3[00:02:23] <CrystalMath> still, if a program has that many problems i just can't say it's any good; it's a terrible choice for the default; but idk if it's maybe the only "sound server" we have on GNU/linux that is general-purpose (JACK is for professional audio stuff)
4[00:03:01] <CrystalMath> though personally my choice for ordinary sound-using software is - no server, just ALSA with dmix
5[00:03:31] <n4dir> i propose we switch to the good old editor-flamewar.
53[00:25:29] <EdePopede> konqueror would come with five and a half lines of dependencies (fullscreen xterm), since i don't use kde (ressources). and after i had some issues (like it crashed on a 301 with empty body) and website builders nowadays seem to be in a horse breeder like competition it was the last browser of a DE i gave a serious chance.
54[00:25:38] <EdePopede> 2 reasons, there are probably more.
55[00:26:14] <jelly> n4dir: webkit does not get timely security updates and is not safe to use on the internet, so konqueror is out
56[00:26:40] <n4dir> i see. I tried it, but didn't stick to it, but i forgot why.
57[00:28:01] <jelly> there's basically just two usable web browsers for linux, chromium/chrome and firefox
58[00:28:16] <n4dir> ha. just wanted to propose that conclusion.
59[00:28:24] <jelly> current opera uses the same engine as chromium
60[00:28:28] <CrystalMath> and chromium is google'd
61[00:28:41] <CrystalMath> and firefox is pulse'd :(
62[00:28:46] <CrystalMath> but the latter is easier to fix
63[00:28:48] <diogenes_> falkon is good
64[00:28:57] <jelly> I have no idea what you mean by "google'd"
65[00:29:09] <CrystalMath> jelly: it contains lots of google spyware, phones home, etc...
78[00:30:47] <CrystalMath> honestly, i'm too scared to even let it run once... who knows what it might do, probably inject a backdoor into every executable it can write to
79[00:31:06] <jelly> best not run any software from debian, then
80[00:31:13] <jelly> write everything from scratch
81[00:31:20] <CrystalMath> jelly: but i use firefox :P
115[00:36:03] <n4dir> Butt3rfly: that hasn't got much to do with being scared of technology. For example look at the videos of the freedombox project and also Eben Moglen
116[00:36:12] <michael2> android doesn't lock you out of phone if no email
117[00:36:17] <petn-randall> CrystalMath: That's not true, but then again that's offtopic here.
118[00:36:40] <jetscreamer> it's a bit more complicated than that but basically the facts
120[00:37:09] <n4dir> Also there was a blog from Uwe Hermann about how much firefox sucks, regarding security, but i can't find it right now.
121[00:37:24] <ryouma> programs are bags full of tricks / with backdoors and bugs more than 6 / 15:28 <CrystalMath> and chromium is google'd 15:28 <CrystalMath> and firefox is pulse'd :(15:28 <CrystalMath> but the latter is easier to fix
122[00:37:35] <jetscreamer> no if there was never one it does not, nor if there is currently not one
159[00:48:23] <CrystalMath> hypn0: jelly said it's safe, i looked stuff up
160[00:48:26] <CrystalMath> and found that
161[00:48:52] <CrystalMath> hoping that jelly will read it and say something like "oh, we made sure nothing like that happens in the debian version ever again, it's totally safe now"
168[00:49:59] <CrystalMath> or, at least, it has never been caught downloading and running non-free software to listen on the microphone
169[00:50:12] <hypn0> but it does other things
170[00:50:17] <bites> CrystalMath: debian has removed a lot of things from chromium, the hotword module being one of them.
171[00:50:32] <CrystalMath> hypn0: i made a lot of things for free, i even did things for people on their demand, for free; i never did anything like that
172[00:50:58] <CrystalMath> hypn0: so if i were to assume that everyone is like me, everyone would make free software out of the kindness of their hearts
173[00:51:06] <CrystalMath> and completely selflessly ask for nothing in return
174[00:51:07] <hypn0> well money makes you lose morals
175[00:51:48] <CrystalMath> hypn0: thanks for the heads up, i will make sure not to get a significant amount of this "money"
176[00:52:29] <bites> corporate interest, not idealism, drives linux development.
177[00:52:32] <aloo_shu> !dfind qupzilla2
178[00:52:35] <n4dir> not that i had a clue, but the very reason for SRWare Iron were concerns regarding privacy in chromium, no?
183[00:53:37] <michael2> What is debian's official policy about projects which are open source, e.g. chromium, but which contain (or load on demand) non-free components? would debian still package that in main archive? or contrib or non-free?
184[00:53:57] <CrystalMath> michael2: it was fixed, so it's in "main"
185[00:54:15] <CrystalMath> michael2: it's not supposed to run non-free components, if it does then it's bug
186[00:54:36] <CrystalMath> but it's always hard with google, you never know what that evil is up to
187[00:54:38] <bites> CrystalMath: the gnu project gets many contributions from corporations as well.
188[00:54:43] <michael2> I mean in general. I was just using chromium as an example
189[00:54:45] <aloo_shu> funny, dpkg answers me in the query I've got open with him - Updating debian files [..]. failed.
190[00:54:54] <CrystalMath> bites: but are they *why* GNU exists?
191[00:54:57] *** Quits: Brigo (~Brigo@replaced-ip) (Remote host closed the connection)
192[00:55:02] <CrystalMath> bites: or is it idealism?
193[00:55:09] <bites> no, that's not what i said, was it?
200[00:57:19] <CrystalMath> bites: i'm pretty much a Neo-Luddite in a lot of ways, i do use computers and free software on them, but i am not really a fan of technology itself
201[00:57:47] <CrystalMath> though i suppose that's not really being a Neo-Luddite... i should rephrase that
202[00:58:04] <EdePopede> technology should be helpful and fun (ideally both of them)
203[00:58:05] <CrystalMath> i'm apathetic towards the progress of technology, i only care about the progress of freedom
208[00:59:09] <Gerowen> CrystalMath: Stallman takes things to an extreme though, I think. Take Debian for example, it takes an extreme stance, but it gives you the option of using non-free components if you need to. Not all of us have the time or desire to write our own hardware drivers, and there's some hardware that just straight up wouldn't work right without the proprietary blobs, so it's nice to have a clean, "free" software only foundation, but have the option to stray
209[00:59:09] <Gerowen> from that when/if you want/need to. Stallman, best I can understand, doesn't even think we should be given that choice, the GNU peeps don't even endorse Debian as a "free" operating system.
210[00:59:18] <n4dir> "Your software is used in war machines to kill people and the companies will never give back. So enforce GPLv3, it's needed. " bitreich manifest. Loving the sarcasm in it.
211[00:59:41] <CrystalMath> Gerowen: yeah i don't like that, debian is right there
212[01:00:22] <CrystalMath> Gerowen: *debian is right, there
213[01:00:25] <ryouma> Gerowen: it is also the case that debian thinks that ceratain gnu documentation is non-free
214[01:00:41] <CrystalMath> ryouma: and that's where i think debian is wrong :P there's nothing wrong with the GFDL
215[01:00:42] <ryouma> tar, emacs
216[01:01:06] <CrystalMath> i install that documentation from non-free because i think the license is really nice and acceptable
217[01:01:28] *** Quits: MACscr|lappy (~MACscr|la@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
228[01:07:30] <EdePopede> »There are no restrictions on redistribution of the main Debian distribution.« -- but you have to be careful about the license you chose when uploading your images to wikipedia (may appear on a DVD)
229[01:07:50] <EdePopede> "commercial" isn't that easy
230[01:08:05] <n4dir> Gerowen: why debian isn't considered "free" by the gnu project is explained here: replaced-url
255[01:29:09] <aloo_shu> "Your softwarebis used in warbmachines to kill peopleband the companirs will never give back. So enforce GPLv3, it's needed", bitreich manifest <-- this is when I thought it's getting interesting. --> ethics --> philosophy
320[02:39:37] <sZbcE8qNfG> is this true? replaced-url
321[02:39:55] <sZbcE8qNfG> the post said "The net iso of 9.5 "debian-9.5.0-amd64-netinst.iso" is problematic. (At least with the expert graphicall installation... cannot find the source disc to load the files and the installation cannot continue):eek: If anyone wants to perform a net installation should use the previous one "debian-9.4.0-amd64-netinst.iso" from the archive "
364[03:12:38] <Noldorin> trying to use smartctl on a drive here, but getting this message
365[03:12:39] <Noldorin> /dev/sda: Unknown USB bridge [0x0480:0xa202 (0x315)]
366[03:12:41] <Noldorin> any idea why?
