17[00:05:38] <alexrelis[m]> I think it's because when I originally passed through a USB flash drive (which worked), I safetly ejected in the Windows Guest VM the USB root hub that KVM actually needed.
18[00:07:04] <jhutchins> alexrelis[m]: Sounds possible, although I use virtualbox.
19[00:08:01] *** debhelper sets mode: +l 1195
20[00:08:01] <alexrelis[m]> At this point, I'm so sick and tired of computer problems that I may as well live in the woods.
21[00:08:05] <jhutchins> alexrelis[m]: I've also done a lot of VMWare. You do have to enable the device in the hypervisor.
22[00:08:19] <alexrelis[m]> I see.
23[00:08:56] <jhutchins> I take it there's an issue with rebooting the VM?
24[00:09:02] <alexrelis[m]> No
25[00:09:14] <t3st3r> its not qemu thing, its some libvirt crap
26[00:09:17] <alexrelis[m]> jhutchins: The VM is working fine, I just want to pass through a USB.
34[00:13:41] <Ede|Popede> seems i must change my root pw to 1111 or so just to avoid sitting half an hour in front of the tty while it pauses after hell knows how many unsuccessful logins
35[00:14:21] <greycat> what the FUCK are you talking about
41[00:16:01] <Ede|Popede> doesn't matter if it's irc or login. err wait, it does. no step 2 for login
42[00:16:23] <greycat> Are you trying to say "I have set my root password to something I am unable to type consistently, and this is causing me problems"?
43[00:16:45] <Ede|Popede> and then the keyboard is plain crap i have to use, just because, and that's the next thing, it has no cable. so i never know what actually arrives in the keyboard buffer
44[00:17:18] <Ede|Popede> whatever password it is i NEVER would have the guarantee on that machine, just because end user hardware sucks
45[00:17:34] <n4dir> my root password is root. That should work, no matter what a crap keyboard you have.
46[00:17:39] <Ede|Popede> and i really can't pay 150€ for some gamer keyboard
47[00:17:48] * alexrelis[m] uploaded an image: image.png (241KiB) < replaced-url
48[00:18:16] <alexrelis[m]> n4dir: My root password is hunter2
49[00:18:24] <n4dir> that seems just as easy
50[00:18:34] <Ede|Popede> root is good, just needs 2 keys with a neighbour
57[00:21:14] <Ede|Popede> "i did it because they told me so" after asking why the fuck i got a facebook invitation in the name of that person and was told by her she had uploaded her contacts to the site -.-
58[00:21:27] <Ede|Popede> what? for a homecomputer?
67[00:28:53] <Ede|Popede> how to avoid SPoF and at the same time not to spread access options. the only thing that's sure in this model is that it will be the wrong decision.
68[00:29:34] <Monodroid> Happy new year and down with the covid tyranny ;)
75[00:32:43] <Ede|Popede> some charity has been advertising for decades "Brot statt Böller" (better donate than try to frighten your neighbours' pets to death), though i prefer "Bier statt Böller", cheers ;)
76[00:33:41] <robobox> why not both bread and beer?
77[00:33:51] <jhutchins> Ede|Popede: When using acronyms that may not be commonly known by your audience, it is good practice (according to journalistic style books) to spell out the terrm when it is first used, with the acronym in either parenthases or square brackets following the term. The acronym is then considered a valid substitution in subsequent text.
78[00:34:03] <Ede|Popede> beer is liquid bread, so it's inclusive ;)
87[00:35:48] <jhutchins> Ede|Popede: Yeah, that one's not too bad if there's context, but you didn't give much.
88[00:36:13] <t3st3r> Ede|Popede> there're some funny devices that could pretend they're keyboard and type password for you :)
89[00:36:38] <Ede|Popede> some "thumbdrives" can do about everything i've read :)
90[00:36:53] <Ede|Popede> including grilling your board
91[00:37:02] <t3st3r> though it's relatively exotic/geeky approach - and if you fail to remember password and lose device, eh, well...
92[00:38:32] <t3st3r> <Ede|Popede> including grilling your board <- Oh, saw that as well. But TBH not the worst prank on ppl who like to "borrow" items they don't own.
93[00:38:45] <brokencycle> Hi! I have a networking problem: Given a Debian host with a bridge device and a VM (KVM)
94[00:38:47] <Ede|Popede> some years ago i realized that some wifi devices come as storage until the driver gets installed. usb really is universal and tbh i liked the approach. rather elegant.
