62[00:31:30] <genr8_> What am i supposed to do if I want that on buster ?
63[00:32:35] <JordiGH> ,ssd ima-evm-utils
64[00:32:39] <sney> ,checkbackport ima-evm-utils
65[00:32:40] <judd> Backporting package ima-evm-utils in sid→buster/amd64: all build-dependencies satisfied using buster.
66[00:32:48] <JordiGH> genr8_: Do a
67[00:32:48] <JordiGH> ,ssd
68[00:32:52] <sney> !ssb
69[00:32:52] <dpkg> First, check for a backport on <debian-backports>. If unavailable: 1) Add a deb-src line for sid (not a deb line!); ask me about <deb-src sid> 2) enable debian-backports (see <bdo>) 3) apt update; apt install build-essential; apt build-dep packagename 4) apt -b source packagename 5) dpkg -i packagename-ver.deb To change compilation options, see <package recompile>; for versions newer than sid see <uupdate>.
73[00:33:52] <dpkg> backports.debian.org (formerly backports.org) is an official repository of <backports> for the current stable (see <buster backports>) and oldstable (<stretch backports>) distributions, prepared by Debian developers. Ask me about <backport caveat> and read replaced-url
76[00:35:50] <genr8_> its not in the buster backports
77[00:36:00] <sney> genr8_: correct, now actually look at the other factoids
78[00:36:08] <sney> they are instructions for how to backport it yourself
79[00:37:19] <RadoS> ratrace, removing "quiet" makes it display all the kernel messages, which I don't want to see, but it also enables the systemd service startup messages?
81[00:37:48] <RadoS> Now, when 2 systems have both quiet set, what else influences the output of systemd service startup?
82[00:38:30] <RadoS> ratrace, '?' -> '!'
83[00:38:59] <genr8_> Nice. i figured it out. thanks
84[00:39:01] *** debhelper sets mode: +l 1136
85[00:39:47] <genr8_> Can we get someone to backport ima-evm-utils and libimaevm0 from sid to buster officially ? the dependencies were easily satisfiable
86[00:40:18] <RadoS> ratrace, how to check for "plymouth"?
87[00:40:56] <sney> genr8_: you can request it by emailing the backports list, replaced-url
88[00:41:26] <sney> genr8_: though if you are in a hurry it's a better approach to try building it yourself
106[00:52:40] *** Quits: elpelado (~elpelado@replaced-ip) (Remote host closed the connection)
107[00:53:31] <derpadmin> hello all, the latest kernel (vmlinuz-4.19.0-10-amd64) does not boot on my box... no big deal, just reverted to vmlinuz-4.19.0-9-amd64 but I am wondering what can be the issue, it went straight to kernel panic, cant mount root volume
121[00:59:51] <sney> as long as you have enough room in /boot you can have as many kernels installed as you want.
122[01:00:00] *** Quits: tagomago (~tagomago@replaced-ip) (Remote host closed the connection)
123[01:00:02] <derpadmin> boot is at 2%
124[01:00:21] <sney> apt will suggest to autoremove older kernels that you aren't using, but you can 'apt-mark manual' any package to keep it off the autoremove list
125[01:00:54] <sney> afaik only aptitude with autoremove packages without you explicitly telling it to
167[01:20:30] *** Quits: fr1endly_gh0st (~fr1endly_@replaced-ip) (Remote host closed the connection)
168[01:21:14] <derpadmin> genr8_, I don't think so no
169[01:21:56] <derpadmin> I have 4 ssd disks, software raid 5
170[01:22:23] <eblip> test
171[01:22:33] <derpadmin> tried all of them, no joy
172[01:22:39] <derpadmin> kernel panic
173[01:22:56] <dvs> !test
174[01:22:57] <dpkg> Test failed.
175[01:23:23] <joepublic> failed successfully?
176[01:23:56] <sney> try following this to see where the boot process actually fails, there are a few steps that seem instant on modern hardware. replaced-url
178[01:25:09] *** Quits: frostschutz (~frostschu@replaced-ip) (Remote host closed the connection)
179[01:25:26] <genr8_> yes check cat /proc/cmdline, and press "e" on your grub-configuration or check /boot/grub/grub.cfg to see if you have any weird options trying to load for 10 and not 9
185[01:32:36] <genr8_> did you read the apt-get messages when you installed the kernel package ? It should have run a bunch of commands to re-generate the intramfs and grub and stuff
207[01:40:50] <genr8_> <derpadmin> cryptsetup: WARNING: The initramfs image may not contain cryptsetup binaries <--- that would be a real reason why it couldnt load. The question is why are the binaries missing
208[01:41:05] <sney> assuming derpadmin's fs is encrypted
214[01:41:41] <derpadmin> yeah, it would have raised a flag
215[01:41:57] <derpadmin> let me try to reboot to vmlinuz-4.19.0-10-amd64
216[01:42:04] <sney> check out the initramfs debug page I linked earlier, the break=* argument can really narrow this down.
