2[00:04:56] <sponix> jhutchins: I find even doing very little still is better than folks that go out of their way to ruin the default securities built in :P
45[00:59:48] <abff_> I've used /etc/default/keyboard to add an xkb-styled option so that my capslock and escape key are swapped on boot. It works fine in X but the change doesn't happen automatically in console I need to run setupcon every reboot to force the change to happen. I thought setupcon was run automatically at boot, what's going on?
68[01:34:40] <crucify_me> hi I'm having trouble with a repl for haskell called ghci. the cursor jumps up off the prompt line when backspacing or deleting right to left. someone suggested to change the charsets? anyone kindly help me do that ?
69[01:35:04] <crucify_me> someone *on the haskell chatroom
101[02:12:28] <genr8_> ive had that happen when the terminal window is the wrong size. resizing it to be less wide or something else and then typing "reset" on the terminal fixed it.
188[04:06:10] <crane> i installed it not yet. i though it would get installed then with the next apt upgrade?
189[04:06:42] <dvs> crane: nope, you need to expicitly install packages from backports. And you should ONLY install the packages you need.
190[04:07:14] <jmcnaught> crane: remove the custom pinning, follow the instructions on the link above. Use "apt -t buster-backports <package>" to install packages from backports, they'll also be updated from backports once you have installed that package from there.
210[04:10:52] <maplambda> I installed my HP printer with CUPS and enabled sharing so I can now print on any device in my house. CUPS is installed on my laptop. is my laptop actually acting as a server right now? im curious abut the mechanism by which im able to discover the printer from other devices that arent my laptop like my cell phone. I dont even have to do anything on my cell phone it just recognizes the printer now how does it do this?
211[04:10:53] <queip> will Debian manage to offer a good email client? perhaps before we start building Mars bases
212[04:11:37] * dvs likes Thunderbird
213[04:12:22] <queip> dvs: they destroyed gpg support, and provide own, stupid, inhouse implementation that does things badly
214[04:12:43] <jmcnaught> Evolution is okay, I use it.
215[04:14:05] <queip> jmcnaught: it's written in C
216[04:14:17] <dvs> ???
217[04:14:36] <jmcnaught> maplambda: it is probably avahi doing mDNS aka zeroconf
235[04:20:52] <themill> If you're using security concerns as a reason to avoid things because they're written in C, then you've completely missed the point. You shouldn't go near anything that uses QtWebEngine, which is basically everything Qt/KDE
236[04:21:14] <queip> themill: if rendering UI then all elements are usually well-defined
237[04:21:24] <genr8_> yeah all those KDE libraries are ridiculous.
238[04:21:29] <queip> of course rendering attached HTML should be disabled
239[04:21:39] <genr8_> look at the dependencies replaced-url
240[04:21:54] <themill> genr8_: dependencies are not an issue
241[04:22:06] <genr8_> exponential increase in attack surface
242[04:22:08] <themill> queip: this is not only about html messages
243[04:22:24] <themill> this is *any* untrusted data
244[04:22:46] <queip> genr8_: like which dep? besides akonadi
245[04:23:15] <genr8_> anything with KDE in the name
246[04:23:50] <queip> genr8_: because? what about anything with G in a name
247[04:23:59] <genr8_> i agree.
248[04:23:59] <themill> genr8_: you'd prefer that they didn't use libraries and instead made their own versions of each and absolutely every bit of functionality?
262[04:28:47] <genr8_> well you have fun in your quest to save the world from C. but ditching it entirely is not possible. the best you can do is fix whats broken and use static analysis and sanitizers
266[04:35:37] <genr8_> personally, i'd be much more concerned about a "house of cards" scenario of multiple abstraction layers added on and built off of but never actually investigated.
267[04:36:31] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
268[04:36:33] <jmcnaught> What is covered by security support is also a factor. webkit2gtk is covered, qtwebkit and khtml are not.
269[04:37:29] <genr8_> yeah. or multiple points of failure being added through dependency trees ballooning out of control to where you have dead code or unmaintained code
271[04:40:06] <pagetelegram> having trouble mounting what should be a raw server image. fdisk -lu doesnt display any offset info. Does 1984hosting use a special format? Need to mount to assess logs for suspect intrusion. My key got compromised and was locked out of SSH,sFTP ports refused etc. Trying to just grab the logs in /var.
293[05:06:44] <genr8_> theres always the chance it was compressed or encrypted. you could chop off the first few kilobytes and hexedit to scan for clues
294[05:07:53] <mtlsw> genr8_, I think you're tumbling on hypotheticals... that's not helpful information
295[05:08:10] <genr8_> by all means take over then.
306[05:29:02] <genr8_> you mean you found a valid filesystem header and interpreted those bits ?
307[05:32:46] <genr8_> read this and see if you've overlooked a certain command replaced-url
308[05:34:11] <pagetelegram> hd -n xxxx -c image.img gives me some basic insight yea.
309[05:36:37] <pagetelegram> I did try all those options; thinking about the header output stating dirty bit etc. I have not used hex displays since I was a tween. So I don't know what os headers look like.
310[05:37:00] <mtlsw> pagetelegram, I came-in at 23:58, what is this you're working on?
311[05:37:15] <mtlsw> pagetelegram, (a stored copy of a disk?)
312[05:37:44] <pagetelegram> 1984hosting VPS image...trying to mount/read...fdisk -ul displays no partition info.
313[05:38:06] <pagetelegram> Need to see /var/logs to assess intrusion concern.
314[05:38:13] <mtlsw> pagetelegram, a template or a copy of your storage?
315[05:38:21] <pagetelegram> full 25gb image
316[05:38:27] *** Quits: puke (~vroom@replaced-ip) (Remote host closed the connection)
317[05:38:51] <mtlsw> pagetelegram, you should be using "aide" -- it does integrity checks -- it can use off-site database comparisons between two different stored folders (and again off-site)
318[05:39:16] <mtlsw> pagetelegram, basically you do a hash checksum of all files on the system before the intrusion..
319[05:39:24] <mtlsw> pagetelegram, and store that in an aide database..
320[05:39:25] *** Quits: trysten (~user@replaced-ip) (Remote host closed the connection)
321[05:40:10] <pagetelegram> Good moving forward. Thank you.
322[05:40:19] <mtlsw> pagetelegram, the only way I can think of detecting any unwanted changes is to compare it with a known-safe system of the same distribution files from another VM.
323[05:40:39] <mtlsw> pagetelegram, and then do a cross-comparison of the hashes between the two --- have same packages installed, etc..
324[05:41:17] <firespeaker> is there currently an issue with the kernel headers on unstable? trying to compile nvidia drivers from debian and straight from nvidia both result in an error about the kernel configuration being invalid: replaced-url
325[05:41:28] <mtlsw> pagetelegram, you can possibly do that with using aide as well. Make an aide-database in one VM, and then compare it to the suspected VM's storage
326[05:41:42] <pagetelegram> I hosted my mail server on the VPS. I shut down server when noticed SSH sFTP ports refused. Then relaunched VPS for a 6 hours until I noticed postfix was restarted. That's when I got paranoid.
