Re: [DNG] meta: list
Gregory Nowak was quoted by Simon Hobson: > > I have toyed more than once with the question of what would happen if > > a group of us running our own mail exchanges made the choice to > > reject mail from gmail.com with a 550? If a few of us did it, we might > > miss mail we maybe wanted to get. If a bunch of us did it, then a > > bunch of gmail users would complain to google. My guess is google's > > response would be "this is a free service; if it doesn't work for you, > > then don't use it.??? > > No, I'll tell you what Google's response will be : > > "Our system is working fine, the other system is broken". > Don't forget that this is a company that is quite happy to > simply change the rules on the basis that it's big enough that > the rest of the world will adapt. Look at the history of stuff > they've "just changed" because it suits them. Sticking > with email, they were one of the first to implement SPF > fully knowing that it would break most mailing lists and > mail forwarders around the world - and so most mailing lists > around the world had to update software & change setups to suit > Google's* new set of "how email is to work" rules. I know, > I had a customer facing mail server** and mailing list server. I am considering starting an admin list, where one can only subscribe with an address starting with admin@... and perhaps only one admin@... per IP. While I support the right of consenting adults to indulge in various risky behaviours, including bending over for surveillance capitalists, I'd like to think that a more selective list would lead to more worthwhile conversations. I am perhaps a bit unkind when I say we have reached the point where many people have been so captured by google and similar that a form of Stokholm syndrome has set in, and that useful conversation is often derailed with "but actually I like ads that are relevant to my interests", "the upgrade/feature treadmill is fun, and keeps us all safe/buying stuff" - and I regard the entire SPF/DKIM/DMARC/SRS/nonsense part of this. I remember the propaganda being that encrypted mail is too hard to implement, dear Barbie: And yet here we are - we now are supposed to have full on signatures in every mail, yet the keys aren't held by the user, and the mail isn't private, and google spams me anyway - WTF, where did we go wrong ? I suppose I am derailing things - but if you think the admin@ list is something worth doing, let me know (off list is fine too) regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] meta: list
Hello > >But look here: This is the sending host for the DNG mailing list: > > > > Received: from mail.dyne.org (ns3218761.ip-162-19-139.eu [162.19.139.95]) > > > I think OVH allows classless delegation or at least setting PTRs for fixed > IPs. I'd guess it's laziness the reason why it isn't set. The list has no > DKIM signature, which is another sign of it. However, they have a good SPF > record. Aha - now that you mention it: $ dig +nocmd +short dyne.org txt "google-site-verification=6FghqJroXIvBY8cutq6ouO0RC-a8qynFu6sJR3S-IbA" "v=spf1 mx ip4:162.19.139.95/32 ip4:195.169.149.119/32 ip4:213.127.207.66/32 ip4:141.95.83.167/32 ip4:141.95.47.84/32 -all" "google-site-verification=xUtkCygX3roBSYAEh01x4JWAYzvUarh3igtFGUu99v8" "google-site-verification=Jl4hhjC5wPXP1owryns13qpeuEksWw_m-8lWNL_Kleg" "google-site-verification=2XoWrMMTQ7jmgcB_76Y_TQSnWDGhR4e-y_KLqoKOK1Q" Maybe it is not the spf line that makes a difference here but the other gunk. I worry that takes us ever closer to changing the E in email to a G. Maybe related news, and some more reading: https://www.jwz.org/blog/2022/08/today-in-google-broke-email/ regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] meta: list
Hello > I use gmail, and seem to be getting email from this list. I wonder if it > is because I have it skip the inbox, and go straight into a different > label. I think you are on to something: It could well be that there has been a shift to using how the recipients organise their gmail (do you sort it into a high value folder, do you reply to it, do you star it, etc, etc) as a factor in the decision to reject email at the SMTP transaction. That might explain why a small subset of gmail users still get to see the DNG messages ... if the heuristics are local to a user. Which seems reasonable, otherwise a spammer could sign up and superlike the their own spam, guaranteeing delivery for others too... Though I am not sure I should expend the energy to run some tomography on these interactions, in order to discover the heuristics that google actually uses - with apologies to the hitch-hikers guide to the galaxy: As soon as we have an explanation, the system will be replaced by an even more complex set of rules. What it does seem to mean is that gmail users are likely missing some legitimate messages completely - without even a trace in their spam folders. I suppose that is just another instance of the Availability vs Integrity vs Confidentiality Tradeoff that underlies most of Computer Security... though I for one like to make that call myself rather than having some AI try infer that from my mail reading behaviour. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] meta: list
Hello > It???s imperative that you have rdns, spf, dkim and dmarc set up and that it > all matches. > > My MTA will reject you if your ptr doesn???t match your a record and your > helo/ehlo hostname. spf, skim and dmarc are all scored via spamassassin. > Google rejects, outright, if there is any sort of mismatch in any of that at > all. Setting up dnssec for your domain is also helpful. > > DNG list traffic comes through just fine. But look here: This is the sending host for the DNG mailing list: Received: from mail.dyne.org (ns3218761.ip-162-19-139.eu [162.19.139.95]) As you can see that reverse IP doesn't match what the SMTP server connects as. So I am actually not quite sure if your MX is as strict as you claim it to be ? Or am I missing something ? Do you have a different Received header - it should be one of the first lines of every message ? And your server isn't alone in being not quite as strict as claimed: Despite the received wisdom that one had to have SPF+DKIM+DMARC+YOLO+SPQR+WTF :) set up to send mail to the dominant email servers, this wasn't actually true: At least until last week I managed to get mail accepted reliably by google despite having only a proper MX and reverse DNS entry - nothing else, not even SPF. And given that real people answered to those mails, most of them did not end up in their spam folders either. But this seems to have changed recently... hence this thread. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] meta: list
Hi Just a quick note that in the last week or so google seems have ratcheted up its rejection of mail from independent MTAs a notch or two. IF you check your logs, you might see 550 rejects with a message such as Our system has detected that this message is likely unsolicited mail. To reduce the amount of spam sent to Gmail, this message has been blocked. Please visit https://support.google.com/mail/?p=UnsolicitedMessageError for more information. In this case this is for an IP+DNS combination that is known to never have sent spam. And of course the supreme irony of the matter is that google itself stands accused of injecting spam into people's email - see noyb.eu The first reaction is to be a bit bleak about this, but giving it some thought, there might be a silver lining to this: This might be a significant step in the split into "internet classic" the familiar favourite versus the "hinternet.google", the free, convenient, but also watered-down and shrinkflated version. Amusingly I think the DNG list here might have gotten a headstart on this, with its unconfigured reverse DNS entry - looking through the recent mails I see next to no participants from gmail.com - presumably because they haven't seen mail from here. So I think the only sensible reaction is to get word out that to participate in this list it is now even more important find a decent nongmail provider, or even better - set up your own MX/MTA. I know that this can be a bit of a PITA, but if you maximise for convenience rather than knowledge/privacy, shouldn't you be using MacOS/Android instead than Devuan ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Init respawns - was: Be prepared for the fall of systemd
> Thanks Karl, > > Some questions: Hello > 1) Does Busybox init require the daemon to background itself? So I seem no reason why "nohup daemon > /var/log/logfile &" isn't sufficient for this, or is there something I am not aware of ? > 2) Does Busybox init give you a reasonable way to automatically restart the > process > after the process terminates? > > 3) Does Busybox init give you the choice of auto-restart or not for each > different > process? If it does, that's something specifically missing in Runit. At the risk of pinning my own interpretation on this: I suppose for quick, dirty and crashy hacks maybe automated restarts are useful to paper over some problems. But if the daemon you are running is likely to crash, it might also just hang in an infinite loop or leak file descriptors, or fill up a partition or grind through swap, things that a respawn doesn't really solve ... We are often told that "thesedays computers are cheap and programmers are expensive" as an excuse for writing flaky software, and from the perspective of the greedy and immortal AI that is a corporation, this makes sense - a bit of bespoke software, even if flaky, might do the work of a human more quickly and cheaper while the costs are externalised. But the free software universe things are different - unreliable or bloated software wastes the time and hardware resources of thousands, perhaps millions of people. And even if you are happy to ignore the environmental costs (electricity, more hardware bought more often), then maybe some other reasoning might be persuasive: I certainly often marvel at the craftsmanship of people from previous ages - from as small as an excellent hand tool to as expansive as a church, mosque or similar - those things were made not "meh, good enough", but as good as humanly possible, and I would think that the free software world has some similarities there - while software might be written to scratch an itch, the solution is often created for the joy of it, for the satisfaction of building something really good - be it just for fun, the desire to leave a legacy or building a contemplative mandala. TL;DR: just install better daemons ;) regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] no mails from dng :-( [maybe OT]
> I think the first step would be to fix the reverse DNS entry for the host > lists.dyne.org Or more precisely, 162.19.139.95 which claims to be sending mail as lists.dyne.org - at least to me Perhaps this is a live server migration/restore/update ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] no mails from dng :-( [maybe OT]
> Hello list, Hiya > Can confirm on my end too, apparently a meeble.net is now involved. That, or I > no longer understand emails anymore. Meeble is Marjorie's domain, and message-ids and in-reply-tos often contain domain names I think the first step would be to fix the reverse DNS entry for the host lists.dyne.org regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] no mails from dng :-( [maybe OT]
> Good Day everybody, Hello > I haven't been receiving any messages from this list since 18.7.2022 > 02:17 (simple-netaid for daedalus) and I have no idea why. So I count about 33 mails since the 18th, with the following 8 threads: Chimaera on a Banana Pi R1 / Lamobo R1 Openvpn CVE fix in devuan chimaera Firefox unwilling to install extensions OpenVPN 2.5.1-3+devuan1 packaging vs best APT configuration directives info UEFI, software RAID1, LVM and encryption Question re: screen blanking and shutoff no mails from dng :-( [maybe OT] It is worth noting that mail from the devuan list currently seems to arrive via mail.dyne.org aka ns3218761.ip-162-19-139.eu [162.19.139.95] While technically not essential, it might be good to make sure there is a proper/matching reverse entry for 162.19.139.95, as a number of heuristics block or graylist senders who don't have that. I haven't checked if the archive at mailinglists.dyne.org is accessible, but it is up one can check there too to see if a list has been active. Actually: my rather ranty post on firefox extensions also didn't get any responses - I had concluded that nobody cares, but perhaps it got dropped/marked as spam by quite a number of MTAs. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Firefox unwilling to install extensions
Hello list I am running various versions of devuan (chimera, but also beowulf) in lxc containers, and the versions of firefox shipping with devuan refuse to install extensions on a permanent basis. I can go to "add-ons and themes->manage your extensions->cog->debug add-ons->load temporary add-on" and get things like noscript to run, but sadly that doesn't last. This is on firefox 91.11.0, and also some earlier versions. The other install methods prompt me for an accept/install, and then just do nothing... I am just holding it wrong and is there a magic setting which will let me install addons permanently ? I did go to about:config, and after several obnoxiously patronising warnings, set the "xpinstall.signatures.required" to "false". Alas, that did not seem to make a difference. I did disable all the telemetry (including the live blocklist downloads, etc)... Maybe the logic baked into firefox only lets one install extensions if one consents to regular body cavity searches ? Or maybe there is logic to detect containers so that the all seeing eye can require live humans with camera and microphone to present themselves to the browser ? I have "lxc.cap.drop = sys_module mknod net_raw" and an intermediate proxy set... Suggestions are appreciated - my "apt-cache search" did not show anything called iceweasel, nor palemoon, nor waterfox. Would it be possible to include these in the devuan repository, or perhaps (a thankless task, I believe) build a version of firefox with no user-hostile logic enabled. Though one imagines that would have the benefit of halving the executable size. I am not keen to install anything chrome related or derived - that hands google yet more initiative for the offensive addition of ever more web mis-features. I think this used be called the upgrade treadmill in the paid-for software era. Though admittedly I am also beginning to suspect that google only keeps mozilla around as pet, to trot out when the regulators stir in their slumber and mumble something about anti-trust or market distortion. Is that as dire as I think ? Should I start planning a full escape into the gemini universe ? Or is there still hope - is it still possible to assemble a browser+configuration which is featureful, ad-free and privacy respecting, to suit up in, to climb out the airlock and venture forth out into the corporate wasteland that is the modern web to scavenge a last few bits of useful information, underneath the heaps of used dopamine syringes, ad-excrement and other web-addict paraphernalia ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] mouse driver question