217[01:42:05] <derpadmin> read something about regression
218[01:42:25] <derpadmin> sney : will bookmark and do this next
219[01:42:39] <sney> if you can take a picture of the error on your screen that can help too
220[01:42:49] *** Quits: derpadmin (~derpadmin@replaced-ip) (Remote host closed the connection)
221[01:43:17] <genr8_> also, you can try with "verbose" on the grub entry, before you push enter to boot, push "e" and add verbose to the end of that boot entry with the UUID
257[01:57:15] <genr8_> why did my grub configuration start adding "security=tomoyo quiet" to my boot cmd lines
258[01:57:45] <genr8_> I dont want tomoyo right now and i definitely don't want quiet being forced on... I tried checking my grub.d files, i cant figure out where its coming from
259[01:58:43] <genr8_> oh im dumb. Its not in /etc/grub.d, its in /etc/default/grub
309[02:51:21] *** nickola1243 is now known as S3xyL1nux
310[02:51:23] <nvz> after the mountpoint is the options, the fstype goes before
311[02:51:28] <nvz> erm
312[02:51:36] <nvz> after the fstype is the options rather
313[02:52:48] <nvz> for a homedir if not defaults you probably at least want auto
314[02:55:55] <Joit> so you mean leave the options blank and only set the permissions at he fiesystem
315[02:56:24] <nvz> no
316[02:56:30] <nvz> you cannot leave any fields blank
317[02:56:38] <nvz> you can in some cases put none
318[02:57:01] <nvz> what I am saying is that you can just use "defaults" and set your permissions on the dir of the filesystem
319[02:57:50] <nvz> if you put none, the filesystem will not even be mounted at all
320[02:58:19] <Joit> welli had that before, defaults, then seems i had to add rw, because the xserver didnt start anymore with the user acc, nly at root
321[02:58:22] <nvz> if you leave it blank it will think the next field is the options
322[02:58:38] <nvz> yes, the permissions at the filesystem level were root permissions
323[02:58:54] <nvz> you have to use chmod and chown to manipulate the permissions of the filesystem
324[02:58:54] <Joit> mm not really, i did chown it before
368[03:14:05] <Joit> hmm, i had to mirror my hdd, had about the same, but got permission problems with defaults, no i set to owner,rw, and it seems works better
378[03:16:34] <Joit> but anyway, thanks, at last, i see, what it is set at normal
379[03:16:53] <sponix2ipfw> My ipt users home directory permissions
380[03:17:43] <genr8_> Theres a lot of stuff related to EFI Secureboot and Locking the Kernel Down. and I just started dabbling in this stuff called IMA / EVM which signs ALL the files on your drive and some other thing called SMACK that sets security xattrs on all your files (but i havent figured out how exactly those work yet)
383[03:19:47] <Joit> i chowned my home also before to user rw- other r, because i have dual boot and a linux reader at windows, what didnt work anymore with defaults at fstab
384[03:20:18] <Joit> so i assume, something was not proper set up the way it should be
385[03:20:44] <Joit> it did not even find the user dir anymore
386[03:21:17] <genr8_> i also went through and found any options I dont need that could be used as attack vectors and disabled them. Like that EFI_SSDT and ACPI_CONFIG_FS thing . I found out theres an exploit in the wild for that already. That will make it into the default 10.6 kernel changes tomorrow for everyone
387[03:21:23] <Joit> now i am only puzzeling between user, owner or defaults,rw but not sure, wich one is ok
388[03:21:55] <nvz> NEITHER is OK
389[03:22:09] <Joit> ha ha. owner is for now1!!1!
390[03:22:09] <nvz> you do NOT need rw, you do NOT need user, you do NOT need owner
391[03:22:23] <nvz> owner only means someone who has permissions to the disk can mount it
392[03:22:29] *** pk_ is now known as pkx
393[03:23:03] <nvz> only root or members of the disk group have permissions to the disk
395[03:23:23] <nvz> it has absolutely nothing what so !%!#*% ever to do with who can access it
396[03:24:08] <nvz> only who can _MOUNT_ it
397[03:24:11] <genr8_> I found out theres an "apparmor-profiles-extra" package with about 5-6 new programs. It would be cool if we had more AppArmor profiles for everything
399[03:24:16] <Joit> well, but right now, it seems it depends how the fstab is set, that the filesystem works better, not sure why, and i understand, what you mean
400[03:24:20] <nvz> and you probably want it _AUTO_ mounted
409[03:25:20] <somiaj> genr8_: they are slowly being added, and with apparmor being more default the SELinux, I would expect to see more apparmor profiles before selinux. Though at some level this are often best to create (or modify) to fit your risk model.
410[03:26:06] <nvz> rw is a _default_ option, it occurs automatically when you set "defaults"
411[03:26:07] <genr8_> yeah. I wanna see some more SystemD security profiles too.
412[03:26:33] <nvz> if you'd stop arguing about nonsense maybe you can get at what is actually the problem
414[03:28:09] <genr8_> I wish more people were into it, its kind of 1 level above me, creating my own will be a massive job. I also like the idea of basic auditing like auditd and IDS change alert systems like tripwire
417[03:29:46] <Joit> well nvz, its not arguing about nonsense, it is, what did happen. I SET IT TO DEFAULT and it didnt work. Seems you only DID NOT GET IT. and if this is to hard to discuss for you, then please stop and Thank you for your sugesstions. No more need fr you to bother, when you only can talk "nonsense" by yourself
418[03:30:13] <nvz> first off its not default, its defaults
421[03:30:27] <nvz> clearly based on our conversation I can tell you are not a native english speaker
422[03:30:36] <nvz> which is likely part of the problem
423[03:31:02] <Joit> NVZ I DO NOT FUCKING CARE. you can skip your grammar moaning, it s not objectiv, its more like a dumb excuse from you for your ..
424[03:31:04] <Joit> crap
425[03:31:40] <Joit> it was defaults, if i repat it here without the s, it doesnt mean it was in fstab like that, man man man
426[03:32:05] <Joit> i have some backups commentes, and its definetly defaults, but your only fk problem is, how i spell it in here?
427[03:32:12] <Joit> you are a waste, really
428[03:32:21] <gry> sorry mate it makes it more difficult to understand you
429[03:32:54] <gry> i suspect nvz doesn't appreciate being yelled at, you could say instead "sorry nvz i lack energy today and this problem is so frustrating, i'll try to be as clear as i can"
430[03:33:08] <Joit> gry he complains about how i write my mount point at fstab here, if i write defaults, or default, and thinks, then it must be wrong in my fstab
431[03:33:28] <Joit> i hope so, he is not really a help, when he cant stay straigth
432[03:33:39] <gry> when people suggest me to tie shoelaces when i'm asking about broken glasses, i tie shoelaces and say "look, the problem is still there"
433[03:33:45] <gry> seems easier than to convince them to change their mind
434[03:34:33] <Joit> i said that, i said, what is the /home usually set at at fstab, and said also, i had to mirror my hdd, and after that, my home didnt really work anymore
435[03:34:36] <nvz> I don't care if he comes here and yells at me directly.. what bothers me is they are seriously screwing up their system based on silly assumptions and will likely continue to ask for support here in the future and this misunderstanding will only waste the time of voluneer supporters in the future because its not being addressed now
436[03:35:08] <Joit> man man, i only did want to know, what the standrad entry for home at fstab looks like
437[03:35:24] <nvz> it just says default
438[03:35:29] <Joit> and sponix answered it well, he gave an example from his one
457[03:40:41] <nvz> I suggest you revisit what is actually happening.. verifying your assumptions.. the mount command without options will show what actually took place
468[03:42:59] <Joit> well, yes, it worked before 2 days alll with defaults. Then i did repair my dual boot from windows, means, i loaded a windows rescue cd, fixed the boot, whateer it did, and voila, linux had the permission problem
469[03:43:57] <nvz> idk it sounded to me like you were accessing the linux volume from windows
470[03:44:06] <nvz> in something you said earlier
471[03:44:16] <Joit> i still can not really figure out, what did happen, and home is 650 gb. not sure, where i really can look, only chown it and chmod it
472[03:44:23] <nvz> which means your windows system could've corrupted the filesystem when you have an issue with windows and needed to repair it
473[03:44:50] <Joit> yes, well, i tried to read it, its a program called linux reader, but it dont makes changes only read it
475[03:45:32] <nvz> yeah.. and I go down chimneys all over the world in a night delivering toys to children
476[03:45:34] <Joit> so far i know, windows doesnt access linux partitions
477[03:45:45] <nvz> no, not natively
478[03:46:03] <Joit> well, i set the permission afterwrds again, did not start windows anymore, but still the error occurs
479[03:46:32] <nvz> to my knowledge you have not shown any actual errors, or actual information from your system
480[03:46:43] <nvz> all I've seen is stuff that makes absolutley no sense at all
481[03:46:56] <sponix2ipfw> Joit: you could boot from Debian live USB and fsck that partition and then mount it and see if root can view it properly
482[03:46:57] <gry> Joit: what error is it?
