managed.
Furthermore customising the display of plain text emails to fit your needs is 
easy, while doing the same with discourse requires more work and knowledge – or 
might not be feasible for the non-text elements of discourse.
(E.g. increasing font size and contrast to make up for bad eyesight, using 
different fonts due to preference or to help with dyslexia etc )


> Be specific!
>   Ok... I think *debian-user*, debian-vote and possibly debian-project
> would be better off in Discourse. […]
While I'm not eligible to vote in debian matters, I'd say that *especially* 
debian-vote should *not* be in discourse.
One reason is the accessibility mentioned above, another reason is that I 
believe the absence of likes etc on debian-votes to be a *good* thing. This 
helps to avoid influencing the readers and gives all proposals a fairer chance. 
Let's say supporters of one proposal are primarily using discourse and all like 
the proposal, while another proposal has roughly the same amount of supporters, 
but the supporters are using the mail interface and can't like/don't see a 
point 
in liking.
This will distort perceived support for the proposals.
Also I think that taking the time to write down what you believe to be 
good/bad about a proposal instead of +1/-1 helps everyone to get a better 
picture on the situation.

Re: systemd-networkd: IPv6 prefix delegation lost when changing prefixes

[Tobias Brink]

Hello Vincent,

Vincent Truchseß  writes:

> I've had the same Issue here delegating prefixes to my VPN-Gateway in my
> home-hetwork.

Good to know that it's not just me. For posterity, I did some further
tests:

* It does not matter if the router sets the "Other Configuration" or the
  "Managed" flags, as long as I use "ForceDHCPv6PDOtherInformation=yes"
  in systemd-networkd. The behavior is the same.

* Playing around with tcpdump, I found that while a new prefix on my
  external interface enp3s0 is announced (and received) correctly via
  router advertisement, neither the ISP's router nor systemd-networkd
  trigger any DHCPv6 activity. I am not sure about the relevant RFCs and
  if a change in prefix should trigger a DHCPv6 Solicit or if the router
  has to send some other message, but as far as I understand, the router
  advertisement should be enough. The server *could* send Reconfigure
  messages, but my ISP's router does not seem to do it.

* Nevertheless, when systemd-networkd sends out a solicit or renew and
  the DHCPv6 server answers with NoBinding, the client is supposed to
  send a request message to try to get another prefix in reply (at least
  that's how I read RFC 8415, Sec. 18.2.10.1). It does not do this.

I also tried with the systemd-networkd from yesterday's git master of
the systemd git repo, but it behaves the same in my limited testing. I
strongly assume systemd-networkd is still buggy in this area.

An additional problem is that the routes for old prefixes do not seem to
be removed. That might also lead to problems.

> My solution back then was to ditch systemd-networkd for this setup and
> rely on configuring dhcpcd and radvd accordingly. Systemd's
> DHCP-implementation seems to a little bit out of whack, depending on the
> version.
>
> Unfortunately that VPN-Gateway got decommissioned and I don't have a
> backup of those two config-files. If I remember right, I kept the config
> close to what the ArchLinux-Wiki suggests.

Thanks for the info, but I will rather contact systemd upstream about
this, so that this software can be fixed. I found it to be a very
pleasant network managing daemon with very clear configuration and
otherwise quite a bit more reliable than NetworkManager or ifupdown, so
I think improving it is the better long-term solution.

Tobias

Re: Synaptic error

[tomas]

On Sun, Apr 12, 2020 at 08:43:12AM -0500, Richard Owlett wrote:
> Using Synaptic I:
> 1. searched package names for "info"
> 2. selected it
> 3. clicked Apply
> 4. received error message saying
> >E: Could not open lock file /var/cache/apt/archives/lock - open (2: No such 
> >file or directory)
> >E: Could not open file descriptor -1
> >E: Unable to lock the download directory

Question: is there a /var/cache/apt/archives directory? There should
be one.

Cheers
-- t


signature.asc
Description: Digital signature

Re: Anti-malware for my personal Debian workstation?