Hello > >gpm (and I suppose also consolation) is active only on the console, not in > >virtual terminals - so there's no conflict. > > > >Libre Gre, > >Florian > > > > I don't understand what you mean by virtual terminal. I don't use a DE, > just openbox. I may have two xterms open, nedit, tuxcmd plus some other > program. The mouse will work in any of these and its input would come from > one place, presumably the mouse driver. If I install gpm (or consolation) > what decides where the mouse input is coming from? It appears to me that > the default driver needs to be stopped but I don't know what it is called. Are you using gpm in repeater mode (-R with /dev/gpmdata) to somehow translate mouse buttons ? There are a number of programs to translate input devices (via /dev/uinput), including one written by yours truly... though given that gpm appears to be present in the upgraded distribution, just making sure that it runs with the correct options might be the easiest ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] [OT] files disappearing reproducibly
> Back to the keyboard, I just discovered, that every (GUI) program I > run, is spawned from PID 1. Honestly, I would have expected those to be > child processes of e.g. the display manager or the session manager... That isn't how it starts off, chances are that when you run a program it is spawned (well, forked, err, cloned) by a process that you own (so *not* pid 1). Important is to know that unix requires *almost every* process to have a parent process. You can get this information with getppid (man getppid), and ps will show it to you. One of the reasons for this is to report the exit code to somebody (man wait ; less /usr/include/sysexits.h) to somebody. A process which hasn't had its exit code collected will hang around in a zombie state (Z in the ps listing) - zombie because it is dead, but still occupies a process table entry, which is a finite resource. So: What happens if a parent process goes away ? Well, the kernel reparents the children so that they are now direct children of pid 1, aka init. And that is what thing that makes pid 1 special[1]. It can't crash/exit/hang because then you'd run out of process table entries which means the whole system hangs. Actually linux will move that forward, and have the kernel panic on init exiting - where would it's status code go, anyway ? So pid 1 - init's main job is to wait for all processes which have lost their parent. Init adopts orphan processes. And if you know that you are almost ready to write your own init. It also happens to be why this mailing list exists: init processes can't crash and so should be simple. regards marc [1] There is some fine print - modern linux allows you to delegate this function to other processes, but just because you can does not mean you should. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/17/21 14:29, Didier Kryn wrote: Le 17/12/2021 à 20:32, Marc Shapiro via Dng a écrit : On 12/16/21 04:44, Didier Kryn wrote: Le 16/12/2021 à 07:08, Marc Shapiro via Dng a écrit : I don't think I'm up for compiling firefox from source. And it would have to be recompiled every time mozilla releases a new version. Why do you need to track the very last version from Mozilla? The package provided in Devuan Chimaera just works with Alsa out of the box. Not here. I just uninstalled pulseaudio, again, and ran Firefox ESR (78.15.0esr 64-bit) and got complete silence. Xine, however, was working this time. Firefox isn't my daily browser but I have it installed. I'm running the same version of Firefox as you, on the same arch and the same distro and it plays sound without pulseaudio. There must be something wrong in your config. Certainly possible, but I don't know what. Have you Alsa installed? Yes And QuasMixer? No Is it the version of Firefox provided by the Devuan package or did you compile it yourself? from Devuan -- Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/16/21 09:59, Steve Litt wrote: Gregory Nowak via Dng said on Wed, 15 Dec 2021 19:32:11 -0700 On Wed, Dec 15, 2021 at 03:34:09PM -0800, Marc Shapiro via Dng wrote: You need to use /usr/bin/apulse as a wrapper around every application you want to use it. Something got clipped wrong. It was Gregory who said that, not me. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/16/21 04:44, Didier Kryn wrote: Le 16/12/2021 à 07:08, Marc Shapiro via Dng a écrit : I don't think I'm up for compiling firefox from source. And it would have to be recompiled every time mozilla releases a new version. Why do you need to track the very last version from Mozilla? The package provided in Devuan Chimaera just works with Alsa out of the box. Not here. I just uninstalled pulseaudio, again, and ran Firefox ESR (78.15.0esr 64-bit) and got complete silence. Xine, however, was working this time. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/15/21 16:58, aitor wrote: Hi Steve, On 16/12/21 1:09, Steve Litt wrote: I'm not so sure. We're hearing anecdotes of people running Firefox with only ALSA. Perhaps there's some secret magic incantation that we don't yet know about. FF needs to be compiled passing the flag: ac_add_options --enable-alsa I removed pulseaudio, apulse and libpulse0, and the sound is working for me. Cheers, Aitor. I don't think I'm up for compiling firefox from source. And it would have to be recompiled every time mozilla releases a new version. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/15/21 18:32, Gregory Nowak via Dng wrote: On Wed, Dec 15, 2021 at 03:34:09PM -0800, Marc Shapiro via Dng wrote: Installed apulse. Still no sound in firefox, or xine. Simply installing apulse doesn't mean applications will start using it. You need to use /usr/bin/apulse as a wrapper around every application you want to use it. Sounds tedious, but once you either write a shell script, or modify a desktop shortcut to call the application in question (I.E. /usr/bin/apulse your_application_binary), you can run the application as usual from then on. Greg I understand that. I started firefox with: apulse /path/to/firefox Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/14/21 17:00, Steve Litt wrote: Marc Shapiro via Dng said on Tue, 14 Dec 2021 14:09:31 -0800 On 12/14/21 06:00, Didier Kryn wrote: Le 14/12/2021 à 13:37, ael via Dng a écrit : Firefox works fine on my systems for playing audio without pulseaudio or apulse. So, I suggest verifying firefox works for you without apulse first. Interesting. I only use firefox occasionally, but some versions at least need apulse. On Chimaera: Mozilla Firefox 78.15.0esr - sound workswith Alsa only. I just purged ale pipewire configs and removed and purged pulseaudio. Firefox 95.0 (downloaded from Mozilla) is providing sound with no issues, so far). Have you power cycled yet? Thanks for reminding me! Powered down and rebooted. No sound in Firefox, or xine. Installed apulse. Still no sound in firefox, or xine. Re-installed pulseaudio. Sound is back. Uninstalled pulseaudio. Reinstalled pipewire. No sound. Uninstalled pipewire. Reinstalled pulseaudio. Sound is back. Looks like I'm stuck with pulsaudio. BTW: As expected, play and aplay work just fine with neither pulseaudio or pipewire installed. Marc SteveT Steve Litt Spring 2021 featured book: Troubleshooting Techniques of the Successful Technologisthttp://www.troubleshooters.com/techniques ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio: apulse & firefox
On 12/14/21 06:00, Didier Kryn wrote: Le 14/12/2021 à 13:37, ael via Dng a écrit : Firefox works fine on my systems for playing audio without pulseaudio or apulse. So, I suggest verifying firefox works for you without apulse first. Interesting. I only use firefox occasionally, but some versions at least need apulse. On Chimaera: Mozilla Firefox 78.15.0esr - sound workswith Alsa only. I just purged ale pipewire configs and removed and purged pulseaudio. Firefox 95.0 (downloaded from Mozilla) is providing sound with no issues, so far). ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio
On 12/13/21 12:24, ael via Dng wrote: On Mon, Dec 13, 2021 at 08:04:35AM -0800, Marc Shapiro via Dng wrote: On 12/13/21 01:05, Tomasz Torcz wrote: On Sun, Dec 12, 2021 at 09:40:20PM -0800, Marc Shapiro via Dng wrote: I am not at all sure that I want pipewire. It was brought in by zoom, and, at the time I had no idea what it was. I am cutious, now, as to how both pipewire and pulsaudio are installed and not clobbering each other. If it Just for information, zoom works fine with just plain alsa here on a debian testing system. I normally use Palemoon which also is fine with plain alsa. I know that some people worry about Palemoon... I occasionally use firefox, and then I need apulse - which works. Thanks for the info. I looked, again, into why pipewire was brought in and this is what I got: $ aptitude why pipewire i zoom Depends ibus i A ibus Recommends im-config i A im-config Recommends zenity | kdialog | kde-baseapps-bin (< 4:16.08.3-2~) | whiptail i A zenity Depends libwebkit2gtk-4.0-37 (>= 2.15.1) i A libwebkit2gtk-4.0-37 Recommends xdg-desktop-portal-gtk i A xdg-desktop-portal-gtk Depends xdg-desktop-portal (>= 1.7.1) i A xdg-desktop-portal Depends libpipewire-0.3-0 (>= 0.3.10) i A libpipewire-0.3-0 Recommends pipewire (= 0.3.19-4)libpipewire-0.3-0 Since I don't use flatpack I decideded that I don't need xdg-desktop-portal. So I took out xdg-desktop-portal, xdg-desktop-portal-gtk, libpipewire-0.3-0 and pipewire. No more potential conflicts. Next, I may take out pulseaudio and verify that firefox works on my system with apulse. Then I can be rid of both of them. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio
On 12/13/21 00:30, Didier Kryn wrote: Le 13/12/2021 à 06:40, Marc Shapiro via Dng a écrit : I was scrolling though my e-mail from the debian user group and I saw mention of pipewire, as a replacement for pulseaudio. It seemed to suggest that it was in Testing, so would not be available on my Devuan Stable (chimaera) system, but I took a look, anyway. It seems to be available, and, in fact, installed on my system. It seems to have been brought in by zoom. So my question are: I have pipewire installed AND pulseaudio is still installed, as well. Don't they do the same thing? Shouldn't they be conflicting with each other? My sound seems to be working fine. Is is using pulseaudio? Or is it using pipewire? Is zoom using pipewire and everything else is using pulseaudio? If pipewire is meant as a replacement for pulseaudio, can I delete pulseaudio. Will my sound, including upstream firefox, continue to work? On Chimaera, I have neither pipewire nor pulseaudio (nor zoom) and sound is working fine. If zoom requires the pulseaudio API, you might well use apulse instead. -- Didier Do you have firefox running? I was under the impression that it requires pulseaudio. At least it did at one time. That is why I installed pulseaudio in the first place. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Pipewire and PulseAudio
On 12/13/21 01:05, Tomasz Torcz wrote: On Sun, Dec 12, 2021 at 09:40:20PM -0800, Marc Shapiro via Dng wrote: I was scrolling though my e-mail from the debian user group and I saw mention of pipewire, as a replacement for pulseaudio. It seemed to suggest that it was in Testing, so would not be available on my Devuan Stable (chimaera) system, but I took a look, anyway. It seems to be available, and, in fact, installed on my system. It seems to have been brought in by zoom. Are you sure you want pipewire? Looking at the code: https://gitlab.freedesktop.org/pipewire/pipewire/-/commits/master Main contributor is from certain company associated with color red and a headgear. Given the sentiment on this list, you may want to think twice. I am not at all sure that I want pipewire. It was brought in by zoom, and, at the time I had no idea what it was. I am cutious, now, as to how both pipewire and pulsaudio are installed and not clobbering each other. If it is possible to have audio working (including firefox) without either of them then that night be the best answer. fewer layers doing the same job sounds good to me. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Pipewire and PulseAudio
I was scrolling though my e-mail from the debian user group and I saw mention of pipewire, as a replacement for pulseaudio. It seemed to suggest that it was in Testing, so would not be available on my Devuan Stable (chimaera) system, but I took a look, anyway. It seems to be available, and, in fact, installed on my system. It seems to have been brought in by zoom. So my question are: I have pipewire installed AND pulseaudio is still installed, as well. Don't they do the same thing? Shouldn't they be conflicting with each other? My sound seems to be working fine. Is is using pulseaudio? Or is it using pipewire? Is zoom using pipewire and everything else is using pulseaudio? If pipewire is meant as a replacement for pulseaudio, can I delete pulseaudio. Will my sound, including upstream firefox, continue to work? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] (SOLVED. Definately) Re: exim paniclog /var/log/exim4/paniclog has non-zero size
On 12/2/21 01:19, Marc Shapiro wrote: I THINK it's working now. I found the line in /etc/exim4/exim4.conf.template 'file = /var/mail/$local_part' that needs to be changed to 'file = /var/mail/$local_part_+data'. (The line is 72% of the way through a 79K file.) Then I needed to run 'update-exim4.conf -v|. | After that, it looks like all of my undelivered files have been delivered and the paniclog has not returned. Definitely working now. The backup cron job ran this morning and sent its e-mail confirmation which exim delivered with no compaints. Thanks to all who helped on this. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] (SOLVED. I Think) Re: exim paniclog /var/log/exim4/paniclog has non-zero size
On 12/2/21 00:38, Pontus Goffe via Dng wrote:
Den 2021-12-02 kl. 09:16, skrev Marc Shapiro via Dng:
No luck. I rebooted and got the paniclog error during the boot.
After booting, I stopped exim4, deleted the paniclog, and restarted
exim4. It created a paniclog containing the following:
Had you also executed
exim4 -qff -v
I think you would immediately had your paniclog back, you have
undelivered messages that fails when exim tries to deliver.
2021-12-02 00:06:49 1momA3-00054k-DE == m...@quixote.home
R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file
or directory name for mail_spool transport) not permitted
How do I convince exim4 that /var/spool/marc is an acceptable file
name for mail_spool transport?
Exim no longer allows a sender to decide a name of a path component,
in this case 'marc'. Your config needs to agree on 'marc' being
allowed. This is done using a lookup locally.
From what I understand there was / is a discussion about a setting to
just warn about this tainted data but allow it, but I could not make
it work.
I think you already have a lookup in the default config that checks
/etc/aliases which would allow 'marc' in your path if you just add a line
marc: marc
to it, I cant promise because I also use another lookup to be able to
send mail.
Anyhow, after a successful lookup, the config variable ${local_part}
can be replaced by the new variable ${local_part_data} which will
recieve its value in the lookup you need to have.
Your config files under /etc/exim4/conf.d must not contain
${local_part} anymore.
I have no idea what will happen if you try to reinstall exim to get a
new default config.
//PG
I THINK it's working now.
I found the line in /etc/exim4/exim4.conf.template 'file =
/var/mail/$local_part' that needs to be changed to 'file =
/var/mail/$local_part_+data'. (The line is 72% of the way through a 79K
file.) Then I needed to run 'update-exim4.conf -v|.
|
After that, it looks like all of my undelivered files have been
delivered and the paniclog has not returned.