483[03:48:08] <Joit> gry i could not start xserver anymore with the user, only with root. also, i made a backround picture at lightdm, what never worked at fstab defaults. now i set to owner, and the backround picture works. but mainly its the problem to statrt xserver
484[03:48:28] <Joit> sponix i did that also, fsck runs all times fin
485[03:48:30] <Joit> fine
486[03:48:33] <gry> oh! that sounds a bit inconvenient
487[03:48:34] <nvz> the xserver isn't supposed to be able to be started as root
488[03:48:39] <nvz> erm as a user
489[03:48:55] <nvz> Joit: have you upgraded from an old debian release recently?
490[03:48:57] <gry> what happens when you log in with lightdm? what does it do instead of logging you in?
491[03:49:01] <nvz> when all this started happening
492[03:49:15] <Joit> no, its a fresh installation, no upgrade
493[03:50:19] <Joit> gry it drops me back to the login window, xserver doesnt start
494[03:50:27] <sponix2ipfw> Joit: you need to rm the Xauthority dot file in your user's home directory
495[03:50:48] <Joit> when i then alt-F2 to antother console, and startx, it works for a user without root
496[03:50:58] <sponix2ipfw> Joit: then the user can use X again
498[03:51:50] <Joit> it did load xfce, then i could connect also at alt-f7, then alt-f2 back to the other console, end the session, and still running it at alt-f7 ... to confuse now anythin g:p
499[03:52:18] <sponix2ipfw> Joit: running X as root or with sudo breaks that file
500[03:52:25] <gry> Joit: follow sponix2ipfw's suggestion, then try to log in with lightdm
501[03:52:46] <gry> Joit: remove the .Xauthority from your home directory, exit all X sessions, then log in with lightdm only
502[03:52:48] <Joit> sponix i did that a couple of times, before this "fix windows startup" it worked by that, after that, it didnt work anymore, to only delete .Xauth and .ICE*
503[03:53:10] <gry> Joit: didn't get that, please rephrase
504[03:53:14] <Joit> i had to delete both, not only Xauthority
508[03:54:30] *** Quits: ledeni (~ledeni@replaced-ip) (Remote host closed the connection)
509[03:55:02] <Joit> gry i first could start the xserver with deleting .Xauthorithy, then, (because i have windows at an other hdd, what didnt work anymore after the mirror the hdd) after fixing windows startup, it did not work anymore to only delete .Xauth, the xserver still did not start
511[03:58:29] <gry> Joit: did you remove .xsession-error* ? did it start working after that ? if not, pastebin output of 'ls -la $HOME', maybe
512[03:58:31] <Joit> i am looking through my xsessions-error now, but seems is updated
513[03:59:17] <Joit> i think i did not remove it, but i cleaned also the tmp, like some suggested at some postings
514[03:59:30] <Joit> at last the x-reltated stuff
515[03:59:57] <gry> Joit: okay
516[04:00:10] <gry> Joit: you may wish to remove the *xsession-error* files, and check for the issue
517[04:00:12] <Joit> right now, my xsession-errors is from the last 2 hours, where all worked
518[04:00:33] <gry> Joit: it doesn't matter what time it was; we want that file to be gone completely because of permissions issues
519[04:00:34] <Joit> but i have my fstab set to owner,rw
520[04:00:51] <gry> Joit: if you don't want to remove it, move it to ~/myxsession-errors.old, or something, please
521[04:01:41] <Joit> well, i ont care, its at the trashfolder now
522[04:01:48] <Joit> i know, it weill be re-created
523[04:02:15] <gry> Joit: also it is important that you quit all Xorg sessions before starting to log in again, otherwise it may be running as a wrong user or mess up the permissions again
524[04:03:14] <Joit> so, you now think, set the /home back to defaults at fstab and reboot and all should work ?
525[04:04:24] *** Quits: ChiLLabiS (~jimmy@replaced-ip) (Disconnected by services)
526[04:04:38] <gry> Joit: I'm not an expert with fstab, but I think this may be a good plan
527[04:05:02] <Joit> yeah, i can set it back manually anyway, if it wil not work
528[04:05:10] <nvz> I can assure you that the fstab has absolutely nothing what-so-ever to do with this issue
529[04:06:05] <Joit> nvz, the only thing what is weird for me, is, after i changed this lines at fstab, and did nothing else, the xserver worked again, also this backround image at lightdm
530[04:06:08] <nvz> especially since according to what you told us, the only thing you actually did was change who can mount the filesystem
531[04:06:36] <nvz> thats all you realize that you've done
532[04:06:45] <nvz> you probably also rebooted which in turn did a number of things
533[04:06:45] <Joit> nvz i couldnt really figure that out also by myself, because that would be my logic too
534[04:06:59] <nvz> it probably checked the filesystem again, it logged out, it restarted services..
