Re: LibreOffice removed from Debian

[Erwan David]

Le 17/04/2024 à 15:26, Brad Rogers a écrit :

On Wed, 17 Apr 2024 15:12:39 +0200
Vincent Lefevre  wrote:

Hello Vincent,


Is there any reason why LibreOffice has been removed from Debian???

https://tracker.debian.org/pkg/libreoffice

Has all the info you need, and more.  Expect it to be removed from
testing, too.

This is not permanent.

What scares me is seeing part of 18 ongoing transition, and 4 "coming 
soon transitions" with "please do not upload if it is not related to the 
transition".

Re: How does the 64bits time_t transition work?

[Erwan David]

Le 20/03/2024 à 09:09, Marco Moock a écrit :

Am 20.03.2024 um 08:22:16 Uhr schrieb Detlef Vollmann:


It currently has "871 not upgraded" and it's nearly impossible to
install new packages.

The libs will have a suffix of t64, so you need to use dist-upgrade to
upgrade the packages if they depend on the t64 libs.

Although, carefully read what it wants to remove. If it wants to remove
packages you need, don't hit y.

Then upgrade the packages manually and look which package creates
dependency problems.

Since I begin to have this in tetsing : and what should we do when a 
package tries to remove other (except wait) ?


eg, now in testing upgrading nextcloud-desktop would remove 
plasma-discover, and fwbuilder would remove cups.



--
Erwan David

Re: Question about what package to report bug

[Erwan David]

Le 06/03/2024 à 18:19, ke6jti a écrit :

Hi,

I have a possible kernel regression for a usb-dvb tuner card.  I know 
the error in dmesg points to kernel : au0828 but I am not sure what 
package this belongs to.  I think it belongs to v4l(video for linux) 
but I am still not sure what specific v4l package.



Thanks for you help.


apt-file shows au0828.ko comes in the linux-image-* packages. So report 
the bug for the one you use.

Re: Timer doing apt update

[Erwan David]

Le 20/02/2024 à 12:46, Andy Smith a écrit :

Hi,

On Tue, Feb 20, 2024 at 08:52:09AM +0100, Erwan David wrote:

I use KDE, and I do not know wether discover does an update by itself. I do
not thind any setting about this

I think it is very likely that KDE has an equivalent to GNOME, which
does the equivalent of "apt update" every day and then notifies you
about available package upgrades.

Thanks,
Andy

Yes, and it seems to be plasma-discover. But I do noit find how to 
configure it NOT to update package list automatically.


A systemctl --user list-units '*discover*'  gives
 UNIT    LOAD 
  ACTIVE SUB DESCRIPTION
 app-org.kde.discover-5f3c6a37712a431b929cbe82aa9555dc.scope loaded 
active running Discover - Logithèque
 app-org.kde.discover.notifier@autostart.service loaded 
active running Discover


a list-unit-files says the service is generated. I did nit find from 
what it os generated.


There is /etc/xdg/autostart/org.kde.discover.notifier.desktop


which ends in


Exec=/usr/lib/x86_64-linux-gnu/libexec/DiscoverNotifier
Icon=system-software-update
Type=Application
NoDisplay=true
X-KDE-autostart-phase=1
OnlyShowIn=KDE

DiscoverNotifier comes form the plasma-discover package

The pacakge contains a /usr/bin/plasma-discover-update binary, whose 
name appears in DiscoverNotifier binary...



I'll try looking this way.


I would have preferred being able to disable it (especially because it 
shows me a systray indication when there are upgradable packages) but if 
it is not possible I can remove it (it won't remove the meta-packages of 
the DE)

Re: Timer doing apt update

[Erwan David]

Le 20/02/2024 à 01:58, Andy Smith a écrit :

Hi,

On Mon, Feb 19, 2024 at 08:35:18PM +0100, Erwan David wrote:

Sorry il was packagekit, I made a mistake while writing.

If it's packagekit then isn't it going to be some part of your
desktop environment? Which desktop environment are you using?

GNOME will download updates and prompt you to install. To disable this open
"GNOME software",m burger menu, "Update Preferences".

The default behaviour of GNOME Software is to only download upgrades when on an
unmetered connection so if you are using GNOME and this is what is happening,
then as Max says telling NetworkManager that your connection is metered should
stop it.


I disable the timers, thanks

I don't think it's any of the systemd timers or unattended-upgrades.

Thanks,
Andy

I use KDE, and I do not know wether discover does an update by itself. I 
do not thind any setting about this


--
Erwan David

Re: Timer doing apt update

[Erwan David]

Le 20/02/2024 à 03:20, Max Nikulin a écrit :

On 20/02/2024 02:35, Erwan David wrote:

Le 19/02/2024 à 18:00, Max Nikulin a écrit :

    systemctl disable --now apt-daily.timer apt-daily-upgrade.timer

Perhaps it is possible to write a script that will respect 
connection.metered property set by NetworkManager.


I disable the timers, thanks


To avoid confusion, these timers are from the apt package, not from 
unattended-upgrades. So they are active on most Debian hosts. Desktop 
environments may display notifications after actions initiated by 
these timers. Likely desktop environments may do more, e.g. to query 
GNOME application shop for updates and initiate more frequent updates.



I'll have a look at connection.metered


Out of curiosity I have queried https://codesearch.debian.net. It 
seems, apt has no notion of metered connection. Perhaps the effect can 
be achieved by adding to unit configuration some Condition* mentioned 
in systemd.directives(7)


https://stackoverflow.com/questions/43228973/detect-if-current-connection-is-metered-with-networkmanager 



busctl get-property \
  org.freedesktop.NetworkManager \
  /org/freedesktop/NetworkManager \
  org.freedesktop.NetworkManager Metered


It would also require to configure NetworkManager to set this correctly. 
Eg When I use USB tethering. (same NetworkManager connexion may be used 
at different places, without any way to simply detect this, when you do 
not use Wifi)


--
Erwan David

Re: Timer doing apt update

[Erwan David]

Le 19/02/2024 à 18:00, Max Nikulin a écrit :

On 19/02/2024 14:35, Erwan David wrote:


After each boot, the equivalent of apt update is automatically done 
in background, through policykit (apt database is locked by 
policykitd). So I think there is a timer triggroing this. I'd like to 
disable this when my laptop is on expensive link (eg 4G link, or 
abroad). So I'd like to disable this timer, but I did not find it. If 
someone knws better than me...


Perhaps I missed something since I have no idea why policykit (or 
polkit?) is involved.


You may disable apt timers

    systemctl disable --now apt-daily.timer apt-daily-upgrade.timer

Perhaps it is possible to write a script that will respect 
connection.metered property set by NetworkManager.




Sorry il was packagekit, I made a mistake while writing.

I disable the timers, thanks

I'll have a look at connection.metered

Timer doing apt update

[Erwan David]

Hello,

After each boot, the equivalent of apt update is automatically done in 
background, through policykit (apt database is locked by policykitd). So 
I think there is a timer triggroing this. I'd like to disable this when 
my laptop is on expensive link (eg 4G link, or abroad). So I'd like to 
disable this timer, but I did not find it. If someone knws better than me...



--
Erwan David

Re: Revenir à la présentation précédente modififier Grub

[Erwan David]

Le 24/01/2024 à 11:36, Simeone Dominique a écrit :

Bonjour,

j'avais Debian 10 avec deŭx autres linŭx aŭxquels je pouvais accéder  
au démarrage.


J'ai intsllé Debian 11 et le nouveau grub me propose uniquement Debian.

Comment en ligne de commande revenir à la présentation de mes trois 
systèmes d'exploitations?


Debianement votre.

Mr.Dominique Simeone


Peut-être faut-il réactiver os-prober. Sur les debian récentes, 
update-grub ne cherche pas les autres OS sur le disque. C'ets une 
configuration à ajouter. Je ne sais plus comment mais ça devrait 
permettre de retrouver


--
Erwan David

Re: Désactiver le contrôle de la mémoire eMMC durant le boot

[Erwan David]

Le 28/12/2023 à 08:51, Olivier a écrit :

Bonjour,

J'ai un PC Acer Swift1 acheté en 2019 avec une mémoire flash 64Go et
un emplacement M.2 Sata libre.
Il y a quelques semaines, l'ordinateur (sous Win10) a refusé de
démarrer car il ne trouvait plus de media pour le faire.

J'ai installé une carte M.2 Sata dans l'emplacement libre et j'ai
installé Bookworm dessus.
Maintenant, le PC démarre correctement avec le bémol suivant: il
m'affiche la mémoire flash est erronée (bad block).

Comment faire pour conduire Debian à ne pas analyser au démarrage le
mémoire eMMC?
Outre la suppression des messages d'erreur, l'arrêt du test ferait
gagner quelques secondes inutilement passées à tester un élément qui
n'est pus utilisé.

Le fichier /etc/fstab ne contient aucune référence à la mémoire flash
(/dev/mmcblk0).

Slts


Peut-être qu'l est possible de la désactiver dans le BIOS/UEFI du PC, du 
coup elle ne serait plus visible de l'OS et donc  a priori plus vérifiée

Re: Mails dans corbeille Debian-12

[Erwan David]

Le 19/12/2023 à 17:38, ajh-valmer a écrit :

Bonsoir à tous,

Spamassasin dépose les très nombreux mails-spams directement dans
la corbeille de mon MUA, précédés de *** SPAM ***.
La corbeille sous Debian est dans /home//.local/share/Trash/".
Je souhaite que ces mails *** SPAM *** aillent automatiquement dans
le répertoire "/dev/null".
Comment puis-je le faire ?

Bonne soirée,
A. Valmer


J'ai l'impression que tu confonds la corbeille de ton MUA et la 
corbeille des surcouches du FileSystem. ça n'a rien à voir parceque la 
corbeille de ton MUA est une boite aux lettres et la corbeille 
FileSystem un répertoire contenant des fichiers.


--
Erwan David

Re: Problem between kernel 6.5.0-5 (testing) and Realtek NICs ?

[Erwan David]

Le 06/12/2023 à 16:44, Erwan David a écrit :

Le 06/12/2023 à 15:55, Erwan David a écrit :
After upgrade to 6.5.0-5 (a 6.5.13 kernel in testing), impossible to 
use the laptop when Realtek card present (in dock). it boots, sddm 
works but anything which tries to access networking (even the ip 
command) is then blocked


It could be the same problem as in 
https://discussion.fedoraproject.org/t/kernel-6-5-12-or-later-on-fedora-39-broken-network-on-lenovo-t570/97586/18


I'll try installing the realtek-formware package, but the fedora 
discussion does not give much hope...



Ok, it works with firmware-realtek package, from the non-free-firmware 
section (which should be added in /etc/apt/sources.list if not already 
present)


SO, it worked yesterday (but I booted in recovery mode) not today. I'll 
have to do a reportbug for a non running kernel...

Re: Problem between kernel 6.5.0-5 (testing) and Realtek NICs ?

[Erwan David]

Le 06/12/2023 à 15:55, Erwan David a écrit :
After upgrade to 6.5.0-5 (a 6.5.13 kernel in testing), impossible to 
use the laptop when Realtek card present (in dock). it boots, sddm 
works but anything which tries to access networking (even the ip 
command) is then blocked


It could be the same problem as in 
https://discussion.fedoraproject.org/t/kernel-6-5-12-or-later-on-fedora-39-broken-network-on-lenovo-t570/97586/18


I'll try installing the realtek-formware package, but the fedora 
discussion does not give much hope...



