58[00:22:34] *** Quits: Lupricon (~Lupricon@replaced-ip) (Remote host closed the connection)
59[00:22:34] <somiaj> brieweb: yea, in that case you many need to install java 8 locally, use java-package, or the package in stretch can also be installed in sid (And I think it has been updated with security patches)
60[00:22:34] <somiaj> brieweb: arg, the stretch package can be installed in buster.
61[00:22:34] <mason> ws2k3: Interesting. That's not giving you a ton of counters, but it's up to each manufacturer to implement them.
68[00:23:44] <mason> ws2k3: For me, I run ZFS on everything, so I'd keep using that as part of a mirror or similar until it starts throwing errors. But that's me.
69[00:24:18] <mason> ws2k3: It's old enough that I wouldn't want to run it as a single drive.
73[00:24:47] <ws2k3> mason: i run zfs on a few boxes aswel but thats another topic. this machine is pretty old has an uptime of 860 days and has seen over 200 tb
76[00:25:10] <ws2k3> mason: so i was like lets check the smart status of all disk. just to check there are liek 24 disks in the box
77[00:25:48] <mason> ws2k3: So, something to consider is actually monitoring the values and firing alerts if you ever see, for instance, smart health status *not* ok, or uncorrected errors, or similar.
78[00:26:36] *** Quits: sphenxes (~sphenxes@replaced-ip) (Remote host closed the connection)
79[00:28:31] *** Quits: n4dir (~n4dir@replaced-ip) (Remote host closed the connection)
136[01:13:42] <somiaj> brieweb: in this case that is probably a decent method, I always just download the .deb's I need manually, as I don't like suggesting people mix sources.
147[01:31:27] <Scou_moune> Hi all ok so i want add a script that run with cron, and i don't want use crontab -e, i prefer file. So i have check for how do that with debian 10
155[01:33:57] <mutante> Scou_moune: i guess the problem is more the format inside the file than the part that you are writing it manually
156[01:34:50] *** Quits: voidSurfr (~todd_dsm@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
157[01:35:21] <Scou_moune> ok but i follow the log syslog where cron talk, and i see nothing, or just "syntax error" when i have cron.d because i have forget the "user"
159[01:35:57] <Scou_moune> my line is very simple that it: "3 * * * * root ${PROGPATH}"
160[01:36:11] <Scou_moune> where programe path is the fullpath of my script
161[01:36:21] <mutante> Scou_moune: this is about the (few) differences between manually editing it or using crontab -e .. they are not many replaced-url
162[01:36:24] <Scou_moune> i have try to add SHELL & PATH too
163[01:36:30] <Scou_moune> ok i go read thank
164[01:36:39] <mutante> Scou_moune: maybe paste the content of one of those files
180[01:41:24] <Scou_moune> Like i say that in testing, so that not properly write, i go read you're doc
181[01:41:30] <brieweb> somiaj, it sounds like there is the java-package as well?
182[01:41:38] <somiaj> ,i java-package
183[01:41:39] <judd> Package java-package (contrib/misc, optional) in buster/amd64: Utility for creating Java Debian packages. Version: 0.62; Size: 22.2k; Installed: 72k
184[01:41:55] <somiaj> brieweb: you can use it to create a .deb from the upstream package from oracle.
185[01:42:00] <somiaj> well upstream tar.gz
186[01:42:12] <brieweb> I was thinking of the java from adopt openjdk
187[01:42:19] <mutante> Scou_moune: ok, but what about the actual cron file that this writes?
188[01:42:54] <somiaj> brieweb: java-package just provides a way to create a .deb for a local install vs just installing the .bin (or .tar.gz) -- has the same issues in the end as you have to manually update it, but at least your package is managed with dpkg.
189[01:43:02] *** Quits: Mehregaan (c6fc99e2@replaced-ip) (Remote host closed the connection)
190[01:43:27] <Scou_moune> mutante: yes that it, i want use the solution with cron.d, so forget the line with # that for the other solution
197[01:45:02] *** Quits: gelignite (~gelignite@replaced-ip) (Quit: Stay safe! Stay at home! Stop the chain reaction!)
198[01:45:05] <Scou_moune> "ok, but what about the actual cron file that this writes?"
199[01:45:06] <mutante> Scou_moune: paste the actual file you have in cron.d please
200[01:45:08] <somiaj> brieweb: and then submit a bug report to whatever java software you are using so they update it to be compadable with newer java.
205[01:47:24] <mutante> Scou_moune: hm, ok, and what is the error you saw in the log file?
206[01:48:11] <Scou_moune> mutante: i say nothing ahah, but if i delete the user root i see "error wrong syntax"
207[01:48:18] <Scou_moune> i see*
208[01:48:41] <mutante> Scou_moune: so maybe it .. just works? seeing nothing often means all is ok in Linux
209[01:48:51] <mutante> what makes you think it doesn't run your command
210[01:49:01] *** debhelper sets mode: +l 1158
211[01:49:43] <Scou_moune> mutante: no i think not because i have control and no back have been created, and habitualy that say in log like "backup22 running"
243[02:05:16] <Scou_moune> mutante: no all work for that
244[02:05:28] <mutante> Scou_moune: so it's unknown what the fix was?:)
245[02:05:43] <Scou_moune> mutante: for other problem i prefer find solution by me first hihi
246[02:06:07] <Scou_moune> mutante: yeaaa :D so happy thank lol (i don't know why)
247[02:06:22] <mutante> Scou_moune: hah, ok, let's just accept it works :p
248[02:06:47] <Scou_moune> mutante: yea that my mind is too complicated i think
249[02:10:12] <mutante> Scou_moune: maybe just a little unfocused and jumping between separate problems, but it's all good, you got it working
250[02:10:54] *** Quits: yans (~yans@replaced-ip) (Remote host closed the connection)
251[02:11:38] <sc_> first time I had to upgrade to unstable to fix something :)
252[02:12:17] <Scou_moune> mutante: yea i think that with the time, i see that run all hours, so that why, me i waiting all 3 min. But yea now i can finish the function, and i drink pastis and show cron do the job :D
253[02:12:57] *** Quits: nevoyu (~Nevoyu@replaced-ip) (Remote host closed the connection)
292[03:10:43] <somiaj> vince: Debian has various tools that matainers and developers use to test packages before uploading them to sid. Some might do simple security checks, but what sort of checks are you looking for?
309[03:33:38] <vince> somiaj: thanks for your response. I'm looking to package a bunch of software from github in debs. I guess the closest example would be SCA/SAST/DAST. Basically scan the github clone / resulting package for potentially volatile behaviour.