327[05:42:04] <pagetelegram> oh good idea
328[05:42:25] <mtlsw> pagetelegram, you should be using something with fail2ban which does iptables-updates and blocks ip's based on login failure
329[05:42:50] <mtlsw> pagetelegram, (you can also limit new SYN connections with iptables/nft)
330[05:43:01] <mtlsw> pagetelegram, ^ that too can slow-down any attacks.
331[05:43:13] <pagetelegram> I use key file only....no root password. My key must have been compromised.
333[05:43:52] <mtlsw> pagetelegram, you should learn from this -- you are always 100% attack (everybody is) -- as soon as you put anything online, there's already scans within seconds..
338[05:46:34] <pagetelegram> I am learning from this. Thank you. I'm stump'd though how my key would be compromised. I only keep it on one thumb drive. And only one other person has my keys...someone I trust/confide. So I lean more towards a zeroday thing which maybe why 1984hosting has my VPS controls locked.
339[05:47:19] <mtlsw> pagetelegram, I have no idea if it really is compromised. -- but your ssh can be providing password-or-key login if your sshd is not set to disable passwords
340[05:47:58] <pagetelegram> VPS has no passwords set for login...only one key at the time...keys changed since.
341[05:48:48] <pagetelegram> oh just reread.
342[05:49:35] <pagetelegram> I don't understand...I use putty to ssh in.
343[05:50:27] <pagetelegram> No matter, I have been unable to SSH or sFTP in connection refused with old/new keys.
344[05:50:50] <pagetelegram> as if someone went in and blocked usual port access
345[05:51:40] <pagetelegram> It seems my provider is on to it...they locked controls and been in communication with them over this issue this last week. They however office works when I'm asleep :/
346[05:51:55] <mtlsw> pagetelegram, the webportal is also locked?
347[05:52:16] <mtlsw> pagetelegram, usually cloud providers have a web-portal front to things --- you might have "newsletters" from there.
348[05:52:21] <pagetelegram> just the VPS controls. I cannot stop , restart or start the VPS
349[05:53:03] <pagetelegram> I have 5 of them and they all locked down even the ones' that are not suspect compromise. As such the one hosting codebas.org is still running, however I cannot control the state from the panel.
350[05:53:58] <pagetelegram> Nor can I make image backups atm. So either the provider is locking everything of mine or everyone or this is their servers respsonding to an intrustion they do not know about.
351[05:54:55] <mtlsw> pagetelegram, maybe because they're in iceland, that everything is now getting frozen for the winter tehehe
352[05:54:59] <mtlsw> pagetelegram, oops my bad XD
353[05:55:06] <mtlsw> pagetelegram, they're a /22 network
354[05:55:38] <mtlsw> pagetelegram, what do you use on it? just wp?
355[05:55:42] <pagetelegram> lol I have to wait another 2 hours before they start answering their emails. Its getting late for me.
356[05:57:28] <pagetelegram> A lot of different server softwares, mostly flat straight old html; postfix, stuff I can't recall name of atm. Most projects involved in research fraud and expose corruption.
357[05:57:54] *** Quits: auk (auk@replaced-ip) (Quit: Leaving)
358[05:58:13] <pagetelegram> I don't like wp; I tried wp years ago and an attack in 2017 pushed me to go flat and plain jane html.
359[05:59:02] <mtlsw> pagetelegram, jc
360[05:59:05] <pagetelegram> tho not everything I use was flat...mysql stuff too. Got a text file somewhere of my entire layout of servers and softwares; be willing to share privately.
361[05:59:29] <mtlsw> pagetelegram, you should of known better if you're blogging on that.. you're more suspectible for being ridiculed by whoever who can be trying something.
362[06:00:56] <mtlsw> pagetelegram, never trust your Caller-ID these days.
363[06:01:10] <mtlsw> pagetelegram, be sure to have(next time) include in your list of not-to's.
365[06:01:28] <pagetelegram> Studies on benford's law in different systems including elections and such; I am compelled to publish....and plans to study exotic RF abuses I am compelled to get out. I am not surprised; just trying to learn as I meet these challenges.
371[06:05:51] <pagetelegram> In 2017 the logs originating of hack from China, tho as you say can't trust Caller-IDs...shared host at the time sftp attempts about 100,000 pings.
372[06:06:12] <pagetelegram> that's why I moved to VPS.
373[06:06:38] <pagetelegram> I like 1984 bc they don't restrict what softwares/ports you install
374[06:08:46] <mtlsw> there's "ghost server" -- an alternataive to WP for doing writing. There's ghost-providers that can maintain the site/updates for you.
375[06:09:04] <mtlsw> if you're kind of tired of doing the administration. But that cost a few extra bucks..
380[06:17:35] <pagetelegram> I will explore the federated p2p route to see if that has an answer. Though limited to reach and a lot of it is prejudged even I prejudge the onions as being a toxic place.
381[06:18:37] <pagetelegram> I few friends pointed me in that direction as a general solution against information being taking down.
382[06:18:42] <mtlsw> pagetelegram, what do you think about the new ms-edge-dev chromium-based browser released a few days ago? can that be trusted? lol
384[06:20:16] <pagetelegram> I have a hard time keeping up on anything; and I use chrome not knowing all it's faults. I am busy in too many things. This happens when I', in process of moving to a new apartment. Staying up just tonight so I can converse with 1984 folk
385[06:21:58] <genr8_> even if its safe now, its a trojan horse by being complacent to allow microsoft to infiltrate linux with its compromising tendrils
386[06:22:10] <mtlsw> pagetelegram, the announcement was made several months ago, it is making on linux news sites
387[06:22:27] <mtlsw> pagetelegram, some people worry it may have privacy-invasion telemetry
388[06:22:40] <pagetelegram> nice try... ); as the old IBM OS/2 adage Up and Running, not Up and Coming....
389[06:22:59] <pagetelegram> not good
390[06:23:10] <pagetelegram> I always have bashed SM
391[06:23:11] <pagetelegram> MS
392[06:23:35] <genr8_> no good can come from it. just say no.
393[06:24:12] <pagetelegram> I use Windows for my Adobe needs only. If Adobe moves to Linux I can so easily kiss Windows goodbye for good.
394[06:24:43] <Azrael_-> ever tried adobe with wine?
395[06:24:44] <genr8_> i wouldnt hold your breath
396[06:25:05] *** Quits: kupi (uid212005@replaced-ip) (Quit: Connection closed for inactivity)
403[06:26:26] <Azrael_-> thought the api of wine was already that "complete" and flexible to support basically everything and wouldn't need specific modifications for every program
404[06:26:39] <genr8_> adobe knows full well what they're doing is keeping people locked into windows, and likely the only thing stopping many people from switching. these corporations stick together
405[06:27:16] <pagetelegram> Adobe Premiere access to CODAs etc I don't think is supported. idk haven't tested stuff with Winehq since about 5 years.
406[06:27:35] <genr8_> Wine is a win32 api only.
407[06:27:44] <Azrael_-> i have no real experience, i'm just curious about it
408[06:27:55] *** brachamh_ is now known as bracham
409[06:27:55] <pagetelegram> That's a door slam
410[06:28:38] <pagetelegram> If it's anywhere near the maturity of ReactOS I won't consider it. Good for Notepad and maybe Wordpad :P
411[06:28:56] <genr8_> Notepad++ works too :)
412[06:29:24] <pagetelegram> haha only adobe notepad++ and universal extractor is all I got installed on the system
419[06:34:42] <genr8_> This is why Adobe will never allow it. replaced-url
420[06:35:44] <pagetelegram> They still port to OS/X/Darwin?
