this is #debianan IRC-Channel at freenode (freenode IRC service closed 2021-06-01)
0[00:00:11] <BCMM> PantheraLeo: what qualifies as lightweight for you? again, that seems like a somewhat odd goal from somebody who's been using ubuntu...
1[00:00:41] <PantheraLeo> Resource usage.
2[00:01:46] <BCMM> PantheraLeo: see if this assuages your concerns at all replaced-url
3[00:02:11] <BCMM> what desktop environment you choose is going to have orders of magnitude more impact than your init system
4[00:02:12] *** Quits: bsld (50485aef@replaced-ip) (Remote host closed the connection)
19[00:04:03] <dpkg> it has been said that light is "If you find yourself in a loong tunnel, stay AWAY from the light!"
20[00:04:09] <BCMM> PantheraLeo: i'd say that changing the init system is something you shouldn't do unless you really know what you're doing and why you're doing it
26[00:05:22] <annadane> oh no, not another rob alt
27[00:05:47] <BCMM> PantheraLeo: the impact on resource usage is minimal. the main issues with systemd are philosophical, and won't affect you or your system directly.
28[00:06:04] <whislock> And whether or not they're even issues is debatable.
29[00:06:16] <BCMM> i.e., i'd like it if systemd wasn't trying to gradually take control of the whole ecosystem, but keeping it off my own system as a protest doesn't really mean a lot
30[00:07:08] <whislock> If it works better than what came before, I don't really care, personally.
94[00:51:59] <Gigglebyte> Is there a plugin that would allow my file viewing to be descending by default? Currently I have to reset the folder to descending every time I open the documents folder, and it is a nuisance.
95[00:52:14] <Gigglebyte> I know this is more of an XFCE question, but no one has responded in the #xfce channel.
240[02:49:13] <brwoods> I'm trying to build a debian kernel but with some modded kconfig options, when I run "debian/rules debian/control" I get a python trace and "KeyError: 'gnu-type-package'"
245[02:53:20] *** Quits: mytym (~Mibbit@replaced-ip) (Remote host closed the connection)
246[02:58:31] <nvz> o.O
247[02:58:43] <nvz> you don't rebuild kernel packages the same as other packages
248[02:58:52] <nvz> !kernel maint
249[02:59:08] <Delf> Who broke my multi-seat!? Having issues with multi-seat setup such as not being able to log back in after having logged out. Anyone else having this issue? Debian Buster. Proprietary nvidia drivers.
250[02:59:15] * nvz shrugs and wanders off... lookup the debian kernel maintainers handbook
251[03:01:09] <brwoods> well, turns out it was because I was on Ubuntu 16.04, switched over to my buster VM and it works so
352[04:09:28] <ov3mind> anyone can help me on puseaudio, i had truble here q-when i login i need stop it and restart and the sound works only two times, any tip?
375[04:23:21] <grimR> sponix: be careful updating after. That is where things can get messy. Disable the MX Linux repository during updates should help prevent breakage
376[04:23:46] <jmcnaught> It's not recommended or supported to mix distros.
447[05:13:54] <oiaohm> loupe: that does not look right. nvidia-legacy-340xx-driver << Notice the no -dkms
448[05:15:18] <oiaohm> loupe: the one I referenced should pull in the libs and other things that may make Nvidia card work. When I get to needing nvidia legacy drivers I find it as a sign I need to upgrade.
478[05:39:57] <loupe> oiaohm> after digging around, I discovered that the driver meta package was ALREADY installed ... something must have depended on it. SO... I don't know what to do. I'm running stretch because busters gnome always crashes after being logged in for about 22 seconds. I'm running dual boot stretch's ... I use one for testing and this one for stable use
499[05:49:54] <oxek> why does debian use by default umask 0022 in /usr/sbin/mkinitramfs instead of umask 0077 ? 0077 would help prevent users from shooting their own foot when configuring cryptokeys in initrd.
500[05:50:49] <oxek> possibly related replaced-url
728[09:32:39] <ratrace> holy skagsack, this FF is becoming a nigthmare to restrict with apparmor. 68 has some pretty nonsensical requirements in writing stuff under ~/
805[10:46:23] <ratrace> (in theory, I haven't tried if auth forwarding works via rsync though, but it should as rsync uses standard ssh client facilities)
850[10:58:45] <no_gravity> One way I used to get the whole dir out of the container is this: docker exec containername bash -c 'cd /some/dir && tar -cf - .' | ssh othermachine 'cd /some/dir && tar xf -'
851[10:59:04] <no_gravity> But now I would prefer to update it via rsync then to do a full copy via tar.
854[11:00:29] <ratrace> no_gravity: what do you mean and then what? any path that's accessible from within docker should be accessible from the host too
855[11:00:58] <no_gravity> ratrace: How so?
856[11:01:01] <ratrace> no_gravity: like, if you have /some/path in (chrooted) container, from the host it'd be /path/to/container'sroot/some/path
857[11:01:08] <ratrace> no_gravity: because it's a namespace, not a VM
858[11:01:27] <ratrace> of course exceptions to what I wrote exist if you have a bind mount mess so views are totally different between host and container
865[11:02:25] <no_gravity> ratrace: Well, as I said, I doubt you are correct that there is a path on the host that shows what the container sees under /some/path
866[11:02:43] <no_gravity> ratrace: And you mentioned exceptions already, so I think you agree.
867[11:03:24] <ratrace> no_gravity: doesn't docker bind mount paths from the host to begin with?
868[11:03:52] <Habbie> stop
869[11:03:55] <Habbie> again
870[11:04:02] <Habbie> these are implementation details
871[11:04:11] <no_gravity> ratrace: Not sure what you mean.
872[11:04:13] <Habbie> that, in the face of overlapping mounts, probably doesn't even work
873[11:04:30] <Habbie> what ratrace says is -generally- true
889[11:09:12] * no_gravity installs sshd in the container: apt-get install openssh-server -y
890[11:09:34] <ratrace> okay so the key point here is that docker should not be treated as a VM. no ssh-ing in it (you technically can, but then you technically can run DOS too :) )
893[11:09:58] <ratrace> which means you should configure it in such a way that all storage paths are primarily host side, bind-mounted into the docker for its pleasure and business.
894[11:10:23] <ratrace> no_gravity: because dockers are designed to isolate and contain single process (and their privsep subprocess) use cases
895[11:10:26] <Habbie> yes, but because no_gravity pieces together that dir from bindmounted and nonbindmounted things
896[11:10:34] <Habbie> there is no path on the host that reflects the total state of that dir
897[11:10:38] <ratrace> they're NOT designed to be treated as "light" VMs, even though technically you CAN do that.
898[11:10:51] <no_gravity> ratrace: By that logic you should not eat apples. As they are not designed to be eaten.
899[11:10:57] <Habbie> well
900[11:10:59] <Habbie> you should not eat apples
901[11:11:02] <Habbie> there we agree
902[11:11:05] <ratrace> no_gravity: no that's a hyperbole with no logical reasoning
903[11:11:32] <Habbie> but seriously
904[11:11:35] <Habbie> #docker :)
905[11:11:36] <ratrace> no_gravity: best tool for the job etc... if you want "light" VM-like environment using containers, there's LXC for that
906[11:11:41] <Habbie> oh no_gravity is there already
907[11:11:45] <no_gravity> ratrace: Docker works fine for me.
958[11:58:30] <Skuggen> Hi all. I'm looking at the new members process, and it mentions using an inline pgp signature for sending the request. I can't seem to get mutt to actually do this (it just wants to send the signature as an attachment). Anyone have any ideas?