||
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
On 12/1/21 23:56, Marc Shapiro wrote: On 12/1/21 10:10, Ludovic Bellière via Dng wrote: If you do not need your mail system to talk to the world, then you should replace exim with something that is a lot simpler to use and configure. I would suggest msmtp (https://marlam.de/msmtp/) as its configuration is a lot more simpler to the neophyte. If you want to keep exim4, I would then suggest to nuke the existing configuration and start from scratch with `dpkg-reconfigure exim4-config'. Extended information should be available at https://wiki.debian.org/Exim Exim4 being a software designed to handle large amount of emails, it may be out of scope for your personal usage. While, as I said, msmtp is a lot more accessible through its minimalist approach: you only need a file with a dozen of lines for it to function properly. While I do use it, I wouldn't be able to help you with exim4, the software is way too large and complex for my own understanding. I mainly rely on dpkg-reconfigure and hope nothing breaks. And while msmtp is easier to understand, changing software can itself be a source of immeasurable pain. So, if in doubt, you should probably rely on dpkg-reconfigure. Cheers, Ludovic On Wed, 01 Dec 2021, Marc Shapiro via Dng wrote: This is very likely the problem, as I now have version 4.94.2-7 installed. I know virtually nothing, however, about how MTAs do their work. Where and how do I make these config changes. I use Thunderbird for mail coming from outside the local network. Exim is only used for local transport (such as e-mail from cron jobs). Marc I looked into some of the other options and I do not recall why I decided against them. It may have been when I thought that I was going to use the MTA for more than just local mail. In any case, I have run `dpkg-reconfigure exim4-config' using the defaults from when I set it up originally. I am hoping that doing so with the new exim4 installed will correct the configuration issues. When I ran `dpkg-reconfigure exim4-config' I got the error about the paniclog being non-zero size, but I expected that. I truncated the paniclog and ran `dpkg-reconfigure exim4-config' again, this time with no errors. I have sent myself an e-mail from 'root' but have not received it. I will probably try shutting down the system and rebooting, to see if that gets things back in order after the reconfig. No luck. I rebooted and got the paniclog error during the boot. After booting, I stopped exim4, deleted the paniclog, and restarted exim4. It created a paniclog containing the following: 2021-12-02 00:06:48 1mmEkA-9l-Jr == m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-12-02 00:06:48 1msgsb-0002NH-Cv == m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-12-02 00:06:49 1mrJnB-00026m-53 == m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-12-02 00:06:49 1msCJK-0007YK-Pi == m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-12-02 00:06:49 1momA3-00054k-DE == m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted How do I convince exim4 that /var/spool/marc is an acceptable file name for mail_spool transport? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
On 12/1/21 10:10, Ludovic Bellière via Dng wrote: If you do not need your mail system to talk to the world, then you should replace exim with something that is a lot simpler to use and configure. I would suggest msmtp (https://marlam.de/msmtp/) as its configuration is a lot more simpler to the neophyte. If you want to keep exim4, I would then suggest to nuke the existing configuration and start from scratch with `dpkg-reconfigure exim4-config'. Extended information should be available at https://wiki.debian.org/Exim Exim4 being a software designed to handle large amount of emails, it may be out of scope for your personal usage. While, as I said, msmtp is a lot more accessible through its minimalist approach: you only need a file with a dozen of lines for it to function properly. While I do use it, I wouldn't be able to help you with exim4, the software is way too large and complex for my own understanding. I mainly rely on dpkg-reconfigure and hope nothing breaks. And while msmtp is easier to understand, changing software can itself be a source of immeasurable pain. So, if in doubt, you should probably rely on dpkg-reconfigure. Cheers, Ludovic On Wed, 01 Dec 2021, Marc Shapiro via Dng wrote: This is very likely the problem, as I now have version 4.94.2-7 installed. I know virtually nothing, however, about how MTAs do their work. Where and how do I make these config changes. I use Thunderbird for mail coming from outside the local network. Exim is only used for local transport (such as e-mail from cron jobs). Marc I looked into some of the other options and I do not recall why I decided against them. It may have been when I thought that I was going to use the MTA for more than just local mail. In any case, I have run `dpkg-reconfigure exim4-config' using the defaults from when I set it up originally. I am hoping that doing so with the new exim4 installed will correct the configuration issues. When I ran `dpkg-reconfigure exim4-config' I got the error about the paniclog being non-zero size, but I expected that. I truncated the paniclog and ran `dpkg-reconfigure exim4-config' again, this time with no errors. I have sent myself an e-mail from 'root' but have not received it. I will probably try shutting down the system and rebooting, to see if that gets things back in order after the reconfig. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
This is very likely the problem, as I now have version 4.94.2-7 installed. I know virtually nothing, however, about how MTAs do their work. Where and how do I make these config changes. I use Thunderbird for mail coming from outside the local network. Exim is only used for local transport (such as e-mail from cron jobs). Marc On 11/30/21 18:56, Ludovic Bellière via Dng wrote: On Tue, 30 Nov 2021, Marc Shapiro via Dng wrote: I am getting e-mails like the one below all the time, now. I had this problem once before and I think that all I had to do was clear the paniclog with '> paniclog', but that does not seem to be working, now. I cleared it this morning, and when I just checked it was filling up again. It looks like I get three lines every half hour. This is preventing me from receiving e-mails sent by a cron job that runs a backup script. Any ideas on how to get rid of this and not have it come back would be greatly appreciated. Marc Make sure your exim configuration matches with the version of exim you have installed. Make sure there is no .dpkg-new laying around in /etc/exim4. Check /usr/share/doc/exim4-base/changelog.gz. Notably, in /usr/share/doc/exim4-base/README.UPDATING.gz: # Exim version 4.94 # - # # Some Transports now refuse to use tainted data in constructing their delivery # location; this WILL BREAK configurations which are not updated accordingly. # In particular: any Transport use of $local_part which has been relying upon # check_local_user far away in the Router to make it safe, should be updated to # replace $local_part with $local_part_data. Cheers, Ludovic ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
This is what is in /var/log/exim4. As you can see, thae paniclog still has the same ownership and rights as everything else in the directory. Marc root@quixote:/var/log/exim4# ls total 88 -rw-r- 1 Debian-exim adm 10728 Nov 30 15:13 mainlog -rw-r- 1 Debian-exim adm 31961 Nov 30 07:53 mainlog.1 -rw-r- 1 Debian-exim adm 1036 Nov 21 08:02 mainlog.10.gz -rw-r- 1 Debian-exim adm 1426 Nov 29 07:45 mainlog.2.gz -rw-r- 1 Debian-exim adm 1241 Nov 28 07:41 mainlog.3.gz -rw-r- 1 Debian-exim adm 1170 Nov 27 07:52 mainlog.4.gz -rw-r- 1 Debian-exim adm 1172 Nov 26 07:55 mainlog.5.gz -rw-r- 1 Debian-exim adm 1160 Nov 25 07:42 mainlog.6.gz -rw-r- 1 Debian-exim adm 1167 Nov 24 07:36 mainlog.7.gz -rw-r- 1 Debian-exim adm 1168 Nov 23 07:56 mainlog.8.gz -rw-r- 1 Debian-exim adm 1148 Nov 22 07:54 mainlog.9.gz -rw-r- 1 Debian-exim adm 740 Nov 30 15:13 paniclog -rw-r- 1 Debian-exim adm 0 Nov 9 23:14 rejectlog - On 11/30/21 15:07, d...@d404.nl wrote: On 01-12-2021 00:00, Marc Shapiro via Dng wrote: I am getting e-mails like the one below all the time, now. I had this problem once before and I think that all I had to do was clear the paniclog with '> paniclog', but that does not seem to be working, now. I cleared it this morning, and when I just checked it was filling up again. It looks like I get three lines every half hour. This is preventing me from receiving e-mails sent by a cron job that runs a backup script. Any ideas on how to get rid of this and not have it come back would be greatly appreciated. Marc e-mail showing paniclog: exim paniclog /var/log/exim4/paniclog on quixote.home has non-zero size, mail system might be broken. Up to 10 lines are quoted below. 2021-11-30 06:00:19 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:20 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:20 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:20 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:20 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng You probably used a UID/GID to clear paniclog which exim cannot write to because different group or no group or other rights. Grtz Nick ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
root@quixote:/usr/local/bin# ls -al /var/mail/ total 396 drwxrwsr-x 2 root mail 4096 Nov 30 07:59 . drwxr-xr-x 13 root root 4096 Dec 3 2020 .. -rw-rw 1 marc mail 136846 Nov 30 07:53 marc -rw-r--r-- 1 marc mail 9864 Nov 30 15:15 marc.msf -rw-r--r-- 1 marc mail 25 Nov 25 23:36 msgFilterRules.dat -rw--- 1 root mail 0 Nov 14 2020 root -rw-r--r-- 1 marc mail 1622 Nov 25 23:36 root.msf -rw--- 1 marc mail 196494 Nov 30 08:05 Trash -rw-r--r-- 1 marc mail 26198 Nov 30 14:51 Trash.msf -rw--- 1 marc mail 0 Nov 25 23:35 Unsent Messages -rw-r--r-- 1 marc mail 1757 Nov 30 15:14 Unsent Messages.msf On 11/30/21 15:06, Antony Stone wrote: ls -al/var/mail/ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] exim paniclog /var/log/exim4/paniclog has non-zero size
I am getting e-mails like the one below all the time, now. I had this problem once before and I think that all I had to do was clear the paniclog with '> paniclog', but that does not seem to be working, now. I cleared it this morning, and when I just checked it was filling up again. It looks like I get three lines every half hour. This is preventing me from receiving e-mails sent by a cron job that runs a backup script. Any ideas on how to get rid of this and not have it come back would be greatly appreciated. Marc e-mail showing paniclog: exim paniclog /var/log/exim4/paniclog on quixote.home has non-zero size, mail system might be broken. Up to 10 lines are quoted below. 2021-11-30 06:00:19 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:20 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 06:30:20 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:00:19 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:19 1mrJnB-00026m-53 ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:20 1mmEkA-9l-Jr ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted 2021-11-30 07:30:20 1momA3-00054k-DE ==m...@quixote.home R=local_user T=mail_spool defer (-1): Tainted '/var/mail/marc' (file or directory name for mail_spool transport) not permitted ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Wanting to set up an email system
> Greetings > > Started way back when when I got to the web full-time using webmail. > Haven't ever setup an email system and AIUI it is a system - - - there are > a lot of parts that have to work together to have everything working well. > > A mentor, now deceased, recommended using Claws but even that's not all > that's needed for an email system. So - - - I'm looking for recommendations > on what and how to setup an email system. The why you're using what you are > is vitally important for me (as are my security and privacy). Hi I am assuming you are asking how to set up your own complete mail infrastructure. If so: Congratulations - I think you are doing the *right* thing. Not only for yourself, but for the internet as a whole. The concentration of email servers under the control of a few big corporations is a singularly bad thing. The core of internet email is the SMTP server or MTA. There are a number of implementations including postfix, sendmail, exim and qmail - amongst others. I think the most important step in hosting your own email infrastructure is to start understanding one of them - installing one of them on a spare computer (or container, or hosted system) would be a good start. If you don't know which MTA to pick, I'd say try postfix or exim (whatever your distribution defaults to). And if you want to get going quickly, enable local delivery with a mail client you can run via ssh such as alpine, mutt or one of several emacs extensions (the latter only if you use emacs). There are other parts to hosting your own email (DNS, spam mitigation, getting mail to your remote email client, dealing with difficult remote servers). Each of these is its own topic. These topics can be large, but they can be understood - do not believe the naysayers who claim it is all too complex. They might value convenience over liberty, but not everybody has to be that shortsighted. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Viewing file content (was Re: system administration of non-systemd distros and releases)
> > What could possibly be easier than vim /var/log/messages, or
> > vi /var/log/messages, or emacs /var/log/messages, or
> > nano /var/log/messages? And notice with the old way, you have a choice,
> > rather than having to look at log output with the vendor's proprietary
> > tool.
>
> Maybe I'm peculiar but I always find it absolutely, totally jaw-dropping
> when people use text *editors* to *look* at file content. Makes my toes
> curl up and blood curdle.
>
> Why on earth would you want to edit your system logs anyway?
>
> On De{bi,vu}an derivatives, I'd use `pager`. On any other Unix-based
> OS, I'd use `more` or `less`, preferably.
I concur - the model ought to be that log files aren't writeable
in the conventional sense, but append only. For installations where
one worries about security this might even be enforced with chattr
at the filesystem level (ie not just convention).
Using a pager is also more efficient - pagers are simpler, faster and
don't risk accidentally modifying the file. Depending on
editor a harmless update can involve a rename() aka mv, in which case
subsequent log entries might be lost.
If (any of) you still prefer to use an editor, consider invoking it in
read-only mode. Eg "vim" can also be invoked as "view"
regards
marc
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] [OT] historical note
On 6/17/21 4:59 PM, Patrick Bartek via Dng wrote: On Wed, 16 Jun 2021 20:02:35 -0400 Hendrik Boom wrote: On Wed, Jun 16, 2021 at 01:29:12PM -0700, Patrick Bartek via Dng wrote: ... ... Jessie was the first Debian version to use systemd by default as the init. Perhaps, something was installed as a systemd dependency that wouldn't have been installed with the new Beowulf computer under sysvinit that carried forward with a dist-upgrade of Jessie to Beowulf. Or you installed something on the old system that wasn't installed on the new one, and that is doing the automounting. Historical note. And the first Devuan release was called Jessie because it was almost identical to the Debian release with the same name -- it differed primarily in that it did not use systemd as an init. This was the last Debian relese that had no problems running without systemd. I run Debian Stretch with sysvinit without problems even though some systemd libraries and udev-systemd remained after converting to sysvinit. Even updates-upgrades don't result in systemd-init being reinstalled like with Buster. B I ran Debian from Bo through Stretch. I had no real problems upgrading through the releases until I got to Buster. Then I hit a wall. It MAY be possible to run a very minimal system (with no chance of running X) and still avoid systemd. While I have been told that this is the case, I have no personal evidence of this. That is what caused me to switch to Devuan. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog
On 5/31/21 1:10 PM, g4sra via Dng wrote: No, don't delete it, empty it, this should be the standard practice when manually manipulating daemon log files. I have emptied the paniclog, per you prior directions. Thanks. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] exim paniclog
On 5/31/21 12:36 PM, Antony Stone wrote: On Monday 31 May 2021 at 21:25:18, Marc Shapiro via Dng wrote: I couldn't even switch to a terminal where I could kill Firefox. I finally had to simply power down the system. (How I hate doing that!) Hint for the future - if you have sshd running on this machine, you may well find you can log in to it from elsewhere and tell it to "reboot". That will at least shut processes down cleanly (migth take a while) and unmount your file systems cleanly. Thanks for the tip. I have used sftp from my Android phone for transferring files to and from the phone, but had not tried ssh directly. I have installed an ssh app and it seems to work nicely. I hope I will not actually need to use it. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] exim paniclog
I received this e-mail yesterday, and again today: - exim paniclog /var/log/exim4/paniclog on quixote.home has non-zero size, mail system might be broken. The last 10 lines are quoted below. 2021-05-29 19:35:47 daemon: fork of queue-runner process failed: Cannot allocate memory - I use Thunderbird for all non-local mail. I am only using exim for local mail. The only mail that I receive locally is a weekly e-mail from a cron job that I have set up to do backups, and I did receive that e-mail yesterday, along with the above e-mail. I'm not familiar with the workings of exim, or any MTA, so I don't really know what the error message means, other than that there was some memory issue. The one clue that I have is that something (I am fairly sure that it was a Firefox tab) completely locked my system on Saturday night. Everything started slowing down. Mousing became erratic. Then everything completely stopped. I couldn't even switch to a terminal where I could kill Firefox. I finally had to simply power down the system. (How I hate doing that!) Then I rebooted, did a controlled shutdown and rebooted, again. After that, everything seems to be running just fine. Is that likely the cause of the above message? If so, is deleting the paniclog the proper way to stop receiving these e-mails? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
one who (somehow) > remotely compromises an ssh client and thereby gains user-level shell > access can immediately run an sshd bound to a high-numbered port (but > IMO that would be silly, as the intruder could do easier and more useful > things to create harm). Either way, there's no impediment to 'hopping > along from one compromised system to another'. My turn to apologise - I didn't mean it like that. Bad guys inevitably install their own covert remote control protocol, usually independent of ssh/sshd. > Calling either of those pieces of software a security risk in itself, > whether present singly or together, strikes me as a failure of > perspective, but that would be a much longer discussion than I wish to > have here. The argument is simple: By partitioning the set of machines into two (ssh vs sshd), the chain that a bad guy can compromise in the network (using ssh weaknesses only) is only one hop long, rather than arbitrarily long... graph theory for the win. > If you were to speculate that my employer was VA Linux Systems and that > the embarassing theft of a token happened when a VA sysadmin ssh'd out > to shells.sourceforge.net (a shared public host that he didn't know > someone had rooted), and then ssh'd or scp'd back into the sensitive > corporate network, I would say "Hmm, no comment.' There you go :) regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
