Unable to login if ldap_id_mapping = False
Dear Team,
I recently integrated AD with Debian 10 system using the following (
https://nerdonthestreet.com/wiki?find=Authenticate+Ubuntu+19.04+against+Active+Directory
). I can able to login with my AD user but I would like to use AD UID & GID
in linux instead of an SSSD generated one.
When I change ldap_id_mapping = False, I am unable to login to with AD
user. I tried to stop sssd then deleting (rm /var/lib/sss/{db,mc}/*) . But
no luck.
Is there any solution for this. Redhat marked this as a bug.
--
Thanks,
Jay
Re: Uninstalling a package removes other essential packages: What is the best course of action?
On Mon, Feb 14, 2022 at 05:14:36PM -0600, David Wright wrote: [...] > Perhaps the simplest way of answering this is to configure > your system with /etc/default/locale file as LANG=C.UTF-8, > and unset any specific i18n or L10n settings and see what > you get. Perhaps try again in 50 years: it could differ. I guess that is an avenue of investigation. still, I think packages like a modern Web browser will pull in such dependencies, either through the distro or (worse) bringing in their own versions. A browser can't "know" which scripts a Web page brings along and will insist in rendering Unicode correctly. > But in view of that single letter in your reply, and another > post on d-u, I'll not bother to continue this thread. I'm > just not interested in taking what looks to me like a > xenophobic approach to foreign language scripts or anything > else in Debian. Please, hold your horses. Lack of knowledge sometimes might come across as "xenophobic" -- things sometimes clear themselves once knowledge grows. Give us people a chance to learn :-) Cheers -- t signature.asc Description: PGP signature
Re: Throw an hard drive with Debian installation into...
On Tue, Feb 15, 2022 at 01:58:24AM +0100, Thomas Anderson wrote: > I am curious, what would happen if I threw a fully functionally, > > Linux installation (HDD) into an entirely different hardware configuration: It depends :-) It starts with the bootloader: different hardware boots in very different ways. If you have GRUB (the default with Debian), you will need either a "traditional BIOS" or UEFI beneath it. That means MACs, Raspberry Pis and other misc hardware is out. Then, the kernel is built for a specific architecture family. A kernel built for x86_64 won't be happy on ARM. Or RISCV. Or... If your distro has taken those hurdles, you'll still be left with some funny things. Kernel modules for hardware you hadn't in your first motherboard. Network scripts might be set up to look for a specific MAC address which won't "be" in your new machine. Your fstab might be referencing file systems which have moved around (this is one of the cases where label based or UUID based file system referencing clearly "wins"). In the latter cases, chances are good that you'll get enough of your system up to "fix" things. Be prepared to invest some time, and to learn a thing or two :-) Cheers -- t signature.asc Description: PGP signature
Re: 5.15 kernel just won't do on Intel Rocket Lake...
On 2022-02-14 23:00, David wrote: > On Tue, 15 Feb 2022 at 10:14, David Wright wrote: >> On Mon 14 Feb 2022 at 00:40:11 (-0500), Felix Miata wrote: >>> Felix Miata composed on 2022-02-13 23:53 (UTC-0500): David Wright composed on 2022-02-10 09:27 (UTC-0600): > On Thu 10 Feb 2022 at 03:39:26 (-0500), Felix Miata wrote: > >>> The apt*/dpkg system generally seems rather resistant to showing uninstalled >>> package versions, except for the aptitude "extension". > >> Come to think of it, I don't think I can help at all, beyond >> suggesting that you regularly download the names of the new >> kernels that appear in the pool itself. > >> Yesterday you posted that: "apt-cache and aptitude don't seem to know that >> http://ftp.us.debian.org/debian/pool/main/l/linux/linux-image-5.16.0-trunk-amd64-unsigned_5.16.4-1~exp1_amd64.deb >> exists." > >> AIUI, your apt* tools can only find what's indexed in dists/ rather >> than anything that happens to be in the pool, but I'm not familiar >> with the policy issues (as a non-developer). I don't think dpkg >> makes that its business at all. > >> BTW the red line (attached) indicates that "trunk" doesn't appear >> on the page. (It's a term I don't understand.) > > I found an explanation of "trunk" in Section 5.2.1 here: > https://kernel-team.pages.debian.net/kernel-handbook/ch-versions.html > > I don't know what I'm talking about, but it looks like "trunk" packages > are regularly added into NEW queue (and experimental repo?): > > https://lists.debian.org/cgi-bin/search?P=trunk&DEFAULTOP=and&B=Gdebian-kernel&SORT=0&HITSPERPAGE=50&xP=trunk > > I imagine that they might be short-lived packages because they > might be quickly superceded with a later ABI name when they > transition to unstable. Just guessing, because I might learn > something when someone corrects me. I don't know much and > struggle to remember details in this area because I don't > need to regularly think about it. > You make some unfounded and quick link that don't exist. There's nothing in common between the "trunk" branch in the Linux Kernel itself (trunk branch being used for release management purpose and versioning) AND the Debian packaging. https://www.debian.org/releases/ https://wiki.debian.org/DebianKernel https://wiki.debian.org/KernelFAQ The Debian development of the Kernel is done in it's own salsa git repository, independent from the Linux Kernel repository. Like all other package, there's a upstream branch that get pull into the repository when needed. https://salsa.debian.org/kernel-team/linux.git https://salsa.debian.org/kernel-team/linux/-/branches -- Polyna-Maude R.-Summerside -Be smart, Be wise, Support opensource development OpenPGP_signature Description: OpenPGP digital signature
Re: 5.15 kernel just won't do on Intel Rocket Lake...
On Tue, 15 Feb 2022 at 10:14, David Wright wrote: > On Mon 14 Feb 2022 at 00:40:11 (-0500), Felix Miata wrote: > > Felix Miata composed on 2022-02-13 23:53 (UTC-0500): > > > David Wright composed on 2022-02-10 09:27 (UTC-0600): > > >> On Thu 10 Feb 2022 at 03:39:26 (-0500), Felix Miata wrote: > > The apt*/dpkg system generally seems rather resistant to showing uninstalled > > package versions, except for the aptitude "extension". > Come to think of it, I don't think I can help at all, beyond > suggesting that you regularly download the names of the new > kernels that appear in the pool itself. > Yesterday you posted that: "apt-cache and aptitude don't seem to know that > http://ftp.us.debian.org/debian/pool/main/l/linux/linux-image-5.16.0-trunk-amd64-unsigned_5.16.4-1~exp1_amd64.deb > exists." > AIUI, your apt* tools can only find what's indexed in dists/ rather > than anything that happens to be in the pool, but I'm not familiar > with the policy issues (as a non-developer). I don't think dpkg > makes that its business at all. > BTW the red line (attached) indicates that "trunk" doesn't appear > on the page. (It's a term I don't understand.) I found an explanation of "trunk" in Section 5.2.1 here: https://kernel-team.pages.debian.net/kernel-handbook/ch-versions.html I don't know what I'm talking about, but it looks like "trunk" packages are regularly added into NEW queue (and experimental repo?): https://lists.debian.org/cgi-bin/search?P=trunk&DEFAULTOP=and&B=Gdebian-kernel&SORT=0&HITSPERPAGE=50&xP=trunk I imagine that they might be short-lived packages because they might be quickly superceded with a later ABI name when they transition to unstable. Just guessing, because I might learn something when someone corrects me. I don't know much and struggle to remember details in this area because I don't need to regularly think about it.