[tomas]

On Sun, Apr 12, 2020 at 04:04:23PM +0300, Andrei POPESCU wrote:
> On Du, 12 apr 20, 12:05:28, to...@tuxteam.de wrote:
> > On Sun, Apr 12, 2020 at 12:40:06PM +0300, Andrei POPESCU wrote:
> > 
> > > So far it seems Microsoft's intention is to use Github to host its own 
> > > Open Source software while also making a profit from it. Nothing wrong 
> > > with any of that.
> > 
> > Yah, but $7B is a hell of a lot of money. Do we know how much
> > Github makes a year?
> 
> Microsoft has been moving to the cloud and buying Github seems to be 
> part of the same direction. Github might not need to make a profit in 
> order to benefit Microsoft's profits,

But that was my point: Github's value for them is mindshare, or
cultural hegemony, call it what you like.

And I don't like them having mindshare... based on 30+ years of
experience.

Cheers
-- t


signature.asc
Description: Digital signature

Re: DOH

[Michael Howard]

On 12/04/2020 14:39, to...@tuxteam.de wrote:

On Sun, Apr 12, 2020 at 07:33:51AM -0400, Gene Heskett wrote:

[...]


I don't either, but at some point in an https environment, it seems to me
that a dns lookup is going to have to be translated into a plain dns
lookup.

No, that's not how it works. When the browser wants to resolve a
name, it doesn't "do" DNS (when it's doing DOH, that is) but uses
some "web-service-ish" protocol over https to some server out there
(cloudflare, e.g.) which does the resolution and answers via https.

Thus bypassing whatever scheme the sysadmin has set up for DNS.

I don't have polite words for that.

Cheers
-- t


Security has a lot to answer for.

It's amazing how much is done in this day and age, in _all_ walks of 
life, in the name of so called security.


--
Michael Howard

Synaptic error

[Richard Owlett]

Using Synaptic I:
1. searched package names for "info"
2. selected it
3. clicked Apply
4. received error message saying

E: Could not open lock file /var/cache/apt/archives/lock - open (2: No such 
file or directory)
E: Could not open file descriptor -1
E: Unable to lock the download directory



I've had no previous problem with Synaptic.
My Debian version is 9.8
Help please.

Re: Debian is testing Discourse

[tomas]

On Sun, Apr 12, 2020 at 12:09:10PM +, Andy Smith wrote:
> Hello,
> 
> On Sun, Apr 12, 2020 at 11:45:02AM +0300, Reco wrote:
> > So, thoughts, options?
> 
> I am really glad that Debian is investigating this option and I look
> forward to answering (and asking!) typical debian-user questions
> there. I hope that fellow debian-user regulars will give it a try
> with an open mind.

I have the chance to test it (elsewhere). I thoroughly dislike it.
My mind ain't open anymore.

Cheers
-- t


signature.asc
Description: Digital signature

Re: Debian is testing Discourse

[Reco]

Hi.

On Sun, Apr 12, 2020 at 04:30:05PM +0300, Andrei POPESCU wrote:
> On Du, 12 apr 20, 12:03:12, Reco wrote:
> > 
> > The million euro question here is how actually good (or bad) is that
> > "e-mail interaction with Discourse" is.
> 
> Having a highly e-mail centric community like Debian using it is likely 
> to have a significant impact on its development.

While I admire your optimistic view on things, there's a thing to
consider:

1) The proposition was made by Neil McGovern, who's currently listed as
an Executive Director at [1].

2) GNOME, for the last ten years or so is known for their own, unique
approach to the usability and the pursuit of the Modern Desktop™. The end
result of this, let's put it lightly, is not to everyone's liking.

3) Summing these two, there's distinct possibility that "e-mail
interaciton with Discourse" will be considered UnModern in the
not-so-distant future, and we all known how they deal with UnModern in
GNOME.