367[03:15:19] <Gigglebyte> Any possibility of getting someone to add Python 3.6 or newer to the repos? I can't install my System76 drivers as a result of the repos only offering 3.5 Alternative I might be able to unplung my keyboard lights from the motherboard until 3.6 moves out of SID, but I really could use 3.6 now.
368[03:17:47] <ryouma> just ooc, keyboard lights are plugged into motherboard? and python is related to this?
387[03:41:01] <Gigglebyte> ryouma> Yes, it looks like Cleavo went for cheap when they built this computer for System76. I installed Debian stable, but now can't shut off the back lights. I tried to install the drivers, but they were only tested with Ubuntu and no other linux distro. Today I got as far as installing a PGP key from the System76 keyring server, and now I get an error message indicating that python3-evdev is missing. I did some
388[03:41:02] <Gigglebyte> research and it looks like python3-evdev is in Debian SID and is greater than Python 3.6 However, there is no guaranty that once this piece of software is installed that there won't be other dependency issues. System76 is not to swift, and doesn't even use the Linux Firmware Shared Infrastructure. Inspite of the shortcomings Cleavo does offer a generous amount of ports, and expansion slots, the screen is real bright in
389[03:41:02] <Gigglebyte> the brightest setting, but their electronics is a lot to be desired. My laptop actually shuts off when I plug in for charging, even when the battery life is still decent. Cleavo tests nothing and lets their US resellers bear all the costs.
398[03:46:02] * ryouma trying to figure out return codes for smartctl so i can just run all my disks through it and use the return codes to try a different device
427[04:13:20] <ryouma> if the /dev/disk/by-id starts with ata- can you use scsi always and if it is usb-_Patriot_Memory_07013B5B22647A29-0:0 can you use sat always?
490[04:58:34] <michael2> ip a seems to report different values on every invocation - Im looking for a command which reports the bssid of the wifi chipset device itself
507[05:05:43] <michael2> I think syslog will be connected to all important logs, but if you for example created your own custom service for a timer , then journalctl is probably the only way you will get it
508[05:06:23] <michael2> also, if you have persistent logging enabled, journalctl allows you to see where reboots happened
516[05:10:17] <ryouma> michael2: var log seems to show when the computer rebooted in jessie, are yous aying journalctl showsm ore there? i don't use any of my own services as i am clueless about systemd (just want it to work).
518[05:10:54] <Moussa> Noldorin, not a good idea to test a Hd through USB enclosure let alone through a HUB
519[05:11:23] <Noldorin> Moussa, I don't think my rpi has enough power for it without a hub
520[05:11:39] <Moussa> i see
521[05:11:54] <al2o3-cr> michael2: what do mean if reports a different MAC address on every invocation?
522[05:12:00] <Moussa> can you test it on another pc
523[05:12:07] <al2o3-cr> ^ using ip a
524[05:13:04] <michael2> ryouma: thats great if you can see when reboots happened via syslog or kernel log. I just have never been able to tell myself when the reboots happended. with the binary log files that journalctl reads from , there is a --Reboot-- log inserted - so you can tell
526[05:14:43] <al2o3-cr> michael2: what does this produce: cat /sys/class/net/<interface>/address
527[05:14:58] <michael2> al2o3-cr: when I run `ip a' it keeps showing a different mac address. Im guessing the command prints the mac address reported to my neighbours on the network, but not the 'burned in' address on the wifi NIC
528[05:15:18] <Noldorin> al2o3-cr, yeah possibly
529[05:15:21] <Noldorin> oops
530[05:15:23] <Noldorin> Moussa,
531[05:15:32] *** Quits: fedorafan (~fedorafan@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
532[05:15:36] <Noldorin> will do that tomorrow, off for now
533[05:15:41] <Noldorin> cheers for the advice
534[05:15:55] <michael2> al2o3-cr: looks like the NIC mac address. thanks
535[05:16:17] <al2o3-cr> michael2: np.
536[05:16:42] <Moussa> Noldorin, cheers
537[05:16:43] <SerajewelKS> Moussa: smart tests happen on the device itself, the hub isn't really that relevant i don't think
538[05:16:54] *** Quits: b (coffee@replaced-ip) (Quit: Lost terminal)
539[05:17:01] <SerajewelKS> smart tests are done by the drive's own controller
540[05:17:08] <Moussa> true, but some hubs do time out on the bus
541[05:17:34] <michael2> al2o3-cr: you don't know what the uuid field in network manager [connection] section in network manager config files is do you?
542[05:17:41] <Moussa> from own experience anyway
543[05:17:46] <SerajewelKS> they might. but the timeout does not apply to the test, rather to the querying by smartctl.
544[05:17:51] <SerajewelKS> smartctl does not wait for the test results
545[05:18:03] <SerajewelKS> "start test" and "get status" are separate commands
556[05:31:04] <n4dir> no experience with it, don't fully understand the error message too, but the web proposes to install "debian-archive-keyring". If you alrady did that, and the second line relates to that, i got no clue. jim
565[05:36:47] <Moussa> so what might work on some does not mean it will work on others
566[05:37:02] <Moussa> so eliminating the middle man might help
567[05:37:05] <jim> nyov, thanks... let's see whidch one I have
568[05:37:27] <nyov> jim: or extract those keys and tell apt about them
569[05:37:47] <jim> ok
570[05:38:43] <nyov> so you don't downgrade your current package and lose the current keys - depends on if you want to have squeeze in parallel with stretch or newer
576[05:40:11] <jim> apparantly the one I have is the latest in that dir, [ ] debian-archive-keyring_2010.08.28+squeeze1_all.deb
577[05:40:15] *** Quits: Noldorin (~noldorin@replaced-ip) (Quit: My MacBook Pro has gone to sleep. ZZZzzz…)
578[05:43:09] <nyov> jim: oooh
579[05:43:31] <nyov> now I remember. ofcourse the key is expired. system time not back, and all that. (doh)
580[05:47:05] <nyov> so, I thought I remembered an option to allow expired keys. But I must have been wrong. what you can do, is: `apt-get --allow-unauthenticated`
581[05:47:24] <nyov> (APT::Get::AllowUnauthenticated "true"; in /etc/apt/apt.conf.d/)
582[05:47:44] <nyov> or try to fetch an update of the key first, perhaps it got renewed
583[05:47:47] <n4dir> jim : which release are you trying to use?
594[05:57:02] <Gigglebyte> Is there a say way to install Python3.6 in Debian stable? The repos only have 3.5 and I need 3.6 in order to install my System76 drivers. I am running Debian stable.
602[05:59:42] <Gigglebyte> nyov> Python 3.6 is required in order to install the System76 driver which is required in order to install the System76 Nvidia drivers. Apparely Clevo who makes System76 is cheap on system ware, so most of the LInux distros will have issues unless driver's and firmware offer something.
603[06:00:10] <Gigglebyte> System76 did upload its Nvidia drivers to the repos but they are not usable.
620[06:04:37] <Gigglebyte> No, it is the System76 drivers that are requiring this. System76 is a bit goofy anyway, and they only support Ubuntu which is riduculous, but I assume the issue is $$$.
622[06:04:47] <Gigglebyte> nyov> How do I build myself a dummy package?