535[04:07:03] <gry> let's see what happens after your reboot
536[04:07:34] <gry> you can go to tty and check that *xsession-error* and *Xauthority* files are absent before you log in to lightdm
544[04:12:30] <Joit> sponix well gladly, i have all the datas now from my old hdd (It did make some weird noises) its only, that the home dont work well anymore
545[04:12:55] <sponix2ipfw> Joit: if you honestly want me to explain that. You will have to wait until I get home to a real keyboard lol
548[04:13:46] <sponix2ipfw> Should be home in less than 30 minutes
549[04:13:47] <Joit> no, its ok, sponix haha, i am ok, when i only know a normal entry at fstab for my /home, and to be save, that nothing else goes wrong in the future
563[04:22:29] <Joit> ok back, and seems all works normal again. just lightdm dont work with the backround picture i made but it seems thats a problem of lightdm
596[04:56:56] *** Quits: Numero-6 (~Numero-6@replaced-ip) (Quit: << - Qui etes vous ? - Je suis le nouveau numero 2 - Qui est le numero 1 ? - Vous etes le numero 6 - Je ne suis pas un numero ! Je suis un homme libre!! >>)
609[05:16:10] <genr8_> thats super weird. I rebooted the new kernel and I had no video, I checked on them in /lib/modules/ and they werent there.... then i rebooted, and they ARE here, dated prior to me rebooting
617[05:27:17] <genr8_> my best guess it they were busy recompiling when I went to restart the first time (it did take an extremely long time), and they got put in /tmp or something... then they didnt exist in the /lib/modules dir when I booted the new kernel, but they were like 99% built. then when I booted back into my old kernel, they got placed in the right dir with the old date
618[05:29:53] <genr8_> I still have no idea what service was called to get them auto-built
619[05:32:09] <somiaj> I think your guess is wrong, they won't auto-build, dkms builds are triggered when you install kernels
620[05:32:27] <somiaj> an upgrae won't complete (and be stuck in a configure state) if the modules weren't built
621[05:32:29] <genr8_> why wasnt it visible ?
622[05:32:59] <somiaj> I am not gonna guess on that, but there could have been some other issue.
623[05:33:08] <somiaj> and just rebooting won't magically build the missing modules
688[07:38:22] <genr8_> the Nvidia module is a DKMS module, which I rebuilt for the new kernel, so that should work. The VBoxDrv one is the host driver that came from Virtualbox, which I have no idea how it got built
689[07:39:22] <nvz> your source/headers didnt exactly match the running kernel
690[07:39:40] <somiaj> well unknown symbols make it sounds like it wasn't properly compiled for or compadable with the kernel you are using.
698[07:47:39] <nvz> bottom line is, you screwed up either compiling your kernel or supplying the right source/headers for building your 3rd part modules
699[07:47:54] <genr8_> the kernel is missing the symbols is what it is. I think because I stripped the symbols out first, before it knew these modules would need them.
700[07:48:56] <genr8_> CONFIG_TRIM_UNUSED_KSYMS=y
701[07:49:08] <nvz> heh
702[07:49:15] <nvz> thats only one of the 3 problems I see
703[07:49:16] <genr8_> and the modules were out of tree, so it didnt know them.
704[07:49:27] <genr8_> 3 ?
705[07:49:41] <nvz> yes you are only seeing the symbols issue cause its the most repeated
706[07:49:58] <nvz> you are ignoring the disagree about symbol module layout, and verification failed
707[07:50:06] <nvz> these are 3 seperate issues
708[07:50:19] <nvz> one has to do with module signing
709[07:50:24] <nvz> one has to do with module versioning
710[07:50:26] <genr8_> i forgot to sign one. i fixed that.
711[07:50:35] <nvz> and the other has to do with the symbols you stripped
712[07:50:40] <genr8_> thats 2 issues
713[07:50:50] *** Quits: yuta (~pi@replaced-ip) (Quit: WeeChat 2.9)
733[07:54:58] <genr8_> no im wrong on that aspect also. it must disagree for some other reason
734[07:55:00] <somiaj> What kernel contains an in-tree vbox module? This has always been a thrid party module. Also what kernel are you compling and why.
735[07:55:02] <nvz> I'm just givin ya my two cents worth.. I saw three issues, I told ya about all I know about it.. heh.. used to compile kernels all the time, bought books on it and crap.. but that was ages ago.. I've only took a run at modern kernel once..
736[07:55:21] <somiaj> also I don't really see what this has to do with debian, you are compiling a custom kernel, why not just use the one from debian stable?
737[07:55:31] <nvz> the 2.x kernels I used to mess with and the 3.x-5.x kernels are a whole different ballgame :P
738[07:56:15] <genr8_> im using the debian kernel and the tools
739[07:56:24] <nvz> I havent had time to keep up.. the 5.x kernel I made worked but I fudged a few things :P
740[07:56:51] <nvz> last kernel I compiled before that was a 2.6 one so :D
742[07:57:01] <somiaj> genr8_: you must be doing something strange then, since the debian kernel does contain the symbols needed for both vbox and nvidia
743[07:57:31] <genr8_> i said i used this to strip them, CONFIG_TRIM_UNUSED_KSYMS=y , before it knew about the extra modules
759[08:01:56] <nvz> well I'd bought O'reilly's Understanding The Linux Kernel back in the day.. and it was pretty amazing.. but they can't keep up with the development.. so unfortunately there isnt such a comprehensive read I know of that is current
760[08:02:22] <nvz> I think the one I bought was for the 2.4 kernel and by time I groked it, 2.6 was stable
761[08:02:57] <nvz> and 2.6 was like a totally different animal.. things had drastically changed
762[08:03:57] <nvz> my first go around with 5.x blew my mind all over again.. heh
863[09:54:47] <nvz> you make packages either for a specific arch or for "all"
864[09:54:57] <nvz> if the package isnt arch specific
865[09:55:10] <nvz> i.e. documentation or headers or something
866[09:55:35] <nvz> if its compiled, then its either one or the other
867[09:55:58] <jumijoze> ywow mit höhenmeteréinblendungen
868[09:56:09] <nvz> !pl
869[09:56:10] <dpkg> Na kanale #debian rozmawiamy po angielsku; jesli chcesz lub wolisz mowic po polsku, wejdz na kanal #debian-pl na irc.freenode.net - debian-user-polish@lists.debian.org
870[09:56:45] * nvz makes a wild guess
871[09:57:06] <tomreyn> -de would have been correct, if with a french accent aigu
872[09:57:10] *** Quits: yonder (~yonder@replaced-ip) (Remote host closed the connection)
873[09:57:30] <nvz> yeah wasnt enough there for me to go on.. nick sounded polish
874[09:58:26] <nvz> something north-central europe
879[09:59:29] <dpkg> Deutschsprachige Hilfe bekommt ihr in #debian.de (auf irc.oftc.net, irc.freenode.net oder irc.belwue.de) - debian-user-german@lists.debian.org
903[10:15:56] <nvz> yeah well either way I dont think it was much more than an accident.. and was german.. cause lookin closer at the tranwreck that is compound words in german, I see meterein (meters)
905[10:16:45] <n4dir> wow mit höhenmetereinblendung is german.
