Re: user accounts in docker group

2023-01-21 Thread Alex Mestiashvili 

On 1/21/23 04:42, L L wrote:
The banner at the top of https://wiki.debian.org/Docker 
 says:


"The Docker daemon has setUID root, and by design allows easy access as 
root to the host filesystem. This makes it trivial for a malicious user 
to read and alter sensitive system files, or for a careless user to 
allow a malicious containerized app to do so. Access to Docker commands 
effectively grants full root power."


I'm trying to test this. I put my own user account in the docker group 
(and can execute docker commands with it).


Then I tried to see if I can use Docker to write a file to a root-owned 
directory without using sudo or su. I used these commands:

docker run debian -dit /bin/bash        #start a container
docker cp /home/me/some-file container-id:/some-file    #put a file into 
the container
docker cp container-id:/some-file /etc/some-file        #copy the file 
from the container into somewhere I shouldn't be able to write to


I got:
open /etc/some-file: permission denied

Is the wiki out of date and it's completely safe to have user accounts 
in the docker group?

Is the wiki correct but I'm exploiting group membership wrong?





Docker is insecure by design. If a user has access to the docker socket 
(belongs to the docker group) he has root access to the host system.


See example here:
https://www.youtube.com/watch?v=CB9Aa6QeRaI

Re: Debian 11 - How to install Gtkmm

2022-11-10 Thread Alex Mestiashvili 

On 11/10/22 01:09, Amn wrote:

Trying to install Gtkmm 4 in a Debian 11 box I do this :
sudo apt install libgtkmm-4.0-dev

But then I get this error :

Unable to locate package libgtkmm-4.0-dev

What am I doing wrong?



rmadison libgtkmm-4.0-dev
libgtkmm-4.0-dev | 4.8.0-2   | unstable   | amd64, arm64, armel, 
armhf, i386, mips64el, mipsel, ppc64el, s390x


It is available only in unstable for now.

Re: Packaging help: users and directories

2021-12-29 Thread Alex Mestiashvili 

On 12/29/21 1:10 AM, Gavin Henry wrote:


Hi,

(I reply assuming you seek packaging help, because that appears in
your subject, even though you don't mention that in your message)

There is another mailing list specifically for packaging questions:
https://lists.debian.org/debian-mentors/


That list is described here:

https://wiki.debian.org/DebianMentorsFaq#What_is_the_debian-mentors_mailing_list_for.3F


By the way, where that wiki text says "Debian development",
that certainly includes packaging work.

I think that mailing list will be a good place for you ask your question
again, because it exists mostly for the purpose of Debian developers
to give high-quality answers to packaging questions.

Whereas there are relatively few developers on this list, debian-user.
This list basically exists to segregate user questions away from
distracting
developers from their work, so they are not very active here, so
asking your
question here does not really find the target audience that you need for
good answers.


Thanks David! I'll subscribe, email and read that FAQ

Gavin.



Also have a look here:
https://wiki.debian.org/Packaging

There is also http://codesearch.debian.net/ which let you search the 
packages.

Re: using pam-ldap to allow ssh logins from only *some* ldap accounts (and not all)

2021-12-10 Thread Alex Mestiashvili 



On 12/10/21 12:31 PM, charlie derr wrote:

Hi again everyone,

Having gotten an excellent (and quite simple) response to my query about 
automatic homedir creation upon ssh login, i'm going to push my luck (expecting 
@ any moment to receive responses with RTFM or somethings close to that 
sentiment in them).

Our goal is to allow not just *any* LDAP user in our openldap (version 2.4.40) directory, but only those 
specified as members of a particular group (in our LDAP). We have a custom LDAP attribute (groupSR) that is 
attached directly to the user's entry (ou=People,uid=) or we could easily also populate 
a "more standard" (cn=) entry (with memeberUID attributes corresponding to the 
"allowed SSH users") in the ou=Group branch of our directory.

Pretty sure this was set up quite some time ago here, but the colleagues who I 
collaborated with to do it are no longer working with me, and I can't for the 
life of me remember how exactly it was done...


 as always, thanks so much for any assistance, as well as for all that 
everyone does for debian,
  ~c



Using pam_mkhomedir too, if you mean that.
I've switched years ago to libpam-ldapd and libnss-ldapd with nslcd.
See how one can restrict the access group-wise with nslcd:
https://wiki.debian.org/LDAP/PAM#Allowing_logins_on_a_per-group_basis

Re: Development permissions

2021-09-24 Thread Alex Mestiashvili 




On 9/24/21 11:27 AM, Reco wrote:

Hi.

On Fri, Sep 24, 2021 at 10:22:00AM +0200, Alex Mestiashvili wrote:

On 9/22/21 8:53 AM, Reco wrote:

Hi.

On Tue, Sep 21, 2021 at 11:09:41PM -0400, Paul M. Foster wrote:

Without setting directory and file permissions to 777, how do you
allow the above? What combinations of groups, directory
owners/permissions and file owners/permissions might make this
possible?


Solution #1:

1) Make a group, add users to it.
2) Chgrp directory to the group from step 1.
3) Set directory permissions to 2770 (i.e. you will need setgid on
directory), or 2775 if you need world-readable directory.
4) Ensure users' umask is set to 0007.


Solution #2:

Set ACL to u::rwx on a directory, and make sure it made to the
"default" set of permissions (i.e. you'll need setfacl -d).


In addition to umask and acl, there is also a FUSE based bindfs.


FUSE = slow + CPU wastage


Well, fast enough and CPU time is cheap ;)
Setting umask might be insecure/problematic for non-unix people.
Not every filesystem support ACL.
Bindfs is just another useful tool...



Using a filesystem the way it was intended is much cleaner solution.


ACL is a workaround for the "intended unix permissions" isn't?

Old unix concepts from 1970 don't really meet expectation of apple fan 
boys and people used to rich NTFS permissions...




Reco

Re: Development permissions

2021-09-24 Thread Alex Mestiashvili 

On 9/22/21 8:53 AM, Reco wrote:

Hi.

On Tue, Sep 21, 2021 at 11:09:41PM -0400, Paul M. Foster wrote:

Without setting directory and file permissions to 777, how do you
allow the above? What combinations of groups, directory
owners/permissions and file owners/permissions might make this
possible?


Solution #1:

1) Make a group, add users to it.
2) Chgrp directory to the group from step 1.
3) Set directory permissions to 2770 (i.e. you will need setgid on
directory), or 2775 if you need world-readable directory.
4) Ensure users' umask is set to 0007.


Solution #2:

Set ACL to u::rwx on a directory, and make sure it made to the
"default" set of permissions (i.e. you'll need setfacl -d).

Reco



In addition to umask and acl, there is also a FUSE based bindfs.

Re: Docker installation problems

2021-07-08 Thread Alex Mestiashvili 

On 7/8/21 6:48 PM, Gary L. Roach wrote:


On 7/7/21 4:43 PM, IL Ka wrote:


I suspect that something might be wrong with the /etc/apt/daemon.json
file but am not sure what.

try
# dockerd
https://docs.docker.com/config/daemon/#start-the-daemon-manually 



Do you see any errors?


Running dockerd produced the following:


root@debian:/etc/docker# dockerd
INFO[2021-07-08T09:44:02.344680610-07:00] Starting up
failed to create API server: Could not load X509 key pair (cert: 
"/var/docker/server.pem", key: "/var/docker/serverkey.pem"): open 
/var/docker/server.pem: no such file or directory
On my system the /var/docker directory doesn't exist. Further, 
server.pem doesn't exist anywhere on my system. Now what?


Gary R.



From my little experience, the default docker-ce installation comes 
without daemon.json file. Try to remove it and see if docker comes up.


It also doesn't look like Debian related issue tbh, since it is a third 
party package.


Alex

Re: IPFS tools not in the repos?

2021-05-04 Thread Alex Mestiashvili 

On 5/4/21 8:19 AM, Emanuel Berg wrote:

Uhm... why aren't the IPFS tools in the Debian repos?

Very interesting stuff!

https://ipfs.io/



Well, most likely because nobody found it useful enough and also because 
it is go and js based which are not really friendly for packaging with 
their tendency to introduce the dependency hell.

Re: The best way to install inkscape 1.0 on Debian stable

2021-03-05 Thread Alex Mestiashvili 

On 3/5/21 9:02 AM, A_Man_Without_Clue wrote:

Hi all,

What is the best way to install the latest version of the inkscape on
Buster?

Buster installs inkscape 0.9 and I still encounter lots of bugs with it.
I would like to try the latest but what is the best way to install
newest version? Download .deb file?



They provide appimage, just download and run it.

Re: command to build a Debian package

2021-01-22 Thread Alex Mestiashvili 



On 1/22/21 1:53 PM, Vincent Lefevre wrote:

I'm surprised to see on

   https://wiki.debian.org/SimpleBackportCreation

that the recommended command to build a Debian package is
dpkg-buildpackage. I had problems with it in the past as it
doesn't clean up the environment (and some packages are very
sensitive to some environment variables), and AFAIK, debuild
(which I now use) is usually recommended, or even pdebuild.

Has anything changed?



Look on the URL, it is the SimpleBackport.
Ideally you should use a clean chroot.
But any tool resulting in a .deb package is fine.
There are different ways to build a package for sure.

Best,
Alex

Re: Emergency mode when root account locked

2020-12-12 Thread Alex Mestiashvili 




On 12/12/20 3:35 PM, Marco Möller wrote:

On 12.12.20 15:18, Alex Mestiashvili wrote:

Not sure is that was already answered, since I lost track of the thread.
But resetting the root password is just matter of booting with root 
partition it rw mode and init=/bin/bash isn't?


It is not even required to mount your disk from other hardware. Simply 
boot to the grub menu and set this boot parameter:

init=/sbin/sulogin --force

As long as someone has physical access to the Debian carrying disk, you 
can always break into the system! In this case for restoring your access 
options, but of course in other cases this could also be used for evil 
things.
In order to prevent the evil access option you need to activated disk 
encryption. To my knowledge this cannot be bypassed as easily as simply 
gaining root access on an unencrypted system. But of course, if you now 
forget your decryption passphrase, then your system is gone for ever, 
also no more accessible by mounting the disk in another system. If you 
now would have a problem with the root password or sudo setup, you would 
for sure still need the disk decryption passphrase, and only afterwards 
could help yourself with the mentioned boot parameter.

Best wishes, Marco.



Hi thanks for the hint, never considered "/sbin/sulogin --force" so far, 
good to know. I normally also set grub password, so one can't edit that 
 easily grub entries. And use full disk encryption for laptops.


Best,
Alex

Re: Emergency mode when root account locked

2020-12-12 Thread Alex Mestiashvili 

Not sure is that was already answered, since I lost track of the thread.
But resetting the root password is just matter of booting with root 
partition it rw mode and init=/bin/bash isn't?



On 12/12/20 1:03 AM, Fabrice BAUZAC wrote:

Greg Wooledge  writes:


Even if you plan to use sudo for 99% of your administrative work,
there's still no reason NOT to have a root password, for those emergency
situations where you need one.


I've had the bitter taste of it when I had to salvage a virtual machine
for which I had lost access to my non-root account.  You'd better have
the root password around.

Re: VPN ideas

2020-12-08 Thread Alex Mestiashvili 

On 12/8/20 9:43 AM, to...@tuxteam.de wrote:

On Tue, Dec 08, 2020 at 08:12:09AM +0100, john doe wrote:

On 12/8/2020 1:50 AM, Charles Curley wrote:

On Mon, 7 Dec 2020 23:27:25 +0200
ellanios82  wrote:


   - any suggestions please , for a handy VPN for everyday use : no
specific purpose, but only to add a little more privacy ??


With no requirements, it is difficult to say.

Will a VPN be overkill? Would you be better off with openSSH to log in
remotely?



If you use SSH only the SSH connection will be encrypted, the way I read
the OP's question is that all traffic should be encrypted through the VPN.


You can tunnel things through an SSH. See the -X option (to tunnel an
X connection) and all the -L and -R options to proxy a socket.

As a simple-to-set-up VPN, SSH is unbeatable. It has its downsides, mind
you; the SSH protocol isn't optimised for such things. But if you're using
SSH day-to-day, then starting with it and re-thinking once you reach some
bandwidth/latency limit is a very sensible path.

For the occasional customer with some (stupid Java) app which can't live
without a GUI (go figure!), I do regularly tunnel X11 VNC over SSH. Works
like a charm.


Another interesting approach is VirtualGL over ssh: 
https://virtualgl.org/About/Introduction


In some cases works really smoothly.

Best,
Alex

Re: drives spin 100% of the time, idle down?

2020-11-12 Thread Alex Mestiashvili 

Hi,

another option is hd-idle package available via backports for stable and 
oldstable.



On 11/12/20 1:18 PM, Thomas Anderson wrote:

Hello List,

I have two drives (setup in a RAID 1 array).

The drives are mostly for archive purposes, and accessible via SMB on my
local network.

They are not constantly accessed, and performance/speed is irrelevant.

I would rather they idle/sleep when not being directly accessed. I know
they are supposed to spin, and spinning them up and down is not good for
them. But, in my particular use case, it seems acceptable.

Am I off base?

Can anyone recommend a way to do this in debian? Is there a program that
will allow me to set this?

Re: Building my own packages

2020-11-05 Thread Alex Mestiashvili 

On 11/4/20 3:32 PM, Victor Sudakov wrote:

Dear Colleagues,

As a person with the FreeBSD background, I'm used to building my own
packages with the exact build options I need (those include exim, nginx,
samba, clamav and many others). FreeBSD has a good infrastructure for
this (ports tree, poudriere et al.)

Where can I learn to do a similar thing for Debian? I'd like to have my
own package repository which:

1. Keeps my local patches and configure/build options.
2. Gets updated and recompiled when the main Debian repository gets updated.
3. Can have a higher preference for my Debian systems than the default Debian 
repositories.

I know this can be done because I use some vendor repositories (zabbix,
consul etc) but I need the tools and knowledge.

What would you advise me to read?



That's actually a good question and I'd like to see a how-to myself.
BTW, used to build FreeBSD packages at the time of FeeBSD 4.5-4.11 :)

I personally use reprepro for my repository, but the packages I build 
manually with cowbuilder/pbuilder and then upload to the repository 
managed by reprepro.


For 1. and 2. one option would be a gitlab instance with a CI pipeline ( 
or just a git repo with post-receive hooks ) which would rebuild the 
source package if the new version is pushed to the repository. Once this 
is done, uploading to reprepro isn't a big deal I guess. Still you might 
need manual intervention if you sign the packages.


Best,
Alex

Re: Securing local host of reverse SSH tunnel?

2020-09-22 Thread Alex Mestiashvili 

On 9/17/20 1:27 AM, Nate Bargmann wrote:

* On 2020 16 Sep 12:08 -0500, Alex Mestiashvili wrote:


btw, there is package authprogs, doing exactly that and not only.


It seems to only be in Bullseye right now.  It's not in Buster nor
Buster backports.  As the target computer is a Freedombox, it is running
Buster so I will have to see if I can build it locally.

- Nate



it should be as easy as pip --user install authprgos, but it is also 
available in buster-backports from today.


Best,
Alex

Re: Securing local host of reverse SSH tunnel?

2020-09-16 Thread Alex Mestiashvili 
On 9/15/20 8:53 PM, Fabrice BAUZAC-STEHLY wrote:
> Nate Bargmann writes:
> 
>> I am going to be deploying a Debian system at a location where I am
>> unsure if I can make any inbound connection into that system.  I am
>> going to set up an SSH tunnel from that system to a host in my LAN.
>> What I am concerned about is the remote possibility of theft and
>> therefore exposing my LAN to an inbound connection where a shell prompt
>> can be obtained.  I will be setting up a private/public key pair.  My
>> plan is to SSH into the internal host and then initiate an SSH
>> connection to the defined port and ultimately log into the remote
>> system.
>>
>> The site is physically secure, but ...  While I understand that at the
>> remote end I can instruct the SSH client not to request a pseudo tty, if
>> a thief has the private key, all he needs to do is initiate a connection
>> and get a shell prompt on my internal host (due to being run from a
>> startup script, the private key cannot be password protected, or can
>> it?).
>>
>> What I would like to do is in some way configure the ssh daemon on my
>> internal host to not allow any access other than allocating the port for
>> the reverse connection.  Ideally, this restriction should be based on
>> the public key of the pair but I've not seen in sshd_config(5) a way for
>> the Match directive to use the public key as its trigger.
> 
> To restrict what an SSH account can do, you can use the command="..."
> setting in the autorized_keys file.  It is documented in sshd(8).  I use
> it specifically to restrain the possible actions that can be done with
> that private key.  As the command, you can use any program or script
> that can check the arguments and perform the requested action, without
> allowing any unforeseen action.
> 
> --
> Fabrice BAUZAC-STEHLY
> PGP 015AE9B25DCB0511D200A75DE5674DEA514C891D
> 

btw, there is package authprogs, doing exactly that and not only.

