50[00:13:15] <pthreat> yeah took care of disabling it
51[00:13:30] <ratrace> ksk: utilities too? I kno it's enabled in the kernel by default (wasn't in stretch)
52[00:13:33] *** Quits: nikow (~nikow@replaced-ip) (Remote host closed the connection)
53[00:13:51] <andyjpb> ksk: yeah. but as an upgrader I need to install it manually
54[00:13:56] <andyjpb> so I figured I'd give it a go
55[00:14:04] <andyjpb> unless there were Reasons not ot
56[00:14:06] <andyjpb> to*
57[00:14:21] <ratrace> andyjpb: AA is a great tool if you know how to use it. It lacks profiles so you're on your own to develop them, or adjust existing ones for your use case.
58[00:14:39] <andyjpb> will the existing profiles do sensible things?
65[00:15:16] <ksk> I think the profiles coming with debian per default are rather conservative
66[00:15:17] <ratrace> andyjpb: you'll probably need to tune them. I write my own policies and use only a handful from installable profiles, and those need tuning for my use case
67[00:15:35] <andyjpb> I didn't install it on the colo box yet because I already had enough trouble with Buster's TLS1.2 default and all the Outlook users
74[00:16:51] <ksk> of course you cannot use 0.9.8 anymore..
75[00:16:53] * ksk hides
76[00:17:24] <ksk> seems apparmor-utils is also installed by default btw, apparmor suggests that package
77[00:17:36] <andyjpb> ratrace: it's the default in openssl.cnf and there's an apt list-changes note to go with it
78[00:17:43] <andyjpb> exim and apache override it somehow
79[00:17:47] <andyjpb> cyrus takes it as is
80[00:18:09] <ratrace> andyjpb: but that's irrelevant. individual daemons like apache or nginx, need to enable it AND make it exlusive (disabling tlsv1 and 1.1, for that to be a problem)
92[00:20:33] <andyjpb> so... is pigz a drop-in replacement for gzip or should I profile it with my workload first? The details in the man page about how it does the parallelism suggest it'll create slightly larger files
93[00:20:43] <andyjpb> ...are they decompressible with zcat and gzip?
94[00:20:55] <ksk> andyjpb: they are.
95[00:21:34] <andyjpb> thanks
96[00:21:45] <ksk> we once replaced gzip with pigz for packing huge numbers of mysql dumps, because of performance. we had no issues as far as I know
109[00:24:05] <dpkg> Another happy customer leaves the building.
110[00:24:31] <andyjpb> in both Stretch and Buster security repos I can't install the 4.19 kernel because my /boot is on a FAT partition and it fails creating the symlink backup (Operation not permitted)
111[00:24:51] <andyjpb> I have sucessfully installed the backported 5.3 buster kernel to
112[00:24:51] <ratrace> ksk: TooSoon, the customer wants moar!
113[00:24:51] <andyjpb> tho
114[00:25:18] <andyjpb> I saw a debian bug about it for another kernel version so will those packages get fixed in time or do I need to report something?
115[00:25:52] <ksk> I did not know installing kernels on FAT32 was supported.
116[00:25:57] <ratrace> andyjpb: what symlink backup?
117[00:26:09] <andyjpb> ksk: /boot is FAT32 because UEFI
118[00:26:10] *** Dagger2 is now known as Dagger
119[00:26:29] <ksk> uh okay. one step forward, three steps back :o
120[00:26:41] <andyjpb> ratrace: when the kernel package installs it makes a symlink or a hardlink from the /boot/... kernel file to /boot/...-bak or something
121[00:26:51] <ratrace> having /boot on FAT32 ain't necessary tho, just a convenience to have single partition for both ESP and /booz
122[00:26:54] <andyjpb> in the past the failure of this is ignored and the package installs anyway
125[00:27:11] <andyjpb> and, indeed, dist-upgrading between jessie, stretch and buster was fine
126[00:27:35] <andyjpb> but installing the current 4.9 / 4.19 kernels in stretch-security and buster-security doesn't work
127[00:27:37] <ratrace> andyjpb: I don't know about that, but it does create symlinks from root ( / ). Also, /etc/initramfs-tools/update-initramfs.conf has the configs for those .baks
151[00:34:05] <gordonfish> Having trouble with a simple syslog.d/iptables.conf; tried many variables, but no matter what, it doesn't create the log file (/var/log/iptables.log) and still logs to /var/log/rsyslog and /var/log/messages
157[00:35:14] <ksk> afx_: let me start with the second one: lets assume we use windows - take a look at the world - how and when do people get "hacked"? they do so if they do not upgrade their systems to the latest version, and a known vulnerability gets exploited
158[00:35:29] <gordonfish> I've even tried something as simple as :msg, contains, "iptables" -/var/log/iptables.log and restarted rsyslog and still it acts as if /etc/rsyslog.d/iptables.conf wasn't there
160[00:35:41] <gordonfish> Anyone have any idea what I could possibly be missing?
161[00:36:15] <ksk> if your usecase rather is "I want to make my users feel safe, when they klick things" - then I suggest using M$ defender - every other security/antivir software has a baaad record of ADDING vulnerabilities to the system (because the hook deep into the windows kernel)
162[00:36:18] <afx_> ksk: I agree , but still don't get your point :) . I mean what has this to do with virustotal
163[00:36:37] <ratrace> gordonfish: afaik there is no "iptables" string in stuff logged by iptables (the -j LOG directives)
164[00:36:40] <ksk> ah, its not an antivir? :D
165[00:36:54] <ratrace> gordonfish: unless of course you put it in theere
166[00:37:21] <ksk> afx_: okay then.. yes, I suppose you are right with your assement about make install
168[00:37:43] <ksk> afx_: the question then would be, did the previous make command run successfully?
169[00:38:13] <gordonfish> ratrace: I have a handful of iptables -j LOG rules that all use a similar --log-prefix "iptables[FOO]: "
170[00:38:15] <ksk> afx_: but why? there are like no viruses targeting linux. also, we tend to not share executables in the linux world
171[00:38:48] <ksk> of course an opened pdf, jpeg or whatever could trigger a bug in the viewing softare - I doubt virustotal would protect you from that, then.