1119[13:57:57] <jmd> I'm running Debian on a PC. So I wonder how I can configure it to avoid /bin/login and and display managers. Is there a howto for this?
1136[14:07:56] <jelly> I have no idea how up-to-date this is:
1137[14:07:59] <jelly> !autologin
1138[14:08:00] <dpkg> If you want an insecure box that boots into a session with your user. Xdm cannot do autologin but gdm and kdm can if you really want them to. (But do you?) The <nodm> package is a good way of automating this.
1139[14:08:03] <jelly> !nodm
1140[14:08:03] <dpkg> In systemd, "systemctl set-default multi-user.target", or remove the DM package(s) with "aptitude remove gdm3 kdm lightdm lxdm nodm sddm slim wdm xdm". "echo false >/etc/X11/default-display-manager" will also disable the DM, or just hit ctrl-alt-fN to get to a console. nodm is the name of a minimal/automatic display manager (replaced-url
1141[14:08:21] <jelly> just the last "nodm" sentence.
1142[14:09:06] <jelly> eypo: actually disabling services will leave them unable to log in at all; I'm not sure that's what they want
1177[14:34:41] <Grelek> Hello, we're currently migrating from Alpine and we'd like to use Alpine's apk feature "virtual package" or "virtual groups". Basically we want to install some packages and mark them so we can remove them all by using a single name. Is it possible in apt-get/apt?
1178[14:35:03] <xormor> is this a good kernel to run on Debian? is it the latest from the 4 series that I can get as "a normal default kernel"?
1181[14:37:16] *** Quits: TheFuzzball (~TheFuzzba@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1182[14:37:20] <xormor> I want to run a signed kernel, because to me it "sounds cool" to have a signed kernel and Secure Boot enabled. Now I do. I was considering using the kernel I compiled by myself again, 5.3.7 but I do not need it, and I do not want to create a signature for it. I could have Secure Boot disabled, but I think it is "cool".
1192[14:42:55] <jmosco> so during install, the "debian desktop environment" is selected by default. From my understanding, that is gnome. what is the difference when selecting the gnome option under the default debian desktop environment ?
1227[14:49:09] <ksk> I asked for a way to easily lookup switches in manpages like some years ago, reddit to the rescue: "/^[[:space:]]+-r" - works for me (but I will never be able to remember that regex ;)
1234[14:49:30] <dpkg> English as a language (and other uses) has plenty of background on wikipedia, however for #debian support, it's the primary and best supported language here. Please use other specific language channels (even if they're very idle), a related mailing list, or your best English here anyway (we'll try to cope).
1244[14:50:31] <tazul> keluar lah den gw mau nge ddos
1245[14:50:32] <torchinz> hi guys, I have been able to install nvidia driver on buster. I tried nvtop to check the usage and it appears that the card is not being used
1246[14:50:38] *** Quits: tazul (~u0_a226@replaced-ip) (Quit: Lost terminal)
1271[15:06:37] <ksk> torchinz: did you read the wiki entry I just liked? It has a paragraph about having a secondary/primary intel GPU, too.
1272[15:07:13] <torchinz> damn it, I just saw that. I can't believe I missed that :/
1273[15:07:20] <ksk> also, I am not very into linux desktops, so it would also be nice if you could say which driver you installed how (again, according to the wiki), so we can get a better picture ;)
1294[15:13:41] <L7> there's a bug in debian 10, where the screensaver doesn't cover the 300pixels from the right to the left of the screen, with screensaver lockd- u can still use whatev on the desktop in those 300px range.. ^_^ nice 1..
1295[15:13:48] <BCMM> torchinz: actually this link might be better replaced-url
1301[15:14:46] <torchinz> BCMM, can you explain this a little? "You can use your NVIDIA card for rendering graphics which will be displayed using the Intel card. "
1302[15:15:12] <BCMM> torchinz: that's how optimus hardware works. your intel GPU is connected to the screen. your nvidia gpu is not.
1303[15:15:23] <BCMM> (well, not directly)
1304[15:15:39] <karlpinc> !tell sklv1 about su
1305[15:15:41] <torchinz> follow up question: so the nvidia gpu is not used?
1321[15:18:54] <L7> o yeaaaaa:ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
1322[15:18:55] <L7> there's also a bug in ubuntu 18 and 19, prolly prior to those too, it deletes a random char in the middle of your passwd when choosing encryption in the installer, passwd -> \][123...[]\
1323[15:19:04] <L7> dunno if it's debian related or not, but prolly so
1324[15:19:12] <BCMM> torchinz: but the conclusion is that, to get high performance graphics, the intel and nvidia devices will have to work together, and there are instructions on the debian wiki for how to achieve that.
1325[15:19:34] <sklv1> fixed, but having dpkg -i and loads of commands not work if you use su is objectively stupid.
1326[15:19:45] <L7> if any1 can send me foodz n booze n ganja n topnotch women, that'd be gr8
1333[15:20:27] <L7> hey CrystalMath, fix that reactos already where you can drag the icons around on the desktop and they remain in place instead of restacking em ^_^
1334[15:20:39] <L7> 101 mead cir, west monroe, louisiana.. ;-) THX
1335[15:20:43] <torchinz> BCMM, are you refering to to this guide for full performance? replaced-url
1355[15:25:20] <BCMM> i was referring to the page that i linked you to, and i don't really know how to make it any clearer than that.
1356[15:25:26] <BCMM> !optimus
1357[15:25:26] <dpkg> The Bumblebee project aims to provide support for the Nvidia Optimus GPU switching technology on Linux systems. GeForce 400M (4xxM) and later mobile GPU series are Optimus-enabled; if «lspci -nn | grep '\[030[02]\]'» returns two lines, the laptop likely uses Optimus. Packaged for Debian <jessie> and <wheezy-backports>. replaced-url
1358[15:25:53] <BCMM> torchinz: have a look at the above factoid. i'm out.
1391[15:49:17] <karlpinc> What's wrong with my brain? I thought that if I had 'w' permissions on the containing directory I can change the group of a file. But I get a permission error.
1392[15:49:34] <greycat> Only the owner of a file, or root, can change the file's group.
1394[15:49:56] <greycat> w perms on a directory would allow you to remove the file and create a whole new one in its place, but not to modify an existing file's content or metadata
1421[16:01:51] <uio> Hi. When I open Thunar and then run pdflatex -synctex=1 file.tex, file.pdf is shown to be empty. If I close Thunar and reopen it, then file.pdf is shown to be non-null. This issue is not produced with pcmanfm, and does occur in Thunar if I run pdflatex -synctex=0 file.tex Any thoughts?
1422[16:03:01] *** Quits: Space_Man (~Space_Man@replaced-ip) (Remote host closed the connection)
1423[16:03:18] *** Quits: null1337 (~WhoAmI@replaced-ip) (Quit: Give a man a fish and he will eat for a day. Teach him how to fish, and he will sit in a boat and drink beer all day)
1449[16:16:29] <premoboss> ACTUAL SITUATION: pc_A and pc_B are connected, no matter wifi or wired. On A there is a bash program, it is a "menu" done with whiptail that allow me to do some settings on A.. form B i ssh into A, run program, all ok. NEED: i wish to do it using web browser on B (and web server on A) but without to port the scrip from bash to php (3000+ lines of code). So, I guess if When from B i do replaced-url
1450[16:16:29] <premoboss> "start and show" the bash script, so i can use it from B. how to do?
