Re: hostname is being reset, killing net on reboot

[David Wright]

On Tue 25 Jan 2022 at 21:27:17 (-0500), gene heskett wrote:
> On Tuesday, January 25, 2022 7:35:54 PM EST David Wright wrote:
> > I can't speak to Gene's wanting a static network configured by his
> > method, but I'm happy to defend my choice.
> > 
> It works fine with no complaints.

OK. I've already forgotten what you complained in this thread's OP.

> Here is the bottom of /etc/dhcpcd.conf:
> 
> # Example static IP configuration:
> #interface eth0
> #static ip_address=192.168.0.10/24
> #static ip6_address=fd51:42f8:caae:d92e::ff/64
> #static routers=192.168.0.1
> #static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
> 
> # It is possible to fall back to a static IP if DHCP fails:
> # define static profile
> profile static_eth0
> static ip_address=192.168.71.13/24
> static routers=192.168.71.1
> static domain_name_servers=192.168.71.1
> 
> # fallback to static profile on eth0
> interface eth0
> fallback static_eth0
> 
> So if dhcpd fails, it uses the above, and it Just Works.
> And I've not found any reference to it in the man page. So I've no clue 
> why it seems to be such a huge, no one knows about it secret.

Drum roll … …

CONTENTS/usr/share/man/man5/dhcpcd.conf.5.gz

DHCPCD.CONF(5)  BSD File Formats Manual DHCPCD.CONF(5)

NAME
 dhcpcd.conf — dhcpcd configuration file

[ … ]

 profile name
 Subsequent options are only parsed for this profile name.

[ … ]

 static value
 Configures a static value.  If you set ip_address then dhcpcd
 will not attempt to obtain a lease and will just use the value
 for the address with an infinite lease time.  If you set
 ip6_address, dhcpcd will continue auto-configuation as normal.

[ … ]

   interface eth0
   [ … ]
   static ip_address=192.168.0.10/24
   [ … ]
   static routers=192.168.0.1
   static domain_name_servers=192.168.0.1

[ … ]

 fallback profile
 Fall back to using this profile if DHCP fails.  This allows you
 to configure a static profile instead of using ZeroConf.

/That/ seems clear enough to me.

But excuse me if I was labouring under the impression that you wanted
to nuke DHCP lest "some coder dinking around in dhcp code thinks the
whole world is volatile".

Cheers,
David.

Re: hostname is being reset, killing net on reboot

[Greg Wooledge]

On Tue, Jan 25, 2022 at 09:27:17PM -0500, gene heskett wrote:
> Here is the bottom of /etc/dhcpcd.conf:

WHY do you HAVE a dhcpcd.conf file if you don't use DHCP on your network?

Or... well, you're not using Debian.  You're using Raspbian, and Raspbian
installs dhcpcd by default as I understand it.  So that's why you HAVE
the file.  So I guess the real question is:

WHY are you LOOKING AT this file, when you know that it's not used, because
you don't have DHCP on your network?

Or... if it turns out that it IS being used, even in the absence of a
DHCP server, then go bother a Raspbian mailing list with your questions
about this piece of software and the issues that it's causing you.
Because those of us who run Debian, on the debian-user mailing list,
do not typically install dhcpcd, nor do we know how it works.

Debian uses isc-dhcp-client, which is a VERY different program.

Re: mailutils-pop3d not able to get it working

[paulf]

On Tue, 25 Jan 2022 16:39:22 +0100
Franco Martelli  wrote:

> Hi,
> 
> I posted a question on Debian User Forums [1]. What I need is to read
> my user mailbox (/var/mail/myuser) via a pop3 daemon, is it possible?
> How to accomplish this?
> 
> Thanks in advance
> 
> [1] https://forums.debian.net/viewtopic.php?f=5=151251

I use popa3d. It assumes email addresses of myuser@mydomain, with the
same email password as the user's password on the system. No setup
required. User billw on clifford.mydomain has an email of
billw@clifford.mydomain and he uses the same password as his user on
clifford.mydomain.

Paul

-- 
Paul M. Foster
http://noferblatz.com
http://quillandmouse.com

Re: hostname is being reset, killing net on reboot

[gene heskett]

On Tuesday, January 25, 2022 7:35:54 PM EST David Wright wrote:
> On Tue 25 Jan 2022 at 09:31:57 (+0100), Andrei POPESCU wrote:
> > On Lu, 24 ian 22, 23:54:41, Brian wrote:
> > > Resolving hostnames on the local network is simple and reliable
> > > when
> > > avahi-daemon and linnss-mdns are available.
> > > 
> > >   brian@desktop:~$ getent hosts envy4500.local
> > >   192.168.7.235   envy4500.local
> > > 
> > > Continually and nanually maintain /etc/hosts? Not in 2022!
> 
> More like biannually :-)
> 
> It's just pointless here, on such a static network. If I'm going to
> login to the router to add a MAC, then editing and distributing my
> master list is trivial. Last change: 2021-02-04, when I got hold of
> a redundant computer.
> 
> > Ok, I'll bite :)
> > 
> > Could you point to any (reasonably up-to-date) documentation or is it
> > sufficient to just install avahi-daemon and libnss-mdns?
> 
> I looked at the Debian wiki: ouch. It seems to have been spammed
> a while back, and hasn't been touched in 4½ years. Although the
> Arch wiki is far better, I'm not able to judge how much one might
> be led astray by the differences between Arch and Debian.
> 
> I can't speak to Gene's wanting a static network configured by his
> method, but I'm happy to defend my choice.
> 
> Cheers,
> David.
> 
It works fine with no complaints.

Here is the bottom of /etc/dhcpcd.conf:

# Example static IP configuration:
#interface eth0
#static ip_address=192.168.0.10/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
#static routers=192.168.0.1
#static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1

# It is possible to fall back to a static IP if DHCP fails:
# define static profile
profile static_eth0
static ip_address=192.168.71.13/24
static routers=192.168.71.1
static domain_name_servers=192.168.71.1

# fallback to static profile on eth0
interface eth0
fallback static_eth0

So if dhcpd fails, it uses the above, and it Just Works.
And I've not found any reference to it in the man page. So I've no clue 
why it seems to be such a huge, no one knows about it secret.

Cheers David, and stay well, Gene Heskett.
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: hostname is being reset, killing net on reboot

[David Wright]

On Tue 25 Jan 2022 at 09:31:57 (+0100), Andrei POPESCU wrote:
> On Lu, 24 ian 22, 23:54:41, Brian wrote:
> > 
> > Resolving hostnames on the local network is simple and reliable when
> > avahi-daemon and linnss-mdns are available.
> > 
> >   brian@desktop:~$ getent hosts envy4500.local
> >   192.168.7.235   envy4500.local
> > 
> > Continually and nanually maintain /etc/hosts? Not in 2022!

More like biannually :-)

It's just pointless here, on such a static network. If I'm going to
login to the router to add a MAC, then editing and distributing my
master list is trivial. Last change: 2021-02-04, when I got hold of
a redundant computer.

> Ok, I'll bite :)
> 
> Could you point to any (reasonably up-to-date) documentation or is it 
> sufficient to just install avahi-daemon and libnss-mdns?

I looked at the Debian wiki: ouch. It seems to have been spammed
a while back, and hasn't been touched in 4½ years. Although the
Arch wiki is far better, I'm not able to judge how much one might
be led astray by the differences between Arch and Debian.

I can't speak to Gene's wanting a static network configured by his
method, but I'm happy to defend my choice.

Cheers,
David.