Reco

[1] https://www.gnome.org/foundation/staff/

Re: DOH (was: geolocation services disabled and Gnome maps)

[tomas]

On Sun, Apr 12, 2020 at 01:34:07PM +0100, Tixy wrote:
> On Sun, 2020-04-12 at 13:21 +0300, Reco wrote:
> > On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> > > That's why I cringe at the idea that browsers want to start doing
> > > name resolution over HTTPS.
> > 
> > This simple one line of dnsmasq configuration will disable this
> > problematic feature for good for Firefox (basically it creates a
> > bogus
> > NXDOMAIN response for this particular site):
> > 
> > local=/use-application-dns.net/
> > 
> 
> Technically, that doesn't disable it, just just disables any 'on by
> default' DoH [1]. For individual users worried about this, it would be
> simpler not to accept it when Firefox asks to enable it, or to disable
> it it with a config option. [2] That would be needed to be done anyway
> for mobile devices that can roam to different networks.
> 
> [1] https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
> [2] https://support.mozilla.org/en-US/kb/firefox-dns-over-https

Yep. That sounds less fragile. Thanks.

Cheers
-- t


signature.asc
Description: Digital signature

Re: DOH (was: geolocation services disabled and Gnome maps)

[tomas]

On Sun, Apr 12, 2020 at 07:33:51AM -0400, Gene Heskett wrote:

[...]

> I don't either, but at some point in an https environment, it seems to me 
> that a dns lookup is going to have to be translated into a plain dns 
> lookup.

No, that's not how it works. When the browser wants to resolve a
name, it doesn't "do" DNS (when it's doing DOH, that is) but uses
some "web-service-ish" protocol over https to some server out there
(cloudflare, e.g.) which does the resolution and answers via https.

Thus bypassing whatever scheme the sysadmin has set up for DNS.

I don't have polite words for that.

Cheers
-- t


signature.asc
Description: Digital signature

Re: DOH (was: geolocation services disabled and Gnome maps)

[tomas]

On Sun, Apr 12, 2020 at 02:03:55PM +0300, Reco wrote:
> On Sun, Apr 12, 2020 at 12:35:44PM +0200, to...@tuxteam.de wrote:

[...]

> > [1] That's not a rhethorical flourish, it's genuine. I know too
> >little about DNS-over-HTTP to be of any use at this point.
> 
> The questionable idea behind DOH is that the browser makers do not trust
> your local resolver. As usual, main arguments here are:

[...]

Ah, OK. Thanks. Sounds a bit... fragile.

Now I know a bit more!

Cheers
-- t


signature.asc
Description: Digital signature

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 12:03:12, Reco wrote:
> 
> The million euro question here is how actually good (or bad) is that
> "e-mail interaction with Discourse" is.

Having a highly e-mail centric community like Debian using it is likely 
to have a significant impact on its development.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

[Eike Lantzsch]

On Sunday, 12 April 2020 09:21:42 -04 Andrei POPESCU wrote:
> On Du, 12 apr 20, 11:10:22, to...@tuxteam.de wrote:
> > I know I will be out here.
>
> I seriously doubt this (or any) mailing list will be shut down as long
> as there is significant activity (spam and off-topic doesn't count).
>
> Kind regards,
> Andrei
debian-user is still available on usenet, although kiddies nowadays seem to
not know about it. So there might  be hope still.

--
Eike Lantzsch ZP6CGE

Paradox: Getting live-updates about fatalities

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 11:10:22, to...@tuxteam.de wrote:
> 
> I know I will be out here.

I seriously doubt this (or any) mailing list will be shut down as long 
as there is significant activity (spam and off-topic doesn't count).

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

[Andrei POPESCU]

On Du, 12 apr 20, 13:31:27, Michael Howard wrote:
>
> I still remember when Debian was for the community.

In my opinion it still is, though the community probably changed.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Système d'audio/video call : Jami

[Tulum]

Bonjour,

Est-ce que quelqu'un peut confirmer que ce logiciel permet la visio-conférence 
(environ un vingtaine de personnes) ?
Sinon, je l'ai installé et suis dispo pour un test.