Re: Why does Debian not include POSIX-specified commands like bc and ed by default?

2020-09-12 Thread Alex Mestiashvili 
On 9/12/20 9:05 AM, Lone Learner wrote:
> POSIX.1-2001 Utilities[1] and POSIX.1-2008 Utilities[2] both list the
> commands "bc" and "ed" to be part of POSIX.
> 
> Yet, in a brand new Debian installation (version 10 for example),
> these commands are missing by default:
> 
> $ bc
> bash: bc: command not found
> $ ed
> bash: ed: command not found
> 
> Why does Debian not include these commands by default? Of course, I
> can install them with "apt-get" and I did that.
> 
> apt-get install bc ed
> 
> The "bc" binary is only 87K in size. The entire package including the
> man page and documentation is only 209K in size.
> 
> Similarly the "ed" binary is only 55K in size. The entire package is
> only 93K in size.
> 
> What good reason is there not to include these tiny packages even
> though they are specified in POSIX?
> 
> [1]: https://pubs.opengroup.org/onlinepubs/009695399/idx/utilities.html
> 
> [2]: https://pubs.opengroup.org/onlinepubs/9699919799/idx/utilities.html
> 

Why should it include? POSIX is just a standard and Debian is even not POSIX
compliant AFAIK :) Also the certification is kind of costly.
But looking from the technical point of view, obviously none of reverse
dependencies of ed or bc are installed on your system and thus theses packages
are not needed. See apt-cache rdepends ed for example.

Best,
Alex

Re: Access ZFS pool in debian 10 single user mode

2020-09-03 Thread Alex Mestiashvili 

may be you need to import zpool before?

try zpool import

Best,
Alex

On 9/3/20 10:34 AM, James Allsopp wrote:
This is just debian grub recovery mode so on the same machine, so 
hopefully zfsutil will be there. Looked at this;

zfs                  4214784  9
zunicode              335872  1 zfs
zlua                  172032  1 zfs
zavl                   16384  1 zfs
icp                   331776  1 zfs
zcommon                98304  2 zfs,icp
znvpair                90112  2 zfs,zcommon
spl                   122880  5 zfs,icp,znvpair,zcommon,zavl

So if I just modprobe those from the column on the left, it should work?

Thanks,
James

On Wed, 2 Sep 2020 at 22:06, Dan Ritter > wrote:


James Allsopp wrote:
 > Hi,
 > Just trying to move var to a zfs partition. Rebooted into
recovery mode,
 > but could access the zfs pool. I tried to modprobe zfs, but still
nothing.
 > Is there something else I should be doing?
 >

Does your recovery mode have the zfs kernel modules and zfsutil?

Without it, you'll never mount things.

-dsr-

Re: delimiters with more than one character? ...

2020-07-14 Thread Alex Mestiashvili 

On 7/14/20 3:05 PM, Greg Wooledge wrote:

On Tue, Jul 14, 2020 at 03:04:38PM +0200, Alex Mestiashvili wrote:

Since you anyway use tools like awk or tr, here is the perl code:

echo " 34 + 45 \| abc \| 1 2 3 \| c\|123abc " | perl -F'\\\|' -lanE 'say
"\"".$_."\"" for @F'


If you're going to call on perl to help split the string into an
array, you might as well throw bash away and write the entire program
in perl instead.



That's what I usually do. IMHO bash scripting is awful in many ways, 
insecure and plain dangerous :) Perl in this regard is way better.


However I see no point here, if you use awk or other tools, what's wrong 
with perl oneliners?

Re: delimiters with more than one character? ...

2020-07-14 Thread Alex Mestiashvili 




On 7/14/20 2:52 PM, Albretch Mueller wrote:

  I have a string delimited by two characters: "\|"

  _S=" 34 + 45 \| abc \| 1 2 3 \| c\|123abc "

  which then I need to turn into a array looking like:

   _S_AR=(
" 34 + 45"
" abc"
" 1 2 3"
" c"
"123abc"
)

   I can't make awk or tr work in the way I need and all examples I
have found use only one character.

   Is it possible to do such things in bash?

   lbrtchx



Please share the solution you tried.

Since you anyway use tools like awk or tr, here is the perl code:

echo " 34 + 45 \| abc \| 1 2 3 \| c\|123abc " | perl -F'\\\|' -lanE 'say 
"\"".$_."\"" for @F'


Best,
Alex

Re: Chromium randomly crashes

2020-07-13 Thread Alex Mestiashvili 

On 7/13/20 10:30 AM, Toni Casueps wrote:
Not sure if I should report this to Chromium or to Debian, but I guess 
that packaging a new Chromium version could fix the problem
I updated (on Debian 10) to 83.0.4103.116-1~deb10u2 and after some 
minutes it crashes giving this log. It's difficult to tell when it 
happens as it's really random, just reading a page and scrolling down, 
the window disappears and the process ends, it could be after 2, 5, 10 
minutes... totally random:




https://lists.debian.org/debian-security-announce/2020/msg00129.html

Best,
Alex

Re: what calculator do you use?

2020-07-13 Thread Alex Mestiashvili 

On 7/13/20 9:31 AM, kaye n wrote:

Hello Friends,
Correct me if I'm wrong, but I don't see any calculator app in my Debian os.
What do you guys use? I'm having trouble with Galculator.
Thank you!



perl -E 'say eval(math expression)'

Math::XX modules for more complicated stuff :)

Best,
Alex

Re: Sharing /boot and /lib/modules with multiple distros

2020-06-06 Thread Alex Mestiashvili 
On 6/6/20 11:06 PM, Marc Shapiro wrote:
> I usually have three different distros installed.  I was wondering if I could
> have a separate partition (possibly in an extended partition) containing /boot
> and /var/modules that would be mounted in each of the distros.  This would
> eliminate having kernels, initrds and kernel modules duplicated for each 
> distro,
> while allowing me to run lilo from any of them.  The only file that would need
> to be duplicated would be /etc/lilo.conf, and it doesn't take much space.  Is
> this a workable idea?
> 
> 
> Marc
> 

But why? Isn't it easier to just use linux containers?

Re: Zoom- best practice?

2020-06-06 Thread Alex Mestiashvili 
On 6/6/20 12:13 AM, Linux-Fan wrote:
> Peter Ehlert writes:
> 
>> Family is using Zoom, International.
>> They will use Zoom, and I need to participate.
>>
>> I use Debian Mate Stable, and Firefox ESR
>>
>> I am concerned about security, duh!
>> Looking for ideas.
>>
>> my current thoughts, in order of preference:
>>
>> 1. Use a separate Debian alongside my daily driver, and use Only for the Zoom
>> meetings
>>
>> 2. Sandbox? (but how can I do that?)
>>
>> 3. Use a different browser
> 
> [...]
> 
> Hello,
> 
> best practice is certainly using different software (Big Blue Button has been
> mentioned, Jitsi works OK for small groups, say ~10 persons, too), but there 
> are
> cases where I am not asked to decide the software. At least, Zoom works on 
> Linux
> whereas e.g. Skype for Business doesn't despite claiming to have a „Web App“?
> 
> I am also using Zoom (not by preference, see above) and thought about ways to
> isolate it for which I basically came up with a similar list to yours. Here is
> what I did so far:
> 
> * Zoom inside a VM works well here. I use Virt-Manager + KVM and
>   audio works flawlessly without the need for much additional configuration.
>   I only added this line to .config/pulse/daemon.conf:
> 
> flat-volumes = no
> 
>   This makes sure that opening the VM does not reset volume back to 100%
>   which is dangerously loud on my sound card, see
>    :)
> 
> * As a fallback solution, I setup a sandbox for chromium using firejail
>   (package firejail) with a custom profile (attached for those interested).
> 
>   If you do not like the VM approach, you might consider a sandbox around
>   the zoom client. Of course, it is possible to use the sandbox inside the
>   VM, too. I doubt the added security of combining VM+sandbox is worth the
>   added complexity, though.
> 
> Using an entirely different system is certainly an option security-wise (if
> network isolation is considered properly), but might have some additional
> practical limitations.
> 
> HTH
> Linux-Fan


Thanks for sharing firejail profile, however doesn't it work in the browser?
It is really hidden though, but if you decline 2 times software installation in
the Chrome you get a link to join zoom via browser. That's what I had to use a
couple of times.

The best practice is to avoid installing zoom debian package at all. Btw BBB is
also far away from a secure platform imho.

Re: advisable to use installer script?

2020-04-06 Thread Alex Mestiashvili 
On 4/6/20 9:33 PM, Reco wrote:
> On Mon, Apr 06, 2020 at 08:49:53PM +0200, Alex Mestiashvili wrote:
>> Regarding Python and R modules of unknown quality. What quality?
> 
> My question exactly. Who build it? From which source? What toolchain was
> in use? How can I build the same in a reproduceable way? What else was
> bundled along the way? What about upgrading and deleting a module
> (installing is always the easiest part)?

R packages and python modules as everything else packageable for Debian
comes as source code, so how it is build is up to you and tools you use.
Even more, binary packages might be suboptimal compared to locally built
ones.

> 
> 
>> Debian doesn't magically make any python module better or safer.
> 
> Yet it's known which source was used, which toolchain was there and
> there are guarantees that the module in question does not change its
> behaviour in the next five minutes.

There is no problem to track all the above with most open source
projects. It's open source, nobody prevents you from checking every bit.

> Oh, and there are distribution-specific patches which *do* make packages
> better and safer, python included. And, what's most important here -
> compatible with *other* packages.

That's the different thing and that's one of the strong sides of Debian,
totally agree here.

> 
> 
>> Debian just packages a python module provided by upstream and can
>> possibly provide some additional patches and support.
> 
> Nope, see above. Building a distribution is an engineering task more
> complex than you seem to think it is.

I guess we are talking about different things, people are asking not
about adopting dpkg for their linux from scratch, but about installing a
software. Most users don't care about 90% of the stuff you mentioned.
The only thing they care about is working software. And even not the
software, but the goal they solve with it. Software is a tool. And they
are not interested in the internals.

> 
> 
>> There are pros and cons for both apt and conda, but it totally depends
>> on the use case.
> 
> Sure. On apt's side there's unified way to install/upgrade/delete
> anything, and on conda's side there's turning your system into
> Slackware.

I am not convinced. I don't use conda but I am pretty sure it can do all
above and even more. It's just different and has it's own strong sides.

Btw, are you aware that gitlab instance for salsa.debian.org is not
using packaged gitlab?
There are many softwares which simply don't fit into Debian's paradigm
of a packaging. But nevertheless they are useful and open source.

> 
> 
>> So in general it is totally fine to use anaconda installer.
> 
> I agree. They call the Debian the Universal OS because it can take an
> impressive amount of such punishment from the determined user *and*
> remain operational to a certain degree.
> And it's hardly matters whenever the offending "tool" is called conda,
> pip or docker.

Don't forget cpan, rvm, maven and so on. They all have their niche as
well as apt.

> 
> Reco
> 

Best,
Alex

Re: python3 modules -- apt vs pip?

2020-04-06 Thread Alex Mestiashvili 
On 4/6/20 5:11 PM, Anil F Duggirala wrote:
>> Python provides virtualenv, plus one can install most of the modules
>> locally with pip3 install --user  which will install the
>> modules
>> in ~/.local/lib and tools in ~/.local/bin, so don't forget to add
>> this
>> to your PATH.
>>
> 
> Could you please explain (to a newbie) exactly what are the advantages
> of using the --user option and the possible drawbacks as well? please
> Could you tell me why I wouldn't want to use a virtualenv? Is it just
> because of the pain of having to activate this virtualenv every time I
> want to use those modules? or am I losing any other functionality
> provided by my system-wide python?
> I am surprised this question was asked 2 days ago, I had the exact same
> question today. The numpy module is on version 1.16.2 in the debian
> repositories and is on version 1.18.2 in pip.
> thank you,
> 

virtualenv makes you flexible, you can have completely different
environments isolated from each other. For example Debian Buster comes
with python3.7 and you for whatever reason need python 3.4 or 3.8, or
maybe both because of let's say application requirements. This would
work with different envs.

Installing modules with --user is easier but this way you have 1
environment in your home bound to the system python.

Not every package in Debian can easily be updated. Updating numpy
system-wide most likely will break tons of other software. But the same
applies to pip to some extent, you may have a module requiring an old
numpy which wouldn't work with the new one and so on.

Re: advisable to use installer script?

2020-04-06 Thread Alex Mestiashvili 
On 4/6/20 6:44 PM, Anil F Duggirala wrote:
>> I'm assuming it's this one: 
>> https://www.anaconda.com/distribution/#linux
> 
> Thats the one.
> 
> 
>>> Can anyone give a broad idea of what this install script does?
>>
>> Extracts a HUEG tar.bz2 archive full of (presumably) Python and R
>> modules of unknown quality. Why would anyone (short of Windoze user)
>> willingly use this anaconda given the existence of pip and CRAN is
>> beyond me.
>> In Debian we have apt for this, and I kindly suggest you to consider
>> using it instead.
>>
> Thank you Reco. I will use either apt or pip. I am looking to use scipy
> basically, that's all I need, Anaconda comes with bunch of things I
> don't need. I have noticed that modules are a bit outdated in apt
> however, I asked a separate question regarding that.
> I am glad not to be a Windoze user. And now I am also glad you are not
> a Windoze user.
> thank you.
> 
> 

Anaconda/conda/miniconda have very big advantages over what Debian
offers - rootless installation and bigger? variety of applications.
I don't use it myself, but in many places where people don't have admin
privileges on workstations or computing clusters, conda is very useful.
There are many scientific pipelines completely based on conda, just
because conda applications can be installed in home directory or are
simply available without messing up with install from sources.

Regarding Python and R modules of unknown quality. What quality? Debian
doesn't magically make any python module better or safer. Debian just
packages a python module provided by upstream and can possibly provide
some additional patches and support.

There are pros and cons for both apt and conda, but it totally depends
on the use case.

So in general it is totally fine to use anaconda installer.

Re: python3 modules -- apt vs pip?

2020-04-04 Thread Alex Mestiashvili 
On 4/3/20 11:54 PM, Joe Pfeiffer wrote:
> I've been using apt (and friends) to maintain my systems, including
> python.  Today I discovered the Debian version of the more-itertools
> module is on version 4.2.0 and is three years old.  Meanwhile, the
> version documented on pypi.org is at version 8.2.0, and has at least one
> recipe whose arguments  are in a different order from the Debian
> packaged version (grouper, whose order of arguments changed in version
> 6.0.0).  This causes problems, as you might imagine, with other modules!
> 
> So... do people generally use pip to maintain their python libraries,
> rather than apt?  What's the recommended best practices here?
> 

I'd say the right course of actions would be to open a bug report that
there is a new upstream version available for python3-more-itertools.

In general there are tons of modules which will never be packaged. So
depending on your needs you might need to maintain local modules.

Python provides virtualenv, plus one can install most of the modules
locally with pip3 install --user  which will install the modules
in ~/.local/lib and tools in ~/.local/bin, so don't forget to add this
to your PATH.

I'd also say that one shouldn't use sudo pip3 since there are high
chances to mess up packages and system.