1451[16:17:41] <greycat> You can't just run a terminal menu program in a web browser. You have to rewrite it. It doesn't have to be in PHP -- more likely you would rewrite it using native web form widgets, and possibly javascript.
1452[16:17:57] *** abdulocracy_ is now known as abdulocracy
1461[16:21:14] <premoboss> greycat, rewrite is exactly what i wish to avoid :-(
1462[16:21:57] <premoboss> i remenber years ago it exists "something" that allow you to oper a scell command line on server from web browser of client... but i dont remember where i fount it.
1463[16:21:59] <jelly> premoboss: there are terminal+ssh clients that work inside browser.
1464[16:22:18] <premoboss> jelly, that ok i think. where to find it?
1512[16:42:39] *** Quits: TheFuzzball (~TheFuzzba@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1513[16:44:11] <premoboss> jmcnaught, nice, i installed shellinabox and it works. but i would like to "automatize" the login and run directly the script i need... is it possible?
1514[16:44:39] *** Quits: ich (~ich@replaced-ip) (Quit: Ex-Chat)
1516[16:45:01] <jmcnaught> premoboss: I don't know, I just knew shellinabox existed. If it were me I would probably try to find a solution that doesn't involve a browser.
1521[16:46:32] <premoboss> jmcnaught, to me, ssh+bash script ios enough. but this shound be managed also by people not skilled with CLI, ssh and so on. so i am forced to rewrite in php or so some "dirty trick" to export the bash cli program via web browser.
1522[16:46:36] <xormor> jelly, it did not work. but I do not need it.
1523[16:46:41] <greycat> You could write a one-letter shell function/alias to kick it off.
1541[16:55:15] *** Quits: bashquest (~bash0r@replaced-ip) (Remote host closed the connection)
1542[16:56:34] <tobiasBora> My laptop has a HDD, with some ext4 over LVM partitions. My hard drive is nearly full (I need to remove stuff from time to time), and I noticed recently very strange file corruptions. Some pictures were just impossible to open, some were incomplete... And today, I was compiling some documents in LaTeX (no error so fars), and suddently, one picture that was here since 10 days got suddently a super strange
1543[16:56:35] <tobiasBora> appearance, with basically the blue layer removed on the lower part, leaving a very redish picture.
1549[16:58:55] <tobiasBora> I thought that HDD were pretty resistant... but I'm thinking more and more than my hard drive is having some issues. Do you think it's plausible? Do you see other explanations? If yes, can I recover corrupted files? Can I run some tools to check if my hard drive is close to die or not, and are these tools dangerous for my hard drive? (my last backup is a few months old and I don't want to lose my last
1550[16:58:57] <tobiasBora> pictures)
1551[16:59:32] <tobiasBora> also, I'm very concerned to see my LVM partition corrupted, and to lose everything. Is there any trick to save the partition somewhere and avoid such lose?
1564[17:04:46] <xormor> how well is Debian supported on Amiga?
1565[17:05:10] <greycat> !m68k
1566[17:05:10] <dpkg> [m68k] Motorola 680x0 CPU family. Used in old world Apple Macintosh, Amiga, Palm, old Sun workstations and various VME bus systems. Linux m68k runs on some of these, ucLinux should run on the less powerful models. As of Debian 4.0 "Etch", the m68k port is not a release architecture. replaced-url
1567[17:05:54] <greycat> Hasn't been supported in a really long time.
1597[17:19:09] <lunchslut> Is there an easy tool to compare the list of orphaned packages (abandoned by their maintainers) with those installed on my system?
1598[17:19:18] <greycat> !deborphan
1599[17:19:19] <dpkg> deborphan is a package that will tell you what library packages you have installed that nothing's using. If you want remove all packages use 'deborphan | xargs apt-get -y remove --purge', or a nice tool to clean up grown debians. replaced-url
1600[17:19:31] <greycat> oh, hmm, that's not quite the thing you asked for
1601[17:19:38] <lunchslut> Yeah, thats a different type of orphan :D
1612[17:22:00] <dpkg> For information on packages which are not in Debian but you think should be, check the Work-Needing and Prospective Packages list at replaced-url
1613[17:22:06] *** Quits: timahvo1 (~rogue@replaced-ip) (Remote host closed the connection)
1614[17:22:14] <lunchslut> Awesome! Thank you
1615[17:22:20] <lunchslut> That sounds like it'll do it :)
1616[17:22:22] <jelly> also, how-can-i-help
1617[17:22:41] <jelly> ,i how-can-i-help
1618[17:22:42] <judd> Package how-can-i-help (devel, optional) in buster/amd64: show opportunities for contributing to Debian. Version: 16; Size: 11.3k; Installed: 37k; Homepage: replaced-url
1698[17:57:00] <jelly> wrksx: it means "sticky bit is set, and execute bit for "other", usually seen in that place, is not set"
1699[17:57:12] <jelly> hm, should have escaped the inner ""
1700[17:57:34] <jelly> !sticky bit
1701[17:57:34] <dpkg> well, sticky bit is the "t" bit on /tmp. When set on a directory, it means that users cannot unlink anyone else's files (and a few other things). It has no effect on files in Linux or FreeBSD; on some other Unices it has another meaning, usually related to swapping or the page cache.
1702[17:57:40] *** Joins: todi (~todi@replaced-ip)
1703[17:57:49] <greycat> It's in the info page, but not the man page. "info ls | less" and search for sticky.
1704[17:59:07] <wrksx> Thx.Oh and yeah I didn't even remember there was the info command... Is there a specific reason why both coexist.
1748[18:22:14] *** Parts: darsie (~kvirc@replaced-ip) ("No boundaries on the net!")
1749[18:23:01] <ratrace> Anyone using i3-wm and latest Firefox ESR? I see some glitches with the hamburger menu drawing, there's a thick black border. Y'all see the same?
1772[18:31:04] <greycat> It's a follow-up from an earlier problem. They're getting some kind of error message from apparmor. The message seems to be *saying* that some file system isn't mounted, but when they checked, /sys/kernel/security *was* in fact mounted.
1773[18:31:19] <greycat> So, it's really unclear what the error means. I would suggest Googling it and praying.
1791[18:35:20] <cinesc> can´t open up the grup file anymore
1792[18:35:21] <greycat> If you're unsure what this boot parameter is going to do, you could just set it one time by editing the parameters in GRUB interactively, instead of modifying files permanently.
1796[18:36:04] *** Quits: wrksx (~wrksx@replaced-ip) (Remote host closed the connection)
1797[18:36:22] <greycat> In GRUB, you can use the keyboard to do stuff while booting. One of the things you can do is press 'e' to edit the selected menu item before booting it.
1834[18:55:12] <greycat> horribleprogram: depends on which installer you use, but MOST importantly, it depends on what you select during the installation
1841[18:55:55] <horribleprogram> greycat: dude it's the default one
1842[18:56:14] <towo`> Latr_work, but maybe 10th Gen could be too new for debian stable
1843[18:56:14] <horribleprogram> greycat: is there a way to check
1844[18:56:26] <horribleprogram> greycat: like systemctl status GNOME
1845[18:56:34] <greycat> So that's a "yes". You don't know what you chose. You probably can't tell me what installer you used, either. Well, if we assume a reasonably normal installer, and you chose "gimme a desktop, I don't care which one", then yes, you would have GNOME. Probably. Perhaps. Maybe.
1854[18:57:58] <Latr_work> firmware-linux-nonfree is installed
1855[18:58:11] <horribleprogram> greycat: when you're prompted for a password, there's a settings cog you can press, and it shows System X11 Default, GNOME, GNOME Classic, GNOME on Xorg, and the GNOME is the bulleted one
1856[18:58:26] <greycat> Sounds like buster, then.