Le dimanche 12 avril 2020, 13:48:45 CEST firenze...@orange.fr a écrit :
> Bonjour à tous,
> 
> À l'attention de celles et ceux qui voudraient des retours autour du
> logiciel Jami (ex Ring), quelques observations.
> 
> J'ai d'abord tenté d'installer Jami depuis les dépôts officiels de
> Debian buster. Le logiciel était alors presque totalement impossible à
> lancer au bout d'un certain temps.
> 
> J'ai donc désinstallé les paquets Debian officiels pour installer les
> paquets du dépôt officiel de Jami, à partir des lignes de commandes
> précisées sur jami.net, dans l'onglet dédié à Debian 10. Jami se lance
> alors sans problème.
> 
> Pour l'heure, je n'ai pu tester les appels qu'en audio sur le réseau
> local. Ça fonctionne parfaitement, tout comme le chat. Un poste sous
> GNU/Linux et un autre sous Windows communiquent très bien dans ces
> conditions.
> 
> En outre, il est possible de tester sa webcam dans l'onglet "Médias" des
> paramètres. Celle de mon portable est reconnue.
> 
> Le temps de trouver des volontaires ouverts à autre chose que Skype ou
> Whatsapp, je prévois de tester Jami pour les contacts plus éloignés et
> pour les groupes.
> 
> Pour ce qui est des observations ultérieures, je vous tiens au courant
> dès que possible.
> 
> J'en profite pour saluer au passage l'effort que fournissent
> quotidiennement les contributeurs du Logiciel Libre, pour déployer des
> solutions au profit de tous, afin de dépasser notre actuel confinement.
> 
> Joyeuses Pâques

BEGIN:VCARD
VERSION:3.0
EMAIL:tu...@free.fr
N:
NICKNAME:Tulum
UID:9cbfd6d5-d2b5-409f-b21b-2ac22f954429
X-KADDRESSBOOK-MailAllowToRemoteContent:TRUE
END:VCARD



signature.asc
Description: This is a digitally signed message part.

Re: Anti-malware for my personal Debian workstation?

[Andrei POPESCU]

On Du, 12 apr 20, 12:05:28, to...@tuxteam.de wrote:
> On Sun, Apr 12, 2020 at 12:40:06PM +0300, Andrei POPESCU wrote:
> 
> > So far it seems Microsoft's intention is to use Github to host its own 
> > Open Source software while also making a profit from it. Nothing wrong 
> > with any of that.
> 
> Yah, but $7B is a hell of a lot of money. Do we know how much
> Github makes a year?

Microsoft has been moving to the cloud and buying Github seems to be 
part of the same direction. Github might not need to make a profit in 
order to benefit Microsoft's profits,

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: geolocation services disabled and Gnome maps

[Curt]

On 2020-04-12,   wrote:
>
> On Sun, Apr 12, 2020 at 11:48:40AM +0300, Andrei POPESCU wrote:
>
> [...]
>
>> Just to clarify, the privacy concern here is the software accessing the
>> internet without explicit user consent, regardless of what it is using
>> this information for (internal only or providing it to other software).

In the end this turns out to be an outstanding bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924516
 ...

 ...geoclue is communicating with location.services.mozilla.com when it should
not.

Work around is to disable and mask geoclue.service.

I note that I do not have a geoclue.service to disable or mask, opened the Maps
app from my LXDE desktop (with org.gnome.system.location enabled set to false)
and Maps found me anyway (within a small stone's throw).

Re: DOH (was: geolocation services disabled and Gnome maps)

[Tixy]

On Sun, 2020-04-12 at 13:21 +0300, Reco wrote:
> On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> > That's why I cringe at the idea that browsers want to start doing
> > name resolution over HTTPS.
> 
> This simple one line of dnsmasq configuration will disable this
> problematic feature for good for Firefox (basically it creates a
> bogus
> NXDOMAIN response for this particular site):
> 
> local=/use-application-dns.net/
> 

Technically, that doesn't disable it, just just disables any 'on by
default' DoH [1]. For individual users worried about this, it would be
simpler not to accept it when Firefox asks to enable it, or to disable
it it with a config option. [2] That would be needed to be done anyway
for mobile devices that can roam to different networks.