310[03:36:07] <somiaj> vince: I'm not quite familar with those types of scans, I do know debian does use testing (the sid->testing development cycle gives users time to report bugs that get by the scans). But a main tool debian uses to see if packages meet policy is replaced-url
315[03:41:02] <sney> debian isn't really in the business of auditing potential security bugs in upstream software. there are trackers for when a CVE appears for example, and maintainers are expected to make good decisions about what upstream releases are worthy, but otherwise it's upstream's job.
396[05:17:02] <brachamh> i have a home server (currently running ubuntu server but will be running debian as soon as i can get it set up enough to swap out) and i have emby running in a docker container. streaming locally, just recently it's started to buffer.
466[06:37:39] <nvz> seems we were talkin about something else, you just hadn't told me yet :D
467[06:38:27] *** Quits: krzych (krzych@replaced-ip) (Remote host closed the connection)
468[06:38:28] <nvz> brachamh: so you got a fresh debian install? and on the first boot its not booting all the way to the graphical display manager login as you expect?
469[06:38:43] <brachamh> yes
470[06:38:55] <nvz> what exactly is it doing? just blank screen at some point?
471[06:39:48] <brachamh> last step is loading gnome display manager (IIRC) and then doing a filesystem check, where it appears to freeze.
475[06:40:38] <brachamh> hang on lemme try it again
476[06:41:53] <nvz> the only reason a system does a fsck is cause you told it to, or it has a pass option set and when mounting it realizes the system is unclean.. and it does this way before starting the DM
485[06:44:30] <brachamh> that's the last line it shows, and Ctrl+C doesn't seem to do anything
486[06:44:50] *** Quits: Main_ (~secntech@replaced-ip) (Remote host closed the connection)
487[06:45:46] <nvz> there are a few things I know here.. one is you shouldnt have a fsck happening on a fresh install that went well.. unless you have a bad disk.. and you're not using debian
488[06:46:17] <brachamh> this is debian 10, used the same flash drive, same flash, to install it on this laptop
491[06:46:58] <jmcnaught> Was there a hard reset? That could be why it's running fsck now.
492[06:47:10] <brachamh> hard drive should be good, unless it was abused recently. it was brand new just a few weeks ago. doesn't seem to be any damage on the laptop case though
499[06:50:34] <jmcnaught> If you're getting a blank screen right after installing it could be a missing firmware, or the GPU could be too new for buster's kernel. If you have another computer you can still SSH into it perhaps.
500[06:50:36] <brachamh> yes i did. oh hey i had to help the wife out for a couple minutes and now i have a couple more lines
551[07:12:32] <nvz> thing is when you boot recovery, the system is all booted properly.. in single user.. systemd has what would you say.. settled.. all is working
552[07:12:45] <nvz> nothing is screwed up at this point
553[07:12:53] <nvz> make sure you remount it rw
554[07:13:21] <padhu> How to show username in top panel on debian 10
555[07:13:23] <brachamh> i did the remount
556[07:13:33] <nvz> then tell ol systemd, to start the default and it will load additional services.. see if it still choaks like it does booting normally
557[07:14:03] <nvz> padhu: I assume you mean gnome?
604[07:28:17] *** Quits: mibo (~mibo@replaced-ip) (Remote host closed the connection)
605[07:28:35] <brachamh> it's not on the network at the moment. i can probably hook it up tomorrow and see if the hardwired one will work. it's what i set up during install.
606[07:29:06] <brachamh> but i'm going to crash...gotta work in the morning.
607[07:29:28] <nvz> alright..
608[07:29:30] <brachamh> nvz, thanks for your help!
609[07:29:41] <nvz> probably just need to sort out a video card issue
610[07:30:00] <brachamh> i'm thinking so cuz everything in this log file is video card related
611[07:30:03] <nvz> the answer is likely somewhere between xorg log and journalctl -k
612[07:30:18] <nvz> I'd read carefully looking for errors in journalctl -k
613[07:31:54] <brachamh> i just punched that in so i'll have it in the command history for tomorrow
614[07:32:08] <brachamh> thanks! i'll probably look for you again tomorrow when i'm back at it
615[07:32:22] <nvz> o/
616[07:32:22] <brachamh> have a good one!
617[07:32:29] <nvz> I already have a good one
618[07:32:35] <nvz> now I'm lookin for a longer one..
619[07:32:44] <brachamh> now who's being a smart ass?
717[09:49:46] <lesless> Hi folks! I have problems with MPD on ARMv7 - sound is breaking up. It just disappears for a brief moment and then comes back when tune is playing. I checked CPU load during playback, it's below 20%, there are no errors in dmesg and running MPD with verbose logging didn't show anything as well. Here are the details replaced-url
718[09:52:13] *** Quits: padhu (uid448388@replaced-ip) (Quit: Connection closed for inactivity)
742[10:32:43] <ratrace> lesless: could it be a hardware issue?
743[10:33:00] <lesless> ratrace nope, it works fine on a laptop
744[10:33:53] <ratrace> well..... if mpd works fine on a laptop, but not on an arm (board), with no apparent software errors or logs .... I'll repeat the question: could it be hardware failure of the ARM thingy? :)
745[10:34:49] <lesless> ratrace , ah I thought about sound card. Soundcard is working fine on the laptop but it's not with MPD on dev board. Although you're right. Changing dev board may solve it
827[12:17:35] <Scou_moune_> Hi i have a question, i have make a cron rules, that run my script for back_up, all that work great, but in my code i use the cmd logname, and that strange because that can't find the true value about this cmd
828[12:17:47] *** Scou_moune_ is now known as Scou_moune
829[12:18:09] <Scou_moune> I have try to set the PATH, set the SHELL, use /bin/bash back_up_script but nothing
830[12:18:45] <AndreasLutro> "that can't find the true value about this cmd" what do you mean by this
835[12:19:41] <Scou_moune> AndreasLutro: that replace /bin/logname by $LOGNAME, so that show "root" and no "user"
836[12:19:51] <AndreasLutro> I still have no idea what you mean
837[12:19:58] <Scou_moune> If i use logname in root that show the user
838[12:20:15] <nvz> !buster su
839[12:20:15] <dpkg> In buster, su no longer overrides PATH by default, requiring that you use "su -" or "su -l" for login shells (which is not really a new thing at all...). To approximate the previous behaviour, put "ALWAYS_SET_PATH yes" in /etc/login.defs. See replaced-url
840[12:20:26] <Scou_moune> yea i use su -l
841[12:21:20] <Scou_moune> Ok i have remove the set ALWAYS_SET_PATH because in past i use su, so i want work like debian recommand
842[12:21:53] <ratrace> how and where did you set your crontab?
843[12:22:08] <nvz> hmm id -n doesn't seem to work either
844[12:22:12] <Scou_moune> by /etc/cron.d/back_up
845[12:22:48] <ratrace> `whoami` should
846[12:22:56] <Scou_moune> because i don't want use crontab -e, so i like this method
847[12:23:43] <ratrace> Scou_moune: and what's the exact crontab line you're using?