Re: Throw an hard drive with Debian installation into...
On 2022-02-14 19:58, Thomas Anderson wrote: > I am curious, what would happen if I threw a fully functionally, > > Linux installation (HDD) into an entirely different hardware configuration: > > Different Process AMD->Intel? > > Ram/mobo I assume doesn't matter? > > I half expect it to boot up, and be fully functional. > > But, I have not tested it. > > I am not mailing the list this question, as a theoretically. I would > actually > > like to upgrade my hardware, as the gains would be Ok (32GB Ram >16GB), > > but would not be drastic, so I wouldn't bother if I had to re-setup all the > > software again. > If you have the required driver inside your kernel or in the initrd then you shouldn't have any problem. As a easy example, you boot using the install DVD/USB stick and a unique kernel is used for both AMD/Intel x64. You may need some configuration of network card and other things if their reference change. That's all... -- Polyna-Maude R.-Summerside -Be smart, Be wise, Support opensource development OpenPGP_signature Description: OpenPGP digital signature
Re: Misremembered (was: Re: Stupid question)
On Tue, 15 Feb 2022 at 10:24, David Wright wrote: > Effectively, Grub has two shells, Grub> and Grub rescue>, depending on > whether the "normal" module has been loaded, and about the only thing > you can sensibly do without normal is to find it and insmod it. > But most people will never see rescue, Not good enough, they need to try harder to break things! :) > and with patience it's usually > fairly straightforward to stumble your way round the system with ls, > and find something to boot or chainload. > > BTW a very useful command to kick off with in Grub is: > > Grub> set pager=1 > > without which it can be hard to use: > > Grub> help This is very true. It really should be the default. There is: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763025 https://savannah.gnu.org/bugs/index.php?43307 Still open, but apparently overlooked. I imagine it would be a simple patch that probably would be accepted.
Re: Stupid question
On Tue, 15 Feb 2022 at 07:57, Andrei POPESCU wrote: > On Lu, 14 feb 22, 10:41:52, Chuck Zmudzinski wrote: > > How does it decide which partition to boot from? I think this is what > > the OP is asking. > As far as I understand the path to search for the second stage, modules > and grub.cfg is defined when installing the first stage in the MBR. > By default it should be /boot/grub of the OS used to run grub-install > from, but I think the --root-directory parameter can be used to change > that. A minor typo correction for the avoidance of doubt for any readers ... To "change that" you would use the --boot-directory parameter of 'grub-install' command, see 'man 8 grub-install'. ie "--boot-directory" not "--root-directory"
Throw an hard drive with Debian installation into...
I am curious, what would happen if I threw a fully functionally, Linux installation (HDD) into an entirely different hardware configuration: Different Process AMD->Intel? Ram/mobo I assume doesn't matter? I half expect it to boot up, and be fully functional. But, I have not tested it. I am not mailing the list this question, as a theoretically. I would actually like to upgrade my hardware, as the gains would be Ok (32GB Ram >16GB), but would not be drastic, so I wouldn't bother if I had to re-setup all the software again.
Re: system freeze older iMac Debian 11
On Thu, Jan 27, 2022 at 08:24:57AM -0800, Bob Crochelt wrote: > > > On Wed, Jan 26, 2022, at 18:14, Felix Miata wrote: > > Bob Crochelt composed on 2022-01-26 17:25 (UTC-0800): > > > > > inxi output attached. > > > > Your iMac's BIOS date is about a month earlier than mine. Likely the only > > difference between ours is you have G92M [GeForce 8800M GTS] while I have > > RV630/M76 [Mobility Radeon HD 2600 XT/2700]. If yours is anything like > > mine, it > > generates a lot of heat. Has yours ever had an internal cleaning? It may > > need its > > heat sink compound on CPU and/or GPU replaced. System freezes are a common > > symptom > > of overheating. Also, RAM is subject to failure with age and overheating. > > Have you > > tried running memtest86? > > -- > > Evolution as taught in public schools is, like religion, > > based on faith, not based on science. > > > > Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! > > > > Felix Miata > > > Hi again Felix, > I've thought about cleaning the machine, and watched videos of opening one of > these up, and am intimidated by it. Looks beyond my abilities. Redoing the > heat sink compound probably is. I've lived in small rural communities that > don't have computer services readily available. I could look for an apple > place or take it to the nearest apple store, since that is closer to where I > live now. hard drive is old too so would probably change that out too. > Machine ran without difficulty overnight, and got through a teams meeting > this morning without problem, running gnome on Wayland. Perhaps that is the > way forward. > Tried to run memtest86 from the grub menu but it just seemed to sit there, > will try that again today. > thanks > Bob Crochelt Hi Felix, thought you might like a little more followup. I wound up trying: apt remove nvidia* and I still have graphics, and the system is running much cooler. No freezes with fvwm, though gnome is still buggy for me, and I have trouble with it coming back to life after the screen blanks. I know your system has different graphics than mine. Best, Bob Crochelt
Re: Misremembered (was: Re: Stupid question)
On Mon 14 Feb 2022 at 12:13:20 (-0500), Chuck Zmudzinski wrote: > On 2/14/2022 10:19 AM, Bijan Soleymani wrote: > > On 2022-02-14 10:02, rhkra...@gmail.com wrote: > > > I think I did mis-remember this, and the behavior I described > > > is more like the > > > behavior of the Debian installer (i.e., it boots an image (with a Linux > > > kernel) into RAM to use temporarily for the installation. What actually boots up in a typical Debian installer (that's netinst in my case) is, from what I can understand from observations, quite varied. Looking at the ISO, there's isolinux and an El Torito section for booting as a DVD, some EFI stuff that heads into Grub, autorun/setup exe files that look like Windows software, and even loadlin for good old DOS to run. And, of course, you can point your extant installation's Grub at the ISO's kernel and initrd in order to boot it where you have no slot/socket/CD/DVD/floppy or connector of any sort to push something into. But the end result is the same: decompressing and loading the vmlinuz kernel together with one of the initrd instances. And that kernel remains in operation until you reboot into your new system. > AFAIK a ramdisk image is not only loaded when using the Debian > installer, it is also loaded when booting a full installation on a > disk. For example, the initrd.img-5.10.0-11-amd64 file that is created > when installing a kernel and installed under /boot on bullseye systems > contains the compressed contents of a filesystem that is loaded into > RAM upon initial boot, and AFAIK that filesystem does not contain a > kernel but it does contain kernel modules that are binary-compatible > with the running kernel to support the proper initialization of > various hardware. The main job of that initrd environment is to find > and mount the installed root filesystem that is usually on an SSD > these days. I wish! :) But yes, the initrd for an installed system does just that. OTOH the initrd for the debian-installer becomes the OS used for building the new system onto the device mounted on its /target directory. When you reboot, it's thrown away. > > > I just wanted to try to correct this for posterity. > > > > > > If anyone can confirm this (both my mistake about grub and my (new) > > > recollection about the Debian installer, those would be good things.:-) > > > > Not sure about the