1860[18:58:57] <greycat> And you chose (or allowed the installer to choose for you) GNOME, and you've been running the default buster GNOME session which uses Wayland instead of X.
1861[18:59:09] <horribleprogram> my point is my .xinitrc doesn't work anymore
1862[18:59:12] <horribleprogram> greycat: AHHH
1863[18:59:33] <horribleprogram> iight that should help me find a solution easier than
1901[19:10:38] <cinesc> @ratrace yes, stretch required appArmor enabling explicitly on the kernel command line (unlike Buster where it's now default enabled)
1902[19:10:40] <ratrace> horribleprogram: Wayland is a protocol, not a thing you run. when you ask "how do I do XX under Wayland", you must really ask "how do I do XX under this specific Walyand compositor here"
1903[19:10:56] <ratrace> horribleprogram: which would imply that maybe different compositors do stuff differently...
1904[19:10:58] <cinesc> what commandline do I have to use?
1911[19:12:05] *** Quits: Afss (25dbede5@replaced-ip) (Remote host closed the connection)
1912[19:12:06] <ratrace> cinesc: yea I just looked at my Stretch deployment scripts, I used that
1913[19:12:17] <horribleprogram> ratrace: okay how I change back to X11
1914[19:12:18] <greycat> ratrace: your spoon is not large enough. They think they're supposed to type that into a shell.
1915[19:12:19] <ratrace> cinesc: uhhhh that's kernel command line, you set that up in /etc/default/grub
1916[19:12:20] <cinesc> it works fine with it?
1917[19:12:53] <cinesc> in grub?
1918[19:12:54] <ratrace> horribleprogram: whatever DM you're using (by default GNOME + GDM) should have the option to change the session. GDM has this cog icon next to the login button
1919[19:12:56] <greycat> ratrace: I think you will need to SHOW them exactly what the file needs to look like, and even then, you might end up needing to tell them keystroke by keystroke how to run an editor
1922[19:13:24] <cinesc> more detailed instructions, yes that is what I need.
1923[19:13:32] <ratrace> horribleprogram: greycat is right. if you don't know how to set that up, you should NOT use Apparmor, you'll just lock yourself out of your computer :)
1924[19:13:33] <horribleprogram> ratrace: yeah that's the one, I got 4 different ways to login ;)
1947[19:20:13] <CrystalMath> why doesn't debian's slrnpull package have a sample slrnpull.conf?
1948[19:20:14] <cinesc> as root after just pasting the additional text and then save the change I should use update-grub as root in the terminal then restart the computer to then run aa-status and see if anything changed to the better?
1949[19:20:31] <greycat> cinesc: yes
1950[19:20:33] <CrystalMath> it's literally impossible to write this important conf file, as there is **zero** information on the syntax
1951[19:20:48] <cinesc> this better be working without a hitch
1953[19:22:12] *** Quits: Haudegen (~quassel@replaced-ip) (Quit: Bin weg.)
1954[19:22:22] <cinesc> save with the text editor´s save feature then close?
1955[19:22:54] <ratrace> ...
1956[19:23:03] <greycat> I mentioned the spoon-feeding...
1957[19:23:09] <CrystalMath> oh
1958[19:23:16] <ratrace> cinesc: if you don't know THAT... then how are you supposed to use AppArmor? There are no policies for that thing by default, except a very few basic ones
1959[19:23:22] <CrystalMath> hehe, oops, somehow i missed that
1960[19:24:04] <cinesc> this is quite new to me so I need to be sure that it goes right
1961[19:24:28] <greycat> cinesc: what are you trying to do?
1988[19:29:30] <greycat> AppArmor is a policy framework that lets you restrict what certain programs are able to do.
1989[19:30:11] <cinesc> ok
1990[19:30:11] <greycat> You can write a configuration file that says "/bin/rm is never allowed to create a file". And then if there's a bug lurking in /bin/rm where it can accidentally create a file instead of removing files, then AppArmor will prevent that bug from triggering.
1991[19:30:46] <greycat> (Not 100% sure that specific example is possible, but that's the kind of thing it's for.)
1992[19:30:57] <cinesc> sounds like something I want to use
1993[19:31:24] <karlpinc> cinesc: If you want to know about (some) changed files you can use the "debsums" tool.
1994[19:31:42] <ratrace> cinesc: but you'll have to write the policies, there are only a very few ones for some basic programs, by default in Debian
2002[19:35:38] *** Quits: cinesc (5518fd07@replaced-ip) (Remote host closed the connection)
2003[19:35:45] <ratrace> greycat: technically, with apparmor everything is denied by default (for the process that's under enforcement), so you have to explicitly allow rm to create a file at specific path.
2004[19:36:09] <greycat> ... are you that guy that suspected his system was compromised, because your internet was a little bit slow one time a few weeks ago, and everyone told you to reinstall, repeatedly, and you STILL didn't reinstall, but instead, decided there must be some tool out there that can tell you whether your system is compromised?
2010[19:38:15] <BCMM> i mean, if the internet is going slow due to the compromised system, then yes, there are absolutely tools that can detect that! just, probably not when running on the compromised system itself
2011[19:38:46] <greycat> crap, didn't know he was disconnected :(
2012[19:38:56] <greycat> cinesc: are you that guy that suspected his system was compromised, because your internet was a little bit slow one time a few weeks ago, and everyone told you to reinstall, repeatedly, and you STILL didn't reinstall, but instead, decided there must be some tool out there that can tell you whether your system is compromised?
2013[19:38:57] *** Quits: lapsi (~lapsi@replaced-ip) (Ping timeout: 240 seconds)
2014[19:39:15] <ratrace> cinesc: "it worked" yes now you have appArmor enabled, but it doesn't do anything by itself.
2015[19:40:41] <ratrace> (well not 100% true, by default there's enforcement policy on man, tcpdump, named and a few other minor programs)
2031[19:47:53] <ratrace> jmcnaught: yes, but they aren't enabled upon installation (except a few that do come with apparmor-profiles under /etc/apparmor.d). you have to copy them over from /usr/share and then prey they work, or manually tweak them
2032[19:48:58] <greycat> in any case, they do not tell you "you're infected with Swine Flu 3.14, run /usr/sbin/fixswineflu to fix it"
2034[19:49:07] <greycat> which I gather is what cinesc thinks
2035[19:49:37] <ratrace> problem with MACs is that generic policies are kinda contrary to the whole purpose. For example, there's AA policy in Ubuntu for Firefox but it's useless for me, I have my own that does NOT allow FF to access anything under ~/ except those few shared files it creates on its own.
2036[19:50:25] <ratrace> it also does not allow running a bunch of programs that FF in Ubuntu is configured to be able to run, like starting OpenOffice from FF when you click-open an office document
2038[19:50:50] <ratrace> I run my FF very restricted with AA, that's the whole point of it. the generic policy from ubuntu is too wide open.
2039[19:51:06] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you can get shot if you crack smiles and shit...)
2040[19:51:57] <ratrace> greycat: that most certainly it doesn't :) mayhaps cinesc wanted something like rkhunter or whatsitcalled
2041[19:52:23] <cinesc> if I have all the directories showing up, what is there more to do?
2059[20:00:31] <ratrace> cinesc: again, "to do" for what end goal? you run aa-status and it shows you some profiles are in enforced or complain mode. what does that mean to you? what do you want to achieve with it? remember it is NOT a tool that will find viruses for you
2067[20:02:44] <greycat> If "something happens" means network activity, then maybe you want tcpdump.