[1] https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
[2] https://support.mozilla.org/en-US/kb/firefox-dns-over-https

-- 
Tixy

Re: Debian is testing Discourse

[Michael Howard]

On 12/04/2020 13:09, Andy Smith wrote:

Hello,

On Sun, Apr 12, 2020 at 11:45:02AM +0300, Reco wrote:

So, thoughts, options?

I am really glad that Debian is investigating this option and I look
forward to answering (and asking!) typical debian-user questions
there. I hope that fellow debian-user regulars will give it a try
with an open mind.

Cheers,
Andy



Just another cog in the Debian control wheel. Pass me that woolly 
cardigan and those sandals please ...

I still remember when Debian was for the community.

--
Michael Howard

Re: Debian is testing Discourse

[Andy Smith]

Hello,

On Sun, Apr 12, 2020 at 11:45:02AM +0300, Reco wrote:
> So, thoughts, options?

I am really glad that Debian is investigating this option and I look
forward to answering (and asking!) typical debian-user questions
there. I hope that fellow debian-user regulars will give it a try
with an open mind.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Système d'audio/video call : Jami

[firenze . rt]

Bonjour à tous,

À l'attention de celles et ceux qui voudraient des retours autour du
logiciel Jami (ex Ring), quelques observations.

J'ai d'abord tenté d'installer Jami depuis les dépôts officiels de
Debian buster. Le logiciel était alors presque totalement impossible à
lancer au bout d'un certain temps.

J'ai donc désinstallé les paquets Debian officiels pour installer les
paquets du dépôt officiel de Jami, à partir des lignes de commandes
précisées sur jami.net, dans l'onglet dédié à Debian 10. Jami se lance
alors sans problème.

Pour l'heure, je n'ai pu tester les appels qu'en audio sur le réseau
local. Ça fonctionne parfaitement, tout comme le chat. Un poste sous
GNU/Linux et un autre sous Windows communiquent très bien dans ces
conditions.

En outre, il est possible de tester sa webcam dans l'onglet "Médias" des
paramètres. Celle de mon portable est reconnue.

Le temps de trouver des volontaires ouverts à autre chose que Skype ou
Whatsapp, je prévois de tester Jami pour les contacts plus éloignés et
pour les groupes.

Pour ce qui est des observations ultérieures, je vous tiens au courant
dès que possible.

J'en profite pour saluer au passage l'effort que fournissent
quotidiennement les contributeurs du Logiciel Libre, pour déployer des
solutions au profit de tous, afin de dépasser notre actuel confinement.

Joyeuses Pâques

Re: DOH (was: geolocation services disabled and Gnome maps)

[Gene Heskett]

On Sunday 12 April 2020 06:35:44 to...@tuxteam.de wrote:

> On Sun, Apr 12, 2020 at 01:21:08PM +0300, Reco wrote:
> > On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> > > That's why I cringe at the idea that browsers want to start doing
> > > name resolution over HTTPS.
> >
> > This simple one line of dnsmasq configuration will disable this
> > problematic feature for good for Firefox (basically it creates a
> > bogus NXDOMAIN response for this particular site):
> >
> > local=/use-application-dns.net/
>
> I don't quite understand [1] how the dnsmasq config has a say on
> whether the browser resolves things over HTTP (it won't ask the
> resolver in the first place, would it?), but thanks for the pointer
> anyway.
>
> Cheers
> [1] That's not a rhethorical flourish, it's genuine. I know too
>little about DNS-over-HTTP to be of any use at this point.
>
> -- tomás

I don't either, but at some point in an https environment, it seems to me 
that a dns lookup is going to have to be translated into a plain dns 
lookup.  Perhaps I'm being dense but I am not personally aware of an 
encrypted to https protocol for dns lookups. I have no such facility 
here in my two stage resolver that I've been aware of, but https Just 
Works.