95[00:39:06] <brokencycle> running on top, it seems to be impossible to ping the host from the VM and vice versa. However, pinging
96[00:39:26] <brokencycle> the VM from the outside, or pinging the outside from the VM works like a charm.
97[00:40:03] <t3st3r> Ede|Popede> some cell modems also do so. And few others. Actually USB device can change what it is on the fly. Ever heard of BadUSB?
98[00:40:22] <Ede|Popede> t3st3r: rings a bell, but i gotta read
99[00:40:40] <brokencycle> Both the host and the VM run Debian, both are in the same netowork, IP wise, and there are no
100[00:40:44] <Ede|Popede> ah, that one. yep.
101[00:40:45] <t3st3r> This like double edged sword. If some usb device elects to become keyboard, and type some funny crap... well, guess
102[00:40:52] <brokencycle> iptables rules in the way, as far as I can see.
103[00:41:15] <brokencycle> It's just that neither machines answer to ARP requests.
104[00:41:37] <Ede|Popede> t3st3r: seems it came the year after badbios
105[00:41:39] <brokencycle> Or so it seems.
106[00:42:03] <t3st3r> Ede|Popede> BadUSB is quite old thing IIRC. Its concept is even older.
107[00:42:17] <Ede|Popede> the article i'm reading is from 2014
108[00:43:54] <Ede|Popede> oh, badbios was already able to use speakers and microphones of air gapped systems to communicate
111[00:45:58] <t3st3r> There're many funny unexpected ways to communicate. Say, some program attempted to display fairly specific image on display - to provoke monitor cable into RF emissions.
136[00:57:59] <Sarcutus> The coronavirus only has the goal of killing lots of people. Not to hard to grok.
137[00:58:09] <Sarcutus> *too
138[00:58:10] <Sarcutus> ack
139[00:58:18] <Monodroid> they survey you with drones if you go out, tell you when to go out etc. If you dont see that its not about a virus, then let you vax
140[00:58:31] <CrystalMath> Sarcutus: nonsense!
141[00:58:32] <Monodroid> yeah..
142[00:58:36] <CrystalMath> viruses don't want to kill people
143[00:58:39] <CrystalMath> their goal is to survive
144[00:58:41] <beelzebuzz> is this one of those cigar-smoking lizard conversations?
145[00:58:43] <CrystalMath> like every other lifeform
147[00:58:57] <robobox> by using your resources up
148[00:59:21] <CrystalMath> they don't want to use too much
149[00:59:26] <robobox> if you want it to end sooner try folding@home
150[00:59:29] <Sarcutus> CrystalMath: you're absolutely correct, killing people is ACTUALLY totally secondary to the virus's "goals," because it hasn't really got any goals, it's just sort of like the wind
164[01:01:18] <Sarcutus> CrystalMath: Oh, they DEFINITELY evolve and speciate. But do they die? Like Monodroid said, they can't reproduce on their own ...
165[01:01:19] <CrystalMath> bacteria can reproduce robobox
166[01:01:28] <CrystalMath> no matter how much champaigne i drink i will never not know that
167[01:01:32] <CrystalMath> they even do horizontal gene transfer
171[01:02:14] *** Quits: Monodroid (~Mono3@replaced-ip) (Killed (Sigyn (Spam is off topic on freenode.)))
172[01:02:17] <Sarcutus> Bacteria are proper life forms. They consume resources in their environments and reproduce by mitosis, if I remember right ... they're certifiable.
173[01:02:19] <robobox> cloth
174[01:02:36] <format_c> This might be a discussion for the off-topic channel?
175[01:02:41] <robobox> yeah
176[01:02:42] <CrystalMath> Sarcutus: absolutely, but i'm on the side that holds that viruses are also lifeforms
178[01:03:18] <Sarcutus> CrystalMath: well, let's take this to off-topic if we could, but your POV could be totally valid here. Like I said, hot debate. :)
195[01:07:37] <CrystalMath> oh it's just the production process for masks...
196[01:07:41] <CrystalMath> why is that important
197[01:07:54] <Ede|Popede> i'm not really good with names, had to look for the name of 9 before, but this site rings a bell. so i think sigyn's argument is valid.
198[01:08:13] <robobox> because statement first, facts to support it later
199[01:08:38] *** Quits: gry (~test@replaced-ip) (Ping timeout: 272 seconds)
342[03:42:34] <judd> (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.
350[03:44:19] <CrystalMath> Sun Jan 21 17:57:27 2018 +0100
351[03:44:27] <CrystalMath> there was a commit 3 days before that was posted...
