59[00:57:24] <PMT> Maybe try to explain the exact problem you're trying to solve?
60[00:58:12] <mirak> I don't get why only the loader in /boot/efi/EFI/debian is run. I am trying to do multiboot on linux as I was doing it in bios where I had a dedicated partition with only grub, with a miniam grub.cfg that loaded core.img from other multiboot linuxes installations
61[00:58:31] <mirak> PMT, mainly multibooting different versions with efi
63[00:59:59] <mirak> The issue is that no mater what BootCurrent I set with "efibootmgr" or choose in the efi startup, it's always the file /boot/efi/EFI/debian/grub.cfg that is run
64[01:00:36] <mirak> even If I have say a /boot/efi/EFI/debian-2/grub.cfg , then I endup in /boot/efi/EFI/debian/grub.cfg
80[01:13:35] <mirak> PMT, I think the issue is that they hardcoded /boot/efi/EFI/ubuntu/grub.cfg inside shimx64.efi that was signed by microsoft for secureboot shit
104[01:28:04] <cybrNaut> I mounted the bullseye ISO and then ran "apt-cdrom -m -d=/media/debian_install_bd add", which added this to sources.list: "deb cdrom:[Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 BD Binary-1 20210415-20:26]/ bullseye main"
105[01:28:30] <cybrNaut> does that seem right? It's missing the mountpoint (/media/debian_install_bd)
108[01:29:21] <cybrNaut> so when I do "apt update", I get: "Please use apt-cdrom to make this CD-ROM recognized by APT. apt-get update cannot be used to add new CD-ROMs ... E: The repository 'cdrom://[Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 BD Binary-1 20210415-20:26] bullseye Release' does not have a Release file."
109[01:29:52] <cybrNaut> the advice it gives is advice i already followed
116[01:32:03] <cybrNaut> well i'm not sure how it gets from that long descriptive text to the actual mount point, but something is wrong because it can't find the Release file
140[01:42:08] <cybrNaut> i will. i just did "apt show linux-image-amd64", and the output shows "APT-Sources: cdrom://[Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 BD Binary-1 20210415-20:26] bullseye/main amd64 Packages"
145[01:43:24] <cybrNaut> it says "Media change: please insert the disc labeled 'Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 BD Binary-1 20210415-20:26' in the drive '/media/cdrom/' and press [Enter]
146[01:43:56] <cybrNaut> so it apparently ignored the mount point I made and assumed /media/cdrom/
147[01:44:35] <cybrNaut> i do not want to hijack /media/cdrom/ -- that's for removable media.
148[01:45:04] <cybrNaut> and as I understand the docs i've read, it shouldn't be asking me to insert a Cd
162[01:54:12] <cybrNaut> i've downloaded the whole blu-ray so now I want to use it. My network config is quite complex and things have to be done in a certain order
191[02:46:24] *** Quits: Numero-6 (~Numero-6@replaced-ip) (Quit: << - Qui etes vous ? - Je suis le nouveau numero 2 - Qui est le numero 1 ? - Vous etes le numero 6 - Je ne suis pas un numero ! Je suis un homme libre!! >>)
192[02:47:24] *** Quits: mortderire (~mortderir@replaced-ip) (Remote host closed the connection)
227[03:38:03] <urk> Just wondering if anyone has experience adjusting the color temperature in a Dell XPS 15 7590? My screen is bluish white instead of true white so I would like to lower the color temperature. Online, I found a tool called sct which seems to allow you to adjust the color temperature, and I am wondering if this tool also tells you what your existing color temperature is so that I get a comparison.
228[03:38:35] <urk> sct is in the repos, and I have installed it, but wanted to find out other people's experiences before trying it out.
233[03:42:02] <cybrNaut> i suspect the bug i hit may be 10 years old. someone noticed that /etc/apt/apt.conf was never updated to have 'Acquire::cdrom::mount "/media/apt/";' replaced-url
234[03:43:15] *** Quits: Filohuhum_ (~filohuhum@replaced-ip) (Remote host closed the connection)
240[03:48:06] <cybrNaut> fuck me. the april 14 RC1 release is expired and even after hacking on shit to make it progress further, "apt update" falls over with => E: Release file for file:/media/debian_install_bd/dists/bullseye/Release is expired (invalid since 29d 11h 35min 26s). Updates for this repository will not be applied.
241[03:49:14] <sney> use Acquire::check_valid_until=no in your sources.list or apt commands
247[03:54:41] <cybrNaut> or is it supposed to be an option for an existing deb line?
248[03:55:16] <sney> an option, yeah, in [] between deb and the url. snapshot.debian.org relies on it to work, so they have instructions on the main page
250[03:56:53] <urk> well, I just ran sct and lowered the temperature a bit, and also turned up brightness. Seems to be better already. 6500k is just too bright, and bothers my eyes. I never had a problem when running an older LG LED desktop screen, but LG doesn't make the desktop screens as good as it used to.
262[04:11:09] <urk> somiaj: I do have a hardware brightness tool. Brightness isn't the problem. Its the color temperature that I objected to. I looked up tools online, and found sct. It is in the repos, and extremely easy to use. All you have to do is type sct and the temperature you want, and it is instantly changed. However, having a tool that tells you your current color temperature would be nice as well. If a value isn't entered after sct then it default to
263[04:11:09] <urk> 6500k.