Debian installer (except that it does boot and > > run Linux, but not sure it ever switches to another kernel > > midway), but the Grub bootloader is kind of a mini-OS, in that it > > can read files from filesystems (rather than some other > > bootloaders that read from specific sectors/blocks of a disk). I think that confuses the issue. Grub is just a program, not an OS. It can run commands from a shell, and it can load lots of drivers, but that doesn't even qualify it as a single-user OS. It's technically correct to say that Grub is designed with a "kernel" and modules, but that's mainly a way of saving space in the final product, by having as little excess code included as possible. There's no concept of kernel- and user-space. They could have as easily named the kernel.img "trunk.img", and core.img "body.img", to illustrate how Grub is agglomerated. > > Which is to say if you boot to grub and you are in the grub menu > > and see there is no entry for the particular kernel (or OS) you > > want, you can edit the boot parameters for any menu entry you see > > and boot the missing kernel (or OS) from then and there. (with > > other bootloaders you'd have to boot to the OS or boot from a live > > CD to modify the boot loader parameters). > > Also, grub has its own shell, and sometimes if something is not > configured right, grub may drop into its shell where a knowledgeable > user can type in commands such as the ls command to list files on the > disks attached to the system and the configfile command which can be > used to load the grub configuration if for some reason grub was unable > to find the grub.cfg file that tells grub how to boot the system. This > is a useful feature for those who know how to use it, and it has saved > me from having to reinstall on more that one occasion. Effectively, Grub has two shells, Grub> and Grub rescue>, depending on whether the "normal" module has been loaded, and about the only thing you can sensibly do without normal is to find it and insmod it. But most people will never see rescue, and with patience it's usually fairly straightforward to stumble your way round the system with ls, and find something to boot or chainload. BTW a very useful command to kick off with in Grub is: Grub> set pager=1 without which it can be hard to use: Grub> help Cheers, David.
Re: Booting with Grub, was Re: Stupid question
On Mon 14 Feb 2022 at 10:41:52 (-0500), Chuck Zmudzinski wrote: > On 2/13/2022 11:23 AM, Andrei POPESCU wrote: > > On Du, 13 feb 22, 02:40:27, Chuck Zmudzinski wrote: > > > This is my understanding of how grub works. > > > > > > It looks you are using the old MBR partitioning scheme. The logical > > > partition indicates that. > > > So I also assume you are using the legacy booting (not UEFI). So the first > > > thing that > > > happens is that you will have an active partition set that your BIOS will > > > boot (if you have > > > standard bootcode installed in the first sector of the disk). > > Legacy BIOS doesn't have an understanding of partitions, it will just > > look for a bootloader in the MBR of the mass storage device chosen to > > boot from. > > > > The active / bootable flag was (still is?) a Microsoft thing[1], Linux > > bootloaders never cared about it and can load operating systems > > regardless if the corresponding partition is marked active or not. > > > > [1] as far as I recall it was used in DOS times to let the bootloader > > know which is the system partition, but it could be (ab)used for > > multi-booting ;) > > That's a good clarification that the active partition is a Microsoft thing > implemented by the bootcode Microsoft installs in the MBR of the device > chosen to boot from. Now for an unanswered question: What > does bootcode installed by Debian Linux in the MBR do? How does it > decide which partition to boot from? I think this is what the OP > is asking. By reading the grub.cfg that Grub is directed to use by the grub-install command. In my post, I tried to keep it simple for the OP by instructing them to run grub-install from the installation whose /boot/grub/grub.cfg was to be read. Of course, Grub, being Grub, and grandly universal, you don't have to do it like that, as David ably showed. You can install Grub by running grub-install from anywhere, and directing it to use files from anywhere else. man 8 grub-install. The point is that when you install Grub into the MBR (plus the BIOS Boot partition on GPT disks), you build a program that can read devices and filesystems: hence it can find a /boot/grub/grub.cfg wherever it is placed. Both the Grub MBR and the Windows one are relatively "thick", but not stupid. After all, there aren't many bytes in one sector. The distinction is that Windows-MBR will jump to the partition marked by the boot flag, whereas Grub-MBR jumps to a fixed location (built in when you install it) where its core-image (actually its core-iamge-loader) is located. That image is necessarily outside any filesystem so that it can't get moved by fs operations. (As GPT disks don't necessarily contain any such areas, that's why you need a BIOS Boot partition, as a playground for Grub.) It's the core image that's really clever. Disclaimers: Everything above assumes BIOS booting. Windows-MBR is an oversimplification, but the distinction between the two is what's important here. There has been some evolution in capabilities (not much), and not all originate from Microsoft either. Cheers, David.
Re: Add GRUB modules to core-Image
On Mon 14 Feb 2022 at 10:54:21 (+0100), basti wrote: > Hello, > > I try to use a USB Serial-Converter to output the grub menu on a > Serial port. > > By the way the output is working at kernel boot time. (I See it on the > remote host) > > How can I add usbserial_pl2303.mod to the GRUB core image? > > The file is located in /boot/grub/i386-pc/ on the root partition but I > can't see it in /boot/grub/i386-pc/ in the grub shell. In the grub shell, try: Grub> insmod usbserial_pl2303 (If you can't remember its entire name, you may find that Grub> insmod usbsp works, with the TAB invoking the completion facility.) To make it permanent, you can edit /etc/default/grub. This file has # info -f grub -n 'Simple configuration' near the top, and that command can find you the option for adding: GRUB_PRELOAD_MODULES=usbserial_pl2303 After adding that line, rerun: # update-grub to incorporate it into your grub.cfg. Cheers, David.
Re: Uninstalling a package removes other essential packages: What is the best course of action?
On Mon 14 Feb 2022 at 11:18:12 (+0100), Stella Ashburne wrote: > > Sent: Monday, February 14, 2022 at 1:02 AM > > From: "David Wright" > > > > Tee-hee. We Brits can sneak our code into Debian without arousing > > suspicion — we just label it "english". That's when we bother to > > label it at all — > > Indeed and the world is fortunate to have James and Jane Bond with their > sidekick Q to maintain world peace. > > Over here, we can count on Jason Bourne, Jack Ryan and Jack Reacher to do the > same job. > > In more recent memory, the real hero is undoubtedly Edward Snowden who > revealed to the world the extent of NSA's snooping. > > > Most of it just slips in as the default language > > of Debian. > > Does Debian have a default language? What is it? Latin? Esperanto? American > English? Perhaps the simplest way of answering this is to configure your system with /etc/default/locale file as LANG=C.UTF-8, and unset any specific i18n or L10n settings and see what you get. Perhaps try again in 50 years: it could differ. But in view of that single letter in your reply, and another post on d-u, I'll not bother to continue this thread. I'm just not interested in taking what looks to me like a xenophobic approach to foreign language scripts or anything else in Debian. People who are genuinely concerned about security vulnerabilities normally work on fixing them, rather than spreading insinuations of conspiracies. Cheers, David.