623[06:05:14] <nyov> just like building a regular debian package, but with nothing in it
624[06:05:21] <nyov> except the meta-data
625[06:05:23] *** Quits: donofrio (~donofrio@replaced-ip) (Remote host closed the connection)
626[06:05:46] <themill> !wquivs
627[06:05:49] <themill> bah
628[06:05:53] <themill> dselect: equivs
629[06:05:53] <dselect> equivs is a package that enables you to create dummy packages that tell <apt> you really have installed (through some other means) the package. aptitude install equivs, and read /usr/share/doc/equivs/*, see also <usrlocal>. A better plan is often to adapt the Debian packages to your needs, ask me about <package recompile> <uupdate> <ssb>.
630[06:06:33] <nyov> themill: awesome, I totally forgot about those (thanks)
650[06:32:20] *** Quits: n4dir (~user@replaced-ip) (Remote host closed the connection)
651[06:33:27] <jim> I think that did it
652[06:34:47] <Gigglebyte> nyov> In that case I could just unplug the backlight to the keyboard and take a chance that the laptop will eventually be repairable. What about downgrading to Linux Testing? Earlier this evening I found Python 3.6 in SID. Will it also work in testing?
653[06:34:54] <jim> nyov, I don't think it is... but, you can use pyenv to get and build it
655[06:35:54] <nyov> Gigglebyte: I don't follow. If you are on testing or sid, you will have access to python3.6
656[06:35:57] <Gigglebyte> I am going to contact System76 about this and point out some of the problems. They did upload their Nvidia driver to the repos so it looks like they are making some type of effort.
657[06:36:04] <jim> Gigglebyte, the binary package? I don't think so... but you might be able to backport it
658[06:36:14] <Gigglebyte> Is Python 3.6 available in Testing? or only SID?
668[06:37:30] <nyov> but as I said, possibly linking python3.5 to 3.6 is good enough, and telling apt you have python3.6, using equivs
669[06:37:59] <nyov> jim: but you can't install in on a stable system without breaking slews of packages
670[06:38:01] <Gigglebyte> nyov> How would I link python3.5 to 3.6?
671[06:38:35] <Gigglebyte> But you said it breaks a bunch of things. Would I be better of downgrading to Debian testing instead of using equivs? Or do you think equivs will be ok?
672[06:38:45] <jim> right, and if I recall, there's some kind of change in the python building in debian, that you can't backport to stable
674[06:39:00] <jim> I don't remember what they said
675[06:39:03] <themill> eww?
676[06:39:10] <nyov> themill: no?
677[06:39:20] <nyov> temporarily
678[06:39:51] <jim> Gigglebytem what are you running?
679[06:40:04] <themill> If it actually needs python3.6 that won't work; if it doesn't need python3.6, it would use #!/usr/bin/python3 for the shebang, surely?
680[06:40:41] <nyov> themill: true, it should. so actually a symlink is unnecessary even
681[06:40:49] <nyov> hadn't thought about that
682[06:41:27] <nyov> Gigglebyte: what's the package name?
683[06:41:53] <Gigglebyte> python3-evdev
684[06:42:31] <Gigglebyte> I looked it up and it is part of Python 3.6 This package is required in order to install the System76 driver, and the System76 driver is required in order to install the System76 Nvidia driver.
689[06:43:42] <nyov> so what you really want is a backport of that package, no?
690[06:44:21] <Gigglebyte> nyov> Yes, as long as it doesn't break a bunch of other things. Right now Debian testing is working great except for the keyboard lights and I blame Cleavo for that.
691[06:44:35] <Gigglebyte> Also, the F keys quit working, but I suspect the drivers will help.
693[06:45:18] <Gigglebyte> nyov> Would I be better of downgrading to Testing instead of trying to backport Python 3.6 to stable?
694[06:45:36] <nyov> yeah now you lost me. you talk about being on stable and then you talk about being on testing and then you talk about downgrading to testing. ???
697[06:47:06] <Gigglebyte> I have always been on Debian stable. python3-evdev is not in stable, and I get an error message indicatding I can't install the System76 driver unless python3-evdev is installed.
699[06:47:47] <Gigglebyte> I need to install the System76 drivers so that I can shut off the hideous blue keyboard lights that are on 24/7. Hopefully I can regain brightness control of the screen as well.
700[06:48:27] <themill> python3-evdev is entirely vbackportable
709[06:56:13] <RoyK> Gigglebyte: if you need something not in backports, just setup a vm and install something new and shiny there
710[06:56:16] <RoyK> !sns
711[06:56:16] <dpkg> Shiny New Shit Syndrome is a serious disorder, which usually breaks out into an epidemic every time something new is released. If you have SNS, ask me about <backports> and <ssb>; these are better options than upgrading to <testing> because it is a <moving target>.
712[06:57:10] <Gigglebyte> RoyK> Will that allow me to install the System76 driver that complains of a missing dependency called python3-evdev? python3-evdev is part of Python3.6
713[06:57:21] <nyov> themill: python3.5 is listed as supported in classifiers though, replaced-url
714[06:57:59] <Gigglebyte> RoyK> Would I be better of using the vm to avoid breaking something> nyov advises that python3.6 breaks a bunch of packages in Debian, but apparently the file is available in Testing and SID, but it isn't available in backports.
715[06:58:00] <RoyK> Gigglebyte: I have no idea about system76 things, sorry
716[06:58:35] <Gigglebyte> RoyK> I just want to install the driver that depends on Python3-evdev (Python 3.6)
729[07:04:21] <Gigglebyte> I am headed to sleep. I tried creating a symbolic link as you suggested from Python3.5 to Python3.6, but still get the same error. Feel free to memoserve me. I am headed to sleep.
871[09:37:09] <zer0_her0> hello, sorry about what i am going to moan about, but, is the old pal, /etc/security/limits semi deprecated? : in order to define a daemon's limits do I have to create a copy of the daemon.service in /etc/systemd/system and blah blah ??
882[09:46:01] <tdn> mspe, yeah, I would like to know what people in here tend to go with since most people I encounter (mostly RHEL guys) are all using the latest from upstream.
883[09:47:03] <Fox> ppa on debian, hell...
884[09:47:24] <Fox> !dontbreakdebian
885[09:47:24] <dpkg> methinks dont break debian is replaced-url
886[09:47:35] <nyov> what's the point of using the latest when the stable one is good enough
892[09:48:38] <tdn> It is fairly old. But I may stille be able to use it just fine
893[09:48:48] <tdn> nyov, that is not stable then, right?
894[09:48:54] <jelly> tdn: RHEL ships very little software so enriching the environment from non-distro sources is basically a must
895[09:48:57] <nyov> stretch is stable
896[09:49:05] <nyov> stable is stretch
897[09:49:23] <jelly> and yes the version in stretch is old
898[09:49:36] <jelly> !bdo
899[09:49:36] <dpkg> backports.debian.org (formerly backports.org) is an official repository of <backports> for the current stable (see <jessie backports>) and oldstable (<wheezy backports>) distributions, prepared by Debian developers. Ask me about <backport caveat> and read replaced-url
900[09:50:12] <nyov> magnitudes better than using a ppa, IMHO
901[09:50:26] <jelly> ppa debs are not built for debian.
902[09:50:29] <nyov> but YMMV
903[09:50:53] <tdn> jelly, ok
904[09:51:32] <n4dir> let's hope the "don't use ppa's " somehow got through.
912[09:54:03] <nyov> what is wrong with backports? it's the same source, with (usually trivial) dependency fixes for stable. I never had a bpo package that didn't work out :)
913[09:54:46] <n4dir> if there already is a version in sid, then a simple sid backport might be a choice too. probably easier than compiling upstream.
917[09:55:37] <jelly> ansible is python, there's not much compiling
918[09:55:47] <n4dir> i meant in general.
919[09:56:19] <tdn> nyov, I just have very little experience with it. Maybe there is no problem at all. What I fear, I think is two things: 1) lack of experience/unknown and 2) that it might break the next upgrade somehow.