264[04:11:21] <ryouma> i get asked a password twice for the root fs. this seems strange to me and i wasn't asked twice before. some arch resource says that grub doesn't hand off the unlocking to initramfs (in their os at least) and so you have to change the latter to be asked only once. as it didn't occur to me before, idk if this is the same issue. i am not concerned about being asked twice, but i'd be interested in knowing why, just
265[04:11:21] <ryouma> in case it indicates some problem. i have a key set up.
267[04:14:32] <somiaj> urk: does the monintor not have color settings too, this of course varies on the monintor. Eitherway sounds like you found a solution.
268[04:14:49] <urk> somiaj: I'm on a laptop.
269[04:15:01] <urk> somiaj: I'm running a Dell XPS 15 7590
270[04:15:08] <somiaj> ryouma: are you using an encrypted /boot?
271[04:15:23] <ryouma> somiaj: /boot is plaintext; / is luks
272[04:15:34] <urk> Dell has been highly responsive to questions and features about concerns so I am likely to buy another one when the time comes for upgrading.
273[04:15:45] <somiaj> ryouma: hmm, unsure what is going on then, since grub shouldn't need to get into LUKES at all and only the initramfs should be asking.
274[04:15:46] <ryouma> (i have not looked into the whole encrypted boot thing and don't understand what would make it possible)
275[04:16:51] <somiaj> ryouma: grub has the ability to read encrypted partitions, and that is all that is needed to make it work. The issue you found online sounds like someone was using encrypted boot because they talk about grub needing to pass the passphrase to the initramfs.
276[04:16:56] <somiaj> hence why I asked
277[04:17:11] <ryouma> ok
278[04:18:09] <somiaj> ryouma: to me you have some issue with your initramfs which is asking for your password twice. Did you chagne anything before you notice this change?
279[04:18:45] <somiaj> weren't you making a copy of your file system to a new disk?
280[04:19:10] <ryouma> this issue started a year or more ago
281[04:19:27] <ryouma> i think it started when i moved to a new computer
282[04:19:31] <ryouma> (not a reinstall)
283[04:19:49] <somiaj> sounds like you may have some duplication in the initramfs, and probably need to start looking there.
285[04:20:22] <somiaj> it maybe the duplication occured when copying/moving over to the new computer
286[04:21:25] <ryouma> when i move a boot and root fs, i do a chroot and update-initramfs -t -u -k all and grub stuff. idk if those are the right options for initramfs.
287[04:22:09] <ryouma> does the non-initramfs kernel try to unlock the root fs at all?
288[04:22:47] <somiaj> what do you mean by non-initramfs kernel?
295[04:27:14] <ryouma> i mean, idk what occurs in the boot process precisely. i was referring to the kernel as we know it when debian is no longer running the initramfs.
296[04:27:33] <somiaj> the kernel doesn't change
297[04:27:49] <somiaj> all initramfs does is provide a filesystem the kernel can have access to before it mounts /
298[04:27:59] <ryouma> but it changes from the initramfs fs to the main root fs or so right?
299[04:28:43] <somiaj> Well it mounts the rootfs, and since there are so many different filesystems/raids/lvm/encryption setups, initramfs provides the modules and tools needed to mount rootfs basically (it can do other things)
300[04:29:18] <somiaj> this way all you have to do is compile into the kernel is the ability to read initramfs, you don't have to compile all the different filesystems, etc into the kernel and can use them as modules
301[04:29:43] <somiaj> I use to not use an initramfs at all back when I built my own kernels, but I had to compile both the sata/ide and ext? modules into the kernel so the computer could access my rootfs
302[04:30:05] <ryouma> after the initramfs is not being used, presumably it would make no sense to unlock root again right? if so then your hypothesis is the most likely i presume.
303[04:30:30] <ryouma> ok
304[04:30:32] <somiaj> no
305[04:30:50] <somiaj> because it is already mounted and unlocked, it would be impossible otherwise
307[04:31:13] *** Quits: theCorvus (~quassel@replaced-ip) (Remote host closed the connection)
308[04:31:18] <somiaj> it is somewhere in the initramfs somewhere that is duplicating this I belive
309[04:31:28] <ryouma> ok
310[04:31:59] <somiaj> do you happen to have two different lukes that just use the same password?
311[04:32:14] <ryouma> just one more question then. there is a program called cryptdisks or something like that that reads crypttab, so it can unlock various partitions. root is in there. when is that line used?
314[04:34:43] <ryouma> i have a randomly generated binary key for each partition, stored in a file on root. each can be unlocked with a password, but i guess the only one that needs unlocking with a password is root, in initramfs.
315[04:34:56] <ryouma> should one have a different password for each partition?
316[04:34:58] <somiaj> in the initramfs
317[04:36:10] <ryouma> (oh right there aws some file called cryptdisks or something that has the root partition uuid in it or so. but i was referring to whatever reads crypttab and that can only occur after root is unlocked.)