Also should be careful with names of python packages since mistyping can
lead to installation of malicious software and with sudo it makes it
even more fun - google for "python malicious packages"

Re: Best practice regarding Ruby gems installation on Buster

2020-03-29 Thread Alex Mestiashvili 
> 28 mars 2020 à 18:18 de ames...@rsh2.donotuse.de:
> 
>> In order to avoid messing up packages and system in general one should
>> never install modules/packages/whatever as root into system locations.
>> Most of sane languages provide a way to install modules into home
>> directory and usually these locations have higher precedence when
>> loading modules or one can tell the language to load the modules from
>> the defined location first.
>> I don't know about Ruby, but in Debian you get only a subset of all
>> possible modules for the language of your choice. And it is very likely
>> that in Debian stable they are old and even might be too old for some
>> specific software. So in my opinion the way to go is to use available
>> packages from Debian and install the missing one locally.
>>
> So you would suggest not to mess with Debian ruby gems (except updating them 
> through their corresponding packages with 'apt update' sometimes) and install 
> those that don't have any package on Debian ecosystem for the local user only?

Exactly. If needed you can of course install them system wide, but
somewhere in /usr/local for example so they don't overlap with existing
structure for Debian packages. But see dh-make-ruby first if you'd like
to go this way.

> If true, I think this is the goal of the following command:
> $ gem install --user-install GEMNAME

Looks good, but since I don't use ruby I can't tell you exactly.

> 
> So when I want to install a ruby gem, my reflex should be first to verify if 
> Debian already provides it in one of its packages?
> * If Debian provides the gem and its (probably old) version fits my need => 
> install the Debian package ('apt install')
> * If Debian provides the gem but I want a brand new version OR if Debian 
> doesn't provide the gem at all => install the gem ('gem install 
> --user-install')
> It makes sense?

That's what I would do. However the second option is more complicated. A
dependency of a package will be installed even if you would like to have
more recent gem. Which mean that you might end up in a situation where
the same rubygem comes from Debian and locally as more up-to-date
version. But in this case the local version should have higher
precedence for local projects.

Ruby also provides rvm - Ruby Version Manager, in some cases it totally
make sense to start with a self-contained envs. After all it all depends
on what you'd like to do, but using sudo to overwrite modules in system
locations is plain wrong in my opinion and breaks the system.


>> Regarding the security of the packages in Debian stable, if the package
>> has a known vulnerability it is very likely that the security team will
>> take care and fix the package. So this is not an issue.
>>
> Ok, I get it now with Andrei's answer as well.
> I thought initially that Debian only provides ruby engine/framework, not 
> packages containing ruby code as well ;)

There are many packages using ruby and it's modules, so if a software
package depends on some ruby gems, they need to be packaged too.
But that's the cool thing about Debian and binary packages, one can
simply run apt-get install to get a complicated software installed.

> 
> Best regards,
> l0f4r0
> 

Best,
Alex

Re: Best practice regarding Ruby gems installation on Buster

2020-03-28 Thread Alex Mestiashvili 
On 3/28/20 11:37 AM, l0f...@tuta.io wrote:
> Hi,
> 
> I'm on Debian 10.
> What is the best practice regarding Ruby gems installation please (user vs 
> root)?
> Below is my situation.
> 
> It all begins with the installation of vim-gtk3 (because I want access to the 
> +/* registers) that comes with the following dependencies:
> libruby2.5 rake ruby ruby-did-you-mean ruby-minitest ruby-net-telnet 
> ruby-power-assert ruby-test-unit ruby-xmlrpc ruby2.5 rubygems-integration
> 

> 
> So my question about the best practice at the very beginning.
> I think it can be very tricky to have parallel versions of the same gems, and 
> I don't think having obsolete user gems is really nice (security+features). 
> How do you manage that situation? Do you delete all user local gems and only 
> keep root's (maybe it introduces access errors in your programs by doing so)? 
> Do you change the gem directories permissions (maybe it's less secure...)? 
> Don't you touch anything and just use sudo everywhere? Other idea?
> 
> PS: I fiddled so much with my installation last day that I even lost access 
> to my local gems...

> Many thanks in advance :)Best regards,
> l0f4r0
> 


In order to avoid messing up packages and system in general one should
never install modules/packages/whatever as root into system locations.
Most of sane languages provide a way to install modules into home
directory and usually these locations have higher precedence when
loading modules or one can tell the language to load the modules from
the defined location first.
I don't know about Ruby, but in Debian you get only a subset of all
possible modules for the language of your choice. And it is very likely
that in Debian stable they are old and even might be too old for some
specific software. So in my opinion the way to go is to use available
packages from Debian and install the missing one locally. However if you
like to install the software the Debian way you might consider using
tools like dh-make-ruby to create debian packages from a ruby library
and install it later as a local debian package with dpkg. This way has a
number of benefits, but of course it may not work for complicated libs
or for a project where you need to get tens of hundreds of
not-yet-packaged libs.

Regarding the security of the packages in Debian stable, if the package
has a known vulnerability it is very likely that the security team will
take care and fix the package. So this is not an issue.

Regards,
Alex

Re: Advice on upgrading to SSD

2020-03-02 Thread Alex Mestiashvili 
On 3/2/20 6:52 PM, Joe Pfeiffer wrote:
> Tony van der Hoff  writes:
> 
>> Hi,
>> I'm currently running Buster on a 5 year old GigaByte motherboard with
>> a 10-year old Raid-1 array on 2 500GB disks. Although it is running
>> fine, I'm becoming a bit concerned about the longevity of this
>> storage, so I'm planning to upgrade it to a 500GB or maybe 1TB SSD
>> from Crucial.
>>
>> My plan would be to install the SSD in the cage, and dd the contents
>> of the array onto the SSD. I would then change the BIOS to boot from
>> the SSD, making the RAID array redundant.
>>
>> Can someone please tell me whether this plan is feasible, and what
>> pitfalls I might encounter?
> 
> I've found the best way to migrate to new disks, especially if I've
> already got a RAID array, is to put the new disk in, add it to the
> array, wait for the array to synchronize, remove the old disks from
> array.  Now install grub on the new disk.  If the new disk is larger
> than the old ones were, now resize the filesystem to match.
> 
> This has worked well enough for me that I've got several one-disk RAID 1
> arrays in anticipation of eventual upgrades.
> 

Good idea, but most likely the 500GB SSD is not really 500GB as most
vendors leave some space for over provisioning area.

Re: Ansible recommendations?

2020-02-11 Thread Alex Mestiashvili 

On 2/11/20 4:08 PM, Tom Browder wrote:
I'm considering using Ansible (from Debian packages) for maintaining 
multiple remote Debian servers. The master server will be my Debian laptop.


I have three questions:

1. If you have experience with Debian ansible, are you or were you 
satisfied with the experience?


3. If you don't recommend Ansible, can you recommend any other similar 
system?


Thanks.

-Tom


I won't say much about ansible since I didn't use it long enough.
If you need a simple and flexible push based automation framework have a 
look on rex - rexify.org, apt-get install rex :)


Ansible is way more popular, but also has a lot of issues, just have a 
look on their github page...

Re: debian format usb drive that a Mac likes

2020-02-04 Thread Alex Mestiashvili 

On 2/4/20 3:48 PM, Martin McCormick wrote:

If one is on a debian system and formatting a usb drive
that will be recognized by a Mac, I know that xfs is usually a
good choice for the file system but
what type of partition are we supposed to use to enclose that xfs
file system?

I know if you plug a linux thumb drive in to a Mac, the
Mac says it can't read the disk and immediately offers to
initialize it for you.

Thanks.

Martin McCormick



I guess you have to go with extfat.
Linux can read and may be write hfs/hfs+, read apfs, but apple's 
filesystems support is kind of miserable.


Best,
Alex

Re: fmtree: line 0: unknown keyword sha256digest

2020-02-02 Thread Alex Mestiashvili 

On 1/16/20 11:31 AM, Brian wrote:

On Wed 15 Jan 2020 at 20:55:28 -0800, David Christensen wrote:


On 2020-01-15 12:28, David Christensen wrote:

Do I build from source?  If so, is there a good tutorial?


https://wiki.debian.org/SimpleBackportCreation


The only change is the installation step -- apt(8) did not work:

2020-01-15 13:31:02 root@po /home/dpchrist/build
# apt install freebsd-buildutils_10.3~svn296373-7_amd64.deb


Shouldn't that be

   apt install ./freebsd-buildutils_10.3~svn296373-7_amd64.deb ?



Have never used apt this way, but in order to install a local package 
one can dpkg -i $pkgname followed by apt-get install to install all 
missing deps.

Re: Ethernet trouble

2020-01-29 Thread Alex Mestiashvili 

My shell scripts are all broken now and I'm afraid that next week, after
I change all my scripts, something will change things back. Or increment
them again.

Anybody have an explanation? Or somewhere I can start looking? Or know
how whatever labels Ethernet ports does it (or why they weren't called 0
and 1 in the first place)?



This something is called udev.
Look in udev rules, try to unload and load kernel module for the network 
card and see what are udev actions.

Re: Hard disks auto-spinning-down

2019-10-29 Thread Alex Mestiashvili 
On 10/29/19 12:59 AM, Mark Fletcher wrote:
> On Mon, Oct 28, 2019 at 07:44:48PM +0200, Andrei POPESCU wrote:
>> On Ma, 01 oct 19, 15:49:57, Alex Mestiashvili wrote:
>>>
>>> You may want to try hd-idle, it is not yet available in stable, but one
>>> can install it from testing (it is not advisable in general, but the
>>> divergence between buster and testing is not that big right now)
>>> wget it from
>>> http://ftp.de.debian.org/debian/pool/main/h/hd-idle/hd-idle_1.05+ds-2_amd64.deb
>>> or any other Debian mirror and edit /etc/default/hd-idle in order to
>>> start the daemon.
>>> See man hd-idle for the details.
>>
>> One could also write to debian-backports, CC: the maintainer and ask 
>> nicely for a backport ;)

It had been sitting in the backport queue at the moment of writing the
email above as far as I remember. I just didn't know how long would it
take until it is approved :)

>>
> Thanks for all this help, guys. Does anyone have any thoughts on why one 
> generation of an external disk cage wouldn't require this and just spun 
> down the disks automatically when idle, but the new one does require 
> incantations to do so? Bearing in mind that a Mac-using friend of mine 
> reports the same (new) model of cage does spin down the disks when 
> connected to a Mac without him having to have made any settings, so the 
> cage isn't against spinning down the disks or anything weird... There's 
> no reference at all to spinning down the disks in the cage's manual, but 
> there wasn't in the old generation's manual either.

That's a complicated question, there are too many things which can
influence a disk. See this answer:

 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930796#42

It would be actually pretty cool if you could test the workarounds and
post the results here.

Best,
Alex

Re: Hard disks auto-spinning-down

2019-10-01 Thread Alex Mestiashvili 



On 9/29/19 1:30 PM, Mark Fletcher wrote:
> Since a fresh install of buster, an external USB3 hard disk cage from 
> Terramaster that I own is not automatically spinning down the disks in 
> it when they go unused for a time.
> 
> I used a previous generation of the cage with Stretch previously, it 
> spun down the disks when they were not in use (actually a little too 
> quickly for my taste) reliably and I don't recall doing anything to make 
> that happen.
> 
> Any thoughts on where I might look to find settings that can be tweaked 
> to make it spin down when idle? A friend of mine uses the same cage with 
> a Mac and says it spins down when not in use, so I feel like I should be 
> able to do it somehow.
> 
> The only thing I can think of that I've tweaked since installing buster 
> is to disable suspend, as I didn't want the whole computer suspending 
> when I was away for a bit, as this computer does a lot of background 
> processing. I wonder if I overdid that and disabled something I should 
> have left enabled? The solution to that problem involved disabling a 
> couple of systemd targets.
> 
> I just re-googled that problem because I couldn't remember what targets 
> I disabled -- and now I see on the wiki that they are sleep.target 
> hibernate.target suspend.target and hybrid-sleep.target. The wiki says 
> to do "systemctl mask" on those targets but I suspect I followed someone 
> else's advice and did "systemctl disable" on those targets.
> 
> Any link to this problem? Otherwise where should I look?
> 
> Thanks
> 
> Mark
> 

You may want to try hd-idle, it is not yet available in stable, but one
can install it from testing (it is not advisable in general, but the
divergence between buster and testing is not that big right now)
wget it from
http://ftp.de.debian.org/debian/pool/main/h/hd-idle/hd-idle_1.05+ds-2_amd64.deb
or any other Debian mirror and edit /etc/default/hd-idle in order to
start the daemon.
See man hd-idle for the details.

Best,
Alex

Re: NSS-LDAP group preventing proper boot

2019-09-20 Thread Alex Mestiashvili 
On 9/20/19 7:42 AM, Marc Franquesa wrote:
> After making a clean install of Buster and setup it, the system doesn't
> boot propery and enters emergency mode with some systemd-udevd errors on
> timing out.
> 
> I tracked down and isolated the issue to be caused by nss-ldap group
> mapping: If I remove ldap from nsswtich.conf groups (only for groups table)
> the system boots fine (So I can use ldap for everything else except for
> group)
> 
> I already faced the same problem long time ago (not sure, but I think on
> jessie and ubuntu older releases) and the workarround/solution was to set
> nss_init_groups_ignore users to list all localacounts (so don't lookup for
> LDAP groups for local accounts). This time this didn't worked, as I updated
> my nss_init_groups_ignore_users to the list of current local users with no
> luck.
> 
> Some details tested/discarded:
> - there are no custom udev rules making use of any LDAP user/group
> - I tried setting various timeouts/soft_policy on LDAP configuration
> - Also tried [UNAVAIL=return] and other similar optons on nsswitch.conf
> - Exactly the same configuration works perfectly on Debain Stretch (as I
> configure them thru Ansible)
> 
> Note that while researching I found many similar bug reports (also on
> different distros) related to this issue, all of them providing
> workarrounds (which didn't worked) but none providing a permanent FIX or
> solution:
> 
> https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475
> https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/51315
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318622
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339797
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349509
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375077
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375215
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=388729
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391167
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441458
> https://bugzilla.redhat.com/show_bug.cgi?id=234541
> https://bugzilla.redhat.com/show_bug.cgi?id=187852
> 
> So basically seems that NSS-LDAP is queried when is still not ready, either
> because LDAP server is down or the affected system didn't initialized
> network yet. Either the case, this shouldn't prevent the system to boot
> normally. More than a bug on libnss-ldap/udev seems a wrong/unstable
> integration on the init process. I don't know if any NSS network servicces
> (NIS?, winbind?) experience similar issues or how they avoid them.
> 
> Does any one faced same issue or can provide any help/workarround/clues?
> Should I open a new bug report?
> 
> Thanks much for any hint/help
> 


That's interesting. I've been using libnss-ldap since Lenny and didn't
face the problems listed above, however since quite some time I've
switched to libnss-ldapd/libpam-ldpad. As far as I remember these are
drop-in replacements for libnss-ldap but you'll need to configure nslcd
daemon too. Another option would be to switch to sssd which "just
wokred" for my use cases.

Best,
Alex

Re: Debian Perl or Brew Perl for production application?

2019-07-02 Thread Alex Mestiashvili 
On 7/2/19 11:20 AM, Dave Sherohman wrote:
> On Mon, Jul 01, 2019 at 06:30:19PM +0200, to...@tuxteam.de wrote:
>> I tend to stick to Debian packages as my primary choice, resorting
>> to off-distribution packages when needed (e.g. not packaged for
>> Debian, or I /need/ a newer version). Of course it takes some foresight
>> to guess in advance whether you expect such a situation in the
>> future.
>>
>> Rationale: they mesh better with the flow of system updates/upgrades.
>>
>> I've found Perl packaging in Debian outstanding. The Debian Perl
>> packaging team does a damn good job indeed.
> 
> Pretty much the same here.  I was initially hired as a Perl developer,
> then gradually moved into more sysadmin duties and, in both roles, I
> prefer to stick with the Debian-packaged perl binary.  It gets me
> security updates as needed and the only reasons I see a particular need
> for PerlBrew and the like are:
> 
> 1) You need different compile-time options than Debian chooses
> 
> 2) You need access to a feature that's only present in a newer-than-
>Debian Perl version
> 
> 3) You want to have the "latest and greatest" for its own sake
> 
> Personally, I've never encountered #1 or #2 in practice and if #3
> mattered to me, then I wouldn't be running Debian stable in the first
> place.
> 

+1 here, but in case one need the "latest and greatest" modules, in most
cases it's dead simple to package a not-yet-packaged module with
cpan2deb from dh-make-perl package.