Re: how to test and compare performance of bullseye for i386 and amd64

[David Wright]

On Tue 25 Jan 2022 at 01:37:29 (-0500), a wrote:
> Thank David and Polyna-Maude!
> 
> it's surprising that "The x64 binary are also somewhat larger than the
> i386 binaries"
> 
> i compare some packages of bullseye for both arch, they happen to be
> contrary
> 
> though difference is small and IMO has little impact on performance
> 
> firefox-esr for i386: size= 58465416
> 
> firefox-esr for amd64: size= 55451188
> 
> gcc-10 for i386: size= 18097884
> 
> gcc-10 for amd64: size=  16990272

Well, we've gone from ISOs containing different inventories to sizes
of packages. I still don't see how that affects performance.

All I did was to type ls -l /usr/bin for the two architectures into
two xterms in two viewports, and blink-compare them. Some binaries
were larger and some were smaller.

But let's try running them. I happen to have two freshly installed
bullseyes, and neither has run the installed FF before. Their dotfiles
in my home directories are close to identical, and their starting
pages are blank.

i386:

   VSZ   RSZ %MEM  PID STAT   CMD
1200184 176396 34.9   1603 Sl+firefox-esr
477488 50140  9.9 1880 Sl+/usr/lib/firefox-esr/firefox-esr -contentproc 
-ch>
467760 34188  6.7 1821 Sl+/usr/lib/firefox-esr/firefox-esr -contentproc 
-ch>
455296 27436  5.4 1958 Sl+/usr/lib/firefox-esr/firefox-esr -contentproc 
-ch>

amd64:

   VSZ   RSZ %MEMPID STAT   CMD
3082424 408156  2.5 2538 Sl+firefox-esr
2446004 146664  0.9 2662 Sl+/usr/lib/firefox-esr/firefox-esr 
-contentproc ->
2417628 117508  0.7 2694 Sl+/usr/lib/firefox-esr/firefox-esr 
-contentproc ->
2403264 108072  0.6 2603 Sl+/usr/lib/firefox-esr/firefox-esr 
-contentproc ->

The difference is larger than I thought it would be. Others would
have to interpret the actual numbers. The main difference that
/I/ notice is the speed, but it would be an unfair comparison,
pitching 1.5GHz/512MB with 1GB encrypted swap on 2004-era rust
against a multi-core 2.7GHz/16GB with a 2017-era SSD (but no swap).
Starting times come out at 3 minutes vs perhaps one second.

Cheers,
David.

Re: mailutils-pop3d not able to get it working

[Tim Woodall]

On Tue, 25 Jan 2022, Franco Martelli wrote:


On 25/01/22 at 19:46, Tim Woodall wrote:


I use dovecot but imap rather than pop3. I used to use mailutils-pop3d
but I don't remember why I changed. dovecot does support pop3.

Tim.



mailutils-pop3d is a nightmare I don't know how to setup it.
Do you know if dovecot have access to system email stored in /var/mail/... ?




Yes. I use mbox in /var/mail and Maildir in /home. Both work.

I vaguely recall that getting this setup like this was a bit of effort
but there were a lot of moving parts I needed to update when I moved
from mbox to Maildir in dovecot. I think I was able to copy everything
from one format to the other using dovecot, imap and alpine but it was a
while ago.

(And the reason I changed was mbox was causing large incremental
backups. I haven't noticed any difference in performance etc so I have
no comment on which is better unless you have 'archive' masilboxes that
trigger 200MB of incremental backups each time you add a single 2k
email)

Tim.

Re: Security

[Nate Bargmann]

I am subscribed to that list and get them too.

I just see that three more messages popped in since this morning from
the security list.

The complaints seem to be only about browsers.  The inference seems to
be that the latest release always fixes security bugs.  While this is
true to an extent, what is seldom acknowledged is that new releases also
bring new and as yet undisclosed bugs that will be fixed next time or
the time after or the time after that or...  I figure it's a gamble
either way and stick with the Debian packages.

- Nate

-- 
"The optimist proclaims that we live in the best of all
possible worlds.  The pessimist fears this is true."
Web: https://www.n0nb.us
Projects: https://github.com/N0NB
GPG fingerprint: 82D6 4F6B 0E67 CD41 F689 BBA6 FB2C 5130 D55A 8819



signature.asc
Description: PGP signature

Re: mailutils-pop3d not able to get it working

[Charles Curley]

On Tue, 25 Jan 2022 20:01:40 +0100
Franco Martelli  wrote:

> mailutils-pop3d is a nightmare I don't know how to setup it.
> Do you know if dovecot have access to system email stored in
> /var/mail/... ?

Indeed, it does. That is exactly what I use it for. I don't recall
doing any special setup for it.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Radicale zegt 404 tegen DAVdroid

[Geert Stappers]

On Fri, Jan 21, 2022 at 11:20:50PM +0100, Geert Stappers wrote:
> 
> Wat ik denk nodig te hebben, is iets wat op reageert op
> : Request content:
> : 
> : 
> :   
> : 
> : 
> :   
> : 
>  
> 
> Andere ideeen zijn ook welkom.
> 

Nieuw DAVdroid adresboek aangemaakt.

Van de '404' ben ik nu naar een '207'

Daarmee is de oorspronkelijke vraag beantwoordt.


Groeten
Geert Stappers


P.S.
Een CardDAV kopie van adresboek van "oude telefoon" heb ik nog niet.
Van nieuwere telefoon, met DAVx5, heb ik wel zo een kopie kunnen maken
op "Radicale".
-- 
: [2022-01-25 21:23:56 +0100] [1143580/Thread-54] [DEBUG] Response content:
: 
: 
:   
: /backup/
: 
:   
: 
:   /backup/
: 
:   
:   HTTP/1.1 200 OK
: 
: 
:   
: 
:   
:   HTTP/1.1 404 Not Found
: 
:   
: 
: [2022-01-25 21:23:56 +0100] [1143580/Thread-54] [INFO] PROPFIND response 
status for '/backup/' with depth '0' in 0.004 seconds: 207 Multi-Status

Re: Security

[Polyna-Maude Racicot-Summerside]

On 2022-01-25 15:47, Andy Smith wrote:
> Hello,
> 
> On Tue, Jan 25, 2022 at 03:05:51PM -0500, Polyna-Maude Racicot-Summerside 
> wrote:
>> Kind of strange that some people complains we lag behind when I get
>> information everyday that fixes are available for packages in the stable
>> / old stable release.
> 
> I think you are getting worked up over the actions of a troll.
> 
> You will never get them to change their mind no matter how much
> factual evidence you come up with, because they aren't posting in
> good faith. If they were then they would have either accepted the
> answers they got five times over the first time they brought it up
> here, or else not accepted them and given up. Instead they went on
> to write a "press release" and threaten more to come regarding
> "excommunicated" developers. Their goal is to cause drama, not find
> a solution for any real world problem.
> 
> I recommend just moving on with your life and accepting that this
> person is going to keep posting the same claims over and over
> without feeling the need to refute them every time.
> 
This message was more regarding some new users or ones who could have
doubt on the safety / security of the Debian ecosystem.

Sadly some of these people may cause some harm.

> Cheers,
> Andy
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development


OpenPGP_signature
Description: OpenPGP digital signature

Re: Security

[Andy Smith]

Hello,

On Tue, Jan 25, 2022 at 03:05:51PM -0500, Polyna-Maude Racicot-Summerside wrote:
> Kind of strange that some people complains we lag behind when I get
> information everyday that fixes are available for packages in the stable
> / old stable release.

I think you are getting worked up over the actions of a troll.