318[04:37:57] <ryouma> s/some file/some file in the initramfs/
319[04:38:40] <ryouma> ok so initramfs has some program that reads crypttab. is the root line used for much then (as it is already unlocked)
321[04:39:53] <somiaj> I'm unsure of the minute details, but basically the initrams needs all tools/drives/modules to read the disk, unlock the encrypted data, read the lvm under it, and then mount the filesystem at /, once / is mounted it is usually safe to no longer need initramfs
322[04:40:23] <somiaj> but I don't know where in this process (usually it is fairly early) that it tries to unlock your encyprted keys via a password.
323[04:40:42] <somiaj> I would start by looking in /etc/ in the initramfs configuration, in the lukes configuration, and see if you just happen to have something duplicated
324[04:40:57] <somiaj> I don't use encryption or lvm, so outside of theory, don't know much about this
325[04:41:09] <somiaj> (I don't like to many layers between me and my data)
326[04:42:32] <ryouma> thanks. agreed about layers. i do not use lvm precisely for that reason.
330[04:46:28] <ryouma> huh i have practically nothing in /etc/{cryptsetup-initramfs,initramfs-tools}. just config files commented out and the resume file.
331[04:48:46] <ryouma> there is /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock which i will look at
332[04:49:43] <ryouma> oh, another thing is, the second password prompt is obscured by other output that is apparently async.
333[04:52:44] <foul_owl> Does Debian officially support arm64 + rpi or is experimental? I would prefer to stick with Debian if possible
335[04:53:22] <somiaj> arm64 is an offical debian port, and is supported.
336[04:53:52] <somiaj> Though due to pi's, non-free firmware to make work, specific hardware can sometimes require tweaks and here is where my knowledge is fairly low
337[04:53:58] <sney> there are prebuilt rpi images (debian only officially distributes installers) on raspi.debian.net as well, and may work out of the box on your devices
339[04:55:27] <somiaj> And unsure if it is possible to run the pi without some non-free firmware, and anything not in main is not offically supported (though doens't mean debian dosen't try to ensure it meets debian quality standards)
343[04:57:32] <sney> but if anything was going to eventually get reverse-engineered and not need those firmware files, it'd probably be some series of rpi, because they're everywhere and hacking is encouraged
365[05:27:02] <somiaj> is your system heating up (chrome can take a lot of cpu ussage) and hardware will restart if it gets too hot?
366[05:27:33] <somiaj> Bad memeory can also cause such a thing (though usually more a hard freeze than a reboot, usually when my machine would reboot underload, it was overheating. Blowing out dust, better airflow helps)
367[05:28:01] *** debhelper sets mode: +l 921
368[05:30:48] <warsoul> is super cold in the room
369[05:30:56] <warsoul> and i have really good cooling in pc
373[05:34:38] <ryouma> in my experience electric power can stop momentarily and cause a reboot. which hypothesis can be more or less falsified by other devices acting normally.
374[05:34:55] <ryouma> or by a ups
375[05:37:38] *** Quits: dvs (~hibbard@replaced-ip) (Remote host closed the connection)
408[07:04:24] <willow> is there a bullseye install image that works with efi?
409[07:05:40] <somiaj> they all do
410[07:06:41] <willow> i try the netinst iso and am getting "no compatible bootloader found" in vmware with firmware type set to uefi and secure boot not enabled
411[07:07:26] <somiaj> the netinstall image is hybrid and will boot either efi or legacy, either work. Unsure what vmware is doing, so can't directly help with vmware
412[07:08:41] <willow> ok. yes i thought it was hybrid. i've created debian live images before that were hybrid
476[08:39:59] <terr> Somiaj, I picked up the HP PROBOOK 4530s. Tech was GOOD. I've got W7 pro, W10 pro, and an empty partition for Debian. Sizes: W10 97.5GB, W7 99.9GB, LINUX 99.9GB (currently empty) also System Reserved 49.9GB (what is this for)
489[09:08:14] *** Quits: sinaowolabi (~Sina@replaced-ip) (Remote host closed the connection)
490[09:09:48] <foul_owl> somiaj: sney: thank you!
491[09:10:08] <somiaj> terr: ##windows might be more appropriate, but it seems modern windows and some OEM version put a backup copy on the drive or recovery mode. Exactly what it is can vary and out of the scope of #debian
492[09:11:00] <somiaj> Rodon: maybe some connection issue with that paticular secuirty mirror, I'd just try again.
503[09:17:45] <foul_owl> Having a strange issue with lxc. I have it installed on a 32 bit arm debian 9 system, and I get normal output like "Destroyed container foo"
504[09:18:05] <foul_owl> On a recent install of a 64 bit arm system with Debian 10, I get output like this
509[09:18:54] <foul_owl> I'm just wondering if some regression happened with the build of the lxc package from Debian 9 to 10
510[09:19:03] <somiaj> there is #debian-lxc on irc.oftc.net, but it appears to be more about lxc packaging than support for it.
511[09:19:20] <somiaj> foul_owl: you could check the bugs if you think this is a bug vs a configuration issue
512[09:19:30] <somiaj> known issues should be all recorded and public in the bts
513[09:19:37] <foul_owl> Thank you! I will look
514[09:20:42] <somiaj> I'm not getting any hits on that error in google
515[09:21:01] <somiaj> what are you doing to get this message? you aren't running lxc-destory?