906[10:17:12] <nvz> I only had a brief intro to german like 25 years ago.. and been avoiding it ever since due to crap like that.. it horrifies me the way they run words together like that
907[10:17:15] <flayer> n4dir, which is why it must be defended, even if it ruled unjustly over the rest of it for centuries
908[10:18:09] <ratrace> "tiny peninsula".... and yet the craddle of human civilization as we know it :) btw, slightly tiny, like the peninsula, bit offtopic :)
909[10:18:25] <n4dir> nvz: it is the language of soldiers. Arthur C. Doyle points out the horrible german language in "bohemien". In a funny way, but he is not wrong
910[10:18:58] <n4dir> yeah, i will stop with offtopic. sorry. I got a hang for it ...
945[11:07:01] <Lope> Debian host and guest VM. I pause the guest, then I suspend the host. Then some time later I resume the host, and then resume the guest. The guest time is wrong for quite a long time.
946[11:07:11] <Lope> How can I force the guest to update it's time?
947[11:07:25] <n4dir> ntpq or such
948[11:07:26] <ratrace> use a ntp sync daemon
949[11:07:45] <willow_> systemd time
950[11:07:56] <Lope> I don't have any ntp installed on the guest. Should I install it?
960[11:17:20] <ratrace> Lope: I thought maybe with kvm-clock paravirtualized hwclock one wouldn't need an ntpd in the guest, and that may be the case, but from what I read online there still exists a problem with exactly your use case: suspending and resuming guests.
962[11:18:32] <ratrace> so either use an ntpd or try scheduling `hwclock -s` on resume somehow in the guest, and libvirt should have its own functions for that like "guest-set-time" but I have very little experience with libvirt, I prefer qemu directly
975[11:37:29] <RadoS> So, with "quiet" on A it's no kernel and no services, but with "quiet" on B it suppresses only kernel but keeps services showing.
976[11:38:27] <RadoS> How to track this further? How to check for plymouth?
985[11:53:28] <ratrace> removing "quiet" will show both kernel and systemd output, yes. I don't know if you can show one and not the other. plymouth is a package, check it with `dpkg -l plymouth` and see if it's installed. should be, it's default. it's used for boot splash graphics and related.
986[11:53:53] <ratrace> "splash" kernel command line controls that part. I don't know if debian has any default plymouth splash graphics like ubuntu has.
987[11:53:55] *** Quits: Lope (~lope@replaced-ip) (Remote host closed the connection)
1034[12:48:18] <ratrace> that or any other form of auto upgrades with no admin oversight
1035[12:48:46] <oxek> yeah, you make a good point
1036[12:49:44] <oxek> I know it's wishful thinking, it would be nice if the release date was announced in advance and coordinated with making release notes available
1037[12:49:57] <ratrace> oxek: it is, subscribe to the announces mailing list
1038[12:51:02] <oxek> ratrace: don't see anything replaced-url
1039[12:51:17] <oxek> I mean, I don't see anything about 10.6
1090[13:42:17] <tomreyn> a preseed file is a way for automating debian installations, and i think you mean to ask about the conteXt. ;-)
1091[13:43:28] <tomreyn> i know this, but not how to debug or even lint preseed files.
1092[13:47:05] <Mazhive> tomreyn your right preseed.cfg files are for automated installs using any media a preseed.cfg file has all the answers lined up for thee install to - proceed - a install without user interaction.
1123[14:24:59] <Mazhive> right now i am using a pxe server to automate install. a install normaly takes about 1 hours not every other changes and add packages included that takes at least another hour so automating it would take about 30 minutes , the amount of time can greatly reduce to do a install
1124[14:26:59] *** Quits: Tobbi (~Tobbi@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1182[15:25:21] <reith> Hi. I'm packaging a software that before has been installed without package manager. Is there a mechanism in debian to mark a package conflicts with some files and prompts user to remove those files? This package doesn't install files in same path as before.. so i look for a mechanism to delete (ask user and if he allowed delete file otherwise fail packge installation) file in path_a while my package
1183[15:25:27] <reith> installs that file in path_b.
1184[15:25:55] <n4dir> codedmart: i just followed that guide and it seems to include everything.
1187[15:27:29] <n4dir> as far i see it doesn't include what the debian installer offers via tasksel at the end: choosing to install a GUI and a bit more (cups and such)
1233[15:38:09] <hmuller> reith: probably cleaner to offer user an uninstall script to remove an application not installed with package manager first, and then install the package
1236[15:39:39] <reith> hmuller: that works but should handle package installation failure too.. I'm thinking to install those files by package (so user will be prompted for insalling package) and delete those in configure stage.. going to test that
1249[15:47:06] <reith> that's strange.. i didnt' install file `a` but in maintainer script removed that and it succeed.. should't package be limited to delete just files it created?
1251[15:50:07] <reith> (never gonna install a package from unofficial repo without reading postinst)
1252[15:51:51] <tomreyn> dpkg makes the assumption that if it is used, then only dpkg is used for package / software management, and thus it does no harm by overwriting existing files which are not part of another installed debian package.
1253[15:51:52] <dpkg> tomreyn: what are you talking about?
1258[15:54:04] <reith> tomreyn: well, that's a very sane assumption.. but i guess i can even delete files installed by another package in my package's postinst. haven't tried though
1262[15:59:04] <reith> (just tried and i can delete all files, installed by user or installed by another package in postinst. learned maintainer scripts can be evil)
1273[16:04:39] <oxek> NetTerminalGene: you said so earlier, and were advised to ask for your money back
1274[16:04:45] <asterismo_l> i'm trying to install debian in a raid1 array of IDE disks (old PC) and after installing grub and rebooting, the system throws a grub rescue
1275[16:05:10] <asterismo_l> error file '/boot/grub/i386-pc/normal.mod' not found
1308[16:24:10] <tomreyn> reith: yes, files created in postinst aren't tracked, and postinst can do anything root can. so don't install packages from untrusted sources
1309[16:24:48] <asterismo_l> i partition the disks to have two partitions each, the same
1383[17:07:50] <blaztek74> Why did my Debian version number in /etc/debian_version change from 10.5 to 10.6 when I did an `apt upgrade` today? While during the upgrade, the output displayed the version change.
1390[17:11:11] <blaztek74> thank you! I didn't realize the point release. Yes, I saw the kernel change and rebooted. I was only confused because the Debian.org still has the 10.5 links for download.
