69[01:05:55] <ogo> ratrace, trying CFLAGS=... as in your message gives the exact same error "ERROR: No matching distribution found for tensorflow" like the one in replaced-url
70[01:06:21] <ogo> i think for some reason the ":all:" bit is not accepted
90[01:14:56] <tuxd3v> shout I put the entries in /etc/fstab also?
91[01:15:11] <BCMM> i don't think that's actually an error
92[01:16:09] <BCMM> i think it's just because it's a "thing that should be done during boot" as opposed to a "service which is always running", if you see what i mean
93[01:16:26] <BCMM> you could start it manually or just reboot
170[02:18:57] <JordiGH> Hm, cron was failing but it didn't email jordi@localhost with the problem. At least my local mailbox seems empty. Although I'm not even sure I have a local MTA installed. Do I need one?
179[02:31:20] <mutante> JordiGH: you could replace crons with systemd timers and then you have stuff in regular logs and can check (and alert if you want) on failed state of the service.maybe use something completely different from email as the notification command
207[02:48:23] <sney> I'm canadian, and this is #debian. if you have a debian support question, please ask. if you are just looking for other br people to chat with, please find a different channel
241[03:27:02] <cakeface> are MX Linux questions answered here? When I use screenfetch it shows debian buster 10.7 (but it is mx linux)
242[03:27:19] <ectospasm> !not debian
243[03:27:19] <dpkg> Your distribution may be based on and have software in common with Debian, but it is not Debian. We don't and cannot know what changes were made by your distribution (compare replaced-url
244[03:27:25] <cakeface> thanks
245[03:27:34] <mutante> cakeface: you can try ##linux
337[05:10:17] <maxrazer> Anyone got pipewire working to replace pulse audio? My audio setup is really messed up and a hassle to manage. I'm hoping pipewire would behave better or be more automatic.
352[05:36:33] <n4dir> the question has been asked a couple of times these days, in several chatrooms, and i didn't hear an answer very convincing. maxrazer
359[05:39:14] <n4dir> you thought of jack? probably yes, you did. There is #lau and #opensourcemusicians too.
360[05:39:58] <maxrazer> I don't think I want to use jack, and I'm not doing any mucisian stuff. I just record system audio with a mic sometimes and also want the right device to be used to play back audio.
361[05:40:18] <n4dir> the much it was asked bout pipewire these days, we should hear more of it in the near future.
362[05:40:20] <sney> I think aloo_shu (an OFTC regular) was successfully using pipewire in place of pulse, but I haven't seen him around for a bit
365[05:41:07] <n4dir> maxrazer: i think both mentioned channels would help with "just recording with a mic". Also whichever software you use to record should have a channel
366[05:41:35] <maxrazer> I got the recording working. It just makes it easier for pulse audio to get confused.
460[08:51:41] <Lope> ratrace, I'm setting up a new install, I'm trying your fancy nspawn thing: `systemd-nspawn -D /tmp/foo/ -a bash` but the problem is blkid inside the container can't find _anything_ at all so cryptsetup isn't so happy.
461[08:52:22] <Lope> whereas if I hypothetically use bind mounts and chroot, it would find the blkid's
587[10:07:45] <Lope> anyone know why when I chroot into a mounted fs, because I want to setup grub on it etc, like this: `systemd-nspawn -D /tmp/foo/ -a bash`
588[10:07:51] <Lope> blkid doesn't show any drives?
589[10:08:03] <Lope> How can I make some drives available to the container
590[10:08:40] <ksk> Lope: I dont know about systemd-nspawn, but if you just used regular "chroot" you would have to mount /dev /proc etc into the chroot-hierachy
591[10:08:44] <ksk> (bind-mount them)
592[10:09:18] <Lope> ksk, I used to use chroot, but if I rbind it wrecks my host when I `unmount -l /tmp/foo/dev/{shm,pts}`
594[10:10:01] <Lope> ksk, ratrace says you can use systemd-nspawn instead of bind mounting and chrooting... and it seems passable except no drives appear inside of it.
595[10:10:20] <ksk> isnt there a command that scans for drives?
596[10:10:29] <Lope> blkid can't see anything
597[10:10:31] <ksk> maybe that is run on debian startup, but not in chroot.
598[10:10:40] <Lope> nspawn likely must be told to make drives available
704[11:42:39] <imox> anyway could you say me how to install mariadb 10.4 ?
705[11:42:48] <jelly> imox, that site doesn't exactly scream quality but quantity. Why not try the upstream mariadb official docs for their repo? replaced-url
712[11:46:17] <arseru> Hi! Is keys.gnupg.net down? The following command is failing for me: apt-key adv --keyserver keys.gnupg.net --recv-key 'E19F5F87128899B192B1A2C2AD5F960A256A04AF'
713[11:46:39] *** Quits: H-var (H-var@replaced-ip) (Remote host closed the connection)
714[11:47:03] <imox> jelly: gpg: WARNING: unable to fetch URI replaced-url
765[11:57:14] <tmm88> if you have trouble installing mariadb install a proper version of ubuntu and you will get done within a fifth of the necessary time in debian
766[11:57:14] <jelly> it's the most fundamental command to verify dns resolution works. (you can check dns with ping, but it does more than just dns)
767[11:57:28] <jelly> imox, does your VPS have ipv6 connectivity at all?