920[09:57:39] <nyov> tdn: okay, that's understandable. In my experience, though, it's not a problem to install backported packages - they will continue to be upgraded by apt on the next release version
921[09:58:03] <n4dir> hurry. dpkg, the bot, worked for one day for me. now stopped again. oh my.
922[09:58:19] *** Quits: ToBeCloud (uid51591@replaced-ip) (Quit: Connection closed for inactivity)
923[09:59:38] <format_c> hi, I use exim4 as the MTA. I've some webscripts that are capable to send emails (submit to localhost). By default this submission is accepted w/o authentication. I'd like to adjust the configuration to enforce authenticated submission for anything that is not destined to +local_domains. I already searched the web. But there I only find how to solve it the other way round. Any hint?
924[09:59:39] <n4dir> anyway he has info what to check in what order in case a version in stable ain't sufficient.
933[10:04:45] <zer0_her0> themill, just for the record i started with backport until I found that a newer version was not still backported and switched to ppa (and since they write it to their website)
936[10:06:42] <zer0_her0> that does not mean that I encourage the use of ppa repos in general, but maybe one could use it for particual software repos, that provide only one upstream package. shouldn't this be safe ?
937[10:07:58] <jelly> in general, no, it would not be safe
938[10:08:05] <themill> it doesn't only provide one package either
941[10:09:10] <themill> Maybe they know what they are doing, maybe they don't....
942[10:09:29] <jelly> it's as safe as the author of PPA can make it safe, you rely completely on them not to mess up your installation
943[10:10:11] <zer0_her0> of course, trust is in the basis of every repository.
944[10:10:27] <jelly> and if PPA infrastructure is used to build binary .deb and not just as a distribution point, it has to be said they _only_ build for ubuntu releases
951[10:16:46] <zer0_her0> nevertheless, one (admin) will get to the point that she needs to install an upstream piece of software in a stable debian. Then imho the options are, a) upstream source: difficult to maintain, b) a third party trust worthy repo : easier to maintain (maybe combined with some apt policy assurances)
952[10:18:34] <zer0_her0> and oh i forgot c) container based solution, an easy to maintain black box.
953[10:18:56] <n4dir> stevepusser made posts at forums.debian.net how to use ppa's and rebuild them for debian. I can't find them right now (and sure would not know anything about it. Just saying one would find infos, in case one needs).
954[10:20:45] *** Quits: COOurb (~COOurb@replaced-ip) (Remote host closed the connection)
964[10:25:46] <rgr> can anyone suggest to me why 30x11-common_xresources is not being processed on a gdm3 login? My ~/.Xresources are not being processed.
965[10:25:48] <at0m> zer0_her0: also, #ansible is quite active
966[10:28:10] <nyov> rgr: I would assume gdm3 ignores ~/.Xresources | ~/.Xdefaults
967[10:28:42] <nyov> but I'm just guessing. what would gdm3 want in those files/
968[10:28:51] <rgr> why would yo uassume that? Its not suppose to.
971[10:29:36] <rgr> they are X resource files. so obvuiously a graphical login might be interested in sourcing them and the X init file I mentioned does exactly that but its not being processed. And I would like to know why.
985[10:41:37] <muAdmDev> we got a cron problem on one debian 9.5 system. cronjobs are arbitrarily just not run. e.g. we got an hourly cron that isn't run (also not listed on dron.log) every 5-7 hours. Known bugs, hints, any experience with that?
1002[10:59:58] <muAdmDev> jelly: time is correct and it's a physical system. How could I check for skipping? Further other (weekly) crons are also having this problem and they are run at differnt times
1022[11:13:27] <dpkg> In order to troubleshoot your problem with apt-get, apt or aptitude we need ALL OF THE FOLLOWING information: 1. complete output of your apt-get/apt/aptitude run (including the command used) 2. output from "apt-cache policy pkg1 pkg2..." for ALL packages mentioned ANYWHERE in the problem, and 3. "apt-cache policy". Use replaced-url
1023[11:14:23] <jim> ok hold on a sec for 2 and 3
1024[11:16:09] <jelly> muAdmDev: not easily (might eg. run date in an endless loop and collect output)
1096[12:13:17] <ViperXL75> hey guys. I just ran into the most peculiar behaviour. I'm running Debian Stretch and sharing files through SMB. The strange thing is, I want to copy an ISO file from it. The thing allows me to copy other file types like TXT. But not ISO. Been trying to copy with both Win10 as Win7.
1103[12:18:32] *** Quits: fedorafan (~fedorafan@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1104[12:19:52] <ViperXL75> screw my life. The file rights were set wrong. I was looking at the wrong place for the problem. SOrry and thanks for your listening ears and shoulders to cry on.
1105[12:20:39] *** Quits: schu-r (~Thunderbi@replaced-ip) (Remote host closed the connection)
1121[12:33:08] <moldy> any idea why my compose key is not working? i tried Alt_R, Super_R and Control_R: setxkbmap -layout us -option compose:Control_R
1132[12:45:33] *** Quits: yonder (~yonder@replaced-ip) (Remote host closed the connection)
1133[12:46:58] <nyov> moldy: you are certain the key works, of course? Try one of the other options from `grep "compose:" /usr/share/X11/xkb/rules/base.lst`
1153[12:56:29] <muAdmDev> we are back at the "cron abitrarily not running" problem. now suspecting PAM and LDAP. Is it normal behavior that even for local users LDAP is queried
1154[12:59:29] <Iridos> maybe you have anacron installed
1159[13:01:21] <petn-randall> D0c70rWh0: Sounds a lot like a XY problem. Or a survey.
1160[13:01:22] <petn-randall> !xy
1161[13:01:22] <dpkg> Slow down for a bit! Are you sure that you need to jump through that particular hoop to achieve your goal? We suspect you don't, so why don't you back up a bit and tell us about the overall objective... We know that people often falsely diagnose problems because they are too close to them -- it's easy to miss that there is a better way to proceed. See replaced-url
1162[13:01:49] <petn-randall> D0c70rWh0: What is the issue you're trying to solve?
1163[13:02:05] <nyov> muAdmDev: if users are configured for ldap lookup in nsswitch, yes, your cron user would also be looked up
1164[13:02:20] <D0c70rWh0> petn-randall: the LDAP and local user problem of muAdmDev
1184[13:11:59] <muAdmDev> the problem is that (of course) there are always LDAP queries, when a cron is run. So we thought that root of the evil might be there
1185[13:12:06] <Moussa> custom rather
1186[13:13:02] <muAdmDev> the funny thing is: we see the LDAP query in the logs (due to cron running) but the cronjob isn't run (or crashes) and also not logged in cron.log
1187[13:13:09] <nyov> muAdmDev: perhaps you need some nscd (caching daemon)
1188[13:13:18] <nyov> for faster lookups?
1189[13:13:44] <muAdmDev> nyov: got it installed, will check the config
1190[13:13:54] <nyov> shouldn't need config
1191[13:14:00] <nyov> but then I have no clue
1192[13:14:01] *** debhelper sets mode: +l 1118
1193[13:14:54] <muAdmDev> nyov: ok, further the LDAP-Server is also local, meaning on the same machine that is causing trouble (crons not being run) :(
1194[13:15:20] <nyov> muAdmDev: perhaps increase cron log output in /etc/default/cron
1203[13:17:56] <nyov> COOurb: bridging will go through Layer2 (ebtables), routing will go through L3 (iptables)?
1204[13:18:47] <COOurb> nyov: what difference in practice? Some different client configuration or what?
1205[13:18:59] <D0c70rWh0> muAdmDev: nsswitch looks fine for me. have you tried to filter the local user in questin by setting nss_initgroups_ignoreuser accordingly?
1221[13:25:30] <COOurb> well, I'm asking not about features
1222[13:26:22] <COOurb> for example, I have OpenVPN server and 2 clients. one routing, one bridging
1223[13:26:36] <COOurb> what difference in configuring clients?
