25[00:16:36] <archaeopter> Hello! Im trying to fix my weather kde widget with this fix, but cant find the package, does anybody know whats its named? replaced-url
26[00:16:59] <archaeopter> libqt5-qtxmlpatterns-imports in opensuse
27[00:17:07] <hassoon> archaeopter: what's the issue exactly ?
41[00:29:57] <de-facto> how do i get a proper environment on debian for python3 pip? i really dont want it to write all over my system without package manager
42[00:30:56] <de-facto> i will need to run this from systemd service
43[00:31:05] <de-facto> maybe a whole LXC is overkill for this
56[00:32:16] <de-facto> e.g. is it like lxc or chroot?
57[00:32:35] <somiaj> de-facto: taht is eactly what a python virtual enviorment is, it is kinda like a chroot, but only the python stuff is stuck inside (you can also use normal system binaries)
58[00:32:46] <porton> Is there an easy way to make a static hosting, that is map document roots on my server to domains added by Web users?
60[00:33:03] <somiaj> de-facto: you can actually create multiple virutal enviroments (with different versions of python and packages) to use
61[00:33:18] *** zalt_ is now known as zalt
62[00:33:23] <somiaj> porton: is this with apache or nginx?
63[00:33:24] <porton> The best way I know requires root privileges as needs to create new Apache .conf files
64[00:33:36] <de-facto> somiaj, so if i delete the directory of such a virtualenv every single bit is guaranteed to be gone with absolutely nothing left over?
65[00:33:42] <porton> somiaj: I think Apache would be better (or is Apache MUCH slower?)
66[00:33:48] <somiaj> de-facto: correct
67[00:34:03] <somiaj> porton: for static stuff apache is enough slower once you add in thousands and thousands of requests.
68[00:34:15] <de-facto> do you have a good guide for setting this up on debian buster?
69[00:34:21] <somiaj> porton: but depending on size, both work. apache has a much better set of modules, and more features.
70[00:34:21] <porton> somiaj: Nginx is harder with LetsEncrypt
71[00:34:21] <de-facto> maybe this here? replaced-url
72[00:34:49] <porton> somiaj: Can I make hosting without requiring root every time a new domain is added?
73[00:34:57] <somiaj> porton: nope, I've used both ngnix and apache, they are about equal with setting up ssl
74[00:35:10] <sney> de-facto: it's usually best to follow upstream docs rather than random howtos. for virtualenv that's here: replaced-url
75[00:35:11] *** Quits: archaeopter (5082237f@replaced-ip) (Remote host closed the connection)
77[00:35:29] <porton> somiaj: I need to stop Nginx to renew certs with certbot
78[00:35:47] <de-facto> porton, maybe take a look at replaced-url
79[00:35:54] <somiaj> porton: that is the hard part, you'll have to add a config to /etc/apache2/sites-available and make a link in /etc/apache2/sites-enabled
80[00:36:14] <somiaj> you'll have to reload apache as well if you change certs/config
81[00:36:25] <porton> somiaj: I know. My question, how to do this without root every time when a new domain is added?
82[00:37:15] <strongsec> porton: You don't need to stop the webserver to renew certs with certbot.
86[00:37:53] <de-facto> porton, also quite a neat package in my opinion replaced-url
87[00:38:04] <porton> strongsec: certbot needs to verify my server from LetsEncrypt's server. To verify it serves a document on :80 (or on :443?) This port is busy by Nginx, so I need to stop Nginx
88[00:38:05] <de-facto> certbot is way too fat for my taste
89[00:38:10] <somiaj> porton: I'm not quite sure, you'll proably have to create a user that can tell apache/ngnix to reload its config as far as I know. Not something I ever needed to look into.
90[00:38:28] <strongsec> porton: No. Just use the webroot option to certbot.
91[00:38:58] <de-facto> i think you can send nginx a signal to reload the config
92[00:39:14] <strongsec> porton: You could also just use certbot-nginx.
93[00:39:21] <de-facto> google it or ask in #nginx
94[00:39:34] <porton> de-facto: To send a signal to a process running under a different user, need root privileges
95[00:39:45] <strongsec> sudo, nopasswd.
96[00:39:48] <sney> or the privileges of the service account
97[00:40:02] <de-facto> somiaj, is there a debian based howto for virtualenv setup?
98[00:40:10] <porton> How is it so important that certbot is heavy if it runs once per week?
110[00:41:52] <de-facto> i rather run a client as non root, so it can not write to such files
111[00:41:59] <de-facto> does it run as non-root?
112[00:42:31] <porton> Sorry for offtopic, but is there a nonexpensive hosting with API control to add new users and domains and upload from my machine easily?
115[00:42:52] <de-facto> running a huge python beast as root, taking stuff from the net and writing to config files all over the system, what possibly could go wrong?
116[00:43:04] <strongsec> de-facto: Sure. As long as it can write to certain places, it doesn't need root.
117[00:43:30] <strongsec> de-facto: Only needs to be able to write to its own locations. /etc/letsencrypt, for example.
118[00:43:40] <strongsec> You can then certbot certonly, and be done with it.
119[00:44:04] <de-facto> somiaj, that doc does not tell how to use it with .deb packages, it requires pip LOL
120[00:44:25] <de-facto> the whole point being: i dont want to use pip
121[00:44:42] <somiaj> de-facto: Last time I looked into this, it kept changing, there are various python tools. I would look at the package python3-virtualenv and see what tool it provdes, then read docs on that tool
122[00:44:54] <strongsec> porton: Control panels are generally considered to be complete garbage and are to be avoided at all costs.
123[00:45:35] <porton> strongsec: Do you speak about CP at my server (yes, I want to be a hosting) or at servers I want to resell by uploading there files from my UI?
124[00:45:48] <strongsec> porton: Both.
125[00:46:00] <de-facto> whats wrong with the howto i linked?
126[00:46:06] <porton> strongsec: You want that I would give root rights to my users? :-)
127[00:46:47] <porton> strongsec: or provide them a command line interface?