Ok, it works with firmware-realtek package, from the non-free-firmware 
section (which should be added in /etc/apt/sources.list if not already 
present)


--
Erwan David

Problem between kernel 6.5.0-5 (testing) and Realtek NICs ?

[Erwan David]

After upgrade to 6.5.0-5 (a 6.5.13 kernel in testing), impossible to use 
the laptop when Realtek card present (in dock). it boots, sddm works but 
anything which tries to access networking (even the ip command) is then 
blocked


It could be the same problem as in 
https://discussion.fedoraproject.org/t/kernel-6-5-12-or-later-on-fedora-39-broken-network-on-lenovo-t570/97586/18


I'll try installing the realtek-formware package, but the fedora 
discussion does not give much hope...



--
Erwan David

Re: Systemd timer and sleeping laptop

[Erwan David]

Le 20/11/2023 à 13:10, Greg Wooledge a écrit :

On Mon, Nov 20, 2023 at 12:48:24PM +0100, Erwan David wrote:

What happens when a timer should have been triggered at a time the computer
was sleeping ?

systemd.timer(5):

OnCalendar=
[...]
When a system is temporarily put to sleep (i.e. system suspend or
hibernation) the realtime clock does not pause. When a calendar
timer elapses while the system is sleeping it will not be acted on
immediately, but once the system is later resumed it will catch up
and process all timers that triggered while the system was
sleeping. Note that if a calendar timer elapsed more than once
while the system was continously sleeping the timer will only
result in a single service activation.



Thanks, I was looking at the wrong place.

--
Erwan David

Systemd timer and sleeping laptop

[Erwan David]

Hello,


What happens when a timer should have been triggered at a time the 
computer was sleeping ?


I see that wit Persitent=true it is triggered at restart when it should 
have been triggered when the computer was off, but in case of sleep (or 
deeep sleep) the timer unit is not restarted, so what happens ?

Re: Password managers

[Erwan David]

Le 13/11/2023 à 15:11, Klaus Singvogel a écrit :

Erwan David wrote:

Note that you may have less dependencies with kpcli (a cli client for
keepass password files)

I always was peering at kpcli.

Do you have any experience switching between the CLI (kpcli) and the GUI 
(keepassxc) version frequently?

Is this flawless possible to switch from the one to the other and back, or is 
it something which can't easily to be done?

Thanks in advance.

Best regards,
Klaus.


That was a bad idea : lokking closer I see that kpcli does not support 
the latest keepass file format (v4)


--
Erwan David

Re: Password managers

[Erwan David]

Le 12/11/2023 à 16:53, Michael Kjörling a écrit :

On 12 Nov 2023 22:07 +0700, from maniku...@gmail.com (Max Nikulin):

Having system booted from Debian Live image (assume some disaster), how many
packaged have to be installed to get access to passwords stored by
KeePassXC?

I don't know about Debian Live images, but from an up-to-date install
of my _very_ minimal VM setup (Bookworm with only the standard and
ssh-server tasks installed), "apt-get install keepassxc" pulls in 142
packages totalling about 91 MB of downloads.

Many of those packages are fairly obviously generally GUI-related and
not directly related to KeepassXC specifically, so on a live image,
which already has a GUI, it would be much less.

Note that you may have less dependencies with kpcli (a cli client for 
keepass password files)

Re: Délai de 25 secondes

[Erwan David]

Le 09/11/2023 à 11:34, Seb a écrit :


Bonjour !


J'ai installé hier une Debian 12 en remplacement d'une Debian plus 
ancienne. C'est une installation à partir de zéro, pas une mise à jour.


Mon gestionnaire de fenêtres est fvwm.

Lorsque je lance pavucontrol (ou xdaliclock, ou firefox), il s'écoule 
25 secondes avant qu'une fenêtre ne s'ouvre. Et dans la Debian 
précédente, j'avais remarqué le même délai avec firefox depuis 
quelques mois seulement. Je n'ai pas souvenir que pavucontrol ou 
xdaliclock ait posé le même problème dans la Debian que j'utilisais 
précédemment.


Les autres programmes s'ouvrent sans délai (gimp, brave-browser, 
okular, etc.).


Quand j'appelle "strace pavucontrol", les messages cessent de défiler 
en arrivant à la dernière des lignes copiées-collées ci-dessous :


[...]
eventfd2(0, EFD_CLOEXEC|EFD_NONBLOCK)   = 11
futex(0x55c3de03dba0, FUTEX_WAIT_PRIVATE, 2, NULL) = -1 EAGAIN 
(Resource temporarily unavailable)

futex(0x55c3de03dba0, FUTEX_WAKE_PRIVATE, 1) = 0
write(10, "\1\0\0\0\0\0\0\0", 8)    = 8
futex(0x55c3ddf73278, FUTEX_WAKE_PRIVATE, 1) = 1
poll([{fd=11, events=POLLIN}], 1, 25000

Sitôt le délai (25000) passé, pavucontrol s'ouvre.

Auriez-vous une idée de ce qui cause cet arrêt temporaire, ou du moins 
d'une direction dans laquelle chercher ?



Merci pour vos conseils !
Seb.

Là il attend un évènement sur le file descripteur 11, il faudrait 
repérer au dessus un appel open (ou nom approchant) que retourne 11 pour 
voir à quelle ressource ça correspond

Re: Domain name to use on home networks

[Erwan David]

Le 27/10/2023 à 18:45, John Hasler a écrit :

Erwan writes:

Here are the first lines of 'man domainname" :

That doesn't help very much with no hint as to what NIS is and that it
isn't relevant to DNS.


it is said later in the man


Don't use the command domainname to get the DNS domain name because it 
will show the NIS domain name and not the DNS domain name. Use 
dnsdomainname instead. See the warnings in section THE FQDN above



so for someone who do not know NIS it seems clear that "domainname " is 
for something else.

Re: Domain name to use on home networks

[Erwan David]

Le 27/10/2023 à 18:30, gene heskett a écrit :

On 10/27/23 11:45, Greg Wooledge wrote:

On Fri, Oct 27, 2023 at 11:25:00AM -0400, gene heskett wrote:
Not a systemd luver nor expert. Someone suggested that if I was 
using dotted
names, then I should edit (as sudo) /etc/hostname which I have now 
done t

add the FQDN name of coyote.home.arpa.


You should undo that.  There's no reason to switch your philosophy at
this point.

I did not say that you SHOULD use hostnames with dots in them.

I said that SOME PEOPLE use hostnames with dots in them, and that IF you
are one of those people, there's an extra step to perform.

I don't have any idea how this was so misunderstood.

.
Confusing, miss leading man pages are a lot of it. If the domainname 
command is only for NIS systems, whatever the hell that means, the 
first line of the man page should plainly state VALID FOR NIS SYSTEMS 
ONLY.


Cheers, Gene Heskett.



Here are the first lines of 'man domainname" :

HOSTNAME(1) 
   Linux Programmer's Manual

HOSTNAME(1)

NAME
  hostname - show or set the system's host name
  domainname - show or set the system's NIS/YP domain name

Re: Domain name to use on home networks; was: Bookworm:NetworkManager

[Erwan David]

Le 25/10/2023 à 03:47, David Wright a écrit :

On Mon 23 Oct 2023 at 12:06:05 (+0200), Christian Groessler wrote:

On 10/23/23 07:29, Jeffrey Walton wrote:

On Mon, Oct 23, 2023 at 1:24 AM ghe2001  wrote:

How about a /29 or so, named "here.", hosts named 2 or 3 letter 
abbreviations of what you call the computers, with unroutable IPs, DNS'ed in /etc/hosts (with 
shortcuts).

Whatever you come up with for , ICANN can add to the
gTLD namespace; see <https://icannwiki.org/Brand_TLD>.

Just register a daomain and use that.

That costs money, and I can't see the point when there are TLDs
that are perfectly safe already available, like .home.arpa, and
before that, .{corp,home,mail}.

Cheers,
David.


Or if you already have a domain, you can use a subdomain. eg. I have 
rail.eu.org, and at home it is depot.rail.eu.org



--
Erwan David

Re: imposer une IP à une seconde carte réseau

[Erwan David]

Le 17/10/2023 à 21:20, Alex PADOLY a écrit :


Dans mon cas, cela ne fonctionne pas, je vais reprendre la proposition 
de Nospam


''

Bonsoir

sudo ip a add  dev 

sudo ip a -6 add  dev  # pour une ipv6

L'interface doit être up

sudo ip link set  up ''


Je vais adapter cette solution pour éditer sous root un cron qui 
effectuer une tâche à chaque démarrage du serveur, cela devrait donner 
ceci :


/*|@reboot |ip a add  dev */

Je testerai demain.

Merci et bonne soirée!



Le 2023-10-17 19:41, Frédéric MASSOT a écrit :


Le 17/10/2023 à 15:34, Alex PADOLY a écrit :

Bonsoir à tous,


Cela fonctionne, le problème, c'est que l'on doit ressaisir cette 
commande à chaque redémarrage du serveur.


Le serveur ltsp nécessite une seconde carte réseau ayant une adresse 
IP spécifique.


Avez-vous une idée pour imposer cette adresse fixe à chaque 
redémarrage du serveur.



Le fichier "/etc/network/interfaces" est là pour ça.




Qu'est-ce qui ne marche pas ?

Pouvez-vous donner ce fichier ?

Re: Configuration inn

[Erwan David]

Le 17/10/2023 à 17:05, BERTRAND Joël a écrit :

Bonjour à tous,

Je tente la configuration d'inn (parce que depuis que le service chez
Nerim a été laissé en déshérence, je fais avec celui de free.fr qui est
à peine mieux...) et il y a un point que je ne comprends pas bien.

inn est censé se connecter à d'autres serveurs usenet mais comment les
trouve-t-il ? Je n'ai rien vu dans la configuration du serveur à ce
sujet (ou ça m'a échappé, ce qui est possible). De la même manière,
comment les autres serveurs usenet vont savoir qu'il y a un serveur inn
sur mon infrastructure ? Un genre de p2p ?

Bien cordialement,

JKB

Il faut que tu trouves des "peers" avec qui tu vas échanger des 
messages, que tu te mettes d'accord avec leurs administrateurs pour ces 
échanges. De mémoire dans inn ça se configure dans le fichier 
innfeed.conf (mais ça fait TRÈS longtemps que je n'ai pas regardé INN)


--
Erwan David

Re: Does debian installer use volume names for LVM?

[Erwan David]

Le 15/10/2023 à 10:32, Max Nikulin a écrit :


I am curious if debian installer uses volume names in /etc/fstab when 
LVM is involved (either guided or manual partitioning).


In guided partitionning, it uses the /dev/mapper name : here is what the 
installer put in the fstab of my laptop (/boot and /boot/efi outside 
lvm, encrytted lvm for / and swap)


#            
/dev/mapper/maine--ocean--vg-root /   ext4 
   errors=remount-ro 0   1

# /boot was on /dev/nvme0n1p2 during installation
UUID=6657c315-cc1f-4727-adac-2997c8a34b5b /boot   ext2 
   defaults    0   2

# /boot/efi was on /dev/nvme0n1p1 during installation
UUID=8C47-97E7  /boot/efi   vfat    umask=0077  0   1
/dev/mapper/maine--ocean--vg-swap_1 none    swap    sw 
 0   0

Too much log for sudo.

[Erwan David]

I use a script to run borg backup. For it to be able to backup files 
that only root may read, i use sudo --preserv-env=BORG_REPO,BORG_PASSPHRASE.