768[11:57:40] <imox> no ipv4
769[11:58:34] <ratrace> well, if you use "hosts mariadb.org" it shows both ipv4, ipv6 and mx .... frankly, dunno why getent would be most fundamental, it returns only ipv6 for me as well
770[11:59:13] *** Quits: H-var (H-var@replaced-ip) (Remote host closed the connection)
771[11:59:14] <imox> ok
772[11:59:33] <ratrace> *host btw, not hosts (plural)
779[12:01:24] <ratrace> it shows ipv6 of that name. you can get AAAA results even if you do not have ipv6 connectivity; so are you sure you have ipv6 there?
781[12:01:38] <tmm88> ok, for hosting core services debian may be better then ubuntu, but for the sake of general linux usage, oriented for a user perspective ubuntu may be a way of a better option
782[12:01:39] <ratrace> can you ping -6 mariadb.org ?
783[12:01:52] <imox> no I don’t have it only ipv4
784[12:01:59] <ratrace> tmm88: no
785[12:02:09] <ratrace> imox: can you ping -4 mariadb.org ?
786[12:02:28] <jelly> tmm88, they're not asking for a mariadb install, they're asking for a specific version
787[12:02:37] <imox> yes the ping works
788[12:02:39] <Dagger> you want `getent ahosts`, not `getent hosts`
794[12:04:18] <imox> getent ahosts mariadb.org also works
795[12:05:28] <jelly> imox, does "telnet one-of-the-iptv4-address-results-from-getent-ahosts 443" work?
796[12:05:43] <tmm88> that's the kind of stuff that works way much better in ubuntu. of course, if you want to be a sysadmin you shall try to move slowly into debian and then later into arch, but for the sake of general godsake knows what, ubuntu is way much easier to use. of course that if you are trying to fix this from a user perspective ubuntu is better. but for a server perspective it's arch and debian period. so if you
797[12:05:46] <Dagger> (and `hosts` is a DNS client -- it doesn't test system name resolution, it parses resolv.conf for a DNS server and then queries it directly. so it'll test if you can reach the DNS server it picks, and it tests if that server is responding, but won't tell you very much about how other programs will behave)
798[12:05:47] <mamonetti> is there any way to know why an usb wifi interface is renamed from wlanXmon to renameX when switching to monitor mode? i'm using a rbpi and i'm forcing the wlanX name in the first place with a set of udev rules like this one: ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.2", NAME="wlan1"
799[12:05:49] <mamonetti> thx
800[12:05:49] <tmm88> are trying to install maria db on a server, cool. if you are trying to install maria db not on a server but in localhost for the sake of running the service in a server debian and arch please
801[12:06:17] <ratrace> so I'm gonna WAG it here .... the VPS has ipv6 address so the OS thinks it's okay to use ipv6, but the network isn't set up really, and it fails. programs won't re-try ipv4 if ipv6 fails on otherwise enabled ipv6 (with routing) system
802[12:06:19] <imox> jelly: yes telnet works
803[12:06:28] <mamonetti> i mean, it works fine if i don't enter monitor mode
804[12:06:45] <jelly> imox, well then apt ought to work as well, and not return Connection refused, so that's weird
805[12:06:52] <jelly> apt-key*
806[12:06:59] <ratrace> this can be verified by wgetting something, eg. that asc file, via ipv6 and ipv4 respectively. if ipv6 works, then this theory fails.
807[12:07:08] <jelly> imox, which IP did you try?
808[12:07:25] <imox> 178.63.77.61
809[12:08:29] <Dagger> ratrace: most programs, including apt-get, do retry. apt-get has an issue where it only reports the *last* connection failure though, which seems to constantly mislead people. I like `wget` for testing since it prints the list of DNS results, each connection attempt and a failure reason for each attempt
816[12:09:39] <imox> Connecting to mariadb.org (mariadb.org)|2a01:4f8:121:3039::2|:443... failed: No route to host.
817[12:09:43] <ratrace> Dagger: if IPV6 is locally set up, programs generally do not "fall back" to ipv4.
818[12:09:51] <ratrace> imox: now try tahat again with -4 instead of -6
819[12:10:02] *** Quits: dselect (~dselect@replaced-ip) (Quit: ouch... that hurt)
820[12:10:19] <ratrace> Dagger: it's a different matter if there's a list to try, like eg. apt would have with mirrors or something
821[12:10:30] <imox> with 4 it works ;)
822[12:10:35] <ratrace> well then.... theory confirmed
823[12:11:08] <Dagger> no, they do. getaddrinfo() returns a list of addresses for the hostname lookup and programs iterate over those. apt does that too
828[12:12:49] <ratrace> Dagger: but that's not true really? QED here, wget -6 fails, wget -4 doesnt? why doesn't apt retry via ipv4 then, if what you say is true?
829[12:12:55] <imox> so why I need a ipv6 connectivity?