1224[13:26:55] <COOurb> let's say that server configured for both/2servers
1225[13:27:34] <cef> that's not a feature. that's the nature of bridging. it's like "being" on a network card on the same lan segment. all that broadcast traffic (which is not usually necessary for a VPN) goes over your VPN link. More traffic to send/encrypt/etc.
1226[13:28:49] <COOurb> Will it be still same virtual network device(created by OpenVPN software) with IP assigned? Or somethng else?
1227[13:28:59] <nyov> the routing client will get a (default)route pushed to it to know where to send to - the bridging client will have a tap device (like another ethernet card)
1234[13:30:09] <cef> when you bridge 2 networks, they are effectively connected for broadcast traffic (ie: layer 2 traffic). It's really only useful when you have stuff that relies on broadcast traffic, such as older (not IP) network protocols or you want to monitor the other network (eg: packet sniff).
1239[13:31:51] <Moussa> more like to bridge 2 networks
1240[13:32:14] <cef> COOurb: you shouldn't really need to change the config for either bridging or routing on the client afaik, UNLESS you're actively joining 2 separate networks at 2 different sites.
1245[13:33:51] <muAdmDev> cef: seems like it. didn't touch /etc/pam.d/cron, its including mostly the "commom" PAM stuff. Not sure if the common PAM stuff is right. here is a summary: replaced-url
1246[13:34:01] *** debhelper sets mode: +l 1126
1247[13:34:16] <Moussa> you should really explain what are you trying to do, to me sound like you want to connect 2 friends network to yours
1250[13:34:32] <cef> COOurb: Routing is built into pretty much every OS. If you're using OpenVPN, you need to use the OpenVPN client regardless of bridge or route.
1257[13:38:05] <cef> yes. Either the gateway needs to translate things if the outside world doesn't know how to get back to it (NAT), or the outside world needs to know how to get back to your network (routing advertisement protocols, global routes on all necessary devices, or negotiation via a client).
1258[13:38:23] *** Quits: oerheks (~oerheks@replaced-ip) (Remote host closed the connection)
1259[13:39:25] <cef> muAdmDev: sure its' not that 'default=bad' in Account?
1260[13:39:45] <muAdmDev> cef: maybe, I'm not familiar with the systems config
1261[13:40:34] <COOurb> ok, heh.
1262[13:40:36] <cef> muAdmDev: what's the ldap server and are you using an existing schema or something?
1263[13:41:24] <COOurb> What clients of payed VPN services have? I think bridget, am I right?
1267[13:41:55] <muAdmDev> cef: now checking the meaning of "default=bad". we have replicated LDAP-Servers with multiple schemes. the local ldap-slave gets the queries
1272[13:42:23] <cef> just cos you route the traffic, doesn't mean it can't be encrypted/decrypted.
1273[13:42:45] <COOurb> but if routed they only need IP+route, not VPN clients
1274[13:43:20] <cef> in a paid vpn service, you don't want bridging cos then all your broadcast traffic would go to the other end, and OTHER clients on the VPN would see it (cos it'd be sent to them), which isn't very private.
1275[13:43:35] <muAdmDev> cef: default=bad seems to be a good choice security-wise
1286[13:46:49] <cef> muAdmDev: if so, then you might need to make a copy of pam.d/common-auth copy and change pam.d/cron to use that instead of pam.d/common-auth
1319[14:20:12] <Ulrar> Hi, debian 9 seems to have no way to be configured with a remote gateway (a gateway in another subnetwork, onlink) and the installer seems to have recently dropped the "trick" of using the machine's own IP as a gateway to get around that. How would I report that, is there a point to reporting that on the bug tracker ?
1320[14:20:34] <Ulrar> Because it's very, very annoying but it might be on purpose, I guess, not sure it's really a bug
1330[14:26:51] <Ulrar> jelly: Yes I know, and that works
1331[14:27:20] <Ulrar> But that's really annoying to do in the installer, and again after the first boot where you end up trying to access a machine that doesn't have network access
1332[14:27:29] <Ulrar> On debian 8 you could just put the machine's own IP as a gateway
1333[14:27:35] <Ulrar> but debian 9 refuses that
1334[14:28:01] <Ulrar> I wish there was at least a "trust me, I know what I'm doing" button that would disable checks
1335[14:28:24] <jelly> I wasn't even aware that would work.
1336[14:28:37] <jelly> (and that it'd worked in debian 8)
1337[14:28:41] <Ulrar> Well might not everywhere, but in ovh / online it does work, for some reason
1338[14:28:52] <Ulrar> It did work up to debian 8
1339[14:29:05] <Ulrar> And until the latest installer, it worked in the installer even on debian 9
1340[14:29:21] <Ulrar> (The machine didn't have network at boot though)
1341[14:29:49] <Ulrar> On pfsense / opnsense you have a "remote gateway" tick box that disable the subnetwork test, it's perfect
1343[14:31:55] <Ulrar> Anyway, debian 8 used to be easy to install, debian 9 is a pain, so I thought I might report it. Takes a while to figure out why everything stops working suddenly, I'm probably not the only one that change is affecting
1344[14:33:15] <jelly> Ulrar: fwiw, commenting here is not really visible to the people who can actually fix things. File an installation report if you have the time.
1345[14:33:28] *** sauvin is now known as Sauvin
1346[14:33:29] <Ulrar> That was my original question
1347[14:33:34] <Ulrar> How should I report that
1348[14:33:44] <jelly> !installation report
1349[14:33:44] <dpkg> from memory, installation report is replaced-url
1350[14:34:01] *** debhelper sets mode: +l 1132
1351[14:34:16] <Ulrar> Great, thanks
1352[14:37:17] <jelly> if you're doing preseed or some other automation you might go straight for debian-installer package, but if a workaround works in the installer and same config fails on first boot that might be actually something for ifupdown
1365[14:48:25] <akay> Hi, does anybody here know something about linux udp low latency tuning (WAN)? i've seen people get udp latencys as low as their ICMP TCP counterparts and i'd love to know their secret :-) i've read through some redhat presentations and tried some things like changing buffer sizes, but that neither improved nor increased the latency.
1366[14:48:44] <nyov> rootkea: perhaps you changed that after the file was created?
1406[15:02:31] <dob1> sZbcE8qNfG, if you have a iptables rule based on, let's say eth0, and the next time you boot this one becomes eth1 it's not good :)
1407[15:02:39] <dob1> I take a look thanks
1408[15:02:48] <rootkea> nyaomi, I moved the file and just rebooted but /var/log/btmp got recreated with the same 600 permissions in spite of /etc/logrotate.conf asking for 660
1409[15:03:05] <rootkea> nyov, ^
1410[15:03:14] <sZbcE8qNfG> i run a router and everytime I boot, all the interfaces have the same name starting with enxp*
1411[15:03:26] <sZbcE8qNfG> not sure how it would change
1424[15:06:03] <hans_> what kernel version does 9.5 run on?
1425[15:06:10] <pjboro> dob1: most probably they won't change. As nyov already said the system recognizes the device looking at its MAC address.\
1426[15:06:22] <hans_> is it 4.9.x?
1427[15:06:28] <petn-randall> rootkea: I'm going to assume that if you wait 4 weeks that logrotate will create it correctly.
1428[15:06:36] <petn-randall> hans_: yes
1429[15:06:43] <hans_> thanks
1430[15:07:02] <dob1> and if I have old names?
1431[15:07:21] <nyov> pjboro: but that's because it was fixed in udev rules. changing device names otherwise is a real possibilty
1432[15:07:39] <nyov> was/is
1433[15:08:35] <rootkea> petn-randall, Ah, I am using Stretch for months now and still found /var/log/btmp with 600 I'm almost convinced as if logrotate.conf has no effect on btmp or may be something else changes the permissions again?
1455[15:14:41] <n4dir> to create a full debian installation this wiki page first 1) export MY_CHROOT=/sid-root and 2) uses the variable $MY_CHROOT to put proc and sysfs in the debootstrap /etc/fstab file. That doesn't make sense to me, am i overseeing something? export MY_CHROOT=/sid-root
1462[15:17:39] <rootkea> nyov, I moved the file. Then executed /etc/cron.daily/logrotate and then logrotate but still the /var/log/btmp didn't get created.