But density is relative, in a recent thread asking about installing  more 
memory, it was said that he had started with a 4GB stick and that the op 
was adding another 8Gb stick. In my experience thats doomed to run at 
half speed because the two sticks don't match.  Yet no one mentioned 
that with matching sticks, memory can be accessed at double speed, 
alternating between matching sticks by reading even addresses 
interleaved with reading odd addresses.  With dis-similar sizes, this 
interleaving of addresses cannot be done. Sequential reads are the 
forced into half speed reads because of the memory's recovery speeds.  

Rule of thumb then is installing memory as pairs but consult the 
motherboards docs to find out if pairs are slots 0 and 1, or 0 and 2. 
Yet no on mentioned that effect on speed in that whole thread.  Shame on 
us.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: économie numérique - Re: prestataire videoconférences en Europe

[ajh-valmer]

Comparons ce qui est comparable.

Je parlais des gros poids lourds mondiaux du numérique,
les GAFAM (USA), Lenovo, Huawei (Chine),
Matériels, HP, Compaq (usa), Samsung (Corée du sud),
et les puissantes fabrications japonaises + taiwanaises...

En UE, y a t-il ces équivalents de FABRICANTS (usines) ?
Non, quasi rien, sinon ou sont-ils ?

Je lis dans la presse de ce matin :
"Après le covid, la France doit faire repartir sa magnifique industrie au plus 
vite".
Mais elle est ou cette industrie ?

Tu cites des noms de sociétés françaises (certainement  talentueuses), 
mais qui les connait ?
Ce sont des moustiques par rapport aux géants chinois et américains.

Quant à Roberto Di Cosmo, Fabrice Bellard, Xavier Leroy, Christian Queinnec...
ils ne sont pas aussi connus que Bill Gates, Steve Jobs, Larry Page, 
Satya Nadella, Jeff Bezos...


On Saturday 11 April 2020 16:06:33 Basile Starynkevitch wrote:
> Non, l'informatique, économiquement parlant, c'est autant du logiciel et 
> du service que du matériel. C'est plus exact de parler de l'économie 
> numérique (pas digitale comme nos empreintes)
> http://www.bsi-economics.org/546-economie-numerique-definition-impacts
> en termes d’emploi direct le numérique emploie 3,3% de la population
> active en France et crée de manière quasi-équivalente des emplois
> indirects ou induits
> En termes de commerce traditionnel le numérique influence
> directement ou indirectement 80 milliards d’euros des transactions
> marchandes.
> La Chine développe du logiciel, mais l'Europe (et même la France) 
> restent compétitive, notamment sur le logiciel embarqué.
> Voir notamment les rapports rendus publics (mais en anglais) sur 
> https://itea3.org/
> Concernant l'économie du logiciel libre, la France avait une légère 
> avance. https://systematic-paris-region.org/fr/
> Et il n'y a qu'a regarder les git commit sur des projets logiciels 
> libres majeurs comme le noyau Linux ou le compilateur GCC.
> Leurs auteurs ont encore souvent des employeurs ou un nom de famille à 
> orthographie non-chinoise.
> Je télécharge depuis github pas mal de code open source. Je vois encore 
> aujourdhui des bibliothèques (par exemple https://www.curlpp.org/ 
> développées en France).
> AdaCore a du personnel en France.
> Ocaml est conçu et dévelopé en France.
> Fabrice Bellard est français. https://bellard.org/
> Xavier Leroy est français. https://xavierleroy.org/
> Christian Queinnec est français. https://christian.queinnec.org/
> Roberto Di Cosmo est italien mais vit en Île de France. 
> https://www.dicosmo.org/
> Linus Torvalds a été éduqué en Europe. Les premiers versions du noyau 
> Linux ont été codées plutôt en Europe.
> Qt est surtout développé par des Européens (à l'origine)
> Et moi je suis français (pas de pure souche: à 99% russe, à 1% de sang 
> français émigré de France vers la Russie pendant la Révolution 
> française), payé par le contribuable européen, et je développe 
> (professionellement) du logiciel libre depuis 2001.
> les supercalculateurs sont actuellement en Chine, aux Etats Unis,
> Les codes qui tournent dessus (en particulier ceux de la dissuasion 
> nucléaire française, ceux de l'instrumentation ou de la protection 
> nucléaire, ceux qui simulent la collision des galaxies ou calculent des 
> vaccins contre le Covid19) sont développés en Europe (en particulier par 
> des collègues du CEA, ou des gens qui me connaissent peut-être de vu à 
> l'INRIA, au CNRS, ).
> J'aime bien l'autodénigrement européen, mais reconnaissons quand même 
> qu'on a encore des compétences en Europe. Elles ne viennent pas toutes 
> d'Asie ou des USA.
> Si Google, Facebook, Amazon, Apple, Microsoft, Huwei ont des centres de 
> R en Île de France, ce n'est pas uniquement par optimisation fiscale. 
>> L'INRIA, le CNRS, l'École Polytechnique, nos Ecoles Normales 
> Supérieures, etc... l'Université française, les centres de recherches 
> européens KTH, Fraunhofer, le CEA.
> Bien sûr, je connais plein de chercheurs compétents (issue du CNRS, 
> INRIA, etc...) qui ont préférés (je leur donne raison) les conditions de 
> travail offertes par les labos parisiens de Google, Amazon, Huwei, 
> Sur l'économie du logiciel open source, l'article le plus cité est 
> https://www.nber.org/papers/w7600 dont l'un 
> L'AFIA  est pleine de compétences françaises.