516[09:21:29] <foul_owl> It's not even an error, it's just weird seeing the output formatting change from a "sane output" ie "Container destroyed" to an output that references it's own source code
525[09:23:58] <foul_owl> That package hasn't been flagged for anything on arm64 has it? That's all I was wondering
526[09:24:02] <somiaj> foul_owl: maybe #debian-lxc could answer if there was a change or OFTC, though be paitent with that channel
527[09:24:10] <foul_owl> Understood, thank you!
528[09:24:25] <somiaj> It might just have been an upstream change, unknown, but I'm getting not hits or bug reports about it in the debian package in my quick search
554[09:49:26] <somiaj> yea can depend on what you are looking at, first machines report GB as powers of 1000, but it should really be powers of 1024, (different uints)
555[09:49:30] <terr> I will check this out when I get Debian installed.
556[09:50:03] <somiaj> so you often see less due to the fact that compute byites using powers of 1024 for kilo,mega,giga,tera, do not match manufactures who do this in powers of 1000
559[09:50:47] <somiaj> second, due to reserved space, overhead of file systems and the likes you end up taking up some space for that. ext4 will use 5% reserved by default, so there are various reasons why the size you see is not the stated value on the hardware
569[09:53:22] <EdePopede> i started switching to 1% btw with these insanely big disks of today. never had anny issues. for a 1TB partition that's 40GB what i save, half of the size of my sysdisk :D
570[09:54:02] <somiaj> It really depends, if your disk starts to get full, that 5% can really help it keep from getting fraggmented
571[09:54:09] <somiaj> if your disk never gets that full, it won't matter much anyways
575[09:55:18] <somiaj> but part of why ext? file systems don't get fraggemented is having those reserved blocks, this also helps you if you ever fill up your filesystem on accident.
576[09:55:40] <somiaj> (also might depend on if you read/write lots of data to the disk or use it mostly as a unchanging collection of data)
598[10:10:11] <terr> HP says the PROBOOK 4530s has 4x USB 2.0. This one has 3x USB 2.0 + 1x USB 3.0... they must have done a special mod for one of their big clients. Any other ideas?
602[10:12:32] <somiaj> of course we can't support windows here, but most windows installs from manufactures don't use all the space, they have a backup/recovery partiton, which is probably why the my computer only sees the avialble space and not the full drive size.
606[10:17:27] <terr> Oh. Well I don't care about windows. I switched to Debian before 1998 and never looked back. Machine died and I was too swamped to deal with it so I picked up a couple $50 machines for email. Now I am getting back into hard core stuff
607[10:18:57] <somiaj> you keep saying that, but you keep giving us info about windows, "I just clicked on computer" that is windows.
608[10:20:15] <terr> Because I picked up the computer this afternoon and haven't installed anything in it. I just turned it on. I had to ask for help to turn it off
609[10:20:41] <f00> why not format it?
610[10:20:54] <f00> get rid of the any preinstalled bloatware
613[10:21:23] <somiaj> That's fine, but recall in order to understand why a windows install is only showing 350gb when it the hardware reporst 500gb, you need to understand what windows is doing, or get a tool that looks at the actual drive and not just one partiion.
614[10:22:06] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
615[10:22:16] <terr> F00, because I likely will need it.
617[10:23:30] <terr> Somiaj, no. The bill and the sticker say 500GB. I think the bill and sticker are wrong.
618[10:23:34] <f00> in that case use this: replaced-url
619[10:23:46] <somiaj> terr: they are not
620[10:23:59] <terr> No. Partitions are just fine.
621[10:24:07] <f00> 50GB recovery isnt fine
622[10:24:21] <f00> all it needs is a 500MB
623[10:24:57] <somiaj> terr: but until you say get a disk manager and look at the full disk (not the C: partition) you can't see what the manufacture chose to do
624[10:25:02] <terr> Well It doesn't matter because I have lots of space for Linux and external 1TB spare drives
628[10:26:04] <terr> I just need to know where is kaka is
629[10:26:25] <f00> what's the actual problem?
630[10:27:32] <terr> F00. There is no problem. I'm just figuring out what this machine has installed. So far it looks great
631[10:28:16] <f00> if it's new, do yourself a f avor and format it and start fresh
632[10:28:21] <EdePopede> terr: first thing i do is not to boot into the preinstalled windows, but into the bios. after reading the brochure. and check what options i have during boot. and the first OS boot ideally is a live system and not the preinstalled one ;)
633[10:29:00] <EdePopede> using linux for such things already is better because it doesn't cheat at you.
742[10:31:44] <terr> I think first thing is prepare an external USB boot drive and don't even touch the internal drive. I need this to install Debian anyways
743[10:32:07] <EdePopede> f00: depends on the manufacturer/seller really. when i bought this one i had them install my old XP and also SP3 which i didn't have yet for a few extra bucks. wanted to make me a C: of 150GB. when i said 50 is more than enough he looked at me as if i would have told him i want DOS5 installed. MCSE of course, just knew what he had learned in his courses.
744[10:32:08] <f00> sorry, but first thing you need to do is get rid of bloatware
755[10:34:17] <EdePopede> it *may* be a good idea to be able to return to the initial state, depending on the state of the system now a full backup may be the way or shrinking the bloatware as much as possible if it's affordable. unless there's a reset ISO on a backup partition (the original XP PC came with such a thing).