352[03:44:34] <CrystalMath> how in the world is that unmaintained
353[03:44:57] <CrystalMath> i should maybe create a bug report to add lightspark
354[03:45:04] <CrystalMath> it's still under very active development
355[03:45:11] <sney> !wnpp
356[03:45:11] <dpkg> For information on packages which are not in Debian but you think should be, check the Work-Needing and Prospective Packages list at replaced-url
357[03:45:40] <sney> knock yourself out, but don't expect much traction on obsolete tech, unless they have a full reverse engineered implementation or something
358[03:46:09] <foxide> Given that flash is basically dead...
359[03:46:29] <CrystalMath> lightspark is not dead
360[03:46:35] <CrystalMath> it had its last commit yesterday
361[03:47:00] <sney> the EOL date is today, which is why suddenly everyone wants more flash implementations right now after YEARS of declining support/interest
381[03:52:42] <CrystalMath> could i also do something a little lazy, like
382[03:52:48] <sney> afaik you can't even get a salsa account until after you've worked with debian-mentors a bit
383[03:52:49] <CrystalMath> file an RFP, and then if nobody wants to maintain it
384[03:53:03] <CrystalMath> i also offer to maintain it
385[03:53:10] <sney> that is an option for sure
386[03:53:29] <sney> though if you want there to be a chance of this getting into bullseye for the stable release, don't waste any time
387[03:53:54] <CrystalMath> huh, when is bullseye coming?
388[03:54:00] <CrystalMath> i feel like buster came out pretty recently
389[03:54:02] <sney> the freeze is in ~3 weeks
390[03:54:07] <CrystalMath> i still haven't upgraded to buster
391[03:54:13] <CrystalMath> well, this machine i have
392[03:54:16] <sney> bullseye itself will probably drop around september
393[03:54:18] <CrystalMath> but not all machines
394[03:54:24] <CrystalMath> september 2021?
395[03:54:27] <sney> yes
396[03:54:35] <CrystalMath> that's a debian schedule i'm more familiar with :)
397[03:55:02] <sney> I can't speak for the release team officially, but the last 2 freezes have lasted about 8 months, and bullseye's is about to start. so aug/sept with wiggle room.
405[03:56:06] <CrystalMath> when was buster released?
406[03:56:24] <sney> !buster
407[03:56:24] <dpkg> Buster is the codename for the current <stable> release, Debian 10, released 2019-07-06. "Buster" is Andy's pet Dachshund in Toy Story, see replaced-url
408[03:56:41] <CrystalMath> i remember i was extremely upset about the change to freetype
409[03:56:49] <CrystalMath> so i modify the code of my own freetype package
410[03:56:58] <CrystalMath> but i also mostly switched to bitmap fonts, and got used to them
411[03:57:01] *** Quits: Grldfrdom (uid391113@replaced-ip) (Quit: Connection closed for inactivity)
412[03:57:02] <CrystalMath> at least they won't change on me
413[03:57:19] *** de-facto_ is now known as de-facto
414[03:57:46] *** Quits: mrkramps (~mrkramps@replaced-ip) (Disconnected by services)
415[03:57:52] *** mrkramps_ is now known as mrkramps
416[03:59:44] <sponix> !bullseye
417[03:59:44] <dpkg> The release following Debian 10 "Buster" is codenamed "Bullseye" (Woody's horse in Toy Story 2) and will be Debian 11. It is the current "testing" release. Remember that testing is called testing for a reason; good bug reports with patches are greatly appreciated! replaced-url
418[04:00:27] <sponix> I should run Testing in a VM for shits and giggles
419[04:00:56] *** Quits: ax562 (~ax562@replaced-ip) (Remote host closed the connection)
421[04:01:49] <sney> "shits and giggles" testing is much earlier in the dev cycle. bullseye's major transitions are all done and it's pretty solid atm
422[04:02:44] <sney> though if you're using anything python2, or trying to upgrade to bullseye from a buster system that has a toolchain installed via one of the bigger metapackages, it can be a little messy still
423[04:02:45] *** Quits: TheLQ (4740ce97@replaced-ip) (Remote host closed the connection)
430[04:07:42] <sponix> sney: is there an installer for it, or is it like sid where you install buster and then just swap the source lines ?