172[00:38:51] <afx_> ksk: still share files with windows users too , so I don't want to spread viruses there :)
173[00:39:10] <gordonfish> ratrace: And I see them show up in /var/log/syslog and /var/log/messages
174[00:39:27] <andyjpb> what's the difference between seccomp-bpf and apparmor?
175[00:39:30] <gordonfish> And one of them occurs often
181[00:40:50] <ratrace> gordonfish: ah so you put it there. I'd try to make that regex way simpler, just trigger on "iptables" and see if that works, then slowly expand it with detail.
183[00:41:16] <ksk> afx_: btw, its more then questionable that you would need a software written in C, to upload stuff to a website - red flags waving..
184[00:41:33] <ksk> (like, there is http, no? :P )
185[00:41:48] <ksk> afx_: is that is the command you execute before make install, then yes.
192[00:42:18] <ratrace> andyjpb: AA is a LSM/MAC framework, while bpf is a "packet" filtering laguage in the kernel, with which one can express MAC policies, yes. for seccomp in this case, which is syscall filtering
193[00:42:20] <gordonfish> ratrace: I've also tried :msg, contains, "iptables"
194[00:42:42] <afx_> ksk: found the same issue here replaced-url
195[00:42:57] <ksk> afx_: contact virustotal support then.
206[00:46:21] <ratrace> andyjpb: no. bpf is a language one can express a MAC policy in. AA is a framework with predefined rules and relationships and its own domain specific policy "language"
207[00:46:49] <ratrace> they surely do overlap in functionality, yes
208[00:46:56] <andyjpb> ratrace: thanks. so it's just the granularity of that language that differs?
382[02:45:12] <maxrazer> I'm running unstable. I think I've had very little bad packages. Chromium is having troubles right now, but that really isn't a released product.
388[02:47:05] <maxrazer> So many have run Debian unstable for years without problems. I have to remind the unstable is referring to the updates schedule, not the operation stability.
402[02:49:43] <dpkg> Security updates in testing are delayed by the normal testing migration *and* may be further delayed by missing dependencies, etc. See replaced-url
403[02:50:09] <Thienma> not problem but I see a lot of warnings when I open pages. I see from the terminal.
404[02:50:22] <maxrazer> I ran testing for a while for the delay. I think it may keep back grave bugs. apt-listbugs will abort apt upgrade if it is installed.
405[02:50:48] <ksk> yeah, you should install apt-listbugs on sid.
406[02:50:50] <maxrazer> Oh, I haven't tried checking the terminal. There is also Vivaldi and Brave. Brave is good.
407[02:52:25] <maxrazer> I've got Vivaldi, Brave and Chrome installed. I removed Chromium.
478[03:35:14] *** Quits: BenNZ (~Ben__@replaced-ip) (Quit: Everytime I think IQ's must have dropped recently, I remember that this is the internet)
479[03:35:34] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
480[03:35:57] <Akuw> i found CRON[30201]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) in syslog but cant see the cron jobs inside /etc/cron.d that were runned
544[04:06:25] *** Quits: Tom01_ (~tom@replaced-ip) (Remote host closed the connection)
545[04:06:31] *** Quits: un214 (~joshua@replaced-ip) (Remote host closed the connection)
546[04:08:09] <dislo> un214, I am looking to set debian up as an ipv6 overlay endpoint so it would be running the radvd and potentially a stateless dhcpv6 server
547[04:08:35] <dislo> I have pasted a non working interface file here: P5x7wY3w6eDN%8j$8nC#6tYCA4*6MH%4^WdWj7FMe3qqKYCPK&
611[05:15:09] <rocketmagnet> hi everyone, what can i do to prevent the error: "cannot connect to x server" when i try to do: xinput map-to-output 12 HDMI-0 ?
612[05:17:28] *** Quits: tyranny12 (~blarg@replaced-ip) (Remote host closed the connection)
613[05:17:35] <rocketmagnet> i also get the error message when i try it with sudo
673[06:26:14] <kintarowonders> I just want a GUI for my desktop (not debian) that is good at easily seeing Debian log files incl extra packages like say snort.
674[06:26:18] <kintarowonders> Something must be out there.
758[07:38:35] <golluq> I see. Alright, I'll check that out. Thanks
759[07:39:01] *** debhelper sets mode: +l 1422
760[07:39:06] <annadane> if your real question is "can i use a newer version of emacs than exists in stable", first keep in mind debian does backport some features from minor point versions, second, you can always just compile it yourself
761[07:39:13] <annadane> but no i wouldn't just add unstable to your sources.list
762[07:39:37] <annadane> the only real changes in emacs AFAIK are major ones, 24, 25, 26, not 26.1 26.2 26.3
763[07:39:47] <golluq> Allright. I'll try to compile my own
764[07:40:05] <golluq> Yeah, I have 24.5 currently and would like to get 26ish
765[07:40:13] <annadane> well, 26 is in debian stable
766[07:40:35] <golluq> what, how come I have 24.5?
767[07:40:46] <annadane> are you on debian 10?
