26[00:15:30] <jmcnaught> swift110: according to the arch wiki in Firefox's about:config there should be a key for media.ffmpeg.vaapi.enabled which I do not have in buster: replaced-url
27[00:15:45] *** Quits: Christian75 (~Christian@replaced-ip) (Remote host closed the connection)
28[00:15:58] <jmcnaught> swift110: so you might be out of luck unless you upgrade to testing and start using Wayland
29[00:16:23] <H-var_> hey ratrace, I don't know, man... I just installed the latest kernel and nvidia too, but my games still won't run
30[00:16:25] <swift110> jmcnaught, how do I access that key
31[00:16:35] <H-var_> are you running games on the latest proton 5.13 ratrace?
32[00:16:48] <H-var_> or you are using earlier version?
65[00:25:38] <kevr> i --recv-keys on all three of them, but it still gives me the error
66[00:26:13] <kevr> says the repo is not signed?
67[00:26:56] <jmcnaught> kevr: that is strange. Do you have the debian-archive-keyring package installed? Can you make a paste of your /etc/apt/sources.list ?
68[00:28:06] <H-var_> thanks guys, I'll go pretend like I tried to do something for a day or two, and then come back with the same questions
71[00:28:37] *** Quits: Deyaa (uid190709@replaced-ip) (Quit: Connection closed for inactivity)
72[00:28:43] <sney> also check your system clock, that can cause gpg/ssl errors if it's off
73[00:29:23] <kevr> i did, it's on
74[00:29:35] <kevr> (synced up with my other computers times)
75[00:29:38] <kevr> using ntp
76[00:30:44] <kevr> you know what, i'm sorry. it's debian, but it's raspbian; they may be enforcing a different set of gpg keys and supply a different keyring by default
77[00:32:13] <jmcnaught> kevr: this is why we do not support raspbian in this channel, because it causes confusion and we do not know what changes they have made.
78[00:32:30] <jmcnaught> !based on debian
79[00:32:30] <dpkg> Your distribution may be based on and have software in common with Debian, but it is not Debian. We don't and cannot know what changes were made by your distribution (compare replaced-url
80[00:32:55] <kevr> can i not manually add the debian keys into my keyring somehow?
110[00:58:43] <behappycat> thanks, and yes, if i do /usr/bin/ping it works, also the which ping command is pointing to /home/usr/.local/bin/ping and sudo which ping to /usr/bin/ping
111[00:59:02] <behappycat> is there a easy way to fix this?
248[01:59:39] <Nnavd> none of that is really relevant to what im doing though, I'm just trying to run a bash script as a user without input - ill see if I can make the sudoers do it properly
249[02:00:02] <hop> this is… wrong
250[02:00:30] <Nnavd> im not saying this is good practice, im just trying to fix something fast
251[02:00:57] <hop> /maaaybe/ setpriv would be more appropriate, but i'm still not sure what the actual issue is
252[02:01:12] <hop> you don't fix anything, is what i'm saying
254[02:01:36] <jmcnaught> A daemon running in a docker container spawns child processes and you want the child processes to run as a different user than the parent?
255[02:02:02] <hop> that would be what i hoped for, but it didn't sound like it
263[02:06:58] *** Quits: c077ee (uid471137@replaced-ip) (Quit: Connection closed for inactivity)
264[02:11:42] *** Quits: YWH_1 (~foo_drive@replaced-ip) (Remote host closed the connection)
265[02:12:44] <themill> ignoring the queries about the actual design, the implementation of that would be via a NOPASSWD config for that specific command for that specific original user
350[03:45:52] <Aurora_v_kosmose> How would one go about recreating arm imagines themselves? Or alternatively, is there any way to validate arm images anywhere?
383[04:05:54] <jmcnaught> f-a: it is subjective, but FrankenDebian is usually a result of mixing releases (e.g. stable+testing), mixing distros (debian+ubuntu), or using PPAs and other repos that are not built specifically for Debian.
384[04:06:59] <jmcnaught> f-a: if a third party repo only installs a handful of packages and important stuff like libc6 do not get replaced, it is probably fine.
385[04:07:32] *** Quits: leorat (~leorat@replaced-ip) (Remote host closed the connection)
389[04:09:15] <jmcnaught> f-a: that said, I do what I can do keep my sources.list pure Debian stable. I use virtual machines for a lot of stuff, sometimes containers or chroots. It depends on what the software is I'm trying to run.
392[04:10:23] <f-a> I see, and which guides you to pick a vm or a chroot or a container?
393[04:12:14] *** Quits: torbo (~user@replaced-ip) (Remote host closed the connection)
394[04:13:06] <jmcnaught> Does the program need a GUI, or access to audio? A VM might be best in that case. Unless the program requires 3D acceleration. If it is a server daemon, a container is probably fine. I have also run GUI programs from a chroot using schroot, though not recently.
395[04:13:08] *** Quits: ledeni (~ledeni@replaced-ip) (Remote host closed the connection)
396[04:15:12] <jmcnaught> f-a: maybe for this case PlayOnLinux would be useful? I have not used it, but it seems to manage custom Wine versions on a per-program basis.
397[04:15:18] <jmcnaught> ,i playonlinux
398[04:15:29] <judd> Package playonlinux (contrib/otherosfs, optional) in buster/amd64: front-end for Wine. Version: 4.3.4-1; Size: 933.6k; Installed: 2920k; Homepage: replaced-url
403[04:19:57] <cef> stupid q time from me: trying to spin up an x32 port chroot and debootstrap errored out. looks like it's complaining about systemd-timesyncd. Any way to recover and continue from this point?