However I see that in the logs the VALUE of the env variable is loggued. 
How to change this ?

Re: Letting Windows go: scanning

[Erwan David]

Le 21/09/2023 à 23:15, Tom Browder a écrit :

On Thu, Sep 21, 2023 at 08:30 Erwan David  wrote:
...

I have a HP LaserJet Pro MFP m125nw, installing it through hplip,
It is
seen on network by xsane and I can scan. Just have to install a
binary
blob each time hplip is upgraded, but it is rather straightforward


Where do you find the "blob?" I've seen reference to it but haven't 
yet found it.


Thanks.

-Tom



Throug hp-septup or the systray app, or just when xsane needs to access 
the scanner, it asks you to install and you can just say "install it 
from hp server", and it works

Re: Letting Windows go: scanning

[Erwan David]

Le 20/09/2023 à 19:17, Timothy M Butterworth a écrit :



On Wed, Sep 20, 2023 at 1:11 PM Michael Kjörling 
<2695bd53d...@ewoof.net> wrote:


On 20 Sep 2023 12:06 -0500, from tom.brow...@gmail.com (Tom Browder):
> One major thing I use my windows host for is using my HP
multifunction
> laser printer to scan to pdf to save locally.  I have just installed
> gscan2pdf and sane but I am still missing something.
>
> I have tried printing docs from LibreOffice and it sees my networked
> printer and prints just fine.
>
> So how can I get my Debuian host to see and use the scanner part?


When I used to use HP MFD's I used to have to connect to it with USB 
to get scanning. I do not know if network scanning is now supported or 
not.


"HP multifunction laser printer" would still encompass a fair number
of products. Can you be more specific?

-- 
Michael Kjörling                      https://michael.kjorling.se

“Remember when, on the Internet, nobody cared that you were a dog?”



I have a HP LaserJet Pro MFP m125nw, installing it through hplip, It is 
seen on network by xsane and I can scan. Just have to install a binary 
blob each time hplip is upgraded, but it is rather straightforward




--
Erwan David

Re: Printer HP LaserJet MFP M234sdw 5085B1

[Erwan David]

On Wed, Sep 20, 2023 at 04:42:12PM CEST, Reco  said:
> On Wed, Sep 20, 2023 at 04:01:25PM +0200, Erwan David wrote:
> > Le 20/09/2023 à 15:55, Jörg-Volker Peetz a écrit :
> > > With this printer CUPS driverless printing works, see 
> > > https://wiki.debian.org/CUPSDriverlessPrinting . No need for hplip.
> > > 
> > Once again : cups driverless printing works ONLY when printer and computer 
> > are on SAME NETWORK.
> 
> Nope, that's not required. Whenever 'same network' is actually 'same L2
> network segment', or 'same L3 IP subnet'.
> Because it's totally possible to configure CUPS to use known IPP
> destination without discovery, like this:
> 
> lpadmin -p myprinter -E -v ipp:///ipp/print -m 
> everywhere
> 
> Discovering said IP is another story of course.
> 

First time I here it (and that's not first time I try to find the info). I'll 
give it a try. So hplip will still be useful for scanning I guess ?
 

-- 
Erwan

Re: Printer HP LaserJet MFP M234sdw 5085B1

[Erwan David]

Le 20/09/2023 à 15:55, Jörg-Volker Peetz a écrit :
With this printer CUPS driverless printing works, see 
https://wiki.debian.org/CUPSDriverlessPrinting . No need for hplip.


Regards,
Jörg.



Once again : cups driverless printing works ONLY when printer and 
computer are on SAME NETWORK.


SO maybe there is no need for hplip, maybe there is. One cannot say

--
Erwan David

kernel 6.4.0-3 (testing) cannot be installed with virtualbox-dkms

[Erwan David]

I had an upgrade failure today, when upgrading kernel to 6.4.0-3 : 
virtualbox-dkms needs a function which disappeared from kernel headers.


I opened the bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050406

--
Erwan David

Re: Swap size in debain 12

[Erwan David]

Le 12/08/2023 à 16:24, David Wright a écrit :

On Sat 12 Aug 2023 at 15:45:52 (+0200), Erwan David wrote:

Installing a new debian 12 I see that the installer setups a 1G swap
on a 24G RAM laptop.

Is the hibernation out of swap now ? (I chose to have a biigger swap,
but I find it strange)

The arguments are rehearsed in:

   https://wiki.debian.org/Swap

Cheers,
David.


Not completely : I think I will open a bug (wishlist) against the 
installer : it is complicated to change swap size when you must reduce 
root partition size to do this. So at least a question "will you use 
suspend/hibernate" at install time would be useful (I did not find in 
the installer how to change the sizes so I had to delete bot then 
recreate them, and it would have been complicated on a machine already 
installed)


--
Erwan David

Swap size in debain 12

[Erwan David]

Installing a new debian 12 I see that the installer setups a 1G swap on 
a 24G RAM laptop.


Is the hibernation out of swap now ? (I chose to have a biigger swap, 
but I find it strange)


--
Erwan David

Re: sauvegardes: Vorta/Borgbackup et Deja-Dup/Duplicity

[Erwan David]

Le 04/08/2023 à 16:37, didier gaumet a écrit :


Suite à une enfilade récente parlant de sauvegardes, j'avais dit que 
je regarderais un peu Vorta (GUI frontal de Borgbackup) et Borgbackup 
(CLI).


A l'heure actuelle l'utilise un truc assez équivalent au sens où c'est 
un couple GUI et CLI qui produit des sauvegardes plutôt que des 
synchronisations, le couple Deja-Dup (GUI frontal à Duplicity) et 
Duplicity (CLI)


- GUI: Vorta me paraît plus complet et plus complexe que Deja-Dup.
 Vorta permet si je me souviens bien de présenter le contenu d'une 
archive de sauvegarde par triage de date (ou autre) quand Deja-Dup 
présente des icônes triés par nom uniquement. ça ,'a l'air de rien 
mais ça peut être handicapant.
 Deja-Dup ne gère pas le chiffrement de la sauvegarde: ça ne me gène 
pas parce que mon disque externe de sauvegarde lui-même est chiffré, 
mais ça peut être gênant.

 Deja-Dup gère Microsift One Drive et Google Drive, pas Vorta.
 Vorta permet plus de flexibilité dans les fréquences de sauvegarde 
que Deja-Dup (uniquement quotidien ou hebdomadaire sans plus de 
précision, alors que Vorta peut sauvegarde toutes les trois minutes si 
ça vous semble pertinent)
 => Par contre, QUESTION: je n'ai pas compris comment je pouvais faire 
comme Deja-Dup: Deja-Dup crée une nouvelle sauvegarde complète tous 
les 90j (paramétrable dans dconf), J'ai essayé des paramètres 
d'élagage (pruning) dans Vorta en espérant que ça allait forcer la 
rre-création de sauvegardes complèrtes plutôt que continuer à faire 
des sauvegardes incrémentales. Mais l'élagage en lui-mêm n(a pas 
fonctionné donc pas de sauvegardes complètes
 Donc en gros, potentiellement, je conseillerais Deja-Dup pour sa 
simplicité d'emploi à ceux qui ont des besoins ordinaires (ou 
utilisent des services Google ou Microsoft) et je conseillerais Vorta 
à des utilisateurs plus autonomes et avertis qui ont des besoins un 
peu plus poussés


- CLI: j'ai lu les docs sans quasiment utiliser (je suis une 
feignasse, pour ce genre de trucs j'utilise sans remords des outils 
GUI quand ça fait ce que je veux). J'ai eu l'impression que:

 Le développement de borgbackup est plus actif que celui de duplicity
 L'adoption de Borgbackup est plus importante que celle de Duplicity
 Les fonctionnalités de Borgbackup sont moins étendues que celles de 
Duplicity


Voilà, c'était juste un petit retour d'expérience -minimaliste- sur 
ces outils? Sentez vous libre de compléter avec les vôtre, et de 
répondre à ma question si vous le pouvez, voire de me dire que mon 
approche est perfectible parce que vue du mauvais côté.


Amicalement,
DG.



Dans borg, il n'y a pas de notion de complète/incrémentale.

Tu as d'un côté des "chunks" (des blocs de données) et de l'autre des 
index. Un seul ensemble de chunks et chaque "sauvegarde" est un index 
qui vers les chunks correspondant à l'état de ta source au moment de la 
sauvegarde.


Les chunks qui se retrouvent dans plusieurs sauvegardes (parceque les 
données sources n'ont pas changé par exemple) sont partagés. Donc chaque 
index pointe vers une sauvegarde totale, le logiciel n'a juste pas 
recopié ce qui était déjà dans le dépot borg.


Le pruning revient à supprimmer un index, puis supprimer les chunks qui 
ne sont plus dans aucun index. Pas besoin de faire des totales et des 
incrémentales, avec ce principe de partage (qu'on trouve aussi dans les 
file system de type "copy on write" comme ZFS), toutes les sauvegardes 
sont équivalentes et le logiciel ne transfère que ce qui n'est pas déjà 
présent dans la sauvegarde.

Re: Lack of text console?

[Erwan David]

Le 04/08/2023 à 10:10, Nicolas George a écrit :

Kamil Jońca (12023-08-04):

Where text console can be configured?
Recently I got laptop with debian installed. I wanted to log in into
text console but Ctrl-Alt-F1 does nothing - it seems that lightdm(?)
started at first console.

Have you tried Ctrl-Alt-F2?

Regards,


Or rather Ctrl-Alt-F3, on my trixie (with SDDM) I have

tty1 : logs & boot messages

tty2 : Graphical session

tty3, 4 etc : text sessions.

Note that it needs some time after boot before getting the login prompt 
on text consoles


--
Erwan David

Re: [testing] passage du pilote proprio à nouveau

[Erwan David]

Le 31/07/2023 à 14:00, didier gaumet a écrit :

Le 31/07/2023 à 12:49, Gaëtan Perrier a écrit :


Pas eu besoin d'attendre longtemps :(
Freeze juste après l'envoi du message précédent.

Rien dans /var/log/syslog à part une série de ^@


Tu es sous Wayland ou Xorg (et tu es bien sous Systemd pax SysV)?
Pour Wayland il faudra fouiller dans les résultats de journalctl, pour 
Xorg lancé par un utilisateur avec un DE il faudra regarder le contenu 
de ~/.xsession-errors, pour Xorg lancé par un utilisateur sans DE, je 
ne me souviens plus, c'est peut-être plutôt ~/.xinitquelquechose (pas 
sûr). Pour un Xorg lancé par root ce devrait être /var/log/Xorg.0.log 
ou /var/log/Xorg.0.log.


Pour tous les fichiers d'erreur Xorg, de mémoire il faut chercher les 
chaînes EE pour les erreurs et WW pour les avertissements, le reste je 
crois que c'est principalement II pour info (me rappelle pas bien)


Et si tu veux vraiment faire de la plongée (je ne sais plus qui nous 
parlait de plongée récemment sur cette liste), tu peux essayer de 
debugger tout ça:

https://x.org/wiki/Development/Documentation/ServerDebugging/


En testing ça fait plusieurs mois que les logs users après sddm sont 
dans journal, plus dans .xsession-errors


--
Erwan David

Re: Networkmanager en mode console

[Erwan David]

Le 26/07/2023 à 21:09, ajh-valmer a écrit :

Merci pour vos réponses.

On Wednesday 26 July 2023 19:08:24 didier gaumet wrote:

je crois que tu confonds le mode console et le mode récupération
(recovery).