Re: 5.15 kernel just won't do on Intel Rocket Lake...
On Mon 14 Feb 2022 at 00:40:11 (-0500), Felix Miata wrote: > Felix Miata composed on 2022-02-13 23:53 (UTC-0500): > > David Wright composed on 2022-02-10 09:27 (UTC-0600): > >> On Thu 10 Feb 2022 at 03:39:26 (-0500), Felix Miata wrote: > > >>> ...if you have a bad BIOS, and wish to boot with more than one connected > >>> display. > >>> https://gitlab.freedesktop.org/drm/intel/-/issues/4762 explains the > >>> issue, which > >>> has just been announced fixed. But, it appears the fix may only be > >>> landing in > >>> kernel 5.17rc3. > ... > > # aptitude search linux-image > ... > > p linux-image-5.17.0-rc3-amd64-unsigned - Linux 5.17-rc3 for 64-bit PCs > > Installing this one didn't help: > # uname -a > Linux ab560 5.17.0-rc3-amd64 #1 SMP PREEMPT Debian 5.17~rc3-1~exp1 > (2022-02-11) I can't help with the underlying problem of kernel patches. > What search will return enough information to know when this has been replaced > with a newer rc3 build or rc4 or newer, like the following does:? > # zypper se -s nel-def | egrep -v 'devel|debug|base|src|586' > Loading repository data... > Reading installed packages... > > S | Name | Type | Version | Arch | Repository > ---+++--++--- > il | kernel-default | package| 5.16.7-1.1.g0503f69 | x86_64 | (System > Packages) > il | kernel-default | package| 5.16.3-4.1.gc7377e3 | x86_64 | (System > Packages) > vl | kernel-default | package| 5.16.9-4.1.g704dc30 | x86_64 | > homeTiwaiSimpledrm > vl | kernel-default | package| 5.16.8-1.1 | x86_64 | OSS > # inxi -S > System: > Host: ab560 Kernel: 5.16.7-1.g0503f69-default x86_64 bits: 64 > Console: pty pts/0 Distro: openSUSE Tumbleweed 20220130 > # > The homeTiwaiSimpledrm 5.16.7 kernel includes the fix for the thread subject > problem. > > The apt*/dpkg system generally seems rather resistant to showing uninstalled > package versions, except for the aptitude "extension". Come to think of it, I don't think I can help at all, beyond suggesting that you regularly download the names of the new kernels that appear in the pool itself. Yesterday you posted that: "apt-cache and aptitude don't seem to know that http://ftp.us.debian.org/debian/pool/main/l/linux/linux-image-5.16.0-trunk-amd64-unsigned_5.16.4-1~exp1_amd64.deb exists." I suppose it's an indication of how quickly things change that I get: $ wget http://ftp.us.debian.org/debian/pool/main/l/linux/linux-image-5.16.0-trunk-amd64-unsigned_5.16.4-1~exp1_amd64.deb --2022-02-14 09:10:18-- http://ftp.us.debian.org/debian/pool/main/l/linux/linux-image-5.16.0-trunk-amd64-unsigned_5.16.4-1~exp1_amd64.deb Resolving ftp.us.debian.org (ftp.us.debian.org)... 64.50.236.52, 64.50.233.100, 208.80.154.139, ... Connecting to ftp.us.debian.org (ftp.us.debian.org)|64.50.236.52|:80... connected. HTTP request sent, awaiting response... 404 Not Found 2022-02-14 09:10:18 ERROR 404: Not Found. $ AIUI, your apt* tools can only find what's indexed in dists/ rather than anything that happens to be in the pool, but I'm not familiar with the policy issues (as a non-developer). I don't think dpkg makes that its business at all. BTW the red line (attached) indicates that "trunk" doesn't appear on the page. (It's a term I don't understand.) Cheers, David.
Re: Request free live CD
On Sat, 12 Feb 2022 14:09:29 +0100
Andrei POPESCU wrote:
> On Jo, 10 feb 22, 20:05:32, Celejar wrote:
> > On Thu, 10 Feb 2022 16:47:18 +0100
> > wrote:
> >
> > > On Thu, Feb 10, 2022 at 03:05:26PM +0100, Dozzyjean Dozie wrote:
> > > > Please I will be very much interested to get a live CD from you, please
> > > > what are the prerequisites that are needed to be archived this request
> > > > free
> > > > cd for free from you.
> > >
> > > See here:
> > >
> > > https://www.debian.org/CD/free-linux-cd
> > >
> > > Since burning a CD and putting into the mail costs money, you can't
> > > expect someone doing it for you. In the above page it is explained
> >
> > I'm genuinely curious about this: time and money are both scarce and
> > precious resources. Why is there an assumption that people will gladly
> > donate of their time to help others, but not their money? Is it because
> > the assumption is that the person asking for help should just spend
> > his own money, but may not be able to solve his problem by spending his
> > own time?
>
> Assuming I might have a decent internet connection, a disc burner and
> spare blank media I might consider helping out.
>
> However, this particular request feels too much like someone just
> wanting to take advantage of some freebie ("hey, I heard you give out
> stuff for free so I want some"), as opposed to someone in real need
> (hey, internet here is slow and/or metered, media burners are nowhere to
> be found, etc., could someone help out?").
Totally understandable. Just to be clear, I did not mean to criticize
or accuse anyone of irrationality or hypocrisy - I was just curious
about the mindsets of open source devotees.
Celejar
Re: Memory leak
On Sat, 12 Feb 2022 12:49:15 -0500 Stefan Monnier wrote: > > As I mentioned (briefly) in my original post, yes, I experience concrete > > problems: the system either grinds to a halt or becomes unresponsive, > > or hits swap and becomes intolerably slow. > > Sorry I missed that part. > I think that's what you should focus on: try and run some background > collection of timestamped system state (CPU use and memory use) and then > try and investigate to see what it is that was eating all the resources > during those times where the system grinds to a halt. Thank you. I actually just did a complete rebuild of my system from scratch: the old SSD was almost full and I installed a new one, so I decided to rebuild from scratch to get rid of accumulated cruft. So far things have been much better, but I'll see if problems return. Celejar
Re: Stupid question
On Lu, 14 feb 22, 10:41:52, Chuck Zmudzinski wrote: > > That's a good clarification that the active partition is a Microsoft thing > implemented by the bootcode Microsoft installs in the MBR of the device > chosen to boot from. Now for an unanswered question: What > does bootcode installed by Debian Linux in the MBR do? Typically that would be the first stage of GRUB (other boot loaders exist). In very broad terms the first stage will then load the rest of GRUB from a partition and run grub.cfg if one exists. > How does it decide which partition to boot from? I think this is what > the OP is asking. I'm guessing by "boot" here you mean GRUB itself, because once it's fully loaded it can boot OSes from any partition it can find / support. As far as I understand the path to search for the second stage, modules and grub.cfg is defined when installing the first stage in the MBR. By default it should be /boot/grub of the OS used to run grub-install from, but I think the --root-directory parameter can be used to change that. Changes to the path are typically done by reinstalling GRUB to the MBR. Hope this explains, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: Bulseye - TacacsPlus - Configure ?