432[04:38:17] *** Quits: randombit (~randombit@replaced-ip) (Remote host closed the connection)
433[04:38:50] <zerocool> hi ya'll, i have a networking question. i typically use /etc/network/interfaces to bring interfaces up for me but when i make changes i find it highly unrelable to use systemctl restart networking to tear things down and bring them backup. is there a "proper" way to do this?
434[04:39:21] <ectospasm> zerocool: ifup/ifdown doesn't work for you?
435[04:39:43] <ectospasm> So, if you've modified a network interface: ifdown <iface> && ifup <iface>
436[04:39:59] <zerocool> ectospasm: if i bridge to a vlan can i name it in /etc/network/interfaces and ifup br0.104, for instance?
437[04:40:05] <zerocool> if that's the bridge that i defined there
438[04:40:27] <ectospasm> I believe so, I have a VLAN interface in my /etc/network/interfaces
439[04:41:07] <ectospasm> Now, my Wifi adapter in that machine still gets a static IP address, but it's no longer set in /etc/network/interfaces
445[04:42:26] <zerocool> well here's another question... somewhat related. do i need to have an IP address on a vlan bridge in order to use it... for vm's
446[04:42:45] <zerocool> or can i just bridge and set it `iface br0.104 inet manual`
447[04:43:10] <ectospasm> I can't answer that, I usually don't use a bridge interface.
448[04:43:45] <zerocool> hmm... well i'll try to define the vlan in interfaces and ifup it after, if that works I will be very happy.
449[04:44:04] <ectospasm> Oh, maybe I do. Looks like VirtualBox creates its own bridge interface (vboxnet0, which does not have an IP address on the host)
467[04:57:26] *** Quits: temple48 (~temple48@replaced-ip) (Remote host closed the connection)
468[04:58:22] <cef> ok.. so figured it out the chroot issue. had to go into the chroot, dpkg -i all the .deb files in /var/cache/apt/archives/ except systemd/systemd-timesyncd, then once that was done (still broken at that point) I had to run 'apt --fix-broken install' within the chroot
485[05:30:09] <lifostack> hi all running x86_64 debian here on a dual boot win10/debian disk... separate partitions for /,/home,swap ... wondering what i should do when i run out of space in / or /home
486[05:30:21] <lifostack> is it better to put these partitions on separate disks?
487[05:30:33] <lifostack> specifically root and home partitions?
488[05:30:50] <ectospasm> lifostack: are you using LVM or a more advanced filesystem than ext4?
489[05:31:08] <lifostack> i am using ext4
490[05:31:15] <lifostack> but i can remember if i setup encryption or not
491[05:31:18] <ectospasm> lifostack: have you thought of using LVM?
492[05:31:26] <ectospasm> LVM isn't encryption.
493[05:31:37] <lifostack> i think i tried to use LVM in the past, i think i encrypted it and lost the key and decided against using LVM again
494[05:32:19] <lifostack> oh thats right i couldnt use LVM because i had windows 10 on a partition and LVM wanted to erase the disk
495[05:32:31] <lifostack> i do use LVM on installs that dont dual boot windows though
496[05:32:44] <ectospasm> Logical Volume Management. Set up disks/partitions as physical volumes (PVs), set up Volume Groups (VGs) with those PVs, set up Logical Volumes (LVs) in those VGs, then you can add disks/partitions and grow your ext4 filesystem once you've added disks/partitions.
497[05:32:46] <lifostack> but i dont "know" what im doing i typically let linux automate the process for me
498[05:33:14] <ectospasm> lifostack: You should be able to use LVM without disturbing your Win10 installation, just use different partitions as PVs.
499[05:33:29] <ectospasm> And don't add your Win10 partition as a PV
500[05:33:56] <lifostack> oh ok
501[05:34:02] <ectospasm> I don't know if the Debian installer will do that for you automatically
502[05:34:02] <lifostack> how can i check if these are LVM partitions?
503[05:34:05] <lifostack> fdisk -l?
504[05:34:15] <ectospasm> You'd probably need to manually partition your disk to preserve Win10.
505[05:34:19] <lifostack> yeah the auto part of the installer wouldnt do that for me
506[05:34:31] <lifostack> but it was no biggie i was just trying to get up and running as fast as possible
507[05:34:48] <lifostack> when i do a full install on a non dual boot disk i'll go full LVM or try the manual partitioning like you suggeste
511[05:35:58] <lifostack> yeah looks like these are simple MBR partitions one extended where all 3 of my linux partitions live
512[05:36:56] <lifostack> does LVM work with MBR or GPT? or is it its own thing?
513[05:37:12] <ectospasm> LVM is agnostic to the partitioning scheme, you can use either.
514[05:37:20] <lifostack> oh ok
515[05:37:31] <lifostack> hence volume mgmt
516[05:37:39] <lifostack> i think im starting to get my head around it
517[05:38:15] <lifostack> so basically when i go to make the increase in disk space whether that be a larger disk with larger partitions or multiple disks with partitions on each, it would be a good time to go ahead and migrate over to LVM on a manually partitioned disk?
518[05:38:55] <ectospasm> Only thing to really watch out with LVM is mixing different types of disks. Having HDDs and SDDs in the same VG may give mixed/uneven performance for your LVs in that VG.