2068[20:02:49] <ratrace> cinesc: AA will only log AVC denials for active profiles, but again, the profiles are almost non-existent, you'd have to write them for programs you use.
2069[20:03:57] <cinesc> how does tcpdump work and what do I need for it to not miss an important package?
2074[20:04:20] <greycat> It monitors network activity, using the specific criteria that you tell it to use.
2075[20:04:23] <jmcnaught> cinesc: maybe you want an intrusion detection system, in Debian there's aide, tripwire, and others: aptitude search ~Gsecurity::ids
2083[20:06:01] *** Quits: todi (~todi@replaced-ip) (Quit: Quit)
2084[20:06:25] <cinesc> then what does detect on an already affected machine?
2085[20:07:27] *** Quits: Cyb0ti-2 (~Cyb0ti@replaced-ip) (Quit: I'll be back...)
2086[20:07:35] <jmcnaught> cinesc: you can't trust an already compromised system to tell you the truth about whether it has been compromised or not, no matter what tool you use.
2087[20:08:33] <ratrace> indeed. a compromised system should have its disk mounted elsewhere and then analyzed offline. but...... that'd probably just be full of false negatives.
2090[20:09:22] <cinesc> Just as I have a bad feeling this being the case
2091[20:09:29] <ratrace> I regularly run all the attachments I find in spamtrap's inbox through clamav. I have yet to see clamav recognize anything. It usually does after several days or weeks, if I re-run it, after the network has picked up the signature.
2096[20:10:38] <ratrace> on the other hand commercial AV like NOD32 (the linux version) will detect stuff fairly often, but that stuff is mostly just windows malware.
2099[20:11:09] <chp> any ops online? this guy jelly came into our channel and he seems like he has mental problems or something
2100[20:11:11] <cinesc> that is relatively easy to find
2101[20:11:14] <chp> says hes an op in here
2102[20:11:15] <ratrace> (I know NOD32 is not considered the best tool for the job these days, but it's the only commercial AV on linux I managed to test out, I'm sure others like maybe Kaspersky would be better)
2105[20:12:39] <chp> if whoever is jelly's handler, could u come wrangle him
2106[20:12:56] <chp> hes off leash and terrorizing the neighborhood
2107[20:13:09] *** ChanServ sets mode: +o greycat
2108[20:13:16] <cinesc> one tool I was suggested to see if there is something that stands out is wireshark
2109[20:13:36] <chp> greycat: is jelly an op in here?
2110[20:13:39] <ratrace> cinesc: wireshark is a tool that can capture packets on itself or it can analyze tcpdump's output
2111[20:13:41] <greycat> Yes, he is.
2112[20:14:48] <ratrace> cinesc: but that's packet matching and analyis, that has to be done with very specific goals in mind. you can't just run it for a while and rely on it itself tellling you what's worng
2117[20:15:30] <chp> hes come into a channel and tried puffing his chest w his ops status in here, complaining abt users joining #debian that are like quit/joining too much
2138[20:20:25] <pasiz> ethernet adapter needs to be run promiscuous mode that is not allowed for normal user
2139[20:21:47] <ratrace> problem here is a user with zero knowledge about security issues trying random tools like apparmor and wireshark, with no clear goal in mind or any knowledge how to use those tools. and teaching them that is out of scope or scale of what can be typed in irc.
2145[20:23:35] <ratrace> cinesc: what do you mean not really? you had no clue what apparmor is, and apparently don't know what packet capture is, and how wireshark and tcpump come into that picture. am I wrong?
2146[20:24:10] <cinesc> the problem here is that something happened and I with limited knowledge of how things really work have no real idea how to be sure if that thing that happened is solved or not.
2148[20:24:35] *** Quits: forgotmynick (uid24625@replaced-ip) (Quit: Connection closed for inactivity)
2149[20:24:39] <ratrace> cinesc: yes so you're trying random tools which really have nothing to with what you want.
2150[20:24:49] <greycat> As we told you repeatedly over the span of multiple days, if you suspect your system is compromised, the ONLY thing you can safely do is wipe it and reinstall.
2155[20:26:22] <cinesc> it was a tool that could help me with what I want to find out
2156[20:26:26] <ratrace> wipe and reinstall is something I'd recommend myself, and my job among other things is securing our servers, so I know quite a bit on how to do it. post-hoc analysis? thanks, no thanks. you need a lot of experience, proper tools, forensics. just nuke & pave and mitigate.
2157[20:26:27] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
2160[20:27:46] <ratrace> (post-hoc assuming you have a compromised system and zero audit trails or logs from an IDS that would imply what could possibly be the intrusion vector)
2163[20:29:04] <Ede|Popede> cinesc: "could" is the keyword. are you used to use such tools? do you know enough about security?
2164[20:29:18] <cinesc> barely
2165[20:29:42] <Ede|Popede> you know what you need to fix things?
2166[20:29:48] <Ede|Popede> 1. the tools
2167[20:29:57] <Ede|Popede> 2. someone who knows how to use them.
2168[20:30:28] <ratrace> 0. have the actual symptoms to begin with
2169[20:30:29] <Ede|Popede> (unless you're macgyver, then you'd make your own tools)
2170[20:30:32] <ratrace> "slow network" aint' it
2171[20:32:02] <ratrace> for "slow network" you can start with something like mtr (and find out that your ISP has issues within their network as the most likely cause)
2172[20:32:03] <Ede|Popede> could be the cable. too tight curves and the electrons may fly out of the wire. pure physics.
2174[20:33:10] <ratrace> Ede|Popede: yea but that's REALLY too tight. like quantum-scale right angles that are behaving like waves when you observe them, kind of tight. :)
2175[20:33:25] <ratrace> only then will the electrons fly out of the subatomic wire.
2177[20:34:30] <cinesc> if that is the only thing I can do to solve it by a reinstall, I don´t know where to start since that would mean it´s not only my stuff that is going to need a reinstall and everyone is going to think I am crazy because the massive sacrifice it´s going to be.
2178[20:34:44] <wasamasa> paranoia is hard to deal with
2179[20:35:00] <ratrace> cinesc: that's assuming you really ARE compromised to begin with.
2180[20:35:07] <cinesc> yes
2181[20:35:33] <ratrace> like, you caught your computer doing nasty things, not just thinking it might be compromised because it's a bit slow or something
2196[20:38:33] <greycat> LDAP if you're a kool kid, NIS if you're old school
2197[20:38:44] <DammitJim> hhhmmmm
2198[20:38:57] <bernyrd> can also use Samba, but the focus in on controlling access to the shares
2199[20:39:11] <DammitJim> yeah, not a fan of Samba for this
2200[20:39:22] <bernyrd> probably LDAP then
2201[20:39:39] <jelly> DammitJim: which functionality are you going for? Management of users and groups? Computers? SSO (kerberos)?
2202[20:39:59] <bernyrd> also consider if you really need a DC, and read the Windows license... technically I don't think you are allowed to join a domain not hosted by Windows Server
2203[20:40:04] <DammitJim> jelly, all of the above
2204[20:40:23] <jelly> use AD then.
2205[20:40:30] *** Tony-St4rk is now known as OS-Tony-St4rk
2221[20:42:41] <karlpinc> Didn't RH open source some gui ldap managment tool? Or am I thinking of something else.
2222[20:42:49] <bernyrd> so I have machine with openvpn running, and connect to it, but the normal if is firewalled. how do I route specific traffic through the openvpn if without taking down the main network comms?