C'est quasi pareil, c'est le mode dépannage, permettant,
sans la couche graphique Xorg, un dépannage plus fluide.



Non, il y a des milliers de serveurs linux qui tournent sans aucune 
couche graphique.




Je ne vois pas la raison de bloquer networkmanager dans ce mode.
Comment dépanner sans réseau ? C'est impossible.
Seule solution, modifier "/etc/network/interfaces",
rebooter et lancer le réseau par ifup .



Ne pas lancer le réseau automatiquement en mode recovery : oh c'est 
simple : les cartes réseau (en particulier wifi) où le driver doit 
charger un blob binaire au démarrage ne sont pas rares. et si justement 
c'était ce chargement qui posait problème ? et comme on tape dans le 
firmware du hardware ça peut très bien complètement bloquer la machine.


--
Erwan David

Re: Networkmanager en mode console

[Erwan David]

Le 26/07/2023 à 15:57, ajh-valmer a écrit :

Le 26 juillet 2023 ajh-valmer a écrit :

lorsque je boote Debian-12  en mode console (recovery),
sans Xorg, le réseau ne fonctionne plus,

On Wednesday 26 July 2023 15:32:01 Michel Verdier wrote:

Je ne suis pas sûr mais n'est-ce pas le fonctionnement normal du recovery ?
Il est là pour rétablir un système bootable, notamment le mount du
root qui normalement doit être en read-only à ce stade.

La connexion réseau en mode recovery est très importante,
c'est dans ce mode que l'on fait "apt upgrade" et surtout pour
"apt dist-upgrade" ou "apt  full-upgrade.
C'est évident, comment installer le firmware, pilote graphique,
si Xorg ne les a pas.
C'était ma question, pourquoi networkmanager ne connecte pas
en boot recovery ?


Peut-être faut-il lancer le service à la main ? ça aurait du sens que le 
recovery ne lance que le strict minimum quitte à ce que l'utilisateur 
lance à la main les services dont il a besoin.


que dit systemctk status network-manager.service ?

Et s'il n'ets pas lancé systemctl start network-manager.service ?

--
Erwan David

Re: Fwd: Imprimante HP Deskjet Plus 4120

[Erwan DAVID]

Le 21 juillet 2023 23:13:14 didier gaumet  a écrit :


Le 21/07/2023 à 20:16, Erwan David a écrit :

Le 21/07/2023 à 19:32, didier gaumet a écrit :


- absolument rien, lorsque c'est raccordé en USB ou en ethernet



Pour ethernet c'est faucx dans le cas général, il n'y a rien à faire *à
condition que l'ordinateur et l'imprimante soient sur le même résqeau*


Tu as parfaitement raison, j'ai été trop approximatif: ça ne fonctionne
par défaut uniquement si le client et l'imprimante ipp sont sur le même
sous-réseau :-)


Et je n'ai pas encore vu UNE SEULE doc expliquant comment faire quand ce
n'est pas le cas


vu mon niveau en réseaux, je ne suis pas qualifié pour dire si cette
page web propose des pistes de solutions véritablement opérationnelles
mais de loin ça m'a l'air intéressant:
https://stackoverflow.com/questions/20986671/could-i-use-avahi-to-publish-service-across-subnetworks


Ah merci, je vais me pencher là dessus

--
Erwan David

Re: Fwd: Imprimante HP Deskjet Plus 4120

[Erwan David]

Le 21/07/2023 à 19:32, didier gaumet a écrit :


- absolument rien, lorsque c'est raccordé en USB ou en ethernet



Pour ethernet c'est faucx dans le cas général, il n'y a rien à faire *à 
condition que l'ordinateur et l'imprimante soient sur le même résqeau* 
Et je n'ai pas encore vu UNE SEULE doc expliquant comment faire quand ce 
n'est pas le cas

Re: Why does Debian have code names for releases?

[Erwan David]

Le 27/06/2023 à 05:06, Greg Wooledge a écrit :


A lot of people who run stable releases use automatic upgrades.  This
is a thing that will attempt to run "apt update" and "apt upgrade"
automatically for you in the background.

If you use the "stable" label in your source.list file, and if you also
use automatic upgrades, there is an extremely high chance that your
system will perform a *partial* release upgrade at some random time when
you are not expecting it, and that this will leave your system in a
bad state.

So no, the worst you'll have is that it wil stop upgrading, because 
you'll get "stable release changed it's Codename from bullseye to 
bookworm do you accept ?"


And it must be manually answered.

Re: Compiling Virtualbox on "bookworm" [plain text email]

[Erwan David]

Le 20/06/2023 à 01:19, Ian Tan a écrit :

Hello,

Apologies for sending "rich text" of the same email previously. That
was an accident.
Here should be the plain text now.

Due to upstream issues, Virtualbox is not available on bookworm.
I have an urgent business use case, that required virtualbox to be installed
on Debian 12 bookworm, as soon as possible.

However, I am not able to compile virtual box on Debian 12 that easily,
due to the error:

"/usr/share/kBuild/footer-inherit-uses-tools.kmk:1012: *** kBuild:
Cannot find include file for the SDK 'LIBSDL2'!"

I have shown the details below. Any advice would be appreciated, thank you.



No advice for compiling, but virtualbox is available in sid, and there 
is a repository by virtualbox giving access to the software. You may try 
them, it may work (I use virtualbox from sid on testing)

Re: Ligne de commande

[Erwan David]

Le 12/06/2023 à 19:59, Marc Chantreux a écrit :

Le Mon, Jun 12, 2023 at 07:37:45PM +0200, Erwan David a écrit :

J'aurais plutôt fait

sudo sed -i.bak 's/bullseye/bookworm/' /etc/apt/sources.list

tu pars du principe que c'est bullseye tout le temps et pas stable de
temps en temps.


Mais ça reste un peu tordu d ene pas vouloir utiliser d'éditeur de texte.

pour une station de travail oui. si tu as 30 machines c'est
effectivement mieux de scripter.


Avec 30 machines (voire quelques centaines)

1) tu passes par de l'automatisation (salt, ansible, puppet, etc.) qui 
va pousser un sources.list (et pas le modifier)


2) tu upgrades pas en block, tu vérifies dans chaque cas si les services 
qui tournent ont besoin de vérifier les configurations. Et dans certains 
cas tu réinstalles plutôt que d'upgrader

Re: Ligne de commande

[Erwan David]

Le 12/06/2023 à 19:33, Marc Chantreux a écrit :

Le Mon, Jun 12, 2023 at 05:17:41PM +, Simeone Dominique a écrit :

Chers amis,
comment ajouter à sources.list la nouvelle deb de Bookworm sans vim et en ligne 
de commande direct!

Tout dépend de ce que tu avais précédement et de ce que tu veux
conserver. Il faut aussi surveiller ce que tu avais éventuellement dans
/etc/apt/sources.list.d.

Si il est vide et que tu n'avais pas ajouté de sources à la main,
je dirais:

<<\% cat > /etc/apt/sources.list
deb http://security.debian.org/debian-security bookworm-security main contrib 
non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm main non-free non-free-firmware 
contrib
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free 
non-free-firmware
deb http://deb.debian.org/debian/ bookworm-backports main contrib non-free 
non-free-firmware
deb-src http://deb.debian.org/debian/ unstable main contrib non-free 
non-free-firmware
%

marc



J'aurais plutôt fait

sudo sed -i.bak 's/bullseye/bookworm/' /etc/apt/sources.list

ce qui met une sauvegarde de l'ancien fichier dans /etc/apt/sources.list.bak

Mais ça reste un peu tordu d ene pas vouloir utiliser d'éditeur de texte.

Re: What does "freeze" mean in Debian?

[Erwan David]

Le 25/05/2023 à 10:06, Hans a écrit :

Hi folks,

just a little thing, I am somehow confused about.

I read that debian/testing is now in state "freeze" as the next release is
shortly to come.

As I running "bookworm" now, I am wondering, that debian/testing (aka
bookworm), still gets a lot of changed packages last days.

Obviously I seem to misunderstand the meaning of "freeze".

Does "freeze" mean "No new packages" od does it mean "actual packages in
testing will not be changed any more till next release".

What did I not understand? For me "freeze" means "stay at actual status and do
only necessary changes for security or breaking reasons".

There are almost a hundered packages I got untill "freeze" and my change to
bookworm (aka testing).

  


If you look at the changelogs, you'll see that those upgrades are either 
because of security corrections, or to handle packaging or upgrade problems

eg (today upgrade for me)

--- Changes for texlive-bin (texlive-binaries libptexenc1 libsynctex2 
libtexlua53-5 libtexluajit2 libkpathsea6) ---

texlive-bin (2022.20220321.62855-5.1) unstable; urgency=high

  * Non-maintainer upload.
  * Fix improperly secured shell-escape in LuaTeX (CVE-2023-32700)

 -- Salvatore Bonaccorso   Thu, 18 May 2023 23:15:13 
+0200


--- Changes for boost1.74 (libboost-chrono1.74.0 
libboost-filesystem1.74.0 libboost-iostreams1.74.0 libboost-thread1.74.0 
libboost-locale1.74.0 libboost-program-options1.74.0 
libboost-python1.74.0 libboost-regex1.74.0 libboost1.74-dev) ---

boost1.74 (1.74.0+ds1-21) unstable; urgency=medium

  [ Andreas Beckmann ]
  * [f41f9a1] libboost-thread1.74.0: Add Breaks: 
libboost-regex1.74.0-icu67 for

  smoother upgrades from bullseye. (Closes: #1036070)

 -- Anton Gladky   Fri, 19 May 2023 09:24:56 +0200

(output of apt-changelogs)
freeze is that the software at kept at the same versions so that the 
teams preparing the distribution can concentrate on those problems.

Re: HS: pourquoi les disques SSD sont peu utilisé dans les serveurs

[Erwan David]

Le 11/05/2023 à 17:25, steve a écrit :

Bonjour,

Infomaniak, un des plus gros hébergeurs de Suisse (et le mien, mais
c'est hors sujet ici), utilise de plus en plus des SSD sur leurs
serveur:

https://news.infomaniak.com/ssd-europeen-swissbit/

De plus, ces SSD (de marque Swissbit https://www.swissbit.com/en/) 
sont fabriqués en Europe.


Je pensais que cette information pourrait être intéressante pour cette
discussion.

s.


Je travaille chez un hébergeur (que je ne nommerai pas) et oui on a 
beaucoup de serveurs avec des SSD. Sans compter les baies de stockage en 
SSD aussi.

Re: HS: pourquoi les disques SSD sont peu utilisé dans les serveurs

[Erwan David]

Le 12/04/2023 à 09:34, Alex PADOLY a écrit :

Bonjour à tous,


Mes précédents messages montrent qu'à des fins de formation, je vais 
mettre en œuvre une architecture clients /serveur avec Debian Edu.


La presse spécialisée indique que les disques durs SSD ont beaucoup de 
qualité, je l'ai aussi constaté par moi-même avec un chargement très 
rapide du système d'exploitation.


En regardant des catalogues de serveurs, même sur des serveurs coutant 
plus de 1000 ou 2000 Euros, on ne voit pas ou très peu de disques SSD, 
on y voit des disques SATA et SAS.



Quelles en sont les raisons d'après vous?

Merci pour vos réponses.



SATA ou SAS ce sont les normes de connexion, mais on peut avoir des 
disques SSD SATA ou SAS comme des disques rotatifs

Re: https://: vs. https://:.