One of the benefits of this approach, is that you don't need to bring
compilers and sources of the dependencies to the production machine.
Build packages on a "development" node and install binary packages on
the production.

In case you need to replicate the setup, or you have more than one
machine one can maintain a repository,making installation of a new
system way easier.

And you also can contribute back to Debian in case you packaged a new
software.

Best,
Alex

Re: Debian Programming languages

2019-05-24 Thread Alex Mestiashvili 
On 5/24/19 11:19 PM, Christian Groessler wrote:
> On 5/24/19 10:03 PM, Alex Mestiashvili wrote:
>> On 5/24/19 7:28 PM, Christian Groessler wrote:
>>> On 5/24/19 6:51 PM, john doe wrote:
>>>> On 5/24/2019 6:14 PM, ghe wrote:
>>>>> Perl is happily off on it's own. "There's more than one way..." Boy is
>>>>> there ever. Nice to write, but it's next to impossible to understand
>>>>> other people's code. Python, IMHO, seems to be creeping up to replace
>>>>> it.
>>>
>>> I'm typically referring to perl as a "write-only" language. :-)
>>>
>>> But don't get me wrong, I like it...
>>>
>>> regards,
>>> chris
>>>
>> That is not true. The freedom to write unreadable code doesn't mean that
>> the language is bad.
> 
> 
> I guess you didn't notice the smiley in my message...
> 
> I'm sometimes having hmm.. let's say "problems" ... understanding what I
> had written ~10yrs ago. Typically regexp-related. That's not a problem
> of the language, but a problem in my understanding as I don't use perl
> on a day-to-day basis.
> 
> I stated "I like it", and that's true. I dislike python on the other
> hand...
> 
> regards,
> chris
> 

I did notice the smiley. But the jokes that perl is unreadable, looks
like line noise, write only, and so on, are repeated way too often and
decline Perl's reputation.

Well, the problem you described, isn't the problem of the language :)
Perl is easy to use and write condensed code, so many people abuse it
and write messy code.
Regexps can be also written in pretty clean multiline format with
comments should one want it.

So I basically came here to say that Perl is cool! :)

Best regards,
Alex

Re: Debian Programming languages

2019-05-24 Thread Alex Mestiashvili 
On 5/24/19 7:28 PM, Christian Groessler wrote:
> On 5/24/19 6:51 PM, john doe wrote:
>> On 5/24/2019 6:14 PM, ghe wrote:
>>> Perl is happily off on it's own. "There's more than one way..." Boy is
>>> there ever. Nice to write, but it's next to impossible to understand
>>> other people's code. Python, IMHO, seems to be creeping up to replace
>>> it.
> 
> 
> I'm typically referring to perl as a "write-only" language. :-)
> 
> But don't get me wrong, I like it...
> 
> regards,
> chris
> 

That is not true. The freedom to write unreadable code doesn't mean that
the language is bad.

Just as an example, look on Perl Dancer[0] framework. It's so damn easy
and clear, one can start using it just after going through the tutorial.

Best,
Alex

[0] https://metacpan.org/pod/Dancer2::Tutorial

Re: Once again: alt as my meta key

2017-02-09 Thread Alex Mestiashvili 
On 02/09/2017 07:27 AM, Bob Bernstein wrote:
> When I boot my Jessie it brings me, as desired, to a bash command line
> prompt (no X at this stage of the game).
> 
> If I then launch the jed editor (or emacs -nw) from that prompt,
> pressing Alt-x on the keyboard, produces the M-x prompt where jed wants it.
> 
> I then can enter startx and arrive in my desired icewm X desktop, I can
> then launch an xterm and, in it, jed, or emacs. But only Esc-x on the
> keyboard produces the wanted M-x prompt these editors.
> 
> Somewhere, somehow X (xorg, to be more precise) has eaten my M-x. Can
> anyone help me get my Meta key -- Alt -- back?
> 
> 

Not sure if that helps, but may be you can reset the modifiers:

xdotool keyup Meta_L Meta_R Alt_L Alt_R

to reset all modifiers:

xdotool keyup Shift_L Shift_R Control_L Control_R Meta_L Meta_R Alt_L
Alt_R Super_L Super_R Hyper_L Hyper_R ISO_Level2_Latch ISO_Level3_Shift
ISO_Level3_Latch ISO_Level3_Lock ISO_Level5_Shift ISO_Level5_Latch
ISO_Level5_Lock

See also:
http://unix.stackexchange.com/questions/60007/how-to-force-release-of-a-keyboard-modifiers

Re: Debian-compatible "compute stick" thingy

2017-02-03 Thread Alex Mestiashvili 
On 02/03/2017 06:32 PM, Carl Fink wrote:
> Inspired by the recent discussion of installing Debian on smartphone.
>
> I'm thinking of getting one of the tiny-format PCs like the Intel "Compute
> Stick".  They're mostly ARM-based systems with a video out and two or three
> USB ports, and often WiFi and Bluetooth, powered by a standard micro-USB
> port.

CuBox-I from SolidRun seem to fall in the class of devices you are
looking for.
For the installation details look on Debian's wiki:
  https://wiki.debian.org/ArmHardFloatPort/CuBox-i

or consider Raspbian images.


>
> I like the smallness, quietness, low power consumption, and inexpensiveness
> of this class of device.
>
> Does anyone have experience installing Debian on such a device--not
> necessarily the Intel one, but something in that class?  If I could have an
> ideal device it would have at least 4 gig of RAM (even better, 8).  Storage
> could be minimal, because external drives are cheap these days, too.

Well, that's just a computer, why there should be problems installing
Linux :) ?

Re: firefox + flashplayer on slow pc

2016-12-21 Thread Alex Mestiashvili 
On 12/20/2016 11:10 PM, deloptes wrote:
> I have an older notebook with ATI. (Actually I gave it to a friend) Recently
> I updated to OS is ubuntu 16.04 from 12.x.
> 
> glxgears looks good, but after installing later firefox when watching some
> YT it slows down and video breaks. even lowering quality to 360 is not very
> good.
> 
> I installed older version of FF and it was much better but still not good.
> 
> Do you have any idea how I can improve this?
> 
> thanks
> 

It's better to avoid flash if possible, youtube supports html5
https://www.youtube.com/html5
Try chromium, firefox is sometimes very greedy.

Re: probable broken tomcat6 package on wheezy

2016-12-17 Thread Alex Mestiashvili 
On 12/17/2016 11:05 AM, John Naggets wrote:
> Hi Alex,
>
> By installing the previous package version from the apt cache archive
> as you mention I managed to find out that it is the libtomcat6-java
> package which is broken. You just need to downgrade that package back
> to deb7u3 and Tomcat will start again.
>
> Thanks for the hint and hopefully this package will be quickly fixed.
>
> Best,
> H.N.
>

You are welcome.
Just to note, tomcat6 is ancient, I would suggest to move to a supported
version.
And if it really bothers you, please consider to open a bug report.

Best,
Alex

Re: probable broken tomcat6 package on wheezy

2016-12-17 Thread Alex Mestiashvili 
On 12/17/2016 07:40 AM, John Naggets wrote:
> Hi,
>
> Since today the tomcat6 package on Debian 7.11 seems to be broken as
> the tomcat6 service does not start anymore. Here is the relevant
> output of catalina.out:
>
> Dec 17, 2016 6:35:15 AM org.apache.catalina.startup.ClassLoaderFactory
> validateFile
> WARNING: Problem with directory [/usr/share/tomcat6/server/classes],
> exists: [false], isDirectory: [false], canRead: [false]
> Dec 17, 2016 6:35:15 AM org.apache.catalina.startup.ClassLoaderFactory
> validateFile
> WARNING: Problem with directory [/usr/share/tomcat6/server], exists:
> [false], isDirectory: [false], canRead: [false]
> Dec 17, 2016 6:35:15 AM org.apache.catalina.startup.ClassLoaderFactory
> validateFile
> WARNING: Problem with directory [/usr/share/tomcat6/shared/classes],
> exists: [false], isDirectory: [false], canRead: [false]
> Dec 17, 2016 6:35:15 AM org.apache.catalina.startup.ClassLoaderFactory
> validateFile
> WARNING: Problem with directory [/usr/share/tomcat6/shared], exists:
> [false], isDirectory: [false], canRead: [false]
> Dec 17, 2016 6:35:16 AM org.apache.coyote.http11.Http11Protocol init
> INFO: Initializing Coyote HTTP/1.1 on http-8080
> Dec 17, 2016 6:35:16 AM org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 438 ms
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
> Caused by: java.lang.ExceptionInInitializerError
> at 
> org.apache.catalina.core.NamingContextListener.lifecycleEvent(NamingContextListener.java:262)
> at 
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
> at org.apache.catalina.core.StandardServer.start(StandardServer.java:752)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
> ... 6 more
> Caused by: java.util.MissingResourceException: Can't find bundle for
> base name org.apache.naming.factory.LocalStrings, locale en_US
> at 
> java.util.ResourceBundle.throwMissingResourceException(ResourceBundle.java:1499)
> at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1322)
> at java.util.ResourceBundle.getBundle(ResourceBundle.java:721)
> at org.apache.naming.StringManager.(StringManager.java:68)
> at org.apache.naming.StringManager.getManager(StringManager.java:213)
> at 
> org.apache.naming.factory.ResourceLinkFactory.(ResourceLinkFactory.java:44)
> ... 10 more
>
> Using the following tomcat:
>
> $ dpkg -l|grep tomcat
> ii  libtomcat6-java6.0.45+dfsg-1~deb7u4
> all  Servlet and JSP engine -- core libraries
> ii  tomcat66.0.45+dfsg-1~deb7u4
> all  Servlet and JSP engine
> ii  tomcat6-common 6.0.45+dfsg-1~deb7u4
> all  Servlet and JSP engine -- common files
>
> and JRE:
>
> dpkg -l|grep jre
> ii  default-jre-headless   1:1.7-47+deb7u2
> amd64Standard Java or Java compatible Runtime (headless)
> ii  openjdk-7-jre-headless:amd64   7u111-2.6.7-2~deb7u1
> amd64OpenJDK Java runtime, using Hotspot JIT (headless)
>
> The following package updates have been performed this early morning
> and I suspect one of these following packages to be broken:
>
> libicu-dev libicu48 libservlet2.5-java libtomcat6-java  tomcat6
> tomcat6-admin tomcat6-common
>
> Any ideas? I can't find anything yet on any debian mailing lists...
>
> Best regards
> H.N.
>

Hi,
As a temporary workaround disable the unattended-upgrades, and
try to install the previous version from /var/cache/apt/archives.
It solved the problem for me. ( of course if you don't clean the apt
archives )

Best,
Alex

Re: potential damage to Debian "stable" when installing packages from "testing"

2016-12-09 Thread Alex Mestiashvili 
On 12/08/2016 08:53 PM, Rob van der Putten wrote:
> Hi there
> 
> 
> On 08/12/16 16:27, Alex Mestiashvili wrote:
> 
>> 0) backport it yourself. It is not that hard to dget a dsc file from
>> testing and try to build it for the current release. Often works without
>> additional efforts.
> 
> That's what I do. I'm rather blunt about it;
> 1. Does it compile?
> 2. Does it install?
> 3. Does it work?
> 4. Am I still happy about it after a while?
> 
> Recently I ran into some squid and libcap3 problems;
> http://www.sput.nl/software/squid/squid-backport.html
> 
> According to a friend it's OK to replace the maintainer supplied symbols
> file with the generated one. And the libcap3 does indeed compile and
> build a package.
> I'm considering building Squid with it and want to name the new package
> 3.5.22-1~bpo8+2 instead of 3.5.22-1~bpo8+1.
> Is this possible and how do I do this?
> 
> 
> Regards,
> Rob

You just will need to add or rename the current version in
debian/changelog file.

I'll suggest not to use +2 suffix but rather something which will not
overlap with a new official backport version, for example ~local.

It is important to note that the version of your locally build package
is less than the new version from backports, so the new official version
will be installed automatically when released and you will not stuck
forever with the old one.

Just out of curiosity I tried to build squid from testing for jessie,
here is the log: https://paste.debian.net/901373/

Re: potential damage to Debian "stable" when installing packages from "testing"

2016-12-08 Thread Alex Mestiashvili 
On 12/08/2016 02:14 PM, Greg Wooledge wrote:
> On Thu, Dec 08, 2016 at 01:58:18PM +0200, Martin T wrote:
>> let's say that I need a package named "weechat"(version 1.6-1) from
>> Debian "testing":
> 
> Let's not say that.
> 
> Let's instead say "I am running jessie, but jessie's version of weechat
> (1.0.1-1) is missing some features I need.  What should I do?"
> 
> The next step then is to look at jessie-backports.  There is a newer
> version of weechat (1.5-1~bpo8+1) in jessie-backports.  So try that
> one.
> 
> If that one STILL isn't new enough for you, then you have two choices:
> 
> 1) Install weechat yourself from upstream source code.
> 2) Upgrade your entire system to stretch (testing).
> 

0) backport it yourself. It is not that hard to dget a dsc file from
testing and try to build it for the current release. Often works without
additional efforts.

Re: Does hdparm not run at startup anymore?

2016-11-16 Thread Alex Mestiashvili 
On 11/12/2016 09:14 PM, Rainer Dorsch wrote:
> Hi Alex,
> 
> thank you for your reply and your testing.
> 
> On Saturday 12 November 2016 16:40:40 Alex Mestiashvili wrote:
>> On 11/12/2016 08:37 AM, Rainer Dorsch wrote:
>>> + Alexandre, hdparm maintainer
>>>
>>> On Friday 11 November 2016 23:11:24 Rainer Dorsch wrote:
>>>> Hi,
>>>>
>>>> I configure sdb in /etc/hdparm.conf to apm=64, but when I start the 
>>>> system, apm does not change. Interesting enough a /etc/init.d/hdparm 
>>>> restart fixes the problem:
>>>>
>>>>
>>>> root@Silberkiste:~# cat /etc/hdparm.conf
>> 
>>>> /dev/sdb {
>>>>  apm = 64
>>>>  spindown_time = 5
>>>> }
>>>>
>>>> root@Silberkiste:~# hdparm -I /dev/sdb|grep level
>>>> Advanced power management level: 254
>>>> root@Silberkiste:~# /etc/init.d/hdparm restart
>>>> [ ok ] Restarting hdparm (via systemctl): hdparm.service.
>>>> root@Silberkiste:~# hdparm -I /dev/sdb|grep level
>>>> Advanced power management level: 64
>>>> root@Silberkiste:~#
>>>>
>>>>
>>>> Any insight, why I need the /etc/init.d/hdparm restart is very welcome.
>>>>
>>>> Thanks
>>>> Rainer
>>>>
>>>>
>> Hi Rainer,
>> I can not reproduce this problem on my machine:
>>
>> lsb_release -c
>> Codename:jessie
>>
>> hdparm -V
>> hdparm v9.43
>>
>> egrep -v "^$|^#" /etc/hdparm.conf
>> /dev/sdc {
>>  apm = 64
>>  acoustic_management = 250
>> }
>> /dev/sdd {
>>  apm = 128
>> }
>> /dev/sdf {
>>  apm = 48
>> }
>>
>>
>> for disk in sdc sdd sdf; do echo $disk; hdparm -I /dev/$disk | egrep
>> "level:|acoustic"; done
>> sdc
>> Advanced power management level: 64
>> Recommended acoustic management value: 254, current value: 250
>> sdd
>> Advanced power management level: disabled
>> Recommended acoustic management value: 128, current value: 128
>> sdf
>> Advanced power management level: 48
>> Recommended acoustic management value: 208, current value: 0
>>
>> The values are set after reboot or after init script restart.
>>
> 
> Hmm...since hdparm works for me if I do a 
> 
> # /etc/init.d/hdparm restart
> 
> after boot (or even in /etc/rc.local, is it possible that hdparm runs for my 
> system for whatever reason too early (though it is not special setup, all 
> SATA SSDs and HDDs)?
> 
> Rainer
> 
> 

Hi Rainer,

you can try to tweak the init script to see what is really happening,
for example by echoing more information or redirecting the command
outputs to a logfile.
Alternatively you can give hdparm link a higher Start number in
/etc/rc3.d/ to see if it helps.