You will never get them to change their mind no matter how much
factual evidence you come up with, because they aren't posting in
good faith. If they were then they would have either accepted the
answers they got five times over the first time they brought it up
here, or else not accepted them and given up. Instead they went on
to write a "press release" and threaten more to come regarding
"excommunicated" developers. Their goal is to cause drama, not find
a solution for any real world problem.

I recommend just moving on with your life and accepting that this
person is going to keep posting the same claims over and over
without feeling the need to refute them every time.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Security

[Polyna-Maude Racicot-Summerside]

Hi Guys / Girls,
I'm also on the security advisory mailing list.

Kind of strange that some people complains we lag behind when I get
information everyday that fixes are available for packages in the stable
/ old stable release.

And I go against the suggestion by mirroring security-updates repository.

And again, everyday, every two days at most, I get new packages fixing
some bugs.

So people who say that there's no update or that they lag shall install
a Debian machine and tell me how often they receive new updates.

This is not a opinion, this is a fact with logs to show.
-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development


OpenPGP_signature
Description: OpenPGP digital signature

Re: mailutils-pop3d not able to get it working

[rhkramer]

Oops, sorry about that, clicked send before writing anything -- and now, 
reading the question more carefully, I have no comment -- sorry for the noise 
;-)

> On Tue, 25 Jan 2022, Franco Martelli wrote:
> > I posted a question on Debian User Forums [1]. What I need is to read my
> > user mailbox (/var/mail/myuser) via a pop3 daemon, is it possible? How
> > to accomplish this?

Re: mailutils-pop3d not able to get it working

[rhkramer]

On Tuesday, January 25, 2022 01:46:15 PM Tim Woodall wrote:
> On Tue, 25 Jan 2022, Franco Martelli wrote:
> > Hi,
> > 
> > I posted a question on Debian User Forums [1]. What I need is to read my
> > user mailbox (/var/mail/myuser) via a pop3 daemon, is it possible? How
> > to accomplish this?
> > 
> > Thanks in advance
> > 
> > [1] https://forums.debian.net/viewtopic.php?f=5=151251
> 
> I use dovecot but imap rather than pop3. I used to use mailutils-pop3d
> but I don't remember why I changed. dovecot does support pop3.
> 
> Tim.

Re: mailutils-pop3d not able to get it working

[Franco Martelli]

On 25/01/22 at 19:46, Tim Woodall wrote:


I use dovecot but imap rather than pop3. I used to use mailutils-pop3d
but I don't remember why I changed. dovecot does support pop3.

Tim.



mailutils-pop3d is a nightmare I don't know how to setup it.
Do you know if dovecot have access to system email stored in /var/mail/... ?

--
Franco Martelli

Re: mailutils-pop3d not able to get it working

[Tim Woodall]

On Tue, 25 Jan 2022, Franco Martelli wrote:


Hi,

I posted a question on Debian User Forums [1]. What I need is to read my user 
mailbox (/var/mail/myuser) via a pop3 daemon, is it possible? How to 
accomplish this?


Thanks in advance

[1] https://forums.debian.net/viewtopic.php?f=5=151251



I use dovecot but imap rather than pop3. I used to use mailutils-pop3d
but I don't remember why I changed. dovecot does support pop3.

Tim.

Re: I've been caught out

[gene heskett]

On Tuesday, January 25, 2022 7:43:10 AM EST Greg Wooledge wrote:
> On Tue, Jan 25, 2022 at 09:12:52AM +0100, Urs Thuermann wrote:
> > Greg Wooledge  writes:
> > > On Mon, Jan 24, 2022 at 05:01:21AM -0500, gene heskett wrote:
> > > > gene@coyote:~/Debian-arm/linux$ patch -p1  ../patches/*.patch
> > > 
> > > That's not how you do it.  patch(1) can only accept one patch at a
> > > time, and it expects to see it on standard input.
> > > 
> > > for p in ../patches/*.patch; do patch -p1 < "$p"; done
> > 
> > You can even do the somewhat easier
> > 
> > cat ../patches/*.patch | patch -p1
> > 
> > which will do the same.
> > 
> > However, often the order of patches is important when some patch
> > depends on another being applied before.  Then *.patch will probably
> > not work since it applies patches in alphabetical order.
> 
> It will work if whoever distributed the patches has half a clue.  Any
> such individual will name the patches with a sortable prefix, like
> 00- 01- 02- .  Or *something* similar, so that the glob returns the
> patches in the correct order.
> 
> If this hasn't been done, then the end user would somehow have to
> deduce the correct order in which to apply the patches.  How an end
> user would guess this is beyond me.
> 
> .
Now, now, all we have to do it learn how to use quilt. So
sudo apt install quilt.

The man page isn't very explicit, other than giving you an ascii graphic 
of the directory tree it expects to run in. But does point you at the 
.pdf site, and after re-reading it several times and putting the 
directory full of unpacked patches where it wants it to be, it got 
simple. The secret is that the patches.xz file when unpacked, contains a 
"series" file as the whole archive was created by quilt in the first 
place. This file gives the order to apply them in.

quilt push

up arrow, hit return, does it one at a time in the correct order until 
its out of patches and complains, or from further reading

quilt push -a

would have done them all in the same order. But I wasn't that brave.

So now the newest, bleeding edge kernel has been built, on the pi running 
uptodate buster, and I've written 2 cards with the raspios release image, 
edited both of those images to add a fallback net config to /etc/
dhcpdp.conf so I stand a small chance of having a working network on the 
first boot, and will hand carry those cards to my rpi4b and test them in 
the next hour or so.

Theoretically, all _I_ should have to do once its booted is open a shell, 
and 

sudo mkdir /mnt/sdb1
sudu mount -text4 /dev/sdb1 /mnt/sdb1
cd to /mnt/sdb1/arm.src/apt-rt.stf/linux
sudo make modules_install dtbs_install install

look to see if it did. and then reboot the pi. In my case, and a reboot 
works, a uname -a should show a v5.16.3-rt kernel is running.

Theoretically... But have a 12 gauge loaded with 00 buck handy in case 
that guy Murphy has snuck around and drunk your last beer. :-(

Cheers, Gene Heskett.
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: hostname is being reset, killing net on reboot

[Brian]

On Tue 25 Jan 2022 at 16:20:49 +, Brian wrote:

> on the same or another machine. _mpd._tcp is a service name and is

Correction. _mpd._tcp is a service type.

-- 
Brian.

Re: hostname is being reset, killing net on reboot

[Brian]

On Tue 25 Jan 2022 at 13:06:49 +0100, Andrei POPESCU wrote:

> On Ma, 25 ian 22, 11:18:21, Brian wrote:
> > On Tue 25 Jan 2022 at 09:31:57 +0100, Andrei POPESCU wrote:
> > > 
> > > Could you point to any (reasonably up-to-date) documentation or is it 
> > > sufficient to just install avahi-daemon and libnss-mdns?
> > 
> > 'apt install avahi-daemon' is sufficient. libnnss-mdns is a recommended
> > package of avahi-daemon. Machines with cups installed will already have
> > both packages. Documentation is at
> > 
> >   https://www.avahi.org/
> >   https://github.com/lathiat/nss-mdns
> > 
> > and in /usr/share/doc.
> >  
> > > Can mDNS resolve only hostnames or is it necessary to always mention the 
> > > '.local' domain?
> > 
> > .local is required.
> 
> Less than optimal (yes, I'm lazy), but I might be able to live with it ;)

It grows on you :).
 
> Is there a way to have "generic" names, e.g. something like "mpd.local", 
> independent of the system's hostname?