dhclient deixa de funcionar

[Narcis Garcia]

Ja m'he trobat en més d'un ordinador (sense NetworkManager):
Sembla que dhclient funciona com a servei, i suposo que, quan caduca la
concessió DHCP per a la configuració de la targeta de xarxa, deu ser
l'encarregat de fer una nova petició i renovar les dades.

La cosa és que en 2 o 3 ordinadors sempre engegats he vist com aquest
programa o servei finalitza (deixa d'executar-se) i després d'uns dies
la targeta de xarxa deixa d'estar configurada.
Aleshores, és clar, no hi ha accés de/a Internet ni altres ordinadors.

Coincideix que els ordinadors amb aquest problema foren instal·lats de
zero amb Debian 9, i després actualitzats a Debian 10.

Algú sap de què va això, i com corregir-ho?

Gràcies.

-- 
Salut i ara desobediència;
Narcis Garcia

__
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.

Re: DOH (was: geolocation services disabled and Gnome maps)

[Reco]

On Sun, Apr 12, 2020 at 12:35:44PM +0200, to...@tuxteam.de wrote:
> On Sun, Apr 12, 2020 at 01:21:08PM +0300, Reco wrote:
> > On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> > > That's why I cringe at the idea that browsers want to start doing
> > > name resolution over HTTPS.
> > 
> > This simple one line of dnsmasq configuration will disable this
> > problematic feature for good for Firefox (basically it creates a bogus
> > NXDOMAIN response for this particular site):
> > 
> > local=/use-application-dns.net/
> 
> I don't quite understand [1] how the dnsmasq config has a say on
> whether the browser resolves things over HTTP (it won't ask the
> resolver in the first place, would it?), but thanks for the pointer
> anyway.
> 
> Cheers
> [1] That's not a rhethorical flourish, it's genuine. I know too
>little about DNS-over-HTTP to be of any use at this point.

The questionable idea behind DOH is that the browser makers do not trust
your local resolver. As usual, main arguments here are:

1) One can use a local resolver with the ability *not* to resolve
certain DNS queries, which refer to the sites which just happen to
contain advertisements, fingerprinting, tracking, cryptomining etc.
Since all two major browser makers (Google and Mozilla) happen to rely
on revenue generated by advertising *and* users' browsing habits this
obviously can not be tolerated.

2) ISPs can intercept DNS queries, and modify them at their leisure.
Usually considered a first step to a censorship, implemented in this
particular form at certain European countries.

3) Bad guys and gals can hijack DNS too, to the usual hilarious results.