768[07:41:46] <golluq> ah, no. debian 9.1 :-D
769[07:41:52] <golluq> maybe upgrade debian first
770[07:41:54] <golluq> :-D
771[07:42:01] <golluq> using wsl you see
772[07:42:12] <annadane> up to you - you have full support until a year after debian 10's release
773[07:42:17] <annadane> oh, wsl
774[07:42:21] <annadane> well then i have no idea
775[07:42:47] <golluq> I am okey with the #debian support :)
776[07:43:40] <annadane> anyway, tl;dr on compiling software, download the source from the website (gnu in this case), build your dependencies (either through apt build-dep or by consulting the README in the documentation), extract the source to some folder and read the documentation, it will involve some steps like ./configure and make
777[07:44:08] <annadane> i have NO idea about wsl, though
778[07:44:49] <annadane> emacs may also be availble in flatpak or appimage form, which may be easier
779[07:44:56] <annadane> i know for sure it's in flatpak
780[07:45:11] <golluq> well, I am not astranged to compiling software. It's just messy with big ones that comes with hundreds of other stuff
781[07:45:13] <annadane> which if you're on stretch, you need to get that from stretch-backports
828[08:55:15] <Lope> anyone know how to disable the beeper on a UPS with NUT? when I get the UPS status, it says "ups.beeper.status: enabled" I'm using nutdrv_qx driver with vendor MEC? I've tried `upscmd -u foo -p bar myups@blah:1234 beeper.disable` and have also tried ups.beeper.disable but it said ERR CMD-NOT-SUPPORTED
850[09:08:44] <ryan42_> is someone willing to help me troubleshoot an encrypted / lvm issue
851[09:08:51] <ryan42_> i'm about at my wits end with this
852[09:09:55] <gugu> or sorry I meant dist-upgrade v upgrade
853[09:10:14] <rudi_s> man apt-get?
854[09:10:36] <gugu> ya think I have also websearch but its the translation
855[09:10:41] <tomreyn> ryan42_: post your configuration and the problems you encounter, as well as a summary of what you did so far in an attempt to solve it on the pastebin, then ask again
856[09:10:43] <rudi_s> upgrade won't remove existing packages, dist-upgrade does
857[09:11:37] <tomreyn> ryan42_: ...providing both the commands you run and the full output they produce.
858[09:11:48] <ryan42_> tomreyn: this is basically what is wrong: <replaced-url
861[09:12:48] <ryan42_> update-initramfs isn't putting cryptsetup on the initramfs image because it doesn't seem to think it needs it, probably realted to the rootvg not found in crypttab error
862[09:13:10] <gugu> If you want things to "just work", you probably want apt-get dist-upgrade to ensure dependencies are resolved.
863[09:13:48] <gugu> rudi_s, what packages might be removed ?
865[09:14:29] <gugu> what might happen if "dependencies are Not resolved" ?
866[09:14:37] <rudi_s> gugu: Packages which conflict with new ones in the new Debian release, it all depends on which packages you have installed
867[09:14:38] <ryan42_> on a clean install with working LVM setup, /etc/fstab and /etc/crypttab are both set up like mine and it works. mine used to work. i'm not sure what caused it to stop. if I change sdb5_crypt to chewbacca-vg it makes initramfs not throw the error and it *does* put cryptsetup on my initramfs image, but it doesn't boot correctly. I have to manually bring the VGs up in the busybox initramfs shell to make it
868[09:14:44] <ryan42_> boot
869[09:15:13] <rudi_s> It depends, you must read the list of removed packages carefully on a dist-upgrade, it can remove more than you expect
870[09:16:07] *** Quits: subfj (subfj@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
871[09:16:19] <rudi_s> The recommended workflow is to run "upgrade" first (to update most packages) followed by "dist-upgrade" (to update the rest, possibly removing packages in the process).
872[09:16:49] <rudi_s> But you only need that when upgrading from e.g. Stretch to Buster. For security and stable updates just "upgrade" is enough.
873[09:17:52] *** Quits: tyranny12 (~blarg@replaced-ip) (Quit: No Ping reply in 180 seconds.)
874[09:18:16] <gugu> rudi_s, ok guess I don't need to know
881[09:20:20] <tomreyn> ryan42_: hmm crypttab looks fine, can you post pvs;vgs;lvs ?
882[09:20:22] <gugu> what it means
883[09:21:01] <ryan42_> tomreyn: thanks for looking. here are those commands: replaced-url
884[09:21:11] <rudi_s> gugu: What means what? Did you read what I wrote, did you check the man pages, etc.? What are you missing?
885[09:21:50] <gugu> anyway, a more complicated issue I have I had to disable secure boot because the modprobe method didn't work to get the wireguard VPN up
886[09:22:05] <gugu> now it does work, but the instructions say A chance exists that the Secure Boot feature is blocking the unsigned WireGuard kernel module. In this case, you might consider either disabling the Secure Boot feature or signing the WireGuard module to raise the trust level.
887[09:22:15] <ryan42_> tomreyn: oye, here's an oddity. on my problem system... # ls -l /dev/mapper :: chewbacca-vg -> ../dm-0
888[09:22:31] <ryan42_> on my cleaninstall test system: #ls -l /dev/mapper :: sda5_crypt -> ../dm-0
889[09:22:32] <rudi_s> gugu: Which instructions?
890[09:22:33] <gugu> so am wondering how to " sign the wg module "
891[09:22:43] <ryan42_> the symlink to dm-0 differs. i have no idea what would have changed that
895[09:23:40] <gugu> I could just abandon the CLI wireguard method and re-enable secure boot, and use their application instead
896[09:24:13] <rudi_s> Btw. the default secure-boot on is not really useful anyway (the initrd is not protected giving an attacker arbitrary user-level code execution even with secureboot enabled).
901[09:25:07] <tomreyn> ryan42_: do you have, on the "broken" system, a symlink /dev/mapper/sda5_crypt , though? and where does it point to?
902[09:25:17] <rudi_s> gugu: Yes, of course; because with secure-boot only signed kernel modules are loaded, which wg is not.
903[09:25:28] <ryan42_> tomreyn: no that doens't exist
904[09:25:46] <ryan42_> but pvs shows /dev/mapper/chewbacca-vg on the brokeen box and /dev/mapper/sda5_crypt on the working, cleaninstalled one
905[09:26:02] <gugu> well if secureboot isn't adding anything , guess I just leave it off
906[09:26:34] <tomreyn> ryan42_: hmm it should exist since the encrypted device (/dev/sda5) was cryptsetup luksOpen'ed
907[09:26:51] <ryan42_> i think the problem with this is that wehn i broughtthe system up "by hand" i decrypted the disk as chewbacca-vg instead of sdb5_crypt (oops)
908[09:27:00] <gugu> ?