830[12:13:20] <ratrace> imox: can you, say, wget -6 replaced-url
831[12:13:42] <imox> no i
832[12:13:48] <Dagger> ...because you gave it -6? that's the option that makes it only look up the v6 addresses, not the v4 ones
833[12:14:15] <ratrace> Dagger: no I'm talking about apt, not wget, why apt doesn't retry ipv4? wget here shows that -6 is unreaachable and -4 is reachable
834[12:14:22] <jelly> now we merely have to figure out what apt-key does
843[12:16:28] <jelly> ratrace, are you saying each app has to deduce whether to use ipv6 or ipv4 on its own? That seems silly
844[12:16:37] <ratrace> so again, if ipv6 is set up locally but doesn't really work (provider's firewall, broken routing ousside the VPS, etc...) .... ipv6 is set up as far as the OS is concerned, ie. has a routable ipv6
845[12:17:03] <ratrace> jelly: no, I'm saying apps generally do not consider ipv6 failures as "oh ipv6 failed, maybre retry via ipv4"
846[12:17:09] <Dagger> a pastebin of `ifconfig` might be useful to see if v6 is configured or not
847[12:17:11] <jelly> imox, pastebin the outputs of "ip a" and "ip -6 r", please
848[12:17:26] <ratrace> there's a list, yes, as Dagger suggested if there's multiple A/AAAA records, but there's no guarantee a prog will try ipv4 if ipv6 fails
849[12:17:30] <Dagger> [10:54:04] <imox> gpg: WARNING: unable to fetch URI replaced-url
850[12:17:59] <jelly> ratrace, if the resolver was irrelevant we wouldn't have /etc/gai.conf to configure it, I think
852[12:18:41] <ratrace> jelly: I meant irrelevant to this particular issue: "why the resolver tries ipv6 when there's no ipv6 connectivity"
853[12:18:41] <Dagger> ratrace: there's no guarantee, but the standard code for connecting a socket involves getaddrinfo() and looping over the results, which will try all addresses from all families
854[12:18:41] <jelly> well that's weird
855[12:20:16] <jelly> imox, it seems your machine had ipv6 configured at some point, and there's leftovers of that, but no ipv6 address assigned and no default v6 route
865[12:24:00] <imox> jelly: and what should I do now xD?
866[12:24:01] *** Quits: horner (~horner@replaced-ip) (Quit: My MacBook has gone to sleep. ZZZzzz…)
867[12:24:22] <jelly> imox, a stupid workaround might be to reboot the container with ipv6 disabled, _if_ it's possible to disable it for a single container
873[12:26:15] <Dagger> isn't the problem here a firewall? given the "connection refused" error
874[12:27:25] <jelly> Dagger, well, they tried telnet ipv6 443 and it worked
875[12:27:29] <jelly> sorry.
876[12:27:30] <Dagger> and we still don't know whether v4 or v6 is being tried first, because we haven't seen the output from `getent ahosts` or `wget` or anything that would show the connection order
877[12:27:34] <jelly> telnet ipv4 443 worked
878[12:28:01] <Dagger> that's true... so why is gpg reporting connection refused?
879[12:28:04] <imox> Dagger: no I turned off iptables for testing
975[13:02:16] <jim> if not, I would expect there to be a sponsor, who would test it
976[13:02:25] <jelly> [11:36:28] <jelly> FloridaMan, I kind of assumed you installed hplip from Debian's archives [11:36:39] <FloridaMan> no from the HP site [11:36:43] <jim> we don't think it's HP's doing though
978[13:02:55] <jelly> I read that as "no, from the HP site"
979[13:04:08] <jim> oh, by way of explanation, he tried to install from hp's site, things didn't work, so we suggested he install the debian packaged version, and now he got a mess
980[13:04:26] <imox> hmmm can I do it manualy ;) ? I need mariadb 10.4
1054[13:59:20] <ratrace> jack2019: it's possible. you just need a keyfile available to the initramfs scripts on boot, and that keyfile is specified in the crypttab. question is... what exactly you want to achieve? automatic unlock pretty much negates the reason for encryption
1058[14:00:18] <ratrace> such a setup is typically used when you have encrypted /boot (unlocked with a typed-in passphrase), and then the /boot directory contains the keyfile with which rootfs is unlocked, so you only have to type something in once
1059[14:00:23] <jack2019> ratrace: I do not want in any reboot to enter the luks password
1060[14:00:50] <ratrace> jack2019: then why encrypt at all
1061[14:02:05] *** Quits: akp55 (~akp55@replaced-ip) (Disconnected by services)
1063[14:02:09] <jack2019> ratrace: in case if i forget to wipe the broken disk
1064[14:02:11] *** akp55_ is now known as akp55__
1065[14:02:40] <ratrace> jack2019: if you forget to wipe the broken disk, and the keyfile is on that disk, clearly in plain sight through crypttab ... there's on point in that encryption
1066[14:02:48] <ratrace> *no
1067[14:03:57] <ratrace> you're DoingItWrong(tm). but if you insist on doing it wrong and want to delute yourself that you have data encryption with the key clearly available on the same drive .... you need the keyfile option in the crypttab. iirc the initramfs hooks parse that and copy the file into initramfs, so you'd put it, for example, somewhere under /etc/
1074[14:05:24] <ratrace> you could, however, make a setup with the key on _different_ device. but that device would also need to be available on boot, constantly. it's a bit better than having the key on the same device, but still not it.
1077[14:06:34] <ratrace> the trick for that is to use so called "keyscripts" that make this other device mountable and available for initramfs scripts on boot. whether debian has such keyscripts available or you have to write up your own, I don't know.
1083[14:08:43] <linuxmint> USB recognised on Mint. I wrote debian-10.7.0-amd64-netinst.iso to USB. Insert USB in machine1 and Boot doesn't see USB? USB light is on?
1084[14:08:45] <ratrace> jack2019: this looks like CloseEnough guide for what you want, assuming this approach (different devices), on a quick glance: replaced-url
1085[14:09:30] *** Quits: EmleyMoor (42b789682f@replaced-ip) (Remote host closed the connection)
1086[14:09:43] <ratrace> jack2019: the approach in that SO post does the "write up your own keyscript" approach
1087[14:09:51] <linuxmint> machine1 boots other OS.iso when seeing the USB.