859[12:27:51] <Scou_moune> ratrace: by problem is, in the code back_up22, i use /bin/logname for save file, but that show root, and no the user logname
860[12:28:08] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
861[12:28:14] <Scou_moune> That very strange because /bin/hostname -s work
862[12:28:21] <ratrace> Scou_moune: what user? you're running the crontab as root, there's no other user
875[12:33:24] <ratrace> your crontab is running as root, and it should be capable of running everything you do as root explicitly on the command line, assuming correct environment (eg. properly defined PATH, or use absolute paths)
876[12:34:33] <ratrace> also, btw, is that tab intended to run every minute really?
877[12:34:48] <Scou_moune> ratrace yea for the test only
878[12:34:59] <Scou_moune> After that run every hour
883[12:37:07] <ratrace> n1ce: check the lzop manpage and see what's the decompression flag, and then probably something along the lines of lzop -c -d <file> | dd of=/dev/hda1 (this is just an example, don't run it literally without understanding all the parts)
893[12:39:47] <Scou_moune> ratrace: but if i do that, that for all script use by crontab right ?
894[12:40:00] <Scou_moune> ratrace: thank i do read mantad again :D
895[12:40:14] <martinus__> why is apt or apt-get doesn't report obsolete packages , when aptitude is ? I mean it could be important for the common user to know there are obsoletes package installed on the system
896[12:40:44] <ratrace> Scou_moune: if you set PATH in the _crontab_, then yes it is in the environment for all the scripts run in the tab (unless some of the scripts runs su or sudo and scrubs the environment)
897[12:41:40] <ratrace> martinus__: you mean like running `apt autoremove` ?
898[12:41:57] <Scou_moune> ratrace: ok you think that can make a problem or no realy if i don't add strange rules ?
903[12:43:09] <martinus__> ratrace: not automatically installed package. I'm rather speaking the fact that you may end with a system with many obsoletes packages (see aptitude search ?obsolete), but when using apt you never get such mention
905[12:43:59] <martinus__> so in the end, if one doesn't now *how* to look for obsolete packages... they are never purged
906[12:44:13] <martinus__> or, they have no chance to be purged one day
907[12:44:55] <martinus__> like "warning, there are x obsolete package(s) on this system"
908[12:45:14] <ratrace> I'm not really sure what "obsolete" packages are here, then. Sorry I don't use aptitude. Otherwise packages are either installed explicitly or automatically. how does a package become "obsolete" then?
989[13:21:03] <hipete> what song should i listen to?
990[13:23:06] <ratrace> This one is nice: replaced-url
991[13:23:25] <nvz> !ot
992[13:23:26] <dpkg> #debian is primarily a support channel for Debian users. Please keep the discussions in #debian on-topic and take longer discussions and non-support questions to #debian-offtopic. Imagine the chaos if each of the hundreds of people in the channel felt the need to wander off topic for a few minutes every day.
1020[13:32:06] <nvz> dpkg, protected symlinks is to follow a symlink as another user you need to set fs.proteted_symlinks to 0 in sysctl see replaced-url
1029[13:34:06] <Scou_moune> ratrace: I do run one time my script back_up for add the rules, so i have write in my script [ "$myuser"] || myuser=$(logname); printf 'myuser=%s\n' "$myuser" > /etc/cron.d/back_up
1035[13:35:55] <ratrace> users have their own crontabs under /var/spool/cron/crontabs/
1036[13:36:31] <ratrace> Scou_moune: so if you have a per-user crontab, just drop a file in there (remember, such tabs have no user specification in them then!), don't do what your'e doing. that's just.... very very wrong.
1040[13:36:53] <dpkg> Slow down for a bit! Are you sure that you need to jump through that particular hoop to achieve your goal? We suspect you don't, so why don't you back up a bit and tell us about the overall objective... We know that people often falsely diagnose problems because they are too close to them -- it's easy to miss that there is a better way to proceed. See replaced-url
1041[13:36:56] <Scou_moune> ratrace: i have make a script for backup file, and i use on other machine, so i don't want manualy write /home/user, that why i needer logname
1042[13:37:36] <Scou_moune> ratrace: yea i think like this that so great and easy to write
1043[13:37:42] <ratrace> Scou_moune: that is very very bad
1044[13:37:52] <Scou_moune> why ? :(
1045[13:38:26] <nvz> because you're abusing priv seperation and acting as root on a users behalf
1051[13:39:10] <ratrace> that. and also are making your system needlessly complex. user tabs are a known feature and instead of hacking root crontab, just create a file for them in the appropriate spool directory
1052[13:39:44] <Scou_moune> nvz: yea i read ok ok i just want that work
1053[13:40:12] <ksk> the cron.d syntax has a field for the user executing the cron - but I am not quite sure what the goal is here at all
1059[13:41:20] <ksk> this can only be setup by root of course, but I found it a little more tidy to have all cronjobs in one place, instead of various users corntab
1060[13:41:58] <Scou_moune> hum so you say i do add USER in spool
1061[13:42:27] <Scou_moune> you sure that correct for my probleme, i do test so
1070[13:47:27] <Scou_moune> ksk: thank i have read all; man crontab (show 10lines), man cron, wiki and other
1071[13:47:28] <ksk> please no.
1072[13:47:48] <Scou_moune> so now i remove the printf myvar okok
1073[13:47:48] <ksk> eh. Thats like the 10 ways of not doing it combined I am afraid.
1074[13:48:41] <ksk> What are you trying to do here? This is part of a deployment, where you connect as "user_foo" and want to create a cronjob for that user?
1075[13:49:14] <Scou_moune> ksk: my script back_up22 so a backup of lot of file in file_fold
1076[13:49:20] <Scou_moune> So that tar, gzip and other
1077[13:49:31] <Scou_moune> my probleme is juste /bin/logname
1078[13:49:48] <Scou_moune> just that, crontab don't see the normal user
1079[13:50:14] <Scou_moune> if i use su - root -c "logname"; that show the normal user
1080[13:50:19] <Scou_moune> i just want that
1081[13:50:30] * Scou_moune cry lot of on the cat
1082[13:51:21] <ksk> Please read again the last two statements of mine - I wont help you "fixing" something which is broken by design.
1085[13:54:24] <spaceone> I have python-all-{dev,dbg} installed but GDB shows: 0x00007ffff7e11db4 in PyObject_Call (func=<function at remote 0x7fffef4b4ed8>, arg=('foo', None), kw=0x0) at ../Objects/abstract.c:2542
1086[13:54:26] <spaceone> 2542 ../Objects/abstract.c: No such file or directory.
1087[13:54:30] <spaceone> which package is missing?