1483[15:23:35] <rootkea> Alright, looks like inotify is an API so maybe one needs to write some code. But I was wondering if there is an existing tool/command to check which process/daemon created the given file...
1533[15:53:53] <tylertwo_> Hey, the recent iceweasel update made it so that all of my plugins stopped working, and so that the browser won't play any audio. Any ideas on solving this? Debian 9 stable
1534[15:54:16] <tylertwo_> I can just re-install some plugins, but not sure about audio.
1535[15:54:33] <greycat> Iceweasel is a dummy package that brings in firefox-esr. Current firefox-esr is 60.x and has audio support ONLY for pulse audio, not for ALSA.
1556[16:06:19] <rootkea> nyov, Thanks. I get that inotifywatch can be used to watch for file creation event. But since the file in question /var/log/btmp gets created just after the boot may be I should place `inotifywatch -e create /var/log > foo` in ~/.profile? (I can't seem to think of a better place to catch the file creation event)
1557[16:07:43] *** Quits: learjet60xr (~learjet60@replaced-ip) (Quit: live, learn, love and make friends :))
1561[16:10:11] <greycat> anyway, /var/log/btmp is related to the "lastb" command and it mentioned BRIEFLY in lastb(1)
1562[16:10:12] <rootkea> "(I can't seem to think of a better place to catch the file creation event)" -> "Can you please suggest the better place for inotifywatch?"
1563[16:11:19] <rootkea> Thanks for the info. :)
1564[16:11:50] <greycat> If you expect to catch something that happens during boot, the notify would have to be set up DURING boot, BEFORE the event you are hoping to catch. ~john/.profile is completely too late, assuming john ever logs in at all.
1566[16:12:51] <nyov> hm, so according to /etc/login.defs, btmp is handled by login
1567[16:13:04] <hexhaxtron> I just installed OpenSIPS. Everything seems to be working properly. Anyone with a SIP address? I just wanted to confirm that it works.
1568[16:13:09] <nyov> though I wonder where
1569[16:13:50] <petn-randall> rootkea: Just run it in a terminal, and the log in on another one.
1572[16:14:13] <nyov> rootkea: lastb manpage says: The files wtmp and btmp might not be found. The system only logs information in these files if they are present. This is a local configuration issue. If you want the files to be used, they can be created with a simple touch(1) command
1573[16:14:28] <nyov> I think you should juwst *chmod* the thing and be done with it
1593[16:16:25] <v0idpwn> I'm using Jessie and I want to use backports from Stretch, I added "deb replaced-url
1594[16:16:47] <greycat> If petn-randall's guess is correct, and if nyov's information that this is defined in /etc/login.defs is also correct, then perhaps the solution to the REAL problem is to edit /etc/login.defs and comment out the FTMP_FILE thing.
1609[16:19:54] <greycat> /etc/logrotate.conf on my stretch box says that it'll create a /var/log/btmp file once a month if it's missing
1610[16:20:08] <greycat> This seems to jibe with my 0-byte /var/log/btmp file that is timestamped sep 1.
1611[16:20:10] <jelly> nyov: IIRC logrotate keeps previous ownership and permissions if the file exists; those ownerships and perms are applied only if the file doesn't exist at rotate time?
1612[16:20:31] *** Quits: Ayo (~quassel@replaced-ip) (Remote host closed the connection)
1613[16:20:36] <nyov> jelly: we assumed that already. but logrotate doesn't seem to create the file either
1614[16:20:53] <v0idpwn> It still acts as I have the newest version... :( . Maybe there is no backport avaible.
1615[16:20:54] <greycat> So, if I'm understanding this correctly, his actual issue is that his /var/log/btmp file exists and is growing unreasonably large, and removing it did not help, because logrotate keeps re-creating it.
1616[16:21:11] <greycat> v0idpwn: of what package?
1617[16:21:28] <nyov> jelly: perhaps it only creates it if it existed and gets rotated. humm
1618[16:21:31] <greycat> v0idpwn: also, why are you still on jessie? Is there a specific issue that prevents you from upgrading to stretch?>
1619[16:21:53] *** Quits: Sepultura (~Sepultura@replaced-ip) (Remote host closed the connection)
1620[16:22:02] <greycat> nyov: it says "missingok" and "create 0660 root utmp" which I believe means it will create the file if it's missing
1621[16:22:03] <Fox> v0idpwn: what does apt-cache policy <package> say ?
1622[16:22:04] <v0idpwn> Well, the server is not mine
1623[16:22:24] <nyov> greycat: no, I think that means if it's missing, it'll just be ignored
1624[16:22:54] <petn-randall> v0idpwn: And yet you're allowed to administer it?
1625[16:22:58] <nyov> but perhaps thats exactly hthe problem
1626[16:23:08] <greycat> nyov: the "create" command seems pretty explicit here
1642[16:25:31] <nyov> rootkea: right. manpage says "Immediately after rotation (before the postrotate script is run) the log file is created (with the same name as the log file just rotated)"
1643[16:25:52] <nyov> rootkea: so I assume it only creates it when it found one, not if (missingok) is set
1644[16:26:01] <v0idpwn> f. I'll have to compile from source, then?
1645[16:26:09] <greycat> You can try that.
1646[16:26:47] <petn-randall> v0idpwn: Why not upgrade? jessie only has limited security support, anyway.
1647[16:26:51] <greycat> rootkea: try commenting out the FTMP_FILE line in /etc/login.defs and see if that stops it from writing to the file after logrotate creates it
1648[16:27:06] <greycat> rootkea: assuming of course that petn-randall's guess is correct
1673[16:41:14] <SerajewelKS> i've found no reason to use anything but iptables
1674[16:41:15] <nyov> I'm considering switching shorewall to ufw. But then I think nftables might just obsolete the requirement for either
1675[16:41:28] <rootkea> greycat, I moved btmp. Then edited login.defs to comment out FTMP_FILE. And then rebooted the box. btmp got created automatically with 600 even if logrotate.conf asks it to be 660. Even tiger (security tool) complains about it.
1681[16:43:10] <rootkea> greycat, That last message purely reads/looks personal. So I'm going to ignore it :)
1682[16:43:44] <greycat> Yes, I also advise that you simply ignore this /var/log/btmp file. That's what you meant by "it", right? Right. It's the only reading that makes any sense.
1683[16:44:21] *** Quits: ledeni (~ledeni@replaced-ip) (Remote host closed the connection)
1688[16:44:48] <petn-randall> nyov: shorewall and ufw have two very different use cases. And the whole nftables/iptables is only relevant for the kernel. Use whatever solution fixes your problem.
1721[16:51:14] <n4dir> if it was me i would start with understanding why something in ~/.profile has no meaning for the boot process at all. Then work my way up.
1722[16:52:51] <rootkea> petn-randall, I just tried multiple login failed login attempts and then a successful attempt in another terminal while leaving `inotifywatch -e create /var/log` in one terminal but it didn't catch any event. Guess my command is wrong?
1723[16:52:56] <v0idpwn> Sorry, didnt saw your message, petn-randall: "v0idpwn: And yet you're allowed to administer it?". Yes, I work here, but the server is from my uni and serves some stuff for them. So I can't break it.
1724[16:53:55] <nyov> v0idpwn: do you need to replace the system binary then? perhaps place a newer one in ~/.local/bin ?
1725[16:54:01] *** debhelper sets mode: +l 1137
1726[16:54:52] <v0idpwn> I'm planning to do it, afaik they've got a bin with all dependencies included. I'm downloading it.
1727[16:55:11] <v0idpwn> Oh sorry I got you wrong.