431[04:08:01] *** debhelper sets mode: +l 1183
432[04:08:25] <sney> there's a testing installer, though it can be more broken than the OS itself, I used the alpha3 image a couple weeks ago and it worked
433[04:08:27] <sney> !testing installer
434[04:08:27] <dpkg> Repeat after me: the testing installer is for testing the <installer>, not for installing <testing>. To install testing, do a minimal installation using the <stable> installer and ask me about <stable->testing>. Installer bugs should be filed against the debian-installer pseudopackage. replaced-url
435[04:08:44] <sney> installing buster and upgrading is fine too
436[04:09:02] <sponix> LOL
437[04:09:07] <sponix> "repeat after me" ;)
438[04:10:20] <sponix> I think when I get my new extra computer built, it will run Debian
439[04:10:24] <sney> "help, I used the testing installer and everything is broken" was a common question for a while, I think in the stretch era. it's still good advice.
440[04:10:35] <sponix> my new OLD computer that is
541[06:15:55] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
542[06:16:08] <smurfke> Hello I found a specific package that is listed within: replaced-url
543[06:16:17] <smurfke> how do I add 'sid' as a source to my apt repo's?
544[06:17:00] <quadrathoch2> smurfke if you don't run sid, don't
545[06:18:00] <foxide> !ssb
546[06:18:00] <dpkg> First, check for a backport on <debian-backports>. If unavailable: 1) Add a deb-src line for sid (not a deb line!); ask me about <deb-src sid> 2) enable debian-backports (see <bdo>) 3) apt update; apt install build-essential; apt build-dep packagename 4) apt -b source packagename 5) dpkg -i packagename-ver.deb To change compilation options, see <package recompile>; for versions newer than sid see <uupdate>.
547[06:18:38] <foxide> smurfke: That process (ssb) is what you do when you want to run a single sid package on an otherwise-stable system. Not all packages can be built this way.
577[06:30:39] *** Quits: ax562 (~ax562@replaced-ip) (Remote host closed the connection)
578[06:30:42] <smurfke> How do I ask the bot about "<deb-src sid>"?
579[06:30:47] <smurfke> !deb-src sid
580[06:30:47] <dpkg> You can get apt to download source packages with a <deb-src> line in your <sources.list>. A suitable entry for the sid release is: "deb-src replaced-url
581[06:30:54] <smurfke> cool
582[06:31:08] <smurfke> !deb-src bullseye
583[06:31:08] <dpkg> You can get apt to download source packages with a <deb-src> line in your <sources.list>. A suitable entry for the bullseye release is: "deb-src replaced-url
586[06:32:21] <dpkg> backports.debian.org (formerly backports.org) is an official repository of <backports> for the current stable (see <buster backports>) and oldstable (<stretch backports>) distributions, prepared by Debian developers. Ask me about <backport caveat> and read replaced-url
597[06:34:49] <dpkg> Some packages intended for Bullseye (Debian 11) but recompiled for use with Buster (Debian 10) can be found in the buster-backports repository. See replaced-url
607[06:47:21] <smurfke> I succesfully added the bullseye src to my sources.list because "apt-cache madison mypackage" lists 2 versions now. One from buster/main and one from bullseye/main.
608[06:47:41] <smurfke> How do I tell apt-get to install the specific version of bullseye/main?
610[06:49:53] <quadrathoch2> smurfke so the package doesn't exist in buster-backports?
611[06:50:27] <foxide> smurfke: You did not do as the instructions told you to do if you added anything from bullseye.
612[06:50:54] <foxide> And if you're seeing things in apt search, then you didn't add a src line, either, you added a package line, and are close to breaking your system.
622[06:53:00] <smurfke> which is weird because the command instructed me to do "1) Add a deb-src line for sid (not a deb line!); ask me about <deb-src sid>"
623[06:53:08] <smurfke> I just replaced sid by bullseye
624[06:53:15] <foxide> Which you should not have done.
625[06:53:27] <foxide> It said sid specifically. Do that.
626[06:53:31] <smurfke> ah ok
627[06:54:15] <smurfke> I misunderstood your instruction on following the same procedure and not mixing releases.
835[12:17:08] <rudi_s> NetTerminalGene: I don't know but I think it won't (or you need a separate key). Is there a reason why you don't want to use LVM? It's really useful to have that as underlay because it's flexible.
836[12:17:53] <rudi_s> (The fact that the default debian installer uses the whole disk for LVs and does not keep some space unused makes it somewhat less useful on default installations though.)
843[12:21:14] <NetTerminalGene> why should i add something like that if i don't need it
844[12:21:27] <rudi_s> NetTerminalGene: The question is, why not? It doesn't hurt performance, it's flexible and you might find it useful in the future.
845[12:21:47] <rudi_s> For example to simplify encryption because you can multiple "partitions" inside a single encrypted volume.