On 14/02/2022 20:09, Maurizio Caloro wrote:
On 14/02/2022 19:42, Erwan David wrote:
Le 14/02/2022 à 19:30, Maurizio Caloro a écrit :
compilled and installed now *tacacs+-F5.0.0a1* with following syntax
./configure --prefix=/usr --exec-prefix=/usr --with-gnu-ld
--enable-arapdes --enable-mschap --enable-mschapdes --enable-acls
--enable-uenable --enable-maxsess --enable-finger --enable-debug
ok and it seems to run testing will start :-)
# tac_plus -v
tac_plus version F5.0.0a1
tac_pwd -e putstr0ngpassw0rdhereinside!
# cat tac_plus.conf
key = tacacs_single_key
group = admin {
default service = permit
login = file
service = exec {
priv-lvl = 15
}
}
user = Username {
member = NetAdmin
}
# netstat -tlpen | grep 49
tcp 0 0 0.0.0.0:49 0.0.0.0:* LISTEN
0 7968107 146421/tac_plus
thanks for help, yes running!
Re: Bulseye - TacacsPlus - Configure ?
On Mon, Feb 14, 2022 at 07:42:19PM +0100, Erwan David wrote: > Le 14/02/2022 à 19:30, Maurizio Caloro a écrit : > > strange in my search, the system find only one Package > > > > # apt-cache search tacacs > > libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ > > server > > # > > Bullseye 11.2 > I find libpam-tacplus only in testing and sid. 14:13 =judd> Package: libpam-tacplus on amd64 -- stretch: 1.3.8-2; buster: 1.3.8-2+deb10u1; bookworm: 1.3.8-2.1; sid: 1.3.8-2.1 Apparently it's missing from bullseye, but is in versions before and after bullseye. Yay for transient RC bugs.
Re: Bulseye - TacacsPlus - Configure ?
On 14/02/2022 19:42, Erwan David wrote: Le 14/02/2022 à 19:30, Maurizio Caloro a écrit : I always use apt-cache as it also searches on description: $ apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server libpam-tacplus - PAM module for using TACACS+ as an authentication service strange in my search, the system find only one Package # apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server # # cat /etc/apt/sources.list deb http://deb.debian.org/debian bullseye main deb-src http://deb.debian.org/debian bullseye main deb http://deb.debian.org/debian-security/ bullseye-security main deb-src http://deb.debian.org/debian-security/ bullseye-security main deb http://deb.debian.org/debian bullseye-updates main deb-src http://deb.debian.org/debian bullseye-updates main # Bullseye 11.2 I find libpam-tacplus only in testing and sid. compilled and installed now *tacacs+-F5.0.0a1* with following syntax ./configure --prefix=/usr --exec-prefix=/usr --with-gnu-ld --enable-arapdes --enable-mschap --enable-mschapdes --enable-acls --enable-uenable --enable-maxsess --enable-finger --enable-debug ok and it seems to run testing will start :-)
Re: Captive Portal Alternatives (Was: Re: miracle of Firefox in the hotel)
On Mon 14 Feb 2022 at 06:28:26 +0100, to...@tuxteam.de wrote: > On Sun, Feb 13, 2022 at 08:47:54PM +, Brian wrote: > > [...] > > > Interesting. > > > > Captive portals provide free connectivity. What's the problem? > > No. They provide captive connectivity. Did you look at the example > I provided? *This* is free connectivity. Open WLAN, DHCP, done. I provided a terse one-word comment, so it can taken for granted that I investigated your reference. Antway, thanks to you and Linix-Fan for improving my understanding. -- Brian.
Re: Bulseye - TacacsPlus - Configure ?
Le 14/02/2022 à 19:30, Maurizio Caloro a écrit : I always use apt-cache as it also searches on description: $ apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server libpam-tacplus - PAM module for using TACACS+ as an authentication service strange in my search, the system find only one Package # apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server # # cat /etc/apt/sources.list deb http://deb.debian.org/debian bullseye main deb-src http://deb.debian.org/debian bullseye main deb http://deb.debian.org/debian-security/ bullseye-security main deb-src http://deb.debian.org/debian-security/ bullseye-security main deb http://deb.debian.org/debian bullseye-updates main deb-src http://deb.debian.org/debian bullseye-updates main # Bullseye 11.2 I find libpam-tacplus only in testing and sid.
Re: Bulseye - TacacsPlus - Configure ?
I always use apt-cache as it also searches on description: $ apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server libpam-tacplus - PAM module for using TACACS+ as an authentication service strange in my search, the system find only one Package # apt-cache search tacacs libauthen-tacacsplus-perl - Perl module for authentication using TACACS+ server # # cat /etc/apt/sources.list deb http://deb.debian.org/debian bullseye main deb-src http://deb.debian.org/debian bullseye main deb http://deb.debian.org/debian-security/ bullseye-security main deb-src http://deb.debian.org/debian-security/ bullseye-security main deb http://deb.debian.org/debian bullseye-updates main deb-src http://deb.debian.org/debian bullseye-updates main # Bullseye 11.2
Re: You know what? Not only Debian but Fedora 35 has libthai too....and more
On Mon, Feb 14, 2022 at 12:06:27PM +0100, Stella Ashburne wrote: > Hi guys > > I ran some tests on almost all flavors of Fedora 35. They include: > > "Default" edition > > Fedora-Workstation-Live-x86_64-35-1.2.iso > > Network Installer > > Fedora-Everything-netinst-x86_64-35-1.2.iso > > Fedora Spins such as > > Fedora-Cinnamon-Live-x86_64-35-1.2.iso > Fedora-KDE-Live-x86_64-35-1.2.iso > Fedora-LXDE-Live-x86_64-35-1.2.iso > Fedora-LXQt-Live-x86_64-35-1.2.iso > > I actually installed each of the above and then in a terminal I typed: > > dnf list --installed|grep khmer* > dnf list --installed|grep thai* > > and the following files were installed by default: > > khmer-os-system-fonts.noarch > libthai.x86_64 > thai-scalable-fonts-common.noarch > thai-scalable-waree-fonts.noarch > Go back to look at the Debian bug we referenced. This is eleven years old and is the maintainer of (one of the variants of) libthai talking to the Debian GNOME maintainer. "libpango should not depend on libthai" ... because ... "I want to fork libthai and maintain it separately to bring it up to date". The conversation goes backwards and forwards and then there's the "OK - we need to make sure that it's there in any event, so if it's linked in with libpango that's no problem ... please anyway include these patches" "Sure thing, will do - but we're kind of busy with GNOME 3 at the moment, so it will take some time" And at that point the bug is left open - reminding people of what went on and why the decision was made that way - and tagged wontfix Very grateful to Simon McVitie (smcv) for pointing me to the original bug number in IRC. The issue is as transparent as that, more or less. > Fedora is the "upstream" of RHEL > (https://docs.fedoraproject.org/en-US/quick-docs/fedora-and-red-hat-enterprise-linux/#:~:text=Red%20Hat%20Enterprise%20Linux%20(RHEL,of%20Red%20Hat%20Enterprise%20Linux.) > > systemd was developed by Red Hat's folks, wasn't it? According to one camp, > one of its nefarious intentions is to help the NSA to easily build backdoors > to snoop on their targets of interest. > If you worry about systemd, you're going to worry far more about SELinux ... [Hint: Both are optional components of a Linux system.] > Introducing Khmer fonts, Thai fonts and libthai could be another way for the > three-letter-agencies' spooks to spy on the Linux community. What do you > think? > Or it could be a way to provide language support for a region of SE Asia with several million people? Occam's razor applies: don't multiply causes for things unless _absolutely_ necessary as real facts require it. > Best regards. > > Stella > With every good wish, as ever, Andy Cater > > >