1763[17:03:22] <hans_> greycat, also i don't have any screensaver i think. the normal debian-xfce installer probably installs a screensaver, but i did a custom install with apt install, i think i need to do something like `apt install xfce4-screensaver` or something to actually get a screensaver
1764[17:03:54] <rootkea> hans_, check the Security tab of Power Manager settings
1771[17:07:20] <n4dir> i don't recall xfce having a screensaver (you could install). just checked xfce4-goodies, and that metapackage doesn't seem to contain one either (i never installed it, as most of that i didn't need. You might want to look at it, perhaps you do).
1828[17:57:33] <BoF> buen dia alguien con experiencia en galera cluster?
1829[17:57:50] <petn-randall> !es
1830[17:57:50] <dpkg> Este canal es de soporte técnico en Inglés para Debian. Si prefiere que el soporte sea en Español, puede ingresar en #debian-es tecleando /join #debian-es en la línea de chat.
1841[18:04:01] <RoyK> BoF: yes, I have experience with galera clusters, but it won't work if you don't speak english, norwegian or something similar ;)
1844[18:05:37] <BoF> RoyK: I have 3 clients, but each one has different storage capacity, cluster galera merges them as a single unit ?, example: Client1 5BG, Client2 10 GB and Client3 2GB, with cluster gallery my total would be 17GB?
1931[18:53:24] <RoyK> petn-randall: hm - can't find a CVE, only the MS-ISAC
1932[18:55:14] <petn-randall> RoyK: Not much I can say. Pretty much every reputable publisher uses CVEs. And from the look of that website, it's garbage.
1933[18:55:36] <RoyK> possibly
1934[18:55:41] <bites> you have to dig deeper. the only bug that seems to affest the php version in stable is #76582 in the php bug tracker. there is the CVE replaced-url
1935[18:56:03] <bites> s/affest/affect/
1936[18:56:14] <petn-randall> Not even links to the original source. I'd start digging on other websites to see if those issues exist.
1937[18:56:45] <petn-randall> (I'm talking about cisecurity.org, s.d.o is fine)
1938[18:57:54] <bites> so it's still vulnerable, but most of the list you can ignore.
1980[19:36:01] <hans_> gkwhc, what? pass multiple parameters to a command?
1981[19:36:18] <greycat> if this xinput command only takes one number in that spot, you could write a shell loop. for n in 10 11 16; do xinput map-to-output "$n" LVDS1; done
1984[19:36:36] <gkwhc> hans_: like in the example, i used curly brackets. thought it would work but the command doesnt take that
1985[19:37:00] <gkwhc> greycat: ah so it really depends on the command then. i thought its a universal thing for bash
1986[19:37:07] <gkwhc> shell programs i mean
1987[19:37:11] <greycat> The shell's brace expansion is just a shorthand for writing out the sequence of arguments directly. xinput m {10,11,16} L is equivalent to xinput m 10 11 16 L
1988[19:37:36] <gkwhc> oh i see
1989[19:37:43] *** Quits: intcat (~zshlyk@replaced-ip) (Remote host closed the connection)
2004[19:40:43] <ctcx> But file extensions sure can mean different things for different applications...
2005[19:41:00] <ctcx> If trying to open a tar.gz with 7zip GUI I have to open it twice!
2006[19:41:09] <greycat> Some programs (notably, web servers) will use the file extension to decide what kind of Content-Type: header to put on the output stream, etc.
2007[19:41:28] <greycat> Maybe your "7zip GUI" assigns meaning to the filename extensions.
2031[19:45:46] <nyov> tar is not much better, but both together are disaster, without some error correction
2032[19:45:46] <greycat> Is that a real concern for you, nyov? I haven't run into a corrupted compressed data file in years.
2033[19:45:55] <nyov> greycat: lucky you
2034[19:46:04] <nyov> xz btw. is not much better
2035[19:46:18] <nyov> but bzip2 is nice in that regard
2036[19:46:37] <greycat> As far as I'm aware, they're not *designed* for robustness in the face of random bit damage. They're designed for compression ratio and speed.
2037[19:46:50] *** Quits: rugshucker (rugshucker@replaced-ip) (Remote host closed the connection)
2038[19:46:55] <hans_> hrm it's capable of beeping but nothing else it seems
2039[19:48:03] <nyov> yes, but everyone seems to use them that way. besides most people aren't even aware about the issue
2040[19:48:03] <ctcx> So file extensions, at least on Linux, are just meaningful for the users, not the system. So if I found an unknown extension-less file, there's no way to tell what it is? Whether a text file, binary, image, audio....
2059[19:52:22] <greycat> Even if I publish the specification and it has versioned headers and everything, it will still be something your file(1) command doesn't know about, because your command is from yesterday.
2060[19:52:35] <greycat> New file formats are invented constantly.
2061[19:52:43] <nyov> well, depends on your file format greycat.
2062[19:52:44] <Habbie> greycat, well, they should stop doing that ;)
2063[19:53:03] <nyov> if it was based, e.g. on EA-IFF-85, file should still be able to ident some
2078[19:56:24] <hypn0> its not file type, its mime type :-)
2079[19:56:40] <pldiem1> hi, I am trying to install nvidia drivers, but I am getting compiler version check fail, during dkms compilation, is there any simple thing I can do about it?
2089[19:58:21] <jmcnaught> pldiem1: those are bad instructions that cause you to overwrite system files, you should follow these instructions instead: replaced-url
2213[20:29:50] <pldiem1> should I try apt-get again?
2214[20:30:07] <pldiem1> nvidia-driver
2215[20:30:10] <pakcjo> Hello, I just added a package to my private repository with reprepro, but I didn't have the password of the key at that moment, the package was added but I assume it isn't signed, is there a command I can use to resign it? or should I remove and add it again?
2216[20:30:10] <nyov> oh, was that still apt-get?
2217[20:30:16] <pldiem1> yes
2218[20:30:24] *** Quits: krabador (~krabador@replaced-ip) (Remote host closed the connection)
2219[20:30:31] <pakcjo> I can't find anything in the reprepro man page about signing/resigning
2220[20:30:32] <nyov> was it doing dkms stuff?
2221[20:30:58] <pldiem1> I don't think so, it was during the cleanup
2223[20:31:26] <nyov> do you have a /etc/X11/xorg.conf.nvidia-xconfig-original now, and a /etc/X11/xorg.conf? if so, perhaps move that back before trying again
2230[20:34:45] <pldiem1> so, install nvidia, once again?
2231[20:34:52] <nyov> then just one more check- if you have '/etc/modprobe.d/nouveau-kms.conf' with 'options nouveau modeset=0', remove the file and update-initramfs again
2232[20:35:03] <nyov> to undo that other tutorial stuff
2233[20:35:15] <pldiem1> I did that, but let me verify
2234[20:35:34] <nyov> ok, not sure if it's relevant much, but tobesafe
2235[20:36:17] <pldiem1> ok, I have it and I will remove the file
2257[20:42:14] <pldiem1> there are three processes
2258[20:42:17] <greycat> roylaprattep: the fact that you *did* join here, and were able to ask, implies that perhaps you were asking a theoretical question about the other #debian on the other network..? maybe.
2259[20:42:23] <pldiem1> all related to nvidia
2260[20:42:30] <roylaprattep> Oh, ok, no.
2261[20:43:15] <roylaprattep> cause my irssi is set to autoconnect on freenode and autojoin #debian then, it connect but do not autojoin anymore.
2310[21:05:05] <jhutchins_wk> Does current chromium have this stupid problem with repeated keyring password windows popping up every time you start it?
2311[21:05:43] *** Quits: Night-Shade (~TimF@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
2412[22:10:59] <nyov> I think that can switch your cards - replaced-url
2413[22:11:29] <diogenes_> nyov, sof instance if i want my whole xfce session to run with nvidia, i modify /usr/share/xsessions/xfce.desktop, Exec = optirun blah blah
2414[22:11:40] <diogenes_> for*
2415[22:11:43] <nyov> but you have bumblebee, so Idk if that works
2416[22:11:59] <nyov> ok
2417[22:12:31] <diogenes_> in my case i modify Exec=startxfce4 for Exec=optirun startxfce4
2418[22:12:36] <diogenes_> reboot afterwards
2419[22:12:42] <nyov> do you have hdmi out?