421[06:35:50] <mtlsw> flash is supposed to end in support this year
422[06:35:57] <pagetelegram> That is good news ^
423[06:36:07] <pagetelegram> The next update will be an uninstaller.
424[06:36:08] <mtlsw> its old news, it's just taken a few years to come to this point lol
425[06:36:12] <mtlsw> hahaha
426[06:36:22] <genr8_> at some point, Microsoft was even contemplating buying Adobe outright for 138-260 billion dollars. replaced-url
427[06:36:46] <alex11> it may strictly be good from a security standpoint but unless there's a functional replacement so much of the early web will be lost in losing flash
435[06:38:29] <genr8_> oh apparently they planned for this and invented a "NewGrounds Player" native windows app. replaced-url
436[06:41:27] <pagetelegram> I doubt they be flash diehards keeping this dead horse alive for too long. It's not worth it....I am just happy to see this means no more flash ads eating up system resources.
437[06:42:19] <alex11> yeah now we just have electron
482[07:30:33] <markuman> Hi. I got an EC2 instance with debian buster. It says, that all packages are up to date. it installed python 3.7.3-1. but in a docker file of debian buster, it installs 3.7.3-2
483[07:30:48] <markuman> what do I need to do to get it on the ec2 instance?
484[07:31:13] <markuman> I already copied the apt source.list from docker buster into the instance. after apt update, nothing changed
518[07:51:47] <themill> as I said, python3.7-minimal ≠ python3-minimal. python3.7-minimal is the package that is vulnerable to the CVE and you've upgraded it
519[07:52:18] <jelly> markuman: could that aws inspector thing be buggy and checking the wrong package
520[07:52:34] <markuman> jelly: I guess yes
521[07:53:09] *** Quits: Space_Man (~Space_Man@replaced-ip) (Remote host closed the connection)
522[07:53:18] <markuman> hmm we got buisness support. I will create an issue
545[08:12:24] <jelly> alex11: if the disk is already formatted GPT, and you have enough space to make an efi boot partition if missing, it ought to be doable
546[08:12:53] <alex11> is there a way to check what it's formatted as?
705[10:26:30] <iamjfk11> Quoting Wayland FAQIs Wayland network transparent / does it support remote rendering?
706[10:26:30] <iamjfk11> No, that is outside the scope of Wayland. To support remote rendering you need to define a rendering API, which is something I've been very careful to avoid doing. The reason Wayland is so simple and feasible at all is that I'm sidestepping this big task and pushing it to the clients. It's an interesting challenge, a very big task and it's hard to get right, but essentially orthogonal to what Wayland tries to achieve.
707[10:26:30] <iamjfk11> This doesn't mean that remote rendering won't be possible with Wayland, it just means that you will have to put a remote rendering server on top of Wayland. One such server could be the X.org server, but other options include an RDP server, a VNC server or somebody could even invent their own new remote rendering model. Which is a feature when you think about it; layering X.org on top of Wayland has very little overhead, but
708[10:26:30] <iamjfk11> the other types of remote rendering servers no longer requires X.org, and experimenting with new protocols is easier.
709[10:26:30] <iamjfk11> It is also possible to put a remoting protocol into a wayland compositor, either a standalone remoting compositor or as a part of a full desktop compositor. This will let us forward native Wayland applications. The standalone compositor could let you log into a server and run an application back on your desktop. Building the forwarding into the desktop compositor could let you export or share a window on the fly with a re
710[10:26:30] *** iamjfk11 was kicked by debhelper (flood)
737[10:59:48] <Lope> hey guys, I've got 2 PC's running linux kernel 5.8. Connected on a LAN via 1GbE full duplex. Ethtool shows both are 1000Mbps full duplex. Both PC's use a bridge on their ethernet interface. Previously speeds were good. I've recently changed my network setup a bit. I renamed interfaces with udev and used network-manager to create the bridges instead of /etc/network/interfaces. Now for some weird reason with iperf UDP I get 104MiB/s in one direction, but
738[10:59:48] <Lope> 2MiB/s in the other direction!!! Any ideas what could be wrong?
739[11:01:05] <Lope> I'm going to fire up a 3rd PC and test against that to see which of these 2 has the problem.
761[11:23:12] <Lope> my network-manager configs are identical between the 2 of the PC's same kernel, same debian, same everything. Only different realtek chipset :/
788[11:43:03] <queip> akonadi-backend-mysql is uninstalled, and yet still akonadi uses mysql backend
789[11:43:31] <queip> wtf?
790[11:46:30] <Lope> so on the PC that was struggling to send data out of it's realcrap, I mean realtek chipset after I changed from /etc/network/interfaces to network-manager. Even stopping network-manager, deleting the bridge and using the eth directly, I still could only send at 2MiB/s with iperf. So I disabled network-manager, blacklisted the eth interface in NetworkManager.conf and got the bridge configured again in /etc/network/interfaces. rebooted. I re-tested and now
791[11:46:31] <Lope> the PC can send at 114MiB/s again. So weird. Network-Manager broke the realcrap.
792[11:50:13] <Lope> Interestingly my laptop also has a realcrap chipset, but it has *different* issues. network-manager works fine with my laptop's eth. However last time I ran the laptop as a server (2 years ago), it's eth goes down after like 2 weeks and the only way to bring it back is power cycling it. The fix for that interestingly was hard locking it to 1000Mbps full duplex (disable auto negotiation) and that fixed it. Realcrap
793[11:51:50] <ratrace> Lope: 1) why are you even using NM for all that? 2) btw, you don't need udev rules to change iface name, you can do it with NM, interfaces, networkd, ...
794[11:52:05] <Lope> geez. I just had a *SIMPLE* idea to rename some network interfaces and change some IP's and ports and whatever, and add a few extra bridges etc. It's taken me a full 1.5 days to get everything done and working properly. Insane.
795[11:52:07] <ratrace> Lope: 3) are you missing firmware for the nic?
796[11:52:29] <Lope> ratrace, I thought udev was the recommended way to do it?
797[11:52:33] <ratrace> Lope: that's called Yak Shaving. Wellcome to the world of Yak Shavers :)
798[11:52:54] <ratrace> Lope: "recommended"? neither yes or no, it's just one way.
799[11:52:57] <Lope> ratrace, I've got the r8168-dkms firmware package 8.048.03-1~bpo10+1
800[11:53:23] <Lope> ratrace, yak shaving? hahahah not familiar with that.
801[11:53:33] <ratrace> Lope: I have no idea what that package does. but you can check if the kernel wants firmware and is missing it, dmesg | grep -i firmware
802[11:54:38] <ratrace> Lope: yak shaving is when you take a seemingly simple task and then you realize you ALSO have to do tasks B and C ..... and then B.1 and B.2 and C.1 and then B.2.1, and etc.... down the rabit hole of "oh, shi! this too!"
803[11:54:40] <Lope> ratrace, just a spectre notice and ACPI: [Firmware Bug]: BIOS _OSI(Linux) query ignored
804[11:54:59] <ratrace> Lope: then the kernel isn't missing firmware files
805[11:55:10] <Lope> haha yeah. yak shaving. What a lot of fun.