[Erwan David]

Le 10/04/2023 à 21:37, Greg Wooledge a écrit :

On Mon, Apr 10, 2023 at 12:13:15PM -0700, pe...@easthope.ca wrote:

Name:   hornby.islandhosting.com
Address: 158.69.159.172



As expected, login at https://hornby.islandhosting.com:2096 and at
https://mail.easthope.ca:2096 appear equivalent.

But for URL https://158.69.159.172:2096 Firefox warns,

"Warning: Potential Security Risk Ahead

[...]


What is the risk from an IP address?  Misconfiguration at Island Hosting
as Firefox suggests?


You've got three different URLs here, which means you're looking at three
different web sites.

 https://hornby.islandhosting.com:2096
 https://mail.easthope.ca:2096
 https://158.69.159.172:2096

Each of these may give you a different web site, even if they're all hosted
on the same physical computer, or the same virtual machine.

So, it's conceivable that Mozilla has flagged one of these web sites as
a security risk, but not the other two.

It's also conceivable that Mozilla has flagged an entire block of "raw IP
address URLs" as a security risk, based on a pattern of behavior that
they've seen from other web sites within that address range.

You'd have to ask Mozilla for the exact details about why they've flagged
what they've flagged.




It lay aklso be that the defaukt certificate presented has a name, and 
not an IP address

Re: should CLI have a nice UI today?

[Erwan David]

Le 29/03/2023 à 16:24, Nicolas George a écrit :

to...@tuxteam.de (12023-03-29):

Perhaps roughly 3k to 4k years of storing, transmitting and retrieving
information in written form have a part in it.

It may be a social convention, but by now it runs so deep that I'm
convinced you'll find epigenetic traces of it in us humans.


Or perhaps those 3-4K years of storing information have selected a
format that is close to the best possible with the limitations of our
brains, our eyes and our hands.

Keyboards are roughly 150 years old: it is possible we find some
improvement on the way they are designed that makes entering data more
efficient.

On the other hand, computers have not changed the fact that data enters
us mostly as images and sound, so I predict it is unlikely we find means
significantly more efficient than reading.

Regards,



and do not forget that CLI is what we use in degraded conditions, eg 
when there is no way to get graphics and colors (text, or favorite virtualisation solution here> console)


So we must not depend on graphical capacities to be available

Re: ssh-add after graphical login

[Erwan David]

Le 23/03/2023 à 09:42, Yassine Chaouche a écrit :

Hello all,

I'd like something to run ssh-add right after I login to my desktop
(KDE).
ssh-add needs to prompt me for my passphrase,
and doesn't need any privileges.

What are my options?

Best,



I  do this way :

I create a shell script ~/bin/start-session.sh in this script I have the 
command ssh-add < -


in System Settings > Startup and Shutdown > autostart I add this script 
as a login script

Re: PDF on debian

[Erwan David]

Le 09/03/2023 à 12:03, Corey Hickman a écrit :
I always compose documents in debian via VIM. so if there is a PDF 
plugin for VIM that would be great.


Thanks


Not a Vim plugin, but I usually compose documents in markdown in 
aneditor (be it vim or emacs) then generate a pdf from the markdown with 
pandoc

Re: hplip : looking for a workaround

[Erwan David]

Le 24/02/2023 à 18:41, Brian a écrit :

On Fri 24 Feb 2023 at 18:25:24 +0100, Erwan David wrote:


Le 24/02/2023 à 17:45, Brian a écrit :

On Wed 22 Feb 2023 at 17:49:13 +0100, Erwan David wrote:


Hi,

hplip seems to need a dependency, many commands end with

    File "/usr/share/hplip/base/password.py", line 119, in __readAuthType
      distro_name = get_distro_std_name(os_name)
    ^^^
NameError: name 'get_distro_std_name' is not defined. Did you mean:
'get_distro_name'?

I opend a bug for a missing dependency, but do someone know of a workaround
? I cannot use my scanner anymore because it needs a binary plugin installed
by hplip

Your issue and a workaround has been addressed. However, knowung
the device model just might lead to a better solution.


It is a LaserJet_Pro MFP M125nw

This is a little unfortunate. My records show this device to be
capable of driverless printing, but not of driverless scanning.
The later can be ascertained by running

   avahi-browse -rt _uscan._tcp

An empty output is bad news.

It appears you have to rely on the non-free plugin and the
workaround.

Yes no problem with printing, only with scanning... (for driverless alas 
I did not find how to make it work when printer and computer are not on 
same network).

Re: hplip : looking for a workaround

[Erwan David]

Le 24/02/2023 à 17:45, Brian a écrit :

On Wed 22 Feb 2023 at 17:49:13 +0100, Erwan David wrote:


Hi,

hplip seems to need a dependency, many commands end with

   File "/usr/share/hplip/base/password.py", line 119, in __readAuthType
     distro_name = get_distro_std_name(os_name)
   ^^^
NameError: name 'get_distro_std_name' is not defined. Did you mean:
'get_distro_name'?

I opend a bug for a missing dependency, but do someone know of a workaround
? I cannot use my scanner anymore because it needs a binary plugin installed
by hplip

Your issue and a workaround has been addressed. However, knowung
the device model just might lead to a better solution.


It is a LaserJet_Pro MFP M125nw

Re: hplip : looking for a workaround

[Erwan David]

Le 22/02/2023 à 18:46, Celejar a écrit :

On Wed, 22 Feb 2023 17:49:13 +0100
Erwan David  wrote:


Hi,

hplip seems to need a dependency, many commands end with

    File "/usr/share/hplip/base/password.py", line 119, in __readAuthType
      distro_name = get_distro_std_name(os_name)
    ^^^
NameError: name 'get_distro_std_name' is not defined. Did you mean:
'get_distro_name'?

I opend a bug for a missing dependency, but do someone know of a
workaround ? I cannot use my scanner anymore because it needs a binary
plugin installed by hplip

This is your bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031784

but this earlier bug discussion contains a workaround (I haven't tried
it):

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029459

FTR, here's the upstream bug:

https://bugs.launchpad.net/hplip/+bug/2003739

Thanks the workaround in 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029459 worked.

hplip : looking for a workaround

[Erwan David]

Hi,

hplip seems to need a dependency, many commands end with

  File "/usr/share/hplip/base/password.py", line 119, in __readAuthType
    distro_name = get_distro_std_name(os_name)
  ^^^
NameError: name 'get_distro_std_name' is not defined. Did you mean: 
'get_distro_name'?


I opend a bug for a missing dependency, but do someone know of a 
workaround ? I cannot use my scanner anymore because it needs a binary 
plugin installed by hplip

Re: Lien cassé sur le paquet apache2-data dist Bullseye et dépôt officiel http://ftp.debian.org

[Erwan David]

Le 11/01/2023 à 12:47, didier gaumet a écrit :
Euh, je ne connaissais pas cette couche ICAP(1) mais en gros ton 
problème me semble venir de là: elle considère (ou a considéré 
ponctuellement) le paquet Debian en question comme suspect car 
présentant trop de sous-niveaux d'archive?


(1) https://en.wikipedia.org/wiki/Internet_Content_Adaptation_Protocol




Moi je vois un "Vendor: Sophos" ça sent le proxy filtrant avec son 
antivirus.

Gnome/Kde color correction

[Erwan David]

Hello,

I have colord-kde installed, in the system settoings I get

"You need Gnome Color Management installed in order to calibrate devices"


Which package should I install ?


I already have

ii  colord 1.4.6-2.1    amd64    system 
service to manage device colour profiles -- system daemon
ii  colord-data    1.4.6-2.1    all  system 
service to manage device colour profiles -- data files
ii  colord-kde 22.12.0-1    amd64    Color 
management for KDE
ii  colord-sensor-argyll   1.4.6-2.1    amd64    system 
service to manage device colour profiles -- argyll sensor plugin
ii  elpa-color-theme-modern    0.0.3-3  all  deftheme 
reimplementation of classic Emacs color-themes
ii  fonts-noto-color-emoji 2.038-1  all  color emoji 
font from Google
ii  gnome-color-manager    3.36.0-1+b1  amd64    Color 
management integration for the GNOME desktop environment


(so yes, gnome-color-manager is installed)

Re: Missing module in initramfs : haw to know which one, and how to add it.

[Erwan David]

Le 14/10/2022 à 09:12, Erwan David a écrit :


I got my modules list, I put the list in /etc/iniramfs-tools/modules, 
update-initramfs -v -u : they are not added to the initrd


man initramfs-tools says

Modules listed in /etc/initramfs-tools/modules and 
/usr/share/initramfs-tools/modules.d/* are always included in the 
initramfs, and are loaded early in the boot process.


So I do not understand what I should do



Ok, solved : there shouldbe no white line in the file...

Thanks for listening this helped me to find the errors

Re: Missing module in initramfs : haw to know which one, and how to add it.

[Erwan David]

Le 14/10/2022 à 07:30, Erwan David a écrit :

Le 14/10/2022 à 07:18, Erwan David a écrit :

Hi,

Some times ago I went from modules=most to modules=dep in initramfs, 
because /boot was too small.


the machine is a laptop usually standalone but from time to time 
connected to a dock with external USB keyboard


Today at boot : external keyboard worked for grub, did not work for 
entering LUKS key, and works once system is started. This I deduce I 
need some supplementary module(s) in the initrd. Is there a way to 
identify those modules and add them ?





Ok, I did an update-initramfs -v -u with and without the dock, now I 
have a list of modules added for my dock installation. I'll check how to 
force them being in the initrd even if devices are not detected at 
generation time.






I got my modules list, I put the list in /etc/iniramfs-tools/modules, 
update-initramfs -v -u : they are not added to the initrd


man initramfs-tools says

Modules listed in /etc/initramfs-tools/modules and 
/usr/share/initramfs-tools/modules.d/* are always included in the 
initramfs, and are loaded early in the boot process.


So I do not understand what I should do

Re: Missing module in initramfs : haw to know which one, and how to add it.

[Erwan David]

Le 14/10/2022 à 07:18, Erwan David a écrit :

Hi,

Some times ago I went from modules=most to modules=dep in initramfs, 
because /boot was too small.


the machine is a laptop usually standalone but from time to time 
connected to a dock with external USB keyboard


Today at boot : external keyboard worked for grub, did not work for 
entering LUKS key, and works once system is started. This I deduce I 
need some supplementary module(s) in the initrd. Is there a way to 
identify those modules and add them ?





Ok, I did an update-initramfs -v -u with and without the dock, now I 
have a list of modules added for my dock installation. I'll check how to 
force them being in the initrd even if devices are not detected at 
generation time.

Missing module in initramfs : haw to know which one, and how to add it.

[Erwan David]

Hi,

Some times ago I went from modules=most to modules=dep in initramfs, 
because /boot was too small.


the machine is a laptop usually standalone but from time to time 
connected to a dock with external USB keyboard


Today at boot : external keyboard worked for grub, did not work for 
entering LUKS key, and works once system is started. This I deduce I 
need some supplementary module(s) in the initrd. Is there a way to 
identify those modules and add them ?

Add route exception in NetworkManager vpn

[Erwan David]

Hi,

I use a vpn with network manager which routes everything through it.
I'd like to add some exceptions for local or not so local ressources 
that cannot be reached through the VPN.
The ideal situation would be to be able to give as gateway for those 
routes "the default gateway before the VPN was up".

Is there a way to do this ?

It may be through a dispatcher script at vpn-preup time, but I'm not 
sure by reading the doc if the routes have been changed at that time or not.