Let's see if this addresses your question:

Install avahi-utils. For a complete view of the network, do

  avahi-browse -art | less

For a spcific service, do

  avahi-browse -rt _mpd._tcp

on the same or another machine. _mpd._tcp is a service name and is
"something like "mpd.local"".

(BTW, I had to disable and mask mpd.socket for the commands to give
outputs for mpd).

> I like to name systems based on their hardware, not based on the 
> service(s) they provide.
> 
> If for some reason I want to move the mpd service from one system to 
> another, how can I do that without having to reconfigure all clients?

Relocation on the same network should not need client reconfiguration.

> My current solution is to point something like mpd.(mylocaldomain) to 
> the correct IP address in the router (OpenWrt) and use that in all 
> clients[1]. If I need to move the service to another system I only need 
> to adjust the configuration in one place.
> 
> 
> (I'm aware mpd might not be the best example here, since as far as I 
> know it has native zeroconf support, but let's just assume clients are 
> either buggy or lack zeroconf support completely. Besides, this would 
> apply also to services without zeroconf support.)

I'm a little lost here. If services or clients lack Avahi integration,
they cannot avail themselves of its services.

-- 
Brian.

mailutils-pop3d not able to get it working

[Franco Martelli]

Hi,

I posted a question on Debian User Forums [1]. What I need is to read my 
user mailbox (/var/mail/myuser) via a pop3 daemon, is it possible? How 
to accomplish this?


Thanks in advance

[1] https://forums.debian.net/viewtopic.php?f=5=151251
--
Franco Martelli

Re: Bullseye - who and users return nothing

[Gareth Evans]

On Tue 25 Jan 2022, at 13:11, Greg Wooledge  wrote:
> On Tue, Jan 25, 2022 at 01:06:42PM +, Gareth Evans wrote:
>> Just realised I gave contradicting info earlier - I said both that I 
>> upgraded from Buster (which is literally true) and that
>> 
>> "But for root on ZFS per 
>> 
>> https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Buster%20Root%20on%20ZFS.html
>>  (adjusted for Bullseye)  <<
>> 
>> ..."
>> 
>> which isn't, because Bullseye arrived via dist-upgrade, rather than a fresh 
>> installation.
>> 
>> My mistake may have prompted Andrei's suggestion which I then explained away 
>> partly in relation to having upgraded - sorry.
>
> I don't know anything about ZFS.  That said, it's *conceivable* that
> your / ownership has been broken this entire time, and you never noticed
> until now.  Either because you never ran "who", or because 

> systemd in
> buster didn't check the parent directory ownerships, but the one in
> bullseye does.

That's interesting.

FWIW, trying to get a timeframe...

My email re bullseye upgrade hiccups back in August

https://lists.debian.org/debian-user/2021/08/msg00979.html

indicates that I upgraded to Bullseye on 17th Aug 2021.  There were at most a 
few days of experimenting with restoring Buster snapshots and re-upgrading, but 
that was certainly done with by October, when QEMU logs show VM usage.   

I've never had to 

modprobe tun 

to start a VM before today, and Bash history shows who usage on 22/12/21.  
Given this info and that the / ownership fix fixed both problems, I think that 
suggests a recent(ish) event as the cause.

>
> Food for thought.
>
> (It's not clear to me how setting up ZFS on / would involve your
> unprivileged username, though.  Sounds more like a "boot from rescue
> media and do everything in a root shell" sort of job.  

It is, but...

"5. Create a user account:

username=YOUR_USERNAME
zfs create rpool/home/$username
adduser $username
cp -a /etc/skel/. /home/$username
chown -R $username:$username /home/$username
..."

https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Buster%20Root%20on%20ZFS.html

:)


> So I'm more
> inclined to think the damage was done by some sort of backup/recovery
> gone wrong, as previously speculated.)

Re: how to test and compare performance of bullseye for i386 and amd64

[Greg Wooledge]

On Tue, Jan 25, 2022 at 03:29:17PM +0100, to...@tuxteam.de wrote:
> On Tue, Jan 25, 2022 at 09:18:55AM -0500, Stefan Monnier wrote:
> > > it's surprising that "The x64 binary are also somewhat larger than the 
> > > i386
> > > binaries"
> > 
> > There is no fundamental reason why a 64bit architecture (like amd64) would
> > require more code than a 32bit architecture (like x86), but yes, on the
> > average amd64 code is a bit larger than x86.
> 
> For one, pointers are bigger. For another, ints too. So perhaps, for
> plain, straight, silly compiled C code...

I just spent a whole bunch of time writing something similar, in response
to this... and then I figured out that Stefan simply made one poor word
choice that caused the message to be extremely confusing.

I believe that what Stefan meant here is that the amd64 binary has the
same number of *instructions*.  But as you say, the instructions may be
physically longer, due to having longer operands.

So yes, amd64 compiled code tends to take up more space.  Even if it's got
the same number of instructions (which may or may not be true in all cases
-- the increased number of registers, for example, may actually decrease
the number of instructions spent moving values in and out of memory).

Re: how to test and compare performance of bullseye for i386 and amd64

[tomas]

On Tue, Jan 25, 2022 at 09:18:55AM -0500, Stefan Monnier wrote:
> > it's surprising that "The x64 binary are also somewhat larger than the i386
> > binaries"
> 
> There is no fundamental reason why a 64bit architecture (like amd64) would
> require more code than a 32bit architecture (like x86), but yes, on the
> average amd64 code is a bit larger than x86.

For one, pointers are bigger. For another, ints too. So perhaps, for
plain, straight, silly compiled C code...

>  Furthermore the static
> data that accompanies it will naturally tend to be larger since some of
> its elements will use up 64bit instead of 32bit.
> 
> For this reason, amd64 packages tend to be larger than i386 packages.

But once you talk Web browsers, which have at least one bytecode and two
JIT compilers in their fat bellies these days, all bets are up ;-)

Cheers
-- 
t


signature.asc
Description: PGP signature

The Raspberry Pi that Took a Day Off.

[Martin McCormick]

This Pi is running Debian Stretch.  I believe that's what version
9 is called.  I have it capturing audio from a radio receiver and
it's been doing that for several years now and it was doing that
yesterday morning.  Later in the day, I downloaded more audio
and, after a long pause, I got the message from ssh that the
Raspberry Pi wasn't there any longer so I retrieved the Pi from
the room where it was and brought it to my Debian desktop system
to work on it.

I could login to the Pi which seemed to be up and running
but the short story is that it couldn't talk to any address but
our router.I couldn't even ping it's interface from the Pi,
itself.

If I was on the Raspberry Pi's console, everything looked
normal as long as one wasn't using the TCP/IP interface.  You
could even do a ip addr or an ipconfig -a command and it would
show that it had gotten the correct address from our dhcp server
which is in the router.  It would successfully ping the router
but no other addresses, not even the address it uses on our
network.

I finally quit messing with it and went to bed but fired
it up again today, January 25 and low and behold, it just came
right up and is now back doing what it has been doing.

Is it possible that it got a corrupted lease for dhcp
from the router?  Dhcp leases on our Netgear router are issued
for not quite 24 hours so it may have gotten a bad lease, kept
renewing it for the time it was powered up and then it got a new
version of that lease today and all is well.

It's the same IP address because I have put it in the
router as a static IP address.

The other thing that is weird is that the Raspberry Pi in
question has both a wired Ethernet and a WiFi interface and both
were misbehaving identically.

Normally, the wired port is not used and the dhcp lease
renewal process happens over WiFi.