806[11:55:30] <Lope> Now I'm starting to (just barely) understand why people are scared of changing their setup when it's "working"
807[11:55:39] <ratrace> some also call that "System Administration". I guess the Yak's name is "System" :)
808[11:55:44] <Lope> They shout with much fear and desperation to not change "It's working!!!"
809[11:55:56] <iamjfk11> queip "dpkg -l akonadi*"
810[11:56:00] <Lope> with subtext "(don't ask me to change anything)"
811[11:56:08] <ratrace> Lope: now do that with remote server and _nothing_ but an ssh connection
813[11:56:31] <Lope> ratrace, yeah, I'm scared as shit of changing things about the network or initramfs etc remotely.
814[11:56:35] <ratrace> Lope: well barely nothing, if you can't reconnect, you can ask the hostnig company to provide you with keyboard-video-mouse in a few hours :)
815[11:56:55] <Lope> I generally setup a local system that's identical to it and test on that before messing with the remote.
816[11:57:05] <queip> iamjfk11: akonadiconsole 4:18.08.3-1 amd64 ; rc akonadi-backend-mysql ; ii akonadi-backend-postgresql ; un akonadi-backend-sqlite and yet akonadi uses mysql right now, even though uninstalled, wtf?
817[11:57:05] <Lope> One mistake and it's gone.
818[11:57:24] <Lope> ratrace, yeah, that's loads of fun.
819[11:57:45] <Lope> Then you have to hope your old notes of what the 100 character FDE key is, is right for that server.
820[11:58:00] <Lope> it's so fun typing 100 pseudorandom shit manually into a POS terminal.
821[11:58:01] <iamjfk11> dpkg -l mysql-*
822[11:58:01] <dpkg> No packages found matching mysql-*
823[11:58:12] <Lope> and then it says "incorrect" hahahaha
825[11:58:30] <fling> Why is my iceweasel got replaced by firefox?
826[11:58:36] <fling> Should not it be icecat instead?
827[11:59:36] <ratrace> ff replaced iceweasel long time ago
828[12:00:05] <ratrace> iceweasel was just ff with different name due to license. everything else is the same as with ff now (ie. the patches and changes that forced FF to be renamed in debian)
927[13:37:27] <hmuller> epitamizor: if you can't select all the lines you need in the terminal/terminal multiplexer, then you will have to use something similar to what I posted above
928[13:37:27] *** cdown_ is now known as cdown
929[13:37:37] <jelly> epitamizor: if what you need is still completely on screen, you can use "gpm" to copy it and paste elsewhere
930[13:38:09] <jelly> but again, you need gpm installed and running already to have mouse support on console
931[13:38:55] <jelly> epitamizor: if your program is meant to run forever as a service, consider writing a systemd service for it instead, and let systemd log the output
954[13:51:39] <impermanence> sorry I haven't used debian in forever: if I'm updating and I want to avoid a manual `-y` do I need to sudo apt-get update -y?
955[13:52:32] <impermanence> seems like not
956[13:52:34] <nkuttler> impermanence: you probably mean upgrade, not update?
1013[14:21:13] <queip> <lurchi_> Then use something with does not confuse stable with stale ..
1014[14:21:16] <queip> he does have a point
1015[14:22:17] <greycat> !stable
1016[14:22:17] <dpkg> [stable] The status of a Debian release when no packages will be added or version-bumped, and changes will only fix security issues and critical bugs. Packages can be removed in rare circumstances. The current stable version of Debian is Buster (10.x); ask me about <releases>. Security bugs are fixed in stable by backporting the fix to the stable version (ask me about <security backports>). replaced-url
1030[14:31:58] <queip> <lurchi_> nobody here will fix the 3 year old stuff debian is distributing. Make sure it is reproducible with a current version, and then write a bug report
1031[14:32:26] <CrystalMath> so backport that one package
1032[14:32:41] <CrystalMath> the point of debian stable is that MOST old packages are actually better
1033[14:32:50] <CrystalMath> on rare occasions, this is not the case
1048[14:36:46] <EdePopede> so you prefer entering text in something KDE instead of a terminal emulator. sounds legit.
1049[14:36:51] <queip> hmuller: to send and receive emails, gpg encrypted&signed, with attachments. kind of like outlook express did 20 years ago (minus the bugs etc)
1095[14:43:19] <EdePopede> so what email client does windows have which would be fine for you?
1096[14:43:27] <CrystalMath> well i agree with you, i don't think there can be a GUI client which doesn't suck
1097[14:43:30] <CrystalMath> maybe evolution?
1098[14:43:36] <queip> you need to import private pgp keys into thunderbird. no support for smartcard reads, for gpg config, for gpg WoT and trust list
1099[14:44:00] <queip> EdePopede: TheBat was fine
1100[14:44:06] <EdePopede> "was"?
1101[14:44:13] <hmuller> queip: that's your opinion. debian hasn't failed. you mentioned windows (20 years ago) and that would be WinXP
1102[14:44:16] <queip> not using windows much now, EdePopede
1103[14:44:21] <EdePopede> doesn't sound like something to be used in the future
1137[14:50:24] <EdePopede> it needs developers to do it
1138[14:50:45] <Tenkawa> without the bug reports its "never" going to be fixed
1139[14:50:49] <queip> maybe debian should be more rolling
1140[14:51:04] <queip> maybe also upstreams should prepare stable branches and keep patching them per debian requests
1141[14:51:08] <EdePopede> and with software around something networking, if it's browser, irc client, or mail client, there's some relevant RFCs and maybe some other standards
1142[14:51:13] <EdePopede> no
1143[14:51:16] <EdePopede> !stable
1144[14:51:16] <dpkg> [stable] The status of a Debian release when no packages will be added or version-bumped, and changes will only fix security issues and critical bugs. Packages can be removed in rare circumstances. The current stable version of Debian is Buster (10.x); ask me about <releases>. Security bugs are fixed in stable by backporting the fix to the stable version (ask me about <security backports>). replaced-url
1145[14:51:23] <Tenkawa> this is just pure software development definition
1146[14:51:23] <EdePopede> there are enough rolling distros
1147[14:51:34] <queip> EdePopede: not that much rolling
1148[14:51:41] <Tenkawa> you need to need to know the problems to fix them
1149[14:51:44] <queip> just fixing bugs that really make stuff sucks
1156[14:53:15] <EdePopede> one of the things distro maintainers are running into
1157[14:53:46] <EdePopede> <queip> maybe also upstreams should prepare stable branches and keep patching them per debian requests <--- debian and all the other distros?
1158[14:53:58] <EdePopede> what about redhat?
1159[14:54:18] <queip> btw, what is this god damn key to unlock keyring (probably from Gnome) in gpg pinentry
1160[14:54:30] *** Quits: jpe (~jp@replaced-ip) (Remote host closed the connection)
1164[14:56:33] <queip> <CarlSchwan-M> We maintain a stable branch for Plasma and Debian is not even using it...
1165[14:57:12] <queip> maybe upstreams should try more to release LTS branches, and Debian should use them when ever possible, collaborate with their devels, and always backport into stable when there are *bugfixes* in LTS?