Thank you

Add route exceptions to a VPN with network manager

[Erwan David]

Hi,

I use a vpn with network manager which routes everything through it.
I'd like to add some exceptions for local or not so local ressources 
that cannot be reached through the VPN.
The ideal situation would be to be able to give as gateway for those 
routes "the defayukt gateway before the VPN was up".

Is there a way to do this ?

Thank you

Re: Okular very slow

[Erwan David]

Le 06/10/2022 à 16:40, Kushal Kumaran a écrit :


On Thu, Oct 06 2022 at 09:58:02 AM, Erwan David  wrote:

My okular is very slow at starting. I see that when it starts it
mounts an automounted webdav share, and seems to scan it.
How can I tell it not to scan anything at start ?


Is it attempting to verify which, if any, of the files in "File" ->
"Open Recent" are still available?  Clear that list ("File" -> "Open
Recent" -> "Clear List") and see.



Seems to be the reason, thanks, I thought I had no file on this drive in 
the list, I was wrong

Okular very slow

[Erwan David]

My okular is very slow at starting. I see that when it starts it mounts 
an automounted webdav share, and seems to scan it.

How can I tell it not to scan anything at start ?

Okular very slow : seems to scan webdav mounted share

[Erwan David]

My okular is very slow at starting. I see that when it starts it mounts 
an automounted webdav share, and seems to scan it.

How can I tell it not to scan anything at start ?

Re: update-initramfs outside of /boot

[Erwan David]

Le 01/10/2022 à 18:25, Felix Miata a écrit :

Erwan David composed on 2022-10-01 16:21 (UTC+0200):


My /boot is 235 MB (from deb 10 installer), however in testing I now
have 56MB initramfs files and update-initramfs cannot work for the 3rd
kernel to install (and apt autoremove keeps 2 kernels, thus at upgrade
there are temporarily 3 kernels).
I see that all the files of the initramfs are put in /boot before
creating the compressed image, thus the need for place. Is there a way
to cofigure update-initrams so that the creation of the im age is done
in another filesystem before instalation in /boot ?

Alternative options:

1-Move the oldest kernel files to another filesystem, or everything, from /boot.
You don't need them there until time to reboot.

2-You're not forced to keep two kernels. Remove the non-running one manually.

3-As Stefan already suggested, MODULES=dep. It's routine here. Big initrds take
more time to load, which can be quite noticeable on old hardware.

4-Is your /boot adjacent to your swap? If yes, easily recreate both, with 
smaller
swap, larger /boot. Don't forget to adjust fstab for UUID change of swap, or 
apply
the one from fstab on the new.



My /boot is next to an encrypted lvm containing te rest of the disk. I 
fear resizing /boot would require a reinstall, I'll set modules=dep

Re: update-initramfs outside of /boot

[Erwan David]

Le 01/10/2022 à 17:16, Stefan Monnier a écrit :

My /boot is 235 MB (from deb 10 installer), however in testing I now have
56MB initramfs files and update-initramfs cannot work for the 3rd kernel to
install (and apt autoremove keeps 2 kernels, thus at upgrade there are
temporarily 3 kernels).

 MODULES=dep

and

 COMPRESS=lzma

in `initramfs.conf` can make a big difference.


 Stefan


I alreaady have compres=zstd (should be better than lzma). modules=most 
because I do not like the "guess". An d It would be a temporary mesuer 
since initramfs siuze keeps growing. I just do not see the point of 
building it in /boot rather than eg /tmp or another directory specified 
in conf.

update-initramfs outside of /boot

[Erwan David]

My /boot is 235 MB (from deb 10 installer), however in testing I now 
have 56MB initramfs files and update-initramfs cannot work for the 3rd 
kernel to install (and apt autoremove keeps 2 kernels, thus at upgrade 
there are temporarily 3 kernels).


I see that all the files of the initramfs are put in /boot before 
creating the compressed image, thus the need for place. Is there a way 
to cofigure update-initrams so that the creation of the im age is done 
in another filesystem before instalation in /boot ?

Re: Plugin HP

[Erwan David]

Le 30/09/2022 à 17:11, MERLIN Philippe a écrit :

Le vendredi 30 septembre 2022, 15:42:43 CEST Bureau LxVx a écrit :

Bonjour,

Sur le pc d'un am et une debian toute fraîche et mise à jour, je ne réussis
pas à installer / finaliser le HPLIP.
A la fin de l'installation, impossibilité d'imprimer la page test.
Il manque le plugin  : ok

Toutefois, l'installation de ce plugin et du lancement du .run
https://developers.hp.com/sites/default/files/hplip-3.21.2-plugin.run
se termine par checksum corrompu.

Et cela que ce soit la dernière version hplip téléchargée sur
https://developers.hp.com/hp-linux-imaging-and-printing : Version: 3.22.6
Clé du plugin correspondant corrompue

ou celle de synaptic :
3.21.2+dfsg1-2 (unstable ?)

https://developers.hp.com/sites/default/files/hplip-3.21.2-plugin.run
Dans le script : HPLIP 3.21.2 Plugin Self Extracting Archive"

J'espère avoir été assez claire ...

Merci de votre aide.

Bien librement,

Sylvie

Pouquoi installer un plugin ? normalement l'installation de hplip suffit,
Sur mon ordi :
hplip
hplip-data
hplip-cups
hplip-gui
venant sûrement de debian non-free hplip, hplip-data, hplip-gui 3.22.6 Sid
Amicalement
Philippe Merlin




ça dépend de l'imprimante, pour scanner avec la mienne (MFP m125nw) il 
faut installer un plugin qui est un bout de firmware binaire fourni par 
HP mais qui n'est pas dans les paquets debian à ce qu'il semble

Re: Grosse fatigue

[Erwan David]

Le 23/09/2022 à 12:42, antoine.valmer a écrit :

On Friday 23 September 2022 12:34:01 BERTRAND Joël wrote:

Attention, les ports sont renommés automatiquement sauf s'il y a des
règles udev spécifiques. Cela fut rigolo au passage de l'ancien système
au nouveau (et si j'ai pu récupérer eth1 et eth2, eth0 n'a rien voulu
savoir et se retrouve lan0).


Hello,
on peut tout à fait modifier le nom des ports eth, wlan...,
que ces noms abscons non explicites (ens...) attribués d'office par Debian et 
Ubuntu :
https://waytolearnx.com/2019/05/renommer-linterface-par-defaut-ens33-a-lancienne-eth0-sur-ubuntu-16-04.html

eth0, wlan0... c'est explicite, et pratique pour réparer un réseau défaillant.

Bonne journée.




Et au moins ça change pas sur une mise à jour de udev/systemd comme ça 
m'est arrivé.

Re: Postfix rejeter from et to en même temps

[Erwan David]

Le 06/09/2022 à 11:33, Wallace a écrit :


Bonjour,

Sur Postfix j'arrive bien à filtrer les from et les to en fonction de 
différents critères mais je n'arrive pas à trouver comment filtrer en 
from et to en même temps.


Exemple en to j'ai une boite d'une personne valide donc je ne peux pas 
la bloquer en filtre to mais certaines adresses en from vers ce to est 
refusé pour raison d'encodage des headers et l'éditeur ne semble pas 
vouloir corriger. Du coup je voudrais bloquer ce from vers ce to 
spécifiquement tout en laissant passer les autres mails vers le même 
to et les autres mails avec le from problématique vers d'autres to.


Une idée de quelles options sont nécessaires pour cela?

Sinon je regarde aussi un filtre milter spécifique mais je n'ai pas 
trouvé grand chose de pertinent.


Merci par avance pour vos avis.

Bonne journée

Il va falloir regarder du côté des policy-filter. Car le filtrage 
interne à postfix ne travaille que sur un seul en-tête à la fois.

Re: Resize partitions ext4 /LVM

[Erwan David]

Le 16/08/2022 à 16:30, Daniel Caillibaud a écrit :

Le 16/08/22 à 16:08, hamster  a écrit :

mount -o bind /home/docker /var/lib/docker


C'est en effet une option, mais je comprend pas bien l'interet de le
faire comme ca plutot qu'avec un lien symbolique ?


Ça permet d'avoir le "vrai" chemin qui reste /var/lib/…

Ça peut éviter des problèmes (une dépendance mal codée qui vérifierait ce 
chemin), ou de la
customisation compliquée (pour apparmor par ex).

Je me souviens avoir fait ça pour mysql il y a très longtemps, un lien 
symbolique passait pas
(à cause de apparmor il me semble) alors qu'avec un bind ça passait crème sans 
aller bidouiller
les configs par défaut du système.



en cas de chroot (et iml y a des chances que docker en fasse) un lien 
symbolique absolu ne va plus marcher, alors que le montage bind n'aura 
pas ce problème.

Re: *Now* what is starting ssh-agent?

[Erwan David]

Le 26/07/2022 à 20:40, Chris Mitchell a écrit :

Hi all,

I have my own systemd "user" .service unit that I like to use to start
ssh-agent the way I want it started, which works fine… except for the
neverending game of whack-a-mole tracking down and disabling various
legacy workarounds that go ahead and start ssh-agent unasked (or
emulate it, poorly, like gnome-keyring) and clobber my SSH_AUTH_SOCK
env-var.



ssh-agent is usually started by your session manager. I do not know 
wether all DE use this, but you can find it in


/etc/X11/Xsession.d/90x11-common_ssh-agent

Re: Où se documenter sur une expression comme ${1%/*} dans /bin/sh ?

[Erwan David]

On Mon, Jul 25, 2022 at 10:06:28AM CEST, bern  said:
> Le 2022-07-25 09:49, Olivier a écrit :
> > Bonjour,
> > 
> > Dans /etc:dhcp/debug sous Bullseye, j'ai trouvé l'instruction ci-après.
> > echo "$(date): entering ${1%/*}, dumping variables."
> > 
> > Cette expression vaut /etc/dhcp/dhclient-exit-hooks.d dans ce cas
> > précis quand $1 vaut /etc/dhcp/dhclient-exit-hooks.d/monscript.
> > 
> > Où trouver de la doc sur ce type d'expression (ie %/*) ?
> > 
> > Slts
> 
> man bash
> 
> 

man sh plutôt non ? Par défaut sh c'est dash, pas bash sous debian

-- 
Erwan

Re: nft newbie

[Erwan David]

Le 12/07/2022 à 22:00, Marco a écrit :

Am Tue, 12 Jul 2022 21:17:40 +0200
schrieb :


That looks like a sensible strategy to me.


It isn't at all, completely blocking incoming ICMP is a very stupid
idea.

ICMP is used for control messages, e.g. for Path MTU discovery.
The only IMCP message that can be blocked is echo request or echo
reply, everything else creates problems like nasty timeouts to certain
sites.
You can block incoming echo requests and let all others through it.




I did not speak of blocking ICMP, I refered to the ICMP (host not 
reachable, network not reachable or administratively prohibited that the 
firewall itself emits in cas of a Reject.

Re: nft newbie

[Erwan David]

Le 12/07/2022 à 17:27, Henning Follmann a écrit :

On Tue, Jul 12, 2022 at 11:31:11AM +0100, mick crane wrote:

On 2022-07-12 10:33, Gareth Evans wrote:

On Tue 12 Jul 2022, at 10:19, Maximiliano Estudies

In most cases it's a best practice to configure all chains with
_policy drop_ and then add rules for the traffic that you want to
allow

All the nftables and PF howtos I have found take this approach.

Why is it best practice?  Is there any security advantage over
rejection?