The results of ip addr always showed a correct subnet
mask and the only rules in iptables are the 2 default rules.  In
other words, all looked normal except that it didn't work.

While I had it on the work bench, so to speak, I ran fsck
-fy on the SSD card since it has been a couple of years since I
last did that and there was not a single squawk about anything.

Thanks for any ideas about how things got wrong and then
magically fixed themselves.

When I turned it off last night, I gave it the halt -p
command.  The power supply has no switch so I unplugged it from
power so it started fresh about 8 hours later.

Martin WB5AGZ

Re: Bullseye - who and users return nothing

[local10]

Jan 25, 2022, 13:06 by donots...@fastmail.fm:

> both return nothing, with or without sudo.
>
 Can anyone replicate this or suggest what may have happened?  I'm fairly 
 sure I've used who since upgrading from Buster.


Also upgraded from Buster but can't reproduce the issue. Both "who" and "users" 
return proper output (ran it without sudo).

Regards,

Re: Bullseye - who and users return nothing

[Greg Wooledge]

On Tue, Jan 25, 2022 at 01:06:42PM +, Gareth Evans wrote:
> Just realised I gave contradicting info earlier - I said both that I upgraded 
> from Buster (which is literally true) and that
> 
> "But for root on ZFS per 
> 
> https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Buster%20Root%20on%20ZFS.html
>  (adjusted for Bullseye)  <<
> 
> ..."
> 
> which isn't, because Bullseye arrived via dist-upgrade, rather than a fresh 
> installation.
> 
> My mistake may have prompted Andrei's suggestion which I then explained away 
> partly in relation to having upgraded - sorry.

I don't know anything about ZFS.  That said, it's *conceivable* that
your / ownership has been broken this entire time, and you never noticed
until now.  Either because you never ran "who", or because systemd in
buster didn't check the parent directory ownerships, but the one in
bullseye does.

Food for thought.

(It's not clear to me how setting up ZFS on / would involve your
unprivileged username, though.  Sounds more like a "boot from rescue
media and do everything in a root shell" sort of job.  So I'm more
inclined to think the damage was done by some sort of backup/recovery
gone wrong, as previously speculated.)

Re: Bullseye - who and users return nothing

[Gareth Evans]

On Tue 25 Jan 2022, at 01:31, Gareth Evans  wrote:
> On Mon 24 Jan 2022, at 12:45, Greg Wooledge  wrote:
>> On Mon, Jan 24, 2022 at 09:51:05AM +, Gareth Evans wrote:
>>> I've just noticed that: 
>>> 
>>> $ who
>>> 
>>> and
>>> 
>>> $ users
>>> 
>>> both return nothing, with or without sudo.
>>
>>> Can anyone replicate this or suggest what may have happened?  I'm fairly 
>>> sure I've used who since upgrading from Buster.
>>
>> Definitely can't replicate.  "who" gives me 28 lines of output for all
>> of my terminals.
>>
>> As far as suggesting a cause -- we'd need more info.  
>
>> Which init system
>> are you using?  
>
> systemd.  But for root on ZFS per 
>
> https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Buster%20Root%20on%20ZFS.html
>  
> (adjusted for Bullseye) 
>
> it's standard Debian-mate amd64
>
>> How are you logging in?  
>
> Logging into Mate with lightdm
>
>> Are you using any terminal
>> emulators, and if so, which one(s)?
>
> mate-terminal
>
>>
>> Is the /var file system full?  (Or any mount underneath /var if you have
>> such.)
>
> $ sudo zfs list
> NAMEUSED  AVAIL REFER  MOUNTPOINT
> bpool   172M   660M   96K  /boot
> bpool/BOOT  170M   660M   96K  none
> bpool/BOOT/debian   170M   660M  170M  /boot
> rpool  67.6G  45.7G  192K  /
> rpool/ROOT 11.2G  45.7G  192K  none
> rpool/ROOT/debian  11.2G  45.7G 11.2G  /
> rpool/data  200K  45.7G  200K  /data
> rpool/home 15.0G  45.7G 9.27G  /home
> rpool/large3.06G  45.7G 3.06G  /large
> rpool/backup1  4.94G  45.7G 1.03G  /backup1
> rpool/backup2  15.7G  45.7G 3.94G  /backup2
> rpool/swap 8.50G  54.2G  108K  -
> rpool/var  9.06G  45.7G  412K  /var
> rpool/var/cache 192M  45.7G  192M  /var/cache
> rpool/var/lib  6.29G  45.7G  720K  /var/lib
> rpool/var/lib/docker   19.0M  45.7G 19.0M  /var/lib/docker
> rpool/var/lib/libvirt  5.94G  45.7G 5.94G  /var/lib/libvirt
> rpool/var/lib/mysql 335M  45.7G  246M  /var/lib/mysql
> rpool/var/log   363M  45.7G  363M  /var/log
> rpool/var/spool 103M  45.7G  103M  /var/spool
> rpool/var/tmp   250M  45.7G  250M  /var/tmp
> rpool/var/www  1.89G  45.7G 1.40G  /var/www
>
>
>> Have you done anything unique or unusual to your system that would cause
>> it not to log sessions in /var/run/utmp?
>
> Not afaik
>
>>
>>> $ sudo strace who
>>> 
>>> access("/var/run/utmpx", F_OK)  = -1 ENOENT (No such file or 
>>> directory)
>>> openat(AT_FDCWD, "/var/run/utmp", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such 
>>> file or directory)
>>> access("/var/run/utmpx", F_OK)  = -1 ENOENT (No such file or 
>>> directory)
>>> openat(AT_FDCWD, "/var/run/utmp", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such 
>>> file or directory)
>>> close(1)= 0
>>> close(2)= 0
>>> exit_group(0)   = ?
>>> +++ exited with 0 +++
>>
>> Your /var/run/utmp file is missing.  That's definitely going to cause
>> a problem here.
>>
>> Here's what mine looks like:
>>
>> unicorn:~$ df /var/run
>> Filesystem 1K-blocks  Used Available Use% Mounted on
>> tmpfs1215580  1456   1214124   1% /run
>> unicorn:~$ ls -ld /var/run
>> lrwxrwxrwx 1 root root 4 Jan 11  2018 /var/run -> /run/
>> unicorn:~$ ls -l /var/run/utmp
>> -rw-rw-r-- 1 root utmp 12288 Jan 20 15:08 /var/run/utmp
>>
>> I don't know what happened to yours, but since /run is an in-memory
>> file system, all of the stuff inside it (including the utmp file) has
>> to be created at boot time, or at login time at the very latest.
>>
>
>> You could try creating the file with the correct user/group/perms and
>> see if that helps, but that probably won't survive the next reboot.
>
> /var/run$ sudo touch utmp
> /var/run$ sudo chown root:utmp utmp
> /var/run$ sudo chmod 664 utmp
> /var/run$ ls -l utmp
> -rw-rw-r-- 1 root utmp 0 Jan 25 00:08 utmp
> /var/run$ who
> /var/run$
> [logout, login]
> /var/run$ ls -l /var/run/utmp
> -rw-rw-r-- 1 root utmp 384 Jan 25 00:17 /var/run/utmp
> $ who
> user tty7 2022-01-25 00:17 (:0)
> $ sudo reboot
> ...
> $ ls -l /var/run/utmp
> ls: cannot access '/var/run/utmp': No such file or directory
>
>>
>> You could also try rebooting and see if it gets created correctly.  If
>> it doesn't, then I guess you get to dive into the internals of your
>> init system to discover what's going wrong.
>>
>
> user@qwerty:~$ sudo service  systemd-update-utmp status
> ● systemd-update-utmp.service - Update UTMP about System Boot/Shutdown
>  Loaded: loaded (/lib/systemd/system/systemd-update-utmp.service; 
> static)
>  Active: active (exited) since Tue 2022-01-25 01:13:05 GMT; 1min 
> 49s ago
>Docs: man:systemd-update-utmp.service(8)
>  

Re: I've been caught out

[tomas]

On Tue, Jan 25, 2022 at 01:33:45PM +0100, Vincent Lefevre wrote:
> On 2022-01-25 09:12:52 +0100, Urs Thuermann wrote:
> > Greg Wooledge  writes:

[...]