772[10:37:03] <EdePopede> f00: after using linux for some time i started implementing at least some of the directory structure on my DOS/WIN PC. kind of. C:\BIN in the path, start scripts for bigger programs, even got some order in WIN. i still don't understand why they produced such a horrible mess.
889[12:56:40] <mirak> that's what I did easily with grub bios
890[12:56:48] <niak> it's suppose add the entry to load the grub.efi file
891[12:56:58] <niak> then you edit /boot/grub/grub.cfg
892[12:57:16] <niak> most of the time the automated way is using grub-mkconfig -o /boot/grub/grub.cfg
893[12:57:29] <mirak> when you are in /boot/grub/grub.cfg you are already in an installed OS
894[12:58:01] *** debhelper sets mode: +l 936
895[12:58:10] <niak> I am really not understanding your question
896[12:58:41] <mirak> what I did with grub bios, was having a dedicated partition with a grub, and then I chainloaded grubs in /os1/boot/grub/core.img /os2/boot/grub/core.img
897[12:59:19] <mirak> that way if default OS is trashed for some reason, I could still boot others
899[12:59:53] <niak> usually the boot partition rest on its own partition anyway
900[13:00:10] <mirak> what you suggest is having a master grub that can run kernel of other OS, but I want a master grub that can run other grubs of other OS
901[13:00:29] <niak> you only should need one version of grub
902[13:00:35] <niak> You're over complicating it.
903[13:00:40] <mirak> no I do not
904[13:00:45] <mirak> it makes things safer
905[13:00:57] <mirak> it makes the OS independents
906[13:01:02] <niak> grub lives on its own partition and usually doesn't get trashed
921[13:05:10] <mirak> I didn't think it would be necessary, since uefi is supposed to offer you to choose what os to boot, but I fail to do it beside windows and linux, it seems the different linux os installed always default to the same one
961[13:50:35] *** Joins: Paulo (~Paulo@replaced-ip)
962[13:50:47] <Paulo> Hi everyone. I am new to Ledger. I am running Ledger on Debian. I am trying to use the report command but I don´t know how to install the scrip. Can someone guide me?
963[13:50:56] <Paulo> I am getting -bash: report: command not found
964[13:51:03] <Paulo> Ledger documentation says to ¨install the ´report´ anywhere along your PATH¨ which I don´t know how to do
968[13:54:42] <Paulo> niak, I have looked at the Ledger documentation which says that I need to ¨install the ´report´ anywhere along your PATH¨
969[13:54:51] <Aebian> what could be the reason that apt complains like this: libc-dev-bin : Depends: libc6 (< 2.29) but 2.31-12 is to be installed (I'm on buster, stable release). Already tried apt clean. Should I just use the version flag to install a lower version?
971[13:55:11] <niak> it's talking about the .dat file
972[13:55:16] <niak> i believe
973[13:55:22] <niak> report isn't a ledger command
974[13:56:09] <Paulo> ¨ The script to do this is included in the ledger distribution, and is named contrib/report. Install report anywhere along your PATH, and then use report instead of ledger when doing a register report.¨
985[14:00:47] <Paulo> niak, sorry I think I am missing something. I have not put the script anywhere because I don´t where to look for it in my system. I am assuming it should be somewhere because I have installed ledger
1042[15:11:27] <neo4> And I will end with a quote from Morpheus: “What is reality? How do you determine this? The whole spectrum of sensations: visual, tactile, olfactory - these are receptor signals, electrical impulses perceived by the brain. "
1043[15:11:50] <neo4> so we are the artificial beings and unreal :)
1064[15:20:01] <Deknos> hey, i have serious problems with my firefox 78.10 on debian stable... i often do not reach youtube and get timeouts. any idea? a keyword for google would be also okay, i have no idea what's this problem
1069[15:24:42] <Deknos> funnily, when i loaded youtube and open youtube with a new tab, i ALSO get timeouts. but in a VM with kubuntu for example i do not have this problem
1070[15:25:04] <Deknos> firefox ist from buster security
1102[16:04:55] <Angs> Is there any reason why Debian mirror sites don't use https? as an example, would it cause any issue if it was using https for replaced-url
1103[16:06:41] <PMT> I believe you want to have apt-transport-https to do that.
1105[16:07:07] <PMT> Oh, my knowledge is old, that's a dummy package now, and you can just do it. :)
1106[16:09:18] <Angs> I would like to fetch some files from the repo without using apt (writing my own code). I was wondering what would be the best practice in terms of security to fetch content from a Debian mirror site. Both http and ftp are insecure and not encrypted. Is there a better way to do it?
1107[16:10:05] <PMT> Why would https not be a reasonable choice?
1110[16:11:04] <Angs> when I look at the options on replaced-url
1111[16:11:48] <Angs> I looked at Arc, their repos are the same (without "s"). There is probably a good reason, but I couldn't understand it. Does anyone know why?
1113[16:15:48] <somiaj> Angs: partly historical, partly apt already has checksums and secuirty methods in it, party you won't gain much using https, partly due to the amount of debian mirrors, and being shared by volunteers, many of them haven't upgraded to https.