2228[20:43:53] <Ede|Popede> hmpf. if i try to read a big file from a thumb drive and on 2 different PCs it stops after the same amount of sectors, can i assume the thing to be dead then and the data lost? (dd_rescue would be the next i guess)
2229[20:44:21] <karlpinc> bernyrd: IIRC there's options to do this in the openvpn config so the route goes up and down with the openvpn virtual interface.
2230[20:44:26] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
2231[20:44:29] <bernyrd> karlpinc: my confusion comes from having tried to do this before, and realizing I must not construct routes that make the packets forming the tunnel on the "real" network unroutable
2232[20:44:54] <bernyrd> yeah it's defconfig or similar
2233[20:44:58] <bernyrd> it is kind of restrictive
2237[20:46:36] <cinesc> doesn´t clicking onto a link that contained viruses that turned out to have infected my computer by making it look like there was something wrong with the connection even if it wasn´t the case (it disappeared with the reinstalation) and it affected my phone that was connected at the time of the event someone spied on me count as evidence?
2238[20:46:45] <blackflow> Hi. What's the recommended way to install a newer nvidia driver in debian? I remember there being a bot factoid here about backporting, but I forgot which one was it.
2239[20:46:50] <karlpinc> Ede|Popede: You can try the usual recovery method. dd the entire device and then work from the dd-ed copy. With a flash drive I'd not hold out mch hope.
2241[20:47:19] <Ede|Popede> karlpinc: i'll do it so.
2242[20:47:22] <jhutchins_wk> !nvidia
2243[20:47:22] <dpkg> Where possible, Nvidia graphic processing units are supported using the open source <nouveau> driver on Debian systems by default. To install the proprietary "nvidia" driver, see replaced-url
2252[20:48:54] <blackflow> jelly: That was the factoid, thanks!
2253[20:48:59] <ratrace> cinesc: modern malware in general wants you to pay up, so its unlikely it did something without being explicitly loud about it
2256[20:49:39] <cinesc> that is a rather more obvious behaviour
2257[20:49:55] <ratrace> cinesc: I mean, malware of the "click a link and get randomly infected" as opposed to someone running a campaign against you (and needing to be as stealthy as possible)
2258[20:49:59] <karlpinc> Ede|Popede: With spinning media you can use ddrescue. Probably won't help with flash. The idea is that the device is going to get worse. So keep a backup of the dd-ed copy in case you totally bork your rescue and destroy the copy.
2259[20:50:03] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
2260[20:50:14] <cinesc> the thing that has me concerned is that this is a near silent malware
2261[20:50:35] <ratrace> cinesc: you keep assuming there WAS malware.
2266[20:51:02] <karlpinc> cinesc: On the off chance no one has mentioned this: If you think you may be compromised the only way to be certain that you're not is to completely reinstall.
2272[20:51:31] <Ede|Popede> it quacks like a duck... ;)
2273[20:52:03] <cinesc> that wasn´t why I changed it if you think that´s why
2274[20:52:22] <ratrace> don't call Elmer Fudd... or there be shotin'
2275[20:52:40] <Ede|Popede> no chance, it's not rabbit season now
2276[20:52:54] <greycat> it's because he's using nick A on compromised botnet host A, and nick B on compromised botnet host B, but he forgot to adopt different personas as well as different names
2277[20:53:13] <ratrace> Ede|Popede: he does the number on the duck too sometimes :)
2278[20:53:39] <wwilliam> changing in fstab and xfs partitions from the default ionode32 to ionode64 will it break the system?
2283[20:56:19] *** Quits: noodlepie (~phillip@replaced-ip) (Quit: Going to do something more productive, I think!)
2284[20:56:23] <blackflow> Anyone rebuilding in Stable the nvidia driver from sid? I wonder if there are any gotchas like having to upgrade mesa or some other related library or X11 interface as well?
2285[20:56:35] <dka> I am looking for a tool like replaced-url
2289[20:58:11] <cinesc> I only went with a different name because it felt likeI took the wrong approach to tell what happened and failed to find a solution hence the name thing.
2290[20:58:15] <jhutchins_wk> dka: Tell us what the tool does.
2305[21:02:40] <cinesc> sorry if it felt like I bombarded you greycat, I´m just concerned about losing valuable all because of a mistake I want to make it right without it repeating all over again.
2306[21:04:36] <greycat> The vagueness is what makes it impossible to help you. You're running some version of Debian, maybe, not sure if you ever said which one. You ran a web browser, no idea which one. You clicked some link, but you won't say what it was. Something happened that scared you, but you won't say what.
2319[21:08:48] <greycat> For all we know, you clicked on a "test my connection speed" page, and it saturated your bandwidth for a few minutes, which is why your phone and other devices were slow.
2336[21:23:10] <ratrace> new firefox-esr broke my workflow.... le sigh... I have a rxvt plugin to open up links via keyboard, dirctly into firefox --private-window thing. worked 100% reliable with esr 60. no longer with 68, after a while it stops opening private mode and opens regular FF instead.
2337[21:23:32] <ratrace> (despite the --private-window flag)
2353[21:28:04] <deadrom> greycat: why not esacpe the . in /.foo/ ?
2354[21:28:12] <RoyK> deadrom: but then - a find loop or a perl script can do the job if anything else won't work
2355[21:28:12] <somiaj> rany: this is an unfourntate side affect of stables firefox tracking the current ESR, so eventually there has to be a major vesion bump. Debian use to avoid this by having its own browser (iceweasel) but, browsers have so many security holes, debian cannot backport fixes to a version the upstream will not matain. They tried this for years, and it was too much work.
2359[21:28:41] <RoyK> I didn't find prename, though, but I found gprename, with a 23 line manpage telling me nada
2360[21:28:45] <somiaj> ratrace: you might need to get a newer version of the plugin that is compadaible with version 68
2361[21:29:01] *** debhelper sets mode: +l 1532
2362[21:29:09] <greycat> in s/PATTERN/string/ the string doesn't undergo any kind of pattern-matching, so a dot is just a dot
2363[21:29:21] <greycat> dots only need to be escapes in the PATTERN part
2364[21:29:44] <ratrace> somiaj: the problem is not in Debian, sooner or later it'd need to upgrade. problem is in FF not behaving consistently with --private-window, and the plugin is not related to FF, it's just something I wrote myself to open up links from urxvt
2371[21:31:33] <ratrace> somiaj: thought of using chromium for these random link openings (that aren't my regular, vetted sites I use under FF) but..... chromium seems to be in even sadder state
2372[21:31:52] <ratrace> running it from a snap would be admitting defeat :)
2373[21:32:09] <ratrace> (plus you can't apparmor a snap, so that's a huge no-no for me)
2375[21:32:53] <somiaj> ratrace: yea, chromium has no ESR branch, so security fixes are always version bumps.
2376[21:33:45] <RoyK> probably because chromium doesn't have bugs :D
2377[21:33:47] <RoyK> - Debugging is like being the detective in a crime movie where you are also the murderer.
2378[21:34:18] *** Quits: jmd (~user@replaced-ip) (Remote host closed the connection)
2379[21:34:26] <ratrace> it's a nice OS just lacking a good browser :)
2380[21:34:45] <RoyK> like Emacs - a nice OS lacking a good editor...
2381[21:35:11] <somiaj> debian would love to be able to offer a frozen browser with only security fixes, but with the way the web is constnatally changing and number of vulns in browsers, this is not realistic with the manpower debian has.