1092[13:58:46] <Scou_moune> ksk: I want to run my back_up22 script with cron so that it makes a backup every X times. This script must be run as root because it saves files in etc and the like. My problem is that crontab does not see normal user of / home / user, so the back_up22 script does not save files from / home / user / bin and the like. Everything works great, it just happened that cron finds the normal user
1093[13:59:31] * Scou_moune have use google translate
1098[14:01:20] <Scou_moune> so maybe i have to use a different method to find the normal user than "logname", i don't know, but i am blocking on this point. And I repeat everything works
1142[14:43:58] <nidhoegger> Hi. I got a lenovo p53s and installed debian testing on it (stable is too old to work). Problem I am having is that everything GUI wise seem to randomly deadlock and take minutes to respond to anything. notably thunderbird, mattermost and nm-applet. is that a known issue and/or is there a way to resolve this? dmesg does not show anything that should not be there
1143[14:45:11] <nvz> nidhoegger: you couldve just installed a newer kernel on stable probably
1144[14:45:36] <Haohmaru> !testing
1145[14:45:36] <dpkg> Testing is a continuously updated release between <stable> and <unstable>, currently codenamed <bullseye>. See replaced-url
1146[14:45:38] <nidhoegger> how do I do that? I am willing to try out. I have my workflow with debian and do not want to switch to another distro
1148[14:46:03] <greycat> If the box boots, you can just add buster-backports sources and install a buster-backports kernel.
1149[14:46:03] <Haohmaru> you install stable and enable "backports"
1150[14:46:09] <nvz> nidhoegger: will it even boot with stable at all? does the installer even see the disk?
1151[14:46:20] <nidhoegger> okay, thank you very much
1152[14:46:39] <nidhoegger> does stable have highDPI support? this thing has a 4k dispaly and I was amazed that on testing highDPI works out of the box
1153[14:46:45] <nvz> if its a case where the installer doesnt see the disk due to some odd new nvme type crap its a bit more complicated
1154[14:46:54] <greycat> (From the description, it sounds like the box booted OK, and only had problems in a desktop environment, so you might try booting into console....)
1155[14:47:04] <nidhoegger> nvz that is the case...
1156[14:47:06] *** Quits: ghost43 (~daer@replaced-ip) (Remote host closed the connection)
1157[14:47:12] *** Quits: yanmaani (~yanmaani@replaced-ip) (Remote host closed the connection)
1159[14:47:36] <nidhoegger> greycat, yes, the console just works like charm. at least on testing (i did not try out anything else as normally the wifi will have trouble on stable)
1160[14:47:47] <nvz> nidhoegger: yeah that makes it a lot more complex as for awhile the testing installer in expert mode would ask you whichbranch to install but last I cheked it didnt
1161[14:47:51] <Haohmaru> speaking of this.. on my debian, when i rotate the display to portrait mode temporarily via xrandr (1200x1920), any new app i open loads up with *huge* GUI
1162[14:47:56] <Haohmaru> how do i turn that off?
1163[14:47:59] <nvz> in those cases you need the INSTALLER runing a new kernel
1165[14:48:45] <nvz> as for hidpi.. thats quite app specific some things do and some things dont.. in my experience
1166[14:49:20] <nidhoegger> nvz i know that the last time I used stable on 4K it was a bloody mess, the only thing worked was the font scaling and everything basically looked like crap
1174[14:51:31] <nidhoegger> i am not that unfamiliar with linux to fix some issues that arise, but in this case I have no fricking idea what is happening as neither dmesg, nor the X11 log nor something else produces an error
1175[14:52:03] <nidhoegger> I tried disabling the discrete gpu, tried to set the envvars for the new nvidia offscreen rendering, tried nouveau and nvidia-driver (so I can mostly rule out that its a driver issue with the graphics card)
1181[14:54:48] <nidhoegger> Phase, yeah, sucks if your job is to develop a linux software :P
1182[14:55:11] <hexnewbie> Is there something on Debian 10 Buster that would delete my /var/cache/apt/archives? I moved them to a separate 40 GB LV so that they don't fill up my root, but now I see it's empty, and all the packages are not there. Packages stay there every time I call apt-get. What's going on?
1183[14:56:04] <ratrace> hexnewbie: sure you actually mounted the LV?
1184[14:56:06] <nidhoegger> rm pretty much would delete them
1202[15:02:41] <hexnewbie> I now remember there was something in the Buster upgrade email (or Stretch upgrade email) that 'apt' (but not 'apt-get') would delete these. I should try finding the email...
1208[15:04:11] <greycat> And... what the hell, is this thing a string or an integer? [ $AutocleanInterval = always ] || [ $AutocleanInterval -eq 0 ] &&
1209[15:04:22] <hexnewbie> If that's the cause I need: Binary::apt::APT::Keep-Downloaded-Packages "true";
1210[15:04:30] <hexnewbie> I'll try that one and see if the packages stay there
1211[15:06:36] <greycat> hexnewbie: "apt install foo" will download foo.deb (and dependencies), then install them, then delete the .deb files that it just downloaded. "apt-get install food" will skip the deleting.
1239[15:35:34] <karlpinc> What tools exist for testing for network filtering between endpoints? I can scan with nmap, but that'd require something to be listening on the other end. There must be an eaiser way that cooperates between endpoints.
1241[15:36:26] <ratrace> karlpinc: if there's nothing listening so it can respond, how do you differentiate filtering from ..... packets flowing freely but nothing is listening...
1254[15:39:10] <karlpinc> ratrace: I'll take a look. Thanks.
1255[15:39:11] <ratrace> karlpinc: nmap is actually the tool you want. no tool can differentiate "nothing listening" from "the packet filter just did a REJECT"
1256[15:39:29] *** Quits: Rue (~rue@replaced-ip) (Quit: Leaving)
1258[15:40:02] <karlpinc> ratrace: Sure a tool can. If it's talking to the remote end and knows the remote end is listening, and then it probes and the probe fails, the network is filtering.
1259[15:40:15] <greycat> My *guess* is that for some asinine reason, he wants to test the hypothetical scenario "if I had a service listening on port 777, and tried to reach it from workstation A, would some magical firewall stop me", but without actually running a service on port 777, or having a workstation A.
1260[15:40:37] <greycat> Which is just bizarre as fuck.
1261[15:41:07] <ratrace> karlpinc: I don't know of a tool that will simultaneously listen on 64k ports or whatever like that. Why do you need that though, this smells like an XY problem.
1263[15:41:36] <karlpinc> greycat: The reason is that my ISP is blocking traffic. And I want to know what they're blocking. I can tell them to unblock and they will, but for some asinie reason they will only unblock one port at a time.
1265[15:42:10] <ratrace> greycat: no such tool exists. one needs something listening on port 777 to complete the tcp handshake because a broken packet filter, for example, could allow syn, but not ack
1276[15:43:46] <neilthereildeil> hey guys. whats the use of hugetlbfs?