523[05:42:33] <lifostack> hmm still having a hard time figuring out just what kind of partitions these are "disks" is just saying they are linux partitions
524[05:42:56] <lifostack> Partitioning says MBR
525[05:43:12] <ectospasm> fdisk -l doesn't tell you what filesystem is on them.
526[05:43:17] *** Quits: cstls (~guy@replaced-ip) (Quit: Lost terminal)
527[05:43:27] <lifostack> ext 4 on both linux partitions / and /home and swap on /swap
529[05:43:38] <lifostack> what file systems are used on LVM?
530[05:43:48] <ectospasm> Any Linux filesystem will show Linux as the partition type.
531[05:44:32] <ectospasm> lifostack: any filesystem you want, there's no restriction. You can even put NTFS on them if you're so inclined. Good luck getting Windows to recognize them, though!
532[05:45:03] <lifostack> heh!
533[05:45:51] <ectospasm> I don't use LVM everywhere, it adds a layer of abstraction I rarely need.
534[05:46:26] <ectospasm> Like on this laptop, I just have one BIG Btrfs volume, and use subvolumes for snapshots and backup purposes.
535[05:46:36] <ectospasm> I can't remember if my Debian router has LVM set up.
654[08:37:13] <another> see the answers in #ffmpeg
655[08:38:12] <sgo11> another: yeah, I am asking there. Thanks.
656[08:39:20] <jmcnaught> !package recompile
657[08:39:20] <dpkg> 1) Add a <deb-src> line for your current release to your sources.list 2) apt update; apt install build-essential devscripts fakeroot; apt build-dep packagename 3) as any user, apt-get source packagename 4) cd packagename-version/; ask me about <debian/rules>; 5) dpkg-buildpackage -uc -us 6) as root, apt install ../packagename-version.deb. Ask me about <debian/rules>, <nocheck>, <nostrip>, <apt-get source>.
692[09:15:34] <gamrix> Hi, its possible to stop the automatic "apt update" in Debian Buster ? I stopped/disabled/masked all the apt-daily-*.timer/service. In /usr/lib/apt/apt.systemd.daily, i put AutoAptEnable to 0 but my server still do an apt update... And i didn't see how in the syslog. The 2 last packages were "libldap-2.4.2" and "libldap-common". Thanks
693[09:18:23] *** Quits: cfoch (uid153227@replaced-ip) (Quit: Connection closed for inactivity)
721[09:32:42] <gamrix> In apt.conf.d, i have the default 00CDMountPoint / 00trustcdrom / 01autoremove / 01autoremove-kernels / 20listchanges / 70debconf. I just put a 00aptproxy because i have an aptcacherng in the network.
722[09:32:50] <ratrace> gamrix: how did you disable the timer?
723[09:33:27] <gamrix> Discover, it's not only with graphical server ?
725[09:34:00] <borrougagnou> Hello, I would like to know, someone has already push something on DockerHub ?
726[09:34:03] <ratrace> ho kay, a chatbot.....
727[09:35:11] <gamrix> ratrace: stop and disable with systemctl stop/disable apt-daily-upgrade.timer. And if i check with "systemctl list-timers", i didn't see it
729[09:35:40] <ratrace> gamrix: okay, then next question, how do you know it runs?
730[09:35:51] <Montresor> Got packagekit? Have package-update-indicator installed? There's too many things that could be updating the cache, geeez.
731[09:36:15] <shtrb> gamrix, yes , discover is a user interface app
732[09:37:16] <gamrix> ratrace: with a job, i do this command "apt list --upgradable" every day at the same hour to see when new packages are available and check the logs.
733[09:37:40] <gamrix> This is a server, no user interface
734[09:38:18] <jmcnaught> According to the comments in /usr/lib/apt/apt.systemd.daily if you set 'APT::Periodic::Enable "0";' in a file in /etc/apt/apt.conf.d/ it will not do anything.
735[09:38:27] <ratrace> gamrix: and you see new things but you never run apt update?
736[09:38:37] <shtrb> jmcnaught, that's why I sent him there
737[09:39:04] <shtrb> ratrace, that's the default config on some new installation in buster , very usefull in my opnion
743[09:40:47] <shtrb> I don't know about his situation , I actually have also a problem with cron and timers yesterday (and I had offended jelly by that) so I just don't know
744[09:40:59] <shtrb> ratrace, you see the process :)
745[09:41:40] <shtrb> and sorry to jelly again for that
748[09:42:18] <ratrace> and I'm asking in order to determine _what_ started it. if you can see the process, maybe you can also see the parent. Or if something is in the logs. gamrix never said how they're noticing it running
749[09:42:26] *** Quits: Darcidride (~Darcidrid@replaced-ip) (Remote host closed the connection)
750[09:43:16] <gamrix> In /usr/lib/apt/apt.systemd.daily. I only changed one line : AutoAptEnable=0
751[09:43:22] <ratrace> there's the timer and its service by default. there's apt-compat daily cron that just exits on a systemd system (is a fallback cron for no systemd for timers).
752[09:43:52] <ratrace> gamrix: that's just the binary run by the timer and cron. if you disable (and stop!) the timer, it should not run. can you verify with systemctl list-timers ?
753[09:43:53] <gamrix> The apt-daily services are masked
754[09:44:03] <gamrix> sure
755[09:44:31] <gamrix> I only have 3 timers, systemd-tmpfiles-clear.timer / logrotate.timer / man-db.timer
756[09:45:30] <ratrace> gamrix: right, and if you run journalctl -u apt-daily.service, you'll see there's no logs for it running after the change?