1166[14:57:38] *** Quits: lesless (~lessless@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1172[15:05:41] <jelly> queip: so you're volunteering to backport Qt5, plasma, and plasma apps into debian, whilst making sure no other Qt app breaks, that's what I'm hearing?
1177[15:09:46] <EdePopede> maybe upstream needs more developers?
1178[15:11:13] <crane> if i install the meta package "linux-image-amd64" from backports. shouldn't the meta package "linux-headers-amd64" also resolve to backports?
1179[15:11:44] <crane> or do i also have to point explicit to backports here?
1265[16:50:47] <dpkg> Steam is a proprietary content delivery and management application for PC software with Linux support. Packaged in <non-free>; amd64 users are required to enable <multiarch> and install the steam:i386 package. For help with upstream issues, ask #steamlug on irc.freenode.net. replaced-url
1267[16:51:23] <pmart> idk it's packaged in a funny way (uses subset of valve deb as packaging source). I was thinking maybe the purpose is to make less of a mess in system by redirecting installation to homedir
1268[16:51:44] <greycat> *shrug*
1269[16:51:51] <ksk> One could argue it removes the need to download a .deb file - why not..
1270[16:52:10] <queip> jelly: no. I think that paradigm is broken. I might write bug reports, maybe test. Maybe donate a bit. But this needs to be organized.
1272[16:52:36] <queip> jelly: so far it seems that not much progress can be done since most upstream refuses to work with debian, since debian uses too old version "oh we probably fixed that years ago"
1273[16:53:17] <queip> perhaps we need upstreams to agree with major "stable" distros, like debian, to together maintain such LTS versions
1274[16:53:30] <queip> because now we can't even agree on what version to work on
1276[16:54:54] <queip> jelly: kmail as provided in debian stable seems to be unusable. what if I even confirm it works fine in new kde? perhaps debian stable should allow updating stable with new versions if current versions or very unrealiable and often unusable
1277[16:54:57] *** Joins: conta (~Thunderbi@replaced-ip)
1292[17:00:00] <queip> a version so that debian users can contribut meaningful bug reports that upstream will be interested in, instead of throwing them all away "stop using debian Stale, lol"
1293[17:00:11] <ksk> queip: an upstream project want first of all develop its software, on their on terms. I can only imagine they would not like, for example having to follow some debian-whatever guidelines.
1294[17:00:18] <queip> and which when fixed debian might consider upgrading in stable version even for non-security bug fixes
1297[17:00:48] <ksk> queip: its a poliy thing: Stable in debian means basicly "not changing". Switch to another distro, if that does not fit your needs ;)
1298[17:01:07] <queip> sure but "can you please choose a stable version, and keep it maintained for like 4 years plz" is pretty common and reasonable suggesion not something done only "for debian"
1299[17:01:22] <queip> just minimal bug fixes of serious bug
1300[17:01:26] <pmart> So the version of steam package really means initial version. I wasn't expecting that since it's in non-free section and there is no mention of self-update in description. It behaves a bit like packages in contrib really.
1301[17:01:32] <ksk> if you buy software from a company, yes you could argue.
1302[17:01:44] <ksk> if you use OSS software, you cant really tell if any of the maintainers is around next month..
1309[17:03:35] <queip> this is kind of done with firefox-esr right?
1310[17:04:37] <ksk> I think so, yes. But as stated Firefox has enough manpower to release an ESR version in the first place. Many small project dont, or even just dont want to do so.
1311[17:06:45] <queip> for one, we should imo fix god damned akonadi postgresql (if it turns out that it instead mysql fixes kmail bugs)
1312[17:06:54] <shtrb> queip, I'm 100% that for the proper fee your bug might get fixed , or via a "funding" (in the past there had been a way to donate X euro to an organization that it will transfer that donation to devs to fix stuff)
1313[17:07:11] <queip> one would think that uninstalling akonadi-backend-mysql and installing -pgsql will make your programs use it, but no. the migration function is missing. it fails silently
1314[17:07:28] <shtrb> queip, if at irc you don't get answers , please try the mailing lists.
1317[17:08:02] <azeem_> queip: migrating a mysql db to postgres isn't trivial usually
1318[17:08:11] <shtrb> queip, there had been an option in the past in akonadiconsole (? i think) , but that feature had been deprecated, you can edit the .rc file manually to start with pg
1320[17:08:51] <queip> azeem_: at least make it fail loudly. we detected you switched to pgsql. Should we save backup of mysql, and start with fresh db (all your akonadi local emails, contacts, alarms, will be eleted for the current user $user, backup will existin in $path to possibly restore if needed)
1321[17:08:59] <queip> azeem_: maybe one day write migration function too
1322[17:09:19] <shtrb> queip, it's probably there already , just no UI option now
1323[17:09:28] <azeem_> queip: are you saying Debian should do that, or KDE?
1324[17:09:28] <shtrb> did you ask at #kde / #akonadi ?
1325[17:09:35] <queip> shtrb: yeap just did that. I will see if pgsql makes kmail work correctly (this bug takes days to show up)
1326[17:09:46] <queip> shtrb: yes, they told me to ask debian about their stale versions. xd
1327[17:09:59] <azeem_> I mean, packages are installed globally, and they usually are not supposed to deal with user data
1328[17:10:01] <queip> (well kde-devel; kde is quiet, akonadi is ghost)
1329[17:10:04] <shtrb> stable version , not stale , our version is slitghly older
1330[17:10:38] <queip> shtrb: well it's a joke. but yeah developer will consider anyone using more than few months back a problem
1331[17:10:42] <shtrb> and the ubuntu bug that had refrenced might actually be on a newer version than buster have
1332[17:11:12] <shtrb> I'm a dev , and I don't , each dev has it's own quirks
1344[17:15:13] <ksk> Imho the drawbacks would kill Debian, but you are free to have your own opinion :)
1345[17:15:51] <ksk> I can only encourage you to switch something else, if Debian does not fit your needs, there are many distros with different aproaches out there.
1347[17:16:28] *** Quits: chele (~chele@replaced-ip) (Remote host closed the connection)
1348[17:16:45] <shtrb> or better , try to fix the actual bug
1349[17:17:00] <ksk> 16:13 < queip> we don't we use stable branch of Plasm provided by KDE for stable debian? -- because Debian Testing will become the next Stable release, and it needs to decide which versions to use, before the "freeze".
1374[17:38:04] <queip> what is the stupid keyring and why applications want me to unlock it? how to nuke it? why debian allows such bad ideas that no one asks for, and that lack clear option to disable them, explanation, nor even show their name
1375[17:38:30] <shtrb> you wish to have pgp encyption or not ?
1377[17:38:50] <queip> shtrb: it's not pgp encryption
1378[17:38:56] <ratrace> if you want encrypted password store in chromium, for example, you either have a keyring, or you don't have encrypted passwords
1379[17:39:01] *** debhelper sets mode: +l 1197
1380[17:39:04] <queip> afair it is that stupid gnome's master password thing
1381[17:39:13] <ratrace> yes
1382[17:39:19] <queip> that asks for some password, that user never sets, what the hell
1383[17:39:24] *** azeem_ is now known as azeem
1384[17:39:30] <shtrb> queip, you would be requested to unlock a keyring , if you had setup pgp encryption addon but an agent is not running already
1385[17:39:56] <queip> shtrb: what "keyring" in the world is it talking about, and what password?