128[00:46:51] <strongsec> porton: No. Why would you ever do that? Give them an unprivileged shell account and have the user's webroot within their /home directory.
129[00:47:01] <strongsec> porton: Yes. Let them manage their content via ssh/sftp.
131[00:47:30] <porton> strongsec: the whole point of my project is that they manage their content through my software
132[00:47:36] <somiaj> de-facto: looks like there is also python3-venv, which appears to be what the python3 docs recommend replaced-url
133[00:47:38] <de-facto> and whats the difference between python3-venv and virtualenv python3-virtualenv
134[00:47:40] <porton> that auto-converts to other file formats
135[00:47:54] <strongsec> porton: Sounds like a bad plan to me. But alright.
136[00:48:01] <de-facto> yeah i am already confused
137[00:48:03] <somiaj> de-facto: the diffrence is mostly how the tool is used, they have the same result, an isolated enviorment for python.
138[00:48:09] <de-facto> which of those 3 packages would i use
139[00:48:27] <sney> de-facto: pick one at random, try it, if it doesn't suit your needs try another one
140[00:48:32] <de-facto> i want to use it from systemd
141[00:48:43] <de-facto> ugh
142[00:48:47] <sney> de-facto: sometimes with linux you have to experiment with stuff and do your own research.
143[00:49:11] <sney> it's how the helpers in this channel got any good, so don't act like it's beneath you
144[00:49:23] <somiaj> de-facto: python3-virtualenv and virtualenv are basically the same (they come from the same source), one is the binary the other is thelibary
145[00:49:36] <strongsec> sney: If only you knew the hard ways that I've learned the finer points of how certain commands work.
147[00:49:45] <porton> strongsec: also I don't wan to create a new Unix user every time a new client registers, as this would require to run my soft as root or like this
148[00:50:16] <strongsec> sney: Most recent example: blkdiscard. I thought running it without parameters would just trim all unused space from the disk. I was almost right. It trimmed all space on the disk, so now the whole thing was unused.
149[00:50:35] <somiaj> de-facto: seems python3-venv (which is more a built in python3 tool now) has a limited set of features of python3-virtualenv, so depending on your use you might want to just use python3-virtualenv (for more features)
150[00:50:36] <sney> strongsec: nod, we all have stories like that
151[00:51:18] <somiaj> de-facto: I think the idea of venv was to have a more built in tool for this vs a full featured module. replaced-url
152[00:51:55] <somiaj> de-facto: but python3-venv is probably a bit more 'light wieght' and native, not that it matters much.
153[00:53:32] <porton> Can I run a webserver as my own user where I run other software?
154[00:53:37] *** Quits: metro (~metro@replaced-ip) (Read error: Connection reset by peer)
155[00:53:53] <somiaj> porton: most security measures don't let users open ports < 1024, so not really
156[00:54:15] <porton> somiaj: It is not possible to open at all?
157[00:54:16] <somiaj> though the webserver is ran as replaced-url
169[00:56:12] <porton> somiaj: no, this would not solve my problem of easy adding new domains
170[00:56:44] <somiaj> seems like you are just trying to rebuild cpanel?
171[00:57:17] <porton> somiaj: I want a "specialized cpanel" that converts uploaded files automatically (and serves only static context)
172[00:58:26] <somiaj> anyways, this is not something I know much about, I would just look at how other things already implement this. My static content doesn't need to configure new virtualdomans on the fly.
173[00:58:46] <porton> somiaj: You are probably not a hosting\
174[00:58:49] <somiaj> so not something I have looked into, nor know any of the issues/security concerns around doing it.
175[00:59:13] <somiaj> but it is often better at this level to not rebuild a tool that has been tested and deals with the issues like cpanel
176[00:59:34] <porton> somiaj: cpanel does not do automatic files conversion
177[00:59:47] *** Quits: cdown (~cdown@replaced-ip) (Remote host closed the connection)
187[01:02:18] <somiaj> porton: also specialized question like this might be best asked of nginx or apache, more likely to get someone with more experience vs a distro support channel.
188[01:02:57] <porton> Should I be a hosting with Debian or with Ubuntu?
195[01:04:22] <sponix> porton: if you search the web there are "scripts" that automate most of the process.. Some better than others. That is placing a lot of trust it others process though
221[01:16:51] <oxek> I have another weird issue. A user that does not have root privileges can login on a linux virtual console, change all displayed text to green, logout, and suddenly the virtual console login text is all in green...
222[01:17:00] <oxek> so apparently the logout does not reset the console
223[01:17:18] <oxek> probably not a security issue, but still annoying
225[01:17:33] <oxek> especially since it cannot be reset without logging in again
226[01:17:38] <somiaj> how are they changing the text? Is it via escape sequences
227[01:17:48] <oxek> yes, escape sequences
228[01:17:58] <somiaj> yea, sounds like you need to update the login scripts to undo those escape sequences, since the terminal is updated but not reset
232[01:18:47] <somiaj> seems ~/.bash_logout could do it, clear_console is there, but maybe you need more to rest color changes
233[01:19:31] <oxek> this is for the case of annoying students - they could get rid of it in their own ~/.bash_logout, so I need to do it on a higher level
234[01:19:50] <somiaj> seems there is a system wide /etc/bash.bash.logout if this is a bash shell
235[01:19:54] <oxek> I mean, "malicious users"
236[01:20:13] <somiaj> if they use a different shell that won't work, wonder if there is a more universal way
237[01:21:18] <oxek> that would cover the bash logout, yes
238[01:21:21] *** Quits: Case_Of (~Case_Of@replaced-ip) (Remote host closed the connection)
239[01:21:26] <oxek> I am still looking for a universal way
242[01:21:40] <oxek> surprised it's not default behavior to reset the console on logout
243[01:22:04] <somiaj> ahh seems that the clear_console on debian is run due to ~/.bash_logout in /etc/skel, so might need to write a system wide one for each shell users on your system have access too
244[01:22:25] <somiaj> for instance zsh, /etc/zlogout
245[01:22:53] <somiaj> and then write a script that does more than clear_console (since it doesn't seem to reset color/escape character changes to a console)
246[01:22:57] <oxek> thanks, I can work with that. A little annoying that it has to be done separately for each shell
262[01:32:38] <somiaj> well it is more that how the tty works, and seems systemd doens't fully reset it. I wonder if this can be fixed with systemd to just kill the getty@tty?.service and restart the tty after logout
264[01:33:01] <somiaj> but once that service is started, any updates to the terminal seem peristant (even clear_console is only default for bash due ot .bash_logout)
266[01:35:50] <jo-erlend> So I use apt-mirror to setup a local mirror, but when I updated, everything was ignored. I then realized that the mirror I chose to mirror was not the one I was using. So I guess maybe the mirror I mirrored was slightly outdated compared to the one I install from. Does that make sense? And if so, is there a way to move to an older mirror?