Re: Misremembered (was: Re: Stupid question)
On 2/14/2022 10:19 AM, Bijan Soleymani wrote: On 2022-02-14 10:02, rhkra...@gmail.com wrote: I think I did mis-remember this, and the behavior I described is more like the behavior of the Debian installer (i.e., it boots an image (with a Linux kernel) into RAM to use temporarily for the installation. AFAIK a ramdisk image is not only loaded when using the Debian installer, it is also loaded when booting a full installation on a disk. For example, the initrd.img-5.10.0-11-amd64 file that is created when installing a kernel and installed under /boot on bullseye systems contains the compressed contents of a filesystem that is loaded into RAM upon initial boot, and AFAIK that filesystem does not contain a kernel but it does contain kernel modules that are binary-compatible with the running kernel to support the proper initialization of various hardware. The main job of that initrd environment is to find and mount the installed root filesystem that is usually on an SSD these days. I just wanted to try to correct this for posterity. If anyone can confirm this (both my mistake about grub and my (new) recollection about the Debian installer, those would be good things.:-) Sorry for the noise! IMHO it's not noise if you are trying to clarify or correct something. Not sure about the Debian installer (except that it does boot and run Linux, but not sure it ever switches to another kernel midway), but the Grub bootloader is kind of a mini-OS, in that it can read files from filesystems (rather than some other bootloaders that read from specific sectors/blocks of a disk). Which is to say if you boot to grub and you are in the grub menu and see there is no entry for the particular kernel (or OS) you want, you can edit the boot parameters for any menu entry you see and boot the missing kernel (or OS) from then and there. (with other bootloaders you'd have to boot to the OS or boot from a live CD to modify the boot loader parameters). Also, grub has its own shell, and sometimes if something is not configured right, grub may drop into its shell where a knowledgeable user can type in commands such as the ls command to list files on the disks attached to the system and the configfile command which can be used to load the grub configuration if for some reason grub was unable to find the grub.cfg file that tells grub how to boot the system. This is a useful feature for those who know how to use it, and it has saved me from having to reinstall on more that one occasion. Chuck
Re: Uninstalling a package removes other essential packages: What is the best course of action?
On Mon, Feb 14, 2022 at 11:18:12AM +0100, Stella Ashburne wrote: > Dearie > > > Most of it just slips in as the default language > > of Debian. > > Does Debian have a default language? What is it? Latin? Esperanto? American > English? > Probably N. European English as learned in school - which covers most denizens of the UK, Ireland, Netherlands, Germany, Austria, Switzerland - and also Australia and NZ (and Commonwealth English - which is largely influenced by British spelling - Canadian is a hybrid spelling.) If English is not your first language, then your English will normally be determined by where your English teacher studied. This question came up - I think on debian-devel many years ago - and somebody said, as I remember it: - "British/American English - it really doesn't matter if you'll accept bad English" - and I think that's the right attitude. Debian does support many languages - but the level of translation and percentage of wiki/www.debian.org is significantly higher for some than for others. With every good wish, as ever, Andy Cater > Best regards. > > Stella >
Re: Request free live CD
On 2022-02-14, Celejar wrote: >> >> Because your premise is false, and there is no equivalence between time >> and money. > > I have no premise of an "equivalence" between time and money; the > question of why people distinguish between them is nevertheless a People distinguish between them exactly because there's no equivalence between them. If you can't understand how helping some aged neighbor carry groceries into the house might be undertaken with a certain blithe alacrity by the same person who'd think twice about forking over dough to the old dame when she hits him up unexpectedly for a ten spot, then I don't think anyone here will be able to enlighten you. > Celejar > > --
Re: Request free live CD
Celejar wrote on 11/02/2022 at 02:05:32+0100: > On Thu, 10 Feb 2022 16:47:18 +0100 > wrote: > >> On Thu, Feb 10, 2022 at 03:05:26PM +0100, Dozzyjean Dozie wrote: >> > Please I will be very much interested to get a live CD from you, please >> > what are the prerequisites that are needed to be archived this request free >> > cd for free from you. >> >> See here: >> >> https://www.debian.org/CD/free-linux-cd >> >> Since burning a CD and putting into the mail costs money, you can't >> expect someone doing it for you. In the above page it is explained > > I'm genuinely curious about this: time and money are both scarce and > precious resources. Why is there an assumption that people will gladly > donate of their time to help others, but not their money? Is it because > the assumption is that the person asking for help should just spend > his own money, but may not be able to solve his problem by spending his > own time? I'm already buying money with my time, so giving it is giving what I need to pay my rent and my fill my fridge and it's also giving my time. Deciding about how to allocate my free time is quite easier and just costs me… time. -- PEB signature.asc Description: PGP signature
Re: Request free live CD
Celejar wrote: > > I have no premise of an "equivalence" between time and money; the > question of why people distinguish between them is nevertheless a > legitimate one, since they are both scarce resources which people have > to prioritize and allocate between their own personal needs and those of > others. Also note that you are asking a community of people who donate their time whether they prefer to donate their time or money... you might get a different result if you asked some other group. -dsr-
Re: Stupid question