1391[17:11:47] <LtL> blaztek74: i'm sure the links will be updated soon.
1401[17:23:16] <sk313t0n> I wanna install ascii-xfr on a debian system, but it's not in the repo, and I can't find any download links for it. Does anyone know anything about it?
1403[17:26:57] <n4dir> sk313t0n: apt-file search, which i don't know well, gives me minicom. Doing apt-cache show minicom it doesn't seem to make much sense to me, but you might want to have a look
1404[17:28:27] <codedmart> Alright so I ran through debootstrap and got everthing all good. I already have a bootloader (systemd-boot) and mount /dev/sda1 as boot. I setup /dev/sda3 with luks. I installed cryptsetup-initramfs, and setup a /etc/crypttab. But still not able to boot properly.
1429[17:45:18] <throwthecheese> I have an issue with Stunnel
1430[17:45:37] <throwthecheese> It won't start with the configuration my univ provided
1431[17:45:57] <deego> On one of my newer machines, I saw this warning: "repository ... changed its value ... to 10.6". But, I don't see this on any of the others - the ones that have been around for a long time, and have been dist-upgraded through several major releases. Is there some config option I need to tweak on the latter?
1432[17:46:19] <deego> this was during an "apt update"
1436[17:47:51] <codedmart> I am chroot'ed into my debian install `bash: initramfs-update: command not found` Shouldn't that be there? I checked in `/usr/sbin` as well, but it isn't there either.
1456[17:52:37] <codedmart> Oh I see I was using the wrong command.
1457[17:53:28] <throwthecheese> And it looks like that my university network requires SSL3+ since if I manage to start stunnel without errors, my university network blocks me outright instead of requesting authentication
1458[17:54:19] <LtL> deego: for what it's worth, point releases don't require dist-upgrade. A simple apt update && apt upgrade will suffice.
1459[17:54:42] <deego> yes
1460[17:54:54] <deego> i mentioned dist-upgrade about major releases
1473[18:01:40] <deego> there's a -d in my upgrade in the crontab. does unattended-upgrades provide a -d option?
1474[18:01:51] <reith> another question about maintainer scripts. i see postrm is pre-populated by dh_installsystemd. i want to change this script, can i still have pre-populated script beside my customization?
1490[18:07:01] <hansh> can someone tell the paste.debian.net maintainer than when pasting this replaced-url
1491[18:07:01] <hansh> " filter?
1492[18:07:43] <hansh> because that guy NEVER responds to me. think i got spam-filter-false-positive reports from friggin 2016 that is still waiting for a response from > formorer@debian.org
1605[20:00:00] <NetTerminalGene> debian keeps us vulnerable
1606[20:00:01] <oxek> for firefox 78esr to be released to stable, it needs to be built on debian-stable. It was not possible to build it on debian-stable until debian 10.6, which has been released today.
1607[20:00:24] <oxek> the upgrades have not happened yet for a lot of machines
1608[20:00:28] <sney> it also only hit testing yesterday. replaced-url
1609[20:00:49] <oxek> NetTerminalGene: so expect firefox 78esr sometime next week probably
1610[20:01:02] <oxek> plus the CVEs fixed in 78esr are not critical
1611[20:01:02] <NetTerminalGene> oxek: why do they needed 10.6?
1612[20:01:12] <oxek> NetTerminalGene: newer versions of rust
1633[20:10:24] <NetTerminalGene> oxek: issues are in firefox code. for example, it doesn't show tracking list selection. it supposed to show that option
1634[20:11:07] <NetTerminalGene> and their tracking protection doesn't work sometimes
1635[20:11:16] <oxek> Disable the built-in firefox tracking protection and use ublock origin like everyone else
1636[20:11:19] <NetTerminalGene> there is no such issue on debian's firefox
1657[20:17:23] <oxek> and a combination of linux, firefox, and especially esr version which is behind the regular release? It's not very realistic it will be targetted.
1658[20:17:42] <ratrace> I remember when it was over 30% and it seemed like it'd "take back the web" .... but then chrome appeared
1660[20:18:13] <oxek> mozilla became complacent far before chrome appeared
1661[20:18:27] <aaro> well the chromium situation in debian isn't any better
1662[20:18:52] <oxek> I remember doing lots of benchmarks, profiling, identifying problematic areas and giving suggestions for improvements, along with code snippets - and being ignored for years
1663[20:18:53] <ratrace> oxek: I wouldn't be surprised with a highly targeted attack against debian sysadmins running FF. smiliar attacks already happened in the past (not against debian per se, but server admins)
1664[20:19:37] <oxek> ratrace: you are correct, I am not denying that.
1665[20:19:41] <NetTerminalGene> should we use chromium?
1666[20:19:58] <oxek> NetTerminalGene: we should just not use the web
1667[20:20:02] <hmuller> ^^^
1668[20:20:05] <aaro> at least with firefox you have the mozilla binaries
1669[20:20:06] <ratrace> I use firefox, and I have a nice, very strict apparmor profile on it
1670[20:20:27] <hmuller> sigh, I still need to properly use apparmor
1700[20:27:33] <oxek> it's a problem with the user primarily, the browser second
1701[20:27:34] <ratrace> adblockers aren't 100% efficient, and majority of people don't run with them.
1702[20:27:47] <sponix2ipfw> But I like sketchy websites
1703[20:28:03] <oxek> didn't google say it's now a little bit over 50% of users that have adblockers?
1704[20:28:05] <ratrace> even I don't run with them. the only extension in that regard I have is PrivacyBadger and CookieAutoDelete, and a DNS blacklist I assembled over the years
1723[20:36:50] <EdePopede> oxek: for a long time ad servers have been a problem, maybe they still are. as long as nobody cares where the ads displayed on their sites really come from it won't stop.
1724[20:37:17] <oxek> most websites should not exist anyway
1728[20:38:28] <oxek> I have a rule that on my personal machines I only visit websites I donate money to, have a subscription to, or they have a different revenue model (such as selling something)
1739[20:42:55] <EdePopede> i've been using a vanilla profile right now for some weeks, i think it is even worse than when i started using noscript
1740[20:43:29] <oxek> it's a pity that umatrix is no longer being developed
1741[20:43:38] <EdePopede> oxek: the one at the top, full-width with the download link? it's blue-ish ;)
1742[20:43:59] <EdePopede> i think green has a bad reputation because of sf.net
1743[20:45:21] <EdePopede> personally i don't even care about ads in general, i grew up with them in journals and partially on tv. but the web counterpart is just not acceptable.