846[12:21:57] <rudi_s> Of course there are different ways to achieve this but LVM makes it simple.
847[12:23:15] <jelly> NetTerminalGene, if you're using cryptsetup for fde, running lvm on top is probably the most often used and well exercised setup
849[12:24:40] <ratrace> NetTerminalGene: even if it doesn't it's extremely easy to do it yourself using cryptsetup's plain, on boot, with a /dev/random key
850[12:25:51] <rudi_s> That won't work if you want to hibernate though.
851[12:26:00] <ratrace> right
852[12:27:00] <ratrace> unless you whip up support for that with an initramfs script, AND use LUKS instead of plain
888[13:06:21] <dpkg> debian/rules is the makefile used when building a .deb from source, edit it to change compilation options. Some packages use sophisticated build systems that should be documented in debian/README.source. Also remember to make a new entry in debian/changelog with "~yourname" (for a backport) or "+yourname" (for a recompile) added to the version number. See also <makefile>, <hold>, <package recompile>, <source>, <unique package version>.
937[14:17:05] <rk4> but what i am reminded of is how many disasters we've had in prod and said "ok srsly guys, we're going to stop writing big buggy shell scripts"
977[14:50:16] <n4dir> no, i just meant to do it as recommended (wether needed or not). I thought about it though, but he line which was said to not work uses [[; and iirc inside of them double quotes are not needed?
978[14:50:23] <rk4> you guys are too generous, the root cause was he was lazy and impatient
1012[15:15:47] <Morg0th> Hello there, do I need Debian 11 to use nvidia prime render offload? This page seems to indicate that, but I'm not sure replaced-url
1021[15:21:11] <abrotman> Morg0th: I can't answer the nVidia question, but sure, you can move your system to Bullseye. It's reasonably stable for a desktop/laptop. Do note that there's no official security support, but instead via normal package updates
1071[15:56:07] <Elefanten> ArsenArsen: Where is the loadmod supposed to be? I've got two servers which *should* be identical, but they obviously aren't as one isn't booting.
1072[15:56:24] <ArsenArsen> in grub.cfg
1073[15:56:33] <ArsenArsen> check the grub console
1074[15:56:57] <ArsenArsen> try to load it in there
1177[17:15:22] <aLinux`> hey all,happy new year. i have myria 8315 bl (i know its a junk laptop) im trying to install "debian-10.7.0-amd64-netinst.iso" i tried to boot from diferent usb sticks but they all work perfectly fine on other laptops.. on this myria after selecting "graphical install" the installer hangs/freezes and the only way to exit that its to shut off the
1178[17:15:23] <aLinux`> laptop. i tried diferent ways to prepare usb sticks but the same result for this laptop. any solution to this ? also its a intel chipset with some intel celeron and wifi realtek,no lan.
1192[17:26:23] <abrotman> aLinux`: how did you prepare the USB stick?
1193[17:26:47] <aLinux`> abrotman rufus iso mode or dd
1194[17:26:49] <abrotman> ice99: You're capable of using Google, this is a channel for people that need actual help
1195[17:27:04] <abrotman> aLinux`: from Linux, correct?
1196[17:27:10] <aLinux`> abrotman i did not find any similar problems to mine
1197[17:27:13] <aLinux`> no.. windows
1198[17:27:18] <aLinux`> "rufus"
1199[17:27:21] <abrotman> dpkg: win32diskimager
1200[17:27:21] <dpkg> win32diskimager is much more reliable than <rufus> or <unetbootin> for copying ISO images to USB sticks and you can download it from replaced-url
1233[17:46:12] <aLinux`> it wont go after pressing enter
1234[17:46:26] <aLinux`> right now im making a debian live one.. to test out
1235[17:46:43] <Ede|Popede> F10 to get the boot menu or sth?
1236[17:47:08] <aLinux`> no.. F10 after edit boot options
1237[17:47:26] <aLinux`> after entering debian boot menu
1238[17:47:35] <aLinux`> :(
1239[17:47:55] <Ede|Popede> ah right. boot the entry. i always look what is offered, don't even bother remembering the keys xD
1240[17:48:01] *** debhelper sets mode: +l 1202
1241[17:48:28] <Ede|Popede> did you check with 'e' what it does? maybe you can add/remove/modify some parameter
1242[17:48:48] <Elefanten> ArsenArsen: Switched the HBA card from one server to the other and it solved it, but now the other server has an issue. Currently re-flashing fw
1243[17:49:00] <aLinux`> well.. i cant remember exactly but im testing now debian kde live to see if it boots
1258[17:58:10] <digdilem> deeplogic, personal taste. But I do too. Gone from teeny tiny text to massive icons. But I hardly ever go there so as problems go it's not a biggie.