909[09:27:10] <tomreyn> ryan42_: yes, that's what it sounds like
910[09:27:19] <rudi_s> I didn't say nothing; it's just that it cannot protect more in the default setup.
911[09:27:24] <ryan42_> i still don't know what broke it coming up automatically, but let me fix that first before I keep trying to figure it out
912[09:28:33] *** Quits: we6jbo (~we6jbo@replaced-ip) (Remote host closed the connection)
913[09:28:37] <tomreyn> ryan42_: have you tried replacing , in /etc/fstab, the /dev/mapper/chewbacca--vg-root device path (or actually all device paths) by its (their) UUID(s)?
914[09:29:05] <tomreyn> it's what i usually do, and it can work around such problems.
915[09:29:19] <ryan42_> not yet, rebooting and bringint it up as sdb5_crypt and i'll try that
916[09:29:39] <rudi_s> That sounds like a bad advice. The /dev/chewbacca-vg/root paths are much easier to read and understand they work just fine.
917[09:29:59] <tomreyn> rudi_s: POV i guess
918[09:30:12] <gugu> rudi_s, so it's worth using secure boot vs not using it even in 'the default setup' ?
919[09:30:23] <rudi_s> I haven't followed your discussion completely, but I'd suggest booting into a live-cd (e.g. Debian installer) and try to fix it from there. I noticed all kinds of weird behavior when renaming VG/LVs. etc.
920[09:30:58] <ryan42_> rudi_s: i am doing such now to get back into teh system. still not sure what broke it as i did not try to rename anything
921[09:31:05] <tomreyn> there was no mention of renaming devices
922[09:31:06] <rudi_s> tomreyn: Well, compare "/dev/foo/bar" with "UUID=b0e2f04f-d805-45b1-89a4-bd0e89a7c712"
923[09:31:42] <tomreyn> rudi_s: though if you renamed devices, UUIDs would surely help, since they don't require updating
924[09:31:57] <rudi_s> Anyway, I'd not fall back to weird hacks and instead use a live-cd to fix it.
925[09:32:12] <ryan42_> rudi_s: i can use a livecd to fix it and it works
926[09:32:22] <rudi_s> That's true, but not the related to the issues I mentioned
927[09:32:29] <ryan42_> update-initramfs is fine, no errors
928[09:32:35] <boeg> Whats the "standard" notification mechanism on debian and how do I get firefox to use it? Right now it looks like it uses it's own horrible notifications that don't float on my tiling wm
937[09:36:14] <ryan42_> insanity. this time it booted and I can update-initramfs
938[09:37:05] *** Joins: conta (~Thunderbi@replaced-ip)
939[09:37:08] <ryan42_> is there any way to eliminate the references to "sdb5_crypt" -- i am wondering if with all the storage controllers in this machine it is not iterating the devices consistently
999[10:44:18] <Night_Elf> Hello. I wonder, is it normal that when resizing an ext4 partition on a USB stick, from 32MB to be 30GB, it is taking almost one hour to do? I am using gparted for this.
1000[10:44:28] *** Quits: conta (~Thunderbi@replaced-ip) (Quit: conta)
1039[11:14:22] *** Quits: nexgen (~nexgen@replaced-ip) (Remote host closed the connection)
1040[11:14:46] <oiaohm> Night_Elf: resigning a partition can be horrible complex and can upset USB stick block storage. When I say block storage I mean the way the flash is where it can really only delete like 256kb block of data at a time.
1043[11:16:43] <oiaohm> Night_Elf: Please note 256kb block is on the small side for flash storage you can have 4meg blocks. If resizing a partition results in fragmented blocks that the usb flash controller is operating and its now having to compact those blocks while you are attempt to write to the flash drive you end up with a write speed of absolute snail.
1044[11:17:13] <Night_Elf> oiaohm: So then saving the data, deleting the small partition that doesn't fill the disk, recreate a new bigger one, and restore the data that was saved, this seems to be the best aproach.
1045[11:17:45] <oiaohm> Night_Elf: baisclaly some cases it can be faster to copy the complete data off. Delete the complete partition perform a trim command on drive to clear old data then create new partition and copy the data back on.
1046[11:18:25] <oiaohm> We can expect this kind of hell with SMR harddrives as well at times just on a level of even worse.
1089[11:56:29] <Night_Elf> oiaohm: So then, I compared the outputs of "tune2fs -l /dev/sdd2" in both cases. When the partition was after the resizing, and when the partition was recreated again new. Several things are different. Inode counts, block sizes, etc. I suppose that that is what made the difference. And it really is a very obvious difference.
1126[12:25:20] <oiaohm> Night_Elf: basically a lot of those changes are most likely going to be spread over blocks in the flash storage and can result in the flash storage to have to defrag blocks that is hell slow it if has to to that many times.
1127[12:25:44] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
1132[12:27:32] <Night_Elf> oiaohm: With the resizing, I was getting response times like... "touch somefile" to complete after 3 seconds. Unmounting the fileystsem after performing a sync, would take 30sec.
1133[12:28:06] <Night_Elf> Now it seems to behave like more normal and what I'd expect it.
1157[12:36:41] <Night_Elf> Bushmaster: This can be helpful for you. replaced-url
1158[12:37:12] <Bushmaster> Thanks Night_Elf I need to transfer files from my Debian machine to windows 10, let me see I can implement it
1159[12:38:03] <Night_Elf> Bushmaster: If you're on the same lan, why not just use windows share (samba/smb) for that ?
1160[12:38:35] <oiaohm> Night_Elf: you will not want to mix up and buy a SMR harddrive when you want a old school CMR harddrive(the harddrive type we have used for last few decades)
1161[12:38:39] <Bushmaster> yes same LAN but my Debian has SSH Night_Elf
1162[12:39:36] <oiaohm> Bushmaster: You may not need to install sshd on windows if you are wanting to transfer and you are logging in on windows todo it.