1103[14:13:22] <ratrace> linuxmint: I don't know what that Mint application does. you can use cp or dd to write the ISO to the device (note, raw /dev device, not a partition on it). Please do verify checksum before you do so. it's not impossible for mirrors to corrupt downloaded data, I've had a few do that.
1104[14:13:42] <ratrace> jack2019: it can be an USB stick or any device really, as long as it's not the same one with the LUKS container you're unlocking.
1105[14:14:21] <ratrace> jack2019: make sure that you have BOTH a passphrase and a keyfile, so if you lose the keyfile, you can still unlock it with a passphrase. that's what that SO post does. a LUKS container can have multiple keys to unlock it with, yes.
1107[14:15:02] <ratrace> jack2019: also note that contents of a keyfile can be your passphrase. they're interchangeable for cryptsetup. for example, if you had only the passphrase, you could echo -n "that passsphrase" > some_file and then use that file for --key-file param
1108[14:15:17] <ratrace> (but it's best if they're not the same)
1109[14:15:17] <jack2019> retrace: thank you. yes, I think 8 slots exist for keys
1110[14:16:22] <linuxmint> ratrace: is there a checksum at replaced-url
1111[14:16:35] <ratrace> jack2019: I'm not retrace, but ratrace. you can use tab completion to specify someone's nick. eg. rat<tab> will autocomplete my nick
1112[14:17:27] <jack2019> ratrace: I am to old and I am not wearing me glasses,my apologies
1113[14:17:45] *** Quits: D4rk2020 (~darkangel@replaced-ip) (Remote host closed the connection)
1118[14:20:26] <ratrace> jack2019: no need to appologies, just suggesting more efficient approach. if you misspel a nick, that person might not get a highlight that you're talking to them
1120[14:21:08] <linuxmint> I rely on Chat notifications, pops up in my Panel if I'm on my Browser.
1121[14:21:58] <ratrace> linuxmint: yes every mirror should have them. I see it's jumping through hoops to get to one, terrible redesign of the debian front page that didn't include a quick link to csum verification.... and five minutes later I still can't find an easy way to reach them. *golfclap* to debian web designers. replaced-url
1128[14:24:28] <linuxmint> ratrace: thankyou. Just checking if I can write a DVD/CD image to USB and then the checksum command. I used MD5, but it must be redundant.
1129[14:25:05] <jack2019> linuxmint: do not trust only debian, try to match and from others, search for debian mirrors: replaced-url
1130[14:25:06] <ratrace> linuxmint: md5 is good enough, you don't need crypto strength. though my OCD wouldn't go below sha256
1131[14:25:30] <ratrace> linuxmint: jack2019's suggestion is sound, make sure your csum comes from a _different_ mirror, than the one you downloaded the iso from
1133[14:26:14] <ratrace> linuxmint: and you can simply run (as root) cp debian-10.7.0-amd64-netinst.iso /dev/sdX (where sdX is the actual USB disk). note: this will overwrite everything on the device, no questions asked, so be careful which one you specify.
1137[14:27:36] <linuxmint> ratrace: thanks. I think it's not as simple as copying a .iso to USB. Mint writes the .iso to USB, so the USB boots on the machine install.
1151[14:33:50] <ratrace> jack2019: it's the simplest solution. you can integrate with ssh (using dropbear) and use some kind of automation to help out (eg. ansible)
1152[14:34:17] <linuxmint> ratrace: would this be a full version iso or dvd? replaced-url
1153[14:34:21] <ratrace> jack2019: alternatively you can write keyfile scripts that fetch the key remotely from another server
1155[14:35:13] *** Quits: D4rk2020 (~darkangel@replaced-ip) (Remote host closed the connection)
1156[14:36:21] <ratrace> linuxmint: I'm not sure what that directory represents, but it's not the ISO file. if you want the DVD version, download the DVD-1 iso : replaced-url
1160[14:37:09] <ratrace> linuxmint: then again I'm not really sure what kind of software is there, but most likely it's all the software for the default (gnome) desktop installation and some basic/standard tools
1161[14:37:09] *** Quits: Haudegen (~quassel@replaced-ip) (Quit: Bin weg.)
1165[14:37:54] <Reventlov> I'm searching for some package that allows me to update some web service with my local ip (like no-ip, dyndns, things like that), but already packaged in debian buster
1166[14:38:51] <linuxmint> ratrace: thank you. I just need an iso, but the website was only offering full image on dvd. I'm used to iso, so unsure if dvd will work and I'm tight on my monthly downloads.
1167[14:39:01] <ratrace> Reventlov: well there's dyndns package
1169[14:39:39] <ratrace> linuxmint: it offers ..... the ISO ...... of the DVDs. there's also CDs, and the netinst. they're "hybrid", thus will boot off of an USB stick too
1172[14:40:29] <ratrace> linuxmint: frankly, you'll spend MORE network bandwidth if you downloaded the DVD, than using netinst for only the basic software you want. so I'm not sure what you gain here
1175[14:46:23] <linuxmint> ratrace: thanks, but I have to as no Internet on the other machine. I can scp files over, such as the goal to install a Wi-Fi NIC on the other machine. Maybe I'll use the net.iso. Just searching for a net.iso with checksum now.
1178[14:47:12] *** Quits: johny181 (uid482338@replaced-ip) (Quit: Connection closed for inactivity)
1179[14:47:13] <linuxmint> think I'll start a new habit of using sha512 for checksum.