757[09:46:54] <gamrix> yes, "No entries"
758[09:47:38] <ratrace> gamrix: so then that's not running
759[09:47:55] <ratrace> so now, how do you know something is still updating apt?
761[09:48:55] <gamrix> It's not the aptcacher server, it's only a proxy server so if i didn't run and apt update or upgrade, it's not it ? I don't understand because i have no entry in the syslog about apt... or a cron...
762[09:49:24] <ratrace> that doesn't answer my question
763[09:49:42] <gamrix> Because i have a job which check "apt list --upgradable" every day. And at 7 pm friday, no packages, at 7pm saturday, 2 packages
799[10:04:15] *** Quits: gtweryh (~govext@replaced-ip) (Remote host closed the connection)
800[10:05:38] <borrougagnou> Hello, I repost my question, I would like to know, someone has already push something on DockerHub ?
801[10:06:37] <ratrace> you should specify the actual problem you're having, preferably related to Debian
802[10:06:41] <ratrace> !anyone
803[10:06:41] <dpkg> Please do not ask if anyone can help you, knows 'something' or uses 'some_program'. Instead, ask your real question. (If the real question _was_ "does anyone use 'some_program'?" ask me about <popcon> instead.) See <ask> <ask to ask> <polls> <search> <sicco> <smart questions>.
806[10:08:54] <borrougagnou> okay, so I created dockerfile, I publish this dockerfile in public repository, I can build without problem in debian, but when I try to build using DockerHub... how say... nothing... no information
842[10:44:54] <ratrace> anyway your service file is broken, so you should consult the documentation and/or the developers, on requirements for the service and how to configure it properly on Debian Stable
843[10:45:07] *** Quits: lesless (~lessless@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
848[10:47:50] <ratrace> I'm betting your ExecStart is wrong, you either don't have python3 or the module is not properly installed
849[10:48:31] <ratrace> and since installing python modules in the root repository is a no-no, you better set up a virtualenv for it, and alter StartExec to use the virtualenv. But that's pure speculation here, dunno what you actually did :)
877[11:06:01] <pitch> ratrace. i did not use pip as root. radicale is placed in the .local/FOO of the user radicale
878[11:06:13] <ksk> and I was like "okay nice, most projects I lookat nowadays even suggest you create a seperate virtualenv in user context.." ;)
879[11:06:38] <ratrace> pitch: then you need to alter ExecStart to use proper python path for the module
880[11:06:45] <pitch> i heard abouit the virtual en v stuff a lot, but i dont know what it is nor does
881[11:07:01] <ratrace> pitch: this is REALLY best done with virtualenv, as then you can ExecStart = /path/to/your/virtualenv/bin/python3 -m radicale
882[11:07:10] <ksk> pitch: its "all python components on a per project basis under $Home/foo"
883[11:07:23] <ratrace> pitch: welp, building your own software and integrating with the distro requires alotta knowledge. it's beyond simple help on irc.
884[11:07:36] <pitch> but i can just run /usr/bin/env python3 -m radicale
885[11:07:42] <ksk> So you can change the projects dependencies (stuff pulled in via pip) without effecting the system, or other projects
886[11:07:47] <pitch> and i t seems to work.
887[11:09:40] <ksk> If you are hosting anything but a PoC "seems to work" should not be the standard you measure success with.
888[11:10:13] <fireba11> :-D
889[11:10:25] <ratrace> pitch: as the user runing the service?
890[11:10:49] <fireba11> ksk: and then take care your PoC doesn't creep into production ;-)
891[11:10:53] <ratrace> your problem is that python3 you execute via env, doesn't see the module
892[11:11:01] <pitch> okay
893[11:11:12] <pitch> now thats an information i can work with
894[11:11:39] <pitch> i was out of this game for a long time, since 200* at least
895[11:11:52] <pitch> now i try to get my own infra up and running
896[11:12:50] <ratrace> pitch: do yourself a favor and install radicale in virtualenv, alert yyour service ExecStart to run the python3 bin inside the virtualenv
897[11:13:00] <ratrace> your future self will thank you later, many times.
902[11:16:14] <pitch> ratrace: any pointer to a sane doc for virtualenv?>
903[11:17:02] <ratrace> I don't know any specifically to recommend.
904[11:17:19] <pitch> thank you anyways
905[11:17:35] <ratrace> maybe someone in #python has a link. but otherwise, just google and see how it's set up. it's very easy.
906[11:17:44] <pitch> alrighty
907[11:18:11] <ratrace> it's just a directory where python binary is installed and modified to consider that directory it's whole world. all the modules go there, everything packages do and install go there, like a chroot, but isn't realyl chroot.
918[11:42:08] *** Quits: Adbray (~Adbray@replaced-ip) (Quit: Ah! By Brain!)
919[11:44:31] <ratrace> RadoS: your cause is lost to begin with. the whole reason to "convert" users is to show them the power of FOSS and all the diversity in the ecosyste, not just replicate their existing paradigms with a different kernel.
926[11:46:12] <Haohmaru> they might find KolourPaint useful tho ;P~
927[11:47:26] <genr8_> id say its a lost cause for other reasons. you cant expect to successfully convert other people unless you first try it yourself
928[11:47:39] <RadoS> ratrace, I know what you mean, but we're talking about families without own hardware yet, who in the need for "homeschooling" get some free hardware, and should get some free software with it. Unfortunately are the school teachers trained only in windows, so if I leave that to them, it will all become windows.