On 2/13/2022 11:23 AM, Andrei POPESCU wrote: On Du, 13 feb 22, 02:40:27, Chuck Zmudzinski wrote: This is my understanding of how grub works. It looks you are using the old MBR partitioning scheme. The logical partition indicates that. So I also assume you are using the legacy booting (not UEFI). So the first thing that happens is that you will have an active partition set that your BIOS will boot (if you have standard bootcode installed in the first sector of the disk). Legacy BIOS doesn't have an understanding of partitions, it will just look for a bootloader in the MBR of the mass storage device chosen to boot from. The active / bootable flag was (still is?) a Microsoft thing[1], Linux bootloaders never cared about it and can load operating systems regardless if the corresponding partition is marked active or not. [1] as far as I recall it was used in DOS times to let the bootloader know which is the system partition, but it could be (ab)used for multi-booting ;) Kind regards, Andrei That's a good clarification that the active partition is a Microsoft thing implemented by the bootcode Microsoft installs in the MBR of the device chosen to boot from. Now for an unanswered question: What does bootcode installed by Debian Linux in the MBR do? How does it decide which partition to boot from? I think this is what the OP is asking. Regards, Chuck
Re: Misremembered (was: Re: Stupid question)
On 2022-02-14 10:02, rhkra...@gmail.com wrote: I think I did mis-remember this, and the behavior I described is more like the behavior of the Debian installer (i.e., it boots an image (with a Linux kernel) into RAM to use temporarily for the installation. I just wanted to try to correct this for posterity. If anyone can confirm this (both my mistake about grub and my (new) recollection about the Debian installer, those would be good things.:-) Sorry for the noise! Not sure about the Debian installer (except that it does boot and run Linux, but not sure it ever switches to another kernel midway), but the Grub bootloader is kind of a mini-OS, in that it can read files from filesystems (rather than some other bootloaders that read from specific sectors/blocks of a disk). Which is to say if you boot to grub and you are in the grub menu and see there is no entry for the particular kernel (or OS) you want, you can edit the boot parameters for any menu entry you see and boot the missing kernel (or OS) from then and there. (with other bootloaders you'd have to boot to the OS or boot from a live CD to modify the boot loader parameters). Bijan
Re: Request free live CD
On Sun, 13 Feb 2022 12:36:04 - (UTC) Curt wrote: > On 2022-02-11, Celejar wrote: > >> > >> https://www.debian.org/CD/free-linux-cd > >> > >> Since burning a CD and putting into the mail costs money, you can't > >> expect someone doing it for you. In the above page it is explained > > > > I'm genuinely curious about this: time and money are both scarce and > > precious resources. Why is there an assumption that people will gladly > > donate of their time to help others, but not their money? Is it because > > the assumption is that the person asking for help should just spend > > his own money, but may not be able to solve his problem by spending his > > own time? > > Because your premise is false, and there is no equivalence between time > and money. I have no premise of an "equivalence" between time and money; the question of why people distinguish between them is nevertheless a legitimate one, since they are both scarce resources which people have to prioritize and allocate between their own personal needs and those of others. Celejar
Misremembered (was: Re: Stupid question)
On Saturday, February 12, 2022 09:04:50 AM rhkra...@gmail.com wrote: > The way I understand it (but I may be misremembering), grub temporaily > boots into a, well I'll say restricted Linux kernel and OS which is used > by grub until it boots up the main system. The kernel used in grub may > not (probably doesn't match the kernel used after grub brings up the main > system, and it wil bring up the appropriate kernel for that main system > (the one you choose). I think I did mis-remember this, and the behavior I described is more like the behavior of the Debian installer (i.e., it boots an image (with a Linux kernel) into RAM to use temporarily for the installation. I just wanted to try to correct this for posterity. If anyone can confirm this (both my mistake about grub and my (new) recollection about the Debian installer, those would be good things. :-) Sorry for the noise!
Re: Request free live CD
On Fri, 11 Feb 2022 19:10:58 -0500 rhkra...@gmail.com wrote: > On Friday, February 11, 2022 02:44:26 PM Celejar wrote: > > Fair enough, although the question then is why we enjoy giving of our > > time but not our money. I assume that a primary motive of many (I can't > > speak for anyone in particular, of course) who give of their time is a > > desire to help others, and the act of helping others is what provides > > enjoyment to them, so then the question is why they would not enjoy > > helping others with financial contributions. > > For me, it is easier (emotionally) to give time rather than money. Although > I'm not too bad off re money, I don't get my supply renewed everyday (well, > for > the most part, I do now get SS (in the US). True. On the other hand, one's time on this earth is limited, while money is, at least for some, less of a rigid constraint. Celejar
Re: You know what? Not only Debian but Fedora 35 has libthai too....and more
Hello, On Mon, Feb 14, 2022 at 12:06:27PM +0100, Stella Ashburne wrote: > systemd was developed by Red Hat's folks, wasn't it? According to > one camp, one of its nefarious intentions is to help the NSA to > easily build backdoors to snoop on their targets of interest. You are listening to the very worst of the lunatic fringe. This really is QAnon-level silliness. systemd and all of Fedora is open source. While it's certainly not impossible to actively embed back doors in open source software, it's not a very good place to do so because it could be found by anyone at any time and then would need to be explained. To do the above, the three letter agency would need to plant operatives in private companies or force the company to take action without them admitting to it. If they are going to do that, they would be better off putting it in the CPU or the firmware where it's closed source and only ever going to be found by reverse engineering or leaked by someone internal to those companies. > Introducing Khmer fonts, Thai fonts and libthai could be another > way for the three-letter-agencies' spooks to spy on the Linux > community. What do you think? I think you are using debian-user in a write-only fashion, possibly because there is no more room left in your head what with all the conspiracy theories you entertain. It has been repeatedly explained to you why binary distributions like Debian (and Fedora and many others) will have lots of dependencies that are meaningless to you, but useful for others. Please, give up on this "I fear being pwned by a font" nonsense. Or else just use a distribution that lets you leave out dependencies you don't like. Regards, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: You know what? Not only Debian but Fedora 35 has libthai too....and more
Le 14/02/2022 à 13:23, Thomas Schmitt a écrit : Hi, Dan Ritter wrote: You can point at the CIA, the NSA, the FBI, and the KGB. How come nobody ever thinks of our german BND when it's about successful conspiracy ? Maybe because theirs are really successfull.
Re: Uninstalling a package removes other essential packages: What is the best course of action?