1166[12:40:12] <Night_Elf> Bushmaster: To what I know, from a DE you can access remote shares by having something like: smb//ip.of.remote.machine/sharename
1167[12:40:46] <Night_Elf> smb:// that was
1168[12:40:55] <Bushmaster> oiaohm, I tried by typing ssh username@local IP and it wont go
1169[12:40:56] *** Quits: thelastjedi (~quassel@replaced-ip) (Remote host closed the connection)
1170[12:41:17] <Night_Elf> oiaohm: they don't work well with one another ?
1171[12:41:40] <Night_Elf> I mean, if you have both kinds in the same box ?
1173[12:42:31] <oiaohm> Night_Elf: they will work with each other in the same box. But SMR have a very particular peformance patternt. They are not a drive that is friendly to random read/write.
1179[12:45:11] <oiaohm> Night_Elf: flash storage like USB/ssd drives are able to hide the downsides most of the time due block sizes not really being that large. These SMR zoned harddrives you can be look at 100meg as a single block.
1180[12:45:42] <oiaohm> Night_Elf: add slower speed of harddrive pain level is in a completely different world.
1181[12:45:45] <Bushmaster> Night_Elf, and oiaohm them links ask me to go to seetings and apps etc cant even locate any of these in widows machine, windows is very idisorganized and annoying
1182[12:47:15] <Night_Elf> Bushmaster: Your need is to access from the debian machine and towards the windows10 machine? If you are on the same lan, then why not just go the other way around? From the windows10 access the debian, and transfer what you need
1183[12:47:33] <oiaohm> Bushmaster: I do not have a single windows machine where I am to look in windows.
1184[12:48:04] <oiaohm> Bushmaster: I was crossing fingers that those instructions still worked.
1185[12:48:27] <Bushmaster> oiaohm, i found it but it says Uninstall meaning it is already installed
1200[12:53:19] <Bushmaster> thats cool Night_Elf thanks and thanks oiaohm too
1201[12:54:28] <Night_Elf> Bushmaster: Ah. Didn't know that windows10 provided a ssh command. Maybe it has also the 'scp' which is to copy files. But then again, with mobaxterm it's easier and you can use the embedded sftp browser in a drag-and-drop fashion.
1205[12:55:56] <Bushmaster> Night_Elf, MS DOS taken the ssh username@local IP to let me get into Debian yes now I am looking at Netowrk in File Manager in Windows that I can enable then I can do the transfer in GUI
1206[12:56:19] <Ede|Popede> Bushmaster: maybe the easiest way: fire up a tiny httpd on your debian (websh or the one integrated in python), copy your files into its webroot, if there are many, zip them for convenience, download from win10, unpack. done.
1207[12:57:53] <Night_Elf> In my opinion, installing mobaxterm is the most full featured option. You get an entire cygwin/mingw with it, bash and some unixlike environment, an X server for remote lanuching gui applications. But then different people, different tastes
1208[12:58:46] <Ede|Popede> gotta look at it some day when i'm done with some other things (that includes reimplanting the system disk into the windows pc)
1209[12:59:04] <Bushmaster> Night_Elf, and Ede|Popede I just opened the private network option in windows file manager and it now allowing me to see all my machiens, including minidlna set up in my mint machine
1210[13:01:09] <Ede|Popede> i stopped using their built-in fm when i discovered total commander. unluckily all the linux DEs decided to implement its approach, the only usable fm i found so far is double commander.
1216[13:04:50] <Ede|Popede> Night_Elf: it's just that i found it far easier to do such things on linux than on windows. there you never know what awaits you behind the next corner. even the language they use in their so called help... may (also) be a matter of translation, but half of the time i had no clue what they were talking about.
1224[13:12:45] <Ede|Popede> Bushmaster, as i said... must have even been before XP when i stopped using it. only how they managed to hide all the settings to make it show ALL the files... they had a nice start with fileman.exe, but that was only meant to get rid of norton commander. and i do remember i had some network related problem on it, couldn't figure out how to solve it. had a look at linux (i think i was running SuSE at that time) and it took me minutes after reading
1225[13:12:45] <Ede|Popede> some manpages and maybe a HOWTO.
1228[13:16:26] <Bushmaster> Ede|Popede, I hate windows, and i wish I can get rid of it from my machine but them ass*holes want me to use it for Proctoral Setting for Online Exams with school where I am taking some online course
1229[13:17:37] <Bushmaster> I mean amazing bast*ards like Bill Gates make such a loose OS and makes billions by fooling customers most of course are damn fool anyway
1230[13:18:31] <Night_Elf> lol
1231[13:20:55] <Bushmaster> in my opinion windows is sh*it, its slow, extremely resource intensive for no reasons, and full with issues, its a OS I think for people who use it for word document and sh*it like that
1232[13:20:59] *** Quits: Ganonk (r00t@replaced-ip) (Remote host closed the connection)
1236[13:24:59] <Ede|Popede> one of my first such experiences: was looking for some text in a couple of files (actually more than just a few). FIND missed some though it wasn't even a complicated REGEX (not that it would have known how to handle it anyway). booted debian, tried it from there. not only it found what i was looking for, it was even faster.
1237[13:25:44] <Ede|Popede> and then i was getting curious and did some other cross-OS tests. even simple file listing was faster on the DOS disk from debian.
1238[13:25:48] *** Quits: golluq (~kalo@replaced-ip) (Quit: Lost terminal)
1239[13:25:49] <Bushmaster> the problem with windows is it knows the market behavior, it knows how to con people and how to keep people ignorant
1240[13:26:31] <Bushmaster> and Bill Gates is the Mastermind conning people globally for three decades ...
1242[13:27:39] <Ede|Popede> Bushmaster: they had to tell people that windows wouldn't run smooth on other DOSes. and achieved this by making it crash on DR-DOS. that's what made me laugh when they claimed recently that google would serve worse code when visited with edge. now it was them on the other side of the fence...