> > > >> https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/ > >> > > ..how it works: > > https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/ > > > This backdoor is targetting systemd and gvfs. So the below words aren't directed at anybody in particular: It is easy to gloat And it is true that this particular bit of malware tries to blend in amongst the many cryptic helper processes that both systemd-based distributions and gnome desktops launch. A simpler system, where there are fewer processes provides fewer hiding places. So simple is good, and it is even better to know what each user process in "ps ax" does, and investigate if the listing looks different... However, it also needs to be said that there are rootkits which patch ps and ls to hide their executables. Even scarier ones patch the kernel or even hard disk controller firmware... And as has been pointed out: We don't know how this malware gets installed in the first place. Something which has gotten fashionable very recently is the "supply-chain attack", where the bad guys don't break into your system directly, but into the systems which build the software you run... ... and in the case of devuan the attack risk is a bit larger than for some other distributions, in that it is effectively two distributions - debian plus the local changes. In a way this doubles the risk... so it seems best to stay humble and careful. Put simply if you build packages for a distribution, you are likely to be a more attractive target than a normal user. There are many guides and documents on how to improve security - not all particularly good. My 2c: I believe running a modern javascript enabled browser presents by far the biggest security risk to the average user, so would encourage splitting browsing and code development/compilation into either different user accounts, containers, VMs or even real devices. And then the other heuristic: I think it is best to either run sshd or ssh on particular machine, not both. Maybe even make the install an XOR. Having both ssh client and server available makes it a lot easier for a bad guy to hop along from one compromised system to another. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space (SOLVED)
On 3/19/21 8:31 PM, tempforever via Dng wrote: To find files last modified in January: (adjust the dates as needed; on Mar. 19 this should locate files dated Jan 1 - 31 but it could be off a day or so) cd /media/archives find -type f -mtime -78 -mtime +46 -ls Thank you! That found the files. They were in a hidden directory '/media/archives/.Trash-0'. I had seen this before and I really thought that I had checked this directory. Possibly, I checked it as myself and not as root. That would have given me a 'permissions denied' error. Although I would normally try again as root, perhaps I missed that step. I have seen posts that suggest this directory is created when deleting files with a file manager, not from the command line. Even so, despite the fact that I usually do my file management from the command line that is not always the case, it seems odd that this is the ONLY such directory that I can find anywhere in my directory tree. If I look at 'Trash' in my file manager (caja) it shows some other files, but not the ones in question. In any case, deleting the files under '/media/archive/.Trash-0/files' and '/media/archive/.Trash-0/info' freed up about 618 GB of space (some files when back to October). Now, '/media/archives' is about 46% used, instead of 84%, and I am much happier. Thank you to all who have responded to my request for help. We can now put this issue to rest. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/16/21 2:06 PM, Ralph Ronnquist via Dng wrote: On Tue, 16 Mar 2021 07:41:42 -0700 Marc Shapiro via Dng wrote: ... tmpfs 2466616 24 2466592 1% /run/user/1001 tmpfs 2466616 24 2466592 1% /run/user/1002 tmpfs 2466616 32 2466584 1% /run/user/1000 Is it possible that one of the users runs some program that holds on to cached directory entries for the file(s) if not the files themselves? I believe there's currently significant effort going into trying to isolate users, including root, from each other so that even sharing of common resources is "hidden" (with virtual file systems and various forms of "unsharing" and whatnot). Ralph. These are backup archives. No one is using them after they are created (unless I screw up and accidentally wipe out an entire partition, again). Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/16/21 11:17 AM, g4sra via Dng wrote: ‐‐‐ Original Message ‐‐‐ On Tuesday, March 16, 2021 2:32 PM, Marc Shapiro via Dng wrote: On 3/16/21 2:32 AM, g4sra via Dng wrote: --snip-- With your removable drive attached and mounted... Paste the outputs of 'mount' and 'df' when run as root. The drive in question is /dev/sdb1. root:/home/marc# mount /dev/sdb1 on /media/archives type ext4 (rw,nosuid,nodev,noexec,relatime,user) root:/home/marc# df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sdb1 1663749752 1267718540 311447996 81% /media/archives Good, that answered some of my queries. Now as root again, paste the output of a comparative usage of the directory structure immediately above where the files were that you deleted. For example if you have /media/archives/2021/march/january /media/archives/2021/march/february then execute du -s /media/archives/2021/march/* /media/archives/january /media/archives/february then execute du -s /media/archives/* expect an output that ends with a 'january' root:/home/marc# du -s /media/archives/* 9913216 /media/archives/january 43905428 /media/archives/february 219244/media/archives/march I cannot make the following judgement, hopefully you can. Compare the directories usage, as you know their expected contents determine if it makes sense. An extra 200GB somewhere should stick out like a sore thumb. Once you are certain where the extra usage is, you can work on that directory alone. My very first check would be sorting by size including .dotfiles ls -alrS /media/archives/january The difference in space used as shown by 'ls' and by 'du -s' is very minimal and can be explained by the fact that 'ls' does not take allocation block size into account, but 'du -s' does. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/16/21 4:45 AM, Florian Zieboll via Dng wrote: Just to doube check for "human error": Does the output of 'df' match with the output of 'du -sc /path/to/mountpoint/'? The drive in question is /dev/sdb1/ mounteded on /dev/media/. Not an exact match, but not off by 200GB, either. root:/home/marc# df Filesystem 1K-blocks Used Available Use% Mounted on udev 12281428 0 12281428 0% /dev tmpfs 2466620 1116 2465504 1% /run /dev/mapper/vg1-root--devuan 3030800 2089220 767912 74% / /dev/mapper/vg1-usr--ascii 51343840 5063608 43642408 11% /usr tmpfs 5120 4 5116 1% /run/lock tmpfs 4933220 1008 4932212 1% /dev/shm /dev/mapper/vg1-tmp--ascii 5095040 22360 4794152 1% /tmp /dev/mapper/vg1-usrlocal 25671996 17704060 6813536 73% /usr/local /dev/mapper/vg1-photos 10255992 2626160 7174264 27% /usr/local/photos /dev/mapper/vg1-var--ascii 10255636 2180880 7534084 23% /var /dev/mapper/vg1-home 256981444 53203092 190654768 22% /home tmpfs 12333080 0 12333080 0% /sys/fs/cgroup tmpfs 2466616 24 2466592 1% /run/user/1001 tmpfs 2466616 24 2466592 1% /run/user/1002 /dev/mapper/vg1-vdisks 154687468 85293144 61530004 59% /usr/local/vdisks tmpfs 2466616 32 2466584 1% /run/user/1000 /dev/sdb1 1663749752 1267718540 311447996 81% /media/archives root@quixote:/home/marc# root@quixote:/home/marc# du -sc /path/to/mountpoint/ du: cannot access '/path/to/mountpoint/': No such file or directory 0 total root:/home/marc# du -sc /media/archives 1267648384 /media/archives 1267648384 total ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/16/21 2:32 AM, g4sra via Dng wrote: <--snip--> With your removable drive attached and mounted... Paste the outputs of 'mount' and 'df' when run as root. The drive in question is /dev/sdb1. root:/home/marc# mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,nosuid,relatime,size=12281428k,nr_inodes=3070357,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=2466620k,mode=755) /dev/mapper/vg1-root--devuan on / type ext4 (rw,relatime,errors=remount-ro) /dev/mapper/vg1-usr--ascii on /usr type ext4 (rw,relatime) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) pstore on /sys/fs/pstore type pstore (rw,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=4933220k) /dev/mapper/vg1-tmp--ascii on /tmp type ext4 (rw,relatime) /dev/mapper/vg1-usrlocal on /usr/local type ext3 (rw,relatime) /dev/mapper/vg1-photos on /usr/local/photos type ext3 (rw,relatime) /dev/mapper/vg1-var--ascii on /var type ext4 (rw,relatime) /dev/mapper/vg1-home on /home type ext4 (rw,relatime) securityfs on /sys/kernel/security type securityfs (rw,relatime) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime) tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/elogind type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/elogind/elogind-cgroups-agent,name=elogind) tmpfs on /run/user/1001 type tmpfs (rw,nosuid,nodev,relatime,size=2466616k,mode=700,uid=1001,gid=1001) tmpfs on /run/user/1002 type tmpfs (rw,nosuid,nodev,relatime,size=2466616k,mode=700,uid=1002,gid=1002) /dev/mapper/vg1-vdisks on /usr/local/vdisks type ext3 (rw,relatime) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=2466616k,mode=700,uid=1000,gid=1000) /dev/sdb1 on /media/archives type ext4 (rw,nosuid,nodev,noexec,relatime,user) root:/home/marc# df Filesystem 1K-blocks Used Available Use% Mounted on udev 12281428 0 12281428 0% /dev tmpfs 2466620 1116 2465504 1% /run /dev/mapper/vg1-root--devuan 3030800 2089220 767912 74% / /dev/mapper/vg1-usr--ascii 51343840 5063608 43642408 11% /usr tmpfs 5120 4 5116 1% /run/lock tmpfs 4933220 1008 4932212 1% /dev/shm /dev/mapper/vg1-tmp--ascii 5095040 22360 4794152 1% /tmp /dev/mapper/vg1-usrlocal 25671996 17704060 6813536 73% /usr/local /dev/mapper/vg1-photos 10255992 2626160 7174264 27% /usr/local/photos /dev/mapper/vg1-var--ascii 10255636 2180880 7534084 23% /var /dev/mapper/vg1-home 256981444 53203092 190654768 22% /home tmpfs 12333080 0 12333080 0% /sys/fs/cgroup tmpfs 2466616 24 2466592 1% /run/user/1001 tmpfs 2466616 24 2466592 1% /run/user/1002 /dev/mapper/vg1-vdisks 154687468 85293144 61530004 59% /usr/local/vdisks tmpfs 2466616 32 2466584 1% /run/user/1000 /dev/sdb1 1663749752 1267718540 311447996 81% /media/archives ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/15/21 2:48 AM, Bernard Rosset via Dng wrote: You are correct. I used '+L' NOT '-L'. I would add -nP -> "lsof -nP +L1" If negative, I would go for the ugly path, grep'ing lsof's output on "deleted" or "(deleted)". Past this point, if space of alleged deleted files is not cleared... I wonder. Even ext2 should do the trick. If not ext4, I would upgrade to it by changing the flags with the help of tune2fs. I am especially surprises by the fact that you stated you could unmount the volume and remount it, still without seeing free space improvement... Are you positive you deleted the real files, and not mere links to them? I would make sure by using du to seek for actual disk usage location. In a last, desperate resort, I would try to force allocation/release of free space through sfill I'm not familiar with sfill. What does it do and what package is it in. It is not currently installed here. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/15/21 8:23 PM, Arnt Karlsen wrote: On Mon, 15 Mar 2021 19:54:20 -0700, Marc wrote in message <74553f6b-2616-70e1-e742-1ce9275b3...@gmail.com>: On 3/15/21 6:31 AM, Hendrik Boom wrote: On Sun, Mar 14, 2021 at 10:28:32PM -0700, Marc Shapiro via Dng wrote: On 3/14/21 10:09 PM, Ludovic Bellière wrote: I assume you read the man page of fsck, as it's return code is what you want to pay attention to. As for lsof, the correct parameters would be `lsof +aL1 /dev/sdx. It should have thrown an error were you to use `lsof -L1`. If lsof returns nothing, your drive is most likely corrupted. You are correct. I used '+L' NOT '-L'. It may also be possible that the files you removed have other references on your file system, aka. hard links. To find them, you would need to know the inode number, either by using `stat` or `ls -i`. You can then find them using `find -inum`. Since you already removed the files, you most likely can't know the inode number. However you could throw a `find $path -size n[cwbkMG]` to list the files with the matching size. I'm not following you on this. What is this going to do for me? 'find' is only going to show undeleted files. How does this help? It is possible for a single file to be hard-linked in several places in the file system. If so, removing it in one place will still leave it accessible from another, and therefore not deleted. Files have reference counts to keep track of this. These files should not have any links, hard or soft. None of the other files in that directory show a reference count above 1. They are backup files created by fsarchiver. I'm just trying to free up space by deleting files from January. ..any chance they have white-space-character-only names? E.g. " ", " ", " " etc, or Norwegian æ, ø, å, or some invisible non-Latin alphabet soup not supported by your fonts nor locales? You should still be able to cut-n-paste those and have them show up as high-lighted boxes. No. These are file that had names when I deleted them. I wrote/modified the scripts that generated the filenames, so all of the characters came from my keyboard. I hate names with spaces in them, so there weren't any spaces or hidden characters in them. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/15/21 6:31 AM, Hendrik Boom wrote: On Sun, Mar 14, 2021 at 10:28:32PM -0700, Marc Shapiro via Dng wrote: On 3/14/21 10:09 PM, Ludovic Bellière wrote: I assume you read the man page of fsck, as it's return code is what you want to pay attention to. As for lsof, the correct parameters would be `lsof +aL1 /dev/sdx. It should have thrown an error were you to use `lsof -L1`. If lsof returns nothing, your drive is most likely corrupted. You are correct. I used '+L' NOT '-L'. It may also be possible that the files you removed have other references on your file system, aka. hard links. To find them, you would need to know the inode number, either by using `stat` or `ls -i`. You can then find them using `find -inum`. Since you already removed the files, you most likely can't know the inode number. However you could throw a `find $path -size n[cwbkMG]` to list the files with the matching size. I'm not following you on this. What is this going to do for me? 'find' is only going to show undeleted files. How does this help? It is possible for a single file to be hard-linked in several places in the file system. If so, removing it in one place will still leave it accessible from another, and therefore not deleted. Files have reference counts to keep track of this. These files should not have any links, hard or soft. None of the other files in that directory show a reference count above 1. They are backup files created by fsarchiver. I'm just trying to free up space by deleting files from January. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/15/21 12:55 AM, Steve Litt wrote: Wait!!! Make sure you run only a non-destructive fsck. If the non-destructive fsck shows no problem, do the following... First run the sync command. The sync command forces all caches to be written to their respective files. If they're on a removeable drive, my next step after sync would be to unmount the drive. Then physically disconnect it. Then physically reconnect it. Then remount it. Then do your df -h. Already did this. See my original post. Also, if your removeable drive is some sort of SSD, you might need to do fstrim, although I swear I remember space deleted but not yet trimmed doesn't count in df. But I could be wrong. Removable spinning disk. SteveT Ludovic Bellière said on Mon, 15 Mar 2021 04:33:37 +0100 Run fsck to make sure your disk isn't corrupted or damaged. Afterward, your lost+found might get populated with the stuff that occupies the space, done so in order for you to review. On Sun, 14 Mar 2021 20:10:03 -0700 Marc Shapiro via Dng wrote: I had some large files (over 200GB in total size) that I no longer needed. So I removed them. They no longer show up in the directory. However, df, still shows the space as being used. I understand that if processes are still using the files they will not be removed until the processes either release them, or are shut down (or killed). I have tried using 'lsof -a -L1 MOUNTPOINT' to list the open, but deleted files. It returns no files at all. These files are on a removable drive. I can unmount the partition and disconnect the drive, then reconnect the drive and remount the partition, but the space still shows as being used. If the files are still open, shouldn't 'umount' give an error? I would rather not have to shut down the system. Is there some other way to determine what is keeping these files open, or otherwise preventing the space from being reclaimed? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/14/21 10:09 PM, Ludovic Bellière wrote: I assume you read the man page of fsck, as it's return code is what you want to pay attention to. As for lsof, the correct parameters would be `lsof +aL1 /dev/sdx. It should have thrown an error were you to use `lsof -L1`. If lsof returns nothing, your drive is most likely corrupted. You are correct. I used '+L' NOT '-L'. It may also be possible that the files you removed have other references on your file system, aka. hard links. To find them, you would need to know the inode number, either by using `stat` or `ls -i`. You can then find them using `find -inum`. Since you already removed the files, you most likely can't know the inode number. However you could throw a `find $path -size n[cwbkMG]` to list the files with the matching size. I'm not following you on this. What is this going to do for me? 'find' is only going to show undeleted files. How does this help? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] rm not freeing space
On 3/14/21 8:33 PM, Ludovic Bellière wrote: Run fsck to make sure your disk isn't corrupted or damaged. Afterward, your lost+found might get populated with the stuff that occupies the space, done so in order for you to review. Already looked in lost+found. Nothing there. Tried fsck. It says the partition is clean. Marc On Sun, 14 Mar 2021 20:10:03 -0700 Marc Shapiro via Dng wrote: I had some large files (over 200GB in total size) that I no longer needed. So I removed them. They no longer show up in the directory. However, df, still shows the space as being used. I understand that if processes are still using the files they will not be removed until the processes either release them, or are shut down (or killed). I have tried using 'lsof -a -L1 MOUNTPOINT' to list the open, but deleted files. It returns no files at all. These files are on a removable drive. I can unmount the partition and disconnect the drive, then reconnect the drive and remount the partition, but the space still shows as being used. If the files are still open, shouldn't 'umount' give an error? I would rather not have to shut down the system. Is there some other way to determine what is keeping these files open, or otherwise preventing the space from being reclaimed? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] rm not freeing space
I had some large files (over 200GB in total size) that I no longer needed. So I removed them. They no longer show up in the directory. However, df, still shows the space as being used. I understand that if processes are still using the files they will not be removed until the processes either release them, or are shut down (or killed). I have tried using 'lsof -a -L1 MOUNTPOINT' to list the open, but deleted files. It returns no files at all. These files are on a removable drive. I can unmount the partition and disconnect the drive, then reconnect the drive and remount the partition, but the space still shows as being used. If the files are still open, shouldn't 'umount' give an error? I would rather not have to shut down the system. Is there some other way to determine what is keeping these files open, or otherwise preventing the space from being reclaimed? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] What does this remind you of?