933[11:48:58] <ratrace> RadoS: which is not bad per se. I quit recommending linux to people long time ago because it created more problems, more frustration and more time lost for everyone, UNLESS the person truly wanted the paradigm shift and get into FOSS.
934[11:49:08] <Haohmaru> you can install multiple DEs and each user can select what DE session he wants at the login screen
937[11:49:15] <RadoS> Now one of the teachers showed willingness to learn new ways, for a pitch demo I'd like to show him that it "doesn't hurt" by being too different from look&feel. The philosophy & all the love can follow later.
938[11:49:25] <fireba11> RadoS: i know the reality looks different, but everyone being able to reasonably use a computer should be fine with any normal linux desktop without any windows-like themes ...
939[11:49:32] <genr8_> ratrace, exactly
940[11:49:38] <genr8_> you can lead a horse to water but you cant make him drink
941[11:49:46] <fireba11> RadoS: good look with that project :-D
942[11:50:12] <ratrace> RadoS: you have to show them the FULL shebang then. package management, config files, terminal, problems when you open MS word files and convert to LibreOffice. Inability to run Skype and similar programs. ....
943[11:50:22] <RadoS> genr8_, that's where I _am_ now: the horse is willing, just needs a chance to take a sip.
944[11:50:37] <genr8_> yeah theyre gonna be like "wheres skype, wheres adobe, how do i download exes?
946[11:50:46] <RadoS> ratrace, that's all no show-stopper, skye etc exists for linux.
947[11:50:57] <fireba11> we once had a local school lacking funds for updating their PCs and the local linux user group offered to set up a linux network for free so they only had to pay for hardware (so their budget would work) and maintain it for a year untill they get used to it and they decided against it -_-
948[11:51:04] <genr8_> they still have to figure it out
949[11:51:10] <Haohmaru> RadoS i wouldn't wanna use it ;P~
950[11:51:33] <Haohmaru> proprietary crapware
951[11:51:43] <RadoS> Haohmaru, me neither, but I can show them alternatives. Once they get the taste of it, they might live it on on their own.
957[11:53:04] <RadoS> I'm no newb to _that_ business. ;-)
958[11:53:20] <genr8_> then you're a masochist
959[11:53:24] * RadoS knows.
960[11:53:48] <ratrace> RadoS: then give them KDE. looks like windows, and also doesn't really, so gives them enough to go "ooh, what can this button do", and discover the configurability hell of FOSS :) trial by fire :)
961[11:53:58] <RadoS> Yet I guess it will make me happier than to work for a commercial company working mainly with M$.
962[11:54:14] <Haohmaru> kde x_x
963[11:54:28] * ratrace installs Crapdows on all Haohmaru machines.
964[11:54:40] <Haohmaru> ratrace i already have crapdows
965[11:54:59] <Haohmaru> if you want to cause damage to me, say crapdows10 specifically
1006[12:07:36] <Haohmaru> the solution is evolution
1007[12:08:30] <ratrace> there is no answer. desktop linux is terribad. all of us that DO use it and like it, made a lot of compromises and dismissed a lot of sour grapes to do so :)
1008[12:08:59] <Haohmaru> pls, it's not terrible
1009[12:09:08] <ratrace> hell, even Ubuntu that was once the synonym for desktop linux, is turning away and going into containers and servers.
1020[12:11:23] <ratrace> j/k, wasn't fired, but they were annoyed I couldn't slack with the rest of the team
1021[12:11:40] <ratrace> I actualyl tried the slack snap but that didn't work and I refused to spend more than 93 seconds on debugging it.
1022[12:12:01] <Haohmaru> here i'm forced to use this viber crapware
1023[12:12:04] <ratrace> the "uh I'm on linux" got me few months ago when I was interviewing for a job with another company.
1024[12:12:07] <Haohmaru> using it on crapdows only
1025[12:12:20] <ratrace> they wanted microsoft Teams. they needed. I had to use that for remote interview. had to install on my phone.
1026[12:12:31] <Haohmaru> eww
1027[12:13:08] <ratrace> I tried to move family to linux. reverted one machine back to windows aftre multiple issues with hdmi and double monitors.
1028[12:13:33] <ratrace> reverted another when the user kept complaining there's no microsoft office and they REALLY really cannot use LibreOffice
1029[12:13:58] <Haohmaru> okay, f*ck M$
1030[12:14:02] <Haohmaru> >:/
1031[12:14:05] <ratrace> the third wanted some obscure windows only program I couldn't get to run via wine, and I just resigned, it was too much effort for zERO gain
1032[12:15:05] <ratrace> I myself, a veteran of lee nuks, have a Crapdows10 VM set up with GPU passthrough for those rare cases Proton ain't 'nuff.
1034[12:15:34] <Haohmaru> yeah, it's a personal choice.. i personally am horrified of where crapdows is going (it already went beyond what i can tollerate at crapdows10, and it looks like it's gonna keep getting worse), i also personally am tired of dealing with viruses and sh*t
1049[12:21:57] <ratrace> do you even have a choice these days? I heard a lot of horror stories of unsactioned, unallowed, upgrades from, say, w7 to w10, with computers left on overnight :)
1064[12:25:55] <ratrace> but if the hardware is old....