On 2022-02-14 at 05:28, Stella Ashburne wrote: > Hi Andy > >> From: "Andrew M.A. Cater" >> >> Stella (and others) >> >> This is apparently a long standing bug from pango1.0 >> >> Debian bug #565500 >> >> and has been outstanding for a decade or so. > > And why has the decade-old bug not been resolved, may I ask? I have only a vague guess about this, based on reading the bug report and the other bug reports (not all on the Debian bug tracker) linked from it. Your guess on that front may well be as good as mine; have you read those bug reports? > Won't it pose a security risk such as in escalation of root > privileges? Only if libthai itself contains a security vulnerability which would make such escalation possible - in which case it would be more important and more appropriate to fix that bug than to fix this one. >> Thai poses interesting font, formatting and display properties - if >> you're not Thai, it doesn't matter to you, but, as you can see it's >> fairly well embedded into various libraries. > > I wonder who embed Thai fonts and code in the first place.. I think you're reading this wrong. If you look at the package description for libpango-1.0-0 (which, as pointed out elsewhere, depends on libthai0 and is the reason why libthai0 is installed on your system), you'll see that it says in part: >>> Pango is a library for layout and rendering of text, with an >>> emphasis on internationalization. Pango can be used anywhere >>> that text layout is needed. It includes layout-and-rendering support for many, many languages. What this means in practice is that it implements a set of functions which other programs can call when they want to delegate the task of laying out and rendering text. The benefit of using those functions when writing a program, rather than handling the work yourself, is that A: you have less work to do, and B: you can automatically get layout and rendering right for every language the library supports, rather than having to worry about implementing every single one of them yourself. Most of the languages supported by Pango do not depend on language-specific external libraries; the code to support them is either internal to Pango, or contained in non-language-specific internal libraries. The Thai language (and apparently also related languages, such as Lao) is an exception, because the rules for laying it out and rendering it are both sufficiently complex and sufficiently distinct from those needed by most other languages that it was deemed better to implement that logic as a separate library. Any program that wants to let its text be translated into languages which use layout, etc., rules that differ from the language in which that text was written is likely to use libpango. Because libpango provides this type of support for Thai by depending on an external library, installing any of those programs will result in installing not only libpango-1.0-0, but also libthai0. None of those programs have embedded Thai fonts, or "Thai code" (whatever one might intend that to mean) - at least not by this avenue, and probably not at all. Rather, they have simply delegated layout and rendering work to libpango, by calling appropriate functions (which will cause the program to break if libpango is not available). libpango has also not embedded either of those things. Rather, it has delegated the task of laying out and rendering Thai-language text to libthai, by calling appropriate functions (which will cause the library, and the programs calling it, to break if libthai is not available). If a program on your system is configured to display Thai text - for example, if you go to a Website which contains text written in that language, such as https://en.wikipedia.org/wiki/Thai_language, and your browser is configured to display that Website as intended - then very probably the program will call the functions in libpango, which will recognize the Thai language and call the functions in libthai, which will do the layout-and-rendering work, and return the result up the stack, so that the program will be able to display the text correctly. If no program on your system ever encounters Thai text in a way that makes it want to call those functions, then the code in libthai will never actually run on your system. (And therefore your system will not be at risk from any security vulnerabilities contained in that code.) Please note that the only way that Thai is special here is that its support is provided by a language-specific external library. Pango contains comparable support for many, many other languages, they're just all implemented internally or using non-language-specific external libraries. Given that the intent of libpango is to provide support for layout and rendering of all of these languages, the alternative to having it depend on libthai0 would not be to omit the code which supports these things; rather, it would be to include that code in libpango-1.0-0 itself directly,
Re: You know what? Not only Debian but Fedora 35 has libthai too....and more
Hi, Dan Ritter wrote: > You can point at the CIA, the NSA, the FBI, and the KGB. How come nobody ever thinks of our german BND when it's about successful conspiracy ? Have a nice day :) Thomas
Re: You know what? Not only Debian but Fedora 35 has libthai too....and more
Stella Ashburne wrote: > > Introducing Khmer fonts, Thai fonts and libthai could be another way for the > three-letter-agencies' spooks to spy on the Linux community. What do you > think? I think that when someone claims that there is a conspiracy that is using a particular method, you need to have evidence of both the conspiracy and the method. You can point at the CIA, the NSA, the FBI, and the KGB. Fair enough. They exist. But if you haven't read the source code, and you don't have any other evidence, then there is no vulnerability to point to. Just because they are out to get you doesn't mean that everything you see is part of their scheming. -dsr-
You know what? Not only Debian but Fedora 35 has libthai too....and more
Hi guys I ran some tests on almost all flavors of Fedora 35. They include: "Default" edition Fedora-Workstation-Live-x86_64-35-1.2.iso Network Installer Fedora-Everything-netinst-x86_64-35-1.2.iso Fedora Spins such as Fedora-Cinnamon-Live-x86_64-35-1.2.iso Fedora-KDE-Live-x86_64-35-1.2.iso Fedora-LXDE-Live-x86_64-35-1.2.iso Fedora-LXQt-Live-x86_64-35-1.2.iso I actually installed each of the above and then in a terminal I typed: dnf list --installed|grep khmer* dnf list --installed|grep thai* and the following files were installed by default: khmer-os-system-fonts.noarch libthai.x86_64 thai-scalable-fonts-common.noarch thai-scalable-waree-fonts.noarch Fedora is the "upstream" of RHEL (https://docs.fedoraproject.org/en-US/quick-docs/fedora-and-red-hat-enterprise-linux/#:~:text=Red%20Hat%20Enterprise%20Linux%20(RHEL,of%20Red%20Hat%20Enterprise%20Linux.) systemd was developed by Red Hat's folks, wasn't it? According to one camp, one of its nefarious intentions is to help the NSA to easily build backdoors to snoop on their targets of interest. Introducing Khmer fonts, Thai fonts and libthai could be another way for the three-letter-agencies' spooks to spy on the Linux community. What do you think? Best regards. Stella
Re: Uninstalling a package removes other essential packages: What is the best course of action?
Hi Andy > Sent: Sunday, February 13, 2022 at 9:14 PM > From: "Andrew M.A. Cater" > To: debian-user@lists.debian.org > Subject: Re: Uninstalling a package removes other essential packages: What is > the best course of action? > > Stella (and others) > > This is apparently a long standing bug from pango1.0 > > Debian bug #565500 > > and has been outstanding for a decade or so. And why has the decade-old bug not been resolved, may I ask? Won't it pose a security risk such as in escalation of root privileges? > Thai poses interesting font, > formatting and display properties - if you're not Thai, it doesn't matter > to you, but, as you can see it's fairly well embedded into various > libraries. I wonder who embed Thai fonts and code in the first place.. > It's about as relevant to you as the fact that the Debian installer supports > several languages: if you don't use them in install and set up the locales > they're essentially irrelevant but are there for the convenience of people > who need them. Indeed, I don't use non-English language versions during install and/or set up Thai-specific locales but libthai still ends up in my installed system. My concern is whether libthai poses a security risk to Debian users. Best regards. Stella
Re: Uninstalling a package removes other essential packages: What is the best course of action?
Dearie > Sent: Monday, February 14, 2022 at 1:02 AM > From: "David Wright" > To: debian-user@lists.debian.org > Subject: Re: Uninstalling a package removes other essential packages: What is > the best course of action? > > > Tee-hee. We Brits can sneak our code into Debian without arousing > suspicion — we just label it "english". That's when we bother to > label it at all — Indeed and the world is fortunate to have James and Jane Bond with their sidekick Q to maintain world peace. Over here, we can count on Jason Bourne, Jack Ryan and Jack Reacher to do the same job. In more recent memory, the real hero is undoubtedly Edward Snowden who revealed to the world the extent of NSA's snooping. > Most of it just slips in as the default language > of Debian. Does Debian have a default language? What is it? Latin? Esperanto? American English? Best regards. Stella
Add GRUB modules to core-Image
Hello, I try to use a USB Serial-Converter to output the grub menu on a Serial port. By the way the output is working at kernel boot time. (I See it on the remote host) How can I add usbserial_pl2303.mod to the GRUB core image? The file is located in /boot/grub/i386-pc/ on the root partition but I can't see it in /boot/grub/i386-pc/ in the grub shell.