1180[14:47:21] <ratrace> linuxmint: how do you intend to use ....... scp...... if there's no network? or do you mean that machine does have network, but LAN access only?
1181[14:47:38] *** Quits: uvolmer (~uvolmer@replaced-ip) (Remote host closed the connection)
1182[14:47:41] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
1183[14:47:41] <ratrace> also note scp is being deprecated so maybe form a habit with sftp or rsync
1184[14:47:51] <linuxmint> ratrace: yes, lan only.
1194[14:49:42] <ratrace> linuxmint: but if you have one machine with public internet access, it can become the WAN/LAN gateway for your other machines
1195[14:49:58] <linuxmint> hmmm, might work on rsync then. I hope it has auto login for passwords.
1196[14:50:21] <linuxmint> ratrace: I'm not sure how?
1197[14:50:26] <ratrace> linuxmint: it's not much more to type scp somefile remote:/somefile vs rsync somefile remote:/somefile . and there's nice rsync options to use
1198[14:51:00] <linuxmint> yes, rsync's great, just thought it wasn't secure. Can't remember if rsyn auto signs in to passwords too.
1199[14:51:25] <ratrace> linuxmint: google for "set up debian router". typically you can either bridge wlan and eth (which requires wifi driver support) or you do plain ol' NAT between networks
1200[14:51:27] <linuxmint> this is my whole conundrum...1st machine to make as a gateway. I'm not sure how to.
1201[14:51:41] <linuxmint> ratrace: great, thank you so much
1215[14:54:05] <rudi_s> linuxmint: Because it's super useful to copy files from host A to host B when you're on host C and the SSH keys are only on host C.
1216[14:54:17] <rudi_s> ratrace: Doesn't help if host A cannot access host B.
1217[14:54:22] <ratrace> well there's that, yea
1218[14:54:39] <rudi_s> "cannot access" can be "no route, "no ssh key", etc.
1223[14:56:43] <linuxmint> rudi_s: interesting. I'm not that advance though. If it's being deprecated, I'm make a new habit of rsync. Always liked rsync for checking if duplicates are already transferred.
1226[14:58:58] <linuxmint> rudi_s: so, really the only scp advantage is to avoid typing in a few passwords, if I understood the a, b, c example.
1227[14:59:13] <ratrace> it probably won't go away without advaned notice of at least months if not years, and a lot of mailinglist bikeshedding over that breaking someone's super-edge use case that they need once every few years :))
1235[15:02:43] <rudi_s> linuxmint: Yeah, rsync is a good habit. - Well in my case the replacement is rsync A:file . ; rsync file B: ; which is a lot more to type than just scp -3 A:file B:file
1274[15:32:57] <rudi_s> daysun: Took me while to find it: systemctl cat apt-daily-upgrade.timer says: OnCalendar=*-*-* 6:00 - so every day
1275[15:33:26] <daysun> I'm going through unit files without knowing much about systemd so hard for me to find out myself :P
1276[15:33:29] <daysun> thanks rudi_s!
1277[15:33:44] <daysun> so once a day it seems.
1278[15:34:15] <daysun> is it stupid to force a reboot after that?
1279[15:34:33] <daysun> that's a way easier way for me to make sure all services that I've made myself are restarted
1280[15:34:47] <daysun> and such.. or something.
1281[15:35:02] <daysun> is it ugly in general or beneficial?
1282[15:35:07] <rudi_s> daysun: np, most updates don't require a reboot, so forcing a reboot is often not necessary. But if you can live with the reboot it's the easiest way to make sure everything is restarted.
1283[15:35:31] <rudi_s> Not sure if you can configure this with unattended-upgrades though.
1284[15:35:48] <daysun> I'll just add another timer of some sort that does it :p
1285[15:36:17] <ratrace> daysun: I'd rather recommend you used something like apticron to get notifications of updates, so you can run tests, restart services and reboot when needed
1286[15:36:37] <ratrace> unattended-upgrades sounds cool on paper, but it half-asses in practice
1287[15:36:41] <rudi_s> daysun: The problem is only acting when an update was executed.
1288[15:36:59] <rudi_s> ratrace: Well, that only scales to a few machines. Once you have more you need some kind of automated setup.
1289[15:37:28] <ratrace> rudi_s: yes. not this way tho
1290[15:37:42] <daysun> in my case, I'm just a consultant not paid to check on the machine every day. So I rather have it update itself until it stops working. That, or getting paid.
1291[15:38:00] <ratrace> we have dozens of servers, but only a few classes thereof. we take apt notifications only from one server per class, and use ansible to upgrade all of them after tests and post-upgrade decisions are made
1292[15:38:20] <rudi_s> ratrace: Personally I don't use unattended-upgrades but I also have this automated. If the systems are not critical then automatic updates are fine IMO.
1294[15:39:14] <ratrace> services won't restart on library upgrades. systems won't reboot, and usually you need some kind of orchestration for reboot, eg. via failovers for critical services
1295[15:39:48] <ratrace> so you still have to do what you'd have to do if you only had notifications. but then the systems won't change automagically without oversight.
1296[15:40:35] <rudi_s> ratrace: I get your point. Still, if I have the choice of a few (not critically important) servers to either gets updates via unattended updates or not, the choice is simple.
1297[15:40:50] <rudi_s> Especially when maintaining them isn't your main job.
1298[15:41:29] <ratrace> sure. just be aware it does not do the upgrades completely in some cases.