1243[13:27:45] <Night_Elf> Most of the things in today's world, are not famous because of true merit, but because they have a heavy advertisment backup
1244[13:27:46] <Bushmaster> this bastards run the media, TV and people watch windows and get brain washed
1246[13:29:00] <Bushmaster> I fully agree Night_Elf I mean that Bast*ard must have millions of dollars PR (Public Relation) investments
1247[13:29:16] <Bushmaster> with his crap OS
1248[13:29:50] <Ede|Popede> Night_Elf: i think there was something on the 36c3 about recognition of non-existing patterns. people will believe everything if you tell them often and subtle enough. there's also a psychologist implanting memories of crimes into people's brains, and after some session they believe it.
1249[13:29:52] <Bushmaster> the thing that annoy me most is people believe in Microsoft products
1250[13:29:53] <Night_Elf> I suppose it is true for many things as well, not only the os-es. Database scene is more or less the same.
1251[13:30:43] <Bushmaster> I just hope one day windows perish
1253[13:31:03] <Ede|Popede> it works in all areas where they can make money, that includes everything you can spend money on. product A is better then product B because, well... it is.
1255[13:31:40] <Bushmaster> the thing that makes me angry is all these capitalist bastards force people to use windows, think of all these schools, dictating me to use windows
1256[13:32:02] <Night_Elf> That's a bit hard to happen Bushmaster. You forget how many users are there who just need to hear they have made a good choice. And the marketers around them do just that. And also more, they believe in "if you pay for it, then it surely must be good"
1257[13:32:15] <Ede|Popede> one of the nice features of FOSS, you can't get bankrupt as long as you have enough developers going on with their efforts. so there's no need for lies.
1258[13:33:07] <Bushmaster> Ede|Popede, FOSS products are heavily tested cos so many developers screening the codes, unlike windows product, they have their own assholes and nothing else
1259[13:33:14] <Ede|Popede> Night_Elf: as a warlord would you trust more a mercenary or a fanatic? ;)
1260[13:33:54] <Ede|Popede> and then the mobile market clearly goes to google and apple i guess.
1261[13:33:59] <Night_Elf> hehe
1262[13:34:24] <Bushmaster> i have never used apple its same shit like windows
1266[13:36:16] <Night_Elf> Personally I only use windows to play those 2-3 games I still care to play once in a while. A couple of hours of starcraft in the weekends, some Alien Isolation before going to sleep.... and that's it
1267[13:36:35] <Ede|Popede> at least they had a GUI long before M$. granted, the IBM PC wasn't a real highend machine in those days. and there already were some WMs around in the unix world.
1269[13:39:12] <Ede|Popede> actually there were some nice ideas in its early days, like the specification of equalness regarding input methods. mouse, keyboard, menus, buttons, it all should work. they've long forgotten about such things, and with them all the linux desktops trying to mimic windows and apple. just because "people are used to it".
1270[13:40:28] <Ede|Popede> Night_Elf: yeah, wintel is the breadbox of the 21st century :D
1333[14:23:34] <Doxin> diogenes_: I'm rather sure I've only got win10 and debian installed, not win10, win7, and debian. The win7 bootloader might've stuck around somehow but I'd still rather have it not show up
1346[14:27:16] <diogenes_> that's a question for ##windows.
1347[14:27:49] <diogenes_> but if you ask it there they gonna ban you.
1348[14:28:05] <Doxin> diogenes_: well that's not exactly a good solution either then :P
1349[14:28:35] <convulatr> Delete the leftover files in the EFI fat32 partition and EFI entries?
1350[14:29:09] <diogenes_> Doxin, try to remove the entry with grub-customizer.
1351[14:29:27] <vlt> Hello. I want to create an environment in which I can run live-build while offline. #debian-live recommended to try "a full archive mirror or possibly a fully populated apt cache". What does that mean? Where to start? Any help?
1352[14:29:37] <Doxin> diogenes_: gimme a sec to apt-get that...
1353[14:30:42] <convulatr> lol
1354[14:31:32] *** Quits: uniqdom (~uniqdom@replaced-ip) (Remote host closed the connection)
1379[14:40:31] <vlt> (Customising and) creating the Debian iso running the `live-build` scripts works perfectly fine but utilises a network connection to (repeatedly) download stuff.
1384[14:43:06] <deadrom> used to have a Thinkpad T series which worked a charm for suspend/resume. can't say the same for a Dell mobile Workstation. forgets all monitors and peripherals on resume so I have to run a xrandr script after each resume to have my screens back in shape. now I'd like to go away from a laptop and eye a regular PC rather. in terms of suspend/resume, wise decision? PC = random hardware brought together, laptop = mostly fixed hardware set with
1385[14:43:06] <diogenes_> vlt, one of the methods that come to mind is to use a standard Debian iso which includes the basic packages only, chroot into it, add all the packages you want and re-build the iso.
1386[14:43:07] <deadrom> power management being key.
1398[14:49:54] <vlt> That sounds like a lot of work to be done that lb already does for me by creating a (scriptable) configuration for my live ISOs. Maybe providing a full archive mirror locally is the way to go.
1445[15:26:23] <Stoot> HI guys, I cannot find much about thew mini.iso nbet installer The netISO itself still seems to get a lot of files from the ISO itself
1446[15:26:41] <abrotman> Stoot: what are you trying to do?
1447[15:26:56] <Stoot> abrotman fast install over idrac
1449[15:27:13] <abrotman> Stoot: the netinst has the base number of packages to get a working install, the mini requires the internet or some other package source
1450[15:27:16] <Stoot> and much as I can grabbed from the internets
1453[15:27:27] <dpkg> mini.iso is a super small ISO that utilizes the <netboot> images to fetch <d-i> and all components over the network. Only contains a boot loader, kernel and initrd, typically ~20MB. Start at replaced-url
1472[15:33:10] <abrotman> if you have functional internet from the target, the netinst will get any packages that are newer from the internet source. Otherwise it will use what's on the ISO.
1473[15:33:59] <abrotman> if you want muck about with tftp and pxeboot and blah blah blah, use the mini
1478[15:38:13] *** Quits: MenschZwoNull (~MenschZwo@replaced-ip) (Remote host closed the connection)
1479[15:38:58] <Stoot> yeah OK, I just need this install for some dell upgrade shit
1480[15:39:02] <Stoot> going to try the mini :)
1481[15:39:10] <Stoot> am already trying actually ;)
1482[15:39:11] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you can get shot if you crack smiles and shit...)