What does apparmor actually do? It was installed on my system as a Recommends for my kernel (linux-image-4.19.0-14-amd64), but I get warnings of some type every time I reboot (which I don't do often, so I can't say just what the warnings are). Is there any reason to keep it installed? Or can I just uninstall it? Marc On 3/7/21 10:11 AM, d...@d404.nl wrote: On 07-03-2021 18:20, tito via Dng wrote: On Sun, 7 Mar 2021 18:03:30 +0100 Antony Stone wrote: On Sunday 07 March 2021 at 17:59:22, Steve Litt wrote: See this web page: https://en.wikipedia.org/wiki/Anti-pattern I'd say at least half of the listed anti-patterns are used by systemd. Very nice. Antony. Hi, this makes me think of the times when you could startx with IceWM on a 1.44 floppy disk. That was simplicity and to a certain extent poetry. I personally would scrap: dbus consolekit packagekit policykit systemd apparmor selinux I am sure I've forgot some other garbage. P.S.: I'm open to new technologies.. when they follow a simple rule: less code is better as I can understand only as much code as fits onto my screen. Ciao, Tito Hi, Mostly agree with you and in its current state apparmor belongs to this list. In the same time I like the idea of apparmor in limiting apps behavior. It could be most useful if implemented correctly. Grtz. Nick ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] (SOLVED _ I hope) Configuring cron and exim4 to send e-mail after running cronjob
On 11/15/20 6:40 PM, Marc Shapiro wrote: On 11/15/20 5:00 AM, Marjorie Roome via Dng wrote: If this is a cron job running on your local machine then rather than having to fully comnfigure your MTA to send acceptable emails to gmail (i.e. static ip, spf, dkim, etcetera) it would be simpler to enable local delivery to your local email account. You can then just read this by setting up an account in Thunderbird (it's a mbox file so use the spool option) and it will remain segregated from your gmail. I came to this conclusion, too, but, so far, have been unable to get local delivery working, either. I have tried running 'maIl marc' then filled in subject and body, then ended with CTL-D. Is CTL-D the correct way to end the message and send the e-mail? Is there something else that I need to do to actually send the message? It may be that the various things that I have tried have borked local delivery. What should I have installed and how should it be configured to deliver mail to my local user? Clearly, I am doing something wrong, I just don't know what. My current guess is that, in trying to get exim4 to do what I originally thought I needed it to do, I managed to get it to grab any e-mails sent through 'mail' and then fail when attempting to send them. I reconfigured exim to send local mail only, taking the defaults, and local mail now seems to be working. Messages sent through 'mail' are now showing up in my Thunderbird Inbox for mail to me on localhost. Now, I just need to put in a cron job to run in a few minutes, so that I can see that it sends the e-mail and I get it, as expected. Thanks to everyone who replied. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Configuring cron and exim4 to send e-mail after running cronjob
On 11/15/20 5:00 AM, Marjorie Roome via Dng wrote: On Sat, 2020-11-14 at 16:03 -0800, Marc Shapiro via Dng wrote: I use Thunderbird for e-mail, so I have never bothered with configuring an MTA. I have a few lines in root's crontab to do periodic backups and I would like to receive an e-mail when the job is completed. I have added a MAILTO line to my crontab with my gmail address. The job runs, the backup is created, but I do not receive any e-mail from cron. I am assuming that I need to run dpkg-reconfigure on exim4-config, but I don't want to mess up my e-mail that is going through Thunderbird. Can anyone tell me how to configure exim4-config to do this, or provide a link that will rpovide this information? If this is a cron job running on your local machine then rather than having to fully comnfigure your MTA to send acceptable emails to gmail (i.e. static ip, spf, dkim, etcetera) it would be simpler to enable local delivery to your local email account. You can then just read this by setting up an account in Thunderbird (it's a mbox file so use the spool option) and it will remain segregated from your gmail. I came to this conclusion, too, but, so far, have been unable to get local delivery working, either. I have tried running 'maIl marc' then filled in subject and body, then ended with CTL-D. Is CTL-D the correct way to end the message and send the e-mail? Is there something else that I need to do to actually send the message? It may be that the various things that I have tried have borked local delivery. What should I have installed and how should it be configured to deliver mail to my local user? Clearly, I am doing something wrong, I just don't know what. Marc Rather than redirect the cron mail output I just let root user jobs go to the default root account and alias that to my local email account (using /etc/aliases and the newalliases command). This will then also pick up any other root jobs that generate emails (in my case unattended-upgrades of security updates, and failed logins). ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Configuring cron and exim4 to send e-mail after running cronjob
On 11/14/20 4:12 PM, d...@d404.nl wrote: On 15-11-2020 01:03, Marc Shapiro via Dng wrote: I use Thunderbird for e-mail, so I have never bothered with configuring an MTA. I have a few lines in root's crontab to do periodic backups and I would like to receive an e-mail when the job is completed. I have added a MAILTO line to my crontab with my gmail address. The job runs, the backup is created, but I do not receive any e-mail from cron. I am assuming that I need to run dpkg-reconfigure on exim4-config, but I don't want to mess up my e-mail that is going through Thunderbird. Can anyone tell me how to configure exim4-config to do this, or provide a link that will rpovide this information? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng Are you sure that your exim4 mta has not been simply denied access by Google because it has no static ip, spf, dkim etcetera? An alternative would be to use your isp smtp-server by configuring it as a smarthost like in this example https://www.4armed.com/blog/install-and-configure-exim-4-smtp-relay-via-smarthost-on-ubuntu/ Grtz Nick ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng I tried running "dpkg-reconfigure exim4-config". I selected "Mail sent by smarthost; no local mail" and then took all of the defaults. I then tried to send a test e-mail using the command shown in the link you sent. I get the response "Thunderbird 78.4.3" which is the version of Thunderbird that I am running, but no e-mail gets through to my account. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Configuring cron and exim4 to send e-mail after running cronjob
I use Thunderbird for e-mail, so I have never bothered with configuring an MTA. I have a few lines in root's crontab to do periodic backups and I would like to receive an e-mail when the job is completed. I have added a MAILTO line to my crontab with my gmail address. The job runs, the backup is created, but I do not receive any e-mail from cron. I am assuming that I need to run dpkg-reconfigure on exim4-config, but I don't want to mess up my e-mail that is going through Thunderbird. Can anyone tell me how to configure exim4-config to do this, or provide a link that will rpovide this information? Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] HPLIP issues (SOLVED)
On 11/13/20 7:56 PM, Marc Shapiro wrote: On 11/13/20 12:09 AM, d...@d404.nl wrote: On 13-11-2020 07:21, Marc Shapiro via Dng wrote: Has anyone managed to get HPLIP isnstalled and fully running on Beowulf? hp-info works, with a gui interface. hp-levels works on the command-line from a terminal. hp-testpage brings up a gui and prints the testpage from there. hp-toolbox is missing its soft link to /usr/share/hplip/toolbox.py. When I create the link and try to run it, I get the following output: -- HP Linux Imaging and Printing System (ver. 3.18.12) HP Device Manager ver. 15.0 Copyright (c) 2001-15 HP Development Company, LP This software comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to distribute it under certain conditions. See COPYING file for more details. error: Unable to load DBus libraries. Please check your installation and try again. error: Please upgrade your python installation to the latest available version. -- I have Python v3.7 installed, which should be fine since the script calls for python3 (which links to python3.7 on my machine). I don't know what it wants installed as far as DBus is concerned. Primarily, what I need is to check ink levels and general status, and that does work from the command line, but it would be more convenient if hp-toolbox worked, giving me GUI access to all of its functionality. Any help will be appreciated. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng Most likely you have to install python3-dbus 1.2.8-3 (see https://packages.debian.org/search?keywords=python3-dbus) Grtz Nick HPLIP installed it automatically, as a dependency. Marc I looked, again, at the dependencies, recommends and suggested packages. The package hplip-gui is hiding all the way down in the suggested packages, not even a recommends. Looking at its description, I saw that hp-toolkit is included in it. So I deleted the link that I put in for hp-toolkit and installed the package, which also brought in python3-dbus.mainloop.pyqt5 and python3-notify2. That got it working. I find it odd that some GUI programs were included in the main package, while others (like toolbox, the main menu program for the package and 14 others) were shunted off into a separate package. But it's working, now, and that's the important thing. Thanks for the help. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] HPLIP issues
On 11/13/20 12:09 AM, d...@d404.nl wrote: On 13-11-2020 07:21, Marc Shapiro via Dng wrote: Has anyone managed to get HPLIP isnstalled and fully running on Beowulf? hp-info works, with a gui interface. hp-levels works on the command-line from a terminal. hp-testpage brings up a gui and prints the testpage from there. hp-toolbox is missing its soft link to /usr/share/hplip/toolbox.py. When I create the link and try to run it, I get the following output: -- HP Linux Imaging and Printing System (ver. 3.18.12) HP Device Manager ver. 15.0 Copyright (c) 2001-15 HP Development Company, LP This software comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to distribute it under certain conditions. See COPYING file for more details. error: Unable to load DBus libraries. Please check your installation and try again. error: Please upgrade your python installation to the latest available version. -- I have Python v3.7 installed, which should be fine since the script calls for python3 (which links to python3.7 on my machine). I don't know what it wants installed as far as DBus is concerned. Primarily, what I need is to check ink levels and general status, and that does work from the command line, but it would be more convenient if hp-toolbox worked, giving me GUI access to all of its functionality. Any help will be appreciated. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng Most likely you have to install python3-dbus 1.2.8-3 (see https://packages.debian.org/search?keywords=python3-dbus) Grtz Nick HPLIP installed it automatically, as a dependency. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] HPLIP issues
Has anyone managed to get HPLIP isnstalled and fully running on Beowulf? hp-info works, with a gui interface. hp-levels works on the command-line from a terminal. hp-testpage brings up a gui and prints the testpage from there. hp-toolbox is missing its soft link to /usr/share/hplip/toolbox.py. When I create the link and try to run it, I get the following output: -- HP Linux Imaging and Printing System (ver. 3.18.12) HP Device Manager ver. 15.0 Copyright (c) 2001-15 HP Development Company, LP This software comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to distribute it under certain conditions. See COPYING file for more details. error: Unable to load DBus libraries. Please check your installation and try again. error: Please upgrade your python installation to the latest available version. -- I have Python v3.7 installed, which should be fine since the script calls for python3 (which links to python3.7 on my machine). I don't know what it wants installed as far as DBus is concerned. Primarily, what I need is to check ink levels and general status, and that does work from the command line, but it would be more convenient if hp-toolbox worked, giving me GUI access to all of its functionality. Any help will be appreciated. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] No Sound in XFCE Beowulf - Pulsaudio
On 10/31/20 10:30 AM, kdibble wrote: On Sat, 31 Oct 2020 08:34:30 -0700 *Michael K. * wrote *establishing connetion to pulsaudio, please wait * (a fresh installed Beowulf wth XFCE has no Sound. ) There was a hint once before on the list to edit "something" in a Pulsaudio file. But I can't find this info anymore. What do I have to do to get back in contact with the sound mixer? Thanks in advance Michael I cannot remember either. So I checked my configuration and the only file changed is in /etc/pulse/client.conf.d/ which has 00-disable-autospawn.conf the contents of which are On linux systems, disable autospawn by default # If you are not using systemd, comment out this line # autospawn=n I am sure someone with definitive knowledge will come along, refresh my memory and help you. Ken It may have been a response to one of my posts that you are remembering. Back on September 25 I posted that I had "(Almost) no sound under Beowulf" and viverna posted a reply suggesting the need for a .asound file. In the end, I did not need this file. Although pulseaudio was installed, it was, for whatever reason, not starting for all users. I added a line to start pulseaudio in each user's .bashrc file and that fixed the problem on their next login. YMMV. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] [OT] YouTube archivism targeted
On 10/31/20 3:43 AM, spiralofhope wrote: On Fri, 30 Oct 2020 19:22:34 -0700 Marc Shapiro via Dng wrote: Sorry, spiralofhope. I didn't6 mean to send this to you, but to the list. I'll re-send this to the list then. :) On Fri, 30 Oct 2020 19:15:42 -0700 Marc Shapiro wrote: I think they have already obfuscated things. I used to use the Video Download Helper plugin for Firefox, but that stopped working for me. I know there were some issues with youtube-dl, and I switched to youtube-dlc because it included some unapproved pull requests. I checked, and I'm able to download your examine (sgN7fUGPgMM). If you want, I can provide it. I can also supply a 64bit binary or the repository I kept. Thanks for the prompt reply. That video was just a test, to get the error messages to post. I am now finding that Video Download Helper will sometimes complete a download and some of those actually work, but not all. For now, I am going to wait and see how this all plays out. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] [OT] YouTube archivism targeted
Sorry, spiralofhope. I didn't6 mean to send this to you, but to the list. On 10/26/20 11:47 AM, spiralofhope wrote: TL;DR: YouTube-dl DMCA The RIAA successfully applied a DMCA takedown to GitHub (Microsoft) for an archivism program which downloads YouTube video/audio (although it does target other services). https://github.com/ytdl-org/youtube-dl/ https://github.com/github/dmca/blob/master/2020/10/2020-10-23-RIAA.md I expect that YouTube will obfuscate the way it delivers content so as to make the existing youtube-dl release (and other similar software) nonfunctional (perhaps only for a time). I think they have already obfuscated things. I used to use the Video Download Helper plugin for Firefox, but that stopped working for me. Then I installed youtube-dl and tried to use it about a week ago, but received the following: [youtube] sgN7fUGPgMM: Downloading webpage [youtube] sgN7fUGPgMM: Downloading video info webpage ERROR: sgN7fUGPgMM: YouTube said: Invalid parameters. I tried downloading it from the yt-dl.org page, but that version gave me the save results. I use it to watch karate kata when I don't have internet connectivity, but it looks like that is no longer possible. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] the email universe
Hi > Would someone be able to outline for the unknowing what all actually > is required? (I am very much wanting to get away from outside product > that is selling me down the road - ie like the alphabet (soup) > company!). If you want to host your own email server you would need: 1 - a system with a static IP and reasonable connectivity 2 - a DNS name (MX record, reverse, possibly spf, ...) 3 - a MTA (postfix, exim, ...) 4 - and your mail client MUA (mutt, thunderbird, ...) If you want to experiment first, find a spare computer or set up a container - that doesn't have to be on the proper internet yet. Then do the following to achieve points 3 and 4: su apt-get install postfix mutt vim /etc/postfix/main.cf adduser a adduser b su - a mutt b exit tail /var/log/mail.log su - b mutt The line editing main.cf is a large topic, but postfix has pretty substantial documentation, and the distribution defaults should get you going too... Once that is set up you could try using multiple computers on a lan, or move on to points 1 and 2. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TB and Enigmail