1299[15:41:34] *** Quits: kakaka (~koniu@replaced-ip) (Remote host closed the connection)
1300[15:41:39] <rudi_s> (And there are few tools to check for services to restart after library updates, but they all seem to suck.)
1315[15:54:42] <epitamizor> is there a way to stop the tty's from popping up text messages? I'm getting link down/up text while editing files and i cant see anymore
1344[16:21:21] <dpkg> If you have a question, just ask! For example: "I have a problem with ___; I'm running Debian version ___. When I try to do ___ I get the following output ___. I expected it to do ___." Don't ask if you can ask, if anyone uses it, or pick one person to ask. We're all volunteers; make it easy for us to help you. If you don't get an answer try a few hours later or on replaced-url
1345[16:21:31] <Vatum> mandatory registration, is annoying
1384[17:11:43] <petn-randall> Hi, I'm looking for a tool to do remote desktop support, similar to "Teamviewer". Basically the user should be able to click something on their desktop for me to able to view their screen and control keyboard/mouse, until either of us removes the remote control.
1385[17:12:07] *** Quits: endstille (~endstille@replaced-ip) (Quit: I'll be back.)
1386[17:12:34] <towo`> petn-randall, anydesk?
1387[17:13:45] <petn-randall> towo`: Any FOSS alternatives?
1388[17:14:02] <Mister00X> petn-randall: x2go?
1389[17:14:05] <towo`> not that i know off
1390[17:14:09] <n4dir> i guess vnc doesn't do it? i seem to recall. I tried NoMachine quite a few years ago. Not much needs, but to me it looked ok
1397[17:16:10] <petn-randall> I'm just trying to come up with a way to give some less technical people remote Linux support without much hassle on their end.
1398[17:16:20] <towo`> n4dir, sure, siduction is allive
1399[17:16:28] <n4dir> towo`: ok, nice, thanks.
1400[17:17:03] <towo`> petn-randall, i'm using anydesk often, it's not foss but works great
1401[17:17:42] <n4dir> ha ha. I completely misunderstood "patience" when i searched for siduction the other day.
1549[19:29:31] <csgeek> hello, I'm looking for some helpful documentation that can help me create a simple package. I basically just need to copy a few files to a specific destination and define dependencies. Any suggested documentation or tooling ?
1550[19:29:48] <csgeek> source code is in git if that's a factor.
1581[19:40:49] <greycat> Which makes me think you are NOT installing a Debian package, nor a package built FOR Debian. You are probably installing a Ubuntu package, or one built for Ubuntu. Or some other non-Debian system.
1600[19:53:33] <BillyZane> how do i make it so i just use 1 package from testing?
1601[19:53:43] <greycat> you use a backport
1602[19:53:52] <greycat> either one that's built by someone else, or one built by you
1603[19:54:11] <n4dir> !ssd
1604[19:54:11] <dpkg> Solid-State Drives are basically nonvolatile RAM chips used for long term storage. There are at least 3 types: SATA (no problem), NVMe (no problem since Linux 3.3), and eMMC (not yet supported). See also <ssd limit>
1605[19:54:18] <n4dir> !ssb
1606[19:54:18] <dpkg> First, check for a backport on <debian-backports>. If unavailable: 1) Add a deb-src line for sid (not a deb line!); ask me about <deb-src sid> 2) enable debian-backports (see <bdo>) 3) apt update; apt install build-essential; apt build-dep packagename 4) apt -b source packagename 5) dpkg -i packagename-ver.deb To change compilation options, see <package recompile>; for versions newer than sid see <uupdate>.
1607[19:54:40] <BillyZane> greycat, i see. i'll look in to that
1608[19:54:43] <edlou> Does debian ship images with X running as root?
1609[19:54:43] <BillyZane> greycat, thank you
1610[19:54:54] <edlou> im asking because someone is telling me they do, and i thought it was a security flaw.
1643[20:11:40] <cakeme> greycat, I believe it was you that pointed me to the non-free image on the website. this helped me a ton with a machine I was troubled with!!
1644[20:11:47] <jhutchins> greycat: I see two entries, one for root and one for me.
1645[20:11:57] <jhutchins> Stretch
1646[20:12:09] <greycat> is that with a display manager running one of them and you running the other after logging in?
1662[20:22:04] *** Joins: Primer (~daniel@replaced-ip)
1663[20:22:36] <edlou> ratrace: greycat this is the person i was discussing it with -> Primer , since im a noob, i can't elaborate on what or why but maybe you guys can explain better as to why the action => result is happening for him
1664[20:22:38] <Primer> Hi, so my X runs as root, and I did nothing to make this happen. Can someone please tell me why my X is running as root, despite not having done anything explicitly to make this happen?
1674[20:24:54] <greycat> I don't know display managers very well but it's possible that lightdm, being "light", doesn't do all of the fancy things that one would expect, like running the X server as the new user.
1675[20:25:11] <edlou> so lightdm , wrapper will run as root but , startx will launch as user, simple or a lot more to it?
1676[20:25:27] <greycat> I don't know all of the possible combinations.
1681[20:26:11] <edlou> then i can even test that nvidia mumbo jumbo again
1682[20:26:12] <Mister00X> Primer: sddm doesnt seem to support rootless xorg
1683[20:26:44] <Primer> edlou: Ok, what you wrote earlier is now starting to make a lot more sense
1684[20:26:49] <Mister00X> according to #871309
1685[20:27:24] <greycat> judd still doesn't love us
1686[20:27:27] <edlou> Primer: as long as you dont think im crazy man haha, im still confused by 99% of what i learn because its too many layers deep for me to understand
1687[20:27:51] <Primer> Mister00X greycat: edlou and I were having a heated discussion about this in #nvidia, and it seems that the disconnect is he uses startx and is able to run X as a user, whereas I just let Debian use a DM and I get into X from there, and it runs as root because of this.