1065[12:26:04] <Haohmaru> yeah.. i'm more looking into using debian for it.. i installed a DAW that enabled some kernel thing that would give more priority to audio stuff or something
1066[12:26:19] <Haohmaru> it's a core2duo with 4GB of ram
1075[12:30:02] <Haohmaru> eventually the cons of crapdows will make more people look for alternatives
1076[12:30:14] <Haohmaru> call it evolution
1077[12:30:27] *** Quits: ss2 (~user@replaced-ip) (Remote host closed the connection)
1078[12:30:31] <Haohmaru> linux just has to keep getting better
1079[12:30:40] <Haohmaru> "just" ;P~
1080[12:30:41] <genr8_> just having it being on the same LAN is problematic. ive been trying to tell people about this. this specific attack was released/disclosed the other day from this important guy, but its not exactly new. replaced-url
1081[12:31:00] <jelly> shtrb: I don't remember anything offensive!
1085[12:32:42] <genr8_> rather than give a damn, everyone wants to deny special attacks are real cause "oh thats just theoretical" until they get hit by it themselves.
1086[12:32:49] <Haohmaru> genr8_ you mean having an old crapdows on the same LAN?
1094[12:34:34] <genr8_> well just trust that theres ways into a LAN behind a router when one computer is visiting webpages in a browser and another vulnerable one is on the LAN
1095[12:35:37] <Haohmaru> i have no doubt that there are ways.. i just don't understand that particular picture
1096[12:36:13] <Haohmaru> i've noticed here at $job that very rarely, when i connect to freenode - the identd server happens to work o_O
1097[12:36:29] <Haohmaru> which shouldn't be possible, in theory
1098[12:36:56] <Haohmaru> happens like a few times per year
1117[12:56:38] <shtrb> genr8_, I doubt it can attack internal machine if they also have *their own properly setup firewalls* , no one should rely on router firewall to defened their laptops/ servers. it's a multi level defense
1118[12:57:14] <oiaohm> shtrb: Its not that simple.
1119[12:57:15] <genr8_> windows tho.
1120[12:57:41] <oiaohm> web browser people need to be able to use it to access internet and access like network connected printers for status.
1121[12:58:13] <Haohmaru> shtrb what can i do.. i get a fiber cable to the room and they put their router on it (the ISP)
1122[12:58:16] <oiaohm> So exploit in browser even with correctly setup firewalls can be problem if you have like inscure printer.
1123[12:58:37] <shtrb> oiaohm, they should be using local cups , which work against your central cups server (WHICH should be defened by a proper firewall and radius , and be in it's own internet less network)
1124[12:58:47] <ratrace> treating LAN as hostile has been advised by the infosec industry for years now
1125[12:58:50] <shtrb> Haohmaru, put a sane router behind it
1126[12:58:52] <genr8_> people should be doing a lot of things.
1127[12:59:13] <genr8_> ratrace, we should keep repeating it
1148[13:04:24] <Haohmaru> so my browser can, via visiting a random page, get the router confused and then redirect TCP/UDP packets to the machine that should've been blocked otherwise?
1149[13:04:29] <shtrb> tramplefoot, you mean a compiler or really interiter for C like CSH and Cscript ?
1150[13:04:36] <oiaohm> shtrb: I have a list of 200 universal radius server passwords. That opens up 400 different comerical closed source radius server protected networks.
1151[13:04:42] <shtrb> Haohmaru, that is a feature , not a bug , yes
1164[13:06:22] <Haohmaru> i guess you shouldn't have a silly user/root password and ssh server on it
1165[13:06:28] <oiaohm> shtrb: two of the universal passwords is a string that causes the server to reset to default out box passwords then you use the default ones.
1166[13:06:39] <Haohmaru> technically, you should never have silly passwords
1167[13:06:54] <computa_mike> Hi - I'm running a Debian 10 image under docker (well - it's the php 7.2-apache image from PHP). I can't install php7.3-curl - get the following error :replaced-url
1168[13:07:04] <oiaohm> shtrb: of course that double as it ddos the network and lets you in.
1169[13:07:26] <shtrb> Haohmaru, passwords are useless , you should be using passpharses that change , based on at least three languages
1170[13:07:31] <computa_mike> but I can see the package in there if I run apt search php7-*...
1266[14:48:43] <Fayn> hi. I have debian 10 server with mariadb 10.5 (which was installed from mariadb mirror). config files show that process is being run as 'mysql' user and 'root' user is used for administration through unix socket
1268[14:49:30] <Fayn> but there is /etc/mysql/debian.cnf which has mentions about debian-sys-maint user and that user doesn't exist in my mariadb installation
1269[14:49:52] <Fayn> is it required for some debian specific functions, or just some deprecated user which is not needed anymore?
1274[14:55:43] <jelly> Fayn: it's used with Debian's packaging of mariadb server. If you had debian's 10.3 before, did not purge all of it, and installed 10.5 from upstream's repo, you might have leftover config
1310[15:37:48] <TuxCrazy> hello... what's the difference between liquorix kernel and xanmod kernel? Can both of these be installed on Debian?
1311[15:38:41] <ratrace> they're not packaged regularly so it's a DIY work and if you break it, you get to keep the pieces.
1312[15:38:47] <jelly> TuxCrazy: best ask liquorix and xanmod people?
1313[15:39:07] <ratrace> that said I think I've seen a few people here claiming to run xanmod in their debians
1314[15:39:08] <jelly> in general, you can use most generic kernel builds on debian
1315[15:39:18] <jelly> or you can build your own
1316[15:39:21] <jelly> and use it
1317[15:39:51] <jelly> let's see if the bot knows anything
1318[15:39:53] <TuxCrazy> how about the security on xanmod or liquorix vis a vis the default one available on debian?