270[01:41:33] <dvs> jo-erlend, you just change the deb line in /etc/apt/mirror.list
271[01:43:15] *** Quits: bitnoize (~mitya@replaced-ip) (Remote host closed the connection)
272[01:43:53] <jo-erlend> dvs, I did that, but for some reason it started from scratch. But that's not what I meant. I meant that if I had mirrored an archive that was older than the one I was using to install packages, if I could "downgrade" to the local mirror.
309[02:21:55] *** Quits: de-facto (~de-facto@replaced-ip) (Remote host closed the connection)
310[02:22:34] <dka> I want to know why my debian server keep rebooting for no reason, I have checked /var/log/messages, /var/log/syslog, dmesg, journalctl , no clue at all
316[02:26:00] <somiaj> dka: could you share the /var/log/syslog right around the reboot, like what happens right before the reboot sequence starts, maybe someone else would be able to notice something.
317[02:26:17] <dka> sney, I use it for sending sms and https
318[02:26:23] <dka> No it's totally random
319[02:26:43] <somiaj> also do you see a full reboot happening in the syslog, or is the machine just restarting (like hardware restart vs a software reboot)
320[02:26:56] <sney> what is the server hardware?
321[02:27:02] <dka> sney, I use it for sending sms and https
322[02:27:07] <dka> Here's some log : replaced-url
323[02:27:27] <dka> this by running sudo grep -E -i -r 'error|warning|panic' /var/log/ | nc termbin.com 9999
332[02:29:47] <dka> Do you see something I missed?
333[02:29:59] <sney> 'apt -t buster-backports install linux-image-amd64 linux-headers-amd64' would get you the current backports kernel, which I believe is 5.7
335[02:31:56] <somiaj> dka: can you provide the whole part of /var/log/syslog right around the time of one of these reboots. You should be able to see where systemd started the reboot process (if it is software related) and also see where the new boot starts
336[02:32:05] <dka> E: The value 'buster-backports' is invalid for APT::Default-Release as such a release is not available in the sources
340[02:32:26] <sney> then you did not add buster-backports correctly. double check your sources.list; feel free to pastebin it if you can't find the problem.
341[02:33:29] <somiaj> seems the log you shared was just rotated, so we can't actully see what is happening around the time of a reboot. Anyways, if you want to just try the new 5.7 kernel and see if that fixes the issue, sney is pointing you in the right direction.
342[02:33:39] <dka> This is my /etc/apt/source.list = > replaced-url
358[02:40:06] <dka> ok, what about the linux kernel upgrade?
359[02:40:12] *** Quits: mthe878 (~mthe@replaced-ip) (Read error: No route to host)
360[02:40:16] <dka> could this be related? it's kind of central in debian to have apt working
361[02:40:56] <RoyK> kinda…
362[02:41:23] <sney> maybe that docker entry is doing something weird to apt's parser, move the buster-backports line above it.
363[02:41:49] <sney> this is what sources.list looks like on my buster server, for reference: replaced-url
364[02:42:49] <dka> same weirdness E: The value 'buster-backports' is invalid for APT::Default-Release as such a release is not available in the sources
365[02:43:33] <sney> you still need to run apt update, having '-t buster-backports' will ALWAYS produce that same exact error until apt has read that mirror
366[02:43:57] <dka> I did it -_-
367[02:44:05] <dka> I know what apt-get update does, and apt update
372[02:44:58] <sney> earlier you mentioned source.list, was that a typo? you are making these changes in /etc/apt/sources.list correct? note the spelling
406[03:14:58] <jo-erlend> This is driving me nuts. I have an apt-mirror. I've given it to _apt. I've added it to my sources.list using file: and when I update, everything is ignored. What am I doing wrong?
407[03:15:15] <jo-erlend> the user underscore_apt
408[03:16:41] <dvs> jo-erlend, did you apt-mirror as apt-mirror after setting up your apt-mirror ;-)
409[03:18:08] <jo-erlend> dvs, one more time? :)
410[03:18:43] <dvs> apt-mirror
411[03:18:45] * dvs runs
412[03:18:58] <jo-erlend> I run apt-mirror as root without thinking much about it.
574[06:31:28] <mimi_tom> hi, I screwed up something on my source.list files when I tryed to configure apt over https and I somewhow undoed it but when I do apt update, it gives me errors. I tried online solutions but nothing worked, I removed source.list file and got the sources from replaced-url
587[06:34:22] <z14> Hi, I'm using testing but the text in my /etc/debian_version is 'bullseye/sid', I thought it should be 'bullseye/testing'. This is my sources.list replaced-url
592[06:36:52] <ansimita> mimi_tom: I would uninstall any ppa packages, and the ppa items from sources.list
593[06:37:17] <ansimita> !debian-next
594[06:37:17] <dpkg> #debian-next is the channel for testing/unstable support on the OFTC network (irc.oftc.net), *not* on freenode. If you get "Cannot join #debian-next (Channel is invite only)." it means you did not read it's on irc.oftc.net. See also replaced-url
603[06:44:18] <ansimita> mimi_tom: just realized u've reset ur sources.list and u're still getting the errors, unfortunately IDK what to do here, maybe someone else can help u
622[06:53:44] <mimi_tom> diogenes_: OMG, thank you so much :)
623[06:53:50] <mimi_tom> it works
624[06:55:15] <diogenes_> you're welcome.