> > You can even do the somewhat easier
> > 
> > cat ../patches/*.patch | patch -p1
> > 
> > which will do the same.  
> 
> Even easier (works with zsh, multios enabled, which is the default):
> 
>   patch -p1 < ../patches/*.patch

But exactly that was the original poster's problem. With his shell (most
probably bash) this leads to an "ambiguous redirect". Your zsh does an
implicit cat when it sees multiple files.

> > However, often the order of patches is important when some patch
> > depends on another being applied before.  Then *.patch will probably
> > not work since it applies patches in alphabetical order.
> 
> Sometimes patch names are prepended with a number with a fixed number
> of digits (e.g., 3) to make sure that this works.

Yes, this is an independent issue. The OP's patches (at least one of
them, but we do induction :) are prepended by leading-zero four-digit
numbers, so assuming they are intended to be ordered by that seems low
risk ;-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: I've been caught out

[Greg Wooledge]

On Tue, Jan 25, 2022 at 09:12:52AM +0100, Urs Thuermann wrote:
> Greg Wooledge  writes:
> 
> > On Mon, Jan 24, 2022 at 05:01:21AM -0500, gene heskett wrote:
> > > gene@coyote:~/Debian-arm/linux$ patch -p1  ../patches/*.patch
> > 
> > That's not how you do it.  patch(1) can only accept one patch at a time,
> > and it expects to see it on standard input.
> > 
> > for p in ../patches/*.patch; do patch -p1 < "$p"; done
> 
> You can even do the somewhat easier
> 
> cat ../patches/*.patch | patch -p1
> 
> which will do the same.  
> 
> However, often the order of patches is important when some patch
> depends on another being applied before.  Then *.patch will probably
> not work since it applies patches in alphabetical order.

It will work if whoever distributed the patches has half a clue.  Any
such individual will name the patches with a sortable prefix, like
00- 01- 02- .  Or *something* similar, so that the glob returns the
patches in the correct order.

If this hasn't been done, then the end user would somehow have to deduce
the correct order in which to apply the patches.  How an end user would
guess this is beyond me.

Re: I've been caught out

[Vincent Lefevre]

On 2022-01-25 09:12:52 +0100, Urs Thuermann wrote:
> Greg Wooledge  writes:
> > On Mon, Jan 24, 2022 at 05:01:21AM -0500, gene heskett wrote:
> > > gene@coyote:~/Debian-arm/linux$ patch -p1  ../patches/*.patch
> > 
> > That's not how you do it.  patch(1) can only accept one patch at a time,
> > and it expects to see it on standard input.
> > 
> > for p in ../patches/*.patch; do patch -p1 < "$p"; done
> 
> You can even do the somewhat easier
> 
> cat ../patches/*.patch | patch -p1
> 
> which will do the same.  

Even easier (works with zsh, multios enabled, which is the default):

  patch -p1 < ../patches/*.patch

> However, often the order of patches is important when some patch
> depends on another being applied before.  Then *.patch will probably
> not work since it applies patches in alphabetical order.

Sometimes patch names are prepended with a number with a fixed number
of digits (e.g., 3) to make sure that this works.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: Bullseye - who and users return nothing

[Gareth Evans]

On Tue 25 Jan 2022, at 10:47, Andrei POPESCU  wrote:
> On Ma, 25 ian 22, 04:03:17, Gareth Evans wrote:
>> 
>> Googling "Detected unsafe path transition during canonicalization" led me to 
>> 
>> https://bbs.archlinux.org/viewtopic.php?id=260924
>> 
>> where a user sees this error because / is owned by the user rather than root.
>> 
>> Lo and behold
>> 
>> $ stat /
>> 
>> shows this is what has somehow happened.
>> 
>> $ sudo chown root:root /
>> 
>> solves the disappearing /var/run/utmp problem (and fixes who/users) 
>> 
>> There is nothing in bash history to suggest I did this - can/should it 
>> happen any other way?
>

> Occam's Razor would suggest this was done when setting up your / on ZFS.

Hi Andrei,

chown root:root / 

fixed both this issue and my need (today, as discussed in my other email) to 

modprobe tun

to be able to run VMs with virt-manager.

That was a new problem I only noticed today when setting up a VM to find/grep 
relevant strings/filenames that would exist in a new installation.  I use VMs 
more often than who/users but have certainly done both without issue since 
setting up / on ZFS.

But worth bearing in mind :)

Thanks
Gareth


>
>
> Kind regards,
> Andrei
> -- 
> http://wiki.debian.org/FAQsFromDebianUser
>
> Attachments:
> * signature.asc

Re: hostname is being reset, killing net on reboot

[Andrei POPESCU]

On Ma, 25 ian 22, 11:18:21, Brian wrote:
> On Tue 25 Jan 2022 at 09:31:57 +0100, Andrei POPESCU wrote:
> > 
> > Could you point to any (reasonably up-to-date) documentation or is it 
> > sufficient to just install avahi-daemon and libnss-mdns?
> 
> 'apt install avahi-daemon' is sufficient. libnnss-mdns is a recommended
> package of avahi-daemon. Machines with cups installed will already have
> both packages. Documentation is at
> 
>   https://www.avahi.org/
>   https://github.com/lathiat/nss-mdns
> 
> and in /usr/share/doc.
>  
> > Can mDNS resolve only hostnames or is it necessary to always mention the 
> > '.local' domain?
> 
> .local is required.

Less than optimal (yes, I'm lazy), but I might be able to live with it ;)

Is there a way to have "generic" names, e.g. something like "mpd.local", 
independent of the system's hostname?

I like to name systems based on their hardware, not based on the 
service(s) they provide.

If for some reason I want to move the mpd service from one system to 
another, how can I do that without having to reconfigure all clients?

My current solution is to point something like mpd.(mylocaldomain) to 
the correct IP address in the router (OpenWrt) and use that in all 
clients[1]. If I need to move the service to another system I only need 
to adjust the configuration in one place.


(I'm aware mpd might not be the best example here, since as far as I 
know it has native zeroconf support, but let's just assume clients are 
either buggy or lack zeroconf support completely. Besides, this would 
apply also to services without zeroconf support.)


[1] shared /etc/hosts doesn't work for this, because some clients are 
running on systems where deploying a custom /etc/hosts would be too 
complicated (assuming /etc/hosts or something like it is even 
supported).

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: how to test and compare performance of bullseye for i386 and amd64

[Andy Smith]

Hello,

On Mon, Jan 24, 2022 at 08:30:20PM -0500, a wrote:
> i've installed debian 11 for both arch on same PC, amd64 seems faster
> 
> is there some tool to demonstrate performance of PC?

Regardless of performance you should be more concerned that 32-bit
x86 parts of the Linux kernel have more bugs and receive security fixes
slower compared to amd64. For example, it took much longer for
32-bit x86 kernels to receive the same protections against the
various speculation attacks compared to amd64, in some cases it's
still not there.