2382[21:35:19] <RoyK> dunno if anyone's using emas anymore, though
2383[21:35:29] <ratrace> somiaj: I'm guessing it's a bug somewhere in IPC, as I keep two FF windows open. a regular one and a private mode one, and so far, running "firefox --private-window $URL_HERE" would ipc it into the correct one, the private mode
2384[21:35:29] <somiaj> As a side affect, the webbrowsers are an exeception to debian's stable policy.
2385[21:35:51] <greycat> ,popcon emacs-gtk
2386[21:35:52] <judd> Popcon data for emacs-gtk: inst: 7179, vote: 3292, old: 2523, recent: 1364, nofiles: 0
2387[21:35:58] <greycat> ,popcon vim
2388[21:36:00] <judd> Popcon data for vim: inst: 79721, vote: 22144, old: 50611, recent: 4427, nofiles: 2539
2389[21:36:03] <ratrace> YAY!
2390[21:36:23] * ratrace is firmly in the vim camp
2391[21:36:37] * RoyK tends to stick to vim, and his co-workers tend to get angry when he adds 'set -o vi' to root's .bashrc
2392[21:36:58] <jelly> !start an editor war
2393[21:36:58] <dpkg> joe blows!
2394[21:37:42] <RoyK> old one, but... replaced-url
2396[21:38:20] <jmcnaught> somiaj: according to the buster release notes the webkit2gtk source package is covered by security support, so browsers based on it may not version-drift as much
2397[21:38:45] <jmcnaught> the release notes still recommend firefox or chromium in the next paragraph though
2398[21:38:54] <somiaj> jmcnaught: oh they changed that? Good to hear. I must have over looked that and expected webkit browsers to not have security support.
2399[21:39:10] <somiaj> maybe they are slower at getting support, but are at least offering some security support now.
2404[21:41:52] <karlpinc> When I enable Linux support on a chromebox I get debian. But I get debian 9. Uses the debian repos and everything in sources.list. There are (IIRC) a couple of packages installed from another repo in sources.list.d/. I'm wondering if things will break if I upgrade to debian 10, and wondering if it will eventually upgrade by itself.
2405[21:42:19] <karlpinc> I don't care enough to try it and break things, but I still wonder.
2406[21:42:31] <somiaj> karlpinc: depends on the packages, the release notes often suggest disabling that repo during the upgrade (and maybe removing said packages0
2407[21:42:51] <somiaj> but for example, google's google-chrome repo will be just fine
2408[21:43:00] <somiaj> but some other repos (like dmo) can cause lots of problems
2415[21:45:30] <somiaj> karlpinc: I don't know that repo, but it would depend on what is actually installed from that repo (if they are packages independent of debian, probably fine, but if they replace debian packages, higher chance of issues)
2416[21:45:53] <karlpinc> somiaj: I don't have the device around. I'll look at the repo source later.
2417[21:46:29] <karlpinc> somiaj: They do not (IIRC) seem to be anything that replaces any debian packages.
2418[21:46:36] <in1t3r> Hi guys someone can help me with setting up of the hybrid graphics on the HP omen laptop running debian testing.
2419[21:46:51] <karlpinc> !debian-next
2420[21:46:51] <dpkg> #debian-next is the channel for testing/unstable support on the OFTC network (irc.oftc.net), *not* on freenode. If you get "Cannot join #debian-next (Channel is invite only)." it means you did not read it's on irc.oftc.net.
2436[21:54:53] <in1t3r> Well ok I haveproblems with booting up with nvidia drivers installed. When I boot and pass my passphrase prompt for LUKS it goes few seconds and then just hang while overloading CPU cores I can here that from fans going crazy and cpu going extremly hot basically I can feel on the keyboard. @karlpinc
2472[22:18:45] <dpkg> We recommend against using deb-multimedia.org; these unofficial packages are known to cause many hard to debug problems. They are not in Debian either because the they are poor in quality or for legal reasons. See replaced-url
2490[22:29:41] <_DeLa_> jmcnaught: I'll probably go with the Opentoonz AppImage then
2491[22:31:07] <schumaml> regarding that - should upstream projects add debian package building to their CI and point to that, or is this not useful and there's a more feasible way to have up-to-date versions packaged for debian?
2492[22:32:53] <Latr_work> guys, is it okay if I install a precompiled kernel for ubuntu on debian?
2499[22:34:12] <somiaj> Latr_work: for buster, and 5.2 kernel is in buster backports. A 5.3 kernel will make it there in a few weeks I think.
2500[22:34:14] <Latr_work> GPU is not recognised on my dell xps 7390
2501[22:34:22] <somiaj> Latr_work: what GPU do you have?
2502[22:34:24] <greycat> In theory, you can use an ubuntu (or red hat or whatever) kernel on Debian, but it's something you basically have to support for yourself.
2503[22:34:36] <somiaj> Latr_work: and are you sure it is a kernel issue, and not just missing firmware?
2504[22:34:38] <Latr_work> UHD 630
2505[22:34:44] <Latr_work> it is an intel 10th gen
2553[22:47:40] <boktan> i need help with my internal wifi adaptor! i did fresh install and even now the intel wifi adaptor not works and i tryed to upgrade system with my external usb wifi adaptor but still not fixed. what it is doing is: the wifi adaptor is coming and dissappearing every second on desktop and iwconfig command is giving 3 different output if i give it
2554[22:47:41] <boktan> speedly again and again. one is wlan1 have one is no such device the another i dont remember now. so i remowed the firmware-iwlwifi now it is total gone! i did tryed to install it from here: replaced-url
2555[22:47:41] <boktan> nothing about wlan1 i cannot see! can you please help me!
2602[23:15:09] <cinesc> I was going to describe what happened and why I am here trying to endlessly troubleshoot something even if I know that this is beyond my knowledge about computers or even how linux works with the exception of a few things but that is about it.
2611[23:18:51] *** Quits: leden (~leden@replaced-ip) (Remote host closed the connection)
2612[23:19:44] <cinesc> I don´t want to present anything to do with a feeling because that will scare away anyone wanting to help me, I rather present this as something serious that requires a certain type of expertise about computers and how software work and it´s something I can´t fix on my own
2627[23:25:22] <karlpinc> _DeLa_: At minimum, a lot of the time 3rd party software needs to be removed before a major release upgrade and the re-installed after. So at least keep track of what 3rd party stuff you install.
2628[23:25:45] <_DeLa_> karlpinc: Well, I have my first major release upgrade with debian 11 still ahead of me...and I am not using debian on a production machine yet...so I guess I'll see then
2629[23:25:47] <cinesc> I clicked onto something that did malicious stuff to not only my computer where it happened but also affected another device that wasn´t even using debian and I don´t know how to tackle it as in seeing if there is anything alien or that something got modified without me knowing although it´s most likely a trojan being a file that gives access to
2630[23:25:48] <cinesc> a hacker to spy which I can confirm has happened in a very horrible manner.
2631[23:26:17] <karlpinc> (The upgrade instructions in the release notes tell you how to find 3rd party software that's going to mess with the upgrade.)
2632[23:26:28] <wasamasa> cinesc: sounds like a movie plot to me, lots of claims without any evidence
2633[23:26:33] *** Quits: annadane (~annadane@replaced-ip) (Remote host closed the connection)
2634[23:26:37] <cinesc> really?so far
2635[23:26:57] <karlpinc> cinesc: If you think that's what happened then your best choice is to re-install.