I think it is just that 'reject' tells the remote system there is something
listening.
mick



Oh quite contraire!
It literally tells you that there is nothing. And that is the problem.
This way your system can be part of an attack onto someone else.
Because your system creates a message which then is sent to the
address in the src address. And that can be a forged address.
This way you reflect messages to someone else.

In a nice world, where everybody plays by the rules reject would be the
proper thing. Here in reality drop is the better choice.



It depends on your settings. Personnally on a router I tend to Reject if 
the ICMP goes to the internal network, drop if it would be sent outside. 
That avoids some weird timeouts in the internal network (put your own 
definition of internal)

Re: sleep(1) vs. sync(1) twice before umount(8)

[Erwan David]

Le 10/07/2022 à 19:46, fxkl4...@protonmail.com a écrit :

On Sun, 10 Jul 2022, David Christensen wrote:


On 7/10/22 09:57, fxkl4...@protonmail.com wrote:

On Sun, 10 Jul 2022, David Christensen wrote:

On 7/10/22 05:55, fxkl4...@protonmail.com wrote:

Several decades ago I was taught to type sync and then type sync

again before unmounting a drive

The only reason I ever got was that the second sync was a time delay

Any potential gotchas?

I was never brave enough to poke that bear :)


Have you ever experienced any problems or surprises with the technique?

No
I spent a couple of decades baby sitting a room full of HP K200s and K380s
Experimenting was not something done lightly, if you valued your job
You stick with what works
Typing sync twice was advised and I was not inclined to anger some unknown god
Using sleep between operations is as you say experimental
I wrote many scripts that ran as cron jobs at night
I was not concerned with speed
I've been retired for almost a decade and do not miss the sleepless nights


IIRC the second sync() was blocked until the first one finished. Thus 
you were sure to wait the completion of the sync() whereas the sleep()  
waits for a fixed amount of time. However, I'm not sure it is still 
needed with modern file systems

Re: nft newbie

[Erwan David]

Le 07/07/2022 à 10:11, Roger Price a écrit :


I looked at the workstation example, but it doesn't even allow access 
via ssh. On my Debian 11 box I found 
/usr/share/doc/nftables/examples/workstation.nft which does show how to 
allow incoming ssh, http and https traffic.


Newbie 1: Is it normal for nftables configuration files to be 
executable?  As a newcomer, I expected something more "traditional", ie 
a file containing only key words and data values.


Yes it is. If you look at the first line you see it is a script to be 
evaluated by /usr/sbin/nft



Newbie 2: Command ls -l /etc/nftables.conf reports

    -rwxr-xr-x 1 root root 228 Jan 17  2021 /etc/nftables.conf*

This looks as if anyone can read and execute this file.  I tried as a 
simple user and got the error message


    /etc/nftables.conf:3:1-14: Error: Could not process rule: Operation 
not permitted

    flush ruleset
    ^^

Is execution not permitted for non-root/non-file owner ?


nft configuration is indeed possible only for root.

Newbie 3: The configuration file begins with the Bash shebang 
#!/usr/sbin/nft -f but the Debian 11 man page for nftables says


   -f, --file filename Read input from filename. If filename is -, read 
from stdin.


and doesn't mention omitting the filename.  I'm guessing that -f with no 
file name means "read from the remainder of this file".  Is this correct?


It's very old for me (I began unix in 1990)  but in my understanding 
when a file begins wth a shebang the line after the shebang is completed 
with the path to the file and the full line is then executed, thus 
You'll end with a command line of /usr/sbin/nft -f /etc/nftables.conf

Re: Firewall blocking my new Debian 11 server ports 80 and 443

[Erwan David]

Le 29/05/2022 à 13:22, Tom Browder a écrit :

On Sun, May 29, 2022 at 05:41 Tom Browder  wrote:

Does anyone have a good reason for me to NOT install and enable UFW?

-Tom


 good reason would be that thtere is obviously already something on 
your server magaing the firewalling. Having 2 different systems will 
lead to inconsistency and erratic behiaviour. First thing is to identify 
what is putting the rules you showed us. (rules that do not block ports 
80 and 443)

Re: [SOLVED] Re: One-user system.

[Erwan David]

Le 06/05/2022 à 20:24, Thomas Schmitt a écrit :

Hi,

Greg Wooledge wrote:

I think you're vastly underestimating the average age of subscribers on
this list.

Huh ? ... What ? ... Age ? ... Whom do you call old ?

VIC-20 users don't get old.

Since most of the posters here are of over average age we should immediately
drop the whole concept in order to avoid a severe mathematical paradox.


Have a nice day :)

Thomas



I my head I am still 13, the age when I discovered the C64...

Re: wtf just happened to my local staging web server

[Erwan David]

Le 04/05/2022 à 19:01, Gary Dale a écrit :
My Apache2 file/print/web server is running Bullseye. I had to restart 
it yesterday evening to replace a disk drive. Otherwise the last reboot 
was a couple of weeks ago - I recall some updates to Jitsi - but I don't 
think there were any updates since then.


Today I find that I can't get through to any of the sites on the server. 
Instead I get the Apache2 default web page. This happens with both 
Firefox and Chromium. This happens for all the staging sites (that I 
access as ".loc" through entries in my hosts file). My jitsi and 
nextcloud servers simply report failure to get to the server.


I verified that the site files (-available and -enabled) haven't changed 
in months.


I tried restarting the apache2 service and got an error so I tried 
stopping it then starting it again - same error:


root@TheLibrarian:~# service apache2 start


It looks like you started it, not restart, thus the running apache is 
not killed


[...]



May 04 12:16:55 TheLibrarian systemd[1]: Starting The Apache HTTP Server...
May 04 12:16:55 TheLibrarian apachectl[7935]: (98)Address already in 
use: AH00072: make_sock: could not bind to addre>
May 04 12:16:55 TheLibrarian apachectl[7935]: (98)Address already in 
use: AH00072: make_sock: could not bind to addre>


This is consistent with former apache still running at that time, and 
using the wanted ports.

Re: disable IPv6 debian

[Erwan David]

Le 15/04/2022 à 14:35, wilson a écrit :

after doing this, do I need to restart the OS?

thanks

Reco wrote:

The most non-intrusive way of doing it (side effects considered) is:

/sbin/sysctl -w net.ipv6.conf.default.disable_ipv6=1
/sbin/sysctl -w net.ipv6.conf.lo.disable_ipv6=0





No. But it won't be kept if you reboot
To make it permanent you need to create the file
/etc/sysctl.d/10-disable_ipv6.conf with the 2 lines

net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=0

Re: Problème de SMTP

[Erwan David]

Le 15/04/2022 à 10:49, ajh-valmer a écrit :

On Friday 15 April 2022 09:41:50 Frédéric MASSOT wrote:

Le 14/04/2022 à 23:06, ajh-valmer a écrit :

Depuis 2 jours, les SMTP refusent tout envoi de mails.
smtp.bbox.fr , smtp.free.fr
J'utilise le MUA Kmail et c'est idem avec Evolution.
Voici le message :
"Impossible d'envoyer le message :
Le fichier ou le dossier Le contenu du message n'a pas été accepté.
Le serveur a répondu : « 5.7.1 Spam Detected - Mail Rejected. Please see our 
policy at:
http://postmaster.free.fr/#spam_detected » n'existe pas.
Le message restera dans votre dossier « À envoyer » jusqu'à ce que le problème 
soit corrigé
(par exemple une adresse non valable) ou que vous le déplaciez dans un autre 
dossier.
Le protocole de transport suivant a été utilisé : free"



Tu as testé en haut de la page "https://postmaster.free.fr; si ton IP
n'est pas bloquée ?


Et non, mon IP n'est pas listée.

C'est la même chose avec "smtp.bbox.fr",
le message d'erreur est "policy error", mail pas envoyé.
(et pourtant je suis chez Bouygues-telecom, bbox).
Je les ai appelé, seule solution, passer par leur webmail,
technicien au tél peu au courant des réseaux et serveur de mails...

Bonne journée.



N'aurais-tu pas un antivirus qui vérifie les mails que tu envoie ? Quand 
ils ont des problèmes ça peut amener ce genre de comportement

Re: Paquets installés automatiquement

[Erwan David]

Le 04/04/2022 à 10:56, David BERCOT a écrit :

Bonjour,

J'essaye de gérer mon installation en ne conservant que les paquets 
strictement nécessaires.

Pour cela :
1. je bascule la liste de tous les paquets en mode "auto" (via apt-mark 
auto)
2. j'installe "manuellement" ceux qui me semblent nécessaires (et qui 
changent donc d'état vers "manual")
3. je fais un apt autoremove pour supprimer ceux qui ne sont pas liés à 
mon installation manuelle


J'ai l'impression, globalement, que ça fonctionne.
Toutefois, je viens de constater que ce n'était pas le cas et que 
j'avais par exemple tous les paquets "evolution*" qui étaient pourtant 
marqués comme "auto", liés à aucune installation manuelle, et qui 
n'étaient pourtant pas purgés via apt autoremove.


Est-ce que vous auriez une idée de la raison de ce comportement ?

Merci d'avance.

David.


Tu peux faire un aptitude why 'paquet' (si tu as aptitude) pour avoir 
une des raisons d'installation. N'oublie pas qu'un paquet Recommandé 
reste s'il est en Auto.

Re: Where do you get Virtualbox

[Erwan David]

Le 02/04/2022 à 06:17, Pankaj Jangid a écrit :

Dan Ritter  writes:


In any case, you seem to have answered your own question: Oracle
is the supplier of virtualbox. If you don't trust them, there
are many fine alternatives to virtualbox, most of which are
built on the  work of kvm, qemu or Xen.

To use USB devices inside a guest system, user is required to install
Oracle supplied binary deb packages. It will write to privileged
locations on the file system. I didn’t like that and discovered much
easier and light weight alternatives. I use ’qemu’.


I do not need it. Indded I only need it to use Visio (no I cannot use 
any alternative)

Re: Where do you get Virtualbox

[Erwan David]

Le 31/03/2022 à 15:57, The Wanderer a écrit :

For myself, the answer is quite simple: I don't. VirtualBox used to make
my life easier, but the combination of not being available in Debian
testing with the *reasons* why it isn't available there
(license-related, last time I checked, if I remember correctly) mean the
ways in which it used to make my life easier aren't worth the trouble of
getting it from somewhere else, at least not to me.


When running stable or testing, installing a package from sid is at
least mildly inadvisable - because it may pull in dependencies from sid,
thereby leading to your running not only a FrankenDebian but one which
is partly sid and therefore includes some of the risks that come with
running sid.

Installing a package from a third-party repository has its own risks,
and I no longer trust Oracle to do the right thing when it comes to
open-source software, so I can't recommend installing VirtualBox from
their repository.



Alas, you cannot always choose exactly what you use a must comprimise a 
little. For virtualbox one of my interrogations is that the package in 
sid is very good, is stable, but it never goes to testing. There ust be 
a reason, but I could not find it.

Where do you get Virtualbox

[Erwan David]

virtualbox is available either in Sid, or on Oracl's virtualbox 
repository. Where do you get it (I am on testing).


--

Erwan

Re: Predictable Network Interface Names

[Erwan David]

Le 30/03/2022 à 21:15, Brian a écrit :

= which

goes into some detail.

Thanks. Very informative. As the second link says:

   The resulting reality is that your PCI based names are only
   stable if you change no hardware in the system. The moment
   you change any hardware all bets are off for all hardware.

This, plus your advice, could point the OP to a way forward.



I also got a name change with an upgrade (I do not remember wether it 
was kernel, systemd or udev).