1260[17:59:39] <boktan> hello i did buy one vps i want to let them install debian on it but the seller is saying me there is no panel for it but i found one named cloud panel is it similar to plesk panel? which panels you suggest me?
1261[18:01:22] *** Quits: chipxxx (~androirc@replaced-ip) (Remote host closed the connection)
1262[18:01:29] <Ede|Popede> aLinux`: debug? and maybe unset selinux. can't remember if it's even used when not explicitely listed, my own grub issues are of a different nature
1263[18:02:38] <boktan> and cloud panel looks similar for me with the panel of digital ocean but what is your suggestion friends?
1264[18:03:13] <zykotick9> aLinux`: have you tried the "normal" (ie non-graphical) install? Same result?
1284[18:16:12] <zykotick9> boktan: that '!free whcp' and the message from dpkg starting with "FOSS Web Hosting..." was intended for you. you can use "/msg dpkg DTC", "/msg dpkg GNUPanel", etc for more info when you see something in <thesebrackets>.
1285[18:16:18] <grndslm> omg.... somebody please help me figure out how to run a script thru screen or tmux in detached mode AT BOOT....
1287[18:16:32] *** alexandro2332 is now known as S3xyL1nux
1288[18:16:52] <grndslm> i can run the script thru screen at regular command line.... but when attempting to run it at boot, it NEVER works.... no matter if I use rc-local, rc-local.service, screen.service, crontab -e, etc....
1289[18:16:55] <grndslm> the simpler the better
1290[18:17:37] <grndslm> i actually had it working yesterday and had to reinstall because of a bootloader issue.... now i can't remember wtf i did!
1296[18:24:04] <aLinux`> unable to boot any install or live debian
1297[18:24:05] <zykotick9> aLinux`: ummm :( good luck!
1298[18:24:19] *** Quits: boktan (b9f80f58@replaced-ip) (Remote host closed the connection)
1299[18:25:13] <pasiz> grndslm: do you have reason to use scree
1300[18:25:20] <pasiz> +n
1301[18:28:08] <zykotick9> grndslm: <my 2 cents> I'd look for some environment variable being different between your user (where it works) and when it's run at boot. Does your script use full paths? Reply on some variable that doesn't exist when being run at boot? </peanut gallery>
1304[18:31:58] <grndslm> pasiz: omg, yes, i have a reason. i'm running this server headless, and there's no other easy way to have this script run, show me output, and allow me to interact with it
1305[18:32:01] <grndslm> except for maybe tmux
1306[18:32:05] <grndslm> i guess i should try that
1307[18:32:07] <grndslm> sheesh
1308[18:32:39] <pasiz> boot time script that needs interaction on headless server
1311[18:33:23] <grndslm> zykotick9: yes, it uses full paths.... only 2, which are shown in all their glory..... /home/grndslm/folder/folder/scriptFile.sh && /usr/bin/screen
1312[18:33:43] <grndslm> i cd to the directory with the scriptFile.sh..... and then i run /usr/bin/screen ./scriptFile.sh
1313[18:33:52] <grndslm> couldn't be any simpler than that, but it just gives me an error
1314[18:35:06] <grndslm> this is the output i'm seeing....
1358[19:00:44] <TundraBear> Ð ow to understand that the FireWire adapter connected via the thunderbolt port was detected by the system? lspci doesn't show him but in sys/bus/thunderbolt/*/device_name i see him
1380[19:12:06] <pasiz> TundraBear: is the thunderbolt working
1381[19:12:32] <unixbsd> ALWAYS_SET_PATH yes <--- is the solution to stay alike unix
1382[19:13:02] <TundraBear> pasiz, my sound card connected via firewire is not shown into system. aplay -l doesn't show it. But ffado have been installed. Thunderbolt is working.
1383[19:13:06] <unixbsd> the one that invented this should be pottering
1386[19:13:47] <pasiz> unixbsd: who invented that minus sign is ugly
1387[19:14:57] <pasiz> TundraBear: is your sound card drivers loaded
1388[19:15:25] <unixbsd> wow ! this override works. I tried on bullseye arm64 on my raspberry pi, just run the following command: echo "ALWAYS_SET_PATH yes" >> /etc/default/su
1425[19:37:40] <TundraBear> Is my Thunderbolt to FireWire adapter working correctly on Debian? I have found the information in sys/bus/thunderbolt... Is it enough to be sure?