Hello > I believe you mean (specifically) cut off from access to GMail > send/receive access by GMail users, as an alternative to using GMail's > proprietary WebUI. Yes, that's very strongly my understanding, too. > > Of course, my own way of eliminating GMail problems is: Don't use > GMail, and you thereby magically avoid GMail problems. ;-> If it isn't clear yet: There is another risk of using a web mail interface - the automatic spell checker in those things means that surveillance capitalists have the cover to collect your typing at the keystroke level and possibly build up a profile of your typing - err, fingerprint. Which, like every biometric, is difficult to clear and reset. > > It's increasingly hard to exchange e-mail between lesser known providers > > or even self-hosted servers and GMail accounts. > > This does _not_ accord with my experience. In my experience, if you run > a spam-clean and RFC-compliant SMTP operation and take modest > anti-forgery measures (such as my domains' strongly asserted SPF RR), > your mail domain will have no problem bidirectionally communicating with > GMail / Googlemail -- without spamboxing or teergrubing, etc. > > I keep monitoring this situation, and it may change, but that is still > my honest assessment from many decades of self-hosted SMTP smarthost > operation. I'd like to echo Rick's observation: Running a mail server is still totally doable. I say still, because the viability depends on there being a nontrivial pool of mailbox owner operated mail hosts. And it is bigger than mail - a good and free internet depends on reachable, static IPs with proper DNS names being held by the general population. So it is truly worth it to spend a few dollars a month to get a VPS/VM/staticVPN and do something with it. Like muscle and brain-cells, those things can disappear if you don't use them. And, like Devuan, this isn't a rear-guard action only: There are utterly delightful sections of a better internet being built - seek them out, and help. For instance, the gemini project (gemini.circumlunar.space) is doing awesome work to shrink the metasizing mass that is the web-browser down to something treatable. Here is a very simple gemini browser URL='gemini://gus.guru/known-hosts' HST=$(echo $URL | cut -f3 -d/) (echo -en "$URL\r\n" ; sleep 3) | openssl s_client -quiet -no_ign_eof -connect "$HST:1965" -servername "$HST" Regarding mail: I have this hope that a personal mail server will become proper status symbol, and maybe even a heirloom. Rick will remember a mailing list called linux-elitists@ which didn't allow certain User-agents to subscribe. It would be nifty if there were a mailing list, with another pretentious title - say inet-lords@ or net-kings@ which only allowed posting from addresses starting with admin@ or, even better, abuse@ as these addresses are reserved and unlikely to be given out by providers... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Unexpected behavior in Python 3 and QT Designer program
On 10/3/20 4:09 PM, Ludovic Bellière wrote: Both python and Qt have been upgraded between stretch and buster, as such you have to expect changes in behavior. From what you said, it doesn't seem to be breaking. On 4/10/20 00:45, Marc Shapiro via Dng wrote: I have a program written in Python 3 that uses a .ui file from QT Designer. This is the exact same program and .ui file as I used in Debian. (It is in /usr/local/bin, which I mount in both places.) It retrieves stock data for up to 30 ticker symbols and runs the data through various calculations before displaying the results in a separate set of fields for each symbol. When I run this under Debian Stretch, as each symbol is processed the results are displayed for that ticker, until I reach the end of the list. When I run it under Devuan Beowulf, no results are displayed until it is done with all of the tickers and then all the fields are filled in and displayed at one. Have there been changes in the way python and QT Designer interact? Under Stretch, /usr/bin/python3 points to python3.5, in Beowulf, it points to python3.7. Could this be causing the different behavior. I can't just change the link, because I get an error loading the QT module when I link to python3.5. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng I never said that it was broken, just unexpected. I got the old behavior back by adding the line 'self.repaint()' after each ticker's fields were filled. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Unexpected behavior in Python 3 and QT Designer program
I have a program written in Python 3 that uses a .ui file from QT Designer. This is the exact same program and .ui file as I used in Debian. (It is in /usr/local/bin, which I mount in both places.) It retrieves stock data for up to 30 ticker symbols and runs the data through various calculations before displaying the results in a separate set of fields for each symbol. When I run this under Debian Stretch, as each symbol is processed the results are displayed for that ticker, until I reach the end of the list. When I run it under Devuan Beowulf, no results are displayed until it is done with all of the tickers and then all the fields are filled in and displayed at one. Have there been changes in the way python and QT Designer interact? Under Stretch, /usr/bin/python3 points to python3.5, in Beowulf, it points to python3.7. Could this be causing the different behavior. I can't just change the link, because I get an error loading the QT module when I link to python3.5. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] (Almost) no sound under Beowulf (SOLVED)
Oops! I forgot to add (SOLVED) to my last subject line. Forwarded Message Subject:Re: [DNG] (Almost) no sound under Beowulf Date: Sun, 27 Sep 2020 09:34:33 -0700 From: Marc Shapiro To: dng@lists.dyne.org On 9/26/20 6:55 PM, Gregory Nowak wrote: On Fri, Sep 25, 2020 at 10:54:14PM -0700, Marc Shapiro via Dng wrote: The issue that I am having is with sound. My daughter reported that it was not working. I tried playing a video (in Firefox) from my login and also got no sound. You've already gotten good suggestions in this thread. I'd concur with the advice to get rid of pulseaudio, and use ALSA. If a particular application requires pulseaudio, install the apulse package, and start that application through apulse. One thing I haven't seen mentioned so far is to make sure that each user who is supposed to be able to play sound is a member of the audio group. If they aren't in the audio group, add them to the audio group, log them out, and log them back in. Note, I get sound in Beowulf in firefox just fine with out pulseaudio installed. 3) The 'play' utility from the sox package gives an error whenever I try to play an mp3 file. Using 'aplay' to play .wav files works fine. What do I need to do to play mp3s from the commandline? Do you have the libsox-fmt-mp3 package installed? Better yet, unless you have some reason not to, just install the libsox-fmt-all package. For playing music from the command line, I use mplayer. As you've discovered, aplay works too, and play should work as well once you install the necessary format support. Greg I do run Firefox, which is why I have pulseaudio installed. When pulse is running, I have had no issues with it. The problem was that, for whatever reason, pulse was not starting for all users when they logged in. I added a line to start it in each .bashrc and that problem was solved. The problem with mp3s from the commandline was the lack of libsox-fmt-mp3. I installed libsox-fmt-all and that issue is solved, as well. Thank you, everyone, for your help. I think that this installation is ready to leave running and see if my wife and daughter have any issues with it. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] (Almost) no sound under Beowulf
On 9/26/20 6:55 PM, Gregory Nowak wrote: On Fri, Sep 25, 2020 at 10:54:14PM -0700, Marc Shapiro via Dng wrote: The issue that I am having is with sound. My daughter reported that it was not working. I tried playing a video (in Firefox) from my login and also got no sound. You've already gotten good suggestions in this thread. I'd concur with the advice to get rid of pulseaudio, and use ALSA. If a particular application requires pulseaudio, install the apulse package, and start that application through apulse. One thing I haven't seen mentioned so far is to make sure that each user who is supposed to be able to play sound is a member of the audio group. If they aren't in the audio group, add them to the audio group, log them out, and log them back in. Note, I get sound in Beowulf in firefox just fine with out pulseaudio installed. 3) The 'play' utility from the sox package gives an error whenever I try to play an mp3 file. Using 'aplay' to play .wav files works fine. What do I need to do to play mp3s from the commandline? Do you have the libsox-fmt-mp3 package installed? Better yet, unless you have some reason not to, just install the libsox-fmt-all package. For playing music from the command line, I use mplayer. As you've discovered, aplay works too, and play should work as well once you install the necessary format support. Greg I do run Firefox, which is why I have pulseaudio installed. When pulse is running, I have had no issues with it. The problem was that, for whatever reason, pulse was not starting for all users when they logged in. I added a line to start it in each .bashrc and that problem was solved. The problem with mp3s from the commandline was the lack of libsox-fmt-mp3. I installed libsox-fmt-all and that issue is solved, as well. Thank you, everyone, for your help. I think that this installation is ready to leave running and see if my wife and daughter have any issues with it. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] (Almost) no sound under Beowulf
I have been running Debian for over 20 years, but I want to avoid systemd, so I am trying out Devuan. I installed ASCII a last year and just did an upgrade to Beowulf about a week ago. My goal now is to get Beowulf to run close enough to my Debian Stretch system that my wife and daughter can't tell the difference. I mount the same partition on home for both Debian and Devuan, so that keeps the local configs the same. The issue that I am having is with sound. My daughter reported that it was not working. I tried playing a video (in Firefox) from my login and also got no sound. I have since determined that pulseaudio was not running (it is installed). So I started the pulseaudio daemon under my login, started up Firefox and played a video. Sound. Yay! I logged into my daughter's account and started the pulseaudio daemon, started Firefox and played a video. No sound. Boo! The I started pavucontrol under both logins. My login shows the 'Built in Analog Stereo' output device, and its monitor for input. My daughter's login shows a 'Dummy' output device and its monitor for input. under my wife's login, it shows the same 'Dummy' devices as my daughter's login . 1) If anyone can tell me how to get pulseaudio to see my built-in audio for all three logins, it would be greatly appreciated. 2) How do I get pulseaudio to run for each user when they log into the system. 3) The 'play' utility from the sox package gives an error whenever I try to play an mp3 file. Using 'aplay' to play .wav files works fine. What do I need to do to play mp3s from the commandline? (NOTE: I boot to console only. Each user switches to a different VT and runs startx from there.) Thanks for any help. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Xorg stopped working after upgrade to Beowulf
Actually, it says that it cannot connect to the Wicd daemon, or something to that effect. Sorry, Marc On Tue, Sep 22, 2020, 9:52 PM Marc Shapiro wrote: > Yes, that solved the issue. I installed elogind and libpam-elogind, > rebooted and X now starts up for all three users. > > There is only one issue. For only ONE of the three users, after X starts, > my dughter's login gets a popup that says the Wicd client cannot be > started, make sure the user is in the netdev group. Well, she wasn't in > the netdev group, so I logged her out, added her to the group, logged her > back in and verified that she was in netdev, then ran startx. I am still > getting the same error. Is there something else that is required for the > Wicd client? > > Marc > > > On 9/22/20 7:43 AM, Marc Shapiro wrote: > > I do use startx from a terminal login, so this sounds like it could be the > problem. I'll check it out when I get home, tonight and pass the results > to the list. > > Thanks. > > Marc > > > > On 9/21/20 11:16 PM, wirelessduck--- via Dng wrote: > > > > On 22 Sep 2020, at 12:36, Marc Shapiro via Dng > wrote: > > I have pretty much decided that there is no way to upgrade my Debian > system to Buster and keep it usable without systemd. Since I am set up for > multiboot, including Devuan Ascii, I decided to upgrade that to Beowulf and > see if that will work for me and the others using this box. > > After upgrading (following the instructions for upgrading an existing > Devuan system), I rebooted the computer. > > First, I booted into my Debian Stretch partition to make sure that > everything was still good, there. Boot, login, start Xorg. All looks good. > > Logout and reboot into Beowulf. > > Boot and login went fine. Starting Xorg, not so well. Tried all three > users with no luck. This worked before the upgrade. Tried as root. > Success! So root can start Xorg, but not an ordinary user. Any ideas what > might be wrong. It looks like a permissions issue, but I don't know enough > about how X actually starts up to know where to look. Anything that you > want me to post to help debug this? > > Any help appreciated. > > > Marc > > > If you are starting X from a terminal/tty, the Beowulf release notes > mention the required configuration to start X as non-root. > > https://files.devuan.org/devuan_beowulf/Release_notes.txt > > — > Tom > > ___ > Dng mailing > list...@lists.dyne.orghttps://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > > ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Xorg stopped working after upgrade to Beowulf
Yes, that solved the issue. I installed elogind and libpam-elogind, rebooted and X now starts up for all three users. There is only one issue. For only ONE of the three users, after X starts, my dughter's login gets a popup that says the Wicd client cannot be started, make sure the user is in the netdev group. Well, she wasn't in the netdev group, so I logged her out, added her to the group, logged her back in and verified that she was in netdev, then ran startx. I am still getting the same error. Is there something else that is required for the Wicd client? Marc On 9/22/20 7:43 AM, Marc Shapiro wrote: I do use startx from a terminal login, so this sounds like it could be the problem. I'll check it out when I get home, tonight and pass the results to the list. Thanks. Marc On 9/21/20 11:16 PM, wirelessduck--- via Dng wrote: On 22 Sep 2020, at 12:36, Marc Shapiro via Dng wrote: I have pretty much decided that there is no way to upgrade my Debian system to Buster and keep it usable without systemd. Since I am set up for multiboot, including Devuan Ascii, I decided to upgrade that to Beowulf and see if that will work for me and the others using this box. After upgrading (following the instructions for upgrading an existing Devuan system), I rebooted the computer. First, I booted into my Debian Stretch partition to make sure that everything was still good, there. Boot, login, start Xorg. All looks good. Logout and reboot into Beowulf. Boot and login went fine. Starting Xorg, not so well. Tried all three users with no luck. This worked before the upgrade. Tried as root. Success! So root can start Xorg, but not an ordinary user. Any ideas what might be wrong. It looks like a permissions issue, but I don't know enough about how X actually starts up to know where to look. Anything that you want me to post to help debug this? Any help appreciated. Marc If you are starting X from a terminal/tty, the Beowulf release notes mention the required configuration to start X as non-root. https://files.devuan.org/devuan_beowulf/Release_notes.txt <https://files.devuan.org/devuan_beowulf/Release_notes.txt> — Tom ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Xorg stopped working after upgrade to Beowulf
I do use startx from a terminal login, so this sounds like it could be the problem. I'll check it out when I get home, tonight and pass the results to the list. Thanks. Marc On 9/21/20 11:16 PM, wirelessduck--- via Dng wrote: On 22 Sep 2020, at 12:36, Marc Shapiro via Dng wrote: I have pretty much decided that there is no way to upgrade my Debian system to Buster and keep it usable without systemd. Since I am set up for multiboot, including Devuan Ascii, I decided to upgrade that to Beowulf and see if that will work for me and the others using this box. After upgrading (following the instructions for upgrading an existing Devuan system), I rebooted the computer. First, I booted into my Debian Stretch partition to make sure that everything was still good, there. Boot, login, start Xorg. All looks good. Logout and reboot into Beowulf. Boot and login went fine. Starting Xorg, not so well. Tried all three users with no luck. This worked before the upgrade. Tried as root. Success! So root can start Xorg, but not an ordinary user. Any ideas what might be wrong. It looks like a permissions issue, but I don't know enough about how X actually starts up to know where to look. Anything that you want me to post to help debug this? Any help appreciated. Marc If you are starting X from a terminal/tty, the Beowulf release notes mention the required configuration to start X as non-root. https://files.devuan.org/devuan_beowulf/Release_notes.txt <https://files.devuan.org/devuan_beowulf/Release_notes.txt> — Tom ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Xorg stopped working after upgrade to Beowulf
I have pretty much decided that there is no way to upgrade my Debian system to Buster and keep it usable without systemd. Since I am set up for multiboot, including Devuan Ascii, I decided to upgrade that to Beowulf and see if that will work for me and the others using this box. After upgrading (following the instructions for upgrading an existing Devuan system), I rebooted the computer. First, I booted into my Debian Stretch partition to make sure that everything was still good, there. Boot, login, start Xorg. All looks good. Logout and reboot into Beowulf. Boot and login went fine. Starting Xorg, not so well. Tried all three users with no luck. This worked before the upgrade. Tried as root. Success! So root can start Xorg, but not an ordinary user. Any ideas what might be wrong. It looks like a permissions issue, but I don't know enough about how X actually starts up to know where to look. Anything that you want me to post to help debug this? Any help appreciated. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Danger: Debian POSIX hostility
> One thing about this which strikes me as a bit ironic is debian's use of > the dash shell, made to be POSIX-compliant, and so causing endless > problems for scripts using bash's additional non-POSIX functionality, > but not specifying bash explicitly in the shebang line. Hmm - that might require some background: I'd venture that most of these scripts were written when sh was just a symlink to bash, and dash didn't exist, nevermind as a debian package. The word decree is too strong, but at some point debian system scripts were supposed to be written to be /bin/dash compatible, but instead of changing all existing system scripts to start with /bin/bash, and only replacing them with /bin/sh once full checked/rewritten, they were kept at /bin/sh as people hoped for the best - a quick win. I, for one, never bought into the reasoning for migrating system scripts away from bash to sh. The argument that bash is too large struck me as odd - there were critical dependencies on perl and python with a much larger dependency graph, and much bigger startup costs... More importantly I think it is good that one uses the same language that one types into the terminal every day when extending the distribution - that makes a sysadmin equal to the distribution maintainer, instead of specialising that into a different caste... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Zoom? Rather not...