1386[17:40:20] <queip> the question for the passphrase to use GPG key is a separate question, and that one is fine
1393[17:42:28] <queip> I *guess* kmail spawns gpg's gnome-pinentery, and that pinentry asks me for gnome's keyring password. the problem is that I never set any such password so I can not enter it
1394[17:42:34] <ratrace> KDE Wallet is KDE's version of the keyring
1395[17:42:57] <ratrace> queip: it asks for gnome's or gnupg keyring?
1396[17:43:05] <queip> ratrace: that's what I want to know
1397[17:43:23] *** Quits: nobyk (~nobyk@replaced-ip) (Remote host closed the connection)
1401[17:44:15] <queip> fist it asks for gnupg password, that part is OK and it works fine
1402[17:45:12] <queip> next it also asks idiotically for "password to unlock keyring" without explaining what keyring it wants. it should (1) explain wth is that and (2) tell me where to configure this password. also I never set up this password so it probably instead should ask me to create such password
1404[17:46:36] <vizzy> i changed from stable to testing but cannot full-upgrade (>1000 packages held back after doing upgrade and not updated but this is why i did that) ... now it tells me somthing about libc6 breaks libgcc-8-dev or somehting weird - how to fix?
1405[17:46:43] <vizzy> ho to force upgrade to testing?
1406[17:46:56] <greycat> !debian-next
1407[17:46:56] <dpkg> #debian-next is the channel for testing/unstable support on the OFTC network (irc.oftc.net), *not* on freenode. If you get "Cannot join #debian-next (Channel is invite only)." it means you did not read it's on irc.oftc.net. See also replaced-url
1408[17:47:36] <vizzy> and yet another irc network.... ok
1409[17:47:51] <vizzy> maybe i wait 24h and try again... a bit unstable for "testing"
1410[17:48:18] <flayer> tbh it sounds like you'd better off on stable
1411[17:48:49] <vizzy> i want testing to fix this very annoying kde bug with blackscreen after resume, which sucks a lot
1426[17:53:20] <pmart> queip: it asks for kwallet keyring password. gnome and kde use two different backends for storing secrets. things work out of the box (unlocking automatically during login) usually. maybe try to re-login?
1427[17:53:23] <vizzy> oh cool, lde has no more configurable screensavers? at least not after install kde-full
1428[17:53:59] <vizzy> oh, its called fancy pancy< screen locking
1429[17:54:08] <queip> pmart: I never configured such password. It looks really like a gnome application. The dialog that asks for KWallet password is different
1430[17:54:23] <vizzy> and no screensavers available? ouch
1431[17:58:39] <vizzy> ha! got it. its not damn plasma, its its screenlocker that didnt work by default, not letting me in again after activating, what a sucker
1438[18:04:19] <pmart> queip: the default keyring/wallet uses your login password and unlocking should happen during login provided PAM modules are setup properly
1439[18:05:08] <pmart> Anyway consider using gnome softwere rather than kde since xfce closer to gnome
1440[18:06:15] <pmart> If you mix and match from different desktops don't expect everything to work flawless
1441[18:06:46] <queip> pmart: what do you mean with mix and match?
1442[18:06:56] <queip> I just use kmail program. I do not "mix and match" anything
1485[18:20:45] <RoyK> greycat: unable to install it from backports contribs as well - I guess I'll stick to googling. I wish people for once would agree on at least something as important as gcc
1498[18:26:50] <gpunk> if "man" pages are not "free", just activate non-free repo in your debian then update and install
1499[18:27:07] <greycat> gpunk: gcc-doc is not in buster at all, is the issue here.
1500[18:27:23] <gpunk> even with non-free and contrib activated ?
1501[18:27:30] <gpunk> have you done "apt update" ?
1502[18:27:45] <greycat> charking: that matches what I have on buster amd64. Even the datestamp. So I guess the man pages themselves might be corrupt/missing?
1511[18:30:18] <gpunk> i will deactivate backports for you and redo the query
1512[18:31:08] <crestfallen> hi on buster I'm having trouble with gnome-terminal: while backspacing or deleting in the ghci repl the cursor leaps off the line and behaves strangely. I checked the keyboard settings and reset them to default (they were already set default). any suggestions?
1532[18:42:19] <charking> I don't have a $LESS or $PAGER variable in my environment
1533[18:42:59] <greycat> does less work if you invoke it directly with a file?
1534[18:43:09] <charking> This line of the man -d output looks weird:
1535[18:43:13] <charking> Setting LESS to -ix8RmPm Manual page find(1) ?ltline %lt?L/%L.:byte %bB?s/%s..?e (END):?pB %pB\%.. (press h for help or q to quit)$PM Manual page find(1) ?ltline %lt?L/%L.:byte %bB?s/%s..?e (END):?pB %pB\%.. (press h for help or q to quit)$
1536[18:43:34] <gpunk> my man works
1537[18:43:35] <charking> greycat: yes, 'less foo.txt' works
1557[18:47:18] <charking> greycat: do you get that weird "Setting LESS to" line like I do if you use man -d? I'm wondering if man is overriding less with something bogus?
1558[18:47:32] <greycat> I do not, but I have LESS and PAGER variables...
1595[19:14:18] <fabbo> dpkg -l lists installed and removed packages, is there a way to list the installed ones only
1596[19:14:18] <dpkg> No packages found matching lists installed and removed packages, is there a way to list the installed ones only
1597[19:14:50] <FightingFalcon> My host send me an email today, stating that my ip address is sending POST and GET requests to several IP addresses. How could i detect this?
1604[19:19:43] <greycat> (1) how do you know it's a legit email, not just phishing/spam, (2) what is "your ip" and how does it differ from an ordinary end user machine, (3) what does it actually say, (4) why is the fact that you are "sending requests" significant?
1605[19:20:11] <greycat> Context would help.
1606[19:22:09] *** Quits: bocaneri (sauvin@replaced-ip) (Remote host closed the connection)
1608[19:22:23] <FightingFalcon> I dunno, they just sent me an email saying that another hos sent them an abuse email. showing logs
1609[19:22:27] <ratrace> fabbo: | grep '^ii'
1610[19:22:41] <ratrace> FightingFalcon: there were 4 questions in there
1611[19:25:47] <shtrb> FightingFalcon, check if your server doesn't have suscious outgoing activity , there are several well known garbage software that is sometime installed on vaulnerable servers to attack others
1612[19:26:03] <FightingFalcon> shtrb, how do i check?
1613[19:26:11] <greycat> so "my ip" is a server, not a desktop machine? that was one of the things I asked...
1614[19:26:33] <shtrb> I'm assuming your ip is a fixed ip , and a server
1615[19:26:56] <greycat> *sigh*
1616[19:27:15] <shtrb> did I say something wrong ? sorry if I had , I did not wish to offended you or anyone else
1618[19:27:19] <greycat> I get so freaking sick of people who REFUSE to provide BASIC INFORMATION and just sit there being a help vampire until someone makes a lucky guess.
1619[19:27:26] <ratrace> indeed
1620[19:27:28] <greycat> shtrb: no, you're fine.