1319[15:39:56] <jelly> !xanmod
1320[15:39:56] <dpkg> XanMod is a general-purpose Linux kernel distribution with custom settings and new features. Built to provide a stable, responsive and smooth desktop experience. replaced-url
1321[15:40:01] <jelly> !liquorix
1322[15:40:01] <dpkg> Zen is :)(:, or a school of Mahayana Buddhism, or the Zen kernel: a variant of the Linux kernel optimized for desktop systems, including code not present in mainline. Liquorix kernel image packages (replaced-url
1323[15:41:05] <jelly> TuxCrazy: we don't know how other vendors deal with security issues. Debian kernel security issues can be tracked like any other package's, in the
1324[15:41:08] <jelly> !tracker of doom
1325[15:41:09] <dpkg> The Tracker of Doom is a vulnerability database maintained by the Debian security team, viewable at replaced-url
1326[15:41:22] <ratrace> TuxCrazy: they're probably less secure based on the fact that they do custom modifications much fewer people are testing and running, raising probability of new bugs unique to those modifications.
1327[15:41:58] <jelly> they might track upstream better and gain some fixes that way, who knows
1328[15:41:59] <TuxCrazy> debian based MX linux makes available on it, the liquorix kernel also.
1329[15:42:22] <jelly> the main point to take away from this is probably "we don't know"
1330[15:42:58] <TuxCrazy> ok
1331[15:43:33] <TuxCrazy> btw, do the point releases of Debian stable provide newer version of packages?
1333[15:44:16] <TuxCrazy> how does the system of point releases of debian work vis a vis that of ubuntu lts?
1334[15:44:43] <ratrace> apples and oranges
1335[15:45:18] <ratrace> and in debian, some packages might be bumped in version, especially the kernel, on debian point releases.
1336[15:45:38] *** Quits: SergioCabral (~SergioCab@replaced-ip) (Quit: I left, Guys. To send a hello chat@sergiocabral.com)
1337[15:45:57] <ratrace> the kernel is almost always rebased to newer point release in the same (LTS) branch, but other packages rarely; when it happens it's due to security fix that's unfeasible to backport
1371[15:54:59] <oznt> Hi, I've been desperately trying to get GPG forwarding to work over SSH . Both of my machines have the same version of GPG and SSH. Can someone maybe help ? replaced-url
1372[15:55:35] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
1428[16:15:34] <queip> oznt: maybe it is preferred to copying keys, but I wouldn't recommend either copying keys, or giving access to using them via agent, away from the main computer that has them
1429[16:16:28] <queip> oznt: what will that actually achieved? if target computer is malicious, and you forwarded agent into it, it can sign any message using your keys right?
1430[16:16:37] <hop> no
1431[16:17:21] <oznt> queip, I thought that was not the case.
1432[16:17:29] <oznt> hop, I hope you are right :-)
1464[16:28:28] <queip> hop: if it is some kind of text, inside ssh terminal, then it might be displayed by 2. If it fires up GUI on 1 then it's better. If you have hardware wallet attached to 1 then that's nice
1468[16:31:00] <hop> but you were still arguing in the general based on old advice, where an unprotected ssh-key was fowarded to untrusted machines without restrictions
1469[16:31:04] <codedmart> What is the best way to track down memory leak/consumption? I am on buster running gnome. I have had my machine running for 12 days now. Closing all applications and restarting gnome shell still shows memory usage of 22GB with no other applications running.
1503[16:50:11] <oznt> hop, there is not much to start right? ssh remote; gpg --decrypt, should work IMO. But I am getting that same error: Inappropriate ioctl for device
1525[16:59:37] <oznt> hop, on the localmachine I have /run/user/1000/gnupg/S.gpg-agent.extra on the remote /run/user/1000/gnupg/S.gpg-agent (the log of ssh says too:debug1: remote forward success for: listen /run/user/1000/gnupg/S.gpg-agent:-2, connect /run/user/1000/gnupg/S.gpg-agent.extra:-2)
1598[17:33:25] <JyZyXEL> i'm eager to see firefox/chromium eat up the 64 GB on my next desktop
1599[17:33:31] <jelly> chat apps are not doing much better
1600[17:34:00] <twobitsprite> just re-installed debian on an old desktop and I'm having a display issue. every couple of minutes, the display flashes something different for about a frame or so. it's hard to tell what it is, but I think it's the desktop background. any idea how to troubleshoot this?
1601[17:34:01] <jelly> considering many of those are electron (= chromium)
1639[17:47:10] <codedmart> OK I only have gnome running, srain irc and some terminals. free -m shows `Mem: 128823 22162 70793 520 35866 104921` and then top and capital M the first line is `27006 codedma+ 20 0 7023296 296248 117492 S 1.7 0.2 1:25.25 gnome-shell`
1642[17:49:29] <jelly> codedmart: so everything below it uses less than 300M
1643[17:49:50] <jelly> maybe you just have lots of stuff going on
1644[17:50:03] <invizus> I followed several guides on internet how to create serial console iso, but cannot make debian 10 boot into serial console. is there some special trick?
1645[17:50:18] <invizus> it always boots into graphical mode
1646[17:50:34] <codedmart> jelly but it isn't this way when I reboot.
1649[17:51:35] <codedmart> In htop gnome-hell is listed a ton of times and each line shows 288M in the RES column.
1650[17:51:42] <codedmart> gnome-shell not hell :).