> I'm a product of the Great > Depresssion, and so security for me fixates on political snooping. I'm > less concerned about being ripped off than looming fascism. I'm not > suggsting your concern is not important, jut that it is not the same > as my own. My concerns relate to both of those. People being easily identified and tracked in real life is something that strengthens authoritarian regimes (whether fascist or communist) as well coercive corporate interests. > For me security refers primarily to file access. This takes me back to > my question. If I craete a new user, named zoom for example, and have > it run zoom, won't that limit access files on my HD? Yes, under two conditions: - your other users (holding confidential data) have more restrictive permissions on their directories (chmod 700 ~) - the application won't try a local privilege escalation exploit (kernel or CPU bug, or even back door). regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] LILO Framebuffer and X screen resolution (SOLVED)
On 5/23/20 2:36 PM, Marc Shapiro wrote: I have been using Debian for the last 20+ years. I don't like systemd and that has kept me on Stretch, where I can still use SysV as init. I have tried several times to upgrade to Buster without SysV, but have had no luck. So here I am at Devuan. I installed Ascii on a separate set of partitions, so I have the ability to keep using my Debian Stretch install until I get Ascii running the way I want it to. I had some trouble with the install, but I got past that. I do, however, have some issues that I could use some help with. My screen resolution is very low. Under Stretch, when I run xrandr, I get about a dozen resolutions, up to 1920x1080. Since I have a 23" monitor, I use the highest resolution possible. Unfortunately, under Ascii, I get a max resolution of 1280x1024, which doesn't even fit the screen proportions. The output from lspci is: lspci -v | grep VGA Flags: bus master, VGA palette snoop, 66MHz, medium devsel, latency 64, NUMA node 0 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Cedar [Radeon HD 5000/6000/7350/8350 Series] (prog-if 00 [VGA controller]) According to the MATE Control Center, my monitor is "Unknown", under Debian Stretch it correctly identifies my Samsung monitor. If I set my video mode to 0x317 in LILO (as my Debian config had) that is even worse. Then I get the framebuffer while I am in the console, which looks a lot better, but my X screen resolution is also limited to 1024x768. (Under Debian, my X screen resolution was not tied to the framebuffer resolution.) The highest resolution that I can set the framebuffer to seems to be 1400x1050. This is better, but still not what my video card/monitor combination is capable of. Have others been having these issues? Any ideas on how to get my full screen resolution in X will be greatly appreciated. I am looking forward to working in an OS that is guaranteed not to slip systemd in on me. Marc Shapiro Installed firmware-linux. Problem solved. Marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] LILO Framebuffer and X screen resolution
I have been using Debian for the last 20+ years. I don't like systemd and that has kept me on Stretch, where I can still use SysV as init. I have tried several times to upgrade to Buster without SysV, but have had no luck. So here I am at Devuan. I installed Ascii on a separate set of partitions, so I have the ability to keep using my Debian Stretch install until I get Ascii running the way I want it to. I had some trouble with the install, but I got past that. I do, however, have some issues that I could use some help with. My screen resolution is very low. Under Stretch, when I run xrandr, I get about a dozen resolutions, up to 1920x1080. Since I have a 23" monitor, I use the highest resolution possible. Unfortunately, under Ascii, I get a max resolution of 1280x1024, which doesn't even fit the screen proportions. The output from lspci is: lspci -v | grep VGA Flags: bus master, VGA palette snoop, 66MHz, medium devsel, latency 64, NUMA node 0 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Cedar [Radeon HD 5000/6000/7350/8350 Series] (prog-if 00 [VGA controller]) According to the MATE Control Center, my monitor is "Unknown", under Debian Stretch it correctly identifies my Samsung monitor. If I set my video mode to 0x317 in LILO (as my Debian config had) that is even worse. Then I get the framebuffer while I am in the console, which looks a lot better, but my X screen resolution is also limited to 1024x768. (Under Debian, my X screen resolution was not tied to the framebuffer resolution.) The highest resolution that I can set the framebuffer to seems to be 1400x1050. This is better, but still not what my video card/monitor combination is capable of. Have others been having these issues? Any ideas on how to get my full screen resolution in X will be greatly appreciated. I am looking forward to working in an OS that is guaranteed not to slip systemd in on me. Marc Shapiro ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] When spaces aren't just spaces [Was] Has anybody else experienced Raspberry Pi breakage ?
Hello This is a bit unrelated, but might be worth warning people about. Some editors no longer seem to be satisfied inserting plain spaces, but now deem it necessary the extra bytes . This might break small parsers which only consider ' ' and \t as a delimiter. 'cat -A' will help you find them Below is the fstab entry that you included in your mail, run through 'cat -A' > and my fstab:$ > '# cat /etc/fstab$ > $ > # M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- > M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- > M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- $ > /dev/mmcblk0p1M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- /bootM-BM- M-BM- M-BM- > vfatM-BM- M-BM- M-BM- defaultsM-BM- M-BM- M-BM- M-BM- M-BM- M-BM- 0M-BM- > M-BM- M-BM- M-BM- M-BM- M-BM- 2$ > /dev/mmcblk0p2M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- /M-BM- M-BM- M-BM- > ext4M-BM- M-BM- M-BM- defaults,noatimeM-BM- M-BM- M-BM- > 0M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- 1$ > /dev/zram0 M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- swapM-BM- M-BM- M-BM- > swapM-BM- M-BM- M-BM- pri=1M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- > M-BM- 0M-BM- M-BM- M-BM- M-BM- M-BM- M-BM- 0'$ > $ regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
Hello
> I would like to add my point of view to the polkit debate.
And they are well thought out comments :)
> All things considered, I think for the purpose of interacting with system
> level daemons/services and managing related permissions, especially in cases
> more complex than simply shutting down the system for example, dbus + polkit
> is a very nice solution, especially considering the alternatives. It does
> have some flaws, though, such as noone knowing how to correctly configure
> it, for example.
I think that isn't quite enough to redeem polkit. I have the following
reservations about it - it is written by the same/similar group that
has written systemd, and many of their design decisions are very poor
IMNSHO (I'd like use stronger words) and they have a habit of merging/entangling
their code so that it becomes one big hairy mess. Devuan maintainers know
how hard it is to disentangle that.
On the systems I run, my first step is to remove avahi, pulse, systemd
(thanks devuan), polkit, network manager and dbus. I find after that the
system uses way less RAM and behaves more predictably - so when I configure
it, it stays configured.
The critique of polkit specifically relates to its poor config
infrastructure - it is written in XML, this not only drags in another
huge dependency, but is just ugly. XML was the fashion a decade or two
ago, but is a bad idea for config files. It might be human readable,
but barely so...
The other problem of polkit and dbus is that it breaks the inheritance model
of unix (a process is a child of some other one and inherits a subset of
its capabilities, ignoring setuid). Changing this adds many complications,
and makes chroot and containers a lot more complex to secure...
> Regarding gksudo, I think it's intended use case is an awful thing as well.
> The very Idea of asking for a users password for starting a more privileged
> process is a bad one. It means that if the user account is breached, as soon
> as sudo or gksudo is used to obtain root, it could have been replaced (z.B.
> by changing the PATH, setting an alias, etc.) by an attacker to get the
> password instead, and then compromise the rest of the system. In my opinion,
> sudo should always be used in such a way as to work without password, and
> only for known "safe" commands. For everything else, it'd be much better to
> just log in on a tty as root. Same goes for su.
No argument with that - that is a most sound argument. I would be
nice if distributions could make that part of their standard documentation
("to upgrade a package, please press control-alt-F2, log in as root
and type xxx"). There is even a fancy word we can use for "control-alt-F2",
the "trusted path" or maybe even the "secure attention" keys. Maybe even
reserve a certain tty so that a login there spawns the package management
tool...
regards
marc
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed? dropin replacement
> >>You should never send an unencrypted password over a shell or pipe. So in the case of the former (using the shell, via echo or an environment variable) you are correct. Those show up in process listings... I am not so sure about the second part, the bit about not passing confidential information down a pipe. I am not aware of a third party being able to see the content of a pipe. If you are worried about the invoking user seeing the password, bear in mind that on sane distributions a normal user can strace the xterm in which one invokes su or sudo. This is not a recommendation to disable strace, it is a strong recommendation to run your webbrowser under a different uid - actually I am surprised that distributions dont have a wrapper which runs a browser as a different uid but with a shared gid... > i would use a simple gtk window with a gtkentry (Gtk2 GTK3 compatible) + 2 > buttons (cancel, ok) > that way it will be the gtk backend to care about X11 or wayland (i > suppose...): ... > Why use 2 binaries rather than one, more programs, more code, more > communication in between them equals to more attack surface. > I would stay with just one suid binary, more so if you want to go the su-only > route. If I understand you correctly, you propose a simple gtk program that is setuid (so that it can read /etc/shadow, and grant root privileges). The problem is that there is no such thing as a simple gtk program. This is not comment limited to gtk programs - most graphical toolkits and libraries present a pretty large attack surface - they contain large protocol interpreters and font rendering engines, flaws in which could then be exploited to give root access without any password whatsoever. So invoking su or sudo via a pipe is probably the way to go after all. Do note that sudo (or su) might not accept input from a plain pipe - you might have to allocate a pseudotty via /dev/pts/ptmx, then fork, exec su or sudo in the child and in the parent write the password down the filedescriptor... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] mlterm to display path in window frame
Hello > I apologize for the time gap, but ill health put me out of > commission for two months. Hope you are recovering well > $ tput tsl ; echo -n hello ; tput fsl > [nothing returns] But does the title bar of your terminal say hello ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Identifying or rsetting a microsd card
> Ah, but zero the whole disk and it will > > dd if=/dev/zero of=/dev/sdb bs=1M > > It'll use one write cycle on the media. I wonder if writing 0xff instead of 0x00 is kinder to flash media. In particular, if the controller is dumb/smart enough to only erase, not write... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] mlterm to display path in window frame
Hello > > I am under the impression that some xterminal emulators > > understand a certain escape sequence (maybe tsl ?) which > > update the title bar. > > > > What does > > > > tput hsl > > > > and > > > > tput tsl ; echo -n hello ; tput fsl > > > > do ? > > They have no effect. And what if you type export TERM=xterm+sl and then repeat the above tput commands ? That should give you the same effect as Ralph has hardcoded into his prompt, assuming you have the correct terminfo entry > Not sure how to use infocmp, but tput does not show up, and > > $ infocmp | grep mlterm Hmm, I might have been a bit terse. Tput allows you to look up escape sequences in the terminfo/termcap database. We are interested in tsl (escape sequence to write to the status bar). infocmp displays the whole database, so you could type infocmp mlterm | grep tsl infocmp xterm+sl | grep tsl to find this sequence. Man 8 terminfo gives you an explanation of the escape codes. If none of that works, try Ralph's hardcoded approach, eg echo -e "\033]0;hello\007" In an effort to trim things, many distributions ship only a small subset of the terminfo database by default, and relegate the rest to an optional package... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] long delays in waterfox
Hello > I've been having good experiences with this firefox fork. > Recently it takes seconds for typing to appear in a text > input widget. Also takes longer (showing spinner) to > render pages. I've tried clearing all the caches, > and checked for questionable extensions and plugins. This information may not help you directly, but at some point I also saw this problem on a normal firefox build. So it might be version dependent, and your waterfox could a different vintage to the firefox build. Other things to try is to go to about:config and disable the type ahead features, in particular the search autocompletion logic ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] mlterm to display path in window frame
Hello I am under the impression that some xterminal emulators understand a certain escape sequence (maybe tsl ?) which update the title bar. What does tput hsl and tput tsl ; echo -n hello ; tput fsl do ? Maybe that escape sequence has been removed from your terminfo entry ? Use infocmp to check on a working system... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Mail message headers - was: I wrote IBM
> On 2019-10-22 23:20, Steve Litt wrote: > >On Mon, 14 Oct 2019 11:44:11 -0500 > >goli...@devuan.org wrote: > > > > This email does not address the content of this email but rather something > very strange that came through in the header: > > https://dev1galaxy.org/files/cruft.png So if I am understanding this correctly, you are referring to the headers below: > X-Mailman-Version: 2.1.23 > Precedence: list > List-Id: "The first mailinglist after debianfork.org" > List-Unsubscribe: > <https://mailinglists.dyne.org/cgi-bin/mailman/options/dng>, > <mailto:dng-requ...@lists.dyne.org?subject=unsubscribe> > List-Archive: <https://mailinglists.dyne.org/cgi-bin/mailman/private/dng/> > List-Post: <mailto:dng@lists.dyne.org> > List-Help: <mailto:dng-requ...@lists.dyne.org?subject=help> > List-Subscribe: > <https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng>, > <mailto:dng-requ...@lists.dyne.org?subject=subscribe> > Errors-To: dng-boun...@lists.dyne.org > Sender: "Dng" Mailman (the software managing this mailing list) has been adding these headers to outgoing mail for many years. I think these where added because many people complained that they didn't know how to unsubscribe from mailing lists. I suspect what has happened is that you updated your mail client, and it now parses these headers and helpfully shows them to you, just in case you want to unsubscribe ? Maybe check the change notes for the mail client ? Let me know if I have misunderstood your question... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why does mount expect NTFS?