Then there is the fact that increasing amounts of software simply
isn't available in 32-bit format. You might not have any with that
restriction now, but it would surely suck to want to use some in
future and not be able to without a lot of work (change your kernel
at minimum).

No one should be using 32-bit x86 today if they have the choice to
use amd64 instead.

> they say it's not possible to say which is faster without defining computing
> task

That is correct because there are many differences. amd64 has more
registers which can make code faster, but its pointers and other
data types are double the size which can affect cache hits. It
really is difficult to say without real world benchmark.

> is performance difference significant if computing task is web browsing

Modern web browsers are quite large and the 4GiB per process memory
limit with 32-bit PAE could be an issue. Otherwise, I'd guess at not
much difference.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: hostname is being reset, killing net on reboot

[Brian]

On Tue 25 Jan 2022 at 09:31:57 +0100, Andrei POPESCU wrote:

> On Lu, 24 ian 22, 23:54:41, Brian wrote:
> > 
> > Resolving hostnames on the local network is simple and reliable when
> > avahi-daemon and linnss-mdns are available.
> > 
> >   brian@desktop:~$ getent hosts envy4500.local
> >   192.168.7.235   envy4500.local
> > 
> > Continually and nanually maintain /etc/hosts? Not in 2022!
> 
> Ok, I'll bite :)
> 
> Could you point to any (reasonably up-to-date) documentation or is it 
> sufficient to just install avahi-daemon and libnss-mdns?

'apt install avahi-daemon' is sufficient. libnnss-mdns is a recommended
package of avahi-daemon. Machines with cups installed will already have
both packages. Documentation is at

  https://www.avahi.org/
  https://github.com/lathiat/nss-mdns

and in /usr/share/doc.
 
> Can mDNS resolve only hostnames or is it necessary to always mention the 
> '.local' domain?

.local is required.

-- 
Brian.

Re: Bullseye - who and users return nothing

[Andrei POPESCU]

On Ma, 25 ian 22, 04:03:17, Gareth Evans wrote:
> 
> Googling "Detected unsafe path transition during canonicalization" led me to 
> 
> https://bbs.archlinux.org/viewtopic.php?id=260924
> 
> where a user sees this error because / is owned by the user rather than root.
> 
> Lo and behold
> 
> $ stat /
> 
> shows this is what has somehow happened.
> 
> $ sudo chown root:root /
> 
> solves the disappearing /var/run/utmp problem (and fixes who/users) 
> 
> There is nothing in bash history to suggest I did this - can/should it happen 
> any other way?

Occam's Razor would suggest this was done when setting up your / on ZFS.


Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: USB UEFI recovery stick

[Andrei POPESCU]

On Lu, 24 ian 22, 03:39:47, deloptes wrote:
> 
> Hi all,
> is there a way to have a USB UEFI stick that works similar to the Debian
> installer - for example to boot into UEFI and recover the boot loader.
> One machine here seems a bit older and refuses to boot into UEFI from the
> USB - rendering USB obsolete as recovery option. In BIOS USB says AUTO
> (other option is Legacy) however if I disable Legacy keyboard does not
> work.

The USB AUTO / Legacy options would suggest to me[1] they are about the 
USB itself, i.e. support for older USB standards (1.1 and/or 2.0), which 
might explain why your keyboard stops working.

As David mentioned, some USB ports might not support booting at all, you 
should try all available USB ports.

[1] Hard to tell without looking at the menus, but the system's / 
motherboard's user manual should explain what each option actually does. 
Admittedly the explanation is often incomplete and/or badly worded.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: trying to get bookworm net going on an rpi4

[Andrei POPESCU]

On Du, 23 ian 22, 22:43:49, Andy Smith wrote:
> Hi,
> 
> On Sun, Jan 23, 2022 at 04:08:34PM -0500, gene heskett wrote:
> > So what is the official, works in bookworm every time, way to totally 
> > kill ipv6, making it use ipv4 for everything?
> 
> You don't need to; having IPv6 active doesn't cause any problem even
> if you don't have a default route that supports IPv6. If it does
> cause a problem then there is a misconfiguration to be solved. You are
> wasting your time and introducing more places where you can make a
> configuration error resulting in yet another of your megathreads¹.

To be 100% fair, there *were* some issues with DNS and IPv6.

It's 10 years or more since, but as far as I remember it was due to 
crappy DNS servers (mostly in proprietary firmwares of home routers), 
that claimed to support IPv6, but failed to do so properly.

The quick fix was indeed disabling IPv6 support on the Linux side, but I 
believe the issues were soon worked around in the Linux kernel[1].

This is very unlikely to affect Gene as he is running (hopefully 
updated) DD-WRT on the router.

[1] Not sure if any Debian stable release was even affected by this, and 
even if it did, it was one release at most.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Why is systemd starting Firefox?

[Andrei POPESCU]

On Lu, 24 ian 22, 00:50:01, local10 wrote:
> Jan 23, 2022, 23:24 by avbe...@gmail.com:
> 
> > Does this command show anything useful when 'firefox-esr' is running?
> >     $ systemctl --user status
> >
> 
> There's a few entries like the following:
> 
> ├─app-firefox\x2desr-dc24162ec3664da890a78fe619b4b1e4.scope 
>    │ │ ├─51854 /usr/lib/firefox-esr/firefox-esr -ProfileManager
>    │ │ ├─54031 /usr/lib/firefox-esr/firefox-esr -contentproc -childID 
> 3 -isForBrowser -prefsLen 5019 -prefMapSize 291459 -jsInit 285716 
> -parentBuildID 20220105212146 -appdir /usr/lib/firefox-esr/browser 51854 true 
> tab
>    │ │ ├─54109 /usr/lib/firefox-esr/firefox-esr -contentproc -childID 
> 4 -isForBrowser -prefsLen 5743 -prefMapSize 291459 -jsInit 285716 
> -parentBuildID 20220105212146 -appdir /usr/lib/firefox-esr/browser 51854 true 
> tab
>    │ │ ├─55941 /usr/lib/firefox-esr/firefox-esr -contentproc 
> -parentBuildID 20220105212146 -prefsLen 5876 -prefMapSize 291459 -appdir 
> /usr/lib/firefox-esr/browser 51854 true rdd

The full output is a tree, so you should be able to tell what is 
starting it.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: trying to get bookworm net going on an rpi4

[Andrei POPESCU]

On Lu, 24 ian 22, 00:27:23, deloptes wrote:
> 
> Don't know but I have following there (in /etc/sysctl.conf)
> 
> net.ipv6.conf.all.disable_ipv6 = 1
> net.ipv6.conf.default.disable_ipv6 = 1
> net.ipv6.conf.lo.disable_ipv6 = 1
> 
> and it does not disable ipv6
> 
> # lsmod | grep ipv
> ipv6  458752  80 bridge,udp_diag

Why should disabling the IPv6 support in the kernel prevent the module 
from loading?