1459[19:59:01] <thorsten`> I'm installing via debootstrap and haven't rebooted yet. My idea was to get all the necessary modules in initramfs to make the new system boot on the first try.
1460[19:59:43] <quadrathoch2> as long as you have your esp outside mdraid, you should be fine
1472[20:05:26] <thorsten`> hm it seems I made a mistake regarding something earlier in the boot process.. though the efi-entry for debian is there, grub does not show up... so I need to fix that first and then I'll come back. Thanks so far! see you later
1516[20:53:56] *** Quits: debsan (~debsan@replaced-ip) (Remote host closed the connection)
1517[20:55:01] <disillusion> what is the the ufw command to deny traffic from one IP address on Debian 10? I'm using one but it's not working. I'm using "ufw deny from 123.123.123.123 to any" but the address is still communicating with my server. I have 123.123.123.0/24 allowed, which is somehow getting priority over the block, when a block is supposed to get priority over a subdomain.
1519[20:57:21] <disillusion> In practical terms, all I'm trying to do is stop a child from spamming on my network, and I'm currently being laughed at by children for not knowing to how to stop them from spamming. Blocking one IP address with ufw is supposed to work.
1520[20:57:33] <sney> I haven't used ufw but typically, firewall rules are evaluated in order. so you probably need to change the priority of that rule.
1521[20:58:01] <tomreyn> i don't know your ufw answer either, but you may be mixing up the terms 'subdomain' and 'subnet' here.
1526[21:00:22] <tomreyn> sudo ufw status numbered may help you identify which is overruling which
1527[21:00:26] <disillusion> and then to block one address, "sudo ufw deny from 123.123.123.5 to any" and I've also tried "sudo ufw deny from 123.123.123.5 to any port 2000". Neither are working. The children are still laughing at my inability to stop them.
1528[21:00:43] <sney> again, it is probably matching your 'allow' rule and passing the packet, before the 'block' rule is even evaluated. quick google says you use 'ufw insert' to add a rule in the correct order
1529[21:01:10] <PaddyF_> first match wins
1530[21:01:14] <tomreyn> and no, you most likely can't do that on the gui
1531[21:01:17] <sney> this is pretty fundamental firewall stuff. right now I'm with those children, haha
1539[21:04:12] <disillusion> so which gets priority in ufw, the higher or lower numbers?
1540[21:04:16] <rander2> hello
1541[21:04:37] <rander2> happy new year
1542[21:04:46] <sney> disillusion: in most firewalls the lower numbers are evaluated first, but you should check the manual to be sure
1543[21:04:49] <PaddyF_> rander2: likewise
1544[21:05:22] <rander2> anyone know aws tesla ? is it expensive ?
1545[21:05:30] <disillusion> it's standard to allow a whole subnet first and then block individual addresses later, which means the higher numbers in ufw should over rule the lower numbers.
1548[21:06:34] <sney> first match wins. if you have an explicit allow rule, and a packet matches that, it will be allowed and the rest of the rules will not be used for that packet
1549[21:06:54] *** Quits: beardface (~bearface@replaced-ip) (Remote host closed the connection)
1550[21:08:19] *** Quits: zez (~zez@replaced-ip) (Remote host closed the connection)
1551[21:08:35] <tomreyn> rander2: i think you want to /join ##aws
1571[21:22:57] <disillusion> so I'm using mumble-server for voice and text chat, which is what want to block specific users from spamming, and I have to restart the mumble server after setting the ufw rule. That's weird. I would expect that setting the firewall rule blocks the port right away, but it doesn't. Restarting mumble-server is what changes the firewall rule. I do also have to use "ufw insert" to give the "deny" higher priority.
1572[21:23:44] <sney> most firewalls also accept established connections, so that's probably what you're looking at there
1577[21:27:10] <disillusion> sney, so does it depend on the particular service for whether or not a new firewall rule applies without restarting the service?
1578[21:27:46] <disillusion> as in, some services apply the new firewall rule while running while other services only apply the new firewall rule after the service is restarted?
1579[21:28:43] <disillusion> if so, I don't like this because it means I have to drop everyone from a group voice chat on mumble-server, though just for a few seconds, just to block one annoying user.
1582[21:29:35] <sney> the service doesn't "apply" the firewall rule. this is still just your firewall evaluating its rules in order. your firewall must have a rule at an even lower priority to allow connections in the 'established' state
1583[21:29:58] <sney> (it's a pretty standard default and makes sense in most environments)
1584[21:30:32] <disillusion> I'm using default debian settings with ufw, then make some basic rules in the command line. Nothing complicated.