625[06:55:49] <brachamh_> awesome! i'm glad i would've been right too, just means i'm learning! i think i also am just about to have my usb wifi device auto loading finally too!
626[06:57:52] <mimi_tom> im curious, how did you know by moving the contents of that dir to somewhere will solve the issue im facing on apt update? anything from my apt update's output?
627[06:58:37] *** user3 is now known as idlenode
628[06:59:15] <brachamh_> that directory is a supplement to sources.list
629[06:59:40] *** Quits: n4dir (~n4dir@replaced-ip) (Remote host closed the connection)
630[07:00:24] <brachamh_> some packages don't directly edit sources.list, they add their own sources file to the directory
631[07:01:29] <diogenes_> mimi_tom, /etc/apt/sources.list is a file that contains sources /etc/apt/sources.list.d is a directory for snippets where you can add additional sources without messing with /etc/apt/sources.list.
632[07:03:05] *** Quits: kupi (uid212005@replaced-ip) (Quit: Connection closed for inactivity)
633[07:03:23] <mimi_tom> oh, i see. i never know that
646[07:26:06] <brachamh_> yes i finally got it to work! slightly messy, possibly (combination of NetworkManager and an "interfaces" file), but it works!
738[09:37:26] <Kob> Hi guys, just installed fresh 10.5 from netinst CD and it appears that resolvconf package is missing. Is it intended, or did I screw up somewhere?
742[09:38:11] <judd> Package resolvconf (net, optional) in buster/amd64: name server information handler. Version: 1.79; Size: 72.4k; Installed: 191k; Homepage: replaced-url
743[09:38:21] <ksk> Kob: as its "optional" that could totally be.
744[09:38:37] <ksk> Are you missing any functionality?
767[09:57:45] <Kob> apt-get doesn't seem to work. when I try to ping google.com, I get "ping: google.com: Temporary failure in name resolution". I don't have desktop environment installed. I guess my problem is that I used netinst ISO, without actually having network connection at installation time. I thought I would configure network post installation, and then get all the needed packages. Just ran into this missing resolconf issue.
769[09:58:40] <jelly> Kob, is /etc/resolv.conf file populated?
770[09:59:42] <jelly> resolvconf package brings additional functionality, but the file ought to be filled in anyway if you're using dhcp to set up networking
771[09:59:47] <ksk> Kob: ah okay. (How) did you configure networking after booting into freshyl installed debian?
772[10:01:54] *** Quits: Prints (~333@replaced-ip) (Ping timeout: 244 seconds)
775[10:03:30] <Kob> No such file /etc/resolv.conf Configured network manually, entered address and netmask. Then wanted to configure name resolution and ran into no resolv.conf file. Can I just create it myself? Network seems to be working, that is I can ping 8.8.8.8
793[10:15:50] <ksk> Kob: why not just install resolvconf then?
794[10:16:03] <ksk> ah, you cannot use atp? mhhm!
795[10:16:41] <ksk> I dont think the missing package is the issue here, though. As jell-y stated, the system (libc) does name resolution, without any additional packages
877[11:37:03] <dka> I want to know why my debian server keep rebooting for no reason, I have checked /var/log/messages, /var/log/syslog, dmesg, journalctl , no clue at all
878[11:37:27] <dka> Yesterday, I started two process, and logged the time in loop, I can tell the server shutdown at 4:24:44AM CEST
879[11:38:26] *** Quits: saveNexit (~saveNexit@replaced-ip) (Remote host closed the connection)
881[11:38:59] <dka> The log I see start at 4:25:10 (after reboot): Sep 16 04:25:10 master-letort-01 kernel: [ 0.000000] Linux version 5.7.0-0.bpo.2-amd64 (debian-kernel@replaced-ip) (gcc version 8.3.0 (Debian 8.3.0-6), GNU ld (GNU Binutils for Debian) 2.31.1) #1 SMP Debian 5.7.10-1~bpo10+1 (2020-07-30)
884[11:41:04] *** Quits: leorat (~leorat@replaced-ip) (Remote host closed the connection)
885[11:41:10] <ratrace> dka: if you have hard crash without any logs, it indicates a hardware failure or kernel otherwise locking up so hard that no log entries are committed to disk. You could ssh-in and "tail" dmesg with -Tw (don't pipe to `tail`), or even better if you have some sort of serial output capabilities, monitor kernel messages through those.
893[11:45:41] <babboz> hello, I'm trying to install debian testing from an iso on a kvm vm with qemu-system-x86_64 -hda image.qcow2 -cdrom ~/Downloads/debian.iso -boot d -m 2048 , but it fails on "Detecting removable media" without also being able to load additional drivers, anyone has a suggesition on how to fix this?
894[11:46:18] <babboz> The precise error message is "No device for installation media was detected"
899[11:49:46] <dka> ratrace, it takes about 30 min to 2h before restarting, I did the dmesg -Tw
900[11:50:21] <dka> I hope it will crash soon enough, I am monitoring this issue and to me it is not the HD (SSD), it is not the CPU (i7), it is not the RAM (16GB), it can only be the motherboard
901[11:50:42] <ratrace> dka: you ran memtest? at least overnight?