2636[23:27:23] <wasamasa> cinesc: if we break it down, the only thing we can be sure of is that you clicked on something
2637[23:27:31] <wasamasa> cinesc: then you claim it did malicious stuff
2638[23:27:31] <cinesc> yeah
2639[23:27:39] <wasamasa> cinesc: if you can't verify that, forget verifying anything after that
2648[23:28:30] <cinesc> og well I might as well share this with you no matter what
2649[23:28:41] <cinesc> took me a while to put it down
2650[23:28:54] <wasamasa> hence why I suggest you to write an angry blogpost
2651[23:28:56] <cinesc> At around 4 pm I was browsing youtube on my thinkpad t430s running linux debian 9 and was looking at the notifications of comments from a video from LTT and when I looked at what was new it displayed a comment from someone using their real name as the account name that I now have trouble remembering completely but it was similar to "oreb oronoev"
2652[23:28:56] <cinesc> (a really tricky name to remember hence the wrong spelling) that contained a link disguised as being "BarbieRemix2019" and that was all the comment contained.Before I clicked onto it, the internet and the computer I used was just fine with not a single frame drop at all with integrated graphics when looking at 1080p and this is with hd 4000
2653[23:28:57] <cinesc> graphics though. I visited the video again to see the comment thread where I saw the comment with that link in it.When I opened it up in a new tab and clicked onto the tab the text in the tab showed random letters like mty://dsb... or ://mty... and at the lower left corner where the subdomains or domains appear when it loads content it showed only
2654[23:28:57] <cinesc> novans.ru in a dimming behaviour as if it tried to connect to something it couldn´t connect to which it went over and over again and force a download of something.I closed the tab immediately because I freaked out that it was one of those browser attacks I heard about being a thing no matter what operating system you use because you are still
2655[23:28:58] <cinesc> vulnerable because it´s the weak spot in this case and after I opened the link in the tab the video I was looking at the buffer I had let do was gone and it refused to play normally anymore. Even refreshing a tab with a video became a hit and miss if it could even load a video normally anymore since it took three times to get the video to load
2656[23:28:58] *** cinesc was kicked by debhelper (flood)
2661[23:29:19] <wasamasa> some people really can't take a hint
2662[23:29:35] <annadane> anyone know if the entry to put in .xinitrc to start mate, whether it's mate-session or mate-wm?
2663[23:30:22] <karlpinc> _DeLa_: Right. There are a few rare projects that share developers with debian (postgresql), or whatever, and "just work" when you enable their repos.
2682[23:35:25] <ratrace> cinesc: can you read what dpkg posted above?
2683[23:35:34] <cinesc> yeah
2684[23:35:56] <ratrace> then go to paste.debian.net, paste your long text in the textarea on that page, select how long you want it active, save, and post here the resulting URL
2685[23:36:07] <cinesc> ok
2686[23:36:24] <wasamasa> in what country do you even use the backtick instead of the apostrophe
2709[23:43:23] <cinesc> it took me around an hour to write
2710[23:43:29] <ratrace> cinesc: I still don't get it what happened. you clicked a link and then it showed a .ru site and then somethign sloweed and then <drama incl. calling a lot of people>
2711[23:43:45] <ratrace> so, like, when you restarted the browser, did everything work back normally?
2712[23:43:59] <cinesc> no it was the same as when it was affected
2713[23:44:07] <ratrace> and after you restarted the computer?
2714[23:44:21] <cinesc> yeah
2715[23:45:00] <ratrace> yeah = youtube doesn't play videos any more?
2716[23:45:12] <cinesc> it only disappeared when I reinstalled the OS because I really had no choice at the time
2718[23:45:26] <cinesc> it played but worse than before
2719[23:45:51] *** Quits: squirrel- (mj@replaced-ip) (Remote host closed the connection)
2720[23:46:03] <deadrom> I need a specific kernel module's messages out of syslog. can I mute it somehow? device driver, never spoke a meaningful word anyway but keeps spamming the logs
2721[23:46:09] <cinesc> it didn´t even have to be at hd for the stutter to happen
2723[23:46:30] <cinesc> I might as well be 144p and still it would happen
2724[23:47:12] <cinesc> sounds weird but that is how it presented itself but also in games too
2725[23:47:14] <ratrace> cinesc: in all that wall of text you missed to describe the EXACT symptoms of what was going wrong. "not playing normally" doesn't say anything.
2727[23:47:57] <cinesc> it played with a stutter every now and then
2728[23:47:59] <ratrace> "I opened the link in the tab the video I was looking at the buffer I had let do was gone and it refused to play normally anymore." -- this is the closest you got to describing the actual problem you're having
2739[23:50:16] <cinesc> hence why I am here and still here
2740[23:50:21] <ratrace> Latr_work: is that a running commentary of a debug session or is there a question in there somewhere :) I scrolled quite a few to try and find context, failed :)
2741[23:50:42] <ratrace> cinesc: I think you're jumping to quite a lot of conclusions
2742[23:51:16] <Latr_work> ratrace: somiaj was helping me out bringing up Debian 10 on my XPS 7390
2743[23:51:20] <ratrace> next time if it happens, it'd be prudent to start troubleshooting by looking at the process list (ps, top) and find out if there's a process hogging CPU or IO that would explain the stuttering
2744[23:51:37] <ratrace> Latr_work: ah
2745[23:51:39] <cinesc> I might be fast at estimating bad things but I do usually think of worst case scenario
2746[23:52:10] *** Quits: prueba (~miprueba1@replaced-ip) (Remote host closed the connection)
2747[23:52:29] <ratrace> cinesc: linux malware exists but it's almost always of commercial ("pay up or else") nature, or targeted data exfiltration or denial of service
2749[23:52:58] <cinesc> what do those two last ones mean?
2750[23:53:31] <ratrace> cinesc: it means someone attacks someone else, deliberately and targetting just them, to steal data or cause some denial of service
2754[23:55:27] <ratrace> cinesc: also, majority of linux malware is of "trojan" kind, meaning the user has to be tricked into installing it. there's also software exploits, eg. a random website you visit exploits something in your firefox to install somethign on your computer but... that something can't easily propagate further. just because something is connected via USB does not immediately mean it's vulnerable to something,
2755[23:55:33] <ratrace> and in practice it's quite unlikely to happen
2756[23:56:06] <ratrace> vast majority of linux malware is trying to exploit badly configured or unsecured web servers and use them for spam, DDoS botnetting, etc...
2759[23:56:22] <cinesc> @ratrace the funny thing was that the cpu activity was the same, it just performed worse than before
2760[23:56:27] <somiaj> Latr_work: so you have the linux-image-amd64 and firmware-misc-nonfree installed from buster-backports and your GPU still isn't working.
2761[23:56:28] <ratrace> infact, I don't know of any desktop oriented linux malware in the wild. there could be, I just haven't heard of it.
2762[23:56:48] <ratrace> cinesc: could be a cryptominer that glitched your GPU
2768[23:57:52] <cinesc> although that doesn´t explain why someone could see what I was watching
2769[23:57:57] <cinesc> in real time
2770[23:58:03] <ratrace> could be a network issue that coincided with you clicking a link. human brain is like that. you're assuming things and there it is, concocting all kinds of scenarios and pereceiving all kinds of random things it sees, as PART of the thing it worries about.
2774[23:59:10] <ratrace> cinesc: "it sounded as if someone knew exactly what I was watching" -- that also says nothing. Did anyone tell you they saw what you were watching? why do you think anyone did know what you were watching?
2775[23:59:48] <ratrace> cinesc: also, here's a funny story. we men are pigs. I have yet to meet a man, who's using the internet, and has NOT at least once peeped at porn.
2776[23:59:51] <cinesc> you mean the phenomena of thinking unrelated weird things that happens at the same time are related then yes it happened twice