1116[16:16:25] <somiaj> The biggest argument I hear for https is privacy, people can't see what packages you download, but anyone could just look at the size of the files you downloaded and figure out what packages they were
1142[16:37:36] <Angs> what would be the security issue if one uses unencrypted repo? Intuitively, I'd go for an encrypted version rather than a plain-text version, but I am not able to think what can go wrong to use a source without the encryption? Would data integrity be the only concern?
1143[16:37:42] <SubOptimal> Angs: For an HTTPS mirror you could try as described at replaced-url
1144[16:39:23] *** Joins: eri (~erica@replaced-ip)
1146[16:39:54] <Mazhive> hi guys i wander if some one can guide me to get bridge working on virtmanager i cant get virt manager to show the bridge in the network details of virt manager there fore it does not work i am having this issue a long time , cause i dont bother fixing it because i end up not using it but at sometime it worke all just worked. what i have done , used nm-editor settings to get a bridge0 to work i have a 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 , so it may
1147[16:39:54] <Mazhive> be a debian 10 issue or a virtmanager issue i dont know for sure.
1148[16:40:14] <Angs> Great thanks.
1149[16:40:28] <zmotaj> Angs: data integrity isn't really a problem, because apt already uses checksums etc
1150[16:40:36] <zmotaj> it's mostly a privacy thing
1175[17:17:44] <jelly> f00, there's no need to spam freenode/libera issues everywhere, even if it seems current staff is not following their own policies
1248[18:06:02] <mirak> I wanted to know if the path of /boot/efi/EFI/debian/grub.cfg is hardcoded in /boot/efi/EFI/debian/grubx64.efi , like it is in Ubuntu
1249[18:06:58] <unixbsd> your EFI shall be on active part... and type ef
1250[18:07:16] <unixbsd> vfat. you need EFI/BOOT or alike to run
1251[18:07:41] <mirak> ?
1252[18:07:57] <mirak> I know that
1253[18:08:03] <unixbsd> tigryss: eDP-1 only
1254[18:08:09] <mirak> I want to multiboot, but have some problems
1255[18:08:12] <unixbsd> is your other monitor plugged? seems not seen
1256[18:08:51] <unixbsd> mirak: I made a new multiboot, study my source code, how that works: replaced-url
1387[19:31:55] <hramrach> those libraries are not meant to be installed on the system, ever. Only downloaded at random from the internet without any verification whatsoever
1438[20:20:12] <Abarrat> Hi, if a root user did chroot /mnt for whatever reason, as root, how can they get out of it. ischroot is showing "1" even after using exit
1439[20:21:00] <somiaj> Abarrat: why not just kill the shell that did that?
1480[20:56:54] <dpkg> well, wir is When It's Ready. See also <rsn> and <siyh>.
1481[20:57:33] <somiaj> narutowaifu: I know the above isn't that useful, but that is the time frame debian works on (kinda). The rumor mill thinks in the next month or two. There are still rc bugs left (follow those) and a few issues with the installer they are working on
1482[20:57:37] <somiaj> !rc bugs
1483[20:57:37] <dpkg> Release-Critical bugs are Debian bugs with critical, grave or serious severities, preventing the next release of Debian. See the graph at replaced-url
1485[21:00:17] <narutowaifu> ok thanks somiaj. Anyway I wasn't expecting any precise date, I was just curious since I knew it's expected to release this year
1486[21:01:05] <somiaj> I have heard June by a few people I trust, but as always, it can varry
1489[21:02:05] <somiaj> I know the release team is a bit more agressive since the one release in which the freeze was over a year. So once they installer gets to a good point and they want to push it out, they will start agressivally removing packages or ignoring rc-bugs if they deem the package should be in debian.
1491[21:02:29] *** Quits: nobyk (~nobyk@replaced-ip) (Remote host closed the connection)
1492[21:02:33] <n4dir> perhaps i recall one release wrong, but i think since ~2005 something like release ~half a year after freeze happened all the time
1493[21:02:37] <somiaj> So my guess is in the next month or two they will get a bit more agressive about pushing out the release if matainers haven't made any progress on their rc bugs.
1507[21:07:18] <huhuhu> I am looking for advice. I would like to write a program that recognizes the words I am speaking and, upon recognition, executes a command on the system.
1508[21:08:09] *** Quits: Mister00X (~quassel@replaced-ip) (Quit: I'll be back! — Arnold Schwarzenegger)
1509[21:08:09] *** Quits: necronian (~necronian@replaced-ip) (Remote host closed the connection)
1514[21:10:09] <somiaj> huhuhu: Personally I would look for a speach to text program (I didn't find any in my quick search in debian so far), then most likely have a confirmation that prints out the command and asks are you sure you want to run this, then execute it in a shell
1524[21:16:42] <huhuhu> I could compare two audio files and do something like that based on it. But how? After all, I have to recognize if the audio data is a word. When does it begin and when it ends.
1632[22:25:54] <velix> Sorry, ZNC crashed after update.
1633[22:26:12] <velix> sney: "gpg.d" sounds like it *needs* gpg ;)
1634[22:29:10] <velix> sney: could you please repeat what you said before "er" ?