2420[22:12:50] <diogenes_> no i don't
2421[22:12:59] * jhutchins_wk has yet to meet anyone who knows how bumblebee works.
2422[22:13:17] <pldiem1> I have no prime-select command
2493[22:29:19] <nyov> well. whatever you have before when you ran glxgears?
2494[22:29:40] *** vjacob_ is now known as vjacob
2495[22:30:54] <pldiem1> You do not appear to be using NVIDIA X driver. Please edit your X configuration file (just run `nvidia-xconfig` as root), and restart the X server.
2496[22:31:00] <pldiem1> that is in the popup
2497[22:31:15] <pldiem1> on terminal some error
2498[22:31:16] <nyov> did you run `optirun -b none nvidia-settings -c :8` ?
2583[23:02:50] <nyov> did you set your /etc/default/grub to your specifications then?
2584[23:03:01] <ryouma> Brigo: the kernel switches fonts as it scrolls past, for example. still possible? also console has seemingly irremediable issues like a blinking cursor that even if you fix it with ansi codes (which requires having those in memory or available on a partition) it still gets reset by emacs.
2585[23:03:10] <ryouma> nyov: yes i did that
2586[23:03:43] <ryouma> (probably gets reset by any tui, not sure thought)
2587[23:03:47] <ryouma> though*
2588[23:03:47] <nyov> you could perhaps try GRUB_CMDLINE_LINUX="nomodeset vga=0"
2589[23:04:08] <nyov> but that's no good advice ;)
2593[23:04:39] <nyov> looks like you might have a framebuffer there
2594[23:04:40] *** Quits: hammer065 (~hammer065@replaced-ip) (Quit: Restart the game...)
2595[23:04:43] *** Quits: platvoeten (~platvoete@replaced-ip) (Remote host closed the connection)
2596[23:05:17] <nyov> okay I should just shut up, my boot knowledge isn't the best anymore
2597[23:05:19] <ryouma> dunno. i just know that pre-jessie worked perfectly with my video card, then it stoped working and then i had to for the first time run firmware-nonfree and taht modeset had smoething to do with it
2598[23:05:39] <greycat> ryouma: that sounds like the upgrade from jessie->stretch actually
2599[23:06:41] <ryouma> jessie was such a problematic upgrade taht i have yet to upgrade to stretch
2614[23:14:43] <slark> hi all, long time since i didn't install a debian server. And i see that the i have the option to use LVM for my partitioning. (last time i heard aboud lvm it was experiemental i think)
2616[23:15:08] <slark> Is LVM partitioning the way to go now ? or can i still use the old way ?
2617[23:15:57] <greycat> You can use either way. Whichever one makes the most sense for this machine.
2618[23:16:02] <nyov> LVM is stable and very well usable. but of course you can use 'static' partitioning, if you don't anticipate the need to rechange your partition layout
2631[23:19:19] <slark> nyov: humm in fact i am a bit confused to ask this.. cause this is really a "newbee" question. i need advice for my partionning scheme. if you feel to share your experience following my need.
2634[23:20:36] <slark> nyov: i have 1 TO and actually i will run a debian server which will do almost everything (web, mail, application logic of mobile app and git rep)
2636[23:21:16] <ryouma> slark: to me lvm has too many levels and commands and corner cases to be worth remembering between needs to use them. but if you're a sysadmin, it would be totally worth it.
2637[23:21:38] <slark> ryouma: ok you convinced me to use static partionning then
2638[23:21:43] <ryouma> hehe :)
2639[23:22:07] <ryouma> you can still get luks and stuff without lvm
2640[23:22:09] <nyov> humm. on a server I don't expect you have UEFI, but my standard layout is: 200MB EFI sda1 / 200MB ext2 boot sda2 / * LVM sda3
2641[23:22:09] <slark> i mean i can learn, i mean we all do this in tech stuff.. but i need this server to be up for tomorow so..
2643[23:22:48] <slark> nyov: this is a dedicateed server on the net so not sure about UEFI
2644[23:22:52] <jrg> does anybody here use a pi running debian that uses upsd to call ipmi commands to soft shut down computers during a power outage?
2645[23:22:57] <jrg> i was wondering if this was a viable option
2646[23:23:00] <nyov> then just drop the first partition
2647[23:23:16] <jrg> since a pi can stay on a lot longer with far less power. then once power is restored it can run an ipmi command to bring the boxes back up
2648[23:23:22] <nyov> I'd keep a dedicated boot partition
2649[23:23:29] <nyov> then 10-20GB root partition
2650[23:23:40] <nyov> the rest for your data
2651[23:23:45] <slark> nyov: sound perfect so far it was my main idea
2652[23:23:52] <slark> nyov: oh really the rest for the data ?
2653[23:24:09] <nyov> well, depends on where your data is I suppose
2654[23:24:13] <slark> should i create a kind of /var /usr and a /home partition ?
2656[23:24:27] <nyov> usually too much hassle for me
2657[23:24:32] <slark> nyov: mostly log, bdd, some mail and application ( node.js)
2658[23:24:33] <nyov> I use /data or some such
2659[23:24:49] <slark> ofc apache/web stuff
2660[23:24:58] <nyov> ok, if you think much happens in /var/ and /usr/ then give those more space
2661[23:25:50] <ryouma> depends on your server. if you think it could run out of space then you might ened it but otherwise i thi8nk the trend is boot, root, home, data
2668[23:27:54] <nyov> which usually never exceeds 10G
2669[23:28:07] <nyov> (including logs)
2670[23:28:12] <slark> humm if i don't create a /var /src /usr or even /opt they will be appent to the / part right ?
2671[23:28:34] <nyov> they'll appear on the root, yes
2672[23:28:36] <ryouma> during dist-upgrade you might accumulate packages that transiently fill up more than your root if you do not put enough there, i think
2673[23:29:15] <slark> ryouma: yeah i remember this kind of things on a little server, and it was a nightmare to maintain
2678[23:30:16] <nyov> here LVM helps me; I have sda3 a PV volume, single VG, and can resize the LVs I add in there if I need to
2679[23:30:22] *** Quits: wonderer (~quakeroat@replaced-ip) (Quit: Famous quotes #1: "Not everything that can be counted counts, and not everything that counts can be counted." - Albert Einstein (1879-1955))
2680[23:30:44] <nyov> so if var fills up more than expected, I can resize the LV, say xfs_growfs, and done
2681[23:30:57] <nyov> (though I can't shrink an xfs)
2682[23:31:14] <slark> nyov: you use a single LVM parition, or you use more than one ?
2683[23:31:34] <slark> if you can create and resize your lvm partition do you really need more than one ?
2729[23:41:25] <nyov> except the 2 or so times my rack died because of some power switch issue
2730[23:41:40] *** Quits: Night-Shade (~TimF@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
2731[23:42:56] <slark> nyov: well i feel dirty to use a "/boot" "/" and "swap" partition scheme, particulary when i worked a sys admin like 15 years ago lol
2788[23:56:38] <BCMM> annadane: basically iptables has been replaced by nftables in the kernel (a few years back now). however, there is an iptables compatibility layer for nftables, so iptables rules work the same as ever
2791[23:57:54] <BCMM> native nftables will probably perform better, but very few users are handling enough traffic (or have complex enough rules) for that to matter
2792[23:57:55] <nyov> has it really been a few years back? I was trying to switch several times, with some issue or other
2794[23:59:03] <slark> the bsd alternative can be still used right ?
2795[23:59:09] <nyov> can you use both in parallel now? as in, have some script work with nftables natively while another manages the rules in iptables syntax?
2796[23:59:23] <slark> the firewall bsd alternatives i mean
2797[23:59:30] <BCMM> should probably say nftables has replaced netfilter; i don't think the kernel part was ever called iptables