1277[15:44:03] <ratrace> karlpinc: I don't understand then. so technically you want to test 64k ports "just in case you need one some day"?
1278[15:44:40] <ratrace> though really it's just 10k iirc, 10k+ is reserved for ephemeral ports
1279[15:45:03] <karlpinc> ratrace: Yes. Exactly. If a client has, say, a netbios port open, I want to be able to probe it and see. But if my ISP is blocking outbound netbios, then I won't be able to.
1281[15:45:18] <ratrace> but anway... I don't see the point. Test the typical ports for typical services. http(s), smtp(s), submission(s), pop3(s), imap(s), ...(s)
1282[15:45:45] <karlpinc> ratrace: The point is, I want to be able to communicate using IP.
1283[15:45:48] <ratrace> karlpinc: then netcat or whip something up in python, should be relatively easy.
1284[15:45:52] <neilthereildeil> is hugetlbfs basically a ramdisk?
1328[16:28:53] <AliSh> Hey guys, I hope you're doing well, I am an Ubuntu user who wants migrate to another distro, I am wonder if I can rely on Debian testing (I want recent version of some apps, e.g. ff and chromium, as I'm a dev), do you have any experience on that?
1333[16:32:45] <mason> AliSh: Testing is for testing. If you're looking to report bugs and make the next release of Debian better, go for it.
1334[16:33:58] <AliSh> I'll be happy to try that and return back favour as I'm using it freely and also learn more about Linux, but I have to keep my environment safe to be able work and get income :D
1335[16:34:39] <mason> AliSh: If you want to learn Linux gizzards, also look at Slackware.
1339[16:37:31] <cybercrypto> AliSh: Debian testing (often more stable than many other 'stable' distros) is not going to give you an stable environment.
1344[16:38:31] <Poster> outdated and stable are most often one in the same
1345[16:38:45] <gpeskens> What is the best way when packaging for debian to force systemd services to restart on upgrade?
1346[16:38:51] <AliSh> cybercrypto so what's the best option for me? (I have opensuse, fedora, puppy "which is not good for my job :D ")
1347[16:38:53] <mason> AliSh: I use shockingly old software most of the time. It's a source of joy. It can be for you too.
1348[16:38:59] <greycat> I *still* do not understand these people who claim to be "devs" but they feel they need "latest tools". A serious dev wants their build environment to use the *oldest* possible/reasonable toolset, so that the finished product will work on the widest possible range of targets.
1349[16:39:01] *** debhelper sets mode: +l 1201
1350[16:39:38] <AliSh> greycat I am a web dev and I need ff and chromium as my customer is using damn Windows with latest of them
1351[16:39:44] <mason> greycat: That's not the devops way, where you *need* features that haven't so much as hit a stable release upstream yet. *Need*.
1355[16:40:10] <oiaohm> greycat: using the oldest possible toolkit mix can lead you to having a lot of security faults to fix quickly.
1356[16:40:11] <mason> AliSh: That's easy. Use stable software for your own environment, and have a testing environment with the bleeding edge stuff.
1357[16:40:38] <AliSh> mason that sounds great
1358[16:40:40] <cybercrypto> AliSh: the mason's suggest is quite good. To learn and get to understand the core of linux, slackware is my favorite (I use it since 94 =~)
1359[16:40:49] <oiaohm> greycat: some of the reason why flatpak runtimes can be tempting.
1360[16:40:55] <mason> AliSh: Depending on a personal environment for testing is going to be very incomplete.
1361[16:41:25] <AliSh> OK, I can stick with stable, have vbox with testing and unstable env to learn more
1362[16:41:34] <AliSh> good advice guys, thanks a lot
1363[16:41:51] <cybercrypto> AliSh: opensuse offers a rolling-release, it is the mid-term of stable and 'new' software, I guess. Fedora also claim to offer 'edge' software as well.
1364[16:41:53] <mason> AliSh: vbox is okay, but if you're running Debian, libvirt and qemu/kvm is probably better for you.
1365[16:42:16] <AliSh> mason thanks, I'll give them a try
1369[16:42:38] <oiaohm> AliSh: if you are after a handful of fairly new software but want everything else older and more tested. flatpak/appimage/snap of those applications can be a good option.
1370[16:42:39] <AliSh> if it wasn't for snapd, I wouldn't leave Ubuntu, I hate reinstalling everything
1371[16:43:01] <greycat> Oh. flatpak. Barf. "I built this on a pre-alpha release of glibc, and therefore you can't run it on any actual Linux in the wild, but that's OK, I'll just bundle my entire rolled-my-own Linux distribution for you."
1372[16:43:02] <AliSh> oiaohm I don't like snap...
1374[16:43:32] <oiaohm> AliSh: snap is horrible with it loopbacks and the on going performance effects.
1375[16:43:40] <mason> greycat: What, you won't want random black boxes peppering your environment?
1376[16:44:00] <oiaohm> AliSh: I put flatpak and appimage before snap for that reason.
1377[16:44:29] <AliSh> The drawback of snap is that I am a Linux user because of security, everything from official repository, but snap flatpak... I don't wanna anything out of the box
1380[16:45:25] <cybercrypto> AliSh: Slackware is great, but there is no 'systemd' in there (cutting the obvious and long discussion). If youre work depends on systemd (or) it is targetting distros with systemd, you may consider another one.
1381[16:46:01] <AliSh> cybercrypto I don't have knowledge about that, I have to check
1382[16:46:10] <oiaohm> greycat: flathub standard runtimes don't use pre-alpha glibc. Newer than the oldest possible reasonable toolkit but not newer than a lot of distributions include.
1384[16:46:20] <AliSh> I used NodeJS and Docker, nothing else
1385[16:46:33] <AliSh> *use
1386[16:46:43] <annadane> people keep recommending slackware but to be honest 14.2 was released forever ago and i'm not sure you can't "learn linux" by just using, you know, debian
1387[16:46:55] <greycat> oh. there are actual *rules* and restrictions on the bleeding-edge crap? that's good to hear.
1400[16:49:31] <AliSh> you have to break some app/package/service to find yourself gaining knowledge by fixing
1401[16:49:53] <AliSh> I learned how to install debian about 13 years ago by erasing my hdd several times
1402[16:50:23] <annadane> to each their own but i just don't think 'use slackware' is necessarily good advice
1403[16:50:42] <cybercrypto> annadane: I agree, it was release long ago, does not receive all the community support as debian (which I firmly believe, debian community is the main reason Linux is strong)... still if you check slackware current, they are very active and releasing updates.