1635[22:29:40] <sney> apt uses gpgv for the minimal signature verification it does, it doesn't need all of "gnupg and its huge dependencies" for its own internal mojo.
1636[22:30:07] <sney> velix: I said apt-key is deprecated and new keys should go in /etc/apt/trusted.gpg.d. this is also in the apt-key man page.
1650[22:32:40] <velix> yep, I've just changed my howtos.
1651[22:33:31] <sney> velix: also, you asked if this channel has moved - official debian channels have been on OFTC since 2006. imo it's unlikely that freenode #debian will go away as long as the server is up and people come here with questions, but it's not strictly official either
1652[22:33:59] <sney> apparently there is also a #debian on libera, and other networks as well
1653[22:34:13] <velix> sney: Okay. Since many channels are about to move to Libera.
1655[22:36:05] <sney> as you noticed with apt-key, debian does not make big changes quickly ;)
1656[22:36:29] <jhutchins> The new network is not ready for prime time yet. Nobody's answering help messages on #libera
1657[22:36:50] <PMT> I believe they said something about dealing with a DDoS, so they may be busy.
1658[22:37:00] <velix> sney: Hmm... The apt-key stuff doesn't seem to be so easy, according to the website i've just posted.
1659[22:37:17] <EdePopede> maybe staff have collapsed all at the same time ;)
1660[22:37:31] <sney> velix: what's not easy about downloading an .asc signature and sticking it in a specific location on your disk?
1661[22:37:57] <velix> sney: because there seems to be ascii-armored files, which can be ".gpg, .asc, .key, and probably others"
1662[22:38:03] <sney> ah, I see that website thinks you need to dearmor it
1663[22:38:24] <somiaj> though the bullseye relasenotes say it will be removed by bookworm, and the biggest thing they need to provide is apt-key list funcationliaty
1664[22:38:51] <sney> as you can see in the apt-key man page describing the change, .gpg and .asc files are both fine. you can just download the file and stick it in that dir and it will generally work. I haven't found one yet that doesn't.
1665[22:39:17] <velix> sney: My man page doesn't say this, but let me look up the latest one :D
1666[22:40:03] <sney> buster and bullseye both have this note under the 'add' command in apt-key's man page:
1667[22:40:04] <sney> Note: Instead of using this command a keyring should be placed directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive name and either "gpg" or "asc" as file extension.
1668[22:40:52] <sney> I think some of these online howtos overcomplicate things for SEO reasons, like they need a minimum word count to be searchable
1669[22:41:12] <somiaj> !debian irc
1670[22:41:12] <dpkg> The offical Debian IRC network is OFTC (irc.debian.org or irc.oftc.net). Please join OFTC to connect with debian support and development communities. See replaced-url
1671[22:41:34] <somiaj> For those interested, I would suggest using OFTC for debian support due to the wide variety of channels it has beyond just #debian
1672[22:41:42] <tater> !debian libera
1673[22:42:05] <somiaj> We have a #debian on libera, and will set it up to for fact sharing
1674[22:42:06] <somiaj> !fact sharing
1675[22:42:07] <dpkg> I show the same facts on both <freenode> and <OFTC>. If you update a fact on one network, it will show up on the other network.
1676[22:42:15] <somiaj> hmm, I should update that to include Libera
1677[22:42:34] <sney> I was going to add it yesterday but wasn't sure what the plan was for bots
1679[22:43:13] <somiaj> still a work in progress. Just due to so many networks, OFTC is where prefered support should be, but we'll try to manage channels on networks in which there is a demand.
1680[22:43:15] <velix> sney: Thanks, I've updated my notes again :)
1689[22:50:00] <velix> sney: works fine! `curl -kLR "replaced-url
1690[22:50:37] <ryouma> somiaj: fwiw /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock has nothing obviously duplicated. is there a place where i might find this file as it is typically installed by installer? perhaps it is some 1-char fie corruption or something.
1691[22:51:00] <somiaj> ryouma: yea unsure, I don't deal with crypt enough to understand why initramfs is needing to ask for your password twice.
1694[22:51:56] <ryouma> also wondering the reason for this question? ohhhhhhhhh you are saying possibly one is for root and another is for another drive? the prompt names the drive. --- 19:31 <somiaj> do you happen to have two different lukes that just use the same password?
1697[22:52:56] <somiaj> yea, I was wondering if maybe you have (since you don't use lvm) two encrypted partition, I was thinking maybe / and /home, but something along those lines
1698[22:53:05] <ryouma> it would be interesting in any case to find a typical debian stretch (luks-using but non-lvm-using if that matters) initramfs that i can compare to mine
1699[22:53:33] <ryouma> good idea. i think not the case here.
1700[22:53:46] <ryouma> will confirm though
1701[22:53:55] <somiaj> I went with lukes/lvm on my laptop just to test it out, but the debian installer made everything so seamless, I really don't know how it works, I just have to type a single password in each time I boot
1702[22:54:49] <ryouma> i also assume initramfs will read crypttab and thus read thekey file for home. ohhhhhhhhh btw, sometimes, intermittently, home does not get mounted.
1703[22:54:52] <somiaj> Might want to reask your question, others may actually know better where to look.