1744[20:45:22] <archaeopter> Hey! Does somebody know how i can fix this weather widget?
1745[20:45:29] <EdePopede> "this"
1746[20:45:35] <archaeopter> Error loading QML file: file:///home/mg/.local/share/plasma/plasmoids/org.kde.weatherWidget/contents/ui/main.qml:113:5: Type YrNo unavailablefile:///home/mg/.local/share/plasma/plasmoids/org.kde.weatherWidget/contents/ui/providers/YrNo.qml:18:1: module "QtQuick.XmlListModel" is not installed
1751[20:45:50] <dpkg> The enter key is not a substitute for punctuation. Hitting enter unnecessarily makes it difficult to follow what you are saying. Consider using ',', '. ', ';', '...', '---', or ':' instead. If you hit enter too often, you will be autokicked by debhelper for flooding the channel.
1760[20:47:25] <oxek> EdePopede: blue, green, can't tell difference. I mean this one: replaced-url
1761[20:47:26] <EdePopede> > We, the 'Publisher', and a select group of trusted partners, known as 'Vendors', need your consent for data-processing purposes
1770[20:52:08] <EdePopede> archaeopter: anyway, i have no idea where this missing module would have to come from. maybe the kde folks know more
1771[20:52:14] <ratrace> oxek: I already use FF container tabs to maintain sites I do want persistence with, like work related etc... cookieautodelete + private mode for the rest
1796[21:03:54] <archaeopter> It is, they even have a banner saying so, its fockin ded
1797[21:04:04] <ratrace> EdePopede: I just *HAD* to look it up :)
1798[21:04:15] <EdePopede> hrhr :)
1799[21:04:23] <ratrace> okurrrr
1800[21:05:34] <EdePopede> archaeopter: well, irc. join, ask, wait. may get 5 answers in the first 10 seconds, may have to wait for hours. the population size also isn't necessarily a reliable source for the activity of a channel
1801[21:06:03] <archaeopter> Ye, ill wait an hour and guess will have to find a worse widget, ugh
1833[21:19:48] <oxek> debian release easter egg, if you try downloading the iso, and append -easteregg to the download URL, it actually downloads ubuntu
1834[21:19:51] <sney> EdePopede: I don't remember ever seeing something like that, but my memory is not reliable, and I could imagine it being somewhere
1852[21:26:58] <oxek> and of course the 'easter egg' bug in sl replaced-url
1853[21:28:07] <sney> for whatever reason, I'm more likely to do it when there's a little bit of terminal lag, like managing a remote server via putty on windows. I've seen the train that way a few times by accident
1876[21:37:34] <ratrace> that would break the "stable" promise of LTS
1877[21:37:37] <oxek> search for scrollback there
1878[21:37:49] <oxek> hence my surprise
1879[21:37:50] <ratrace> WHAT!!!
1880[21:37:56] <sponix> I am going to test this theory in a second
1881[21:38:23] <ratrace> (╯°□°)╯︵ ┻━┻
1882[21:38:31] <oxek> ratrace: ?
1883[21:38:37] <ratrace> they backported it?!!?
1884[21:38:46] <oxek> sponix is verifying it now
1885[21:38:51] <oxek> it does not work on my system anymore
1886[21:38:55] <sponix> oxek: VM done updating to 10.6 with the latest 4.19 kernel -- So I need to go to a REAL tty correct -- Not just a terminal in X ?
1887[21:39:05] <oxek> sponix: yes, real tty
1888[21:39:10] <Lvl4Sword> ┬─┬ ノ( ゜-゜ノ)
1889[21:40:17] <ratrace> lemme test it too
1890[21:41:32] <oxek> a 30 year old feature... just gone... without any big announcement from debian
1891[21:42:12] <ratrace> on linux that nobody uses on desktops and everyone uses on servers where console reigns.......
1892[21:42:13] <sponix> oxek: what systemd command is it to drop from X to a real console -- I need that for my VM because I don't know how to send ctrl+alt+F1 lol
1893[21:42:35] <oxek> sponix: don't know systemd command, but maybe chvt will work
1894[21:43:15] <n4dir> systemctl stop <name-of-display-mangager> ; might be worth a shot, but i wouldn't bet
1895[21:43:32] <sponix> oxek: Yeah, its true -- I have 0 scrollback buffer in the real TTY
1923[21:47:34] <oxek> I only found out about this because after upgrade, the graphical interface did not start up so I had to go to a tty
1924[21:48:37] <imMute> the scrollback disappeared when switching between VTs for a while anyway
1925[21:48:43] <ratrace> I ran upgrade tests on VMs before tonight's plan to upgrade all the servers but now..... now I no longer care, let it rot. I'll be planning a switch to a less joke of an OS. and no, not just because of this, this is just final straw that broke the crapux camel back
1926[21:49:05] <oxek> I genuinely feel sad for scrollback, it has been with me for such a long time
1927[21:49:21] <oxek> I did not mean to make you angry ratrace
1928[21:49:26] <ratrace> I knew this was coming in future kernels, but I never thought they'd backport such a big, huge change for SERVER CENTRIC OS like Linux!
1931[21:49:55] <ratrace> oxek: you did not! GKH and/or whoever's the maintainer for backports did! This ain't his first time, last time I fumed for his political backports to subvert ZFS
1932[21:50:02] <imMute> ratrace: you never thought they'd backport a security fix (even if the "fix" is to just remove the feature outright) ????
1933[21:50:30] <ratrace> imMute: knowing how many fixes are NOT backported, yes, I actually did not thing they'd go ahead and break LTS like this
1934[21:51:05] <imMute> it's not broken. you just can't scrollback in the VT anymore.
1935[21:51:06] <ratrace> is not the fix tho. the cve fix did not require removing the whole functionality
1936[21:51:14] <imMute> which you couldn't do when switching between VTs anyway.
1938[21:51:27] <imMute> and you can get the feature back by using something like tmux or screen if you really really need it.
1939[21:52:04] <ratrace> imMute: I guess you don't understand the real issue here
1940[21:52:07] <imMute> you're right, they could have fixed it without removing the feature. but no one stepped up to do that work (presumably because no one cares enough about the feature). so Linux patched the hole by removing the feature.