Best,
Alex

Re: Does hdparm not run at startup anymore?

2016-11-12 Thread Alex Mestiashvili 
On 11/12/2016 08:37 AM, Rainer Dorsch wrote:
> + Alexandre, hdparm maintainer
>
> On Friday 11 November 2016 23:11:24 Rainer Dorsch wrote:
>> Hi,
>>
>> I configure sdb in /etc/hdparm.conf to apm=64, but when I start the system, 
>> apm does not change. Interesting enough a /etc/init.d/hdparm restart fixes 
>> the problem:
>>
>>
>> root@Silberkiste:~# cat /etc/hdparm.conf

>> /dev/sdb {
>>  apm = 64
>>  spindown_time = 5
>> }
>>
>> root@Silberkiste:~# hdparm -I /dev/sdb|grep level
>> Advanced power management level: 254
>> root@Silberkiste:~# /etc/init.d/hdparm restart
>> [ ok ] Restarting hdparm (via systemctl): hdparm.service.
>> root@Silberkiste:~# hdparm -I /dev/sdb|grep level
>> Advanced power management level: 64
>> root@Silberkiste:~#
>>
>>
>> Any insight, why I need the /etc/init.d/hdparm restart is very welcome.
>>
>> Thanks
>> Rainer
>>
>>
Hi Rainer,
I can not reproduce this problem on my machine:

lsb_release -c
Codename:jessie

hdparm -V
hdparm v9.43

egrep -v "^$|^#" /etc/hdparm.conf
/dev/sdc {
 apm = 64
 acoustic_management = 250
}
/dev/sdd {
 apm = 128
}
/dev/sdf {
 apm = 48
}


for disk in sdc sdd sdf; do echo $disk; hdparm -I /dev/$disk | egrep
"level:|acoustic"; done
sdc
Advanced power management level: 64
Recommended acoustic management value: 254, current value: 250
sdd
Advanced power management level: disabled
Recommended acoustic management value: 128, current value: 128
sdf
Advanced power management level: 48
Recommended acoustic management value: 208, current value: 0

The values are set after reboot or after init script restart.

Best,
Alex

Re: How to create package without source code

2016-07-27 Thread Alex Mestiashvili 
On 07/27/2016 10:49 AM, Sven Joachim wrote:
> On 2016-07-27 10:14 +0200, Alex Mestiashvili wrote:
> 
>> Here is the manual describing how to build binary packages:
>>
>> http://www.tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/
> 
> This is over ten years old and only for hardcore users.  Creating a
> source package (even if it's just a tarball containing all the files you
> want to install) and producing a binary package from that is much
> easier, since the helper commands then hide all the gory details from
> you.
> 
> Cheers,
>Sven
> 

Building the source package is no problem, but the OP was asking about
the binary package.
Some years ago I was binary packaging java including local certificates
in the java's keystore and it was working just fine.
And as far as I remember I was using exactly this manual.

Best,
Alex

Re: How to create package without source code

2016-07-27 Thread Alex Mestiashvili 
On 07/27/2016 09:39 AM, Hans wrote:
> Hi folks, 
> 
> I want to create a debian package with my own additions (added an icon and a 
> button for the kde-menu, changed groups and user rights).
> 
> But there is a problem:
> 
> The file is just a script. I read in the dokus, and all told, they want to 
> compile somehow.
> 
> I imagine, to pack all the files with the correct user rights into a folder, 
> then pack it into maybe *.tgz and then change it somehow into a *.deb.
> 
> Maybe there is a more simple way und you might want to point me to it.
> 
> Remember, it is just a shell script, where I added some things and set user 
> rights.
> 
> Thanks for any hints.
> 
> Best
> 
> Hans
>  
> 

Here is the manual describing how to build binary packages:

http://www.tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/

Re: Upgrading from Backports

2016-06-08 Thread Alex Mestiashvili 
On 06/07/2016 11:46 PM, Patrick Bartek wrote:
> Need to upgrade claws-mail installed from regular repo to a newer
> version in wheezy-backports.  I don't want to end up with two installed
> versions.  Have done research, but have found nothing specific about
> this particular procedure.  Would
> 
>apt-get install -t wheezy-backports claws-mail=
> 
> upgrade the old version or just install the new version along side the
> old.
> 

It will upgrade the package. In this case backports simply provide a
more up-to-date version of the same software.

Re: clamav 0.99.2 in jessie

2016-05-24 Thread Alex Mestiashvili 
On 05/24/2016 09:41 AM, Arnaud Jacques / SecuriteInfo.com wrote:
> Hello,
> 
>> Is there a way to get 0.99.2 in Jessie (jessie-updates and jessie
>> backports do not have it either).
> 
> More information at :
> 
> https://qa.debian.org/developer.php?login=pkg-clamav-devel%40lists.alioth.debian.org
> 
> Link to "Excuse" : https://qa.debian.org/excuses.php?package=clamav
> 
> "Too young, only 4 of 5 days old ".
> 
> This seems a normal process. Maybe we just have to wait a few more days.
> 

Well, for jessie you'll need to wait a bit longer :)
In a couple of days it will migrate from unstable to testing. Jessie is
the current stable.

What you can do is to get the source from unstable/testing and build it
for Jessie:
You'll need the build-essential, devscripts and possibly other devel
packages installed

1. get the source
 dget -ux
http://http.debian.net/debian/pool/main/c/clamav/clamav_0.99.2+dfsg-2.dsc

2. cd clamav-0.99.2+dfsg &&  debuild -us -uc

note the line "dpkg-checkbuilddeps: error: Unmet build dependencies:"
and install the listed packages, "package | anotherpackage" means one OR
another.
After the installation is done goto step 2.

Wait untill it is build and install it with

 dpkg -i ../.deb

Here is the list of packages:

ls -1 ../ | grep deb
clamav_0.99.2+dfsg-2_amd64.deb
clamav_0.99.2+dfsg-2.debian.tar.xz
clamav-base_0.99.2+dfsg-2_all.deb
clamav-daemon_0.99.2+dfsg-2_amd64.deb
clamav-daemon-dbgsym_0.99.2+dfsg-2_amd64.deb
clamav-dbgsym_0.99.2+dfsg-2_amd64.deb
clamav-docs_0.99.2+dfsg-2_all.deb
clamav-freshclam_0.99.2+dfsg-2_amd64.deb
clamav-freshclam-dbgsym_0.99.2+dfsg-2_amd64.deb
clamav-milter_0.99.2+dfsg-2_amd64.deb
clamav-milter-dbgsym_0.99.2+dfsg-2_amd64.deb
clamav-testfiles_0.99.2+dfsg-2_all.deb
clamdscan_0.99.2+dfsg-2_amd64.deb
clamdscan-dbgsym_0.99.2+dfsg-2_amd64.deb
libclamav7_0.99.2+dfsg-2_amd64.deb
libclamav7-dbgsym_0.99.2+dfsg-2_amd64.deb
libclamav-dev_0.99.2+dfsg-2_amd64.deb

Re: Chromium. Good Alternative for Chrome?

2016-05-12 Thread Alex Mestiashvili 
On 05/12/2016 09:49 AM, Lisi Reisz wrote:
> On Thursday 12 May 2016 08:12:22 Curt wrote:
>> You should probably run 'check-support-status' to obtain a list of
>> packages on your machine that are no longer supported security-wise.
> 
> lisi@Tux-II:~$ check-support-status
> check-support-status: command not found
> lisi@Tux-II:~$ aptitude show check-support-status
> E: Unable to locate package check-support-status

In this case you are looking for a file from a package and not for a
package.

try apt-file search check-support-status

assuming that apt-file is installed and updated..

Re: Debian package: Quilt | git | add files to package

2016-05-09 Thread Alex Mestiashvili 
On 05/09/2016 02:55 PM, Denny Fuchs wrote:
> hi,
> 
> I trying to create a own Debian package which mostly worked without Git.
> Now I moved the sources (only files) to a Git repo and using
> git-buildpackage. That was working too, until I wanted to add a file
> (example Apache config). Now it fails ... and I don't get it.
> I red, that a Git commit (the new file for example) has to be added via
> a (quilt) patch, so I created one:
> 
> $ quilt new apache2.conf
> $ quilt add apache2.conf
> $ quilt edit apache2.conf
> 
> $ quilt refresh
> 
> $ quilt header --dep3 -e
> $ quilt push
> <.. apache.conf was successful created>
> $ quilt pop -a
> 
> git add debian/patches/apache.conf
> git commit -m "Added apache example config" debian/patches/apache.conf
> debian/patches/series
> 
> In the Makefile (also a quilt patch), I tried to copy the created
> apache.conf file to /usr/share/doc//apache.conf.example
> 
> The problem is, that the apache.conf would be created _after_ my cp
> command from the Makefile .. so I changed the order that apache.conf
> patch comes first. But that doesn't fix the problem. " cp: cannot stat
> ‘apache.conf’: No such file or directory'.
> 
> So, maybe I'm completely wrong. How should I add new files to use with
> Git / quilt and get it working with:
> 
> $ git-buildpackage --git-tag -uc -us  --git-ignore-new
> --git-ignore-branch   --git-tag --git-cleaner='git clean -dfx'
> 
> 
> any suggestions are welcome :-)
> 
> cu denny
> 
> 

Hi,

This question is more suitable for debian-mentors mailing list.

I guess that using git-buildpackage assumes that you have 3 branches -
master, upstream and pristine-tar

Your debian directory is part of master branch and you are free to
modify it as you like, the only thing you need to do after the change is
to commit your changes to the master branch...

Quilt patches needed only if you want to patch the source code of your
package i.e. files not in debian/

Here you can find some details about gbp buildpackage practices:
 http://debian-med.alioth.debian.org/docs/policy.html

Best,
Alex

Re: flash?

2016-03-14 Thread Alex Mestiashvili 
On 03/14/2016 05:28 PM, Gene Heskett wrote:
> On Monday 14 March 2016 12:22:45 Gene Heskett wrote:
> 
>> Greetings;
>>
>> Adobe just announced a whole passel of fixes, including the linux
>> flash.
>>
>> When do we get them?
>>
>> Thanks.
>>
>> Cheers, Gene Heskett
> 
> And a second question:
> 
> How do I modify the apt-get sources files entry for mozilla/firefox so it 
> works again?
> 
> Cheers, Gene Heskett
> 

Well, flash is evil :)

update-flashplugin-nonfree  --status (flashplugin-nonfree) package

Re: Difficulties while installing additional packages from .iso (USB stick) after successful stretch install

2016-02-07 Thread Alex Mestiashvili 
On 02/07/2016 02:15 PM, Chris Bannister wrote:
> On Sat, Feb 06, 2016 at 11:06:56AM +0100, sb...@secure.mailbox.org wrote:
>> Hi list members,
>>
>> I have successfully installed stretch from a usb stick onto which I had
>> downloaded the latest amd64 weekly-build DVD-1.iso and other necessary
>> init files.
>> Well, after the install process had finished, I rebooted from harddisk and
>> everything worked, but when I now try to use apt to install more files
>> FROM THE DVD.iso on the stick (not over the network), it tells me to
>> insert the cdrom:[DEBIAN_TESTING...DVD-iso-1], even when the USB
>> stick is already inserted in the slot - no, apt wants a cdrom (and that's
>> what the source.list indicates: cdrom. 
>> It's an iso-hybrid as you know, but I can't find a way to tell apt to use
>> this very same USB stick (with the named ISO) from which the installing
>> process had been carried out. 
>> When I put different forms of identifying the USB stick into the
>> sources.list apt says something like "there is no driver for that device
>> installed" or "there is no release file" (when I put
>> file://var/lib/apt/lists directory) and does not proceed. But the
> Have a look at 'man sources.list'
>
> e.g. in examples it has deb file:/home/jason/debian unstable main contrib 
> non-free
> note it's not 'file://'
>
> Please inform the list of your progress, I too would like to know the
> solution for future reference.
>

There is a tool called apt-cdrom, but it didn't work the way I wanted.
Here is the thread explaining the procedure of adding a local iso image
to sources.list:
 https://lists.debian.org/debian-user/2014/05/msg00562.html

Re: Difficulties while installing additional packages from .iso (USB stick) after successful stretch install

2016-02-06 Thread Alex Mestiashvili 
On 02/06/2016 11:06 AM, sb...@secure.mailbox.org wrote:
> Hi list members,
>
> I have successfully installed stretch from a usb stick onto which I had
> downloaded the latest amd64 weekly-build DVD-1.iso and other necessary
> init files.
> Well, after the install process had finished, I rebooted from harddisk and
> everything worked, but when I now try to use apt to install more files
> FROM THE DVD.iso on the stick (not over the network), it tells me to
> insert the cdrom:[DEBIAN_TESTING...DVD-iso-1], even when the USB
> stick is already inserted in the slot - no, apt wants a cdrom (and that's
> what the source.list indicates: cdrom. 
> It's an iso-hybrid as you know, but I can't find a way to tell apt to use
> this very same USB stick (with the named ISO) from which the installing
> process had been carried out. 
> When I put different forms of identifying the USB stick into the
> sources.list apt says something like "there is no driver for that device
> installed" or "there is no release file" (when I put
> file://var/lib/apt/lists directory) and does not proceed. But the
> installer correctly used this USB stick. I can't figure out how to work
> around that, or what's going wrong. Do you have an idea?
> I read the install.txt from beginning to end, but I couldn't find any
> hints on this issue.
>  
> Thanks in advance.
>  
> Stephan
>
> P.S. Please CC me as I'm not subscribed to the list.
>

I would mount the .iso image and point the apt to the mount point:
 
 mount -o loop -t iso9660 /mnt/usb_stick/debian.iso /mnt/cdrom

Re: Testing Jessie in a chroot?

2015-11-24 Thread Alex Mestiashvili 
On 11/24/2015 04:22 PM, Marc Shapiro wrote:
> I am still running Wheezy and would like to test Jessie before
> committing to it.  Is a chroot a viable method? 

I think it would be easier to go either with linux containers or virtual
machine ( virtualbox, qemu, xen, kvm ...)

Re: Install fail on a Macbook

2015-11-07 Thread Alex Mestiashvili 
On 11/07/2015 06:30 PM, Ed Jabbour wrote:
> Tried - and failed - to install Wheezy on an old - late 2008 - 
> Macbook.

Why not Jessie ?

>  Any pointers, hints, solutions, etc. appreciated.
>

Just in case you didn't see this link:
https://wiki.debian.org/InstallingDebianOn/Apple

Re: /bin/sh: 1: lpr: not found on jessie amd64

2015-10-25 Thread Alex Mestiashvili 
On 10/25/2015 05:29 AM, Juan R. de Silva wrote:
>> The packages cups-bsd, lpr, and lprng all have lpr. Try installing them
>> and removing them in turn, and see which works.
> Installation of cups-bsd did the trick.
>
> BTW, I tried installing lpr before and it did not help. 
>
> This is weird, since I've looked into my i386 installation and neither 
> cups-bsd, nor lprng, nor lpr are installed there. Why all at sudden cups-
> bsd was necessary on amd64?

you can see which package provides a file with dpkg-query:

dpkg-query -S `which lpr`

will show you the package, unless you have it installed some other way.

if you need to find a file which is a part of a package you can use apt-file

apt-file update
apt-file  search  -x "\/lpr$"

will show you packages containing lpr pattern
-x flag tells apt-file to use perl like regular expressions

Re: Starting, installing Redmine

2015-08-20 Thread Alex Mestiashvili 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 08/20/2015 09:35 AM, to...@tuxteam.de wrote:
 content of /etc/apache2/sites-enabled
  root@supercrunch:/etc/apache2/sites-enabled# ll
  total 0
  lrwxrwxrwx 1 root root 35 Apr 28 00:22 000-default.conf -
  ../sites-available/000-default.conf
  lrwxrwxrwx 1 root root 47 Aug 19 18:42 apache2-passenger-alias.conf
  - ../sites-available/apache2-passenger-alias.conf
  lrwxrwxrwx 1 root root 31 Aug 17 19:37 redmine.conf -
  ../sites-available/redmine.conf
 


 This looks sane so far. Although I'm a bit confused by seeing a
 apache2-passenger-alias *and* a redmine conf. But that might
 be OK.