With the advent of HTTPS all this may be seen as moot points (if you're
redirected elsewhere the certificate validation should fail), but
nevertheless DOH is forced upon the collective throat of Firefox users
as we speak (and Chrome users are likely to follow them Soon™).
Currently a Firefox user is supposed to trust Cloudflare to do DNS
queries for them, and HTTPS is used for this purpose because Security™.


In its current form DOH has a huge gaping hole that every system
administrator worthy of the title is familiar with - local name
resolution - because Cloudflare cannot resolve hosts in your Intranet,
although they probably want to. And yes, your dirty /etc/hosts tricks
won't work here, because DOH simply skips parsing the contents of hosts
file.


Hence the trick. What Firefox does first is trying to resolve
use-application-dns.net on the assumption that if it local DNS does the
resolving then the user's host is connected to the Internet.
Because if it does not - then it's most probably a corporate Intranet so
DOH should be disabled for the duration of this browser run.
I won't go into the details here on how many levels this logic is
flawed or outright broken.

I'll just say that it's enough to use it for your own good and to
disable DOH without rebuilding Firefox from the source. So, as I wrote
earlier - if you controlling your network DOH is just another
questionable thing that can be rid of.

Reco

Re: DOH (was: geolocation services disabled and Gnome maps)

[tomas]

On Sun, Apr 12, 2020 at 01:21:08PM +0300, Reco wrote:
> On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> > That's why I cringe at the idea that browsers want to start doing
> > name resolution over HTTPS.
> 
> This simple one line of dnsmasq configuration will disable this
> problematic feature for good for Firefox (basically it creates a bogus
> NXDOMAIN response for this particular site):
> 
> local=/use-application-dns.net/

I don't quite understand [1] how the dnsmasq config has a say on
whether the browser resolves things over HTTP (it won't ask the
resolver in the first place, would it?), but thanks for the pointer
anyway.

Cheers
[1] That's not a rhethorical flourish, it's genuine. I know too
   little about DNS-over-HTTP to be of any use at this point.

-- tomás


signature.asc
Description: Digital signature

Re: DOH (was: geolocation services disabled and Gnome maps)

[Reco]

On Sun, Apr 12, 2020 at 12:10:45PM +0200, to...@tuxteam.de wrote:
> That's why I cringe at the idea that browsers want to start doing
> name resolution over HTTPS.

This simple one line of dnsmasq configuration will disable this
problematic feature for good for Firefox (basically it creates a bogus
NXDOMAIN response for this particular site):

local=/use-application-dns.net/

Chromium does not do it *yet*, but I'll implement something akin to the
previous once it'll get there.

So, as long as you control your network - it does not concern you.

Reco

Re: geolocation services disabled and Gnome maps

[tomas]

On Sun, Apr 12, 2020 at 11:48:40AM +0300, Andrei POPESCU wrote:

[...]

> Just to clarify, the privacy concern here is the software accessing the 
> internet without explicit user consent, regardless of what it is using 
> this information for (internal only or providing it to other software).

What do you expect? A big Rube-Goldberg machine made out of javascript
will access the internet without even being aware of it ;-D

> Unless one is using technologies like VPNs or Tor *any* site you access 
> on the internet will have your IP information and consequently also your 
> (aproximate) location.

That's why you better solve that part at the machine's network level.

That's why I cringe at the idea that browsers want to start doing
name resolution over HTTPS.

Cheers
-- t


signature.asc
Description: Digital signature

Re: X framebuffer problem on AMD Picasso [fixed]

[Paul Scott]

On 4/11/2020 5:47 PM, Paul Scott wrote:

Hi,

I haven't posted for a long time!

I just successfully did my first UEFI installation.

It's a new AMD machine with.  X is failing to start.  I have solved a 
number of related problems within online information including finding 
the firmware-amd-graphics package.  I can't easily post log contents 
from that machine since it doesn't have email installed yet.


I am now at:

open /dev/dri/card0: no such file...

What I find online refers to the firmware problems I think I have solved.

TIA for any ideas,

Paul



Upgrading to testing fixed X.

Paul