1585[21:30:53] <sney> so any packets from a connection that is already established will not have to be parsed by the firewall, reducing your overhead.
1586[21:32:54] <disillusion> I'm pretty sure I've tested this kind of thing a few years ago and was able to block individual IPs in real time. Though if things can vary from distro to distro, this can explain why I thought setting a deny for one address would block it in real time on Debian 10. I guess this is something that can change from distro to distro, version to version?
1587[21:33:48] <sney> broadly, defaults do change over time, this is why documentation exists
1591[21:34:33] <sney> debian buster did switch to the nf_tables kernel firewall module, and there were some low level syntax and compatibility changes, but that shouldn't be exposed through a frontend like ufw.
1598[21:39:46] <disillusion> I'll have to look into that. But if I have other services running for users to access, such as an apache server, I'll still need a method for blocking individual addresses from everything. So just blocking on mumble-server isn't always good enough.
1608[21:45:08] <disillusion> yes I know, but I can keep things simple by blocking one address from everything. I was just surprised to see that I blocked one address from everything and it was still getting access.
1655[22:24:50] <tyzef> later you can change, try on virtuals machins if you want
1656[22:25:15] <disillusion> Deyaa, gnome does Wayland, which can come in handy if there's something wrong with X11. But gnome3 can be annoying with the search bar to find apps, which is imitating Windows. KDE is heavier on the resources but has a more traditional way of doing things, and is prettier with more options.
1657[22:25:32] <Deyaa> I just tried gnome but it's kinda buffy
1658[22:25:39] <sney> !start a desktop war
1659[22:25:39] <dpkg> GNUStep: be different.
1660[22:26:00] <abrotman> Deyaa: so try KDE .. or try any of the other 50 WMs or DEs in Linux
1661[22:26:09] <tyzef> now KDE lighter than Gnome
1662[22:26:24] <abrotman> please stop, Deyaa should decide on their own
1663[22:26:34] <quadrathoch2> disillusion i never heard (in the near past) that kde is heavier than gnome oO
1664[22:26:52] <abrotman> you can't possibly know their use cases or requirements or workload .. just have them go try them both
1665[22:26:59] <Deyaa> I want to know your opinions abrotman
1668[22:27:25] <abrotman> Deyaa: My opinion? Go use them both, come back in two weeks, let us know which you have chosen.
1669[22:27:30] <abrotman> Have a nice day
1670[22:27:36] <disillusion> well, I recently used gnome3 with Wayland so that could make a difference. But yeah I noticed that gnome3 is heavier than I expected it to be.
1681[22:32:01] <Deyaa> quadrathoch2: do you use KDE?
1682[22:32:15] <disillusion> Deyaa, I myself can work with any desktop environemnt. lol I just want it to not be buggy or too heavy for the computer I'm running it on. KDE has more visual and layout options, plus has its own suite of apps which work together well.
1683[22:32:21] <sney> the whole "lightweight" argument disappeared as soon as compositing window managers became the norm. your gui is hardware accelerated. KDE, once the king of "bloat", is lightning fast on my laptop from 2014 because the HD4000 is doing most of the heavy lifting
1684[22:32:56] <Deyaa> I'm actually converting from gnome because there is a problem with xterm integration
1685[22:33:10] <disillusion> Deyaa, one thing I like about KDE is being able to download themes from the settings window and apply them right away.
1709[22:54:09] <tyzef> jhutchins, I was shy to say that...
1710[22:54:11] <bitdefect> Not a Debian specific question, still: How do you normally set up a service user? I have a user which only needs to run a cron job. I want a dedicated user so that the job runs with lower privileges.
1717[22:57:12] <bitdefect> abrotman: Yeah I know the various switches, but I typically then only end up with /bin/nologin, a UID from a different range and no home dir.
1718[22:57:39] <abrotman> and then cron doesn't work?
1719[22:58:19] <bitdefect> abrotman: At least I think you can not set up a cron job when the user has /bin/nologin as shell.
1790[23:56:12] <jhutchins> bitdefect: The correct method to lock down SSH is to force a specific application (usually use for sftp). Samba will allow only the users you specify only the privileges you give them, but they can usually transfer and modify files.
1791[23:57:04] <jhutchins> bitdefect: I would also recommend that the public port for ssh be something other than 22 or 222.
1792[23:58:35] <jhutchins> bitdefect: Not sure exactly what you're trying to do, but you might also be interested in sshchroot.