I would disable the redmine.conf as it can overlap with
apache2-passenger-alias.conf
And it makes no sense to have 2 configs for the same application.



  And the content of apache2-passenger-alias.conf
  # The passenger module (from the libapache2-mod-passenger package)
must be
  # enabled
  VirtualHost *:80
  # ServerName localhost
  # this is the passenger config
  RailsEnv production
  SetEnv X_DEBIAN_SITEID default
  SetEnv RAILS_RELATIVE_URL_ROOT /redmine
  PassengerDefaultUser www-data
  # apache2 serves public files
  Alias /redmine/plugin_assets/
/var/cache/redmine/default/plugin_assets/
  Alias /redmine /usr/share/redmine/public
  Location /redmine
  PassengerBaseURI /redmine
  PassengerAppRoot /usr/share/redmine
  /Location
  Directory /usr/share/redmine/public
  Allow from all
  Options -MultiViews
  Require all granted
  /Directory
  /VirtualHost

You haven't set the ServerName .
Please set it and restart apache2
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJV1YeFAAoJEBz3khEbUiiwWaEQAKxnfyzvK3YCwrfS97ZtEy8x
SMsqda+VPiThJGHvRlxwECu0TrxSKfmfOy4dbH0Nor/UDmsfez7gGOixvvXvWo9t
r1j6bq3Ldt1fyiLshntHs+wCcxqcIx/xKy+U8P422mbbZyt7ck/z/lrciY4YWDJm
ALYKilenWsewamcr4/QnMfh+s6MzyplA532kJZdJc04EXaPfFQYYKx8N5/DoDITB
ol1Klsg+VI3M9op7QYOj7FXgjxLzxSfKucOLUc7yeJuRtKgyrZgak95IO1gQAOoB
G6p4EUfMge6ktcJRJkt4TFWgPgi2wYfQLOFUBHRu9ZEXTelWEbH5mOSE3eVulmj9
1AKq+iatA90Q4IucwTXGDo/vA7yXikKJSqqrlEHN60ezNTJv/xHz1ffphOoUrnO2
3nYiWjC1zJt4RJrKe1vOwI/MfFunPEVMmVEx4i/MqrWI1/R7/c3YdH3EGWcJDCtq
+LDStvnvzqd7K3NrGMp7lmb2K6MtpJr/QZn26DkLTIhx0H/6p+4648NUD2Wh4IQN
lqvDdPrkAYt+ivR05kJe54MK/fzCg05ArtkoKIDdWy5FSnK6vCCPsXU5EKZ06AYt
v7m4tj4r6JLQExxoabirqmJz6rqMQAGyKdKgjrJQ5SsQiLh8F2+gpz4rfIBIV3Iv
SNhhkKFHVTdORXZ/J1vN
=5jHH
-END PGP SIGNATURE-

Re: Starting, installing Redmine

2015-08-19 Thread Alex Mestiashvili 
On 08/19/2015 06:26 PM, Gary Roach wrote:
 On 08/19/2015 01:56 AM, to...@tuxteam.de wrote:
 On Wed, Aug 19, 2015 at 09:34:23AM +0100, Lisi Reisz wrote:

 [...]

  I thought all of them did it in their free time.
 It's (as always) a mix. Some companies do give Debian Developers time
 to work in Debian.

  I understand your
  frustration (I often swear at my computer too, and do even worse
  things), but I think the best way forward is to get involved.
  Some of us just aren't enough use for that, sadly.   So all we can
 do is be
  grateful.  And remember:
 Everyone can get involved. A little newbie help here, a friendly word
 there,
 a little bug report.

  you cannot please all of the people all of the time.
 But it's still important to try.

  And I actually think that you cannot please some of the people ever.
 How would you know you're dealing with one of those without trying?

 ;-)

 Regards
 -- tomás


 I really do appreciate all of the work that the developers do and the
whole open source world is fantastic. Debian is especially easy to
maintain and, with the newer installers, easy to install. That said, I
still think that better support for the new user (of any package) is
critical to the spread of Debian systems. I know that the developers are
caught between a rock and a hard place with time and must choose to
sacrifice development time for documentation writing time. But if Linux
is to ever be more than third best behind windows and mack
 the nooby support must improve. Before retirement, I was my
organizations sole developer of medium sized database applications for
use by idiots. My criteria of adaquate user support was to give the
finished product to the secretary (or other marginally computer literate
person) and take notes. I learned a lot that way. My main defense of my
views is the huge difference in the friendliness of the various packages
available. Obviously, some packages are just way more complicated than
others. But with that taken in to account there is still a large
variation in their usability. My first choice for making a program
usable is a well functioning setup GUI. My second choice is well
developed, clearly written (no jargon) on line help. My choice of last
resort - although absolutely necessary - is a mailing list. So far
redmine has pretty well failed my first two choices. At this point, I'm
ripping it out and starting over.

 Gary R



1. aptitude install redmine redmine-sqlite

2. Configure database for redmine/instances/default with
dbconfig-common?  Yes

3. Database type - for the sake of simplicity - sqlite3

4. cd  /usr/share/doc/redmine and read the files there

5. less README.Debian:
key points:
- This redmine package is designed to automatically configure database
  BUT NOT the web server.
- By default, redmine admin account log/pass is admin/admin
- MANUAL WEB SERVER CONFIGURATION
  examples are available in /usr/share/doc/redmine/examples.

6. ls -l examples, see what is in apache2-passenger-alias.conf and
apache2-passenger-host.conf

7. aptitude install libapache2-mod-passenger

8. cp /usr/share/doc/redmine/examples/apache2-passenger-alias.conf
/etc/apache2/sites-available/

9. a2ensite apache2-passenger-alias

10. edit /etc/apache2/sites-available/apache2-passenger-alias.conf, set
servername to localhost

11. /etc/init.d/apache2 restart

12. open browser and navigate to localhost/redmine - login as admin/admin.

Took less than 15 minutes.
So in my humble opinion the package is in perfect shape.

Regards,
Alex

Re: Problems with SSD

2015-05-29 Thread Alex Mestiashvili 


 196 Reallocated_Event_Count 0x0033   100   100   003 Pre-fail  
Always   -   0


Reallocated_Event_Count is 0 meaning no bad sectors were ever found. I 
have a failing drive atm and this number slowly piles up.


 201 Unc_Soft_Read_Err_Rate  0x001c   120   120  000Old_age  
 Offline  -   0/6132927




The question is if the string above has any meaning in ssd context...
Usually one can see more information in dmesg output.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/55682494.8040...@biotec.tu-dresden.de

Re: jessie: `evince`, `atril`, `okular` unable to open PDFs; libtiff.so.4: cannot open shared object file: No such file or directory

2015-05-20 Thread Alex Mestiashvili 

On 05/20/2015 08:44 AM, Alexis wrote:


Hi all,

Context: jessie x86_64 [+updates], recently upgraded from wheezy.

i've started having a strange issue where none of `evince`, `atril` or 
`okular` can open PDFs. All produce the error:


libtiff.so.4: cannot open shared object file: No such file or 
directory


libtiff4 is not available in jessie.
you can check it with

  rmadison libtiff4

may be run apt-get dist-upgrade ?

currently atril has version 1.8.1+dfsg1-4 in jessie


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/555c42ab.4070...@biotec.tu-dresden.de

Re: pam debugging

2015-05-12 Thread Alex Mestiashvili 

On 05/11/2015 06:18 PM, Cedric Gava wrote:

Hello

I’am trying to set up pam/ldap authentication on Wheezy, and struggling for 
many days on these topics since I knew nothing from both of them before 
beginning (I know more know ;)

To better understand what’s going on (I have ldap credential issue), I tried to 
activate debug in pam, like, for example :

/etc/pam.d/common-auth  
auth[success=2 default=ignore]  pam_unix.so nullok_secure debug
auth[success=1 default=ignore]  pam_ldap.so use_first_pass debug

/etc/rsyslog.conf
*.=debug -/var/log/debug
tested with :
$ logger -p auth.debug test
OK rsyslog.conf seems ok

I TESTED THEN the pam debug messages
I tried both :
$ pamtester login cedric authenticate
and login out, login in from sshd or tty, NOTHING is visible in /var/log/debug




Stupid question,  did you look in /var/log/auth.log ?
AFAIK the default location for pam logs..



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/5551eec6.5080...@biotec.tu-dresden.de

Re: pam debugging

2015-05-12 Thread Alex Mestiashvili 

On 05/12/2015 02:47 PM, Cedric Gava wrote:

Alex, thank you for your answer, which did not helped me at all but committed 
me to verify once again this point.

Yes I looked before at auth.log, but since the auth.log tells the same thing 
whether I activate debug in pam.d/common-auth or not (see below), I decided to 
ask here.

log WITHOUT ACTIVATING debug when I  auth via ssh :
May 12 14:35:49 wheezy-test sshd[20586]: Accepted password for root from 
192.168.56.100 port 37456 ssh2
May 12 14:35:49 wheezy-test sshd[20586]: pam_unix(sshd:session): session opened 
for user root by (uid=0)

log WITH debug ACTIVATED
May 12 14:37:35 wheezy-test sshd[20637]: Accepted password for root from 
192.168.56.100 port 37457 ssh2
May 12 14:37:35 wheezy-test sshd[20637]: pam_unix(sshd:session): session opened 
for user root by (uid=0)

So, the difference between debug activated or not in auth.log is not obviously 
different.

moreover, since I tried to catch every debug level message in 
/var/log/debug.log, I hoped that debug messages would go there too…

Did I still ask stupid question ? Please let me sleep tonight less stupid I 
woke up this morning.

Cedric



Indeed it doesn't work for me too with libpam-ldap.
But it seem to work with libpam-ldapd ( tested on Jessie ).

Your question is absolutely valid, also after some googling I found a 
number of threads confirming that libpam-ldap module ignores debug option:


http://marc.info/?l=pam-listm=114166927627101
http://serverfault.com/questions/249671/switch-on-pam-debugging-to-syslog

Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/555205ee.9090...@biotec.tu-dresden.de

Re: making thumbnails

2015-04-30 Thread Alex Mestiashvili 

On 04/28/2015 06:42 PM, Bob Proulx wrote:

Steve Greig wrote:

I have about 60 large jpg files in a directory. They are almost all over
2MB in size. I want to put them on the internet but wanted to make a
thumbnail version and a small version (about 75KB) of each one so the web
page does not take too long to load.


+1 Bob's answer. Also you can speedup the process by using xargs or 
parallel tool.

So if you have 4 cores on your machine you can do the job much faster:


  for k in *.jpg ; do echo $k ; done |xargs -I{} -P4 convert -quality 
95 {} -geometry 1280 /tmp/{|}||

||
or

||  find /adir_with_pngs -name *.png | parallel -P4 convert -quality 
95 {} -geometry 1280 /tmp/{.}.jpg|


The last one will also convert png to jpg and substitute the extensions 
on the fly.

The result files will end up in /tmp/.

Re: Debian and FQDN lookup

2015-04-02 Thread Alex Mestiashvili 

On 04/02/2015 02:10 PM, Mihamina Rakotomandimby wrote:

Hi al,

WHen issuing 'hostname --fqdn', I'm supposed to get the FQDN.
Anyway when trying some different combinations, involving 
/etc/hostname, /etc/domainname, /etc/hosts, /etc/resolv.conf, I cannot 
figure out where the FQDN is looked up AND with what precedence.
Would you know the mechanism (precedence) and worlkflow where a Debian 
7 machine gets its FQDN?


Thank you.


Hi,

the mechanism is described here:

 http://sources.debian.net/src/hostname/3.15/hostname.c/

and as far as I see it simply asks the DNS about the hostname using 
getaddrinfo.


On my system the --fqdn flag doesn't work if my /etc/resolv.conf 
doesn't have domain mydomain or search mydomain option enabled.


You can see it with strace hostname --fqdn.

Also see man resolver for additional information.

Alex

|
|

Re: Debian and FQDN lookup

2015-04-02 Thread Alex Mestiashvili 

 and as far as I see it simply asks the DNS about the hostname using 
 getaddrinfo.
 
 But, with stock nsswitch.conf, it issues uname(2) syscall first, goes
 to /etc/hosts second, and if it encounters FQDN hostname - it all ends
 here.
 If /etc/hosts contain only bare hostname - it'd return a bare hostname.
 
 Only if /etc/hosts does not contain a hostname - a DNS search will be
 performed (or other resolving method, all according to nsswitch.conf).

Yes, agree, though you will not see any of steps above if nscd is
running as it was in my case.

 
 On my system the --fqdn flag doesn't work if my /etc/resolv.conf 
 doesn't have domain mydomain or search mydomain option enabled.
 
 Or it's because you have a bare hostname in /etc/hosts ;)

It is because /etc/hosts had a wrong entry at the time I was testing it...
Thank you for putting it all together.

Alex


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/551d965f.70...@biotec.tu-dresden.de

Re: Cheap way to track disk usage?

2015-03-03 Thread Alex Mestiashvili 

On 03/03/2015 09:22 AM, Richard Hector wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


In this case, however, we know there's lots of space used, and it's
supposed to be - what we don't know is where in the tree that usage is
changing. That requires running du multiple times, and if done too
often that will have a significant performance impact on the system.



May be you can try to locate the processes creating the files,
like iotop will show you the most active ones and then you can track 
down the open files with help of lsof for example ?





--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54f5867b.3020...@biotec.tu-dresden.de

Re: creating a simple private repository with reprepro

2015-03-02 Thread Alex Mestiashvili 


On 03/01/2015 07:45 PM, Asaf Dalet wrote:


Is there another tool I can use that doesn't have that limitation?



As Mirko suggested you can use independent reprepro repositories.
I do not have experience with other tools like reprepro..

On Mar 1, 2015 3:42 PM, Alex Mestiashvili a...@biotec.tu-dresden.de 
mailto:a...@biotec.tu-dresden.de wrote:


On 03/01/2015 02:32 PM, Asaf Dalet wrote:
 that means I have to change the changelog before each run of
pbuilder?

Yes, but probably you can automatically update the version before
running the pbuilder.
It depends on your build environment.

Re: creating a simple private repository with reprepro

2015-03-01 Thread Alex Mestiashvili 
On 03/01/2015 12:58 PM, Lisi Reisz wrote:
 On Sunday 01 March 2015 09:03:30 Asaf Dalet wrote:
 I have a private debian package which I want publish in binary format.
 I want to supply 2 binary versions:
 1. precise/amd64
 2. trusty/amd64
 That's not Debian.  It's Ubuntu.  Try:

 https://lists.ubuntu.com/
 ubuntu-users - Ubuntu user technical support, not for general discussions
 ubuntu-devel - Ubuntu Development (developers)
 ubuntu-devel-discuss - Ubuntu Development (users and developers)

 Lisi


Hi Lisi,

JFYI: https://wiki.ubuntu.com/Debian/ForUbuntuDevelopers
In this case it really doesn't matter. One can use reprepro for mixed
Ubuntu/Debian repositories.

Regards,
Alex


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54f314d6.9050...@biotec.tu-dresden.de

Re: creating a simple private repository with reprepro

2015-03-01 Thread Alex Mestiashvili 
On 03/01/2015 02:32 PM, Asaf Dalet wrote:
 that means I have to change the changelog before each run of pbuilder?

Yes, but probably you can automatically update the version before
running the pbuilder.
It depends on your build environment.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54f31742.1040...@biotec.tu-dresden.de

Re: creating a simple private repository with reprepro

2015-03-01 Thread Alex Mestiashvili 
On 03/01/2015 10:03 AM, Asaf Dalet wrote:
 Hi,
 I must first apologize for the somewhat lengthy post, but you'll see most
 of it is just directory structures which you can probably skip.

 Here goes:
 I have a private debian package which I want publish in binary format.
 I want to supply 2 binary versions:
 1. precise/amd64
 2. trusty/amd64

 My packages are created with debuild and pbuilder and seem to be setup
 correctly (I tested).

 The problem happens when I'm trying to create my repository - more
 precisely, when I'm trying to add the second package to the repository.