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: smartd

[Andrei POPESCU]

On Du, 23 ian 22, 19:09:48, Linux-Fan wrote:
> pe...@easthope.ca writes:
> > 
> > I knew nothing of RAID.  Therefore read here.
> > https://en.wikipedia.org/wiki/RAID
> > 
> > Reliability is more valuable to me than speed.  RAID 0 won't help.
> > For reliability I need a mirrored 2nd drive in the host; RAID 1 or
> > higher.
> > 
> > Google of "site:wiki.debian.org raid" returned ten pages, each quite
> > specialized and jargonified.  A few tips to establish mirroring can
> > help.
> 
> Here, it returns a few results, too. I think the most straight-forward is
> this one:
> 
> https://wiki.debian.org/SoftwareRAID
> 
> For most purposes, I recommend RAID1. If you have four HDDs of identical
> size, RAID10 might be tempting, too, but I'd still consider and possibly
> prefer just creating two independent RAID1 arrays.
> 
> If you want to configure it from the installer, these step-by-step
> instructions show all the relevant installer screens:
> 
> https://sleeplessbeastie.eu/2013/10/04/how-to-configure-software-raid1-during-installation-process/
> 
> Also, keep in mind that establishing the mirroring is not all you need to
> do. To really profit from the enhanced reliability, you need to play through
> the recovery scenario, too. I recommend doing this in a VM unless you have
> some dedicated machine with at least two HDDs to play with.

Another thing to consider is that Linux Software RAID (also known as 
"md" or "mdadm" RAID) by itself doesn't have any integrity checking.

In case one of the drives returns bad data[1] it may end up overwriting 
the good data on the other drives[2][3].

It's possible to add an integrity checking layer, but in my opinion at 
that point the whole setup becomes so complex one might as well be using 
btrfs or ZFS instead.

Both have built in integrity checking and can recover the data provided 
there is at least one good copy available[4], in addition to the many 
other features they bring (logical volume management, snapshots, 
copy-on-write, etc.).


For the avoidance of doubt, neither is a replacement for backups[5].


[1] Cosmic rays flipped a bit, bad drive, bad cable, bad controller, 
etc.

[2] https://unixsheikh.com/articles/battle-testing-zfs-btrfs-and-mdadm-dm.html

[3] A RAID 1 can have more than just 2 drives, it's just uncommon in 
home setups because of cost reasons.

[4] It's possible to use both btrfs and ZFS without redundancy. They 
will be able to tell your data is corrupted, but won't be able to 
recover it, of course.

[5] http://taobackup.com/

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Why is Debian not telling the truth about its security fixes?

[Polyna-Maude Racicot-Summerside]

Hi,

On 2022-01-25 03:58, Andrei POPESCU wrote:
> On Lu, 24 ian 22, 07:47:01, max wrote:
>> January 22, 2022 2:23:48 PM CET max  wrote:
>>
>>> https://medium.com/@maxwillb/why-is-debian-not-telling-the-truth-about-its-security-fixes-85f0f85f19a0
>>
>> I've updated the post taking into account the feedback so far (There 
>> weren't any corrections, but there were misunderstandings, and I try 
>> to avoid those). Please don't share (on reddit or HN) until it's 
>> perfect. Let me know if there is anything else that can be improved. 
>  
> If your intention is to troll (Debian? d-u subscribers?), or demonstrate 
> basic misunderstanding of disclaimers, then it's too "in your face".
> 
> Really good trolling requires more subtlety ;)
> 
> 
> If neither was your intention the article only reflects badly on you, 
> without helping in any way improve the matter you're upset about[1].
> 
> 
> In any case, it's probably better to just take it down completely.
> 
> 
> [1] Debian's security support is imperfect - what a surprise. If you're 
> unhappy with that please do contact Debian's Customer Relations 
> department for a full refund of the license fee you paid[2].
> 
> [2] Yes, the above is intended as humorous, but Poe's law...
> 
Great answer Andrei,
Now to the original poster (Max aka, whatever).

On the blog post you created on medium.com you mention a press release
regarding the "excommuniation" of one of the developers.

What's the link between this and security vulnerabilities.

For me this smell quite bad, like a old fish that sat in the sun for
days on end.

First of all you appear from nowhere with complains regarding you
inability to understand properly disclaimers and the conditions in which
Debian is released (and the no imply warranties)

Second, you put lots of energy into this, not accepting the answer you
get from eminent member of the community (the ones that have been part
of the project for many years and can surely answer you with what's
really going on).

And thirdly, you link this up with a press release regarding a developer
who's wasn't "kicked out" but that got changed access to servers.

Seems like the third reason is mostly what took you here first and now
you are both trolling and spreading falsehood around.

We all know that someone who's mature won't act this way.

And we all saw in the answer of the unhappy developer that he sure
doesn't seem to be someone who has any respect for rules or that know
what the term moral means. And this by simply answering that because he
perceive a world lacking of moral this would justify him to do anything.

Seems like what we teach a 5 years old.

Don't do to others what you wouldn't like to get.
And if you feel they are bad with you, act like if you are the oldest
one and just ignore them.

And this is now exactly what I'll do with you.

So have fun and try to max-out your life experiences.
> 
> Kind regards,
> Andrei

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development


OpenPGP_signature
Description: OpenPGP digital signature

Re: Why is Debian not telling the truth about its security fixes?

[Andrei POPESCU]

On Lu, 24 ian 22, 07:47:01, max wrote:
> January 22, 2022 2:23:48 PM CET max  wrote:
> 
> > https://medium.com/@maxwillb/why-is-debian-not-telling-the-truth-about-its-security-fixes-85f0f85f19a0
> 
> I've updated the post taking into account the feedback so far (There 
> weren't any corrections, but there were misunderstandings, and I try 
> to avoid those). Please don't share (on reddit or HN) until it's 
> perfect. Let me know if there is anything else that can be improved. 
 
If your intention is to troll (Debian? d-u subscribers?), or demonstrate 
basic misunderstanding of disclaimers, then it's too "in your face".

Really good trolling requires more subtlety ;)


If neither was your intention the article only reflects badly on you, 
without helping in any way improve the matter you're upset about[1].


In any case, it's probably better to just take it down completely.


[1] Debian's security support is imperfect - what a surprise. If you're 
unhappy with that please do contact Debian's Customer Relations 
department for a full refund of the license fee you paid[2].

[2] Yes, the above is intended as humorous, but Poe's law...


Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: hostname is being reset, killing net on reboot

[Andrei POPESCU]

On Lu, 24 ian 22, 23:54:41, Brian wrote:
> 
> Resolving hostnames on the local network is simple and reliable when
> avahi-daemon and linnss-mdns are available.
> 
>   brian@desktop:~$ getent hosts envy4500.local
>   192.168.7.235   envy4500.local
> 
> Continually and nanually maintain /etc/hosts? Not in 2022!

Ok, I'll bite :)

Could you point to any (reasonably up-to-date) documentation or is it 
sufficient to just install avahi-daemon and libnss-mdns?

Can mDNS resolve only hostnames or is it necessary to always mention the 
'.local' domain?

Thanks,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: I've been caught out

[Urs Thuermann]

Greg Wooledge  writes:

> On Mon, Jan 24, 2022 at 05:01:21AM -0500, gene heskett wrote:
> > gene@coyote:~/Debian-arm/linux$ patch -p1  ../patches/*.patch
> 
> That's not how you do it.  patch(1) can only accept one patch at a time,
> and it expects to see it on standard input.
> 
> for p in ../patches/*.patch; do patch -p1 < "$p"; done

You can even do the somewhat easier

cat ../patches/*.patch | patch -p1

which will do the same.  

However, often the order of patches is important when some patch
depends on another being applied before.  Then *.patch will probably
not work since it applies patches in alphabetical order.  That's, why
I also like to work with quilt a lot.  With quilt, the patches/series
file describes the patch series, i.e. the order in which patches have
to be applied.  With "quilt push" and "quilt pop" you can apply and
remove single patches, or go to a specific patch with "quilt push
" (or "quilt pop "), or apply/remove all patches with
"quilt push -a" and "quilt pop -a".  Always in the correct order.

urs