1621[19:30:02] <shtrb> FightingFalcon, start by following replaced-url
1622[19:30:29] <ratrace> that's a load of assumption there tho
1623[19:30:48] <ratrace> who said it was compromised? the context greycat asked for would _really_ help here
1628[19:32:14] <ratrace> but to answer the question of "how to find which process is making POST requests" (which wasn't asked, but is close to what _I_ am assuming is the actual question), you use tcpdump and/or lsof to find the ports and with lsof the pid of the port owner. an auditctl rule woudl also help
1629[19:33:24] *** Quits: fabbo (~rialneim@replaced-ip) (Remote host closed the connection)
1661[20:02:03] <TuxBlackEdo> I am having some problems installing debian 10 through PXE, for some odd reason the installer keeps exiting, when I switch to a console and type /sbin/debain-installer manually the install proceeds as normally, what could this be? replaced-url
1669[20:07:54] <zerocool> if you make fat stacks then that applies :)
1670[20:08:25] <tulpa> hello, new debian user here. I just ran systemctl status and it says my system is degraded. This message is in red in the output: ● systemd-modules-load.service loaded failed failed Load Kernel Modules
1671[20:08:36] <tulpa> How should I go about troubleshooting this issue?
1688[20:21:36] <firespeaker> the current combination of nvidia driver version and kernel source version in sid fails to compile. an older kernel or newer nvidia version is needed to make it work
1689[20:21:58] <sney> firespeaker: yes, this is a known issue. nvidia estimates a driver release next month
1690[20:22:03] <sney> !debian-next
1691[20:22:03] <dpkg> #debian-next is the channel for testing/unstable support on the OFTC network (irc.oftc.net), *not* on freenode. If you get "Cannot join #debian-next (Channel is invite only)." it means you did not read it's on irc.oftc.net. See also replaced-url
1692[20:22:14] <sney> please take future sid/testing issues to ^
1693[20:22:19] <ratrace> ,v linux-image-amd64
1694[20:22:23] <firespeaker> aha
1695[20:22:33] <greycat> we are still juddless
1696[20:22:37] <ratrace> blast!
1697[20:22:51] <jelly> are we now
1698[20:22:53] <ratrace> okay, 5.9 is in sid
1699[20:23:01] <ratrace> yeah nvidia hasn't released yet for 5.9 and won't for a while
1700[20:23:01] <greycat> the bot is online, just not in #debian
1701[20:23:06] <greycat> it responds to /msg
1702[20:23:15] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
1703[20:23:33] <firespeaker> ratrace: the "short-lived" version works on debian though
1705[20:23:56] <sney> it's a new change for 5.9 in how non-gpl modules are allowed to interact with the rest of the kernel. oracle fixed this for virtualbox-dkms pretty quickly, so it's safe to assume nvidia won't be far behind
1709[20:24:54] <ratrace> sney: a certain Finn and a middle finger come to mind :)
1710[20:24:57] <firespeaker> sney: nvidia did fix it
1711[20:25:08] <firespeaker> sney: unstable just has an older version of the driver
1712[20:25:43] <jelly> greycat: there seems to be no easy race-less way to ask freenode ircd and services not to let you into any channels before the client is identified
1713[20:26:05] <greycat> Yeah, I had an issue with greybot too, after we made #bash +r.
1714[20:26:15] <ratrace> firespeaker: what version of it? I can't find any info online that they fixed it
1715[20:26:18] <greycat> I just hard-coded the steps at bot startup, assuming that I will only have to identify one time.
1716[20:26:31] <firespeaker> ratrace: well 455.* compiles for me on 5.9.0
1723[20:31:54] <ratrace> weird. 455.28 was released _Before_ nvidia made the statement about it not being yet ready for the changes in 5.9
1724[20:32:03] <sney> 455 is in experimental. there's no mention of a kernel compatibility fix in the changelog, and the driver was released on sept 17th, so that's... yeah
1725[20:32:28] <sney> ah, apparently it builds but is missing a lot of features.
1726[20:32:43] <ratrace> right, can't be it compiles unless the changes in the kernel are patched out
1739[20:41:57] <ratrace> 'twas fixed fast because it blocked the point release bump .. one of those rare things wehre the upstream pulls down political patches mid-LTS and breaks our toys
1740[20:42:20] <ratrace> (pulls down = backports from mainline to LTS)
1741[20:46:40] <karlpinc> I am working on my ssh-fu. In ~/.ssh/config the difference between %n and %h is dependent on the workings of CanonicalizeHostname, yes?
1760[20:55:58] <f8e4> how to copy a file up with ssh?
1761[20:56:05] <f8e4> scp still
1762[20:56:10] <f8e4> or rather other?
1763[20:56:13] <another> sftp
1764[20:56:15] <greycat> !scp
1765[20:56:15] <dpkg> scp is Secure Copy, part of the ssh suite, and a very handy program. The client program is in the openssh-client package and it just uses the ssh server at the other end so you don't need to install anything special on the server (openssh-server package). Install <scponly> or <rssh> to restrict commands to scp users. More information: <sftp>, <sshfs>.
1791[21:02:08] <greycat> I've only used sshfs a handful of times. From what I gather on IRC, some people have issues with it on longer duration mounts, or over unreliable networks.
1792[21:02:38] <n4dir> ah, might be. I only do it in the local home network, also not for that long
1793[21:03:19] <ratrace> yeah, sshfs is best used with autofs
1795[21:05:22] <bariscant> Hello everyone, I have a debian networking question. I have 1 gateway server and 2 client servers. I assigned fixed IP to one of them, from gateway's dhcp config. I need to set fixed ip to the other server. But I want to accomplish that from client itself. What would be the best way for that?
1796[21:06:41] <ratrace> bariscant: regular static IP configuration . just make sure you use an adress in the range ousside of dhcp's domain
1797[21:06:48] <greycat> if you want to set a static IP on a machine, just put it in /etc/network/interfaces
1804[21:10:02] <bariscant> greycat: I have done that actually. However, after restarting networking service, host could not assing an IP to itself and I locked out. Shouldn't dhcp client respect static ip definition under the /etc/network/interfaces file? Or is there any other configuration that needs to be done?
1805[21:10:09] *** Quits: isostatic (uid224824@replaced-ip) (Quit: Connection closed for inactivity)
1806[21:10:36] <ratrace> bariscant: you don't run a dhcpclient along with static network configuration, you can't even with interfaces(5)
1807[21:10:38] <greycat> If the machine has one network interface, and you want to set a static IP on it, you do not ALSO configure it to run dhcp. That makes no sense.
1808[21:11:32] <greycat> A given interface should only be configured in one way. Pick one -- static /e/n/i, DHCP from /e/n/i, network-manager, etc.
1809[21:12:04] <ratrace> (systemd-networkd, ...)
1810[21:12:11] <greycat> that falls under the etc.
1811[21:12:44] <ratrace> someone port netplan.io! :)
1814[21:13:52] <bariscant> greycat: Yes host has only one interface which originally configured with dhcp. I want to change it so that it uses static ip.