902[11:50:57] <dka> i can tell this because, before formatting to linux non interactive server, I used to have two HD, the SSD with linux debian + cinnamon dekstop, and an HDD with windows 10
903[11:51:03] <dka> I was able to run both without any reboot
904[11:51:29] <dka> ratrace I never run memtest, I just used to have no problem with two OS so I wouldn't start before having problem
905[11:51:40] <dka> to me it's software issue with linux, or MB bios ios
906[11:51:41] <ratrace> then you can't exclude memory without a proper memtest
907[11:51:46] <dka> Ok
908[11:51:54] <ratrace> software issue is possible but then in something deep in ring0, like GPU drivers
909[11:52:08] <dka> I am running sudo memtester 1024 5
912[11:52:35] <ratrace> dka: no you'll have to reboot into it. it has to pass through _all_ memory regions several times with different patterns. not possible on a running system
913[11:52:50] <dka> how do you suggest to start it?
914[11:53:44] <ratrace> dka: first you install memtest86, then you reboot and select it from the grub menu, then you leave it for at least 6 hours
923[11:59:11] <frostschutz> moreso if the userland memtest only gets 1G out of xx G ;-) you'd have to be "lucky" to run into an error then
924[12:00:09] <frostschutz> if memtest86 is not possible, memtester is best run from initramfs where it can take all ram w/o worrying about OOM killing other processes
926[12:00:41] <ratrace> but assuming the kernel doesn't lock up long/hard enough, to allow a kprint or few, then dmesg -Tw should be able to show it. ideally done on the console as ssh adds more codepaths so the kernel panics and crashes before the NIC sends out the buffer
927[12:00:43] *** Quits: szorfein (~daggoth@replaced-ip) (Remote host closed the connection)
928[12:00:56] *** Quits: saveNexit (~saveNexit@replaced-ip) (Remote host closed the connection)
974[12:35:44] <centrix> I am building squid-4.13, but in the config.log I found a complain about missing sasl.h though it is located in /usr/include/sasl.
981[12:37:15] <Mava42> ok, any ideas: using still oldstable with Gnome but still got a weird problem: sometimes my volume from the machine is increased by some app, e.g. zoom or okular to 100%. Any ideas what's the reason and where the bug is in?
984[12:38:21] <centrix> ratrace, I got that package installed, but in "conftest.cpp" there is "#include <sasl.h>". Shouldn't there be "#include <sasl/sasl.h>" instead?
985[12:38:28] <jelly> centrix, did you install build-deps for squid?
988[12:38:33] <dpkg> build-deps are the packages you need to compile a package. "aptitude build-dep package-you-want-to-build" will install them, or use mk-build-deps (equivs package) to have undo-able build-dep installation. If using <uupdate> or <ssb> to update a package, you will likely need additional -dev packages. You can «/msg judd builddeps package».
989[12:38:41] <jelly> !package rebuild
990[12:38:42] <dpkg> 1) Add a <deb-src> line for your current release to your sources.list 2) apt update; apt install build-essential devscripts fakeroot; apt build-dep packagename 3) as any user, apt-get source packagename 4) cd packagename-version/; ask me about <debian/rules>; 5) dpkg-buildpackage -uc -us 6) as root, apt install ../packagename-version.deb. Ask me about <debian/rules>, <nocheck>, <nostrip>, <apt-get source>.
998[12:40:00] <Mava42> nkuttler: volume level (line out) is set to approx 30%. then when program starts. it jumps to 100%
999[12:41:15] <Mava42> i should probably just upgrade to stable and see what happens...
1000[12:41:29] <nkuttler> sounds like a plan, yeah
1001[12:41:59] <ratrace> Mava42: PulseAudio uses ALSA for backend. It's possible some ALSA-only apps are messing with the ALSA mixer settings which I think would be reflected in the master/line-out volume setting in PA
1002[12:42:47] <Mava42> ratrace: that sounds in fact very logic explanation. any ideas howto fix that ?
1003[12:42:53] <ratrace> I mean, just open alsamixer and change the master volume, you'll see it changed equally in pulseaudio controls, eg via pavucontrol
1004[12:43:01] <ratrace> Mava42: don't use ALSA directly :)
1010[12:43:46] <ratrace> this ALSA mess has caused me headaches too. I messed my firefox AppArmor profile and it couldn't use pulseaudio for a while, so the thing reverted to ALSA directly and of course audio config havoc ensued.
1011[12:44:05] <ratrace> and FF was supposedly _removing_ the ALSA integration.....
1012[12:44:18] <Mava42> oh..
1013[12:44:36] <ratrace> it's not really pulseaudio's fault, but ALSA (reason why pulseaudio even exists)
1014[12:45:08] <ratrace> with PA, each application has their own control and has no business (or even capabilities) to alter master volume... that's impossible with alsa, there's only physical channels with it
1015[12:46:01] <Mava42> ratrace: that was very well explained, even I got it! And that's how things should be: own control for each app.
1016[12:46:01] *** Quits: saveNexit (~saveNexit@replaced-ip) (Remote host closed the connection)
1017[12:46:02] <ratrace> Mava42: what you could do is make the loudest volume setting acceptable, so it doesn't headbutt you when it happens
1020[12:47:09] <Mava42> ratrace: that sounds quick, but rather good gix
1021[12:48:00] <ratrace> right and when you get an app that's suddenly ultra quiet and you see the mastre volume changed, see if you can reconfigure it back to loudest
1022[12:48:16] <ratrace> (it the application doing that)
1037[12:56:26] <rocketmagnet> hi again, i got it working, now my problem is that when i unplug one of my two screens and plugin the pen display the xinput settings are messed up and i have always have to do xinput map-to-output 14 HDMI-0
1038[12:56:37] <rocketmagnet> is there a way linux can do this on it's own ?
1040[12:57:38] <diogenes_> rocketmagnet, you could probably tweak the udev rules to add the command you want to run whenever the monitor gets attached.
1075[13:24:04] <n4dir> suddenly when logging in to tty i get the message: "xset unable to open display """. And when i use su - ; i get that message too. I did grep for xset, but don't find it anywhere. I searched the web, but no hints
1087[13:30:44] <nevivurn> n4dir: something being run in some of the shell init scripts may be trying to do GUI stuff, and that in turn tries to do stuff with xset, but it errors out because it can't find X.