SInce interfaces where combined in a bond, imagine the mess...

Re: Predictable Network Interface Names

[Erwan David]

Le 30/03/2022 à 20:39, Greg Wooledge a écrit :


Doesn't matter.  You can choose a memorable name.  The MAC address is
simply the data point you place in the config file, so the system knows
this is the interface you're talking about.

unicorn:~$ cat /etc/systemd/network/10-lan0.link
[Match]
MACAddress=18:60:24:77:5c:ec

[Link]
Name=lan0

That's what I'm using.  Of course, this relies on the MAC address being
consistent across boots.  I've heard of some cases where this isn't
true, but I believe those cases involved removable devices (USB network
interfaces or similar).

"lan0" is familiar to me from HP-UX, and it also isn't "eth0", so there's
no risk of collision with the kernel's default name scheme.  I have
no idea what happens if you try to assign the names "eth0" and "eth1"
to a pair of interfaces that come up as "eth1" and "eth0" by default.
Are the renames done sequentially?  Will they fail in this case?  I don't
know, and I don't want to find out the hard way.


Be aware that bridge or bond interfaces get their mac address from one 
of the inner inetrface, thus you may have to add a macth (eg a match on 
the driver)

Re: Quel(s) serveur(s) DHCP pour 250 LAN de petite taille (/28) ?

[Erwan David]

Le 11/03/2022 à 12:48, Olivier a écrit :

Bonjour,

Je souhaite mettre en place sur une machine Bullseye, un service DHCP
traitant 250 réseaux locaux de petite taille (/28 soit 16 adresses)
mais chacun avec 1 ou 2 machines connectées, au maximum.

1. Qui a déjà mis en oeuvre ce type de chose ? Avec quels composants ?
Quel retour d'expérience ?

2. Je connais le serveur DHCP d'ISC. J'ai l'habitude de lister les
interfaces sur lesquelles il écoute
en complétant la ligne INTERFACESv4 du fichier /etc/default/interfaces.
Existe-t-il une autre façon de fournir la liste des interfaces ?


Plutôt que d'avoir ton serveur avec une interface dans chacun de tes 250 
réseaux, tu peux utiliser un relais dhcp (par exemple sur le ou les 
touteurs qui relient tes réseaux) C'est plus simple puisque ton serveur 
DHCP n'a qu'une uinterface. Le relais lui envoie l'adresse de 
l'interface qui a reçu la reqêute et ton serveur trouve le pool 
correspondant.


C'est très simple à mettre en place

Re: apt-key deprecation.

[Erwan David]

Le 05/03/2022 à 20:04, Cindy Sue Causey a écrit :

On 3/5/22, Erwan David  wrote:

Hi,

When I update my packages I get the warning :

W:
https://download.virtualbox.org/virtualbox/debian/dists/buster/InRelease:
Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see
the DEPRECATION section in apt-key(8) for details.

I looked at section DEPRECATION in apt-key, but did not find how I can
extract those keys from /etc/apt/trusted.gpg and put them in trusted.gpg.d

What would be the easier way ?




Yes I already saw this but

1) How do I extract keys from /etc/apt/trusted.gpg ?

2) Can I completely remove the file once I have extracted all non-debian 
keys from it ?


Putting the key in another location and specifying where to llok for 
each repository does not work, because of packages which add their key 
in /etc/apt/trusted.gpg.d (one example is spotify, and I think micorsoft 
teams)


But my problem is with the lack of documentation for transitioning from 
old scheme to new one.

apt-key deprecation.

[Erwan David]

Hi,

When I update my packages I get the warning :

W: 
https://download.virtualbox.org/virtualbox/debian/dists/buster/InRelease: 
Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see 
the DEPRECATION section in apt-key(8) for details.



I looked at section DEPRECATION in apt-key, but did not find how I can 
extract those keys from /etc/apt/trusted.gpg and put them in trusted.gpg.d



What would be the easier way ?

Re: Aliases No longer Works for User

[Erwan David]

Le 26/02/2022 à 20:48, Stephen P. Molnar a écrit :

On 02/26/2022 02:35 PM, Greg Wooledge wrote:

On Sat, Feb 26, 2022 at 02:23:04PM -0500, Stephen P. Molnar wrote:
Without any sort of warning as the user, I can no longer use 
aliases, nor the normal bash commands on th xfce4-terminal. Root is 
still working without problems.
Show us. Paste a SESSION from your TERMINAL into the email so we can 
see it. Then show us some evidence that the alias is actually 
defined. Ideally you would run the "alias" command, which prints all 
of your aliases. Then you would PASTE THAT SESSION SNIPPET INCLUDING 
THE SHELL PROMPT, THE COMMAND YOU RAN, AND ITS OUTPUT into an email 
so we can see it. You could also verify which shell you are using, by 
running "ps -p $$". Then paste that shell prompt, and the command 
that you ran, and its output, into an email so we can see it. You 
could examine your shell's dot files. Assuming your shell is bash, 
the relevant one is .bashrc. So you could run "ls -ld ~/.bashrc" and 
paste your shell prompt, that command, and its output, into an email 
so that we can see it. Of course, .bashrc is only read when you open 
a terminal which runs a non-login shell in the normal and expected 
manner. If you've configured your terminal so that it runs a login 
shell instead of a regular shell, then you would also have to make 
sure you're dotting in (or sourcing) the .bashrc file from your 
shell's login profile. So, for that reason, it would be useful to 
know the exact command that your terminal is running. "ps -fp $$" 
should give that, assuming you run it in the top-level shell launched 
by your terminal, not in some kind of subshell or script. Paste the 
shell prompt, the command, and its output.
Bash has always been my default shell since the days of the Redhat 
Mother's Day Release


comp@AbNormal:~$ alias
alias l='ls -l --color'
comp@AbNormal:~$ l
-bash: ls: command not found
comp@AbNormal:~$ bash
-bash: bash: command not found
comp@AbNormal:~$ ls -ld ~/.bashrc
-bash: ls: command not found
comp@AbNormal:~$

What is your PATH variable ? It does not look like an alias problem 
(your l command is replaced by ls), but your shell seems not to find the 
programs.

Re: Bulseye - TacacsPlus - Configure ?

[Erwan David]

Le 14/02/2022 à 19:30, Maurizio Caloro a écrit :



I always use apt-cache as it also searches on description:

$ apt-cache search tacacs
libauthen-tacacsplus-perl - Perl module for authentication using 
TACACS+ server
libpam-tacplus - PAM module for using TACACS+ as an authentication 
service


strange  in my search, the system find only one Package

# apt-cache search tacacs
libauthen-tacacsplus-perl - Perl module for authentication using 
TACACS+ server

#

# cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main
deb-src http://deb.debian.org/debian bullseye main

deb http://deb.debian.org/debian-security/ bullseye-security main
deb-src http://deb.debian.org/debian-security/ bullseye-security main

deb http://deb.debian.org/debian bullseye-updates main
deb-src http://deb.debian.org/debian bullseye-updates main

#
Bullseye 11.2



I find libpam-tacplus only in testing and sid.

Re: You know what? Not only Debian but Fedora 35 has libthai too....and more

[Erwan David]

Le 14/02/2022 à 13:23, Thomas Schmitt a écrit :

Hi,

Dan Ritter wrote:

You can point at the CIA, the NSA, the FBI, and the KGB.


How come nobody ever thinks of our german BND when it's about successful
conspiracy ?



Maybe because theirs are really successfull.

Re: KDE qui ne se lance plus correctement

[Erwan David]

Le 19/01/2022 à 20:24, didier gaumet a écrit :


Le mercredi 19 janvier 2022 à 18:54 +0100, BERTRAND Joël a écrit :
[...]

 Concernant KDE, je ne trouve rien dans les logs. J'ai tenté
une
réinstallation avec apt install --reintall, même résultat. Je ne
connais
pas KDE, j'ai installé ce gestionnaire de bureau pour configurer
facilement les sorties son. Où chercher ?

Je réponds à côté mais ça peut t'intéresser au cas où:

- Si ton environnement perso utilise Pulseaudio (cas de presque tous
les DE, je pense) tu peux installer Pavucontrol qui devrait te
permettre de choisr ce que tu veux en sortie son. Ceci sous n'importe
quel DE/WM du moment que Pulseaudio est lancé.

- Si ton environnement utilises encore Alsa directyement (me souviens
plus: t'es pas sous WindowMaker, ça doit utiliser Alsa, je crois), un
utiloitaire graphique style Alsamixergui devrait aussi convenir (sais
pas, ça fait tellement longtemps que je l'ai utilisé)?



SOus KDE, on peut aussi utiliser pavucontrol-qt, c'ets pavucontrol mais 
avec les même libs graphiques que KDE (donc tire moins de nouvelles 
dépendances)

Re: pan1 ?

[Erwan David]

Le 22/12/2021 à 11:16, Txo a écrit :

Bonjour,

Depuis 2 ou 3 jours j'ai au démarrage une notification disant que je je 
suis connecté à Pan1.
Et un ifconfig le confirme, j'ai bien une interface en 10.x.x.x alors 
que mon réseau est sur la plage 192.168.1.x.
je soupçonne que le bluetooth sans matériel pour serait dans le coup. 
J'ai aussi des «BNP (ethernet emulation)» dans /var/log/messages.


Quel est donc le sagouin qui vient m'imposer un réseau que je n'ai 
jamais demandé


Merci.



Que dit exactement ifconfig quand il "le conforme" ?
Et ip l dit quoi ?

Re: BUG: Debian 11 version of bibletime - was [Re: Problems with "Bible Time" and "Xiphos"]

[Erwan David]

Le 13/12/2021 à 19:18, Richard Owlett a écrit :

On 12/13/2021 09:09 AM, Kent West wrote:
On Mon, Dec 13, 2021 at 8:57 AM Richard Owlett  
wrote:



[snip]

I installed both programs to the Debian 11 partition of my secondary
machine. I ran into two problems.

1. In Xiphos, [snip]

2. Bible Time has Help options available via F1, F2, and F3. All report
 "Module not available".


I then installed both programs to the Debian 10 partition to check for
"operator error" &/or version differences. As I had tried to first use
Xiphos on the Debian 11 install, I started with Bible Time on the 
Debian
10 install. It happily went looking for online libraries. Installed 
what

I requested and they were available also to Xiphos.
ALSO F1, F2, and F3 work.


Doing "apt purge" of bibletime and xiphos did not remove related data 
files. As I had no other applications installed, I reinstalled Debian 
11 from scratch.


I reinstalled bibletime and xiphos.
Using bibletime I installed Bible, concordance, etc.
F1 and F2 do NOT display the appropriate help files.

Further investigation of the Debian 11 filesystem shows that
/usr/share/bibletime/docs does not exist.

[On Debian 10 system it exists with sub-directories .../handbook and 
.../howto .  F1 and F2 works there.]


How do I correctly file a bug report?

TIA



apt-file search bibletime show that package bibletime-data contains a 
handbook and howto subdirectory in


/usr/share/doc/bibletime-data

Re: Unable to print with HP Envy 5030 under Debian 11

[Erwan David]

Le 12/12/2021 à 17:46, Brian a écrit :

On Sun 12 Dec 2021 at 15:37:20 +, Sharon Kimble wrote:

[Extensive snipping because HPLIP is redundant with Debian 11 (amd
also with Debian 10).]


So what do I need to do to allow me to print with this printer please?

Read the Releade Notes for Debian 11 and adjust your mindset :).

Could you please point the relevant part of the release notes ? This 
would be helpfull