1536[16:30:08] <blscoe> I am trying to test my webserver and I like to know what is the limit of request that my server support. I installer apache-utils and I would like to know if anybody know a test that can show me this limit? Thanks!
1569[17:08:56] <unborn> hi guys.. I came across one of my laptops here which runs debian 7.7. I am going to upgrade to 10 however best way to do it would be by fresh re-install and full setup OR just update repos in list and then distro upgrade etc...? I have bash script which will install and setup all my software according my needs but would love to hear which way is actually the best. thanks.
1571[17:12:05] <petn-randall> unborn: You'd have to upgrade it like this: 7.7 -> 8 -> 9 -> 10. So you'd need 3 dist-upgrades, reading the release notes and fixing up config on the way. So I'd say it's easier and cleaner to reinstall.
1572[17:12:35] <petn-randall> unborn: Given that it's been 3 releases, your script will likely need fixing, too, since package names might have changed, or gone altogether.
1573[17:13:00] <unborn> petn-randall: thank you very much.. I thought so it would be easier.. just starting downloading the iso.
1577[17:15:30] *** Quits: czesmir (~stefan@replaced-ip) (Quit: Lost terminal)
1578[17:16:19] <unborn> petn-randall: I updating my postinstall.sh every time I do upgrade to newer release - on all other machines I run 10 its just this laptop (I am currently visiting my mom on Slovakia where I visit once a year only and that laptop is used as 'smart tv box').. I will do fresh install then git clone my stuff and run it.. it should be all fine. Thank you very much for advice.
1606[17:35:25] <diogenes_> wow guys, free 5G internet, is it true? replaced-url
1607[17:36:41] <un214> so it looks like all of my systemd issues reduce to two roots
1608[17:37:17] <un214> 1: if a device exists in /dev/mapper it's already ready but systemd tries to wait for a notification that it's ready. This makes no more sense than waiting for a /dev/loop device to be ready.
1609[17:37:57] <un214> 2: systemd can't figure out to move wait for network into the background after 4 or 5 seconds but would rather hang indefinitely
1631[17:47:22] <petn-randall> ifup is only doing what you're asking from it; you might want to remove that line or configure the interfaces statically if you want to boot it when the DHCP server is down.
1632[17:47:43] <un214> man page says: "Lines beginning with the word "auto" are used to identify the physical interfaces to be brought up when ifup is run with the -a option. "
1633[17:48:10] <un214> what it should do is keep retrying dhcp in the background until it comes up, but not block boot in the meantime
1653[17:55:16] <un214> oh I get it. It's bound to the console on sysvinit so ^C will bail it out, and dhclient doesn't notice
1654[17:56:47] <petn-randall> Yeah. So your options are either to configure it statically, or use network-manager, or override some of the systemd unit bits to make it not wait (not recommended).
1657[17:57:20] <CuteAlien> Hello. I just noticed kdiff3 is pretty badly broken in debian 10 stable (fails to diff any directories). The bug is likely this one: replaced-url
1695[18:13:18] <petn-randall> ifup sometimes did that, which would end with a rogue dhclient running and overwriting your /etc/resolv.conf on the next lease update (a.k.a "when you least expect it").
1723[18:24:50] <petn-randall> a) it does matter, a lot b) how is this an issue of systemd if your disks aren't up?
1724[18:25:20] <un214> it's impossible for the disks to not be up by that point
1725[18:25:38] <petn-randall> Ok, is this a HW raid, or is this mdadm?
1726[18:26:34] <un214> it's a motherboard raid; mostly SW but there's some actual hardware assistance to handle state recovery on power loss
1727[18:26:55] <gordonfish> ratrace: I feel rather dumb. It does work with contains, it was startswith that wasn't working due to the [12345.6789] style tag prefixed to each msg, and the regex didn't work because two fold:
1728[18:27:10] <gordonfish> 1) Missing some backslashes for regex metacharacters, and 2) Not taking into account that rsyslog confs treat double quoted strings like in C/perl/etc, where \\ needs to be used rather than just \ (eg, "\\(capgroup\\)" instead of "\(group\)" like in sed and such.
1729[18:27:25] <gordonfish> )
1730[18:27:41] <petn-randall> un214: Then show us the config of your sw raid.
1731[18:28:08] <petn-randall> un214: Or rather, show us the actual error that systemd allegedly chokes on.
1759[18:36:10] <InvisibleRasta> hello guys i just installed debian with debootstrap from archlinux on a btrfs subvolume... everything is working fine, internet and so on. i am just wondering why when i go to edit fstab it says its unconfigured...
1788[18:49:33] *** Quits: dzc (~user@replaced-ip) (Remote host closed the connection)
1789[18:49:37] <InvisibleRasta> sorry
1790[18:49:42] <InvisibleRasta> i got disconnected i think
1791[18:49:59] <InvisibleRasta> digdilem: petn-randall did you guys say anything i missed?
1792[18:50:44] <digdilem> InvisibleRasta, read up on systemd mount points. Systemd actually converts anything in fstab to a mount point, but it doesn't need to
1868[19:22:27] <f-a> in my alsamixer "capture" screen I see "Mic boost", "capture", "digital", "internal mic boost", where do I get infos on what are those?
1871[19:25:38] <Guest58> I have buster. Out of nowhere I decided it would be nice to try i3 gaps. Since there is no package for it I said "let's just try this all in one" script from github
1872[19:25:49] <boeg> anyone here using the fonts-font-awesome package and have an idea why some (a lot) of the free icons aren't working and just showing like chinese characters and stuff like that?
1873[19:26:34] <Guest58> Result : my machine was completely destroyed, it changed my sources.list to old stuff and installed a bunch of new stuff which lead to breaking my machine
1874[19:27:08] <Guest58> So right now I am just reinstalling all packages
1875[19:27:18] <Guest58> Hope it fixes it
1876[19:27:43] <Guest58> @boeg I have experienced that yes
1910[19:42:12] <petn-randall> Guest58: If you don't want to do that, the install guide has several other options.