1688[20:28:08] <Primer> edlou: naw, all good. I'm glad you stuck with your guns. I learned something new. Thanks! :)
1692[20:28:54] <Primer> I have no qualms with switching my DM, for the sake of security. I mean, hell. TIL my X was running as root, and it didn't need to be!
1693[20:28:57] <n4dir> edlou: my solution was and is to remove as many layers as possible. One of them is the display-manager
1694[20:29:03] <edlou> Primer: you were right too, because you werent doing something explicit to run it as root so now i know what you meant
1695[20:29:12] <edlou> i _assumed_ everything would have launched Xorg as user
1711[20:32:31] <jadax> I'm debugging custom FPGA driver, is there a way to trace all calls made to PCIe bus?
1712[20:32:35] *** Quits: gonzo (~gonzo@replaced-ip) (Remote host closed the connection)
1713[20:32:45] <jadax> I'm talking about mem writes but also IO
1714[20:33:19] <edlou> Mister00X: if i made the switch to wayland would i have all the same functionality or big missing parts? im going to read wayland vs X tonight, im still a major noob, i just need something stable that works
1715[20:33:31] <Mister00X> Primer: And as you can see #871309 was set with severety wishlist
1716[20:33:34] <Primer> Mister00X: Well, given the history where X has run as root this long, I guess it's something that's been with us for a long time and is not something that can be changed overnight
1717[20:33:44] <jadax> I guess I would need to hook up gdb?
1718[20:33:45] <Mister00X> edlou: for me wayland is not ripe enough
1719[20:33:57] <Primer> Mister00X: I see it now that you've pointed it out.
1724[20:34:38] <Primer> I don't get that impression
1725[20:34:45] <Mister00X> edlou: that depends on the wayland support of DEs and programs too
1726[20:34:58] <greycat> jadax: this channel is mostly just a bunch of end users supporting each other. You're allowed to ask here assuming you're on Debian, but if you don't get an answer, you might want to try a more technical channel, maybe ##kernel?
1727[20:35:11] <jadax> thanks greycat
1728[20:35:22] <jadax> I'm on debian, yes
1729[20:35:36] * Mister00X still has issues when scaling the screen in kde
1736[20:36:10] <Primer> edlou: Given what I've learned today, I'm going to switch to gdm3 to make my X run as my user. Perhaps at that point I'd be able to replicate your issue
1737[20:36:13] <Mister00X> greycat: on sid it does
1755[20:39:46] <Primer> they're rather sensitive to the naming
1756[20:39:54] <Mister00X> Primer: Kool desktop environment
1757[20:39:57] <edlou> i remember the biggest fear of installing linux was the initial login terminal and "heres your linux machine" thinking, wait where is everything :( lol
1758[20:40:13] <edlou> KDE was like, here ya go little buddy! click away!!!
1759[20:40:25] <cakeme> I installed it and was like wow, so this is like a bad version of windows (note this was years ago)
1760[20:40:27] <mutante> typing startx and hoping your random editing of xf86config somehow made it work this time
1761[20:40:56] <cakeme> I say that as I use XFCE :D - I have no room to talk.
1762[20:41:26] <Mister00X> dpkg: start a DE war
1763[20:41:27] <dpkg> Xfce bites!
1764[20:42:14] *** Quits: JohnML (~john1@replaced-ip) (Remote host closed the connection)
1765[20:42:16] <cakeme> apologies - never my intention all in good linux love
1806[21:24:01] <Mister00X> hm interesting so ftp has no "real" successor
1807[21:24:38] <Mister00X> but a set of successors
1808[21:25:00] <Mister00X> TIL
1809[21:25:27] <jhutchins> jelly: There is ftp over tls, I'mm not sure if that's what the sftp implementation is. People use sftp to referr to both a specific protocol and any secure file transfer.
1812[21:25:51] <sney> ftp is an artifact of a simpler, more trusting internet. it makes sense that it wouldn't have a drop-in replacement, because the environment changed too
1813[21:26:21] <CommunistWolf> ftp is fine
1814[21:26:26] <sney> jhutchins: ftp over tls and sftp are not the same, despite naming similarities.
1815[21:26:41] <Mister00X> A more trusting internet sounds nice
1816[21:26:48] <zutat> CommunistWolf: mitm
1817[21:26:51] <sney> the 90s were a magical time
1818[21:27:11] *** Quits: Freneticks (~Frenetick@replaced-ip) (Remote host closed the connection)
1819[21:27:12] <CommunistWolf> zutat: I was talking about the encrypted version
1820[21:27:24] <EdePopede> sftp and ftps, i never could tell them apart. but i'm afraid everything will be https or google's Q-whatever with tons of JS.
1821[21:27:31] <CommunistWolf> it's just no fun to get into the misunderstandings around sftp, as we see
1822[21:27:40] <CommunistWolf> personally, I've stopped using http as much as possible
1823[21:27:51] <CommunistWolf> gemini covers some of its uses, the rest can just... fade away
1836[21:30:53] <robobox> also I use SeaMonkey and Fx ESR so :P
1837[21:30:58] <EdePopede> see what youtube is now. or how even google had to come up with amp. after poisoning everything with loads of js frameworks.