1088[13:31:01] *** Quits: saveNexit (~saveNexit@replaced-ip) (Remote host closed the connection)
1105[13:36:43] <nevivurn> Hm,, that is odd. If there's nothing suspicious in /root, or something in /etc/profile and the such, not sure what else it could be.
1106[13:37:01] <n4dir> let me look at /etc/profile
1107[13:37:10] <n4dir> btw: thanks for giving me a hand
1110[13:39:48] <n4dir> i see nothing unusual in /etc/profile. Also all those files are pretty much the way they come. I hardly edit anything in there (as aliases or such)
1111[13:41:59] <n4dir> i created a new user. Same problem.
1119[13:45:04] <mossylane> maybe the error wont show in that case..
1120[13:45:20] <mossylane> just curious, not a recommendation :)
1121[13:45:21] <n4dir> but the problem is solved: there were scripts in /etc/profile.d/; which /etc/profile does load, the scripts partly assume lightdm or such.
1122[13:45:35] <mossylane> ahhh
1123[13:45:38] <n4dir> mossylane: yes, it happened there too (thats what i boot too)
1124[13:45:39] <mossylane> sorry :)
1125[13:46:04] <n4dir> nah nah, every idea is good. I installed two days in a row, hence pretty confused right now (much went south)
1126[13:46:45] <dka> ratrace, it just crashed now, the log for dmesg -Tw is nothing, last log of dmesg was 12:02
1127[13:47:05] <dka> so it was 1h46min ago, it keep hanging even if the remote host rebooted
1128[13:47:16] <dka> How can I fix those reboot ?
1129[13:47:28] <gorby> Heya, im trying to redirect syslog messages from gdm-x-session to a seperate file but cant make it work no matter where I put the rules. I have other rsyslog rules that work fine. gdm-x-session spams /var/log/messages like crazy.
1130[13:47:39] <ratrace> dka: run the memtet86 properly first, see if there's a memory failure
1131[13:48:02] <gorby> Is there a way I can change the log level or something?
1134[13:49:43] *** Quits: leorat (~leorat@replaced-ip) (Remote host closed the connection)
1135[13:49:56] <ratrace> gorby: I don't know, I stopped using gnome long time ago, but that spamming is indicative of an issue. perhaps you can fix that first? as for rsyslog filters, you just need a correct one. what are you using now?
1137[13:51:00] <gorby> Its for things that seem really minor - (monitor connection everytime it powers on / off) gtk issues in particular apps - nothing I really care about.
1157[13:58:08] <jelly> which facility does that app log to?
1158[13:58:15] <ratrace> gorby: is that supposed to be rsyslog? I don't recognize that syntax... if $programname startswith 'gdm-x-session' then /logfileblah\n & stop
1159[13:58:20] <jelly> maybe you can filter out the whole facility
1160[13:58:30] <ratrace> also check if it's gdm-x-session or gdm-xsession
1161[13:58:42] <jelly> ratrace, rsyslog changed syntax like 2 times, maybe 3 now
1162[13:58:47] <ratrace> bah
1163[13:58:57] <OsteHovel> dka: Microsoft SQL Express server listenes to a random port by default, you will need to set a specific port for it
1164[13:59:00] <jelly> I honestly can't tell if the above is valid and sane or not
1165[13:59:13] <gorby> It works for a lot of other messages.
1166[13:59:33] <gorby> There is an 'older' way I tried too, but this is whats recommened on ryslog website
1167[13:59:45] <ratrace> action(type= file=) sounds like syslog-ng to me
1179[14:03:39] <gorby> How can I tell? would it be in gdm's config somewhere?
1180[14:04:46] <jelly> if you're lucky it's documented in the manual for the command, or in the config file(s), if you're not lucky it's in the source code
1181[14:04:52] <ratrace> gorby: you can add severity and facility to the format template
1182[14:05:02] <ratrace> (so syslog includes those in the log entries)
1183[14:05:06] <jelly> ooh.
1184[14:05:29] <gorby> Oh, so I could add that to the catch all?
1185[14:06:00] <gorby> its definately gdm-x-session, btw.
1186[14:06:26] <ratrace> right, and your paste was gdm-xsession so see where you typo'd, here or in the config file
1194[14:10:39] <ratrace> depending on which editor you used, it's possible there's hidden characters that would mess copypasta... happened to me in pycharm I alt+mashed something and I don't see it, but it's in the unicode alright...
1205[14:13:01] <dka> He claims: "this is an express sql server and therefore the port is not 1433 but there is no need for the port to connect tcp / ip on a sql server interface. I have opened the udp port and the dynamic tcp port of the sql express server and confirm that I am connecting to the server from outside."
1206[14:13:36] <dka> Does it make sens ? To me a service MUST have a port, I don't know about windows nor linux client but looking at replaced-url
1207[14:14:35] <gorby> ratrace: its not there. o0 Fired up a different terminal emulator and the slash isnt there.
1208[14:14:54] <gorby> ratrace Nice catch. Now im worried about loads of other files :F
1214[14:18:46] <OsteHovel> dka, it is because it connects with a "named instance" then it talk to the SQL Server Browser service at UDP port 1434 and that replies with the correct TCP port for that instance
1224[14:33:10] <Orbstheorem> Hello o/ How can I find the stack release that bests suits a debian distribution? I remember stumbling across a matrix-like page sometime ago.
1245[14:53:38] <ksk> Orbstheorem: you just install the one that is in the official Debian repositories, if you do not need features from a newer Release.
1246[14:54:27] <ksk> that is, you install it for your release, you never "just install some package from testing/unstable", if that was the question, see
1247[14:54:35] <ksk> !frankendebian
1248[14:54:35] <dpkg> When you get random packages from random repositories, mix multiple releases of Debian, or mix Debian and derived distributions, you have a mess. There's no way anyone can support this "distribution of Frankenstein" and #debian certainly doesn't want to even try. Ask me about <reinstall>
1249[14:54:59] *** Quits: Immanuel (~Manu@replaced-ip) (Ping timeout: 265 seconds)
1256[15:00:15] <Orbstheorem> ksk: I think my question wasn't clear: I meant. I have a stack project which I would now like to turn into a debian package.