> Why would it try for and NTFS file system on a Linux machine? The way I understand it is that without a filesystem type, mount will try all (disk-based) filesystem drivers that you have currently loaded. And the ntfs driver generates some debug output when it fails. So nothing to worry about. It does make sense - sensibly enough the kernel has no other[1] facility to work out what filesystem is really on a given partition - it has to invoke the filesystem driver to find out. regards marc [1] partition ids, etc may provide a clue but consider the case of your magic new filesystem that you have just written a kernel driver for... ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
Hello > > B) I am more concerned about the other part, where code is > > known to phone home, but the developers or packagers > > have decided that this is fine. The examples range from popcon > > to systemd's resolver (which I am told falls back on to google > > at 8.8.8.8) to chromium or firefox/iceweasel. For the time > > being these designed-in phone home packages are few, so it > > should not be a hardship to label them with a "leaking::" > > tag. > > > > I am sorry marc, but that's incorrect. popcon does not ever 'call > home' in either Debian or Devuan, unless you have *explicitly* agreed > to allow it to do that. And the reasons for popcon "calling-home" are > well stated and fully disclosed: it's a package to collect anonymous > statistics about package usage, and it sends such stats to the popcon > server once a week. popcon submissions are maintained encrypted and > stored only for the time necessary to process them. I can guarantee > this is the case in Devuan, since I am in charge of popcon. Absolutely correct. I included popcon as an example of a package which does disclose system information to others, and the developers and packagers think this is ok. It turns out I think it is ok too, given that it openly discloses what it does, and is opt in. So there should be no objection to having it include a package tag that says it discloses information to others ? Not because popcon is a problem, but because it sets an example to other maintainers to check what information their packages disclose to the outside world ? > systemd is not in Devuan. Chromium comes from Google, and I would > never trust it anyway, notwhitstanding what Google promises to do > about it (but I have not seen the code, so my position might be proven > to be wrong). AFAIK Firefox comes with "calling-home" disabled by > default anyway. I was under the impression that firefox sends a daily report to its servers, but stand corrected. And I too do not know exactly what chromium sends back to its base. Wouldn't it be nice if the .deb files included a few tags to tell us ? > Please do not put everything in the same basket ;) I didn't mean to insinuate that popcon is somehow malicious - I mean to include a range of examples of code which uploads information to remote servers, and that it would be good to have some package-level metadata which tells us what is sent, so that it is more difficult to hide such activity. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
> Dear marc, > > unwanted "calls-home" are normally found and disclosed if the software > is free, so I really don't think this is a problem. Asking the > development team of a distribution with 50k+ packages to guarantee > that nothing ever uses user information for unwanted means is just > plain impossible. Not even Debian can do that. This is done, > indirectly, by all the people who look at the code, and contribute to > the packages. So I think that there are two categories to this: A) There may be free software which has been hacked/compromised to covertly to phone home. Finding these cases is hard, but if it is found, chances are excellent that this will be fixed in a hurry. I agree that Debian/Devuan can't make any absolute guarantees in this respect. B) I am more concerned about the other part, where code is known to phone home, but the developers or packagers have decided that this is fine. The examples range from popcon to systemd's resolver (which I am told falls back on to google at 8.8.8.8) to chromium or firefox/iceweasel. For the time being these designed-in phone home packages are few, so it should not be a hardship to label them with a "leaking::" tag. The reason for labelling the ones in category B) is disclosure: Those of us who are concerned about privacy matters can look for those tags to make the tradeoff. It also means that those who want to spy on people without disclosing it fall into category A) which if found out should count as deception and maybe, one day, a crime. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
> > So you are correct that gethostid has been around for a while,
> > but this call returns a 32bit number, typically the IP.
>
> ?? No, it returns a value that's unique to the local machine even if it
> was not configured on any network.?? Plus, the IP can change, but the
> hostid is supposed to be static.?? The Unix hostid was developed in order
> to uniquely identify a machine regardless of where in the Internet it
> is.?? What you described is the gethostbyname syscall.
Maybe your system is different to mine, but try compiling the below
and find out for yourself:
#include
#include
int main()
{
int id;
id = gethostid();
printf("my id is 0x%08x\n", id);
return 0;
}
regards
marc
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
> Mark, I think you are probably shooting the wrong bird here. Host ids > have been around for the best part of the last 40 years in the unix > world. And I am not talking about proprietary unix. The syscalls > gethostid/sethostid were introduced in 4.2BSD (ca. 1983), at Berkeley, > and are supposed to support unique host ids across all the unix > installations. The gethostid syscall was even standardised in POSIX. So you are correct that gethostid has been around for a while, but this call returns a 32bit number, typically the IP. The IP has to be disclosed if one connects to the internet on a public IP, and if you are behind NAT, then vast numbers of systems map to 192.168.1.1 and similar - this really isn't that much of a unique identifier. The new host-id and machine-id files contain a much large number which is less likely to collide, and will be preserved even if one connects from a different networks, and leaves traces for people who want to re-image machines or spin up VMs/containers. I also agree with your sentiment that free and open source software is necessary to track down information leakage. But it seems it may be necessary but not sufficient - what one also needs is a distribution which makes it clear when this information is disclosed. Sadly it turns out there are also opensource developers (often corporate) who want to know when and where and by whom their code is run. The way I think about it is that such code isn't quite free either - one pays for it in personal data. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
> Le 09/03/2019 ?? 10:03, Didier Kryn a ??crit??: > >Le 09/03/2019 ?? 09:34, goli...@dyne.org a ??crit??: > >>I'd recommend adding an inotify rule to record which processes > >>look at these files, and publishing this - here. > > > >Unfortunately inotify doesn't tell which process accessed the file > >)~: > > But fanotify() is perfectly suited (~: Excellent. There are also tricks involving the audit subsystem, maybe fuse and certainly strace (strace -e open). I have checked some of my systems and so far I can see dnsmasq udev dbus systemd-* looking at machine ids. Dnsmasq might warrant a close look - hopefully that id does not get disclosed during dhcp negotiation... The other three in that list I disable whenever possible already, and the above provides yet further confirmation this is prudent. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] new freedesktop "standard": /etc/machine-id
> Quoting Arnt Karlsen (a...@iaksess.no): > > > ..my /etc/cron.d/machine-id: > > PATH=/bin:/usr/bin:/sbin:/usr/sbin > > > > # ..a new /etc/machine-id every minute... ;o) > > * * * * * root date |md5sum |cut -d" " -f-1 >/etc/machine-id |tee > > >/dev/null 2>&1 > > _Very_ nice solution. I think I'll steal it whenever I finally need > /etc/machine-id . For those who copied that into your crontab: Note that this will leak what timezone you are in to the bad guys (who seem to be the authors of chrome) assuming they have read this thread. And if your clock drifts by more than a few seconds, it might still identify you quite well. Arnt's improvement of adding fortune to md5sums input might be a good plan assuming fortune doesn't do a srand(time()); internally. But what really blows me away is that these ids exist on Debian to begin with. I had been under the assumption that free systems are built according to the needs and desires of their users, and few users go "what I really need in this day and age is less privacy". So instead of adding crontab rules to obfuscate the ids, I'd recommend adding an inotify rule to record which processes look at these files, and publishing this - here. Much has been written about Debian's Social Contract, but it seems to be ineffective against this type of spying, whether it involves falling back to 8.8.8.8 as name-server, or scattering machine ids all over the filesystem. I think Devuan has an opportunity to do better - going by the number of messages in this thread it is an issue which worries many people. A good starting point might be to update the "Tags:" package field, to include a "leaking::" category. So packages would not only described as being "implemented-in::c" but also as "leaking::host-id" or "leaking::clickstream". Then one could aim to have a "leak-free" build, like people try to have a "reproducible build"... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] excessive bounces
> Yes, I am totally aware of the above, but, as there is absolutely no > reason for the dng mails sent to me being bounced and that others have > had this happen to them, I feel the problem could be at the dng end. Maybe it is emergent (heh!) problem requiring a particular combination of sending and receiving software ? I see that smtp.samba.org seems to run exim - are the others experiencing bounces and disabled subscriptions also running exim ? Also: This isn't strictly a problem, but the highest priority mail handler for samba.org doesn't seem to be running a mail server at the moment: samba.org. 7200IN MX 5 ns1.samba.org. samba.org. 7200IN MX 9 ns1.samba.org. samba.org. 7200IN MX 7 smtp.samba.org. ;; Query time: 441 msec ;; SERVER: 196.22.160.5#53(196.22.160.5) ;; WHEN: Fri Jan 4 21:26:52 2019 ;; MSG SIZE rcvd: 84 ~$ telnet ns1.samba.org 25 Trying 144.76.82.137... Connection failed: Connection refused Trying 2a01:4f8:192:486::b0... telnet: Unable to connect to remote host: Network is unreachable regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] slashes in FAT file names
Hello: > -? ? ? ? ?? 07/TRA~1.MP3 > With the slash, it can't even figure out the permissions, ownership, or > file size. Preumably some parts of the system interpret the '/' as the > directory name separator, and in this file system that's not what it > is. > > Does anyone have any ideas here other than begging, borrowing, or > buying a Windows system? Try mtools ? But also consider the possibility that the card may be corrupted in somehow... regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ssh_exchange_identification: read: Connection reset by peer
> Am 2018-07-27 08:37, schrieb marc: > >It could be that your process table is full - Run ps fax and > >understand what each process does. > > > >Alternatively /dev/pts isn't mounted, or (less likely) you > >are running something like fail2ban ? > > My problem is, I cannot look at it when it happens, because this is a > headless server, located in the attic near my router. Either keep an ssh session open indefinitely and then do an "echo /proc/*" when the problem occurs Or stop cron and see if the problem goes away. A poorly written cronjob seems to be the most likely cause of an accidental fork bomb. An "ulimit -u 100" in a problematic script might help to contain the problem. Also: if you post your problem to the list, try to keep posting the rest of the thread there too, so that others can benefit from any solution. Good luck solving it regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ssh_exchange_identification: read: Connection reset by peer
> $telnet odroid.lan > Trying 192.168.1.2... > Connected to odroid.lan. > Escape character is '^]'. > Connection closed by foreign host. > > Any ideas what could be causing this? It could be that your process table is full - Run ps fax and understand what each process does. Alternatively /dev/pts isn't mounted, or (less likely) you are running something like fail2ban ? regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] A Devuan kernel?
Hello Jimmy > Today Linux is pretty much owned by the NSA, including it's developers, not > many educated eyes out there anymore to spot and report malware. Things have > changed. So there is a nice poster around with a grumpy cat saying "The NSA broke my internet, so I am building a GNU one". I understand the sentiment. However: Loads of eyes are looking at the kernel, and if I were to trust my intuition, I'd say that the back doors are more likely (or more numerous) in the processor, its microcode, the graphics card firmware and the ACPI nonsense. So: Coding a new kernel is probably one of the more expensive security exercises. Rebuilding from source is cheap, but it is unclear if it would remove the backdoors (keywords "On trusting trust", duckduckgo them, yandex it). However: The big security improvement you - Jimmy Johnson aka field.engin...@gmail.com can make without requiring any special skills is to stop using gmail. Google has pioneered many of the major privacy abuses: - the overt scanning of people's mail via gmail - the gathering of access point data via its streetview cars (got them into trouble in France, the rest of the world didn't want to notice) - its worldwide web tracking effort via google anal itics, fonts.googleapis, doubleclick.nyet - the major spyware known as chrome and its associated corruption of mozilla Summary: Google is probably *the* entity which has moved the Overton window towards the view that spying is socially acceptable. So: I struggle to reconcile your security concerns with your use of gmail. So maybe once you stop using gmail I'll examine your views on the NSAs kernel ownership more seriously Sorry marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] noisy computer
Hello > Installed that. Processes frequently using disk seem to be: > jbd2/dm-0-8 > dhcpd -q > kworker/0:0 > kworker/0:3 > > jbd2 is of course the journaling process for my RAIDs. But who's I/O is > it journalling? > > dhcpd -- whi does it have to read disk every second? connctions aren't > being made that oftern, are they? > > And what are the kworkers all about? Somthing kde-ish? So a "ps -eF" should show you that both kworker and jbd2 have zero pages (SZ). That generally means that they are part of the kernel. My suggestion: Stop dhcpd for a while and see if the click goes away. I'd do a "kill -STOP pid", then a sync, then listen for a few seconds, then do a "kill -CONT pid". My suspicion: It isn't dhcpd. I have two candidates: * Hardware unhappy. Use smartctl to look at the disk statistics. A nonzero reallocated sector count is or used to be quite a red flag. A new install would have triggered loads of writes which could have generated bad sectors. * New filesystem type which decides it is necessary to sync all atime updates to disk, or something similar. Try tricks involving mount: Possibly "mount -o remount,noatime /some/path" or even (after having killed processes which have files open for writing) "mount -o ro /some/path" I have lots of angry words for people who write userspace code, drivers and filesystems which actually aren't idle when they are idle. Good code blocks in a read(), select() or epoll() when idle. Good drivers wait for an interrupt, and good hardware makes this possible. Thesedays I go around and strace processes "strace -p pid" and disable those which don't. There are other less likely things to consider: Hard disks are computers in their own right (often dual core ARMs, soon some might be RISC5s). They can do things like thermal recalibration which can make noise. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] It's far from being over. Sigh!
Hello Steve > I think you're painting all Javascript with the same brush. I suppose I wasn't clear enough. I am saying that javascript as a turing complete (and poorly specified, horribly inefficient, and badly designed) language allows remote parities to run arbitrary code on your CPU. That is a property of javascript, no overly broad brush required. Given that complex CPUs have lots of bugs, this means chances are excellent that the bad guys can get root on your PC with a snippet of javascript. And what is worse is that the main reason your CPU is so complex is that it needs to run the so very inefficient javascript code. > See my > pricing page: > > http://troubleshooters.com/utp/courseware_cost_calculator.htm > > Loads almost instantly. Does exactly what is needed. Replacing it with > a calculator on the back end would require a send to the back end and > (remember, no Javascript, no AJAX) the back end sending an entire page > to the browser. So I am not going to look at your site, as I take my own advice and don't run javascript where possible. I think you are a decent person and probably won't want to break into your viewers computers via some javascript malware, or spy on them with some analytics. However, like the people who join facebook, your actions have a network effect - making it harder for those who want to do the right thing to stay away from harmful "technologies". Instead of using javascript to calculate your pricing, have you considered simply stating your pricing formula ? That is more open, more likely to be archived, quoted and allows people to reason about it. > Don't blame Javascript because some programmers think it's hip to throw > in fifty layers of abstraction to get "just the right look" without > "reinventing the wheel." > > Blaming Javascript for force fed pig websites is like blaming C for > systemd. Ah, I forgot that you are fond of wild analogies :) So I'll provide you with one of my I own: Think of javascript like one does of antipersonel mines or chemical weapons - as having no place in a civilised world. regards marc ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