1911[19:42:43] <unborn> Guest58: yes you can do it - if you know what are you doing also if you installed your linux on separate partitions, yes you can do it, if you have no idea what I am saying then back up your important data and do fresh install..
1912[19:42:51] <petn-randall> But I'm going to say that creating a usb drive is the simplest option, as that's like just two things to do.
1916[19:47:42] <zodd> every time I reboot the opendkim service did not start. If I start it manually afterward it works fine. How can I analyse the cause?
1917[19:47:42] <petn-randall> Guest58: Lesson learned: Don't run scripts from the internet as root without understanding what they do. Your system being broken is probably the most benign error you can get from it.
1922[19:51:03] *** Quits: Ericounet (~Eric@replaced-ip) (Quit: Je m'en vais ...)
1923[19:52:51] <petn-randall> zodd: If you're running systemd you can check with 'systemctl status opendkim' why it failed, and also check the logs with 'journalctl -u opendkim'.
1924[19:53:17] *** Quits: tyranny12 (~blarg@replaced-ip) (Remote host closed the connection)
1954[20:05:28] <petn-randall> zodd: Yes, but it failed to start for a different reason. "Start request repeated too quickly" is just the symptom, that's systemd trying to restart it after it failed starting.
1968[20:14:00] <boeg> I tought `apt upgrade *package*` would just upgrade the package but apparently not. Now that i've upgraded my whole system to `unstable`, is there a way to downgrade to `stable`?
1983[20:23:28] <boeg> also the package fonts-font-awesome has version 5.0.10+really4.7.0~dfsg-1 - does that mean it's font-awesome 4 or 5? Because lots of font-awesome 5 icons aren't working so i guess its font-awesome 4 ?
1990[20:28:51] <namll`> is there any tool recommendations for screen calibration tools? just got a new screen replacment for my laptop and the whites seem off.
2020[20:49:14] <petn-randall> boeg: 5.0.10+really4.7.0~dfsg-1 means it's really 4.7.0, you'll have to look into the changelogs why it's named that way.
2041[21:02:29] <nulltrading> hello, how could i set the default screen brightness upon reboot? it seems i need root privileges to cat /sys/class/backlight/brightness.
2050[21:06:37] <diogenes_> afaik rc.local has been dropped long ago.
2051[21:06:50] <diogenes_> i might be wrong.
2052[21:07:15] <diogenes_> !rc.local
2053[21:07:15] <dpkg> /etc/rc.local may be used to run simple commands at boot time. It exists by default in jessie or older; in stretch you need to create it. Don't forget the <shebang> and be sure to chmod 755 it. rc.local is considered a hack, a stopgap, or a temporary band-aid; see <systemd>
2104[21:44:24] *** Quits: annadane (~annadane@replaced-ip) (Remote host closed the connection)
2105[21:45:10] <dob1> I have a file pattern, like foobar*.txt and a string s, in a directory I have to find recursively all the files that names is like the filename pattern that they don't contains the string s
2106[21:47:40] <ksk> you mean like the filename pattern, but also exclude every file name containing s?
2107[21:47:44] *** Quits: nulltrad` (~user@replaced-ip) (Remote host closed the connection)
2108[21:47:59] <ksk> or is s related to the content?
2109[21:48:00] <dob1> ksk, yes
2110[21:48:05] <dob1> ksk, it's related to content
2111[21:48:42] <dob1> if filename is like filepattern and s is in file content then exclude it
2112[21:49:12] *** Quits: nolan_ (~nolan_@replaced-ip) (Remote host closed the connection)
2113[21:49:20] <dob1> I was thinking to combine find and grep -v, but I don't know how to do it. maybe I can try a little python script
2164[22:29:49] <CaptainShell> so I'm wondering why is it that you have to go to the 3rd or even higher DVD to get some packages like hexedit or a command like strings but Knoppix manages to put most of the small useful utilities on a single DVD?
2165[22:30:07] <lupine> people still use the DVDs?
2166[22:30:22] <lupine> presumably the ordering differs
2185[22:43:40] <jhutchins> CaptainShell: Debian is over 50,000 packages, closer to 70k I think. Everything has to go somewhere.
2186[22:43:54] <CaptainShell> yeah
2187[22:44:20] <nulltrading> I am running a service for wpa_supplicant that connects to the network, the only issue is i have to run dhclient every time on reboot. I tried to append /sbin/dhclient to the end of the ExecStart command like so, ExecStart=/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -Dnl80211,wext -i%I && /sbin/dhclient %I, but it doesnt seem to run on restart. do i need a seperate service for dhclient that is ran after
2200[22:47:34] <vetru> Interesting issue: I just used wget to retrieve a file from github raw. The file saved... but then I cannot even list it with ls -al. Any further attempt to create a file with that same name recieves "Permission Denied" i am root user.
2201[22:47:40] <vetru> "disapearing file" etc
2202[22:47:50] <vetru> really odd. Any ideas would be <3
2203[22:48:09] <lupine> sure, the question is about extra packages though
2204[22:48:26] <nulltrading> jhutchins: /etc/network/interfaces is default, been using /etc/wpa_supplicant/wpa_supplicant
2205[22:49:14] <jhutchins> nulltrading: I'm not familiar with that, but you should be able to set it to use dhclient for the address.
2235[23:03:25] <mihi> vetru, any weird characters in the filename (and yes, leading - is also a weird character in that context as it will be interpreted as option usually)
2302[23:41:55] *** Quits: grumble (~grumble@replaced-ip) (Quit: People who can't distinguish between etymology and entomology bug me in ways I cannot put into words.)
2319[23:55:18] <BenLue> I try to install zsh and the theme agnoster on my machine (Debian Buster) all the time. zsh runs so far and is also configured. I don't see the symbols :/ can anyone help me? replaced-url