1262[15:02:19] <Orbstheorem> Stack releases are set of package with versions that are known to work toguether. Which is why I wonder how can I find a stack release which is compatible with a debian distribution.
1266[15:05:00] <n4dir> Orbstheorem: not in the subject by any means, but debian wiki seems to mention an IRC channel and a mailing list for haskell: replaced-url
1272[15:09:25] <ksk> Orbstheorem: mhhm, you just look at the version information given by the bot previously? buster seems to have 1.7 (this will not change inside of a (stable) release)
1278[15:12:59] <jelly> everytime something integrated with it calls it to add or remove its entries from /etc/resolv.conf. Every network (re)connection, every vpn (re)connection, every time a local dns service is stopped or started...
1279[15:13:05] <fredl> ifup does that right?
1280[15:13:46] <jelly> ifupdown is one of the things that can do it, if dhcp is configured, or if you have explicit dns-* lines in /etc/network/interfaces
1281[15:13:49] <fredl> I wanna automate resolvconf on some oldie servers with ansible
1282[15:14:03] *** Quits: ElNomReal (~E@replaced-ip) (Remote host closed the connection)
1283[15:14:27] <fredl> Ubuntu servers *yikes*
1284[15:14:31] <fredl> :)
1285[15:15:19] <jelly> if they have static network config in /e/n/interfaces, just install the package and add dns-search and dns-nameservers lines into relevant iface ... stanzas
1286[15:15:31] <jelly> oh, if it's ubuntu I have no idea :-D
1292[15:19:16] <ratrace> soon: netif.io that configures netplan that configures networkd that configures network. Coming soon to Ubuntu near you. This advertisement has been paid by Sarcasming Cynics Association of America.
1337[15:55:14] <rain1> i stopped using debian because it broke itself when i updated
1338[15:55:25] <rain1> I am just wondering why this happens? is this a known thing?
1339[15:55:41] <rain1> i don't do anything weird with debian I think, just apt-get upgrade and update every so often
1340[15:55:47] <rain1> and then one day it doesn't boot
1341[15:55:51] <greycat> It's not normal. The most common cause is that you installed some third-party packages, or you used backports and forgot to remove those before upgrading.
1342[15:56:09] <rain1> is it likely that I installed backports without knowing it? I'm not sure what the term means
1343[15:56:37] <greycat> !backports
1344[15:56:37] <dpkg> A backport is a package from a newer Debian branch, compiled from source for an older branch to avoid dependency and <ABI> complications. replaced-url
1360[16:07:47] <gorby> jelly:ratrace - back on my syslog problem. Sadly the dash wasnt the culprate. I added a template as per the man to show me facility for the messages. They are user ones. Gonna try to change the rule to regex now and see if that helps.
1361[16:08:45] *** Joins: Soni (~quassel@replaced-ip)
1386[16:20:04] <Soni> we could email them but we don't wanna end up in a spam filter or some list
1387[16:21:12] <greycat> So you don't know who they are, yet you claim you can help them, by selling them something, and yet you don't want to contact them directly because they might catch on to the fact that you're trying to sell them something...
1404[16:28:07] <jelly> this end user-oriented one on freenode is an anomaly that failed to move
1405[16:28:20] <jelly> back when all^Wmost the others moved
1406[16:28:20] <greycat> (The main reason is, almost all of the Debian developers decided to move to that network, and almost all of the Debian users decided to stay here.)
1452[16:40:24] <gorby> Still no dice - changed the filter format to the ones you guys are useing (its also the same as in the man). Tried with msg and regex - gdm-x-session still goes in messages >.<
1467[16:50:44] <gorby> I leanred how to use syslog templates anyway, which is nice :P Perhaps Ill just remove GDM... im useing i3 wm on this desktop now anyway.
1498[17:11:18] <somiaj> dka: you can also manually delete the key in /etc/apt/trusted.gpg.d/
1499[17:12:40] <somiaj> dka: as for installing with pip, I suggest you create a pythong virtual enviorment and use pip to install inside the virtual enviorment vs the main system (this can prevent conflicts with system stuff)
1510[17:18:47] *** Quits: toli (~toli@replaced-ip) (Quit: See you!)
1511[17:19:04] *** Joins: toli (~toli@replaced-ip)
1512[17:19:27] <S4NDM4NN> You can install the latest firefox if you really need it, but a lot of people are using debian on production devices. They do not want things changing on a whim.
1513[17:19:51] <dob1> ok why chromium is considered stable and firefox not?
1514[17:20:15] <greycat> ,,,,,,,sdfhksdhfsjkdf
1515[17:20:18] <greycat> !stable
1516[17:20:18] <dpkg> [stable] The status of a Debian release when no packages will be added or version-bumped, and changes will only fix security issues and critical bugs. Packages can be removed in rare circumstances. The current stable version of Debian is Buster (10.x); ask me about <releases>. Security bugs are fixed in stable by backporting the fix to the stable version (ask me about <security backports>). replaced-url
1517[17:20:20] <moldy> probably because chromium has no ESR
1518[17:20:31] <sponix2ipfw> somiaj: linode and linuxconfig websites have different instructions on doing this: replaced-url
1519[17:20:38] <greycat> IN THE DEBIAN UNIVERSE, THE WORD STABLE MEANS "DOES NOT CHANGE". It does not mean "doesn't crash".
1520[17:21:01] <Haohmaru> ragecat ;P~
1521[17:21:05] <somiaj> dob1: firefox provides an esr release, and firefox-esr is more on in the lines of what debian calls stable than firefox, so debian ships the firefox-esr branch (which is fully supported by moizlla)
1524[17:21:45] <somiaj> sponix2ipfw: there are lots of different ways, which one you use is kinda up to you, though I think virtualenv from python-virtualenv (python2) or python3-virtualenv is the one with the most features and most widely used.