 This is my raw directory structure (the output of debuild and pbuilder):

 ubuntu@ubuntu-build:~/dev/git/foo/_tmp$ ll -R
 .:
 total 16
 drwxrwxr-x 4 ubuntu ubuntu 4096 Mar  1 08:18 ./
 drwxrwxr-x 9 ubuntu ubuntu 4096 Feb 26 11:41 ../
 drwxrwxr-x 4 ubuntu ubuntu 4096 Feb 26 10:02 precise/
 drwxr-xr-x 4 root   root   4096 Feb 26 10:12 trusty/

 ./precise:
 total 16
 drwxrwxr-x 4 ubuntu ubuntu 4096 Feb 26 10:02 ./
 drwxrwxr-x 4 ubuntu ubuntu 4096 Mar  1 08:18 ../
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 09:04 amd64/

 ./precise/amd64:
 total 412
 drwxrwxr-x 2 ubuntu ubuntu   4096 Feb 26 09:04 ./
 drwxrwxr-x 4 ubuntu ubuntu   4096 Feb 26 10:02 ../
 -rw-r--r-- 1 ubuntu ubuntu  19173 Feb 26 09:04 foo_1.0.1_amd64.build
 -rw-r--r-- 1 ubuntu ubuntu   1415 Feb 26 09:04 foo_1.0.1_amd64.changes
 -rw-r--r-- 1 ubuntu ubuntu  20174 Feb 26 09:04 foo_1.0.1_amd64.deb
 -rw-r--r-- 1 ubuntu ubuntu677 Feb 26 09:03 foo_1.0.1.debian.tar.gz
 -rw-r--r-- 1 ubuntu ubuntu794 Feb 26 09:03 foo_1.0.1.dsc
 -rw-rw-r-- 1 ubuntu ubuntu 359985 Feb 26 09:03 foo_1.0.1.orig.tar.gz

 ./trusty:
 total 16
 drwxr-xr-x 4 root   root   4096 Feb 26 10:12 ./
 drwxrwxr-x 4 ubuntu ubuntu 4096 Mar  1 08:18 ../
 drwxr-xr-x 2 root   root   4096 Feb 26 10:08 amd64/

 ./trusty/amd64:
 total 392
 drwxr-xr-x 2 root   root 4096 Feb 26 10:08 ./
 drwxr-xr-x 4 root   root 4096 Feb 26 10:12 ../
 -rw-rw-r-- 1 ubuntu ubuntu   1415 Feb 26 10:08 foo_1.0.1_amd64.changes
 -rw-r--r-- 1 ubuntu ubuntu  20160 Feb 26 10:08 foo_1.0.1_amd64.deb
 -rw-r--r-- 1 ubuntu ubuntu677 Feb 26 10:08 foo_1.0.1.debian.tar.gz
 -rw-r--r-- 1 ubuntu ubuntu794 Feb 26 10:08 foo_1.0.1.dsc
 -rw-rw-r-- 1 ubuntu ubuntu 359985 Feb 26 09:03 foo_1.0.1.orig.tar.gz


 Now, when I run:
 reprepro includedeb precise
 ~/dev/git/foo/_tmp/precise/amd64/foo_1.0.1_amd64.deb

 I get this nice repository structure:
 drwxrwxr-x 6 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 9 ubuntu ubuntu 4096 Feb 26 11:41 ../
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 12:11 conf/
 drwxrwxr-x 2 ubuntu ubuntu 4096 Mar  1 08:08 db/
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 dists/
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 pool/

 ./conf:
 total 16
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 12:11 ./
 drwxrwxr-x 6 ubuntu ubuntu 4096 Feb 26 12:13 ../
 -rw-rw-r-- 1 ubuntu ubuntu  286 Feb 26 12:11 distributions
 -rw-rw-r-- 1 ubuntu ubuntu   41 Feb 26 11:41 options

 ./db:
 total 120
 drwxrwxr-x 2 ubuntu ubuntu  4096 Mar  1 08:08 ./
 drwxrwxr-x 6 ubuntu ubuntu  4096 Feb 26 12:13 ../
 -rw-rw-r-- 1 ubuntu ubuntu 16384 Feb 26 12:13 checksums.db
 -rw-rw-r-- 1 ubuntu ubuntu 16384 Feb 26 12:13 contents.cache.db
 -rw-rw-r-- 1 ubuntu ubuntu 40960 Feb 26 12:13 packages.db
 -rw-rw-r-- 1 ubuntu ubuntu 16384 Feb 26 12:13 references.db
 -rw-rw-r-- 1 ubuntu ubuntu 20480 Feb 26 12:13 release.caches.db
 -rw-rw-r-- 1 ubuntu ubuntu32 Mar  1 08:08 version

 ./dists:
 total 12
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 6 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 precise/

 ./dists/precise:
 total 16
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 4 ubuntu ubuntu 4096 Feb 26 12:13 main/
 -rw-rw-r-- 1 ubuntu ubuntu 1605 Feb 26 12:13 Release

 ./dists/precise/main:
 total 16
 drwxrwxr-x 4 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 12:13 binary-amd64/

 ./dists/precise/main/binary-amd64:
 total 16
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 4 ubuntu ubuntu 4096 Feb 26 12:13 ../
 -rw-rw-r-- 1 ubuntu ubuntu0 Feb 26 12:13 Packages
 -rw-rw-r-- 1 ubuntu ubuntu   20 Feb 26 12:13 Packages.gz
 -rw-rw-r-- 1 ubuntu ubuntu  120 Feb 26 12:13 Release

 ./pool:
 total 12
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 6 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 main/

 ./pool/main:
 total 12
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 p/

 ./pool/main/p:
 total 12
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ./
 drwxrwxr-x 3 ubuntu ubuntu 4096 Feb 26 12:13 ../
 drwxrwxr-x 2 ubuntu ubuntu 4096 Feb 26 12:13 foo/

 ./pool/main/p/foo:
 total 44
 drwxrwxr-x 2 ubuntu ubuntu  4096 Feb 26 12:13 ./
 drwxrwxr-x 3

Re: In menuconfig when Load an Alternate Configuration File, can't enter the file name

2015-03-01 Thread Alex Mestiashvili 
On 03/01/2015 06:55 AM, Csányi Pál wrote:
 Hi,

 I'm compiling a custom kernel for my Debian Wheezy operating system.

 In menuconfig when Load an Alternate Configuration File, can't enter
 the file name.
 The cursor blinking in the field but can't enter any letter.

 How can I solve this problem?


Instead of loading the file, you can place it as .config in the root of
the kernel source tree.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54f3453f.9030...@biotec.tu-dresden.de

Re: Bug or problem with ssd disk

2015-02-03 Thread Alex Mestiashvili 

On 02/03/2015 06:32 AM, Ian Scheehan wrote:

Sometimes (random moment), my debian freeze, stop working.
I don't know which package or kernel part cause that debian jessie freeze.

How can get data/info of my computer and error which happen and send 
report bug to you?


Can you help?

best regards,
Bogdan


There are a lot of tools you can try,
the first thing I would do is to look on dmesg output.
iotop - shows you disk activity,
top or atop to see process activity.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54d08532.2020...@biotec.tu-dresden.de

Re: Bug or problem with ssd disk

2015-02-03 Thread Alex Mestiashvili 

On 02/03/2015 06:32 AM, Ian Scheehan wrote:

Sometimes (random moment), my debian freeze, stop working.
I don't know which package or kernel part cause that debian jessie freeze.

How can get data/info of my computer and error which happen and send 
report bug to you?


Can you help?

best regards,
Bogdan


OK, the first answer probably doesn't address the issue,
Try to check the memory with memtest.
Also graphics drivers can cause problems like that.
It would be more helpful if you would provide more details about hardware.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54d0864b.8080...@biotec.tu-dresden.de

Re: how to paste selected text / keyboard shortcut

2015-01-19 Thread Alex Mestiashvili 
On 01/19/2015 06:53 PM, mrr wrote:
 Hi everybody.

 Ok, my question is in the title but I think I should be more precise so:

 I often use the mouse to select some text and then I can paste it
 using the central wheel button of the mouse (that can be simulated by
 clicking both buttons if you don't have the wheel button but I'm
 getting out of subject...).

 Is there any way I could paste the selected text with a keyboard
 shortcut ?

 Maybe this isn't possible with only one shortcut as pasting may
 depends on the application _taking_ the paste (I mean that pasting
 some text in thunderbird or in a shell might involve a different logic
 but it sure works with the central button the same way so??).

 It's not that important but I'm so lazy and taking twice in a row the
 mouse uses my right hand!

 Cheers,

 -- 
 mrr



+1 for Bob's answer, but I also would like to mention xsel  [0]  which
is really cool thing.
Also it's manual reveals some interesting stuff about x selections.

[0] http://www.vergenet.net/~conrad/software/xsel/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54bd55a9.1020...@biotec.tu-dresden.de

Re: Choosing/Rotating screen for greeter

2015-01-12 Thread Alex Mestiashvili 

On 01/12/2015 12:01 PM, Daniel Lintott wrote:

Hi,

I've recently switched to using one of my screens in vertical
orientation. This is fine from the desktop (after login), but currently
the greeter displays on the vertical screen but on it's side.

Is it possible to move the greeter to the other screen, which is
horizontal or rotate the greeter so it displays correctly?

Cheers

Daniel

PS: I'm not subscribed, so please CC me. Thanks



I use lightdm with option display-setup-script:

display-setup-script=/etc/fixscreen.sh

cat /etc/fixscreen.sh:
#!/bin/sh
/usr/bin/xrandr --output DP-1 --rotate left

execute xrandr in your x session to get the output names.




--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54b3b3f8.5010...@biotec.tu-dresden.de

Re: multiple versions of python

2014-12-29 Thread Alex Mestiashvili 

On 12/29/2014 09:17 PM, Boruch Baum wrote:

Hello everyone,

I'm preparing two bug reports, and in trying to sort one of them out, it
seems that it may be linked to an incompatibility of a script with
python2.7 (see bug #659831). So, in test that possibility, what I would
like to do is install some other version of python (I see 2.5 and 2.6 in
the repositories), in order to see whether the package works with
another version.

My questions revolve around how time-consuming and worthwhile this
exercise will be:

1] Can I have multiple versions of python simultaneously?

2] Is there a way to specify that one package use a non-default version
of python? (I don't want to set an old version of python as default, if
that risks having other packages, depending on 2.7, break).

3] Is this a quick, straightforward install? Or is it going to be
something like an emacs install, with all kinds of time-consuming,
interminable local compilations and configurations?

Please respond to me directly, and on list. Thanks.


It sounds like you need virtualenv: https://pypi.python.org/pypi/virtualenv

Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54a1c7f8.2070...@biotec.tu-dresden.de

Re: Skipping fsck during boot with systemd?

2014-12-05 Thread Alex Mestiashvili 

On 12/05/2014 07:43 PM, The Wanderer wrote:

On 12/05/2014 at 01:05 PM, Brian wrote:


On Fri 05 Dec 2014 at 09:04:14 -0800, Eduardo Nogueira wrote:


With init, skipping a scheduled fsck during boot was easy, you just
pressed Ctrl+c, it was obvious! Today I was late for an online
conference. I got home, turned on my computer, and systemd decided
it was time to run fsck on my 1TB hard drive. Ok, I just skip it,
right? Well, Ctrl+c does not work, ESC does not work, nothing seems
to work. I Googled for an answer on my phone but nothing. So, is
there a mysterious set of commands they came up with to skip an
fsck or is it yet another flaw?

fsck.mode=skip on the kernel command line.

That lets you prevent systemd from running fsck in the first place.

Unless I'm greatly misunderstanding what I've read so far, it does not
let you cancel a systemd-initiated boot-time fsck which is already in
progress.

Discussion found via Google seems to indicate that even Ctrl-Alt-Delete
or the power button (short of the hard-power-off form, which can corrupt
the filesystem being checked) will be ignored by systemd while such a
fsck is in progress.

https://bugzilla.redhat.com/show_bug.cgi?id=719952 seems like it might
be related.



wow,  systemd even disables SysRq by default: #725422
Good to know. Luckily it was fixed in Debian.
But this is imho insane, why one would override such stuff??  I start to 
understand systemd haters :)



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54820801.4050...@biotec.tu-dresden.de

Re: Suggestion for systemd and /usr on seperate partition

2014-10-30 Thread Alex Mestiashvili 

On 10/30/2014 10:27 AM, Hans wrote:

Dear maintainers,

completely without starting any flamewars:

I am using systemd and I have /usr mounted on a separate partition as well as
/var, /home, /boot and /.

Additionally /usr, /var and /home are luks encrypted.

Due to this profile, I get a lot of annoying errors, as systemd does not find
/usr when it is started, because it produces an error and then switches to
verbose mode. This is very annoying!

For a new installation it might be ok, to put /usr on the root partition, but
I guess, there are a lot of systems in the world running a partition profile
like mine.

Besides of the mentioned problem systemd is running well.

I thought about this problem. Might it be possible, to change systemd in that
way, that it will start after all partitions are mounted? I know, it must be
done in the source code, but as I am no coder, I cannot do it myself.

So I ask the developers hereby, maybe it wil be possible to do that.

Again, I do not want to start any flamewars! IMO each user should decide for
himself, what he wants to use. I want to use systemd, and I just intend with
this message to improve systemd.

Thank you very much for reading this and any help.

Best regards

Hans


  




Hi Hans,
have a look on this link:

 http://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken/

Best,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/545213df.30...@biotec.tu-dresden.de

Re: Suggestions? A small webserver for file upload

2014-09-26 Thread Alex Mestiashvili 

On 09/24/2014 03:53 PM, Ron Leach wrote:

List, good afternoon,

What package would list members suggest for a small webserver that 
would enable co-workers to upload files to us?


We exchange files with people we work with through email and 
attachments - that normally works well.  During a recent weekend, a 
co-worker's email service failed and we were unable to receive several 
files.  Fortunately, their email outage was repaired in 6 hours so we 
didn't lose too much time.  During the outage I did look around for 
possible solutions and determined that we'd prefer to have:


(i) our own webserver, preferably simple to set up and operate
(ii) able to present a few simple unscripted 'about us' type of pages
(ii) a file upload facility, but with some important (to us) 
restrictions, including:
  (a) access for upload only after entry of pre-assigned username and 
password
  (b) file upload into a nominated-by-us directory by that logged-in 
user, and with write-only permissions, if that were possible, so that 
any access breach through another method would not enable access to 
any uploaded files
  (c) access by us to all uploaded files, for inspection and 
subsequent transferring to appropriate file-system users or directories
  (d) file upload facility to be able to be disabled by us - this 
would be the normal state - and enabled solely on emergency occasions 
such as counter-party email failures


As I understand it (I've previously prepared a few simple webpages so 
have a rudimentary understanding of HTML) we would need a script to 
perform the upload.  A package that provided some scripting ability 
would be helpful, most especially if the package documentation would 
also cover the scripting aspects, that would be very helpful.  Though 
there are alternative well-known methods of providing remote file 
upload, most of our co workers are using Windows systems equipped only 
with a browser and some office suites.  We do not want to enable SSH 
logins (the co-workers probably do not have access to, nor know how to 
use, SSH; neither do we want to employ FTP because of both the large 
number of inbound ports that may have to be opened, and (again) 
possible difficulties for co workers in establishing an FTP link from 
their Windows system, especially when behind a partially-restricted FW 
and NAT.  Email works well for them, and so does http.


We have a couple of Debian machines we could run this application on, 
Wheezy and Squeeze.  What would people's preferred webserver package 
be for this type of application?


regards, Ron




It sounds to me like a good use case for retroshare or owncloud.
The last one is available in debian as package and has a good community 
as far as i know.


reinventing the wheel is of course fun, but unless you want to learn web 
programming I would suggest to avoid it.


regards,
Alex



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54255ae3.5040...@biotec.tu-dresden.de

Re: Sid Systemd upgrade

2014-07-21 Thread Alex Mestiashvili 

On 07/21/2014 04:34 PM, Chris Bannister wrote:

On Mon, Jul 21, 2014 at 07:26:43AM +0200, Erwan David wrote:

I do not have the ressources to test : no time no machine which I can afford to 
break.

And since today syste,md-shim is no more an option (aptitude wants to remove it)

I do not want to test. I want to be surze it works. And what I read
uis tyhat IT DOES NOT WORK in all configurations. That does not
prevent to FORCE every debian intstallationto an undebegguged systemd.
(even systemd-shim is no more an option in testing).