1651[17:51:47] <hop> i would not be surprised if gnomeshell indeed had a leak. you said you restarted gnomeshell? sounds like you didn't /really/ restart it
1664[17:56:48] <codedmart> Hmm... is my system just not releasing the memory? I logged out. Switched to console, stop gdm service then checked htop. The top line showed 188M, and was something with systemd. There were not many processes running.
1683[18:09:08] *** Quits: Deyaa (uid190709@replaced-ip) (Quit: Connection closed for inactivity)
1684[18:10:34] <jelly> codedmart: hard to say. On an idle GUI system with noone logged in I wouldn't expect more than around 1 GB used and even that's a stretch
1685[18:10:57] <codedmart> jelly Yes that is what it is when I login from a fresh reboot.
1686[18:11:16] <codedmart> This is on a 12 day running system.
1687[18:11:35] <codedmart> I use multiple browsers, programs, etc.
1700[18:21:40] <codedmart> Yeah I use some electron apps. I am just trying to understand if I close all those why still the high consumption. Or percieved consumption.
1701[18:22:06] <queip> eletron "apps" are one of signs that IT went in the wrong direction
1704[18:23:03] <jelly> queip: well, it makes things easier for developers, and maybe paying developers well enough is a constraint on different people than people that have to buy more RAM
1705[18:24:01] <jelly> codedmart: another thing to try: what if you log out of GUI, and also restart gdm service (and X server with it)?
1742[18:46:49] <twobitsprite> ok, so I have this weird issue with firefox where when I'm watching youtube videos, every couple of minutes the screen will flicker and show my wallpaper for a frame or two. I've tried running ff in safe mode and it still happens. I have a GeForce GT 730. any ideas on how to troubleshoot?
1762[18:58:47] <karlpinc> greycat: FYI. It looks like, unless python2 gets to stay in bullseye, that the moinmoin wiki is not going to be in the next stable. This because moin2 (python3) is very likely not going to be ready.
1777[19:15:13] <greycat> karlpinc: I'm using upstream moinmoin, not Debian's, and I'm also stuck on Debian 9 forever, because the kernel isn't new enough for buster's libc.
1785[19:22:26] <ectospasm> sounds like you either have a FrankenDebian, or you need to learn how to use backports.
1786[19:22:26] *** Quits: darunesh_ (~darunesh@replaced-ip) (Remote host closed the connection)
1787[19:23:52] <greycat> Me? No. it's a VPS running an OpenVZ kernel, version 2.6. Can't run Debian 10. So I'm running Debian 9. I use upstream's packages for some stuff, and I have backported nginx and libssl so I can have TLS 1.3.
1788[19:24:48] <ectospasm> Ah, that makes sense. I never liked being on an OpenVZ host, so I switched providers.
1789[19:25:05] <ectospasm> I had one provider that half the documentation was in German, so I had to drop them.
1855[20:58:04] <shtrb> no , I'm connected. each machine got it's own ips , I just can wrap my head what is the prefix that I was given
1856[20:59:46] <shtrb> I can see that the first 64 bit are the same for each machine , but the router got a different prefix from the machines (only shares first 32 bit) , so I'm trying to understand how and what it is
1857[20:59:52] <shtrb> sorry for such a intellectually chalenged question
1877[21:20:03] <imMute> that sounds like how IPv6 is supposed to be handled for home networks. the router itself uses one subnet to talk to the ISP equipment. then it uses DHCP-PD to request a subnet for the LAN side. those two networks may have some common prefix, but it's not required
1894[21:40:46] <Fayn> i tried setting binlog to none but new node still won't join a cluster (galera ip's are configured to include new node and 10.2 node only)
1895[21:41:04] <Fayn> It complains InnoDB: Upgrade after a crash is not supported. This redo log was created before MariaDB 10.2.2.
1896[21:42:17] <Fayn> already tried deleting ib_logfiles on new node but that doesn't help (galera syncs files, but then shows that error and quits)
1905[21:52:02] <Fayn> i think it's possible to at least update all existing nodes to 10.2, but it's unclear how to solve this sync problem, in other words how to upgrade log file version in galera
1906[21:53:30] <jhutchins> Fayn: I think you need to run the upgrade script on each node with replication stopped, then resume as you would for a drop-out.
1907[21:54:06] <Fayn> did that for one node and it succeeded
1908[21:54:18] <Fayn> the issue is new nodes cannot join
1909[21:54:42] <Fayn> but i try to upgrade multiple versions one by one, maybe it works...
1917[22:14:28] <Fayn> ok, i just read you can upgrade one node to 10.5 and then others can be upgraded to 10.5 directly, as they sync sst from that node
1961[23:00:44] <lifostack> hi all, i was able not so long ago to record my desktop using a hot key combo... i've forgotten what that is can someone remind me?
1962[23:01:00] <lifostack> i did not need to install any extra software there was something already installed in my debian buster distro that allowed me to just "start recording"
1964[23:02:25] <lifostack> there was a record/stop/play button that would appear in my taskbar near the icons on the right
1965[23:02:49] <sney> which desktop env?
1966[23:02:59] <lifostack> gnome
1967[23:03:21] <lifostack> ah it looks liek CTRL+ALT+SHFT+R
1968[23:03:31] <phogg> I don't know what GNOME might have set up by default but if you can't figure it out you can always bind any hotkey you like to invoking recordmydesktop
1969[23:03:49] <lifostack> its not a debian buster thing its a gnome thing
1970[23:03:53] <lifostack> apparently
1971[23:03:55] <sney> indeed
1972[23:04:29] <lifostack> thx, gnome jogged my noggin