1404[16:50:43] *** Quits: AliSh (cc128235@replaced-ip) (Remote host closed the connection)
1405[16:51:17] <greycat> I think a lot of the "learn on Slackware" advice comes from anti-systemd people. Not all of it.
1406[16:51:46] <greycat> Some of it may be coming from the "you need shit that doesn't work very well, so you have to fix it" minset.
1411[16:52:52] <cybercrypto> I guess, one can read and learn by doing, with 'linuxfromscratch'... this will be even better for understanding the 'distro' work.
1414[16:53:38] <mason> annadane: People can learn with Debian, but it masks a ton of stuff. Especially now that it's been infested with systemd, there's no reason for anyone to go beyond localectl to understand that it's actually driving loadkeys, etc.
1415[16:53:59] <annadane> yeah, well, systemd is mainstream now so they'll have to learn it
1417[16:54:29] <mason> annadane: That doesn't speak to the point I made. systemd drives lower-level things, and you have no reason or opportunity to learn if it's all being done for you.
1418[16:54:30] <annadane> it also makes people's lives easier in many cases
1419[16:54:49] <mason> annadane: Again, that misses the point. We're talking about learning how it all works, very specifically.
1420[16:54:51] <annadane> okay, but you're still learning adequately if you learn the modern tools
1421[16:55:01] <annadane> if the user wants to know more low level things they can
1422[16:55:01] <mason> annadane: You're learning systemd, not Linux.
1423[16:55:09] <annadane> you can learn both
1424[16:55:18] <mason> annadane: And again, that's the point. In the normal course of things using Slackware you see more of the underlying parts.
1425[16:55:20] <annadane> there isn't just one path through this
1426[16:55:31] <annadane> okay, but like, run slackware in a vm or something
1427[16:55:33] <greycat> mason: because they don't work, and you have to fix them
1428[16:55:44] <mason> greycat: loadkeys has never broken for me. localectl has.
1429[16:55:54] <greycat> then why do you know anything about loadkeys?
1505[16:56:25] <mason> annadane: You can learn how a transmission works pretty well regardless of whether you drive an automatic or a stick. Which do you think will do a better job getting you to viscerally understand the transmission's behaviour as it runs?
1506[16:56:42] <mason> greycat: You've proven my point right there.
1507[16:56:56] <annadane> because it depends on the user
1508[16:57:03] <mason> greycat: It's what's doing the actual work of handling keymaps. It's useful sometimes to understand this.
1509[16:57:04] <greycat> That Debian's shit works, and therefore we don't have to learn the mechanics of implementing whatever-the-fuck-you-are-harping-about?
1589[16:57:44] <mason> greycat: That's it. Yes. Of course. Sort of the conservative view. "I don't know it, so clearly no one else would benefit from knowing it. It's not critical."
1596[16:58:27] <mason> annadane: Might be good to go back to scrollback to see what the fellow actually wanted. If he wanted to learn to get along and have marketable skills, he'd be just fine sticking with Ubuntu.
1599[16:58:31] <annadane> the fact of the matter is one is unlikely to run slackware as their main distribution unless they're a bit die hard so you may as well start on something like debian
1600[16:58:40] <annadane> where you don't have to build everything from source
1601[16:58:47] <cybercrypto> greycat: I agree. I am pro 'systemd' architecture. Thats why I asked AliSh if his work targets systemd dev or if it is independent. Perhaps targetting his development towards debian-stable would be the best option (Learning is a different question)
1614[17:03:46] *** Quits: mibo (~mibo@replaced-ip) (Remote host closed the connection)
1615[17:04:19] <EdePopede> slackware was my first distro. so it can't be *that* hard to get behind how it works. granted, this was more than 20 years ago, bootdisks, startx and manually edited wm configs.
1617[17:05:01] <cybercrypto> My view and suggestion: LFS=you will learn how to assemble your own distro from zero. Slackware=you get the system up and running easy-to-install as a bonus, but you have to read a lot to use it 'daily basis' I suggest LFS only for hobbie projects, otherwise you will not be able to maintain it yourself, in production 'updated'
1625[17:07:48] <metbsd> lfs or gentoo are not worth it
1626[17:07:58] <metbsd> hardware and electricity cost money too
1627[17:08:03] <metbsd> and time consuming
1628[17:09:03] <mason> metbsd: To be fair, Gentoo lets you build once and distribute anywhere with trivial ease.
1629[17:09:28] <mason> So the carbon footprint could be lower than Debian if, for instance, you use any DKMS on Debian.
1630[17:10:00] <matti> The Linux Kernel Report live stream - replaced-url
1631[17:10:09] <rgwu> mason: What percentage of Gentoo users are using gentoo because it let's them avoid building?
1632[17:10:46] <mason> rgwu: Well, if you look at spin-offs like CoreOS, the majority. Upstream Gentoo, probably fewer.
1633[17:11:47] <moldy> if you build once and distribute binkpgs to a few dozend of machines you still use more cpu time / electricity than if you just install binary packages built once and used by millions of machines
1634[17:13:56] <ratrace> makes sense
1635[17:14:28] <rgwu> The notion that Gentoo has fewer watts per install than any other distro is laughable. There are plenty of things to like about Gentoo, power consumption and time consumption are not among them.
1641[17:25:07] <cybercrypto> metbsd: I believe that every root distro is worth trying for learning. lfs,slack,gentoo, even bsd's). But the guy who asked about debian-testing was leaving ubuntu due to 'snapd' and to get 'latest software'. We tried to show him that stable + latest hardly comes in the same sentence.
1649[17:27:56] <greycat> "I'm a dev" -> I need to write software that compiles and runs on the widest possible range of target systems. If I release binaries, they must be built on the oldest possible target so that they run on that target or newer.
1650[17:28:05] <greycat> "I'm a web dev" -> I only need to get it to work on ONE machine.
1651[17:28:15] <EdePopede> heh and this
1652[17:28:25] <metbsd> if you are not devellping a distribution i don't see the point to "learn" os
1653[17:28:56] <cybercrypto> Agree. His simple question led to this great discussion. I enjoy this learning a lot :-)
1654[17:29:10] <EdePopede> some people prefer to know how the things they are using an a daily basis actually work. at least to a reasonable point.
1655[17:30:28] <metbsd> if you learn a programming language you can write programs. if you learn linux os what you gonna be? xxx@gentoo.org or xxx@debian.org
1656[17:30:32] <EdePopede> at least a "user" (really classic meaning here) should know how to move a bookmark back into the main bookmark menu after accidentally dragging it into a submenu due to not being able to click properly.
1657[17:30:55] <greycat> metbsd: system administrator
1658[17:31:13] <EdePopede> or how to restore a file from the waste bin. and yes, they exist.