Are you seriously telling us you are running testing in a production
environment? tch ... tch ... tch ... silly boy!



The selection of system used for a task depends a lot on the task.
I do not see anything silly in using testing in production.




--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/53cd8b91.7030...@biotec.tu-dresden.de

Re: upgrading kernel on wheezy

2014-07-03 Thread Alex Mestiashvili 

On 07/03/2014 07:28 PM, François Patte wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Bonjour,


I'd like to install kernel 3.14 on wheezy from backports.

Is the install with apt keeps the previous kernel and add an entry to
the grub menu so I could come back to kernel 3.2 in case...

Thank you



Hi,

installing a new kernel should be fine, the old one will stay untouched.

Best,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/53b5974a.8090...@biotec.tu-dresden.de

Re: Can't get Apache to display a directory

2014-05-13 Thread Alex Mestiashvili 

On 05/13/2014 02:16 AM, Stephen Powell wrote:

I recently upgraded a back-end server from wheezy to jessie, and with the 
upgrade,
Apache went from 2.2 to 2.4.  There are a lot of changes to Apache between 2.2
and 2.4, especially in the area of authentications, authorizations, etc.
One difference that I have not been able to figure out is how to allow access
to a directory.  I'm not talking about allowing access to the files in the
directory, I'm talking about access to the directory itself.  On apache2,
for example, if I had a directory called xyz in /var/www, I could type in
the address bar of my browser something like this:

http://my.server.ip.address/xyz

And it would show me a list of files in the xyz directory.  I could then click
on the filename of one of the files in the directory and see that file.
But with the new apache server, I get a 404 - not found error.  I have
looked at the apache documentation, but cannot figure out how to accomplish
what I want.  How do I get this to work?

Basically, I want a configuration that allows all users to view all documents
and all directories under /var/www/html.  I don't want to have to define
userids or passwords.  No authentication of users will be done.



I think you are looking for:

Require all granted

directive. Had some troubles with it too.

http://httpd.apache.org/docs/current/mod/mod_authz_core.html#require

Best,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/5371c35a.1090...@biotec.tu-dresden.de

Re: Is Debian still Debian?

2014-05-10 Thread Alex Mestiashvili 

Hi,
On 05/10/2014 10:54 AM, Slavko wrote:

Hi,

in last weeks (or months?) i see a lot of daily updates in Debian
testing. I am using the testing for years and i am surprised by this.


testing is the key word, if you would use sid, you probably would wonder 
even more :)

If there would be no updates in testing that would mean that Debian is dead.


There are three changes: 2 times Ubuntu, 4 time Ubuntu bugs fixed (and
one Debian). Really are Debian users interested in Ubuntu problems?!


A lot of stuff in Debian came from Ubuntu and much more Linux stuff is 
developed by RedHat and other companies.

Also a lot of Debian developers are also Ubuntu developers and vice versa.



But this question involves some another:

* Is this a direction, where Debian is coming in near future?
* Need i escape from Debian, as i ran away from Ubuntu?


I would suggest in this case LFS, no bloody packaging, unless you build 
your own package manager.


Best,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/536e0bc4.3010...@biotec.tu-dresden.de

Re: Directly connecting two computers

2014-04-27 Thread Alex Mestiashvili 

On 04/26/2014 08:56 PM, Richard Hector wrote:

On 27/04/14 05:36, Martin wrote:

Hello,

I have two computer that I want to connect directly, similarly as I did
long time ago with Null-Modem cable ( or LapLink cable).

I have obtained a crossover ethernet cable that I plug in network card
of each computer. Now the problem is how to configure eth0 on both
computer so they can communicate.

In /etc/hosts on both computers I have
192.168.231.2   neolit
192.168.231.3   paleolit

All good so far.


On one computer I have this entry in /etc/network/interfaces
auto eth0
iface eth0 inet static
 address 192.168.231.3
 pointopoint 192.168.231.2
 netmask 255.255.255.255

I don't know if pointopoint can work with ethernet cards, but anyway
there's no need for it.


The netmask is obviously wrong.

point-to-point is 31 bit - the last octet of the netmask  is 254.

if the op wants to have a smallest possible subnetwork than he can go 
with 30 bit - 255.255.255.254.


Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/535ca6ab.3080...@biotec.tu-dresden.de

Re: Sun/Oracle Java

2014-04-17 Thread Alex Mestiashvili 

On 04/16/2014 10:09 PM, Ric Moore wrote:

On 04/16/2014 03:16 AM, Frank Weißer wrote:

Hi Oliver!


 Facing the same problem a while ago, i somewhere found a hint to add

 deb http://www.duinsoft.nl/pkg debs all

 to sources.list. Don't remember from where, but it works for me on
 debian testing.


I use this with Debian Wheezy and Jessie

|sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java7-installer

It does everything, including updating the browser, correcting the 
links in alternatives and setting paths. It's blooming magic. I too 
have an app that refuses to run with OpenJDK. Ric
http://www.webupd8.org/2012/01/install-oracle-java-jdk-7-in-ubuntu-via.html 








But it is not  for Debian!, even if it works it doesn't mean that it is 
a good idea to inlcude ubuntu ppa-s into debian.


the official way seem to be java-package: 
https://wiki.debian.org/JavaPackage


I personally stick to rraptor: https://github.com/rraptorr/oracle-java7

Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/534f8eee.5010...@biotec.tu-dresden.de

Re: Cropping a large collection of .PNG screenshots

2014-04-10 Thread Alex Mestiashvili 

On 04/09/2014 11:03 PM, Jonathan Dowland wrote:

On Wed, Apr 09, 2014 at 03:12:40PM +0200, Alex Mestiashvili wrote:

|
  find . -name *.png | parallel -P8 convert -quality 95 {} -geometry 1280 
/tmp/{.}.jpg|

Alternatively

find . -name *.png -exec convert -quality 95 {} -geometry 1280 /tmp/{}.jpg +

note '+' not '\;' which denotes to run jobs in parallel (here, not specifying
a max concurrency limit)




Nice, thanks for sharing!  but according the man page
 Only one instance of `{}' is allowed within the command

The benefit of parallel over xargs or find is that it is much more 
flexible with arguments in {}.

For example in the first convert example png files are converted to jpg.
With xargs the result will look like $file.png.jpg
With parallel one can alter arguments in {}, so the end result will be 
$file.jpg


Best,
Alex





--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/534650b0.4010...@biotec.tu-dresden.de

Re: Cropping a large collection of .PNG screenshots

2014-04-09 Thread Alex Mestiashvili 

On 04/09/2014 12:03 PM, Kevin O'Gorman wrote:

I have a few hundred screen shots I want to put on a web page, but
they are all full-screen and I want to crop to the real contents.
This is an identical region in all cases.  So I want to script it.

So, 2 questions:
A) What's the best tool for the job?  Gimp, irfanview, or something else?
B) Is there a script already in existence where I can just change the
crop rectangle?  I really don't want to learn a new language for a
one-time job.



If you have a powerful machine with many cores you can speedup the batch 
process by using xargs or parallel with -Px argument.

The following one liner will utilize 8 cores for example:
assuming you have your files in one dir

|
 find . -name *.png | parallel -P8 convert -quality 95 {} -geometry 1280 
/tmp/{.}.jpg|

Adjust for the crop instead of resize ..

Alex

Re: How can I secure a Debian installation?

2014-01-31 Thread Alex Mestiashvili 


I have to agree with you here, Raffaele.  While it's nice to talk 
about users and 20 character random keys, the fact of the matter is, 
they aren't used by the vast majority of users.  In many cases, even 
those who *should* know better don't do it.


Sure, you could require a 20 character random key on your site - but 
you won't get many people to sign up.  Rather than try to remember 
such a password, most people will just move on.
There are other tools too, for example pam-abl [0], which imho makes a 
brute force almost useless unless there is a distributed brute force...

http://sourceforge.net/projects/pam-abl/

Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/52ec0e77.2070...@biotec.tu-dresden.de

Re: How to patch files in a package's debian directory

2014-01-14 Thread Alex Mestiashvili 

On 01/13/2014 03:49 PM, Malte Forkel wrote:

Hello,

I'm testing some changes to an existing package which is using format
3.0 (quilt). I have split my changes into two patches: One modifies the
original source, one adapts files in the debian directory.

This approach fails when I build the package due to the way dpkg-source
build the source package. As described in dpkg-source(1), it extracts
the original tarball into a temporary directory, copies the existing
debian directory and then applies all patches. But since the files in
debian have already been patched, dpkg-source fails because my second
patch can not be applied twice.

There were three reasons for my approach: I would still like to be able
to build versions of the package without the changes I'm currently
testing. Plus, I would to easily reapply my changes when a new version
of the package is available. And finally, I thought the two patches were
a convenient format for passing along my changes to non-Debian and
Debian users, e.g. to the upstream packager.

How would you handle this?

Thanks
Malte



Hi Malte,

I am also interested in possible solutions, but I would use git with 2 
branches - one for debian package, and one for the modified version.


This way by switching between branches you can build packages you need.

Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/52d5071b.9040...@biotec.tu-dresden.de

Re: New to Debian (Gentoo user) - package management

2014-01-14 Thread Alex Mestiashvili 

On 01/14/2014 12:05 PM, Tanstaafl wrote:

On 2014-01-03 9:18 AM, Sven Hartge s...@svenhartge.de wrote:

emerge --pretend -vuDN world
results in a list of all available updates, as well as any dependencies
that would be installed, which I can then pick and choose from. I
usually wait until newly available updates have been available for at
least a few days before installing them, to avoid nasty surprises.



apt-get -s dist-upgrade


Um... it looks like this actually performs the update?

I want to see what updates would be applied, but NOT apply them yet.

That is what the --pretend flag in gentoo does (actually the short 
version is 'emerge -pvuDN world')...





are there man pages in gentoo :) ?

man apt-get

-s, --simulate, --just-print, --dry-run, --recon, --no-act
   No action; perform a simulation of events that would occur 
but do not actually change the system. Configuration Item: 
APT::Get::Simulate.


   Simulated runs performed as a user will automatically 
deactivate locking (Debug::NoLocking), and if the option 
APT::Get::Show-User-Simulation-Note is set (as it is by default) a 
notice will also
   be displayed indicating that this is only a simulation. Runs 
performed as root do not trigger either NoLocking or the notice - 
superusers should know what they are doing without further warnings

   from apt-get.

   Simulated runs print out a series of lines, each 
representing a dpkg operation: configure (Conf), remove (Remv) or unpack 
(Inst). Square brackets indicate broken packages, and empty square

   brackets indicate breaks that are of no consequence (rare).


Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/52d51b22.4020...@biotec.tu-dresden.de

Re: How to patch files in a package's debian directory

2014-01-14 Thread Alex Mestiashvili 

On 01/14/2014 03:04 PM, Malte Forkel wrote:

Am 14.01.2014 10:44, schrieb Alex Mestiashvili:

I am also interested in possible solutions, but I would use git with 2
branches - one for debian package, and one for the modified version.

This way by switching between branches you can build packages you need.


Using git is probably a good idea. I've briefly looked at packaging with
git a couple of times before, but never got around to actually using it.
Can I stick with the source format 3.0 (quilt) that the upstream
packager uses and still manage the project's sources or just the debian
directory with git?
Usually if a package maintained in a git repository than the whole 
source is in git, but in different branches:


Upstream sources are kept (in plain, uncompressed form) in the 
|upstream| branch. The data needed to regenerate original source 
tarballs from the |upstream| branch are kept with the help of the 
/pristine-tar(1)/ tool in the |pristine-tar| branch. Upstream sources 
are merged with Debian-specific changes in the |master| branch, which is 
the usual place to work in.


taken from here: http://pkg-perl.alioth.debian.org/git.html

In theory it should be fine to have one more branch with your local 
modifications, but I don't know if it will work with git-buildpackage 
out of box.


I think this kind of questions are best answered in debian-mentors 
mailing list or IRC.


Best regards,
Alex

Re: sd card not detected

2013-11-11 Thread Alex Mestiashvili 

On 11/02/2013 01:51 PM, Linux-Fan wrote:

On 11/01/2013 07:35 PM, Alex Mestiashvili wrote:

Hi All,

A card inserted into card reader is not mounted automatically and even
doesn't shown up in the dmesg output, but if I switch off and on the
monitor with cardreader or run lshw the card appears and is mounted.

the same happens with the second card reader in the pc. ( one is in
monitor, second in the computer itself)

other usb devices work fine.

The hci/usb modules:

lsmod | egrep hci|usb_storage
usb_storage39406  0
ehci_pci   12432  0
ohci_hcd   22150  0
ehci_hcd   35820  1 ehci_pci
scsi_mod  131001  5 sg,usb_storage,libata,sd_mod,sr_mod
usbcore   110348  8
snd_usb_audio,uvcvideo,usb_storage,ohci_hcd,snd_usbmidi_lib,ehci_hcd,ehci_pci,usbhid

The system is jessie, kernel: 3.10-3-686-pae

Something must be missing, but I really wonder what, as far as I
understand hardware detection is kind of kernel feature..

Thank you,
Alex

I have the same problem here -- since the upgrade from Squeeze to Wheezy
when the HAL was removed, device nodes for CF and SD cards are not
automatically created after insertion. Reconnecting the cardreader helps
here as well, but I did not want to always reconnect the cardreader and
found the following workaround:

http://marc.info/?l=linux-usbm=121459435621262q=p3

This C program allows you to reset a specific USB device which will
behave similar to reconnecting the cardreader in this case. Ater
inserting a SD-card, just use $ ./usbreset /dev/sde (if the card is
normally /dev/sde1) to make the device nodes available.

If you find a better solution, I would also be interested in hearing of
it. Also, the problem does not seem to be specific to a desktop
environment or even Kernel version: I am running Linux 3.2.0-4-amd64
and no desktop environment and get exactly the same behavior.

HTH
Linux-Fan



Hi Linux-Fan,

I didn't have much time to investigate the problem further but the 
problem is solved by udisks-daemon, udisks package.
for some reason It doesn't run on boot in my case,  but running udisks 
--enumerate or something similar triggers the daemon's start and it 
starts to poll the devices.


Regards,
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/528127d3.5050...@biotec.tu-dresden.de

Re: sd card not detected

2013-11-04 Thread Alex Mestiashvili 

On 11/02/2013 05:22 PM, Neal Murphy wrote:

On Saturday, November 02, 2013 06:55:39 AM Alex Mestiashvili wrote:

I use xfce4 4.10, but in this case I think it has nothing to do with the
problem.
The problem is that the device is not detected by the kernel .

it is not visible in the dmesg output and not visible in the output of
fdisk -l.
But other usb devices work fine - a usb stick is detected and mounted
automatically.

ls -l /dev/sd*
skip
brw-rw 1 root floppy 8, 112 Nov  2 11:32 /dev/sdh

/dev/sdh -is the cardreader device.

after inserting a sd card nothing happens - /dev/sdh1 doesn't appear,
but it appears if I run fdisk -l /dev/sdh for example.

It appears as though udev is working correctly. If sdh1 appears when you plug
in the reader with the card already inesrted, udev is definitely working.

What appears not to be working is the daemon that periodically opens and
closes USB devices in the event that a medium was plugged in (used to be hald,
I think). Remember that USB1 and USB2 are master/slave; the host end must
initiate and perform all communication. If the daemon is malfunctioning, the
system will not detect cards inserted into readers: the USB device cannot
autonomously notify the host of the change in status.

The daemon works for me (64-bit Wheezy). (Verifying ... yes, it does work.)

thanks for the details, which daemon ?

You could probably simulate the daemon by running:

while true; do
   # Read a block; ignore failures
   dd if=/dev/sdh of=/dev/null bs=512 count=1
   sleep 3
done /dev/null 21


or even:

while true; do
   # Open the device; close it on success
   exec 3/dev/sdh  exec 3-
   sleep 3
done /dev/null 21


Neither is optimal. Such a script should really look for non-partition USB
additions to /dev/disk/by-id. When found, it should periodically open/close
the device until success or until the device is deleted. Then start over.


Now the situation is more clear.
Thanks.
Alex


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/5277a2f6.40...@biotec.tu-dresden.de

  1   2   >