1815[21:14:31] *** Quits: Night-Shade (~TimF@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
1816[21:14:44] <greycat> so you comment out the line that says "iface enp2s0 inet dhcp" and replace it with "iface enp2s0 inet static" and then under that, a line for address and a line for gateway
1817[21:14:50] *** Condor__ is now known as Condor
1818[21:14:54] <greycat> replace enp2s0 with your interface name
1821[21:17:29] <fireba11> since the topic is on networking already ... how should a config for a second interface using the same network segment look like? (ipv4 and v6) ... haven't been able to find a example
1822[21:17:52] <greycat> you shouldn't *have* two interfaces on the same numeric network
1847[21:22:42] <bariscant> greycat & ratrace: only lines interfaces file has is loopback device. Like I said I added "iface ens6 inet static" and followed by address, broadcast, netmask, gw address.
1848[21:23:08] <ratrace> broadcast and netmask are no longer needed, write the addr in CIDR notation instead
1850[21:23:18] <greycat> broadcast is legacy, and netmask is usually just a /24 or /whatever on the address
1851[21:23:22] <ratrace> you really need only the "address" and "gateway" items
1852[21:23:47] <greycat> did you forget the "auto ens6"?
1853[21:25:09] <fireba11> almost locked myself out of the box yesterday trying to configure the second interface since i just copied config and then later noticed i now had 2 ipv4 gateways :-D luckily that does not brak ipv6 so i could still log in and fix it
1854[21:25:11] <bariscant> greycat: that is not present in the config actually.
1856[21:25:22] <greycat> that would be a big problem
1857[21:25:34] <greycat> unless you were planning to bring it up manually every time
1858[21:26:15] *** Quits: IsThatAPlanet (~dawgy@replaced-ip) (Remote host closed the connection)
1859[21:26:56] <ratrace> fireba11: use config automation and a VM to test out stuffs before prod
1860[21:26:57] <bariscant> greycat: so the problem was eventhough my config was correct, because I forgot to add auto ens6 line my interface never was up after resetting networking.
1871[21:30:56] <ratrace> I guess I misread "turn" as a typo or something, lol
1872[21:31:00] <ratrace> no idea what tha is
1873[21:31:12] <fireba11> and i need to use a common port to increase the chances of our customers being able to reach it. if their internet wasn't looked down i would not need the turn server at all
1877[21:34:11] <greycat> "With WebRTC, you can add real-time communication capabilities to your application" ... "For most WebRTC applications to function a server is required for relaying the traffic between peers, since a direct socket is often not possible between the clients" ... "The term stands for Traversal Using Relay NAT"
1878[21:34:47] <greycat> so it has something to do with what we used to call peer-to-peer communications, but somehow the word "web" is involved
1879[21:34:52] *** Quits: greatgatsby (~greatgats@replaced-ip) (Remote host closed the connection)
1882[21:35:58] <fireba11> it alos helps with clients that got udp outgoing blocked since they can send tcp to turn server and that connects properly via udp to the server then. am using it for a bigbluebutton videoconferencing server, we got clients that can't get out of their network in reasonable ways, lol
1883[21:36:03] <imMute> greycat: because if it's not "Over HTTP" then it doesn't exist /s
1982[22:48:54] <karlpinc> RoyK: You have to follow the instructions at backports.debian.org to install the gcc docs. _And_ you have to enable the non-free section of the repo. For reasons I didn't lookup the docs are simply not in buster itself.
1984[22:49:45] <azeem> it's the FSF's GFDL documentation license which has immutable sections that Debian considers incompatible with the DFSG
1985[22:52:51] <greycat> All I know is gcc-doc was removed from testing during buster's freeze, and never made it back in. I don't know the details of why.
1986[22:54:16] <nkuttler> if it was for licensing it could just have been moved to non-free, like other fsf docs
1998[23:07:32] <abff> can someone help me out with console-setup? I have made a change to /etc/default/keyboard that is persistent in X but does not work in tty until I run setupcon after boot. I've tried to use setupcon --save but it doesn't fix it.
1999[23:07:58] <abff> Can I just rm the cached scripts in /etc/console-setup?
2007[23:15:24] *** Quits: fb_ (~freebench@replaced-ip) (Remote host closed the connection)
2008[23:15:25] <sney> abff: cache stuff is typically safe to delete, though I'm not familiar with that one in particular. maybe move the files elsewhere and see what happens
2009[23:15:34] *** Quits: randombit00 (~randombit@replaced-ip) (Remote host closed the connection)
2023[23:24:00] <foul_owl> I'm having a problem with alsa. Trying to measure latency in ardour, the latency is not consistent, and can vary by up to 30 ms
2024[23:24:29] <foul_owl> I'm not looking for low latency, but consistent latency
2025[23:24:50] <foul_owl> Ideally not varying by 1 sample, if that is even possible
2026[23:24:58] <ratrace> no guarantees with 250Hz voluntarily preemptible kernel
2029[23:25:22] *** Quits: prodnec (~govext@replaced-ip) (Remote host closed the connection)
2030[23:26:22] <foul_owl> How does anyone use Linux for audio? And how do people use Windows for audio without a new kernel?
2031[23:26:32] <sney> !rt
2032[23:26:32] <dpkg> The PREEMPT_RT (linux-rt) realtime patch set allows for nearly all of the Linux kernel to be preempted, which may help achieve better low-latency behavior in some environments. Since August 2011, the Debian Kernel Team produce binary packages including this patch set, for the amd64 (linux-image-rt-amd64 metapackage) and i386 (linux-image-rt-686-pae metapackage) architectures. replaced-url
2033[23:26:43] <foul_owl> I don't need realtime audio
2034[23:26:51] <foul_owl> I don't care if the latency is 10 seconds
2035[23:26:56] <ratrace> foul_owl: typically with the kernel optimized for that
2036[23:26:58] <foul_owl> As long as its *always* 10 seconds
2037[23:27:15] <ratrace> consistency and ability for low latency come hand in hand
2038[23:27:25] <foul_owl> Ahhhhh ok
2039[23:27:32] *** randombit00 is now known as randombit
2040[23:27:33] <foul_owl> I thought it would be a tradeoff, my bad
2050[23:29:40] <abff> sney: I moved the cached scripts and reran setupcon --save but after reboot the change is still not persistent
2051[23:29:50] <ratrace> in audio, the "latency" is about emptying the rather short audio buffers asap. if the kernel is tied elsewhere, eg. in IO, or in a critical non-preemptible section, your audio thread wil starve
2052[23:30:22] <abff> sney: they did get remade too, so its not the cache that's overwritting my desired changes
2053[23:30:30] <foul_owl> My apologies, let me explain my issue
2093[23:49:09] <ratrace> yeah, I see, it's not... replaced-url
2094[23:49:10] <JordiGH> Wonder if I'll have any luck using a canon digital camera as a webcam.
2095[23:49:26] <genr8_> im going to recompile it myself from source but it makes hardly any sense, when we have the library (not by default perhaps?) libseccomp2
2097[23:51:03] <ratrace> genr8_: I'm still wondering why not all pacakges are built with relro either
2098[23:51:24] <n4dir> foul_owl: you could ask in #ardour, in #opensourcemusicians or in #lau. Assuming here will not lead anywhere, not saying here is "wrong".
2099[23:51:25] <genr8_> ugh
2100[23:51:44] <H-var> (I haven't logged into windows for 31 days now)
2109[23:54:11] <ratrace> eh was just browsing through those bugs
2110[23:54:13] <genr8_> That seems wise. I'll leave the bug open though so I'm reminded to enable seccomp after the 10-buster release. <-- guess we should ping him to remind him