1704[22:54:54] <ryouma> so there is som aync issue
1706[22:55:05] <somiaj> ryouma: so your / and /home are different partitions?
1707[22:55:09] <ryouma> yes
1708[22:55:21] <somiaj> and each of them are encyprted indvudially?
1709[22:55:27] <ryouma> yes
1710[22:55:55] <ryouma> and key files for them are on /
1711[22:55:57] <somiaj> that could explain needing two passwords, maybe it doens't use a single password to unlock the keys for both partitions at once, and something changed to require this
1712[22:56:32] <somiaj> though here my knowledge of how this all works is very limited, but that could possibly be why initramfs is asking for two passwords, one to unlock / and another to unlock /home (despite the same password should unlock both keys)
1713[22:56:50] <ryouma> but, to me at least, it should read crypttab and fstab. and it should unlock home after /. and reading crypttab will locate the key file in /.
1714[22:57:23] <somiaj> here my knowledge is not enough to say why this is happening of anything special needs to be done so it unlocks both keyfiles with the same password.
1715[22:58:08] <ryouma> unlocking is actually always done with a key. the password is to unlock the key that is in the luks header. but i also have that key on / so that no password is necessary.
1716[22:58:53] <somiaj> well I think your setup has something to do with this, and maybe someone who actually knows the details can help you figure out why a single entery of the password won't give you access to both keys
1717[22:58:55] <ryouma> and cli experiments such as cryptsetup luksopen on stuff confirm this. i will double check that the requests are both for / next time i boot though.
1719[23:01:30] <ryouma> yes it i in principle plssible hat when home is not mounted, it is because the second passwrod is not entered correctly. and i didn't check to see that it was --- actually no, it would ask for the password again in such a case. so idk.
1723[23:04:41] <ryouma> (anyway for anybody curious who is listening, i have these issues 1 i get asked for password twice upon boot 2 other boot messages are printed after the second prompt i.e. async 3 home is sometimes not mounted. i have keys on /, and cryptsetup is set up to point to those keys, thus no password should be necessary for anything except boot. i have boot plaintext. everything else luks.)
1724[23:06:32] <ryouma> also in general i'd be interested in a pointer to something tha would be similar to a just-installed initramfs that has luks but no lvm for amd64.
1725[23:07:26] <jhutchins> ryouma: What I would suggest is a default install, possibly bypassing lvm, and learning how linux works before adding complicating layers.
1726[23:07:59] <jhutchins> ryouma: Use a simple single partition + swap, and learn what's there before you start customising.
1727[23:09:13] <ryouma> i didn't customize anything other than through the installer
1728[23:09:29] <ryouma> i.e. making the choices it presented to me
1750[23:24:45] <lenswipe> jhutchins, actually...im looking at at dmesg right now
1751[23:24:54] <lenswipe> what am i looking for?
1752[23:24:58] <lenswipe> im not seeing anything about usb version
1753[23:25:13] <jhutchins> usb device connected or something like that.
1754[23:25:23] <lenswipe> oh, there's a bunch of stuff in there from the device
1755[23:25:31] <lenswipe> just nothing that i can immediately see as being related to usb version
1756[23:25:50] <PMT> One such line that I can get that information from in my log is "usb 3-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd"
1757[23:26:32] <PMT> (I believe; as I previously stated, I do this another way. ;))
1758[23:27:01] <lenswipe> PMT, i looked at lsusb -t and it gave me a bunch of interesting info, but nothing much about USB version that i could see
1768[23:28:59] <lenswipe> right, but none of those mean much to me
1769[23:29:08] <PMT> what is the speed of USB 2?
1770[23:29:12] <lenswipe> no idea
1771[23:29:21] <lenswipe> according to google 480M
1772[23:29:24] <somiaj> I don't think dmesg clearly states usb2/3 but it does state the module that is used, and I belive that is a sign of usb2/3
1773[23:29:26] <lenswipe> so, i guess that means it's a USB2 device?
1774[23:29:34] <PMT> somiaj: not any more, unfortunately
1775[23:29:42] <lenswipe> bugger.
1776[23:29:44] <somiaj> PMT: hmm, must have been a while since I've last cared to do this
1777[23:29:53] <PMT> somiaj: consider: kernel: usb 2-4.1: new low-speed USB device number 5 using xhci_hcd
1778[23:30:12] <somiaj> ahh so the xhci module now supports both usb2 and 3?
1779[23:30:22] <jhutchins> Who put that S key there.the line before that may something like "low speed usb device connected"
1780[23:30:24] <somiaj> or maybe I'm just getting old it was the usb1/2 switch this mattered
1781[23:30:27] <lenswipe> Well...this is kind of an XY problem
1782[23:30:39] <lenswipe> I'm trying to find out the USB speed because I want to stream video from a USB 2 camera.
1783[23:30:41] <PMT> I want to say it always did but old devices used to swap which controller things connected to? I could be wrong.
1784[23:31:04] <lenswipe> I'm trying to stream rawvideo because I'm doing this on a pi and the act of transcoding drops the framerate to the point of it being unusable.
1785[23:31:13] <PMT> Because I definitely also remember seeing {e,o,x}hci as an indicator.