1941[21:52:35] <ratrace> the real issue is boiling for the past few years with political and other breaking backports to LTS kernels
1942[21:52:37] <oxek> imMute: the real issue is changing behavior of a stable (meaning "does not change") release
1943[21:52:59] <ratrace> there is no "LTS" kernel. it's all made up crap. nobody should be running anythin but latest mainline and kernel devs themselves are saying that. RIP linux.
1944[21:52:59] <oxek> and without any big announcements from debian
1945[21:53:01] <imMute> oxek: you'd rather they not backport security fixes then?
1946[21:53:22] <oxek> I too run some stuff on servers where my only access is IPMI, and don't have tmux there
1947[21:53:41] <oxek> imMute: they already don't backports lots of security fixes, because they would break userspace.
1948[21:53:49] <codedmart> I could use some luks help. I am installing debian from arch. I have it all installed, but I can't get the initramfs to update with the crypt info. I keep getting `cryptsetup: ERROR: Couldn't resolve device /dev/mapper/crypt`. I am chroot'ed in from my arch install.
1949[21:54:09] <ratrace> the "security" implication of CVE-2020-14390 is riduculous compared to actual bugs that exist and are NOT YET patched
1950[21:54:36] <ratrace> cdown: the crypto device must match what you wrote in /etc/crypttab
1952[21:55:41] <ratrace> cdown: or in other words, when you chroot, you must open the LUKS container with the same name that you had in crypttab. by default it's sdx_crypt where x is the actual device partition number
1953[21:55:54] <ratrace> (iirc)
1954[21:56:12] *** Quits: maggotbrain (~maggotbra@replaced-ip) (Remote host closed the connection)
1955[21:56:14] <codedmart> ratrace does that matter if I opened it from arch? It does match.
1956[21:56:31] <ratrace> codedmart: the host distro is irrelevant, just the mapper name must be the same
1957[21:56:58] <ratrace> re-check because by that message it's not. /dev/mapper/crypt is not what the installer would write in crypttab by itself
1963[21:57:44] <ska> Is it safe to use Snap on debian?
1964[21:58:01] <EdePopede> promises some fun, there seems to be a lot of public hardware running on it
1965[21:58:25] <ratrace> ska: you mean snaps? snapd containers?
1966[21:58:31] <codedmart> ratrace I opened in arch `sudo cryptsetup open /dev/sda3 crypt` then mounted btrfs subvolumes and chroot'ed into debian. /etc/crypttab has `crypt UUID=... luks,discard`
2003[22:04:18] <ratrace> you actually need /dev and /proc for initramfs, but it's best to have them all. bind -t proc proc /mnt/chroot/proc ; bind -R /dev /mnt/chroot/dev ; bind -R /sys /mnt/chroot/sys ; chroot /mnt/chroot ; source /etc/profile ; export PS1="(chroot) $PS1"
2004[22:04:39] <ratrace> codedmart: assuming /mnt/chroot is where you mounted the rootfs, and source + export are optional, run in the chroot shell
2008[22:06:45] <ratrace> (you can also use systemd-nspawn ; as chroot in some cases tends to break the system integration through /proc so you have to reboot the host after you exit the chroot, because it's broken)
2009[22:06:55] <ratrace> *systemd integration
2010[22:07:01] *** Quits: eventhorizon5 (~smuxi@replaced-ip) (Remote host closed the connection)
2046[22:22:08] <codedmart> OK that seems better. I am only getting warnings now on update-initramfs. But I am still getting dropped into initramfs when booting saying it can't find device /dev/mapper/crypt.
2047[22:22:46] <ratrace> codedmart: paste the warnings somewhere please
2051[22:28:00] <codedmart> So is it reading from the host as well? vgcrypt is my arch lvm luks?
2052[22:28:08] <ratrace> codedmart: you're missing the "key" column between UUID and luks,discard. use none if you don't have any special key devices or keyscripts
2053[22:28:35] <ratrace> like this: crypt UUID=b62db806-97f0-43bc-a401-fd61f5e02e30 none luks,discard
2054[22:28:48] <ratrace> also, consider using fstrim.service instead of discard
2055[22:29:24] <codedmart> Great let me try this. Really appreciate all the help.
2056[22:29:39] <ratrace> codedmart: that vgcrypt btw... where does it fit in the mount tree for debian?
2057[22:30:12] <ratrace> the way this works is that initramfs hooks are looking at mountpoints and then back through mappers to the device they're on. so if vgcrypt is mentioned, it must mean it's needed by the rootfs somehow
2058[22:30:15] <codedmart> Oh it was mounted I suppose when I mounted /dev since I have that in my arch tree.
2059[22:30:46] <ratrace> well I'm not sure if there would be a warning like that unless the device was referenced in the mountpoint of the rootfs or something else in fstab
2062[22:31:46] <codedmart> Hmm... it is not in my debian fstab.
2063[22:31:51] <tomreyn> ratrace: the 'discard' option in /etc/crypttab (interpreted by cryptsetup) has a different meaning than the 'discard' file system mount option in e.g. /etc/fstab
2064[22:32:47] <tomreyn> (this is in response to "consider using fstrim.service instead of discard")
2065[22:32:49] <ratrace> tomreyn: I know. it just passes through from the filesystem. but I'm assuming then the rootfs is mounted with discard too
2066[22:33:56] <tomreyn> ratrace: hmm, i wouldn't immediately assume this as a result of seeing the discard option set in /etc/crypttab
2067[22:34:46] <tomreyn> (since you'd also need it to make fstrim.service work)
2068[22:34:59] <ratrace> hrm, point.
2069[22:35:20] *** Quits: czesmir (~stefan@replaced-ip) (Quit: Lost terminal)
2070[22:35:24] <ratrace> so.... "consider using the fstrim.service instead of mounting the filesystem with discard option"
2082[22:43:26] <codedmart> ratrace Thanks again! Success, now I just need to find the right firmware for my wifi card. Then start transfering setting, getting things setup. So I can have a more stable system.
2083[22:43:59] <willow_> for i in /dev/ /dev/pts /proc /sys ; do mount -B $i /mnt/$i ; done
2085[22:44:55] <ratrace> you're missing /dev/shm and submounts in /sys :)
2086[22:45:34] <ratrace> ideally, using systemd-nspawn does it all, but you just have to --bind or --bind-ro /dev explicitly as it's otherwise private /dev in the namespace
2087[22:46:09] <ratrace> (and it's recursive bind too, so that covers submounts)
2133[23:11:27] <hmuller> I use systemd-nspawn for all my container needs, for multi-partition images I use kpartx then do the mounts manually, then load up in systemd-nspawn