1659[17:32:20] *** Quits: earthundead (~earthunde@replaced-ip) (Remote host closed the connection)
1663[17:35:14] <EdePopede> i remember when PS/2 found its way into the PC world, into the markets, with its coloured connectors. they had people assemble them in front of the market just to see if it's as easy as advertised. has there *ever* been something similar with debian or some other linux?
1664[17:35:44] <EdePopede> a brand new pc, a set of disks. or a stick, doesn't matter.
1665[17:36:43] <metbsd> too many better things to learn other than those distribution, docker, distributed file system,cluster server, cisco
1666[17:37:07] <metbsd> some of those distributions are not even professional
1668[17:38:23] <metbsd> some distribution just tweak a little kernel, different naming for hier, package management system, and tada, new distribution with new bugs.
1669[17:38:30] <metbsd> they are not worth learning
1674[17:41:17] <cybercrypto> metbsd: Agree. Yes, thats why my suggestion: root distros. (non-derivatives) like the ones I said earlier.
1675[17:42:04] <EdePopede> some distros maybe would even better just contribute to the one of the other ones
1676[17:42:57] <moldy> i just install web browsers directly from upstream
1677[17:43:25] <annadane> does gnome-boxes have a more discrete way of setting ram/disk space? the slider thing doesn't seem easy to set it to 'exactly' 50 gb or whatever
1678[17:43:28] <cybercrypto> metbsd: I am curious, please tell me: what is your suggestion to learn Linux OS, if I ask you that question (dont tell me to learn other 'better' thinks to learn)
1682[17:45:39] <EdePopede> annadane: remember the days when there weren't sliders all over the place, instead an editable text area with an integer and 2 arrows on top of each other to change it?
1683[17:46:39] <annadane> i wish regular qemu was a bit more noob friendly then i wouldn't have to install frontends
1684[17:46:44] <annadane> or maybe i'm not trying hard enough
1700[18:00:54] <annadane> gcc in debian 10 is actually gcc 8, i don't know about the relation of gcc-avr to gcc but are you familiar with how debian works? it doesn't have newer versions of software, generally; if there's a problem with not having a latest version of something there's ways to get it
1710[18:05:12] <annadane> it's actually two distinct questions, 1) you're asking about gcc-avr being version 5 in relation to a different gcc version and 2) you're making the assumption you need gcc 10 in general
1711[18:06:56] <_DeLa_> On my HP Probook x360 11 G1 EE, I used debian10 expert install to skip installation of grub so I could finish debian installation withouth freezing during grub install. Using the info from replaced-url
1713[18:07:28] <sleepingforest> So ive installed a select number of packages from buster-backports. if i understand correctly, buster-backports is stable compatible ports from testing. so there should be no problem. Now i want to install a single package from sid, and I've added sid repo and configured pinning preferences similar to replaced-url
1714[18:07:30] <sleepingforest> this way, right?
1715[18:07:37] <_DeLa_> Any help will be greatly appreciated ...
1716[18:07:48] <annadane> sleepingforest, which package
1720[18:08:09] <annadane> well, it's already in backports
1721[18:08:13] <annadane> does that suffice?
1722[18:08:58] <sleepingforest> annadane: keepassxc devs end up breaking compatability with older versions when the web extension is used. so Id prefer to run the latest version
1736[18:12:01] <annadane> pinning is one of those solutions that (like a lot of bad debian advice) gets recommended a lot but it depends on the specific situation
1737[18:13:44] <sleepingforest> i dont feel confident enough understanding the implications of using it just based on the wiki alone. theres not terribly much info there
1738[18:14:09] <annadane> and 'pin this package' tends to lead to 'just pin everything from sid' which tends to lead to 'i have a bunch of broken dependencies'
1739[18:14:23] <sleepingforest> yeah exactly what i feel like would happen
1745[18:16:59] <sleepingforest> do you think i should delete the apt prefs i installed setting priorities for stable=700, buster-backports=650 testing=400 unstable=300? I dont use testing or sid. and I have other apt repos. iirc they were all 500 by default, maybe bpo was lower
1812[19:35:55] <annadane> i don't know of any by default but take a look at apt show task-xfce-desktop and see if you can find it in the list of depends/recommends
1835[19:42:42] <annadane> because those are two separate questions
1836[19:43:14] <Regor> noooo
1837[19:43:31] <Regor> i use weechat ...
1838[19:43:41] <annadane> apt show fonts- <tab tab> will show a bunch of them
1839[19:43:52] <annadane> okay, so your real question is "how can i see emojis in weechat"
1840[19:44:07] <annadane> you may want to ask #weechat
1841[19:44:22] <Regor> noooooooo
1842[19:44:53] <greycat> Then please write an actual question.
1843[19:44:53] <Regor> how to view and put emojis in debian...
1844[19:45:22] <mason> metbsd: Sheer curiosity and love of the stuff is enough reason to learn. And yeah, that can turn into involvement with one or more of the OSes.
1845[19:45:23] <greycat> One way is to configure X to use a Compose key, and type a few mnemonic keys.
1846[19:45:35] <mason> Oh, I was buried in scrollback.
1848[19:45:53] <greycat> instructions for configuring the keyboard based way are at replaced-url
1849[19:45:53] <Regor> what default emoji picker comes with debian that opens emojis table with ctrl+:
1850[19:46:30] <greycat> Apparently nobody knows. But YOU seem to have one, so open it up, and then find out what it is by examining the process list, or using programs that identify the origin of an X window, etc.
1851[19:46:57] <annadane> also have you tested that this emoji picker even works in weechat?
1852[19:47:06] <diogenes_> Regor, it probably comes with ibus.
1855[19:47:52] <Regor> yeah.. now i get it ...hahah
1856[19:47:55] <mason> Wow, never heard of %L in .XCompose before. Nifty.
1857[19:47:58] <greycat> I've never seen xfce, let alone used it, and I have no idea how a GUI "emoji picker" would work. Does it just copy the chosen character into the X clipboard?
1858[19:48:30] <mason> I always just include a file directly.
1860[19:48:42] <annadane> i used xfce for a while and never heard of an emoji picker (though i didn't look very thoroughly into some of the apps the tasksel installs because i usually always use other things like feh mpv etc)
1862[19:48:55] <_DeLa_> I just want to boot into my debian 10 desktop – do I need to install grub at all or is there a way to automate the few lines from replaced-url
1863[19:49:08] <mason> ah, man 5 xcompose has even more expansion
1866[19:51:02] <annadane> debian in general quite possibly does have one so you can just apt search for that and install one
1867[19:51:44] <annadane> or look more into this ibus thing
1868[19:51:58] <Regor> diogenes_: thanks.. its done ! 😀️
1869[19:52:00] <greycat> I'm *so* confused. He keeps saying he has one and it opens up when he presses a certain key combo. But then he acts like he doesn't have it.