1838[21:31:02] <jhutchins> sney: That had been my impression, but I wasn't sure. People I dealt with at work were inconsistent in their terminology.
1839[21:31:48] <robobox> youtube should just use the native html5 video element that every browser has had for 10 years
1840[21:32:14] <robobox> don't even care about static image ad banners
1841[21:32:17] <sney> jhutchins: yeah, it's a common error to conflate them. in here particularly. I remember one user fighting for hours to set up vsftpd and then it turned out that they actually wanted to use sftp.
1842[21:32:43] <robobox> or text ads, just make sure its a "sponsored by
1843[21:32:45] <jhutchins> The last problem I worked on was transfer to a mainframe. The mainframe was a different team than I was working with (the time I was working with got the file after the mainframe reformatted it.)
1844[21:32:52] <robobox> thing and not ad networks
1845[21:33:11] <jhutchins> Everybody who set this particular process up and knew how it worked had retired.
1967[22:39:49] <oxek> which simple image editor do you use (and is available in debian repos)? Only need rotate, resize, crop, brighten, JPG & PNG support, and adding a black bar over some area (like text on a photo of a document).
1968[22:40:06] <robobox> gnome paint/gpaint?
1969[22:41:14] <oxek> robobox: gpaint is about to be removed from debian
1971[22:41:35] <oxek> it will likely not be in bullseye
1972[22:42:13] <robobox> oh that's sad
1973[22:43:10] <robobox> the gimp is far eaisier to use now in 2.8/2.10 so you could use that? stuff you do should be easy
1974[22:43:48] <oxek> gimp is far too complex. I can use it, but I can't recommend it for someone who only needs those simple features I listed.
1975[22:44:53] *** Joins: kini (~kini@replaced-ip)
1976[22:45:24] <robobox> krita, perhaps? or you could try running microsoft paint in wine (fairly simple program, so any version of it should work)
1977[22:45:27] <EdePopede> sounds like image magick or that other one
1978[22:46:16] <robobox> kde and gnome have WAY too many programs in their bundle anyway
1979[22:46:37] <robobox> like the web browsers, what's the point if i'm using firefox/chromium anyways
1980[22:46:40] <oxek> krita looks like something to create pictures, whereas I only need simple editing of existing pictures (photos) like documents
1981[22:46:57] <robobox> yeah my knowlege is limited :P
1982[22:47:09] <oxek> oh wow, krita is massive
1983[22:48:00] <robobox> maybe i'll write to microsoft to release paint's source under MIT lisense and port it to Qt/GTK
1984[22:48:41] <oxek> I can't really see using MSpaint in wine as 'the debian way of doing things'. Plus paint doesn't have ability to increase image brightness.
1985[22:48:50] <oxek> (last I checked, it was a while ago though)
2009[22:54:53] <n4dir> oxek: flameshot was what he found as a replacement for his needs (thanks to bash history completion ...)
2010[22:55:17] <oxek> I really need something simple. A typical workflow is that someone sends me a photo of a document, I need to rotate it, crop it to show only the document and not the desk it is on, brighten the image because it is too dark, and apply black bar over some text in that document, export as JPG and email it somewhere or print it
2011[22:55:53] <n4dir> then perhaps fotoxx as described in ubuntuusers.de/wiki
2012[22:56:10] <oxek> I'm slowly going through that list, thanks
2013[22:56:27] <n4dir> k, enough of a subject i have no clue. good luck !
2030[23:11:38] *** Parts: Primer (~daniel@replaced-ip) ("Leaving")
2031[23:12:22] <mutante> oxek: sorry, this is not really Linux, but when i read your description of what you want, this came to mind right away: replaced-url
2032[23:13:06] <mutante> used that a lot because.. runs on the camera and don't want a separate flatbed scanner if not needed
2035[23:17:51] <oxek> mutante: I think I used something like that on my phone at some point. Haven't really used my phone at all for a whole year now though because lockdown...
2047[23:23:16] <GenTooMan> greets how can I find the status of a package, for example if a package has a new version and it's in testing, I would like to know why it's in testing and what might be blocking it from migrating to back-ports.
2050[23:24:17] <ctcx> Aside the risk of losing files and general data corruption, am I in danger if I suffered a power outage on my command line Debian rig, while logged as root?
2051[23:24:39] <greycat> Oh, you don't mean the status of YOUR system, you mean metadata about Debian itself. You can get that from replaced-url
2052[23:25:14] <ctcx> I was just checking some files only readable for root, then power outage...
2053[23:26:21] <greycat> just being logged into a shell doesn't do anything harmful
2054[23:27:07] <greycat> opening a file for reading (e.g. less /something) doesn't hurt either -- the worst you can do is corrupt your $HOME/.lesshst which you can always just delete.
2055[23:27:34] <ctcx> Even as root user?
2056[23:27:37] <greycat> now, if it's opened for *writing*, that's a different story
2057[23:27:46] <greycat> doesn't matter what user you are
2058[23:27:55] <ctcx> ....ok
2059[23:28:07] <ctcx> But no, I was not actually even working on any file.
2060[23:28:15] <greycat> try to avoid crashing while you have files opened and partially edited in a text editor
2064[23:29:43] <oxek> and of course try to get a UPS, run on a proper filesystem like ZFS/btrfs, use good hardware, use ECC RAM, have backups, ...
2065[23:30:09] <ctcx> In another thing, is the command dmidecode totally safe for using? I already read it just displays info from BIOS, but I have always been a bit uneasy regarding sudo-only commands...