1528[17:22:20] <sponix2ipfw> somiaj: I figured I would go with the linode method just because it looked easier :)
1529[17:22:32] <sponix2ipfw> few less commands
1530[17:23:45] <somiaj> sponix2ipfw: and that is the one that uses virtualenv. Python every few years seemed to get another tool that creates virtual enviroments.
1531[17:23:54] <somiaj> so yea, there is a lot of info and multiple ways out there.
1532[17:24:18] <somiaj> the main thing is they all will create an enviorment that your user can run pip (not root) and be independent of your system so stuff installed by pip won't conflict with system stuff
1533[17:24:20] <moldy> there are just two tools to create virtual environments to my knowledge, and then a bunch of wrappers around them
1575[17:48:06] <petn-randall> kristijonas: That usually is the right way. However, I couldn't find a minimal Java version, or if it needs any other dependencies.
1583[17:57:49] <petn-randall> kristijonas: The github repo doesn't have any info on it, either. Your best bet is to try different (newer) java versions, and if that fails, trying the other signing solutions.
1588[18:01:09] <kristijonas> petn-randall, trying to get all these different formats that are legally binding in EU. The problem is that the EU law regulates recognition of e-signatures, not that much of pressures on countries to create solutions to sign documents. So I was recommended to use this tool.
1589[18:01:09] <sponix2ipfw> easiest method is to just use Chrome from the google website instead of chromium. _unless_ you have a specific reason not to do that :)
1590[18:03:06] <krumelmonster> I got tired of out-of-sync smb passwords so I created /etc/pam.d/force-smb-passwords containing "auth sufficient pam_exec.so expose_authtok /usr/local/bin/smbpasswd.sh" and /usr/local/bin/smbpasswd.sh to call smbpasswd if "$PAM_USER" is in a certain group. I tested using `sudo login` and then logging in that way but /usr/local/bin/smbpasswd.sh isn't even excecuted :(
1595[18:06:14] <netcrash> Hello, anyway I can simulate vlan connections on a host? I've declared the interface as "auto vlan232 \n iface vlan232 ...\n ... \n vlan_raw_device eth0 \n vlan 232\n"
1625[18:21:36] <krumelmonster> As I wrote above, I created /etc/pam.d/force-smb-passwords containing something like "auth sufficient pam_exec.so expose_authtok /usr/local/bin/smbpasswd.sh"
1631[18:22:45] <krumelmonster> I even tried like "auth sufficient pam_exec.so expose_authtok quiet seteuid touch /tmp/touch" but logging in won't create the file :(
1641[18:29:34] <hodapp> When a dependency is listed as "or", like in replaced-url
1642[18:30:45] <krumelmonster> it worked by adding that line to common-auth although I think this is not how it's supposed to be done. There doesn't really seem to be any debian documentation on how to configure pam.
1646[18:33:34] *** Quits: zarickan (~frederik@replaced-ip) (Quit: Lost terminal)
1647[18:33:45] <sney> hodapp: if neither package is installed, apt will try to install the first one listed. see the Depends field here and chapter 5 of debian policy replaced-url
1910[22:36:09] <sney> if we assume this is close enough to the total debian installs globally, something like 200k people around the world. replaced-url
1911[22:36:34] <sney> some people manage more than one system, and some people don't opt in to popcon, but it's still probably in this range.
1912[22:37:01] <greycat> popcon is NOT any kind of indication of total global numbers. It's a self-selected sample.
1917[22:39:23] <dpkg> Debian strives to maintain your freedom whilst also paying close attention to the technical aspects of making a great OS. Debian is stable, upgradable and well tested. See also replaced-url
1918[22:39:29] <greycat> I think *that* was closer to what they meant.
1963[22:52:15] <greycat> e.g. "systemctl status ssh" gives me "Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab" which says "enabled", so that one will start on its own
1964[22:52:20] <greycat> !wiki 403
1965[22:52:35] <greycat> !wiki403
1966[22:52:35] <dpkg> If your IP address is blocked from the Debian wiki, please mail wiki@debian.org with your IP address. See also <replaced-url
1967[22:52:41] *** Quits: neilthereildeil (cc73b704@replaced-ip) (Remote host closed the connection)
1969[22:53:30] *** Quits: edlou (uid413273@replaced-ip) (Quit: Connection closed for inactivity)
1970[22:53:31] <shla> "Also see wiki page" yeah right
1971[22:54:07] <shla> can't be that my IP is banned, probably entire ISP range
1972[22:54:21] <greycat> IT IS ALL WE HAVE
1973[22:54:26] <shla> thanks
1974[22:54:31] <greycat> IT IS THE ONLY AUTHOTIRY I CAN POINT YOU TO
1975[22:54:47] <sney> they respond to the emails pretty quickly. some ip ranges get banned due to spam shenanigans. iirc it's more often vpn endpoints than an isp
1976[22:54:50] <alex11> can you use tor, not sure if debian blocks that for the wiki
1977[22:55:02] <greycat> I should just fucking ignore people who bitch about the wiki because it ALWAYS fucking leads to this.
1978[22:55:05] <greycat> *plonk*
1979[22:55:15] <shla> alex11, yeah, i'll tunnel myself via non-blacklisted ip
2012[23:01:32] *** Quits: platvoeten (~platvoete@replaced-ip) (Remote host closed the connection)
2013[23:01:48] <greycat> dpkg, no, wiki403 is <reply>If your IP address is blocked from the Debian wiki, please mail wiki@debian.org with your IP address. See also <replaced-url
2062[23:33:54] <jelly> if your VMs have a workload that requires more RAM, give them... more RAM
2063[23:34:16] <greycat> or smaller workloads per machine
2064[23:35:17] <jelly> zswap (more predictable latency) or zram+swap (better compression/savings) may help if you can't give more RAM, but that's usually on physical machines
2065[23:36:48] <jelly> i would probably be pissed if users traded RAM for CPU use like that, without asking for more resources they actually need, first