1892[20:06:48] <dpkg> First, check for a backport on <debian-backports>. If unavailable: 1) Add a deb-src line for sid (not a deb line!); ask me about <deb-src sid> 2) enable debian-backports (see <bdo>) 3) apt update; apt install build-essential; apt build-dep packagename 4) apt -b source packagename 5) dpkg -i packagename-ver.deb To change compilation options, see <package recompile>; for versions newer than sid see <uupdate>.
1965[21:25:27] <Orcs53> Hi everybody, I have a question, if anybody could assist. How do I add a self-signed CA certificate to the CA certificates on Debian. I have tried moving the certificate to "/etc/ssl/certs" and "/etc/ssl/newcerts" and then running update-ca-certificates but I get the output "0 added, 0 removed; done.". Can anyone offer any suggestions?
1966[21:27:31] <dvs> Orcs53, I put the .pem file in /etc/ssl/certs and the key file in /etc/ssl/private and that seems to work
1970[21:29:11] <Orcs53> I would also like to add that this is a client machine, a service on another machine is encrypted, to which this machine is a client. Thus, preferably the private key would not be on this machine.
2000[21:46:00] <kittonian> I have edited the dhcp.conf file and modified the subnet, etc. but when it tries to start, it still thinks it should use the old information and it fails
2001[21:46:07] <kittonian> not sure how to resolve
2004[21:52:51] *** Quits: asymptotically (~asymptoti@replaced-ip) (Remote host closed the connection)
2005[21:52:56] <Orcs53> karlpinc I have znc IRC bouncer running in a container, I have it server over SSL. In another container I have thelounge IRC web client, these are connected by a bridge network. I have copied the self-signed certificated and attempted to install them following the instructions here
2017[22:00:48] <dvs> Orcs53, it sounds like the program you're trying to connect to will not accept a self-signed certificate, *ANY* self signed certificate.
2018[22:01:16] <eigenfire> Self-signed certificates will never, ever pass verification. Ever.
2019[22:01:47] <eigenfire> At least not without doing things that are very ill-advised.
2020[22:02:17] <Orcs53> Oh, alright. I thought if they where installed on the client machine it would consider that a verified certificate.
2064[22:53:29] <Orcs53> I have tried asking in the #thelounge channel, they maintain the of the Docker container, I have had some help there. But, the container runs Debian 9. So, I am also asking here because configuring the operating system to trust a self-signed certificate authority, which has self-signed server certificates, seems like a very common task one might
2065[22:53:30] <Orcs53> need to do. If I may rephrase the question. I have a self-signed certificate authority (CA), which I have used to self-sign a SSL server certificate, all of which is on a different machine. On the client machine there is a client application which I would like to be able to connect to the server securely. How do I install and trust this self-signed
2066[22:53:30] <Orcs53> CA so that the self-signed server certificate verifies and is also trusted.
2068[22:54:14] <greycat> Your question has nothing to do with operating systems, and everything to do with the software that's *using* (or refusing) your certificate.
2075[22:58:36] <Orcs53> The client application is a nodejs app, which uses the CA certificates installed onto the operating system. So, I disagree, the question is related to the OS. I am keen to know more about how to add and trust a self-signed CA certificate, like what detailed in the manual page seen here:
2077[22:59:16] *** Quits: mezzo (~mezzo@replaced-ip) (Quit: leaving)
2078[23:00:07] *** Quits: nicolaf (~nicolaf@replaced-ip) (Remote host closed the connection)
2079[23:00:34] <greycat> I googled and got replaced-url
2080[23:00:37] <greycat> it took a few seconds
2081[23:01:08] <greycat> but sure, you go on telling yourself that you know better than all the people helping you, and better than the people who wrote the ZNC wiki
2088[23:07:32] <Orcs53> Thank you for searching for that documentation. However, I have actually already done this. What I am actually asking is, how do I get Debian which is running in another container to trust the self-signed CA I generated, so that openssl then trusts and will verify the self-signed server certificate. And thus, the client app can connect securely to
2097[23:12:41] <annadane> Orcs53, i know absolutely nothing about this but have you tried grepping the openssl man page for "trust" or something, maybe there's an option to override stuff
2098[23:12:48] <annadane> (unless that's a terrible idea for security but yeah)
2099[23:13:30] <annadane> you can also ask the debian mailing lists if people here don't get around to answering
2100[23:14:23] <nkuttler> um, just add the ca to the others and run update-ca-certificates ?
2101[23:15:07] <greycat> my understanding is, they *did* that, and their application said "Error: self-signed certificate". and they're like "YOU ARE WITHHOLDING A SECRET WHY WON'T YOU TELL ME"
2102[23:15:24] <nkuttler> oh my.. yeah.. some languages will do that
2105[23:16:26] <Orcs53> annadane Thank you for your response, this is essentially what I am trying to do. But, I suspect that if it is possible to add and trust a self-signed CA, it is actually done using the tools in the ca-certificates package, see the manual page I posted earlier.
2108[23:18:15] <greycat> the only thing that doesn't line up is the Debian wiki page that says ZNC ships with a self-signed certificate, but they didn't want to read the Debian wiki page
2109[23:19:07] <Orcs53> @greycat I think that although the client app is nodejs, the error output is actually a result of openssl refusing to verify the service certificate against the certificate authorities which a installed with the ca-certificates package.
2111[23:19:27] <annadane> i think the user is on stretch though judging from the link to the man page, maybe it's different between buster and stretch, i'm just spitballing, no clue
2120[23:25:40] <Orcs53> nkuttler, I have tried this. I placed the self-signed CA in "/usr/share/ca-certificates/self-signed/example-ca.crt", then ran "dpkg-reconfigure ca-certificates". This tool was slightly difficult to get working, but, the CA did show up in "/etc/ca-certificates.conf". After all that openssl still cannot verify the self-signed server certificate.
2143[23:43:01] <ws2k3> i have a process that is called bash its consuming 100 % cpu. is it possible to see which script this is? or which command? ps aux only shows bash
2144[23:44:41] <nvz> ws2k3: if it were a script it should probably say because it'd have been part of the cmdline..
2145[23:44:55] <nvz> ws2k3: what is the pid?
2146[23:45:09] <ws2k3> nvz: 4692
2147[23:45:47] <nvz> then have a look in /proc/4692
2148[23:45:52] *** Quits: nevoyu (~Nevoyu@replaced-ip) (Remote host closed the connection)
2160[23:51:59] <ws2k3> nvz: what can i do with that information?
2161[23:52:28] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
2162[23:52:39] <nvz> idk how many ways can you possibly identify a bash process.. if you can't tell what it is by its controlling term or its cmdline.. or what files it has open.. idk what else to tell ya
2168[23:54:10] <EdePopede> thread view in htop is also handy. eliminate (as in sherlock, not as in 007) the other known entries until you know which one is the one